From 1b928f96b64138fbd4c681bb863aeb71c809c520 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Sun, 22 Jun 2014 00:15:53 +0300 Subject: [PATCH] P2P: Allow passphrase length to be configured Previously, eight character random passphrase was generated automatically for P2P GO. The new p2p_passphrase_len parameter can be used to increase this length to generate a stronger passphrase for cases where practicality of manual configuration of legacy devices is not a concern. Signed-off-by: Jouni Malinen --- src/p2p/p2p.c | 16 +++++++++++++--- src/p2p/p2p.h | 10 ++++++++++ wpa_supplicant/config.c | 2 ++ wpa_supplicant/config.h | 9 +++++++++ wpa_supplicant/config_file.c | 3 +++ wpa_supplicant/p2p_supplicant.c | 9 +++++++++ wpa_supplicant/wpa_supplicant.conf | 6 ++++++ 7 files changed, 52 insertions(+), 3 deletions(-) diff --git a/src/p2p/p2p.c b/src/p2p/p2p.c index 104f77ba4..d0191e741 100644 --- a/src/p2p/p2p.c +++ b/src/p2p/p2p.c @@ -1561,7 +1561,7 @@ void p2p_build_ssid(struct p2p_data *p2p, u8 *ssid, size_t *ssid_len) int p2p_go_params(struct p2p_data *p2p, struct p2p_go_neg_results *params) { p2p_build_ssid(p2p, params->ssid, ¶ms->ssid_len); - p2p_random(params->passphrase, 8); + p2p_random(params->passphrase, p2p->cfg->passphrase_len); return 0; } @@ -1595,7 +1595,7 @@ void p2p_go_complete(struct p2p_data *p2p, struct p2p_device *peer) p2p->op_channel); os_memcpy(res.ssid, p2p->ssid, p2p->ssid_len); res.ssid_len = p2p->ssid_len; - p2p_random(res.passphrase, 8); + p2p_random(res.passphrase, p2p->cfg->passphrase_len); } else { res.freq = peer->oper_freq; if (p2p->ssid_len) { @@ -2388,7 +2388,8 @@ struct p2p_data * p2p_init(const struct p2p_config *cfg) { struct p2p_data *p2p; - if (cfg->max_peers < 1) + if (cfg->max_peers < 1 || + cfg->passphrase_len < 8 || cfg->passphrase_len > 63) return NULL; p2p = os_zalloc(sizeof(*p2p) + sizeof(*cfg)); @@ -4719,3 +4720,12 @@ void p2p_set_authorized_oob_dev_pw_id(struct p2p_data *p2p, u16 dev_pw_id, } #endif /* CONFIG_WPS_NFC */ + + +int p2p_set_passphrase_len(struct p2p_data *p2p, unsigned int len) +{ + if (len < 8 || len > 63) + return -1; + p2p->cfg->passphrase_len = len; + return 0; +} diff --git a/src/p2p/p2p.h b/src/p2p/p2p.h index 9cf100fa3..5938aa715 100644 --- a/src/p2p/p2p.h +++ b/src/p2p/p2p.h @@ -394,6 +394,14 @@ struct p2p_config { */ unsigned int max_listen; + /** + * passphrase_len - Passphrase length (8..63) + * + * This parameter controls the length of the random passphrase that is + * generated at the GO. + */ + unsigned int passphrase_len; + /** * cb_ctx - Context to use with callback functions */ @@ -1960,4 +1968,6 @@ void p2p_set_authorized_oob_dev_pw_id(struct p2p_data *p2p, u16 dev_pw_id, int go_intent, const u8 *own_interface_addr); +int p2p_set_passphrase_len(struct p2p_data *p2p, unsigned int len); + #endif /* P2P_H */ diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c index 4cea2ef98..86d6d7213 100644 --- a/wpa_supplicant/config.c +++ b/wpa_supplicant/config.c @@ -3836,6 +3836,8 @@ static const struct global_parse_data global_fields[] = { { INT_RANGE(persistent_reconnect, 0, 1), 