fragattacks/tests/hwsim/test_ap_psk.py

1883 lines
74 KiB
Python
Raw Normal View History

# WPA2-Personal tests
# Copyright (c) 2014, Qualcomm Atheros, Inc.
#
# This software may be distributed under the terms of the BSD license.
# See README for more details.
import binascii
from Crypto.Cipher import AES
import hashlib
import hmac
import logging
logger = logging.getLogger()
import os
import re
import struct
import subprocess
import time
import hostapd
from utils import HwsimSkip
import hwsim_utils
from wpasupplicant import WpaSupplicant
def check_mib(dev, vals):
mib = dev.get_mib()
for v in vals:
if mib[v[0]] != v[1]:
raise Exception("Unexpected {} = {} (expected {})".format(v[0], mib[v[0]], v[1]))
def test_ap_wpa2_psk(dev, apdev):
"""WPA2-PSK AP with PSK instead of passphrase"""
ssid = "test-wpa2-psk"
passphrase = 'qwertyuiop'
psk = '602e323e077bc63bd80307ef4745b754b0ae0a925c2638ecd13a794b9527b9e6'
params = hostapd.wpa2_params(ssid=ssid)
params['wpa_psk'] = psk
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
key_mgmt = hapd.get_config()['key_mgmt']
if key_mgmt.split(' ')[0] != "WPA-PSK":
raise Exception("Unexpected GET_CONFIG(key_mgmt): " + key_mgmt)
dev[0].connect(ssid, raw_psk=psk, scan_freq="2412")
dev[1].connect(ssid, psk=passphrase, scan_freq="2412")
sig = dev[0].request("SIGNAL_POLL").splitlines()
pkt = dev[0].request("PKTCNT_POLL").splitlines()
if "FREQUENCY=2412" not in sig:
raise Exception("Unexpected SIGNAL_POLL value: " + str(sig))
if "TXBAD=0" not in pkt:
raise Exception("Unexpected TXBAD value: " + str(pkt))
def test_ap_wpa2_psk_file(dev, apdev):
"""WPA2-PSK AP with PSK from a file"""
ssid = "test-wpa2-psk"
passphrase = 'qwertyuiop'
psk = '602e323e077bc63bd80307ef4745b754b0ae0a925c2638ecd13a794b9527b9e6'
params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
params['wpa_psk_file'] = 'hostapd.wpa_psk'
hostapd.add_ap(apdev[0]['ifname'], params)
dev[1].connect(ssid, psk="very secret", scan_freq="2412", wait_connect=False)
dev[2].connect(ssid, raw_psk=psk, scan_freq="2412")
dev[2].request("REMOVE_NETWORK all")
dev[0].connect(ssid, psk="very secret", scan_freq="2412")
dev[0].request("REMOVE_NETWORK all")
dev[2].connect(ssid, psk="another passphrase for all STAs", scan_freq="2412")
dev[0].connect(ssid, psk="another passphrase for all STAs", scan_freq="2412")
ev = dev[1].wait_event(["WPA: 4-Way Handshake failed"], timeout=10)
if ev is None:
raise Exception("Timed out while waiting for failure report")
dev[1].request("REMOVE_NETWORK all")
def test_ap_wpa2_ptk_rekey(dev, apdev):
"""WPA2-PSK AP and PTK rekey enforced by station"""
ssid = "test-wpa2-psk"
passphrase = 'qwertyuiop'
params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
dev[0].connect(ssid, psk=passphrase, wpa_ptk_rekey="1", scan_freq="2412")
ev = dev[0].wait_event(["WPA: Key negotiation completed"])
if ev is None:
raise Exception("PTK rekey timed out")
hwsim_utils.test_connectivity(dev[0], hapd)
def test_ap_wpa2_ptk_rekey_ap(dev, apdev):
"""WPA2-PSK AP and PTK rekey enforced by AP"""
ssid = "test-wpa2-psk"
passphrase = 'qwertyuiop'
params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
params['wpa_ptk_rekey'] = '2'
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
dev[0].connect(ssid, psk=passphrase, scan_freq="2412")
ev = dev[0].wait_event(["WPA: Key negotiation completed"])
if ev is None:
raise Exception("PTK rekey timed out")
hwsim_utils.test_connectivity(dev[0], hapd)
def test_ap_wpa2_sha256_ptk_rekey(dev, apdev):
"""WPA2-PSK/SHA256 AKM AP and PTK rekey enforced by station"""
ssid = "test-wpa2-psk"
passphrase = 'qwertyuiop'
params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
params["wpa_key_mgmt"] = "WPA-PSK-SHA256"
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
dev[0].connect(ssid, psk=passphrase, key_mgmt="WPA-PSK-SHA256",
wpa_ptk_rekey="1", scan_freq="2412")
ev = dev[0].wait_event(["WPA: Key negotiation completed"])
if ev is None:
raise Exception("PTK rekey timed out")
hwsim_utils.test_connectivity(dev[0], hapd)
check_mib(dev[0], [ ("dot11RSNAAuthenticationSuiteRequested", "00-0f-ac-6"),
("dot11RSNAAuthenticationSuiteSelected", "00-0f-ac-6") ])
def test_ap_wpa2_sha256_ptk_rekey_ap(dev, apdev):
"""WPA2-PSK/SHA256 AKM AP and PTK rekey enforced by AP"""
ssid = "test-wpa2-psk"
passphrase = 'qwertyuiop'
params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
params["wpa_key_mgmt"] = "WPA-PSK-SHA256"
params['wpa_ptk_rekey'] = '2'
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
dev[0].connect(ssid, psk=passphrase, key_mgmt="WPA-PSK-SHA256",
scan_freq="2412")
ev = dev[0].wait_event(["WPA: Key negotiation completed"])
if ev is None:
raise Exception("PTK rekey timed out")
hwsim_utils.test_connectivity(dev[0], hapd)
check_mib(dev[0], [ ("dot11RSNAAuthenticationSuiteRequested", "00-0f-ac-6"),
("dot11RSNAAuthenticationSuiteSelected", "00-0f-ac-6") ])
def test_ap_wpa_ptk_rekey(dev, apdev):
"""WPA-PSK/TKIP AP and PTK rekey enforced by station"""
ssid = "test-wpa-psk"
passphrase = 'qwertyuiop'
params = hostapd.wpa_params(ssid=ssid, passphrase=passphrase)
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
dev[0].connect(ssid, psk=passphrase, wpa_ptk_rekey="1", scan_freq="2412")
if "[WPA-PSK-TKIP]" not in dev[0].request("SCAN_RESULTS"):
raise Exception("Scan results missing WPA element info")
ev = dev[0].wait_event(["WPA: Key negotiation completed"])
if ev is None:
raise Exception("PTK rekey timed out")
hwsim_utils.test_connectivity(dev[0], hapd)
def test_ap_wpa_ptk_rekey_ap(dev, apdev):
"""WPA-PSK/TKIP AP and PTK rekey enforced by AP"""
ssid = "test-wpa-psk"
passphrase = 'qwertyuiop'
params = hostapd.wpa_params(ssid=ssid, passphrase=passphrase)
params['wpa_ptk_rekey'] = '2'
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
dev[0].connect(ssid, psk=passphrase, scan_freq="2412")
ev = dev[0].wait_event(["WPA: Key negotiation completed"], timeout=10)
if ev is None:
raise Exception("PTK rekey timed out")
hwsim_utils.test_connectivity(dev[0], hapd)
def test_ap_wpa_ccmp(dev, apdev):
"""WPA-PSK/CCMP"""
ssid = "test-wpa-psk"
passphrase = 'qwertyuiop'
params = hostapd.wpa_params(ssid=ssid, passphrase=passphrase)
params['wpa_pairwise'] = "CCMP"
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
dev[0].connect(ssid, psk=passphrase, scan_freq="2412")
hwsim_utils.test_connectivity(dev[0], hapd)
check_mib(dev[0], [ ("dot11RSNAConfigGroupCipherSize", "128"),
("dot11RSNAGroupCipherRequested", "00-50-f2-4"),
("dot11RSNAPairwiseCipherRequested", "00-50-f2-4"),
("dot11RSNAAuthenticationSuiteRequested", "00-50-f2-2"),
("dot11RSNAGroupCipherSelected", "00-50-f2-4"),
("dot11RSNAPairwiseCipherSelected", "00-50-f2-4"),
("dot11RSNAAuthenticationSuiteSelected", "00-50-f2-2"),
("dot1xSuppSuppControlledPortStatus", "Authorized") ])
def test_ap_wpa2_psk_file(dev, apdev):
"""WPA2-PSK AP with various PSK file error and success cases"""
addr0 = dev[0].own_addr()
addr1 = dev[1].own_addr()
addr2 = dev[2].own_addr()
ssid = "psk"
pskfile = "/tmp/ap_wpa2_psk_file_errors.psk_file"
try:
os.remove(pskfile)
except:
pass
params = { "ssid": ssid, "wpa": "2", "wpa_key_mgmt": "WPA-PSK",
"rsn_pairwise": "CCMP", "wpa_psk_file": pskfile }
try:
# missing PSK file
hapd = hostapd.add_ap(apdev[0]['ifname'], params, no_enable=True)
if "FAIL" not in hapd.request("ENABLE"):
raise Exception("Unexpected ENABLE success")
hapd.request("DISABLE")
# invalid MAC address
with open(pskfile, "w") as f:
f.write("\n")
f.write("foo\n")
if "FAIL" not in hapd.request("ENABLE"):
raise Exception("Unexpected ENABLE success")
hapd.request("DISABLE")
# no PSK on line
with open(pskfile, "w") as f:
f.write("00:11:22:33:44:55\n")
if "FAIL" not in hapd.request("ENABLE"):
raise Exception("Unexpected ENABLE success")
hapd.request("DISABLE")
# invalid PSK
with open(pskfile, "w") as f:
f.write("00:11:22:33:44:55 1234567\n")
if "FAIL" not in hapd.request("ENABLE"):
raise Exception("Unexpected ENABLE success")
hapd.request("DISABLE")
# valid PSK file
with open(pskfile, "w") as f:
f.write("00:11:22:33:44:55 12345678\n")
f.write(addr0 + " 123456789\n")
f.write(addr1 + " 123456789a\n")
f.write(addr2 + " 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef\n")
if "FAIL" in hapd.request("ENABLE"):
