[PATCH] enhanced smartcard support

Carolin Latze carolin.latze
Fri May 23 01:52:55 PDT 2008

Hi Jouni,

I am still subscribed to this list, but did not really follow it. I just 
read something about how to create the TPM into wpa_supplicant and I 
have to say that I got it working. I cannot provide a patch till now, 
but will prepare one if you are interested in it. I am able to store 
X.509 certificates in the TPM and access the TPM during EAP-TLS 
authentication. I used the OpenSSL TPM engine in order to implement that 


Jouni Malinen wrote:
> On Wed, May 21, 2008 at 05:50:52PM +0900, David Smith wrote:
>> As an alternative, the PKCS#11 library from openCryptoki provides a
>> software-emulation backend and also a TPM backend which is integrated in
>> many machines these days so hardware should not be strictly necessary
>> for general testing of the code. I can help you with setup of this if
>> you like.
> My ThinkPad T43 should have TPM, but getting it working was not exactly
> trivial and I don't know whether the security chip is now more or less
> completely locked or what it is doing since it does not likely any
> passwords/PINs.. Software emulated TPM or soft token did not seem to
> work much better either. I wasted enough time with this, so unless you
> can point me to a good howto or step-by-step guide for setting this up
> (and clearing whatever mess there is first ;-), I think I'll just leave
> this waiting for opensc getting support for the external smartcards I
> have..
>> No problems were found so there should be no conflict with existing
>> functionality.
> Thanks! I applied the patches with some minor cleanup.

Carolin Latze
Research Assistant

Department of Computer Science
Boulevard de P?rolles 90
CH-1700 Fribourg

phone: +41 26 300 83 30

More information about the Hostap mailing list