Merge branch 'feature/wpa2_example' into 'master'

wpa2 enterprise: add example for wpa2 enterprise



See merge request !410

components/esp32/lib

@@ -1 +1 @@
-Subproject commit 01351616820811bc08e7f7bd24e448df7897eedf
+Subproject commit c01bfe9038e59fc0dc15947c1bf4616de006e103

examples/31_wpa2_enterprise/Makefile

@@ -0,0 +1,9 @@
+#
+# This is a project Makefile. It is assumed the directory this Makefile resides in is a
+# project subdirectory.
+#
+
+PROJECT_NAME := wpa2-enterprise
+
+include $(IDF_PATH)/make/project.mk
+

examples/31_wpa2_enterprise/README.md

@@ -0,0 +1,76 @@
+# WPA2 Enterprise Example
+
+This example shows how ESP32 connects to AP with wpa2 enterprise encryption. Example does the following steps:
+
+1. Install CA certificate which is optional.
+2. Install client certificate and client key which is required in TLS method and optional in PEAP and TTLS methods.
+3. Set identity of phase 1 which is optional.
+4. Set user name and password of phase 2 which is required in PEAP and TTLS methods.
+5. Enable wpa2 enterprise.
+6. Connect to AP.
+
+*Note:* certificate currently is generated when compiling the example and then stored in flash.
+
+## The file wpa2_ca.pem, wpa2_ca.key, wpa2_server.pem, wpa2_server.crt and wpa2_server.key can be used to configure AP with
+   wpa2 enterprise encryption. The steps how to generate new certificates and keys using openssl is as follows:
+   
+1. wpa2_ca.pem wpa2_ca.key:
+    openssl req -new -x509 -keyout wpa2_ca.key -out wpa2_ca.pem
+2. wpa2_server.key:
+    openssl req -new -key wpa2_server.key -out wpa2_server.csr
+3. wpa2_csr:
+    openssl req -new -key server.key -out server.csr
+4. wpa2_server.crt:
+    openssl ca -batch -keyfile wpa2_ca.key -cert wpa2_ca.pem -in wpa2_server.csr -key ca1234 -out wpa2_server.crt -extensions xpserver_ext -extfile xpextensions
+5. wpa2_server.p12:
+    openssl pkcs12 -export -in wpa2_server.crt -inkey wpa2_server.key -out wpa2_server.p12 -passin pass:sv1234 -passout pass:sv1234
+6. wpa2_server.pem:
+    openssl pkcs12 -in wpa2_server.p12 -out wpa2_server.pem -passin pass:sv1234 -passout pass:sv1234
+7. wpa2_client.key:
+    openssl genrsa -out wpa2_client.key 1024
+8. wpa2_client.csr:
+    openssl req -new -key wpa2_client.key -out wpa2_client.csr
+9. wpa2_client.crt:
+    openssl ca -batch -keyfile wpa2_ca.key -cert wpa2_ca.pem -in wpa2_client.csr -key ca1234 -out wpa2_client.crt -extensions xpclient_ext -extfile xpextensions
+10. wpa2_client.p12:
+    openssl pkcs12 -export -in wpa2_client.crt -inkey wpa2_client.key -out wpa2_client.p12
+11. wpa2_client.pem:
+    openssl pkcs12 -in wpa2_client.p12 -out wpa2_client.pem
+
+### Example output
+
+Here is an example of wpa2 enterprise(PEAP method) console output.
+
+I (1352) example: Setting WiFi configuration SSID wpa2_test...
+I (1362) wpa: WPA2 ENTERPRISE VERSION: [v2.0] enable
+
+I (1362) wifi: rx_ba=1 tx_ba=1
+
+I (1372) wifi: mode : sta (24:0a:c4:03:b8:dc)
+I (3002) wifi: n:11 0, o:1 0, ap:255 255, sta:11 0, prof:11
+I (3642) wifi: state: init -> auth (b0)
+I (3642) wifi: state: auth -> assoc (0)
+I (3652) wifi: state: assoc -> run (10)
+I (3652) wpa: wpa2_task prio:24, stack:6144
+
+I (3972) wpa: >>>>>wpa2 FINISH
+
+I (3982) wpa: wpa2 task delete
+
+I (3992) wifi: connected with wpa2_test, channel 11
+I (5372) example: ~~~~~~~~~~~
+I (5372) example: IP:0.0.0.0
+I (5372) example: MASK:0.0.0.0
+I (5372) example: GW:0.0.0.0
+I (5372) example: ~~~~~~~~~~~
+I (6832) event: ip: 192.168.1.112, mask: 255.255.255.0, gw: 192.168.1.1
+I (7372) example: ~~~~~~~~~~~
+I (7372) example: IP:192.168.1.112
+I (7372) example: MASK:255.255.255.0
+I (7372) example: GW:192.168.1.1
+I (7372) example: ~~~~~~~~~~~
+I (9372) example: ~~~~~~~~~~~
+I (9372) example: IP:192.168.1.112
+I (9372) example: MASK:255.255.255.0
+I (9372) example: GW:192.168.1.1
+I (9372) example: ~~~~~~~~~~~

examples/31_wpa2_enterprise/main/Kconfig.projbuild

@@ -0,0 +1,34 @@
+menu "Example Configuration"
+
+config WIFI_SSID
+    string "WiFi SSID"
+    default "wpa2_test"
+    help
+        SSID (network name) for the example to connect to.
+
+config EAP_METHOD
+    int "EAP METHOD"
+    default 1
+    help
+        EAP method (TLS, PEAP or TTLS) for the example to use.
+        TLS: 0, PEAP: 1, TTLS: 2
+		
+config EAP_ID
+    string "EAP ID"
+    default "example@espressif.com"
+    help
+        Identity in phase 1 of EAP procedure.
+        
+config EAP_USERNAME
+    string "EAP USERNAME"
+    default "espressif"
+    help
+        Username for EAP method (PEAP and TTLS).
+        
+config EAP_PASSWORD
+    string "EAP PASSWORD"
+    default "test11"
+    help
+        Password for EAP method (PEAP and TTLS).
+
+endmenu

examples/31_wpa2_enterprise/main/component.mk

@@ -0,0 +1,12 @@
+#
+# "main" pseudo-component makefile.
+#
+# (Uses default behaviour of compiling all source files in directory, adding 'include' to include path.)
+
+# embed files from the "certs" directory as binary data symbols
+# in the app
+COMPONENT_EMBED_TXTFILES := wpa2_ca.pem
+COMPONENT_EMBED_TXTFILES += wpa2_client.crt
+COMPONENT_EMBED_TXTFILES += wpa2_client.key
+
+

