mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-25 00:38:24 -05:00
tests: Add test cases for NFC+WPS
Signed-hostap: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
49e160a58d
commit
ea295abcd5
152
tests/hwsim/test_nfc_wps.py
Normal file
152
tests/hwsim/test_nfc_wps.py
Normal file
@ -0,0 +1,152 @@
|
||||
#!/usr/bin/python
|
||||
#
|
||||
# WPS+NFC tests
|
||||
# Copyright (c) 2013, Jouni Malinen <j@w1.fi>
|
||||
#
|
||||
# This software may be distributed under the terms of the BSD license.
|
||||
# See README for more details.
|
||||
|
||||
import time
|
||||
import subprocess
|
||||
import logging
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
import hwsim_utils
|
||||
import hostapd
|
||||
|
||||
def check_wpa2_connection(sta, ap, ssid, mixed=False):
|
||||
status = sta.get_status()
|
||||
if status['wpa_state'] != 'COMPLETED':
|
||||
raise Exception("Not fully connected")
|
||||
if status['bssid'] != ap['bssid']:
|
||||
raise Exception("Unexpected BSSID")
|
||||
if status['ssid'] != ssid:
|
||||
raise Exception("Unexpected SSID")
|
||||
if status['pairwise_cipher'] != 'CCMP':
|
||||
raise Exception("Unexpected encryption configuration")
|
||||
if status['group_cipher'] != 'CCMP' and not mixed:
|
||||
raise Exception("Unexpected encryption configuration")
|
||||
if status['key_mgmt'] != 'WPA2-PSK':
|
||||
raise Exception("Unexpected key_mgmt")
|
||||
hwsim_utils.test_connectivity(sta.ifname, ap['ifname'])
|
||||
|
||||
def ap_wps_params(ssid):
|
||||
return { "ssid": ssid, "eap_server": "1", "wps_state": "2",
|
||||
"wpa_passphrase": "12345678", "wpa": "2",
|
||||
"wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"}
|
||||
|
||||
def test_nfc_wps_password_token_sta(dev, apdev):
|
||||
"""NFC tag with password token on the station/Enrollee"""
|
||||
ssid = "test-wps-nfc-pw-token-conf"
|
||||
params = ap_wps_params(ssid)
|
||||
hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
hapd = hostapd.Hostapd(apdev[0]['ifname'])
|
||||
logger.info("WPS provisioning step using password token from station")
|
||||
pw = dev[0].request("WPS_NFC_TOKEN NDEF").rstrip()
|
||||
if "FAIL" in pw:
|
||||
raise Exception("Failed to generate password token")
|
||||
res = hapd.request("WPS_NFC_TAG_READ " + pw)
|
||||
if "FAIL" in res:
|
||||
raise Exception("Failed to provide NFC tag contents to hostapd")
|
||||
dev[0].dump_monitor()
|
||||
res = dev[0].request("WPS_NFC")
|
||||
if "FAIL" in res:
|
||||
raise Exception("Failed to start Enrollee using NFC password token")
|
||||
ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15)
|
||||
if ev is None:
|
||||
raise Exception("Association with the AP timed out")
|
||||
check_wpa2_connection(dev[0], apdev[0], ssid)
|
||||
|
||||
def test_nfc_wps_config_token(dev, apdev):
|
||||
"""NFC tag with configuration token from AP"""
|
||||
ssid = "test-wps-nfc-conf-token"
|
||||
params = ap_wps_params(ssid)
|
||||
hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
hapd = hostapd.Hostapd(apdev[0]['ifname'])
|
||||
logger.info("NFC configuration token from AP to station")
|
||||
conf = hapd.request("WPS_NFC_CONFIG_TOKEN NDEF").rstrip()
|
||||
if "FAIL" in conf:
|
||||
raise Exception("Failed to generate configuration token")
|
||||
dev[0].dump_monitor()
|
||||
res = dev[0].request("WPS_NFC_TAG_READ " + conf)
|
||||
if "FAIL" in res:
|
||||
raise Exception("Failed to provide NFC tag contents to wpa_supplicant")
|
||||
ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15)
|
||||
if ev is None:
|
||||
raise Exception("Association with the AP timed out")
|
||||
check_wpa2_connection(dev[0], apdev[0], ssid)
|
||||
|
||||
def test_nfc_wps_password_token_sta_init(dev, apdev):
|
||||