raise Exception("Unexpected ENABLE failure")
dev[0].connect(ssid, psk="123456789", scan_freq="2412")
dev[1].connect(ssid, psk="123456789a", scan_freq="2412")
dev[2].connect(ssid, raw_psk="0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef", scan_freq="2412")
finally:
try:
os.remove(pskfile)
except:
pass
def test_ap_wpa2_psk_wildcard_ssid(dev, apdev):
"""WPA2-PSK AP and wildcard SSID configuration"""
ssid = "test-wpa2-psk"
passphrase = 'qwertyuiop'
psk = '602e323e077bc63bd80307ef4745b754b0ae0a925c2638ecd13a794b9527b9e6'
params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
dev[0].connect("", bssid=apdev[0]['bssid'], psk=passphrase,
scan_freq="2412")
dev[1].connect("", bssid=apdev[0]['bssid'], raw_psk=psk, scan_freq="2412")
def test_ap_wpa2_gtk_rekey(dev, apdev):
"""WPA2-PSK AP and GTK rekey enforced by AP"""
ssid = "test-wpa2-psk"
passphrase = 'qwertyuiop'
params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
params['wpa_group_rekey'] = '1'
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
dev[0].connect(ssid, psk=passphrase, scan_freq="2412")
ev = dev[0].wait_event(["WPA: Group rekeying completed"], timeout=2)
if ev is None:
raise Exception("GTK rekey timed out")
hwsim_utils.test_connectivity(dev[0], hapd)
def test_ap_wpa_gtk_rekey(dev, apdev):
"""WPA-PSK/TKIP AP and GTK rekey enforced by AP"""
ssid = "test-wpa-psk"
passphrase = 'qwertyuiop'
params = hostapd.wpa_params(ssid=ssid, passphrase=passphrase)
params['wpa_group_rekey'] = '1'
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
dev[0].connect(ssid, psk=passphrase, scan_freq="2412")
ev = dev[0].wait_event(["WPA: Group rekeying completed"], timeout=2)
if ev is None:
raise Exception("GTK rekey timed out")
hwsim_utils.test_connectivity(dev[0], hapd)
def test_ap_wpa2_gmk_rekey(dev, apdev):
"""WPA2-PSK AP and GMK and GTK rekey enforced by AP"""
ssid = "test-wpa2-psk"
passphrase = 'qwertyuiop'
params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
params['wpa_group_rekey'] = '1'
params['wpa_gmk_rekey'] = '2'
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
dev[0].connect(ssid, psk=passphrase, scan_freq="2412")
for i in range(0, 3):
ev = dev[0].wait_event(["WPA: Group rekeying completed"], timeout=2)
if ev is None:
raise Exception("GTK rekey timed out")
hwsim_utils.test_connectivity(dev[0], hapd)
def test_ap_wpa2_strict_rekey(dev, apdev):
"""WPA2-PSK AP and strict GTK rekey enforced by AP"""
ssid = "test-wpa2-psk"
passphrase = 'qwertyuiop'
params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
params['wpa_strict_rekey'] = '1'
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
dev[0].connect(ssid, psk=passphrase, scan_freq="2412")
dev[1].connect(ssid, psk=passphrase, scan_freq="2412")
dev[1].request("DISCONNECT")
ev = dev[0].wait_event(["WPA: Group rekeying completed"], timeout=2)
if ev is None:
raise Exception("GTK rekey timed out")
hwsim_utils.test_connectivity(dev[0], hapd)
def test_ap_wpa2_bridge_fdb(dev, apdev):
"""Bridge FDB entry removal"""
try:
ssid = "test-wpa2-psk"
passphrase = "12345678"
params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
params['bridge'] = 'ap-br0'
hostapd.add_ap(apdev[0]['ifname'], params)
subprocess.call(['brctl', 'setfd', 'ap-br0', '0'])
subprocess.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'up'])
dev[0].connect(ssid, psk=passphrase, scan_freq="2412",
bssid=apdev[0]['bssid'])
dev[1].connect(ssid, psk=passphrase, scan_freq="2412",
bssid=apdev[0]['bssid'])
addr0 = dev[0].p2p_interface_addr()
hwsim_utils.test_connectivity_sta(dev[0], dev[1])
cmd = subprocess.Popen(['brctl', 'showmacs', 'ap-br0'],
stdout=subprocess.PIPE)
macs1 = cmd.stdout.read()
dev[0].request("DISCONNECT")
dev[1].request("DISCONNECT")
time.sleep(1)
cmd = subprocess.Popen(['brctl', 'showmacs', 'ap-br0'],
stdout=subprocess.PIPE)
macs2 = cmd.stdout.read()
addr1 = dev[1].p2p_interface_addr()
if addr0 not in macs1 or addr1 not in macs1:
raise Exception("Bridge FDB entry missing")
if addr0 in macs2 or addr1 in macs2:
raise Exception("Bridge FDB entry was not removed")
finally:
subprocess.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'down'])
subprocess.call(['brctl', 'delbr', 'ap-br0'])
def test_ap_wpa2_already_in_bridge(dev, apdev):
"""hostapd behavior with interface already in bridge"""
ifname = apdev[0]['ifname']
br_ifname = 'ext-ap-br0'
try:
ssid = "test-wpa2-psk"
passphrase = "12345678"
subprocess.call(['brctl', 'addbr', br_ifname])
subprocess.call(['brctl', 'setfd', br_ifname, '0'])
subprocess.call(['ip', 'link', 'set', 'dev', br_ifname, 'up'])
subprocess.call(['iw', ifname, 'set', 'type', '__ap'])
subprocess.call(['brctl', 'addif', br_ifname, ifname])
params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
hapd = hostapd.add_ap(ifname, params)
if hapd.get_driver_status_field('brname') != br_ifname:
raise Exception("Bridge name not identified correctly")
dev[0].connect(ssid, psk=passphrase, scan_freq="2412")
finally:
subprocess.call(['ip', 'link', 'set', 'dev', br_ifname, 'down'])
subprocess.call(['brctl', 'delif', br_ifname, ifname])
subprocess.call(['iw', ifname, 'set', 'type', 'station'])
subprocess.call(['brctl', 'delbr', br_ifname])
def test_ap_wpa2_in_different_bridge(dev, apdev):
"""hostapd behavior with interface in different bridge"""
ifname = apdev[0]['ifname']
br_ifname = 'ext-ap-br0'
try:
ssid = "test-wpa2-psk"
passphrase = "12345678"
subprocess.call(['brctl', 'addbr', br_ifname])
subprocess.call(['brctl', 'setfd', br_ifname, '0'])
subprocess.call(['ip', 'link', 'set', 'dev', br_ifname, 'up'])
subprocess.call(['iw', ifname, 'set', 'type', '__ap'])
subprocess.call(['brctl', 'addif', br_ifname, ifname])
time.sleep(0.5)
params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
params['bridge'] = 'ap-br0'
hapd = hostapd.add_ap(ifname, params)
subprocess.call(['brctl', 'setfd', 'ap-br0', '0'])
subprocess.call(['ip', 'link', 'set', 'dev', 'ap-br0', 'up'])
brname = hapd.get_driver_status_field('brname')
if brname != 'ap-br0':
raise Exception("Incorrect bridge: " + brname)
dev[0].connect(ssid, psk=passphrase, scan_freq="2412")
hwsim_utils.test_connectivity_iface(dev[0], hapd, "ap-br0")
if hapd.get_driver_status_field("added_bridge") != "1":
raise Exception("Unexpected added_bridge value")
if hapd.get_driver_status_field("added_if_into_bridge") != "1":
raise Exception("Unexpected added_if_into_bridge value")
dev[0].request("DISCONNECT")
hapd.disable()
finally:
subprocess.call(['ip', 'link', 'set', 'dev', br_ifname, 'down'])
subprocess.call(['brctl', 'delif', br_ifname, ifname],
stderr=open('/dev/null', 'w'))
subprocess.call(['brctl', 'delbr', br_ifname])
def test_ap_wpa2_ext_add_to_bridge(dev, apdev):
"""hostapd behavior with interface added to bridge externally"""
ifname = apdev[0]['ifname']
br_ifname = 'ext-ap-br0'
try:
ssid = "test-wpa2-psk"
passphrase = "12345678"
params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
hapd = hostapd.add_ap(ifname, params)
subprocess.call(['brctl', 'addbr', br_ifname])
subprocess.call(['brctl', 'setfd', br_ifname, '0'])
subprocess.call(['ip', 'link', 'set', 'dev', br_ifname, 'up'])
subprocess.call(['brctl', 'addif', br_ifname, ifname])
dev[0].connect(ssid, psk=passphrase, scan_freq="2412")
if hapd.get_driver_status_field('brname') != br_ifname:
raise Exception("Bridge name not identified correctly")
finally:
subprocess.call(['ip', 'link', 'set', 'dev', br_ifname, 'down'])
subprocess.call(['brctl', 'delif', br_ifname, ifname])
subprocess.call(['brctl', 'delbr', br_ifname])
def test_ap_wpa2_psk_ext(dev, apdev):
"""WPA2-PSK AP using external EAPOL I/O"""
bssid = apdev[0]['bssid']
ssid = "test-wpa2-psk"
passphrase = 'qwertyuiop'
psk = '602e323e077bc63bd80307ef4745b754b0ae0a925c2638ecd13a794b9527b9e6'
params = hostapd.wpa2_params(ssid=ssid)
params['wpa_psk'] = psk
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
hapd.request("SET ext_eapol_frame_io 1")
dev[0].request("SET ext_eapol_frame_io 1")
dev[0].connect(ssid, psk=passphrase, scan_freq="2412", wait_connect=False)
addr = dev[0].p2p_interface_addr()
while True:
ev = hapd.wait_event(["EAPOL-TX", "AP-STA-CONNECTED"], timeout=15)
if ev is None:
raise Exception("Timeout on EAPOL-TX from hostapd")
if "AP-STA-CONNECTED" in ev:
dev[0].wait_connected(timeout=15)
