The following parameters are recognized:
wpa
Enable WPA. Setting this variable configures the AP to require WPA (either WPA-PSK or WPA-RADIUS/EAP based on other configuration).
wpa_psk, wpa_passphrase
WPA pre-shared keys for WPA-PSK. This can be either entered as a 256-bit secret in hex format (64 hex digits), wpa_psk, or as an ASCII passphrase (8..63 characters) that will be converted to PSK. This conversion uses SSID so the PSK changes when ASCII passphrase is used and the SSID is changed.
wpa_psk_file
Optionally, WPA PSKs can be read from a separate text file (containing a list of (PSK,MAC address) pairs.
wpa_key_mgmt
Set of accepted key management algorithms (WPA-PSK, WPA-EAP, or both).
wpa_pairwise
Set of accepted cipher suites (encryption algorithms) for pairwise keys (unicast packets). See the example file for more information.
wpa_group_rekey
Time interval for rekeying GTK (broadcast/multicast encryption keys) in seconds.
wpa_strict_rekey
Rekey GTK when any STA that possesses the current GTK is leaving the BSS.
wpa_gmk_rekey
Time interval for rekeying GMK (master key used internally to generate GTKs (in seconds).