14 * Description: EAP and WLAN authentication protocols. |
14 * Description: EAP and WLAN authentication protocols. |
15 * |
15 * |
16 */ |
16 */ |
17 |
17 |
18 /* |
18 /* |
19 * %version: 39 % |
19 * %version: 36.1.6 % |
20 */ |
20 */ |
21 |
21 |
22 #if !defined(_EAPTLSPEAPDBDEFAULTS_H_) |
22 #if !defined(_EAPTLSPEAPDBDEFAULTS_H_) |
23 #define _EAPTLSPEAPDBDEFAULTS_H_ |
23 #define _EAPTLSPEAPDBDEFAULTS_H_ |
24 |
24 |
25 enum TTLSPEAPUseManualRealm |
25 #include "EapPluginDbDefaults.h" |
26 { |
26 #include "tls_peap_types.h" |
27 ETLSPEAPUseManualRealmNo, // False. Don't use Manual Realm. |
|
28 ETLSPEAPUseManualRealmYes, // True. Use Manual Realm. |
|
29 }; |
|
30 |
|
31 enum TTLSPEAPUseManualUsername |
|
32 { |
|
33 ETLSPEAPUseManualUsernameNo, // False. Don't use Manual Username. |
|
34 ETLSPEAPUseManualUsernameYes, // True. Use Manual Username. |
|
35 }; |
|
36 |
|
37 enum TTLSPEAPVerifyCertRealm |
|
38 { |
|
39 ETLSPEAPVerifyCertRealmNo, // False. Don't Verify Certificate Realm. |
|
40 ETLSPEAPVerifyCertRealmYes, // True. Verify Certificate Realm. |
|
41 }; |
|
42 |
|
43 enum TTLSPEAPServerAuthenticatesClientPolicy |
|
44 { |
|
45 ETLSPEAPServerAuthenticatesClientPolicyNo, // False. |
|
46 ETLSPEAPServerAuthenticatesClientPolicyYes, // True. |
|
47 }; |
|
48 |
|
49 enum TTLSPEAPTLSPrivacy |
|
50 { |
|
51 ETLSPEAPTLSPrivacyNo, // False. TLS Privacy OFF. |
|
52 ETLSPEAPTLSPrivacyYes, // True. TLS Privacy ON. |
|
53 }; |
|
54 |
|
55 #ifdef USE_FAST_EAP_TYPE |
|
56 |
|
57 enum TFASTAuthProvModeAllowed |
|
58 { |
|
59 EFASTAuthProvModeAllowedNo, // False. Authenticated provisioning mode NOT allowed. |
|
60 EFASTAuthProvModeAllowedYes, // True. Authenticated provisioning mode allowed. |
|
61 }; |
|
62 |
|
63 enum TFASTUnauthProvModeAllowed |
|
64 { |
|
65 EFASTUnauthProvModeAllowedNo, // False. Unauthenticated provisioning mode NOT allowed. |
|
66 EFASTUnauthProvModeAllowedYes, // True. Unauthenticated provisioning mode allowed. |
|
67 }; |
|
68 |
|
69 enum TFASTWarnADHPNoPAC |
|
70 { |
|
71 EFASTWarnADHPNoPACNo, // False. Warnings or prompts NOT allowed. |
|
72 EFASTWarnADHPNoPACYes, // True. Warnings or prompts allowed. |
|
73 }; |
|
74 |
|
75 enum TFASTWarnADHPNoMatchingPAC |
|
76 { |
|
77 EFASTWarnADHPNoMatchingPACNo, // False. Warnings or prompts NOT allowed. |
|
78 EFASTWarnADHPNoMatchingPACYes, // True. Warnings or prompts allowed. |
|
79 }; |
|
80 |
|
81 enum TFASTWarnNotDefaultServer |
|
82 { |
|
83 EFASTWarnNotDefaultServerNo, // False. Warnings or prompts NOT allowed. |
|
84 EFASTWarnNotDefaultServerYes, // True. Warnings or prompts allowed. |
|
85 }; |
|
86 |
|
87 #endif //#ifdef USE_FAST_EAP_TYPE |
|
88 |
27 |
89 // LOCAL CONSTANTS |
28 // LOCAL CONSTANTS |
90 const TInt default_EAP_TLS_PEAP_use_manual_realm = ETLSPEAPUseManualRealmNo; |
29 const TInt default_EAP_TLS_PEAP_use_manual_realm = EEapDbFalse; |
91 _LIT(default_EAP_TLS_PEAP_manual_realm, ""); |
|
92 |
30 |
93 const TInt default_EAP_TLS_PEAP_use_manual_username = ETLSPEAPUseManualUsernameNo; |
31 const TInt default_EAP_TLS_PEAP_use_manual_username = EEapDbFalse; |
94 _LIT(default_EAP_TLS_PEAP_manual_username, ""); |
|
95 |
32 |
96 const TInt default_EAP_TLS_PEAP_cipher_suite = tls_cipher_suites_TLS_RSA_WITH_3DES_EDE_CBC_SHA; |
33 const TInt default_EAP_TLS_PEAP_cipher_suite = tls_cipher_suites_TLS_RSA_WITH_3DES_EDE_CBC_SHA; |
97 |
34 |
98 const TInt default_EAP_TLS_PEAP_used_PEAP_version = 0; |
35 const TInt default_EAP_TLS_PEAP_used_PEAP_version = 0; |
99 const TInt default_EAP_TLS_PEAP_accepted_PEAP_versions[] = {0, 1, -1}; |
36 const TInt default_EAP_TLS_PEAP_accepted_PEAP_versions[] = {0, 1, -1}; |
101 _LIT8(default_PEAP_tunneled_types, ""); |
