[PATCH] enhanced smartcard support

David Smith dds
Thu May 1 09:36:06 PDT 2008

Hi all,

I've attached three patches to extend the existing smartcard support to handle 
client certificates and CA certificates as well as EAP-TLS phase2 auth. I've 
added the following ssid configuration variables to wpasupplicant for this:

 cert_id, ca_cert_id, key2_id, cert2_id, and ca_cert2_id

I'm looking for people to help test this. At the current time, it relies on 
the LOAD_CERT_CTRL extension provided by the PKCS#11 OpenSSL engine from the 
OpenSC project. If any other OpenSSL engines support a similar extension, 
inform me and I'll support for them. But since the PKCS#11 engine is probably 
by far the most used one with wpasupplicant, I think this is a good start.

Again, this code should definitely be tested more before it is ready for 
merging but please give it a read and a try.

man perl | tail -6 | head -2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Add-support-to-crypto-tls-for-client-cert-and-CA-cer.patch
Type: text/x-diff
Size: 7782 bytes
Desc: not available
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20080502/3608a3a2/attachment.patch 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-Add-support-to-eap_peer-for-client-cert-and-CA-cert.patch
Type: text/x-diff
Size: 2576 bytes
Desc: not available
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20080502/3608a3a2/attachment-0001.patch 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0003-Add-support-to-wpa_supplicant-configuring-eap_peer-f.patch
Type: text/x-diff
Size: 2501 bytes
Desc: not available
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20080502/3608a3a2/attachment-0002.patch 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 481 bytes
Desc: This is a digitally signed message part.
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20080502/3608a3a2/attachment.pgp 

More information about the Hostap mailing list