> where do I need to set the ssid that gets returned to the supplicant When you send DPP auth init you can pass hexvalue of SSID. Command will be. DPP_AUTH_INIT peer=<Peer-ID> conf=sta-dpp configurator=<Configurator-ID> ssid=<GiveHexValueOfSSID> > is there a list of wireless adapters (especially USB dongles) that are known to work with DPP Alfa AWUS036NHA is one wireless adapter where DPP works. Regards, Rohith K Damodaran On Wed, Feb 13, 2019 at 1:26 AM Steve Johnson <steve@xxxxxxxxxxxxxx> wrote: > > Well, it was a mix of wireless adapters that apparently don't support DPP (off channel messaging), although the capabilities listed would have you believe otherwise. > > A couple of questions: > > First, is there a list of wireless adapters (especially USB dongles) that are known to work with DPP? > > Second, while the DPP Authentication part seems to complete successfully, it is now trying to connect to SSID "test" (wi-fi_tech), which I assume is a default baked in to hostapd. I have the ssid parameter set in the hostapd.conf file - where do I need to set the ssid that gets returned to the supplicant? Is it a GAS parameter? > > Happy to at least have the DPP authentication working. > > Steve > > > On Feb 11, 2019, at 9:58 AM, Steve Johnson <steve@xxxxxxxxxxxxxx> wrote: > > > > Here are the detailed logs from hostapd. As I mentioned, I can see the Authentication Request sent on channel 1 using a wireless sniffer. No evidence that the enrollee device is receiving the request. If it turns out to be an issue with the supplicant wifi adapter, can you recommend a USB adapter that is known to work with DPP (and preferably Raspberry Pi)? As soon as we have one working setup, it will be easy to validate other devices in the future. > > > > hostapd: > > > > Ignore Probe Request due to DS Params mismatch: chan=1 != ds.chan=3 > > nl80211: Event message available > > nl80211: BSS Event 59 (NL80211_CMD_FRAME) received for wlp2s0 > > nl80211: MLME event 59 (NL80211_CMD_FRAME) on wlp2s0(24:f5:aa:6f:03:11) A1=ff:ff:ff:ff:ff:ff A2=4c:32:75:90:33:b3 > > nl80211: MLME event frame - hexdump(len=83): 40 00 00 00 ff ff ff ff ff ff 4c 32 75 90 33 b3 ff ff ff ff ff ff e0 33 00 00 01 04 02 04 0b 16 32 08 0c 12 18 24 30 48 60 6c 03 01 03 2d 1a ad 49 17 ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 7f 08 04 00 00 00 00 00 00 40 > > nl80211: Frame event > > nl80211: RX frame da=ff:ff:ff:ff:ff:ff sa=4c:32:75:90:33:b3 bssid=ff:ff:ff:ff:ff:ff freq=2412 ssi_signal=-59 fc=0x40 seq_ctrl=0x33e0 stype=4 (WLAN_FC_STYPE_PROBE_REQ) len=83 > > Ignore Probe Request due to DS Params mismatch: chan=1 != ds.chan=3 > > RX ctrl_iface - hexdump_ascii(len=20): > > 44 50 50 5f 43 4f 4e 46 49 47 55 52 41 54 4f 52 DPP_CONFIGURATOR > > 5f 41 44 44 _ADD > > DPP: Generating a keypair > > RX ctrl_iface - hexdump_ascii(len=127): > > 44 50 50 5f 51 52 5f 43 4f 44 45 20 44 50 50 3a DPP_QR_CODE DPP: > > 43 3a 38 31 2f 31 3b 4d 3a 35 30 3a 33 65 3a 61 C:81/1;M:50:3e:a > > 61 3a 34 34 3a 37 33 3a 39 35 3b 4b 3a 4d 44 6b a:44:73:95;K:MDk > > 77 45 77 59 48 4b 6f 5a 49 7a 6a 30 43 41 51 59 wEwYHKoZIzj0CAQY > > 49 4b 