From af1f0ef16cf5fb3942436df4fc8711b75ada3d8c Mon Sep 17 00:00:00 2001
From: Jordan Yates <jordan@embeint.com>
Date: Fri, 11 Apr 2025 17:17:59 +1000
Subject: [PATCH 01/14] [nrf fromtree] manifest: nrf_wifi: cleanup logging
 newlines

Update WiFi driver to cleanup extra logging newlines for consistency.

Signed-off-by: Jordan Yates <jordan@embeint.com>
(cherry picked from commit 729f50e9d52f1a6a248ee15898af7bd2394dc828)
(cherry picked from commit 2baf4a88705eb13de6cc684d3f0be31794e3bf01)
---
 west.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/west.yml b/west.yml
index 3a2e28b5a1d..2019d567c04 100644
--- a/west.yml
+++ b/west.yml
@@ -318,7 +318,7 @@ manifest:
       revision: b84bd7314a239f818e78f6927f5673247816df53
       path: modules/bsim_hw_models/nrf_hw_models
     - name: nrf_wifi
-      revision: 8fd3cd7b088d62f145b8b9f5ecc985dd73bd9e77
+      revision: pull/46/head
       path: modules/lib/nrf_wifi
     - name: open-amp
       revision: f7f4d083c7909a39d86e217376c69b416ec4faf3

From f61af88a22813461c43f686477a13d8d269654ab Mon Sep 17 00:00:00 2001
From: Ravi Dondaputi <ravi.dondaputi@nordicsemi.no>
Date: Thu, 10 Apr 2025 20:56:42 +0530
Subject: [PATCH 02/14] [nrf fromtree] wifi: nrf_wifi: Add control pool
 specific APIs

Memory allocations in HAL are using data pool. These operations
are in control plane. Add APIs for allocation/free operations on
control pool.

Signed-off-by: Ravi Dondaputi <ravi.dondaputi@nordicsemi.no>
(cherry picked from commit ba5b897cb67d274ff2abbb641ab867d8c9455c5f)
---
 drivers/wifi/nrf_wifi/Kconfig.nrfwifi |  3 ++-
 modules/nrf_wifi/os/shim.c            | 23 +++++++++++++++++++++++
 west.yml                              |  2 +-
 3 files changed, 26 insertions(+), 2 deletions(-)

diff --git a/drivers/wifi/nrf_wifi/Kconfig.nrfwifi b/drivers/wifi/nrf_wifi/Kconfig.nrfwifi
index 3c3f23d1c9c..2af3cf52b8c 100644
--- a/drivers/wifi/nrf_wifi/Kconfig.nrfwifi
+++ b/drivers/wifi/nrf_wifi/Kconfig.nrfwifi
@@ -546,7 +546,8 @@ config NRF_WIFI_CTRL_HEAP_SIZE
 
 config NRF_WIFI_DATA_HEAP_SIZE
 	int "Dedicated memory pool for data plane"
-	default 8000 if NRF70_SCAN_ONLY || NRF70_RADIO_TEST #TODO: Need to optimize this.
+	default 0 if NRF70_RADIO_TEST || NRF70_OFFLOADED_RAW_TX
+	default 8000 if NRF70_SCAN_ONLY
 	default 110000 if !SOC_FAMILY_NORDIC_NRF
 	default 130000
 
diff --git a/modules/nrf_wifi/os/shim.c b/modules/nrf_wifi/os/shim.c
index 4d82fdf2bfb..997704b01bb 100644
--- a/modules/nrf_wifi/os/shim.c
+++ b/modules/nrf_wifi/os/shim.c
@@ -575,11 +575,32 @@ static void *zep_shim_llist_node_alloc(void)
 	return llist_node;
 }
 
+static void *zep_shim_ctrl_llist_node_alloc(void)
+{
+	struct zep_shim_llist_node *llist_node = NULL;
+
+	llist_node = zep_shim_mem_zalloc(sizeof(*llist_node));
+
+	if (!llist_node) {
+		LOG_ERR("%s: Unable to allocate memory for linked list node", __func__);
+		return NULL;
+	}
+
+	sys_dnode_init(&llist_node->head);
+
+	return llist_node;
+}
+
 static void zep_shim_llist_node_free(void *llist_node)
 {
 	zep_shim_data_mem_free(llist_node);
 }
 
+static void zep_shim_ctrl_llist_node_free(void *llist_node)
+{
+	zep_shim_mem_free(llist_node);
+}
+
 static void *zep_shim_llist_node_data_get(void *llist_node)
 {
 	struct zep_shim_llist_node *zep_llist_node = NULL;
@@ -1071,7 +1092,9 @@ const struct nrf_wifi_osal_ops nrf_wifi_os_zep_ops = {
 	.log_err = zep_shim_pr_err,
 
 	.llist_node_alloc = zep_shim_llist_node_alloc,
+	.ctrl_llist_node_alloc = zep_shim_ctrl_llist_node_alloc,
 	.llist_node_free = zep_shim_llist_node_free,
+	.ctrl_llist_node_free = zep_shim_ctrl_llist_node_free,
 	.llist_node_data_get = zep_shim_llist_node_data_get,
 	.llist_node_data_set = zep_shim_llist_node_data_set,
 
diff --git a/west.yml b/west.yml
index 2019d567c04..07a943c0a98 100644
--- a/west.yml
+++ b/west.yml
@@ -318,7 +318,7 @@ manifest:
       revision: b84bd7314a239f818e78f6927f5673247816df53
       path: modules/bsim_hw_models/nrf_hw_models
     - name: nrf_wifi
-      revision: pull/46/head
+      revision: eeceee739252cf2d56a5ad9356553d87aae8c57d
       path: modules/lib/nrf_wifi
     - name: open-amp
       revision: f7f4d083c7909a39d86e217376c69b416ec4faf3

From 79ffa8a6b82623dddf674a53df064b60ec4eb6a3 Mon Sep 17 00:00:00 2001
From: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Date: Tue, 15 Apr 2025 23:52:10 +0530
Subject: [PATCH 03/14] Revert "[nrf fromlist] samples: net: wifi: Add two
 variants of certs"

This reverts commit 96798389d2f61297411dff06cdf7ada0bbaac6e2.

Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
(cherry picked from commit b4757954606b4539fcd38cbe96501975108d1982)
---
 doc/connectivity/networking/api/wifi.rst      | 27 ++++------------
 .../net/wifi/test_certs/{rsa3k => }/ca.pem    |  0
 .../net/wifi/test_certs/{rsa3k => }/ca2.pem   |  0
 .../test_certs/{rsa3k => }/client-key.pem     |  0
 .../test_certs/{rsa3k => }/client-key2.pem    |  0
 .../wifi/test_certs/{rsa3k => }/client.pem    |  0
 .../wifi/test_certs/{rsa3k => }/client2.pem   |  0
 samples/net/wifi/test_certs/rsa2k/ca.pem      | 29 -----------------
 samples/net/wifi/test_certs/rsa2k/ca2.pem     | 29 -----------------
 .../net/wifi/test_certs/rsa2k/client-key.pem  | 30 ------------------
 .../net/wifi/test_certs/rsa2k/client-key2.pem | 30 ------------------
 samples/net/wifi/test_certs/rsa2k/client.pem  | 27 ----------------
 samples/net/wifi/test_certs/rsa2k/client2.pem | 27 ----------------
 .../net/wifi/test_certs/rsa2k/server-key.pem  | 30 ------------------
 samples/net/wifi/test_certs/rsa2k/server.pem  | 31 -------------------
 .../test_certs/{rsa3k => }/server-key.pem     |  0
 .../wifi/test_certs/{rsa3k => }/server.pem    |  0
 subsys/net/l2/wifi/CMakeLists.txt             | 19 +++++-------
 18 files changed, 14 insertions(+), 265 deletions(-)
 rename samples/net/wifi/test_certs/{rsa3k => }/ca.pem (100%)
 rename samples/net/wifi/test_certs/{rsa3k => }/ca2.pem (100%)
 rename samples/net/wifi/test_certs/{rsa3k => }/client-key.pem (100%)
 rename samples/net/wifi/test_certs/{rsa3k => }/client-key2.pem (100%)
 rename samples/net/wifi/test_certs/{rsa3k => }/client.pem (100%)
 rename samples/net/wifi/test_certs/{rsa3k => }/client2.pem (100%)
 delete mode 100644 samples/net/wifi/test_certs/rsa2k/ca.pem
 delete mode 100644 samples/net/wifi/test_certs/rsa2k/ca2.pem
 delete mode 100644 samples/net/wifi/test_certs/rsa2k/client-key.pem
 delete mode 100644 samples/net/wifi/test_certs/rsa2k/client-key2.pem
 delete mode 100644 samples/net/wifi/test_certs/rsa2k/client.pem
 delete mode 100644 samples/net/wifi/test_certs/rsa2k/client2.pem
 delete mode 100644 samples/net/wifi/test_certs/rsa2k/server-key.pem
 delete mode 100644 samples/net/wifi/test_certs/rsa2k/server.pem
 rename samples/net/wifi/test_certs/{rsa3k => }/server-key.pem (100%)
 rename samples/net/wifi/test_certs/{rsa3k => }/server.pem (100%)

diff --git a/doc/connectivity/networking/api/wifi.rst b/doc/connectivity/networking/api/wifi.rst
index 57d00934e95..3a4efff9821 100644
--- a/doc/connectivity/networking/api/wifi.rst
+++ b/doc/connectivity/networking/api/wifi.rst
@@ -42,31 +42,16 @@ Test certificates in PEM format are committed to the repo at :zephyr_file:`sampl
 build process the certificates are converted to a C header file that is included by the Wi-Fi shell
 module.
 
