Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

tests: DPP protocol testing

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen 7 years ago
parent
26806abe85
commit
a0e3e22263
1 changed files with 269 additions and 0 deletions
Split View Show Diff Stats
  1. 269 0
      tests/hwsim/test_dpp.py

+ 269 - 0
tests/hwsim/test_dpp.py
View File 

@@ -1671,3 +1671,272 @@ def run_dpp_own_config(dev, apdev, own_curve=None, expect_failure=False):
 
         dev[0].request("DISCONNECT")
 
     else:
 
         dev[0].wait_connected()
 
+
 
+def run_dpp_proto_init(dev, test_dev, test, mutual=False):
 
+    check_dpp_capab(dev[0])
 
+    check_dpp_capab(dev[1])
 
+    dev[test_dev].set("dpp_test", str(test))
 
+
 
+    cmd = "DPP_CONFIGURATOR_ADD"
 
+    res = dev[1].request(cmd);
 
+    if "FAIL" in res:
 
+        raise Exception("Failed to add configurator")
 
+    conf_id = int(res)
 
+
 
+    addr = dev[0].own_addr().replace(':', '')
 
+    cmd = "DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr
 
+    res = dev[0].request(cmd)
 
+    if "FAIL" in res:
 
+        raise Exception("Failed to generate bootstrapping info")
 
+    id0 = int(res)
 
+    uri0 = dev[0].request("DPP_BOOTSTRAP_GET_URI %d" % id0)
 
+
 
+    res = dev[1].request("DPP_QR_CODE " + uri0)
 
+    if "FAIL" in res:
 
+        raise Exception("Failed to parse QR Code URI")
 
+    id1 = int(res)
 
+
 
+    if mutual:
 
+        addr = dev[1].own_addr().replace(':', '')
 
+        res = dev[1].request("DPP_BOOTSTRAP_GEN type=qrcode chan=81/1 mac=" + addr)
 
+        if "FAIL" in res:
 
+            raise Exception("Failed to generate bootstrapping info")
 
+        id1b = int(res)
 
+        uri1b = dev[1].request("DPP_BOOTSTRAP_GET_URI %d" % id1b)
 
+
 
+        res = dev[0].request("DPP_QR_CODE " + uri1b)
 
+        if "FAIL" in res:
 
+            raise Exception("Failed to parse QR Code URI")
 
+        id0b = int(res)
 
+
 
+    cmd = "DPP_LISTEN 2412"
 
+    if "OK" not in dev[0].request(cmd):
 
+        raise Exception("Failed to start listen operation")
 
+
 
+    cmd = "DPP_AUTH_INIT peer=%d configurator=%d conf=sta-dpp" % (id1, conf_id)
 
+    if mutual:
 
+        cmd += " own=%d" % id1b
 
+    if "OK" not in dev[1].request(cmd):
 
+        raise Exception("Failed to initiate DPP Authentication")
 
+
 
+def test_dpp_proto_after_wrapped_data_auth_req(dev, apdev):
 
+    """DPP protocol testing - attribute after Wrapped Data in Auth Req"""
 
+    run_dpp_proto_init(dev, 1, 1)
 
+    ev = dev[0].wait_event(["DPP-RX"], timeout=5)
 
+    if ev is None:
 
+        raise Exception("DPP Authentication Request not seen")
 
+    if "type=0" not in ev or "ignore=invalid-attributes" not in ev:
 
+        raise Exception("Unexpected RX info: " + ev)
 
+    ev = dev[1].wait_event(["DPP-RX"], timeout=0.1)
 
+    if ev is not None:
 
+        raise Exception("Unexpected DPP message seen")
 
+
 
+def test_dpp_proto_after_wrapped_data_auth_resp(dev, apdev):
 
+    """DPP protocol testing - attribute after Wrapped Data in Auth Resp"""
 
+    run_dpp_proto_init(dev, 0, 2)
 
+    ev = dev[1].wait_event(["DPP-RX"], timeout=5)
 
+    if ev is None:
 
+        raise Exception("DPP Authentication Response not seen")
 
+    if "type=1" not in ev or "ignore=invalid-attributes" not in ev:
 
+        raise Exception("Unexpected RX info: " + ev)
 
