DPP-WPA2-LEGACY - Hostapd Enrollee - Supplicant Configurator
DPP-WPA2-LEGACY (AP as Enrollee and STA as Configurator) frame exchange
Wi-Fi Device Provisioning Protocol (DPP) is a replacement of the Wi-Fi Protected Setup (WPS). With DPP, devices can be authenticated to join a network without a password through various means, including QR codes or NFC tags. this is not simply a mechanism for communicating the password but rather it is a way for devices to perform mutual authentication without a password.
The following is a resprestaion of DPP-WPA2-LEGACY (AP as Enrollee and STA as Configurator) handshake
Hostpad(AP-Enrollee) wpa_supplicant(STA-Configurator)
|<<-----------------------DPP_Auth_Req-----------------------|
|-------------------------DPP_Auth_Resp-------------------->>|
|<<-----------------------DPP_Auth_Confirm-------------------|
|-------------------------DPP_Config_Req------------------->>|
|<<-----------------------DPP_Config_Resp--------------------|
|<<-----------------------Auth_Req---------------------------|
|-------------------------Auth_Resp------------------------>>|
|<<-----------------------Assoc_Req--------------------------|
|-------------------------Assoc_Resp----------------------->>|
|-------------------------EAPOL-M1------------------------->>|
|<<-----------------------EAPOL-M2---------------------------|
|-------------------------EAPOL-M3------------------------->>|
|<<-----------------------EAPOL-M4---------------------------|
Test bed
Inorder to execute below practical example, two Linux machines are needed with ubuntu version >= 16.04.
- Check the Ubuntu version on your machine. Ubuntu version used for in this site is 20.04
wpa_supplicant compilation
The daemon process that runs in the client stations. It implements WPA key negotiation with a WPA Authenticator and EAP authentication with Authentication Server. In addition, it controls the roaming and IEEE 802.11 authentication/association of the wireless LAN driver. Following are the steps to download and compiling wpa_supplicant from source code
- Download latest wpa_supplicant
- Install required packages
- below messages indicate that packages are installed successfully
- Extract the tar file
- Go to wpa_supplicant directory
- Copy the default configuration into .conf file
- Enable below configs in .config
- Build the wpa_supplicant
Below is the list of files compiled based on the features enabled in “.config”
