2 # Copyright (c) 2013, Jouni Malinen <j@w1.fi>
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
7 from remotehost import remote_compatible
11 logger = logging.getLogger()
15 from utils import alloc_fail, fail_test
17 def check_wpa2_connection(sta, ap, hapd, ssid, mixed=False):
18 status = sta.get_status()
19 if status['wpa_state'] != 'COMPLETED':
20 raise Exception("Not fully connected")
21 if status['bssid'] != ap['bssid']:
22 raise Exception("Unexpected BSSID")
23 if status['ssid'] != ssid:
24 raise Exception("Unexpected SSID")
25 if status['pairwise_cipher'] != 'CCMP':
26 raise Exception("Unexpected encryption configuration")
27 if status['group_cipher'] != 'CCMP' and not mixed:
28 raise Exception("Unexpected encryption configuration")
29 if status['key_mgmt'] != 'WPA2-PSK':
30 raise Exception("Unexpected key_mgmt")
31 hwsim_utils.test_connectivity(sta, hapd)
33 def ap_wps_params(ssid):
34 return { "ssid": ssid, "eap_server": "1", "wps_state": "2",
35 "wpa_passphrase": "12345678", "wpa": "2",
36 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"}
39 def test_nfc_wps_password_token_sta(dev, apdev):
40 """NFC tag with password token on the station/Enrollee"""
41 ssid = "test-wps-nfc-pw-token-conf"
42 params = ap_wps_params(ssid)
43 hapd = hostapd.add_ap(apdev[0], params)
44 logger.info("WPS provisioning step using password token from station")
45 wps = dev[0].request("WPS_NFC_TOKEN WPS").rstrip()
47 raise Exception("Failed to generate password token (WPS only)")
48 pw = dev[0].request("WPS_NFC_TOKEN NDEF").rstrip()
50 raise Exception("Failed to generate password token")
51 res = hapd.request("WPS_NFC_TAG_READ " + pw)
53 raise Exception("Failed to provide NFC tag contents to hostapd")
55 res = dev[0].request("WPS_NFC")
57 raise Exception("Failed to start Enrollee using NFC password token")
58 dev[0].wait_connected(timeout=30)
59 check_wpa2_connection(dev[0], apdev[0], hapd, ssid)
61 def test_nfc_wps_config_token(dev, apdev):
62 """NFC tag with configuration token from AP"""
63 ssid = "test-wps-nfc-conf-token"
64 params = ap_wps_params(ssid)
65 hapd = hostapd.add_ap(apdev[0], params)
66 logger.info("NFC configuration token from AP to station")
67 conf = hapd.request("WPS_NFC_CONFIG_TOKEN NDEF").rstrip()
69 raise Exception("Failed to generate configuration token")
71 res = dev[0].request("WPS_NFC_TAG_READ " + conf)
73 raise Exception("Failed to provide NFC tag contents to wpa_supplicant")
74 dev[0].wait_connected(timeout=15)
75 check_wpa2_connection(dev[0], apdev[0], hapd, ssid)
77 with alloc_fail(hapd, 1, "wps_get_oob_cred"):
78 conf = hapd.request("WPS_NFC_CONFIG_TOKEN NDEF").rstrip()
79 if "FAIL" not in conf:
80 raise Exception("Unexpected configuration token received during OOM")
82 def test_nfc_wps_config_token_init(dev, apdev):
83 """NFC tag with configuration token from AP with auto configuration"""
84 ssid = "test-wps-nfc-conf-token-init"
85 hapd = hostapd.add_ap(apdev[0],
86 { "ssid": ssid, "eap_server": "1", "wps_state": "1" })
87 logger.info("NFC configuration token from AP to station")
88 conf = hapd.request("WPS_NFC_CONFIG_TOKEN NDEF").rstrip()
90 raise Exception("Failed to generate configuration token")
92 res = dev[0].request("WPS_NFC_TAG_READ " + conf)
94 raise Exception("Failed to provide NFC tag contents to wpa_supplicant")
95 dev[0].wait_connected(timeout=15)
96 check_wpa2_connection(dev[0], apdev[0], hapd, ssid, mixed=True)
99 def test_nfc_wps_password_token_sta_init(dev, apdev):
100 """Initial AP configuration with first WPS NFC Enrollee"""
101 ssid = "test-wps-nfc-pw-token-init"
102 hapd = hostapd.add_ap(apdev[0],
103 { "ssid": ssid, "eap_server": "1", "wps_state": "1" })
104 logger.info("WPS provisioning step using password token from station")
105 pw = dev[0].request("WPS_NFC_TOKEN NDEF").rstrip()
107 raise Exception("Failed to generate password token")
108 res = hapd.request("WPS_NFC_TAG_READ " + pw)
