1 /* WiFi Connection Example using WPA2 Enterprise
2 *
3 * Original Copyright (C) 2006-2016, ARM Limited, All Rights Reserved, Apache 2.0 License.
4 * Additions Copyright (C) Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD, Apache 2.0 License.
5 *
6 *
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 */
19 #include <string.h>
20 #include <stdlib.h>
21 #include "freertos/FreeRTOS.h"
22 #include "freertos/task.h"
23 #include "freertos/event_groups.h"
24 #include "esp_wifi.h"
25 #include "esp_wpa2.h"
26 #include "esp_event.h"
27 #include "esp_log.h"
28 #include "esp_system.h"
29 #include "nvs_flash.h"
30 #include "esp_netif.h"
31
32 /* The examples use simple WiFi configuration that you can set via
33 project configuration menu.
34
35 If you'd rather not, just change the below entries to strings with
36 the config you want - ie #define EXAMPLE_WIFI_SSID "mywifissid"
37
38 You can choose EAP method via project configuration according to the
39 configuration of AP.
40 */
41 #define EXAMPLE_WIFI_SSID CONFIG_EXAMPLE_WIFI_SSID
42 #define EXAMPLE_EAP_METHOD CONFIG_EXAMPLE_EAP_METHOD
43
44 #define EXAMPLE_EAP_ID CONFIG_EXAMPLE_EAP_ID
45 #define EXAMPLE_EAP_USERNAME CONFIG_EXAMPLE_EAP_USERNAME
46 #define EXAMPLE_EAP_PASSWORD CONFIG_EXAMPLE_EAP_PASSWORD
47
48 /* FreeRTOS event group to signal when we are connected & ready to make a request */
49 static EventGroupHandle_t wifi_event_group;
50
51 /* esp netif object representing the WIFI station */
52 static esp_netif_t *sta_netif = NULL;
53
54 /* The event group allows multiple bits for each event,
55 but we only care about one event - are we connected
56 to the AP with an IP? */
57 const int CONNECTED_BIT = BIT0;
58
59 static const char *TAG = "example";
60
61 /* CA cert, taken from ca.pem
62 Client cert, taken from client.crt
63 Client key, taken from client.key
64
65 The PEM, CRT and KEY file were provided by the person or organization
66 who configured the AP with wpa2 enterprise.
67
68 To embed it in the app binary, the PEM, CRT and KEY file is named
69 in the component.mk COMPONENT_EMBED_TXTFILES variable.
70 */
71 #ifdef CONFIG_EXAMPLE_VALIDATE_SERVER_CERT
72 extern uint8_t ca_pem_start[] asm("_binary_ca_pem_start");
73 extern uint8_t ca_pem_end[] asm("_binary_ca_pem_end");
74 #endif /* CONFIG_EXAMPLE_VALIDATE_SERVER_CERT */
75
76 #ifdef CONFIG_EXAMPLE_EAP_METHOD_TLS
77 extern uint8_t client_crt_start[] asm("_binary_client_crt_start");
78 extern uint8_t client_crt_end[] asm("_binary_client_crt_end");
79 extern uint8_t client_key_start[] asm("_binary_client_key_start");
80 extern uint8_t client_key_end[] asm("_binary_client_key_end");
81 #endif /* CONFIG_EXAMPLE_EAP_METHOD_TLS */
82
83 #if defined CONFIG_EXAMPLE_EAP_METHOD_TTLS
84 esp_eap_ttls_phase2_types TTLS_PHASE2_METHOD = CONFIG_EXAMPLE_EAP_METHOD_TTLS_PHASE_2;
85 #endif /* CONFIG_EXAMPLE_EAP_METHOD_TTLS */
86
event_handler(void * arg,esp_event_base_t event_base,int32_t event_id,void * event_data)87 static void event_handler(void* arg, esp_event_base_t event_base,
88 int32_t event_id, void* event_data)
89 {
90 if (event_base == WIFI_EVENT && event_id == WIFI_EVENT_STA_START) {
91 esp_wifi_connect();
92 } else if (event_base == WIFI_EVENT && event_id == WIFI_EVENT_STA_DISCONNECTED) {
93 esp_wifi_connect();
94 xEventGroupClearBits(wifi_event_group, CONNECTED_BIT);
95 } else if (event_base == IP_EVENT && event_id == IP_EVENT_STA_GOT_IP) {
96 xEventGroupSetBits(wifi_event_group, CONNECTED_BIT);
97 }
98 }
99
initialise_wifi(void)100 static void initialise_wifi(void)
101 {
102 #ifdef CONFIG_EXAMPLE_VALIDATE_SERVER_CERT
103 unsigned int ca_pem_bytes = ca_pem_end - ca_pem_start;
104 #endif /* CONFIG_EXAMPLE_VALIDATE_SERVER_CERT */
105
106 #ifdef CONFIG_EXAMPLE_EAP_METHOD_TLS
