From ff4a5a14061f4add94f05e416c286096b2dd3edd Mon Sep 17 00:00:00 2001 From: XiaXiaotian Date: Wed, 11 Jan 2017 18:20:01 +0800 Subject: [PATCH] wpa2 enterprise: add example for wpa2 enterprise --- components/esp32/lib | 2 +- examples/31_wpa2_enterprise/Makefile | 9 + examples/31_wpa2_enterprise/README.md | 76 +++++++++ .../31_wpa2_enterprise/main/Kconfig.projbuild | 34 ++++ examples/31_wpa2_enterprise/main/component.mk | 12 ++ examples/31_wpa2_enterprise/main/wpa2_ca.pem | 23 +++ .../31_wpa2_enterprise/main/wpa2_client.crt | 70 ++++++++ .../31_wpa2_enterprise/main/wpa2_client.key | 27 +++ .../31_wpa2_enterprise/main/wpa2_client.pem | 57 +++++++ .../main/wpa2_enterprise_main.c | 154 ++++++++++++++++++ .../31_wpa2_enterprise/main/wpa2_server.crt | 70 ++++++++ .../31_wpa2_enterprise/main/wpa2_server.key | 27 +++ .../31_wpa2_enterprise/main/wpa2_server.pem | 57 +++++++ 13 files changed, 617 insertions(+), 1 deletion(-) create mode 100644 examples/31_wpa2_enterprise/Makefile create mode 100644 examples/31_wpa2_enterprise/README.md create mode 100644 examples/31_wpa2_enterprise/main/Kconfig.projbuild create mode 100644 examples/31_wpa2_enterprise/main/component.mk create mode 100644 examples/31_wpa2_enterprise/main/wpa2_ca.pem create mode 100644 examples/31_wpa2_enterprise/main/wpa2_client.crt create mode 100644 examples/31_wpa2_enterprise/main/wpa2_client.key create mode 100644 examples/31_wpa2_enterprise/main/wpa2_client.pem create mode 100644 examples/31_wpa2_enterprise/main/wpa2_enterprise_main.c create mode 100644 examples/31_wpa2_enterprise/main/wpa2_server.crt create mode 100644 examples/31_wpa2_enterprise/main/wpa2_server.key create mode 100644 examples/31_wpa2_enterprise/main/wpa2_server.pem diff --git a/components/esp32/lib b/components/esp32/lib index 0135161682..c01bfe9038 160000 --- a/components/esp32/lib +++ b/components/esp32/lib @@ -1 +1 @@ -Subproject commit 01351616820811bc08e7f7bd24e448df7897eedf +Subproject commit c01bfe9038e59fc0dc15947c1bf4616de006e103 diff --git a/examples/31_wpa2_enterprise/Makefile b/examples/31_wpa2_enterprise/Makefile new file mode 100644 index 0000000000..ff23a93934 --- /dev/null +++ b/examples/31_wpa2_enterprise/Makefile @@ -0,0 +1,9 @@ +# +# This is a project Makefile. It is assumed the directory this Makefile resides in is a +# project subdirectory. +# + +PROJECT_NAME := wpa2-enterprise + +include $(IDF_PATH)/make/project.mk + diff --git a/examples/31_wpa2_enterprise/README.md b/examples/31_wpa2_enterprise/README.md new file mode 100644 index 0000000000..f84f9e070a --- /dev/null +++ b/examples/31_wpa2_enterprise/README.md @@ -0,0 +1,76 @@ +# WPA2 Enterprise Example + +This example shows how ESP32 connects to AP with wpa2 enterprise encryption. Example does the following steps: + +1. Install CA certificate which is optional. +2. Install client certificate and client key which is required in TLS method and optional in PEAP and TTLS methods. +3. Set identity of phase 1 which is optional. +4. Set user name and password of phase 2 which is required in PEAP and TTLS methods. +5. Enable wpa2 enterprise. +6. Connect to AP. + +*Note:* certificate currently is generated when compiling the example and then stored in flash. + +## The file wpa2_ca.pem, wpa2_ca.key, wpa2_server.pem, wpa2_server.crt and wpa2_server.key can be used to configure AP with + wpa2 enterprise encryption. The steps how to generate new certificates and keys using openssl is as follows: + +1. wpa2_ca.pem wpa2_ca.key: + openssl req -new -x509 -keyout wpa2_ca.key -out wpa2_ca.pem +2. wpa2_server.key: + openssl req -new -key wpa2_server.key -out wpa2_server.csr +3. wpa2_csr: + openssl req -new -key server.key -out server.csr +4. wpa2_server.crt: + openssl ca -batch -keyfile wpa2_ca.key -cert wpa2_ca.pem -in wpa2_server.csr -key ca1234 -out wpa2_server.crt -extensions xpserver_ext -extfile xpextensions +5. wpa2_server.p12: + openssl pkcs12 -export -in wpa2_server.crt -inkey wpa2_server.key -out wpa2_server.p12 -passin pass:sv1234 -passout pass:sv1234 +6. wpa2_server.pem: + openssl pkcs12 -in wpa2_server.p12 -out wpa2_server.pem -passin pass:sv1234 -passout pass:sv1234 +7. wpa2_client.key: + openssl genrsa -out wpa2_client.key 1024 +8. wpa2_client.csr: + openssl req -new -key wpa2_client.key -out wpa2_client.csr +9. wpa2_client.crt: + openssl ca -batch -keyfile wpa2_ca.key -cert wpa2_ca.pem -in wpa2_client.csr -key ca1234 -out wpa2_client.crt -extensions xpclient_ext -extfile xpextensions +10. wpa2_client.p12: + openssl pkcs12 -export -in wpa2_client.crt -inkey wpa2_client.key -out wpa2_client.p12 +11. wpa2_client.pem: + openssl pkcs12 -in wpa2_client.p12 -out wpa2_client.pem + +### Example output + +Here is an example of wpa2 enterprise(PEAP method) console output. + +I (1352) example: Setting WiFi configuration SSID wpa2_test... +I (1362) wpa: WPA2 ENTERPRISE VERSION: [v2.0] enable + +I (1362) wifi: rx_ba=1 tx_ba=1 + +I (1372) wifi: mode : sta (24:0a:c4:03:b8:dc) +I (3002) wifi: n:11 0, o:1 0, ap:255 255, sta:11 0, prof:11 +I (3642) wifi: state: init -> auth (b0) +I (3642) wifi: state: auth -> assoc (0) +I (3652) wifi: state: assoc -> run (10) +I (3652) wpa: wpa2_task prio:24, stack:6144 + +I (3972) wpa: >>>>>wpa2 FINISH + +I (3982) wpa: wpa2 task delete + +I (3992) wifi: connected with wpa2_test, channel 11 +I (5372) example: ~~~~~~~~~~~ +I (5372) example: IP:0.0.0.0 +I (5372) example: MASK:0.0.0.0 +I (5372) example: GW:0.0.0.0 +I (5372) example: ~~~~~~~~~~~ +I (6832) event: ip: 192.168.1.112, mask: 255.255.255.0, gw: 192.168.1.1 +I (7372) example: ~~~~~~~~~~~ +I (7372) example: IP:192.168.1.112 +I (7372) example: MASK:255.255.255.0 +I (7372) example: GW:192.168.1.1 +I (7372) example: ~~~~~~~~~~~ +I (9372) example: ~~~~~~~~~~~ +I (9372) example: IP:192.168.1.112 +I (9372) example: MASK:255.255.255.0 +I (9372) example: GW:192.168.1.1 +I (9372) example: ~~~~~~~~~~~ diff --git a/examples/31_wpa2_enterprise/main/Kconfig.projbuild b/examples/31_wpa2_enterprise/main/Kconfig.projbuild new file mode 100644 index 0000000000..06fab0bfa1 --- /dev/null +++ b/examples/31_wpa2_enterprise/main/Kconfig.projbuild @@ -0,0 +1,34 @@ +menu "Example Configuration" + +config WIFI_SSID + string "WiFi SSID" + default "wpa2_test" + help + SSID (network name) for the example to connect to. + +config EAP_METHOD + int "EAP METHOD" + default 1 + help + EAP method (TLS, PEAP or TTLS) for the example to use. + TLS: 0, PEAP: 1, TTLS: 2 + +config EAP_ID + string "EAP ID" + default "example@espressif.com" + help + Identity in phase 1 of EAP procedure. + +config EAP_USERNAME + string "EAP USERNAME" + default "espressif" + help + Username for EAP method (PEAP and TTLS). + +config EAP_PASSWORD + string "EAP PASSWORD" + default "test11" + help + Password for EAP method (PEAP and TTLS). + +endmenu \ No newline at end of file diff --git a/examples/31_wpa2_enterprise/main/component.mk b/examples/31_wpa2_enterprise/main/component.mk new file mode 100644 index 0000000000..aab8ff8f38 --- /dev/null +++ b/examples/31_wpa2_enterprise/main/component.mk @@ -0,0 +1,12 @@ +# +# "main" pseudo-component makefile. +# +# (Uses default behaviour of compiling all source files in directory, adding 'include' to include path.) + +# embed files from the "certs" directory as binary data symbols +# in the app +COMPONENT_EMBED_TXTFILES := wpa2_ca.pem +COMPONENT_EMBED_TXTFILES += wpa2_client.crt +COMPONENT_EMBED_TXTFILES += wpa2_client.key + + diff --git a/examples/31_wpa2_enterprise/main/wpa2_ca.pem b/examples/31_wpa2_enterprise/main/wpa2_ca.pem new file mode 100644 index 0000000000..c36b97e974 --- /dev/null +++ b/examples/31_wpa2_enterprise/main/wpa2_ca.pem @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIID3DCCA0WgAwIBAgIJANe5ZSCKoB8fMA0GCSqGSIb3DQEBCwUAMIGTMQswCQYD +VQQGEwJGUjEPMA0GA1UECAwGUmFkaXVzMRIwEAYDVQQHDAlTb21ld2hlcmUxFTAT +BgNVBAoMDEV4YW1wbGUgSW5jLjEgMB4GCSqGSIb3DQEJARYRYWRtaW5AZXhhbXBs +ZS5jb20xJjAkBgNVBAMMHUV4YW1wbGUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4X +DTE2MTEyMzAyNTUwN1oXDTE3MDEyMjAyNTUwN1owgZMxCzAJBgNVBAYTAkZSMQ8w +DQYDVQQIDAZSYWRpdXMxEjAQBgNVBAcMCVNvbWV3aGVyZTEVMBMGA1UECgwMRXhh +bXBsZSBJbmMuMSAwHgYJKoZIhvcNAQkBFhFhZG1pbkBleGFtcGxlLmNvbTEmMCQG +A1UEAwwdRXhhbXBsZSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwgZ8wDQYJKoZIhvcN +AQEBBQADgY0AMIGJAoGBAL03y7N2GvNDO9BN8fVtdNonp0bMiqpj1D0He5+OTM+9 +3ZTIsJCNrbzhLQrRI3vMW7UDy8U7GeWORN9W4dWYlYiy/NFRp3hNMrbePhVmNIOV +ww4ovGzbD+Xo31gPVkhzQ8I5/jbOIQBmgKMAMZyOMlG9VD6yMmAeYqnZYz68WHKt +AgMBAAGjggE0MIIBMDAdBgNVHQ4EFgQUf1MLQIzAEZcRsgZlS8sosfmVI+UwgcgG +A1UdIwSBwDCBvYAUf1MLQIzAEZcRsgZlS8sosfmVI+WhgZmkgZYwgZMxCzAJBgNV +BAYTAkZSMQ8wDQYDVQQIDAZSYWRpdXMxEjAQBgNVBAcMCVNvbWV3aGVyZTEVMBMG +A1UECgwMRXhhbXBsZSBJbmMuMSAwHgYJKoZIhvcNAQkBFhFhZG1pbkBleGFtcGxl +LmNvbTEmMCQGA1UEAwwdRXhhbXBsZSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHmCCQDX +uWUgiqAfHzAMBgNVHRMEBTADAQH/MDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly93 +d3cuZXhhbXBsZS5jb20vZXhhbXBsZV9jYS5jcmwwDQYJKoZIhvcNAQELBQADgYEA +GepHc7TE/P+5t/cZPn5TTQkWQ/4/1lgQd82lF36RYWSIW3BdAc0zwYWYZaWixxyp +s0YOqwz6PZAGRV+SlYO2f8Kf+C3aZs4YHB0GsmksmFOb8r9d7xcDuOKHoA+QV0Zw +RaK6pttsBAxy7rw3kX/CgTp0Y2puaLdMXv/v9FisCP8= +-----END CERTIFICATE----- diff --git a/examples/31_wpa2_enterprise/main/wpa2_client.crt b/examples/31_wpa2_enterprise/main/wpa2_client.crt new file mode 100644 index 0000000000..7499e6967a --- /dev/null +++ b/examples/31_wpa2_enterprise/main/wpa2_client.crt @@ -0,0 +1,70 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 44 (0x2c) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=FR, ST=Radius, L=Somewhere, O=Example Inc./emailAddress=admin@example.com, CN=Example Certificate Authority + Validity + Not Before: Nov 23 02:55:07 2016 GMT + Not After : Jan 22 02:55:07 2017 GMT + Subject: C=FR, ST=Radius, O=Example Inc., CN=user@example.com/emailAddress=user@example.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ac:41:d4:a2:46:0c:dc:67:1d:7b:89:36:7c:15: + be:a2:c1:fe:4c:f2:fa:af:5d:76:0e:ee:b5:ca:d4: + d3:01:c8:6b:30:50:df:2d:57:17:f4:43:47:97:ca: + f1:8d:f7:c0:9d:56:b3:e7:17:7c:58:59:de:f3:be: + b5:08:5d:f8:3a:ad:83:44:0d:31:c9:f1:3d:f1:9a: + cf:84:0c:ad:d3:be:5c:bd:3d:58:b5:1d:2c:fe:70: + 8d:c5:b0:17:87:d4:8e:85:f7:51:4c:0f:d1:e0:8c: + 7b:a0:25:ab:91:7c:7f:eb:47:73:c9:4b:6c:8b:e6: + c1:06:d5:94:30:63:ec:45:1a:f5:7f:46:2f:b3:84: + 78:5d:1c:37:1a:fa:57:ea:45:5e:45:40:ab:14:c7: + 81:b0:26:3d:7e:cf:da:db:f0:f1:40:a7:a1:4b:54: + f3:96:1b:c9:30:3c:3c:d8:19:ba:c7:df:b1:ad:a2: + d6:17:0a:d6:ed:31:b5:cb:12:39:f5:6e:92:6b:85: + f2:9e:c7:06:6b:bb:89:ed:a7:5f:ec:56:12:46:fd: + 3a:74:d1:d2:31:30:1d:58:19:25:33:ff:11:ea:3a: + 52:33:b1:fb:d3:75:8d:1f:5e:36:a5:35:e0:11:5a: + 4a:2d:97:58:2c:3d:62:3c:32:af:83:69:a9:1a:32: + 1b:b7 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Extended Key Usage: + TLS Web Client Authentication + X509v3 CRL Distribution Points: + + Full Name: + URI:http://www.example.com/example_ca.crl + + Signature Algorithm: sha1WithRSAEncryption + 8b:8d:b6:19:ce:6f:6b:9e:1d:03:8b:6b:10:fc:99:d0:7a:2f: + e0:37:ce:b8:a4:e4:b9:a1:c2:36:ff:76:b2:ad:d7:d0:df:d1: + 03:27:93:a7:4e:1e:bf:ed:d2:b7:65:2a:c9:c3:ab:20:aa:e3: + 10:4c:75:3b:c4:02:ab:34:08:6e:61:91:cf:e3:02:35:6a:e5: + f3:25:96:51:92:82:6e:52:81:c1:f1:7b:68:02:b0:ce:f4:ba: + fd:6e:68:35:b3:7e:77:cb:a0:1e:11:5e:58:bf:f3:2a:ed:b3: + 4c:82:21:5e:1b:47:b6:2f:f3:f5:c9:1b:6a:70:44:6d:ff:ad: + a6:e3 +-----BEGIN CERTIFICATE----- +MIIDTjCCAregAwIBAgIBLDANBgkqhkiG9w0BAQUFADCBkzELMAkGA1UEBhMCRlIx +DzANBgNVBAgMBlJhZGl1czESMBAGA1UEBwwJU29tZXdoZXJlMRUwEwYDVQQKDAxF +eGFtcGxlIEluYy4xIDAeBgkqhkiG9w0BCQEWEWFkbWluQGV4YW1wbGUuY29tMSYw +JAYDVQQDDB1FeGFtcGxlIENlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xNjExMjMw +MjU1MDdaFw0xNzAxMjIwMjU1MDdaMHExCzAJBgNVBAYTAkZSMQ8wDQYDVQQIDAZS +YWRpdXMxFTATBgNVBAoMDEV4YW1wbGUgSW5jLjEZMBcGA1UEAwwQdXNlckBleGFt +cGxlLmNvbTEfMB0GCSqGSIb3DQEJARYQdXNlckBleGFtcGxlLmNvbTCCASIwDQYJ +KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKxB1KJGDNxnHXuJNnwVvqLB/kzy+q9d +dg7utcrU0wHIazBQ3y1XF/RDR5fK8Y33wJ1Ws+cXfFhZ3vO+tQhd+Dqtg0QNMcnx +PfGaz4QMrdO+XL09WLUdLP5wjcWwF4fUjoX3UUwP0eCMe6Alq5F8f+tHc8lLbIvm +wQbVlDBj7EUa9X9GL7OEeF0cNxr6V+pFXkVAqxTHgbAmPX7P2tvw8UCnoUtU85Yb +yTA8PNgZusffsa2i1hcK1u0xtcsSOfVukmuF8p7HBmu7ie2nX+xWEkb9OnTR0jEw +HVgZJTP/Eeo6UjOx+9N1jR9eNqU14BFaSi2XWCw9Yjwyr4NpqRoyG7cCAwEAAaNP +ME0wEwYDVR0lBAwwCgYIKwYBBQUHAwIwNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDov +L3d3dy5leGFtcGxlLmNvbS9leGFtcGxlX2NhLmNybDANBgkqhkiG9w0BAQUFAAOB +gQCLjbYZzm9rnh0Di2sQ/JnQei/gN864pOS5ocI2/3ayrdfQ39EDJ5OnTh6/7dK3 +ZSrJw6sgquMQTHU7xAKrNAhuYZHP4wI1auXzJZZRkoJuUoHB8XtoArDO9Lr9bmg1 +s353y6AeEV5Yv/Mq7bNMgiFeG0e2L/P1yRtqcERt/62m4w== +-----END CERTIFICATE----- diff --git a/examples/31_wpa2_enterprise/main/wpa2_client.key b/examples/31_wpa2_enterprise/main/wpa2_client.key new file mode 100644 index 0000000000..0b8f0d0199 --- /dev/null +++ b/examples/31_wpa2_enterprise/main/wpa2_client.