examples/31_wpa2_enterprise/main/wpa2_ca.pem

@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIID3DCCA0WgAwIBAgIJANe5ZSCKoB8fMA0GCSqGSIb3DQEBCwUAMIGTMQswCQYD
+VQQGEwJGUjEPMA0GA1UECAwGUmFkaXVzMRIwEAYDVQQHDAlTb21ld2hlcmUxFTAT
+BgNVBAoMDEV4YW1wbGUgSW5jLjEgMB4GCSqGSIb3DQEJARYRYWRtaW5AZXhhbXBs
+ZS5jb20xJjAkBgNVBAMMHUV4YW1wbGUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4X
+DTE2MTEyMzAyNTUwN1oXDTE3MDEyMjAyNTUwN1owgZMxCzAJBgNVBAYTAkZSMQ8w
+DQYDVQQIDAZSYWRpdXMxEjAQBgNVBAcMCVNvbWV3aGVyZTEVMBMGA1UECgwMRXhh
+bXBsZSBJbmMuMSAwHgYJKoZIhvcNAQkBFhFhZG1pbkBleGFtcGxlLmNvbTEmMCQG
+A1UEAwwdRXhhbXBsZSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwgZ8wDQYJKoZIhvcN
+AQEBBQADgY0AMIGJAoGBAL03y7N2GvNDO9BN8fVtdNonp0bMiqpj1D0He5+OTM+9
+3ZTIsJCNrbzhLQrRI3vMW7UDy8U7GeWORN9W4dWYlYiy/NFRp3hNMrbePhVmNIOV
+ww4ovGzbD+Xo31gPVkhzQ8I5/jbOIQBmgKMAMZyOMlG9VD6yMmAeYqnZYz68WHKt
+AgMBAAGjggE0MIIBMDAdBgNVHQ4EFgQUf1MLQIzAEZcRsgZlS8sosfmVI+UwgcgG
+A1UdIwSBwDCBvYAUf1MLQIzAEZcRsgZlS8sosfmVI+WhgZmkgZYwgZMxCzAJBgNV
+BAYTAkZSMQ8wDQYDVQQIDAZSYWRpdXMxEjAQBgNVBAcMCVNvbWV3aGVyZTEVMBMG
+A1UECgwMRXhhbXBsZSBJbmMuMSAwHgYJKoZIhvcNAQkBFhFhZG1pbkBleGFtcGxl
+LmNvbTEmMCQGA1UEAwwdRXhhbXBsZSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHmCCQDX
+uWUgiqAfHzAMBgNVHRMEBTADAQH/MDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly93
+d3cuZXhhbXBsZS5jb20vZXhhbXBsZV9jYS5jcmwwDQYJKoZIhvcNAQELBQADgYEA
+GepHc7TE/P+5t/cZPn5TTQkWQ/4/1lgQd82lF36RYWSIW3BdAc0zwYWYZaWixxyp
+s0YOqwz6PZAGRV+SlYO2f8Kf+C3aZs4YHB0GsmksmFOb8r9d7xcDuOKHoA+QV0Zw
+RaK6pttsBAxy7rw3kX/CgTp0Y2puaLdMXv/v9FisCP8=
+-----END CERTIFICATE-----

examples/31_wpa2_enterprise/main/wpa2_client.crt

@@ -0,0 +1,70 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 44 (0x2c)
+    Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=FR, ST=Radius, L=Somewhere, O=Example Inc./emailAddress=admin@example.com, CN=Example Certificate Authority
+        Validity
+            Not Before: Nov 23 02:55:07 2016 GMT
+            Not After : Jan 22 02:55:07 2017 GMT
+        Subject: C=FR, ST=Radius, O=Example Inc., CN=user@example.com/emailAddress=user@example.com
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (2048 bit)
+                Modulus:
+                    00:ac:41:d4:a2:46:0c:dc:67:1d:7b:89:36:7c:15:
+                    be:a2:c1:fe:4c:f2:fa:af:5d:76:0e:ee:b5:ca:d4:
+                    d3:01:c8:6b:30:50:df:2d:57:17:f4:43:47:97:ca:
+                    f1:8d:f7:c0:9d:56:b3:e7:17:7c:58:59:de:f3:be:
+                    b5:08:5d:f8:3a:ad:83:44:0d:31:c9:f1:3d:f1:9a:
+                    cf:84:0c:ad:d3:be:5c:bd:3d:58:b5:1d:2c:fe:70:
+                    8d:c5:b0:17:87:d4:8e:85:f7:51:4c:0f:d1:e0:8c:
+                    7b:a0:25:ab:91:7c:7f:eb:47:73:c9:4b:6c:8b:e6:
+                    c1:06:d5:94:30:63:ec:45:1a:f5:7f:46:2f:b3:84:
+                    78:5d:1c:37:1a:fa:57:ea:45:5e:45:40:ab:14:c7:
+                    81:b0:26:3d:7e:cf:da:db:f0:f1:40:a7:a1:4b:54:
+                    f3:96:1b:c9:30:3c:3c:d8:19:ba:c7:df:b1:ad:a2:
+                    d6:17:0a:d6:ed:31:b5:cb:12:39:f5:6e:92:6b:85:
+                    f2:9e:c7:06:6b:bb:89:ed:a7:5f:ec:56:12:46:fd:
+                    3a:74:d1:d2:31:30:1d:58:19:25:33:ff:11:ea:3a:
+                    52:33:b1:fb:d3:75:8d:1f:5e:36:a5:35:e0:11:5a:
+                    4a:2d:97:58:2c:3d:62:3c:32:af:83:69:a9:1a:32:
+                    1b:b7
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Extended Key Usage: 
+                TLS Web Client Authentication
+            X509v3 CRL Distribution Points: 
+
+                Full Name:
+                  URI:http://www.example.com/example_ca.crl
+
+    Signature Algorithm: sha1WithRSAEncryption
+         8b:8d:b6:19:ce:6f:6b:9e:1d:03:8b:6b:10:fc:99:d0:7a:2f:
+         e0:37:ce:b8:a4:e4:b9:a1:c2:36:ff:76:b2:ad:d7:d0:df:d1:
+         03:27:93:a7:4e:1e:bf:ed:d2:b7:65:2a:c9:c3:ab:20:aa:e3:
+         10:4c:75:3b:c4:02:ab:34:08:6e:61:91:cf:e3:02:35:6a:e5:
+         f3:25:96:51:92:82:6e:52:81:c1:f1:7b:68:02:b0:ce:f4:ba:
+         fd:6e:68:35:b3:7e:77:cb:a0:1e:11:5e:58:bf:f3:2a:ed:b3:
+         4c:82:21:5e:1b:47:b6:2f:f3:f5:c9:1b:6a:70:44:6d:ff:ad:
+         a6:e3
+-----BEGIN CERTIFICATE-----
+MIIDTjCCAregAwIBAgIBLDANBgkqhkiG9w0BAQUFADCBkzELMAkGA1UEBhMCRlIx
+DzANBgNVBAgMBlJhZGl1czESMBAGA1UEBwwJU29tZXdoZXJlMRUwEwYDVQQKDAxF
+eGFtcGxlIEluYy4xIDAeBgkqhkiG9w0BCQEWEWFkbWluQGV4YW1wbGUuY29tMSYw
+JAYDVQQDDB1FeGFtcGxlIENlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xNjExMjMw
+MjU1MDdaFw0xNzAxMjIwMjU1MDdaMHExCzAJBgNVBAYTAkZSMQ8wDQYDVQQIDAZS
+YWRpdXMxFTATBgNVBAoMDEV4YW1wbGUgSW5jLjEZMBcGA1UEAwwQdXNlckBleGFt
+cGxlLmNvbTEfMB0GCSqGSIb3DQEJARYQdXNlckBleGFtcGxlLmNvbTCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKxB1KJGDNxnHXuJNnwVvqLB/kzy+q9d
+dg7utcrU0wHIazBQ3y1XF/RDR5fK8Y33wJ1Ws+cXfFhZ3vO+tQhd+Dqtg0QNMcnx
+PfGaz4QMrdO+XL09WLUdLP5wjcWwF4fUjoX3UUwP0eCMe6Alq5F8f+tHc8lLbIvm
+wQbVlDBj7EUa9X9GL7OEeF0cNxr6V+pFXkVAqxTHgbAmPX7P2tvw8UCnoUtU85Yb
+yTA8PNgZusffsa2i1hcK1u0xtcsSOfVukmuF8p7HBmu7ie2nX+xWEkb9OnTR0jEw
+HVgZJTP/Eeo6UjOx+9N1jR9eNqU14BFaSi2XWCw9Yjwyr4NpqRoyG7cCAwEAAaNP
+ME0wEwYDVR0lBAwwCgYIKwYBBQUHAwIwNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDov
+L3d3dy5leGFtcGxlLmNvbS9leGFtcGxlX2NhLmNybDANBgkqhkiG9w0BAQUFAAOB
+gQCLjbYZzm9rnh0Di2sQ/JnQei/gN864pOS5ocI2/3ayrdfQ39EDJ5OnTh6/7dK3
+ZSrJw6sgquMQTHU7xAKrNAhuYZHP4wI1auXzJZZRkoJuUoHB8XtoArDO9Lr9bmg1
+s353y6AeEV5Yv/Mq7bNMgiFeG0e2L/P1yRtqcERt/62m4w==
+-----END CERTIFICATE-----