CC config.c CC notify.c CC bss.c CC eap_register.c CC ../src/utils/common.c CC ../src/utils/wpa_debug.c CC ../src/utils/wpabuf.c CC ../src/utils/bitfield.c CC op_classes.c CC rrm.c CC wmm_ac.c CC ../src/utils/os_unix.c CC ../src/utils/eloop.c CC config_file.c CC ../src/rsn_supp/wpa_ft.c CC ../src/common/sae.c CC ../src/common/dpp.c CC dpp_supplicant.c CC ../src/rsn_supp/wpa.c CC ../src/rsn_supp/preauth.c CC ../src/rsn_supp/pmksa_cache.c CC ../src/rsn_supp/wpa_ie.c CC ../src/common/wpa_common.c CC ibss_rsn.c CC p2p_supplicant.c CC p2p_supplicant_sd.c CC ../src/p2p/p2p.c CC ../src/p2p/p2p_utils.c CC ../src/p2p/p2p_parse.c CC ../src/p2p/p2p_build.c CC ../src/p2p/p2p_go_neg.c CC ../src/p2p/p2p_sd.c CC ../src/p2p/p2p_pd.c CC ../src/p2p/p2p_invitation.c CC ../src/p2p/p2p_dev_disc.c CC ../src/p2p/p2p_group.c CC ../src/ap/p2p_hostapd.c CC wifi_display.c CC hs20_supplicant.c CC interworking.c CC ../src/eap_peer/eap_tls.c CC ../src/eap_peer/eap_peap.c CC ../src/eap_common/eap_peap_common.c CC ../src/eap_peer/eap_ttls.c CC ../src/eap_peer/eap_md5.c CC ../src/eap_peer/eap_mschapv2.c CC ../src/eap_peer/mschapv2.c CC ../src/eap_peer/eap_gtc.c CC ../src/eap_peer/eap_otp.c CC ../src/eap_peer/eap_leap.c CC ../src/eap_peer/eap_fast.c CC ../src/eap_peer/eap_fast_pac.c CC ../src/eap_common/eap_fast_common.c CC ../src/eap_peer/eap_pax.c CC ../src/eap_common/eap_pax_common.c CC ../src/eap_peer/eap_sake.c CC ../src/eap_common/eap_sake_common.c CC ../src/eap_peer/eap_gpsk.c CC ../src/eap_common/eap_gpsk_common.c CC ../src/eap_peer/eap_pwd.c CC ../src/eap_common/eap_pwd_common.c CC wps_supplicant.c CC ../src/utils/uuid.c CC ../src/eap_peer/eap_wsc.c CC ../src/eap_common/eap_wsc_common.c CC ../src/wps/wps.c CC ../src/wps/wps_common.c CC ../src/wps/wps_attr_parse.c CC ../src/wps/wps_attr_build.c CC ../src/wps/wps_attr_process.c CC ../src/wps/wps_dev_attr.c CC ../src/wps/wps_enrollee.c CC ../src/wps/wps_registrar.c CC ../src/eap_peer/eap_ikev2.c CC ../src/eap_peer/ikev2.c CC ../src/eap_common/eap_ikev2_common.c CC ../src/eap_common/ikev2_common.c CC ../src/eap_peer/eap_tnc.c CC ../src/eap_peer/tncc.c CC ../src/eapol_supp/eapol_supp_sm.c CC ../src/eap_peer/eap.c CC ../src/eap_peer/eap_methods.c CC ap.c CC ../src/ap/hostapd.c CC ../src/ap/wpa_auth_glue.c CC ../src/ap/utils.c CC ../src/ap/authsrv.c CC ../src/ap/ap_config.c CC ../src/utils/ip_addr.c CC ../src/ap/sta_info.c CC ../src/ap/tkip_countermeasures.c CC ../src/ap/ap_mlme.c CC ../src/ap/ieee802_1x.c CC ../src/eapol_auth/eapol_auth_sm.c CC ../src/ap/ieee802_11_auth.c CC ../src/ap/ieee802_11_shared.c CC ../src/ap/drv_callbacks.c CC ../src/ap/ap_drv_ops.c CC ../src/ap/beacon.c CC ../src/ap/bss_load.c CC ../src/ap/eap_user_db.c CC ../src/ap/neighbor_db.c CC ../src/ap/rrm.c CC ../src/ap/ieee802_11_ht.c CC ../src/ap/ieee802_11_vht.c CC ../src/ap/ctrl_iface_ap.c CC ../src/eap_server/eap_server.c CC ../src/eap_server/eap_server_identity.c CC ../src/eap_server/eap_server_methods.c CC ../src/ap/wmm.c CC ../src/ap/ap_list.c CC ../src/ap/ieee802_11.c CC ../src/ap/hw_features.c CC ../src/ap/dfs.c CC ../src/ap/wps_hostapd.c CC ../src/eap_server/eap_server_wsc.c CC ../src/ap/dpp_hostapd.c CC ../src/ap/gas_query_ap.c CC ../src/ap/gas_serv.c CC ../src/ap/hs20.c CC ../src/ap/wpa_auth.c CC ../src/ap/wpa_auth_ie.c