TrustCore SDK NanoSec API reference  version 7.0
EAP-MSCHAPv2 Functions

Provides EAP-MSCHAPv2 (EAP-Microsoft Challenge-handshake Authentication Protocol, version 2) authentication. More...

Functions

MOC_EXTERN void EAP_MSCHAPbin2hex (const ubyte *szBin, sbyte *szHex, ubyte4 len)
 Get a hexadecimal representation of binary data. More...
 
MOC_EXTERN MSTATUS EAP_MSCHAPChallengeResponse (ubyte *Challenge, ubyte *PasswordHash, ubyte *Response)
 Build an MSCHAP v0 response to the specified challenge and password hash. More...
 
MOC_EXTERN MSTATUS EAP_MSCHAPcheckAuthenticatorResponse (ubyte *Password, ubyte2 PasswordLen, ubyte *NtResponse, ubyte *PeerChallenge, ubyte *AuthenticatorChallenge, ubyte *UserName, ubyte2 UserNameLen, ubyte *ReceivedResponse, byteBoolean *ResponseOK)
 Determine an MSCHAP authenticator response's status and include it in a new EAP response. More...
 
MOC_EXTERN MSTATUS EAP_MSCHAPgenerateAuthenticatorResponse (ubyte *Password, ubyte2 PasswordLen, ubyte *NtResponse, ubyte *PeerChallenge, ubyte *AuthenticatorChallenge, ubyte *UserName, ubyte2 UserNameLen, ubyte *AuthenticatorResponse)
 Generate an authenticator response. More...
 
MOC_EXTERN MSTATUS EAP_MSCHAPgenerateMasterKey (ubyte *Password, ubyte2 PasswordLen, ubyte *NtResponse, ubyte *MasterKey)
 Generate an MSK (master session key). More...
 
MOC_EXTERN MSTATUS EAP_MSCHAPgenerateNTResponse (ubyte *AuthenticatorChallenge, ubyte *PeerChallenge, ubyte *UserName, ubyte2 UserNameLen, ubyte *Password, ubyte2 PasswordLen, ubyte *Response)
 Build an MS-CHAP-V2 NT response. More...
 
MOC_EXTERN MSTATUS EAP_MSCHAPgenerateSessionKey (ubyte *masterKey, ubyte *sessionKey, ubyte2 sessionKeyLen, byteBoolean send, byteBoolean server)
 Generate a send/receive client/server session key. More...
 
MOC_EXTERN MSTATUS EAP_MSCHAPHashNtPasswordHash (ubyte *PasswordHash, ubyte *PasswordHashHash)
 Get an irreversible hash of a password hash (using MD4). More...
 
MOC_EXTERN MSTATUS EAP_MSCHAPNtPasswordHash (ubyte *Password, ubyte2 PasswordLen, ubyte *PasswordHash)
 Get a password hash (using MD4). More...
 
MOC_EXTERN MSTATUS EAP_MSCHAPpeerResponse (ubyte *appSessionHdl, ubyte *data, ubyte2 datalen, ubyte *passwordString, ubyte2 passLen, ubyte *peerResponse, ubyte *peerChallenge, ubyte *authChallenge, ubyte *UserName, ubyte2 UserNameLen, ubyte **eapRespData, ubyte4 *eapRespLen, byteBoolean *cmp)
 Determine whether an authenticator response to a peer challenge is valid and build the resultant SUCCESS/FAIL response. More...
 
MOC_EXTERN MSTATUS EAP_MSCHAPProcessAuth (ubyte *appSessionHdl, ubyte *data, ubyte4 datalen, ubyte *UserName, ubyte4 UserNameLen, ubyte *succMsg, ubyte4 succMsgLen, ubyte *failMsg, ubyte4 failMsgLen, ubyte *passwordString, ubyte4 passLen, ubyte *authChallenge, ubyte *NtResponse, ubyte **eapReqData, ubyte4 *eapReqLen)
 Determine whether a peer response is valid, build the resultant SUCCESS/FAIL response, and if SUCCESS, send the response. More...
 
