Google Git
Sign in
fuchsia / third_party / openthread / 7cd73f30a4fa60928a53d048e0c6dff246e4f67a / . / tests / scripts / thread-cert / Cert_9_2_11_NetworkKey.py
blob: 514f5b33d3bd51d533bf4293b48f5c0e3ad476cc [file] [log] [blame]
#!/usr/bin/env python3
#
# Copyright (c) 2016, The OpenThread Authors.
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
# 3. Neither the name of the copyright holder nor the
# names of its contributors may be used to endorse or promote products
# derived from this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.
#
import unittest
import config
import thread_cert
from pktverify.consts import MLE_PARENT_REQUEST, MLE_DATA_RESPONSE, MLE_DATA_REQUEST, MGMT_PENDING_SET_URI, SOURCE_ADDRESS_TLV, LEADER_DATA_TLV, ACTIVE_OPERATION_DATASET_TLV, ACTIVE_TIMESTAMP_TLV, PENDING_TIMESTAMP_TLV, TLV_REQUEST_TLV, NETWORK_DATA_TLV, NM_BORDER_AGENT_LOCATOR_TLV, NM_COMMISSIONER_SESSION_ID_TLV, NM_DELAY_TIMER_TLV, PENDING_OPERATION_DATASET_TLV, NWD_COMMISSIONING_DATA_TLV
from pktverify.packet_verifier import PacketVerifier
from pktverify.null_field import nullField
KEY1 = '00112233445566778899aabbccddeeff'
KEY2 = 'ffeeddccbbaa99887766554433221100'
CHANNEL_INIT = 19
PANID_INIT = 0xface
COMMISSIONER = 1
LEADER = 2
ROUTER1 = 3
ED1 = 4
SED1 = 5
# Test Purpose and Description:
# -----------------------------
# The purpose of this test case is to confirm the DUT correctly applies
# DELAY_TIMER_DEFAULT when the network key is changed.
# The Commissioner first tries to set a network key update to happen too
# soon (delay of 60s vs DELAY_TIMER_DEFAULT of 300s); the DUT is expected
# to override the short value and communicate an appropriately longer delay
# to the Router.
# The Commissioner then sets a delay time longer than default; the DUT is
# validated to not artificially clamp the longer time back to the
# DELAY_TIMER_DEFAULT value.
#
# Test Topology:
# -------------
# Commissioner
# |
# Leader
# |
# Router
# / \
# ED SED
#
# DUT Types:
# ----------
# Leader
class Cert_9_2_11_NetworkKey(thread_cert.TestCase):
USE_MESSAGE_FACTORY = False
SUPPORT_NCP = False
TOPOLOGY = {
COMMISSIONER: {
'name': 'COMMISSIONER',
'active_dataset': {
'timestamp': 10,
'panid': PANID_INIT,
'channel': CHANNEL_INIT,
'network_key': KEY1
},
'mode': 'rdn',
'allowlist': [LEADER]
},
LEADER: {
'name': 'LEADER',
'active_dataset': {
'timestamp': 10,
'panid': PANID_INIT,
'channel': CHANNEL_INIT,
'network_key': KEY1
},
'mode': 'rdn',
'allowlist': [COMMISSIONER, ROUTER1]
},
ROUTER1: {
'name': 'ROUTER',
'active_dataset': {
'timestamp': 10,
'panid': PANID_INIT,
'channel': CHANNEL_INIT,
'network_key': KEY1
},
'mode': 'rdn',
'allowlist': [LEADER, ED1, SED1]
},
ED1: {
'name': 'ED',
'channel': CHANNEL_INIT,
'is_mtd': True,
'networkkey': KEY1,
'mode': 'rn',
'panid': PANID_INIT,
'allowlist': [ROUTER1]
},
SED1: {
'name': 'SED',
'channel': CHANNEL_INIT,
'is_mtd': True,
'networkkey': KEY1,
'mode': '-',
'panid': PANID_INIT,
'timeout': config.DEFAULT_CHILD_TIMEOUT,
'allowlist': [ROUTER1]
},
}
def test(self):
self.nodes[LEADER].start()
self.simulator.go(5)
self.assertEqual(self.nodes[LEADER].get_state(), 'leader')
self.nodes[COMMISSIONER].start()
self.simulator.go(5)
self.assertEqual(self.nodes[COMMISSIONER].get_state(), 'router')
self.nodes[COMMISSIONER].commissioner_start()
self.simulator.go(3)
self.nodes[ROUTER1].start()
self.simulator.go(5)
self.assertEqual(self.nodes[ROUTER1].get_state(), 'router')
self.nodes[ED1].start()
self.simulator.go(5)
self.assertEqual(self.nodes[ED1].get_state(), 'child')
self.nodes[SED1].start()
self.simulator.go(5)
self.assertEqual(self.nodes[SED1].get_state(), 'child')
self.collect_rlocs()
self.collect_ipaddrs()
self.nodes[COMMISSIONER].send_mgmt_pending_set(
pending_timestamp=10,
active_timestamp=70,
delay_timer=60000,
network_key=KEY2,
)
self.simulator.go(310)
self.assertEqual(self.nodes[COMMISSIONER].get_networkkey(), KEY2)
