diff options
| author | Dmitry Shmidt <dimitrysh@google.com> | 2012-07-19 12:16:46 -0700 |
|---|---|---|
| committer | Dmitry Shmidt <dimitrysh@google.com> | 2012-07-19 16:03:19 -0700 |
| commit | 04949598a23f501be6eec21697465fd46a28840a (patch) | |
| tree | 6eb315b8d139b0690cb644dc914c53bacb42df42 /hostapd/README-WPS | |
| parent | ce1e0634ed741293de60d5ba3476b26ccbd58ce2 (diff) | |
| download | android_external_wpa_supplicant_8-04949598a23f501be6eec21697465fd46a28840a.tar.gz android_external_wpa_supplicant_8-04949598a23f501be6eec21697465fd46a28840a.tar.bz2 android_external_wpa_supplicant_8-04949598a23f501be6eec21697465fd46a28840a.zip | |
wpa_supplicant: Update to 07-Jul-2012 TOT
commit a5ed45586c63ffd8f9d2b44e27c251d7bacbeaf4
Author: Jouni Malinen <j@w1.fi>
Date: Sat Jul 7 13:01:45 2012 +0300
WPS SSDP: Fix socket leaks on error paths
Change-Id: I0864aac7fc88fa2a60f5cca7d524b94363410c85
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Diffstat (limited to 'hostapd/README-WPS')
| -rw-r--r-- | hostapd/README-WPS | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/hostapd/README-WPS b/hostapd/README-WPS index 17988d47..87a6f91f 100644 --- a/hostapd/README-WPS +++ b/hostapd/README-WPS @@ -66,6 +66,10 @@ CONFIG_WPS=y CONFIG_WPS2=y CONFIG_WPS_UPNP=y +Following parameter can be used to enable support for NFC config method: + +CONFIG_WPS_NFC=y + Following section shows an example runtime configuration (hostapd.conf) that enables WPS: @@ -289,3 +293,48 @@ For example: This can be used to update the externally stored AP configuration and then update hostapd configuration (followed by restarting of hostapd). + + +WPS with NFC +------------ + +WPS can be used with NFC-based configuration method. An NFC tag +containing a password token from the Enrollee can be used to +authenticate the connection instead of the PIN. In addition, an NFC tag +with a configuration token can be used to transfer AP settings without +going through the WPS protocol. + +When the AP acts as an Enrollee, a local NFC tag with a password token +can be used by touching the NFC interface of an external Registrar. The +wps_nfc_token command is used to manage use of the NFC password token +from the AP. "wps_nfc_token enable" enables the use of the AP's NFC +password token (in place of AP PIN) and "wps_nfc_token disable" disables +the NFC password token. + +The NFC password token that is either pre-configured in the +configuration file (wps_nfc_dev_pw_id, wps_nfc_dh_pubkey, +wps_nfc_dh_privkey, wps_nfc_dev_pw) or generated dynamically with +"wps_nfc_token <WPS|NDEF>" command. The nfc_pw_token tool from +wpa_supplicant can be used to generate NFC password tokens during +manufacturing (each AP needs to have its own random keys). + +The "wps_nfc_config_token <WPS/NDEF>" command can be used to build an +NFC configuration token. The output value from this command is a hexdump +of the current AP configuration (WPS parameter requests this to include +only the WPS attributes; NDEF parameter requests additional NDEF +encapsulation to be included). This data needs to be written to an NFC +tag with an external program. Once written, the NFC configuration token +can be used to touch an NFC interface on a station to provision the +credentials needed to access the network. + +When the NFC device on the AP reads an NFC tag with a MIME media type +"application/vnd.wfa.wsc", the NDEF message payload (with or without +NDEF encapsulation) can be delivered to hostapd using the +following hostapd_cli command: + +wps_nfc_tag_read <hexdump of payload> + +If the NFC tag contains a password token, the token is added to the +internal Registrar. This allows station Enrollee from which the password +token was received to run through WPS protocol to provision the +credential. |