-If you want to use your own certificates, you can replace the existing certificates with your own certificates in the same directory.
-
 .. code-block:: bash
 
-    $ export WIFI_TEST_CERTS_DIR=samples/net/wifi/test_certs/rsa3k
-    $ cp client.pem $WIFI_TEST_CERTS_DIR
-    $ cp client-key.pem $WIFI_TEST_CERTS_DIR
-    $ cp ca.pem $WIFI_TEST_CERTS_DIR
-    $ cp client2.pem $WIFI_TEST_CERTS_DIR
-    $ cp client-key2.pem $WIFI_TEST_CERTS_DIR
-    $ cp ca2.pem $WIFI_TEST_CERTS_DIR
+    $ cp client.pem samples/net/wifi/test_certs/
+    $ cp client-key.pem samples/net/wifi/test_certs/
+    $ cp ca.pem samples/net/wifi/test_certs/
+    $ cp client2.pem samples/net/wifi/test_certs/
+    $ cp client-key2.pem samples/net/wifi/test_certs/
+    $ cp ca2.pem samples/net/wifi/test_certs/
     $ west build -p -b <board> samples/net/wifi -S wifi-enterprise
 
-or alternatively copy ``rsa2k`` certificates by changing the ``WIFI_TEST_CERTS_DIR`` environment variable.
-
-.. code-block:: bash
-
-    $ export WIFI_TEST_CERTS_DIR=samples/net/wifi/test_certs/rsa2k
-
-or you can set the :envvar:`WIFI_TEST_CERTS_DIR` environment variable to point to the directory containing your certificates.
-
-.. code-block:: bash
-
-    $ west build -p -b <board> samples/net/wifi -S wifi-enterprise -- -DWIFI_TEST_CERTS_DIR=<path_to_your_certificates>
-
 Run time certificates
 ---------------------
 
