2 # Copyright (c) 2014, Qualcomm Atheros, Inc.
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
11 logger = logging.getLogger()
20 def check_mib(dev, vals):
24 raise Exception("Unexpected {} = {} (expected {})".format(v[0], mib[v[0]], v[1]))
26 def test_ap_wpa2_psk(dev, apdev):
27 """WPA2-PSK AP with PSK instead of passphrase"""
28 ssid = "test-wpa2-psk"
29 passphrase = 'qwertyuiop'
30 psk = '602e323e077bc63bd80307ef4745b754b0ae0a925c2638ecd13a794b9527b9e6'
31 params = hostapd.wpa2_params(ssid=ssid)
32 params['wpa_psk'] = psk
33 hapd = hostapd.add_ap(apdev[0]['ifname'], params)
34 key_mgmt = hapd.get_config()['key_mgmt']
35 if key_mgmt.split(' ')[0] != "WPA-PSK":
36 raise Exception("Unexpected GET_CONFIG(key_mgmt): " + key_mgmt)
37 dev[0].connect(ssid, raw_psk=psk, scan_freq="2412")
38 dev[1].connect(ssid, psk=passphrase, scan_freq="2412")
40 sig = dev[0].request("SIGNAL_POLL").splitlines()
41 pkt = dev[0].request("PKTCNT_POLL").splitlines()
42 if "FREQUENCY=2412" not in sig:
43 raise Exception("Unexpected SIGNAL_POLL value: " + str(sig))
44 if "TXBAD=0" not in pkt:
45 raise Exception("Unexpected TXBAD value: " + str(pkt))
47 def test_ap_wpa2_psk_file(dev, apdev):
48 """WPA2-PSK AP with PSK from a file"""
49 ssid = "test-wpa2-psk"
50 passphrase = 'qwertyuiop'
51 psk = '602e323e077bc63bd80307ef4745b754b0ae0a925c2638ecd13a794b9527b9e6'
52 params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
53 params['wpa_psk_file'] = 'hostapd.wpa_psk'
54 hostapd.add_ap(apdev[0]['ifname'], params)
55 dev[1].connect(ssid, psk="very secret", scan_freq="2412", wait_connect=False)
56 dev[2].connect(ssid, raw_psk=psk, scan_freq="2412")
57 dev[2].request("REMOVE_NETWORK all")
58 dev[0].connect(ssid, psk="very secret", scan_freq="2412")
59 dev[0].request("REMOVE_NETWORK all")
60 dev[2].connect(ssid, psk="another passphrase for all STAs", scan_freq="2412")
61 dev[0].connect(ssid, psk="another passphrase for all STAs", scan_freq="2412")
62 ev = dev[1].wait_event(["WPA: 4-Way Handshake failed"], timeout=10)
64 raise Exception("Timed out while waiting for failure report")
65 dev[1].request("REMOVE_NETWORK all")
67 def test_ap_wpa2_ptk_rekey(dev, apdev):
68 """WPA2-PSK AP and PTK rekey enforced by station"""
69 ssid = "test-wpa2-psk"
70 passphrase = 'qwertyuiop'
71 params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
72 hapd = hostapd.add_ap(apdev[0]['ifname'], params)
73 dev[0].connect(ssid, psk=passphrase, wpa_ptk_rekey="1", scan_freq="2412")
74 ev = dev[0].wait_event(["WPA: Key negotiation completed"])
76 raise Exception("PTK rekey timed out")
77 hwsim_utils.test_connectivity(dev[0], hapd)
79 def test_ap_wpa2_ptk_rekey_ap(dev, apdev):
80 """WPA2-PSK AP and PTK rekey enforced by AP"""
81 ssid = "test-wpa2-psk"
82 passphrase = 'qwertyuiop'
83 params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
84 params['wpa_ptk_rekey'] = '2'
85 hapd = hostapd.add_ap(apdev[0]['ifname'], params)
86 dev[0].connect(ssid, psk=passphrase, scan_freq="2412")
87 ev = dev[0].wait_event(["WPA: Key negotiation completed"])
89 raise Exception("PTK rekey timed out")
90 hwsim_utils.test_connectivity(dev[0], hapd)
92 def test_ap_wpa2_sha256_ptk_rekey(dev, apdev):
93 """WPA2-PSK/SHA256 AKM AP and PTK rekey enforced by station"""
94 ssid = "test-wpa2-psk"
95 passphrase = 'qwertyuiop'
96 params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
97 params["wpa_key_mgmt"] = "WPA-PSK-SHA256"
98 hapd = hostapd.add_ap(apdev[0]['ifname'], params)
