TrustCore SDK NanoSec API reference  version 7.0
eap_tls.h
Go to the documentation of this file.
1 /*
2  * eap_tls.h
3  *
4  * EAP TLS Helper Functions
5  *
6  * Copyright 2019-2024 DigiCert, Inc. All Rights Reserved.
7  * Proprietary and Confidential Material.
8  *
9  */
10 
32 #ifndef __EAP_TLS_H__
33 #define __EAP_TLS_H__
34 
35 #ifdef __cplusplus
36 extern "C" {
37 #endif
38 
39 #if (defined(__ENABLE_MOCANA_EAP_PEER__) || defined(__ENABLE_MOCANA_EAP_AUTH__))
40 
41 #define EAP_TLS_START_FLAG (0x20)
42 #define EAP_TLS_MORE_FLAG (0x40)
43 #define EAP_TLS_LENGTH_FLAG (0x80)
44 #define EAP_TLS_VERSION_MASK (0x07)
45 #define MAX_EAP_TLS_MTU (1300)
46 #define MAX_EAP_SSL_CONNECTIONS_ALLOWED (1000)
47 #define EAP_TLS_LENGTH_BYTES (4)
48 
50 typedef enum eap_tls_connection_e {
51  EAP_TLS_CONNECTION_CLIENT = 1,
52  EAP_TLS_CONNECTION_SERVER,
53 
54 } eap_tls_connection;
55 
57 typedef enum eap_tls_param_e {
58  EAP_TLS_PARAM_PAC_KEY = 1,
59  EAP_TLS_PARAM_INNER_APP,
60  EAP_TLS_PARAM_MAX_MTU, /*P: PARAM for setting MAX MTU */
61  EAP_TLS_SSL_CERT_STORE_PTR
62 } eap_tls_param;
63 
64 #if (defined(__ENABLE_MOCANA_EAP_TLS__))
65 
134 MOC_EXTERN MSTATUS
135 EAP_TLSsetParams(ubyte *appSessionHdl,ubyte *tls_connection,
136  ubyte methodType, eap_tls_param paramType,ubyte *param,ubyte4 paramLen);
137 
170 MOC_EXTERN MSTATUS
171 EAP_TLSPeerGetAuthVersion(ubyte *appSessionHdl, ubyte *authVersion, ubyte *pkt,
172  ubyte pktLen);
173 
226 MOC_EXTERN MSTATUS
227 EAP_TLSCreateSession(ubyte *appSessionHdl,ubyte **tls_connection,
228  eap_tls_connection connectionType,
229  ubyte4 *sessionIdLen,
230  ubyte *sessionId, ubyte *masterSecret,ubyte *dnsName,
231  ubyte methodType,ubyte peerVersion, ubyte authVersion,
232  struct certStore* pCertStore);
233 
286 MOC_EXTERN MSTATUS
287 EAP_TLSPeerStart(ubyte *appSessionHdl,ubyte *tls_connection,
288  ubyte methodType,
289  ubyte *pkt,ubyte4 pktLen,
290  ubyte **eapRespData, ubyte4 *eapRespLen);
291 
332 MOC_EXTERN MSTATUS
333 EAP_TLSstartRequest(ubyte *appSessionHdl,ubyte *tls_connection,
334  certDescriptor* sslCert,
335  ubyte methodType,
336  ubyte **eapReqData, ubyte4 *eapReqLen);
337 
393 MOC_EXTERN MSTATUS
394 EAP_TLSProcessMsg (ubyte *appSessionHdl, ubyte *tls_connection,
395  ubyte *data, ubyte4 len,
396  ubyte **eapRespData, ubyte4 *eapRespLen);
397 
437 MOC_EXTERN MSTATUS
438 EAP_TLSgetSessionStatus(ubyte *appSessionHdl,ubyte * tls_connection,
439  ubyte4 *sessionStatus);
440 
479 MOC_EXTERN MSTATUS
480 EAP_TLSgetSSLInstance(ubyte *appSessionHdl,ubyte * tls_connection,
