diff options
author | Jaehyun Kim <jeik01.kim@samsung.com> | 2017-11-28 22:09:43 +0900 |
---|---|---|
committer | Jaehyun Kim <jeik01.kim@samsung.com> | 2017-12-12 17:54:08 +0900 |
commit | 1cf9bf2db07064d1507e00266b56a57340e16ffa (patch) | |
tree | 3bd2aa016c09088ffe37ad5a1e255a394d4f54f5 | |
parent | 5871159781a54b98714d0529d1b5c0c41d38df99 (diff) | |
download | connman-1cf9bf2db07064d1507e00266b56a57340e16ffa.tar.gz connman-1cf9bf2db07064d1507e00266b56a57340e16ffa.tar.bz2 connman-1cf9bf2db07064d1507e00266b56a57340e16ffa.zip |
Add WiFi passphrase encryption routinesubmit/tizen/20171212.235218accepted/tizen/unified/20171213.153208
Change-Id: Ife8902c48b338cec4a91429441e8435a6b21bc7e
Signed-off-by: Jaehyun Kim <jeik01.kim@samsung.com>
-rwxr-xr-x | include/network.h | 3 | ||||
-rwxr-xr-x | plugins/wifi.c | 120 | ||||
-rwxr-xr-x | src/connman.h | 2 | ||||
-rwxr-xr-x | src/service.c | 23 |
4 files changed, 146 insertions, 2 deletions
diff --git a/include/network.h b/include/network.h index 68dc4107..6403b167 100755 --- a/include/network.h +++ b/include/network.h @@ -157,6 +157,9 @@ unsigned int connman_network_get_keymgmt(struct connman_network *network); int connman_network_set_disconnect_reason(struct connman_network *network, int reason_code); int connman_network_get_disconnect_reason(struct connman_network *network); +int connman_network_get_assoc_status_code(struct connman_network *network); +int connman_network_set_assoc_status_code(struct connman_network *network, + int assoc_status_code); #endif int connman_network_set_name(struct connman_network *network, diff --git a/plugins/wifi.c b/plugins/wifi.c index 116fa600..d34f8116 100755 --- a/plugins/wifi.c +++ b/plugins/wifi.c @@ -140,6 +140,7 @@ struct wifi_data { #if defined TIZEN_EXT #include "connman.h" +#include "dbus.h" #define TIZEN_ASSOC_RETRY_COUNT 4 @@ -157,6 +158,73 @@ bool wfd_service_registered = false; static void start_autoscan(struct connman_device *device); +#if defined TIZEN_EXT +#define NETCONFIG_SERVICE "net.netconfig" +#define NETCONFIG_WIFI_PATH "/net/netconfig/wifi" +#define NETCONFIG_WIFI_INTERFACE NETCONFIG_SERVICE ".wifi" + +static gchar* send_cryptographic_request(const char *passphrase, const char *method) +{ + DBusConnection *connection = NULL; + DBusMessage *msg = NULL, *reply = NULL; + DBusError error; + gchar *result; + const char *out_data; + + if (!passphrase || !method) { + DBG("Invalid parameter"); + return NULL; + } + + dbus_error_init(&error); + + connection = connman_dbus_get_connection(); + if (!connection) { + DBG("dbus connection does not exist"); + return NULL; + } + + msg = dbus_message_new_method_call(NETCONFIG_SERVICE, NETCONFIG_WIFI_PATH, + NETCONFIG_WIFI_INTERFACE, method); + if (!msg) { + dbus_connection_unref(connection); + return NULL; + } + + dbus_message_append_args(msg, DBUS_TYPE_STRING, &passphrase, + DBUS_TYPE_INVALID); + + reply = dbus_connection_send_with_reply_and_block(connection, msg, + DBUS_TIMEOUT_USE_DEFAULT, &error); + if (reply == NULL) { + if (dbus_error_is_set(&error)) { + DBG("%s", error.message); + dbus_error_free(&error); + } else { + DBG("Failed to request cryptographic request"); + } + dbus_connection_unref(connection); + dbus_message_unref(msg); + return NULL; + } + + dbus_message_unref(msg); + dbus_connection_unref(connection); + + if (!dbus_message_get_args(reply, NULL, + DBUS_TYPE_STRING, &out_data, + DBUS_TYPE_INVALID)) { + dbus_message_unref(reply); + return NULL; + } + + result = g_strdup((const gchar *)out_data); + dbus_message_unref(reply); + + return result; +} +#endif + static int p2p_tech_probe(struct connman_technology *technology) { p2p_technology = technology; @@ -2281,7 +2349,28 @@ static void ssid_init(GSupplicantSSID *ssid, struct connman_network *network) ssid->security = network_security(security); ssid->passphrase = connman_network_get_string(network, "WiFi.Passphrase"); - +#if defined TIZEN_EXT + /* Decrypt the passphrase + */ + static gchar* origin_value = NULL; + gchar *passphrase = g_strdup(ssid->passphrase); + g_free(origin_value); + origin_value = NULL; + + if (passphrase && g_strcmp0(passphrase, "") != 0) { + origin_value = send_cryptographic_request(passphrase, + "DecryptPassphrase"); + + if (!origin_value) { + DBG("Decryption failed"); + } else { + DBG("Decryption succeeded"); + ssid->passphrase = origin_value; + } + + } + g_free(passphrase); +#endif ssid->eap = connman_network_get_string(network, "WiFi.EAP"); /* @@ -2615,10 +2704,39 @@ static bool handle_wps_completion(GSupplicantInterface *interface, } wps_key = g_supplicant_interface_get_wps_key(interface); +#if defined TIZEN_EXT + /* Check the passphrase and encrypt it + */ + gchar *encrypted_value = NULL; + gchar *passphrase = g_strdup(wps_key); + + connman_network_set_string(network, "WiFi.PinWPS", NULL); + + if (check_passphrase_ext(network, passphrase) < 0) { + DBG("[WPS] Invalid passphrase"); + g_free(passphrase); + return true; + } + + encrypted_value = send_cryptographic_request(passphrase, "EncryptPassphrase"); + + g_free(passphrase); + + if (!encrypted_value) { + DBG("[WPS] Encryption failed"); + return true; + } + DBG("[WPS] Encryption succeeded"); + connman_network_set_string(network, "WiFi.Passphrase", + encrypted_value); + g_free(encrypted_value); + +#else connman_network_set_string(network, "WiFi.Passphrase", wps_key); connman_network_set_string(network, "WiFi.PinWPS", NULL); +#endif } return true; diff --git a/src/connman.h b/src/connman.h index 658a239b..57cfc872 100755 --- a/src/connman.h +++ b/src/connman.h @@ -823,6 +823,8 @@ void __connman_service_set_pac(struct connman_service *service, int __connman_service_get_connected_count_of_iface(struct connman_service *service); void __connman_service_set_proxy(struct connman_service *service, const char *proxies); +int check_passphrase_ext(struct connman_network *network, + const char *passphrase); #endif bool __connman_service_is_hidden(struct connman_service *service); bool __connman_service_is_split_routing(struct connman_service *service); diff --git a/src/service.c b/src/service.c index 003b6291..3d491a8c 100755 --- a/src/service.c +++ b/src/service.c @@ -3960,7 +3960,14 @@ int __connman_service_set_passphrase(struct connman_service *service, if (service->immutable && service->security != CONNMAN_SERVICE_SECURITY_8021X) return -EINVAL; - +#if defined TIZEN_EXT + /* The encrypted passphrase is used here + * and validation is done by net-config before being encrypted. + */ + if (service->security != CONNMAN_SERVICE_SECURITY_PSK && + service->security != CONNMAN_SERVICE_SECURITY_RSN && + service->security != CONNMAN_SERVICE_SECURITY_WEP) +#endif err = check_passphrase(service->security, passphrase); if (err < 0) @@ -8529,6 +8536,20 @@ static enum connman_service_security convert_wifi_security(const char *security) return CONNMAN_SERVICE_SECURITY_UNKNOWN; } +#if defined TIZEN_EXT +int check_passphrase_ext(struct connman_network *network, + const char *passphrase) +{ + const char *str; + enum connman_service_security security; + + str = connman_network_get_string(network, "WiFi.Security"); + security = convert_wifi_security(str); + + return check_passphrase(security, passphrase); +} +#endif + static void update_from_network(struct connman_service *service, struct connman_network *network) { |