2 # Copyright (c) 2013, Jouni Malinen <j@w1.fi>
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
10 logger = logging.getLogger()
14 from utils import alloc_fail, fail_test
16 def check_wpa2_connection(sta, ap, hapd, ssid, mixed=False):
17 status = sta.get_status()
18 if status['wpa_state'] != 'COMPLETED':
19 raise Exception("Not fully connected")
20 if status['bssid'] != ap['bssid']:
21 raise Exception("Unexpected BSSID")
22 if status['ssid'] != ssid:
23 raise Exception("Unexpected SSID")
24 if status['pairwise_cipher'] != 'CCMP':
25 raise Exception("Unexpected encryption configuration")
26 if status['group_cipher'] != 'CCMP' and not mixed:
27 raise Exception("Unexpected encryption configuration")
28 if status['key_mgmt'] != 'WPA2-PSK':
29 raise Exception("Unexpected key_mgmt")
30 hwsim_utils.test_connectivity(sta, hapd)
32 def ap_wps_params(ssid):
33 return { "ssid": ssid, "eap_server": "1", "wps_state": "2",
34 "wpa_passphrase": "12345678", "wpa": "2",
35 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"}
37 def test_nfc_wps_password_token_sta(dev, apdev):
38 """NFC tag with password token on the station/Enrollee"""
39 ssid = "test-wps-nfc-pw-token-conf"
40 params = ap_wps_params(ssid)
41 hostapd.add_ap(apdev[0]['ifname'], params)
42 hapd = hostapd.Hostapd(apdev[0]['ifname'])
43 logger.info("WPS provisioning step using password token from station")
44 wps = dev[0].request("WPS_NFC_TOKEN WPS").rstrip()
46 raise Exception("Failed to generate password token (WPS only)")
47 pw = dev[0].request("WPS_NFC_TOKEN NDEF").rstrip()
49 raise Exception("Failed to generate password token")
50 res = hapd.request("WPS_NFC_TAG_READ " + pw)
52 raise Exception("Failed to provide NFC tag contents to hostapd")
54 res = dev[0].request("WPS_NFC")
56 raise Exception("Failed to start Enrollee using NFC password token")
57 dev[0].wait_connected(timeout=30)
58 check_wpa2_connection(dev[0], apdev[0], hapd, ssid)
60 def test_nfc_wps_config_token(dev, apdev):
61 """NFC tag with configuration token from AP"""
62 ssid = "test-wps-nfc-conf-token"
63 params = ap_wps_params(ssid)
64 hostapd.add_ap(apdev[0]['ifname'], params)
65 hapd = hostapd.Hostapd(apdev[0]['ifname'])
66 logger.info("NFC configuration token from AP to station")
67 conf = hapd.request("WPS_NFC_CONFIG_TOKEN NDEF").rstrip()
69 raise Exception("Failed to generate configuration token")
71 res = dev[0].request("WPS_NFC_TAG_READ " + conf)
73 raise Exception("Failed to provide NFC tag contents to wpa_supplicant")
74 dev[0].wait_connected(timeout=15)
75 check_wpa2_connection(dev[0], apdev[0], hapd, ssid)
77 with alloc_fail(hapd, 1, "wps_get_oob_cred"):
78 conf = hapd.request("WPS_NFC_CONFIG_TOKEN NDEF").rstrip()
79 if "FAIL" not in conf:
80 raise Exception("Unexpected configuration token received during OOM")
82 def test_nfc_wps_config_token_init(dev, apdev):
83 """NFC tag with configuration token from AP with auto configuration"""
84 ssid = "test-wps-nfc-conf-token-init"
85 hostapd.add_ap(apdev[0]['ifname'],
86 { "ssid": ssid, "eap_server": "1", "wps_state": "1" })
87 hapd = hostapd.Hostapd(apdev[0]['ifname'])
88 logger.info("NFC configuration token from AP to station")
89 conf = hapd.request("WPS_NFC_CONFIG_TOKEN NDEF").rstrip()
91 raise Exception("Failed to generate configuration token")
93 res = dev[0].request("WPS_NFC_TAG_READ " + conf)
95 raise Exception("Failed to provide NFC tag contents to wpa_supplicant")
96 dev[0].wait_connected(timeout=15)
97 check_wpa2_connection(dev[0], apdev[0], hapd, ssid, mixed=True)
99 def test_nfc_wps_password_token_sta_init(dev, apdev):
100 """Initial AP configuration with first WPS NFC Enrollee"""
101 ssid = "test-wps-nfc-pw-token-init"
102 hostapd.add_ap(apdev[0]['ifname'],
103 { "ssid": ssid, "eap_server": "1", "wps_state": "1" })
104 hapd = hostapd.Hostapd(apdev[0]['ifname'])
105 logger.info("WPS provisioning step using password token from station")
106 pw = dev[0].request("WPS_NFC_TOKEN NDEF").rstrip()