examples/31_wpa2_enterprise/main/wpa2_client.key

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpgIBAAKCAQEArEHUokYM3Gcde4k2fBW+osH+TPL6r112Du61ytTTAchrMFDf
+LVcX9ENHl8rxjffAnVaz5xd8WFne8761CF34Oq2DRA0xyfE98ZrPhAyt075cvT1Y
+tR0s/nCNxbAXh9SOhfdRTA/R4Ix7oCWrkXx/60dzyUtsi+bBBtWUMGPsRRr1f0Yv
+s4R4XRw3GvpX6kVeRUCrFMeBsCY9fs/a2/DxQKehS1TzlhvJMDw82Bm6x9+xraLW
+FwrW7TG1yxI59W6Sa4XynscGa7uJ7adf7FYSRv06dNHSMTAdWBklM/8R6jpSM7H7
+03WNH142pTXgEVpKLZdYLD1iPDKvg2mpGjIbtwIDAQABAoIBAQCMhO9GqUpYia2d
+VyOhOcPX1dTzRMuHPwDN0aFvIwo2zB3UvkQxInkiA7hldWJz44W3VEFR5PDEyht8
+Tzgy6SVUCLOqUfEpwag8bYOXPxiWQRY6Mc8pf/FyZrLgb3PilFznoAcru0QEn9VB
+oTlCZ4OalSE5NlQIFGemgZhvmTPmcm4OwPW2diBjLtb3AA8eaaw8okWZwr8g4Bcd
+el5KX6pZpDRpGQueh3iKaKxYWbxLYK+c30gKWD65tsAqKyVg2Tm1R2c+kFXgizZt
+EexD95SGMjSkGg3R05sKv6m71iJhlOzVQ4ZCKm18Kqa7wZuZ4SIehVmKIV0gaupz
+gjyr7+NBAoGBAOGjjGI3nxJTZY3O+KeaQo/jqrKowqZxzMOsCgAvW56xDuAvx9TJ
+m4428NGubMl/0RwX6TnxJDm6oe+tnOxLIgE/VnsQLiNzQuFJxrs5JYctdGc4uvk2
+KuXDr7tPEYlU/7OLRReov9emydIXJnsGejkIPllUj+DGNjNFqtXh2VoHAoGBAMNv
+eSgJSkcM6AUaDuUKaXBL2nkKHNoTtRQ0eCEUds6arKyMo0mSP753FNEuOWToVz1O
+oaddSFw81J9t+Xd6XSRbhMj63bQ9nvFKBA1lJfLu+xe3ts0f+vmp1PguOuUHsgNP
+aAm/gLPSKUpBO46NG6KhUrZ2ej6AEg7SuGXrDITRAoGBAKK7s6m6d81dvGZ0GT23
+sb3Y8ul7cTdd59JPp77OaQOgqxvhGfxLkxcUZMa1R9xjhMsAK8MQOZIxGk2kJwL8
+hP/lUFfdKYmDvX6CGQQ6iOhfTg6MCb1m5bVkVr9+nSUw2mIBVclkeUftEK2m6Kfd
+2hR774u5wzLXgYuk+TrcckfNAoGBAJ9X8hacjH0lnr8aIe7I8HLoxbZOcnuz+b4B
+kbiW8M8++W6uNCw2G9b1THnJEG6fqRGJXPASdH8P8eQTTIUHtY2BOOCM+dqNK1xc
+FrW9NJXAF+WcmmTgoEaTG9tGBirafV+JjK/1/b+fqJ6sVRzDHDcbBU9ThhQTY6XG
+VSZz4H8hAoGBAMeQQjiUlKBnpGt1oTgKDZo58b7ui61yftg+dEAwIKs6eb5X20vZ
+Ca4v/zg06k9lKTzyspQjJZuzpMjFUvDK4ReamEvmwQTIc+oYVJm9Af1HUytzrHJH
+u0/dDt0eYpZpzrFqxlP+0oXxlegD8REMVvwNCy+4isyCvjogDaYRfJqi
+-----END RSA PRIVATE KEY-----

