--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/eapol/eapol_framework/eapol_symbian/am/include/eap_am_type_tls_peap_symbian.h	Thu Dec 17 08:47:43 2009 +0200
@@ -0,0 +1,1028 @@
+/*
+* Copyright (c) 2001-2006 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of the License "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:  EAP and WLAN authentication protocols.
+*
+*/
+
+
+
+
+#if !defined(_EAP_AM_TYPE_TLS_PEAP_SYMBIAN_H_)
+#define _EAP_AM_TYPE_TLS_PEAP_SYMBIAN_H_
+
+#include "eap_tools.h"
+#include "eap_variable_data.h"
+#include "eap_am_export.h"
+#include "abs_eap_am_type_tls_peap.h"
+#include "eap_am_type_tls_peap.h"
+#include "eap_am_network_id.h"
+#include <d32dbms.h>
+#include <EapType.h>
+#include <unifiedcertstore.h>
+#include <mctwritablecertstore.h>
+#include <pkixcertchain.h>
+#include "EapTlsPeapNotifierStructs.h"
+#include "EapTlsPeapUtils.h"
+#include <bigint.h>
+
+#if defined(USE_FAST_EAP_TYPE)
+#include "EapFastNotifierStruct.h"
+#include <etelmm.h>
+#endif
+
+#include "EapTtlsPapDbInfoStruct.h"
+
+class CX509Certificate;
+class CEapTlsPeapCertInterface;
+class eap_am_tools_symbian_c;
+class abs_tls_am_application_eap_fast_c;
+#if defined(USE_FAST_EAP_TYPE)
+class CEapFastActive;
+#endif
+class CEapTtlsPapActive;
+
+#ifdef USE_PAC_STORE
+class CPacStoreDatabase;
+struct SInfoEntry;
+#endif
+#if defined(USE_EAP_CONFIGURATION_TO_SKIP_USER_INTERACTIONS)
+class eap_file_config_c;
+#endif
+
+const TInt KMaxLabelLength = 64;
+const TInt KMaxDatabaseTableName = 64;
+
+#if defined(USE_FAST_EAP_TYPE)
+const char KEapFastPacProvisResultKey[] = "eap_am_type_tls_peap_symbian_c prov. result";
+const TInt KEapFastPacProvisResultType = 1;
+const u32_t KEapFastPacProvisResultDefaultTimeout = 10000; // in milliseconds = 10 seconds
+#endif
+
+/// This class is interface to adaptation module of EAP/TLS and PEAP.
+class EAP_EXPORT eap_am_type_tls_peap_symbian_c
+: public CActive, public eap_am_type_tls_peap_c
+,public abs_eap_base_timer_c 
+{
+
+public:
+
+#if defined(USE_FAST_EAP_TYPE)
+    enum TEapFastPacProvisResultValue
+    {
+    EEapFastPacProvisResultFailure, /* 0 */
+    EEapFastPacProvisResultSuccess  /* 1 */  
+    };
+#endif
+private: // data
+//--------------------------------------------------
+
+	RDbs m_session;
+
+	RDbNamedDatabase m_database;
+
+	enum TState 
+	{
+		EHandlingIdentityQuery,           /* 0 */
+		EHandlingManualIdentityQuery,     /* 1 */
+		EHandlingChainQuery,              /* 2 */
+		EHandlingCipherSuiteQuery,        /* 3 */
+#if defined(USE_FAST_EAP_TYPE)            /* 4 */
+		EHandlingNotifierQuery,           /* 5 */
+		EPasswordQuery,                   /* 6 */
+		EWrongPassword,                   /* 7 */
+		EFilePasswordQuery,               /* 8 */
+		EMasterkeyQuery,                  /* 9 */
+		EPasswordCancel,                  /* 10 */
+		EShowProvSuccesstNote,            /* 11 */
+		EShowProvNotSuccesstNote,         /* 12 */
+		ENone                             /* 13 */
+#endif //#if defined(USE_FAST_EAP_TYPE)
+		
+	};
+	
+	TState m_state;
+	TState m_prev_state;
+	
+	TIndexType m_index_type;
+
+	TInt m_index;
+
+	eap_type_value_e m_tunneling_type;
+
+	abs_eap_base_type_c *m_partner;
+	eap_am_tools_symbian_c *m_am_tools;
+
+	abs_eap_am_type_tls_peap_c *m_am_partner;
+
+	abs_tls_am_services_c * m_tls_am_partner;
+
+#if defined(USE_FAST_EAP_TYPE)
+	abs_tls_am_application_eap_fast_c * m_tls_application;
+	CEapFastActive* iEapFastActiveWaitNote;
+	CEapFastActive* iEapFastActiveNotes;
+	
+	enum TAlterTableCmd
+	    {
+	    EAddColumn,
+	    ERemoveColumn
+	    };
+
+#endif //#if defined(USE_FAST_EAP_TYPE)
+
+	bool m_is_valid;
+	bool m_is_client;
+
+	eap_type_value_e m_current_eap_type;
+
+	// These are the vendor-types for EAP type and tunneling EAP type.