diff --git a/samples/net/wifi/test_certs/rsa3k/ca.pem b/samples/net/wifi/test_certs/ca.pem
similarity index 100%
rename from samples/net/wifi/test_certs/rsa3k/ca.pem
rename to samples/net/wifi/test_certs/ca.pem
diff --git a/samples/net/wifi/test_certs/rsa3k/ca2.pem b/samples/net/wifi/test_certs/ca2.pem
similarity index 100%
rename from samples/net/wifi/test_certs/rsa3k/ca2.pem
rename to samples/net/wifi/test_certs/ca2.pem
diff --git a/samples/net/wifi/test_certs/rsa3k/client-key.pem b/samples/net/wifi/test_certs/client-key.pem
similarity index 100%
rename from samples/net/wifi/test_certs/rsa3k/client-key.pem
rename to samples/net/wifi/test_certs/client-key.pem
diff --git a/samples/net/wifi/test_certs/rsa3k/client-key2.pem b/samples/net/wifi/test_certs/client-key2.pem
similarity index 100%
rename from samples/net/wifi/test_certs/rsa3k/client-key2.pem
rename to samples/net/wifi/test_certs/client-key2.pem
diff --git a/samples/net/wifi/test_certs/rsa3k/client.pem b/samples/net/wifi/test_certs/client.pem
similarity index 100%
rename from samples/net/wifi/test_certs/rsa3k/client.pem
rename to samples/net/wifi/test_certs/client.pem
diff --git a/samples/net/wifi/test_certs/rsa3k/client2.pem b/samples/net/wifi/test_certs/client2.pem
similarity index 100%
rename from samples/net/wifi/test_certs/rsa3k/client2.pem
rename to samples/net/wifi/test_certs/client2.pem
diff --git a/samples/net/wifi/test_certs/rsa2k/ca.pem b/samples/net/wifi/test_certs/rsa2k/ca.pem
deleted file mode 100644
index a267be8fe47..00000000000
--- a/samples/net/wifi/test_certs/rsa2k/ca.pem
+++ /dev/null
@@ -1,29 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIE+TCCA+GgAwIBAgIUH614zvmCngpSc26BLLFu2loqvfgwDQYJKoZIhvcNAQEL
-BQAwgZIxCzAJBgNVBAYTAkZSMQ8wDQYDVQQIDAZSYWRpdXMxEjAQBgNVBAcMCVNv
-bWV3aGVyZTEUMBIGA1UECgwLRXhhbXBsZSBJbmMxIDAeBgkqhkiG9w0BCQEWEWFk
-bWluQGV4YW1wbGUub3JnMSYwJAYDVQQDDB1FeGFtcGxlIENlcnRpZmljYXRlIEF1
-dGhvcml0eTAgFw0yNTAzMjcxMjUwNDhaGA8yMDUyMDgxMTEyNTA0OFowgZIxCzAJ
-BgNVBAYTAkZSMQ8wDQYDVQQIDAZSYWRpdXMxEjAQBgNVBAcMCVNvbWV3aGVyZTEU
-MBIGA1UECgwLRXhhbXBsZSBJbmMxIDAeBgkqhkiG9w0BCQEWEWFkbWluQGV4YW1w
-bGUub3JnMSYwJAYDVQQDDB1FeGFtcGxlIENlcnRpZmljYXRlIEF1dGhvcml0eTCC
-ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALljCArLJs7rdS4pJDrpbSd3
-pNCo1skN3h9FSdboWnz5uvy4dUfOQcPzd1i/Kav7R+eURTIlIe24slDobYW7dS+u
-U+mlw8yzd6Xs9L8BvHrE/JvHMdaCubSWJwJ+BtTZMAvwfpysw0TrYgUw10v4O6PU
-0ri80I/79IKXCQjLnoqrf7OylYnSeuufMrcojZlqMD444EcJS8OAhm648D7w9xWp
-YwGhhV7gLgFZfIZ3vq/VQE6//pasHZ4P2bdej4Up7Nhsqa3qLtPYlUsJB8uTp04h
-YLA600hKoGKJiW1fHrmVIQiYamwkpUSmhY1mw/RJ0GbWE1BT+vLC2BMckw+cwF0C
-AwEAAaOCAUEwggE9MB0GA1UdDgQWBBTgzBbVi3ycphRotu7Am6ynMwVAyTCB0gYD
-VR0jBIHKMIHHgBTgzBbVi3ycphRotu7Am6ynMwVAyaGBmKSBlTCBkjELMAkGA1UE
-BhMCRlIxDzANBgNVBAgMBlJhZGl1czESMBAGA1UEBwwJU29tZXdoZXJlMRQwEgYD
-VQQKDAtFeGFtcGxlIEluYzEgMB4GCSqGSIb3DQEJARYRYWRtaW5AZXhhbXBsZS5v
-cmcxJjAkBgNVBAMMHUV4YW1wbGUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5ghQfrXjO
-+YKeClJzboEssW7aWiq9+DAPBgNVHRMBAf8EBTADAQH/MDYGA1UdHwQvMC0wK6Ap
-oCeGJWh0dHA6Ly93d3cuZXhhbXBsZS5jb20vZXhhbXBsZV9jYS5jcmwwDQYJKoZI
-hvcNAQELBQADggEBAAV8StX4zFbOqcNVzF0JaZGu7CquFR4pOjCbM9XJVcwCxc0+
-DtIxy+w9KMLGgwB6LHh51tAExCR3UTktG8FqFxdjESCD8qlQoLU1uzt0kadKvQUr
-wjn8ToEp1UP8UZa+SzaXVAYv09DC+VMYqBmkUtze/F5LC0LMWQBR3bn2EGdwBoMl
-k2Gq6BdJZRCotyraSvG01mMyORY6UzLi25WFVg6B284VlD0cqFqmUMEmk2f76Ix3
-WpUkoGZ/ArAoS6+vaFmSrhZ9W+YBfBoBgjXrGMKi2dkUUngbm4yGxrhnN1MFu2lA
-xnBWRxSQjzLGzqQP/bfxAVlNyXwQNPETGVZpGzc=
------END CERTIFICATE-----
diff --git a/samples/net/wifi/test_certs/rsa2k/ca2.pem b/samples/net/wifi/test_certs/rsa2k/ca2.pem
deleted file mode 100644
index a267be8fe47..00000000000
--- a/samples/net/wifi/test_certs/rsa2k/ca2.pem
+++ /dev/null
@@ -1,29 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIE+TCCA+GgAwIBAgIUH614zvmCngpSc26BLLFu2loqvfgwDQYJKoZIhvcNAQEL
-BQAwgZIxCzAJBgNVBAYTAkZSMQ8wDQYDVQQIDAZSYWRpdXMxEjAQBgNVBAcMCVNv
-bWV3aGVyZTEUMBIGA1UECgwLRXhhbXBsZSBJbmMxIDAeBgkqhkiG9w0BCQEWEWFk
-bWluQGV4YW1wbGUub3JnMSYwJAYDVQQDDB1FeGFtcGxlIENlcnRpZmljYXRlIEF1
-dGhvcml0eTAgFw0yNTAzMjcxMjUwNDhaGA8yMDUyMDgxMTEyNTA0OFowgZIxCzAJ
-BgNVBAYTAkZSMQ8wDQYDVQQIDAZSYWRpdXMxEjAQBgNVBAcMCVNvbWV3aGVyZTEU
-MBIGA1UECgwLRXhhbXBsZSBJbmMxIDAeBgkqhkiG9w0BCQEWEWFkbWluQGV4YW1w
-bGUub3JnMSYwJAYDVQQDDB1FeGFtcGxlIENlcnRpZmljYXRlIEF1dGhvcml0eTCC
-ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALljCArLJs7rdS4pJDrpbSd3
-pNCo1skN3h9FSdboWnz5uvy4dUfOQcPzd1i/Kav7R+eURTIlIe24slDobYW7dS+u
-U+mlw8yzd6Xs9L8BvHrE/JvHMdaCubSWJwJ+BtTZMAvwfpysw0TrYgUw10v4O6PU
-0ri80I/79IKXCQjLnoqrf7OylYnSeuufMrcojZlqMD444EcJS8OAhm648D7w9xWp
-YwGhhV7gLgFZfIZ3vq/VQE6//pasHZ4P2bdej4Up7Nhsqa3qLtPYlUsJB8uTp04h
-YLA600hKoGKJiW1fHrmVIQiYamwkpUSmhY1mw/RJ0GbWE1BT+vLC2BMckw+cwF0C
-AwEAAaOCAUEwggE9MB0GA1UdDgQWBBTgzBbVi3ycphRotu7Am6ynMwVAyTCB0gYD
-VR0jBIHKMIHHgBTgzBbVi3ycphRotu7Am6ynMwVAyaGBmKSBlTCBkjELMAkGA1UE
-BhMCRlIxDzANBgNVBAgMBlJhZGl1czESMBAGA1UEBwwJU29tZXdoZXJlMRQwEgYD
-VQQKDAtFeGFtcGxlIEluYzEgMB4GCSqGSIb3DQEJARYRYWRtaW5AZXhhbXBsZS5v
-cmcxJjAkBgNVBAMMHUV4YW1wbGUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5ghQfrXjO
-+YKeClJzboEssW7aWiq9+DAPBgNVHRMBAf8EBTADAQH/MDYGA1UdHwQvMC0wK6Ap
-oCeGJWh0dHA6Ly93d3cuZXhhbXBsZS5jb20vZXhhbXBsZV9jYS5jcmwwDQYJKoZI
-hvcNAQELBQADggEBAAV8StX4zFbOqcNVzF0JaZGu7CquFR4pOjCbM9XJVcwCxc0+
-DtIxy+w9KMLGgwB6LHh51tAExCR3UTktG8FqFxdjESCD8qlQoLU1uzt0kadKvQUr
-wjn8ToEp1UP8UZa+SzaXVAYv09DC+VMYqBmkUtze/F5LC0LMWQBR3bn2EGdwBoMl
-k2Gq6BdJZRCotyraSvG01mMyORY6UzLi25WFVg6B284VlD0cqFqmUMEmk2f76Ix3
-WpUkoGZ/ArAoS6+vaFmSrhZ9W+YBfBoBgjXrGMKi2dkUUngbm4yGxrhnN1MFu2lA
-xnBWRxSQjzLGzqQP/bfxAVlNyXwQNPETGVZpGzc=
------END CERTIFICATE-----
diff --git a/samples/net/wifi/test_certs/rsa2k/client-key.pem b/samples/net/wifi/test_certs/rsa2k/client-key.pem
deleted file mode 100644
index 4fbf52d284f..00000000000
--- a/samples/net/wifi/test_certs/rsa2k/client-key.pem
+++ /dev/null
@@ -1,30 +0,0 @@
------BEGIN ENCRYPTED PRIVATE KEY-----
-MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIcm3x/CvLYRcCAggA
-MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECCSqbBrS+vObBIIEyPSMbzL5DvaJ
-tW/lEoNvmujkYw/qADyExm4JidoemiTxMJB6TkXJE+W8glDeY+TCZUD6UyeiSx7J
-HC1R2rQmpy91LT5o6P7Eyq/VHIsXVE77rS91NCKjiljdPWbzkLFo5oNwguhsvKI9
-YjU8m0V6KVLx21DZFDi5OZQ8g0ULu9FR9WIr4eDUnAIjJnpqw00hZF6FVKe7lu9t
-2uCiKABXpODMqQyrDrTTsQNB4MV8axVWMaYW4P6JVf40ByzA4ISNYhmFH3DWMlAH
-c6LhZstT7n3lXbpsq3pTvn/07+5yuTIvOmFvOoUnXo+kIU7gf1ODma7kPHrcD62c
-9ZgMh/Y90YcQamoLUXJqKBk96ybj9v4p6CTzJC8vOj8GOJqEoUgs6lNYrNQmdJka
-InZJnMfCgX67g60NrQ7vb/LPXTs1gShk/fn2EdLCvhqJNQwNgLjwFtio2DObBD4b
-kuIV/h83moZ/yGrW2PPjxDrzWCxgFhMXs8kGZX6119J8Ki8L+EgKXz0Vfed6XQP6
-RK2anaQzmtJgM4gzzXDOPBPKYDMjqZHqZpMCl1J6TOYbVELDu+OAPGrLSXt71O+T
-toPVrUNdKvYB5H4hosoqMiyeNGwEVjFlSKEInSM6IlwWK2+/xeqTued74nKgj/Je
-xmLbZEurHtOctY0807gj2aNO2/iR4n+1kk9nniBcZNJ7la5GEqAp4wRSH2KI+hu0
-YoJHLtRX/BccawOTvWnLXOsbBTxXtZV9m4ojLbqCzpEV5alFkO0ycP/ao6A/ZTej
-52X01EoUi7Nq5uoIxx+BKj5LN4Pa0Wpe4/DryiEqjSQ2sZMnkD+DhHw/soGcJrJm
-s9zV0YFfFk9Flfnq/9uteHOj+CLxE4BQCpaEBkE+2IooU2Vtw9i5YOeQB+4971XE
-JFBqNknjSfFqaL9zzBliKA9bizZawBub/HUX5P+3k71761k+Li1ID+RYOhTGjqKh
-ws8bke2BtAOB/vccxQGYEOdi8U6+AgK7Dz1AmMQhLlDA8S7qAwodLmnaC6WhP1rA
-1koQYnAGCxOcARTZCLzlfidNf1KzYMRdSVjTh9QAGW7cxEnNEnai5nU4VXUVT3xB
-LWRP98yWzOIsQLFtXzjE0P+ESYGOsQj8aVyy/QHSOg5oEHxZ/myUbr1QB58Z+VKa
-T8/EE2lQazINMIxfsxjDygHX3iF3BlxpwCBk2ykdbfqQFwZ3cr1l53ixuKqd2pTV
-xsEhuAvAfJ1OadUM8HefT+ijUuKPUowtcrcA8URqgy1V/vgcM0qiw7fWysKK7oWl
-L7Oa3JfTE1mpZuocOvF7e5ueNzIgEgnxQEkEE3AJmS0YxMqI6ShTnUx6p79OlVZr
-/Izdkwqqhene+zudNd3z0TMhkjI8LZa6x4SBfCZmCOzOgoZ9XMrf80S/9CKTLWFv
-UrLOe8RJz/6SYweQTMakejC/sbHSSTrqmIf9mrVLP1sMBm8R7TPLMRt8CFNtuYB0
-3nHO9kP7qT3U3sTZ9A0NQyaOfQYcWSLSGBkLSJAM3wh590hp7i6hnM3FeOYY3+lL
-2a9q59B2H3HJfSUUCXtPA8wsEkZyCfz+y5YGscrhQcCbBq1FkkarluKJFonFCEKK
-D4mU9Io0mhON+5ZNhwqurQ==
------END ENCRYPTED PRIVATE KEY-----
diff --git a/samples/net/wifi/test_certs/rsa2k/client-key2.pem b/samples/net/wifi/test_certs/rsa2k/client-key2.pem
deleted file mode 100644
index 4fbf52d284f..00000000000
--- a/samples/net/wifi/test_certs/rsa2k/client-key2.pem
+++ /dev/null
@@ -1,30 +0,0 @@
------BEGIN ENCRYPTED PRIVATE KEY-----
-MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIcm3x/CvLYRcCAggA
-MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECCSqbBrS+vObBIIEyPSMbzL5DvaJ
-tW/lEoNvmujkYw/qADyExm4JidoemiTxMJB6TkXJE+W8glDeY+TCZUD6UyeiSx7J
-HC1R2rQmpy91LT5o6P7Eyq/VHIsXVE77rS91NCKjiljdPWbzkLFo5oNwguhsvKI9
-YjU8m0V6KVLx21DZFDi5OZQ8g0ULu9FR9WIr4eDUnAIjJnpqw00hZF6FVKe7lu9t
-2uCiKABXpODMqQyrDrTTsQNB4MV8axVWMaYW4P6JVf40ByzA4ISNYhmFH3DWMlAH
-c6LhZstT7n3lXbpsq3pTvn/07+5yuTIvOmFvOoUnXo+kIU7gf1ODma7kPHrcD62c
-9ZgMh/Y90YcQamoLUXJqKBk96ybj9v4p6CTzJC8vOj8GOJqEoUgs6lNYrNQmdJka
-InZJnMfCgX67g60NrQ7vb/LPXTs1gShk/fn2EdLCvhqJNQwNgLjwFtio2DObBD4b
-kuIV/h83moZ/yGrW2PPjxDrzWCxgFhMXs8kGZX6119J8Ki8L+EgKXz0Vfed6XQP6
-RK2anaQzmtJgM4gzzXDOPBPKYDMjqZHqZpMCl1J6TOYbVELDu+OAPGrLSXt71O+T
-toPVrUNdKvYB5H4hosoqMiyeNGwEVjFlSKEInSM6IlwWK2+/xeqTued74nKgj/Je
-xmLbZEurHtOctY0807gj2aNO2/iR4n+1kk9nniBcZNJ7la5GEqAp4wRSH2KI+hu0
-YoJHLtRX/BccawOTvWnLXOsbBTxXtZV9m4ojLbqCzpEV5alFkO0ycP/ao6A/ZTej
-52X01EoUi7Nq5uoIxx+BKj5LN4Pa0Wpe4/DryiEqjSQ2sZMnkD+DhHw/soGcJrJm
-s9zV0YFfFk9Flfnq/9uteHOj+CLxE4BQCpaEBkE+2IooU2Vtw9i5YOeQB+4971XE
-JFBqNknjSfFqaL9zzBliKA9bizZawBub/HUX5P+3k71761k+Li1ID+RYOhTGjqKh
-ws8bke2BtAOB/vccxQGYEOdi8U6+AgK7Dz1AmMQhLlDA8S7qAwodLmnaC6WhP1rA
-1koQYnAGCxOcARTZCLzlfidNf1KzYMRdSVjTh9QAGW7cxEnNEnai5nU4VXUVT3xB
-LWRP98yWzOIsQLFtXzjE0P+ESYGOsQj8aVyy/QHSOg5oEHxZ/myUbr1QB58Z+VKa
-T8/EE2lQazINMIxfsxjDygHX3iF3BlxpwCBk2ykdbfqQFwZ3cr1l53ixuKqd2pTV
-xsEhuAvAfJ1OadUM8HefT+ijUuKPUowtcrcA8URqgy1V/vgcM0qiw7fWysKK7oWl
-L7Oa3JfTE1mpZuocOvF7e5ueNzIgEgnxQEkEE3AJmS0YxMqI6ShTnUx6p79OlVZr
-/Izdkwqqhene+zudNd3z0TMhkjI8LZa6x4SBfCZmCOzOgoZ9XMrf80S/9CKTLWFv
-UrLOe8RJz/6SYweQTMakejC/sbHSSTrqmIf9mrVLP1sMBm8R7TPLMRt8CFNtuYB0
-3nHO9kP7qT3U3sTZ9A0NQyaOfQYcWSLSGBkLSJAM3wh590hp7i6hnM3FeOYY3+lL
