126 lines
4.9 KiB
Python
126 lines
4.9 KiB
Python
#!/usr/bin/env python3
|
|
#
|
|
# Copyright (c) 2018, The OpenThread Authors.
|
|
# All rights reserved.
|
|
#
|
|
# Redistribution and use in source and binary forms, with or without
|
|
# modification, are permitted provided that the following conditions are met:
|
|
# 1. Redistributions of source code must retain the above copyright
|
|
# notice, this list of conditions and the following disclaimer.
|
|
# 2. Redistributions in binary form must reproduce the above copyright
|
|
# notice, this list of conditions and the following disclaimer in the
|
|
# documentation and/or other materials provided with the distribution.
|
|
# 3. Neither the name of the copyright holder nor the
|
|
# names of its contributors may be used to endorse or promote products
|
|
# derived from this software without specific prior written permission.
|
|
#
|
|
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
|
|
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
|
|
# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
|
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
|
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
|
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
|
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
|
# POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
import wpan
|
|
from wpan import verify
|
|
|
|
# -----------------------------------------------------------------------------------------------------------------------
|
|
# Test description: Check insecure data transmission during joining.
|
|
|
|
test_name = __file__[:-3] if __file__.endswith('.py') else __file__
|
|
print('-' * 120)
|
|
print('Starting \'{}\''.format(test_name))
|
|
|
|
# -----------------------------------------------------------------------------------------------------------------------
|
|
# Creating `wpan.Nodes` instances
|
|
|
|
node1 = wpan.Node()
|
|
node2 = wpan.Node()
|
|
|
|
# -----------------------------------------------------------------------------------------------------------------------
|
|
# Init all nodes
|
|
|
|
wpan.Node.init_all_nodes()
|
|
|
|
# -----------------------------------------------------------------------------------------------------------------------
|
|
# Build network topology
|
|
|
|
node1.form("insec-join-test")
|
|
|
|
# -----------------------------------------------------------------------------------------------------------------------
|
|
# Test implementation
|
|
|
|
insecure_port = 1234
|
|
NUM_MSGS = 4
|
|
|
|
# Make node1 joinable and set the insecure port
|
|
node1.permit_join(duration_sec='100', port=str(insecure_port))
|
|
|
|
# Join node1 network from node2 without setting the key
|
|
node2.join_node(node1, should_set_key=False)
|
|
|
|
verify(node2.get(wpan.WPAN_STATE) == wpan.STATE_CREDENTIALS_NEEDED)
|
|
verify(node2.get(wpan.WPAN_NAME) == node1.get(wpan.WPAN_NAME))
|
|
verify(node2.get(wpan.WPAN_PANID) == node1.get(wpan.WPAN_PANID))
|
|
verify(node2.get(wpan.WPAN_XPANID) == node1.get(wpan.WPAN_XPANID))
|
|
|
|
ll1 = node1.get(wpan.WPAN_IP6_LINK_LOCAL_ADDRESS)[1:-1]
|
|
ll2 = node2.get(wpan.WPAN_IP6_LINK_LOCAL_ADDRESS)[1:-1]
|
|
|
|
# Send insecure traffic from node2 to node1 using link-local IP address
|
|
# for src/dst and insecure port number
|
|
|
|
sender = node2.prepare_tx(ll2, (ll1, insecure_port), "Hi (insecure)", NUM_MSGS)
|
|
recver = node1.prepare_rx(sender)
|
|
wpan.Node.perform_async_tx_rx()
|
|
verify(sender.was_successful)
|
|
verify(recver.was_successful)
|
|
|
|
# Get the random src port number used by node1 and ensure node2 allows
|
|
# insecure rx traffic on that port
|
|
|
|
rx_port = recver.all_rx_msg[0][1][1]
|
|
node2.permit_join(duration_sec='100', port=str(rx_port))
|
|
|
|
# Send insecure reply from node1 to node2
|
|
|
|
sender2 = node1.prepare_tx((ll1, insecure_port), (ll2, rx_port), "Hi back! (insecure)", NUM_MSGS)
|
|
recver2 = node2.prepare_rx(sender2)
|
|
wpan.Node.perform_async_tx_rx()
|
|
verify(sender2.was_successful)
|
|
verify(recver2.was_successful)
|
|
|
|
# Now node2 fully joins the network (set the network key), check all
|
|
# secure traffic exchange between the nodes
|
|
|
|
node2.set(wpan.WPAN_KEY, node1.get(wpan.WPAN_KEY)[1:-1], binary_data=True)
|
|
verify(node2.is_associated())
|
|
|
|
node1.permit_join('0')
|
|
|
|
sender = node2.prepare_tx(ll2, (ll1, insecure_port), "Hi (now secure)", NUM_MSGS)
|
|
recver = node1.prepare_rx(sender)
|
|
wpan.Node.perform_async_tx_rx()
|
|
verify(sender.was_successful)
|
|
verify(recver.was_successful)
|
|
|
|
node2.permit_join('0')
|
|
|
|
sender2 = node1.prepare_tx((ll1, insecure_port), (ll2, rx_port), "Hi back! (secure now)", NUM_MSGS)
|
|
recver2 = node2.prepare_rx(sender2)
|
|
wpan.Node.perform_async_tx_rx()
|
|
verify(sender2.was_successful)
|
|
verify(recver2.was_successful)
|
|
|
|
# -----------------------------------------------------------------------------------------------------------------------
|
|
# Test finished
|
|
|
|
wpan.Node.finalize_all_nodes()
|
|
|
|
print('\'{}\' passed.'.format(test_name))
|