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpgIBAAKCAQEArEHUokYM3Gcde4k2fBW+osH+TPL6r112Du61ytTTAchrMFDf +LVcX9ENHl8rxjffAnVaz5xd8WFne8761CF34Oq2DRA0xyfE98ZrPhAyt075cvT1Y +tR0s/nCNxbAXh9SOhfdRTA/R4Ix7oCWrkXx/60dzyUtsi+bBBtWUMGPsRRr1f0Yv +s4R4XRw3GvpX6kVeRUCrFMeBsCY9fs/a2/DxQKehS1TzlhvJMDw82Bm6x9+xraLW +FwrW7TG1yxI59W6Sa4XynscGa7uJ7adf7FYSRv06dNHSMTAdWBklM/8R6jpSM7H7 +03WNH142pTXgEVpKLZdYLD1iPDKvg2mpGjIbtwIDAQABAoIBAQCMhO9GqUpYia2d +VyOhOcPX1dTzRMuHPwDN0aFvIwo2zB3UvkQxInkiA7hldWJz44W3VEFR5PDEyht8 +Tzgy6SVUCLOqUfEpwag8bYOXPxiWQRY6Mc8pf/FyZrLgb3PilFznoAcru0QEn9VB +oTlCZ4OalSE5NlQIFGemgZhvmTPmcm4OwPW2diBjLtb3AA8eaaw8okWZwr8g4Bcd +el5KX6pZpDRpGQueh3iKaKxYWbxLYK+c30gKWD65tsAqKyVg2Tm1R2c+kFXgizZt +EexD95SGMjSkGg3R05sKv6m71iJhlOzVQ4ZCKm18Kqa7wZuZ4SIehVmKIV0gaupz +gjyr7+NBAoGBAOGjjGI3nxJTZY3O+KeaQo/jqrKowqZxzMOsCgAvW56xDuAvx9TJ +m4428NGubMl/0RwX6TnxJDm6oe+tnOxLIgE/VnsQLiNzQuFJxrs5JYctdGc4uvk2 +KuXDr7tPEYlU/7OLRReov9emydIXJnsGejkIPllUj+DGNjNFqtXh2VoHAoGBAMNv +eSgJSkcM6AUaDuUKaXBL2nkKHNoTtRQ0eCEUds6arKyMo0mSP753FNEuOWToVz1O +oaddSFw81J9t+Xd6XSRbhMj63bQ9nvFKBA1lJfLu+xe3ts0f+vmp1PguOuUHsgNP +aAm/gLPSKUpBO46NG6KhUrZ2ej6AEg7SuGXrDITRAoGBAKK7s6m6d81dvGZ0GT23 +sb3Y8ul7cTdd59JPp77OaQOgqxvhGfxLkxcUZMa1R9xjhMsAK8MQOZIxGk2kJwL8 +hP/lUFfdKYmDvX6CGQQ6iOhfTg6MCb1m5bVkVr9+nSUw2mIBVclkeUftEK2m6Kfd +2hR774u5wzLXgYuk+TrcckfNAoGBAJ9X8hacjH0lnr8aIe7I8HLoxbZOcnuz+b4B +kbiW8M8++W6uNCw2G9b1THnJEG6fqRGJXPASdH8P8eQTTIUHtY2BOOCM+dqNK1xc +FrW9NJXAF+WcmmTgoEaTG9tGBirafV+JjK/1/b+fqJ6sVRzDHDcbBU9ThhQTY6XG +VSZz4H8hAoGBAMeQQjiUlKBnpGt1oTgKDZo58b7ui61yftg+dEAwIKs6eb5X20vZ +Ca4v/zg06k9lKTzyspQjJZuzpMjFUvDK4ReamEvmwQTIc+oYVJm9Af1HUytzrHJH +u0/dDt0eYpZpzrFqxlP+0oXxlegD8REMVvwNCy+4isyCvjogDaYRfJqi +-----END RSA PRIVATE KEY----- diff --git a/examples/31_wpa2_enterprise/main/wpa2_client.pem b/examples/31_wpa2_enterprise/main/wpa2_client.pem new file mode 100644 index 0000000000..37bf709195 --- /dev/null +++ b/examples/31_wpa2_enterprise/main/wpa2_client.pem @@ -0,0 +1,57 @@ +Bag Attributes + localKeyID: E1 2F DD 9A 78 71 54 6D 59 57 AA 6A 9F 92 3B 5C CC AB A3 64 +subject=/C=FR/ST=Radius/O=Example Inc./CN=user@example.com/emailAddress=user@example.com +issuer=/C=FR/ST=Radius/L=Somewhere/O=Example Inc./emailAddress=admin@example.com/CN=Example Certificate Authority +-----BEGIN CERTIFICATE----- +MIIDTjCCAregAwIBAgIBLDANBgkqhkiG9w0BAQUFADCBkzELMAkGA1UEBhMCRlIx +DzANBgNVBAgMBlJhZGl1czESMBAGA1UEBwwJU29tZXdoZXJlMRUwEwYDVQQKDAxF +eGFtcGxlIEluYy4xIDAeBgkqhkiG9w0BCQEWEWFkbWluQGV4YW1wbGUuY29tMSYw +JAYDVQQDDB1FeGFtcGxlIENlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xNjExMjMw +MjU1MDdaFw0xNzAxMjIwMjU1MDdaMHExCzAJBgNVBAYTAkZSMQ8wDQYDVQQIDAZS +YWRpdXMxFTATBgNVBAoMDEV4YW1wbGUgSW5jLjEZMBcGA1UEAwwQdXNlckBleGFt +cGxlLmNvbTEfMB0GCSqGSIb3DQEJARYQdXNlckBleGFtcGxlLmNvbTCCASIwDQYJ +KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKxB1KJGDNxnHXuJNnwVvqLB/kzy+q9d +dg7utcrU0wHIazBQ3y1XF/RDR5fK8Y33wJ1Ws+cXfFhZ3vO+tQhd+Dqtg0QNMcnx +PfGaz4QMrdO+XL09WLUdLP5wjcWwF4fUjoX3UUwP0eCMe6Alq5F8f+tHc8lLbIvm +wQbVlDBj7EUa9X9GL7OEeF0cNxr6V+pFXkVAqxTHgbAmPX7P2tvw8UCnoUtU85Yb +yTA8PNgZusffsa2i1hcK1u0xtcsSOfVukmuF8p7HBmu7ie2nX+xWEkb9OnTR0jEw +HVgZJTP/Eeo6UjOx+9N1jR9eNqU14BFaSi2XWCw9Yjwyr4NpqRoyG7cCAwEAAaNP +ME0wEwYDVR0lBAwwCgYIKwYBBQUHAwIwNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDov +L3d3dy5leGFtcGxlLmNvbS9leGFtcGxlX2NhLmNybDANBgkqhkiG9w0BAQUFAAOB +gQCLjbYZzm9rnh0Di2sQ/JnQei/gN864pOS5ocI2/3ayrdfQ39EDJ5OnTh6/7dK3 +ZSrJw6sgquMQTHU7xAKrNAhuYZHP4wI1auXzJZZRkoJuUoHB8XtoArDO9Lr9bmg1 +s353y6AeEV5Yv/Mq7bNMgiFeG0e2L/P1yRtqcERt/62m4w== +-----END CERTIFICATE----- +Bag Attributes + localKeyID: E1 2F DD 9A 78 71 54 6D 59 57 AA 6A 9F 92 3B 5C CC AB A3 64 +Key Attributes: +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIdQ9mH9ZzfJECAggA +MBQGCCqGSIb3DQMHBAhDtvRRe/rZHgSCBMhNLBUX5dw3KAHBXkTJDqa9EjOCbD0i +kMGxvoVE3Vrotoh5rMiGlPg+qOTaKT7kd3Yl6bwxF1sV0GyzuSJn+legjV9oXuVK +rI3NWeZr7KG18IP+ZGPs4fDRKnCiKK6cCopF1mzvRhzts5stlOqQkp1Dv9+A7Gyp +OarBK6x3p5db1mznOMdwzD8vyOxGhE98Zq6yDaDz1yKm6mtOLc8RQ1zbwEE1nkcc +J1R73A77E8dY6Rq7E4ec6d+rHki79yskq6eu30ECzC3VUSn6wdKXKKJgvn1V3dNf +QyRdMwXFVXySaGcBaq3zQp9qW+ISesvEstH9fN/GSzoDqe1OqTbe9pLCUtmVksAg +9z4et+OHYdk1c6X+5VI0ywg4t0qjOCOTacJSzw0/lC8OhNTH0jQDFAoIMOIvLuyO +pdNUcaGiWPKS1WjWEMiPPusrPiDXZ5T88go35rGnZJRUK6ighSdtKPKG3qPAslMo +Rn+eOiA2YJ5AorfkR63PI9MfCJbNVfmeTV/VoPXgjrtVNGtvrV54KeHwwLSJtyfj +xqS1g7aSgTgzfoTgYtzxVwy1g3jJZjYlOd6hKBj+Zzl/7C4cyilI3rrKU1OCokAn +xXFwKu2clrh1n3VHD+TdUP1lJD44uHuhgev2MmwOBGKGGNsGNqK9Jo7PCBeWyBSq +d0vzlbo95mMJ5BxKEJex3pxNeTTtfRBjr0AJLuneUBDvjSfhltIvOeMXEfIPQCtU +MTqjGmpgOTbMI4fEgprH7dULOHyn+Mn37sBMbtYHHk2D4FSJD2FkIP3KrudDf/Yr +ePn2ACne2ot9mW9McvDZGDOq0fyrIMcCNTwxP52Z3CuJucwuAoTwiwSg9ZM3t4E9 +K1Fz10xwzctFip9XxpxADA9M/QRa9VBgt7pt114Z2y+/ba0hOZ9mCrdpcHGH8xkO +kJhcCCg1tOLVl2AmUIVtdMDaJMgskq8tfeRTD6qp/JzKQCiz2OvcOG5ixgAhuOSn +9WjCnM4hARhZ/OVDYvsugwELil6E4zpc7mawtNiMj4P7ad1O+/hDN5yVQiU/XzIg +OJEV//FfnApcigay5Ne/n9K2morPIIDSQdet/2L6Y6DmtwM9B8qbzb/DjHfXK4nf +hvvPXD+DUCOfrj3VdkgwY338anWFFQpYbju8nrIv7+vINys+y8HeiPQp5I9zw1XF +q5tfEt4YfTO8hwqBNZL9yhS46CLgvvWavP1ZfvknvNqcvVvRMo60j0DDeZBW676v +U251knuWH16m+/cozbelscwZxikhzxdYzudWjFlH+phOIIvnmCgEZKtN8OWxFoN/ +6YBLPO1jOkibGKV1GHVg0PHdSwYmc1H5CefPobow9XP/RCd8C9+eBmynzErMmeme +4R2etPlsBt3mpakFoG7U+iNu89e4eOK2pzSrydfBSS6tUFXg5L7W5UrdWQ8vRyuc +aLkwuzdVbM8adlcAyb1MVc+1G5JMJVRfPNNAfJkSti7VUqONoOnoUAUSXGpNwoXa +ddctpxLmwsfjYEJ3OCLjFy06A2ZlikqtMi5H4sNytSp0Mfr06J4ZZmL8T1GHxYSP +Xf51VEqiZpKHeBo7ZqrxKvGvFxzm6mGMy8LPpRfSy88z4rPjmP5qrXTbo9qBeo9G +GlY= +-----END ENCRYPTED PRIVATE KEY----- diff --git a/examples/31_wpa2_enterprise/main/wpa2_enterprise_main.c b/examples/31_wpa2_enterprise/main/wpa2_enterprise_main.c new file mode 100644 index 0000000000..7d325c76a0 --- /dev/null +++ b/examples/31_wpa2_enterprise/main/wpa2_enterprise_main.c @@ -0,0 +1,154 @@ +/* WiFi Connection Example using WPA2 Enterprise + * + * Original Copyright (C) 2006-2016, ARM Limited, All Rights Reserved, Apache 2.0 License. + * Additions Copyright (C) Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD, Apache 2.0 License. + * + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#include +#include +#include "freertos/FreeRTOS.h" +#include "freertos/task.h" +#include "freertos/event_groups.h" +#include "esp_wifi.h" +#include "esp_wpa2.h" +#include "esp_event_loop.h" +#include "esp_log.h" +#include "esp_system.h" +#include "nvs_flash.h" +#include "tcpip_adapter.h" + +/* The examples use simple WiFi configuration that you can set via + 'make menuconfig'. + + If you'd rather not, just change the below entries to strings with + the config you want - ie #define EXAMPLE_WIFI_SSID "mywifissid" + + You can choose EAP method via 'make menuconfig' according to the + configuration of AP. +*/ +#define EXAMPLE_WIFI_SSID CONFIG_WIFI_SSID +#define EXAMPLE_EAP_METHOD CONFIG_EAP_METHOD + +#define EXAMPLE_EAP_ID CONFIG_EAP_ID +#define EXAMPLE_EAP_USERNAME CONFIG_EAP_USERNAME +#define EXAMPLE_EAP_PASSWORD CONFIG_EAP_PASSWORD + +/* FreeRTOS event group to signal when we are connected & ready to make a request */ +static EventGroupHandle_t wifi_event_group; + +/* The event group allows multiple bits for each event, + but we only care about one event - are we connected + to the AP with an IP? */ +const int CONNECTED_BIT = BIT0; + +/* Constants that aren't configurable in menuconfig */ +#define EAP_PEAP 1 +#define EAP_TTLS 2 + +static const char *TAG = "example"; + +/* CA cert, taken from wpa2_ca.pem + Client cert, taken from wpa2_client.crt + Client key, taken from wpa2_client.key + + The PEM, CRT and KEY file were provided by the person or organization + who configured the AP with wpa2 enterprise. + + To embed it in the app binary, the PEM, CRT and KEY file is named + in the component.mk