99 dev[0].connect(ssid, psk=passphrase, key_mgmt="WPA-PSK-SHA256",
100 wpa_ptk_rekey="1", scan_freq="2412")
101 ev = dev[0].wait_event(["WPA: Key negotiation completed"])
103 raise Exception("PTK rekey timed out")
104 hwsim_utils.test_connectivity(dev[0], hapd)
105 check_mib(dev[0], [ ("dot11RSNAAuthenticationSuiteRequested", "00-0f-ac-6"),
106 ("dot11RSNAAuthenticationSuiteSelected", "00-0f-ac-6") ])
108 def test_ap_wpa2_sha256_ptk_rekey_ap(dev, apdev):
109 """WPA2-PSK/SHA256 AKM AP and PTK rekey enforced by AP"""
110 ssid = "test-wpa2-psk"
111 passphrase = 'qwertyuiop'
112 params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
113 params["wpa_key_mgmt"] = "WPA-PSK-SHA256"
114 params['wpa_ptk_rekey'] = '2'
115 hapd = hostapd.add_ap(apdev[0]['ifname'], params)
116 dev[0].connect(ssid, psk=passphrase, key_mgmt="WPA-PSK-SHA256",
118 ev = dev[0].wait_event(["WPA: Key negotiation completed"])
120 raise Exception("PTK rekey timed out")
121 hwsim_utils.test_connectivity(dev[0], hapd)
122 check_mib(dev[0], [ ("dot11RSNAAuthenticationSuiteRequested", "00-0f-ac-6"),
123 ("dot11RSNAAuthenticationSuiteSelected", "00-0f-ac-6") ])
125 def test_ap_wpa_ptk_rekey(dev, apdev):
126 """WPA-PSK/TKIP AP and PTK rekey enforced by station"""
127 ssid = "test-wpa-psk"
128 passphrase = 'qwertyuiop'
129 params = hostapd.wpa_params(ssid=ssid, passphrase=passphrase)
130 hapd = hostapd.add_ap(apdev[0]['ifname'], params)
131 dev[0].connect(ssid, psk=passphrase, wpa_ptk_rekey="1", scan_freq="2412")
132 if "[WPA-PSK-TKIP]" not in dev[0].request("SCAN_RESULTS"):
133 raise Exception("Scan results missing WPA element info")
134 ev = dev[0].wait_event(["WPA: Key negotiation completed"])
136 raise Exception("PTK rekey timed out")
137 hwsim_utils.test_connectivity(dev[0], hapd)
139 def test_ap_wpa_ptk_rekey_ap(dev, apdev):
140 """WPA-PSK/TKIP AP and PTK rekey enforced by AP"""
141 ssid = "test-wpa-psk"
142 passphrase = 'qwertyuiop'
143 params = hostapd.wpa_params(ssid=ssid, passphrase=passphrase)
144 params['wpa_ptk_rekey'] = '2'
145 hapd = hostapd.add_ap(apdev[0]['ifname'], params)
146 dev[0].connect(ssid, psk=passphrase, scan_freq="2412")
147 ev = dev[0].wait_event(["WPA: Key negotiation completed"], timeout=10)
149 raise Exception("PTK rekey timed out")
150 hwsim_utils.test_connectivity(dev[0], hapd)
152 def test_ap_wpa_ccmp(dev, apdev):
154 ssid = "test-wpa-psk"
155 passphrase = 'qwertyuiop'
156 params = hostapd.wpa_params(ssid=ssid, passphrase=passphrase)
157 params['wpa_pairwise'] = "CCMP"
158 hapd = hostapd.add_ap(apdev[0]['ifname'], params)
159 dev[0].connect(ssid, psk=passphrase, scan_freq="2412")
160 hwsim_utils.test_connectivity(dev[0], hapd)
161 check_mib(dev[0], [ ("dot11RSNAConfigGroupCipherSize", "128"),
162 ("dot11RSNAGroupCipherRequested", "00-50-f2-4"),
163 ("dot11RSNAPairwiseCipherRequested", "00-50-f2-4"),
164 ("dot11RSNAAuthenticationSuiteRequested", "00-50-f2-2"),
165 ("dot11RSNAGroupCipherSelected", "00-50-f2-4"),
166 ("dot11RSNAPairwiseCipherSelected", "00-50-f2-4"),
167 ("dot11RSNAAuthenticationSuiteSelected", "00-50-f2-2"),
168 ("dot1xSuppSuppControlledPortStatus", "Authorized") ])
170 def test_ap_wpa2_psk_file(dev, apdev):
171 """WPA2-PSK AP with various PSK file error and success cases"""
172 addr0 = dev[0].p2p_dev_addr()
173 addr1 = dev[1].p2p_dev_addr()
174 addr2 = dev[2].p2p_dev_addr()
176 pskfile = "/tmp/ap_wpa2_psk_file_errors.psk_file"
182 params = { "ssid": ssid, "wpa": "2", "wpa_key_mgmt": "WPA-PSK",
