espressif/esp-idf
1
0
Fork 1
mirror of https://github.com/espressif/esp-idf.git synced 2025-07-30 10:47:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

change(example): Update eap-fast example

Browse Source
This commit is contained in:
Kapil Gupta
2023-08-07 15:43:43 +05:30
parent 30cfd31ea5
commit a03df471ae
3 changed files with 37 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
examples/wifi/wifi_eap_fast/README.md
View File

@ -8,13 +8,14 @@ This example shows how ESP32 connects to AP with Wi-Fi enterprise encryption usi
1. Install CA certificate which is optional. 1. Install CA certificate which is optional.
2. Set user name and password and identity. 2. Set user name and password and identity.
3. Set the PAC file which may be empty. 3. Set the PAC file which may be empty.
4. Enable wpa2 enterprise. 4. Enable WiFi enterprise mode.
5. Connect to AP. 5. Connect to AP.
*Note:* 1. EAP-FAST is not supported with `CONFIG_WPA_MBEDTLS_CRYPTO` and so is disabled by default. *Note:*
2. Setting the config `fast_provisioning` to methods 0 and 1 do not support saving the PAC credentials in case of a restart or loss of power. 1. EAP-FAST is not supported with `CONFIG_ESP_WIFI_MBEDTLS_TLS_CLIENT` and so is disabled by default.
3. The certificates present in the `examples/wifi/wifi_eap_fast/main` folder contain server certificates which have the corresponding CA as well. These can be used for server validation which is opptional. 2. Setting the config `fast_provisioning` to methods 0 and 1 do not support saving the PAC credentials in case of a restart or loss of power.
4. The expiration date of these certificates is 2027/06/05. 3. The certificates present in the `examples/wifi/wifi_eap_fast/main` folder contain server certificates which have the corresponding CA as well. These can be used for server validation which is opptional.
4. The expiration date of these certificates is 2027/06/05.
### Configuration ### Configuration

28
examples/wifi/wifi_eap_fast/main/Kconfig.projbuild
View File

@ -1,25 +1,21 @@
menu "Example Configuration" menu "Example Configuration"
choice
prompt "Enterprise configuration to be used"
default EXAMPLE_WPA_WPA2_ENTERPRISE
config EXAMPLE_WPA_WPA2_ENTERPRISE
bool "WPA_WPA2_ENT"
config EXAMPLE_WPA3_ENTERPRISE
bool "WPA3_ENT"
depends on IDF_TARGET_ESP32C3 || IDF_TARGET_ESP32S3
select ESP_WIFI_GCMP_SUPPORT
select ESP_WIFI_GMAC_SUPPORT
select WPA_SUITE_B_192
endchoice
config EXAMPLE_WIFI_SSID config EXAMPLE_WIFI_SSID
string "WiFi SSID" string "WiFi SSID"
default "wpa2_test" default "ESP_EAP_FAST_AP"
help help
SSID (network name) for the example to connect to. SSID (network name) for the example to connect to.
if EXAMPLE_WPA_WPA2_ENTERPRISE choice
prompt "Enterprise configuration to be used"
default EXAMPLE_WPA3_ENTERPRISE
config EXAMPLE_WPA2_ENTERPRISE
bool "WPA2_ENT"
config EXAMPLE_WPA3_ENTERPRISE
bool "WPA3_ENT"
endchoice
if EXAMPLE_WPA2_ENTERPRISE
config EXAMPLE_VALIDATE_SERVER_CERT config EXAMPLE_VALIDATE_SERVER_CERT
bool "Validate server" bool "Validate server"
default y default y
@ -27,7 +23,7 @@ menu "Example Configuration"
Validate the servers' certificate using CA cert. Validate the servers' certificate using CA cert.
endif endif
if !EXAMPLE_WPA_WPA2_ENTERPRISE if !EXAMPLE_WPA2_ENTERPRISE
config EXAMPLE_VALIDATE_SERVER_CERT config EXAMPLE_VALIDATE_SERVER_CERT
default y default y
endif endif