examples/31_wpa2_enterprise/main/wpa2_client.pem

@@ -0,0 +1,57 @@
+Bag Attributes
+    localKeyID: E1 2F DD 9A 78 71 54 6D 59 57 AA 6A 9F 92 3B 5C CC AB A3 64 
+subject=/C=FR/ST=Radius/O=Example Inc./CN=user@example.com/emailAddress=user@example.com
+issuer=/C=FR/ST=Radius/L=Somewhere/O=Example Inc./emailAddress=admin@example.com/CN=Example Certificate Authority
+-----BEGIN CERTIFICATE-----
+MIIDTjCCAregAwIBAgIBLDANBgkqhkiG9w0BAQUFADCBkzELMAkGA1UEBhMCRlIx
+DzANBgNVBAgMBlJhZGl1czESMBAGA1UEBwwJU29tZXdoZXJlMRUwEwYDVQQKDAxF
+eGFtcGxlIEluYy4xIDAeBgkqhkiG9w0BCQEWEWFkbWluQGV4YW1wbGUuY29tMSYw
+JAYDVQQDDB1FeGFtcGxlIENlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xNjExMjMw
+MjU1MDdaFw0xNzAxMjIwMjU1MDdaMHExCzAJBgNVBAYTAkZSMQ8wDQYDVQQIDAZS
+YWRpdXMxFTATBgNVBAoMDEV4YW1wbGUgSW5jLjEZMBcGA1UEAwwQdXNlckBleGFt
+cGxlLmNvbTEfMB0GCSqGSIb3DQEJARYQdXNlckBleGFtcGxlLmNvbTCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKxB1KJGDNxnHXuJNnwVvqLB/kzy+q9d
+dg7utcrU0wHIazBQ3y1XF/RDR5fK8Y33wJ1Ws+cXfFhZ3vO+tQhd+Dqtg0QNMcnx
+PfGaz4QMrdO+XL09WLUdLP5wjcWwF4fUjoX3UUwP0eCMe6Alq5F8f+tHc8lLbIvm
+wQbVlDBj7EUa9X9GL7OEeF0cNxr6V+pFXkVAqxTHgbAmPX7P2tvw8UCnoUtU85Yb
+yTA8PNgZusffsa2i1hcK1u0xtcsSOfVukmuF8p7HBmu7ie2nX+xWEkb9OnTR0jEw
+HVgZJTP/Eeo6UjOx+9N1jR9eNqU14BFaSi2XWCw9Yjwyr4NpqRoyG7cCAwEAAaNP
+ME0wEwYDVR0lBAwwCgYIKwYBBQUHAwIwNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDov
+L3d3dy5leGFtcGxlLmNvbS9leGFtcGxlX2NhLmNybDANBgkqhkiG9w0BAQUFAAOB
+gQCLjbYZzm9rnh0Di2sQ/JnQei/gN864pOS5ocI2/3ayrdfQ39EDJ5OnTh6/7dK3
+ZSrJw6sgquMQTHU7xAKrNAhuYZHP4wI1auXzJZZRkoJuUoHB8XtoArDO9Lr9bmg1
+s353y6AeEV5Yv/Mq7bNMgiFeG0e2L/P1yRtqcERt/62m4w==
+-----END CERTIFICATE-----
+Bag Attributes
+    localKeyID: E1 2F DD 9A 78 71 54 6D 59 57 AA 6A 9F 92 3B 5C CC AB A3 64 
+Key Attributes: <No Attributes>
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIdQ9mH9ZzfJECAggA
+MBQGCCqGSIb3DQMHBAhDtvRRe/rZHgSCBMhNLBUX5dw3KAHBXkTJDqa9EjOCbD0i
+kMGxvoVE3Vrotoh5rMiGlPg+qOTaKT7kd3Yl6bwxF1sV0GyzuSJn+legjV9oXuVK
+rI3NWeZr7KG18IP+ZGPs4fDRKnCiKK6cCopF1mzvRhzts5stlOqQkp1Dv9+A7Gyp
+OarBK6x3p5db1mznOMdwzD8vyOxGhE98Zq6yDaDz1yKm6mtOLc8RQ1zbwEE1nkcc
+J1R73A77E8dY6Rq7E4ec6d+rHki79yskq6eu30ECzC3VUSn6wdKXKKJgvn1V3dNf
+QyRdMwXFVXySaGcBaq3zQp9qW+ISesvEstH9fN/GSzoDqe1OqTbe9pLCUtmVksAg
+9z4et+OHYdk1c6X+5VI0ywg4t0qjOCOTacJSzw0/lC8OhNTH0jQDFAoIMOIvLuyO
+pdNUcaGiWPKS1WjWEMiPPusrPiDXZ5T88go35rGnZJRUK6ighSdtKPKG3qPAslMo
+Rn+eOiA2YJ5AorfkR63PI9MfCJbNVfmeTV/VoPXgjrtVNGtvrV54KeHwwLSJtyfj
+xqS1g7aSgTgzfoTgYtzxVwy1g3jJZjYlOd6hKBj+Zzl/7C4cyilI3rrKU1OCokAn
+xXFwKu2clrh1n3VHD+TdUP1lJD44uHuhgev2MmwOBGKGGNsGNqK9Jo7PCBeWyBSq
+d0vzlbo95mMJ5BxKEJex3pxNeTTtfRBjr0AJLuneUBDvjSfhltIvOeMXEfIPQCtU
+MTqjGmpgOTbMI4fEgprH7dULOHyn+Mn37sBMbtYHHk2D4FSJD2FkIP3KrudDf/Yr
+ePn2ACne2ot9mW9McvDZGDOq0fyrIMcCNTwxP52Z3CuJucwuAoTwiwSg9ZM3t4E9
+K1Fz10xwzctFip9XxpxADA9M/QRa9VBgt7pt114Z2y+/ba0hOZ9mCrdpcHGH8xkO
+kJhcCCg1tOLVl2AmUIVtdMDaJMgskq8tfeRTD6qp/JzKQCiz2OvcOG5ixgAhuOSn
+9WjCnM4hARhZ/OVDYvsugwELil6E4zpc7mawtNiMj4P7ad1O+/hDN5yVQiU/XzIg
+OJEV//FfnApcigay5Ne/n9K2morPIIDSQdet/2L6Y6DmtwM9B8qbzb/DjHfXK4nf
+hvvPXD+DUCOfrj3VdkgwY338anWFFQpYbju8nrIv7+vINys+y8HeiPQp5I9zw1XF
+q5tfEt4YfTO8hwqBNZL9yhS46CLgvvWavP1ZfvknvNqcvVvRMo60j0DDeZBW676v
+U251knuWH16m+/cozbelscwZxikhzxdYzudWjFlH+phOIIvnmCgEZKtN8OWxFoN/
+6YBLPO1jOkibGKV1GHVg0PHdSwYmc1H5CefPobow9XP/RCd8C9+eBmynzErMmeme
+4R2etPlsBt3mpakFoG7U+iNu89e4eOK2pzSrydfBSS6tUFXg5L7W5UrdWQ8vRyuc
+aLkwuzdVbM8adlcAyb1MVc+1G5JMJVRfPNNAfJkSti7VUqONoOnoUAUSXGpNwoXa
+ddctpxLmwsfjYEJ3OCLjFy06A2ZlikqtMi5H4sNytSp0Mfr06J4ZZmL8T1GHxYSP
+Xf51VEqiZpKHeBo7ZqrxKvGvFxzm6mGMy8LPpRfSy88z4rPjmP5qrXTbo9qBeo9G
+GlY=
+-----END ENCRYPTED PRIVATE KEY-----