183 "rsn_pairwise": "CCMP", "wpa_psk_file": pskfile }
187 hapd = hostapd.add_ap(apdev[0]['ifname'], params, no_enable=True)
188 if "FAIL" not in hapd.request("ENABLE"):
189 raise Exception("Unexpected ENABLE success")
190 hapd.request("DISABLE")
192 # invalid MAC address
193 with open(pskfile, "w") as f:
196 if "FAIL" not in hapd.request("ENABLE"):
197 raise Exception("Unexpected ENABLE success")
198 hapd.request("DISABLE")
201 with open(pskfile, "w") as f:
202 f.write("00:11:22:33:44:55\n")
203 if "FAIL" not in hapd.request("ENABLE"):
204 raise Exception("Unexpected ENABLE success")
205 hapd.request("DISABLE")
208 with open(pskfile, "w") as f:
209 f.write("00:11:22:33:44:55 1234567\n")
210 if "FAIL" not in hapd.request("ENABLE"):
211 raise Exception("Unexpected ENABLE success")
212 hapd.request("DISABLE")
215 with open(pskfile, "w") as f:
216 f.write("00:11:22:33:44:55 12345678\n")
217 f.write(addr0 + " 123456789\n")
218 f.write(addr1 + " 123456789a\n")
219 f.write(addr2 + " 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\n")
220 if "FAIL" in hapd.request("ENABLE"):
221 raise Exception("Unexpected ENABLE failure")
223 dev[0].connect(ssid, psk="123456789", scan_freq="2412")
224 dev[1].connect(ssid, psk="123456789a", scan_freq="2412")
225 dev[2].connect(ssid, raw_psk="0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef", scan_freq="2412")
233 def test_ap_wpa2_psk_wildcard_ssid(dev, apdev):
234 """WPA2-PSK AP and wildcard SSID configuration"""
235 ssid = "test-wpa2-psk"
236 passphrase = 'qwertyuiop'
237 psk = '602e323e077bc63bd80307ef4745b754b0ae0a925c2638ecd13a794b9527b9e6'
238 params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
239 hapd = hostapd.add_ap(apdev[0]['ifname'], params)
240 dev[0].connect("", bssid=apdev[0]['bssid'], psk=passphrase,
242 dev[1].connect("", bssid=apdev[0]['bssid'], raw_psk=psk, scan_freq="2412")
244 def test_ap_wpa2_gtk_rekey(dev, apdev):
245 """WPA2-PSK AP and GTK rekey enforced by AP"""
246 ssid = "test-wpa2-psk"
247 passphrase = 'qwertyuiop'
248 params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
249 params['wpa_group_rekey'] = '1'
250 hapd = hostapd.add_ap(apdev[0]['ifname'], params)
251 dev[0].connect(ssid, psk=passphrase, scan_freq="2412")
252 ev = dev[0].wait_event(["WPA: Group rekeying completed"], timeout=2)
254 raise Exception("GTK rekey timed out")
255 hwsim_utils.test_connectivity(dev[0], hapd)
257 def test_ap_wpa_gtk_rekey(dev, apdev):
258 """WPA-PSK/TKIP AP and GTK rekey enforced by AP"""
259 ssid = "test-wpa-psk"
260 passphrase = 'qwertyuiop'
261 params = hostapd.wpa_params(ssid=ssid, passphrase=passphrase)
262 params['wpa_group_rekey'] = '1'
263 hapd = hostapd.add_ap(apdev[0]['ifname'], params)
264 dev[0].connect(ssid, psk=passphrase, scan_freq="2412")
265 ev = dev[0].wait_event(["WPA: Group rekeying completed"], timeout=2)
267 raise Exception("GTK rekey timed out")
268 hwsim_utils.test_connectivity(dev[0], hapd)
270 def test_ap_wpa2_gmk_rekey(dev, apdev):
271 """WPA2-PSK AP and GMK and GTK rekey enforced by AP"""
272 ssid = "test-wpa2-psk"
273 passphrase = 'qwertyuiop'
274 params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
275 params['wpa_group_rekey'] = '1'
276 params['wpa_gmk_rekey'] = '2'
277 hapd = hostapd.add_ap(apdev[0]['ifname'], params)
278 dev[0].connect(ssid, psk=passphrase, scan_freq="2412")
279 for i in range(0, 3):
280 ev = dev[0].wait_event(["WPA: Group rekeying completed"], timeout=2)
282 raise Exception("GTK rekey timed out")
