diff options
author | Jouni Malinen <jouni.malinen@atheros.com> | 2010-09-23 10:30:52 -0700 |
---|---|---|
committer | Jouni Malinen <j@w1.fi> | 2010-09-23 10:30:52 -0700 |
commit | 3981cb3cb81641813b1f51292032f2225ccdd70b (patch) | |
tree | bf6e7f50a8fcddc8b7e16ccc1fe4923464f51b68 /wpa_supplicant | |
parent | fa37511fa7e9d6a8f4fdaa8ec2df4af71bac7941 (diff) | |
download | external_wpa_supplicant_8_ti-3981cb3cb81641813b1f51292032f2225ccdd70b.zip external_wpa_supplicant_8_ti-3981cb3cb81641813b1f51292032f2225ccdd70b.tar.gz external_wpa_supplicant_8_ti-3981cb3cb81641813b1f51292032f2225ccdd70b.tar.bz2 |
WPS: Add wps_check_pin command for processing PIN from user input
UIs can use this command to process a PIN entered by a user and to
validate the checksum digit (if present).
Diffstat (limited to 'wpa_supplicant')
-rw-r--r-- | wpa_supplicant/README-WPS | 7 | ||||
-rw-r--r-- | wpa_supplicant/ctrl_iface.c | 48 | ||||
-rw-r--r-- | wpa_supplicant/wpa_cli.c | 29 |
3 files changed, 84 insertions, 0 deletions
diff --git a/wpa_supplicant/README-WPS b/wpa_supplicant/README-WPS index 7c28836..8a773e2 100644 --- a/wpa_supplicant/README-WPS +++ b/wpa_supplicant/README-WPS @@ -94,6 +94,13 @@ pushbutton event (for PBC) to allow a new WPS Enrollee to join the network. wpa_supplicant uses the control interface as an input channel for these events. +The PIN value used in the commands must be processed by an UI to +remove non-digit characters and potentially, to verify the checksum +digit. "wpa_cli wps_check_pin <PIN>" can be used to do such processing. +It returns FAIL if the PIN is invalid, or FAIL-CHECKSUM if the checksum +digit is incorrect, or the processed PIN (non-digit characters removed) +if the PIN is valid. + If the client device has a display, a random PIN has to be generated for each WPS registration session. wpa_supplicant can do this with a control interface request, e.g., by calling wpa_cli: diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c index 8c5dcdf..ac5d067 100644 --- a/wpa_supplicant/ctrl_iface.c +++ b/wpa_supplicant/ctrl_iface.c @@ -261,6 +261,51 @@ static int wpa_supplicant_ctrl_iface_wps_pin(struct wpa_supplicant *wpa_s, } +static int wpa_supplicant_ctrl_iface_wps_check_pin( + struct wpa_supplicant *wpa_s, char *cmd, char *buf, size_t buflen) +{ + char pin[9]; + size_t len; + char *pos; + int ret; + + wpa_hexdump_ascii_key(MSG_DEBUG, "WPS_CHECK_PIN", + (u8 *) cmd, os_strlen(cmd)); + for (pos = cmd, len = 0; *pos != '\0'; pos++) { + if (*pos < '0' || *pos > '9') + continue; + pin[len++] = *pos; + if (len == 9) { + wpa_printf(MSG_DEBUG, "WPS: Too long PIN"); + return -1; + } + } + if (len != 4 && len != 8) { + wpa_printf(MSG_DEBUG, "WPS: Invalid PIN length %d", (int) len); + return -1; + } + pin[len] = '\0'; + + if (len == 8) { + unsigned int pin_val; + pin_val = atoi(pin); + if (!wps_pin_valid(pin_val)) { + wpa_printf(MSG_DEBUG, "WPS: Invalid checksum digit"); + ret = os_snprintf(buf, buflen, "FAIL-CHECKSUM\n"); + if (ret < 0 || (size_t) ret >= buflen) + return -1; + return ret; + } + } + + ret = os_snprintf(buf, buflen, "%s", pin); + if (ret < 0 || (size_t) ret >= buflen) + return -1; + + return ret; +} + + #ifdef CONFIG_WPS_OOB static int wpa_supplicant_ctrl_iface_wps_oob(struct wpa_supplicant *wpa_s, char *cmd) @@ -2715,6 +2760,9 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s, reply_len = wpa_supplicant_ctrl_iface_wps_pin(wpa_s, buf + 8, reply, reply_size); + } else if (os_strncmp(buf, "WPS_CHECK_PIN ", 14) == 0) { + reply_len = wpa_supplicant_ctrl_iface_wps_check_pin( + wpa_s, buf + 14, reply, reply_size); } else if (os_strcmp(buf, "WPS_CANCEL") == 0) { if (wpas_wps_cancel(wpa_s)) reply_len = -1; diff --git a/wpa_supplicant/wpa_cli.c b/wpa_supplicant/wpa_cli.c index 855f720..00fb0dc 100644 --- a/wpa_supplicant/wpa_cli.c +++ b/wpa_supplicant/wpa_cli.c @@ -615,6 +615,32 @@ static int wpa_cli_cmd_wps_pin(struct wpa_ctrl *ctrl, int argc, char *argv[]) } +static int wpa_cli_cmd_wps_check_pin(struct wpa_ctrl *ctrl, int argc, + char *argv[]) +{ + char cmd[256]; + int res; + + if (argc != 1 && argc != 2) { + printf("Invalid WPS_CHECK_PIN command: needs one argument:\n" + "- PIN to be verified\n"); + return -1; + } + + if (argc == 2) + res = os_snprintf(cmd, sizeof(cmd), "WPS_CHECK_PIN %s %s", + argv[0], argv[1]); + else + res = os_snprintf(cmd, sizeof(cmd), "WPS_CHECK_PIN %s", + argv[0]); + if (res < 0 || (size_t) res >= sizeof(cmd) - 1) { + printf("Too long WPS_CHECK_PIN command.\n"); + return -1; + } + return wpa_ctrl_command(ctrl, cmd); +} + + static int wpa_cli_cmd_wps_cancel(struct wpa_ctrl *ctrl, int argc, char *argv[]) { @@ -2271,6 +2297,9 @@ static struct wpa_cli_cmd wpa_cli_commands[] = { cli_cmd_flag_sensitive, "<BSSID> [PIN] = start WPS PIN method (returns PIN, if not " "hardcoded)" }, + { "wps_check_pin", wpa_cli_cmd_wps_check_pin, + cli_cmd_flag_sensitive, + "<PIN> = verify PIN checksum" }, { "wps_cancel", wpa_cli_cmd_wps_cancel, cli_cmd_flag_none, "Cancels the pending WPS operation" }, #ifdef CONFIG_WPS_OOB |