diff options
| author | Nick Lowe <nick.lowe@lugatech.com> | 2016-02-09 14:47:47 (GMT) |
|---|---|---|
| committer | Jouni Malinen <j@w1.fi> | 2016-02-19 16:44:40 (GMT) |
| commit | 98a516eae8260e6fd5c48ddecf8d006285da7389 (patch) | |
| tree | c4e476cd4f11428a490cbd55d709cf88aff7a702 /wpa_supplicant | |
| parent | f441e5af777c01f8649374fe91ff135e080aa959 (diff) | |
| download | hostap-98a516eae8260e6fd5c48ddecf8d006285da7389.zip hostap-98a516eae8260e6fd5c48ddecf8d006285da7389.tar.gz hostap-98a516eae8260e6fd5c48ddecf8d006285da7389.tar.bz2 | |
WPS: Use only os_get_random() for PIN generation
Remove the fallback dependency on os_random() when generating a WPS pin.
This is exceptionally unlikely to ever be called as the call to
os_get_random() is unlikely to fail. The intention is to facilitate
future removal of os_random() as it uses a low quality PRNG.
Signed-off-by: Nick Lowe <nick.lowe@lugatech.com>
Diffstat (limited to 'wpa_supplicant')
| -rw-r--r-- | wpa_supplicant/ap.c | 8 | ||||
| -rw-r--r-- | wpa_supplicant/ctrl_iface.c | 3 | ||||
| -rw-r--r-- | wpa_supplicant/p2p_supplicant.c | 19 | ||||
| -rw-r--r-- | wpa_supplicant/wps_supplicant.c | 5 |
4 files changed, 28 insertions, 7 deletions
diff --git a/wpa_supplicant/ap.c b/wpa_supplicant/ap.c index 03c3fab..60f8c0d 100644 --- a/wpa_supplicant/ap.c +++ b/wpa_supplicant/ap.c @@ -915,7 +915,10 @@ int wpa_supplicant_ap_wps_pin(struct wpa_supplicant *wpa_s, const u8 *bssid, return -1; if (pin == NULL) { - unsigned int rpin = wps_generate_pin(); + unsigned int rpin; + + if (wps_generate_pin(&rpin) < 0) + return -1; ret_len = os_snprintf(buf, buflen, "%08d", rpin); if (os_snprintf_error(buflen, ret_len)) return -1; @@ -981,7 +984,8 @@ const char * wpas_wps_ap_pin_random(struct wpa_supplicant *wpa_s, int timeout) if (wpa_s->ap_iface == NULL) return NULL; hapd = wpa_s->ap_iface->bss[0]; - pin = wps_generate_pin(); + if (wps_generate_pin(&pin) < 0) + return NULL; os_snprintf(pin_txt, sizeof(pin_txt), "%08u", pin); os_free(hapd->conf->ap_pin); hapd->conf->ap_pin = os_strdup(pin_txt); diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c index a377eb3..1057a84 100644 --- a/wpa_supplicant/ctrl_iface.c +++ b/wpa_supplicant/ctrl_iface.c @@ -956,7 +956,8 @@ static int wpa_supplicant_ctrl_iface_wps_pin(struct wpa_supplicant *wpa_s, if (os_strcmp(cmd, "any") == 0) _bssid = NULL; else if (os_strcmp(cmd, "get") == 0) { - ret = wps_generate_pin(); + if (wps_generate_pin((unsigned int *) &ret) < 0) + return -1; goto done; } else if (hwaddr_aton(cmd, bssid)) { wpa_printf(MSG_DEBUG, "CTRL_IFACE WPS_PIN: invalid BSSID '%s'", diff --git a/wpa_supplicant/p2p_supplicant.c b/wpa_supplicant/p2p_supplicant.c index bf8f394..4c54b46 100644 --- a/wpa_supplicant/p2p_supplicant.c +++ b/wpa_supplicant/p2p_supplicant.c @@ -2578,7 +2578,13 @@ static void wpas_prov_disc_req(void *ctx, const u8 *peer, u16 config_methods, params[sizeof(params) - 1] = '\0'; if (config_methods & WPS_CONFIG_DISPLAY) { - generated_pin = wps_generate_pin(); + if (wps_generate_pin(&generated_pin) < 0) { + wpa_printf(MSG_DEBUG, "P2P: Could not generate PIN"); + wpas_notify_p2p_provision_discovery( + wpa_s, peer, 0 /* response */, + P2P_PROV_DISC_INFO_UNAVAILABLE, 0, 0); + return; + } wpas_prov_disc_local_display(wpa_s, peer, params, generated_pin); } else if (config_methods & WPS_CONFIG_KEYPAD) @@ -2623,7 +2629,13 @@ static void wpas_prov_disc_resp(void *ctx, const u8 *peer, u16 config_methods) if (config_methods & WPS_CONFIG_DISPLAY) wpas_prov_disc_local_keypad(wpa_s, peer, params); else if (config_methods & WPS_CONFIG_KEYPAD) { - generated_pin = wps_generate_pin(); + if (wps_generate_pin(&generated_pin) < 0) { + wpa_printf(MSG_DEBUG, "P2P: Could not generate PIN"); + wpas_notify_p2p_provision_discovery( + wpa_s, peer, 0 /* response */, + P2P_PROV_DISC_INFO_UNAVAILABLE, 0, 0); + return; + } wpas_prov_disc_local_display(wpa_s, peer, params, generated_pin); } else if (config_methods & WPS_CONFIG_PUSHBUTTON) @@ -5366,7 +5378,8 @@ int wpas_p2p_connect(struct wpa_supplicant *wpa_s, const u8 *peer_addr, if (pin) os_strlcpy(wpa_s->p2p_pin, pin, sizeof(wpa_s->p2p_pin)); else if (wps_method == WPS_PIN_DISPLAY) { - ret = wps_generate_pin(); + if (wps_generate_pin((unsigned int *) &ret) < 0) + return -1; res = os_snprintf(wpa_s->p2p_pin, sizeof(wpa_s->p2p_pin), "%08d", ret); if (os_snprintf_error(sizeof(wpa_s->p2p_pin), res)) diff --git a/wpa_supplicant/wps_supplicant.c b/wpa_supplicant/wps_supplicant.c index a39897d..07452ad 100644 --- a/wpa_supplicant/wps_supplicant.c +++ b/wpa_supplicant/wps_supplicant.c @@ -1236,7 +1236,10 @@ static int wpas_wps_start_dev_pw(struct wpa_supplicant *wpa_s, os_snprintf(val, sizeof(val), "\"dev_pw_id=%u%s\"", dev_pw_id, hash); } else { - rpin = wps_generate_pin(); + if (wps_generate_pin(&rpin) < 0) { + wpa_printf(MSG_DEBUG, "WPS: Could not generate PIN"); + return -1; + } os_snprintf(val, sizeof(val), "\"pin=%08d dev_pw_id=%u%s\"", rpin, dev_pw_id, hash); } |