wpa_supplicant: Initial Revision 0.8.X
Based on:
commit 0725cc7b7efc434910e89865c42eda7ce61bbf08
Author: Jouni Malinen <j@w1.fi>
Date: Thu Apr 21 20:41:01 2011 +0300
Enable CONFIG_DRIVER_NL80211=y in the default configuration
nl80211 should be preferred over WEXT with any recent Linux
kernel version.
Change-Id: I26aec5afbbd4f4a1f5fd900912545b6f5050de64
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
diff --git a/wpa_supplicant/examples/openCryptoki.conf b/wpa_supplicant/examples/openCryptoki.conf
new file mode 100644
index 0000000..e2301a6
--- /dev/null
+++ b/wpa_supplicant/examples/openCryptoki.conf
@@ -0,0 +1,41 @@
+# EAP-TLS using private key and certificates via OpenSSL PKCS#11 engine and
+# openCryptoki (e.g., with TPM token)
+
+# This example uses following PKCS#11 objects:
+# $ pkcs11-tool --module /usr/lib/opencryptoki/libopencryptoki.so -O -l
+# Please enter User PIN:
+# Private Key Object; RSA
+# label: rsakey
+# ID: 04
+# Usage: decrypt, sign, unwrap
+# Certificate Object, type = X.509 cert
+# label: ca
+# ID: 01
+# Certificate Object, type = X.509 cert
+# label: cert
+# ID: 04
+
+# Configure OpenSSL to load the PKCS#11 engine and openCryptoki module
+pkcs11_engine_path=/usr/lib/engines/engine_pkcs11.so
+pkcs11_module_path=/usr/lib/opencryptoki/libopencryptoki.so
+
+network={
+ ssid="test network"
+ key_mgmt=WPA-EAP
+ eap=TLS
+ identity="User"
+
+ # use OpenSSL PKCS#11 engine for this network
+ engine=1
+ engine_id="pkcs11"
+
+ # select the private key and certificates based on ID (see pkcs11-tool
+ # output above)
+ key_id="4"
+ cert_id="4"
+ ca_cert_id="1"
+
+ # set the PIN code; leave this out to configure the PIN to be requested
+ # interactively when needed (e.g., via wpa_gui or wpa_cli)
+ pin="123456"
+}