return res
def start_sigma_dut(ifname, hostapd_logdir=None, cert_path=None,
- bridge=None, sae_h2e=False):
+ bridge=None, sae_h2e=False, owe_ptk_workaround=False):
check_sigma_dut()
cmd = ['./sigma_dut',
'-d',
cmd += ['-b', bridge]
if sae_h2e:
cmd += ['-2']
+ if owe_ptk_workaround:
+ cmd += ['-3']
sigma = subprocess.Popen(cmd, stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
for stream in [sigma.stdout, sigma.stderr]:
finally:
stop_sigma_dut(sigma)
+def test_sigma_dut_sae_pw_id_pwe_loop(dev, apdev):
+ """sigma_dut controlled SAE association with Password Identifier and forced PWE looping"""
+ if "SAE" not in dev[0].get_capability("auth_alg"):
+ raise HwsimSkip("SAE not supported")
+
+ ifname = dev[0].ifname
+ sigma = start_sigma_dut(ifname)
+
+ try:
+ ssid = "test-sae"
+ params = hostapd.wpa2_params(ssid=ssid)
+ params['wpa_key_mgmt'] = 'SAE'
+ params["ieee80211w"] = "2"
+ params['sae_password'] = 'secret|id=pw id'
+ params['sae_groups'] = '19'
+ hapd = hostapd.add_ap(apdev[0], params)
+
+ sigma_dut_cmd_check("sta_reset_default,interface,%s" % ifname)
+ sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
+ sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,%s,passphrase,%s,type,SAE,encpType,aes-ccmp,AKMSuiteType,8;9,PasswordID,pw id,sae_pwe,looping" % (ifname, "test-sae", "secret"))
+ sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-sae"),
+ timeout=10)
+ for i in range(3):
+ ev = dev[0].wait_event(["SME: Trying to authenticate",
+ "CTRL-EVENT-CONNECTED"], timeout=10)
+ if ev is None:
+ raise Exception("Network selection result not indicated")
+ if "CTRL-EVENT-CONNECTED" in ev:
+ raise Exception("Unexpected connection")
+ res = sigma_dut_cmd("sta_is_connected,interface," + ifname)
+ if "connected,1" in res:
+ raise Exception("Connection reported")
+ sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
+ finally:
+ stop_sigma_dut(sigma)
+ dev[0].set("sae_pwe", "0")
+
def test_sigma_dut_sae_pw_id_ft(dev, apdev):
"""sigma_dut controlled SAE association with Password Identifier and FT"""
run_sigma_dut_sae_pw_id_ft(dev, apdev)
logdir = os.path.join(params['logdir'],
"sigma_dut_ap_psk_sha256.sigma-hostapd")
with HWSimRadio() as (radio, iface):
- sigma = start_sigma_dut(iface)
+ sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
try:
sigma_dut_cmd_check("ap_reset_default")
sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-psk,MODE,11ng")
finally:
stop_sigma_dut(sigma)
+def test_sigma_dut_ap_sae_pw_id_pwe_loop(dev, apdev, params):
+ """sigma_dut controlled AP with SAE Password Identifier and forced PWE looping"""
+ logdir = os.path.join(params['logdir'],
+ "sigma_dut_ap_sae_pw_id_pwe_loop.sigma-hostapd")
+ conffile = os.path.join(params['logdir'],
+ "sigma_dut_ap_sae_pw_id_pwe_loop.sigma-conf")
+ if "SAE" not in dev[0].get_capability("auth_alg"):
+ raise HwsimSkip("SAE not supported")
+ with HWSimRadio() as (radio, iface):
+ sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
+ try:
+ sigma_dut_cmd_check("ap_reset_default")
+ sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,test-sae,MODE,11ng")
+ sigma_dut_cmd_check("ap_set_security,NAME,AP,AKMSuiteType,8,SAEPasswords,12345678:pwid,PMF,Required,sae_pwe,looping")
+ sigma_dut_cmd_check("ap_config_commit,NAME,AP")