38 _LIT8(default_PEAP_tunneled_types, ""); |
102 |
39 |
103 const TInt default_EAP_TLS_server_authenticates_client = 1; |
40 const TInt default_EAP_TLS_server_authenticates_client = 1; |
104 const TInt default_EAP_PEAP_TTLS_server_authenticates_client = 0; |
41 const TInt default_EAP_PEAP_TTLS_server_authenticates_client = 0; |
105 |
42 |
106 _LIT(default_CA_cert_label, "rsaca.eapsim.foo"); |
43 _LIT(default_CA_cert_label, ""); |
107 _LIT(default_client_cert_label, "rsaclient@eapsim.foo"); |
44 _LIT(default_client_cert_label, ""); |
108 |
45 |
109 const TInt default_EAP_TLS_PEAP_verify_certificate_realm = 0; |
46 const TInt default_EAP_TLS_PEAP_verify_certificate_realm = 0; |
110 |
47 |
111 const TUint default_EAP_TLS_PEAP_TLS_Privacy = ETLSPEAPTLSPrivacyNo; |
48 const TUint default_EAP_TLS_PEAP_TLS_Privacy = EEapDbFalse; |
112 |
49 |
113 const TInt64 default_MaxSessionTime = 0; // 0 means read from configuration file. |
50 const TUint default_EAP_TLS_PEAP_use_automatic_ca_certificate = EEapDbFalse; |
114 const TInt64 default_FullAuthTime = 0; |
|
115 |
51 |
116 // Defaults for EAP-FAST specific items |
52 // Defaults for EAP-FAST specific items |
117 #ifdef USE_FAST_EAP_TYPE |
53 #ifdef USE_FAST_EAP_TYPE |
118 const TUint default_EAP_FAST_Auth_Prov_Mode_Allowed = EFASTAuthProvModeAllowedNo; // Default is NO |
54 const TUint default_EAP_FAST_Auth_Prov_Mode_Allowed = EEapDbFalse; // Default is NO |
119 const TUint default_EAP_FAST_Unauth_Prov_Mode_Allowed = EFASTUnauthProvModeAllowedNo; // Default is NO |
55 const TUint default_EAP_FAST_Unauth_Prov_Mode_Allowed = EEapDbFalse; // Default is NO |
120 const TUint default_EAP_FAST_Warn_ADHP_No_PAC = EFASTWarnADHPNoPACNo; // Default is NO |
56 const TUint default_EAP_FAST_Warn_ADHP_No_PAC = EEapDbTrue; // Default is YES |
121 const TUint default_EAP_FAST_Warn_ADHP_No_Matching_PAC = EFASTWarnADHPNoMatchingPACNo; // Default is NO |
57 const TUint default_EAP_FAST_Warn_ADHP_No_Matching_PAC = EEapDbTrue; // Default is YES |
122 const TUint default_EAP_FAST_Warn_Not_Default_Server = EFASTWarnNotDefaultServerNo; // Default is NO |
58 const TUint default_EAP_FAST_Warn_Not_Default_Server = EEapDbTrue; // Default is YES |
123 #endif //#ifdef USE_FAST_EAP_TYPE |
59 #endif //#ifdef USE_FAST_EAP_TYPE |
124 |
60 |
125 // Add here the cipher suites you want to be allowed by default. Note that the last |
61 // Add here the cipher suites you want to be allowed by default. Note that the last |
126 // element must be 0. |
62 // element must be 0. |
127 const TInt default_allowed_cipher_suites[] = { |
63 const TInt default_allowed_cipher_suites[] = { |
144 tls_cipher_suites_TLS_RSA_WITH_RC4_128_MD5, |
80 tls_cipher_suites_TLS_RSA_WITH_RC4_128_MD5, |
145 tls_cipher_suites_TLS_RSA_WITH_RC4_128_SHA, |
81 tls_cipher_suites_TLS_RSA_WITH_RC4_128_SHA, |
146 0 |
82 0 |
147 }; |
83 }; |
148 |
84 |
149 const TUint KMaxManualUsernameLengthInDB = 255; |
|
150 const TUint KMaxManualRealmLengthInDB = 255; |
|
151 const TUint KMaxCertLabelLengthInDB = 255; |
85 const TUint KMaxCertLabelLengthInDB = 255; |
152 const TUint KMaxSubjectKeyIdLengthInDB = 255; // Not using KKeyIdentifierLength (EapSettings.h) as this is |
86 const TUint KMaxSubjectKeyIdLengthInDB = 255; // Not using KKeyIdentifierLength (EapSettings.h) as this is |
153 // Symbian's subjectkey id (hash of actual subjectkey id), though the lengths are same. |
87 // Symbian's subjectkey id (hash of actual subjectkey id), though the lengths are same. |
154 const TUint KMaxSessionIdLengthInDB = 32; |
88 const TUint KMaxSessionIdLengthInDB = 32; |
155 const TUint KMaxMasterSecretLengthInDB = 48; |
89 const TUint KMaxMasterSecretLengthInDB = 48; |