examples/31_wpa2_enterprise/main/wpa2_enterprise_main.c

@@ -0,0 +1,154 @@
+/* WiFi Connection Example using WPA2 Enterprise
+ *
+ * Original Copyright (C) 2006-2016, ARM Limited, All Rights Reserved, Apache 2.0 License.
+ * Additions Copyright (C) Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD, Apache 2.0 License.
+ *
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#include <string.h>
+#include <stdlib.h>
+#include "freertos/FreeRTOS.h"
+#include "freertos/task.h"
+#include "freertos/event_groups.h"
+#include "esp_wifi.h"
+#include "esp_wpa2.h"
+#include "esp_event_loop.h"
+#include "esp_log.h"
+#include "esp_system.h"
+#include "nvs_flash.h"
+#include "tcpip_adapter.h"
+
+/* The examples use simple WiFi configuration that you can set via
+   'make menuconfig'.
+
+   If you'd rather not, just change the below entries to strings with
+   the config you want - ie #define EXAMPLE_WIFI_SSID "mywifissid"
+
+   You can choose EAP method via 'make menuconfig' according to the
+   configuration of AP.
+*/
+#define EXAMPLE_WIFI_SSID CONFIG_WIFI_SSID
+#define EXAMPLE_EAP_METHOD CONFIG_EAP_METHOD
+
+#define EXAMPLE_EAP_ID CONFIG_EAP_ID
+#define EXAMPLE_EAP_USERNAME CONFIG_EAP_USERNAME
+#define EXAMPLE_EAP_PASSWORD CONFIG_EAP_PASSWORD
+
+/* FreeRTOS event group to signal when we are connected & ready to make a request */
+static EventGroupHandle_t wifi_event_group;
+
+/* The event group allows multiple bits for each event,
+   but we only care about one event - are we connected
+   to the AP with an IP? */
+const int CONNECTED_BIT = BIT0;
+
+/* Constants that aren't configurable in menuconfig */
+#define EAP_PEAP 1
+#define EAP_TTLS 2
+
+static const char *TAG = "example";
+
+/* CA cert, taken from wpa2_ca.pem
+   Client cert, taken from wpa2_client.crt
+   Client key, taken from wpa2_client.key
+
+   The PEM, CRT and KEY file were provided by the person or organization
+   who configured the AP with wpa2 enterprise.
+
+   To embed it in the app binary, the PEM, CRT and KEY file is named
+   in the component.mk COMPONENT_EMBED_TXTFILES variable.
+*/
+extern uint8_t ca_pem_start[] asm("_binary_wpa2_ca_pem_start");
+extern uint8_t ca_pem_end[]   asm("_binary_wpa2_ca_pem_end");
+extern uint8_t client_crt_start[] asm("_binary_wpa2_client_crt_start");
+extern uint8_t client_crt_end[]   asm("_binary_wpa2_client_crt_end");
+extern uint8_t client_key_start[] asm("_binary_wpa2_client_key_start");
+extern uint8_t client_key_end[]   asm("_binary_wpa2_client_key_end");
+
+static esp_err_t event_handler(void *ctx, system_event_t *event)
+{
+    switch(event->event_id) {
+    case SYSTEM_EVENT_STA_START:
+        esp_wifi_connect();
+        break;
+    case SYSTEM_EVENT_STA_GOT_IP:
+        xEventGroupSetBits(wifi_event_group, CONNECTED_BIT);
+        break;
+    case SYSTEM_EVENT_STA_DISCONNECTED:
+        esp_wifi_connect();
+        xEventGroupClearBits(wifi_event_group, CONNECTED_BIT);
+        break;
+    default:
+        break;
+    }
+    return ESP_OK;
+}
+
+static void initialise_wifi(void)
+{
+    unsigned int ca_pem_bytes = ca_pem_end - ca_pem_start;
+    unsigned int client_crt_bytes = client_crt_end - client_crt_start;
+    unsigned int client_key_bytes = client_key_end - client_key_start;
+
+    tcpip_adapter_init();
+    wifi_event_group = xEventGroupCreate();
+    ESP_ERROR_CHECK( esp_event_loop_init(event_handler, NULL) );
+    wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT();
+    ESP_ERROR_CHECK( esp_wifi_init(&cfg) );
+    ESP_ERROR_CHECK( esp_wifi_set_storage(WIFI_STORAGE_RAM) );
+    wifi_config_t wifi_config = {
+        .sta = {
+            .ssid = EXAMPLE_WIFI_SSID,
+        },
+    };
+    ESP_LOGI(TAG, "Setting WiFi configuration SSID %s...", wifi_config.sta.ssid);
+    ESP_ERROR_CHECK( esp_wifi_set_mode(WIFI_MODE_STA) );
+    ESP_ERROR_CHECK( esp_wifi_set_config(ESP_IF_WIFI_STA, &wifi_config) );
+    ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_set_ca_cert(ca_pem_start, ca_pem_bytes) );
+    ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_set_cert_key(client_crt_start, client_crt_bytes,\
+    		client_key_start, client_key_bytes, NULL, 0) );
+    ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_set_identity((uint8_t *)EXAMPLE_EAP_ID, strlen(EXAMPLE_EAP_ID)) );
+    if (EXAMPLE_EAP_METHOD == EAP_PEAP || EXAMPLE_EAP_METHOD == EAP_TTLS) {
+        ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_set_username((uint8_t *)EXAMPLE_EAP_USERNAME, strlen(EXAMPLE_EAP_USERNAME)) );
+        ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_set_password((uint8_t *)EXAMPLE_EAP_PASSWORD, strlen(EXAMPLE_EAP_PASSWORD)) );
+    }
+    ESP_ERROR_CHECK( esp_wifi_sta_wpa2_ent_enable() );
+    ESP_ERROR_CHECK( esp_wifi_start() );
+}
+
+static void wpa2_enterprise_task(void *pvParameters)
+{
+    tcpip_adapter_ip_info_t ip;
+    memset(&ip, 0, sizeof(tcpip_adapter_ip_info_t));
+    vTaskDelay(2000 / portTICK_PERIOD_MS);
+
+    while (1) {
+        vTaskDelay(2000 / portTICK_PERIOD_MS);
+
+        if (tcpip_adapter_get_ip_info(ESP_IF_WIFI_STA, &ip) == 0) {
+            ESP_LOGI(TAG, "~~~~~~~~~~~");
+            ESP_LOGI(TAG, "IP:"IPSTR, IP2STR(&ip.ip));
+            ESP_LOGI(TAG, "MASK:"IPSTR, IP2STR(&ip.netmask));
+            ESP_LOGI(TAG, "GW:"IPSTR, IP2STR(&ip.gw));
+            ESP_LOGI(TAG, "~~~~~~~~~~~");
+        }
+    }
+}
+
+void app_main()
+{
+    nvs_flash_init();
+    initialise_wifi();
+    xTaskCreate(&wpa2_enterprise_task, "wpa2_enterprise_task", 4096, NULL, 5, NULL);
+}