+    ev = dev[0].wait_event(["DPP-RX"], timeout=1)
 
+    if ev is None or "type=0" not in ev:
 
+        raise Exception("DPP Authentication Request not seen")
 
+    ev = dev[0].wait_event(["DPP-RX"], timeout=0.1)
 
+    if ev is not None:
 
+        raise Exception("Unexpected DPP message seen")
 
+
 
+def test_dpp_proto_after_wrapped_data_auth_conf(dev, apdev):
 
+    """DPP protocol testing - attribute after Wrapped Data in Auth Conf"""
 
+    run_dpp_proto_init(dev, 1, 3)
 
+    ev = dev[0].wait_event(["DPP-RX"], timeout=5)
 
+    if ev is None or "type=0" not in ev:
 
+        raise Exception("DPP Authentication Request not seen")
 
+    ev = dev[0].wait_event(["DPP-RX"], timeout=5)
 
+    if ev is None:
 
+        raise Exception("DPP Authentication Confirm not seen")
 
+    if "type=2" not in ev or "ignore=invalid-attributes" not in ev:
 
+        raise Exception("Unexpected RX info: " + ev)
 
+
 
+def test_dpp_proto_after_wrapped_data_conf_req(dev, apdev):
 
+    """DPP protocol testing - attribute after Wrapped Data in Conf Req"""
 
+    run_dpp_proto_init(dev, 0, 6)
 
+    ev = dev[1].wait_event(["DPP-CONF-FAILED"], timeout=10)
 
+    if ev is None:
 
+        raise Exception("DPP Configuration failure not seen")
 
+
 
+def test_dpp_proto_after_wrapped_data_conf_resp(dev, apdev):
 
+    """DPP protocol testing - attribute after Wrapped Data in Conf Resp"""
 
+    run_dpp_proto_init(dev, 1, 7)
 
+    ev = dev[0].wait_event(["DPP-CONF-FAILED"], timeout=10)
 
+    if ev is None:
 
+        raise Exception("DPP Configuration failure not seen")
 
+
 
+def test_dpp_proto_zero_i_capab(dev, apdev):
 
+    """DPP protocol testing - zero I-capability in Auth Req"""
 
+    run_dpp_proto_init(dev, 1, 8)
 
+    ev = dev[0].wait_event(["DPP-FAIL"], timeout=5)
 
+    if ev is None:
 
+        raise Exception("DPP failure not seen")
 
+    if "Invalid role in I-capabilities 0x00" not in ev:
 
+        raise Exception("Unexpected failure: " + ev)
 
+    ev = dev[1].wait_event(["DPP-RX"], timeout=0.1)
 
+    if ev is not None:
 
+        raise Exception("Unexpected DPP message seen")
 
+
 
+def test_dpp_proto_zero_r_capab(dev, apdev):
 
+    """DPP protocol testing - zero R-capability in Auth Resp"""
 
+    run_dpp_proto_init(dev, 0, 9)
 
+    ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
 
+    if ev is None:
 
+        raise Exception("DPP failure not seen")
 
+    if "Unexpected role in R-capabilities 0x00" not in ev:
 
+        raise Exception("Unexpected failure: " + ev)
 
+    ev = dev[0].wait_event(["DPP-RX"], timeout=1)
 
+    if ev is None or "type=0" not in ev:
 
+        raise Exception("DPP Authentication Request not seen")
 
+    ev = dev[0].wait_event(["DPP-RX"], timeout=0.1)
 
+    if ev is not None:
 
+        raise Exception("Unexpected DPP message seen")
 
+
 
+def run_dpp_proto_auth_req_missing(dev, test, reason):
 
+    run_dpp_proto_init(dev, 1, test)
 
+    ev = dev[0].wait_event(["DPP-FAIL"], timeout=5)
 
+    if ev is None:
 
+        raise Exception("DPP failure not seen")
 
+    if reason not in ev:
 
+        raise Exception("Unexpected failure: " + ev)
 
+    ev = dev[1].wait_event(["DPP-RX"], timeout=0.1)
 
+    if ev is not None:
 
+        raise Exception("Unexpected DPP message seen")
 
