how to enable the internal client crypto on WPA_supplicant

Achuthan Paramanathan acp at
Fri Dec 4 05:37:26 PST 2015

Sry for the confusion, 

What I meant was, if the internal crypto does not support PBES2, 
what algorithm shall I use instead, in order to get the internal crypto to accept my private key 


-----Original Message-----
From: Hostap [mailto:hostap-bounces at] On Behalf Of Achuthan Paramanathan
Sent: 4. december 2015 10:46
To: Jouni Malinen <j at>
Cc: Hostap at
Subject: RE: how to enable the internal client crypto on WPA_supplicant


One final question, can you (please) suggest what format the internal crypto support ?
Then I will see if I can convert it / or generate the suitable private key to this purpose 

Once again thank you for your time !

-----Original Message-----
From: Jouni Malinen [mailto:j at]
Sent: 4. december 2015 10:41
To: Achuthan Paramanathan <acp at>
Cc: Hostap at
Subject: Re: how to enable the internal client crypto on WPA_supplicant

On Fri, Dec 04, 2015 at 09:31:37AM +0000, Achuthan Paramanathan wrote:
> I am getting an error when I read in my private key (the same private 
> key I use while not have enabled the internal crypto ie. using
> openSSL)

> My guess is that the format is wrong (not that difficult to see that :) )...but the question is what format if not the format is the same as for openssl ?

> PKCS #8: Expected INTEGER - found class 0 tag 0x10; assume PKCS #8 not 
> used PKCS #5: encryption algorithm 1.2.840.113549.1.5.13 PKCS #5:
> unsupported encryption algorithm 1.2.840.113549.1.5.13 PKCS #5: 
> Unsupported parameters

The format itself is likely fine, but the internal crypto code does not yet support PBES2 which explains why this private key cannot be used.

Jouni Malinen                                            PGP id EFC895FA

Hostap mailing list
Hostap at

More information about the Hostap mailing list