283 hwsim_utils.test_connectivity(dev[0], hapd)
285 def test_ap_wpa2_strict_rekey(dev, apdev):
286 """WPA2-PSK AP and strict GTK rekey enforced by AP"""
287 ssid = "test-wpa2-psk"
288 passphrase = 'qwertyuiop'
289 params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
290 params['wpa_strict_rekey'] = '1'
291 hapd = hostapd.add_ap(apdev[0]['ifname'], params)
292 dev[0].connect(ssid, psk=passphrase, scan_freq="2412")
293 dev[1].connect(ssid, psk=passphrase, scan_freq="2412")
294 dev[1].request("DISCONNECT")
295 ev = dev[0].wait_event(["WPA: Group rekeying completed"], timeout=2)
297 raise Exception("GTK rekey timed out")
298 hwsim_utils.test_connectivity(dev[0], hapd)
300 def test_ap_wpa2_bridge_fdb(dev, apdev):
301 """Bridge FDB entry removal"""
303 ssid = "test-wpa2-psk"
304 passphrase = "12345678"
305 params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
306 params['bridge'] = 'ap-br0'
307 hostapd.add_ap(apdev[0]['ifname'], params)
308 subprocess.call(['sudo', 'brctl', 'setfd', 'ap-br0', '0'])
309 subprocess.call(['sudo', 'ip', 'link', 'set', 'dev', 'ap-br0', 'up'])
310 dev[0].connect(ssid, psk=passphrase, scan_freq="2412",
311 bssid=apdev[0]['bssid'])
312 dev[1].connect(ssid, psk=passphrase, scan_freq="2412",
313 bssid=apdev[0]['bssid'])
314 addr0 = dev[0].p2p_interface_addr()
315 hwsim_utils.test_connectivity_sta(dev[0], dev[1])
316 cmd = subprocess.Popen(['brctl', 'showmacs', 'ap-br0'],
317 stdout=subprocess.PIPE)
318 macs1 = cmd.stdout.read()
319 dev[0].request("DISCONNECT")
320 dev[1].request("DISCONNECT")
322 cmd = subprocess.Popen(['brctl', 'showmacs', 'ap-br0'],
323 stdout=subprocess.PIPE)
324 macs2 = cmd.stdout.read()
326 addr1 = dev[1].p2p_interface_addr()
327 if addr0 not in macs1 or addr1 not in macs1:
328 raise Exception("Bridge FDB entry missing")
329 if addr0 in macs2 or addr1 in macs2:
330 raise Exception("Bridge FDB entry was not removed")
332 subprocess.call(['sudo', 'ip', 'link', 'set', 'dev', 'ap-br0', 'down'])
333 subprocess.call(['sudo', 'brctl', 'delbr', 'ap-br0'])
335 def test_ap_wpa2_already_in_bridge(dev, apdev):
336 """hostapd behavior with interface already in bridge"""
337 ifname = apdev[0]['ifname']
338 br_ifname = 'ext-ap-br0'
340 ssid = "test-wpa2-psk"
341 passphrase = "12345678"
342 subprocess.call(['brctl', 'addbr', br_ifname])
343 subprocess.call(['brctl', 'setfd', br_ifname, '0'])
344 subprocess.call(['ip', 'link', 'set', 'dev', br_ifname, 'up'])
345 subprocess.call(['iw', ifname, 'set', 'type', '__ap'])
346 subprocess.call(['brctl', 'addif', br_ifname, ifname])
347 params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
348 hapd = hostapd.add_ap(ifname, params)
349 if hapd.get_driver_status_field('brname') != br_ifname:
350 raise Exception("Bridge name not identified correctly")
351 dev[0].connect(ssid, psk=passphrase, scan_freq="2412")
353 subprocess.call(['ip', 'link', 'set', 'dev', br_ifname, 'down'])
354 subprocess.call(['brctl', 'delif', br_ifname, ifname])
355 subprocess.call(['iw', ifname, 'set', 'type', 'station'])
356 subprocess.call(['brctl', 'delbr', br_ifname])
358 def test_ap_wpa2_ext_add_to_bridge(dev, apdev):
359 """hostapd behavior with interface added to bridge externally"""
360 ifname = apdev[0]['ifname']
361 br_ifname = 'ext-ap-br0'
363 ssid = "test-wpa2-psk"
364 passphrase = "12345678"
365 params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
366 hapd = hostapd.add_ap(ifname, params)
368 subprocess.call(['brctl', 'addbr', br_ifname])
