#!/usr/bin/python
#
# WPS+NFC tests
# Copyright (c) 2013, Jouni Malinen <j@w1.fi>
#
# This software may be distributed under the terms of the BSD license.
# See README for more details.

import time
import subprocess
import logging
logger = logging.getLogger()

import hwsim_utils
import hostapd

def check_wpa2_connection(sta, ap, ssid, mixed=False):
    status = sta.get_status()
    if status['wpa_state'] != 'COMPLETED':
        raise Exception("Not fully connected")
    if status['bssid'] != ap['bssid']:
        raise Exception("Unexpected BSSID")
    if status['ssid'] != ssid:
        raise Exception("Unexpected SSID")
    if status['pairwise_cipher'] != 'CCMP':
        raise Exception("Unexpected encryption configuration")
    if status['group_cipher'] != 'CCMP' and not mixed:
        raise Exception("Unexpected encryption configuration")
    if status['key_mgmt'] != 'WPA2-PSK':
        raise Exception("Unexpected key_mgmt")
    hwsim_utils.test_connectivity(sta.ifname, ap['ifname'])

def ap_wps_params(ssid):
    return { "ssid": ssid, "eap_server": "1", "wps_state": "2",
             "wpa_passphrase": "12345678", "wpa": "2",
             "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"}

def test_nfc_wps_password_token_sta(dev, apdev):
    """NFC tag with password token on the station/Enrollee"""
    dev[0].request("SET ignore_old_scan_res 1")
    ssid = "test-wps-nfc-pw-token-conf"
    params = ap_wps_params(ssid)
    hostapd.add_ap(apdev[0]['ifname'], params)
    hapd = hostapd.Hostapd(apdev[0]['ifname'])
    logger.info("WPS provisioning step using password token from station")
    pw = dev[0].request("WPS_NFC_TOKEN NDEF").rstrip()
    if "FAIL" in pw:
        raise Exception("Failed to generate password token")
    res = hapd.request("WPS_NFC_TAG_READ " + pw)
    if "FAIL" in res:
        raise Exception("Failed to provide NFC tag contents to hostapd")
    dev[0].dump_monitor()
    res = dev[0].request("WPS_NFC")
    if "FAIL" in res:
        raise Exception("Failed to start Enrollee using NFC password token")
    ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
    if ev is None:
        raise Exception("Association with the AP timed out")
    check_wpa2_connection(dev[0], apdev[0], ssid)

def test_nfc_wps_config_token(dev, apdev):
    """NFC tag with configuration token from AP"""
    ssid = "test-wps-nfc-conf-token"
    params = ap_wps_params(ssid)
    hostapd.add_ap(apdev[0]['ifname'], params)
    hapd = hostapd.Hostapd(apdev[0]['ifname'])
    logger.info("NFC configuration token from AP to station")
    conf = hapd.request("WPS_NFC_CONFIG_TOKEN NDEF").rstrip()
    if "FAIL" in conf:
        raise Exception("Failed to generate configuration token")
    dev[0].dump_monitor()
    res = dev[0].request("WPS_NFC_TAG_READ " + conf)
    if "FAIL" in res:
        raise Exception("Failed to provide NFC tag contents to wpa_supplicant")
    ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15)
    if ev is None:
        raise Exception("Association with the AP timed out")
    check_wpa2_connection(dev[0], apdev[0], ssid)

def test_nfc_wps_config_token_init(dev, apdev):
    """NFC tag with configuration token from AP with auto configuration"""
    dev[0].request("SET ignore_old_scan_res 1")
    ssid = "test-wps-nfc-conf-token-init"
    hostapd.add_ap(apdev[0]['ifname'],
                   { "ssid": ssid, "eap_server": "1", "wps_state": "1" })
    hapd = hostapd.Hostapd(apdev[0]['ifname'])
    logger.info("NFC configuration token from AP to station")
    conf = hapd.request("WPS_NFC_CONFIG_TOKEN NDEF").rstrip()
    if "FAIL" in conf:
        raise Exception("Failed to generate configuration token")
    dev[0].dump_monitor()
    res = dev[0].request("WPS_NFC_TAG_READ " + conf)
    if "FAIL" in res:
        raise Exception("Failed to provide NFC tag contents to wpa_supplicant")
    ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15)
    if ev is None:
        raise Exception("Association with the AP timed out")
    check_wpa2_connection(dev[0], apdev[0], ssid, mixed=True)