CC ../src/ap/pmksa_cache_auth.c CC ../src/common/dragonfly.c CC ../src/crypto/ms_funcs.c CC ../src/eap_common/chap.c CC ../src/eap_peer/eap_tls_common.c CC ../src/crypto/tls_openssl.c CC ../src/crypto/tls_openssl_ocsp.c CC ../src/crypto/crypto_openssl.c CC ../src/crypto/aes-siv.c CC ../src/crypto/aes-ctr.c CC ../src/crypto/aes-omac1.c CC ../src/crypto/sha256-kdf.c CC ../src/crypto/sha384-kdf.c CC ../src/crypto/sha512-kdf.c CC ../src/crypto/sha256-prf.c CC ../src/crypto/sha256-tlsprf.c CC ../src/crypto/sha384-prf.c CC ../src/crypto/sha512-prf.c CC ../src/crypto/dh_groups.c CC ../src/crypto/random.c CC ../src/common/ctrl_iface_common.c CC ctrl_iface.c CC ctrl_iface_unix.c CC dbus/dbus_dict_helpers.c CC dbus/dbus_new_helpers.c dbus/dbus_new.c: In function ‘wpas_dbus_unregister_p2p_group’: dbus/dbus_new.c:4793:3: warning: ‘%s’ directive argument is null [-Wformat-overflow=] 4793 | wpa_printf(MSG_DEBUG, | ^~~~~~~~~~~~~~~~~~~~~ 4794 | "%s: Group object '%s' already unregistered", | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 4795 | __func__, wpa_s->dbus_groupobj_path); | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ CC dbus/dbus_new.c CC dbus/dbus_new_handlers.c CC dbus/dbus_common.c CC dbus/dbus_new_handlers_wps.c CC dbus/dbus_new_handlers_p2p.c CC dbus/dbus_new_introspect.c CC ../src/utils/base64.c CC sme.c CC ../src/common/ieee802_11_common.c CC ../src/common/hw_features_common.c CC ../src/eap_common/eap_common.c CC ../src/crypto/sha1-prf.c CC ../src/crypto/sha1-tprf.c CC ../src/crypto/sha1-tlsprf.c CC bgscan_simple.c CC bgscan.c CC ../src/common/gas_server.c CC ../src/common/gas.c CC gas_query.c CC offchannel.c CC ../src/utils/json.c CC ../src/drivers/driver_common.c CC wpa_supplicant.c CC events.c CC blacklist.c CC wpas_glue.c CC scan.c CC main.c CC ../src/drivers/driver_wired.c CC ../src/drivers/driver_wired_common.c CC ../src/drivers/driver_nl80211.c CC ../src/drivers/driver_nl80211_capa.c CC ../src/drivers/driver_nl80211_event.c CC ../src/drivers/driver_nl80211_monitor.c CC ../src/drivers/driver_nl80211_scan.c CC ../src/drivers/netlink.c CC ../src/drivers/linux_ioctl.c CC ../src/drivers/rfkill.c CC ../src/utils/radiotap.c CC ../src/drivers/driver_wext.c CC ../src/drivers/drivers.c CC ../src/l2_packet/l2_packet_linux.c LD wpa_supplicant CC wpa_cli.c CC ../src/common/wpa_ctrl.c CC ../src/common/cli.c CC ../src/utils/edit_simple.c LD wpa_cli LD wpa_passphrase
- Install the compiled commands (optional)
hostapd compilation
The hostapd is a user space daemon for access point and authentication servers. It implements IEEE 802.11 access point management, IEEE 802.1X/WPA/WPA2/EAP Authenticators, RADIUS client, EAP server, and RADIUS authentication server. Following are the steps to download and compiling hostapd from source code
- Download latest hostapd
- Install required packages