108 raise Exception("Failed to generate password token")
109 res = hapd.request("WPS_NFC_TAG_READ " + pw)
111 raise Exception("Failed to provide NFC tag contents to hostapd")
112 dev[0].dump_monitor()
113 res = dev[0].request("WPS_NFC")
115 raise Exception("Failed to start Enrollee using NFC password token")
116 dev[0].wait_connected(timeout=30)
117 check_wpa2_connection(dev[0], apdev[0], hapd, ssid, mixed=True)
119 def test_nfc_wps_password_token_ap(dev, apdev):
120 """WPS registrar configuring an AP using AP password token"""
121 ssid = "test-wps-nfc-pw-token-init"
122 hostapd.add_ap(apdev[0]['ifname'],
123 { "ssid": ssid, "eap_server": "1", "wps_state": "1" })
124 hapd = hostapd.Hostapd(apdev[0]['ifname'])
125 logger.info("WPS configuration step")
126 pw = hapd.request("WPS_NFC_TOKEN NDEF").rstrip()
128 raise Exception("Failed to generate password token")
129 res = hapd.request("WPS_NFC_TOKEN enable")
131 raise Exception("Failed to enable AP password token")
132 res = dev[0].request("WPS_NFC_TAG_READ " + pw)
134 raise Exception("Failed to provide NFC tag contents to wpa_supplicant")
135 dev[0].dump_monitor()
136 new_ssid = "test-wps-nfc-pw-token-new-ssid"
137 new_passphrase = "1234567890"
138 res = dev[0].request("WPS_REG " + apdev[0]['bssid'] + " nfc-pw " + new_ssid.encode("hex") + " WPA2PSK CCMP " + new_passphrase.encode("hex"))
140 raise Exception("Failed to start Registrar using NFC password token")
141 dev[0].wait_connected(timeout=30)
142 check_wpa2_connection(dev[0], apdev[0], hapd, new_ssid, mixed=True)
143 if "FAIL" in hapd.request("WPS_NFC_TOKEN disable"):
144 raise Exception("Failed to disable AP password token")
145 if "FAIL" in hapd.request("WPS_NFC_TOKEN WPS"):
146 raise Exception("Unexpected WPS_NFC_TOKEN WPS failure")
148 with fail_test(hapd, 1, "os_get_random;wps_nfc_token_gen"):
149 if "FAIL" not in hapd.request("WPS_NFC_TOKEN WPS"):
150 raise Exception("Unexpected WPS_NFC_TOKEN success")
151 with fail_test(hapd, 2, "os_get_random;wps_nfc_token_gen"):
152 if "FAIL" not in hapd.request("WPS_NFC_TOKEN WPS"):
153 raise Exception("Unexpected WPS_NFC_TOKEN success")
155 def test_nfc_wps_handover_init(dev, apdev):
156 """Connect to WPS AP with NFC connection handover and move to configured state"""
157 dev[0].request("SET ignore_old_scan_res 1")
158 ssid = "test-wps-nfc-handover-init"
159 hostapd.add_ap(apdev[0]['ifname'],
160 { "ssid": ssid, "eap_server": "1", "wps_state": "1" })
161 hapd = hostapd.Hostapd(apdev[0]['ifname'])
162 logger.info("NFC connection handover")
163 req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
165 raise Exception("Failed to generate NFC connection handover request")
166 sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip()
168 raise Exception("Failed to generate NFC connection handover select")
169 res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
171 raise Exception("Failed to report NFC connection handover to to hostapd")
172 dev[0].dump_monitor()
173 res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
175 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
176 dev[0].wait_connected(timeout=15)
177 check_wpa2_connection(dev[0], apdev[0], hapd, ssid, mixed=True)
179 with alloc_fail(hapd, 1, "wps_build_nfc_handover_sel"):
180 if "FAIL" not in hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR"):
181 raise Exception("Unexpected NFC_GET_HANDOVER_SEL success during OOM")
183 def test_nfc_wps_handover_errors(dev, apdev):
184 """WPS AP NFC handover report error cases"""
185 ssid = "test-wps-nfc-handover"
186 hostapd.add_ap(apdev[0]['ifname'],
187 { "ssid": ssid, "eap_server": "1", "wps_state": "1" })
188 hapd = hostapd.Hostapd(apdev[0]['ifname'])
189 sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip()
191 raise Exception("Failed to generate NFC connection handover select")
192 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER "):
193 raise Exception("Unexpected handover report success")
194 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP"):
