[patch] WPS: support WEP keys in hex characters format in received credentials

Dan Williams dcbw at redhat.com
Wed Feb 18 06:24:25 EST 2009


On Wed, 2009-02-18 at 09:14 +0200, Jouni Malinen wrote:
> On Tue, Feb 17, 2009 at 11:20:42AM -0500, Dan Williams wrote:
> 
> > I assume there's no support for passphrases in the standard at all?
> > Since a 10 or 26 character hexadecimal WEP key is also a valid 104-bit
> > WEP passphrase (using the md5 hash method).  If passphrases _were_
> > supported by WPS, this patch wouldn't handle that case.
> 
> That sounds like a vendor specific construction for setting static WEP
> keys. Where is it defined? Anyway, no, that is not needed for WPS. For

It's not defined, but it's the de-facto 104-bit passphrase algorithm
used in most consumer routers.  Repeat the passphrase into a
64-character buffer and MD5 hash it.  There is no de-facto 40-bit
passphrase format since that was way before people started using
passphrases.  Apple, of course, used a different passphrase hashing
mechanism ("WEP Password") that I found an implementation of somewhere
but subsequently lost.

> some silly reason, it allows both ASCII(?) and hex presentations of the
> 40 or 104-bit WEP key there are no additional formats that should be
> supported.

Ok, good.

Dan




More information about the HostAP mailing list