- below messages indicate that packages are installed successfully
- Extract the tar file
- Go to Hostapd directory
- Copy the default configuration into .conf file
- Enable below configs in .config
- Build the Hostapd
Below is the list of files compiled based on the features enabled in “.config”
CC main.c CC config_file.c CC ../src/ap/hostapd.c CC ../src/ap/wpa_auth_glue.c CC ../src/ap/drv_callbacks.c CC ../src/ap/ap_drv_ops.c CC ../src/ap/utils.c CC ../src/ap/authsrv.c CC ../src/ap/ieee802_1x.c CC ../src/ap/ap_config.c CC ../src/ap/eap_user_db.c CC ../src/ap/ieee802_11_auth.c CC ../src/ap/sta_info.c CC ../src/ap/wpa_auth.c CC ../src/ap/tkip_countermeasures.c CC ../src/ap/ap_mlme.c CC ../src/ap/wpa_auth_ie.c CC ../src/ap/preauth_auth.c CC ../src/ap/pmksa_cache_auth.c CC ../src/ap/ieee802_11_shared.c CC ../src/ap/beacon.c CC ../src/ap/bss_load.c CC ../src/ap/neighbor_db.c CC ../src/ap/rrm.c CC ../src/drivers/drivers.c CC ../src/utils/eloop.c CC ../src/utils/common.c CC ../src/utils/wpa_debug.c CC ../src/utils/wpabuf.c CC ../src/utils/os_unix.c CC ../src/utils/ip_addr.c CC ../src/common/ieee802_11_common.c CC ../src/common/wpa_common.c CC ../src/common/hw_features_common.c CC ../src/eapol_auth/eapol_auth_sm.c CC ../src/eapol_auth/eapol_auth_dump.c CC ../src/radius/radius.c CC ../src/radius/radius_client.c CC ../src/radius/radius_das.c CC ../src/ap/accounting.c CC ../src/ap/vlan_init.c CC ../src/ap/vlan_ifconfig.c CC ../src/ap/vlan.c CC ../src/common/ctrl_iface_common.c CC ctrl_iface.c CC ../src/ap/ctrl_iface_ap.c CC ../src/ap/iapp.c CC ../src/common/sae.c CC ../src/drivers/driver_hostap.c CC ../src/drivers/driver_nl80211.c CC ../src/drivers/driver_nl80211_capa.c CC ../src/drivers/driver_nl80211_event.c CC ../src/drivers/driver_nl80211_monitor.c CC ../src/drivers/driver_nl80211_scan.c CC ../src/drivers/netlink.c CC ../src/drivers/linux_ioctl.c CC ../src/drivers/rfkill.c CC ../src/utils/radiotap.c CC ../src/l2_packet/l2_packet_linux.c CC ../src/eap_server/eap_server_md5.c CC ../src/eap_server/eap_server_tls.c CC ../src/eap_server/eap_server_peap.c CC ../src/eap_common/eap_peap_common.c CC ../src/eap_server/eap_server_ttls.c CC ../src/eap_server/eap_server_mschapv2.c CC ../src/eap_server/eap_server_gtc.c CC ../src/utils/uuid.c CC ../src/ap/wps_hostapd.c CC ../src/eap_server/eap_server_wsc.c CC ../src/eap_common/eap_wsc_common.c CC ../src/wps/wps.c CC ../src/wps/wps_common.c CC ../src/wps/wps_attr_parse.c CC ../src/wps/wps_attr_build.c CC ../src/wps/wps_attr_process.c CC ../src/wps/wps_dev_attr.c CC ../src/wps/wps_enrollee.c CC ../src/wps/wps_registrar.c CC eap_register.c CC ../src/eap_server/eap_server.c CC ../src/eap_common/eap_common.c CC ../src/eap_server/eap_server_methods.c CC ../src/eap_server/eap_server_identity.c CC ../src/common/dragonfly.c CC ../src/crypto/ms_funcs.c CC ../src/eap_common/chap.c CC ../src/eap_server/eap_server_tls_common.c