369 subprocess.call(['brctl', 'setfd', br_ifname, '0'])
370 subprocess.call(['ip', 'link', 'set', 'dev', br_ifname, 'up'])
371 subprocess.call(['brctl', 'addif', br_ifname, ifname])
372 dev[0].connect(ssid, psk=passphrase, scan_freq="2412")
373 if hapd.get_driver_status_field('brname') != br_ifname:
374 raise Exception("Bridge name not identified correctly")
376 subprocess.call(['ip', 'link', 'set', 'dev', br_ifname, 'down'])
377 subprocess.call(['brctl', 'delif', br_ifname, ifname])
378 subprocess.call(['brctl', 'delbr', br_ifname])
380 def test_ap_wpa2_psk_ext(dev, apdev):
381 """WPA2-PSK AP using external EAPOL I/O"""
382 bssid = apdev[0]['bssid']
383 ssid = "test-wpa2-psk"
384 passphrase = 'qwertyuiop'
385 psk = '602e323e077bc63bd80307ef4745b754b0ae0a925c2638ecd13a794b9527b9e6'
386 params = hostapd.wpa2_params(ssid=ssid)
387 params['wpa_psk'] = psk
388 hapd = hostapd.add_ap(apdev[0]['ifname'], params)
389 hapd.request("SET ext_eapol_frame_io 1")
390 dev[0].request("SET ext_eapol_frame_io 1")
391 dev[0].connect(ssid, psk=passphrase, scan_freq="2412", wait_connect=False)
392 addr = dev[0].p2p_interface_addr()
394 ev = hapd.wait_event(["EAPOL-TX", "AP-STA-CONNECTED"], timeout=15)
396 raise Exception("Timeout on EAPOL-TX from hostapd")
397 if "AP-STA-CONNECTED" in ev:
398 dev[0].wait_connected(timeout=15)
400 res = dev[0].request("EAPOL_RX " + bssid + " " + ev.split(' ')[2])
402 raise Exception("EAPOL_RX to wpa_supplicant failed")
403 ev = dev[0].wait_event(["EAPOL-TX", "CTRL-EVENT-CONNECTED"], timeout=15)
405 raise Exception("Timeout on EAPOL-TX from wpa_supplicant")
406 if "CTRL-EVENT-CONNECTED" in ev:
408 res = hapd.request("EAPOL_RX " + addr + " " + ev.split(' ')[2])
410 raise Exception("EAPOL_RX to hostapd failed")
412 def parse_eapol(data):
413 (version, type, length) = struct.unpack('>BBH', data[0:4])
415 if length > len(payload):
416 raise Exception("Invalid EAPOL length")
417 if length < len(payload):
418 payload = payload[0:length]
420 eapol['version'] = version
422 eapol['length'] = length
423 eapol['payload'] = payload
426 (eapol['descr_type'],) = struct.unpack('B', payload[0:1])
427 payload = payload[1:]
428 if eapol['descr_type'] == 2 or eapol['descr_type'] == 254:
430 (key_info, key_len) = struct.unpack('>HH', payload[0:4])
431 eapol['rsn_key_info'] = key_info
432 eapol['rsn_key_len'] = key_len
433 eapol['rsn_replay_counter'] = payload[4:12]
434 eapol['rsn_key_nonce'] = payload[12:44]
435 eapol['rsn_key_iv'] = payload[44:60]
436 eapol['rsn_key_rsc'] = payload[60:68]
437 eapol['rsn_key_id'] = payload[68:76]
438 eapol['rsn_key_mic'] = payload[76:92]
439 payload = payload[92:]
440 (eapol['rsn_key_data_len'],) = struct.unpack('>H', payload[0:2])
441 payload = payload[2:]
442 eapol['rsn_key_data'] = payload
445 def build_eapol(msg):
446 data = struct.pack(">BBH", msg['version'], msg['type'], msg['length'])
448 data += struct.pack('>BHH', msg['descr_type'], msg['rsn_key_info'],
450 data += msg['rsn_replay_counter']
451 data += msg['rsn_key_nonce']
452 data += msg['rsn_key_iv']
453 data += msg['rsn_key_rsc']
454 data += msg['rsn_key_id']
455 data += msg['rsn_key_mic']
456 data += struct.pack('>H', msg['rsn_key_data_len'])
457 data += msg['rsn_key_data']
459 data += msg['payload']
462 def sha1_prf(key, label, data, outlen):
466 m = hmac.new(key, label, hashlib.sha1)
467 m.update(struct.pack('B', 0))
469 m.update(struct.pack('B', counter))
472 if outlen > len(hash):
476 res += hash[0:outlen]