110 raise Exception("Failed to provide NFC tag contents to hostapd")
111 dev[0].dump_monitor()
112 res = dev[0].request("WPS_NFC")
114 raise Exception("Failed to start Enrollee using NFC password token")
115 dev[0].wait_connected(timeout=30)
116 check_wpa2_connection(dev[0], apdev[0], hapd, ssid, mixed=True)
119 def test_nfc_wps_password_token_ap(dev, apdev):
120 """WPS registrar configuring an AP using AP password token"""
121 ssid = "test-wps-nfc-pw-token-init"
122 hapd = hostapd.add_ap(apdev[0],
123 { "ssid": ssid, "eap_server": "1", "wps_state": "1" })
124 logger.info("WPS configuration step")
125 pw = hapd.request("WPS_NFC_TOKEN NDEF").rstrip()
127 raise Exception("Failed to generate password token")
128 res = hapd.request("WPS_NFC_TOKEN enable")
130 raise Exception("Failed to enable AP password token")
131 res = dev[0].request("WPS_NFC_TAG_READ " + pw)
133 raise Exception("Failed to provide NFC tag contents to wpa_supplicant")
134 dev[0].dump_monitor()
135 new_ssid = "test-wps-nfc-pw-token-new-ssid"
136 new_passphrase = "1234567890"
137 res = dev[0].request("WPS_REG " + apdev[0]['bssid'] + " nfc-pw " + new_ssid.encode("hex") + " WPA2PSK CCMP " + new_passphrase.encode("hex"))
139 raise Exception("Failed to start Registrar using NFC password token")
140 dev[0].wait_connected(timeout=30)
141 check_wpa2_connection(dev[0], apdev[0], hapd, new_ssid, mixed=True)
142 if "FAIL" in hapd.request("WPS_NFC_TOKEN disable"):
143 raise Exception("Failed to disable AP password token")
144 if "FAIL" in hapd.request("WPS_NFC_TOKEN WPS"):
145 raise Exception("Unexpected WPS_NFC_TOKEN WPS failure")
147 with fail_test(hapd, 1, "os_get_random;wps_nfc_token_gen"):
148 if "FAIL" not in hapd.request("WPS_NFC_TOKEN WPS"):
149 raise Exception("Unexpected WPS_NFC_TOKEN success")
150 with fail_test(hapd, 2, "os_get_random;wps_nfc_token_gen"):
151 if "FAIL" not in hapd.request("WPS_NFC_TOKEN WPS"):
152 raise Exception("Unexpected WPS_NFC_TOKEN success")
154 def test_nfc_wps_handover_init(dev, apdev):
155 """Connect to WPS AP with NFC connection handover and move to configured state"""
157 _test_nfc_wps_handover_init(dev, apdev)
159 dev[0].request("SET ignore_old_scan_res 0")
161 def _test_nfc_wps_handover_init(dev, apdev):
162 dev[0].request("SET ignore_old_scan_res 1")
163 ssid = "test-wps-nfc-handover-init"
164 hapd = hostapd.add_ap(apdev[0],
165 { "ssid": ssid, "eap_server": "1", "wps_state": "1" })
166 logger.info("NFC connection handover")
167 req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
169 raise Exception("Failed to generate NFC connection handover request")
170 sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip()
172 raise Exception("Failed to generate NFC connection handover select")
173 res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
175 raise Exception("Failed to report NFC connection handover to to hostapd")
176 dev[0].dump_monitor()
177 res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
179 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
180 dev[0].wait_connected(timeout=15)
181 check_wpa2_connection(dev[0], apdev[0], hapd, ssid, mixed=True)
183 with alloc_fail(hapd, 1, "wps_build_nfc_handover_sel"):
184 if "FAIL" not in hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR"):
185 raise Exception("Unexpected NFC_GET_HANDOVER_SEL success during OOM")
188 def test_nfc_wps_handover_errors(dev, apdev):
189 """WPS AP NFC handover report error cases"""
190 ssid = "test-wps-nfc-handover"
191 hapd = hostapd.add_ap(apdev[0],
192 { "ssid": ssid, "eap_server": "1", "wps_state": "1" })
193 sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip()
195 raise Exception("Failed to generate NFC connection handover select")
196 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER "):
197 raise Exception("Unexpected handover report success")
198 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP"):
199 raise Exception("Unexpected handover report success")