481  sbyte4 *connectionInstance);
482 
517 MOC_EXTERN MSTATUS
518 EAP_TLScloseConnection (ubyte *appSessionHdl,ubyte *tls_connection);
519 
561 MOC_EXTERN MSTATUS
562 EAP_TLSgetClientSessionInfo(ubyte *appSessionHdl,ubyte * tls_connection,
563  ubyte4 *sessionIdLen,
564  ubyte *sessionId, ubyte *masterSecret);
565 
619 MOC_EXTERN MSTATUS
620 EAP_TLSRecvData(ubyte *appSessionHdl, ubyte *tls_connection,
621  ubyte *data, ubyte4 len,
622  ubyte **eapRespData, ubyte4 *eapRespLen,
623  ubyte **eapRemData, ubyte4 *eapRemLen);
624 
671 MOC_EXTERN MSTATUS
672 EAP_TLSSendData(ubyte *appSessionHdl, ubyte *tls_connection,
673  ubyte *data, ubyte4 len,
674  ubyte **eapRespData, ubyte4 *eapRespLen);
675 
718 MOC_EXTERN MSTATUS
719 EAP_TLSSetAuthId(ubyte *appSessionHdl, ubyte *tls_connection,
720  ubyte *authId, ubyte2 authIdLen);
721 
758 MOC_EXTERN MSTATUS
759 EAP_TLSgetKey(ubyte *tls_connection,ubyte *key,ubyte2 keyLen);
760 
761 #ifdef __ENABLE_MOCANA_SSL_ALERTS__
762 /*P: Function declaration for formAlert */
806 MOC_EXTERN MSTATUS
807 EAP_TLSformAlert(ubyte *tls_connection,sbyte4 alertClass,sbyte4 alertId,ubyte4 len, ubyte **eapRespData, ubyte4 *eapRespLen);
808 #endif
809 
810 /*P: New API that fetches the negotiated version */
845 MOC_EXTERN MSTATUS
846 EAP_TLSGetNegotiatedVersion(ubyte *tls_connection, ubyte *version);
847 
848 /*P: Method that fetches the MTU */
882 MOC_EXTERN MSTATUS
883 EAP_TLSgetMTU(ubyte *tls_connection, ubyte *setMTU);
884 
885 #endif /* ((defined(__ENABLE_MOCANA_EAP_TLS__) */
886 #endif /* ((defined(__ENABLE_MOCANA_EAP_PEER__) || defined(__ENABLE_MOCANA_EAP_AUTH__)) */
887 
888 #ifdef __cplusplus
889 }
890 #endif
891 
892 #endif /* __EAP_TLS_H__ */
EAP_TLSstartRequest
MOC_EXTERN MSTATUS EAP_TLSstartRequest(ubyte *appSessionHdl, ubyte *tls_connection, certDescriptor *sslCert, ubyte methodType, ubyte **eapReqData, ubyte4 *eapReqLen)
Send an EAP-TLS Start message.
EAP_TLSCreateSession
MOC_EXTERN MSTATUS EAP_TLSCreateSession(ubyte *appSessionHdl, ubyte **tls_connection, eap_tls_connection connectionType, ubyte4 *sessionIdLen, ubyte *sessionId, ubyte *masterSecret, ubyte *dnsName, ubyte methodType, ubyte peerVersion, ubyte authVersion, struct certStore *pCertStore)
Create an EAP-TLS session.
EAP_TLSgetMTU
MOC_EXTERN MSTATUS EAP_TLSgetMTU(ubyte *tls_connection, ubyte *setMTU)
Get the MTU (maximum transmission unit) value from the TLS control block.
EAP_TLSGetNegotiatedVersion
MOC_EXTERN MSTATUS EAP_TLSGetNegotiatedVersion(ubyte *tls_connection, ubyte *version)
Get the negotiated version of an EAP-TLS packet.