examples/31_wpa2_enterprise/main/wpa2_server.crt

@@ -0,0 +1,70 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 43 (0x2b)
+    Signature Algorithm: sha1WithRSAEncryption
+        Issuer: C=FR, ST=Radius, L=Somewhere, O=Example Inc./emailAddress=admin@example.com, CN=Example Certificate Authority
+        Validity
+            Not Before: Nov 23 02:55:07 2016 GMT
+            Not After : Jan 22 02:55:07 2017 GMT
+        Subject: C=FR, ST=Radius, O=Example Inc., CN=Example Server Certificate/emailAddress=admin@example.com
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (2048 bit)
+                Modulus:
+                    00:ca:5d:86:b7:7a:3a:bc:f4:4d:d8:69:8c:25:bf:
+                    d1:d7:33:b7:76:ea:d9:ae:b6:78:14:d6:d5:ca:67:
+                    fd:f4:5c:13:d3:01:b4:bc:92:d5:a0:51:f5:fe:81:
+                    6f:da:28:33:07:08:20:e9:26:27:c6:ab:43:0b:7f:
+                    ce:7c:3b:c6:9c:a4:6c:85:22:3d:40:84:27:32:d6:
+                    a2:94:ed:14:29:4c:ef:d9:ac:d5:a3:ea:7d:47:76:
+                    18:57:7c:0a:4a:fe:ba:8f:b8:44:44:a5:62:e8:b0:
+                    dd:59:6b:d2:20:69:f1:64:e1:f6:d0:e5:9e:88:da:
+                    10:e5:58:18:fc:87:ce:2f:67:f6:9d:f8:ac:da:0f:
+                    2b:f5:58:30:04:13:1c:b5:71:ce:3d:26:c7:34:03:
+                    66:38:ca:8d:11:75:f0:0b:14:ab:98:b1:dc:cd:81:
+                    d2:68:33:96:d6:50:4f:a7:19:d0:20:15:5e:e0:18:
+                    8b:07:83:11:2d:3d:51:14:68:73:cd:f2:70:c6:59:
+                    50:cf:e1:f5:12:88:d5:71:de:1d:92:2e:7d:d1:8b:
+                    09:fe:b4:17:bd:7e:73:07:c0:a1:6a:f3:af:80:3b:
+                    e4:d7:62:6d:1c:15:93:92:47:25:bd:f6:50:02:3e:
+                    9c:00:7d:15:89:f2:38:10:95:f2:ef:09:fa:b5:cf:
+                    90:63
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Extended Key Usage: 
+                TLS Web Server Authentication
+            X509v3 CRL Distribution Points: 
+
+                Full Name:
+                  URI:http://www.example.com/example_ca.crl
+
+    Signature Algorithm: sha1WithRSAEncryption
+         92:f8:06:4b:32:4f:f1:22:18:9c:67:dc:28:03:82:ee:14:0a:
+         59:a9:07:bb:1e:44:80:8e:a0:69:28:03:bd:04:87:5f:0c:86:
+         80:63:db:47:ea:06:25:9e:7f:67:ef:16:77:37:02:8f:00:6a:
+         59:cd:00:06:19:b0:43:34:8c:14:bf:29:fd:e0:8c:57:0f:63:
+         7b:73:68:70:8a:13:ff:2d:39:a5:a7:69:fb:7b:13:3a:2c:09:
+         b5:c1:15:d8:7a:2f:77:33:16:7f:41:08:be:23:61:ac:aa:92:
+         3f:38:40:06:87:3c:63:86:16:ba:4a:2d:ea:04:36:5a:fd:c7:
+         80:8d
+-----BEGIN CERTIFICATE-----
+MIIDWTCCAsKgAwIBAgIBKzANBgkqhkiG9w0BAQUFADCBkzELMAkGA1UEBhMCRlIx
+DzANBgNVBAgMBlJhZGl1czESMBAGA1UEBwwJU29tZXdoZXJlMRUwEwYDVQQKDAxF
+eGFtcGxlIEluYy4xIDAeBgkqhkiG9w0BCQEWEWFkbWluQGV4YW1wbGUuY29tMSYw
+JAYDVQQDDB1FeGFtcGxlIENlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xNjExMjMw
+MjU1MDdaFw0xNzAxMjIwMjU1MDdaMHwxCzAJBgNVBAYTAkZSMQ8wDQYDVQQIDAZS
+YWRpdXMxFTATBgNVBAoMDEV4YW1wbGUgSW5jLjEjMCEGA1UEAwwaRXhhbXBsZSBT
+ZXJ2ZXIgQ2VydGlmaWNhdGUxIDAeBgkqhkiG9w0BCQEWEWFkbWluQGV4YW1wbGUu
+Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyl2Gt3o6vPRN2GmM
+Jb/R1zO3durZrrZ4FNbVymf99FwT0wG0vJLVoFH1/oFv2igzBwgg6SYnxqtDC3/O
+fDvGnKRshSI9QIQnMtailO0UKUzv2azVo+p9R3YYV3wKSv66j7hERKVi6LDdWWvS
+IGnxZOH20OWeiNoQ5VgY/IfOL2f2nfis2g8r9VgwBBMctXHOPSbHNANmOMqNEXXw
+CxSrmLHczYHSaDOW1lBPpxnQIBVe4BiLB4MRLT1RFGhzzfJwxllQz+H1EojVcd4d
+ki590YsJ/rQXvX5zB8ChavOvgDvk12JtHBWTkkclvfZQAj6cAH0VifI4EJXy7wn6
+tc+QYwIDAQABo08wTTATBgNVHSUEDDAKBggrBgEFBQcDATA2BgNVHR8ELzAtMCug
+KaAnhiVodHRwOi8vd3d3LmV4YW1wbGUuY29tL2V4YW1wbGVfY2EuY3JsMA0GCSqG
+SIb3DQEBBQUAA4GBAJL4BksyT/EiGJxn3CgDgu4UClmpB7seRICOoGkoA70Eh18M
+hoBj20fqBiWef2fvFnc3Ao8AalnNAAYZsEM0jBS/Kf3gjFcPY3tzaHCKE/8tOaWn
+aft7EzosCbXBFdh6L3czFn9BCL4jYayqkj84QAaHPGOGFrpKLeoENlr9x4CN
+-----END CERTIFICATE-----