MOC_EXTERN MSTATUS EAP_MSCHAPProcessPeer (ubyte *appSessionHdl, ubyte *data, ubyte4 datalen, ubyte *UserName, ubyte4 UserNameLen, ubyte *passwordString, ubyte4 passLen, ubyte *peerChallenge, ubyte *authChallenge, ubyte *NtAuthenticator, ubyte **eapRespData, ubyte4 *eapRespLen)
 Build a response to send to the authenticator. More...
 
MOC_EXTERN MSTATUS EAP_MSCHAPstartRequest (ubyte *appSessionHdl, ubyte *identity, ubyte2 identityLen, ubyte *challenge, ubyte **eapReqData, ubyte4 *eapReqLen)
 Build a challenge request. More...
 
MOC_EXTERN MSTATUS EAP_MSCHAPv0generateNTResponse (ubyte *AuthenticatorChallenge, ubyte *Password, ubyte2 PasswordLen, ubyte *Response)
 Build an MS-CHAP-V0 NT response. More...
 
MOC_EXTERN MSTATUS EAP_MSCHAPV2_getChallenge (ubyte *buf)
 Get a 16-byte challenge value for an MSCHAPv2 exchange. More...
 

Detailed Description

Function Documentation

◆ EAP_MSCHAPbin2hex()

MOC_EXTERN void EAP_MSCHAPbin2hex ( const ubyte *  szBin,
sbyte *  szHex,
ubyte4  len 
)

This function creates a hexadecimal representation of binary data.

Since
1.41
Version
1.41 and later

To enable this function, the following flag must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_MSCHAPv2__

Additionally, at least one of the following flags must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_PEER__
  • __ENABLE_MOCANA_EAP_AUTH__

eap_mschapv2.h

Parameters
szBinPointer to binary data to represent as hexadecimal.
szHexOn return, pointer to hexadecimal representation of the szBin data.
lenNumber of bytes of binary data (szBin).
Returns
None.

eap_mschapv2.h

◆ EAP_MSCHAPChallengeResponse()

MOC_EXTERN MSTATUS EAP_MSCHAPChallengeResponse ( ubyte *  Challenge,
ubyte *  PasswordHash,
ubyte *  Response 
)

This function builds an MSCHAP v0 response to the specified challenge and password hash.

Since
1.41
Version
1.41 and later

To enable this function, the following flag must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_MSCHAPv2__

Additionally, at least one of the following flags must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_PEER__
  • __ENABLE_MOCANA_EAP_AUTH__

eap_mschapv2.h

Parameters
ChallengePointer to challenge value.
PasswordHashPointer to password hash.
ResponseOn return, pointer to response.
Returns
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.

eap_mschapv2.h

◆ EAP_MSCHAPcheckAuthenticatorResponse()

MOC_EXTERN MSTATUS EAP_MSCHAPcheckAuthenticatorResponse ( ubyte *  Password,
ubyte2  PasswordLen,
ubyte *  NtResponse,
ubyte *  PeerChallenge,
ubyte *  AuthenticatorChallenge,
ubyte *  UserName,
ubyte2  UserNameLen,
ubyte *  ReceivedResponse,
byteBoolean *  ResponseOK 
)

This function (called by the peer) validates an MSCHAP authenticator response (by calling EAP_MSCHAPgenerateAuthenticatorResponse) and in turn builds an EAP response indicating the authenticator's response status.

Since
1.41
Version
1.41 and later

To enable this function, the following flag must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_MSCHAPv2__

Additionally, at least one of the following flags must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_PEER__
  • __ENABLE_MOCANA_EAP_AUTH__

eap_mschapv2.h

Parameters
PasswordPointer to MS-CHAP-V2 session password to use for response.
PasswordLenNumber of bytes in session password (Password).
NtResponseCalculated NT Authenticator value (returned from EAP_MSCHAPProcessPeer).
PeerChallengePointer to original peer challenge sent by EAP_MSCHAPProcessPeer.
AuthenticatorChallengePointer to original authenticator challenge built by EAP_MSCHAPProcessPeer.
UserNamePointer to MS-CHAP-V2 session username to use for response.
UserNameLenNumber of bytes in session username (Username).
ReceivedResponsePointer to response sent by the authenticator to the peer in the challenge Success message. (If the challenge fails, this value doesn't change.)
ResponseOKOn return, pointer to result to return to peer: TRUE if the challenge succeeded, FALSE otherwise.
Returns
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.
See also
EAP_MSCHAPstartRequest
EAP_MSCHAPProcessAuth

eap_mschapv2.h

◆ EAP_MSCHAPgenerateAuthenticatorResponse()

