2021-10-09 13:27:32 -04:00
|
|
|
/*
|
|
|
|
* SPDX-FileCopyrightText: 2019-2021 Espressif Systems (Shanghai) CO LTD
|
|
|
|
*
|
|
|
|
* SPDX-License-Identifier: Apache-2.0
|
|
|
|
*/
|
2016-11-24 07:41:44 -05:00
|
|
|
|
2018-08-13 04:37:56 -04:00
|
|
|
#ifndef _ESP_WPA2_H
|
|
|
|
#define _ESP_WPA2_H
|
2016-11-10 21:38:57 -05:00
|
|
|
|
2018-04-19 23:33:04 -04:00
|
|
|
#include <stdbool.h>
|
|
|
|
|
2016-11-10 21:38:57 -05:00
|
|
|
#include "esp_err.h"
|
|
|
|
|
2020-06-23 04:34:23 -04:00
|
|
|
typedef enum {
|
|
|
|
ESP_EAP_TTLS_PHASE2_EAP,
|
|
|
|
ESP_EAP_TTLS_PHASE2_MSCHAPV2,
|
|
|
|
ESP_EAP_TTLS_PHASE2_MSCHAP,
|
|
|
|
ESP_EAP_TTLS_PHASE2_PAP,
|
|
|
|
ESP_EAP_TTLS_PHASE2_CHAP
|
2021-08-30 06:12:32 -04:00
|
|
|
} esp_eap_ttls_phase2_types;
|
|
|
|
|
|
|
|
typedef struct {
|
|
|
|
int fast_provisioning;
|
|
|
|
int fast_max_pac_list_len;
|
|
|
|
bool fast_pac_format_binary;
|
|
|
|
} esp_eap_fast_config;
|
2020-06-23 04:34:23 -04:00
|
|
|
|
2016-11-10 21:38:57 -05:00
|
|
|
#ifdef __cplusplus
|
|
|
|
extern "C" {
|
|
|
|
#endif
|
|
|
|
|
|
|
|
/**
|
2016-11-23 02:29:01 -05:00
|
|
|
* @brief Enable wpa2 enterprise authentication.
|
2016-11-10 21:38:57 -05:00
|
|
|
*
|
2022-06-06 01:31:02 -04:00
|
|
|
* @attention 1. wpa2 enterprise authentication can only be used when station mode is enabled.
|
2017-01-10 04:50:32 -05:00
|
|
|
* @attention 2. wpa2 enterprise authentication can only support TLS, PEAP-MSCHAPv2 and TTLS-MSCHAPv2 method.
|
2016-11-10 21:38:57 -05:00
|
|
|
*
|
2017-01-10 04:50:32 -05:00
|
|
|
* @return
|
2018-02-09 08:43:11 -05:00
|
|
|
* - ESP_OK: succeed.
|
|
|
|
* - ESP_ERR_NO_MEM: fail(internal memory malloc fail)
|
2016-11-23 02:29:01 -05:00
|
|
|
*/
|
2018-08-13 04:37:56 -04:00
|
|
|
esp_err_t esp_wifi_sta_wpa2_ent_enable(void);
|
2016-11-23 02:29:01 -05:00
|
|
|
|
|
|
|
/**
|
|
|
|
* @brief Disable wpa2 enterprise authentication.
|
|
|
|
*
|
2022-06-06 01:31:02 -04:00
|
|
|
* @attention 1. wpa2 enterprise authentication can only be used when station mode is enabled.
|
2017-01-10 04:50:32 -05:00
|
|
|
* @attention 2. wpa2 enterprise authentication can only support TLS, PEAP-MSCHAPv2 and TTLS-MSCHAPv2 method.
|
2016-11-23 02:29:01 -05:00
|
|
|
*
|
2017-01-10 04:50:32 -05:00
|
|
|
* @return
|
2018-02-09 08:43:11 -05:00
|
|
|
* - ESP_OK: succeed.
