tests: DPP protocol testing
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
parent
26806abe85
commit
a0e3e22263
1 changed files with 269 additions and 0 deletions
|
@ -1671,3 +1671,272 @@ def run_dpp_own_config(dev, apdev, own_curve=None, expect_failure=False):
|
|||
dev[0].request("DISCONNECT")
|
||||
else:
|
||||
dev[0].wait_connected()
|
||||
|
||||
def run_dpp_proto_init(dev, test_dev, test, mutual=False):
|
||||
check_dpp_capab(dev[0])
|
||||
check_dpp_capab(dev[1])
|
||||
dev[test_dev].set("dpp_test", str(test))
|
||||
|
||||
cmd = "DPP_CONFIGURATOR_ADD"
|
||||
res = dev[1].request(cmd);
|
||||
if "FAIL" in res:
|
||||
raise Exception("Failed to add configurator")
|
||||
conf_id = int(res)
|
||||
|
||||
addr = dev[0].own_addr().replace(':', '')
|
||||
cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
|
||||
res = dev[0].request(cmd)
|
||||
if "FAIL" in res:
|
||||
raise Exception("Failed to generate bootstrapping info")
|
||||
id0 = int(res)
|
||||
uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
|
||||
|
||||
res = dev[1].request("DPP_QR_CODE " + uri0)
|
||||
if "FAIL" in res:
|
||||
raise Exception("Failed to parse QR Code URI")
|
||||
id1 = int(res)
|
||||
|
||||
if mutual:
|
||||
addr = dev[1].own_addr().replace(':', '')
|
||||
res = dev[1].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr)
|
||||
if "FAIL" in res:
|
||||
raise Exception("Failed to generate bootstrapping info")
|
||||
id1b = int(res)
|
||||
uri1b = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b)
|
||||
|
||||
res = dev[0].request("DPP_QR_CODE " + uri1b)
|
||||
if "FAIL" in res:
|
||||
raise Exception("Failed to parse QR Code URI")
|
||||
id0b = int(res)
|
||||
|
||||
cmd = "DPP_LISTEN 2412"
|
||||
if "OK" not in dev[0].request(cmd):
|
||||
raise Exception("Failed to start listen operation")
|
||||
|
||||
cmd = "DPP_AUTH_INIT peer=%d configurator=%d conf=sta-dpp" % (id1, conf_id)
|
||||
if mutual:
|
||||
cmd += " own=%d" % id1b
|
||||
if "OK" not in dev[1].request(cmd):
|
||||
raise Exception("Failed to initiate DPP Authentication")
|
||||
|
||||
def test_dpp_proto_after_wrapped_data_auth_req(dev, apdev):
|
||||
"""DPP protocol testing - attribute after Wrapped Data in Auth Req"""
|
||||
run_dpp_proto_init(dev, 1, 1)
|
||||
ev = dev[0].wait_event(["DPP-RX"], timeout=5)
|
||||
if ev is None:
|
||||
raise Exception("DPP Authentication Request not seen")
|
||||
if "type=0" not in ev or "ignore=invalid-attributes" not in ev:
|
||||
raise Exception("Unexpected RX info: " + ev)
|
||||
ev = dev[1].wait_event(["DPP-RX"], timeout=0.1)
|
||||
if ev is not None:
|
||||
raise Exception("Unexpected DPP message seen")
|
||||
|
||||
def test_dpp_proto_after_wrapped_data_auth_resp(dev, apdev):
|
||||
"""DPP protocol testing - attribute after Wrapped Data in Auth Resp"""
|
||||
run_dpp_proto_init(dev, 0, 2)
|
||||
ev = dev[1].wait_event(["DPP-RX"], timeout=5)
|
||||
if ev is None:
|
||||
raise Exception("DPP Authentication Response not seen")
|
||||
if "type=1" not in ev or "ignore=invalid-attributes" not in ev:
|
||||
raise Exception("Unexpected RX info: " + ev)
|
||||
ev = dev[0].wait_event(["DPP-RX"], timeout=1)
|
||||
if ev is None or "type=0" not in ev:
