use wpa_supplicant without OpenSSL and GNU-TLS
Jouni Malinen
j
Fri Sep 24 09:47:18 PDT 2010
On Thu, Sep 23, 2010 at 11:48:42AM -0700, jingzhao.ou wrote:
> I need to apply security to a small wireless client node. The node has very
> limited RAM/ROM space. Having OpenSSL or GNU-TLS would be too much for the
> chip. I wonder whether it is possible to use wpa_supplicant without OpenSSL
> or GNU-TLS?
Yes, you can build wpa_supplicant without external TLS library. If you
are not using TLS-based EAP methods (e.g., EAP-TLS or PEAP), you do not
need any TLS implementation; if you use them, you can use the internal
TLS implementation in many cases.
> If I really need OpenSSL, how difficult to replace OpenSSL with some
> embedded encryption libraries like MatrixSSL or cryptlib?
wpa_supplicant has a wrapper interface for TLS libraries which makes it
relatively simple to replace the used library. In addition, the internal
TLS implementation is quite small in size.
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list