self.assertEqual(self.nodes[LEADER].get_networkkey(), KEY2)
self.assertEqual(self.nodes[ROUTER1].get_networkkey(), KEY2)
self.assertEqual(self.nodes[ED1].get_networkkey(), KEY2)
self.assertEqual(self.nodes[SED1].get_networkkey(), KEY2)
ipaddr = self.nodes[LEADER].get_ip6_address(config.ADDRESS_TYPE.ML_EID)
self.assertTrue(self.nodes[ROUTER1].ping(ipaddr))
self.nodes[COMMISSIONER].send_mgmt_pending_set(
pending_timestamp=20,
active_timestamp=30,
delay_timer=500000,
network_key=KEY1,
)
self.simulator.go(510)
self.assertEqual(self.nodes[COMMISSIONER].get_networkkey(), KEY1)
self.assertEqual(self.nodes[LEADER].get_networkkey(), KEY1)
self.assertEqual(self.nodes[ROUTER1].get_networkkey(), KEY1)
self.assertEqual(self.nodes[ED1].get_networkkey(), KEY1)
self.assertEqual(self.nodes[SED1].get_networkkey(), KEY1)
ipaddr = self.nodes[LEADER].get_ip6_address(config.ADDRESS_TYPE.ML_EID)
self.assertTrue(self.nodes[ROUTER1].ping(ipaddr))
def verify(self, pv):
pkts = pv.pkts
pv.summary.show()
LEADER = pv.vars['LEADER']
LEADER_MLEID = pv.vars['LEADER_MLEID']
COMMISSIONER = pv.vars['COMMISSIONER']
COMMISSIONER_RLOC = pv.vars['COMMISSIONER_RLOC']
ROUTER = pv.vars['ROUTER']
ROUTER_MLEID = pv.vars['ROUTER_MLEID']
ED = pv.vars['ED']
SED = pv.vars['SED']
# Step 1: Ensure the topology is formed correctly
for node in ('COMMISSIONER', 'ROUTER'):
pv.verify_attached(node, 'LEADER')
for node in ('ED', 'SED'):
pv.verify_attached(node, 'ROUTER', 'MTD')
_pkt = pkts.last()
# Step 3: Leader sends MGMT_PENDING_SET.rsq to the Commissioner:
# CoAP Response Code
# 2.04 Changed
# CoAP Payload
# - State TLV (value = Accept)
#
# Leader MUST multicast MLE Data Response with the new network data,
# including the following TLVs:
# - Leader Data TLV:
# Data Version field incremented
# Stable Version field incremented
# - Network Data TLV:
# - Commissioner Data TLV:
# Stable flag set to 0
# Border Agent Locator TLV
# Commissioner Session ID TLV
# - Active Timestamp TLV: 10s
# - Pending Timestamp TLV: 20s
pkts.filter_coap_ack(MGMT_PENDING_SET_URI).\
filter_wpan_src64(LEADER).\
filter_ipv6_dst(COMMISSIONER_RLOC).\
must_next().\
must_verify(lambda p: p.thread_meshcop.tlv.state == 1)
pkts.filter_mle_cmd(MLE_DATA_RESPONSE).\
filter_wpan_src64(LEADER).\
filter_LLANMA().\
filter(lambda p: p.mle.tlv.active_tstamp == 10 and\
p.mle.tlv.pending_tstamp == 10 and\
(p.mle.tlv.leader_data.data_version -
_pkt.mle.tlv.leader_data.data_version) % 256 <= 127 and\
(p.mle.tlv.leader_data.stable_data_version -
_pkt.mle.tlv.leader_data.stable_data_version) % 256 <= 127 and\
p.thread_nwd.tlv.stable == [0] and\
NWD_COMMISSIONING_DATA_TLV in p.thread_nwd.tlv.type and\
NM_COMMISSIONER_SESSION_ID_TLV in p.thread_meshcop.tlv.type and\
NM_BORDER_AGENT_LOCATOR_TLV in p.thread_meshcop.tlv.type
).\
must_next()
# Step 5: Leader sends a MLE Data Response to Router including the following TLVs:
# - Source Address TLV
# - Leader Data TLV
# - Network Data TLV
# - Commissioner Data TLV:
# Stable flag set to 0
# Border Agent Locator TLV
# Commissioner Session ID TLV
# - Active Timestamp TLV
# - Pending Timestamp TLV
# - Pending Operational Dataset TLV
# - Delay Timer TLV <greater than 200s>
# - Network Key TLV: New Network Key
# - Active Timestamp TLV <70s>
_dr_pkt = pkts.filter_mle_cmd(MLE_DATA_RESPONSE).\
filter_wpan_src64(LEADER).\
filter_wpan_dst64(ROUTER).\
filter(lambda p: {
SOURCE_ADDRESS_TLV,
LEADER_DATA_TLV,
ACTIVE_TIMESTAMP_TLV,
PENDING_TIMESTAMP_TLV,
PENDING_OPERATION_DATASET_TLV
} <= set(p.mle.tlv.type) and\
p.thread_nwd.tlv.stable == [0] and\
NWD_COMMISSIONING_DATA_TLV in p.thread_nwd.tlv.type and\
NM_COMMISSIONER_SESSION_ID_TLV in p.thread_meshcop.tlv.type and\
NM_BORDER_AGENT_LOCATOR_TLV in p.thread_meshcop.tlv.type and\
p.thread_meshcop.tlv.delay_timer > 200000 and\
p.thread_meshcop.tlv.master_key == KEY2 and\
p.thread_meshcop.tlv.active_tstamp == 70
).\
must_next()
