From a0e3e222636196046cdacc067ae53052f40be9b2 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Sun, 22 Oct 2017 13:49:57 +0300 Subject: [PATCH] tests: DPP protocol testing Signed-off-by: Jouni Malinen --- tests/hwsim/test_dpp.py | 269 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 269 insertions(+) diff --git a/tests/hwsim/test_dpp.py b/tests/hwsim/test_dpp.py index d3a3a5b6c..289ef9faa 100644 --- a/tests/hwsim/test_dpp.py +++ b/tests/hwsim/test_dpp.py @@ -1671,3 +1671,272 @@ def run_dpp_own_config(dev, apdev, own_curve=None, expect_failure=False): dev[0].request("DISCONNECT") else: dev[0].wait_connected() + +def run_dpp_proto_init(dev, test_dev, test, mutual=False): + check_dpp_capab(dev[0]) + check_dpp_capab(dev[1]) + dev[test_dev].set("dpp_test", str(test)) + + cmd = "DPP_CONFIGURATOR_ADD" + res = dev[1].request(cmd); + if "FAIL" in res: + raise Exception("Failed to add configurator") + conf_id = int(res) + + addr = dev[0].own_addr().replace(':', '') + cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr + res = dev[0].request(cmd) + if "FAIL" in res: + raise Exception("Failed to generate bootstrapping info") + id0 = int(res) + uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0) + + res = dev[1].request("DPP_QR_CODE " + uri0) + if "FAIL" in res: + raise Exception("Failed to parse QR Code URI") + id1 = int(res) + + if mutual: + addr = dev[1].own_addr().replace(':', '') + res = dev[1].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr) + if "FAIL" in res: + raise Exception("Failed to generate bootstrapping info") + id1b = int(res) + uri1b = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b) + + res = dev[0].request("DPP_QR_CODE " + uri1b) + if "FAIL" in res: + raise Exception("Failed to parse QR Code URI") + id0b = int(res) + + cmd = "DPP_LISTEN 2412" + if "OK" not in dev[0].request(cmd): + raise Exception("Failed to start listen operation") + + cmd = "DPP_AUTH_INIT peer=%d configurator=%d conf=sta-dpp" % (id1, conf_id) + if mutual: + cmd += " own=%d" % id1b + if "OK" not in dev[1].request(cmd): + raise Exception("Failed to initiate DPP Authentication") + +def test_dpp_proto_after_wrapped_data_auth_req(dev, apdev): + """DPP protocol testing - attribute after Wrapped Data in Auth Req""" + run_dpp_proto_init(dev, 1, 1) + ev = dev[0].wait_event(["DPP-RX"], timeout=5) + if ev is None: + raise Exception("DPP Authentication Request not seen") + if "type=0" not in ev or "ignore=invalid-attributes" not in ev: + raise Exception("Unexpected RX info: " + ev) + ev = dev[1].wait_event(["DPP-RX"], timeout=0.1) + if ev is not None: + raise Exception("Unexpected DPP message seen") + +def test_dpp_proto_after_wrapped_data_auth_resp(dev, apdev): + """DPP protocol testing - attribute after Wrapped Data in Auth Resp""" + run_dpp_proto_init(dev, 0, 2) + ev = dev[1].wait_event(["DPP-RX"], timeout=5) + if ev is None: + raise Exception("DPP Authentication Response not seen") + if "type=1" not in ev or "ignore=invalid-attributes" not in ev: + raise Exception("Unexpected RX info: " + ev) + ev = dev[0].wait_event(["DPP-RX"], timeout=1) + if ev is None or "type=0" not in ev: + raise Exception("DPP Authentication Request not seen") + ev = dev[0].wait_event(["DPP-RX"], timeout=0.1) + if ev is not None: + raise Exception("Unexpected DPP message seen") + +def test_dpp_proto_after_wrapped_data_auth_conf(dev, apdev): + """DPP protocol testing - attribute after Wrapped Data in Auth Conf""" + run_dpp_proto_init(dev, 1, 3) + ev = dev[0].wait_event(["DPP-RX"], timeout=5) + if ev is None or "type=0" not in ev: + raise Exception("DPP Authentication Request not seen") + ev = dev[0].wait_event(["DPP-RX"], timeout=5) + if ev is None: + raise Exception("DPP Authentication Confirm not seen") + if "type=2" not in ev or "ignore=invalid-attributes" not in ev: + raise Exception("Unexpected RX info: " + ev) + +def