-2a9q59B2H3HJfSUUCXtPA8wsEkZyCfz+y5YGscrhQcCbBq1FkkarluKJFonFCEKK
-D4mU9Io0mhON+5ZNhwqurQ==
------END ENCRYPTED PRIVATE KEY-----
diff --git a/samples/net/wifi/test_certs/rsa2k/client.pem b/samples/net/wifi/test_certs/rsa2k/client.pem
deleted file mode 100644
index 33eeed9918e..00000000000
--- a/samples/net/wifi/test_certs/rsa2k/client.pem
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEgzCCA2ugAwIBAgIBAzANBgkqhkiG9w0BAQsFADCBkjELMAkGA1UEBhMCRlIx
-DzANBgNVBAgMBlJhZGl1czESMBAGA1UEBwwJU29tZXdoZXJlMRQwEgYDVQQKDAtF
-eGFtcGxlIEluYzEgMB4GCSqGSIb3DQEJARYRYWRtaW5AZXhhbXBsZS5vcmcxJjAk
-BgNVBAMMHUV4YW1wbGUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MCAXDTI1MDMyNzEy
-NTA0OVoYDzIwNTIwODExMTI1MDQ5WjB0MQswCQYDVQQGEwJGUjEPMA0GA1UECAwG
-UmFkaXVzMRQwEgYDVQQKDAtFeGFtcGxlIEluYzEVMBMGA1UEAwwMRXhhbXBsZSB1
-c2VyMScwJQYJKoZIhvcNAQkBFhh1c2VyLmV4YW1wbGVAZXhhbXBsZS5vcmcwggEi
-MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkyPDf2/pHiJ6Bb7JK2syekEMh
-j67IpFshtBy/6WAxQfbu9i8LAtyTiEg/7FvZbtAhfPtOnXc45Lu64EHyF8o60Y0X
-6+45Ja3TCrPI609uTf1wTk8cpuRbm5u5blVwECaRiUJQL+Jm6TVNHF4byrNgKmUn
-KY7JFYHQCp6FTCfyex7pTkZSWdNo/EWTuAtOqmwjVLBEQCGtdpbQZmnE9b0WcoPL
-TB5vw3T30UBf3ve5wj6y3BFgMnbaoGvZd07lQtKVjkf50fVwuenPJF6+5XQS68qO
-qeNTq77//qtjFEukobQ5CxFUTrLTO3XTfN+to7xI1WRxDCAIO7wxPCPOcAx3AgMB
-AAGjgf4wgfswCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwEwYDVR0lBAwwCgYIKwYB
-BQUHAwIwNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL3d3dy5leGFtcGxlLmNvbS9l
-eGFtcGxlX2NhLmNybDA3BggrBgEFBQcBAQQrMCkwJwYIKwYBBQUHMAGGG2h0dHA6
-Ly93d3cuZXhhbXBsZS5vcmcvb2NzcDAbBgNVHREEFDASgRB1c2VyQGV4YW1wbGUu
-b3JnMB0GA1UdDgQWBBReX3pn9AYI0W0cD5Qrd1PP4mNtOjAfBgNVHSMEGDAWgBTg
-zBbVi3ycphRotu7Am6ynMwVAyTANBgkqhkiG9w0BAQsFAAOCAQEAbXo1Wc2a4053
-jBgl/lGN7p1KNyTO92V/gNT1jM6lOfy+qK6NZGZsayLLT2qubX5t9+1FI/RbRq3i
-FVCocIGRbZD+vKWTfxe4XowCwF9aE2od3xbQjWfSRGZCCYJpPkr5oh3i5qfztYos
-ONclAY54yx3cpsEj5VG/TXA4BmlaoJRrBbAVCGwRHL/KXGu4Y/AlAKHQWnZp6+sl
-UraELVaPeSRuZLgustDtIbMdyC6yTBTfCaRHPDmgYAxVVhzR29kitMO/hoJIAt8d
-MDWMXTRNsJMGMVOy6YWZAdvW0pj9tTN1shhYBRA3Wi8W/HrvlPtQWfrJqaTHNJ32
-sTKtziYlCg==
------END CERTIFICATE-----
diff --git a/samples/net/wifi/test_certs/rsa2k/client2.pem b/samples/net/wifi/test_certs/rsa2k/client2.pem
deleted file mode 100644
index 33eeed9918e..00000000000
--- a/samples/net/wifi/test_certs/rsa2k/client2.pem
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEgzCCA2ugAwIBAgIBAzANBgkqhkiG9w0BAQsFADCBkjELMAkGA1UEBhMCRlIx
-DzANBgNVBAgMBlJhZGl1czESMBAGA1UEBwwJU29tZXdoZXJlMRQwEgYDVQQKDAtF
-eGFtcGxlIEluYzEgMB4GCSqGSIb3DQEJARYRYWRtaW5AZXhhbXBsZS5vcmcxJjAk
-BgNVBAMMHUV4YW1wbGUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MCAXDTI1MDMyNzEy
-NTA0OVoYDzIwNTIwODExMTI1MDQ5WjB0MQswCQYDVQQGEwJGUjEPMA0GA1UECAwG
-UmFkaXVzMRQwEgYDVQQKDAtFeGFtcGxlIEluYzEVMBMGA1UEAwwMRXhhbXBsZSB1
-c2VyMScwJQYJKoZIhvcNAQkBFhh1c2VyLmV4YW1wbGVAZXhhbXBsZS5vcmcwggEi
-MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkyPDf2/pHiJ6Bb7JK2syekEMh
-j67IpFshtBy/6WAxQfbu9i8LAtyTiEg/7FvZbtAhfPtOnXc45Lu64EHyF8o60Y0X
-6+45Ja3TCrPI609uTf1wTk8cpuRbm5u5blVwECaRiUJQL+Jm6TVNHF4byrNgKmUn
-KY7JFYHQCp6FTCfyex7pTkZSWdNo/EWTuAtOqmwjVLBEQCGtdpbQZmnE9b0WcoPL
-TB5vw3T30UBf3ve5wj6y3BFgMnbaoGvZd07lQtKVjkf50fVwuenPJF6+5XQS68qO
-qeNTq77//qtjFEukobQ5CxFUTrLTO3XTfN+to7xI1WRxDCAIO7wxPCPOcAx3AgMB
-AAGjgf4wgfswCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwEwYDVR0lBAwwCgYIKwYB
-BQUHAwIwNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL3d3dy5leGFtcGxlLmNvbS9l
-eGFtcGxlX2NhLmNybDA3BggrBgEFBQcBAQQrMCkwJwYIKwYBBQUHMAGGG2h0dHA6
-Ly93d3cuZXhhbXBsZS5vcmcvb2NzcDAbBgNVHREEFDASgRB1c2VyQGV4YW1wbGUu
-b3JnMB0GA1UdDgQWBBReX3pn9AYI0W0cD5Qrd1PP4mNtOjAfBgNVHSMEGDAWgBTg
-zBbVi3ycphRotu7Am6ynMwVAyTANBgkqhkiG9w0BAQsFAAOCAQEAbXo1Wc2a4053
-jBgl/lGN7p1KNyTO92V/gNT1jM6lOfy+qK6NZGZsayLLT2qubX5t9+1FI/RbRq3i
-FVCocIGRbZD+vKWTfxe4XowCwF9aE2od3xbQjWfSRGZCCYJpPkr5oh3i5qfztYos
-ONclAY54yx3cpsEj5VG/TXA4BmlaoJRrBbAVCGwRHL/KXGu4Y/AlAKHQWnZp6+sl
-UraELVaPeSRuZLgustDtIbMdyC6yTBTfCaRHPDmgYAxVVhzR29kitMO/hoJIAt8d
-MDWMXTRNsJMGMVOy6YWZAdvW0pj9tTN1shhYBRA3Wi8W/HrvlPtQWfrJqaTHNJ32
-sTKtziYlCg==
------END CERTIFICATE-----
diff --git a/samples/net/wifi/test_certs/rsa2k/server-key.pem b/samples/net/wifi/test_certs/rsa2k/server-key.pem
deleted file mode 100644
index 5a6a2e77e65..00000000000
--- a/samples/net/wifi/test_certs/rsa2k/server-key.pem
+++ /dev/null
@@ -1,30 +0,0 @@
------BEGIN ENCRYPTED PRIVATE KEY-----
-MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIZwdmrQt6RogCAggA
-MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECHEftLym1jQkBIIEyH5UdHK2L2sR
-frTjMbkJBty0NxC8ucPqmBleZPkpAOF8XazZkfiq40/Vj9D+wTgXWL9/UNQHrY1m
-MbJvBaONODXnJe14rsL18NzN+LoUscE4poKBcrZ4Hbua5mS8mJ+WtPs9AfARyaEZ
-t60lDQMyJ/Hj2Nr7jbUykP6OOkAy1xqcjytcIRA+3q2Jiivv8XMozBzi8t+njODZ
-huMbuj13IFqLtZzTZikL+DpalNCezi7D8kttpkQul1uAtmtIAq3QZ99Ed8/XkRV1
-PiKkcj9J5oOcIyH9PE5D9Mid7+As2kkz614J3zeCG2s9xtUkgoasiabTKZNYgL4K
-sjuTFU4vOoGNasfH+j4tEFRozySW7z53C4jB1KZ8MmOUG+G9tlJk/jAHyFGiK0LN
-CTIsY/ZiA5f7Gk6BL1MbRTsLqch+5pmh43gDwfbq22gPs/TwQKxx3YZJfuUy2L7A
-T5sX3VjqQZ+rTwMEql790AnKSFsCbIH4Y7XcFY2Ux6tYzddiViLMTR29kJ0GJSEv
-aw5VIDAexec2M72p+l7kMecJiJgB2cDwkGFgD8qAd/hkWj6k6R9rRdI6Dg4a3Ta3
-Q50colSh0XfpPQ9jg6NjGJCUVO+uICOa5rD5tI5s/Ogd7MzgTcdDnzl7RDgOH1W+
-TivRMpFwCLdrtDmq9DSA0H7XCeSvf6orROK15dkQn1nmtK4/zhG20DVNJxV9UK0u
-GNCkEqqvcGXu75PKkw0bO7BFPAksP4WX+RPIEyZLasB8PxrorkDZTqNh7AJ5CuwO
-xy+ekOrNkfcqHIl2vJvrAhl6i68zM9e6sDV6+J1Eia0naFpZ3cjYC+AAgxcUZT23
-xLcNrNlZbcFJvCrb7JNgSbsQnHSjA1rtMXfNNTpnOGP29gv49rWiSL5QFMTSEBEZ
-4CGs6fpBNQxjvRfxGTnKaZWhenVE98r35zALeD74P8WWieRj7qDPMS8VJmvN6JmN
-VaQ2ysHeFlUEZxC2STHlUl0RAQU/Um4ee2kK6rzywjiZuOv3GeG7zB9P0kIpROa2
-KlxLN+EDffwFytiAlCMfqHrS7iqHPzMxWxzo/Fv7KFngrCxNSPTwxkRu/VVZouOl
-g6ip7VIYxuWgpUD4jZNllLKbJyQ8QABkmZIZI3nZqPX2K6OhqKPdnqF1BiuwrDRD
-k1f2jQBC4cue2nIuitr+mgsw5GG3mwob6Sniv4a6vy19DJImD+bGAxduiUH0laPq
-D2L5BH/Q3c+GtuQGfcemtPD3lteV4Qw/keOEBoLG0tPSVjs+uADUK3cBI4f2C3pd
-gb7Ze1dOPH8Fy/hy+wGp7+gLLLTv23RRYFZZsHBCat9qTyP97vzsckvL3VQN6zWE
-3W8TB2HBVKKkszv5ov0r8/mf5k6aqSw+IYHnkXehkTcRfENUdl7X/x0LM5Hi+I5F
-ZhbtWEETZlcu8XWaIAvW3eV2AOlf0xzC1SmCYEuQ6V9dSxGNuVn4pIMzxfLDfPOw
-gqheYFzSrKZJfB/iGI7XpN2XjWo61ZKudKRxZXSVxPM1hTOqtAFiE4mKarJUTkvC
-TWKmPppA4suT1wV79CMMxWBhe4Kj4STHYSHQfUS22SqsqJbdK/1DD9u+nNANnKol
-riIOT3CiCzNDQyu627UONg==
------END ENCRYPTED PRIVATE KEY-----
diff --git a/samples/net/wifi/test_certs/rsa2k/server.pem b/samples/net/wifi/test_certs/rsa2k/server.pem
deleted file mode 100644
index d894c33ded1..00000000000
--- a/samples/net/wifi/test_certs/rsa2k/server.pem
+++ /dev/null
@@ -1,31 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIFaTCCBFGgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBkjELMAkGA1UEBhMCRlIx
-DzANBgNVBAgMBlJhZGl1czESMBAGA1UEBwwJU29tZXdoZXJlMRQwEgYDVQQKDAtF
-eGFtcGxlIEluYzEgMB4GCSqGSIb3DQEJARYRYWRtaW5AZXhhbXBsZS5vcmcxJjAk
-BgNVBAMMHUV4YW1wbGUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MCAXDTI1MDMyNzEy
-NTA0OVoYDzIwNTIwODExMTI1MDQ5WjB7MQswCQYDVQQGEwJGUjEPMA0GA1UECAwG
-UmFkaXVzMRQwEgYDVQQKDAtFeGFtcGxlIEluYzEjMCEGA1UEAwwaRXhhbXBsZSBT
-ZXJ2ZXIgQ2VydGlmaWNhdGUxIDAeBgkqhkiG9w0BCQEWEWFkbWluQGV4YW1wbGUu
-b3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtIpRygUsyReit9O
-/15T0lf3p0ck1Sjw3ufaqaXXzEcM7i/w7UoSfNyqrjmCsZhfIDHqzWKdRUD+jE3Z
-TfRzrF/nGtyG2jjjqZy/p+0uTL0cN/QdMjUEvla/eRIgMHPPNG0oFn7GkzbrrqFt
-+f3RgsWV6Anw+8ipZvd8BjsummA4W4v6A86zXgORlefU4A7JOlxHXYvhFwS044nd
-N1Fvi0bjyZ7ciKltVCxjLDJEzV7I3ttoO57TI85vtEIjMMwkGywx6ICyLbLrgycl
-OeMmArC86MFINUor3oz+mfI8ETOIfLftqVN+oPRtDqjLlrIvtaDV6PsEoiFajpdx
-faMLhwIDAQABo4IB3DCCAdgwHQYDVR0OBBYEFMGuQKFgIgEb+q+VVWotbLlNZUxu
-MIHSBgNVHSMEgcowgceAFODMFtWLfJymFGi27sCbrKczBUDJoYGYpIGVMIGSMQsw
-CQYDVQQGEwJGUjEPMA0GA1UECAwGUmFkaXVzMRIwEAYDVQQHDAlTb21ld2hlcmUx
-FDASBgNVBAoMC0V4YW1wbGUgSW5jMSAwHgYJKoZIhvcNAQkBFhFhZG1pbkBleGFt
-cGxlLm9yZzEmMCQGA1UEAwwdRXhhbXBsZSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHmC
-FB+teM75gp4KUnNugSyxbtpaKr34MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMB0G
-A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDDjA2BgNVHR8ELzAtMCugKaAnhiVo
-dHRwOi8vd3d3LmV4YW1wbGUuY29tL2V4YW1wbGVfY2EuY3JsMDcGCCsGAQUFBwEB
-BCswKTAnBggrBgEFBQcwAYYbaHR0cDovL3d3dy5leGFtcGxlLm9yZy9vY3NwMDoG
-A1UdEQQzMDGCEnJhZGl1cy5leGFtcGxlLm9yZ6AbBggrBgEFBQcICKAPDA0qLmV4
-YW1wbGUuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQAov9HxapiYtoAUebNdGU6hFz7G
-3F6Jtpg5d34/AW1ntmgxHryNn5dJp/fmc3eyndMLQRJhDIksc/6Tmp0jUs6DhxE5
-5BmdAPVsAPhYfr3ylOoOP21wtmaH4MeRtBYuBsdvLgyiIXMWrliQnJa+12ovdqMX
-+9KJJLWJm81IH6O2kEZ7HmoWkY6XXYpJZqw3c8FukuUoFQQk2mJ4u2yncq4oFQSn
-uu5G4UL8o3blhkY1pK8WmuzUiafyJjjlwBcsBkk47BuKbyQCquOXl/O+lzteJMEZ
-Z83ZANWQb7g1vhIVvse5qLZ9Osa68TJFDaHWcmIyFutbyfdAJy4XEGawf1Fq
------END CERTIFICATE-----
diff --git a/samples/net/wifi/test_certs/rsa3k/server-key.pem b/samples/net/wifi/test_certs/server-key.pem
similarity index 100%
rename from samples/net/wifi/test_certs/rsa3k/server-key.pem
rename to samples/net/wifi/test_certs/server-key.pem
diff --git a/samples/net/wifi/test_certs/rsa3k/server.pem b/samples/net/wifi/test_certs/server.pem
similarity index 100%
rename from samples/net/wifi/test_certs/rsa3k/server.pem
rename to samples/net/wifi/test_certs/server.pem
diff --git a/subsys/net/l2/wifi/CMakeLists.txt b/subsys/net/l2/wifi/CMakeLists.txt
index e1e9606bfd2..6cf0183e141 100644
--- a/subsys/net/l2/wifi/CMakeLists.txt
+++ b/subsys/net/l2/wifi/CMakeLists.txt
@@ -27,9 +27,6 @@ if(CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE AND CONFIG_NET_L2_WIFI_SHELL)
   # Wi-Fi Enterprise test certificates handling
   set(gen_inc_dir ${ZEPHYR_BINARY_DIR}/misc/generated)
   set(gen_dir ${gen_inc_dir}/wifi_enterprise_test_certs)
-  if(NOT DEFINED WIFI_TEST_CERTS_DIR)
-    set(WIFI_TEST_CERTS_DIR ${ZEPHYR_BASE}/samples/net/wifi/test_certs/rsa3k)
-  endif()
   # Create output directory for test certs
   file(MAKE_DIRECTORY ${gen_dir})
 
