 |
TrustCore SDK NanoSec API reference
version 7.0
|
|
TrustCore SDK NanoSec API reference
version 7.0
|
Provides EAP-PEAP (EAP-protected EAP) authentication. More...
Functions | |
| MOC_EXTERN MSTATUS | EAP_PEAPdeleteSession (void *eapPEAPSession) |
| Delete an EAP-PEAP session. More... | |
| MOC_EXTERN MSTATUS | EAP_PEAPFormSendPacket (void *eapPEAPCb, ubyte *pkt, ubyte4 pktLen, ubyte **eapResponse, ubyte4 *eapRespLen) |
| Build a PEAP packet. More... | |
| MOC_EXTERN MSTATUS | EAP_PEAPgetKey (void *eapCb, ubyte *key, ubyte2 keyLen) |
| Generate and return a session's authentication keys. More... | |
| MOC_EXTERN MSTATUS | EAP_PEAPgetSessionStatus (void *eapPEAPCb, ubyte *eapSessionStatus) |
| Get a session's current status. More... | |
| MOC_EXTERN MSTATUS | EAP_PEAPinitSession (ubyte *appSessionCB, ubyte **eapPEAPSession, EAP_PEAP_params *eapPEAPparams) |
| Create and initialize an EAP-PEAP session. More... | |
| MOC_EXTERN MSTATUS | EAP_PEAPreceiveLLPacket (void *eapPEAPCb, ubyte *pkt, ubyte4 pktLen) |
| Process an encrypted PEAP payload. More... | |
| MOC_EXTERN MSTATUS | EAP_PEAPSendResultTlv (ubyte *eapHdl, ubyte2 intResult) |
| Build and send a result TLV packet. More... | |
| MOC_EXTERN MSTATUS | EAP_PEAPSetEapHdr (void *eapCB, eapCode code, ubyte id) |
| Assign the code and ID values to an inner EAP header. More... | |
| MOC_EXTERN MSTATUS | EAP_PEAPulAuthTransmit (ubyte *eapSessionHdl, ubyte4 instanceId, eapMethodType methodType, eapCode code, eapMethodDecision methodDecision, eapMethodState methodState, ubyte *eap_data, ubyte4 eap_data_len) |
| Transmit packets from the authenticator to the peer through the second stage EAP stack. More... | |
| MOC_EXTERN MSTATUS | EAP_PEAPulPeerTransmit (ubyte *eapSessionHdl, ubyte4 instanceId, eapMethodType methodType, eapCode code, eapMethodDecision methodDecision, eapMethodState methodState, ubyte *eap_data, ubyte4 eap_data_len) |
| Transmit packets from the peer to the authenticator through the second stage EAP stack. More... | |
| MOC_EXTERN MSTATUS EAP_PEAPdeleteSession | ( | void * | eapPEAPSession | ) |
This function deletes an EAP-PEAP session.
To enable this function, the following flag must be defined in moptions.h:
__ENABLE_MOCANA_EAP_PEAP__ Additionally, at least one of the following flags must be defined in moptions.h:
__ENABLE_MOCANA_EAP_PEER__ __ENABLE_MOCANA_EAP_AUTH__ | eapPEAPSession | EAP-PEAP session handle returned from EAP_PEAPinitSession. |
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.| MOC_EXTERN MSTATUS EAP_PEAPFormSendPacket | ( | void * | eapPEAPCb, |
| ubyte * | pkt, | ||
| ubyte4 | pktLen, | ||
| ubyte ** | eapResponse, | ||
| ubyte4 * | eapRespLen | ||
| ) |
This function builds a PEAP packet from the specified encrypted second stage payload, prepending the header and performing any required fragmentation, and returns the resultant packet through the eapResponse parameter. Typically your application passes the resulting packet to EAP for transmission from authenticator to peer or from peer to authenticator.
