Skip to content

net: l2: wifi: Refactor certificates processing code into common file #93119

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
+428 −526
Open

net: l2: wifi: Refactor certificates processing code into common file #93119

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
c3bb3bf
manifest: hostap: Pull fix for header file path
D-Triveni Jul 15, 2025
1ed0285
net: l2: wifi: Refactor certificates processing code into common file
D-Triveni Jul 14, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
40 changes: 40 additions & 0 deletions include/zephyr/net/wifi_certs.h
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
/*
* Copyright (c) 2025 Nordic Semiconductor ASA
*
* SPDX-License-Identifier: Apache-2.0
*/

#ifndef WIFI_CERTS_H__
#define WIFI_CERTS_H__

#include <stdbool.h>
#include <zephyr/kernel.h>
#include <zephyr/net/wifi_mgmt.h>

/**
* Set Wi-Fi Enterprise credentials.
*
* Sets up the required credentials for Enterprise mode in both
* Access Point and Station modes.
*
* Certificates typically used:
* - CA certificate
* - Client certificate
* - Client private key
* - Server certificate and server key (for AP mode)
*
* @param iface Network interface
* @param AP or Station mode
*
* @return 0 if ok, < 0 if error
*/
int wifi_set_enterprise_credentials(struct net_if *iface, bool is_ap);

/**
* Clear Wi-Fi enterprise credentials
*
* @param Wi-Fi enterprise params
*/
void wifi_clear_enterprise_credentials(void);

#endif /* WIFI_CERTS_H__ */
2 changes: 2 additions & 0 deletions modules/hostap/Kconfig
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -198,6 +198,7 @@ config WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE
select MBEDTLS_SERVER_NAME_INDICATION if MBEDTLS_BUILTIN
select MBEDTLS_X509_CRL_PARSE_C
select MBEDTLS_TLS_VERSION_1_2
select WIFI_CERTIFICATE_LIB
depends on !WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE

if WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE
Expand Down Expand Up @@ -302,6 +303,7 @@ config WIFI_NM_HOSTAPD_AP

config WIFI_NM_HOSTAPD_CRYPTO_ENTERPRISE
bool "Hostapd crypto enterprise support"
select WIFI_CERTIFICATE_LIB
depends on WIFI_NM_HOSTAPD_AP

if WIFI_NM_HOSTAPD_CRYPTO_ENTERPRISE
Expand Down
1 change: 1 addition & 0 deletions subsys/net/l2/wifi/CMakeLists.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ zephyr_library_include_directories_ifdef(
)

zephyr_library_sources_ifdef(CONFIG_NET_L2_WIFI_MGMT wifi_mgmt.c)
zephyr_library_sources_ifdef(CONFIG_WIFI_CERTIFICATE_LIB wifi_certs.c)
zephyr_library_sources_ifdef(CONFIG_NET_L2_WIFI_SHELL wifi_shell.c)
zephyr_library_sources_ifdef(CONFIG_WIFI_NM wifi_nm.c)
zephyr_library_sources_ifdef(CONFIG_NET_L2_WIFI_UTILS wifi_utils.c)
Expand Down
5 changes: 5 additions & 0 deletions subsys/net/l2/wifi/Kconfig
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -126,6 +126,11 @@ config WIFI_ENT_IDENTITY_MAX_USERS
help
This option defines the maximum number of identity users allowed connection.

config WIFI_CERTIFICATE_LIB
bool
help
Enable this option to process certificates in enterprise mode.

if WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE

config WIFI_SHELL_RUNTIME_CERTIFICATES
Expand Down
Loading