200 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP WPS"):
201 raise Exception("Unexpected handover report success")
202 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP WPS 001122"):
203 raise Exception("Unexpected handover report success")
204 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP WPS 001122 00"):
205 raise Exception("Unexpected handover report success")
206 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP WPS 0 00"):
207 raise Exception("Unexpected handover report success")
208 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP WPS 001122 0"):
209 raise Exception("Unexpected handover report success")
210 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP WPS 00q122 001122"):
211 raise Exception("Unexpected handover report success")
212 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP WPS 001122 001q22"):
213 raise Exception("Unexpected handover report success")
214 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP FOO 001122 00"):
215 raise Exception("Unexpected handover report success")
217 def test_nfc_wps_handover(dev, apdev):
218 """Connect to WPS AP with NFC connection handover"""
219 ssid = "test-wps-nfc-handover"
220 params = ap_wps_params(ssid)
221 hapd = hostapd.add_ap(apdev[0], params)
222 logger.info("NFC connection handover")
223 req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
225 raise Exception("Failed to generate NFC connection handover request")
226 sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip()
228 raise Exception("Failed to generate NFC connection handover select")
229 res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
231 raise Exception("Failed to report NFC connection handover to to hostapd")
232 dev[0].dump_monitor()
233 res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
235 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
236 dev[0].wait_connected(timeout=30)
237 check_wpa2_connection(dev[0], apdev[0], hapd, ssid)
239 def test_nfc_wps_handover_5ghz(dev, apdev):
240 """Connect to WPS AP with NFC connection handover on 5 GHz band"""
243 ssid = "test-wps-nfc-handover"
244 params = ap_wps_params(ssid)
245 params["country_code"] = "FI"
246 params["hw_mode"] = "a"
247 params["channel"] = "36"
248 hapd = hostapd.add_ap(apdev[0], params)
249 logger.info("NFC connection handover")
250 req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
252 raise Exception("Failed to generate NFC connection handover request")
253 sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip()
255 raise Exception("Failed to generate NFC connection handover select")
256 res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
258 raise Exception("Failed to report NFC connection handover to to hostapd")
259 dev[0].dump_monitor()
260 res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
262 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
263 dev[0].wait_connected(timeout=30)
264 check_wpa2_connection(dev[0], apdev[0], hapd, ssid)
266 dev[0].request("DISCONNECT")
268 hapd.request("DISABLE")
269 subprocess.call(['iw', 'reg', 'set', '00'])
270 dev[0].flush_scan_cache()
272 def test_nfc_wps_handover_chan14(dev, apdev):
273 """Connect to WPS AP with NFC connection handover on channel 14"""
276 ssid = "test-wps-nfc-handover"
277 params = ap_wps_params(ssid)
278 params["country_code"] = "JP"
279 params["hw_mode"] = "b"
280 params["channel"] = "14"
281 hapd = hostapd.add_ap(apdev[0], params)
282 logger.info("NFC connection handover")
283 req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
285 raise Exception("Failed to generate NFC connection handover request")
286 sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip()
288 raise Exception("Failed to generate NFC connection handover select")
289 res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
291 raise Exception("Failed to report NFC connection handover to to hostapd")
