def __init__(self, apdev, dev, params, sta_params=None): self.init_params() self.dev = dev self.bssid = apdev['bssid'] freq = params.pop("freq") if sta_params is None: sta_params = dict() if "ocv" not in sta_params: sta_params["ocv"] = "1" if "ieee80211w" not in sta_params: sta_params["ieee80211w"] = "1" params.update( hostapd.wpa2_params(ssid=self.ssid, passphrase=self.passphrase)) params['wpa_pairwise_update_count'] = "10" try: self.hapd = hostapd.add_ap(apdev, params) except Exception as e: if "Failed to set hostapd parameter ocv" in str(e): raise HwsimSkip("OCV not supported") raise self.hapd.request("SET ext_eapol_frame_io 1") self.dev.request("SET ext_eapol_frame_io 1") pmk = binascii.unhexlify( "c2c6c255af836bed1b3f2f1ded98e052f5ad618bb554e2836757b55854a0eab7") self.gtkie = binascii.unhexlify( "dd16000fac010100dc11188831bf4aa4a8678d2b41498618") if sta_params["ocv"] != "0": self.rsne = binascii.unhexlify( "30140100000fac040100000fac040100000fac028c40") else: self.rsne = binascii.unhexlify( "30140100000fac040100000fac040100000fac028c00") self.dev.connect(self.ssid, raw_psk=self.psk, scan_freq=freq, wait_connect=False, **sta_params) if "country_code" in params: self.dev.wait_regdom(country_ie=True) self.addr = dev.p2p_interface_addr() # Forward msg 1/4 from AP to STA self.msg = recv_eapol(self.hapd) self.anonce = self.msg['rsn_key_nonce'] send_eapol(self.dev, self.bssid, build_eapol(self.msg)) # Capture msg 2/4 from the STA so we can derive the session keys self.msg = recv_eapol(dev) self.snonce = self.msg['rsn_key_nonce'] (ptk, self.kck, self.kek) = pmk_to_ptk(pmk, self.addr, self.bssid, self.snonce, self.anonce) self.counter = struct.unpack('>Q', self.msg['rsn_replay_counter'])[0] + 1
def test_wpa2_ocv_ap_group_hs(dev, apdev): """OCV group handshake (AP)""" params = { "channel": "1", "ieee80211w": "1", "freq": "2412", "wpa_strict_rekey": "1" } conn = APConnection(apdev[0], dev[0], params) conn.confirm_valid_oci(81, 1, 0) conn.hapd.request("SET ext_eapol_frame_io 0") dev[1].connect(conn.ssid, psk=conn.passphrase, scan_freq="2412", ocv="1", ieee80211w="1") conn.hapd.wait_sta() conn.hapd.request("SET ext_eapol_frame_io 1") # Trigger a group key handshake dev[1].request("DISCONNECT") dev[0].dump_monitor() # Wait for EAPOL-Key msg 1/2 conn.msg = recv_eapol(conn.hapd) if conn.msg["rsn_key_info"] != 4994: raise Exception("Didn't receive 1/2 of group key handshake") # Send a EAPOL-Key msg 2/2 with a bad OCI logger.info("Bad OCI element") ocikde = make_ocikde(1, 1, 1) msg = build_eapol_key_2_2(conn.kck, ocikde, replay_counter=3) conn.hapd.dump_monitor() send_eapol(conn.hapd, conn.addr, build_eapol(msg)) # Wait for retransmitted EAPOL-Key msg 1/2 conn.msg = recv_eapol(conn.hapd) if conn.msg["rsn_key_info"] != 4994: raise Exception("Didn't receive 1/2 of group key handshake") # Send a EAPOL-Key msg 2/2 with a good OCI logger.info("Good OCI element") ocikde = make_ocikde(81, 1, 0) msg = build_eapol_key_2_2(conn.kck, ocikde, replay_counter=4) conn.hapd.dump_monitor() send_eapol(conn.hapd, conn.addr, build_eapol(msg)) # Verify that group key handshake has completed ev = conn.hapd.wait_event(["EAPOL-TX"], timeout=1) if ev is not None: eapol = binascii.unhexlify(ev.split(' ')[2]) msg = parse_eapol(eapol) if msg["rsn_key_info"] == 4994: raise Exception("AP didn't accept 2/2 of group key handshake")
