7e3f110b08
Number of crypto operations seem to take very long time in the valgrind tests (about five seconds for public key generation for M1 and M2 on a virtual server) and this is enough to push the test runs to hit the timeout frequently even when there is no real error. Make this less frequent by increasing WPS test case timeout from 15 to 30 seconds to avoid issues based on the test scripts. Signed-hostap: Jouni Malinen <j@w1.fi>
174 lines
7.6 KiB
Python
174 lines
7.6 KiB
Python
#!/usr/bin/python
|
|
#
|
|
# WPS+NFC tests
|
|
# Copyright (c) 2013, Jouni Malinen <j@w1.fi>
|
|
#
|
|
# This software may be distributed under the terms of the BSD license.
|
|
# See README for more details.
|
|
|
|
import time
|
|
import subprocess
|
|
import logging
|
|
logger = logging.getLogger(__name__)
|
|
|
|
import hwsim_utils
|
|
import hostapd
|
|
|
|
def check_wpa2_connection(sta, ap, ssid, mixed=False):
|
|
status = sta.get_status()
|
|
if status['wpa_state'] != 'COMPLETED':
|
|
raise Exception("Not fully connected")
|
|
if status['bssid'] != ap['bssid']:
|
|
raise Exception("Unexpected BSSID")
|
|
if status['ssid'] != ssid:
|
|
raise Exception("Unexpected SSID")
|
|
if status['pairwise_cipher'] != 'CCMP':
|
|
raise Exception("Unexpected encryption configuration")
|
|
if status['group_cipher'] != 'CCMP' and not mixed:
|
|
raise Exception("Unexpected encryption configuration")
|
|
if status['key_mgmt'] != 'WPA2-PSK':
|
|
raise Exception("Unexpected key_mgmt")
|
|
hwsim_utils.test_connectivity(sta.ifname, ap['ifname'])
|
|
|
|
def ap_wps_params(ssid):
|
|
return { "ssid": ssid, "eap_server": "1", "wps_state": "2",
|
|
"wpa_passphrase": "12345678", "wpa": "2",
|
|
"wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"}
|
|
|
|
def test_nfc_wps_password_token_sta(dev, apdev):
|
|
"""NFC tag with password token on the station/Enrollee"""
|
|
dev[0].request("SET ignore_old_scan_res 1")
|
|
ssid = "test-wps-nfc-pw-token-conf"
|
|
params = ap_wps_params(ssid)
|
|
hostapd.add_ap(apdev[0]['ifname'], params)
|
|
hapd = hostapd.Hostapd(apdev[0]['ifname'])
|
|
logger.info("WPS provisioning step using password token from station")
|
|
pw = dev[0].request("WPS_NFC_TOKEN NDEF").rstrip()
|
|
if "FAIL" in pw:
|
|
raise Exception("Failed to generate password token")
|
|
res = hapd.request("WPS_NFC_TAG_READ " + pw)
|
|
if "FAIL" in res:
|
|
raise Exception("Failed to provide NFC tag contents to hostapd")
|
|
dev[0].dump_monitor()
|
|
res = dev[0].request("WPS_NFC")
|
|
if "FAIL" in res:
|
|
raise Exception("Failed to start Enrollee using NFC password token")
|
|
ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
|
|
if ev is None:
|
|
raise Exception("Association with the AP timed out")
|
|
check_wpa2_connection(dev[0], apdev[0], ssid)
|
|
|
|
def test_nfc_wps_config_token(dev, apdev):
|
|
"""NFC tag with configuration token from AP"""
|
|
ssid = "test-wps-nfc-conf-token"
|
|
params = ap_wps_params(ssid)
|
|
hostapd.add_ap(apdev[0]['ifname'], params)
|
|
hapd = hostapd.Hostapd(apdev[0]['ifname'])
|
|
logger.info("NFC configuration token from AP to station")
|
|
conf = hapd.request("WPS_NFC_CONFIG_TOKEN NDEF").rstrip()
|
|
if "FAIL" in conf:
|
|
raise Exception("Failed to generate configuration token")
|
|
dev[0].dump_monitor()
|
|
res = dev[0].request("WPS_NFC_TAG_READ " + conf)
|
|
if "FAIL" in res:
|
|
raise Exception("Failed to provide NFC tag contents to wpa_supplicant")
|
|
ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15)
|
|
if ev is None:
|
|
raise Exception("Association with the AP timed out")
|
|
check_wpa2_connection(dev[0], apdev[0], ssid)
|
|
|
|
def test_nfc_wps_config_token_init(dev, apdev):
|
|
"""NFC tag with configuration token from AP with auto configuration"""
|
|
dev[0].request("SET ignore_old_scan_res 1")
|
|
ssid = "test-wps-nfc-conf-token-init"
|
|
hostapd.add_ap(apdev[0]['ifname'],
|
|
{ "ssid": ssid, "eap_server": "1", "wps_state": "1" })
|
|
hapd = hostapd.Hostapd(apdev[0]['ifname'])
|
|
logger.info("NFC configuration token from AP to station")
|
|