To enable this function, the following flag must be defined in moptions.h:
__ENABLE_MOCANA_EAP_PEAP__ Additionally, at least one of the following flags must be defined in moptions.h:
__ENABLE_MOCANA_EAP_PEER__ __ENABLE_MOCANA_EAP_AUTH__ | eapPEAPCb | EAP-PEAP session handle returned from EAP_PEAPinitSession. |
| pkt | Pointer to payload to include in the PEAP packet. |
| pktLen | Number of bytes of payload data (pkt). |
| eapResponse | On return, pointer to resultant PEAP response packet. |
| eapRespLen | On return, number of bytes in EAP response payload (eapResponse). |
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.| MOC_EXTERN MSTATUS EAP_PEAPgetKey | ( | void * | eapCb, |
| ubyte * | key, | ||
| ubyte2 | keyLen | ||
| ) |
This function generates and returns a session's authentication keys.
To enable this function, the following flag must be defined in moptions.h:
__ENABLE_MOCANA_EAP_PEAP__ Additionally, at least one of the following flags must be defined in moptions.h:
__ENABLE_MOCANA_EAP_PEER__ __ENABLE_MOCANA_EAP_AUTH__ | eapCb | EAP-PEAP session handle returned from EAP_PEAPinitSession. |
| key | On return, pointer to authentication keys. |
| keyLen | Number of bytes desired in the authentication key. |
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.| MOC_EXTERN MSTATUS EAP_PEAPgetSessionStatus | ( | void * | eapPEAPCb, |
| ubyte * | eapSessionStatus | ||
| ) |
This function returns (through the eapSessionStatus parameter) a session's status.
To enable this function, the following flag must be defined in moptions.h:
__ENABLE_MOCANA_EAP_PEAP__ Additionally, at least one of the following flags must be defined in moptions.h:
__ENABLE_MOCANA_EAP_PEER__ __ENABLE_MOCANA_EAP_AUTH__ | eapPEAPCb | EAP-PEAP session handle returned from EAP_PEAPinitSession. |
| eapSessionStatus | On return, pointer to session status structure. |
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.| MOC_EXTERN MSTATUS EAP_PEAPinitSession | ( | ubyte * | appSessionCB, |
| ubyte ** | eapPEAPSession, | ||
| EAP_PEAP_params * | eapPEAPparams | ||
| ) |
This function creates and initializes an EAP-PEAP session based on the specified parameters, returning the resultant session handle through the eapPEAPSession parameter.
To enable this function, the following flag must be defined in moptions.h:
__ENABLE_MOCANA_EAP_PEAP__ Additionally, at least one of the following flags must be defined in moptions.h:
__ENABLE_MOCANA_EAP_PEER__ __ENABLE_MOCANA_EAP_AUTH__ | appSessionCB | Application session handle (cookie given by the application to identify the session). |
| eapPEAPSession | On return, pointer to EAP-PEAP session handle. |
| eapPEAPparams | Pointer to desired PEAP session parameters. |
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.| MOC_EXTERN MSTATUS EAP_PEAPreceiveLLPacket | ( | void * | eapPEAPCb, |
| ubyte * | pkt, | ||
| ubyte4 | pktLen | ||
| ) |
This function processes an encrypted PEAP payload (in the form of TLVs — type-length-values), performs any required fragmentation, and passes the packet to the second phase of the PEAP stack.
To enable this function, the following flag must be defined in moptions.h:
__ENABLE_MOCANA_EAP_PEAP__ Additionally, at least one of the following flags must be defined in moptions.h:
__ENABLE_MOCANA_EAP_PEER__ __ENABLE_MOCANA_EAP_AUTH__ | eapPEAPCb | EAP-PEAP session handle returned from EAP_PEAPinitSession. |
| pkt | Pointer to encrypted PEAP packet. |
| pktLen | Number of bytes of encrypted PEAP data (pkt). |
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.| MOC_EXTERN MSTATUS EAP_PEAPSendResultTlv | ( | ubyte * | eapHdl, |
| ubyte2 | intResult | ||
| ) |
This function builds a result TLV packet based on the specified intResult value and sends it to a peer.