0 }, { INT_RANGE(p2p_intra_bss, 0, 1), CFG_CHANGED_P2P_INTRA_BSS }, { INT(p2p_group_idle), 0 }, + { INT_RANGE(p2p_passphrase_len, 8, 63), + CFG_CHANGED_P2P_PASSPHRASE_LEN }, { FUNC(p2p_pref_chan), CFG_CHANGED_P2P_PREF_CHAN }, { FUNC(p2p_no_go_freq), CFG_CHANGED_P2P_PREF_CHAN }, { INT_RANGE(p2p_add_cli_chan, 0, 1), 0 }, diff --git a/wpa_supplicant/config.h b/wpa_supplicant/config.h index 3c2fc4ab2..52add9da3 100644 --- a/wpa_supplicant/config.h +++ b/wpa_supplicant/config.h @@ -317,6 +317,7 @@ struct wpa_cred { #define CFG_CHANGED_P2P_PREF_CHAN BIT(13) #define CFG_CHANGED_EXT_PW_BACKEND BIT(14) #define CFG_CHANGED_NFC_PASSWORD_TOKEN BIT(15) +#define CFG_CHANGED_P2P_PASSPHRASE_LEN BIT(16) /** * struct wpa_config - wpa_supplicant configuration data @@ -715,6 +716,14 @@ struct wpa_config { */ int p2p_group_idle; + /** + * p2p_passphrase_len - Passphrase length (8..63) for P2P GO + * + * This parameter controls the length of the random passphrase that is + * generated at the GO. + */ + unsigned int p2p_passphrase_len; + /** * bss_max_count - Maximum number of BSS entries to keep in memory */ diff --git a/wpa_supplicant/config_file.c b/wpa_supplicant/config_file.c index 58e711187..fd992188c 100644 --- a/wpa_supplicant/config_file.c +++ b/wpa_supplicant/config_file.c @@ -1016,6 +1016,9 @@ static void wpa_config_write_global(FILE *f, struct wpa_config *config) fprintf(f, "p2p_intra_bss=%u\n", config->p2p_intra_bss); if (config->p2p_group_idle) fprintf(f, "p2p_group_idle=%u\n", config->p2p_group_idle); + if (config->p2p_passphrase_len) + fprintf(f, "p2p_passphrase_len=%u\n", + config->p2p_passphrase_len); if (config->p2p_pref_chan) { unsigned int i; fprintf(f, "p2p_pref_chan="); diff --git a/wpa_supplicant/p2p_supplicant.c b/wpa_supplicant/p2p_supplicant.c index 6b85efecf..afa8121b6 100644 --- a/wpa_supplicant/p2p_supplicant.c +++ b/wpa_supplicant/p2p_supplicant.c @@ -3949,6 +3949,12 @@ int wpas_p2p_init(struct wpa_global *global, struct wpa_supplicant *wpa_s) p2p.max_listen = wpa_s->max_remain_on_chan; + if (wpa_s->conf->p2p_passphrase_len >= 8 && + wpa_s->conf->p2p_passphrase_len <= 63) + p2p.passphrase_len = wpa_s->conf->p2p_passphrase_len; + else + p2p.passphrase_len = 8; + global->p2p = p2p_init(&p2p); if (global->p2p == NULL) return -1; @@ -6334,6 +6340,9 @@ void wpas_p2p_update_config(struct wpa_supplicant *wpa_s) "update failed"); } } + + if (wpa_s->conf->changed_parameters & CFG_CHANGED_P2P_PASSPHRASE_LEN) + p2p_set_passphrase_len(p2p, wpa_s->conf->p2p_passphrase_len); } diff --git a/wpa_supplicant/wpa_supplicant.conf b/wpa_supplicant/wpa_supplicant.conf index 191f2063b..2a0dc204f 100644 --- a/wpa_supplicant/wpa_supplicant.conf +++ b/wpa_supplicant/wpa_supplicant.conf @@ -269,6 +269,12 @@ fast_reauth=1 # inactive stations. #p2p_go_max_inactivity=300 +# Passphrase length (8..63) for P2P GO +# +# This parameter controls the length of the random passphrase that is +# generated at the GO. Default: 8. +#p2p_passphrase_len=8 + # Extra delay between concurrent P2P search iterations # # This value adds extra delay in milliseconds between concurrent search