wpa_supplicant PSK question

Jouni Malinen jkmaline at cc.hut.fi
Mon Nov 21 23:49:05 EST 2005


On Tue, Nov 15, 2005 at 06:12:28PM -0600, Bob Carlson wrote:

> I am porting wpa_supplicant into an embedded application so I am trying to
> minimize the code included. We do not require radius, only WEP and WPA-PSK.

May I ask which OS you are using?

> So far as my understanding has progressed, we should not require EAPOL,
> although there does appear to be a 4-way key exchange that is used.
> However, as I build things up, I am finding that there are a lot of
> references to EAPOL code that do not seem to be conditional.

> What modules and code for EAPOL must still be included, even though we are
> using only PSK?

WPA-PSK is indeed using EAPOL frames, but it does not require IEEE
802.1X/EAPOL or EAP state machines. In other words, you do not need
eapol_sm.c or eap.c/eap_*.c. One of the easiest ways of finding out what
is needed is to build wpa_supplicant for Linux and use a minimal
configuration in .config, e.g.:

CONFIG_DRIVER_TEST=y
CONFIG_NO_STDOUT_DEBUG=y


This links in following files into wpa_supplicant binary:

config.o eloop.o common.o md5.o rc4.o sha1.o config_file.o base64.o
l2_packet_linux.o tls_none.o wpa.o preauth.o aes_wrap.o
wpa_supplicant.o events.o main.o drivers.o driver_test.o

This is enough to run WPA-PSK, but not WPA-EAP.

-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the HostAP mailing list