 |
TrustCore SDK NanoSec API reference
version 7.0
|
|
TrustCore SDK NanoSec API reference
version 7.0
|
Provides EAP-LEAP (EAP-lightweight EAP) authentication. More...
Functions | |
| MOC_EXTERN MSTATUS | EAP_LEAP_buildChallenge (eapLeapCb_t *leapCb, ubyte sessionType, ubyte *identity, ubyte2 identityLen, ubyte **eapRespData, ubyte4 *eapRespLen) |
| Generate a LEAP challenge packet. More... | |
| MOC_EXTERN MSTATUS | EAP_LEAP_getKey (void *eapLeapCb, ubyte *key, ubyte4 keyLen) |
| Get EAP-LEAP session's shared key. More... | |
| MOC_EXTERN MSTATUS | EAP_LEAP_processAuth (void *eapLeapCb, ubyte code, ubyte *data, ubyte4 len, ubyte *passwd, ubyte2 passwdLen, eapCode *p_sendCode, ubyte **eapRespData, ubyte4 *eapRespLen) |
| Process a LEAP packet received by an authenticator. More... | |
| MOC_EXTERN MSTATUS | EAP_LEAP_processPeer (void *eapLeapCb, ubyte code, ubyte *data, ubyte4 len, ubyte *passwd, ubyte2 passwdLen, ubyte *identity, ubyte2 identityLen, eapCode *p_sendCode, ubyte **pKey, ubyte **eapRespData, ubyte4 *eapRespLen) |
| Process a LEAP packet received by a peer. More... | |
| MOC_EXTERN MSTATUS | EAP_LEAPdeleteSession (void *p_eapLeapCb) |
| Delete an EAP-LEAP session. More... | |
| MOC_EXTERN MSTATUS | EAP_LEAPinitSession (void *appCb, void **p_eapLeapCb, ubyte sessionType) |
| Create and initialize an EAP-LEAP session. More... | |
| MOC_EXTERN MSTATUS EAP_LEAP_buildChallenge | ( | eapLeapCb_t * | leapCb, |
| ubyte | sessionType, | ||
| ubyte * | identity, | ||
| ubyte2 | identityLen, | ||
| ubyte ** | eapRespData, | ||
| ubyte4 * | eapRespLen | ||
| ) |
This function (which can be called by the authenticator or peer) builds the initial LEAP challenge, returning it through the eapRespData parameter. Additionally, this function updates the session handle's state (to LEAP_AUTH_CHALLENGE_SENT or LEAP_PEER_CHALLENGE_SENT), eliminating the need to call an additional function to manage the state flag.
To enable this function, the following flag must be defined in moptions.h:
__ENABLE_MOCANA_EAP_LEAP__ Additionally, at least one of the following flags must be defined in moptions.h:
__ENABLE_MOCANA_EAP_PEER__ __ENABLE_MOCANA_EAP_AUTH__ | leapCb | EAP-LEAP session handle returned from EAP_LEAPinitSession. |
| sessionType | One of the following eapSessionType enumerated values: EAP_SESSION_TYPE_PEER or EAP_SESSION_TYPE_AUTHENTICATOR (see eap_proto.h). |
| identity | Pointer to peer identity (sent during identity request/response). |
| identityLen | Number of bytes in peer identity string (identity). |
| eapRespData | On return, pointer to response packet. |
| eapRespLen | On return, pointer to number of bytes in response packet (eapRespData). |
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.| MOC_EXTERN MSTATUS EAP_LEAP_getKey | ( | void * | eapLeapCb, |
| ubyte * | key, | ||
| ubyte4 | keyLen | ||
| ) |
This function retrieves the EAP-LEAP session's shared key.
key parameter is at least LEAP_KEY_LEN bytes (see eap_leap.h); otherwise buffer overflow may occur.To enable this function, the following flag must be defined in moptions.h:
__ENABLE_MOCANA_EAP_LEAP__ Additionally, at least one of the following flags must be defined in moptions.h:
__ENABLE_MOCANA_EAP_PEER__ __ENABLE_MOCANA_EAP_AUTH__ | eapLeapCb | EAP-LEAP session handle returned from EAP_LEAPinitSession. |
| key | Pointer to allocated buffer that on return contains the shared key. (The allocated buffer must contain at least LEAP_KEY_LEN bytes; otherwise buffer overflow may occur.) |
| keyLen | (Reserved for future use.) |
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.| MOC_EXTERN MSTATUS EAP_LEAP_processAuth | ( | void * | eapLeapCb, |
| ubyte | code, | ||
| ubyte * | data, | ||
| ubyte4 | len, | ||
| ubyte * | passwd, | ||
| ubyte2 | passwdLen, | ||
| eapCode * | p_sendCode, | ||
| ubyte ** | eapRespData, | ||
| ubyte4 * | eapRespLen | ||
| ) |
This function processes a LEAP packet received by an authenticator, and returns the EAP code to be sent in reply through the p_sendCode parameter, and the response packet through the eapRespData parameter. (The response packet can subsequently be transmitted by calling EAP_ulTransmit.)