MOC_EXTERN MSTATUS EAP_MSCHAPgenerateAuthenticatorResponse ( ubyte *  Password,
ubyte2  PasswordLen,
ubyte *  NtResponse,
ubyte *  PeerChallenge,
ubyte *  AuthenticatorChallenge,
ubyte *  UserName,
ubyte2  UserNameLen,
ubyte *  AuthenticatorResponse 
)

This function (used by Mocana internal code) generates an authenticator response.

Since
1.41
Version
1.41 and later

To enable this function, the following flag must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_MSCHAPv2__

Additionally, at least one of the following flags must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_PEER__
  • __ENABLE_MOCANA_EAP_AUTH__

eap_mschapv2.h

Parameters
PasswordPointer to MS-CHAP-V2 session password to use for response.
PasswordLenNumber of bytes in MS-CHAP-V2 session password (Password).
NtResponseCalculated NT Authenticator value (returned from EAP_MSCHAPProcessPeer).
PeerChallengePointer to original peer challenge sent by EAP_MSCHAPProcessPeer.
AuthenticatorChallengePointer to original authenticator challenge built by EAP_MSCHAPProcessPeer.
UserNamePointer to MS-CHAP-V2 session username to use for EAP response.
UserNameLenNumber of bytes in MS-CHAP-V2 session username (Username).
AuthenticatorResponseOn return, pointer to response sent by the authenticator to the peer in the challenge Success message, in the format "S=" followed by 40 ASCII hexadecimal digits.
Returns
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.
See also
EAP_MSCHAPstartRequest
EAP_MSCHAPProcessAuth

eap_mschapv2.h

◆ EAP_MSCHAPgenerateMasterKey()

MOC_EXTERN MSTATUS EAP_MSCHAPgenerateMasterKey ( ubyte *  Password,
ubyte2  PasswordLen,
ubyte *  NtResponse,
ubyte *  MasterKey 
)

This function generates an MSK (master session key).

Since
1.41
Version
1.41 and later

To enable this function, the following flag must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_MSCHAPv2__

Additionally, at least one of the following flags must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_PEER__
  • __ENABLE_MOCANA_EAP_AUTH__

eap_mschapv2.h

Parameters
PasswordPointer to MS-CHAP-V2 session password to use for response.
PasswordLenNumber of bytes in MS-CHAP-V2 session password (Password).
NtResponseCalculated NT Authenticator value (returned from EAP_MSCHAPProcessPeer).
MasterKeyOn return, pointer to MSK value.
Returns
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.
See also
EAP_MSCHAPstartRequest
EAP_MSCHAPProcessAuth

eap_mschapv2.h

◆ EAP_MSCHAPgenerateNTResponse()

MOC_EXTERN MSTATUS EAP_MSCHAPgenerateNTResponse ( ubyte *  AuthenticatorChallenge,
ubyte *  PeerChallenge,
ubyte *  UserName,
ubyte2  UserNameLen,
ubyte *  Password,
ubyte2  PasswordLen,
ubyte *  Response 
)

This function builds an NT Response for MS-CHAP-V2 based on the specified authenticator and peer challenges, peer username, and peer password.

