esp_examples: Update WiFi enterprise example

Author: kapilkedawat

docs/en/api-guides/wifi.rst

@@ -1428,7 +1428,7 @@ For establishing a secure connection, AP and Station negotiate and agree on the
      - MSCHAP and MSCHAP-V2.
 
 
-Detailed information on creating certificates and how to run wpa2_enterprise example on {IDF_TARGET_NAME} can be found in :example:`wifi/wpa2_enterprise`.
+Detailed information on creating certificates and how to run wpa2_enterprise example on {IDF_TARGET_NAME} can be found in :example:`wifi/wifi_enterprise`.
 
 .. only:: esp32s2 or esp32c3
 

…ples/wifi/wpa2_enterprise/CMakeLists.txt …ples/wifi/wifi_enterprise/CMakeLists.txtexamples/wifi/wpa2_enterprise/CMakeLists.txt renamed to examples/wifi/wifi_enterprise/CMakeLists.txt examples/wifi/wpa2_enterprise/CMakeLists.txt renamed to examples/wifi/wifi_enterprise/CMakeLists.txt

@@ -1,6 +1,6 @@
 # WPA2 Enterprise Example
 
-This example shows how ESP32 connects to AP with wpa2 enterprise encryption. Example does the following steps:
+This example shows how ESP32 connects to AP with Wi-Fi enterprise encryption. The example does the following steps:
 
 1. Install CA certificate which is optional.
 2. Install client certificate and client key which is required in TLS method and optional in PEAP and TTLS methods.
@@ -9,12 +9,13 @@ This example shows how ESP32 connects to AP with wpa2 enterprise encryption. Exa
 5. Enable wpa2 enterprise.
 6. Connect to AP.
 
-*Note:* 1. The certificates currently are generated and are present in examples.wifi/wpa2_enterprise/main folder.
+*Note:* 1. The certificates currently are generated and are present in examples/wifi/wifi_enterprise/main folder.
         2. The expiration date of the certificates is 2027/06/05.
+        3. In case using suite-b, please use appropriate certificates such as RSA-3072 or p384 EC certificates.
 
 The steps to create new certificates are given below.
 
-## The file wpa2_ca.pem, wpa2_ca.key, wpa2_server.pem, wpa2_server.crt and wpa2_server.key can be used to configure AP with wpa2 enterprise encryption. 
+## The file ca.pem, ca.key, server.pem, server.crt and server.key can be used to configure AP with enterprise encryption.
 
 ## How to use Example
 
@@ -36,7 +37,7 @@ idf.py menuconfig
 idf.py -p PORT flash monitor
 ```
 
-## Steps to create wpa2_ent openssl certs
+## Steps to create enterprise openssl certs
 
 1. make directry tree
 
@@ -56,27 +57,27 @@ idf.py -p PORT flash monitor
       extendedKeyUsage = 1.3.6.1.5.5.7.3.1
 
 2. ca.pem: root certificate, foundation of certificate verigy
-  openssl req -new -x509 -keyout wpa2_ca.key -out wpa2_ca.pem
+  openssl req -new -x509 -keyout ca.key -out ca.pem
 
 3. generate rsa keys for client and server
-  openssl genrsa -out wpa2_client.key 2048
-  openssl genrsa -out wpa2_server.key 2048
+  openssl genrsa -out client.key 2048
+  openssl genrsa -out server.key 2048
 
 4. generate certificate signing req for both client and server
-  openssl req -new -key wpa2_client.key -out wpa2_client.csr
-  openssl req -new -key wpa2_server.key -out wpa2_server.csr
+  openssl req -new -key client.key -out client.csr
+  openssl req -new -key server.key -out server.csr
 
 5. create certs (.crt) for client nd server
-  openssl ca -batch -keyfile wpa2_ca.key -cert wpa2_ca.pem -in wpa2_client.csr -key (password) -out wpa2_client.crt -extensions xpserver_ext -extfile xpextensions
-  openssl ca -batch -keyfile wpa2_ca.key -cert wpa2_ca.pem -in wpa2_server.csr -key (password) -out wpa2_server.crt -extensions xpserver_ext -extfile xpextensions
+  openssl ca -batch -keyfile ca.key -cert ca.pem -in client.csr -key (password) -out client.crt -extensions xpserver_ext -extfile xpextensions
+  openssl ca -batch -keyfile ca.key -cert ca.pem -in server.csr -key (password) -out server.crt -extensions xpserver_ext -extfile xpextensions
 
 6. export .p12 files
-  openssl pkcs12 -export -out wpa2_client.p12 -inkey wpa2_client.key -in wpa2_client.crt
-  openssl pkcs12 -export -out wpa2_server.p12 -inkey wpa2_server.key -in wpa2_server.crt
+  openssl pkcs12 -export -out client.p12 -inkey client.key -in client.crt
+  openssl pkcs12 -export -out server.p12 -inkey server.key -in server.crt
 
 7. create .pem files
-  openssl pkcs12 -in wpa2_client.p12 -out wpa2_client.pem
-  openssl pkcs12 -in wpa2_server.p12 -out wpa2_server.pem
+  openssl pkcs12 -in client.p12 -out client.pem
+  openssl pkcs12 -in server.p12 -out server.pem
 
 
 

examples/wifi/wpa2_enterprise/Makefile examples/wifi/wifi_enterprise/Makefileexamples/wifi/wpa2_enterprise/Makefile renamed to examples/wifi/wifi_enterprise/Makefile

@@ -0,0 +1,4 @@
+# Embed CA, certificate & key directly into binary
+idf_component_register(SRCS "wifi_enterprise_main.c"
+                    INCLUDE_DIRS "."
+                    EMBED_TXTFILES ca.pem client.crt client.key)

examples/wifi/wpa2_enterprise/README.md examples/wifi/wifi_enterprise/README.mdexamples/wifi/wpa2_enterprise/README.md renamed to examples/wifi/wifi_enterprise/README.md

@@ -1,16 +1,35 @@
 menu "Example Configuration"
 
+    choice
+        prompt "Enterprise configuration to be used"
+        default EXAMPLE_WPA_WPA2_ENTERPRISE
+        config EXAMPLE_WPA_WPA2_ENTERPRISE
+            bool "WPA_WPA2_ENT"
+        config EXAMPLE_WPA3_ENTERPRISE
+            bool "WPA3_ENT"
+        config EXAMPLE_WPA3_192BIT_ENTERPRISE
+            bool "WPA3_192BIT_ENT"
+            depends on IDF_TARGET_ESP32C3 || IDF_TARGET_ESP32S3
+    endchoice
+
     config EXAMPLE_WIFI_SSID
         string "WiFi SSID"
         default "wpa2_test"
         help
             SSID (network name) for the example to connect to.
 
-    config EXAMPLE_VALIDATE_SERVER_CERT
-        bool "Validate server"
-        default y
-        help
-            Validate the servers' certificate using CA cert.
+    if EXAMPLE_WPA_WPA2_ENTERPRISE
+        config EXAMPLE_VALIDATE_SERVER_CERT
+            bool "Validate server"
+            default y
+            help
+                Validate the servers' certificate using CA cert.
+    endif
+
+    if !EXAMPLE_WPA_WPA2_ENTERPRISE
+        config EXAMPLE_VALIDATE_SERVER_CERT
+            default y
+    endif
 
     choice
         prompt "EAP method for the example to use"