480 def pmk_to_ptk(pmk, addr1, addr2, nonce1, nonce2):
482 data = binascii.unhexlify(addr1.replace(':','')) + binascii.unhexlify(addr2.replace(':',''))
484 data = binascii.unhexlify(addr2.replace(':','')) + binascii.unhexlify(addr1.replace(':',''))
486 data += nonce1 + nonce2
488 data += nonce2 + nonce1
489 label = "Pairwise key expansion"
490 ptk = sha1_prf(pmk, label, data, 48)
493 return (ptk, kck, kek)
495 def eapol_key_mic(kck, msg):
496 msg['rsn_key_mic'] = binascii.unhexlify('00000000000000000000000000000000')
497 data = build_eapol(msg)
498 m = hmac.new(kck, data, hashlib.sha1)
499 msg['rsn_key_mic'] = m.digest()[0:16]
501 def rsn_eapol_key_set(msg, key_info, key_len, nonce, data):
502 msg['rsn_key_info'] = key_info
503 msg['rsn_key_len'] = key_len
505 msg['rsn_key_nonce'] = nonce
507 msg['rsn_key_nonce'] = binascii.unhexlify('0000000000000000000000000000000000000000000000000000000000000000')
509 msg['rsn_key_data_len'] = len(data)
510 msg['rsn_key_data'] = data
511 msg['length'] = 95 + len(data)
513 msg['rsn_key_data_len'] = 0
514 msg['rsn_key_data'] = ''
517 def recv_eapol(hapd):
518 ev = hapd.wait_event(["EAPOL-TX"], timeout=15)
520 raise Exception("Timeout on EAPOL-TX from hostapd")
521 eapol = binascii.unhexlify(ev.split(' ')[2])
522 return parse_eapol(eapol)
524 def send_eapol(hapd, addr, data):
525 res = hapd.request("EAPOL_RX " + addr + " " + binascii.hexlify(data))
527 raise Exception("EAPOL_RX to hostapd failed")
529 def reply_eapol(info, hapd, addr, msg, key_info, nonce, data, kck):
530 logger.info("Send EAPOL-Key msg " + info)
531 rsn_eapol_key_set(msg, key_info, 0, nonce, data)
532 eapol_key_mic(kck, msg)
533 send_eapol(hapd, addr, build_eapol(msg))
535 def hapd_connected(hapd):
536 ev = hapd.wait_event(["AP-STA-CONNECTED"], timeout=15)
538 raise Exception("Timeout on AP-STA-CONNECTED from hostapd")
540 def eapol_test(apdev, dev, wpa2=True):
541 bssid = apdev['bssid']
543 ssid = "test-wpa2-psk"
545 ssid = "test-wpa-psk"
546 psk = '602e323e077bc63bd80307ef4745b754b0ae0a925c2638ecd13a794b9527b9e6'
547 pmk = binascii.unhexlify(psk)
549 params = hostapd.wpa2_params(ssid=ssid)
551 params = hostapd.wpa_params(ssid=ssid)
552 params['wpa_psk'] = psk
553 hapd = hostapd.add_ap(apdev['ifname'], params)
554 hapd.request("SET ext_eapol_frame_io 1")
555 dev.request("SET ext_eapol_frame_io 1")
556 dev.connect(ssid, psk="not used", scan_freq="2412", wait_connect=False)
557 addr = dev.p2p_interface_addr()
559 rsne = binascii.unhexlify('30140100000fac040100000fac040100000fac020000')
561 rsne = binascii.unhexlify('dd160050f20101000050f20201000050f20201000050f202')
562 snonce = binascii.unhexlify('1111111111111111111111111111111111111111111111111111111111111111')
563 return (bssid,ssid,hapd,snonce,pmk,addr,rsne)
565 def test_ap_wpa2_psk_ext_eapol(dev, apdev):
566 """WPA2-PSK AP using external EAPOL supplicant"""
567 (bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
569 msg = recv_eapol(hapd)
570 anonce = msg['rsn_key_nonce']
571 logger.info("Replay same data back")
572 send_eapol(hapd, addr, build_eapol(msg))
574 (ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
576 logger.info("Truncated Key Data in EAPOL-Key msg 2/4")
577 rsn_eapol_key_set(msg, 0x0101, 0, snonce, rsne)
578 msg['length'] = 95 + 22 - 1
579 send_eapol(hapd, addr, build_eapol(msg))
581 reply_eapol("2/4", hapd, addr, msg, 0x010a, snonce, rsne, kck)
583 msg = recv_eapol(hapd)
584 if anonce != msg['rsn_key_nonce']:
585 raise Exception("ANonce changed")