@@ -37,14 +34,14 @@ if(CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE AND CONFIG_NET_L2_WIFI_SHELL)
   zephyr_include_directories(${gen_inc_dir})
 
   foreach(cert_file IN ITEMS
-      ${WIFI_TEST_CERTS_DIR}/client.pem
-      ${WIFI_TEST_CERTS_DIR}/client-key.pem
-      ${WIFI_TEST_CERTS_DIR}/ca.pem
-      ${WIFI_TEST_CERTS_DIR}/client2.pem
-      ${WIFI_TEST_CERTS_DIR}/client-key2.pem
-      ${WIFI_TEST_CERTS_DIR}/ca2.pem
-      ${WIFI_TEST_CERTS_DIR}/server.pem
-      ${WIFI_TEST_CERTS_DIR}/server-key.pem
+      ${ZEPHYR_BASE}/samples/net/wifi/test_certs/client.pem
+      ${ZEPHYR_BASE}/samples/net/wifi/test_certs/client-key.pem
+      ${ZEPHYR_BASE}/samples/net/wifi/test_certs/ca.pem
+      ${ZEPHYR_BASE}/samples/net/wifi/test_certs/client2.pem
+      ${ZEPHYR_BASE}/samples/net/wifi/test_certs/client-key2.pem
+      ${ZEPHYR_BASE}/samples/net/wifi/test_certs/ca2.pem
+      ${ZEPHYR_BASE}/samples/net/wifi/test_certs/server.pem
+      ${ZEPHYR_BASE}/samples/net/wifi/test_certs/server-key.pem
       )
     if(EXISTS ${cert_file})
       get_filename_component(cert_name ${cert_file} NAME)

From 7a62c1020a40de0598adc2083718950809b2ed69 Mon Sep 17 00:00:00 2001
From: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Date: Tue, 15 Apr 2025 23:52:24 +0530
Subject: [PATCH 04/14] Revert "[nrf fromlist] samples: net: wifi: Add a script
 to install certs"

This reverts commit 6f71dc6b39e971742db8bb8d783d2768a1ce4107.

Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
(cherry picked from commit dc70900511b430ab789e4e976fb6b1e51cf2e816)
---
 doc/connectivity/networking/api/wifi.rst     |   8 --
 samples/net/wifi/test_certs/install_certs.py | 130 -------------------
 2 files changed, 138 deletions(-)
 delete mode 100755 samples/net/wifi/test_certs/install_certs.py

diff --git a/doc/connectivity/networking/api/wifi.rst b/doc/connectivity/networking/api/wifi.rst
index 3a4efff9821..a86798eeafd 100644
--- a/doc/connectivity/networking/api/wifi.rst
+++ b/doc/connectivity/networking/api/wifi.rst
@@ -58,14 +58,6 @@ Run time certificates
 The Wi-Fi shell module uses TLS credentials subsystem to store and manage the certificates. The certificates can be added at runtime using the shell commands, see :ref:`tls_credentials_shell` for more details.
 The sample or application need to enable the :kconfig:option:`CONFIG_WIFI_SHELL_RUNTIME_CERTIFICATES` option to use this feature.
 
-To facilitate installation of the certificates, a helper script is provided in the ``samples/net/wifi/test_certs`` directory. The script can be used to install the certificates at runtime.
-
-.. code-block:: bash
-
-    $ samples/net/wifi/test_certs/install_certs.py -p samples/net/wifi/test_certs/rsa2k
-
-The script will install the certificates in the ``rsa2k`` directory to the TLS credentials store in the device over UART and using TLS credentials shell commands.
-
 
 To initiate Wi-Fi connection, the following command can be used:
 
