DPP: Do not restrict SAE password length on Enrollee

The restriction of the passphrase length to 8..63 characters is only applicable for WPA2-Personal (PSK). Remove this constraint when processing a configuration object that includes SAE without PSK. Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2024-08-22 11:25:54 +03:00 · 2024-08-22 11:25:54 +03:00 · 882bd2edd5
commit 882bd2edd5
parent 503e22025b
2 changed files with 11 additions and 2 deletions
--- a/src/common/dpp.c
+++ b/src/common/dpp.c
@ -2565,8 +2565,12 @@ static int dpp_parse_cred_legacy(struct dpp_config_obj *conf,
 		wpa_hexdump_ascii_key(MSG_DEBUG, "DPP: Legacy passphrase",
 				      pass->string, len);
-		if (len < 8 || len > 63)
+		if (dpp_akm_psk(conf->akm) && (len < 8 || len > 63)) {
 			wpa_printf(MSG_DEBUG,
 				   "DPP: Unexpected pass length %zu for a config object that includes PSK",
 				   len);
 			return -1;
 		}
 		os_strlcpy(conf->passphrase, pass->string,
 			   sizeof(conf->passphrase));
 	} else if (psk_hex && psk_hex->type == JSON_STRING) {
--- a/wpa_supplicant/dpp_supplicant.c
+++ b/wpa_supplicant/dpp_supplicant.c
@ -1475,12 +1475,17 @@ static struct wpa_ssid * wpas_dpp_add_network(struct wpa_supplicant *wpa_s,
 			ssid->ieee80211w = MGMT_FRAME_PROTECTION_OPTIONAL;
 		else
 			ssid->ieee80211w = MGMT_FRAME_PROTECTION_REQUIRED;
-		if (conf->passphrase[0]) {
+		if (conf->passphrase[0] && dpp_akm_psk(conf->akm)) {
 			if (wpa_config_set_quoted(ssid, "psk",
 						  conf->passphrase) < 0)
 				goto fail;
 			wpa_config_update_psk(ssid);
 			ssid->export_keys = 1;
 		} else if (conf->passphrase[0] && dpp_akm_sae(conf->akm)) {
 			if (wpa_config_set_quoted(ssid, "sae_password",
 						  conf->passphrase) < 0)
 				goto fail;
 			ssid->export_keys = 1;
 		} else {
 			ssid->psk_set = conf->psk_set;
 			os_memcpy(ssid->psk, conf->psk, PMK_LEN);