![]() |
TrustCore SDK NanoSec API reference
version 7.0
|
Provides EAP-MD5 (EAP-message digest 5) authentication. More...
Functions | |
MOC_EXTERN MSTATUS | EAP_MD5_getChallenge (ubyte *buf, ubyte4 len) |
Generate a challenge for an MD5 request. More... | |
MOC_EXTERN MSTATUS | EAP_MD5ProcessAuth (ubyte *appSessionHdl, ubyte *eapSessionHdl, ubyte4 instanceId, eapCode code, ubyte id, ubyte *data, ubyte4 len, ubyte *passwordString, ubyte4 passLen, ubyte *challenge, ubyte4 challengeLen, sbyte4 *cmp) |
Validate an MD5 challenge response. More... | |
MOC_EXTERN MSTATUS | EAP_MD5ProcessPeer (ubyte *appSessionHdl, ubyte *eapSessionHdl, ubyte4 instanceId, ubyte id, ubyte *data, ubyte4 len, ubyte *passwordString, ubyte4 passLen, ubyte **eapRespData, ubyte4 *eapRespLen) |
Generate an MD5 challenge response. More... | |
MOC_EXTERN MSTATUS EAP_MD5_getChallenge | ( | ubyte * | buf, |
ubyte4 | len | ||
) |
This function generates a challenge for an MD5 request. The challenge is in the form of random data that's used as a nonce — a unique, random value inserted into a message to protect against replays — to hash a user's password using the MD5 algorithm. The challenge sequence is as follows:
To enable this function, the following flag must be defined in moptions.h:
__ENABLE_MOCANA_EAP_MD5__
Additionally, at least one of the following flags must be defined in moptions.h:
__ENABLE_MOCANA_EAP_PEER__
__ENABLE_MOCANA_EAP_AUTH__
buf | On return, pointer to buffer containing the challenge. |
len | Length of challenge to generate. |
OK
(0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR
macro.MOC_EXTERN MSTATUS EAP_MD5ProcessAuth | ( | ubyte * | appSessionHdl, |
ubyte * | eapSessionHdl, | ||
ubyte4 | instanceId, | ||
eapCode | code, | ||
ubyte | id, | ||
ubyte * | data, | ||
ubyte4 | len, | ||
ubyte * | passwordString, | ||
ubyte4 | passLen, | ||
ubyte * | challenge, | ||
ubyte4 | challengeLen, | ||
sbyte4 * | cmp | ||
) |
This function validates an MD5 challenge response, indicating the result by its function return: OK
, ERR_EAP_MD5_INVALID_CHALLENGE_LENGTH
, or ERR_EAP_MD5_AUTH_FAILURE
. Your application should use this function to process responses received from peers.
To enable this function, the following flag must be defined in moptions.h:
__ENABLE_MOCANA_EAP_MD5__
Additionally, at least one of the following flags must be defined in moptions.h:
__ENABLE_MOCANA_EAP_PEER__
__ENABLE_MOCANA_EAP_AUTH__
appSessionHdl | Cookie given by the application to identify the session. |
eapSessionHdl | EAP session handle returned from EAP_sessionCreate. |
instanceId | EAP instance ID returned from EAP_initInstance. |
code | Any of the eapCode enumerated values (see eap_proto.h). |
id | EAP packet ID |
data | EAP request payload, in the following format: <Type , Chlg Len, Challenge>. |
len | Number of bytes in EAP request payload. |
passwordString | Session password for the response. |
passLen | Number of bytes in passwordString . |
challenge | Pointer to previously sent challenge. |
challengeLen | Number of bytes in challenge . |
cmp | On return, pointer to challenge comparison result (0 indicates a match). |
OK
(0) if successful.ERR_EAP_MD5_INVALID_CHALLENGE_LENGTH
if the EAP request's Chlg
Len doesn't match the length of the previously sent challenge (as specified by the challengeLen
parameter value.ERR_EAP_MD5_AUTH_FAILURE
if the challenge is invalid.MOC_EXTERN MSTATUS EAP_MD5ProcessPeer | ( | ubyte * | appSessionHdl, |
ubyte * | eapSessionHdl, | ||
ubyte4 | instanceId, | ||
ubyte | id, | ||
ubyte * | data, | ||
ubyte4 | len, | ||
ubyte * | passwordString, | ||
ubyte4 | passLen, | ||
ubyte ** | eapRespData, | ||
ubyte4 * | eapRespLen | ||
) |
This function calculates an MD5 hash (the challenge response) and returns the resultant EAP payload. Your application should use this function for MD5 peer packet processing.
To enable this function, the following flag must be defined in moptions.h:
__ENABLE_MOCANA_EAP_MD5__
Additionally, at least one of the following flags must be defined in moptions.h:
__ENABLE_MOCANA_EAP_PEER__
__ENABLE_MOCANA_EAP_AUTH__
appSessionHdl | Cookie given by the application to identify the session. |
eapSessionHdl | EAP session handle returned from EAP_sessionCreate. |
instanceId | EAP instance ID returned from EAP_initInstance. |
id | EAP packet ID |
data | EAP request payload, in the following format <Type , Chlg Len, Challenge>. |
len | Number of bytes in EAP request payload. |
passwordString | Session password for the response. |
passLen | Number of bytes in passwordString . |
eapRespData | On return, pointer to EAP response payload. |
eapRespLen | On return, pointer to number of bytes in eapRespData . |
OK
(0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR
macro.