examples/31_wpa2_enterprise/main/wpa2_server.key

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEogIBAAKCAQEAyl2Gt3o6vPRN2GmMJb/R1zO3durZrrZ4FNbVymf99FwT0wG0
+vJLVoFH1/oFv2igzBwgg6SYnxqtDC3/OfDvGnKRshSI9QIQnMtailO0UKUzv2azV
+o+p9R3YYV3wKSv66j7hERKVi6LDdWWvSIGnxZOH20OWeiNoQ5VgY/IfOL2f2nfis
+2g8r9VgwBBMctXHOPSbHNANmOMqNEXXwCxSrmLHczYHSaDOW1lBPpxnQIBVe4BiL
+B4MRLT1RFGhzzfJwxllQz+H1EojVcd4dki590YsJ/rQXvX5zB8ChavOvgDvk12Jt
+HBWTkkclvfZQAj6cAH0VifI4EJXy7wn6tc+QYwIDAQABAoIBAHN/BZBaNoP5eyR0
+uQQigoUsgx1f1HWettJN+x7WU17P3pCjfJ/TvhEONjPXdBsyrkzpGr92g2UkAdPi
+Udsd0rE8NqOVcxgLVMPzND+DP+qCerHlrtkqz+2lPSdRKB69W4UDShNTwSvFJdAP
+dZICZT+Kp+953g2FR/ddXIVkjQ0IaKN8gD4j+JKpfVGMpKlYdUf8gK6Ag71VtUa5
+XzRDS4A9ytrpNcmaXaOhCVPdgCg20CULgpg6B6dG3XWzC16Erf8rMl0fsAB31K9a
+qF87QS14JavdW1vdUFXCyqre9N58NUKxQjuhNADSB2sJEXkP2uhPcL+72Li8deRO
+8MJgckECgYEA8ryoRI7bKn907Kx4Go7G4NS3hwuTd9jhhS8iQ1tatkQdqnBXnuWU
+X20i02vYQGoZGsOl+DTgY2IWRYBPkGT+RwklJxCvYkZvOCgHaipoWsF+EOptv5Au
+4ZERlBCWXzWdEgnx5nCFJQFfWBm77iC+muPpB+SryQmTld/RwvihxBsCgYEA1Wwp
+Qq/5urpzz/uwNdMiMJ1lePi2HBvJeZOnw0LU+xUqXUkt6291CLhHNn8okPVeoNZP
+iKP0Lid6IO2yp/3iCT5w9NNOMFlyhrVMAxYOkrM8AxlYnCwoCOoqN5x+4RrJLVFL
+zrg+VN9vexfkOWdH9t8g+0gNn7MCX3adqy1/WVkCgYA4yXIEN/eGBbNw+xhN/kEA
+sEMPUOH7E74OzmwRnfmm0mCuUwHspoEDoiCXnY9F4oxk+oiFfLlSBsx3DgGPIlFq
+hPUwInMlZpz2Ykb5y1oGgWXgxzdNrYmKM8oM/aRwOba5VaJF6uT7N0r67WpN11NA
+ITmPIywdKCRi163XExulKQKBgHyMgI/AbrbANPH9adofeuZwFFXCn1RMCwn+V3sm
+N3DH609Bc6DgDKaoFDcDgkMGTtECAKw3Mjr1ItqwnQBYs169p+HYptqkeKeQiemL
+J7oJC06rrgCF7F83eKe3lnv7y8e8l8bt0sJpGn/1c2TklyTFFlROulSmfQ4FBQJu
+rNERAoGAec+0Wi5qYT917CPHqXcCUTg35kvtlLlgGdX6kNZRNszZUIF7O+wH4EJx
+yxu3cgxZ2FL95Kf/oyOOnlOkRJ/clJbNBVSEHvJh64GL0PZ5V5szsscoGr6KY7SO
+/kkJKC3OS/3fpto1/9yjJpoqJp9pzGU48PM0IKgd3ITQE6oOCCg=
+-----END RSA PRIVATE KEY-----