def __init__(self, apdev, dev, params, sta_params=None): self.init_params() self.dev = dev self.bssid = apdev['bssid'] freq = params.pop("freq") if sta_params is None: sta_params = dict() if "ocv" not in sta_params: sta_params["ocv"] = "1" if "ieee80211w" not in sta_params: sta_params["ieee80211w"] = "1" params.update(hostapd.wpa2_params(ssid=self.ssid, passphrase=self.passphrase)) params['wpa_pairwise_update_count'] = "10" try: self.hapd = hostapd.add_ap(apdev, params) except Exception as e: if "Failed to set hostapd parameter ocv" in str(e): raise HwsimSkip("OCV not supported") raise self.hapd.request("SET ext_eapol_frame_io 1") self.dev.request("SET ext_eapol_frame_io 1") pmk = binascii.unhexlify("c2c6c255af836bed1b3f2f1ded98e052f5ad618bb554e2836757b55854a0eab7") self.gtkie = binascii.unhexlify("dd16000fac010100dc11188831bf4aa4a8678d2b41498618") if sta_params["ocv"] != "0": self.rsne = binascii.unhexlify("30140100000fac040100000fac040100000fac028c40") else: self.rsne = binascii.unhexlify("30140100000fac040100000fac040100000fac028c00") self.dev.connect(self.ssid, raw_psk=self.psk, scan_freq=freq, wait_connect=False, **sta_params) if "country_code" in params: self.dev.wait_regdom(country_ie=True) self.addr = dev.p2p_interface_addr() # Forward msg 1/4 from AP to STA self.msg = recv_eapol(self.hapd) self.anonce = self.msg['rsn_key_nonce'] send_eapol(self.dev, self.bssid, build_eapol(self.msg)) # Capture msg 2/4 from the STA so we can derive the session keys self.msg = recv_eapol(dev) self.snonce = self.msg['rsn_key_nonce'] (ptk, self.kck, self.kek) = pmk_to_ptk(pmk, self.addr, self.bssid, self.snonce, self.anonce) self.counter = struct.unpack('>Q', self.msg['rsn_replay_counter'])[0] + 1
def test_wpa2_ocv_ap_group_hs(dev, apdev): """OCV group handshake (AP)""" params = {"channel": "1", "ieee80211w": "1", "freq": "2412", "wpa_strict_rekey": "1"} conn = APConnection(apdev[0], dev[0], params) conn.confirm_valid_oci(81, 1, 0) conn.hapd.request("SET ext_eapol_frame_io 0") dev[1].connect(conn.ssid, psk=conn.passphrase, scan_freq="2412", ocv="1", ieee80211w="1") conn.hapd.request("SET ext_eapol_frame_io 1") # Trigger a group key handshake dev[1].request("DISCONNECT") dev[0].dump_monitor() # Wait for EAPOL-Key msg 1/2 conn.msg = recv_eapol(conn.hapd) if conn.msg["rsn_key_info"] != 4994: raise Exception("Didn't receive 1/2 of group key handshake") # Send a EAPOL-Key msg 2/2 with a bad OCI logger.info("Bad OCI element") ocikde = make_ocikde(1, 1, 1) msg = build_eapol_key_2_2(conn.kck, ocikde, replay_counter=3) conn.hapd.dump_monitor() send_eapol(conn.hapd, conn.addr, build_eapol(msg)) # Wait for retransmitted EAPOL-Key msg 1/2 conn.msg = recv_eapol(conn.hapd) if conn.msg["rsn_key_info"] != 4994: raise Exception("Didn't receive 1/2 of group key handshake") # Send a EAPOL-Key msg 2/2 with a good OCI logger.info("Good OCI element") ocikde = make_ocikde(81, 1, 0) msg = build_eapol_key_2_2(conn.kck, ocikde, replay_counter=4) conn.hapd.dump_monitor() send_eapol(conn.hapd, conn.addr, build_eapol(msg)) # Verify that group key handshake has completed ev = conn.hapd.wait_event(["EAPOL-TX"], timeout=1) if ev is not None: eapol = binascii.unhexlify(ev.split(' ')[2]) msg = parse_eapol(eapol) if msg["rsn_key_info"] == 4994: raise Exception("AP didn't accept 2/2 of group key handshake")
def test_bad_oci(self, logmsg, op_class, channel, seg1_idx): logger.debug("Bad OCI element: " + logmsg) if op_class is None: ocikde = b'' else: ocikde = make_ocikde(op_class, channel, seg1_idx) reply_eapol("2/4", self.hapd, self.addr, self.msg, 0x010a, self.snonce, self.rsne + ocikde, self.kck) self.msg = recv_eapol(self.hapd) if self.anonce != self.msg['rsn_key_nonce'] or self.msg["rsn_key_info"] != 138: raise Exception("Didn't receive retransmitted 1/4")