break
res = dev[0].request("EAPOL_RX " + bssid + " " + ev.split(' ')[2])
if "OK" not in res:
raise Exception("EAPOL_RX to wpa_supplicant failed")
ev = dev[0].wait_event(["EAPOL-TX", "CTRL-EVENT-CONNECTED"], timeout=15)
if ev is None:
raise Exception("Timeout on EAPOL-TX from wpa_supplicant")
if "CTRL-EVENT-CONNECTED" in ev:
break
res = hapd.request("EAPOL_RX " + addr + " " + ev.split(' ')[2])
if "OK" not in res:
raise Exception("EAPOL_RX to hostapd failed")
def parse_eapol(data):
(version, type, length) = struct.unpack('>BBH', data[0:4])
payload = data[4:]
if length > len(payload):
raise Exception("Invalid EAPOL length")
if length < len(payload):
payload = payload[0:length]
eapol = {}
eapol['version'] = version
eapol['type'] = type
eapol['length'] = length
eapol['payload'] = payload
if type == 3:
# EAPOL-Key
(eapol['descr_type'],) = struct.unpack('B', payload[0:1])
payload = payload[1:]
if eapol['descr_type'] == 2 or eapol['descr_type'] == 254:
# RSN EAPOL-Key
(key_info, key_len) = struct.unpack('>HH', payload[0:4])
eapol['rsn_key_info'] = key_info
eapol['rsn_key_len'] = key_len
eapol['rsn_replay_counter'] = payload[4:12]
eapol['rsn_key_nonce'] = payload[12:44]
eapol['rsn_key_iv'] = payload[44:60]
eapol['rsn_key_rsc'] = payload[60:68]
eapol['rsn_key_id'] = payload[68:76]
eapol['rsn_key_mic'] = payload[76:92]
payload = payload[92:]
(eapol['rsn_key_data_len'],) = struct.unpack('>H', payload[0:2])
payload = payload[2:]
eapol['rsn_key_data'] = payload
return eapol
def build_eapol(msg):
data = struct.pack(">BBH", msg['version'], msg['type'], msg['length'])
if msg['type'] == 3:
data += struct.pack('>BHH', msg['descr_type'], msg['rsn_key_info'],
msg['rsn_key_len'])
data += msg['rsn_replay_counter']
data += msg['rsn_key_nonce']
data += msg['rsn_key_iv']
data += msg['rsn_key_rsc']
data += msg['rsn_key_id']
data += msg['rsn_key_mic']
data += struct.pack('>H', msg['rsn_key_data_len'])
data += msg['rsn_key_data']
else:
data += msg['payload']
return data
def sha1_prf(key, label, data, outlen):
res = ''
counter = 0
while outlen > 0:
m = hmac.new(key, label, hashlib.sha1)
m.update(struct.pack('B', 0))
m.update(data)
m.update(struct.pack('B', counter))
counter += 1
hash = m.digest()
if outlen > len(hash):
res += hash
outlen -= len(hash)
else:
res += hash[0:outlen]
outlen = 0
return res
def pmk_to_ptk(pmk, addr1, addr2, nonce1, nonce2):
if addr1 < addr2:
data = binascii.unhexlify(addr1.replace(':','')) + binascii.unhexlify(addr2.replace(':',''))
else:
data = binascii.unhexlify(addr2.replace(':','')) + binascii.unhexlify(addr1.replace(':',''))
if nonce1 < nonce2:
data += nonce1 + nonce2
else:
data += nonce2 + nonce1
label = "Pairwise key expansion"
ptk = sha1_prf(pmk, label, data, 48)
kck = ptk[0:16]
kek = ptk[16:32]
return (ptk, kck, kek)
def eapol_key_mic(kck, msg):
msg['rsn_key_mic'] = binascii.unhexlify('00000000000000000000000000000000')
data = build_eapol(msg)
m = hmac.new(kck, data, hashlib.sha1)
msg['rsn_key_mic'] = m.digest()[0:16]
def rsn_eapol_key_set(msg, key_info, key_len, nonce, data):
msg['rsn_key_info'] = key_info
msg['rsn_key_len'] = key_len
if nonce:
msg['rsn_key_nonce'] = nonce
else:
msg['rsn_key_nonce'] = binascii.unhexlify('0000000000000000000000000000000000000000000000000000000000000000')
if data:
msg['rsn_key_data_len'] = len(data)
msg['rsn_key_data'] = data
msg['length'] = 95 + len(data)
else:
msg['rsn_key_data_len'] = 0
msg['rsn_key_data'] = ''
msg['length'] = 95
def recv_eapol(hapd):
ev = hapd.wait_event(["EAPOL-TX"], timeout=15)
if ev is None:
raise Exception("Timeout on EAPOL-TX from hostapd")
eapol = binascii.unhexlify(ev.split(' ')[2])
return parse_eapol(eapol)
def send_eapol(hapd, addr, data):
res = hapd.request("EAPOL_RX " + addr + " " + binascii.hexlify(data))
if "OK" not in res:
raise Exception("EAPOL_RX to hostapd failed")
def reply_eapol(info, hapd, addr, msg, key_info, nonce, data, kck):
logger.info("Send EAPOL-Key msg " + info)
rsn_eapol_key_set(msg, key_info, 0, nonce, data)
eapol_key_mic(kck, msg)
send_eapol(hapd, addr, build_eapol(msg))
def hapd_connected(hapd):
ev = hapd.wait_event(["AP-STA-CONNECTED"], timeout=15)
if ev is None:
raise Exception("Timeout on AP-STA-CONNECTED from hostapd")
def eapol_test(apdev, dev, wpa2=True):
bssid = apdev['bssid']
if wpa2:
ssid = "test-wpa2-psk"
else:
ssid = "test-wpa-psk"
psk = '602e323e077bc63bd80307ef4745b754b0ae0a925c2638ecd13a794b9527b9e6'
pmk = binascii.unhexlify(psk)
if wpa2:
params = hostapd.wpa2_params(ssid=ssid)
else:
params = hostapd.wpa_params(ssid=ssid)
params['wpa_psk'] = psk
hapd = hostapd.add_ap(apdev['ifname'], params)
hapd.request("SET ext_eapol_frame_io 1")
dev.request("SET ext_eapol_frame_io 1")
dev.connect(ssid, raw_psk=psk, scan_freq="2412", wait_connect=False)
addr = dev.p2p_interface_addr()
if wpa2:
rsne = binascii.unhexlify('30140100000fac040100000fac040100000fac020000')
else:
rsne = binascii.unhexlify('dd160050f20101000050f20201000050f20201000050f202')
snonce = binascii.unhexlify('1111111111111111111111111111111111111111111111111111111111111111')
return (bssid,ssid,hapd,snonce,pmk,addr,rsne)
def test_ap_wpa2_psk_ext_eapol(dev, apdev):
"""WPA2-PSK AP using external EAPOL supplicant"""
(bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
msg = recv_eapol(hapd)
anonce = msg['rsn_key_nonce']
logger.info("Replay same data back")
send_eapol(hapd, addr, build_eapol(msg))
(ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
logger.info("Truncated Key Data in EAPOL-Key msg 2/4")
rsn_eapol_key_set(msg, 0x0101, 0, snonce, rsne)
msg['length'] = 95 + 22 - 1
send_eapol(hapd, addr, build_eapol(msg))
reply_eapol("2/4", hapd, addr, msg, 0x010a, snonce, rsne, kck)
msg = recv_eapol(hapd)
if anonce != msg['rsn_key_nonce']:
raise Exception("ANonce changed")
logger.info("Replay same data back")
send_eapol(hapd, addr, build_eapol(msg))
reply_eapol("4/4", hapd, addr, msg, 0x030a, None, None, kck)
hapd_connected(hapd)
def test_ap_wpa2_psk_ext_eapol_retry1(dev, apdev):
"""WPA2 4-way handshake with EAPOL-Key 1/4 retransmitted"""
(bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
msg1 = recv_eapol(hapd)
anonce = msg1['rsn_key_nonce']
msg2 = recv_eapol(hapd)
if anonce != msg2['rsn_key_nonce']:
raise Exception("ANonce changed")
(ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
logger.info("Send EAPOL-Key msg 2/4")
msg = msg2
rsn_eapol_key_set(msg, 0x010a, 0, snonce, rsne)
eapol_key_mic(kck, msg)
send_eapol(hapd, addr, build_eapol(msg))
msg = recv_eapol(hapd)
if anonce != msg['rsn_key_nonce']:
raise Exception("ANonce changed")
reply_eapol("4/4", hapd, addr, msg, 0x030a, None, None, kck)
hapd_connected(hapd)
def test_ap_wpa2_psk_ext_eapol_retry1b(dev, apdev):
"""WPA2 4-way handshake with EAPOL-Key 1/4 and 2/4 retransmitted"""
(bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
msg1 = recv_eapol(hapd)
anonce = msg1['rsn_key_nonce']
msg2 = recv_eapol(hapd)
if anonce != msg2['rsn_key_nonce']:
raise Exception("ANonce changed")
(ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
reply_eapol("2/4 (a)", hapd, addr, msg1, 0x010a, snonce, rsne, kck)
reply_eapol("2/4 (b)", hapd, addr, msg2, 0x010a, snonce, rsne, kck)
msg = recv_eapol(hapd)
if anonce != msg['rsn_key_nonce']:
raise Exception("ANonce changed")
reply_eapol("4/4", hapd, addr, msg, 0x030a, None, None, kck)
hapd_connected(hapd)
def test_ap_wpa2_psk_ext_eapol_retry1c(dev, apdev):
"""WPA2 4-way handshake with EAPOL-Key 1/4 and 2/4 retransmitted and SNonce changing"""
(bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
msg1 = recv_eapol(hapd)
anonce = msg1['rsn_key_nonce']
msg2 = recv_eapol(hapd)
if anonce != msg2['rsn_key_nonce']:
raise Exception("ANonce changed")
(ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
reply_eapol("2/4 (a)", hapd, addr, msg1, 0x010a, snonce, rsne, kck)
snonce2 = binascii.unhexlify('2222222222222222222222222222222222222222222222222222222222222222')
(ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce2, anonce)
reply_eapol("2/4 (b)", hapd, addr, msg2, 0x010a, snonce2, rsne, kck)
msg = recv_eapol(hapd)
if anonce != msg['rsn_key_nonce']:
raise Exception("ANonce changed")
reply_eapol("4/4", hapd, addr, msg, 0x030a, None, None, kck)
hapd_connected(hapd)