CC ../src/crypto/tls_openssl.c CC ../src/crypto/tls_openssl_ocsp.c CC ../src/crypto/crypto_openssl.c CC ../src/crypto/aes-omac1.c CC ../src/crypto/sha1-prf.c CC ../src/crypto/sha1-tlsprf.c CC ../src/crypto/sha256-prf.c CC ../src/crypto/sha256-tlsprf.c CC ../src/crypto/sha256-kdf.c CC ../src/crypto/dh_groups.c CC ../src/crypto/random.c CC ../src/utils/base64.c CC ../src/ap/wmm.c CC ../src/ap/ap_list.c CC ../src/ap/ieee802_11.c CC ../src/ap/hw_features.c CC ../src/ap/dfs.c CC ../src/common/gas.c CC ../src/ap/gas_serv.c CC ../src/drivers/driver_common.c LD hostapd CC hostapd_cli.c CC ../src/common/wpa_ctrl.c CC ../src/common/cli.c CC ../src/utils/edit_simple.c LD hostapd_cli
- Install the compiled commands (optional)
Running hostapd
Check if wifi interface with the name “wlan0” is available. This is created on boot up of the ubuntu machine or by installing wifi driver manually
$ iwconfig wlan0 IEEE 802.11 ESSID:off/any Mode:Managed Access Point: Not-Associated Tx-Power=20 dBm Retry short limit:7 RTS thr:off Fragment thr:off Power Management:on $ iw dev phy#1 Interface wlan0 ifindex 5 wdev 0x100000001 addr 02:00:00:00:00:00 type managed txpower 20.00 dBm
- Create a hostapd.conf file in /etc/hostapd/ folder with below content
Copy below content
interface=wlan0 driver=nl80211 ctrl_interface=/var/run/hostapd ssid=test channel=6 wpa=2 wpa_key_mgmt=WPA-PSK WPA-PSK-SHA256 DPP ieee80211w=1 wpa_passphrase=passwordpasswordpassword wpa_pairwise=CCMP rsn_pairwise=CCMP
- Go to hostapd directory
- Run hostapd by issuing follwing command
Below log messages are seen on console after running hostapd
Configuration file: /etc/hostapd/hostapd.conf Using interface wlan0 with hwaddr 02:00:00:00:00:00 and ssid "test" wlan0: interface state UNINITIALIZED->ENABLED wlan0: AP-ENABLEDMode of “wlan0” interface is now assigned as “AP/Master”. Check this by querying information via iwconfig/iw command
$ iwconfig wlan0 IEEE 802.11 Mode:Master Tx-Power=20 dBm Retry short limit:7 RTS thr:off Fragment thr:off Power Management:on $ iw dev phy#1 Interface wlan0 ifindex 5 wdev 0x100000001 addr 02:00:00:00:00:00 ssid test type AP channel 6 (2437 MHz), width: 20 MHz (no HT), center1: 2437 MHz txpower 20.00 dBm
Running wpa_supplicant
- Check if wifi interface with the name “wlan1” is available. This is created on boot up of the ubuntu machine or by installing wifi driver manually
$ iwconfig wlan1 IEEE 802.11 ESSID:off/any Mode:Managed Access Point: Not-Associated Tx-Power=20 dBm Retry short limit:7 RTS thr:off Fragment thr:off Power Management:on $ iw dev phy#2 Interface wlan1 ifindex 6 wdev 0x200000001 addr 02:00:00:00:01:00 type managed txpower 20.00 dBm
- Go to wpa_supplicant directory
Create wpa_supplicant.conf file with following network block contents
delete all existing content and copy below content