|
||||
raise Exception("DPP Authentication Request not seen")
|
||||
ev = dev[0].wait_event(["DPP-RX"], timeout=0.1)
|
||||
if ev is not None:
|
||||
raise Exception("Unexpected DPP message seen")
|
||||
|
||||
def test_dpp_proto_after_wrapped_data_auth_conf(dev, apdev):
|
||||
"""DPP protocol testing - attribute after Wrapped Data in Auth Conf"""
|
||||
run_dpp_proto_init(dev, 1, 3)
|
||||
ev = dev[0].wait_event(["DPP-RX"], timeout=5)
|
||||
if ev is None or "type=0" not in ev:
|
||||
raise Exception("DPP Authentication Request not seen")
|
||||
ev = dev[0].wait_event(["DPP-RX"], timeout=5)
|
||||
if ev is None:
|
||||
raise Exception("DPP Authentication Confirm not seen")
|
||||
if "type=2" not in ev or "ignore=invalid-attributes" not in ev:
|
||||
raise Exception("Unexpected RX info: " + ev)
|
||||
|
||||
def test_dpp_proto_after_wrapped_data_conf_req(dev, apdev):
|
||||
"""DPP protocol testing - attribute after Wrapped Data in Conf Req"""
|
||||
run_dpp_proto_init(dev, 0, 6)
|
||||
ev = dev[1].wait_event(["DPP-CONF-FAILED"], timeout=10)
|
||||
if ev is None:
|
||||
raise Exception("DPP Configuration failure not seen")
|
||||
|
||||
def test_dpp_proto_after_wrapped_data_conf_resp(dev, apdev):
|
||||
"""DPP protocol testing - attribute after Wrapped Data in Conf Resp"""
|
||||
run_dpp_proto_init(dev, 1, 7)
|
||||
ev = dev[0].wait_event(["DPP-CONF-FAILED"], timeout=10)
|
||||
if ev is None:
|
||||
raise Exception("DPP Configuration failure not seen")
|
||||
|
||||
def test_dpp_proto_zero_i_capab(dev, apdev):
|
||||
"""DPP protocol testing - zero I-capability in Auth Req"""
|
||||
run_dpp_proto_init(dev, 1, 8)
|
||||
ev = dev[0].wait_event(["DPP-FAIL"], timeout=5)
|
||||
if ev is None:
|
||||
raise Exception("DPP failure not seen")
|
||||
if "Invalid role in I-capabilities 0x00" not in ev:
|
||||
raise Exception("Unexpected failure: " + ev)
|
||||
ev = dev[1].wait_event(["DPP-RX"], timeout=0.1)
|
||||
if ev is not None:
|
||||
raise Exception("Unexpected DPP message seen")
|
||||
|
||||
def test_dpp_proto_zero_r_capab(dev, apdev):
|
||||
"""DPP protocol testing - zero R-capability in Auth Resp"""
|
||||
run_dpp_proto_init(dev, 0, 9)
|
||||
ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
|
||||
if ev is None:
|
||||
raise Exception("DPP failure not seen")
|
||||
if "Unexpected role in R-capabilities 0x00" not in ev:
|
||||
raise Exception("Unexpected failure: " + ev)
|
||||
ev = dev[0].wait_event(["DPP-RX"], timeout=1)
|
||||
if ev is None or "type=0" not in ev:
|
||||
raise Exception("DPP Authentication Request not seen")
|
||||
ev = dev[0].wait_event(["DPP-RX"], timeout=0.1)
|
||||
if ev is not None:
|
||||
raise Exception("Unexpected DPP message seen")
|
||||
|
||||
def run_dpp_proto_auth_req_missing(dev, test, reason):
|
||||
run_dpp_proto_init(dev, 1, test)
|
||||
ev = dev[0].wait_event(["DPP-FAIL"], timeout=5)
|
||||
if ev is None:
|
||||
raise Exception("DPP failure not seen")
|
||||
if reason not in ev:
|
||||
raise Exception("Unexpected failure: " + ev)
|
||||
ev = dev[1].wait_event(["DPP-RX"], timeout=0.1)
|
||||
if ev is not None:
|
||||
raise Exception("Unexpected DPP message seen")
|
||||
|
||||
def test_dpp_proto_auth_req_no_r_bootstrap_key(dev, apdev):