+
 
+def test_dpp_proto_auth_req_no_r_bootstrap_key(dev, apdev):
 
+    """DPP protocol testing - no R-bootstrap key in Auth Req"""
 
+    run_dpp_proto_auth_req_missing(dev, 10, "Missing or invalid required Responder Bootstrapping Key Hash attribute")
 
+
 
+def test_dpp_proto_auth_req_no_i_bootstrap_key(dev, apdev):
 
+    """DPP protocol testing - no I-bootstrap key in Auth Req"""
 
+    run_dpp_proto_auth_req_missing(dev, 11, "Missing or invalid required Initiator Bootstrapping Key Hash attribute")
 
+
 
+def test_dpp_proto_auth_req_no_i_proto_key(dev, apdev):
 
+    """DPP protocol testing - no I-proto key in Auth Req"""
 
+    run_dpp_proto_auth_req_missing(dev, 12, "Missing required Initiator Protocol Key attribute")
 
+
 
+def test_dpp_proto_auth_req_no_i_nonce(dev, apdev):
 
+    """DPP protocol testing - no I-nonce in Auth Req"""
 
+    run_dpp_proto_auth_req_missing(dev, 13, "Missing or invalid I-nonce")
 
+
 
+def test_dpp_proto_auth_req_no_i_capab(dev, apdev):
 
+    """DPP protocol testing - no I-capab in Auth Req"""
 
+    run_dpp_proto_auth_req_missing(dev, 14, "Missing or invalid I-capab")
 
+
 
+def test_dpp_proto_auth_req_no_wrapped_data(dev, apdev):
 
+    """DPP protocol testing - no Wrapped Data in Auth Req"""
 
+    run_dpp_proto_auth_req_missing(dev, 15, "Missing or invalid required Wrapped Data attribute")
 
+
 
+def run_dpp_proto_auth_resp_missing(dev, test, reason):
 
+    run_dpp_proto_init(dev, 0, test, mutual=True)
 
+    if reason is None:
 
+        time.sleep(0.1)
 
+        return
 
+    ev = dev[1].wait_event(["DPP-FAIL"], timeout=5)
 
+    if ev is None:
 
+        raise Exception("DPP failure not seen")
 
+    if reason not in ev:
 
+        raise Exception("Unexpected failure: " + ev)
 
+    ev = dev[0].wait_event(["DPP-RX"], timeout=1)
 
+    if ev is None or "type=0" not in ev:
 
+        raise Exception("DPP Authentication Request not seen")
 
+    ev = dev[0].wait_event(["DPP-RX"], timeout=0.1)
 
+    if ev is not None:
 
+        raise Exception("Unexpected DPP message seen")
 
+
 
+def test_dpp_proto_auth_resp_no_status(dev, apdev):
 
+    """DPP protocol testing - no Status in Auth Resp"""
 
+    run_dpp_proto_auth_resp_missing(dev, 16, "Missing or invalid required DPP Status attribute")
 
+
 
+def test_dpp_proto_auth_resp_no_r_bootstrap_key(dev, apdev):
 
+    """DPP protocol testing - no R-bootstrap key in Auth Resp"""
 
+    run_dpp_proto_auth_resp_missing(dev, 17, "Missing or invalid required Responder Bootstrapping Key Hash attribute")
 
+
 
+def test_dpp_proto_auth_resp_no_i_bootstrap_key(dev, apdev):
 
+    """DPP protocol testing - no I-bootstrap key in Auth Resp"""
 
+    run_dpp_proto_auth_resp_missing(dev, 18, None)
 
+
 
+def test_dpp_proto_auth_resp_no_r_proto_key(dev, apdev):
 
+    """DPP protocol testing - no R-Proto Key in Auth Resp"""
 
+    run_dpp_proto_auth_resp_missing(dev, 19, "Missing required Responder Protocol Key attribute")
 
+
 
+def test_dpp_proto_auth_resp_no_r_nonce(dev, apdev):
 
+    """DPP protocol testing - no R-nonce in Auth Resp"""
 
+    run_dpp_proto_auth_resp_missing(dev, 20, "Missing or invalid R-nonce")
 
+
 
+def test_dpp_proto_auth_resp_no_i_nonce(dev, apdev):
 
