18d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* 28d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Wi-Fi Protected Setup - attribute processing 38d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Copyright (c) 2008, Jouni Malinen <j@w1.fi> 48d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 5c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt * This software may be distributed under the terms of the BSD license. 6c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt * See README for more details. 78d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 88d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 98d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "includes.h" 108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "common.h" 128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "crypto/sha256.h" 138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "wps_i.h" 148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtint wps_process_authenticator(struct wps_data *wps, const u8 *authenticator, 178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt const struct wpabuf *msg) 188d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt u8 hash[SHA256_MAC_LEN]; 208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt const u8 *addr[2]; 218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt size_t len[2]; 228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (authenticator == NULL) { 248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS: No Authenticator attribute " 258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "included"); 268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (wps->last_msg == NULL) { 308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS: Last message not available for " 318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "validating authenticator"); 328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* Authenticator = HMAC-SHA256_AuthKey(M_prev || M_curr*) 368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * (M_curr* is M_curr without the Authenticator attribute) 378d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt addr[0] = wpabuf_head(wps->last_msg); 398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt len[0] = wpabuf_len(wps->last_msg); 408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt addr[1] = wpabuf_head(msg); 418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt len[1] = wpabuf_len(msg) - 4 - WPS_AUTHENTICATOR_LEN; 428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt hmac_sha256_vector(wps->authkey, WPS_AUTHKEY_LEN, 2, addr, len, hash); 438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 44c28170251eb54dbf64a9074a07fee377587425b2Dmitry Shmidt if (os_memcmp_const(hash, authenticator, WPS_AUTHENTICATOR_LEN) != 0) { 458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS: Incorrect Authenticator"); 468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtint wps_process_key_wrap_auth(struct wps_data *wps, struct wpabuf *msg, 548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt const u8 *key_wrap_auth) 558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt u8 hash[SHA256_MAC_LEN]; 578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt const u8 *head; 588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt size_t len; 598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (key_wrap_auth == NULL) { 618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS: No KWA in decrypted attribute"); 628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt head = wpabuf_head(msg); 668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt len = wpabuf_len(msg) - 4 - WPS_KWA_LEN; 678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (head + len != key_wrap_auth - 4) { 688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS: KWA not in the end of the " 698d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "decrypted attribute"); 708d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 718d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 728d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 738d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt hmac_sha256(wps->authkey, WPS_AUTHKEY_LEN, head, len, hash); 74c28170251eb54dbf64a9074a07fee377587425b2Dmitry Shmidt if (os_memcmp_const(hash, key_wrap_auth, WPS_KWA_LEN) != 0) { 758d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS: Invalid KWA"); 768d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 778d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 788d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 798d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 808d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 818d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 828d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 838d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic int wps_process_cred_network_idx(struct wps_credential *cred, 848d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt const u8 *idx) 858d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 868d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (idx == NULL) { 878d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS: Credential did not include " 888d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "Network Index"); 898d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 908d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 918d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 928d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS: Network Index: %d", *idx); 938d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 948d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 958d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 968d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 978d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 988d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic int wps_process_cred_ssid(struct wps_credential *cred, const u8 *ssid, 998d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt size_t ssid_len) 1008d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 1018d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ssid == NULL) { 1028d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS: Credential did not include SSID"); 1038d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 1048d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 1058d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1068d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* Remove zero-padding since some Registrar implementations seem to use 1078d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * hardcoded 32-octet length for this attribute */ 1088d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt while (ssid_len > 0 && ssid[ssid_len - 1] == 0) 1098d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ssid_len--; 1108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_hexdump_ascii(MSG_DEBUG, "WPS: SSID", ssid, ssid_len); 1128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ssid_len <= sizeof(cred->ssid)) { 1138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memcpy(cred->ssid, ssid, ssid_len); 1148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cred->ssid_len = ssid_len; 1158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 1168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 1188d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 1198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic int wps_process_cred_auth_type(struct wps_credential *cred, 1228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt const u8 *auth_type) 1238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 1248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (auth_type == NULL) { 1258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS: Credential did not include " 1268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "Authentication Type"); 1278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 1288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 1298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cred->auth_type = WPA_GET_BE16(auth_type); 1318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS: Authentication Type: 0x%x", 1328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cred->auth_type); 1338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 1358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 1368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1378d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic int wps_process_cred_encr_type(struct wps_credential *cred, 1398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt const u8 *encr_type) 1408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 1418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (encr_type == NULL) { 1428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS: Credential did not include " 1438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "Encryption Type"); 1448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 1458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 1468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cred->encr_type = WPA_GET_BE16(encr_type); 