def test_nfc_wps_password_token_sta_init(dev, apdev):
    """Initial AP configuration with first WPS NFC Enrollee"""
    dev[0].request("SET ignore_old_scan_res 1")
    ssid = "test-wps-nfc-pw-token-init"
    hostapd.add_ap(apdev[0]['ifname'],
                   { "ssid": ssid, "eap_server": "1", "wps_state": "1" })
    hapd = hostapd.Hostapd(apdev[0]['ifname'])
    logger.info("WPS provisioning step using password token from station")
    pw = dev[0].request("WPS_NFC_TOKEN NDEF").rstrip()
    if "FAIL" in pw:
        raise Exception("Failed to generate password token")
    res = hapd.request("WPS_NFC_TAG_READ " + pw)
    if "FAIL" in res:
        raise Exception("Failed to provide NFC tag contents to hostapd")
    dev[0].dump_monitor()
    res = dev[0].request("WPS_NFC")
    if "FAIL" in res:
        raise Exception("Failed to start Enrollee using NFC password token")
    ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
    if ev is None:
        raise Exception("Association with the AP timed out")
    check_wpa2_connection(dev[0], apdev[0], ssid, mixed=True)

def test_nfc_wps_password_token_ap(dev, apdev):
    """WPS registrar configuring an AP using AP password token"""
    dev[0].request("SET ignore_old_scan_res 1")
    ssid = "test-wps-nfc-pw-token-init"
    hostapd.add_ap(apdev[0]['ifname'],
                   { "ssid": ssid, "eap_server": "1", "wps_state": "1" })
    hapd = hostapd.Hostapd(apdev[0]['ifname'])
    logger.info("WPS configuration step")
    pw = hapd.request("WPS_NFC_TOKEN NDEF").rstrip()
    if "FAIL" in pw:
        raise Exception("Failed to generate password token")
    res = hapd.request("WPS_NFC_TOKEN enable")
    if "FAIL" in pw:
        raise Exception("Failed to enable AP password token")
    res = dev[0].request("WPS_NFC_TAG_READ " + pw)
    if "FAIL" in res:
        raise Exception("Failed to provide NFC tag contents to wpa_supplicant")
    dev[0].dump_monitor()
    new_ssid = "test-wps-nfc-pw-token-new-ssid"
    new_passphrase = "1234567890"
    res = dev[0].request("WPS_REG " + apdev[0]['bssid'] + " nfc-pw " + new_ssid.encode("hex") + " WPA2PSK CCMP " + new_passphrase.encode("hex"))
    if "FAIL" in res:
        raise Exception("Failed to start Registrar using NFC password token")
    ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
    if ev is None:
        raise Exception("Association with the AP timed out")
    check_wpa2_connection(dev[0], apdev[0], new_ssid, mixed=True)

def test_nfc_wps_handover(dev, apdev):
    """Connect to WPS AP with NFC connection handover"""
    ssid = "test-wps-nfc-handover"
    params = ap_wps_params(ssid)
    hostapd.add_ap(apdev[0]['ifname'], params)
    hapd = hostapd.Hostapd(apdev[0]['ifname'])
    logger.info("NFC connection handover")
    req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
    if "FAIL" in req:
        raise Exception("Failed to generate NFC connection handover request")
    sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip()
    if "FAIL" in sel:
        raise Exception("Failed to generate NFC connection handover select")
    res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
    if "FAIL" in res:
        raise Exception("Failed to report NFC connection handover to to hostapd")
    dev[0].dump_monitor()
    res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
    if "FAIL" in res:
        raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
    ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
    if ev is None:
        raise Exception("Association with the AP timed out")
    check_wpa2_connection(dev[0], apdev[0], ssid)