"""Initial AP configuration with first WPS NFC Enrollee"""
|
||||
ssid = "test-wps-nfc-pw-token-init"
|
||||
hostapd.add_ap(apdev[0]['ifname'],
|
||||
{ "ssid": ssid, "eap_server": "1", "wps_state": "1" })
|
||||
hapd = hostapd.Hostapd(apdev[0]['ifname'])
|
||||
logger.info("WPS provisioning step using password token from station")
|
||||
pw = dev[0].request("WPS_NFC_TOKEN NDEF").rstrip()
|
||||
if "FAIL" in pw:
|
||||
raise Exception("Failed to generate password token")
|
||||
res = hapd.request("WPS_NFC_TAG_READ " + pw)
|
||||
if "FAIL" in res:
|
||||
raise Exception("Failed to provide NFC tag contents to hostapd")
|
||||
dev[0].dump_monitor()
|
||||
res = dev[0].request("WPS_NFC")
|
||||
if "FAIL" in res:
|
||||
raise Exception("Failed to start Enrollee using NFC password token")
|
||||
ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15)
|
||||
if ev is None:
|
||||
raise Exception("Association with the AP timed out")
|
||||
check_wpa2_connection(dev[0], apdev[0], ssid, mixed=True)
|
||||
|
||||
def test_nfc_wps_password_token_ap(dev, apdev):
|
||||
"""WPS registrar configuring an AP using AP password token"""
|
||||
dev[0].request("SET ignore_old_scan_res 1")
|
||||
ssid = "test-wps-nfc-pw-token-init"
|
||||
hostapd.add_ap(apdev[0]['ifname'],
|
||||
{ "ssid": ssid, "eap_server": "1", "wps_state": "1" })
|
||||
hapd = hostapd.Hostapd(apdev[0]['ifname'])
|
||||
logger.info("WPS configuration step")
|
||||
pw = hapd.request("WPS_NFC_TOKEN NDEF").rstrip()
|
||||
if "FAIL" in pw:
|
||||
raise Exception("Failed to generate password token")
|
||||
res = hapd.request("WPS_NFC_TOKEN enable")
|
||||
if "FAIL" in pw:
|
||||
raise Exception("Failed to enable AP password token")
|
||||
res = dev[0].request("WPS_NFC_TAG_READ " + pw)
|
||||
if "FAIL" in res:
|
||||
raise Exception("Failed to provide NFC tag contents to wpa_supplicant")
|
||||
dev[0].dump_monitor()
|
||||
new_ssid = "test-wps-nfc-pw-token-new-ssid"
|
||||
new_passphrase = "1234567890"
|
||||
res = dev[0].request("WPS_REG " + apdev[0]['bssid'] + " nfc-pw " + new_ssid.encode("hex") + " WPA2PSK CCMP " + new_passphrase.encode("hex"))
|
||||
if "FAIL" in res:
|
||||
raise Exception("Failed to start Registrar using NFC password token")
|
||||
ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15)
|
||||
if ev is None:
|
||||
raise Exception("Association with the AP timed out")
|
||||
check_wpa2_connection(dev[0], apdev[0], new_ssid, mixed=True)
|
||||
|
||||
def test_nfc_wps_handover(dev, apdev):
|
||||
"""Connect to WPS AP with NFC connection handover"""
|
||||
ssid = "test-wps-nfc-handover"
|
||||
params = ap_wps_params(ssid)
|
||||
hostapd.add_ap(apdev[0]['ifname'], params)
|
||||
hapd = hostapd.Hostapd(apdev[0]['ifname'])
|
||||
logger.info("NFC connection handover")
|
||||
req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
|
||||
if "FAIL" in req:
|
||||
raise Exception("Failed to generate NFC connection handover request")
|
||||
sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip()
|
||||
if "FAIL" in sel:
|
||||
raise Exception("Failed to generate NFC connection handover select")
|
||||
res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
|
||||
if "FAIL" in res:
|
||||
raise Exception("Failed to report NFC connection handover to to hostapd")
|
||||
dev[0].dump_monitor()
|
||||
res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
|
||||
if "FAIL" in res:
|
||||
raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
|
||||
ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15)
|
||||
if ev is None:
|
||||
raise Exception("Association with the AP timed out")
|
||||
check_wpa2_connection(dev[0], apdev[0], ssid)
|
Loading…
Reference in New Issue
Block a user