195 raise Exception("Unexpected handover report success")
196 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP WPS"):
197 raise Exception("Unexpected handover report success")
198 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP WPS 001122"):
199 raise Exception("Unexpected handover report success")
200 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP WPS 001122 00"):
201 raise Exception("Unexpected handover report success")
202 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP WPS 0 00"):
203 raise Exception("Unexpected handover report success")
204 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP WPS 001122 0"):
205 raise Exception("Unexpected handover report success")
206 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP WPS 00q122 001122"):
207 raise Exception("Unexpected handover report success")
208 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP WPS 001122 001q22"):
209 raise Exception("Unexpected handover report success")
210 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP FOO 001122 00"):
211 raise Exception("Unexpected handover report success")
213 def test_nfc_wps_handover(dev, apdev):
214 """Connect to WPS AP with NFC connection handover"""
215 ssid = "test-wps-nfc-handover"
216 params = ap_wps_params(ssid)
217 hostapd.add_ap(apdev[0]['ifname'], params)
218 hapd = hostapd.Hostapd(apdev[0]['ifname'])
219 logger.info("NFC connection handover")
220 req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
222 raise Exception("Failed to generate NFC connection handover request")
223 sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip()
225 raise Exception("Failed to generate NFC connection handover select")
226 res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
228 raise Exception("Failed to report NFC connection handover to to hostapd")
229 dev[0].dump_monitor()
230 res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
232 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
233 dev[0].wait_connected(timeout=30)
234 check_wpa2_connection(dev[0], apdev[0], hapd, ssid)
236 def test_nfc_wps_handover_5ghz(dev, apdev):
237 """Connect to WPS AP with NFC connection handover on 5 GHz band"""
239 ssid = "test-wps-nfc-handover"
240 params = ap_wps_params(ssid)
241 params["country_code"] = "FI"
242 params["hw_mode"] = "a"
243 params["channel"] = "36"
244 hapd = hostapd.add_ap(apdev[0]['ifname'], params)
245 logger.info("NFC connection handover")
246 req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
248 raise Exception("Failed to generate NFC connection handover request")
249 sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip()
251 raise Exception("Failed to generate NFC connection handover select")
252 res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
254 raise Exception("Failed to report NFC connection handover to to hostapd")
255 dev[0].dump_monitor()
256 res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
258 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
259 dev[0].wait_connected(timeout=30)
260 check_wpa2_connection(dev[0], apdev[0], hapd, ssid)
262 dev[0].request("DISCONNECT")
264 hapd.request("DISABLE")
265 subprocess.call(['iw', 'reg', 'set', '00'])
266 dev[0].flush_scan_cache()
268 def test_nfc_wps_handover_chan14(dev, apdev):
269 """Connect to WPS AP with NFC connection handover on channel 14"""
271 ssid = "test-wps-nfc-handover"
272 params = ap_wps_params(ssid)
273 params["country_code"] = "JP"
274 params["hw_mode"] = "b"
275 params["channel"] = "14"
276 hapd = hostapd.add_ap(apdev[0]['ifname'], params)
277 logger.info("NFC connection handover")
278 req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
280 raise Exception("Failed to generate NFC connection handover request")
281 sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip()
283 raise Exception("Failed to generate NFC connection handover select")
284 res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