+
+ with open("/tmp/sigma_dut-ap.conf", "rb") as f:
+ with open(conffile, "wb") as f2:
+ f2.write(f.read())
+
+ dev[0].set("sae_groups", "")
+ dev[0].connect("test-sae", key_mgmt="SAE", sae_password="12345678",
+ sae_password_id="pwid",
+ ieee80211w="2", scan_freq="2412", wait_connect=False)
+ ev = dev[0].wait_event(["CTRL-EVENT-NETWORK-NOT-FOUND",
+ "CTRL-EVENT-CONNECTED"], timeout=10)
+ if ev is None:
+ raise Exception("Network selection result not indicated")
+ if "CTRL-EVENT-CONNECTED" in ev:
+ raise Exception("Unexpected connection")
+ dev[0].request("REMOVE_NETWORK all")
+
+ sigma_dut_cmd_check("ap_reset_default")
+ finally:
+ stop_sigma_dut(sigma)
+
def test_sigma_dut_ap_sae_pw_id_ft(dev, apdev, params):
"""sigma_dut controlled AP with SAE Password Identifier and FT"""
logdir = os.path.join(params['logdir'],
finally:
stop_sigma_dut(sigma)
+def test_sigma_dut_owe_ptk_workaround(dev, apdev):
+ """sigma_dut controlled OWE station with PTK workaround"""
+ if "OWE" not in dev[0].get_capability("key_mgmt"):
+ raise HwsimSkip("OWE not supported")
+
+ params = {"ssid": "owe",
+ "wpa": "2",
+ "wpa_key_mgmt": "OWE",
+ "owe_ptk_workaround": "1",
+ "owe_groups": "20",
+ "ieee80211w": "2",
+ "rsn_pairwise": "CCMP"}
+ hapd = hostapd.add_ap(apdev[0], params)
+
+ ifname = dev[0].ifname
+ sigma = start_sigma_dut(ifname, owe_ptk_workaround=True)
+
+ try:
+ sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,WPA3" % ifname)
+ sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
+ sigma_dut_cmd_check("sta_set_security,interface,%s,ssid,owe,Type,OWE,ECGroupID,20" % ifname)
+ sigma_dut_cmd_check("sta_associate,interface,%s,ssid,owe,channel,1" % ifname,
+ timeout=10)
+ sigma_dut_wait_connected(ifname)
+ sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
+ finally:
+ stop_sigma_dut(sigma)
+ dev[0].set("ignore_old_scan_res", "0")
+
def test_sigma_dut_ap_owe(dev, apdev, params):
"""sigma_dut controlled AP with OWE"""
logdir = os.path.join(params['logdir'],
finally:
stop_sigma_dut(sigma)
+def test_sigma_dut_ap_owe_ptk_workaround(dev, apdev):
+ """sigma_dut controlled AP with OWE PTK workaround"""
+ if "OWE" not in dev[0].get_capability("key_mgmt"):
+ raise HwsimSkip("OWE not supported")
+ with HWSimRadio() as (radio, iface):
+ sigma = start_sigma_dut(iface, owe_ptk_workaround=True)
+ try:
+ sigma_dut_cmd_check("ap_reset_default,NAME,AP,Program,WPA3")
+ sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,owe,MODE,11ng")
+ sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,OWE,ECGroupID,20,PMF,Required")
+ sigma_dut_cmd_check("ap_config_commit,NAME,AP")
+
+ dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
+ owe_group="20", owe_ptk_workaround="1",
+ scan_freq="2412")
+ sigma_dut_cmd_check("ap_reset_default")
+ finally:
+ stop_sigma_dut(sigma)
+
def test_sigma_dut_ap_owe_transition_mode(dev, apdev, params):
"""sigma_dut controlled AP with OWE and transition mode"""
if "OWE" not in dev[0].get_capability("key_mgmt"):
finally:
stop_sigma_dut(sigma)
+def test_sigma_dut_sta_scan_short_ssid(dev, apdev):
+ """sigma_dut sta_scan ShortSSID"""
+ dev[0].flush_scan_cache()
+ ssid = "test-short-ssid-list"
+ hapd = hostapd.add_ap(apdev[0], {"ssid": ssid,
+ "ignore_broadcast_ssid": "1"})
+ bssid = apdev[0]['bssid']