def test_ap_wpa2_psk_ext_eapol_retry1d(dev, apdev):
"""WPA2 4-way handshake with EAPOL-Key 1/4 and 2/4 retransmitted and SNonce changing and older used"""
(bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
msg1 = recv_eapol(hapd)
anonce = msg1['rsn_key_nonce']
msg2 = recv_eapol(hapd)
if anonce != msg2['rsn_key_nonce']:
raise Exception("ANonce changed")
(ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
reply_eapol("2/4 (a)", hapd, addr, msg1, 0x010a, snonce, rsne, kck)
snonce2 = binascii.unhexlify('2222222222222222222222222222222222222222222222222222222222222222')
(ptk2, kck2, kek2) = pmk_to_ptk(pmk, addr, bssid, snonce2, anonce)
reply_eapol("2/4 (b)", hapd, addr, msg2, 0x010a, snonce2, rsne, kck2)
msg = recv_eapol(hapd)
if anonce != msg['rsn_key_nonce']:
raise Exception("ANonce changed")
reply_eapol("4/4", hapd, addr, msg, 0x030a, None, None, kck)
hapd_connected(hapd)
def test_ap_wpa2_psk_ext_eapol_type_diff(dev, apdev):
"""WPA2 4-way handshake using external EAPOL supplicant"""
(bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
msg = recv_eapol(hapd)
anonce = msg['rsn_key_nonce']
(ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
# Incorrect descriptor type (frame dropped)
msg['descr_type'] = 253
rsn_eapol_key_set(msg, 0x010a, 0, snonce, rsne)
eapol_key_mic(kck, msg)
send_eapol(hapd, addr, build_eapol(msg))
# Incorrect descriptor type, but with a workaround (frame processed)
msg['descr_type'] = 254
rsn_eapol_key_set(msg, 0x010a, 0, snonce, rsne)
eapol_key_mic(kck, msg)
send_eapol(hapd, addr, build_eapol(msg))
msg = recv_eapol(hapd)
if anonce != msg['rsn_key_nonce']:
raise Exception("ANonce changed")
logger.info("Replay same data back")
send_eapol(hapd, addr, build_eapol(msg))
reply_eapol("4/4", hapd, addr, msg, 0x030a, None, None, kck)
hapd_connected(hapd)
def test_ap_wpa_psk_ext_eapol(dev, apdev):
"""WPA2-PSK AP using external EAPOL supplicant"""
(bssid,ssid,hapd,snonce,pmk,addr,wpae) = eapol_test(apdev[0], dev[0],
wpa2=False)
msg = recv_eapol(hapd)
anonce = msg['rsn_key_nonce']
logger.info("Replay same data back")
send_eapol(hapd, addr, build_eapol(msg))
logger.info("Too short data")
send_eapol(hapd, addr, build_eapol(msg)[0:98])
(ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
msg['descr_type'] = 2
reply_eapol("2/4(invalid type)", hapd, addr, msg, 0x010a, snonce, wpae, kck)
msg['descr_type'] = 254
reply_eapol("2/4", hapd, addr, msg, 0x010a, snonce, wpae, kck)
msg = recv_eapol(hapd)
if anonce != msg['rsn_key_nonce']:
raise Exception("ANonce changed")
logger.info("Replay same data back")
send_eapol(hapd, addr, build_eapol(msg))
reply_eapol("4/4", hapd, addr, msg, 0x030a, None, None, kck)
hapd_connected(hapd)
def test_ap_wpa2_psk_ext_eapol_key_info(dev, apdev):
"""WPA2-PSK 4-way handshake with strange key info values"""
(bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
msg = recv_eapol(hapd)
anonce = msg['rsn_key_nonce']
(ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
rsn_eapol_key_set(msg, 0x0000, 0, snonce, rsne)
send_eapol(hapd, addr, build_eapol(msg))
rsn_eapol_key_set(msg, 0xffff, 0, snonce, rsne)
send_eapol(hapd, addr, build_eapol(msg))
# SMK M1
rsn_eapol_key_set(msg, 0x2802, 0, snonce, rsne)
send_eapol(hapd, addr, build_eapol(msg))
# SMK M3
rsn_eapol_key_set(msg, 0x2002, 0, snonce, rsne)
send_eapol(hapd, addr, build_eapol(msg))
# Request
rsn_eapol_key_set(msg, 0x0902, 0, snonce, rsne)
send_eapol(hapd, addr, build_eapol(msg))
# Request
rsn_eapol_key_set(msg, 0x0902, 0, snonce, rsne)
tmp_kck = binascii.unhexlify('00000000000000000000000000000000')
eapol_key_mic(tmp_kck, msg)
send_eapol(hapd, addr, build_eapol(msg))
reply_eapol("2/4", hapd, addr, msg, 0x010a, snonce, rsne, kck)
msg = recv_eapol(hapd)
if anonce != msg['rsn_key_nonce']:
raise Exception("ANonce changed")
# Request (valic MIC)
rsn_eapol_key_set(msg, 0x0902, 0, snonce, rsne)
eapol_key_mic(kck, msg)
send_eapol(hapd, addr, build_eapol(msg))
# Request (valid MIC, replayed counter)
rsn_eapol_key_set(msg, 0x0902, 0, snonce, rsne)
eapol_key_mic(kck, msg)
send_eapol(hapd, addr, build_eapol(msg))
reply_eapol("4/4", hapd, addr, msg, 0x030a, None, None, kck)
hapd_connected(hapd)
def build_eapol_key_1_4(anonce, replay_counter=1, key_data='', key_len=16):
msg = {}
msg['version'] = 2
msg['type'] = 3
msg['length'] = 95 + len(key_data)
msg['descr_type'] = 2
msg['rsn_key_info'] = 0x8a
msg['rsn_key_len'] = key_len
msg['rsn_replay_counter'] = struct.pack('>Q', replay_counter)
msg['rsn_key_nonce'] = anonce
msg['rsn_key_iv'] = binascii.unhexlify('00000000000000000000000000000000')
msg['rsn_key_rsc'] = binascii.unhexlify('0000000000000000')
msg['rsn_key_id'] = binascii.unhexlify('0000000000000000')
msg['rsn_key_mic'] = binascii.unhexlify('00000000000000000000000000000000')
msg['rsn_key_data_len'] = len(key_data)
msg['rsn_key_data'] = key_data
return msg
def build_eapol_key_3_4(anonce, kck, key_data, replay_counter=2,
key_info=0x13ca, extra_len=0, descr_type=2, key_len=16):
msg = {}
msg['version'] = 2
msg['type'] = 3
msg['length'] = 95 + len(key_data) + extra_len
msg['descr_type'] = descr_type
msg['rsn_key_info'] = key_info
msg['rsn_key_len'] = key_len
msg['rsn_replay_counter'] = struct.pack('>Q', replay_counter)
msg['rsn_key_nonce'] = anonce
msg['rsn_key_iv'] = binascii.unhexlify('00000000000000000000000000000000')
msg['rsn_key_rsc'] = binascii.unhexlify('0000000000000000')
msg['rsn_key_id'] = binascii.unhexlify('0000000000000000')
msg['rsn_key_data_len'] = len(key_data)
msg['rsn_key_data'] = key_data
eapol_key_mic(kck, msg)
return msg
def aes_wrap(kek, plain):
n = len(plain) / 8
a = 0xa6a6a6a6a6a6a6a6
enc = AES.new(kek).encrypt
r = [plain[i * 8:(i + 1) * 8] for i in range(0, n)]
for j in range(6):
for i in range(1, n + 1):
b = enc(struct.pack('>Q', a) + r[i - 1])
a = struct.unpack('>Q', b[:8])[0] ^ (n * j + i)
r[i - 1] =b[8:]
return struct.pack('>Q', a) + ''.join(r)
def pad_key_data(plain):
pad_len = len(plain) % 8
if pad_len:
pad_len = 8 - pad_len
plain += '\xdd'
pad_len -= 1
plain += pad_len * '\0'
return plain
def test_ap_wpa2_psk_supp_proto(dev, apdev):
"""WPA2-PSK 4-way handshake protocol testing for supplicant"""
(bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
# Wait for EAPOL-Key msg 1/4 from hostapd to determine when associated
msg = recv_eapol(hapd)
dev[0].dump_monitor()
# Build own EAPOL-Key msg 1/4
anonce = binascii.unhexlify('2222222222222222222222222222222222222222222222222222222222222222')
counter = 1
msg = build_eapol_key_1_4(anonce, replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
msg = recv_eapol(dev[0])
snonce = msg['rsn_key_nonce']
(ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
logger.debug("Invalid AES wrap data length 0")
dev[0].dump_monitor()
msg = build_eapol_key_3_4(anonce, kck, '', replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
ev = dev[0].wait_event(["WPA: Unsupported AES-WRAP len 0"])
if ev is None:
raise Exception("Unsupported AES-WRAP len 0 not reported")
logger.debug("Invalid AES wrap data length 1")
dev[0].dump_monitor()
msg = build_eapol_key_3_4(anonce, kck, '1', replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
ev = dev[0].wait_event(["WPA: Unsupported AES-WRAP len 1"])
if ev is None:
raise Exception("Unsupported AES-WRAP len 1 not reported")
logger.debug("Invalid AES wrap data length 9")
dev[0].dump_monitor()
msg = build_eapol_key_3_4(anonce, kck, '123456789', replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
ev = dev[0].wait_event(["WPA: Unsupported AES-WRAP len 9"])
if ev is None:
raise Exception("Unsupported AES-WRAP len 9 not reported")
logger.debug("Invalid AES wrap data payload")
dev[0].dump_monitor()
msg = build_eapol_key_3_4(anonce, kck, '12345678', replay_counter=counter)
# do not increment counter to test replay protection
send_eapol(dev[0], addr, build_eapol(msg))
ev = dev[0].wait_event(["WPA: AES unwrap failed"])
if ev is None:
raise Exception("AES unwrap failure not reported")
logger.debug("Replay Count not increasing")
dev[0].dump_monitor()
msg = build_eapol_key_3_4(anonce, kck, '12345678', replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
ev = dev[0].wait_event(["WPA: EAPOL-Key Replay Counter did not increase"])
if ev is None:
raise Exception("Replay Counter replay not reported")