|
2016-11-10 21:38:57 -05:00
|
|
|
*/
|
2016-11-25 05:08:21 -05:00
|
|
|
esp_err_t esp_wifi_sta_wpa2_ent_disable(void);
|
2016-11-10 21:38:57 -05:00
|
|
|
|
2017-01-10 04:50:32 -05:00
|
|
|
/**
|
|
|
|
* @brief Set identity for PEAP/TTLS method.
|
|
|
|
*
|
|
|
|
* @attention The API only passes the parameter identity to the global pointer variable in wpa2 enterprise module.
|
|
|
|
*
|
|
|
|
* @param identity: point to address where stores the identity;
|
|
|
|
* @param len: length of identity, limited to 1~127
|
|
|
|
*
|
|
|
|
* @return
|
2018-02-09 08:43:11 -05:00
|
|
|
* - ESP_OK: succeed
|
|
|
|
* - ESP_ERR_INVALID_ARG: fail(len <= 0 or len >= 128)
|
|
|
|
* - ESP_ERR_NO_MEM: fail(internal memory malloc fail)
|
2017-01-10 04:50:32 -05:00
|
|
|
*/
|
2017-10-12 21:47:19 -04:00
|
|
|
esp_err_t esp_wifi_sta_wpa2_ent_set_identity(const unsigned char *identity, int len);
|
2017-01-10 04:50:32 -05:00
|
|
|
|
|
|
|
/**
|
|
|
|
* @brief Clear identity for PEAP/TTLS method.
|
|
|
|
*/
|
|
|
|
void esp_wifi_sta_wpa2_ent_clear_identity(void);
|
|
|
|
|
2016-11-10 21:38:57 -05:00
|
|
|
/**
|
|
|
|
* @brief Set username for PEAP/TTLS method.
|
|
|
|
*
|
2016-11-24 22:03:33 -05:00
|
|
|
* @attention The API only passes the parameter username to the global pointer variable in wpa2 enterprise module.
|
|
|
|
*
|
2016-11-10 21:38:57 -05:00
|
|
|
* @param username: point to address where stores the username;
|
2017-01-10 04:50:32 -05:00
|
|
|
* @param len: length of username, limited to 1~127
|
2016-11-10 21:38:57 -05:00
|
|
|
*
|
2017-01-10 04:50:32 -05:00
|
|
|
* @return
|
2018-02-09 08:43:11 -05:00
|
|
|
* - ESP_OK: succeed
|
|
|
|
* - ESP_ERR_INVALID_ARG: fail(len <= 0 or len >= 128)
|
|
|
|
* - ESP_ERR_NO_MEM: fail(internal memory malloc fail)
|
2016-11-10 21:38:57 -05:00
|
|
|
*/
|
2017-10-12 21:47:19 -04:00
|
|
|
esp_err_t esp_wifi_sta_wpa2_ent_set_username(const unsigned char *username, int len);
|
2016-11-10 21:38:57 -05:00
|
|
|
|
2016-11-23 02:29:01 -05:00
|
|
|
/**
|
|
|
|
* @brief Clear username for PEAP/TTLS method.
|
|
|
|
*/
|
2016-11-25 05:08:21 -05:00
|
|
|
void esp_wifi_sta_wpa2_ent_clear_username(void);
|
2016-11-23 02:29:01 -05:00
|
|
|
|
2016-11-10 21:38:57 -05:00
|
|
|
/**
|
|
|
|
* @brief Set password for PEAP/TTLS method..
|
|
|
|
*
|
2016-11-24 22:03:33 -05:00
|
|
|
* @attention The API only passes the parameter password to the global pointer variable in wpa2 enterprise module.