+ payload = struct.pack('>L', binascii.crc32(ssid.encode()))
+ val = binascii.hexlify(payload).decode()
+ sigma = start_sigma_dut(dev[0].ifname)
+ found = False
+ try:
+ cmd = "sta_scan,Interface,%s,ChnlFreq,2412,ShortSSID,%s" % (dev[0].ifname, val)
+ for i in range(10):
+ sigma_dut_cmd_check(cmd, timeout=5)
+ ev = dev[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"])
+ if ev is None:
+ raise Exception("Scan did not complete")
+ if bssid in dev[0].request("SCAN_RESULTS"):
+ found = True
+ break
+ finally:
+ stop_sigma_dut(sigma)
+ dev[0].request("VENDOR_ELEM_REMOVE 14 *")
+
+ if not found:
+ raise Exception("AP not found in scan results")
+
def test_sigma_dut_ap_osen(dev, apdev, params):
"""sigma_dut controlled AP with OSEN"""
logdir = os.path.join(params['logdir'],
finally:
stop_sigma_dut(sigma)
dev[0].set("sae_pwe", "0")
+
+def test_sigma_dut_ap_5ghz(dev, apdev, params):
+ """sigma_dut controlled AP on 5 GHz"""
+ run_sigma_dut_ap_channel(dev, apdev, params, 36, '11na', 5180,
+ check_signal="WIDTH=20 MHz")
+
+def test_sigma_dut_ap_ht40plus(dev, apdev, params):
+ """sigma_dut controlled AP and HT40+"""
+ run_sigma_dut_ap_channel(dev, apdev, params, 36, '11na', 5180,
+ extra="width,40", check_signal="WIDTH=40 MHz")
+
+def test_sigma_dut_ap_ht40minus(dev, apdev, params):
+ """sigma_dut controlled AP and HT40-"""
+ run_sigma_dut_ap_channel(dev, apdev, params, 40, '11na', 5200,
+ extra="width,40", check_signal="WIDTH=40 MHz")
+
+def test_sigma_dut_ap_vht40(dev, apdev, params):
+ """sigma_dut controlled AP and VHT40"""
+ run_sigma_dut_ap_channel(dev, apdev, params, 36, '11ac', 5180,
+ extra="width,40", check_signal="WIDTH=40 MHz",
+ program="VHT")
+
+def test_sigma_dut_ap_vht80(dev, apdev, params):
+ """sigma_dut controlled AP and VHT80"""
+ run_sigma_dut_ap_channel(dev, apdev, params, 36, '11ac', 5180,
+ extra="width,80", check_signal="WIDTH=80 MHz",
+ program="VHT")
+
+def run_sigma_dut_ap_channel(dev, apdev, params, channel, mode, scan_freq,
+ extra=None, check_signal=None, program=None):
+ logdir = params['prefix'] + ".sigma-hostapd"
+ with HWSimRadio() as (radio, iface):
+ subprocess.call(['iw', 'reg', 'set', 'US'])
+ sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
+ try:
+ cmd = "ap_reset_default"
+ if program:
+ cmd += ",program," + program
+ sigma_dut_cmd_check(cmd)
+ cmd = "ap_set_wireless,NAME,AP,CHANNEL,%d,SSID,test-psk,MODE,%s" % (channel, mode)
+ if extra:
+ cmd += "," + extra
+ sigma_dut_cmd_check(cmd)
+ sigma_dut_cmd_check("ap_set_security,NAME,AP,KEYMGNT,WPA2-PSK,PSK,12345678")
+ sigma_dut_cmd_check("ap_config_commit,NAME,AP")
+
+ with open("/tmp/sigma_dut-ap.conf", "rb") as f:
+ with open(params['prefix'] + ".sigma-conf", "wb") as f2:
+ f2.write(f.read())
+
+ dev[0].connect("test-psk", psk="12345678", scan_freq=str(scan_freq))
+ sig = dev[0].request("SIGNAL_POLL")
+ logger.info("SIGNAL_POLL:\n" + sig.strip())
+ dev[0].request("DISCONNECT")
+ dev[0].wait_disconnected()
+
+ sigma_dut_cmd_check("ap_reset_default")
+
+ if check_signal and check_signal not in sig:
+ raise Exception("Unexpected SIGNAL_POLL data")
+ finally:
+ stop_sigma_dut(sigma)
+ subprocess.call(['iw', 'reg', 'set', '00'])
+ dev[0].flush_scan_cache()
projects / thirdparty / hostap.git / blobdiff