logger.debug("Missing Ack bit in key info")
dev[0].dump_monitor()
msg = build_eapol_key_3_4(anonce, kck, '12345678', replay_counter=counter,
key_info=0x134a)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
ev = dev[0].wait_event(["WPA: No Ack bit in key_info"])
if ev is None:
raise Exception("Missing Ack bit not reported")
logger.debug("Unexpected Request bit in key info")
dev[0].dump_monitor()
msg = build_eapol_key_3_4(anonce, kck, '12345678', replay_counter=counter,
key_info=0x1bca)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
ev = dev[0].wait_event(["WPA: EAPOL-Key with Request bit"])
if ev is None:
raise Exception("Request bit not reported")
logger.debug("Unsupported key descriptor version 0")
dev[0].dump_monitor()
msg = build_eapol_key_3_4(anonce, kck, '0123456789abcdef',
replay_counter=counter, key_info=0x13c8)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
ev = dev[0].wait_event(["WPA: Unsupported EAPOL-Key descriptor version 0"])
if ev is None:
raise Exception("Unsupported EAPOL-Key descriptor version 0 not reported")
logger.debug("Key descriptor version 1 not allowed with CCMP")
dev[0].dump_monitor()
msg = build_eapol_key_3_4(anonce, kck, '0123456789abcdef',
replay_counter=counter, key_info=0x13c9)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
ev = dev[0].wait_event(["WPA: CCMP is used, but EAPOL-Key descriptor version (1) is not 2"])
if ev is None:
raise Exception("Not allowed EAPOL-Key descriptor version not reported")
logger.debug("Invalid AES wrap payload with key descriptor version 2")
dev[0].dump_monitor()
msg = build_eapol_key_3_4(anonce, kck, '0123456789abcdef',
replay_counter=counter, key_info=0x13ca)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
ev = dev[0].wait_event(["WPA: AES unwrap failed"])
if ev is None:
raise Exception("AES unwrap failure not reported")
logger.debug("Key descriptor version 3 workaround")
dev[0].dump_monitor()
msg = build_eapol_key_3_4(anonce, kck, '0123456789abcdef',
replay_counter=counter, key_info=0x13cb)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
ev = dev[0].wait_event(["WPA: CCMP is used, but EAPOL-Key descriptor version (3) is not 2"])
if ev is None:
raise Exception("CCMP key descriptor mismatch not reported")
ev = dev[0].wait_event(["WPA: Interoperability workaround"])
if ev is None:
raise Exception("AES-128-CMAC workaround not reported")
ev = dev[0].wait_event(["WPA: Invalid EAPOL-Key MIC - dropping packet"])
if ev is None:
raise Exception("MIC failure with AES-128-CMAC workaround not reported")
logger.debug("Unsupported key descriptor version 4")
dev[0].dump_monitor()
msg = build_eapol_key_3_4(anonce, kck, '0123456789abcdef',
replay_counter=counter, key_info=0x13cc)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
ev = dev[0].wait_event(["WPA: Unsupported EAPOL-Key descriptor version 4"])
if ev is None:
raise Exception("Unsupported EAPOL-Key descriptor version 4 not reported")
logger.debug("Unsupported key descriptor version 7")
dev[0].dump_monitor()
msg = build_eapol_key_3_4(anonce, kck, '0123456789abcdef',
replay_counter=counter, key_info=0x13cf)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
ev = dev[0].wait_event(["WPA: Unsupported EAPOL-Key descriptor version 7"])
if ev is None:
raise Exception("Unsupported EAPOL-Key descriptor version 7 not reported")
logger.debug("Too short EAPOL header length")
dev[0].dump_monitor()
msg = build_eapol_key_3_4(anonce, kck, '12345678', replay_counter=counter,
extra_len=-1)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
ev = dev[0].wait_event(["WPA: Invalid EAPOL-Key frame - key_data overflow (8 > 7)"])
if ev is None:
raise Exception("Key data overflow not reported")
logger.debug("Too long EAPOL header length")
msg = build_eapol_key_3_4(anonce, kck, '12345678', replay_counter=counter,
extra_len=1)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
logger.debug("Unsupported descriptor type 0")
msg = build_eapol_key_3_4(anonce, kck, '12345678', replay_counter=counter,
descr_type=0)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
logger.debug("WPA descriptor type 0")
msg = build_eapol_key_3_4(anonce, kck, '12345678', replay_counter=counter,
descr_type=254)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
logger.debug("Non-zero key index for pairwise key")
dev[0].dump_monitor()
wrapped = aes_wrap(kek, 16*'z')
msg = build_eapol_key_3_4(anonce, kck, wrapped, replay_counter=counter,
key_info=0x13ea)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
ev = dev[0].wait_event(["WPA: Ignored EAPOL-Key (Pairwise) with non-zero key index"])
if ev is None:
raise Exception("Non-zero key index not reported")
logger.debug("Invalid Key Data plaintext payload --> disconnect")
dev[0].dump_monitor()
wrapped = aes_wrap(kek, 16*'z')
msg = build_eapol_key_3_4(anonce, kck, wrapped, replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
dev[0].wait_disconnected(timeout=1)
def test_ap_wpa2_psk_supp_proto_no_ie(dev, apdev):
"""WPA2-PSK supplicant protocol testing: IE not included"""
(bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
# Wait for EAPOL-Key msg 1/4 from hostapd to determine when associated
msg = recv_eapol(hapd)
dev[0].dump_monitor()
# Build own EAPOL-Key msg 1/4
anonce = binascii.unhexlify('2222222222222222222222222222222222222222222222222222222222222222')
counter = 1
msg = build_eapol_key_1_4(anonce, replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
msg = recv_eapol(dev[0])
snonce = msg['rsn_key_nonce']
(ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
logger.debug("No IEs in msg 3/4 --> disconnect")
dev[0].dump_monitor()
wrapped = aes_wrap(kek, 16*'\0')
msg = build_eapol_key_3_4(anonce, kck, wrapped, replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
dev[0].wait_disconnected(timeout=1)
def test_ap_wpa2_psk_supp_proto_ie_mismatch(dev, apdev):
"""WPA2-PSK supplicant protocol testing: IE mismatch"""
(bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
# Wait for EAPOL-Key msg 1/4 from hostapd to determine when associated
msg = recv_eapol(hapd)
dev[0].dump_monitor()
# Build own EAPOL-Key msg 1/4
anonce = binascii.unhexlify('2222222222222222222222222222222222222222222222222222222222222222')
counter = 1
msg = build_eapol_key_1_4(anonce, replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
msg = recv_eapol(dev[0])
snonce = msg['rsn_key_nonce']
(ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
logger.debug("Msg 3/4 with mismatching IE")
dev[0].dump_monitor()
wrapped = aes_wrap(kek, pad_key_data(binascii.unhexlify('30060100000fac04dd16000fac010100dc11188831bf4aa4a8678d2b41498618')))
msg = build_eapol_key_3_4(anonce, kck, wrapped, replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
dev[0].wait_disconnected(timeout=1)
def test_ap_wpa2_psk_supp_proto_ok(dev, apdev):
"""WPA2-PSK supplicant protocol testing: success"""
(bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
# Wait for EAPOL-Key msg 1/4 from hostapd to determine when associated
msg = recv_eapol(hapd)
dev[0].dump_monitor()
# Build own EAPOL-Key msg 1/4
anonce = binascii.unhexlify('2222222222222222222222222222222222222222222222222222222222222222')
counter = 1
msg = build_eapol_key_1_4(anonce, replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
msg = recv_eapol(dev[0])
snonce = msg['rsn_key_nonce']
(ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
logger.debug("Valid EAPOL-Key msg 3/4")
dev[0].dump_monitor()
plain = binascii.unhexlify('30140100000fac040100000fac040100000fac020c00dd16000fac010100dc11188831bf4aa4a8678d2b41498618')
wrapped = aes_wrap(kek, pad_key_data(plain))
msg = build_eapol_key_3_4(anonce, kck, wrapped, replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
dev[0].wait_connected(timeout=1)
def test_ap_wpa2_psk_supp_proto_no_gtk(dev, apdev):
"""WPA2-PSK supplicant protocol testing: no GTK"""
(bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
# Wait for EAPOL-Key msg 1/4 from hostapd to determine when associated
msg = recv_eapol(hapd)
dev[0].dump_monitor()
# Build own EAPOL-Key msg 1/4
anonce = binascii.unhexlify('2222222222222222222222222222222222222222222222222222222222222222')
counter = 1
msg = build_eapol_key_1_4(anonce, replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