586 logger.info("Replay same data back")
587 send_eapol(hapd, addr, build_eapol(msg))
589 reply_eapol("4/4", hapd, addr, msg, 0x030a, None, None, kck)
592 def test_ap_wpa2_psk_ext_eapol_retry1(dev, apdev):
593 """WPA2 4-way handshake with EAPOL-Key 1/4 retransmitted"""
594 (bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
596 msg1 = recv_eapol(hapd)
597 anonce = msg1['rsn_key_nonce']
599 msg2 = recv_eapol(hapd)
600 if anonce != msg2['rsn_key_nonce']:
601 raise Exception("ANonce changed")
603 (ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
605 logger.info("Send EAPOL-Key msg 2/4")
607 rsn_eapol_key_set(msg, 0x010a, 0, snonce, rsne)
608 eapol_key_mic(kck, msg)
609 send_eapol(hapd, addr, build_eapol(msg))
611 msg = recv_eapol(hapd)
612 if anonce != msg['rsn_key_nonce']:
613 raise Exception("ANonce changed")
615 reply_eapol("4/4", hapd, addr, msg, 0x030a, None, None, kck)
618 def test_ap_wpa2_psk_ext_eapol_retry1b(dev, apdev):
619 """WPA2 4-way handshake with EAPOL-Key 1/4 and 2/4 retransmitted"""
620 (bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
622 msg1 = recv_eapol(hapd)
623 anonce = msg1['rsn_key_nonce']
624 msg2 = recv_eapol(hapd)
625 if anonce != msg2['rsn_key_nonce']:
626 raise Exception("ANonce changed")
628 (ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
629 reply_eapol("2/4 (a)", hapd, addr, msg1, 0x010a, snonce, rsne, kck)
630 reply_eapol("2/4 (b)", hapd, addr, msg2, 0x010a, snonce, rsne, kck)
632 msg = recv_eapol(hapd)
633 if anonce != msg['rsn_key_nonce']:
634 raise Exception("ANonce changed")
636 reply_eapol("4/4", hapd, addr, msg, 0x030a, None, None, kck)
639 def test_ap_wpa2_psk_ext_eapol_retry1c(dev, apdev):
640 """WPA2 4-way handshake with EAPOL-Key 1/4 and 2/4 retransmitted and SNonce changing"""
641 (bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
643 msg1 = recv_eapol(hapd)
644 anonce = msg1['rsn_key_nonce']
646 msg2 = recv_eapol(hapd)
647 if anonce != msg2['rsn_key_nonce']:
648 raise Exception("ANonce changed")
649 (ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
650 reply_eapol("2/4 (a)", hapd, addr, msg1, 0x010a, snonce, rsne, kck)
652 snonce2 = binascii.unhexlify('2222222222222222222222222222222222222222222222222222222222222222')
653 (ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce2, anonce)
654 reply_eapol("2/4 (b)", hapd, addr, msg2, 0x010a, snonce2, rsne, kck)
656 msg = recv_eapol(hapd)
657 if anonce != msg['rsn_key_nonce']:
658 raise Exception("ANonce changed")
659 reply_eapol("4/4", hapd, addr, msg, 0x030a, None, None, kck)
662 def test_ap_wpa2_psk_ext_eapol_retry1d(dev, apdev):
663 """WPA2 4-way handshake with EAPOL-Key 1/4 and 2/4 retransmitted and SNonce changing and older used"""
664 (bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
666 msg1 = recv_eapol(hapd)
667 anonce = msg1['rsn_key_nonce']
668 msg2 = recv_eapol(hapd)
669 if anonce != msg2['rsn_key_nonce']:
670 raise Exception("ANonce changed")
672 (ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
673 reply_eapol("2/4 (a)", hapd, addr, msg1, 0x010a, snonce, rsne, kck)
675 snonce2 = binascii.unhexlify('2222222222222222222222222222222222222222222222222222222222222222')
676 (ptk2, kck2, kek2) = pmk_to_ptk(pmk, addr, bssid, snonce2, anonce)
678 reply_eapol("2/4 (b)", hapd, addr, msg2, 0x010a, snonce2, rsne, kck2)
679 msg = recv_eapol(hapd)
680 if anonce != msg['rsn_key_nonce']:
681 raise Exception("ANonce changed")
682 reply_eapol("4/4", hapd, addr, msg, 0x030a, None, None, kck)