test_dpp_proto_after_wrapped_data_conf_req(dev, apdev): + """DPP protocol testing - attribute after Wrapped Data in Conf Req""" + run_dpp_proto_init(dev, 0, 6) + ev = dev[1].wait_event(["DPP-CONF-FAILED"], timeout=10) + if ev is None: + raise Exception("DPP Configuration failure not seen") + +def test_dpp_proto_after_wrapped_data_conf_resp(dev, apdev): + """DPP protocol testing - attribute after Wrapped Data in Conf Resp""" + run_dpp_proto_init(dev, 1, 7) + ev = dev[0].wait_event(["DPP-CONF-FAILED"], timeout=10) + if ev is None: + raise Exception("DPP Configuration failure not seen") + +def test_dpp_proto_zero_i_capab(dev, apdev): + """DPP protocol testing - zero I-capability in Auth Req""" + run_dpp_proto_init(dev, 1, 8) + ev = dev[0].wait_event(["DPP-FAIL"], timeout=5) + if ev is None: + raise Exception("DPP failure not seen") + if "Invalid role in I-capabilities 0x00" not in ev: + raise Exception("Unexpected failure: " + ev) + ev = dev[1].wait_event(["DPP-RX"], timeout=0.1) + if ev is not None: + raise Exception("Unexpected DPP message seen") + +def test_dpp_proto_zero_r_capab(dev, apdev): + """DPP protocol testing - zero R-capability in Auth Resp""" + run_dpp_proto_init(dev, 0, 9) + ev = dev[1].wait_event(["DPP-FAIL"], timeout=5) + if ev is None: + raise Exception("DPP failure not seen") + if "Unexpected role in R-capabilities 0x00" not in ev: + raise Exception("Unexpected failure: " + ev) + ev = dev[0].wait_event(["DPP-RX"], timeout=1) + if ev is None or "type=0" not in ev: + raise Exception("DPP Authentication Request not seen") + ev = dev[0].wait_event(["DPP-RX"], timeout=0.1) + if ev is not None: + raise Exception("Unexpected DPP message seen") + +def run_dpp_proto_auth_req_missing(dev, test, reason): + run_dpp_proto_init(dev, 1, test) + ev = dev[0].wait_event(["DPP-FAIL"], timeout=5) + if ev is None: + raise Exception("DPP failure not seen") + if reason not in ev: + raise Exception("Unexpected failure: " + ev) + ev = dev[1].wait_event(["DPP-RX"], timeout=0.1) + if ev is not None: + raise Exception("Unexpected DPP message seen") + +def test_dpp_proto_auth_req_no_r_bootstrap_key(dev, apdev): + """DPP protocol testing - no R-bootstrap key in Auth Req""" + run_dpp_proto_auth_req_missing(dev, 10, "Missing or invalid required Responder Bootstrapping Key Hash attribute") + +def test_dpp_proto_auth_req_no_i_bootstrap_key(dev, apdev): + """DPP protocol testing - no I-bootstrap key in Auth Req""" + run_dpp_proto_auth_req_missing(dev, 11, "Missing or invalid required Initiator Bootstrapping Key Hash attribute") + +def test_dpp_proto_auth_req_no_i_proto_key(dev, apdev): + """DPP protocol testing - no I-proto key in Auth Req""" + run_dpp_proto_auth_req_missing(dev, 12, "Missing required Initiator Protocol Key attribute") + +def test_dpp_proto_auth_req_no_i_nonce(dev, apdev): + """DPP protocol testing - no I-nonce in Auth Req""" + run_dpp_proto_auth_req_missing(dev, 13, "Missing or invalid I-nonce") + +def test_dpp_proto_auth_req_no_i_capab(dev, apdev): + """DPP protocol testing - no I-capab in Auth Req""" + run_dpp_proto_auth_req_missing(dev, 14, "Missing or invalid I-capab") + +def test_dpp_proto_auth_req_no_wrapped_data(dev, apdev): + """DPP protocol testing - no Wrapped Data in Auth Req""" + run_dpp_proto_auth_req_missing(dev, 15, "Missing or invalid required Wrapped Data attribute") + +def run_dpp_proto_auth_resp_missing(dev, test, reason): + run_dpp_proto_init(dev, 0, test, mutual=True) + if reason is None: + time.sleep(0.1) + return + ev = dev[1].wait_event(["DPP-FAIL"], timeout=5) + if ev is None: + raise Exception("DPP failure not seen") + if reason not in ev: + raise Exception("Unexpected failure: " + ev) + ev = dev[0].wait_event(["DPP-RX"], timeout=1) + if ev is None or "type=0" not in ev: + raise Exception("DPP Authentication Request not seen") + ev = dev[0].wait_event(["DPP-RX"], timeout=0.1) + if ev is not None: + raise