msg = recv_eapol(dev[0])
snonce = msg['rsn_key_nonce']
(ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
logger.debug("EAPOL-Key msg 3/4 without GTK KDE")
dev[0].dump_monitor()
plain = binascii.unhexlify('30140100000fac040100000fac040100000fac020c00')
wrapped = aes_wrap(kek, pad_key_data(plain))
msg = build_eapol_key_3_4(anonce, kck, wrapped, replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=0.1)
if ev is not None:
raise Exception("Unexpected connection completion reported")
def test_ap_wpa2_psk_supp_proto_anonce_change(dev, apdev):
"""WPA2-PSK supplicant protocol testing: ANonce change"""
(bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
# Wait for EAPOL-Key msg 1/4 from hostapd to determine when associated
msg = recv_eapol(hapd)
dev[0].dump_monitor()
# Build own EAPOL-Key msg 1/4
anonce = binascii.unhexlify('2222222222222222222222222222222222222222222222222222222222222222')
counter = 1
msg = build_eapol_key_1_4(anonce, replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
msg = recv_eapol(dev[0])
snonce = msg['rsn_key_nonce']
(ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
logger.debug("Valid EAPOL-Key msg 3/4")
dev[0].dump_monitor()
anonce2 = binascii.unhexlify('3333333333333333333333333333333333333333333333333333333333333333')
plain = binascii.unhexlify('30140100000fac040100000fac040100000fac020c00dd16000fac010100dc11188831bf4aa4a8678d2b41498618')
wrapped = aes_wrap(kek, pad_key_data(plain))
msg = build_eapol_key_3_4(anonce2, kck, wrapped, replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
ev = dev[0].wait_event(["WPA: ANonce from message 1 of 4-Way Handshake differs from 3 of 4-Way Handshake"])
if ev is None:
raise Exception("ANonce change not reported")
def test_ap_wpa2_psk_supp_proto_unexpected_group_msg(dev, apdev):
"""WPA2-PSK supplicant protocol testing: unexpected group message"""
(bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
# Wait for EAPOL-Key msg 1/4 from hostapd to determine when associated
msg = recv_eapol(hapd)
dev[0].dump_monitor()
# Build own EAPOL-Key msg 1/4
anonce = binascii.unhexlify('2222222222222222222222222222222222222222222222222222222222222222')
counter = 1
msg = build_eapol_key_1_4(anonce, replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
msg = recv_eapol(dev[0])
snonce = msg['rsn_key_nonce']
(ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
logger.debug("Group key 1/2 instead of msg 3/4")
dev[0].dump_monitor()
wrapped = aes_wrap(kek, binascii.unhexlify('dd16000fac010100dc11188831bf4aa4a8678d2b41498618'))
msg = build_eapol_key_3_4(anonce, kck, wrapped, replay_counter=counter,
key_info=0x13c2)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
ev = dev[0].wait_event(["WPA: Group Key Handshake started prior to completion of 4-way handshake"])
if ev is None:
raise Exception("Unexpected group key message not reported")
dev[0].wait_disconnected(timeout=1)
def test_ap_wpa2_psk_supp_proto_msg_1_invalid_kde(dev, apdev):
"""WPA2-PSK supplicant protocol testing: invalid KDE in msg 1/4"""
(bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
# Wait for EAPOL-Key msg 1/4 from hostapd to determine when associated
msg = recv_eapol(hapd)
dev[0].dump_monitor()
# Build own EAPOL-Key msg 1/4 with invalid KDE
anonce = binascii.unhexlify('2222222222222222222222222222222222222222222222222222222222222222')
counter = 1
msg = build_eapol_key_1_4(anonce, replay_counter=counter,
key_data=binascii.unhexlify('5555'))
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
dev[0].wait_disconnected(timeout=1)
def test_ap_wpa2_psk_supp_proto_wrong_pairwise_key_len(dev, apdev):
"""WPA2-PSK supplicant protocol testing: wrong pairwise key length"""
(bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
# Wait for EAPOL-Key msg 1/4 from hostapd to determine when associated
msg = recv_eapol(hapd)
dev[0].dump_monitor()
# Build own EAPOL-Key msg 1/4
anonce = binascii.unhexlify('2222222222222222222222222222222222222222222222222222222222222222')
counter = 1
msg = build_eapol_key_1_4(anonce, replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
msg = recv_eapol(dev[0])
snonce = msg['rsn_key_nonce']
(ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
logger.debug("Valid EAPOL-Key msg 3/4")
dev[0].dump_monitor()
plain = binascii.unhexlify('30140100000fac040100000fac040100000fac020c00dd16000fac010100dc11188831bf4aa4a8678d2b41498618')
wrapped = aes_wrap(kek, pad_key_data(plain))
msg = build_eapol_key_3_4(anonce, kck, wrapped, replay_counter=counter,
key_len=15)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
ev = dev[0].wait_event(["WPA: Invalid CCMP key length 15"])
if ev is None:
raise Exception("Invalid CCMP key length not reported")
dev[0].wait_disconnected(timeout=1)
def test_ap_wpa2_psk_supp_proto_wrong_group_key_len(dev, apdev):
"""WPA2-PSK supplicant protocol testing: wrong group key length"""
(bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
# Wait for EAPOL-Key msg 1/4 from hostapd to determine when associated
msg = recv_eapol(hapd)
dev[0].dump_monitor()
# Build own EAPOL-Key msg 1/4
anonce = binascii.unhexlify('2222222222222222222222222222222222222222222222222222222222222222')
counter = 1
msg = build_eapol_key_1_4(anonce, replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
msg = recv_eapol(dev[0])
snonce = msg['rsn_key_nonce']
(ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
logger.debug("Valid EAPOL-Key msg 3/4")
dev[0].dump_monitor()
plain = binascii.unhexlify('30140100000fac040100000fac040100000fac020c00dd15000fac010100dc11188831bf4aa4a8678d2b414986')
wrapped = aes_wrap(kek, pad_key_data(plain))
msg = build_eapol_key_3_4(anonce, kck, wrapped, replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
ev = dev[0].wait_event(["WPA: Unsupported CCMP Group Cipher key length 15"])
if ev is None:
raise Exception("Invalid CCMP key length not reported")
dev[0].wait_disconnected(timeout=1)
def test_ap_wpa2_psk_supp_proto_gtk_tx_bit_workaround(dev, apdev):
"""WPA2-PSK supplicant protocol testing: GTK TX bit workaround"""
(bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
# Wait for EAPOL-Key msg 1/4 from hostapd to determine when associated
msg = recv_eapol(hapd)
dev[0].dump_monitor()
# Build own EAPOL-Key msg 1/4
anonce = binascii.unhexlify('2222222222222222222222222222222222222222222222222222222222222222')
counter = 1
msg = build_eapol_key_1_4(anonce, replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
msg = recv_eapol(dev[0])
snonce = msg['rsn_key_nonce']
(ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
logger.debug("Valid EAPOL-Key msg 3/4")
dev[0].dump_monitor()
plain = binascii.unhexlify('30140100000fac040100000fac040100000fac020c00dd16000fac010500dc11188831bf4aa4a8678d2b41498618')
wrapped = aes_wrap(kek, pad_key_data(plain))
msg = build_eapol_key_3_4(anonce, kck, wrapped, replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
ev = dev[0].wait_event(["WPA: Tx bit set for GTK, but pairwise keys are used - ignore Tx bit"])
if ev is None:
raise Exception("GTK Tx bit workaround not reported")
dev[0].wait_connected(timeout=1)
def test_ap_wpa2_psk_supp_proto_gtk_keyidx_0_and_3(dev, apdev):
"""WPA2-PSK supplicant protocol testing: GTK key index 0 and 3"""
(bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
# Wait for EAPOL-Key msg 1/4 from hostapd to determine when associated
msg = recv_eapol(hapd)
dev[0].dump_monitor()
# Build own EAPOL-Key msg 1/4
anonce = binascii.unhexlify('2222222222222222222222222222222222222222222222222222222222222222')
counter = 1
msg = build_eapol_key_1_4(anonce, replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
msg = recv_eapol(dev[0])
snonce = msg['rsn_key_nonce']
(ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
logger.debug("Valid EAPOL-Key msg 3/4 (GTK keyidx 0)")
dev[0].dump_monitor()
plain = binascii.unhexlify('30140100000fac040100000fac040100000fac020c00dd16000fac010000dc11188831bf4aa4a8678d2b41498618')
wrapped = aes_wrap(kek, pad_key_data(plain))
msg = build_eapol_key_3_4(anonce, kck, wrapped, replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
dev[0].wait_connected(timeout=1)
logger.debug("Valid EAPOL-Key group msg 1/2 (GTK keyidx 3)")
dev[0].dump_monitor()