|
|
|
|
*
|
2016-11-10 21:38:57 -05:00
|
|
|
* @param password: point to address where stores the password;
|
2017-01-10 04:50:32 -05:00
|
|
|
* @param len: length of password(len > 0)
|
2016-11-10 21:38:57 -05:00
|
|
|
*
|
2017-01-10 04:50:32 -05:00
|
|
|
* @return
|
2018-02-09 08:43:11 -05:00
|
|
|
* - ESP_OK: succeed
|
|
|
|
* - ESP_ERR_INVALID_ARG: fail(len <= 0)
|
|
|
|
* - ESP_ERR_NO_MEM: fail(internal memory malloc fail)
|
2016-11-10 21:38:57 -05:00
|
|
|
*/
|
2017-10-12 21:47:19 -04:00
|
|
|
esp_err_t esp_wifi_sta_wpa2_ent_set_password(const unsigned char *password, int len);
|
2016-11-10 21:38:57 -05:00
|
|
|
|
|
|
|
/**
|
2016-11-23 02:29:01 -05:00
|
|
|
* @brief Clear password for PEAP/TTLS method..
|
2016-11-10 21:38:57 -05:00
|
|
|
*/
|
2016-11-25 05:08:21 -05:00
|
|
|
void esp_wifi_sta_wpa2_ent_clear_password(void);
|
2016-11-10 21:38:57 -05:00
|
|
|
|
|
|
|
/**
|
2016-11-24 22:03:33 -05:00
|
|
|
* @brief Set new password for MSCHAPv2 method..
|
|
|
|
*
|
2017-01-10 04:50:32 -05:00
|
|
|
* @attention 1. The API only passes the parameter password to the global pointer variable in wpa2 enterprise module.
|
|
|
|
* @attention 2. The new password is used to substitute the old password when eap-mschapv2 failure request message with error code ERROR_PASSWD_EXPIRED is received.
|
2016-11-10 21:38:57 -05:00
|
|
|
*
|
2018-04-19 23:33:04 -04:00
|
|
|
* @param new_password: point to address where stores the password;
|
2017-01-10 04:50:32 -05:00
|
|
|
* @param len: length of password
|
2016-11-10 21:38:57 -05:00
|
|
|
*
|
2017-01-10 04:50:32 -05:00
|
|
|
* @return
|
2018-02-09 08:43:11 -05:00
|
|
|
* - ESP_OK: succeed
|
|
|
|
* - ESP_ERR_INVALID_ARG: fail(len <= 0)
|
|
|
|
* - ESP_ERR_NO_MEM: fail(internal memory malloc fail)
|
2016-11-10 21:38:57 -05:00
|
|
|
*/
|
2016-11-23 02:29:01 -05:00
|
|
|
|
2018-04-19 23:33:04 -04:00
|
|
|
esp_err_t esp_wifi_sta_wpa2_ent_set_new_password(const unsigned char *new_password, int len);
|
2016-11-10 21:38:57 -05:00
|
|
|
|
|
|
|
/**
|
2016-11-24 22:03:33 -05:00
|
|
|
* @brief Clear new password for MSCHAPv2 method..
|
2016-11-10 21:38:57 -05:00
|
|
|
*/
|
2016-11-25 05:08:21 -05:00
|
|
|
void esp_wifi_sta_wpa2_ent_clear_new_password(void);
|
2016-11-23 02:29:01 -05:00
|
|
|
|
|
|
|
/**
|
|
|
|
* @brief Set CA certificate for PEAP/TTLS method.
|
|
|
|
*
|
2017-01-10 04:50:32 -05:00
|
|
|
* @attention 1. The API only passes the parameter ca_cert to the global pointer variable in wpa2 enterprise module.
|
|
|
|
* @attention 2. The ca_cert should be zero terminated.
