![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to tls_eap.h CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libtls|
Return to tls_eap.h CVS log | Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libtls |
1.1 misho 1: /*
2: * Copyright (C) 2010 Martin Willi
3: * Copyright (C) 2010 revosec AG
4: *
5: * This program is free software; you can redistribute it and/or modify it
6: * under the terms of the GNU General Public License as published by the
7: * Free Software Foundation; either version 2 of the License, or (at your
8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9: *
10: * This program is distributed in the hope that it will be useful, but
11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13: * for more details.
14: */
15:
16: /**
17: * @defgroup tls_eap tls_eap
18: * @{ @ingroup libtls
19: */
20:
21: #ifndef TLS_EAP_H_
22: #define TLS_EAP_H_
23:
24: typedef struct tls_eap_t tls_eap_t;
25:
26: #include <eap/eap.h>
27:
28: #include "tls.h"
29:
30: /**
31: * TLS over EAP helper, as used by EAP-TLS and EAP-TTLS.
32: */
33: struct tls_eap_t {
34:
35: /**
36: * Initiate TLS/TTLS/TNC over EAP exchange (as client).
37: *
38: * @param out allocated EAP packet data to send
39: * @return
40: * - NEED_MORE if more exchanges required
41: * - FAILED if initiation failed
42: */
43: status_t (*initiate)(tls_eap_t *this, chunk_t *out);
44:
45: /**
46: * Process a received EAP-TLS/TTLS/TNC packet, create response.
47: *
48: * @param in EAP packet data to process
49: * @param out allocated EAP packet data to send
50: * @return
51: * - SUCCESS if TLS negotiation completed
52: * - FAILED if TLS negotiation failed
53: * - NEED_MORE if more exchanges required
54: */
55: status_t (*process)(tls_eap_t *this, chunk_t in, chunk_t *out);
56:
57: /**
58: * Get the EAP-MSK.
59: *
60: * @return MSK
61: */
62: chunk_t (*get_msk)(tls_eap_t *this);
63:
64: /**
65: * Get the current EAP identifier.
66: *
67: * @return identifier
68: */
69: uint8_t (*get_identifier)(tls_eap_t *this);
70:
71: /**
72: * Set the EAP identifier to a deterministic value, overwriting
73: * the randomly initialized default value.
74: *
75: * @param identifier EAP identifier
76: */
77: void (*set_identifier) (tls_eap_t *this, uint8_t identifier);
78:
79: /**
80: * Get the authentication details after completing the handshake.
81: *
82: * @return authentication details, internal data
83: */
84: auth_cfg_t* (*get_auth)(tls_eap_t *this);
85:
86: /**
87: * Destroy a tls_eap_t.
88: */
89: void (*destroy)(tls_eap_t *this);
90: };
91:
92: /**
93: * Create a tls_eap instance.
94: *
95: * @param type EAP type, EAP-TLS or EAP-TTLS
96: * @param tls TLS implementation
97: * @param frag_size maximum size of a TLS fragment we send
98: * @param max_msg_count maximum number of processed messages
99: * @param include_length if TRUE include length in non-fragmented packets
100: */
101: tls_eap_t *tls_eap_create(eap_type_t type, tls_t *tls, size_t frag_size,
102: int max_msg_count, bool include_length);
103:
104: #endif /** TLS_EAP_H_ @}*/