examples/31_wpa2_enterprise/main/wpa2_server.pem

@@ -0,0 +1,57 @@
+Bag Attributes
+    localKeyID: 4E 12 CF 3A FA D4 03 64 00 BB 98 1C 78 35 56 4A AC C3 1E 17 
+subject=/C=FR/ST=Radius/O=Example Inc./CN=Example Server Certificate/emailAddress=admin@example.com
+issuer=/C=FR/ST=Radius/L=Somewhere/O=Example Inc./emailAddress=admin@example.com/CN=Example Certificate Authority
+-----BEGIN CERTIFICATE-----
+MIIDWTCCAsKgAwIBAgIBKzANBgkqhkiG9w0BAQUFADCBkzELMAkGA1UEBhMCRlIx
+DzANBgNVBAgMBlJhZGl1czESMBAGA1UEBwwJU29tZXdoZXJlMRUwEwYDVQQKDAxF
+eGFtcGxlIEluYy4xIDAeBgkqhkiG9w0BCQEWEWFkbWluQGV4YW1wbGUuY29tMSYw
+JAYDVQQDDB1FeGFtcGxlIENlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xNjExMjMw
+MjU1MDdaFw0xNzAxMjIwMjU1MDdaMHwxCzAJBgNVBAYTAkZSMQ8wDQYDVQQIDAZS
+YWRpdXMxFTATBgNVBAoMDEV4YW1wbGUgSW5jLjEjMCEGA1UEAwwaRXhhbXBsZSBT
+ZXJ2ZXIgQ2VydGlmaWNhdGUxIDAeBgkqhkiG9w0BCQEWEWFkbWluQGV4YW1wbGUu
+Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyl2Gt3o6vPRN2GmM
+Jb/R1zO3durZrrZ4FNbVymf99FwT0wG0vJLVoFH1/oFv2igzBwgg6SYnxqtDC3/O
+fDvGnKRshSI9QIQnMtailO0UKUzv2azVo+p9R3YYV3wKSv66j7hERKVi6LDdWWvS
+IGnxZOH20OWeiNoQ5VgY/IfOL2f2nfis2g8r9VgwBBMctXHOPSbHNANmOMqNEXXw
+CxSrmLHczYHSaDOW1lBPpxnQIBVe4BiLB4MRLT1RFGhzzfJwxllQz+H1EojVcd4d
+ki590YsJ/rQXvX5zB8ChavOvgDvk12JtHBWTkkclvfZQAj6cAH0VifI4EJXy7wn6
+tc+QYwIDAQABo08wTTATBgNVHSUEDDAKBggrBgEFBQcDATA2BgNVHR8ELzAtMCug
+KaAnhiVodHRwOi8vd3d3LmV4YW1wbGUuY29tL2V4YW1wbGVfY2EuY3JsMA0GCSqG
+SIb3DQEBBQUAA4GBAJL4BksyT/EiGJxn3CgDgu4UClmpB7seRICOoGkoA70Eh18M
+hoBj20fqBiWef2fvFnc3Ao8AalnNAAYZsEM0jBS/Kf3gjFcPY3tzaHCKE/8tOaWn
+aft7EzosCbXBFdh6L3czFn9BCL4jYayqkj84QAaHPGOGFrpKLeoENlr9x4CN
+-----END CERTIFICATE-----
+Bag Attributes
+    localKeyID: 4E 12 CF 3A FA D4 03 64 00 BB 98 1C 78 35 56 4A AC C3 1E 17 
+Key Attributes: <No Attributes>
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIxxT4lUY0dvgCAggA
+MBQGCCqGSIb3DQMHBAiQ8/bzpj1InASCBMjU0Nl0/CMHnNAWZ6t1yb93vHJUHHsv
+0acQNqeN8ToS1Wz0delbNnJMZ5lkO3ei542d2HwbGW4KYgWuMBPh2qgpdnnUfBPE
+C6iCtGCDugVgZl3W7VPjQzMjsExuwYaZf7dhBkQEbuzuGXDrsZL3sauAeOla8V34
+yYESS9P7Jyd0prMgDG5yap9acorjiSLpqHsCogp/vlERSl8f/+yxY5dJuLo+54Z6
+Q8GjlpoiEUijy/Gs/BKcyTX3zddJm/yA3PF0JM8ZSH9K0pBa3l2VJYdizWGl3G59
+uozlMVZrg/KxDgfoe7QGit/WUGiq4fYXIUVKSKOfRmpD8YaTaUkGtoao9VjUYXul
+01yU3DSRct9O/r1MG9QQjmYSi05t+Cohp/FNd0WqLlKPilDK86Wu4xECjOI+KsOe
+kccUDBuaTMxdoYsq5Ge+V79YR1yABYtgkGymR9mS357Za9IlXxExhDBb2ky0MMlx
+DfgimcWOlc4IWGrhheezZaTjgUO/Q0izrxD/ZBYNUmSnYDpRj4mk/sxQ6aDytlEu
+ZSnTo+jbyXTh8nVwxhOB2PdWNmFOkRcGOJci8MErd8ArdWniw68MoYwhHTabDpwo
+0nEs1MhqoiMAgn7iluN+cscV7pz4n5zriZX3Rw1ivcUPQ8RR6y5h/nR9Du5fCyRm
+v5vF01w+o+XejU54DyqRptWiR6yHDJer2TIUqTjKt4NQENZyXEMh+ls6arjZ0mRp
+i8rv3M/Z8NLcTQ7lD/gAGTWxzsNIfMcBQX9X9R6V4BmzhmQQA+/pbLh2IOOVPXO3
+sUGXChyQSa5xE1VpVle28Q3GqKq03W0W+8EtGy889px9/MGWLfCMrJNCv4zH7d/j
+FTRkiNdtBZrmWTyUgBVgQoTVPxyzBBC11HXzRGxiEQft/NFwd0dzKoNfNsgGGa0Q
+AzKmPJselaJdqol961z3RbzEpfyqvSnMbui/iIMV2lTEc/EQWoaQ3SGHf3qdhlQ5
+MScGocq+hskrMmgW1XVG3HDowdC5K5sKXUYJmixNGHWXFao/FZUAVBmQD+290Qkl
+EMKQ2xw3PJ2tk47EpdscixayDpiOJQEdgys3oA1W06bIpxNaERYObqp8M62fet9I
+wuRZyNWuKVyyilyB9sTjmgD55BXt6B+jkmkwHq15RA85AbsHHttugyMA//V+oiYt
+B0BmSKpzSr6nEnr+0NiWybWlN97yLHUrtFiLMyKb6+qAMbxdsET6vfWsASuC21Lq
+ZHgW3EofIEDz7r59w4NHwCLGBttpgKLkmrvjt17cMdmsEXbWFgw+9pi/uqEaRaq5
+/ekb9uPzbS7o4ArGQ+WBFUA6ONV98i2ZMOmfvq/dgBAQcRLlI7Cp+yikcMbzJ3Aq
+VJc53y0Gl8awDXMbOiH0l1ij+3mQ5xPZbuv2ofcg+4enoK1cclG6ryWWGPMDcAg2
+JivgEzn6eFsiPRnlidrJUy6zJYxCsjSPodcbFH7DXnwPA8+C9P1it2bnqPdQWzXA
+JiUFtvmRgEVmOAVCbZLkNPa+K0K8Ymzu3ZYchVMduxJh1xNKId+FM2BGOmlYqDUJ
+jnGqHciOxd+0crjaPd0isxUgS7bTd3XdQEIkT/yESS9aJEHsnBFkEXsXSDpxpf7a
+dE4=
+-----END ENCRYPTED PRIVATE KEY-----