Since
1.41
Version
1.41 and later

To enable this function, the following flag must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_MSCHAPv2__

Additionally, at least one of the following flags must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_PEER__
  • __ENABLE_MOCANA_EAP_AUTH__

eap_mschapv2.h

Parameters
AuthenticatorChallengePointer to original authenticator challenge built by EAP_MSCHAPProcessPeer.
PeerChallengePointer to original peer challenge sent by EAP_MSCHAPProcessPeer.
UserNamePointer to peer username.
UserNameLenNumber of bytes in peer username (UserName).
PasswordPointer to MS-CHAP-V2 session password to use for response.
PasswordLenNumber of bytes in MS-CHAP-V2 session password (Password).
ResponseOn return, pointer to resultant response.
Returns
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.
See also
EAP_MSCHAPstartRequest
EAP_MSCHAPProcessAuth

eap_mschapv2.h

◆ EAP_MSCHAPgenerateSessionKey()

MOC_EXTERN MSTATUS EAP_MSCHAPgenerateSessionKey ( ubyte *  masterKey,
ubyte *  sessionKey,
ubyte2  sessionKeyLen,
byteBoolean  send,
byteBoolean  server 
)

This function generates a session key for send/receive and client/server, as specified, from the specified MSK (master session key). The combination of the send and server parameter values determine which keys are generated. The send-side key on the server (authenticator) must match the receive-side key on the client (peer).

Since
1.41
Version
1.41 and later

To enable this function, the following flag must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_MSCHAPv2__

Additionally, at least one of the following flags must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_PEER__
  • __ENABLE_MOCANA_EAP_AUTH__

eap_mschapv2.h

Parameters
masterKeyPointer to MSK value.
sessionKeyOn return, pointer to resultant session key.
sessionKeyLenLength (number of bytes) of session key to generate.
send0 to specify a receive session key; non-zero for a send session key.
server0 to specify a server-side (authenticator) key; non-zero for a client-side (peer) key.
Returns
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.
See also
EAP_MSCHAPstartRequest
EAP_MSCHAPProcessAuth

eap_mschapv2.h

◆ EAP_MSCHAPHashNtPasswordHash()

MOC_EXTERN MSTATUS EAP_MSCHAPHashNtPasswordHash ( ubyte *  PasswordHash,
ubyte *  PasswordHashHash 
)

This function generates an irreversible hash of a password hash (using MD4).

Since
1.41
Version
1.41 and later

To enable this function, the following flag must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_MSCHAPv2__

Additionally, at least one of the following flags must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_PEER__
  • __ENABLE_MOCANA_EAP_AUTH__

eap_mschapv2.h

Parameters
PasswordHashPointer to password hash.
PasswordHashHashOn return, pointer to generated hash.
Returns
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.
See also
EAP_MSCHAPstartRequest
EAP_MSCHAPProcessAuth

eap_mschapv2.h

◆ EAP_MSCHAPNtPasswordHash()

MOC_EXTERN MSTATUS EAP_MSCHAPNtPasswordHash ( ubyte *  Password,
ubyte2  PasswordLen,
ubyte *  PasswordHash 
)

This function generates a password hash (disregarding any terminating NULL) using MD4.

Since
1.41
Version
1.41 and later

To enable this function, the following flag must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_MSCHAPv2__

Additionally, at least one of the following flags must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_PEER__
  • __ENABLE_MOCANA_EAP_AUTH__

eap_mschapv2.h

Parameters
PasswordPointer to peer password.
PasswordLenNumber of bytes in peer password (Password).
PasswordHashOn return, pointer to generated password hash.
Returns
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.

eap_mschapv2.h

◆ EAP_MSCHAPpeerResponse()

MOC_EXTERN MSTATUS EAP_MSCHAPpeerResponse ( ubyte *  appSessionHdl,
ubyte *  data,
ubyte2  datalen,
ubyte *  passwordString,
ubyte2  passLen,
ubyte *  peerResponse,
ubyte *  peerChallenge,
ubyte *  authChallenge,
ubyte *  UserName,
ubyte2  UserNameLen,
ubyte **  eapRespData,
ubyte4 *  eapRespLen,
byteBoolean *  cmp 
)

This function (used by the peer) determines whether the authenticator response to the peer's previous challenge is valid, returns the results (TRUE or FALSE) through the cmp parameter, and builds the resultant SUCCESS/FAIL response.

