========================================================= DPP-WPA3-QR - Hostapd configurator - Supplicant enrollee ========================================================= DPP-WPA3-QR-CODE (AP as Configurator and STA as Enrollee) frame exchange ------------------------------------------------------------------------- Wi-Fi Device Provisioning Protocol (DPP) is a replacement of the Wi-Fi Protected Setup (WPS). With DPP, devices can be authenticated to join a network without a password through various means, including QR codes or NFC tags. this is not simply a mechanism for communicating the password but rather it is a way for devices to perform mutual authentication without a password. The following is a resprestaion of DPP-WPA3-QR-CODE (AP as Configurator and STA as Enrollee) handshake ``Hostpad(AP-Configurator) wpa_supplicant(STA-Enrollee)`` ``|-----------------------DPP_Auth_Req----------------------->>|`` ``|<<---------------------DPP_Auth_Resp------------------------|`` ``|-----------------------DPP_Auth_Confirm------------------->>|`` ``|<<---------------------DPP_Config_Req-----------------------|`` ``|-----------------------DPP_Config_Resp-------------------->>|`` ``|<<---------------------Auth_Req (Commit)--------------------|`` ``|-----------------------Auth_Resp (Commit)----------------->>|`` ``|<<---------------------Auth_Req (Confirm)-------------------|`` ``|-----------------------Auth_Resp (Confirm)---------------->>|`` ``|<<---------------------Assoc_Req----------------------------|`` ``|-----------------------Assoc_Resp------------------------->>|`` ``|-----------------------EAPOL-M1--------------------------->>|`` ``|<<---------------------EAPOL-M2-----------------------------|`` ``|-----------------------EAPOL-M3--------------------------->>|`` ``|<<---------------------EAPOL-M4-----------------------------|`` Test bed ------------ Inorder to execute below practical example, two Linux machines are needed with ubuntu version >= 16.04. * Check the Ubuntu version on your machine. Ubuntu version used for in this site is 20.04 .. literalinclude:: test_bed_cmds/cmd_test_bed_ubuntu_ver.py wpa_supplicant compilation ----------------------------------- The daemon process that runs in the client stations. It implements WPA key negotiation with a WPA Authenticator and EAP authentication with Authentication Server. In addition, it controls the roaming and IEEE 802.11 authentication/association of the wireless LAN driver. Following are the steps to download and compiling wpa_supplicant from source code 1. Download latest wpa_supplicant .. literalinclude:: supp_cmds/cmd_supp_download.py 2. Install required packages .. literalinclude:: supp_cmds/cmd_supp_pkgs.py below messages indicate that packages are installed successfully .. literalinclude:: supp_cmds/cmd_supp_pkgs_installed_msg.py 3. Extract the tar file .. literalinclude:: supp_cmds/cmd_supp_untar.py 4. Go to wpa_supplicant directory .. literalinclude:: supp_cmds/cmd_supp_cd.py 5. Copy the default configuration into .conf file .. literalinclude:: supp_cmds/cmd_supp_defconfig.py 6. Enable below configs in .config .. literalinclude:: supp_cmds/cmd_supp_defconfig_configs.py 7. Build the wpa_supplicant .. literalinclude:: supp_cmds/cmd_supp_make.py Below is the list of files compiled based on the features enabled in ".config" .. literalinclude:: supp_cmds/cmd_supp_make_log.py 8. Install the compiled commands (optional) .. literalinclude:: supp_cmds/cmd_supp_install.py hostapd compilation ----------------------------------- The hostapd is a user space daemon for access point and authentication servers. It implements IEEE 802.11 access point management, IEEE 802.1X/WPA/WPA2/EAP Authenticators, RADIUS client, EAP server, and RADIUS authentication server. Following are the steps to download and compiling hostapd from source code 1. Download latest hostapd .. literalinclude:: hostapd_cmds/cmd_hostapd_download.py 2. Install required packages .. literalinclude:: hostapd_cmds/cmd_hostapd_pkgs.py below messages indicate that packages are installed successfully .. literalinclude:: hostapd_cmds/cmd_hostapd_pkgs_installed_msg.py 3. Extract the tar file .. literalinclude:: hostapd_cmds/cmd_hostapd_untar.py 4. Go to Hostapd directory .. literalinclude:: hostapd_cmds/cmd_hostapd_cd.py 5. Copy the default configuration into .conf file .. literalinclude:: hostapd_cmds/cmd_hostapd_defconfig.py 6. Enable below configs in .config .. literalinclude:: hostapd_cmds/cmd_hostapd_defconfig_configs.py 7. Build the Hostapd .. literalinclude:: hostapd_cmds/cmd_hostapd_make.py Below is the list of files compiled based on the features enabled in ".config" .. literalinclude:: hostapd_cmds/cmd_hostapd_make_log.py 8. Install the compiled commands (optional) .. literalinclude:: hostapd_cmds/cmd_hostapd_install.py Running hostapd ------------------------ 1. Check