EAP_TLSgetSSLInstance
MOC_EXTERN MSTATUS EAP_TLSgetSSLInstance(ubyte *appSessionHdl, ubyte *tls_connection, sbyte4 *connectionInstance)
Get an EAP-TLS connection's SSL connection instance.
EAP_TLSSendData
MOC_EXTERN MSTATUS EAP_TLSSendData(ubyte *appSessionHdl, ubyte *tls_connection, ubyte *data, ubyte4 len, ubyte **eapRespData, ubyte4 *eapRespLen)
Encrypt EAP (clear text) data.
EAP_TLSPeerGetAuthVersion
MOC_EXTERN MSTATUS EAP_TLSPeerGetAuthVersion(ubyte *appSessionHdl, ubyte *authVersion, ubyte *pkt, ubyte pktLen)
Get the authentication version of an EAP-TLS packet.
EAP_TLSformAlert
MOC_EXTERN MSTATUS EAP_TLSformAlert(ubyte *tls_connection, sbyte4 alertClass, sbyte4 alertId, ubyte4 len, ubyte **eapRespData, ubyte4 *eapRespLen)
Build a TLS Alert Messsage to be sent over EAP.
EAP_TLSRecvData
MOC_EXTERN MSTATUS EAP_TLSRecvData(ubyte *appSessionHdl, ubyte *tls_connection, ubyte *data, ubyte4 len, ubyte **eapRespData, ubyte4 *eapRespLen, ubyte **eapRemData, ubyte4 *eapRemLen)
Decrypt EAP message payload.
EAP_TLSgetClientSessionInfo
MOC_EXTERN MSTATUS EAP_TLSgetClientSessionInfo(ubyte *appSessionHdl, ubyte *tls_connection, ubyte4 *sessionIdLen, ubyte *sessionId, ubyte *masterSecret)
Get EAP-TLS session's session ID and master secret.
EAP_TLSsetParams
MOC_EXTERN MSTATUS EAP_TLSsetParams(ubyte *appSessionHdl, ubyte *tls_connection, ubyte methodType, eap_tls_param paramType, ubyte *param, ubyte4 paramLen)
Set any parameter of any method to a specified value.
EAP_TLSSetAuthId
MOC_EXTERN MSTATUS EAP_TLSSetAuthId(ubyte *appSessionHdl, ubyte *tls_connection, ubyte *authId, ubyte2 authIdLen)
Set EAP-FAST authenticator ID.
EAP_TLScloseConnection
MOC_EXTERN MSTATUS EAP_TLScloseConnection(ubyte *appSessionHdl, ubyte *tls_connection)
Close an EAP-TLS connection.
EAP_TLSgetSessionStatus
MOC_EXTERN MSTATUS EAP_TLSgetSessionStatus(ubyte *appSessionHdl, ubyte *tls_connection, ubyte4 *sessionStatus)
Get an EAP-TLS session's session status.
EAP_TLSProcessMsg
MOC_EXTERN MSTATUS EAP_TLSProcessMsg(ubyte *appSessionHdl, ubyte *tls_connection, ubyte *data, ubyte4 len, ubyte **eapRespData, ubyte4 *eapRespLen)
Process a received EAP-TLS message and build a response.
EAP_TLSgetKey
MOC_EXTERN MSTATUS EAP_TLSgetKey(ubyte *tls_connection, ubyte *key, ubyte2 keyLen)
Get a new EAP-TLS session key.
EAP_TLSPeerStart
MOC_EXTERN MSTATUS EAP_TLSPeerStart(ubyte *appSessionHdl, ubyte *tls_connection, ubyte methodType, ubyte *pkt, ubyte4 pktLen, ubyte **eapRespData, ubyte4 *eapRespLen)
Build a client Hello message and add it to the send buffer.