292 dev[0].dump_monitor()
293 res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
295 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
296 dev[0].wait_connected(timeout=30)
297 check_wpa2_connection(dev[0], apdev[0], hapd, ssid)
299 dev[0].request("DISCONNECT")
301 hapd.request("DISABLE")
302 subprocess.call(['iw', 'reg', 'set', '00'])
303 dev[0].flush_scan_cache()
305 def test_nfc_wps_handover_with_pw_token_set(dev, apdev):
306 """Connect to WPS AP with NFC connection handover (wps_nfc_* set)"""
307 ssid = "test-wps-nfc-handover2"
308 params = ap_wps_params(ssid)
309 hapd = hostapd.add_ap(apdev[0], params)
310 # enable a password token (which won't be used in this test case)
311 pw = hapd.request("WPS_NFC_TOKEN NDEF").rstrip()
313 raise Exception("Failed to generate password token")
314 res = hapd.request("WPS_NFC_TOKEN enable")
316 raise Exception("Failed to enable AP password token")
317 logger.info("NFC connection handover")
318 req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
320 raise Exception("Failed to generate NFC connection handover request")
321 sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip()
323 raise Exception("Failed to generate NFC connection handover select")
324 res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
326 raise Exception("Failed to report NFC connection handover to to hostapd")
327 dev[0].dump_monitor()
328 res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
330 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
331 dev[0].wait_connected(timeout=15)
332 check_wpa2_connection(dev[0], apdev[0], hapd, ssid)
334 def test_nfc_wps_handover_pk_hash_mismatch_sta(dev, apdev):
335 """WPS NFC connection handover with invalid pkhash from station (negative)"""
336 ssid = "wps-nfc-handover-pkhash-sta"
337 if "FAIL" in dev[0].request("SET wps_corrupt_pkhash 1"):
338 raise Exception("Could not enable wps_corrupt_pkhash")
339 params = ap_wps_params(ssid)
340 hapd = hostapd.add_ap(apdev[0], params)
341 logger.info("NFC connection handover")
342 req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
344 raise Exception("Failed to generate NFC connection handover request")
345 sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip()
347 raise Exception("Failed to generate NFC connection handover select")
348 res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
350 raise Exception("Failed to report NFC connection handover to to hostapd")
351 dev[0].dump_monitor()
352 res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
354 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
355 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED", "WPS-FAIL"], timeout=15)
357 raise Exception("Timed out")
358 if "WPS-FAIL" not in ev:
359 raise Exception("Public key hash mismatch not detected")
361 def test_nfc_wps_handover_pk_hash_mismatch_ap(dev, apdev):
362 """WPS NFC connection handover with invalid pkhash from AP (negative)"""
363 ssid = "wps-nfc-handover-pkhash-ap"
364 params = ap_wps_params(ssid)
365 hapd = hostapd.add_ap(apdev[0], params)
366 if "FAIL" in hapd.request("SET wps_corrupt_pkhash 1"):
367 raise Exception("Could not enable wps_corrupt_pkhash")
368 logger.info("NFC connection handover")
369 req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
371 raise Exception("Failed to generate NFC connection handover request")
372 sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip()
374 raise Exception("Failed to generate NFC connection handover select")
375 res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
377 raise Exception("Failed to report NFC connection handover to to hostapd")
378 dev[0].dump_monitor()
379 res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
381 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
382 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED", "WPS-FAIL"], timeout=15)
384 raise Exception("Timed out")
385 if "WPS-FAIL" not in ev:
386 raise Exception("Public key hash mismatch not detected")
388 def start_ap_er(er, ap, ssid):
390 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
391 params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
392 "wpa_passphrase": "12345678", "wpa": "2",
393 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
394 "device_name": "Wireless AP", "manufacturer": "Company",
395 "model_name": "WAP", "model_number": "123",
396 "serial_number": "12345", "device_type": "6-0050F204-1",
397 "os_version": "01020300",
398 "config_methods": "label push_button",
399 "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"}
400 hapd = hostapd.add_ap(ap, params)
401 logger.info("Learn AP configuration")
404 er.request("SET ignore_old_scan_res 1")
405 er.wps_reg(ap['bssid'], ap_pin)
407 er.request("SET ignore_old_scan_res 0")
409 logger.info("Start ER")
410 er.request("WPS_ER_STOP")
412 er.request("WPS_ER_START ifname=lo")
413 ev = er.wait_event(["WPS-ER-AP-ADD"], timeout=15)
415 raise Exception("AP discovery timed out")
416 if ap_uuid not in ev:
417 raise Exception("Expected AP UUID not found")
419 logger.info("Use learned network configuration on ER")
420 er.request("WPS_ER_SET_CONFIG " + ap_uuid + " 0")
424 def test_nfc_wps_er_pw_token(dev, apdev):
425 """WPS NFC password token from Enrollee to ER"""
427 _test_nfc_wps_er_pw_token(dev, apdev)
429 dev[0].request("WPS_ER_STOP")
430 dev[1].request("SET ignore_old_scan_res 0")
432 def _test_nfc_wps_er_pw_token(dev, apdev):
433 ssid = "wps-nfc-er-pw-token"
434 hapd = start_ap_er(dev[0], apdev[0], ssid)
435 logger.info("WPS provisioning step using password token from station")
436 dev[1].request("SET ignore_old_scan_res 1")
437 pw = dev[1].request("WPS_NFC_TOKEN NDEF").rstrip()
439 raise Exception("Failed to generate password token")
440 res = dev[0].request("WPS_NFC_TAG_READ " + pw)
442 raise Exception("Failed to provide NFC tag contents to WPS ER")
443 dev[0].dump_monitor()
444 res = dev[1].request("WPS_NFC")
446 raise Exception("Failed to start Enrollee using NFC password token")
447 ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=15)
449 raise Exception("WPS ER did not report success")
450 dev[1].wait_connected(timeout=15)
451 check_wpa2_connection(dev[1], apdev[0], hapd, ssid)
454 def test_nfc_wps_er_config_token(dev, apdev):
455 """WPS NFC configuration token from ER to Enrollee"""
457 _test_nfc_wps_er_config_token(dev, apdev)
459 dev[0].request("WPS_ER_STOP")
460 dev[1].request("SET ignore_old_scan_res 0")
462 def _test_nfc_wps_er_config_token(dev, apdev):
463 ssid = "wps-nfc-er-config-token"
464 hapd = start_ap_er(dev[0], apdev[0], ssid)
465 logger.info("WPS provisioning step using configuration token from ER")
466 wps = dev[0].request("WPS_ER_NFC_CONFIG_TOKEN WPS " + apdev[0]['bssid']).rstrip()
468 raise Exception("Failed to generate configuration token (WPS format)")
469 conf = dev[0].request("WPS_ER_NFC_CONFIG_TOKEN NDEF " + apdev[0]['bssid']).rstrip()
471 raise Exception("Failed to generate configuration token")
472 dev[1].request("SET ignore_old_scan_res 1")
473 res = dev[1].request("WPS_NFC_TAG_READ " + conf)
475 raise Exception("Failed to provide NFC tag contents to wpa_supplicant")
476 dev[1].wait_connected(timeout=15)
477 check_wpa2_connection(dev[1], apdev[0], hapd, ssid)
479 def test_nfc_wps_er_handover(dev, apdev):
480 """WPS NFC connection handover between Enrollee and ER"""
482 _test_nfc_wps_er_handover(dev, apdev)
484 dev[0].request("WPS_ER_STOP")
486 def _test_nfc_wps_er_handover(dev, apdev):
487 ssid = "wps-nfc-er-handover"
488 hapd = start_ap_er(dev[0], apdev[0], ssid)
489 logger.info("WPS provisioning step using connection handover")
490 req = dev[1].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
492 raise Exception("Failed to generate NFC connection handover request")
493 sel = dev[0].request("NFC_GET_HANDOVER_SEL NDEF WPS-CR " + apdev[0]['bssid']).rstrip()
