Get erro "WPA passphrase must be between 8 and 63 characters" even when it is.

[dratner]

Checklist

• This is a bug report
• I observed this bug on a clean install of the OS
• I have followed the project prerequisites
• I have searched this repository for existing issues
• I checked the FAQ and official documentation before creating this issue
• I have read and understand the issue reporting guidelines

Bug description

When I am trying to connect to a wireless network, I get the error "WPA passphrase must be between 8 and 63 characters" even when the passphrase length is indeed within that range and is working fine on other devices.

Your environment

1. Operating System: RPi OS 32-bit
2. Hardware and version: Pi 4
3. RaspAP version: RaspAP v2.9.3
4. Clean install of a compatible operating system? Yes
5. RaspAP Quick Install or Manual setup? Quick Install
6. Using default configuration? Yes
7. Simultaneous AP and managed mode? ?
8. Onboard wireless chipset or external adapter? Tried with both wireless chipset and two external adapters
9. Other software or services running with RaspAP? None

Steps to reproduce

1. Go to Wifi client on Global Nav
2. Find new network under Nearby
3. Enter passphrase
4. Click Add
5. See error (but not for all networks.)

Screenshots

Although the passphrase is masked in this screenshot, you can see the passphrase is 12 characters, yet I get the error that it's not between 8 and 63. I've seen this on multiple networks, but not all. I've successfully added a few and haven't yet tracked down the difference.

Additional context

[billz]

Be sure your passphrase doesn't contain special characters.
Relevant FAQ https://docs.raspap.com/faq/#passphrase

[hjai]

@dratner I had this same issue. What worked for me is that I had to delete all of the "Known" networks first, then I was able to add the network that gave the error before.

[billz]

This issue lacks data inputs for it to be reproducible. The validation code in question is in /includes/configure_client.php

Download this gist to your device's home directory (use wget on the raw file), edit and define the $ssid and $network['passphrase'] vars, then execute it with php wpa_write.php.

[billz]

@hjai that's helpful. knownWifiStations() reads the contents of your /etc/wpa_supplicant/wpa_supplicant.conf file.

raspap-webgui/includes/wifi_functions.php

Lines 8 to 11 in 10637ef

	function knownWifiStations(&$networks)
	{
	// Find currently configured networks
	exec(' sudo cat ' . RASPI_WPA_SUPPLICANT_CONFIG, $known_return);

If this file contains invalid entries, as often happens when manually edited, it will cause the above validation to return the error.

[hjai]

@billz In my case, the Known network was valid because it was my home wifi network that I had used to initially set up my RaspAP.

[dratner]

I'll give the gist a try. In the cases where I've had this issue there has been punctuation. The example above was hôtel wifi and I believe the pass phrase was TimeNY@2020 or something similar. Printable punctuation in all cases.

[dratner]

Ok ... I got executed the gist with the wifi ssid and passphrase that was erroring in the UI. Here is the output:

network={
ssid="TIMENY"
#psk="TimeNY@2020!"
psk=3351005f802b339ca42ad2e2c27afc6d11aba0bbca18d95034c8c0f8b0576607
}

I feel a little bad posting this, but it's a hotel and they apparently haven't changed it in three years so they must not care too much.

That PSK encoding is 64 characters, so that would throw the error.

[dratner]

PS. I didn't manually update my wpa_supplicant.conf file and it all looks clean, but I'll try reseting it next time I see this error. There are only two networks listed in this file (one at my home, one at a friend's) and it correctly joins these networks so it's parsing that file successfully sometimes.

[dratner]

I just tried manually running my wpa_supplicant.conf through the knownWifiStations() function and got what a valid array back. Here is it with passphrases redacted:

$networks = array(
'CaLeone' => array(
'visible' => false,
'configured' => true,
'connected' => false,
'index' => 0,
'ssid' => 'CaLeone',
'passphrase' => '',
'protocol' => 'WPA',
),
'615Greenleaf' => array(
'visible' => false,
'configured' => true,
'connected' => false,
'index' => 1,
'ssid' => '615Greenleaf',
'passphrase' => '',
'protocol' => 'WPA-PSK',
)
);

The first passphrase is a 64 char hex value. The second is a 12 character clear text value. So that 64 char hex value encoded from the original password must be causing the problem. Not sure how that encoding happened? Having said that, it does successfully join the CaLeone network using that passphrase.

[billz]

@dratner thanks for the testing, Dan. As it turns out, RaspAP will incorrectly throw this error when a valid 64 character passkey, but not a passphrase, is present. wpa_supplicant permits either (or both) so the fix is to permit passkeys.