685 def test_ap_wpa2_psk_ext_eapol_type_diff(dev, apdev):
686 """WPA2 4-way handshake using external EAPOL supplicant"""
687 (bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
689 msg = recv_eapol(hapd)
690 anonce = msg['rsn_key_nonce']
692 (ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
694 # Incorrect descriptor type (frame dropped)
695 msg['descr_type'] = 253
696 rsn_eapol_key_set(msg, 0x010a, 0, snonce, rsne)
697 eapol_key_mic(kck, msg)
698 send_eapol(hapd, addr, build_eapol(msg))
700 # Incorrect descriptor type, but with a workaround (frame processed)
701 msg['descr_type'] = 254
702 rsn_eapol_key_set(msg, 0x010a, 0, snonce, rsne)
703 eapol_key_mic(kck, msg)
704 send_eapol(hapd, addr, build_eapol(msg))
706 msg = recv_eapol(hapd)
707 if anonce != msg['rsn_key_nonce']:
708 raise Exception("ANonce changed")
709 logger.info("Replay same data back")
710 send_eapol(hapd, addr, build_eapol(msg))
712 reply_eapol("4/4", hapd, addr, msg, 0x030a, None, None, kck)
715 def test_ap_wpa_psk_ext_eapol(dev, apdev):
716 """WPA2-PSK AP using external EAPOL supplicant"""
717 (bssid,ssid,hapd,snonce,pmk,addr,wpae) = eapol_test(apdev[0], dev[0],
720 msg = recv_eapol(hapd)
721 anonce = msg['rsn_key_nonce']
722 logger.info("Replay same data back")
723 send_eapol(hapd, addr, build_eapol(msg))
724 logger.info("Too short data")
725 send_eapol(hapd, addr, build_eapol(msg)[0:98])
727 (ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
728 msg['descr_type'] = 2
729 reply_eapol("2/4(invalid type)", hapd, addr, msg, 0x010a, snonce, wpae, kck)
730 msg['descr_type'] = 254
731 reply_eapol("2/4", hapd, addr, msg, 0x010a, snonce, wpae, kck)
733 msg = recv_eapol(hapd)
734 if anonce != msg['rsn_key_nonce']:
735 raise Exception("ANonce changed")
736 logger.info("Replay same data back")
737 send_eapol(hapd, addr, build_eapol(msg))
739 reply_eapol("4/4", hapd, addr, msg, 0x030a, None, None, kck)
742 def test_ap_wpa2_psk_ext_eapol_key_info(dev, apdev):
743 """WPA2-PSK 4-way handshake with strange key info values"""
744 (bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
746 msg = recv_eapol(hapd)
747 anonce = msg['rsn_key_nonce']
749 (ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
750 rsn_eapol_key_set(msg, 0x0000, 0, snonce, rsne)
751 send_eapol(hapd, addr, build_eapol(msg))
752 rsn_eapol_key_set(msg, 0xffff, 0, snonce, rsne)
753 send_eapol(hapd, addr, build_eapol(msg))
755 rsn_eapol_key_set(msg, 0x2802, 0, snonce, rsne)
756 send_eapol(hapd, addr, build_eapol(msg))
758 rsn_eapol_key_set(msg, 0x2002, 0, snonce, rsne)
759 send_eapol(hapd, addr, build_eapol(msg))
761 rsn_eapol_key_set(msg, 0x0902, 0, snonce, rsne)
762 send_eapol(hapd, addr, build_eapol(msg))
764 rsn_eapol_key_set(msg, 0x0902, 0, snonce, rsne)
765 tmp_kck = binascii.unhexlify('00000000000000000000000000000000')
766 eapol_key_mic(tmp_kck, msg)
767 send_eapol(hapd, addr, build_eapol(msg))
769 reply_eapol("2/4", hapd, addr, msg, 0x010a, snonce, rsne, kck)
771 msg = recv_eapol(hapd)
772 if anonce != msg['rsn_key_nonce']:
773 raise Exception("ANonce changed")
775 # Request (valic MIC)
776 rsn_eapol_key_set(msg, 0x0902, 0, snonce, rsne)
777 eapol_key_mic(kck, msg)
778 send_eapol(hapd, addr, build_eapol(msg))
779 # Request (valid MIC, replayed counter)
780 rsn_eapol_key_set(msg, 0x0902, 0, snonce, rsne)
781 eapol_key_mic(kck, msg)
782 send_eapol(hapd, addr, build_eapol(msg))
784 reply_eapol("4/4", hapd, addr, msg, 0x030a, None, None, kck)