ctrl_interface=DIR=/var/run/wpa_supplicant update_config=1 ctrl_interface_group=0 pmf=2 dpp_config_processing=2
- Run wpa_supplicant
Syntax : Sequence of commands
Steps |
AP (hostapd_cli) |
Station (wpa_cli) |
|---|---|---|
Step 1 |
> dpp_configurator_add
> returns <CONFIGURATOR_ID>
* Note : Use the returned <CONFIGURATOR_ID> in step2
|
|
Step 2 |
> dpp_configurator_get_key <CONFIGURATOR_ID>
> returns <KEY_ENROLLEE>
* Note : Use the returned <KEY_ENROLLEE> in step3
|
|
Step 3 |
> dpp_bootstrap_gen type=qrcode \
mac=<MAC_OF_ENROLLEE> \
chan=<operating-class/channel of the configurator> \
key=<KEY_ENROLLEE>
> returns <BOOT_STRAPPING_INFO_ID>
* Note :
1. <KEY_ENROLLEE> is derived from step2
2. Use <BOOT_STRAPPING_INFO_ID> in step4
3. <MAC_OF_ENROLEE> is derived using ifconfig command on enrollee
|
|
Step 4 |
Get URI for the QR Code
> dpp_bootstrap_get_uri <BOOT_STRAPPING_INFO_ID>
> returns <URI_OF_QR_CODE>
* Note :
1. <BOOT_STRAPPING_INFO_ID> is derived from step3
2. Use <URI_OF_QR_CODE> in step6
|
|
Step 5 |
> dpp_listen <frequency>
|
|
Step 6 |
Enter URI of QR code
> dpp_qr_code <URI_OF_QR_CODE>
> returns <ENROLLEE_QR_CODE_ID>
* Note :
1. <URI_OF_QR_CODE> is derived from step4
2. Use <ENROLLEE_QR_CODE_ID> in step 7
|
|
Step 7 |
> dpp_auth_init peer=<ENROLLEE_QR_CODE_ID> \
conf=ap-psk configurator=<CONFIGURATOR_ID> \
ssid=<ssid in hex> \
psk=<psk in hex> \
pass=<passphrase in hex>
* Note :
1. <ENROLLEE_QR_CODE_ID> is derived from step6
2. <CONFIGURATOR_ID> is derived from step1
|
|
Step 8 |
> dpp_configurator_sign conf=sta-psk \
configurator=<CONFIGURATOR_ID> \
ssid=<ssid in hex> \
psk=<psk in hex> \
pass=<passphrase in hex>
* Note :
1. <CONFIGURATOR_ID> is derived from step1
|
|
Step 9 |
Set DPP values on STA
> set dpp_csign <DPP-C-SIGN-KEY value>
> set dpp_netaccesskey <DPP-NET-ACCESS-KEY value>
|
|
Step 10 |
> save_config
|
Example : Sequence of commands
Steps |
AP (hostapd_cli) |
Station (wpa_cli) |
|---|---|---|
Step 1 |
> dpp_configurator_add
1
|
|
Step 2 |
> dpp_configurator_get_key 1
30770201010420544bd34e7b84ec0c988178a5c5659e4cc0f74f52fc \
9bba6854c54d9388cd5624a00a06082a8648ce3d030107a1440342000408 \
3f4a398d8122ea36fb7a7e1c2d7f9a0de6f58c5bf680facf559a0f79ac30 \
eb84211e6bf25eb0e09fe1d157a7ebf7e270f57558e1e8fa \
59cd566aafeb89ccf5
|
|
Step 3 |
> dpp_bootstrap_gen type=qrcode mac=020000000000 chan=81/1 \
key=30770201010420544bd34e7b84ec0c988178a5c5659e4cc0f74f52fc \
9bba6854c54d9388cd5624a00a06082a8648ce3d030107a1440342000408 \
3f4a398d8122ea36fb7a7e1c2d7f9a0de6f58c5bf680facf559a0f79ac30 \
eb84211e6bf25eb0e09fe1d157a7ebf7e270f57558e1e8fa \
59cd566aafeb89ccf5
1
|
|
Step 4 |
> dpp_bootstrap_get_uri 1
DPP:C:81/1;M:020000000000;
K:MDkwEwYHKoZIzj0CAQYIKoZI
zj0DAQcDIgADCD9KOY2BIuo2+3
p+HC1/mg3m9Yxb9oD6z1WaD3msMOs=;;
|
|
Step 5 |
> dpp_listen 2412
OK
|
|
Step 6 |
> dpp_qr_code
DPP:C:81/1;M:020000000000;
K:MDkwEwYHKoZIzj0CAQYIKoZI