1488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS: Encryption Type: 0x%x", 1498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cred->encr_type); 1508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 1528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 1538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic int wps_process_cred_network_key_idx(struct wps_credential *cred, 1568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt const u8 *key_idx) 1578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 1588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (key_idx == NULL) 1598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; /* optional attribute */ 1608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS: Network Key Index: %d", *key_idx); 1628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cred->key_idx = *key_idx; 1638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 1658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 1668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic int wps_process_cred_network_key(struct wps_credential *cred, 1698d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt const u8 *key, size_t key_len) 1708d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 1718d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (key == NULL) { 1728d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS: Credential did not include " 1738d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "Network Key"); 1748d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (cred->auth_type == WPS_AUTH_OPEN && 1758d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cred->encr_type == WPS_ENCR_NONE) { 1768d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS: Workaround - Allow " 1778d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "missing mandatory Network Key attribute " 1788d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "for open network"); 1798d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 1808d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 1818d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 1828d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 1838d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1848d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_hexdump_key(MSG_DEBUG, "WPS: Network Key", key, key_len); 1858d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (key_len <= sizeof(cred->key)) { 1868d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memcpy(cred->key, key, key_len); 1878d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cred->key_len = key_len; 1888d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 1898d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1908d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 1918d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 1928d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1938d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1948d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic int wps_process_cred_mac_addr(struct wps_credential *cred, 1958d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt const u8 *mac_addr) 1968d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 1978d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (mac_addr == NULL) { 1988d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS: Credential did not include " 1998d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "MAC Address"); 2008d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 2018d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 2028d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2038d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS: MAC Address " MACSTR, MAC2STR(mac_addr)); 2048d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memcpy(cred->mac_addr, mac_addr, ETH_ALEN); 2058d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2068d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 2078d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 2088d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2098d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic int wps_workaround_cred_key(struct wps_credential *cred) 2118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 2128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (cred->auth_type & (WPS_AUTH_WPAPSK | WPS_AUTH_WPA2PSK) && 2138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cred->key_len > 8 && cred->key_len < 64 && 2148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cred->key[cred->key_len - 1] == 0) { 2158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#ifdef CONFIG_WPS_STRICT 2168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_INFO, "WPS: WPA/WPA2-Personal passphrase uses " 2178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "forbidden NULL termination"); 2188d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_hexdump_ascii_key(MSG_INFO, "WPS: Network Key", 2198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cred->key, cred->key_len); 2208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 2218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#else /* CONFIG_WPS_STRICT */ 2228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* 2238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * A deployed external registrar is known to encode ASCII 2248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * passphrases incorrectly. Remove the extra NULL termination 2258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * to fix the encoding. 2268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 2278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS: Workaround - remove NULL " 2288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "termination from ASCII passphrase"); 2298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cred->key_len--; 2308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#endif /* CONFIG_WPS_STRICT */ 2318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 2328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 2338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 2348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtint wps_process_cred(struct wps_parse_attr *attr, 2378d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct wps_credential *cred) 2388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 2398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS: Process Credential"); 2408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* TODO: support multiple Network Keys */ 2428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (wps_process_cred_network_idx(cred, attr->network_idx) || 2438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wps_process_cred_ssid(cred, attr->ssid, attr->ssid_len) || 2448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wps_process_cred_auth_type(cred, attr->auth_type) || 2458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wps_process_cred_encr_type(cred, attr->encr_type) || 2468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wps_process_cred_network_key_idx(cred, attr->network_key_idx) || 2478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wps_process_cred_network_key(cred, attr->network_key, 2488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt attr->network_key_len) || 2493c4793790bf06f1fe08a2ddf604c9caa855151f1Dmitry Shmidt wps_process_cred_mac_addr(cred, attr->mac_addr)) 2508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 2518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return wps_workaround_cred_key(cred); 2538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 2548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtint wps_process_ap_settings(struct wps_parse_attr *attr, 2578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct wps_credential *cred) 2588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 2598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WPS: Processing AP Settings"); 2608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memset(cred, 0, sizeof(*cred)); 2618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* TODO: optional attributes New Password and Device Password ID */ 2628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (wps_process_cred_ssid(cred, attr->ssid, attr->ssid_len) || 2638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wps_process_cred_auth_type(cred, attr->auth_type) || 2648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wps_process_cred_encr_type(cred, attr->encr_type) || 2658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wps_process_cred_network_key_idx(cred, attr->network_key_idx) || 2668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wps_process_cred_network_key(cred, attr->network_key, 2678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt attr->network_key_len) || 2688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wps_process_cred_mac_addr(cred, attr->mac_addr)) 2698d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 2708d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2718d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return wps_workaround_cred_key(cred); 2728d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 273