-
Notifications
You must be signed in to change notification settings - Fork 56
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AP/WIFI check password validity for encryption type #792
Conversation
// Match for hexadecimal characters: | ||
const regex = /^[0-9a-f]+$/i; | ||
if (!regex.test(password)) { | ||
return reject('Invalid passphrase: WEP keys must consist of hexadecimal digits.'); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could you clarify "hexadecimal digits" in this error message? Something like:
Invalid passphrase: WEP keys must consist of hexadecimal digits, i.e 0 through 9 and "a" through "f".
Great work so far @laiedwin! I made a few comments for one of the error messages and some stuff for the error test cases. Could you add some successful password tests as well for the various security options? I'll do a smoke test (trying it out on the hardware) tonight and comment with my results. Thanks again for working on this! 👏 |
// WEP passphrases can be 10, 26, or 58 hexadecimal digits long. | ||
// Match for hexadecimal characters: | ||
const regex = /^[0-9a-f]+$/i; | ||
if (!regex.test(password)) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Instead of regex parsing, you could alternatively check if the value is a valid hexadecimal number:
isNaN(`0x${password}`)
…its to WEP key error message
My Smoke Test:
Result:
After seeing the smoke test not work correctly, I checked the changed files again. In the GitHub diff view, I totally missed that the password & security validation was added to Referring back to the original issue, the security & password validation should go into |
@laiedwin Did you get a chance to read my previous comment yet? No rush, just want to make sure you're aware of why this hasn't been merged yet. |
@HipsterBrown Sorry, I've been a lot busier than usual lately -- I'll try to get around to addressing the later comments this weekend! |
@laiedwin No worries at all. Just wanted to check in. |
@laiedwin how are things going? Can we help move things along in any way? |
@laiedwin @johnnyman727 I've opened a PR against this build to help get it over the finish line. Just a few test fixes mostly. |
// Reject if both tests fail. | ||
if (!asciiRegex.test(password) && !hexTest) { | ||
return reject('Invalid passphrase: WPA/WPA2-PSK passkeys must be 8-63 ASCII characters, or 64 hexadecimal digits.'); | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not going to block on this, but it would be awesome if the comments for each set of criteria included links to canonical "sources of truth".
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good point. This can be added before merging. 👍
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Specifically, I'd like to see links to the published protocols, in which things like if (length !== 10 || length !== 26 || length !== 58) {
are clearly defined. Thanks!!
Per discussion with @HipsterBrown, we're going to land this and then he'll do a follow up. |
Followup #792, validate access point password creation
This pull request fixes #760.
Changes:
wpa
,wpa2
) fromsecurityOptions
array.