zj0DAQcDIgADCD9KOY2BIuo2+3
p+HC1/mg3m9Yxb9oD6z1WaD3msMOs=;;
1
|
|
Step 7 |
> dpp_auth_init peer=1 conf=ap-psk configurator=1
ssid=74657374
psk=29153c1e60c0e50afa47530eb7b6db1193b0131616c139e9f1785d174861cca7
pass=70617373776f726470617373776
> OK
|
|
Step 8 |
> dpp_configurator_sign conf=sta-psk configurator=1
ssid=74657374
psk=29153c1e60c0e50afa47530eb7b6db1193b0131616c139e9f1785d174861cca7
pass=70617373776f726470617373776f726470617373776f7264
OK
|
wpa_cli logs ; Step 1, Step 2
> dpp_configurator_add 1 > dpp_configurator_get_key 1 30770201010420544bd34e7b84ec0c988178a5c5659e4cc0f74f52fc9bba6854c54d9388cd5624a00a06082a8648ce3d030107a14403420004083f4a398d8122ea36fb7a7e1c2d7f9a0de6f58c5bf680facf559a0f79ac30eb84211e6bf25eb0e09fe1d157a7ebf7e270f57558e1e8fa59cd566aafeb89ccf5
hostapd_cli logs ; Step 3, Step 4, Step 5
> dpp_bootstrap_gen type=qrcode mac=6466b3172c59 chan=81/6 key=30770201010420544bd34e7b84ec0c988178a5c5659e4cc0f74f52fc9bba6854c54d9388cd5624a00a06082a8648ce3d030107a14403420004083f4a398d8122ea36fb7a7e1c2d7f9a0de6f58c5bf680facf559a0f79ac30eb84211e6bf25eb0e09fe1d157a7ebf7e270f57558e1e8fa59cd566aafeb89ccf5 1> > dpp_bootstrap_get_uri 1 DPP:C:81/6;M:020000000000;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADCD9KOY2BIuo2+3p+HC1/mg3m9Yxb9oD6z1WaD3msMOs=;; > dpp_listen 2437 OK > <3>DPP-RX src=020000000100 freq=2437 type=0 <3>DPP-TX dst=020000000100 freq=2437 type=1 <3>DPP-TX-STATUS dst=020000000100 result=SUCCESS <3>DPP-RX src=020000000100 freq=2437 type=2 <3>DPP-AUTH-SUCCESS init=0 <3>GAS-QUERY-START addr=020000000100 dialog_token=0 freq=2437 <3>GAS-QUERY-DONE addr=020000000100 dialog_token=0 freq=2437 status_code=0 result=SUCCESS <3>DPP-CONF-RECEIVED <3>DPP-CONFOBJ-AKM psk <3>DPP-CONFOBJ-SSID test <3>DPP-CONFOBJ-PASS 70617373776f726470617373776f726470617373776f7264 <3>AP-STA-CONNECTED 020000000100
wpa_cli logs ; Step 6, Step 7, Step 8
> dpp_qr_code DPP:C:81/6;M:020000000000;K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADCD9KOY2BIuo2+3p+HC1/mg3m9Yxb9oD6z1WaD3msMOs=;; 1 > dpp_auth_init peer=1 conf=ap-psk configurator=1 ssid=74657374 psk=29153c1e60c0e50afa47530eb7b6db1193b0131616c139e9f1785d174861cca7 pass=70617373776f726470617373776f726470617373776f7264 OK <3>DPP-TX dst=020000000000 freq=2437 type=0 <3>DPP-TX-STATUS dst=020000000000 freq=2437 result=SUCCESS <3>DPP-RX src=020000000000 freq=2437 type=1 <3>DPP-AUTH-DIRECTION mutual=0 <3>DPP-TX dst=020000000000 freq=2437 type=2 <3>DPP-TX-STATUS dst=020000000000 freq=2437 result=SUCCESS <3>DPP-AUTH-SUCCESS init=1 <3>DPP-CONF-REQ-RX src=020000000000 <3>DPP-CONF-SENT > dpp_configurator_sign conf=sta-psk configurator=1 ssid=74657374 psk=29153c1e60c0e50afa47530eb7b6db1193b0131616c139e9f1785d174861cca7 pass=70617373776f726470617373776f726470617373776f7264 OK <3>DPP-CONF-RECEIVED <3>DPP-CONFOBJ-SSID test <3>DPP-C-SIGN-KEY 