Since
1.41
Version
1.41 and later

To enable this function, the following flag must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_MSCHAPv2__

Additionally, at least one of the following flags must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_PEER__
  • __ENABLE_MOCANA_EAP_AUTH__

eap_mschapv2.h

Parameters
appSessionHdlApplication session handle (cookie given by the application to identify the session).
dataPointer to EAP payload containing MSCHAP authenticator response, which must be in the format <Type, MSCHAP packet>.
datalenNumber of bytes in EAP payload (data).
passwordStringPointer to MS-CHAP-V2 session password to use for response.
passLenNumber of bytes in session password (passwordString).
peerResponseCalculated NT Authenticator value (returned from EAP_MSCHAPProcessPeer) originally sent to the authenticator.
peerChallengePointer to original peer challenge that was sent to the authenticator
authChallengePointer to original challenge response received from the authenticator by EAP_MSCHAPProcessPeer.
UserNamePointer to MS-CHAP-V2 session username to use for EAP response.
UserNameLenNumber of bytes in session username (UserName).
eapRespDataOn return, pointer to EAP response message.
eapRespLenOn return, pointer to number of bytes in EAP response message (eapRespData).
cmpOn return, pointer to result of authenticator-peer mutual challenge result: TRUE or FALSE.
Returns
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.
See also
EAP_MSCHAPstartRequest
EAP_MSCHAPProcessAuth
EAP_MSCHAPProcessPeer

eap_mschapv2.h

◆ EAP_MSCHAPProcessAuth()

MOC_EXTERN MSTATUS EAP_MSCHAPProcessAuth ( ubyte *  appSessionHdl,
ubyte *  data,
ubyte4  datalen,
ubyte *  UserName,
ubyte4  UserNameLen,
ubyte *  succMsg,
ubyte4  succMsgLen,
ubyte *  failMsg,
ubyte4  failMsgLen,
ubyte *  passwordString,
ubyte4  passLen,
ubyte *  authChallenge,
ubyte *  NtResponse,
ubyte **  eapReqData,
ubyte4 *  eapReqLen 
)

This function (called by the authenticator) validates an MSCHAP peer response and in turn builds an EAP response indicating success or failure. In the case of success, the authenticator also sends the response to the peer's challenge.

Since
1.41
Version
1.41 and later

To enable this function, the following flag must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_MSCHAPv2__

Additionally, at least one of the following flags must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_PEER__
  • __ENABLE_MOCANA_EAP_AUTH__

eap_mschapv2.h

Parameters
appSessionHdlApplication session handle (cookie given by the application to identify the session).
dataPointer to EAP payload containing MSCHAP peer response, which must be in the format <Type, MSCHAP packet>.
datalenNumber of bytes in EAP payload (data).
UserNamePointer to MS-CHAP-V2 session username to use for EAP response.
UserNameLenNumber of bytes in session username (UserName).
succMsgPointer to desired success message string to send to peer.
succMsgLenNumber of bytes in desired success message (succMsg).
failMsgPointer to desired fail message string to send to peer.
failMsgLenNumber of bytes in desired fail message (failMsg).
passwordStringPointer to MS-CHAP-V2 session password to use for response.
passLenNumber of bytes in session password (passwordString).
authChallengePointer to original authenticator challenge that was sent to the peer by EAP_MSCHAPstartRequest.
NtResponseOn return, pointer to NT Authenticator for this session.
eapReqDataOn return, pointer to EAP response message.
eapReqLenOn return, pointer to number of bytes in EAP response message (eapReqData).
Returns
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.
See also
EAP_MSCHAPstartRequest
EAP_MSCHAPProcessAuth

eap_mschapv2.h

◆ EAP_MSCHAPProcessPeer()

MOC_EXTERN MSTATUS EAP_MSCHAPProcessPeer ( ubyte *  appSessionHdl,
ubyte *  data,
ubyte4  datalen,
ubyte *  UserName,
ubyte4  UserNameLen,
ubyte *  passwordString,
ubyte4  passLen,
ubyte *  peerChallenge,
ubyte *  authChallenge,
ubyte *  NtAuthenticator,
ubyte **  eapRespData,
ubyte4 *  eapRespLen 
)

This function builds a response to send to the authenticator based on a challenge received by a peer.