107 unsigned int client_crt_bytes = client_crt_end - client_crt_start;
108 unsigned int client_key_bytes = client_key_end - client_key_start;
109 #endif /* CONFIG_EXAMPLE_EAP_METHOD_TLS */
110
111 ESP_ERROR_CHECK(esp_netif_init());
112 wifi_event_group = xEventGroupCreate();
113 ESP_ERROR_CHECK(esp_event_loop_create_default());
114 sta_netif = esp_netif_create_default_wifi_sta();
115 assert(sta_netif);
116
117 wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT();
118 ESP_ERROR_CHECK( esp_wifi_init(&cfg) );
119 ESP_ERROR_CHECK( esp_event_handler_register(WIFI_EVENT, ESP_EVENT_ANY_ID, &event_handler, NULL) );
120 ESP_ERROR_CHECK( esp_event_handler_register(IP_EVENT, IP_EVENT_STA_GOT_IP, &event_handler, NULL) );
121 ESP_ERROR_CHECK( esp_wifi_set_storage(WIFI_STORAGE_RAM) );
122 wifi_config_t wifi_config = {
123 .sta = {
124 .ssid = EXAMPLE_WIFI_SSID,
125 #if defined (CONFIG_EXAMPLE_WPA3_192BIT_ENTERPRISE)
126 .pmf_cfg = {
127 .required = true
128 },
129 #endif
130 },
131 };
132 ESP_LOGI(TAG, "Setting WiFi configuration SSID %s...", wifi_config.sta.ssid);
133 ESP_ERROR_CHECK( esp_wifi_set_mode(WIFI_MODE_STA) );
134 ESP_ERROR_CHECK( esp_wifi_set_config(WIFI_IF_STA, &wifi_config) );
135 ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_set_identity((uint8_t *)EXAMPLE_EAP_ID, strlen(EXAMPLE_EAP_ID)) );
136
137 #if defined(CONFIG_EXAMPLE_VALIDATE_SERVER_CERT) || \
138 defined(CONFIG_EXAMPLE_WPA3_ENTERPRISE) || \
139 defined(CONFIG_EXAMPLE_WPA3_192BIT_ENTERPRISE)
140 ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_set_ca_cert(ca_pem_start, ca_pem_bytes) );
141 #endif /* CONFIG_EXAMPLE_VALIDATE_SERVER_CERT */ /* EXAMPLE_WPA3_ENTERPRISE */
142
143 #ifdef CONFIG_EXAMPLE_EAP_METHOD_TLS
144 ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_set_cert_key(client_crt_start, client_crt_bytes,\
145 client_key_start, client_key_bytes, NULL, 0) );
146 #endif /* CONFIG_EXAMPLE_EAP_METHOD_TLS */
147
148 #if defined CONFIG_EXAMPLE_EAP_METHOD_PEAP || CONFIG_EXAMPLE_EAP_METHOD_TTLS
149 ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_set_username((uint8_t *)EXAMPLE_EAP_USERNAME, strlen(EXAMPLE_EAP_USERNAME)) );
150 ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_set_password((uint8_t *)EXAMPLE_EAP_PASSWORD, strlen(EXAMPLE_EAP_PASSWORD)) );
151 #endif /* CONFIG_EXAMPLE_EAP_METHOD_PEAP || CONFIG_EXAMPLE_EAP_METHOD_TTLS */
152
153 #if defined CONFIG_EXAMPLE_EAP_METHOD_TTLS
154 ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_set_ttls_phase2_method(TTLS_PHASE2_METHOD) );
155 #endif /* CONFIG_EXAMPLE_EAP_METHOD_TTLS */
156 #if defined (CONFIG_EXAMPLE_WPA3_192BIT_ENTERPRISE)
157 ESP_LOGI(TAG, "Enabling 192 bit certification");
158 ESP_ERROR_CHECK(esp_wifi_sta_wpa2_set_suiteb_192bit_certification(true));
159 #endif
160 ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_enable() );
161 ESP_ERROR_CHECK( esp_wifi_start() );
162 }
163
wpa2_enterprise_example_task(void * pvParameters)164 static void wpa2_enterprise_example_task(void *pvParameters)
165 {
166 esp_netif_ip_info_t ip;
167 memset(&ip, 0, sizeof(esp_netif_ip_info_t));
168 vTaskDelay(2000 / portTICK_PERIOD_MS);
169
170 while (1) {
171 vTaskDelay(2000 / portTICK_PERIOD_MS);
172
173 if (esp_netif_get_ip_info(sta_netif, &ip) == 0) {
174 ESP_LOGI(TAG, "~~~~~~~~~~~");
175 ESP_LOGI(TAG, "IP:"IPSTR, IP2STR(&ip.ip));
176 ESP_LOGI(TAG, "MASK:"IPSTR, IP2STR(&ip.netmask));
177 ESP_LOGI(TAG, "GW:"IPSTR, IP2STR(&ip.gw));
178 ESP_LOGI(TAG, "~~~~~~~~~~~");
179 }
180 }
181 }
182
app_main(void)183 void app_main(void)
184 {
185 ESP_ERROR_CHECK( nvs_flash_init() );
186 initialise_wifi();
187 xTaskCreate(&wpa2_enterprise_example_task, "wpa2_enterprise_example_task", 4096, NULL, 5, NULL);
188 }
189