plain = binascii.unhexlify('dd16000fac010300dc11188831bf4aa4a8678d2b41498618')
wrapped = aes_wrap(kek, pad_key_data(plain))
msg = build_eapol_key_3_4(anonce, kck, wrapped, replay_counter=counter,
key_info=0x13c2)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
msg = recv_eapol(dev[0])
ev = dev[0].wait_event(["WPA: Group rekeying completed"])
if ev is None:
raise Exception("GTK rekeing not reported")
logger.debug("Unencrypted GTK KDE in group msg 1/2")
dev[0].dump_monitor()
plain = binascii.unhexlify('dd16000fac010300dc11188831bf4aa4a8678d2b41498618')
msg = build_eapol_key_3_4(anonce, kck, plain, replay_counter=counter,
key_info=0x03c2)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
ev = dev[0].wait_event(["WPA: GTK IE in unencrypted key data"])
if ev is None:
raise Exception("Unencrypted GTK KDE not reported")
dev[0].wait_disconnected(timeout=1)
def test_ap_wpa2_psk_supp_proto_no_gtk_in_group_msg(dev, apdev):
"""WPA2-PSK supplicant protocol testing: GTK KDE missing from group msg"""
(bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
# Wait for EAPOL-Key msg 1/4 from hostapd to determine when associated
msg = recv_eapol(hapd)
dev[0].dump_monitor()
# Build own EAPOL-Key msg 1/4
anonce = binascii.unhexlify('2222222222222222222222222222222222222222222222222222222222222222')
counter = 1
msg = build_eapol_key_1_4(anonce, replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
msg = recv_eapol(dev[0])
snonce = msg['rsn_key_nonce']
(ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
logger.debug("Valid EAPOL-Key msg 3/4 (GTK keyidx 0)")
dev[0].dump_monitor()
plain = binascii.unhexlify('30140100000fac040100000fac040100000fac020c00dd16000fac010000dc11188831bf4aa4a8678d2b41498618')
wrapped = aes_wrap(kek, pad_key_data(plain))
msg = build_eapol_key_3_4(anonce, kck, wrapped, replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
dev[0].wait_connected(timeout=1)
logger.debug("No GTK KDE in EAPOL-Key group msg 1/2")
dev[0].dump_monitor()
plain = binascii.unhexlify('dd00dd00dd00dd00dd00dd00dd00dd00')
wrapped = aes_wrap(kek, pad_key_data(plain))
msg = build_eapol_key_3_4(anonce, kck, wrapped, replay_counter=counter,
key_info=0x13c2)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
ev = dev[0].wait_event(["WPA: No GTK IE in Group Key msg 1/2"])
if ev is None:
raise Exception("Missing GTK KDE not reported")
dev[0].wait_disconnected(timeout=1)
def test_ap_wpa2_psk_supp_proto_too_long_gtk_in_group_msg(dev, apdev):
"""WPA2-PSK supplicant protocol testing: too long GTK KDE in group msg"""
(bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
# Wait for EAPOL-Key msg 1/4 from hostapd to determine when associated
msg = recv_eapol(hapd)
dev[0].dump_monitor()
# Build own EAPOL-Key msg 1/4
anonce = binascii.unhexlify('2222222222222222222222222222222222222222222222222222222222222222')
counter = 1
msg = build_eapol_key_1_4(anonce, replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
msg = recv_eapol(dev[0])
snonce = msg['rsn_key_nonce']
(ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
logger.debug("Valid EAPOL-Key msg 3/4 (GTK keyidx 0)")
dev[0].dump_monitor()
plain = binascii.unhexlify('30140100000fac040100000fac040100000fac020c00dd16000fac010000dc11188831bf4aa4a8678d2b41498618')
wrapped = aes_wrap(kek, pad_key_data(plain))
msg = build_eapol_key_3_4(anonce, kck, wrapped, replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
dev[0].wait_connected(timeout=1)
logger.debug("EAPOL-Key group msg 1/2 with too long GTK KDE")
dev[0].dump_monitor()
plain = binascii.unhexlify('dd27000fac010100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff')
wrapped = aes_wrap(kek, pad_key_data(plain))
msg = build_eapol_key_3_4(anonce, kck, wrapped, replay_counter=counter,
key_info=0x13c2)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
ev = dev[0].wait_event(["WPA: Unsupported CCMP Group Cipher key length 33"])
if ev is None:
raise Exception("Too long GTK KDE not reported")
dev[0].wait_disconnected(timeout=1)
def test_ap_wpa2_psk_supp_proto_too_long_gtk_kde(dev, apdev):
"""WPA2-PSK supplicant protocol testing: too long GTK KDE"""
(bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
# Wait for EAPOL-Key msg 1/4 from hostapd to determine when associated
msg = recv_eapol(hapd)
dev[0].dump_monitor()
# Build own EAPOL-Key msg 1/4
anonce = binascii.unhexlify('2222222222222222222222222222222222222222222222222222222222222222')
counter = 1
msg = build_eapol_key_1_4(anonce, replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
msg = recv_eapol(dev[0])
snonce = msg['rsn_key_nonce']
(ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
logger.debug("EAPOL-Key msg 3/4 with too short GTK KDE")
dev[0].dump_monitor()
plain = binascii.unhexlify('30140100000fac040100000fac040100000fac020c00dd27000fac010100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff')
wrapped = aes_wrap(kek, pad_key_data(plain))
msg = build_eapol_key_3_4(anonce, kck, wrapped, replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
dev[0].wait_disconnected(timeout=1)
def test_ap_wpa2_psk_supp_proto_gtk_not_encrypted(dev, apdev):
"""WPA2-PSK supplicant protocol testing: GTK KDE not encrypted"""
(bssid,ssid,hapd,snonce,pmk,addr,rsne) = eapol_test(apdev[0], dev[0])
# Wait for EAPOL-Key msg 1/4 from hostapd to determine when associated
msg = recv_eapol(hapd)
dev[0].dump_monitor()
# Build own EAPOL-Key msg 1/4
anonce = binascii.unhexlify('2222222222222222222222222222222222222222222222222222222222222222')
counter = 1
msg = build_eapol_key_1_4(anonce, replay_counter=counter)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
msg = recv_eapol(dev[0])
snonce = msg['rsn_key_nonce']
(ptk, kck, kek) = pmk_to_ptk(pmk, addr, bssid, snonce, anonce)
logger.debug("Valid EAPOL-Key msg 3/4")
dev[0].dump_monitor()
plain = binascii.unhexlify('30140100000fac040100000fac040100000fac020c00dd16000fac010100dc11188831bf4aa4a8678d2b41498618')
msg = build_eapol_key_3_4(anonce, kck, plain, replay_counter=counter,
key_info=0x03ca)
counter += 1
send_eapol(dev[0], addr, build_eapol(msg))
ev = dev[0].wait_event(["WPA: GTK IE in unencrypted key data"])
if ev is None:
raise Exception("Unencrypted GTK KDE not reported")
dev[0].wait_disconnected(timeout=1)
def find_wpas_process(dev):
ifname = dev.ifname
cmd = subprocess.Popen(['ps', 'ax'], stdout=subprocess.PIPE)
(data,err) = cmd.communicate()
for l in data.splitlines():
if "wpa_supplicant" not in l:
continue
if "-i" + ifname not in l:
continue
return int(l.strip().split(' ')[0])
raise Exception("Could not find wpa_supplicant process")
def read_process_memory(pid, key=None):
buf = bytes()
with open('/proc/%d/maps' % pid, 'r') as maps, \
open('/proc/%d/mem' % pid, 'r') as mem:
for l in maps.readlines():
m = re.match(r'([0-9a-f]+)-([0-9a-f]+) ([-r][-w][-x][-p])', l)
if not m:
continue
start = int(m.group(1), 16)
end = int(m.group(2), 16)
perm = m.group(3)
if start > 0xffffffffffff:
continue
if end < start:
continue
if not perm.startswith('rw'):
continue
mem.seek(start)
data = mem.read(end - start)
buf += data
if key and key in data:
logger.info("Key found in " + l)
return buf
def verify_not_present(buf, key, fname, keyname):
pos = buf.find(key)
if pos < 0:
return
prefix = 2048 if pos > 2048 else pos
with open(fname + keyname, 'w') as f:
f.write(buf[pos - prefix:pos + 2048])
raise Exception(keyname + " found after disassociation")
def get_key_locations(buf, key, keyname):
count = 0
pos = 0
while True:
pos = buf.find(key, pos)
if pos < 0:
break
logger.info("Found %s at %d" % (keyname, pos))
count += 1
pos += len(key)
return count
def test_wpa2_psk_key_lifetime_in_memory(dev, apdev, params):
"""WPA2-PSK and PSK/PTK lifetime in memory"""
ssid = "test-wpa2-psk"
passphrase = 'qwertyuiop'
psk = '602e323e077bc63bd80307ef4745b754b0ae0a925c2638ecd13a794b9527b9e6'
pmk = binascii.unhexlify(psk)
p = hostapd.wpa2_params(ssid=ssid)
p['wpa_psk'] = psk
hapd = hostapd.add_ap(apdev[0]['ifname'], p)
pid = find_wpas_process(dev[0])
id = dev[0].connect(ssid, raw_psk=psk, scan_freq="2412",
only_add_network=True)
logger.info("Checking keys in memory after network profile configuration")
buf = read_process_memory(pid, pmk)
get_key_locations(buf, pmk, "PMK")
dev[0].request("REMOVE_NETWORK all")