diff --git a/samples/net/wifi/test_certs/install_certs.py b/samples/net/wifi/test_certs/install_certs.py
deleted file mode 100755
index 41e8b1e8839..00000000000
--- a/samples/net/wifi/test_certs/install_certs.py
+++ /dev/null
@@ -1,130 +0,0 @@
-#!/usr/bin/env python3
-# Copyright (c) 2025, Nordic Semiconductor ASA
-# SPDX-License-Identifier: Apache-2.0
-
-import argparse
-import os
-import signal
-import subprocess
-import sys
-from importlib.metadata import PackageNotFoundError, version
-
-from packaging.version import parse as parse_version
-
-
-def signal_handler(sig, frame):
-    print('\nScript terminated by user')
-    sys.exit(0)
-
-
-def check_requirements():
-    try:
-        installed_version = version('nrfcloud-utils')
-        min_required_version = "1.0.4"
-        if parse_version(installed_version) < parse_version(min_required_version):
-            print(
-                f"\033[31mError: device_credentials_installer >= {min_required_version} required. "
-                f"Installed: {installed_version}.\033[0m"
-            )
-            print("Update: pip3 install --upgrade nrfcloud-utils")
-            sys.exit(1)
-    except PackageNotFoundError:
-        print("\033[31mError: device_credentials_installer could not be found.\033[0m")
-        print("Please install it using: pip3 install nrfcloud-utils")
-        sys.exit(1)
-
-
-def main():
-    signal.signal(signal.SIGINT, signal_handler)
-    parser = argparse.ArgumentParser(description='Install Wi-Fi certificates', allow_abbrev=False)
-    parser.add_argument('--path', required=True, help='Path to certificate files')
-    parser.add_argument(
-        '--serial-device', default='/dev/ttyACM1', help='Serial port device (default: /dev/ttyACM1)'
-    )
-    parser.add_argument(
-        '--operation-mode',
-        choices=['AP', 'STA'],
-        default='STA',
-        help='Operation mode: AP or STA (default: STA)',
-    )
-    args = parser.parse_args()
-
-    cert_path = args.path
-    cert_path = args.path
-    port = args.serial_device
-    mode = args.operation_mode
-    if not os.path.isdir(cert_path):
-        print(f"\033[31mError: Directory {cert_path} does not exist.\033[0m")
-        sys.exit(1)
-
-    print(
-        "\033[33mWarning: Please make sure that the UART is not being used by another "
-        "application.\033[0m"
-    )
-    input("Press Enter to continue or Ctrl+C to exit...")
-
-    check_requirements()
-
-    # TLS credential types
-    TLS_CREDENTIAL_CA_CERTIFICATE = 0
-    TLS_CREDENTIAL_PUBLIC_CERTIFICATE = 1
-    TLS_CREDENTIAL_PRIVATE_KEY = 2
-
-    WIFI_CERT_SEC_TAG_BASE = 0x1020001
-    WIFI_CERT_SEC_TAG_MAP = {
-        "ca.pem": (TLS_CREDENTIAL_CA_CERTIFICATE, WIFI_CERT_SEC_TAG_BASE),
-        "client-key.pem": (TLS_CREDENTIAL_PRIVATE_KEY, WIFI_CERT_SEC_TAG_BASE + 1),
-        "server-key.pem": (TLS_CREDENTIAL_PRIVATE_KEY, WIFI_CERT_SEC_TAG_BASE + 2),
-        "client.pem": (TLS_CREDENTIAL_PUBLIC_CERTIFICATE, WIFI_CERT_SEC_TAG_BASE + 3),
-        "server.pem": (TLS_CREDENTIAL_PUBLIC_CERTIFICATE, WIFI_CERT_SEC_TAG_BASE + 4),
-        "ca2.pem": (TLS_CREDENTIAL_CA_CERTIFICATE, WIFI_CERT_SEC_TAG_BASE + 5),
-        "client-key2.pem": (TLS_CREDENTIAL_PRIVATE_KEY, WIFI_CERT_SEC_TAG_BASE + 6),
-        "client2.pem": (TLS_CREDENTIAL_PUBLIC_CERTIFICATE, WIFI_CERT_SEC_TAG_BASE + 7),
-    }
-
-    cert_files = (
-        ["ca.pem", "server-key.pem", "server.pem"]
-        if mode == "AP"
-        else ["ca.pem", "client-key.pem", "client.pem", "ca2.pem", "client-key2.pem", "client2.pem"]
-    )
-
-    total_certs = len(cert_files)
-    for idx, cert in enumerate(cert_files, 1):
-        print(f"Processing certificate {idx} of {total_certs}: {cert}")
-
-        cert_file_path = os.path.join(cert_path, cert)
-        if not os.path.isfile(cert_file_path):
-            print(
-                f"\033[31mWarning: Certificate file {cert_file_path} does not exist. "
-                f"Skipping...\033[0m"
-            )
-            continue
-
-        cert_type, sec_tag = WIFI_CERT_SEC_TAG_MAP[cert]
-        try:
-            subprocess.run(
-                [
-                    "device_credentials_installer",
-                    "--local-cert-file",
-                    cert_file_path,
-                    "--cmd-type",
-                    "tls_cred_shell",
-                    "--delete",
-                    "--port",
-                    port,
-                    "-S",
-                    str(sec_tag),
-                    "--cert-type",
-                    str(cert_type),
-                ],
-                check=True,
-            )
-            print(f"Successfully installed {cert}.")
-        except subprocess.CalledProcessError:
-            print(f"\033[31mFailed to install {cert}.\033[0m")
-
-    print("Certificate installation process completed.")
-
-
-if __name__ == "__main__":
-    main()

From 52284ce4952b8b5469f3e687eaea57ee3c85a02e Mon Sep 17 00:00:00 2001
From: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Date: Wed, 16 Apr 2025 00:02:18 +0530
Subject: [PATCH 05/14] Revert "[nrf fromlist] net: lib: tls_credentials_shell:
 Fix crash during delete"

This reverts commit e3a891b96bda2fb8275bdc1a0c09de48f8e9e855.

Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
(cherry picked from commit 409d6e77483cace3f88cbdbf6e57d518f0bc408e)
---
 subsys/net/lib/tls_credentials/tls_credentials_shell.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/subsys/net/lib/tls_credentials/tls_credentials_shell.c b/subsys/net/lib/tls_credentials/tls_credentials_shell.c
index 3966af10186..d0175d6adb6 100644
--- a/subsys/net/lib/tls_credentials/tls_credentials_shell.c
+++ b/subsys/net/lib/tls_credentials/tls_credentials_shell.c
@@ -564,8 +564,8 @@ static int tls_cred_cmd_del(const struct shell *sh, size_t argc, char *argv[])
 	ref_slot = find_ref_slot(cred->buf);
 	if (ref_slot >= 0) {
 		/* This was a credential we copied to heap. Clear and free it. */
-		memset(&cred_refs[ref_slot], 0, cred->len);
-		k_free((void *)&cred_refs[ref_slot]);
+		memset((void *)cred_buf, 0, cred->len);
+		k_free((void *)cred_buf);
 		cred->buf = NULL;
 
 		/* Clear the reference slot so it can be used again. */

From d67627f207364191df50eb56d4f241f7863779a3 Mon Sep 17 00:00:00 2001
From: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Date: Thu, 27 Mar 2025 01:11:59 +0530
Subject: [PATCH 06/14] [nrf fromlist] net: lib: tls_credentials_shell: Fix
 crash during delete

Deletion of credential should use the pointer from the reference slot
not the temporary buffer, this causes a crash (unknown error).

Upstream PR #: 87656

Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
(cherry picked from commit 60d9aa770779f561dcbb7b0a639c928c858eb8e4)
---
 subsys/net/lib/tls_credentials/tls_credentials_shell.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/subsys/net/lib/tls_credentials/tls_credentials_shell.c b/subsys/net/lib/tls_credentials/tls_credentials_shell.c
index d0175d6adb6..78b279840a4 100644
--- a/subsys/net/lib/tls_credentials/tls_credentials_shell.c
+++ b/subsys/net/lib/tls_credentials/tls_credentials_shell.c
@@ -564,8 +564,8 @@ static int tls_cred_cmd_del(const struct shell *sh, size_t argc, char *argv[])
 	ref_slot = find_ref_slot(cred->buf);
 	if (ref_slot >= 0) {
 		/* This was a credential we copied to heap. Clear and free it. */
-		memset((void *)cred_buf, 0, cred->len);
-		k_free((void *)cred_buf);
+		memset(&cred_refs[ref_slot], 0, cred->len);
+		k_free((void *)cred_refs[ref_slot]);
 		cred->buf = NULL;
 
 		/* Clear the reference slot so it can be used again. */

From 6dff877f4cee56442d138e3cb2ee58c111c3bd15 Mon Sep 17 00:00:00 2001
From: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Date: Tue, 25 Mar 2025 22:29:25 +0530
Subject: [PATCH 07/14] [nrf fromlist] samples: net: wifi: Add a script to
 install certs

For enterprise mode we need to install multiple certs to the TLS
credentials store, so, add a helper script in python to make it work
cross-platforms.

Upstream PR #: 88682

Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
(cherry picked from commit 62a0c4b8dfa9e5060c737bfd6def95a693f9a320)
---
 doc/connectivity/networking/api/wifi.rst |   8 ++
 scripts/utils/wifi_ent_cert_installer.py | 110 +++++++++++++++++++++++
 2 files changed, 118 insertions(+)
 create mode 100755 scripts/utils/wifi_ent_cert_installer.py

diff --git a/doc/connectivity/networking/api/wifi.rst b/doc/connectivity/networking/api/wifi.rst
index a86798eeafd..7e7d435a9d3 100644
--- a/doc/connectivity/networking/api/wifi.rst
+++ b/doc/connectivity/networking/api/wifi.rst
@@ -58,6 +58,14 @@ Run time certificates
 The Wi-Fi shell module uses TLS credentials subsystem to store and manage the certificates. The certificates can be added at runtime using the shell commands, see :ref:`tls_credentials_shell` for more details.
 The sample or application need to enable the :kconfig:option:`CONFIG_WIFI_SHELL_RUNTIME_CERTIFICATES` option to use this feature.
 
+To facilitate installation of the certificates, a helper script is provided in the ``samples/net/wifi/test_certs`` directory. The script can be used to install the certificates at runtime.
+
+.. code-block:: bash
+
+    $ ./scripts/utils/wifi_ent_cert_installer.py -p samples/net/wifi/test_certs/rsa2k
+
+The script will install the certificates in the ``rsa2k`` directory to the TLS credentials store in the device over UART and using TLS credentials shell commands.
+
 
 To initiate Wi-Fi connection, the following command can be used:
 
diff --git a/scripts/utils/wifi_ent_cert_installer.py b/scripts/utils/wifi_ent_cert_installer.py
new file mode 100755
index 00000000000..537a057cf02
--- /dev/null
+++ b/scripts/utils/wifi_ent_cert_installer.py
@@ -0,0 +1,110 @@
+#!/usr/bin/env python3
+# Copyright (c) 2025, Nordic Semiconductor ASA
+# SPDX-License-Identifier: Apache-2.0
+
+import argparse
+import logging
+import os
+import signal
+import subprocess
+import sys
+
+
+def signal_handler(sig, frame):
+    logger.info('Script terminated by user')
+    sys.exit(0)
+
+
+def main():
+    signal.signal(signal.SIGINT, signal_handler)
+    parser = argparse.ArgumentParser(description='Install Wi-Fi certificates', allow_abbrev=False)
+    parser.add_argument('--path', required=True, help='Path to certificate files')
+    parser.add_argument(
+        '--serial-device', default='/dev/ttyACM1', help='Serial port device (default: /dev/ttyACM1)'
+    )
+    parser.add_argument(
+        '--operation-mode',
+        choices=['AP', 'STA'],
+        default='STA',
+        help='Operation mode: AP or STA (default: STA)',
+    )
+    parser.add_argument('-v', '--verbose', action='store_true', help='Enable verbose output')
+    args = parser.parse_args()
+
+    # Configure logging
+    log_level = logging.DEBUG if args.verbose else logging.INFO
+    logging.basicConfig(level=log_level, format='%(asctime)s - %(levelname)s - %(message)s')
+    global logger
+    logger = logging.getLogger(__name__)
+
+    cert_path = args.path
+    port = args.serial_device
+    mode = args.operation_mode
+    if not os.path.isdir(cert_path):
+        logger.error(f"Directory {cert_path} does not exist.")
+        sys.exit(1)
+
+    logger.warning(
+        "Please make sure that the Serial port is not being used by another application."
+    )
+    input("Press Enter to continue or Ctrl+C to exit...")
+
+    # TLS credential types
+    TLS_CREDENTIAL_CA_CERTIFICATE = 0
+    TLS_CREDENTIAL_PUBLIC_CERTIFICATE = 1
+    TLS_CREDENTIAL_PRIVATE_KEY = 2
+
+    WIFI_CERT_SEC_TAG_BASE = 0x1020001
+    WIFI_CERT_SEC_TAG_MAP = {
+        "ca.pem": (TLS_CREDENTIAL_CA_CERTIFICATE, WIFI_CERT_SEC_TAG_BASE),
+        "client-key.pem": (TLS_CREDENTIAL_PRIVATE_KEY, WIFI_CERT_SEC_TAG_BASE + 1),
+        "server-key.pem": (TLS_CREDENTIAL_PRIVATE_KEY, WIFI_CERT_SEC_TAG_BASE + 2),
+        "client.pem": (TLS_CREDENTIAL_PUBLIC_CERTIFICATE, WIFI_CERT_SEC_TAG_BASE + 3),
+        "server.pem": (TLS_CREDENTIAL_PUBLIC_CERTIFICATE, WIFI_CERT_SEC_TAG_BASE + 4),
+        "ca2.pem": (TLS_CREDENTIAL_CA_CERTIFICATE, WIFI_CERT_SEC_TAG_BASE + 5),
+        "client-key2.pem": (TLS_CREDENTIAL_PRIVATE_KEY, WIFI_CERT_SEC_TAG_BASE + 6),
+        "client2.pem": (TLS_CREDENTIAL_PUBLIC_CERTIFICATE, WIFI_CERT_SEC_TAG_BASE + 7),
+    }
+
+    cert_files = (
+        ["ca.pem", "server-key.pem", "server.pem"]
+        if mode == "AP"
+        else ["ca.pem", "client-key.pem", "client.pem", "ca2.pem", "client-key2.pem", "client2.pem"]
+    )
+
+    total_certs = len(cert_files)
+    for idx, cert in enumerate(cert_files, 1):
+        logger.info(f"Processing certificate {idx} of {total_certs}: {cert}")
+
+        cert_file_path = os.path.join(cert_path, cert)
+        if not os.path.isfile(cert_file_path):
+            logger.warning(f"Certificate file {cert_file_path} does not exist. Skipping...")
+            continue
+
+        cert_type, sec_tag = WIFI_CERT_SEC_TAG_MAP[cert]
+        try:
+            command = [
+                "./scripts/utils/tls_creds_installer.py",
+                "-p",
+                port,
+                "-l",
+                cert_file_path,
+                "-d",
+                "-t",
+                str(cert_type),
+                "-S",
+                str(sec_tag),
+            ]
+            if args.verbose:
+                command.append("-v")
+
+            subprocess.run(command, check=True)
+            logger.info(f"Successfully installed {cert}.")
+        except subprocess.CalledProcessError:
+            logger.error(f"Failed to install {cert}.")
+
+    logger.info("Certificate installation process completed.")
+
+
+if __name__ == "__main__":
+    main()