286 raise Exception("Failed to report NFC connection handover to to hostapd")
287 dev[0].dump_monitor()
288 res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
290 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
291 dev[0].wait_connected(timeout=30)
292 check_wpa2_connection(dev[0], apdev[0], hapd, ssid)
294 dev[0].request("DISCONNECT")
296 hapd.request("DISABLE")
297 subprocess.call(['iw', 'reg', 'set', '00'])
298 dev[0].flush_scan_cache()
300 def test_nfc_wps_handover_with_pw_token_set(dev, apdev):
301 """Connect to WPS AP with NFC connection handover (wps_nfc_* set)"""
302 ssid = "test-wps-nfc-handover2"
303 params = ap_wps_params(ssid)
304 hostapd.add_ap(apdev[0]['ifname'], params)
305 hapd = hostapd.Hostapd(apdev[0]['ifname'])
306 # enable a password token (which won't be used in this test case)
307 pw = hapd.request("WPS_NFC_TOKEN NDEF").rstrip()
309 raise Exception("Failed to generate password token")
310 res = hapd.request("WPS_NFC_TOKEN enable")
312 raise Exception("Failed to enable AP password token")
313 logger.info("NFC connection handover")
314 req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
316 raise Exception("Failed to generate NFC connection handover request")
317 sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip()
319 raise Exception("Failed to generate NFC connection handover select")
320 res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
322 raise Exception("Failed to report NFC connection handover to to hostapd")
323 dev[0].dump_monitor()
324 res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
326 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
327 dev[0].wait_connected(timeout=15)
328 check_wpa2_connection(dev[0], apdev[0], hapd, ssid)
330 def test_nfc_wps_handover_pk_hash_mismatch_sta(dev, apdev):
331 """WPS NFC connection handover with invalid pkhash from station (negative)"""
332 ssid = "wps-nfc-handover-pkhash-sta"
333 if "FAIL" in dev[0].request("SET wps_corrupt_pkhash 1"):
334 raise Exception("Could not enable wps_corrupt_pkhash")
335 params = ap_wps_params(ssid)
336 hostapd.add_ap(apdev[0]['ifname'], params)
337 hapd = hostapd.Hostapd(apdev[0]['ifname'])
338 logger.info("NFC connection handover")
339 req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
341 raise Exception("Failed to generate NFC connection handover request")
342 sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip()
344 raise Exception("Failed to generate NFC connection handover select")
345 res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
347 raise Exception("Failed to report NFC connection handover to to hostapd")
348 dev[0].dump_monitor()
349 res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
351 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
352 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED", "WPS-FAIL"], timeout=15)
354 raise Exception("Timed out")
355 if "WPS-FAIL" not in ev:
356 raise Exception("Public key hash mismatch not detected")
358 def test_nfc_wps_handover_pk_hash_mismatch_ap(dev, apdev):
359 """WPS NFC connection handover with invalid pkhash from AP (negative)"""
360 ssid = "wps-nfc-handover-pkhash-ap"
361 params = ap_wps_params(ssid)
362 hostapd.add_ap(apdev[0]['ifname'], params)
363 hapd = hostapd.Hostapd(apdev[0]['ifname'])
364 if "FAIL" in hapd.request("SET wps_corrupt_pkhash 1"):
365 raise Exception("Could not enable wps_corrupt_pkhash")
366 logger.info("NFC connection handover")
367 req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
369 raise Exception("Failed to generate NFC connection handover request")
370 sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip()
372 raise Exception("Failed to generate NFC connection handover select")
373 res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
375 raise Exception("Failed to report NFC connection handover to to hostapd")
376 dev[0].dump_monitor()
377 res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
379 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