|
||||
"""DPP protocol testing - no R-bootstrap key in Auth Req"""
|
||||
run_dpp_proto_auth_req_missing(dev, 10, "Missing or invalid required Responder Bootstrapping Key Hash attribute")
|
||||
|
||||
def test_dpp_proto_auth_req_no_i_bootstrap_key(dev, apdev):
|
||||
"""DPP protocol testing - no I-bootstrap key in Auth Req"""
|
||||
run_dpp_proto_auth_req_missing(dev, 11, "Missing or invalid required Initiator Bootstrapping Key Hash attribute")
|
||||
|
||||
def test_dpp_proto_auth_req_no_i_proto_key(dev, apdev):
|
||||
"""DPP protocol testing - no I-proto key in Auth Req"""
|
||||
run_dpp_proto_auth_req_missing(dev, 12, "Missing required Initiator Protocol Key attribute")
|
||||
|
||||
def test_dpp_proto_auth_req_no_i_nonce(dev, apdev):
|
||||
"""DPP protocol testing - no I-nonce in Auth Req"""
|
||||
run_dpp_proto_auth_req_missing(dev, 13, "Missing or invalid I-nonce")
|
||||
|
||||
def test_dpp_proto_auth_req_no_i_capab(dev, apdev):
|
||||
"""DPP protocol testing - no I-capab in Auth Req"""
|
||||
run_dpp_proto_auth_req_missing(dev, 14, "Missing or invalid I-capab")
|
||||
|
||||
def test_dpp_proto_auth_req_no_wrapped_data(dev, apdev):
|
||||
"""DPP protocol testing - no Wrapped Data in Auth Req"""
|
||||
run_dpp_proto_auth_req_missing(dev, 15, "Missing or invalid required Wrapped Data attribute")
|
||||
|
||||
def run_dpp_proto_auth_resp_missing(dev, test, reason):
|
||||
run_dpp_proto_init(dev, 0, test, mutual=True)
|
||||
if reason is None:
|
||||
time.sleep(0.1)
|
||||
return
|
||||
ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
|
||||
if ev is None:
|
||||
raise Exception("DPP failure not seen")
|
||||
if reason not in ev:
|
||||
raise Exception("Unexpected failure: " + ev)
|
||||
ev = dev[0].wait_event(["DPP-RX"], timeout=1)
|
||||
if ev is None or "type=0" not in ev:
|
||||
raise Exception("DPP Authentication Request not seen")
|
||||
ev = dev[0].wait_event(["DPP-RX"], timeout=0.1)
|
||||
if ev is not None:
|
||||
raise Exception("Unexpected DPP message seen")
|
||||
|
||||
def test_dpp_proto_auth_resp_no_status(dev, apdev):
|
||||
"""DPP protocol testing - no Status in Auth Resp"""
|
||||
run_dpp_proto_auth_resp_missing(dev, 16, "Missing or invalid required DPP Status attribute")
|
||||
|
||||
def test_dpp_proto_auth_resp_no_r_bootstrap_key(dev, apdev):
|
||||
"""DPP protocol testing - no R-bootstrap key in Auth Resp"""
|
||||
run_dpp_proto_auth_resp_missing(dev, 17, "Missing or invalid required Responder Bootstrapping Key Hash attribute")
|
||||
|
||||
def test_dpp_proto_auth_resp_no_i_bootstrap_key(dev, apdev):
|
||||
"""DPP protocol testing - no I-bootstrap key in Auth Resp"""
|
||||
run_dpp_proto_auth_resp_missing(dev, 18, None)
|
||||
|
||||
def test_dpp_proto_auth_resp_no_r_proto_key(dev, apdev):
|
||||
"""DPP protocol testing - no R-Proto Key in Auth Resp"""
|
||||
run_dpp_proto_auth_resp_missing(dev, 19, "Missing required Responder Protocol Key attribute")
|
||||
|
||||
def test_dpp_proto_auth_resp_no_r_nonce(dev, apdev):
|
||||
"""DPP protocol testing - no R-nonce in Auth Resp"""
|
||||
run_dpp_proto_auth_resp_missing(dev, 20, "Missing or invalid R-nonce")
|
||||
|
||||
