how to enable the internal client crypto on WPA_supplicant

Achuthan Paramanathan acp at rtx.dk
Mon Dec 7 03:56:28 PST 2015


Hi Jouni,

Thank you for the notification and also the implementation, this is great !

Cheers 
Achuthan

-----Original Message-----
From: Jouni Malinen [mailto:j at w1.fi] 
Sent: 5. december 2015 19:59
To: Achuthan Paramanathan <acp at rtx.dk>
Cc: Hostap at lists.infradead.org
Subject: Re: how to enable the internal client crypto on WPA_supplicant

On Fri, Dec 04, 2015 at 09:46:03AM +0000, Achuthan Paramanathan wrote:
> One final question, can you (please) suggest what format the internal crypto support ?
> Then I will see if I can convert it / or generate the suitable private 
> key to this purpose

It needs to be understood that the internal TLS implementation is experimental and its support for various options depend on what has come up as something useful to test with in the past. It supports unencrypted private key in PKCS #1 encoded RSA private key format and PKCS #8 format. For encrypted private key cases, only PKCS #8 in PKCS #5
v1.5 format with pbeWithMD5AndDES-CBC was supported. I added support for the PKCS #8 with the newer PKCS #5 v2.0 format (PBES2 with
des-ede3-cbc):
http://w1.fi/cgit/hostap/commit/?h=pending&id=4db29e6a8a4584987322fe4f4d355a82763e69c6

That should cover the key format you showed in the log in this thread.
 
-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the Hostap mailing list