380 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED", "WPS-FAIL"], timeout=15)
382 raise Exception("Timed out")
383 if "WPS-FAIL" not in ev:
384 raise Exception("Public key hash mismatch not detected")
386 def start_ap_er(er, ap, ssid):
388 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
389 hostapd.add_ap(ap['ifname'],
390 { "ssid": ssid, "eap_server": "1", "wps_state": "2",
391 "wpa_passphrase": "12345678", "wpa": "2",
392 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
393 "device_name": "Wireless AP", "manufacturer": "Company",
394 "model_name": "WAP", "model_number": "123",
395 "serial_number": "12345", "device_type": "6-0050F204-1",
396 "os_version": "01020300",
397 "config_methods": "label push_button",
398 "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"})
399 logger.info("Learn AP configuration")
401 er.request("SET ignore_old_scan_res 1")
402 er.wps_reg(ap['bssid'], ap_pin)
404 logger.info("Start ER")
405 er.request("WPS_ER_STOP")
407 er.request("WPS_ER_START ifname=lo")
408 ev = er.wait_event(["WPS-ER-AP-ADD"], timeout=15)
410 raise Exception("AP discovery timed out")
411 if ap_uuid not in ev:
412 raise Exception("Expected AP UUID not found")
414 logger.info("Use learned network configuration on ER")
415 er.request("WPS_ER_SET_CONFIG " + ap_uuid + " 0")
417 def test_nfc_wps_er_pw_token(dev, apdev):
418 """WPS NFC password token from Enrollee to ER"""
420 _test_nfc_wps_er_pw_token(dev, apdev)
422 dev[0].request("WPS_ER_STOP")
424 def _test_nfc_wps_er_pw_token(dev, apdev):
425 ssid = "wps-nfc-er-pw-token"
426 start_ap_er(dev[0], apdev[0], ssid)
427 hapd = hostapd.Hostapd(apdev[0]['ifname'])
428 logger.info("WPS provisioning step using password token from station")
429 dev[1].request("SET ignore_old_scan_res 1")
430 pw = dev[1].request("WPS_NFC_TOKEN NDEF").rstrip()
432 raise Exception("Failed to generate password token")
433 res = dev[0].request("WPS_NFC_TAG_READ " + pw)
435 raise Exception("Failed to provide NFC tag contents to WPS ER")
436 dev[0].dump_monitor()
437 res = dev[1].request("WPS_NFC")
439 raise Exception("Failed to start Enrollee using NFC password token")
440 ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=15)
442 raise Exception("WPS ER did not report success")
443 dev[1].wait_connected(timeout=15)
444 check_wpa2_connection(dev[1], apdev[0], hapd, ssid)
446 def test_nfc_wps_er_config_token(dev, apdev):
447 """WPS NFC configuration token from ER to Enrollee"""
449 _test_nfc_wps_er_config_token(dev, apdev)
451 dev[0].request("WPS_ER_STOP")
453 def _test_nfc_wps_er_config_token(dev, apdev):
454 ssid = "wps-nfc-er-config-token"
455 start_ap_er(dev[0], apdev[0], ssid)
456 hapd = hostapd.Hostapd(apdev[0]['ifname'])
457 logger.info("WPS provisioning step using configuration token from ER")
458 wps = dev[0].request("WPS_ER_NFC_CONFIG_TOKEN WPS " + apdev[0]['bssid']).rstrip()
460 raise Exception("Failed to generate configuration token (WPS format)")
461 conf = dev[0].request("WPS_ER_NFC_CONFIG_TOKEN NDEF " + apdev[0]['bssid']).rstrip()
463 raise Exception("Failed to generate configuration token")
464 dev[1].request("SET ignore_old_scan_res 1")
465 res = dev[1].request("WPS_NFC_TAG_READ " + conf)
467 raise Exception("Failed to provide NFC tag contents to wpa_supplicant")
468 dev[1].wait_connected(timeout=15)
469 check_wpa2_connection(dev[1], apdev[0], hapd, ssid)
471 def test_nfc_wps_er_handover(dev, apdev):
472 """WPS NFC connection handover between Enrollee and ER"""
474 _test_nfc_wps_er_handover(dev, apdev)
476 dev[0].request("WPS_ER_STOP")
478 def _test_nfc_wps_er_handover(dev, apdev):
479 ssid = "wps-nfc-er-handover"
480 start_ap_er(dev[0], apdev[0], ssid)
481 hapd = hostapd.Hostapd(apdev[0]['ifname'])
482 logger.info("WPS provisioning step using connection handover")
483 req = dev[1].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
485 raise Exception("Failed to generate NFC connection handover request")