6f 5a 49 7a 6a 30 44 41 51 63 44 49 67 41 IKoZIzj0DAQcDIgA > > 44 65 74 79 62 33 46 31 74 59 43 4e 73 2f 36 71 Detyb3F1tYCNs/6q > > 32 57 41 4d 4b 54 4a 69 72 4b 70 66 4b 6c 35 4e 2WAMKTJirKpfKl5N > > 77 57 52 32 71 30 6c 54 38 73 62 4d 3d 3b 3b wWR2q0lT8sbM=;; > > DPP: URI - hexdump_ascii(len=115): > > 44 50 50 3a 43 3a 38 31 2f 31 3b 4d 3a 35 30 3a DPP:C:81/1;M:50: > > 33 65 3a 61 61 3a 34 34 3a 37 33 3a 39 35 3b 4b 3e:aa:44:73:95;K > > 3a 4d 44 6b 77 45 77 59 48 4b 6f 5a 49 7a 6a 30 :MDkwEwYHKoZIzj0 > > 43 41 51 59 49 4b 6f 5a 49 7a 6a 30 44 41 51 63 CAQYIKoZIzj0DAQc > > 44 49 67 41 44 65 74 79 62 33 46 31 74 59 43 4e DIgADetyb3F1tYCN > > 73 2f 36 71 32 57 41 4d 4b 54 4a 69 72 4b 70 66 s/6q2WAMKTJirKpf > > 4b 6c 35 4e 77 57 52 32 71 30 6c 54 38 73 62 4d Kl5NwWR2q0lT8sbM > > 3d 3b 3b =;; > > DPP: URI channel-list: opclass=81 channel=1 ==> freq=2412 > > DPP: URI mac: 50:3e:aa:44:73:95 > > DPP: Base64 decoded URI public-key - hexdump(len=59): 30 39 30 13 06 07 2a 86 48 ce 3d 02 01 06 08 2a 86 48 ce 3d 03 01 07 03 22 00 03 7a dc 9b dc 5d 6d 60 23 6c ff aa b6 58 03 0a 4c 98 ab 2a 97 ca 97 93 70 59 1d aa d2 54 fc b1 b3 > > DPP: Public key hash - hexdump(len=32): a9 ce 7d 0b d7 7c a2 15 6a 8d c3 fb 69 61 3e fa e0 6f 6c db 61 59 5c 85 31 2e 1a 86 1d f8 75 61 > > DPP: URI subjectPublicKey algorithm: id-ecPublicKey > > DPP: URI subjectPublicKey parameters: prime256v1 > > DPP: URI subjectPublicKey - hexdump(len=33): 03 7a dc 9b dc 5d 6d 60 23 6c ff aa b6 58 03 0a 4c 98 ab 2a 97 ca 97 93 70 59 1d aa d2 54 fc b1 b3 > > RX ctrl_iface - hexdump_ascii(len=48): > > 44 50 50 5f 41 55 54 48 5f 49 4e 49 54 20 70 65 DPP_AUTH_INIT pe > > 65 72 3d 31 20 63 6f 6e 66 3d 73 74 61 2d 64 70 er=1 conf=sta-dp > > 70 20 63 6f 6e 66 69 67 75 72 61 74 6f 72 3d 31 p configurator=1 > > DPP: Generating a keypair > > DPP: Compressed public key (DER) - hexdump(len=59): 30 39 30 13 06 07 2a 86 48 ce 3d 02 01 06 08 2a 86 48 ce 3d 03 01 07 03 22 00 02 00 0d 7f cf 9a b5 14 f0 18 93 a9 6c 0c 3b 06 78 50 2d d7 de 92 16 3b 1d d6 81 af d9 d4 3e 29 cf > > DPP: Public key hash - hexdump(len=32): ab 38 e1 e2 dc 4d 24 c9 77 e2 c5 31 2c af b9 31 54 dd 19 67 1b a9 12 e8 93 1c af 1a 4f c0 ea 00 > > DPP: Auto-generated own bootstrapping key info: URI DPP:K:MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgACAA1/z5q1FPAYk6lsDDsGeFAt196SFjsd1oGv2dQ+Kc8=;; > > DPP: Possible frequencies for initiating: 2412 > > Get randomness: len=16 entropy=98 > > DPP: I-nonce - hexdump(len=16): 85 5a 09 fb 8f 60 52 8a a3 40 32 68 b6 d3 de d0 > > DPP: Generating a keypair > > DPP: ECDH shared secret (M.x) - hexdump(len=32): [REMOVED] > > DPP: PRK = HKDF-Extract(<>, IKM=M.x) - hexdump(len=32): [REMOVED] > > DPP: k1 = HKDF-Expand(PRK, info, L) - hexdump(len=32): [REMOVED] > > DPP: R-Bootstrap Key Hash > > DPP: I-Bootstrap Key Hash > > DDP: AES-SIV AD[0] - hexdump(len=6): 50 6f 9a 1a 01 00 > > DDP: AES-SIV AD[1] - hexdump(len=140): 02 10 20 00 a9 ce 7d 0b d7 7c a2 15 6a 8d c3 fb 69 61 3e fa e0 6f 6c db 61 59 5c 85 31 2e 1a 86 1d f8 75 61 01 10 20 00 ab 38 e1 e2 dc 4d 24 c9 77 e2 c5 31 2c af b9 31 54 dd 19 67 1b a9 12 e8 93 1c