14 * Description: EAP and WLAN authentication protocols. |
14 * Description: EAP and WLAN authentication protocols. |
15 * |
15 * |
16 */ |
16 */ |
17 |
17 |
18 /* |
18 /* |
19 * %version: 36.1.8 % |
19 * %version: 39 % |
20 */ |
20 */ |
21 |
21 |
22 #if !defined(_EAPTLSPEAPDBDEFAULTS_H_) |
22 #if !defined(_EAPTLSPEAPDBDEFAULTS_H_) |
23 #define _EAPTLSPEAPDBDEFAULTS_H_ |
23 #define _EAPTLSPEAPDBDEFAULTS_H_ |
24 |
24 |
25 #include "EapPluginDbDefaults.h" |
25 enum TTLSPEAPUseManualRealm |
26 #include "tls_peap_types.h" |
26 { |
|
27 ETLSPEAPUseManualRealmNo, // False. Don't use Manual Realm. |
|
28 ETLSPEAPUseManualRealmYes, // True. Use Manual Realm. |
|
29 }; |
|
30 |
|
31 enum TTLSPEAPUseManualUsername |
|
32 { |
|
33 ETLSPEAPUseManualUsernameNo, // False. Don't use Manual Username. |
|
34 ETLSPEAPUseManualUsernameYes, // True. Use Manual Username. |
|
35 }; |
|
36 |
|
37 enum TTLSPEAPVerifyCertRealm |
|
38 { |
|
39 ETLSPEAPVerifyCertRealmNo, // False. Don't Verify Certificate Realm. |
|
40 ETLSPEAPVerifyCertRealmYes, // True. Verify Certificate Realm. |
|
41 }; |
|
42 |
|
43 enum TTLSPEAPServerAuthenticatesClientPolicy |
|
44 { |
|
45 ETLSPEAPServerAuthenticatesClientPolicyNo, // False. |
|
46 ETLSPEAPServerAuthenticatesClientPolicyYes, // True. |
|
47 }; |
|
48 |
|
49 enum TTLSPEAPTLSPrivacy |
|
50 { |
|
51 ETLSPEAPTLSPrivacyNo, // False. TLS Privacy OFF. |
|
52 ETLSPEAPTLSPrivacyYes, // True. TLS Privacy ON. |
|
53 }; |
|
54 |
|
55 #ifdef USE_FAST_EAP_TYPE |
|
56 |
|
57 enum TFASTAuthProvModeAllowed |
|
58 { |
|
59 EFASTAuthProvModeAllowedNo, // False. Authenticated provisioning mode NOT allowed. |
|
60 EFASTAuthProvModeAllowedYes, // True. Authenticated provisioning mode allowed. |
|
61 }; |
|
62 |
|
63 enum TFASTUnauthProvModeAllowed |
|
64 { |
|
65 EFASTUnauthProvModeAllowedNo, // False. Unauthenticated provisioning mode NOT allowed. |
|
66 EFASTUnauthProvModeAllowedYes, // True. Unauthenticated provisioning mode allowed. |
|
67 }; |
|
68 |
|
69 enum TFASTWarnADHPNoPAC |
|
70 { |
|
71 EFASTWarnADHPNoPACNo, // False. Warnings or prompts NOT allowed. |
|
72 EFASTWarnADHPNoPACYes, // True. Warnings or prompts allowed. |
|
73 }; |
|
74 |
|
75 enum TFASTWarnADHPNoMatchingPAC |
|
76 { |
|
77 EFASTWarnADHPNoMatchingPACNo, // False. Warnings or prompts NOT allowed. |
|
78 EFASTWarnADHPNoMatchingPACYes, // True. Warnings or prompts allowed. |
|
79 }; |
|
80 |
|
81 enum TFASTWarnNotDefaultServer |
|
82 { |
|
83 EFASTWarnNotDefaultServerNo, // False. Warnings or prompts NOT allowed. |
|
84 EFASTWarnNotDefaultServerYes, // True. Warnings or prompts allowed. |
|
85 }; |
|
86 |
|
87 #endif //#ifdef USE_FAST_EAP_TYPE |
27 |
88 |
28 // LOCAL CONSTANTS |
89 // LOCAL CONSTANTS |
29 const TInt default_EAP_TLS_PEAP_use_manual_realm = EEapDbFalse; |
90 const TInt default_EAP_TLS_PEAP_use_manual_realm = ETLSPEAPUseManualRealmNo; |
30 |
91 _LIT(default_EAP_TLS_PEAP_manual_realm, ""); |
31 const TInt default_EAP_TLS_PEAP_use_manual_username = EEapDbFalse; |
92 |
|
93 const TInt default_EAP_TLS_PEAP_use_manual_username = ETLSPEAPUseManualUsernameNo; |
|
94 _LIT(default_EAP_TLS_PEAP_manual_username, ""); |
32 |
95 |
33 const TInt default_EAP_TLS_PEAP_cipher_suite = tls_cipher_suites_TLS_RSA_WITH_3DES_EDE_CBC_SHA; |
96 const TInt default_EAP_TLS_PEAP_cipher_suite = tls_cipher_suites_TLS_RSA_WITH_3DES_EDE_CBC_SHA; |
34 |
97 |
35 const TInt default_EAP_TLS_PEAP_used_PEAP_version = 0; |
98 const TInt default_EAP_TLS_PEAP_used_PEAP_version = 0; |
36 const TInt default_EAP_TLS_PEAP_accepted_PEAP_versions[] = {0, 1, -1}; |
99 const TInt default_EAP_TLS_PEAP_accepted_PEAP_versions[] = {0, 1, -1}; |
38 _LIT8(default_PEAP_tunneled_types, ""); |