Exception("Unexpected DPP message seen") + +def test_dpp_proto_auth_resp_no_status(dev, apdev): + """DPP protocol testing - no Status in Auth Resp""" + run_dpp_proto_auth_resp_missing(dev, 16, "Missing or invalid required DPP Status attribute") + +def test_dpp_proto_auth_resp_no_r_bootstrap_key(dev, apdev): + """DPP protocol testing - no R-bootstrap key in Auth Resp""" + run_dpp_proto_auth_resp_missing(dev, 17, "Missing or invalid required Responder Bootstrapping Key Hash attribute") + +def test_dpp_proto_auth_resp_no_i_bootstrap_key(dev, apdev): + """DPP protocol testing - no I-bootstrap key in Auth Resp""" + run_dpp_proto_auth_resp_missing(dev, 18, None) + +def test_dpp_proto_auth_resp_no_r_proto_key(dev, apdev): + """DPP protocol testing - no R-Proto Key in Auth Resp""" + run_dpp_proto_auth_resp_missing(dev, 19, "Missing required Responder Protocol Key attribute") + +def test_dpp_proto_auth_resp_no_r_nonce(dev, apdev): + """DPP protocol testing - no R-nonce in Auth Resp""" + run_dpp_proto_auth_resp_missing(dev, 20, "Missing or invalid R-nonce") + +def test_dpp_proto_auth_resp_no_i_nonce(dev, apdev): + """DPP protocol testing - no I-nonce in Auth Resp""" + run_dpp_proto_auth_resp_missing(dev, 21, "Missing or invalid I-nonce") + +def test_dpp_proto_auth_resp_no_r_capab(dev, apdev): + """DPP protocol testing - no R-capab in Auth Resp""" + run_dpp_proto_auth_resp_missing(dev, 22, "Missing or invalid R-capabilities") + +def test_dpp_proto_auth_resp_no_r_auth(dev, apdev): + """DPP protocol testing - no R-auth in Auth Resp""" + run_dpp_proto_auth_resp_missing(dev, 23, "Missing or invalid Secondary Wrapped Data") + +def test_dpp_proto_auth_resp_no_wrapped_data(dev, apdev): + """DPP protocol testing - no Wrapped Data in Auth Resp""" + run_dpp_proto_auth_resp_missing(dev, 24, "Missing or invalid required Wrapped Data attribute") + +def run_dpp_proto_init_pkex(dev, test_dev, test): + check_dpp_capab(dev[0]) + check_dpp_capab(dev[1]) + dev[test_dev].set("dpp_test", str(test)) + + cmd = "DPP_BOOTSTRAP_GEN type=pkex" + res = dev[0].request(cmd) + if "FAIL" in res: + raise Exception("Failed to generate bootstrapping info") + id0 = int(res) + + cmd = "DPP_BOOTSTRAP_GEN type=pkex" + res = dev[1].request(cmd) + if "FAIL" in res: + raise Exception("Failed to generate bootstrapping info") + id1 = int(res) + + cmd = "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0) + res = dev[0].request(cmd) + if "FAIL" in res: + raise Exception("Failed to set PKEX data (responder)") + cmd = "DPP_LISTEN 2437" + if "OK" not in dev[0].request(cmd): + raise Exception("Failed to start listen operation") + + cmd = "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1 + res = dev[1].request(cmd) + if "FAIL" in res: + raise Exception("Failed to set PKEX data (initiator)") + +def test_dpp_proto_after_wrapped_data_pkex_cr_req(dev, apdev): + """DPP protocol testing - attribute after Wrapped Data in PKEX CR Req""" + run_dpp_proto_init_pkex(dev, 1, 4) + ev = dev[0].wait_event(["DPP-RX"], timeout=5) + if ev is None or "type=7" not in ev: + raise Exception("PKEX Exchange Request not seen") + ev = dev[0].wait_event(["DPP-RX"], timeout=5) + if ev is None or "type=9" not in ev: + raise Exception("PKEX Commit-Reveal Request not seen") + if "ignore=invalid-attributes" not in ev: + raise Exception("Unexpected RX info: " + ev) + +def test_dpp_proto_after_wrapped_data_pkex_cr_resp(dev, apdev): + """DPP protocol testing - attribute after Wrapped Data in PKEX CR Resp""" + run_dpp_proto_init_pkex(dev, 0, 5) + ev = dev[1].wait_event(["DPP-RX"], timeout=5) + if ev is None or "type=8" not in ev: + raise Exception("PKEX Exchange Response not seen") + ev = dev[1].wait_event(["DPP-RX"], timeout=5) + if ev is None or "type=10" not in ev: + raise Exception("PKEX Commit-Reveal Response not seen") + if "ignore=invalid-attributes" not in ev: + raise Exception("Unexpected RX info: " + ev)