af 1a 4f c0 ea 00 03 10 40 00 a3 1c 77 6a f2 93 44 08 96 cb 90 65 3c 8e c3 be 76 69 41 23 e7 ed da 3d fd 6d ed d4 bf 5a fe db f7 14 87 26 8c ed 9b 00 05 5d 49 52 23 6e 88 b6 d4 61 00 36 6a f0 9d 91 53 78 6f 5b b8 bc d2 78 > > DPP: AES-SIV cleartext - hexdump(len=25): 05 10 10 00 85 5a 09 fb 8f 60 52 8a a3 40 32 68 b6 d3 de d0 06 10 01 00 02 > > DPP: AES-SIV ciphertext - hexdump(len=41): 21 da a9 2c e7 cd 26 df e2 32 aa 3f 19 55 45 e8 d4 57 7f 93 d0 96 92 d9 ed 90 25 4a 4b a3 31 dc 0e 0d 9f 37 12 92 67 45 c0 > > DPP: Authentication Request frame attributes - hexdump(len=193): 04 09 50 6f 9a 1a 01 00 02 10 20 00 a9 ce 7d 0b d7 7c a2 15 6a 8d c3 fb 69 61 3e fa e0 6f 6c db 61 59 5c 85 31 2e 1a 86 1d f8 75 61 01 10 20 00 ab 38 e1 e2 dc 4d 24 c9 77 e2 c5 31 2c af b9 31 54 dd 19 67 1b a9 12 e8 93 1c af 1a 4f c0 ea 00 03 10 40 00 a3 1c 77 6a f2 93 44 08 96 cb 90 65 3c 8e c3 be 76 69 41 23 e7 ed da 3d fd 6d ed d4 bf 5a fe db f7 14 87 26 8c ed 9b 00 05 5d 49 52 23 6e 88 b6 d4 61 00 36 6a f0 9d 91 53 78 6f 5b b8 bc d2 78 04 10 29 00 21 da a9 2c e7 cd 26 df e2 32 aa 3f 19 55 45 e8 d4 57 7f 93 d0 96 92 d9 ed 90 25 4a 4b a3 31 dc 0e 0d 9f 37 12 92 67 45 c0 > > DPP: Set configurator parameters: peer=1 conf=sta-dpp configurator=1 > > wlp2s0: DPP-TX dst=50:3e:aa:44:73:95 freq=2412 type=0 > > nl80211: Send Action frame (ifindex=4, freq=2412 MHz wait=2000 ms no_cck=0) > > nl80211: send_mlme - da= 50:3e:aa:44:73:95 noack=0 freq=2412 no_cck=0 offchanok=1 wait_time=2000 fc=0xd0 (WLAN_FC_STYPE_ACTION) nlmode=3 > > nl80211: send_mlme -> send_frame > > nl80211: send_frame -> send_frame_cmd > > nl80211: CMD_FRAME freq=2412 wait=2000 no_cck=0 no_ack=0 offchanok=1 > > CMD_FRAME - hexdump(len=217): d0 00 00 00 50 3e aa 44 73 95 24 f5 aa 6f 03 11 ff ff ff ff ff ff 00 00 04 09 50 6f 9a 1a 01 00 02 10 20 00 a9 ce 7d 0b d7 7c a2 15 6a 8d c3 fb 69 61 3e fa e0 6f 6c db 61 59 5c 85 31 2e 1a 86 1d f8 75 61 01 10 20 00 ab 38 e1 e2 dc 4d 24 c9 77 e2 c5 31 2c af b9 31 54 dd 19 67 1b a9 12 e8 93 1c af 1a 4f c0 ea 00 03 10 40 00 a3 1c 77 6a f2 93 44 08 96 cb 90 65 3c 8e c3 be 76 69 41 23 e7 ed da 3d fd 6d ed d4 bf 5a fe db f7 14 87 26 8c ed 9b 00 05 5d 49 52 23 6e 88 b6 d4 61 00 36 6a f0 9d 91 53 78 6f 5b b8 bc d2 78 04 10 29 00 21 da a9 2c e7 cd 26 df e2 32 aa 3f 19 55 45 e8 d4 57 7f 93 d0 96 92 d9 ed 90 25 4a 4b a3 31 dc 0e 0d 9f 37 12 92 67 45 c0 > > nl80211: Frame TX command accepted; cookie 0x146 > > nl80211: Drop oldest pending send action cookie 0x0 > > nl80211: Update send_action_cookie from 0x0 to 0x146 > > nl80211: Event message available > > nl80211: Drv Event 60 (NL80211_CMD_FRAME_TX_STATUS) received for wlp2s0 > > nl80211: MLME event 60 (NL80211_CMD_FRAME_TX_STATUS) on wlp2s0(24:f5:aa:6f:03:11) A1=50:3e:aa:44:73:95 A2=24:f5:aa:6f:03:11 > > nl80211: MLME event frame - hexdump(len=217): d0 00 00 00 50 3e aa 44 73 95 24 f5 aa 6f 03 11 ff ff ff ff ff ff 00 00 04 09 50 6f 9a 1a 01 00 02 10 20 00 a9 ce 7d 0b d7 7c a2 15 6a 8d c3 fb 69 61 3e fa e0 6f 6c db 61 59 5c 85 31 2e 1a 86 1d f8 75 61 01 10 20 00 ab 38 e1 e2 dc 4d 24 c9 77 e2 c5 31 2c af b9 31 54 dd 19 67 1b a9 12 e8 93 1c af 1a 4f c0 ea 