def test_dpp_proto_auth_resp_no_i_nonce(dev, apdev):
|
||||
"""DPP protocol testing - no I-nonce in Auth Resp"""
|
||||
run_dpp_proto_auth_resp_missing(dev, 21, "Missing or invalid I-nonce")
|
||||
|
||||
def test_dpp_proto_auth_resp_no_r_capab(dev, apdev):
|
||||
"""DPP protocol testing - no R-capab in Auth Resp"""
|
||||
run_dpp_proto_auth_resp_missing(dev, 22, "Missing or invalid R-capabilities")
|
||||
|
||||
def test_dpp_proto_auth_resp_no_r_auth(dev, apdev):
|
||||
"""DPP protocol testing - no R-auth in Auth Resp"""
|
||||
run_dpp_proto_auth_resp_missing(dev, 23, "Missing or invalid Secondary Wrapped Data")
|
||||
|
||||
def test_dpp_proto_auth_resp_no_wrapped_data(dev, apdev):
|
||||
"""DPP protocol testing - no Wrapped Data in Auth Resp"""
|
||||
run_dpp_proto_auth_resp_missing(dev, 24, "Missing or invalid required Wrapped Data attribute")
|
||||
|
||||
def run_dpp_proto_init_pkex(dev, test_dev, test):
|
||||
check_dpp_capab(dev[0])
|
||||
check_dpp_capab(dev[1])
|
||||
dev[test_dev].set("dpp_test", str(test))
|
||||
|
||||
cmd = "DPP_BOOTSTRAP_GEN type=pkex"
|
||||
res = dev[0].request(cmd)
|
||||
if "FAIL" in res:
|
||||
raise Exception("Failed to generate bootstrapping info")
|
||||
id0 = int(res)
|
||||
|
||||
cmd = "DPP_BOOTSTRAP_GEN type=pkex"
|
||||
res = dev[1].request(cmd)
|
||||
if "FAIL" in res:
|
||||
raise Exception("Failed to generate bootstrapping info")
|
||||
id1 = int(res)
|
||||
|
||||
cmd = "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0)
|
||||
res = dev[0].request(cmd)
|
||||
if "FAIL" in res:
|
||||
raise Exception("Failed to set PKEX data (responder)")
|
||||
cmd = "DPP_LISTEN 2437"
|
||||
if "OK" not in dev[0].request(cmd):
|
||||
raise Exception("Failed to start listen operation")
|
||||
|
||||
cmd = "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1
|
||||
res = dev[1].request(cmd)
|
||||
if "FAIL" in res:
|
||||
raise Exception("Failed to set PKEX data (initiator)")
|
||||
|
||||
def test_dpp_proto_after_wrapped_data_pkex_cr_req(dev, apdev):
|
||||
"""DPP protocol testing - attribute after Wrapped Data in PKEX CR Req"""
|
||||
run_dpp_proto_init_pkex(dev, 1, 4)
|
||||
ev = dev[0].wait_event(["DPP-RX"], timeout=5)
|
||||
if ev is None or "type=7" not in ev:
|
||||
raise Exception("PKEX Exchange Request not seen")
|
||||
ev = dev[0].wait_event(["DPP-RX"], timeout=5)
|
||||
if ev is None or "type=9" not in ev:
|
||||
raise Exception("PKEX Commit-Reveal Request not seen")
|
||||
if "ignore=invalid-attributes" not in ev:
|
||||
raise Exception("Unexpected RX info: " + ev)
|
||||
|
||||
def test_dpp_proto_after_wrapped_data_pkex_cr_resp(dev, apdev):
|
||||
"""DPP protocol testing - attribute after Wrapped Data in PKEX CR Resp"""
|
||||
run_dpp_proto_init_pkex(dev, 0, 5)
|
||||
ev = dev[1].wait_event(["DPP-RX"], timeout=5)
|
||||
if ev is None or "type=8" not in ev:
|
||||
raise Exception("PKEX Exchange Response not seen")
|
||||
ev = dev[1].wait_event(["DPP-RX"], timeout=5)
|
||||
if ev is None or "type=10" not in ev:
|
||||
raise Exception("PKEX Commit-Reveal Response not seen")
|
||||
if "ignore=invalid-attributes" not in ev:
|
||||
raise Exception("Unexpected RX info: " + ev)
|
||||
|
|
Loading…
Reference in a new issue