33
examples/wifi/wifi_eap_fast/main/wifi_eap_fast_main.c
View File

@ -1,5 +1,5 @@
/* /*
* SPDX-FileCopyrightText: 2021-2022 Espressif Systems (Shanghai) CO LTD * SPDX-FileCopyrightText: 2021-2023 Espressif Systems (Shanghai) CO LTD
* *
* SPDX-License-Identifier: CC0-1.0 * SPDX-License-Identifier: CC0-1.0
*/ */
@ -10,7 +10,7 @@
#include "freertos/task.h" #include "freertos/task.h"
#include "freertos/event_groups.h" #include "freertos/event_groups.h"
#include "esp_wifi.h" #include "esp_wifi.h"
#include "esp_wpa2.h" #include "esp_eap_client.h"
#include "esp_event.h" #include "esp_event.h"
#include "esp_log.h" #include "esp_log.h"
#include "esp_system.h" #include "esp_system.h"
@ -89,33 +89,38 @@ static void initialise_wifi(void)
wifi_config_t wifi_config = { wifi_config_t wifi_config = {
.sta = { .sta = {
.ssid = EXAMPLE_WIFI_SSID, .ssid = EXAMPLE_WIFI_SSID,
#if defined (CONFIG_EXAMPLE_WPA3_ENTERPRISE)
.pmf_cfg = {
.required = true
},
#endif
}, },
}; };
ESP_LOGI(TAG, "Setting WiFi configuration SSID %s...", wifi_config.sta.ssid); ESP_LOGI(TAG, "Setting WiFi configuration SSID %s...", wifi_config.sta.ssid);
ESP_ERROR_CHECK( esp_wifi_set_mode(WIFI_MODE_STA) ); ESP_ERROR_CHECK(esp_wifi_set_mode(WIFI_MODE_STA));
ESP_ERROR_CHECK( esp_wifi_set_config(WIFI_IF_STA, &wifi_config) ); ESP_ERROR_CHECK(esp_wifi_set_config(WIFI_IF_STA, &wifi_config));
ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_set_identity((uint8_t *)EXAMPLE_EAP_ID, strlen(EXAMPLE_EAP_ID)) ); ESP_ERROR_CHECK(esp_eap_client_set_identity((uint8_t *)EXAMPLE_EAP_ID, strlen(EXAMPLE_EAP_ID)));
#if defined(CONFIG_EXAMPLE_VALIDATE_SERVER_CERT) || \ #if defined(CONFIG_EXAMPLE_VALIDATE_SERVER_CERT) || \
defined(CONFIG_EXAMPLE_WPA3_ENTERPRISE) defined(CONFIG_EXAMPLE_WPA3_ENTERPRISE)
ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_set_ca_cert(ca_pem_start, ca_pem_bytes) ); ESP_ERROR_CHECK(esp_eap_client_set_ca_cert(ca_pem_start, ca_pem_bytes) );
#endif /* CONFIG_EXAMPLE_VALIDATE_SERVER_CERT */ /* EXAMPLE_WPA3_ENTERPRISE */ #endif /* CONFIG_EXAMPLE_VALIDATE_SERVER_CERT */ /* EXAMPLE_WPA3_ENTERPRISE */
ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_set_username((uint8_t *)EXAMPLE_EAP_USERNAME, strlen(EXAMPLE_EAP_USERNAME)) ); ESP_ERROR_CHECK(esp_eap_client_set_username((uint8_t *)EXAMPLE_EAP_USERNAME, strlen(EXAMPLE_EAP_USERNAME)));
ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_set_password((uint8_t *)EXAMPLE_EAP_PASSWORD, strlen(EXAMPLE_EAP_PASSWORD)) ); ESP_ERROR_CHECK(esp_eap_client_set_password((uint8_t *)EXAMPLE_EAP_PASSWORD, strlen(EXAMPLE_EAP_PASSWORD)));
ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_set_pac_file(pac_file_pac_start, pac_file_bytes - 1) ); ESP_ERROR_CHECK(esp_eap_client_set_pac_file(pac_file_pac_start, pac_file_bytes - 1) );
esp_eap_fast_config eap_fast_config = { esp_eap_fast_config eap_fast_config = {
.fast_provisioning = 2, .fast_provisioning = 2,
.fast_max_pac_list_len = 0, .fast_max_pac_list_len = 0,
.fast_pac_format_binary = false .fast_pac_format_binary = false
}; };
ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_set_fast_phase1_params(eap_fast_config) ); ESP_ERROR_CHECK(esp_eap_client_set_fast_params(eap_fast_config));
ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_enable() ); ESP_ERROR_CHECK(esp_wifi_sta_enterprise_enable());
ESP_ERROR_CHECK( esp_wifi_start() ); ESP_ERROR_CHECK(esp_wifi_start());
} }
static void wpa2_enterprise_example_task(void *pvParameters) static void wifi_enterprise_example_task(void *pvParameters)
{ {
esp_netif_ip_info_t ip; esp_netif_ip_info_t ip;
memset(&ip, 0, sizeof(esp_netif_ip_info_t)); memset(&ip, 0, sizeof(esp_netif_ip_info_t));
@ -138,5 +143,5 @@ void app_main(void)
{ {
ESP_ERROR_CHECK( nvs_flash_init() ); ESP_ERROR_CHECK( nvs_flash_init() );
initialise_wifi(); initialise_wifi();
xTaskCreate(&wpa2_enterprise_example_task, "wpa2_enterprise_example_task", 4096, NULL, 5, NULL); xTaskCreate(&wifi_enterprise_example_task, "wifi_enterprise_example_task", 4096, NULL, 5, NULL);
} }