WPS: Fix OOB Device Password use in PSK1,PSK1 derivation

WSC specification 2.0 section 7.4 describes OOB password to be expressed
in ASCII format (upper case hexdump) instead of raw binary.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>

diff --git a/src/ap/wps_hostapd.c b/src/ap/wps_hostapd.c
index dfe77ad37e6e93533ce2391aebe113cef48f63a5..e017972deb2f917020108c8cb80386454c505028 100644 (file)
--- a/src/ap/wps_hostapd.c
+++ b/src/ap/wps_hostapd.c
@@ -1612,6 +1612,7 @@ struct wpabuf * hostapd_wps_nfc_token_gen(struct hostapd_data *hapd, int ndef)
 int hostapd_wps_nfc_token_enable(struct hostapd_data *hapd)
 {
        struct wps_context *wps = hapd->wps;
+       struct wpabuf *pw;
 
        if (wps == NULL)
                return -1;
@@ -1626,7 +1627,16 @@ int hostapd_wps_nfc_token_enable(struct hostapd_data *hapd)
        wps->ap_nfc_dev_pw_id = hapd->conf->wps_nfc_dev_pw_id;
        wps->ap_nfc_dh_pubkey = wpabuf_dup(hapd->conf->wps_nfc_dh_pubkey);
        wps->ap_nfc_dh_privkey = wpabuf_dup(hapd->conf->wps_nfc_dh_privkey);
-       wps->ap_nfc_dev_pw = wpabuf_dup(hapd->conf->wps_nfc_dev_pw);
+       pw = hapd->conf->wps_nfc_dev_pw;
+       wps->ap_nfc_dev_pw = wpabuf_alloc(
+               wpabuf_len(pw) * 2 + 1);
+       if (wps->ap_nfc_dev_pw) {
+               wpa_snprintf_hex_uppercase(
+                       (char *) wpabuf_put(wps->ap_nfc_dev_pw,
+                                           wpabuf_len(pw) * 2),
+                       wpabuf_len(pw) * 2 + 1,
+                       wpabuf_head(pw), wpabuf_len(pw));
+       }
 
        if (!wps->ap_nfc_dh_pubkey || !wps->ap_nfc_dh_privkey ||
            !wps->ap_nfc_dev_pw) {

diff --git a/src/eap_peer/eap_wsc.c b/src/eap_peer/eap_wsc.c
index f3581560e43041839ac479a4ae342f4a1370edd4..81ad0ce0594925b0ff96bb7fa8018857f60069e5 100644 (file)
--- a/src/eap_peer/eap_wsc.c
+++ b/src/eap_peer/eap_wsc.c
@@ -137,7 +137,6 @@ static void * eap_wsc_init(struct eap_sm *sm)
        struct wps_context *wps;
        struct wps_credential new_ap_settings;
        int res;
-       u8 dev_pw[WPS_OOB_DEVICE_PASSWORD_LEN];
        int nfc = 0;
 
        wps = sm->wps;
@@ -186,14 +185,6 @@ static void * eap_wsc_init(struct eap_sm *sm)
                while (*pos != '\0' && *pos != ' ')
                        pos++;
                cfg.pin_len = pos - (const char *) cfg.pin;
-               if (cfg.pin_len >= WPS_OOB_DEVICE_PASSWORD_MIN_LEN * 2 &&
-                   cfg.pin_len <= WPS_OOB_DEVICE_PASSWORD_LEN * 2 &&
-                   hexstr2bin((const char *) cfg.pin, dev_pw,
-                              cfg.pin_len / 2) == 0) {
-                       /* Convert OOB Device Password to binary */
-                       cfg.pin = dev_pw;
-                       cfg.pin_len /= 2;
-               }
                if (cfg.pin_len == 6 &&
                    os_strncmp((const char *) cfg.pin, "nfc-pw", 6) == 0) {
                        cfg.pin = NULL;

diff --git a/src/wps/wps_registrar.c b/src/wps/wps_registrar.c
index 57344c56576963b16ba75da13b39064c035b1f18..a26b8ee99c64f617c8ded72f29660ea90ed275b3 100644 (file)
--- a/src/wps/wps_registrar.c
+++ b/src/wps/wps_registrar.c
@@ -32,7 +32,7 @@ struct wps_nfc_pw_token {
        struct dl_list list;
        u8 pubkey_hash[WPS_OOB_PUBKEY_HASH_LEN];
        u16 pw_id;
-       u8 dev_pw[WPS_OOB_DEVICE_PASSWORD_LEN];
+       u8 dev_pw[WPS_OOB_DEVICE_PASSWORD_LEN * 2 + 1];
        size_t dev_pw_len;
 };
 
@@ -3498,8 +3498,10 @@ int wps_registrar_add_nfc_pw_token(struct wps_registrar *reg,
 
        os_memcpy(token->pubkey_hash, pubkey_hash, WPS_OOB_PUBKEY_HASH_LEN);
        token->pw_id = pw_id;
-       os_memcpy(token->dev_pw, dev_pw, dev_pw_len);
-       token->dev_pw_len = dev_pw_len;
+       wpa_snprintf_hex_uppercase((char *) token->dev_pw,
+                                  sizeof(token->dev_pw),
+                                  dev_pw, dev_pw_len);
+       token->dev_pw_len = dev_pw_len * 2;
 
        dl_list_add(&reg->nfc_pw_tokens, &token->list);