# Step 8: Verify all devices now use New Network key.
# checked in test()
# Step 9: Verify new MAC key is generated and used when sending ICMPv6 Echo Reply
# is received.
_pkt = pkts.filter_ping_request().\
filter_wpan_src64(ROUTER).\
filter_ipv6_dst(LEADER_MLEID).\
must_next()
pkts.filter_ping_reply(identifier=_pkt.icmpv6.echo.identifier).\
filter_wpan_src64(LEADER).\
filter_ipv6_dst(ROUTER_MLEID).\
must_next()
# Step 11: Leader sends MGMT_PENDING_SET.rsq to the Commissioner:
# CoAP Response Code
# 2.04 Changed
# CoAP Payload
# - State TLV (value = Accept)
#
# Leader MUST multicast MLE Data Response with the new network data,
# including the following TLVs:
# - Leader Data TLV:
# Data Version field incremented
# Stable Version field incremented
# - Network Data TLV:
# - Commissioner Data TLV:
# Stable flag set to 0
# Border Agent Locator TLV
# Commissioner Session ID TLV
# - Active Timestamp TLV: 70s
# - Pending Timestamp TLV: 20s
pkts.filter_coap_ack(MGMT_PENDING_SET_URI).\
filter_wpan_src64(LEADER).\
filter_ipv6_dst(COMMISSIONER_RLOC).\
must_next().\
must_verify(lambda p: p.thread_meshcop.tlv.state == 1)
pkts.filter_mle_cmd(MLE_DATA_RESPONSE).\
filter_wpan_src64(LEADER).\
filter_LLANMA().\
filter(lambda p: p.mle.tlv.active_tstamp == 70 and\
p.mle.tlv.pending_tstamp == 20 and\
(p.mle.tlv.leader_data.data_version -
_dr_pkt.mle.tlv.leader_data.data_version) % 256 <= 127 and\
(p.mle.tlv.leader_data.stable_data_version -
_dr_pkt.mle.tlv.leader_data.stable_data_version) % 256 <= 127 and\
p.thread_nwd.tlv.stable == [0] and\
NWD_COMMISSIONING_DATA_TLV in p.thread_nwd.tlv.type and\
NM_COMMISSIONER_SESSION_ID_TLV in p.thread_meshcop.tlv.type and\
NM_BORDER_AGENT_LOCATOR_TLV in p.thread_meshcop.tlv.type
).\
must_next()
# Step 13: Leader sends a MLE Data Response to Router including the following TLVs:
# - Source Address TLV
# - Leader Data TLV
# - Network Data TLV
# - Commissioner Data TLV:
# Stable flag set to 0
# Border Agent Locator TLV
# Commissioner Session ID TLV
# - Active Timestamp TLV <70s>
# - Pending Timestamp TLV <20s>
# - Pending Operational Dataset TLV
# - Active Timestamp TLV <30s>
# - Delay Timer TLV <greater than 300s>
# - Network Key TLV: New Network Key
pkts.filter_mle_cmd(MLE_DATA_RESPONSE).\
filter_wpan_src64(LEADER).\
filter_wpan_dst64(ROUTER).\
filter(lambda p: {
SOURCE_ADDRESS_TLV,
LEADER_DATA_TLV,
ACTIVE_TIMESTAMP_TLV,
PENDING_TIMESTAMP_TLV,
PENDING_OPERATION_DATASET_TLV
} <= set(p.mle.tlv.type) and\
p.thread_nwd.tlv.stable == [0] and\
NWD_COMMISSIONING_DATA_TLV in p.thread_nwd.tlv.type and\
NM_COMMISSIONER_SESSION_ID_TLV in p.thread_meshcop.tlv.type and\
NM_BORDER_AGENT_LOCATOR_TLV in p.thread_meshcop.tlv.type and\
p.mle.tlv.active_tstamp == 70 and\
p.mle.tlv.pending_tstamp == 20 and\
p.thread_meshcop.tlv.delay_timer > 300000 and\
p.thread_meshcop.tlv.master_key == KEY1 and\
p.thread_meshcop.tlv.active_tstamp == 30
).\
must_next()
# Step 17: The DUT MUST send an ICMPv6 Echo Reply using the new Network key
_pkt = pkts.filter_ping_request().\
filter_wpan_src64(ROUTER).\
filter_ipv6_dst(LEADER_MLEID).\
must_next()
pkts.filter_ping_reply(identifier=_pkt.icmpv6.echo.identifier).\
filter_wpan_src64(LEADER).\
filter_ipv6_dst(ROUTER_MLEID).\
must_next()
if __name__ == '__main__':
unittest.main()