| #!/usr/bin/env python3 |
| # |
| # Copyright (c) 2018, The OpenThread Authors. |
| # All rights reserved. |
| # |
| # Redistribution and use in source and binary forms, with or without |
| # modification, are permitted provided that the following conditions are met: |
| # 1. Redistributions of source code must retain the above copyright |
| # notice, this list of conditions and the following disclaimer. |
| # 2. Redistributions in binary form must reproduce the above copyright |
| # notice, this list of conditions and the following disclaimer in the |
| # documentation and/or other materials provided with the distribution. |
| # 3. Neither the name of the copyright holder nor the |
| # names of its contributors may be used to endorse or promote products |
| # derived from this software without specific prior written permission. |
| # |
| # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" |
| # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
| # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
| # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE |
| # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
| # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
| # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
| # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
| # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
| # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
| # POSSIBILITY OF SUCH DAMAGE. |
| |
| import wpan |
| from wpan import verify |
| |
| # ----------------------------------------------------------------------------------------------------------------------- |
| # Test description: Check insecure data transmission during joining. |
| |
| test_name = __file__[:-3] if __file__.endswith('.py') else __file__ |
| print('-' * 120) |
| print('Starting \'{}\''.format(test_name)) |
| |
| # ----------------------------------------------------------------------------------------------------------------------- |
| # Creating `wpan.Nodes` instances |
| |
| node1 = wpan.Node() |
| node2 = wpan.Node() |
| |
| # ----------------------------------------------------------------------------------------------------------------------- |
| # Init all nodes |
| |
| wpan.Node.init_all_nodes() |
| |
| # ----------------------------------------------------------------------------------------------------------------------- |
| # Build network topology |
| |
| node1.form("insec-join-test") |
| |
| # ----------------------------------------------------------------------------------------------------------------------- |
| # Test implementation |
| |
| insecure_port = 1234 |
| NUM_MSGS = 4 |
| |
| # Make node1 joinable and set the insecure port |
| node1.permit_join(duration_sec='100', port=str(insecure_port)) |
| |
| # Join node1 network from node2 without setting the key |
| node2.join_node(node1, should_set_key=False) |
| |
| verify(node2.get(wpan.WPAN_STATE) == wpan.STATE_CREDENTIALS_NEEDED) |
| verify(node2.get(wpan.WPAN_NAME) == node1.get(wpan.WPAN_NAME)) |
| verify(node2.get(wpan.WPAN_PANID) == node1.get(wpan.WPAN_PANID)) |
| verify(node2.get(wpan.WPAN_XPANID) == node1.get(wpan.WPAN_XPANID)) |
| |
| ll1 = node1.get(wpan.WPAN_IP6_LINK_LOCAL_ADDRESS)[1:-1] |
| ll2 = node2.get(wpan.WPAN_IP6_LINK_LOCAL_ADDRESS)[1:-1] |
| |
| # Send insecure traffic from node2 to node1 using link-local IP address |
| # for src/dst and insecure port number |
| |
| sender = node2.prepare_tx(ll2, (ll1, insecure_port), "Hi (insecure)", NUM_MSGS) |
| recver = node1.prepare_rx(sender) |
| wpan.Node.perform_async_tx_rx() |
| verify(sender.was_successful) |
| verify(recver.was_successful) |
| |
| # Get the random src port number used by node1 and ensure node2 allows |
| # insecure rx traffic on that port |
| |
| rx_port = recver.all_rx_msg[0][1][1] |
| node2.permit_join(duration_sec='100', port=str(rx_port)) |
| |
| # Send insecure reply from node1 to node2 |
| |
| sender2 = node1.prepare_tx((ll1, insecure_port), (ll2, rx_port), "Hi back! (insecure)", NUM_MSGS) |
| recver2 = node2.prepare_rx(sender2) |
| wpan.Node.perform_async_tx_rx() |
| verify(sender2.was_successful) |
| verify(recver2.was_successful) |
| |
| # Now node2 fully joins the network (set the network key), check all |
| # secure traffic exchange between the nodes |
| |
| node2.set(wpan.WPAN_KEY, node1.get(wpan.WPAN_KEY)[1:-1], binary_data=True) |
| verify(node2.is_associated()) |
| |
| node1.permit_join('0') |
| |
| sender = node2.prepare_tx(ll2, (ll1, insecure_port), "Hi (now secure)", NUM_MSGS) |
| recver = node1.prepare_rx(sender) |
| wpan.Node.perform_async_tx_rx() |
| verify(sender.was_successful) |
| verify(recver.was_successful) |
| |
| node2.permit_join('0') |
| |
| sender2 = node1.prepare_tx((ll1, insecure_port), (ll2, rx_port), "Hi back! (secure now)", NUM_MSGS) |
| recver2 = node2.prepare_rx(sender2) |
| wpan.Node.perform_async_tx_rx() |
| verify(sender2.was_successful) |
| verify(recver2.was_successful) |
| |
| # ----------------------------------------------------------------------------------------------------------------------- |
| # Test finished |
| |
| wpan.Node.finalize_all_nodes() |
| |
| print('\'{}\' passed.'.format(test_name)) |