COMPONENT_EMBED_TXTFILES variable. +*/ +extern uint8_t ca_pem_start[] asm("_binary_wpa2_ca_pem_start"); +extern uint8_t ca_pem_end[] asm("_binary_wpa2_ca_pem_end"); +extern uint8_t client_crt_start[] asm("_binary_wpa2_client_crt_start"); +extern uint8_t client_crt_end[] asm("_binary_wpa2_client_crt_end"); +extern uint8_t client_key_start[] asm("_binary_wpa2_client_key_start"); +extern uint8_t client_key_end[] asm("_binary_wpa2_client_key_end"); + +static esp_err_t event_handler(void *ctx, system_event_t *event) +{ + switch(event->event_id) { + case SYSTEM_EVENT_STA_START: + esp_wifi_connect(); + break; + case SYSTEM_EVENT_STA_GOT_IP: + xEventGroupSetBits(wifi_event_group, CONNECTED_BIT); + break; + case SYSTEM_EVENT_STA_DISCONNECTED: + esp_wifi_connect(); + xEventGroupClearBits(wifi_event_group, CONNECTED_BIT); + break; + default: + break; + } + return ESP_OK; +} + +static void initialise_wifi(void) +{ + unsigned int ca_pem_bytes = ca_pem_end - ca_pem_start; + unsigned int client_crt_bytes = client_crt_end - client_crt_start; + unsigned int client_key_bytes = client_key_end - client_key_start; + + tcpip_adapter_init(); + wifi_event_group = xEventGroupCreate(); + ESP_ERROR_CHECK( esp_event_loop_init(event_handler, NULL) ); + wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT(); + ESP_ERROR_CHECK( esp_wifi_init(&cfg) ); + ESP_ERROR_CHECK( esp_wifi_set_storage(WIFI_STORAGE_RAM) ); + wifi_config_t wifi_config = { + .sta = { + .ssid = EXAMPLE_WIFI_SSID, + }, + }; + ESP_LOGI(TAG, "Setting WiFi configuration SSID %s...", wifi_config.sta.ssid); + ESP_ERROR_CHECK( esp_wifi_set_mode(WIFI_MODE_STA) ); + ESP_ERROR_CHECK( esp_wifi_set_config(ESP_IF_WIFI_STA, &wifi_config) ); + ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_set_ca_cert(ca_pem_start, ca_pem_bytes) ); + ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_set_cert_key(client_crt_start, client_crt_bytes,\ + client_key_start, client_key_bytes, NULL, 0) ); + ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_set_identity((uint8_t *)EXAMPLE_EAP_ID, strlen(EXAMPLE_EAP_ID)) ); + if (EXAMPLE_EAP_METHOD == EAP_PEAP || EXAMPLE_EAP_METHOD == EAP_TTLS) { + ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_set_username((uint8_t *)EXAMPLE_EAP_USERNAME, strlen(EXAMPLE_EAP_USERNAME)) ); + ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_set_password((uint8_t *)EXAMPLE_EAP_PASSWORD, strlen(EXAMPLE_EAP_PASSWORD)) ); + } + ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_enable() ); + ESP_ERROR_CHECK( esp_wifi_start() ); +} + +static void wpa2_enterprise_task(void *pvParameters) +{ + tcpip_adapter_ip_info_t ip; + memset(&ip, 0, sizeof(tcpip_adapter_ip_info_t)); + vTaskDelay(2000 / portTICK_PERIOD_MS); + + while (1) { + vTaskDelay(2000 / portTICK_PERIOD_MS); + + if (tcpip_adapter_get_ip_info(ESP_IF_WIFI_STA, &ip) == 0) { + ESP_LOGI(TAG, "~~~~~~~~~~~"); + ESP_LOGI(TAG, "IP:"IPSTR, IP2STR(&ip.ip)); + ESP_LOGI(TAG, "MASK:"IPSTR, IP2STR(&ip.netmask)); + ESP_LOGI(TAG, "GW:"IPSTR, IP2STR(&ip.gw)); + ESP_LOGI(TAG, "~~~~~~~~~~~"); + } + } +} + +void app_main() +{ + nvs_flash_init(); + initialise_wifi(); + xTaskCreate(&wpa2_enterprise_task, "wpa2_enterprise_task", 4096, NULL, 5, NULL); +} diff --git a/examples/31_wpa2_enterprise/main/wpa2_server.crt b/examples/31_wpa2_enterprise/main/wpa2_server.crt new file mode 100644 index 0000000000..312a7d6aa8 --- /dev/null +++ b/examples/31_wpa2_enterprise/main/wpa2_server.crt @@ -0,0 +1,70 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 43 (0x2b) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=FR, ST=Radius, L=Somewhere, O=Example Inc./emailAddress=admin@example.com, CN=Example Certificate Authority + Validity + Not Before: Nov 23 02:55:07 2016 GMT + Not After : Jan 22 02:55:07 2017 GMT + Subject: C=FR, ST=Radius, O=Example Inc., CN=Example Server Certificate/emailAddress=admin@example.