+    """DPP protocol testing - no I-nonce in Auth Resp"""
 
+    run_dpp_proto_auth_resp_missing(dev, 21, "Missing or invalid I-nonce")
 
+
 
+def test_dpp_proto_auth_resp_no_r_capab(dev, apdev):
 
+    """DPP protocol testing - no R-capab in Auth Resp"""
 
+    run_dpp_proto_auth_resp_missing(dev, 22, "Missing or invalid R-capabilities")
 
+
 
+def test_dpp_proto_auth_resp_no_r_auth(dev, apdev):
 
+    """DPP protocol testing - no R-auth in Auth Resp"""
 
+    run_dpp_proto_auth_resp_missing(dev, 23, "Missing or invalid Secondary Wrapped Data")
 
+
 
+def test_dpp_proto_auth_resp_no_wrapped_data(dev, apdev):
 
+    """DPP protocol testing - no Wrapped Data in Auth Resp"""
 
+    run_dpp_proto_auth_resp_missing(dev, 24, "Missing or invalid required Wrapped Data attribute")
 
+
 
+def run_dpp_proto_init_pkex(dev, test_dev, test):
 
+    check_dpp_capab(dev[0])
 
+    check_dpp_capab(dev[1])
 
+    dev[test_dev].set("dpp_test", str(test))
 
+
 
+    cmd = "DPP_BOOTSTRAP_GEN type=pkex"
 
+    res = dev[0].request(cmd)
 
+    if "FAIL" in res:
 
+        raise Exception("Failed to generate bootstrapping info")
 
+    id0 = int(res)
 
+
 
+    cmd = "DPP_BOOTSTRAP_GEN type=pkex"
 
+    res = dev[1].request(cmd)
 
+    if "FAIL" in res:
 
+        raise Exception("Failed to generate bootstrapping info")
 
+    id1 = int(res)
 
+
 
+    cmd = "DPP_PKEX_ADD own=%d identifier=test code=secret" % (id0)
 
+    res = dev[0].request(cmd)
 
+    if "FAIL" in res:
 
+        raise Exception("Failed to set PKEX data (responder)")
 
+    cmd = "DPP_LISTEN 2437"
 
+    if "OK" not in dev[0].request(cmd):
 
+        raise Exception("Failed to start listen operation")
 
+
 
+    cmd = "DPP_PKEX_ADD own=%d identifier=test init=1 code=secret" % id1
 
+    res = dev[1].request(cmd)
 
+    if "FAIL" in res:
 
+        raise Exception("Failed to set PKEX data (initiator)")
 
+
 
+def test_dpp_proto_after_wrapped_data_pkex_cr_req(dev, apdev):
 
+    """DPP protocol testing - attribute after Wrapped Data in PKEX CR Req"""
 
+    run_dpp_proto_init_pkex(dev, 1, 4)
 
+    ev = dev[0].wait_event(["DPP-RX"], timeout=5)
 
+    if ev is None or "type=7" not in ev:
 
+        raise Exception("PKEX Exchange Request not seen")
 
+    ev = dev[0].wait_event(["DPP-RX"], timeout=5)
 
+    if ev is None or "type=9" not in ev:
 
+        raise Exception("PKEX Commit-Reveal Request not seen")
 
+    if "ignore=invalid-attributes" not in ev:
 
+        raise Exception("Unexpected RX info: " + ev)
 
+
 
+def test_dpp_proto_after_wrapped_data_pkex_cr_resp(dev, apdev):
 
+    """DPP protocol testing - attribute after Wrapped Data in PKEX CR Resp"""
 
+    run_dpp_proto_init_pkex(dev, 0, 5)
 
+    ev = dev[1].wait_event(["DPP-RX"], timeout=5)
 
+    if ev is None or "type=8" not in ev:
 
+        raise Exception("PKEX Exchange Response not seen")
 
+    ev = dev[1].wait_event(["DPP-RX"], timeout=5)
 
+    if ev is None or "type=10" not in ev:
 
+        raise Exception("PKEX Commit-Reveal Response not seen")
 
+    if "ignore=invalid-attributes" not in ev:
 
+        raise Exception("Unexpected RX info: " + ev)