486 sel = dev[0].request("NFC_GET_HANDOVER_SEL NDEF WPS-CR " + apdev[0]['bssid']).rstrip()
488 raise Exception("Failed to generate NFC connection handover select")
489 res = dev[0].request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
491 raise Exception("Failed to report NFC connection handover to to hostapd")
492 dev[1].dump_monitor()
493 res = dev[1].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
495 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
496 dev[1].wait_connected(timeout=15)
497 check_wpa2_connection(dev[1], apdev[0], hapd, ssid)
499 def test_nfc_wps_er_handover_pk_hash_mismatch_sta(dev, apdev):
500 """WPS NFC connection handover with invalid pkhash from station to ER (negative)"""
502 _test_nfc_wps_er_handover_pk_hash_mismatch_sta(dev, apdev)
504 dev[0].request("WPS_ER_STOP")
506 def _test_nfc_wps_er_handover_pk_hash_mismatch_sta(dev, apdev):
507 ssid = "wps-nfc-er-handover-pkhash-sta"
508 start_ap_er(dev[0], apdev[0], ssid)
509 hapd = hostapd.Hostapd(apdev[0]['ifname'])
510 logger.info("WPS provisioning step using connection handover")
511 if "FAIL" in dev[1].request("SET wps_corrupt_pkhash 1"):
512 raise Exception("Could not enable wps_corrupt_pkhash")
513 dev[1].request("SET ignore_old_scan_res 1")
514 req = dev[1].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
516 raise Exception("Failed to generate NFC connection handover request")
517 sel = dev[0].request("NFC_GET_HANDOVER_SEL NDEF WPS-CR " + apdev[0]['bssid']).rstrip()
519 raise Exception("Failed to generate NFC connection handover select")
520 res = dev[0].request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
522 raise Exception("Failed to report NFC connection handover to to hostapd")
523 dev[1].dump_monitor()
524 res = dev[1].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
526 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
527 ev = dev[1].wait_event(["CTRL-EVENT-CONNECTED", "WPS-FAIL"], timeout=15)
529 raise Exception("Timed out")
530 if "WPS-FAIL" not in ev:
531 raise Exception("Public key hash mismatch not detected")
533 def test_nfc_wps_er_handover_pk_hash_mismatch_er(dev, apdev):
534 """WPS NFC connection handover with invalid pkhash from ER to station (negative)"""
536 _test_nfc_wps_er_handover_pk_hash_mismatch_er(dev, apdev)
538 dev[0].request("WPS_ER_STOP")
540 def _test_nfc_wps_er_handover_pk_hash_mismatch_er(dev, apdev):
541 ssid = "wps-nfc-er-handover-pkhash-er"
542 start_ap_er(dev[0], apdev[0], ssid)
543 hapd = hostapd.Hostapd(apdev[0]['ifname'])
544 logger.info("WPS provisioning step using connection handover")
545 if "FAIL" in dev[0].request("SET wps_corrupt_pkhash 1"):
546 raise Exception("Could not enable wps_corrupt_pkhash")
547 dev[1].request("SET ignore_old_scan_res 1")
548 req = dev[1].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
550 raise Exception("Failed to generate NFC connection handover request")
551 sel = dev[0].request("NFC_GET_HANDOVER_SEL NDEF WPS-CR " + apdev[0]['bssid']).rstrip()
553 raise Exception("Failed to generate NFC connection handover select")
554 res = dev[0].request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
556 raise Exception("Failed to report NFC connection handover to to hostapd")
557 dev[1].dump_monitor()
558 res = dev[1].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
560 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
561 ev = dev[1].wait_event(["CTRL-EVENT-CONNECTED", "WPS-FAIL"], timeout=15)
563 raise Exception("Timed out")
564 if "WPS-FAIL" not in ev:
565 raise Exception("Public key hash mismatch not detected")
567 def test_nfc_invalid_ndef_record(dev, apdev):
568 """Invalid NFC NDEF record handling"""
569 tests = [ "11223344",
584 "0017ffffffe46170706c69636174696f6e2f766e642e7766612e777363",
585 "0017ffffffff6170706c69636174696f6e2f766e642e7766612e777363",
586 "0017000000006170706c69636174696f6e2f766e642e7766612e7773ff",
589 if "FAIL" not in dev[0].request("WPS_NFC_TAG_READ " + test):
590 raise Exception("Invalid tag accepted: " + test)