From 5e7b36549522fa432f7fc451c039f3073e5f6cd2 Mon Sep 17 00:00:00 2001
From: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Date: Wed, 16 Apr 2025 00:26:24 +0530
Subject: [PATCH 08/14] [nrf fromlist] boards: nordic: nrf7002dk: Fix LFXO
 configuration

Commit 6a2cbc7c875 ("boards: nrf53*: add L|HFXO configurations") missed
the fix for nRF7002DK which is also based on nRF53 SoC.

Upstream PR #: 88680

Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Signed-off-by: Aleksandar Stanoev <aleksandar.stanoev@nordicsemi.no>
(cherry picked from commit dcdbbd60c0264090d9d6d6cadd70aaddb9ce7219)
---
 boards/nordic/nrf7002dk/nrf5340_cpuapp_common.dtsi | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/boards/nordic/nrf7002dk/nrf5340_cpuapp_common.dtsi b/boards/nordic/nrf7002dk/nrf5340_cpuapp_common.dtsi
index 8a54d6da416..f0c0f082d99 100644
--- a/boards/nordic/nrf7002dk/nrf5340_cpuapp_common.dtsi
+++ b/boards/nordic/nrf7002dk/nrf5340_cpuapp_common.dtsi
@@ -134,6 +134,11 @@
 	status = "okay";
 };
 
+&lfxo {
+	load-capacitors = "internal";
+	load-capacitance-picofarad = <7>;
+};
+
 &adc {
 	status = "okay";
 };

From 95c88b91dd0348126b67d8d277d1d4fac3c98418 Mon Sep 17 00:00:00 2001
From: Kapil Bhatt <kapil.bhatt@nordicsemi.no>
Date: Tue, 15 Apr 2025 21:32:41 +0530
Subject: [PATCH 09/14] [nrf fromlist] net: lib: Correct the wifi_cred command

Change wifi_cred to wifi cred.

Upstream PR #: 88674

Signed-off-by: Kapil Bhatt <kapil.bhatt@nordicsemi.no>
(cherry picked from commit 0f0ac07c55f7f3ee6cedd520fe6db8a389a631d7)
---
 subsys/net/lib/wifi_credentials/wifi_credentials_shell.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/subsys/net/lib/wifi_credentials/wifi_credentials_shell.c b/subsys/net/lib/wifi_credentials/wifi_credentials_shell.c
index 0e37046e494..23e0373b66e 100644
--- a/subsys/net/lib/wifi_credentials/wifi_credentials_shell.c
+++ b/subsys/net/lib/wifi_credentials/wifi_credentials_shell.c
@@ -272,7 +272,7 @@ static int cmd_add_network(const struct shell *sh, size_t argc, char *argv[])
 static int cmd_delete_network(const struct shell *sh, size_t argc, char *argv[])
 {
 	if (argc != 2) {
-		shell_print(sh, "Usage: wifi_cred delete \"network name\"");
+		shell_print(sh, "Usage: wifi cred delete \"network name\"");
 		return -EINVAL;
 	}
 

From d7a1cac10217a821e81024136d48a642aecc627f Mon Sep 17 00:00:00 2001
From: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Date: Wed, 16 Apr 2025 17:58:22 +0530
Subject: [PATCH 10/14] Revert "[nrf fromlist] snippets: wifi-enterprise: Add
 support for TLS credentials"

This reverts commit 8e325a5b0dba9e98f5d6f5fad6309c84e2e8fb28.

Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
---
 snippets/wifi-enterprise/wifi-enterprise.conf | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/snippets/wifi-enterprise/wifi-enterprise.conf b/snippets/wifi-enterprise/wifi-enterprise.conf
index 5cc0646d518..d6aeb00c81b 100644
--- a/snippets/wifi-enterprise/wifi-enterprise.conf
+++ b/snippets/wifi-enterprise/wifi-enterprise.conf
@@ -6,11 +6,3 @@ CONFIG_NET_BUF_VARIABLE_DATA_SIZE=y
 # for MbedTLS gives us more control over the heap size.
 CONFIG_MBEDTLS_ENABLE_HEAP=y
 CONFIG_MBEDTLS_HEAP_SIZE=60000
-
-# For use with TLS credentials
-CONFIG_TLS_CREDENTIALS_SHELL=y
-CONFIG_BASE64=y
-CONFIG_TLS_CREDENTIALS=y
-CONFIG_TLS_CREDENTIALS_SHELL_CRED_BUF_SIZE=8192
-CONFIG_TLS_MAX_CREDENTIALS_NUMBER=6
-CONFIG_HEAP_MEM_POOL_ADD_SIZE_TLS_CRED_SHELL=9000

From ccc1153becd0db0e6584e8086a1379d91d7603fa Mon Sep 17 00:00:00 2001
From: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Date: Wed, 16 Apr 2025 17:58:32 +0530
Subject: [PATCH 11/14] Revert "[nrf fromlist] wifi: Move Wi-Fi enterprise
 configs to a snippet"

This reverts commit e34be782f84110d5dad1f4607b926002859bcd4d.

Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
---
 doc/connectivity/networking/api/wifi.rst      |  9 +++++-
 .../overlay-enterprise-variable-bufs.conf     |  5 +--
 .../net/wifi/shell/overlay-enterprise.conf    | 10 ++++++
 snippets/wifi-enterprise/README.rst           | 31 -------------------
 snippets/wifi-enterprise/snippet.yml          |  3 --
 5 files changed, 21 insertions(+), 37 deletions(-)
 rename snippets/wifi-enterprise/wifi-enterprise.conf => samples/net/wifi/shell/overlay-enterprise-variable-bufs.conf (70%)
 create mode 100644 samples/net/wifi/shell/overlay-enterprise.conf
 delete mode 100644 snippets/wifi-enterprise/README.rst
 delete mode 100644 snippets/wifi-enterprise/snippet.yml

diff --git a/doc/connectivity/networking/api/wifi.rst b/doc/connectivity/networking/api/wifi.rst
index 7e7d435a9d3..80e0830788e 100644
--- a/doc/connectivity/networking/api/wifi.rst
+++ b/doc/connectivity/networking/api/wifi.rst
@@ -50,7 +50,14 @@ module.
     $ cp client2.pem samples/net/wifi/test_certs/
     $ cp client-key2.pem samples/net/wifi/test_certs/
     $ cp ca2.pem samples/net/wifi/test_certs/
-    $ west build -p -b <board> samples/net/wifi -S wifi-enterprise
+    $ west build -p -b <board> samples/net/wifi -- -DEXTRA_CONF_FILE=overlay-enterprise.conf
+
+For using variable size network buffer, the following overlay file can be used:
+
+.. code-block:: bash
+
+    $ west build -p -b <board> samples/net/wifi -- -DEXTRA_CONF_FILE=overlay-enterprise-variable-bufs.conf
+
 
 Run time certificates
 ---------------------
diff --git a/snippets/wifi-enterprise/wifi-enterprise.conf b/samples/net/wifi/shell/overlay-enterprise-variable-bufs.conf
similarity index 70%
rename from snippets/wifi-enterprise/wifi-enterprise.conf
rename to samples/net/wifi/shell/overlay-enterprise-variable-bufs.conf
index d6aeb00c81b..627d77a9247 100644
--- a/snippets/wifi-enterprise/wifi-enterprise.conf
+++ b/samples/net/wifi/shell/overlay-enterprise-variable-bufs.conf
@@ -1,8 +1,9 @@
-# Enable Wi-Fi enterprise mode
 CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE=y
+# EAP frames are ~1100 bytes, so, for efficiency, we set the data size to 1100
+CONFIG_NET_BUF_DATA_SIZE=1100
 # Use variable data size to reduce memory usage for small data packets
 CONFIG_NET_BUF_VARIABLE_DATA_SIZE=y
 # For TLS and X.509 processing MbedTLS needs large heap size and using separate heap
 # for MbedTLS gives us more control over the heap size.
 CONFIG_MBEDTLS_ENABLE_HEAP=y
-CONFIG_MBEDTLS_HEAP_SIZE=60000
+CONFIG_MBEDTLS_HEAP_SIZE=55000
diff --git a/samples/net/wifi/shell/overlay-enterprise.conf b/samples/net/wifi/shell/overlay-enterprise.conf
new file mode 100644
index 00000000000..5290e31744b
--- /dev/null
+++ b/samples/net/wifi/shell/overlay-enterprise.conf
@@ -0,0 +1,10 @@
+CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE=y
+# EAP frames are ~1100 bytes, so, need higher packet counts as default packet size is 128
+CONFIG_NET_PKT_TX_COUNT=36
+CONFIG_NET_PKT_RX_COUNT=36
+CONFIG_NET_BUF_TX_COUNT=72
+CONFIG_NET_BUF_RX_COUNT=36
+# For TLS and X.509 processing MbedTLS needs large heap size and using separate heap
+# for MbedTLS gives us more control over the heap size.
+CONFIG_MBEDTLS_ENABLE_HEAP=y
+CONFIG_MBEDTLS_HEAP_SIZE=60000
diff --git a/snippets/wifi-enterprise/README.rst b/snippets/wifi-enterprise/README.rst
deleted file mode 100644
index ddf512b5835..00000000000
--- a/snippets/wifi-enterprise/README.rst
+++ /dev/null
@@ -1,31 +0,0 @@
-.. _snippet-wifi-enterprise:
-
-Wi-Fi Enterprise Snippet (wifi-enterprise)
-##########################################
-
-.. code-block:: console
-
-   west build  -S wifi-enterprise [...]
-
-Can also be used along with the :ref:`snippet-wifi-ipv4` snippet.
-
-.. code-block:: console
-
-   west build  -S "wifi-enterprise,wifi-ipv4" [...]
-
-Overview
-********
-
-This snippet enables enterprise Wi-Fi support in supported networking samples.
-
-See :ref:`wifi_mgmt` for more information on the usage.
-
-Requirements
-************
-
-Hardware support for:
-
-- :kconfig:option:`CONFIG_WIFI`
-- :kconfig:option:`CONFIG_WIFI_USE_NATIVE_NETWORKING`
-- :kconfig:option:`CONFIG_WIFI_NM_WPA_SUPPLICANT`
-- :kconfig:option:`CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE`
diff --git a/snippets/wifi-enterprise/snippet.yml b/snippets/wifi-enterprise/snippet.yml
deleted file mode 100644
index 6a4f73d38b4..00000000000
--- a/snippets/wifi-enterprise/snippet.yml
+++ /dev/null
@@ -1,3 +0,0 @@
-name: wifi-enterprise
-append:
-  EXTRA_CONF_FILE: wifi-enterprise.conf