if wifi interface with the name "wlan0" is available. This is created on boot up of the ubuntu machine or by installing wifi driver manually .. literalinclude:: hostapd_cmds/cmd_hostapd_iwx_status.py 2. Create a hostapd.conf file in /etc/hostapd/ folder with below content .. literalinclude:: hostapd_cmds/cmd_hostapd_conf_edit.py Copy below content .. literalinclude:: hostapd_cmds/cmd_hostapd_conf_content.py 3. Go to hostapd directory .. literalinclude:: hostapd_cmds/cmd_hostapd_cd.py 4. Run hostapd by issuing follwing command .. literalinclude:: hostapd_cmds/cmd_hostapd_run.py Below log messages are seen on console after running hostapd .. literalinclude:: hostapd_cmds/cmd_hostapd_run_log.py 5. Mode of "wlan0" interface is now assigned as "AP/Master". Check this by querying information via iwconfig/iw command .. literalinclude:: hostapd_cmds/cmd_hostapd_iwx_status_ap.py Running wpa_supplicant --------------------------------- 1. Check if wifi interface with the name "wlan1" is available. This is created on boot up of the ubuntu machine or by installing wifi driver manually .. literalinclude:: supp_cmds/cmd_supp_iwx_status.py 2. Go to wpa_supplicant directory .. literalinclude:: supp_cmds/cmd_supp_cd.py 3. Create wpa_supplicant.conf file with following network block contents delete all existing content and copy below content .. literalinclude:: supp_cmds/cmd_supp_conf_content.py 4. Run wpa_supplicant .. literalinclude:: supp_cmds/cmd_supp_run.py Syntax : Sequence of commands ------------------------------ ========================== =========================================================== ================================================================ Steps AP (hostapd_cli) Station (wpa_cli) ========================== =========================================================== ================================================================ Step 1 .. literalinclude:: hostapd_cmds/cmd_hostapd_dpp_step1.py Step 2 .. literalinclude:: hostapd_cmds/cmd_hostapd_dpp_step2.py Step 3 .. literalinclude:: supp_cmds/cmd_supp_dpp_step3.py Step 4 .. literalinclude:: supp_cmds/cmd_supp_dpp_step4.py Step 5 .. literalinclude:: supp_cmds/cmd_supp_dpp_step5.py Step 6 .. literalinclude:: hostapd_cmds/cmd_hostapd_dpp_step6.py Step 7 .. literalinclude:: hostapd_cmds/cmd_hostapd_dpp_step7.py Step 8 .. literalinclude:: hostapd_cmds/cmd_hostapd_dpp_step8.py Step 9 .. literalinclude:: hostapd_cmds/cmd_hostapd_dpp_step9.py Step 10 .. literalinclude:: supp_cmds/cmd_supp_dpp_step10.py Step 11 .. literalinclude:: supp_cmds/cmd_supp_dpp_step11.py Step 12 .. literalinclude:: supp_cmds/cmd_supp_dpp_step12.py ========================== =========================================================== ================================================================ hostapd_cli logs ; Step 1, Step 2 """""""""""""""""""""""""""""""""" .. literalinclude:: hostapd_cmds/cmd_hostapd_dpp_hostapd_cli_logs_step_1_2.py wpa_cli logs ; Step 3, Step 4, Step 5 """""""""""""""""""""""""""""""""""""" .. literalinclude:: supp_cmds/cmd_supp_dpp_wpa_cli_logs_step_3_4_5.py hostapd_cli logs ; Step 6, Step 7, Step 8, Step 9 """""""""""""""""""""""""""""""""""""""""""""""""" .. literalinclude:: hostapd_cmds/cmd_hostapd_dpp_hostapd_cli_logs_step_6_7_8_9.py wpa_cli logs ; Step 10, Step 11, Step 12 """"""""""""""""""""""""""""""""""""""""" .. literalinclude:: supp_cmds/cmd_supp_dpp_wpa_cli_logs_step_10_11_12.py Run data traffic ------------------ ========================== =========================================================== ================================================================ Steps AP Station ========================== =========================================================== ================================================================ Step 1 : Assign IP address .. literalinclude:: traffic_cmds/cmd_ifconfig_set_ap.py .. literalinclude:: traffic_cmds/cmd_ifconfig_set_station.py Step 2 : Check IP address .. literalinclude:: traffic_cmds/cmd_ifconfig_ap_status.py .. literalinclude:: traffic_cmds/cmd_ifconfig_station_status.py Step 3 : Check ping .. literalinclude:: traffic_cmds/cmd_ping_sta_from_ap.py .. literalinclude:: traffic_cmds/cmd_ping_ap_from_sta.py Step 4 : Run iperf TCP DL .. literalinclude:: traffic_cmds/cmd_tcp_dl_ap.py .. literalinclude:: traffic_cmds/cmd_tcp_dl_station.py Step 5 : Run iperf TCP UL .. literalinclude:: traffic_cmds/cmd_tcp_ul_ap.py .. literalinclude:: traffic_cmds/cmd_tcp_ul_station.py Step 6 : Run iperf UDP DL .. literalinclude:: traffic_cmds/cmd_udp_dl_ap.py .. literalinclude:: traffic_cmds/cmd_udp_dl_station.py Step 7 : Run iperf UDP UL .. literalinclude:: traffic_cmds/cmd_udp_ul_ap.py .. literalinclude:: traffic_cmds/cmd_udp_ul_station.py ========================== =========================================================== ================================================================