To enable this function, the following flag must be defined in moptions.h:
__ENABLE_MOCANA_EAP_LEAP__ Additionally, at least one of the following flags must be defined in moptions.h:
__ENABLE_MOCANA_EAP_PEER__ __ENABLE_MOCANA_EAP_AUTH__ | eapLeapCb | EAP-LEAP session handle returned from EAP_LEAPinitSession. |
| code | Any of the eapCode enumerated values (see eap_proto.h). |
| data | Pointer to payload to process, in the format <Type, LEAP packet> |
| len | Number of bytes in payload to process (data). |
| passwd | Pointer to password of the identity (EAP-LEAP session) being authenticated. |
| passwdLen | Number of bytes in password (passwd). |
| p_sendCode | On return, pointer to EAP code to send in EAP response packet. |
| eapRespData | On return, pointer to LEAP response data packet. |
| eapRespLen | On return, pointer to number of bytes in LEAP response packet (eapRespData). |
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.| MOC_EXTERN MSTATUS EAP_LEAP_processPeer | ( | void * | eapLeapCb, |
| ubyte | code, | ||
| ubyte * | data, | ||
| ubyte4 | len, | ||
| ubyte * | passwd, | ||
| ubyte2 | passwdLen, | ||
| ubyte * | identity, | ||
| ubyte2 | identityLen, | ||
| eapCode * | p_sendCode, | ||
| ubyte ** | pKey, | ||
| ubyte ** | eapRespData, | ||
| ubyte4 * | eapRespLen | ||
| ) |
This function processes a LEAP packet received by a peer, and returns the EAP code to be sent in reply through the p_sendCode parameter, the key (if any) through the pKey parameter, and the response packet through the eapRespData parameter. (The response packet can subsequently be transmitted by calling EAP_ulTransmit.)
To enable this function, the following flag must be defined in moptions.h:
__ENABLE_MOCANA_EAP_LEAP__ Additionally, at least one of the following flags must be defined in moptions.h:
__ENABLE_MOCANA_EAP_PEER__ __ENABLE_MOCANA_EAP_AUTH__ | eapLeapCb | EAP-LEAP session handle returned from EAP_LEAPinitSession. |
| code | Any of the eapCode enumerated values (see eap_proto.h). |
| data | Pointer to payload to process, in the format <Type, LEAP packet> |
| len | Number of bytes in payload to process (data). |
| passwd | Pointer to password of the identity (EAP-LEAP session) being authenticated. |
| passwdLen | Number of bytes in password (passwd). |
| identity | Pointer to peer identity (sent during identity request/response). |
| identityLen | Number of bytes in peer identity string (identity). |
| p_sendCode | On return, pointer to EAP code to send in EAP response packet. |
| pKey | On return, pointer to generated session key (if any) based on MSCHAP encryption. |
| eapRespData | On return, pointer to LEAP response data packet. |
| eapRespLen | On return, pointer to number of bytes in LEAP response packet (eapRespData). |
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.| MOC_EXTERN MSTATUS EAP_LEAPdeleteSession | ( | void * | p_eapLeapCb | ) |
This function frees (releases) EAP LEAP resources and deletes an EAP-LEAP session.
To enable this function, the following flag must be defined in moptions.h:
__ENABLE_MOCANA_EAP_LEAP__ Additionally, at least one of the following flags must be defined in moptions.h:
__ENABLE_MOCANA_EAP_PEER__ __ENABLE_MOCANA_EAP_AUTH__ | p_eapLeapCb | EAP-LEAP session handle returned from EAP_LEAPinitSession. |
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.| MOC_EXTERN MSTATUS EAP_LEAPinitSession | ( | void * | appCb, |
| void ** | p_eapLeapCb, | ||
| ubyte | sessionType | ||
| ) |
This function creates and initializes an EAP-LEAP session using the specified parameters. The session handle is returned through the p_eapLeapCb parameter, and should be passed in all subsequent function calls for the EAP-LEAP session.
To enable this function, the following flag must be defined in moptions.h:
__ENABLE_MOCANA_EAP_LEAP__ Additionally, at least one of the following flags must be defined in moptions.h:
__ENABLE_MOCANA_EAP_PEER__ __ENABLE_MOCANA_EAP_AUTH__ | appCb | Application session handle (cookie given by the application to identify the session). |
| p_eapLeapCb | On return, pointer to EAP-LEAP session handle. |
| sessionType | Either of the following eapSessionType enumerated values (defined in eap_proto.h):
|
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.