101 _LIT8(default_PEAP_tunneled_types, ""); |
39 |
102 |
40 const TInt default_EAP_TLS_server_authenticates_client = 1; |
103 const TInt default_EAP_TLS_server_authenticates_client = 1; |
41 const TInt default_EAP_PEAP_TTLS_server_authenticates_client = 0; |
104 const TInt default_EAP_PEAP_TTLS_server_authenticates_client = 0; |
42 |
105 |
43 _LIT(default_CA_cert_label, ""); |
106 _LIT(default_CA_cert_label, "rsaca.eapsim.foo"); |
44 _LIT(default_client_cert_label, ""); |
107 _LIT(default_client_cert_label, "rsaclient@eapsim.foo"); |
45 |
108 |
46 const TInt default_EAP_TLS_PEAP_verify_certificate_realm = 0; |
109 const TInt default_EAP_TLS_PEAP_verify_certificate_realm = 0; |
47 |
110 |
48 const TUint default_EAP_TLS_PEAP_TTLS_Privacy = EEapDbFalse; |
111 const TUint default_EAP_TLS_PEAP_TLS_Privacy = ETLSPEAPTLSPrivacyNo; |
49 |
112 |
50 const TUint default_EAP_TLS_PEAP_use_automatic_ca_certificate = EEapDbTrue; |
113 const TInt64 default_MaxSessionTime = 0; // 0 means read from configuration file. |
|
114 const TInt64 default_FullAuthTime = 0; |
51 |
115 |
52 // Defaults for EAP-FAST specific items |
116 // Defaults for EAP-FAST specific items |
53 #ifdef USE_FAST_EAP_TYPE |
117 #ifdef USE_FAST_EAP_TYPE |
54 const TUint default_EAP_FAST_Auth_Prov_Mode_Allowed = EEapDbFalse; // Default is NO |
118 const TUint default_EAP_FAST_Auth_Prov_Mode_Allowed = EFASTAuthProvModeAllowedNo; // Default is NO |
55 const TUint default_EAP_FAST_Unauth_Prov_Mode_Allowed = EEapDbFalse; // Default is NO |
119 const TUint default_EAP_FAST_Unauth_Prov_Mode_Allowed = EFASTUnauthProvModeAllowedNo; // Default is NO |
56 const TUint default_EAP_FAST_Warn_ADHP_No_PAC = EEapDbTrue; // Default is YES |
120 const TUint default_EAP_FAST_Warn_ADHP_No_PAC = EFASTWarnADHPNoPACNo; // Default is NO |
57 const TUint default_EAP_FAST_Warn_ADHP_No_Matching_PAC = EEapDbTrue; // Default is YES |
121 const TUint default_EAP_FAST_Warn_ADHP_No_Matching_PAC = EFASTWarnADHPNoMatchingPACNo; // Default is NO |
58 const TUint default_EAP_FAST_Warn_Not_Default_Server = EEapDbTrue; // Default is YES |
122 const TUint default_EAP_FAST_Warn_Not_Default_Server = EFASTWarnNotDefaultServerNo; // Default is NO |
59 #endif //#ifdef USE_FAST_EAP_TYPE |
123 #endif //#ifdef USE_FAST_EAP_TYPE |
60 |
124 |
61 // Add here the cipher suites you want to be allowed by default. Note that the last |
125 // Add here the cipher suites you want to be allowed by default. Note that the last |
62 // element must be 0. |
126 // element must be 0. |
63 const TInt default_allowed_cipher_suites[] = { |
127 const TInt default_allowed_cipher_suites[] = { |
80 tls_cipher_suites_TLS_RSA_WITH_RC4_128_MD5, |
144 tls_cipher_suites_TLS_RSA_WITH_RC4_128_MD5, |
81 tls_cipher_suites_TLS_RSA_WITH_RC4_128_SHA, |
145 tls_cipher_suites_TLS_RSA_WITH_RC4_128_SHA, |
82 0 |
146 0 |
83 }; |
147 }; |
84 |
148 |
|
149 const TUint KMaxManualUsernameLengthInDB = 255; |
|
150 const TUint KMaxManualRealmLengthInDB = 255; |
85 const TUint KMaxCertLabelLengthInDB = 255; |
151 const TUint KMaxCertLabelLengthInDB = 255; |
86 const TUint KMaxSubjectKeyIdLengthInDB = 255; // Not using KKeyIdentifierLength (EapSettings.h) as this is |
152 const TUint KMaxSubjectKeyIdLengthInDB = 255; // Not using KKeyIdentifierLength (EapSettings.h) as this is |
87 // Symbian's subjectkey id (hash of actual subjectkey id), though the lengths are same. |
153 // Symbian's subjectkey id (hash of actual subjectkey id), though the lengths are same. |
88 const TUint KMaxSessionIdLengthInDB = 32; |
154 const TUint KMaxSessionIdLengthInDB = 32; |
89 const TUint KMaxMasterSecretLengthInDB = 48; |
155 const TUint KMaxMasterSecretLengthInDB = 48; |