[PATCH] enhanced smartcard support
Carolin Latze
carolin.latze
Fri May 23 01:52:55 PDT 2008
Hi Jouni,
I am still subscribed to this list, but did not really follow it. I just
read something about how to create the TPM into wpa_supplicant and I
have to say that I got it working. I cannot provide a patch till now,
but will prepare one if you are interested in it. I am able to store
X.509 certificates in the TPM and access the TPM during EAP-TLS
authentication. I used the OpenSSL TPM engine in order to implement that
feature.
Regards
Carolin
Jouni Malinen wrote:
> On Wed, May 21, 2008 at 05:50:52PM +0900, David Smith wrote:
>
>
>> As an alternative, the PKCS#11 library from openCryptoki provides a
>> software-emulation backend and also a TPM backend which is integrated in
>> many machines these days so hardware should not be strictly necessary
>> for general testing of the code. I can help you with setup of this if
>> you like.
>>
>
> My ThinkPad T43 should have TPM, but getting it working was not exactly
> trivial and I don't know whether the security chip is now more or less
> completely locked or what it is doing since it does not likely any
> passwords/PINs.. Software emulated TPM or soft token did not seem to
> work much better either. I wasted enough time with this, so unless you
> can point me to a good howto or step-by-step guide for setting this up
> (and clearing whatever mess there is first ;-), I think I'll just leave
> this waiting for opensc getting support for the external smartcards I
> have..
>
>
>> No problems were found so there should be no conflict with existing
>> functionality.
>>
>
> Thanks! I applied the patches with some minor cleanup.
>
>
--
Carolin Latze
Research Assistant
Department of Computer Science
Boulevard de P?rolles 90
CH-1700 Fribourg
phone: +41 26 300 83 30
More information about the Hostap
mailing list