00 03 10 40 00 a3 1c 77 6a f2 93 44 08 96 cb 90 65 3c 8e c3 be 76 69 41 23 e7 ed da 3d fd 6d ed d4 bf 5a fe db f7 14 87 26 8c ed 9b 00 05 5d 49 52 23 6e 88 b6 d4 61 00 36 6a f0 9d 91 53 78 6f 5b b8 bc d2 78 04 10 29 00 21 da a9 2c e7 cd 26 df e2 32 aa 3f 19 55 45 e8 d4 57 7f 93 d0 96 92 d9 ed 90 25 4a 4b a3 31 dc 0e 0d 9f 37 12 92 67 45 c0 > > nl80211: Frame TX status event > > wlp2s0: Event TX_STATUS (16) received > > mgmt::action cb ok=1 > > DPP: TX status: dst=50:3e:aa:44:73:95 ok=1 > > wlp2s0: DPP-TX-STATUS dst=50:3e:aa:44:73:95 result=SUCCESS > > DPP: Reply wait timeout - wait_time=2000 diff_ms=2012 > > DPP: No response received from responder - stopping initiation attempt > > wlp2s0: DPP-AUTH-INIT-FAILED > > > >> On Feb 9, 2019, at 4:50 PM, Steve Johnson <steve@xxxxxxxxxxxxxx> wrote: > >> > >> The hostap device is sending the authentication request on channel 1 - I have verified this using a wifi sniffer. As for the wpa_supplicant, I assume AP mode does not apply. I suppose it is possible that both supplicant machines (Pi & NUC) have wifi adapters that appear to support offchannel mode but do not. dpp_listen appears to work without errors. > >> > >> The Raspberry Pi (supplicant) is using a TP-Link Archer T4U V3 adapter. > >> > >> Given that hostap is sending out the authentication request on channel 1 and the wpa_supplicant logs show no receipt of management frames, anything you can think of for me to check? > >> > >> > >>> On Feb 9, 2019, at 3:32 PM, Jouni Malinen <j@xxxxx> wrote: > >>> > >>> On Fri, Feb 08, 2019 at 03:10:29PM -0700, Steve Johnson wrote: > >>>> I have built hostapd and wpa_supplicant per the instructions and am having trouble getting the negotiation to complete. Using wireshark (airtool), I can see that hostapd is sending the authentication request OTA. On the wpa_supplicant machine, I cannot see any nl80211 debug messages showing that any management frames have been received. (but I can see that it has registered for the correct frame types). > >>>> > >>>> I've tried two diffent STA machines (Pi and NUC) - each one can function properly as an AP, so I know the radios work. > >>> > >>> But do you know that the WLAN driver on the devices support offchannel > >>> TX operation while in AP mode? Have you used a wireless sniffer to > >>> verify whether the Public Action frame is actually transmitted on the > >>> expected channel (2412 MHz in this case)? > >>> > >>>> hostapd logs: ( grep DPP ) > >>> > >>> That grepping removes the most relevant lines for this, i.e., what > >>> happens with the nl80211 commands to send out the DPP Public Action > >>> frame. Anyway, some drivers might lie about the TX status, so a wireless > >>> sniffer would be more robust way of checking what exactly happened when > >>> working with drivers that have not yet been confirmed to work with DPP. > >>> > >>> -- > >>> Jouni Malinen PGP id EFC895FA > >> > > > > > _______________________________________________ > Hostap mailing list > Hostap@xxxxxxxxxxxxxxxxxxx > http://lists.infradead.org/mailman/listinfo/hostap _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
