fragattacks/tests/hwsim/test_peerkey.py
Jouni Malinen 74d29544f1 tests: RSN AP and PeerKey between two STAs with sniffer check
The previous PeerKey test cases did not actually verify in any way that
the SMK and STK exchanges were completed since mac80211 does not support
setting the key from STK. Use a sniffer check to confirm that the
exchanges complete to avoid PeerKey regressions like the ones fixed in
the last couple of commits.

Signed-off-by: Jouni Malinen <j@w1.fi>
2016-12-18 20:28:10 +02:00

154 lines
5.8 KiB
Python

# PeerKey tests
# Copyright (c) 2013-2016, Jouni Malinen <j@w1.fi>
#
# This software may be distributed under the terms of the BSD license.
# See README for more details.
from remotehost import remote_compatible
import logging
logger = logging.getLogger()
import os
import time
import hwsim_utils
import hostapd
from utils import skip_with_fips
from wlantest import Wlantest
from tshark import run_tshark
@remote_compatible
def test_peerkey(dev, apdev):
"""RSN AP and PeerKey between two STAs"""
ssid = "test-peerkey"
passphrase = "12345678"
params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
params['peerkey'] = "1"
hostapd.add_ap(apdev[0], params)
dev[0].connect(ssid, psk=passphrase, scan_freq="2412", peerkey=True)
dev[1].connect(ssid, psk=passphrase, scan_freq="2412", peerkey=True)
hwsim_utils.test_connectivity_sta(dev[0], dev[1])
dev[0].request("STKSTART " + dev[1].p2p_interface_addr())
time.sleep(0.5)
# NOTE: Actual use of the direct link (DLS) is not supported in
# mac80211_hwsim, so this operation fails at setting the keys after
# successfully completed 4-way handshake. This test case does allow the
# key negotiation part to be tested for coverage, though.
def test_peerkey_sniffer_check(dev, apdev, params):
"""RSN AP and PeerKey between two STAs with sniffer check"""
ssid = "test-peerkey"
passphrase = "12345678"
hparams = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
hparams['peerkey'] = "1"
hapd = hostapd.add_ap(apdev[0], hparams)
Wlantest.setup(hapd)
wt = Wlantest()
wt.flush()
wt.add_passphrase("12345678")
dev[0].connect(ssid, psk=passphrase, scan_freq="2412", peerkey=True)
dev[1].connect(ssid, psk=passphrase, scan_freq="2412", peerkey=True)
hwsim_utils.test_connectivity_sta(dev[0], dev[1])
dev[0].request("STKSTART " + dev[1].p2p_interface_addr())
time.sleep(1)
# NOTE: Actual use of the direct link (DLS) is not supported in
# mac80211_hwsim, so this operation fails at setting the keys after
# successfully completed 4-way handshake. This test case does allow the
# key negotiation part to be tested for coverage, though. Use sniffer to
# verify that all the SMK and STK handshake messages were transmitted.
bssid = hapd.own_addr()
addr0 = dev[0].own_addr()
addr1 = dev[1].own_addr()
out = run_tshark(os.path.join(params['logdir'], "hwsim0.pcapng"),
"eapol.type == 3",
display=["wlan.sa", "wlan.da", "eapol.keydes.key_info"])
smk = [ False, False, False, False, False ]
stk = [ False, False, False, False ]
for pkt in out.splitlines():
sa, da, key_info = pkt.split('\t')
key_info = int(key_info, 16)
if sa == addr0 and da == bssid and key_info == 0x2b02:
# Initiator -> AP: MIC+Secure+Request+SMK = SMK 1
smk[0] = True
elif sa == bssid and da == addr1 and key_info == 0x2382:
# AP -> Responder: ACK+MIC+Secure+SMK = SMK 2
smk[1] = True
elif sa == addr1 and da == bssid and key_info == 0x2302:
# Responder -> AP: MIC+Secure+SMK = SMK 3
smk[2] = True
elif sa == bssid and da == addr1 and key_info == 0x3342:
# AP -> Responder: Install+MIC+Secure+EncrKeyData+SMK = SMK 4
smk[3] = True
elif sa == bssid and da == addr0 and key_info == 0x3302:
# AP -> Initiator: MIC+Secure+EncrKeyData+SMK = SMK 5
smk[4] = True
elif sa == addr0 and da == addr1 and key_info == 0x008a:
# Initiator -> Responder: Pairwise+ACK = STK 1
stk[0] = True
elif sa == addr1 and da == addr0 and key_info == 0x010a:
# Responder -> Initiator: Pairwise+MIC = STK 2
stk[1] = True
elif sa == addr0 and da == addr1 and key_info == 0x038a:
# Initiator -> Responder: Pairwise+ACK+MIC+Secure = STK 3
stk[2] = True
elif sa == addr1 and da == addr0 and key_info == 0x030a:
# Responder -> Initiator: Pairwise+MIC+Secure = STK 4
stk[3] = True
logger.info("Seen SMK messages: " + str(smk))
logger.info("Seen STK messages: " + str(stk))
if False in smk:
raise Exception("Missing SMK message: " + str(smk))
if False in stk:
raise Exception("Missing STK message: " + str(stk))
def test_peerkey_unknown_peer(dev, apdev):
"""RSN AP and PeerKey attempt with unknown peer"""
ssid = "test-peerkey"
passphrase = "12345678"
params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
params['peerkey'] = "1"
hostapd.add_ap(apdev[0], params)
dev[0].connect(ssid, psk=passphrase, scan_freq="2412", peerkey=True)
dev[1].connect(ssid, psk=passphrase, scan_freq="2412", peerkey=True)
hwsim_utils.test_connectivity_sta(dev[0], dev[1])
dev[0].request("STKSTART " + dev[2].p2p_interface_addr())
time.sleep(0.5)
@remote_compatible
def test_peerkey_pairwise_mismatch(dev, apdev):
"""RSN TKIP+CCMP AP and PeerKey between two STAs using different ciphers"""
skip_with_fips(dev[0])
ssid = "test-peerkey"
passphrase = "12345678"
params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
params['peerkey'] = "1"
params['rsn_pairwise'] = "TKIP CCMP"
hapd = hostapd.add_ap(apdev[0], params)
Wlantest.setup(hapd)
wt = Wlantest()
wt.flush()
wt.add_passphrase("12345678")
dev[0].connect(ssid, psk=passphrase, scan_freq="2412", peerkey=True,
pairwise="CCMP")
dev[1].connect(ssid, psk=passphrase, scan_freq="2412", peerkey=True,
pairwise="TKIP")
hwsim_utils.test_connectivity_sta(dev[0], dev[1])
dev[0].request("STKSTART " + dev[1].p2p_interface_addr())
time.sleep(0.5)
dev[1].request("STKSTART " + dev[0].p2p_interface_addr())
time.sleep(0.5)