1.3.5.7 WDRV_PIC32MZW_AuthCtxSetEnterpriseTLS Function
C
WDRV_PIC32MZW_STATUS WDRV_PIC32MZW_AuthCtxSetEnterpriseTLS ( WDRV_PIC32MZW_AUTH_CONTEXT *const pAuthCtx, const char *const pUserDomain, WDRV_PIC32MZW_TLS_CONTEXT_HANDLE tlsCtxHandle, WDRV_PIC32MZW_AUTH_TYPE authType )
Summary
Configure an authentication context for WPA-Enterprise authentication using TLS.
Description
The type and state information are configured appropriately for WPA-Enterprise authentication. The Management Frame Protection configuration is initialized to WDRV_PIC32MZW_AUTH_MFP_ENABLED
Precondition
Wolfssl TLS context handle is created and all the required certs and keys are loaded, peer server certificate validation is enabled using the appropriate wolfssl APIs. Below is the example code for reference:
WDRV_PIC32MZW_TLS_CONTEXT_HANDLE APP_Create_TLS_Context( const uint8_t *const pCAcert, uint16_t u16CAcertLen, int caCertFormat, const uint8_t *const pCert, uint16_t u16CertLen, int privCertFormat, const uint8_t *const pPriKey, uint16_t u16PriKeyLen, int privKeyFormat) { WOLFSSL_CTX *pTlsCtx = NULL; if ((NULL == pCAcert) || (NULL == pCert) || (NULL == pPriKey)) { return WDRV_PIC32MZW_TLS_CONTEXT_HANDLE_INVALID; } if ((u16CAcertLen == 0) || (u16CertLen == 0) || (u16PriKeyLen == 0 )) { return WDRV_PIC32MZW_TLS_CONTEXT_HANDLE_INVALID; } // Validate cert and key formats if (!((WOLFSSL_FILETYPE_PEM == caCertFormat) || (WOLFSSL_FILETYPE_ASN1 == caCertFormat))) { return WDRV_PIC32MZW_TLS_CONTEXT_HANDLE_INVALID; } if (!((WOLFSSL_FILETYPE_PEM == privCertFormat) || (WOLFSSL_FILETYPE_ASN1 == privCertFormat))) { return WDRV_PIC32MZW_TLS_CONTEXT_HANDLE_INVALID; } if (!((WOLFSSL_FILETYPE_PEM == privKeyFormat) || (WOLFSSL_FILETYPE_ASN1 == privKeyFormat))) { return WDRV_PIC32MZW_TLS_CONTEXT_HANDLE_INVALID; } // Create wolfssl context with TLS v1.2 pTlsCtx = wolfSSL_CTX_new(wolfTLSv1_2_client_method()); if (NULL == pTlsCtx) { return WDRV_PIC32MZW_TLS_CONTEXT_HANDLE_INVALID; } // Load CA certificate into WOLFSSL_CTX for validating peer if (SSL_SUCCESS != wolfSSL_CTX_load_verify_buffer(pTlsCtx, pCAcert, u16CAcertLen, caCertFormat)) { wolfSSL_CTX_free(pTlsCtx); return WDRV_PIC32MZW_TLS_CONTEXT_HANDLE_INVALID; } // Verify the certificate received from the server during the handshake wolfSSL_CTX_set_verify(pTlsCtx, WOLFSSL_VERIFY_PEER, 0); // Load client certificate into WOLFSSL_CTX if (SSL_SUCCESS != wolfSSL_CTX_use_certificate_buffer(pTlsCtx, pCert, u16CertLen, privCertFormat)) { wolfSSL_CTX_free(pTlsCtx); return WDRV_PIC32MZW_TLS_CONTEXT_HANDLE_INVALID; } // Load client key into WOLFSSL_CTX if (SSL_SUCCESS != wolfSSL_CTX_use_PrivateKey_buffer(pTlsCtx, pPriKey, u16PriKeyLen, privKeyFormat)) { wolfSSL_CTX_free(pTlsCtx); return WDRV_PIC32MZW_TLS_CONTEXT_HANDLE_INVALID; } return (WDRV_PIC32MZW_TLS_CONTEXT_HANDLE) pTlsCtx; }
Parameters
| Param | Description |
|---|---|
| pAuthCtx | Pointer to an authentication context. |
| authType | Authentication type |
| pUserDomain | Pointer to user and domain name. |
| tlsCtxHandle | Wolfssl TLS Context handle. |
Returns
WDRV_PIC32MZW_STATUS_OK - The context has been configured.
WDRV_PIC32MZW_STATUS_INVALID_ARG - The parameters were incorrect.
Remarks
None.