495 raise Exception("Failed to generate NFC connection handover select")
496 res = dev[0].request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
498 raise Exception("Failed to report NFC connection handover to to hostapd")
499 dev[1].dump_monitor()
500 res = dev[1].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
502 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
503 dev[1].wait_connected(timeout=15)
504 check_wpa2_connection(dev[1], apdev[0], hapd, ssid)
506 def test_nfc_wps_er_handover_pk_hash_mismatch_sta(dev, apdev):
507 """WPS NFC connection handover with invalid pkhash from station to ER (negative)"""
509 _test_nfc_wps_er_handover_pk_hash_mismatch_sta(dev, apdev)
511 dev[0].request("WPS_ER_STOP")
512 dev[1].request("SET ignore_old_scan_res 0")
514 def _test_nfc_wps_er_handover_pk_hash_mismatch_sta(dev, apdev):
515 ssid = "wps-nfc-er-handover-pkhash-sta"
516 hapd = start_ap_er(dev[0], apdev[0], ssid)
517 logger.info("WPS provisioning step using connection handover")
518 if "FAIL" in dev[1].request("SET wps_corrupt_pkhash 1"):
519 raise Exception("Could not enable wps_corrupt_pkhash")
520 dev[1].request("SET ignore_old_scan_res 1")
521 req = dev[1].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
523 raise Exception("Failed to generate NFC connection handover request")
524 sel = dev[0].request("NFC_GET_HANDOVER_SEL NDEF WPS-CR " + apdev[0]['bssid']).rstrip()
526 raise Exception("Failed to generate NFC connection handover select")
527 res = dev[0].request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
529 raise Exception("Failed to report NFC connection handover to to hostapd")
530 dev[1].dump_monitor()
531 res = dev[1].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
533 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
534 ev = dev[1].wait_event(["CTRL-EVENT-CONNECTED", "WPS-FAIL"], timeout=15)
536 raise Exception("Timed out")
537 if "WPS-FAIL" not in ev:
538 raise Exception("Public key hash mismatch not detected")
540 def test_nfc_wps_er_handover_pk_hash_mismatch_er(dev, apdev):
541 """WPS NFC connection handover with invalid pkhash from ER to station (negative)"""
543 _test_nfc_wps_er_handover_pk_hash_mismatch_er(dev, apdev)
545 dev[0].request("WPS_ER_STOP")
546 dev[1].request("SET ignore_old_scan_res 0")
548 def _test_nfc_wps_er_handover_pk_hash_mismatch_er(dev, apdev):
549 ssid = "wps-nfc-er-handover-pkhash-er"
550 hapd = start_ap_er(dev[0], apdev[0], ssid)
551 logger.info("WPS provisioning step using connection handover")
552 if "FAIL" in dev[0].request("SET wps_corrupt_pkhash 1"):
553 raise Exception("Could not enable wps_corrupt_pkhash")
554 dev[1].request("SET ignore_old_scan_res 1")
555 req = dev[1].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
557 raise Exception("Failed to generate NFC connection handover request")
558 sel = dev[0].request("NFC_GET_HANDOVER_SEL NDEF WPS-CR " + apdev[0]['bssid']).rstrip()
560 raise Exception("Failed to generate NFC connection handover select")
561 res = dev[0].request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
563 raise Exception("Failed to report NFC connection handover to to hostapd")
564 dev[1].dump_monitor()
565 res = dev[1].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
567 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
568 ev = dev[1].wait_event(["CTRL-EVENT-CONNECTED", "WPS-FAIL"], timeout=15)
570 raise Exception("Timed out")
571 if "WPS-FAIL" not in ev:
572 raise Exception("Public key hash mismatch not detected")
575 def test_nfc_invalid_ndef_record(dev, apdev):
576 """Invalid NFC NDEF record handling"""
577 tests = [ "11223344",
592 "0017ffffffe46170706c69636174696f6e2f766e642e7766612e777363",
593 "0017ffffffff6170706c69636174696f6e2f766e642e7766612e777363",
594 "0017000000006170706c69636174696f6e2f766e642e7766612e7773ff",
597 if "FAIL" not in dev[0].request("WPS_NFC_TAG_READ " + test):
598 raise Exception("Invalid tag accepted: " + test)