logger.info("Checking keys in memory after network profile removal")
buf = read_process_memory(pid, pmk)
get_key_locations(buf, pmk, "PMK")
id = dev[0].connect(ssid, psk=passphrase, scan_freq="2412",
only_add_network=True)
logger.info("Checking keys in memory before connection")
buf = read_process_memory(pid, pmk)
get_key_locations(buf, pmk, "PMK")
dev[0].connect_network(id, timeout=20)
time.sleep(1)
buf = read_process_memory(pid, pmk)
dev[0].request("DISCONNECT")
dev[0].wait_disconnected()
dev[0].relog()
ptk = None
gtk = None
with open(os.path.join(params['logdir'], 'log0'), 'r') as f:
for l in f.readlines():
if "WPA: PTK - hexdump" in l:
val = l.strip().split(':')[3].replace(' ', '')
ptk = binascii.unhexlify(val)
if "WPA: Group Key - hexdump" in l:
val = l.strip().split(':')[3].replace(' ', '')
gtk = binascii.unhexlify(val)
if not pmk or not ptk or not gtk:
raise Exception("Could not find keys from debug log")
if len(gtk) != 16:
raise Exception("Unexpected GTK length")
kck = ptk[0:16]
kek = ptk[16:32]
tk = ptk[32:48]
logger.info("Checking keys in memory while associated")
get_key_locations(buf, pmk, "PMK")
if pmk not in buf:
raise HwsimSkip("PMK not found while associated")
if kck not in buf:
raise Exception("KCK not found while associated")
if kek not in buf:
raise Exception("KEK not found while associated")
if tk in buf:
raise Exception("TK found from memory")
if gtk in buf:
raise Exception("GTK found from memory")
logger.info("Checking keys in memory after disassociation")
buf = read_process_memory(pid, pmk)
get_key_locations(buf, pmk, "PMK")
# Note: PMK/PSK is still present in network configuration
fname = os.path.join(params['logdir'],
'wpa2_psk_key_lifetime_in_memory.memctx-')
verify_not_present(buf, kck, fname, "KCK")
verify_not_present(buf, kek, fname, "KEK")
verify_not_present(buf, tk, fname, "TK")
verify_not_present(buf, gtk, fname, "GTK")
dev[0].request("REMOVE_NETWORK all")
logger.info("Checking keys in memory after network profile removal")
buf = read_process_memory(pid, pmk)
get_key_locations(buf, pmk, "PMK")
verify_not_present(buf, pmk, fname, "PMK")
verify_not_present(buf, kck, fname, "KCK")
verify_not_present(buf, kek, fname, "KEK")
verify_not_present(buf, tk, fname, "TK")
verify_not_present(buf, gtk, fname, "GTK")
def test_ap_wpa2_psk_wep(dev, apdev):
"""WPA2-PSK AP and WEP enabled"""
ssid = "test-wpa2-psk"
passphrase = 'qwertyuiop'
params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
try:
hapd.set('wep_key0', '"hello"')
raise Exception("WEP key accepted to WPA2 network")
except Exception:
pass
def test_ap_wpa2_psk_wpas_in_bridge(dev, apdev):
"""WPA2-PSK AP and wpas interface in a bridge"""
br_ifname='sta-br0'
ifname='wlan5'
try:
_test_ap_wpa2_psk_wpas_in_bridge(dev, apdev)
finally:
subprocess.call(['ip', 'link', 'set', 'dev', br_ifname, 'down'])
subprocess.call(['brctl', 'delif', br_ifname, ifname])
subprocess.call(['brctl', 'delbr', br_ifname])
subprocess.call(['iw', ifname, 'set', '4addr', 'off'])
def _test_ap_wpa2_psk_wpas_in_bridge(dev, apdev):
ssid = "test-wpa2-psk"
passphrase = 'qwertyuiop'
params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
br_ifname='sta-br0'
ifname='wlan5'
wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
subprocess.call(['brctl', 'addbr', br_ifname])
subprocess.call(['brctl', 'setfd', br_ifname, '0'])
subprocess.call(['ip', 'link', 'set', 'dev', br_ifname, 'up'])
subprocess.call(['iw', ifname, 'set', '4addr', 'on'])
subprocess.check_call(['brctl', 'addif', br_ifname, ifname])
wpas.interface_add(ifname, br_ifname=br_ifname)
wpas.connect(ssid, psk=passphrase, scan_freq="2412")
def test_ap_wpa2_psk_ifdown(dev, apdev):
"""AP with open mode and external ifconfig down"""
ssid = "test-wpa2-psk"
passphrase = 'qwertyuiop'
params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
bssid = apdev[0]['bssid']
dev[0].connect(ssid, psk=passphrase, scan_freq="2412")
subprocess.call(['ip', 'link', 'set', 'dev', apdev[0]['ifname'], 'down'])
ev = hapd.wait_event(["INTERFACE-DISABLED"], timeout=10)
if ev is None:
raise Exception("No INTERFACE-DISABLED event")
# this wait tests beacon loss detection in mac80211
dev[0].wait_disconnected()
subprocess.call(['ip', 'link', 'set', 'dev', apdev[0]['ifname'], 'up'])
ev = hapd.wait_event(["INTERFACE-ENABLED"], timeout=10)
if ev is None:
raise Exception("No INTERFACE-ENABLED event")
dev[0].wait_connected()
hwsim_utils.test_connectivity(dev[0], hapd)
def test_ap_wpa2_psk_drop_first_msg_4(dev, apdev):
"""WPA2-PSK and first EAPOL-Key msg 4/4 dropped"""
bssid = apdev[0]['bssid']
ssid = "test-wpa2-psk"
passphrase = 'qwertyuiop'
psk = '602e323e077bc63bd80307ef4745b754b0ae0a925c2638ecd13a794b9527b9e6'
params = hostapd.wpa2_params(ssid=ssid)
params['wpa_psk'] = psk
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
hapd.request("SET ext_eapol_frame_io 1")
dev[0].request("SET ext_eapol_frame_io 1")
dev[0].connect(ssid, psk=passphrase, scan_freq="2412", wait_connect=False)
addr = dev[0].own_addr()
# EAPOL-Key msg 1/4
ev = hapd.wait_event(["EAPOL-TX"], timeout=15)
if ev is None:
raise Exception("Timeout on EAPOL-TX from hostapd")
res = dev[0].request("EAPOL_RX " + bssid + " " + ev.split(' ')[2])
if "OK" not in res:
raise Exception("EAPOL_RX to wpa_supplicant failed")
# EAPOL-Key msg 2/4
ev = dev[0].wait_event(["EAPOL-TX"], timeout=15)
if ev is None:
raise Exception("Timeout on EAPOL-TX from wpa_supplicant")
res = hapd.request("EAPOL_RX " + addr + " " + ev.split(' ')[2])
if "OK" not in res:
raise Exception("EAPOL_RX to hostapd failed")
# EAPOL-Key msg 3/4
ev = hapd.wait_event(["EAPOL-TX"], timeout=15)
if ev is None:
raise Exception("Timeout on EAPOL-TX from hostapd")
res = dev[0].request("EAPOL_RX " + bssid + " " + ev.split(' ')[2])
if "OK" not in res:
raise Exception("EAPOL_RX to wpa_supplicant failed")
# EAPOL-Key msg 4/4
ev = dev[0].wait_event(["EAPOL-TX"], timeout=15)
if ev is None:
raise Exception("Timeout on EAPOL-TX from wpa_supplicant")
logger.info("Drop the first EAPOL-Key msg 4/4")
# wpa_supplicant believes now that 4-way handshake succeeded; hostapd
# doesn't. Use normal EAPOL TX/RX to handle retries.
hapd.request("SET ext_eapol_frame_io 0")
dev[0].request("SET ext_eapol_frame_io 0")
dev[0].wait_connected()
ev = hapd.wait_event(["AP-STA-CONNECTED"], timeout=15)
if ev is None:
raise Exception("Timeout on AP-STA-CONNECTED from hostapd")
ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout=0.1)
if ev is not None:
logger.info("Disconnection detected")
# The EAPOL-Key retries are supposed to allow the connection to be
# established without having to reassociate. However, this does not
# currently work since mac80211 ends up encrypting EAPOL-Key msg 4/4
# after the pairwise key has been configured and AP will drop those and
# disconnect the station after reaching retransmission limit. Connection
# is then established after reassociation. Once that behavior has been
# optimized to prevent EAPOL-Key frame encryption for retransmission
# case, this exception can be uncommented here.
#raise Exception("Unexpected disconnection")
def test_ap_wpa2_psk_disable_enable(dev, apdev):
"""WPA2-PSK AP getting disabled and re-enabled"""
ssid = "test-wpa2-psk"
passphrase = 'qwertyuiop'
psk = '602e323e077bc63bd80307ef4745b754b0ae0a925c2638ecd13a794b9527b9e6'
params = hostapd.wpa2_params(ssid=ssid)
params['wpa_psk'] = psk
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
dev[0].connect(ssid, raw_psk=psk, scan_freq="2412")
for i in range(2):
hapd.request("DISABLE")
dev[0].wait_disconnected()
hapd.request("ENABLE")
dev[0].wait_connected()
hwsim_utils.test_connectivity(dev[0], hapd)
def test_ap_wpa2_psk_incorrect_passphrase(dev, apdev):
"""WPA2-PSK AP and station using incorrect passphrase"""
ssid = "test-wpa2-psk"
passphrase = 'qwertyuiop'
params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
dev[0].connect(ssid, psk="incorrect passphrase", scan_freq="2412",
wait_connect=False)
ev = hapd.wait_event(["AP-STA-POSSIBLE-PSK-MISMATCH"], timeout=10)
if ev is None:
raise Exception("No AP-STA-POSSIBLE-PSK-MISMATCH reported")
dev[0].dump_monitor()
hapd.disable()
hapd.set("wpa_passphrase", "incorrect passphrase")
hapd.enable()
dev[0].wait_connected(timeout=20)