wpa_supplicant: eap_tls_common.h Source File

00001 /*
00002  * EAP peer: EAP-TLS/PEAP/TTLS/FAST common functions
00003  * Copyright (c) 2004-2009, Jouni Malinen <j@w1.fi>
00004  *
00005  * This program is free software; you can redistribute it and/or modify
00006  * it under the terms of the GNU General Public License version 2 as
00007  * published by the Free Software Foundation.
00008  *
00009  * Alternatively, this software may be distributed under the terms of BSD
00010  * license.
00011  *
00012  * See README and COPYING for more details.
00013  */
00014 
00015 #ifndef EAP_TLS_COMMON_H
00016 #define EAP_TLS_COMMON_H
00017 
00021 struct eap_ssl_data {
00025         struct tls_connection *conn;
00026 
00030         struct wpabuf *tls_out;
00031 
00035         size_t tls_out_pos;
00036 
00040         size_t tls_out_limit;
00041 
00045         struct wpabuf *tls_in;
00046 
00050         size_t tls_in_left;
00051 
00055         size_t tls_in_total;
00056 
00060         int phase2;
00061 
00066         int include_tls_length;
00067 
00071         int tls_ia;
00072 
00076         struct eap_sm *eap;
00077 };
00078 
00079 
00080 /* EAP TLS Flags */
00081 #define EAP_TLS_FLAGS_LENGTH_INCLUDED 0x80
00082 #define EAP_TLS_FLAGS_MORE_FRAGMENTS 0x40
00083 #define EAP_TLS_FLAGS_START 0x20
00084 #define EAP_TLS_VERSION_MASK 0x07
00085 
00086  /* could be up to 128 bytes, but only the first 64 bytes are used */
00087 #define EAP_TLS_KEY_LEN 64
00088 
00089 
00090 int eap_peer_tls_ssl_init(struct eap_sm *sm, struct eap_ssl_data *data,
00091                           struct eap_peer_config *config);
00092 void eap_peer_tls_ssl_deinit(struct eap_sm *sm, struct eap_ssl_data *data);
00093 u8 * eap_peer_tls_derive_key(struct eap_sm *sm, struct eap_ssl_data *data,
00094                              const char *label, size_t len);
00095 int eap_peer_tls_process_helper(struct eap_sm *sm, struct eap_ssl_data *data,
00096                                 EapType eap_type, int peap_version,
00097                                 u8 id, const u8 *in_data, size_t in_len,
00098                                 struct wpabuf **out_data);
00099 struct wpabuf * eap_peer_tls_build_ack(u8 id, EapType eap_type,
00100                                        int peap_version);
00101 int eap_peer_tls_reauth_init(struct eap_sm *sm, struct eap_ssl_data *data);
00102 int eap_peer_tls_status(struct eap_sm *sm, struct eap_ssl_data *data,
00103                         char *buf, size_t buflen, int verbose);
00104 const u8 * eap_peer_tls_process_init(struct eap_sm *sm,
00105                                      struct eap_ssl_data *data,
00106                                      EapType eap_type,
00107                                      struct eap_method_ret *ret,
00108                                      const struct wpabuf *reqData,
00109                                      size_t *len, u8 *flags);
00110 void eap_peer_tls_reset_input(struct eap_ssl_data *data);
00111 void eap_peer_tls_reset_output(struct eap_ssl_data *data);
00112 int eap_peer_tls_decrypt(struct eap_sm *sm, struct eap_ssl_data *data,
00113                          const struct wpabuf *in_data,
00114                          struct wpabuf **in_decrypted);
00115 int eap_peer_tls_encrypt(struct eap_sm *sm, struct eap_ssl_data *data,
00116                          EapType eap_type, int peap_version, u8 id,
00117                          const struct wpabuf *in_data,
00118                          struct wpabuf **out_data);
00119 int eap_peer_select_phase2_methods(struct eap_peer_config *config,
00120                                    const char *prefix,
00121                                    struct eap_method_type **types,
00122                                    size_t *num_types);
00123 int eap_peer_tls_phase2_nak(struct eap_method_type *types, size_t num_types,
00124                             struct eap_hdr *hdr, struct wpabuf **resp);
00125 
00126 #endif /* EAP_TLS_COMMON_H */