|
2016-11-24 22:03:33 -05:00
|
|
|
*
|
2016-11-23 02:29:01 -05:00
|
|
|
* @param ca_cert: point to address where stores the CA certificate;
|
2018-04-19 23:33:04 -04:00
|
|
|
* @param ca_cert_len: length of ca_cert
|
2016-11-23 02:29:01 -05:00
|
|
|
*
|
2017-01-10 04:50:32 -05:00
|
|
|
* @return
|
2018-02-09 08:43:11 -05:00
|
|
|
* - ESP_OK: succeed
|
2016-11-23 02:29:01 -05:00
|
|
|
*/
|
2018-04-19 23:33:04 -04:00
|
|
|
esp_err_t esp_wifi_sta_wpa2_ent_set_ca_cert(const unsigned char *ca_cert, int ca_cert_len);
|
2016-11-10 21:38:57 -05:00
|
|
|
|
|
|
|
/**
|
|
|
|
* @brief Clear CA certificate for PEAP/TTLS method.
|
|
|
|
*/
|
2016-11-25 05:08:21 -05:00
|
|
|
void esp_wifi_sta_wpa2_ent_clear_ca_cert(void);
|
2016-11-10 21:38:57 -05:00
|
|
|
|
|
|
|
/**
|
|
|
|
* @brief Set client certificate and key.
|
|
|
|
*
|
2017-01-10 04:50:32 -05:00
|
|
|
* @attention 1. The API only passes the parameter client_cert, private_key and private_key_passwd to the global pointer variable in wpa2 enterprise module.
|
|
|
|
* @attention 2. The client_cert, private_key and private_key_passwd should be zero terminated.
|
2016-11-24 22:03:33 -05:00
|
|
|
*
|
2016-11-10 21:38:57 -05:00
|
|
|
* @param client_cert: point to address where stores the client certificate;
|
2017-01-10 04:50:32 -05:00
|
|
|
* @param client_cert_len: length of client certificate;
|
|
|
|
* @param private_key: point to address where stores the private key;
|
|
|
|
* @param private_key_len: length of private key, limited to 1~2048;
|
|
|
|
* @param private_key_password: point to address where stores the private key password;
|
|
|
|
* @param private_key_password_len: length of private key password;
|
|
|
|
*
|
|
|
|
* @return
|
2018-02-09 08:43:11 -05:00
|
|
|
* - ESP_OK: succeed
|
2016-11-10 21:38:57 -05:00
|
|
|
*/
|
2017-10-12 21:47:19 -04:00
|
|
|
esp_err_t esp_wifi_sta_wpa2_ent_set_cert_key(const unsigned char *client_cert, int client_cert_len, const unsigned char *private_key, int private_key_len, const unsigned char *private_key_passwd, int private_key_passwd_len);
|
2016-11-10 21:38:57 -05:00
|
|
|
|
|
|
|
/**
|
|
|
|
* @brief Clear client certificate and key.
|
|
|
|
*/
|
2016-11-25 05:08:21 -05:00
|
|
|
void esp_wifi_sta_wpa2_ent_clear_cert_key(void);
|
2016-11-10 21:38:57 -05:00
|
|
|
|
2016-11-23 02:29:01 -05:00
|
|
|
/**
|
|
|
|
* @brief Set wpa2 enterprise certs time check(disable or not).
|
|
|
|
*
|
|
|
|
* @param true: disable wpa2 enterprise certs time check
|
2017-01-10 04:50:32 -05:00
|
|
|
* @param false: enable wpa2 enterprise certs time check
|
2016-11-23 02:29:01 -05:00
|
|
|
*
|
2017-01-10 04:50:32 -05:00
|
|
|
* @return
|
|
|
|
* - ESP_OK: succeed
|
2016-11-23 02:29:01 -05:00
|
|
|
*/
|
2016-11-25 05:08:21 -05:00
|
|
|
esp_err_t esp_wifi_sta_wpa2_ent_set_disable_time_check(bool disable);
|
2016-11-23 02:29:01 -05:00
|
|
|
|
|
|
|
/**
|
|
|
|
* @brief Get wpa2 enterprise certs time check(disable or not).