Since
1.41
Version
1.41 and later

To enable this function, the following flag must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_MSCHAPv2__

Additionally, at least one of the following flags must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_PEER__
  • __ENABLE_MOCANA_EAP_AUTH__

eap_mschapv2.h

Parameters
appSessionHdlApplication session handle (cookie given by the application to identify the session).
dataPointer to received challenge packet, which must be in the format <Type, MSCHAP packet>.
datalenNumber of bytes in received challenge packet (data).
UserNamePointer to MS-CHAP-V2 session username to use for EAP response.
UserNameLenNumber of bytes in session username (UserName).
passwordStringPointer to MS-CHAP-V2 session password to use for response.
passLenNumber of bytes in session password (passwordString).
peerChallengeOn return, pointer to peer challenge sent to authenticator (piggybacked to the response to the challenge originally sent by the authenticator).
authChallengeOn return, pointer to authenticator challenge value extracted from the data packet; returned to the application for subsequent inclusion in a call to EAP_MSCHAPpeerResponse.
NtAuthenticatorOn return, pointer to NT Authenticator (the eapRespData plus the UserName); returned to the application for subsequent inclusion in a call to EAP_MSCHAPpeerResponse or EAP_MSCHAPcheckAuthenticatorResponse.
eapRespDataOn return, pointer to resultant authentication response.
eapRespLenOn return, pointer to number of bytes resultant authentication response (eapRespData).
Returns
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.
See also
EAP_MSCHAPstartRequest
EAP_MSCHAPProcessAuth

eap_mschapv2.h

◆ EAP_MSCHAPstartRequest()

MOC_EXTERN MSTATUS EAP_MSCHAPstartRequest ( ubyte *  appSessionHdl,
ubyte *  identity,
ubyte2  identityLen,
ubyte *  challenge,
ubyte **  eapReqData,
ubyte4 *  eapReqLen 
)

This function builds a challenge request based on the specified challenge data for the authenticator to transmit to the peer.

Since
1.41
Version
1.41 and later

To enable this function, the following flag must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_MSCHAPv2__

Additionally, at least one of the following flags must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_PEER__
  • __ENABLE_MOCANA_EAP_AUTH__

eap_mschapv2.h

Parameters
appSessionHdlApplication session handle (cookie given by the application to identify the session).
identityPointer to user identity.
identityLenNumber of bytes in user identity (identity).
challengePointer to challenge data to use in challenge request.
eapReqDataOn return, pointer to resultant challenge request.
eapReqLenOn return, pointer to number of bytes of resultant challenge request (eapReqData).
Returns
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.

eap_mschapv2.h

◆ EAP_MSCHAPv0generateNTResponse()

MOC_EXTERN MSTATUS EAP_MSCHAPv0generateNTResponse ( ubyte *  AuthenticatorChallenge,
ubyte *  Password,
ubyte2  PasswordLen,
ubyte *  Response 
)

This function builds an NT Response for MS-CHAP-V0 based on the specified authenticator challenge and peer password.

Since
1.41
Version
1.41 and later

To enable this function, the following flag must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_MSCHAPv2__

Additionally, at least one of the following flags must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_PEER__
  • __ENABLE_MOCANA_EAP_AUTH__

eap_mschapv2.h

Parameters
AuthenticatorChallengePointer to original authenticator challenge built by EAP_MSCHAPProcessPeer.
PasswordPointer to peer password to use for response.
PasswordLenNumber of bytes in peer password (Password).
ResponseOn return, pointer to resultant response.
Returns
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.

eap_mschapv2.h

◆ EAP_MSCHAPV2_getChallenge()

MOC_EXTERN MSTATUS EAP_MSCHAPV2_getChallenge ( ubyte *  buf)

This function returns (through the buf parameter) a 16-byte challenge value.

Since
2.02
Version
2.02 and later

To enable this function, the following flag must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_MSCHAPv2__

Additionally, at least one of the following flags must be defined in moptions.h:

  • __ENABLE_MOCANA_EAP_PEER__
  • __ENABLE_MOCANA_EAP_AUTH__

eap_mschapv2.h

Parameters
bufOn return, pointer to 16-byte challenge value.
Returns
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.

eap_mschapv2.h