conf = hapd.request("WPS_NFC_CONFIG_TOKEN NDEF").rstrip()
|
|
if "FAIL" in conf:
|
|
raise Exception("Failed to generate configuration token")
|
|
dev[0].dump_monitor()
|
|
res = dev[0].request("WPS_NFC_TAG_READ " + conf)
|
|
if "FAIL" in res:
|
|
raise Exception("Failed to provide NFC tag contents to wpa_supplicant")
|
|
ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15)
|
|
if ev is None:
|
|
raise Exception("Association with the AP timed out")
|
|
check_wpa2_connection(dev[0], apdev[0], ssid, mixed=True)
|
|
|
|
def test_nfc_wps_password_token_sta_init(dev, apdev):
|
|
"""Initial AP configuration with first WPS NFC Enrollee"""
|
|
dev[0].request("SET ignore_old_scan_res 1")
|
|
ssid = "test-wps-nfc-pw-token-init"
|
|
hostapd.add_ap(apdev[0]['ifname'],
|
|
{ "ssid": ssid, "eap_server": "1", "wps_state": "1" })
|
|
hapd = hostapd.Hostapd(apdev[0]['ifname'])
|
|
logger.info("WPS provisioning step using password token from station")
|
|
pw = dev[0].request("WPS_NFC_TOKEN NDEF").rstrip()
|
|
if "FAIL" in pw:
|
|
raise Exception("Failed to generate password token")
|
|
res = hapd.request("WPS_NFC_TAG_READ " + pw)
|
|
if "FAIL" in res:
|
|
raise Exception("Failed to provide NFC tag contents to hostapd")
|
|
dev[0].dump_monitor()
|
|
res = dev[0].request("WPS_NFC")
|
|
if "FAIL" in res:
|
|
raise Exception("Failed to start Enrollee using NFC password token")
|
|
ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
|
|
if ev is None:
|
|
raise Exception("Association with the AP timed out")
|
|
check_wpa2_connection(dev[0], apdev[0], ssid, mixed=True)
|
|
|
|
def test_nfc_wps_password_token_ap(dev, apdev):
|
|
"""WPS registrar configuring an AP using AP password token"""
|
|
dev[0].request("SET ignore_old_scan_res 1")
|
|
ssid = "test-wps-nfc-pw-token-init"
|
|
hostapd.add_ap(apdev[0]['ifname'],
|
|
{ "ssid": ssid, "eap_server": "1", "wps_state": "1" })
|
|
hapd = hostapd.Hostapd(apdev[0]['ifname'])
|
|
logger.info("WPS configuration step")
|
|
pw = hapd.request("WPS_NFC_TOKEN NDEF").rstrip()
|
|
if "FAIL" in pw:
|
|
raise Exception("Failed to generate password token")
|
|
res = hapd.request("WPS_NFC_TOKEN enable")
|
|
if "FAIL" in pw:
|
|
raise Exception("Failed to enable AP password token")
|
|
res = dev[0].request("WPS_NFC_TAG_READ " + pw)
|
|
if "FAIL" in res:
|
|
raise Exception("Failed to provide NFC tag contents to wpa_supplicant")
|
|
dev[0].dump_monitor()
|
|
new_ssid = "test-wps-nfc-pw-token-new-ssid"
|
|
new_passphrase = "1234567890"
|
|
res = dev[0].request("WPS_REG " + apdev[0]['bssid'] + " nfc-pw " + new_ssid.encode("hex") + " WPA2PSK CCMP " + new_passphrase.encode("hex"))
|
|
if "FAIL" in res:
|
|
raise Exception("Failed to start Registrar using NFC password token")
|
|
ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
|
|
if ev is None:
|
|
raise Exception("Association with the AP timed out")
|
|
check_wpa2_connection(dev[0], apdev[0], new_ssid, mixed=True)
|
|
|
|
def test_nfc_wps_handover(dev, apdev):
|
|
"""Connect to WPS AP with NFC connection handover"""
|
|
ssid = "test-wps-nfc-handover"
|
|
params = ap_wps_params(ssid)
|
|
hostapd.add_ap(apdev[0]['ifname'], params)
|
|
hapd = hostapd.Hostapd(apdev[0]['ifname'])
|
|
logger.info("NFC connection handover")
|
|
req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
|
|
if "FAIL" in req:
|
|
raise Exception("Failed to generate NFC connection handover request")
|
|
sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip()
|
|
if "FAIL" in sel:
|
|
raise Exception("Failed to generate NFC connection handover select")
|
|
res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
|
|
if "FAIL" in res:
|
|
raise Exception("Failed to report NFC connection handover to to hostapd")
|
|
dev[0].dump_monitor()
|
|
res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
|
|
if "FAIL" in res:
|
|
raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
|
|
ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
|
|
if ev is None:
|
|
raise Exception("Association with the AP timed out")
|
|
check_wpa2_connection(dev[0], apdev[0], ssid)
|