|
|
|
|
*
|
|
|
|
* @param disable: store disable value
|
|
|
|
*
|
2017-01-10 04:50:32 -05:00
|
|
|
* @return
|
|
|
|
* - ESP_OK: succeed
|
2016-11-23 02:29:01 -05:00
|
|
|
*/
|
2016-11-25 05:08:21 -05:00
|
|
|
esp_err_t esp_wifi_sta_wpa2_ent_get_disable_time_check(bool *disable);
|
2016-11-23 02:29:01 -05:00
|
|
|
|
2020-06-23 04:34:23 -04:00
|
|
|
/**
|
|
|
|
* @brief Set wpa2 enterprise ttls phase2 method
|
|
|
|
*
|
|
|
|
* @param type: the type of phase 2 method to be used
|
|
|
|
*
|
|
|
|
* @return
|
|
|
|
* - ESP_OK: succeed
|
|
|
|
*/
|
|
|
|
esp_err_t esp_wifi_sta_wpa2_ent_set_ttls_phase2_method(esp_eap_ttls_phase2_types type);
|
|
|
|
|
2021-10-09 13:27:32 -04:00
|
|
|
/**
|
|
|
|
* @brief enable/disable 192 bit suite b certification checks
|
|
|
|
*
|
|
|
|
* @param enable: bool to enable/disable it.
|
|
|
|
*
|
|
|
|
* @return
|
|
|
|
* - ESP_OK: succeed
|
|
|
|
*/
|
|
|
|
esp_err_t esp_wifi_sta_wpa2_set_suiteb_192bit_certification(bool enable);
|
|
|
|
|
2021-08-30 06:12:32 -04:00
|
|
|
/**
|
|
|
|
* @brief Set client pac file
|
|
|
|
*
|
|
|
|
* @attention 1. For files read from the file system, length has to be decremented by 1 byte.
|
|
|
|
* @attention 2. Disabling the WPA_MBEDTLS_CRYPTO config is required to use EAP-FAST.
|
|
|
|
*
|
|
|
|
* @param pac_file: pointer to the pac file
|
|
|
|
* pac_file_len: length of the pac file
|
|
|
|
*
|
|
|
|
* @return
|
|
|
|
* - ESP_OK: succeed
|
|
|
|
* - ESP_ERR_NO_MEM: fail(internal memory malloc fail)
|
|
|
|
*/
|
|
|
|
esp_err_t esp_wifi_sta_wpa2_ent_set_pac_file(const unsigned char *pac_file, int pac_file_len);
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @brief Set Phase 1 parameters for EAP-FAST
|
|
|
|
*
|
|
|
|
* @attention 1. Disabling the WPA_MBEDTLS_CRYPTO config is required to use EAP-FAST.
|
|
|
|
*
|
|
|
|
* @param config: eap fast phase 1 configuration
|
|
|
|
*
|
|
|
|
* @return
|
|
|
|
* - ESP_OK: succeed
|
|
|
|
* - ESP_ERR_INVALID_ARG: fail(out of bound arguments)
|
|
|
|
* - ESP_ERR_NO_MEM: fail(internal memory malloc fail)
|
|
|
|
*/
|
|
|
|
esp_err_t esp_wifi_sta_wpa2_ent_set_fast_phase1_params(esp_eap_fast_config config);
|
|
|
|
|
2022-02-08 04:50:13 -05:00
|
|
|
/**
|
|
|
|
* @brief Use default CA cert bundle for server validation
|
|
|
|
*
|
|
|
|
* @use_default_bundle : whether to use bundle or not
|
|
|
|
*
|
|
|
|
* @return
|
|
|
|
* - ESP_OK: succeed
|
|
|
|
* - ESP_FAIL: fail
|
|
|
|
*/
|
|
|
|
esp_err_t esp_wifi_sta_wpa2_use_default_cert_bundle(bool use_default_bundle);
|
|
|
|
|
2016-11-10 21:38:57 -05:00
|
|
|
#ifdef __cplusplus
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
#endif
|