WPA2Ent: explicitely set certificates

Author: facchinm

src/WiFi.cpp

@@ -27,6 +27,18 @@ extern "C" {
   #include "utility/debug.h"
 }
 
+void WPA2EnterpriseClass::addCACertificate(const char* ca_pem) {
+	WiFiDrv::wpa2EntSetCACertificate(ca_pem);
+}
+
+void WPA2EnterpriseClass::addClientCertificate(const char* client_crt, const char* client_key) {
+	// TODO: make sure that client_crt is not bigger tahn 4050bytes
+	WiFiDrv::wpa2EntSetClientCertificate(client_crt, client_key);
+}
+
+// singleton
+WPA2EnterpriseClass WPA2Enterprise;
+
 WiFiClass::WiFiClass() : _timeout(50000)
 {
 }
@@ -156,25 +168,13 @@ uint8_t WiFiClass::beginAP(const char *ssid, const char* passphrase, uint8_t cha
     return status;
 }
 
-void WiFiClass::config(WPA2Enterprise& data)
+int WiFiClass::beginEnterprise(const char *ssid, const char* username, const char* password)
 {
-	WiFiDrv::wpa2EntSetIdentity(data.identity.c_str());
-	WiFiDrv::wpa2EntSetUsername(data.username.c_str());
-	WiFiDrv::wpa2EntSetPassword(data.password.c_str());
-
-	if (data.ca_pem) {
-		WiFiStorage.remove("/fs/ca.pem");
-		WiFiStorage.write("/fs/ca.pem", 0, (uint8_t*)data.ca_pem, strlen(data.ca_pem));
-	}
-	if (data.client_crt) {
-		WiFiStorage.remove("/fs/client.crt");
-		WiFiStorage.write("/fs/client.crt", 0, (uint8_t*)data.client_crt, strlen(data.client_crt));
-	}
-	if (data.client_key) {
-		WiFiStorage.remove("/fs/client.key");
-		WiFiStorage.write("/fs/client.key", 0, (uint8_t*)data.client_key, strlen(data.client_key));
-	}
+	WiFiDrv::wpa2EntSetIdentity(username);
+	WiFiDrv::wpa2EntSetUsername(username);
+	WiFiDrv::wpa2EntSetPassword(password);
 	WiFiDrv::wpa2EntEnable();
+	return begin(ssid);
 }
 
 void WiFiClass::config(IPAddress local_ip)

src/WiFi.h

@@ -41,33 +41,17 @@ typedef enum _eap_methods {
  EAP_TTLS = 2,
 } eap_method;
 
-class WPA2Enterprise
+class WPA2EnterpriseClass
 {
 public:
-    WPA2Enterprise(eap_method method, String identity, String username = "", String password = "",
-                    const char* ca_pem = NULL, const char* client_crt = NULL, const char* client_key = NULL) :
-                    method(method), identity(identity), username(username), password(password),
-                    ca_pem(ca_pem), client_crt(client_crt), client_key(client_key)
-    {}
-    WPA2Enterprise(String identity, String username = "", String password = "",
-                    const char* ca_pem = NULL, const char* client_crt = NULL, const char* client_key = NULL) :
-                    method(EAP_TLS), identity(identity), username(username), password(password),
-                    ca_pem(ca_pem), client_crt(client_crt), client_key(client_key)
-    {}
-    WPA2Enterprise(String identity, const char* ca_pem = NULL, const char* client_crt = NULL, const char* client_key = NULL) :
-                    method(EAP_TLS), identity(identity), username(""), password(""),
-                    ca_pem(ca_pem), client_crt(client_crt), client_key(client_key)
-    {}
-
-    eap_method method; // TLS: 0, PEAP: 1, TTLS: 2 // looks like it's handled internally
-    String identity;
-    String username;
-    String password;
-    const char* ca_pem;
-    const char* client_crt;
-    const char* client_key;
+    void clear();
+    void save();
+    void addCACertificate(const char* ca_pem);
+    void addClientCertificate(const char* client_crt, const char* client_key);
 };
 
+extern WPA2EnterpriseClass WPA2Enterprise;
+
 class WiFiClass
 {
 private:
@@ -113,11 +97,13 @@ class WiFiClass
     uint8_t beginAP(const char *ssid, const char* passphrase);
     uint8_t beginAP(const char *ssid, const char* passphrase, uint8_t channel);
 