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:ca:5d:86:b7:7a:3a:bc:f4:4d:d8:69:8c:25:bf: + d1:d7:33:b7:76:ea:d9:ae:b6:78:14:d6:d5:ca:67: + fd:f4:5c:13:d3:01:b4:bc:92:d5:a0:51:f5:fe:81: + 6f:da:28:33:07:08:20:e9:26:27:c6:ab:43:0b:7f: + ce:7c:3b:c6:9c:a4:6c:85:22:3d:40:84:27:32:d6: + a2:94:ed:14:29:4c:ef:d9:ac:d5:a3:ea:7d:47:76: + 18:57:7c:0a:4a:fe:ba:8f:b8:44:44:a5:62:e8:b0: + dd:59:6b:d2:20:69:f1:64:e1:f6:d0:e5:9e:88:da: + 10:e5:58:18:fc:87:ce:2f:67:f6:9d:f8:ac:da:0f: + 2b:f5:58:30:04:13:1c:b5:71:ce:3d:26:c7:34:03: + 66:38:ca:8d:11:75:f0:0b:14:ab:98:b1:dc:cd:81: + d2:68:33:96:d6:50:4f:a7:19:d0:20:15:5e:e0:18: + 8b:07:83:11:2d:3d:51:14:68:73:cd:f2:70:c6:59: + 50:cf:e1:f5:12:88:d5:71:de:1d:92:2e:7d:d1:8b: + 09:fe:b4:17:bd:7e:73:07:c0:a1:6a:f3:af:80:3b: + e4:d7:62:6d:1c:15:93:92:47:25:bd:f6:50:02:3e: + 9c:00:7d:15:89:f2:38:10:95:f2:ef:09:fa:b5:cf: + 90:63 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Extended Key Usage: + TLS Web Server Authentication + X509v3 CRL Distribution Points: + + Full Name: + URI:http://www.example.com/example_ca.crl + + Signature Algorithm: sha1WithRSAEncryption + 92:f8:06:4b:32:4f:f1:22:18:9c:67:dc:28:03:82:ee:14:0a: + 59:a9:07:bb:1e:44:80:8e:a0:69:28:03:bd:04:87:5f:0c:86: + 80:63:db:47:ea:06:25:9e:7f:67:ef:16:77:37:02:8f:00:6a: + 59:cd:00:06:19:b0:43:34:8c:14:bf:29:fd:e0:8c:57:0f:63: + 7b:73:68:70:8a:13:ff:2d:39:a5:a7:69:fb:7b:13:3a:2c:09: + b5:c1:15:d8:7a:2f:77:33:16:7f:41:08:be:23:61:ac:aa:92: + 3f:38:40:06:87:3c:63:86:16:ba:4a:2d:ea:04:36:5a:fd:c7: + 80:8d +-----BEGIN CERTIFICATE----- +MIIDWTCCAsKgAwIBAgIBKzANBgkqhkiG9w0BAQUFADCBkzELMAkGA1UEBhMCRlIx +DzANBgNVBAgMBlJhZGl1czESMBAGA1UEBwwJU29tZXdoZXJlMRUwEwYDVQQKDAxF +eGFtcGxlIEluYy4xIDAeBgkqhkiG9w0BCQEWEWFkbWluQGV4YW1wbGUuY29tMSYw +JAYDVQQDDB1FeGFtcGxlIENlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xNjExMjMw +MjU1MDdaFw0xNzAxMjIwMjU1MDdaMHwxCzAJBgNVBAYTAkZSMQ8wDQYDVQQIDAZS +YWRpdXMxFTATBgNVBAoMDEV4YW1wbGUgSW5jLjEjMCEGA1UEAwwaRXhhbXBsZSBT +ZXJ2ZXIgQ2VydGlmaWNhdGUxIDAeBgkqhkiG9w0BCQEWEWFkbWluQGV4YW1wbGUu +Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyl2Gt3o6vPRN2GmM +Jb/R1zO3durZrrZ4FNbVymf99FwT0wG0vJLVoFH1/oFv2igzBwgg6SYnxqtDC3/O +fDvGnKRshSI9QIQnMtailO0UKUzv2azVo+p9R3YYV3wKSv66j7hERKVi6LDdWWvS +IGnxZOH20OWeiNoQ5VgY/IfOL2f2nfis2g8r9VgwBBMctXHOPSbHNANmOMqNEXXw +CxSrmLHczYHSaDOW1lBPpxnQIBVe4BiLB4MRLT1RFGhzzfJwxllQz+H1EojVcd4d +ki590YsJ/rQXvX5zB8ChavOvgDvk12JtHBWTkkclvfZQAj6cAH0VifI4EJXy7wn6 +tc+QYwIDAQABo08wTTATBgNVHSUEDDAKBggrBgEFBQcDATA2BgNVHR8ELzAtMCug +KaAnhiVodHRwOi8vd3d3LmV4YW1wbGUuY29tL2V4YW1wbGVfY2EuY3JsMA0GCSqG +SIb3DQEBBQUAA4GBAJL4BksyT/EiGJxn3CgDgu4UClmpB7seRICOoGkoA70Eh18M +hoBj20fqBiWef2fvFnc3Ao8AalnNAAYZsEM0jBS/Kf3gjFcPY3tzaHCKE/8tOaWn +aft7EzosCbXBFdh6L3czFn9BCL4jYayqkj84QAaHPGOGFrpKLeoENlr9x4CN +-----END CERTIFICATE----- diff --git a/examples/31_wpa2_enterprise/main/wpa2_server.key b/examples/31_wpa2_enterprise/main/wpa2_server.key new file mode 100644 index 0000000000..e7d9d26200 --- /dev/null +++ b/examples/31_wpa2_enterprise/main/wpa2_server.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAyl2Gt3o6vPRN2GmMJb/R1zO3durZrrZ4FNbVymf99FwT0wG0 +vJLVoFH1/oFv2igzBwgg6SYnxqtDC3/OfDvGnKRshSI9QIQnMtailO0UKUzv2azV +o+p9R3YYV3wKSv66j7hERKVi6LDdWWvSIGnxZOH20OWeiNoQ5VgY/IfOL2f2nfis +2g8r9VgwBBMctXHOPSbHNANmOMqNEXXwCxSrmLHczYHSaDOW1lBPpxnQIBVe4BiL +B4MRLT1RFGhzzfJwxllQz+H1EojVcd4dki590YsJ/rQXvX5zB8ChavOvgDvk12Jt +HBWTkkclvfZQAj6cAH0VifI4EJXy7wn6tc+QYwIDAQABAoIBAHN/BZBaNoP5eyR0 +uQQigoUsgx1f1HWettJN+x7WU17P3pCjfJ/TvhEONjPXdBsyrkzpGr92g2UkAdPi +Udsd0rE8NqOVcxgLVMPzND+DP+qCerHlrtkqz+2lPSdRKB69W4UDShNTwSvFJdAP +dZICZT+Kp+953g2FR/ddXIVkjQ0IaKN8gD4j+JKpfVGMpKlYdUf8gK6Ag71VtUa5 +XzRDS4A9ytrpNcmaXaOhCVPdgCg20CULgpg6B6dG3XWzC16Erf8rMl0fsAB31K9a +qF87QS14JavdW1vdUFXCyqre9N58NUKxQjuhNADSB2sJEXkP2uhPcL+72Li8deRO +8MJgckECgYEA8ryoRI7bKn907Kx4Go7G4NS3hwuTd9jhhS8iQ1tatkQdqnBXnuWU +X20i02vYQGoZGsOl+DTgY2IWRYBPkGT+RwklJxCvYkZvOCgHaipoWsF+EOptv5Au +4ZERlBCWXzWdEgnx5nCFJQFfWBm77iC+muPpB+SryQmTld/RwvihxBsCgYEA1Wwp +Qq/5urpzz/uwNdMiMJ1lePi2HBvJeZOnw0LU+xUqXUkt6291CLhHNn8okPVeoNZP +iKP0Lid6IO2yp/3iCT5w9NNOMFlyhrVMAxYOkrM8AxlYnCwoCOoqN5x+4RrJLVFL +zrg+VN9vexfkOWdH9t8g+0gNn7MCX3adqy1/WVkCgYA4yXIEN/eGBbNw+xhN/kEA +sEMPUOH7E74OzmwRnfmm0mCuUwHspoEDoiCXnY9F4oxk+oiFfLlSBsx3DgGPIlFq +hPUwInMlZpz2Ykb5y1oGgWXgxzdNrYmKM8oM/aRwOba5VaJF6uT7N0r67WpN11NA +ITmPIywdKCRi163XExulKQKBgHyMgI/AbrbANPH9adofeuZwFFXCn1RMCwn+V3sm +N3DH609Bc6DgDKaoFDcDgkMGTtECAKw3Mjr1ItqwnQBYs169p+HYptqkeKeQiemL +J7oJC06rrgCF7F83eKe3lnv7y8e8l8bt0sJpGn/1c2TklyTFFlROulSmfQ4FBQJu +rNERAoGAec+0Wi5qYT917CPHqXcCUTg35kvtlLlgGdX6kNZRNszZUIF7O+wH4EJx +yxu3cgxZ2FL95Kf/oyOOnlOkRJ/clJbNBVSEHvJh64GL0PZ5V5szsscoGr6KY7SO +/kkJKC3OS/3fpto1/9yjJpoqJp9pzGU48PM0IKgd3ITQE6oOCCg= +-----END RSA PRIVATE KEY----- diff --git a/examples/31_wpa2_enterprise/main/wpa2_server.pem b/examples/31_wpa2_enterprise/main/wpa2_server.pem new file mode 100644 index 0000000000..97d16aec59 --- /dev/null +++ b/examples/31_wpa2_enterprise/main/wpa2_server.pem @@ -0,0 +1,57 @@ +Bag Attributes + localKeyID: 4E 12 CF 3A FA D4 03 64 00 BB 98 1C 78 35 56 4A AC C3 1E 17 +subject=/C=FR/ST=Radius/O=Example Inc./CN=Example Server Certificate/emailAddress=admin@example.com +issuer=/C=FR/ST=Radius/L=Somewhere/O=Example Inc./emailAddress=admin@example.com/CN=Example Certificate Authority +-----BEGIN CERTIFICATE----- +MIIDWTCCAsKgAwIBAgIBKzANBgkqhkiG9w0BAQUFADCBkzELMAkGA1UEBhMCRlIx +DzANBgNVBAgMBlJhZGl1czESMBAGA1UEBwwJU29tZXdoZXJlMRUwEwYDVQQKDAxF +eGFtcGxlIEluYy4xIDAeBgkqhkiG9w0BCQEWEWFkbWluQGV4YW1wbGUuY29tMSYw +JAYDVQQDDB1FeGFtcGxlIENlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xNjExMjMw +MjU1MDdaFw0xNzAxMjIwMjU1MDdaMHwxCzAJBgNVBAYTAkZSMQ8wDQYDVQQIDAZS +YWRpdXMxFTATBgNVBAoMDEV4YW1wbGUgSW5jLjEjMCEGA1UEAwwaRXhhbXBsZSBT +ZXJ2ZXIgQ2VydGlmaWNhdGUxIDAeBgkqhkiG9w0BCQEWEWFkbWluQGV4YW1wbGUu +Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyl2Gt3o6vPRN2GmM +Jb/R1zO3durZrrZ4FNbVymf99FwT0wG0vJLVoFH1/oFv2igzBwgg6SYnxqtDC3/O +fDvGnKRshSI9QIQnMtailO0UKUzv2azVo+p9R3YYV3wKSv66j7hERKVi6LDdWWvS +IGnxZOH20OWeiNoQ5VgY/IfOL2f2nfis2g8r9VgwBBMctXHOPSbHNANmOMqNEXXw +CxSrmLHczYHSaDOW1lBPpxnQIBVe4BiLB4MRLT1RFGhzzfJwxllQz+H1EojVcd4d +ki590YsJ/rQXvX5zB8ChavOvgDvk12JtHBWTkkclvfZQAj6cAH0VifI4EJXy7wn6 +tc+QYwIDAQABo08wTTATBgNVHSUEDDAKBggrBgEFBQcDATA2BgNVHR8ELzAtMCug +KaAnhiVodHRwOi8vd3d3LmV4YW1wbGUuY29tL2V4YW1wbGVfY2EuY3JsMA0GCSqG +SIb3DQEBBQUAA4GBAJL4BksyT/EiGJxn3CgDgu4UClmpB7seRICOoGkoA70Eh18M +hoBj20fqBiWef2fvFnc3Ao8AalnNAAYZsEM0jBS/Kf3gjFcPY3tzaHCKE/8tOaWn +aft7EzosCbXBFdh6L3czFn9BCL4jYayqkj84QAaHPGOGFrpKLeoENlr9x4CN +-----END CERTIFICATE----- +Bag Attributes + localKeyID: 4E 12 CF 3A FA D4 03 64 00 BB 98 1C 78 35 56 4A AC C3 1E 17 +Key Attributes: +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIxxT4lUY0dvgCAggA +MBQGCCqGSIb3DQMHBAiQ8/bzpj1InASCBMjU0Nl0/CMHnNAWZ6t1yb93vHJUHHsv +0acQNqeN8ToS1Wz0delbNnJMZ5lkO3ei542d2HwbGW4KYgWuMBPh2qgpdnnUfBPE +C6iCtGCDugVgZl3W7VPjQzMjsExuwYaZf7dhBkQEbuzuGXDrsZL3sauAeOla8V34 +yYESS9P7Jyd0prMgDG5yap9acorjiSLpqHsCogp/vlERSl8f/+yxY5dJuLo+54Z6 +Q8GjlpoiEUijy/Gs/BKcyTX3zddJm/yA3PF0JM8ZSH9K0pBa3l2VJYdizWGl3G59 +uozlMVZrg/KxDgfoe7QGit/WUGiq4fYXIUVKSKOfRmpD8YaTaUkGtoao9VjUYXul +01yU3DSRct9O/r1MG9QQjmYSi05t+Cohp/FNd0WqLlKPilDK86Wu4xECjOI+KsOe +kccUDBuaTMxdoYsq5Ge+V79YR1yABYtgkGymR9mS357Za9IlXxExhDBb2ky0MMlx +DfgimcWOlc4IWGrhheezZaTjgUO/Q0izrxD/ZBYNUmSnYDpRj4mk/sxQ6aDytlEu +ZSnTo+jbyXTh8nVwxhOB2PdWNmFOkRcGOJci8MErd8ArdWniw68MoYwhHTabDpwo +0nEs1MhqoiMAgn7iluN+cscV7pz4n5zriZX3Rw1ivcUPQ8RR6y5h/nR9Du5fCyRm +v5vF01w+o+XejU54DyqRptWiR6yHDJer2TIUqTjKt4NQENZyXEMh+ls6arjZ0mRp +i8rv3M/Z8NLcTQ7lD/gAGTWxzsNIfMcBQX9X9R6V4BmzhmQQA+/pbLh2IOOVPXO3 +sUGXChyQSa5xE1VpVle28Q3GqKq03W0W+8EtGy889px9/MGWLfCMrJNCv4zH7d/j +FTRkiNdtBZrmWTyUgBVgQoTVPxyzBBC11HXzRGxiEQft/NFwd0dzKoNfNsgGGa0Q +AzKmPJselaJdqol961z3RbzEpfyqvSnMbui/iIMV2lTEc/EQWoaQ3SGHf3qdhlQ5 +MScGocq+hskrMmgW1XVG3HDowdC5K5sKXUYJmixNGHWXFao/FZUAVBmQD+290Qkl +EMKQ2xw3PJ2tk47EpdscixayDpiOJQEdgys3oA1W06bIpxNaERYObqp8M62fet9I +wuRZyNWuKVyyilyB9sTjmgD55BXt6B+jkmkwHq15RA85AbsHHttugyMA//V+oiYt +B0BmSKpzSr6nEnr+0NiWybWlN97yLHUrtFiLMyKb6+qAMbxdsET6vfWsASuC21Lq +ZHgW3EofIEDz7r59w4NHwCLGBttpgKLkmrvjt17cMdmsEXbWFgw+9pi/uqEaRaq5 +/ekb9uPzbS7o4ArGQ+WBFUA6ONV98i2ZMOmfvq/dgBAQcRLlI7Cp+yikcMbzJ3Aq +VJc53y0Gl8awDXMbOiH0l1ij+3mQ5xPZbuv2ofcg+4enoK1cclG6ryWWGPMDcAg2 +JivgEzn6eFsiPRnlidrJUy6zJYxCsjSPodcbFH7DXnwPA8+C9P1it2bnqPdQWzXA +JiUFtvmRgEVmOAVCbZLkNPa+K0K8Ymzu3ZYchVMduxJh1xNKId+FM2BGOmlYqDUJ +jnGqHciOxd+0crjaPd0isxUgS7bTd3XdQEIkT/yESS9aJEHsnBFkEXsXSDpxpf7a +dE4= +-----END ENCRYPTED PRIVATE KEY-----