From 64f225df6ef5e6abb6a7ce64b03be2d16b8b61b8 Mon Sep 17 00:00:00 2001 From: James Prestwood Date: Thu, 3 Feb 2022 08:43:09 -0800 Subject: [PATCH] hotspot: implement hotspot profile encryption Using storage_decrypt() hotspot can also support profile encyption. The hotspot consortium name is used as the 'ssid' since this stays consistent between hotspot networks for any profile. --- src/hotspot.c | 25 ++++++++++++++++++++----- 1 file changed, 20 insertions(+), 5 deletions(-) diff --git a/src/hotspot.c b/src/hotspot.c index 21f50690..89b3095f 100644 --- a/src/hotspot.c +++ b/src/hotspot.c @@ -95,12 +95,17 @@ static struct l_settings *hotspot_network_open(struct network_info *info) settings = l_settings_new(); - if (!l_settings_load_from_file(settings, config->filename)) { - l_settings_free(settings); - return NULL; - } + if (!l_settings_load_from_file(settings, config->filename)) + goto error; + + if (!storage_decrypt(settings, config->filename, config->name)) + goto error; return settings; + +error: + l_settings_free(settings); + return NULL; } static void hotspot_network_sync(struct network_info *info, @@ -111,7 +116,12 @@ static void hotspot_network_sync(struct network_info *info, struct hs20_config *config = l_container_of(info, struct hs20_config, super); - data = l_settings_to_data(settings, &length); + data = __storage_encrypt(settings, config->name, &length); + if (!data) { + l_error("Unable to sync profile %s", config->filename); + return; + } + write_file(data, length, true, "%s", config->filename); l_free(data); } @@ -338,6 +348,11 @@ static struct hs20_config *hs20_config_new(struct l_settings *settings, goto free_values; } + if (!storage_decrypt(settings, filename, name)) { + l_error("Could not open hotspot profile %s", filename); + goto free_values; + } + config = l_new(struct hs20_config, 1); if (hessid_str) {