From 68a61c35c77e12de840ae44b14201f6d5d7d774b Mon Sep 17 00:00:00 2001
From: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Date: Wed, 26 Mar 2025 00:10:17 +0530
Subject: [PATCH 12/14] [nrf fromlist] wifi: Move Wi-Fi enterprise configs to a
 snippet

Instead of having an overlay move the Enterprise configurations to a
dedicated snippet so that it can be enabled with any sample.

Can be used along with Wi-Fi snippet e.g., `-S
"wifi-ipv4;wifi-enterprise"`.

Upstream PR #: 87656

Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
---
 doc/connectivity/networking/api/wifi.rst      |  9 +-----
 .../net/wifi/shell/overlay-enterprise.conf    | 10 ------
 snippets/wifi-enterprise/README.rst           | 31 +++++++++++++++++++
 snippets/wifi-enterprise/snippet.yml          |  3 ++
 .../wifi-enterprise/wifi-enterprise.conf      |  5 ++-
 5 files changed, 37 insertions(+), 21 deletions(-)
 delete mode 100644 samples/net/wifi/shell/overlay-enterprise.conf
 create mode 100644 snippets/wifi-enterprise/README.rst
 create mode 100644 snippets/wifi-enterprise/snippet.yml
 rename samples/net/wifi/shell/overlay-enterprise-variable-bufs.conf => snippets/wifi-enterprise/wifi-enterprise.conf (70%)

diff --git a/doc/connectivity/networking/api/wifi.rst b/doc/connectivity/networking/api/wifi.rst
index 80e0830788e..7e7d435a9d3 100644
--- a/doc/connectivity/networking/api/wifi.rst
+++ b/doc/connectivity/networking/api/wifi.rst
@@ -50,14 +50,7 @@ module.
     $ cp client2.pem samples/net/wifi/test_certs/
     $ cp client-key2.pem samples/net/wifi/test_certs/
     $ cp ca2.pem samples/net/wifi/test_certs/
-    $ west build -p -b <board> samples/net/wifi -- -DEXTRA_CONF_FILE=overlay-enterprise.conf
-
-For using variable size network buffer, the following overlay file can be used:
-
-.. code-block:: bash
-
-    $ west build -p -b <board> samples/net/wifi -- -DEXTRA_CONF_FILE=overlay-enterprise-variable-bufs.conf
-
+    $ west build -p -b <board> samples/net/wifi -S wifi-enterprise
 
 Run time certificates
 ---------------------
diff --git a/samples/net/wifi/shell/overlay-enterprise.conf b/samples/net/wifi/shell/overlay-enterprise.conf
deleted file mode 100644
index 5290e31744b..00000000000
--- a/samples/net/wifi/shell/overlay-enterprise.conf
+++ /dev/null
@@ -1,10 +0,0 @@
-CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE=y
-# EAP frames are ~1100 bytes, so, need higher packet counts as default packet size is 128
-CONFIG_NET_PKT_TX_COUNT=36
-CONFIG_NET_PKT_RX_COUNT=36
-CONFIG_NET_BUF_TX_COUNT=72
-CONFIG_NET_BUF_RX_COUNT=36
-# For TLS and X.509 processing MbedTLS needs large heap size and using separate heap
-# for MbedTLS gives us more control over the heap size.
-CONFIG_MBEDTLS_ENABLE_HEAP=y
-CONFIG_MBEDTLS_HEAP_SIZE=60000
diff --git a/snippets/wifi-enterprise/README.rst b/snippets/wifi-enterprise/README.rst
new file mode 100644
index 00000000000..ddf512b5835
--- /dev/null
+++ b/snippets/wifi-enterprise/README.rst
@@ -0,0 +1,31 @@
+.. _snippet-wifi-enterprise:
+
+Wi-Fi Enterprise Snippet (wifi-enterprise)
+##########################################
+
+.. code-block:: console
+
+   west build  -S wifi-enterprise [...]
+
+Can also be used along with the :ref:`snippet-wifi-ipv4` snippet.
+
+.. code-block:: console
+
+   west build  -S "wifi-enterprise,wifi-ipv4" [...]
+
+Overview
+********
+
+This snippet enables enterprise Wi-Fi support in supported networking samples.
+
+See :ref:`wifi_mgmt` for more information on the usage.
+
+Requirements
+************
+
+Hardware support for:
+
+- :kconfig:option:`CONFIG_WIFI`
+- :kconfig:option:`CONFIG_WIFI_USE_NATIVE_NETWORKING`
+- :kconfig:option:`CONFIG_WIFI_NM_WPA_SUPPLICANT`
+- :kconfig:option:`CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE`
diff --git a/snippets/wifi-enterprise/snippet.yml b/snippets/wifi-enterprise/snippet.yml
new file mode 100644
index 00000000000..6a4f73d38b4
--- /dev/null
+++ b/snippets/wifi-enterprise/snippet.yml
@@ -0,0 +1,3 @@
+name: wifi-enterprise
+append:
+  EXTRA_CONF_FILE: wifi-enterprise.conf
diff --git a/samples/net/wifi/shell/overlay-enterprise-variable-bufs.conf b/snippets/wifi-enterprise/wifi-enterprise.conf
similarity index 70%
rename from samples/net/wifi/shell/overlay-enterprise-variable-bufs.conf
rename to snippets/wifi-enterprise/wifi-enterprise.conf
index 627d77a9247..250e6461155 100644
--- a/samples/net/wifi/shell/overlay-enterprise-variable-bufs.conf
+++ b/snippets/wifi-enterprise/wifi-enterprise.conf
@@ -1,9 +1,8 @@
+# Enable Wi-Fi enterprise mode
 CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE=y
-# EAP frames are ~1100 bytes, so, for efficiency, we set the data size to 1100
-CONFIG_NET_BUF_DATA_SIZE=1100
 # Use variable data size to reduce memory usage for small data packets
 CONFIG_NET_BUF_VARIABLE_DATA_SIZE=y
 # For TLS and X.509 processing MbedTLS needs large heap size and using separate heap
 # for MbedTLS gives us more control over the heap size.
 CONFIG_MBEDTLS_ENABLE_HEAP=y
-CONFIG_MBEDTLS_HEAP_SIZE=55000
+CONFIG_MBEDTLS_HEAP_SIZE=70000

From d2377e91a9214bcb4364c3103bba68fb3788d95f Mon Sep 17 00:00:00 2001
From: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
Date: Wed, 26 Mar 2025 00:15:22 +0530
Subject: [PATCH 13/14] [nrf fromlist] snippets: wifi-enterprise: Add support
 for TLS credentials

Enable TLS credentials shell to manager Wi-Fi enterprise certs.

Upstream PR #: 87656

Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
---
 snippets/wifi-enterprise/wifi-enterprise.conf | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/snippets/wifi-enterprise/wifi-enterprise.conf b/snippets/wifi-enterprise/wifi-enterprise.conf
index 250e6461155..cf7754989ba 100644
--- a/snippets/wifi-enterprise/wifi-enterprise.conf
+++ b/snippets/wifi-enterprise/wifi-enterprise.conf
@@ -6,3 +6,11 @@ CONFIG_NET_BUF_VARIABLE_DATA_SIZE=y
 # for MbedTLS gives us more control over the heap size.
 CONFIG_MBEDTLS_ENABLE_HEAP=y
 CONFIG_MBEDTLS_HEAP_SIZE=70000
+
+# For use with TLS credentials
+CONFIG_TLS_CREDENTIALS_SHELL=y
+CONFIG_BASE64=y
+CONFIG_TLS_CREDENTIALS=y
+CONFIG_TLS_CREDENTIALS_SHELL_CRED_BUF_SIZE=8192
+CONFIG_TLS_MAX_CREDENTIALS_NUMBER=6
+CONFIG_HEAP_MEM_POOL_ADD_SIZE_TLS_CRED_SHELL=9000

From 995d9f275f47568eb08527246b807690a2ba0386 Mon Sep 17 00:00:00 2001
From: Kapil Bhatt <kapil.bhatt@nordicsemi.no>
Date: Fri, 11 Apr 2025 14:40:32 +0530
Subject: [PATCH 14/14] [nrf fromlist] drivers: nrf_wifi: Add locally generated
 info

Add locally generated info for deauth process. If deauthentication
frame is coming from AP it will be set, in other cases
(Beacon loss, New connection from user in connected state,
disconnection from user) flag will not be set.

Upstream PR #: 88489

Signed-off-by: Kapil Bhatt <kapil.bhatt@nordicsemi.no>
---
 drivers/wifi/nrf_wifi/src/wpa_supp_if.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/drivers/wifi/nrf_wifi/src/wpa_supp_if.c b/drivers/wifi/nrf_wifi/src/wpa_supp_if.c
index 6dc3315a64c..d06f0792fa2 100644
--- a/drivers/wifi/nrf_wifi/src/wpa_supp_if.c
+++ b/drivers/wifi/nrf_wifi/src/wpa_supp_if.c
@@ -396,6 +396,10 @@ void nrf_wifi_wpa_supp_event_proc_deauth(void *if_priv,
 		event.deauth_info.ie_len = (frame + frame_len - mgmt->u.deauth.variable);
 	}
 
+	if (!(deauth->valid_fields & NRF_WIFI_EVENT_MLME_RXDEAUTH_FROM_AP)) {
+		event.deauth_info.locally_generated = 1;
+	}
+
 	if (vif_ctx_zep->supp_drv_if_ctx && vif_ctx_zep->supp_callbk_fns.deauth) {
 		vif_ctx_zep->supp_callbk_fns.deauth(vif_ctx_zep->supp_drv_if_ctx,
 			&event, mgmt);