Smartcards and wpa_supplicant
jkmaline at cc.hut.fi
Thu Apr 14 00:03:25 EDT 2005
On Wed, Mar 09, 2005 at 05:36:03PM +0100, Gordon Hecker wrote:
> Jouni Malinen wrote:
> >Unfortunately, OpenSC does not seem to support PKCS#15 initialization
> >for SetCOS and I happen to only have SetCOS cards.
It looks like some initial code for this was actually just added in
OpenSC, so there's something new for me to test now..
> I have extracted the PIN-through-wpa_cli related changes and created a
> diff containing only those.
> As usual:
Like I mentioned yesterday, this is now in CVS. I added one missed part
today, i.e., pending PIN requests are now re-sent when a new ctrl_iface
monitor (e.g., wpa_cli) attaches to wpa_supplicant. This makes it easier
to notice PIN requests that happen immediately after starting
wpa_supplicant, i.e., when there are likely no attached frontends to ask
for the PIN.
> There's no code included that makes EAP-SIM or AKA use that
> functionality. I don't want to mess around in that code for now.
This is now implemented, committed to CVS, and even found working in my
tests. I ended up moving PIN validation from scard_init() into a
separate function that will be used only when the identity (and IMSI, in
case of EAP-SIM/AKA) is needed. This ended up getting this code into EAP
implementation and as such, it works fine with the same function you
used for requesting a PIN. I did not yet verify, but I wouldn't expect
these changes to cause problems for your changes related to getting PIN
> I'm working through your comments on the other parts. Most of the things
> are solved, I'll see how I can split the big patch into pieces and
> resend them as soon as possible.
the latest version of the patch or do you have some updates on top of
that? I'll try to get one of the SetCOS cards initialized for PKCS#15
and start merging the remaining changes to wpa_supplicant.
Jouni Malinen PGP id EFC895FA
More information about the HostAP