Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

AP/WIFI check password validity for encryption type #792

Merged
merged 4 commits into from
Aug 18, 2016
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 26 additions & 1 deletion lib/controller.js
Original file line number Diff line number Diff line change
Expand Up @@ -664,7 +664,7 @@ controller.connectToNetwork = function(opts) {
var ssid = opts.ssid;
var password = opts.password;
var security = opts.security;
var securityOptions = ['none', 'wep', 'psk', 'psk2', 'wpa', 'wpa2'];
var securityOptions = ['none', 'wep', 'psk', 'psk2'];
return new Promise(function(resolve, reject) {
if (!ssid) {
return reject('Invalid credentials: must set SSID with the -n or --ssid option.');
Expand All @@ -677,6 +677,31 @@ controller.connectToNetwork = function(opts) {
if (security && securityOptions.indexOf(security) < 0) {
return reject(`"${security}" is not a valid security option. Please choose on of the following: ${securityOptions.join(', ')}`);
}

if (security === 'wep') {
// WEP passphrases can be 10, 26, or 58 hexadecimal digits long.
// Match for hexadecimal characters:
if (isNaN(`0x${password}`)) {
return reject('Invalid passphrase: WEP keys must consist of hexadecimal digits, i.e. 0 through 9 and "a" through "f".');
}
// Then test for length:
const length = password.length;
if (length !== 10 || length !== 26 || length !== 58) {
return reject('Invalid passphrase: WEP keys must be 10, 26, or 58 digits long for 64-, 128-, and 256-bit WEP.');
}
}

if (security === 'psk' || security === 'psk2') {
// WPA/WPA2-PSK passphrases can be 8-63 ASCII characters, or 64 hexadecimal digits.
// Match ASCII codes for all 127 printable ASCII characters:
const asciiRegex = /^[\x00-\x7F]{8,63}$/;
// Match exactly 64 hexadecimal digits:
const hexTest = !isNaN(`0x${password}`) && password.length === 64;
// Reject if both tests fail.
if (!asciiRegex.test(password) && !hexTest) {
return reject('Invalid passphrase: WPA/WPA2-PSK passkeys must be 8-63 ASCII characters, or 64 hexadecimal digits.');
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not going to block on this, but it would be awesome if the comments for each set of criteria included links to canonical "sources of truth".

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good point. This can be added before merging. 👍

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Specifically, I'd like to see links to the published protocols, in which things like if (length !== 10 || length !== 26 || length !== 58) { are clearly defined. Thanks!!

}
resolve();
})
.then(() => {
Expand Down
98 changes: 98 additions & 0 deletions test/unit/controller.js
Original file line number Diff line number Diff line change
Expand Up @@ -1065,6 +1065,104 @@ exports['controller.closeTesselConnections'] = {
test.done();
});
},

invalidAccessPointWEPPasswordCharacters: function(test) {
test.expect(1);

controller.createAccessPoint({
ssid: 'test',
password: 'nothexdigits',
security: 'wep'
})
.catch(error => {
test.ok(error);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For the error tests, I would copy this pattern already used -> https://github.com/tessel/t2-cli/pull/792/files#diff-579f2a5c7de143123729e47453faf76bR1064

.catch(error => {
  test.ok(true, error.toString());
  test.done();
});

test.done();
});
},

invalidAccessPointWEPPasswordLength: function(test) {
test.expect(1);

controller.createAccessPoint({
ssid: 'test',
password: '0123456789ABCDEF',
security: 'wep'
})
.catch(error => {
test.ok(error);
test.done();
});
},

invalidAccessPointPSKPasswordCharacters: function(test) {
test.expect(1);

controller.createAccessPoint({
ssid: 'test',
password: 'Password™',
security: 'psk'
})
.catch(error => {
test.ok(error);
test.done();
});
},

invalidAccessPointPSKASCIIPasswordTooShort: function(test) {
test.expect(1);

controller.createAccessPoint({
ssid: 'test',
password: 'short',
security: 'psk'
})
.catch(error => {
test.ok(error);
test.done();
});
},

invalidAccessPointPSKASCIIPasswordTooLong: function(test) {
test.expect(1);

controller.createAccessPoint({
ssid: 'test',
password: 'this is a very long passphrase. in fact, it is over 63 characters, which makes it invalid.',
security: 'psk'
})
.catch(error => {
test.ok(error);
test.done();
});
},

invalidAccessPointPSKHexPasswordTooShort: function(test) {
test.expect(1);

controller.createAccessPoint({
ssid: 'test',
password: 'DEAD',
security: 'psk'
})
.catch(error => {
test.ok(error);
test.done();
});
},

invalidAccessPointPSKHexPasswordTooLong: function(test) {
test.expect(1);

controller.createAccessPoint({
ssid: 'test',
password: 'DEADDEADDEADDEADDEADDEADDEADDEADDEADDEADDEADDEADDEADDEADDEADDEADDEAD',
security: 'psk'
})
.catch(error => {
test.ok(error);
test.done();
});
},
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great tests!

};

exports['controller.root'] = {
Expand Down