WPS: Fix OOB Device Password use in PSK1,PSK1 derivation

WSC specification 2.0 section 7.4 describes OOB password to be expressed
in ASCII format (upper case hexdump) instead of raw binary.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen 2013-02-24 10:57:49 +02:00 committed by Jouni Malinen
parent f23ce1f032
commit d8ed3a075a
3 changed files with 16 additions and 13 deletions

View file

@ -1612,6 +1612,7 @@ struct wpabuf * hostapd_wps_nfc_token_gen(struct hostapd_data *hapd, int ndef)
int hostapd_wps_nfc_token_enable(struct hostapd_data *hapd) int hostapd_wps_nfc_token_enable(struct hostapd_data *hapd)
{ {
struct wps_context *wps = hapd->wps; struct wps_context *wps = hapd->wps;
struct wpabuf *pw;
if (wps == NULL) if (wps == NULL)
return -1; return -1;
@ -1626,7 +1627,16 @@ int hostapd_wps_nfc_token_enable(struct hostapd_data *hapd)
wps->ap_nfc_dev_pw_id = hapd->conf->wps_nfc_dev_pw_id; wps->ap_nfc_dev_pw_id = hapd->conf->wps_nfc_dev_pw_id;
wps->ap_nfc_dh_pubkey = wpabuf_dup(hapd->conf->wps_nfc_dh_pubkey); wps->ap_nfc_dh_pubkey = wpabuf_dup(hapd->conf->wps_nfc_dh_pubkey);
wps->ap_nfc_dh_privkey = wpabuf_dup(hapd->conf->wps_nfc_dh_privkey); wps->ap_nfc_dh_privkey = wpabuf_dup(hapd->conf->wps_nfc_dh_privkey);
wps->ap_nfc_dev_pw = wpabuf_dup(hapd->conf->wps_nfc_dev_pw); pw = hapd->conf->wps_nfc_dev_pw;
wps->ap_nfc_dev_pw = wpabuf_alloc(
wpabuf_len(pw) * 2 + 1);
if (wps->ap_nfc_dev_pw) {
wpa_snprintf_hex_uppercase(
(char *) wpabuf_put(wps->ap_nfc_dev_pw,
wpabuf_len(pw) * 2),
wpabuf_len(pw) * 2 + 1,
wpabuf_head(pw), wpabuf_len(pw));
}
if (!wps->ap_nfc_dh_pubkey || !wps->ap_nfc_dh_privkey || if (!wps->ap_nfc_dh_pubkey || !wps->ap_nfc_dh_privkey ||
!wps->ap_nfc_dev_pw) { !wps->ap_nfc_dev_pw) {

View file

@ -137,7 +137,6 @@ static void * eap_wsc_init(struct eap_sm *sm)
struct wps_context *wps; struct wps_context *wps;
struct wps_credential new_ap_settings; struct wps_credential new_ap_settings;
int res; int res;
u8 dev_pw[WPS_OOB_DEVICE_PASSWORD_LEN];
int nfc = 0; int nfc = 0;
wps = sm->wps; wps = sm->wps;
@ -186,14 +185,6 @@ static void * eap_wsc_init(struct eap_sm *sm)
while (*pos != '\0' && *pos != ' ') while (*pos != '\0' && *pos != ' ')
pos++; pos++;
cfg.pin_len = pos - (const char *) cfg.pin; cfg.pin_len = pos - (const char *) cfg.pin;
if (cfg.pin_len >= WPS_OOB_DEVICE_PASSWORD_MIN_LEN * 2 &&
cfg.pin_len <= WPS_OOB_DEVICE_PASSWORD_LEN * 2 &&
hexstr2bin((const char *) cfg.pin, dev_pw,
cfg.pin_len / 2) == 0) {
/* Convert OOB Device Password to binary */
cfg.pin = dev_pw;
cfg.pin_len /= 2;
}
if (cfg.pin_len == 6 && if (cfg.pin_len == 6 &&
os_strncmp((const char *) cfg.pin, "nfc-pw", 6) == 0) { os_strncmp((const char *) cfg.pin, "nfc-pw", 6) == 0) {
cfg.pin = NULL; cfg.pin = NULL;

View file

@ -32,7 +32,7 @@ struct wps_nfc_pw_token {
struct dl_list list; struct dl_list list;
u8 pubkey_hash[WPS_OOB_PUBKEY_HASH_LEN]; u8 pubkey_hash[WPS_OOB_PUBKEY_HASH_LEN];
u16 pw_id; u16 pw_id;
u8 dev_pw[WPS_OOB_DEVICE_PASSWORD_LEN]; u8 dev_pw[WPS_OOB_DEVICE_PASSWORD_LEN * 2 + 1];
size_t dev_pw_len; size_t dev_pw_len;
}; };
@ -3498,8 +3498,10 @@ int wps_registrar_add_nfc_pw_token(struct wps_registrar *reg,
os_memcpy(token->pubkey_hash, pubkey_hash, WPS_OOB_PUBKEY_HASH_LEN); os_memcpy(token->pubkey_hash, pubkey_hash, WPS_OOB_PUBKEY_HASH_LEN);
token->pw_id = pw_id; token->pw_id = pw_id;
os_memcpy(token->dev_pw, dev_pw, dev_pw_len); wpa_snprintf_hex_uppercase((char *) token->dev_pw,
token->dev_pw_len = dev_pw_len; sizeof(token->dev_pw),
dev_pw, dev_pw_len);
token->dev_pw_len = dev_pw_len * 2;
dl_list_add(&reg->nfc_pw_tokens, &token->list); dl_list_add(&reg->nfc_pw_tokens, &token->list);