WAPI Support in wpa_supplicant

Shanbhag, Sandeep Sandeep.Shanbhag2 at harman.com
Sat Feb 6 13:30:00 PST 2016 

Hi Jouni,

Thanks, understand about the proprietary implementations.

And I guess it is the same with hostapd also. Open source version of hostapd does not support WAPI Authenticator, right?

Regards,
Sandeep D.S

-----Original Message-----
From: Jouni Malinen [mailto:j at w1.fi] 
Sent: Sunday, February 07, 2016 1:14 AM
To: Shanbhag, Sandeep
Cc: hostap at lists.infradead.org
Subject: Re: WAPI Support in wpa_supplicant

On Fri, Feb 05, 2016 at 01:05:29PM +0000, Shanbhag, Sandeep wrote:
> I read the very old mailing lists (2009) about lack of WAPI support in wpa_supplicant.
> I would like to know if there has been any change since then and what is the official status of WAPI support in wpa_supplicant.

Not much has changed in this area.

> Basically I would like to know if the latest version of wpa_supplicant supports WAPI Supplicant and WAPI Authenticator functionalities?

There is no such functionality in the current open source project.

> I could see only few WAPI related macros in wpa_supplicant and some very minimal logic using these macros.
> What is the purpose of this?

There are number of proprietary WAPI implementations based on the open source wpa_supplicant. These macros make it easier to integrate such off-tree implementations on top of different wpa_supplicant versions.

> What I understood after some digging up is that if the chip supports SMS4 encryption engine and the driver supports WAPI changes then wpa_supplicant can be used to carry out the security handshake and derive encryption keys.
> Can somebody on the list who has tried this point to any documentation explaining how nl80211, cfg80211, driver and wpa_supplicant together be configured to support WAPI Supplicant and Authenticator functionalities?

Such functionality seems to be available only in proprietary implementations from various Wi-Fi vendors. So far, I have not seen much interest in someone contributing such an implementation into the open source project.

As far as nl80211/cfg80211 is concerned, there is sufficient interface functionality to support WAPI. There are even couple of upstream Linux drivers that seem to advertise support for this.


PS.

The old mailing list is not available anymore, so I replaced cc with the new list.

-- 
Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list