def test_bad_oci(self, logmsg, op_class, channel, seg1_idx): logger.debug("Bad OCI element: " + logmsg) if op_class is None: ocikde = b'' else: ocikde = make_ocikde(op_class, channel, seg1_idx) reply_eapol("2/4", self.hapd, self.addr, self.msg, 0x010a, self.snonce, self.rsne + ocikde, self.kck) self.msg = recv_eapol(self.hapd) if self.anonce != self.msg['rsn_key_nonce'] or self.msg["rsn_key_info"] != 138: raise Exception("Didn't receive retransmitted 1/4")
def confirm_valid_oci(self, op_class, channel, seg1_idx): logger.debug("Valid OCI element to complete handshake") ocikde = make_ocikde(op_class, channel, seg1_idx) reply_eapol("2/4", self.hapd, self.addr, self.msg, 0x010a, self.snonce, self.rsne + ocikde, self.kck) self.msg = recv_eapol(self.hapd) if self.anonce != self.msg['rsn_key_nonce'] or self.msg["rsn_key_info"] != 5066: raise Exception("Didn't receive 3/4 in response to valid 2/4") reply_eapol("4/4", self.hapd, self.addr, self.msg, 0x030a, None, None, self.kck) self.hapd.wait_sta(timeout=15)
def confirm_valid_oci(self, op_class, channel, seg1_idx): logger.debug("Valid OCI element to complete handshake") ocikde = make_ocikde(op_class, channel, seg1_idx) reply_eapol("2/4", self.hapd, self.addr, self.msg, 0x010a, self.snonce, self.rsne + ocikde, self.kck) self.msg = recv_eapol(self.hapd) if self.anonce != self.msg['rsn_key_nonce'] or self.msg["rsn_key_info"] != 5066: raise Exception("Didn't receive 3/4 in response to valid 2/4") reply_eapol("4/4", self.hapd, self.addr, self.msg, 0x030a, None, None, self.kck) hapd_connected(self.hapd)
def __init__(self, apdev, dev, params): self.init_params() # By default, OCV is enabled for both the client and AP. The following # parameters can be used to disable OCV for the client or AP. ap_ocv = params.pop("ap_ocv", "1") sta_ocv = params.pop("sta_ocv", "1") freq = params.pop("freq") params.update( hostapd.wpa2_params(ssid=self.ssid, passphrase=self.passphrase)) params["wpa_pairwise_update_count"] = "10" params["ocv"] = ap_ocv try: self.hapd = hostapd.add_ap(apdev, params) except Exception as e: if "Failed to set hostapd parameter ocv" in str(e): raise HwsimSkip("OCV not supported") raise self.hapd.request("SET ext_eapol_frame_io 1") dev.request("SET ext_eapol_frame_io 1") self.bssid = apdev['bssid'] pmk = binascii.unhexlify( "c2c6c255af836bed1b3f2f1ded98e052f5ad618bb554e2836757b55854a0eab7") if sta_ocv != "0": self.rsne = binascii.unhexlify( "301a0100000fac040100000fac040100000fac0280400000000fac06") else: self.rsne = binascii.unhexlify( "301a0100000fac040100000fac040100000fac0280000000000fac06") self.snonce = binascii.unhexlify( '1111111111111111111111111111111111111111111111111111111111111111') dev.connect(self.ssid, raw_psk=self.psk, scan_freq=freq, ocv=sta_ocv, ieee80211w="1", wait_connect=False) if "country_code" in params: dev.wait_regdom(country_ie=True) self.addr = dev.p2p_interface_addr() # Wait for EAPOL-Key msg 1/4 from hostapd to determine when associated self.msg = recv_eapol(self.hapd) self.anonce = self.msg['rsn_key_nonce'] (ptk, self.kck, self.kek) = pmk_to_ptk(pmk, self.addr, self.bssid, self.snonce, self.anonce)
