Kernel/iwd
3
0
Fork 0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2025-01-03 02:02:33 +01:00
Code Releases Activity

crypto: add crypto_passphrase_is_valid

Browse Source 
Move this check out of crypto_psk_from_passphrase so other modules
can validate a passphrase.
This commit is contained in:
James Prestwood 2019-09-18 09:02:57 -07:00 committed by Denis Kenzior
parent 7a9891dbef
commit 42e083cf9b
2 changed files with 27 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
src/crypto.c
View File

@ -479,20 +479,10 @@ int crypto_cipher_tk_bits(enum crypto_cipher cipher)
return crypto_cipher_key_len(cipher) * 8; return crypto_cipher_key_len(cipher) * 8;
} }
int crypto_psk_from_passphrase(const char *passphrase, bool crypto_passphrase_is_valid(const char *passphrase)
const unsigned char *ssid, size_t ssid_len,
unsigned char *out_psk)
{ {
size_t passphrase_len; size_t passphrase_len;
size_t i; size_t i;
bool result;
unsigned char psk[32];
if (!passphrase)
return -EINVAL;
if (!ssid)
return -EINVAL;
/* /*
* IEEE 802.11, Annex M, Section M.4.1: * IEEE 802.11, Annex M, Section M.4.1:
@ -503,10 +493,7 @@ int crypto_psk_from_passphrase(const char *passphrase,
*/ */
passphrase_len = strlen(passphrase); passphrase_len = strlen(passphrase);
if (passphrase_len < 8 || passphrase_len > 63) if (passphrase_len < 8 || passphrase_len > 63)
return -ERANGE; return false;
if (ssid_len == 0 || ssid_len > 32)
return -ERANGE;
/* IEEE 802.11, Annex M, Section M.4.1: /* IEEE 802.11, Annex M, Section M.4.1:
* "Each character in the pass-phrase must have an encoding in the * "Each character in the pass-phrase must have an encoding in the
@ -518,9 +505,31 @@ int crypto_psk_from_passphrase(const char *passphrase,
if (l_ascii_isprint(passphrase[i])) if (l_ascii_isprint(passphrase[i]))
continue; continue;
return -EINVAL; return false;
} }
return true;
}
int crypto_psk_from_passphrase(const char *passphrase,
const unsigned char *ssid, size_t ssid_len,
unsigned char *out_psk)
{
bool result;
unsigned char psk[32];
if (!passphrase)
return -EINVAL;
if (!ssid)
return -EINVAL;
if (!crypto_passphrase_is_valid(passphrase))
return -ERANGE;
if (ssid_len == 0 || ssid_len > 32)
return -ERANGE;
result = l_pkcs5_pbkdf2(L_CHECKSUM_SHA1, passphrase, ssid, ssid_len, result = l_pkcs5_pbkdf2(L_CHECKSUM_SHA1, passphrase, ssid, ssid_len,
4096, psk, sizeof(psk)); 4096, psk, sizeof(psk));
if (!result) if (!result)

2
src/crypto.h
View File

@ -91,6 +91,8 @@ bool aes_siv_decrypt(const uint8_t *key, size_t key_len, const uint8_t *in,
int crypto_cipher_key_len(enum crypto_cipher cipher); int crypto_cipher_key_len(enum crypto_cipher cipher);
int crypto_cipher_tk_bits(enum crypto_cipher cipher); int crypto_cipher_tk_bits(enum crypto_cipher cipher);
bool crypto_passphrase_is_valid(const char *passphrase);
int crypto_psk_from_passphrase(const char *passphrase, int crypto_psk_from_passphrase(const char *passphrase,
const unsigned char *ssid, size_t ssid_len, const unsigned char *ssid, size_t ssid_len,
unsigned char *out_psk); unsigned char *out_psk);