To enable this function, the following flags must be defined in moptions.h:
__ENABLE_MOCANA_EAP_AUTH__ __ENABLE_MOCANA_EAP_PEAP__ | eapHdl | EAP-PEAP session handle returned from EAP_PEAPinitSession. |
| intResult | 1 to specify a success TLV; any other value to specify a failure TLV. |
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.| MOC_EXTERN MSTATUS EAP_PEAPSetEapHdr | ( | void * | eapCB, |
| eapCode | code, | ||
| ubyte | id | ||
| ) |
This function assigns the specified code and ID values to an inner EAP header. Typically this is used in PEAP v0 when the authenticator or peer has not sent the inner header information, which is required by the inner (second stage) EAP state machine for packet processing.
To enable this function, the following flag must be defined in moptions.h:
__ENABLE_MOCANA_EAP_PEAP__ Additionally, at least one of the following flags must be defined in moptions.h:
__ENABLE_MOCANA_EAP_PEER__ __ENABLE_MOCANA_EAP_AUTH__ | eapCB | EAP-PEAP session handle returned from EAP_PEAPinitSession. |
| code | Any of the eapCode enumerated values (defined in eap_proto.h). |
| id | EAP request header ID (unique to this session). |
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.| MOC_EXTERN MSTATUS EAP_PEAPulAuthTransmit | ( | ubyte * | eapSessionHdl, |
| ubyte4 | instanceId, | ||
| eapMethodType | methodType, | ||
| eapCode | code, | ||
| eapMethodDecision | methodDecision, | ||
| eapMethodState | methodState, | ||
| ubyte * | eap_data, | ||
| ubyte4 | eap_data_len | ||
| ) |
This function (called by the second stage authenticator processing) transmits packets from the authenticator to the peer through the second stage EAP stack.
To enable this function, the following flags must be defined in moptions.h:
__ENABLE_MOCANA_EAP_AUTH__ __ENABLE_MOCANA_EAP_PEAP__ | eapSessionHdl | EAP-PEAP session handle returned from EAP_PEAPinitSession. |
| instanceId | EAP instance ID returned from EAP_initInstance. |
| methodType | eapMethodType enumerated value for the second phase (refer to eap_proto.h). |
| code | Any of the following eapCode enumerated values (see eap_proto.h):
|
| methodDecision | eapMethodDecision enumerated value (refer to eap_proto.h) |
| methodState | eapMethodState enumerated value (refer to eap_proto.h) |
| eap_data | Pointer to EAP packet to be transmitted. |
| eap_data_len | Number of bytes in EAP packet to be transmitted (eap_data). |
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.| MOC_EXTERN MSTATUS EAP_PEAPulPeerTransmit | ( | ubyte * | eapSessionHdl, |
| ubyte4 | instanceId, | ||
| eapMethodType | methodType, | ||
| eapCode | code, | ||
| eapMethodDecision | methodDecision, | ||
| eapMethodState | methodState, | ||
| ubyte * | eap_data, | ||
| ubyte4 | eap_data_len | ||
| ) |
This function (called by the second stage peer processing) transmits packets from the peer to the authenticator through the second stage EAP stack.
To enable this function, the following flags must be defined in moptions.h:
__ENABLE_MOCANA_EAP_PEER__ __ENABLE_MOCANA_EAP_PEAP__ | eapSessionHdl | EAP-PEAP session handle returned from EAP_PEAPinitSession. |
| instanceId | EAP instance ID returned from EAP_initInstance. |
| methodType | eapMethodType enumerated value for the second phase (refer to eap_proto.h). |
| code | EAP_CODE_RESPONSE (an eapCode enumerated value, defined in eap_proto.h). |
| methodDecision | eapMethodDecision enumerated value (refer to eap_proto.h) |
| methodState | eapMethodState enumerated value (refer to eap_proto.h) |
| eap_data | Pointer to EAP packet to be transmitted. |
| eap_data_len | Number of bytes in EAP packet to be transmitted (eap_data). |
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.