def __init__(self, apdev, dev, params): self.init_params() # By default, OCV is enabled for both the client and AP. The following # parameters can be used to disable OCV for the client or AP. ap_ocv = params.pop("ap_ocv", "1") sta_ocv = params.pop("sta_ocv", "1") freq = params.pop("freq") params.update(hostapd.wpa2_params(ssid=self.ssid, passphrase=self.passphrase)) params["wpa_pairwise_update_count"] = "10" params["ocv"] = ap_ocv try: self.hapd = hostapd.add_ap(apdev, params) except Exception as e: if "Failed to set hostapd parameter ocv" in str(e): raise HwsimSkip("OCV not supported") raise self.hapd.request("SET ext_eapol_frame_io 1") dev.request("SET ext_eapol_frame_io 1") self.bssid = apdev['bssid'] pmk = binascii.unhexlify("c2c6c255af836bed1b3f2f1ded98e052f5ad618bb554e2836757b55854a0eab7") if sta_ocv != "0": self.rsne = binascii.unhexlify("301a0100000fac040100000fac040100000fac0280400000000fac06") else: self.rsne = binascii.unhexlify("301a0100000fac040100000fac040100000fac0280000000000fac06") self.snonce = binascii.unhexlify('1111111111111111111111111111111111111111111111111111111111111111') dev.connect(self.ssid, raw_psk=self.psk, scan_freq=freq, ocv=sta_ocv, ieee80211w="1", wait_connect=False) if "country_code" in params: dev.wait_regdom(country_ie=True) self.addr = dev.p2p_interface_addr() # Wait for EAPOL-Key msg 1/4 from hostapd to determine when associated self.msg = recv_eapol(self.hapd) self.anonce = self.msg['rsn_key_nonce'] (ptk, self.kck, self.kek) = pmk_to_ptk(pmk, self.addr, self.bssid, self.snonce, self.anonce)
def test_wpa2_ocv_sta_group_hs(dev, apdev): """OCV group handshake (STA)""" params = { "channel": "1", "ieee80211w": "1", "ocv": "1", "freq": "2412", "wpa_strict_rekey": "1" } conn = STAConnection(apdev[0], dev[0], params.copy()) conn.confirm_valid_oci(81, 1, 0) # Send a EAPOL-Key msg 1/2 with a bad OCI logger.info("Bad OCI element") plain = conn.gtkie + make_ocikde(1, 1, 1) wrapped = aes_wrap(conn.kek, pad_key_data(plain)) msg = build_eapol_key_1_2(conn.kck, wrapped, replay_counter=3) send_eapol(dev[0], conn.bssid, build_eapol(msg)) # We shouldn't get a EAPOL-Key message back ev = dev[0].wait_event(["EAPOL-TX"], timeout=1) if ev is not None: raise Exception("Received response to invalid EAPOL-Key 1/2") # Reset AP to try with valid OCI conn.hapd.disable() conn = STAConnection(apdev[0], dev[0], params.copy()) conn.confirm_valid_oci(81, 1, 0) # Send a EAPOL-Key msg 1/2 with a good OCI logger.info("Good OCI element") plain = conn.gtkie + make_ocikde(81, 1, 0) wrapped = aes_wrap(conn.kek, pad_key_data(plain)) msg = build_eapol_key_1_2(conn.kck, wrapped, replay_counter=4) send_eapol(dev[0], conn.bssid, build_eapol(msg)) # Wait for EAPOL-Key msg 2/2 conn.msg = recv_eapol(dev[0]) if conn.msg["rsn_key_info"] != 0x0302: raise Exception("Didn't receive 2/2 of group key handshake")
def test_wpa2_ocv_sta_group_hs(dev, apdev): """OCV group handshake (STA)""" params = {"channel": "1", "ieee80211w": "1", "ocv": "1", "freq": "2412", "wpa_strict_rekey": "1"} conn = STAConnection(apdev[0], dev[0], params.copy()) conn.confirm_valid_oci(81, 1, 0) # Send a EAPOL-Key msg 1/2 with a bad OCI logger.info("Bad OCI element") plain = conn.gtkie + make_ocikde(1, 1, 1) wrapped = aes_wrap(conn.kek, pad_key_data(plain)) msg = build_eapol_key_1_2(conn.kck, wrapped, replay_counter=3) send_eapol(dev[0], conn.bssid, build_eapol(msg)) # We shouldn't get a EAPOL-Key message back ev = dev[0].wait_event(["EAPOL-TX"], timeout=1) if ev is not None: raise Exception("Received response to invalid EAPOL-Key 1/2") # Reset AP to try with valid OCI conn.hapd.disable() conn = STAConnection(apdev[0], dev[0], params.copy()) conn.confirm_valid_oci(81, 1, 0) # Send a EAPOL-Key msg 1/2 with a good OCI logger.info("Good OCI element") plain = conn.gtkie + make_ocikde(81, 1, 0) wrapped = aes_wrap(conn.kek, pad_key_data(plain)) msg = build_eapol_key_1_2(conn.kck, wrapped, replay_counter=4) send_eapol(dev[0], conn.bssid, build_eapol(msg)) # Wait for EAPOL-Key msg 2/2 conn.msg = recv_eapol(dev[0]) if conn.msg["rsn_key_info"] != 0x0302: raise Exception("Didn't receive 2/2 of group key handshake")