-    /* Add WPA2 Enterprise information for next connection
+    /* Start Wifi connection with wpa2 enterprise
         *
-        * param data:   Static ip configuration
+        * helper function for most university WPA2 connections
+        * if a fine-grained configuration is needed (like adding certificates)
+        * use WPA2Enterprise functions and then call begin() normally
         */
-    void config(WPA2Enterprise& data);
+    int beginEnterprise(const char *ssid, const char* username, const char* password);
 
     /* Change Ip configuration settings disabling the dhcp client
         *

src/utility/wifi_drv.cpp

@@ -1168,6 +1168,70 @@ void WiFiDrv::wpa2EntSetUsername(const char* username)
     SpiDrv::spiSlaveDeselect();
 }
 
+void WiFiDrv::wpa2EntSetClientCertificate(const char* client_crt, const char* client_key)
+{
+    WAIT_FOR_SLAVE_SELECT();
+    // Send Command
+    SpiDrv::sendCmd(WPA2_ENTERPRISE_SET_CERT_KEY, PARAM_NUMS_2);
+    SpiDrv::sendParamLen16(strlen(client_crt));
+    SpiDrv::sendParamLen16(strlen(client_key));
+    SpiDrv::sendParamNoLen((uint8_t*)client_crt, strlen(client_crt), NO_LAST_PARAM);
+    SpiDrv::sendParamNoLen((uint8_t*)client_key, strlen(client_key), LAST_PARAM);
+
+    // pad to multiple of 4
+    int commandSize = 5 + strlen(client_crt) + strlen(client_key);
+    while (commandSize % 4) {
+        SpiDrv::readChar();
+        commandSize++;
+    }
+
+    SpiDrv::spiSlaveDeselect();
+    //Wait the reply elaboration
+    SpiDrv::waitForSlaveReady();
+    SpiDrv::spiSlaveSelect();
+
+    // Wait for reply
+    uint8_t _data = 0;
+    uint8_t _dataLen = 0;
+    if (!SpiDrv::waitResponseCmd(WPA2_ENTERPRISE_SET_CERT_KEY, PARAM_NUMS_1, &_data, &_dataLen))
+    {
+        WARN("error waitResponse");
+        _data = WL_FAILURE;
+    }
+    SpiDrv::spiSlaveDeselect();
+}
+
+void WiFiDrv::wpa2EntSetCACertificate(const char* ca_pem)
+{
+    WAIT_FOR_SLAVE_SELECT();
+    // Send Command
+    SpiDrv::sendCmd(WPA2_ENTERPRISE_SET_CA_CERT, PARAM_NUMS_1);
+    SpiDrv::sendParamLen16(strlen(ca_pem));
+    SpiDrv::sendParamNoLen((uint8_t*)ca_pem, strlen(ca_pem), LAST_PARAM);
+
+    // pad to multiple of 4
+    int commandSize = 5 + strlen(ca_pem);
+    while (commandSize % 4) {
+        SpiDrv::readChar();
+        commandSize++;
+    }
+
+    SpiDrv::spiSlaveDeselect();
+    //Wait the reply elaboration
+    SpiDrv::waitForSlaveReady();
+    SpiDrv::spiSlaveSelect();
+
+    // Wait for reply
+    uint8_t _data = 0;
+    uint8_t _dataLen = 0;
+    if (!SpiDrv::waitResponseCmd(WPA2_ENTERPRISE_SET_CA_CERT, PARAM_NUMS_1, &_data, &_dataLen))
+    {
+        WARN("error waitResponse");
+        _data = WL_FAILURE;
+    }
+    SpiDrv::spiSlaveDeselect();
+}
+
 void WiFiDrv::wpa2EntEnable()
 {
     WAIT_FOR_SLAVE_SELECT();

src/utility/wifi_drv.h

@@ -289,6 +289,8 @@ class WiFiDrv
     static void wpa2EntSetIdentity(const char* identity);
     static void wpa2EntSetUsername(const char* username);
     static void wpa2EntSetPassword(const char* password);
+    static void wpa2EntSetCACertificate(const char* ca_pem);
+    static void wpa2EntSetClientCertificate(const char* client_crt, const char* client_key);
     static void wpa2EntEnable();
 
     friend class WiFiUDP;