3059301306072a8648ce3d020106082a8648ce3d03010703420004083f4a398d8122ea36fb7a7e1c2d7f9a0de6f58c5bf680facf559a0f79ac30eb84211e6bf25eb0e09fe1d157a7ebf7e270f57558e1e8fa59cd566aafeb89ccf5 <3>DPP-NET-ACCESS-KEY 3077020101042076a9df333dfb51cd0c769a8c55644b183763d858583a5cdf9ecf1f3c5a02460ba00a06082a8648ce3d030107a1440342000492f7f9f3f3b3ba63d9178300d2161b31694140c962f39fdd1ecba42ccc31d17ab41be1d8c18feadd8a5a2cc0a1ddc6c79ab5379c05a6220b34f9dfa3e2212c79 <3>DPP-NETWORK-ID 0 <3>CTRL-EVENT-SCAN-STARTED <3>CTRL-EVENT-SCAN-RESULTS <3>WPS-AP-AVAILABLE <3>SME: Trying to authenticate with 020000000000 (SSID='test' freq=2437 MHz) <3>Trying to associate with 020000000000 (SSID='test' freq=2437 MHz) <3>Associated with 020000000000 <3>CTRL-EVENT-SUBNET-STATUS-UPDATE status=0 <3>WPA: Key negotiation completed with 020000000000 [PTK=CCMP GTK=CCMP] <3>CTRL-EVENT-CONNECTED - Connection to 020000000000 completed [id=0 id_str=]
Run data traffic
Steps |
AP |
Station |
|---|---|---|
Step 1 : Assign IP address |
$ ifconfig wlan0 192.168.3.1 up
|
$ ifconfig wlan1 192.168.3.10 up
|
Step 2 : Check IP address |
$ ifconfig wlan0
wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.3.1 netmask 255.255.255.0 broadcast 192.168.3.255
ether 02:00:00:00:00:00 txqueuelen 1000 (Ethernet)
RX packets 61 bytes 11085 (11.0 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 130 bytes 25688 (25.6 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
|
$ ifconfig wlan1
wlan1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.3.10 netmask 255.255.255.0 broadcast 192.168.3.255
ether 02:00:00:00:01:00 txqueuelen 1000 (Ethernet)
RX packets 73 bytes 13119 (13.1 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 65 bytes 13111 (13.1 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
|
Step 3 : Check ping |
$ ping 192.168.3.10
PING 192.168.3.10 (192.168.3.10) 56(84) bytes of data.
64 bytes from 192.168.3.10: icmp_seq=1 ttl=64 time=0.092 ms
64 bytes from 192.168.3.10: icmp_seq=2 ttl=64 time=0.036 ms
64 bytes from 192.168.3.10: icmp_seq=3 ttl=64 time=0.094 ms
64 bytes from 192.168.3.10: icmp_seq=4 ttl=64 time=0.105 ms
64 bytes from 192.168.3.10: icmp_seq=5 ttl=64 time=0.094 ms
|
$ ping 192.168.3.1
PING 192.168.3.1 (192.168.3.1) 56(84) bytes of data.
64 bytes from 192.168.3.1: icmp_seq=1 ttl=64 time=0.121 ms
64 bytes from 192.168.3.1: icmp_seq=2 ttl=64 time=0.091 ms
64 bytes from 192.168.3.1: icmp_seq=3 ttl=64 time=0.090 ms
64 bytes from 192.168.3.1: icmp_seq=4 ttl=64 time=0.097 ms
64 bytes from 192.168.3.1: icmp_seq=5 ttl=64 time=0.243 ms
|
Step 4 : Run iperf TCP DL |
$ iperf -c 192.168.3.10 -i 1 -t 5
|
$ iperf -s -i 1
|
Step 5 : Run iperf TCP UL |
$ iperf -s -i 1
|
$ iperf -c 192.168.3.1 -i 1 -t 5
|
Step 6 : Run iperf UDP DL |
$ iperf -c 192.168.3.10 -u -b 1000M -i 1 -t 5
|
$ iperf -s -u -i 1
|
Step 7 : Run iperf UDP UL |
$ iperf -s -u -i 1
|
$ iperf -c 192.168.3.1 -u -b 1000M -i 1 -t 5
|