+	// Valid for both expanded and non-expanded EAP types.
+	u32_t m_current_eap_vendor_type;
+	u32_t m_tunneling_vendor_type;
+
+	TBufC<KMaxDatabaseTableName> m_db_table_name;
+	TBufC<KMaxDatabaseTableName> m_db_user_cert_table_name;
+	TBufC<KMaxDatabaseTableName> m_db_ca_cert_table_name;
+	TBufC<KMaxDatabaseTableName> m_db_cipher_suite_table_name;
+	TBufC<KMaxDatabaseTableName> m_db_name;
+
+#if defined (USE_FAST_EAP_TYPE)	
+TBufC<KMaxDatabaseTableName> m_db_fast_special_table_name;
+RArray<SInfoEntry> m_info_array;
+#endif	
+
+	u32_t m_max_count_of_session_resumes;
+	
+	tls_cipher_suites_e m_cipher_suite;
+
+	CX509Certificate* m_ca_certificate;
+
+	CX509Certificate* m_own_certificate;	
+	
+	CX509Certificate* m_peer_certificate;
+
+	CEapTlsPeapCertInterface* m_cert_if;	
+
+	SCertEntry m_own_certificate_info;
+
+	eap_am_network_id_c m_receive_network_id;
+
+	u8_t m_eap_identifier;
+
+	TKeyIdentifier m_subject_key_id;
+
+	RArray<SCertEntry> m_allowed_ca_certs;
+
+	RArray<SCertEntry> m_allowed_user_certs;
+	
+	RArray<SCertEntry> m_allowed_server_certs;
+
+	RArray<TUint> m_allowed_cipher_suites;
+
+	eap_variable_data_c m_peer_public_key;
+	
+	eap_variable_data_c m_param_p;
+	eap_variable_data_c m_param_q;
+	eap_variable_data_c m_param_g;
+	
+	bool m_shutdown_was_called;
+
+#ifdef USE_EAP_EXPANDED_TYPES
+
+	/// Tunneling EAP configuration data from EAP database.
+	RExpandedEapTypePtrArray m_enabled_tunneling_exp_eap_array;
+	RExpandedEapTypePtrArray m_disabled_tunneling_exp_eap_array;
+
+#else
+
+	/// Tunneling EAP configuration data from EAP database.
+	TEapArray m_iap_eap_array;
+
+#endif  // #ifdef USE_EAP_EXPANDED_TYPES
+	TIdentityInfo* m_identity_info; 
+	
+	TBuf8<4> m_selector_output;
+
+	eap_type_value_e m_tunneled_type;
+	
+	bool m_verify_certificate_realm;	
+	
+	bool m_allow_subdomain_matching;
+
+	tls_alert_description_e m_latest_alert_description;
+
+	bool m_use_manual_username;
+	eap_variable_data_c m_manual_username;
+
+	bool m_use_manual_realm;
+	eap_variable_data_c m_manual_realm;
+	
+	bool m_tls_peap_server_authenticates_client_policy_flag;
+
+	/// This flag prevents double configuration. This can happen when 
+	/// this class implements many interfaces.
+	bool m_configured;
+
+	// This holds the max session time read from the configuration file.
+	TInt64 m_max_session_time;
+
+#if defined(USE_EAP_TLS_SESSION_TICKET)
+	/// This flag allows use of session ticket, see RFC 4507.
+	bool m_use_session_ticket;
+#endif //#if defined(USE_EAP_TLS_SESSION_TICKET)
+
+#if defined(USE_FAST_EAP_TYPE)
+	tls_extension_c * m_received_tunnel_pac_in_session_ticket;
+	tls_extension_c * m_received_user_authorization_pac_in_session_ticket;
+	eap_fast_pac_type_e m_saved_pac_type;
+	eap_fast_completion_operation_e m_completion_operation;
+	eap_status_e m_verification_status;
+	eap_fast_pac_type_e m_pac_type;
+	eap_variable_data_c m_PAC_store_password;
+	eap_variable_data_c m_imported_PAC_data_password;
+	eap_variable_data_c m_PAC_store_path;
+	eap_variable_data_c m_EAP_FAST_IAP_reference;
+	eap_variable_data_c m_EAP_FAST_Group_reference;
+	eap_variable_data_c m_EAP_FAST_import_path;
+
+	eap_status_e m_eap_fast_completion_status;
+	eap_fast_pac_store_pending_operation_e m_eap_fast_pac_store_pending_operation;
+	eap_array_c<eap_fast_pac_store_data_c> m_references_and_data_blocks;
+	eap_array_c<eap_fast_pac_store_data_c> m_new_references_and_data_blocks;
+	eap_array_c<eap_fast_pac_store_data_c> m_ready_references_and_data_blocks;
+	
+	bool m_serv_unauth_prov_mode;
+	bool m_serv_auth_prov_mode;
+	
+	// For FAST notifiers
+	RNotifier m_notifier;	
+	bool m_is_notifier_connected; // Tells if notifier server is connected.
+
+	TEapFastNotifierStruct * m_notifier_data_to_user;
+	TPckg<TEapFastNotifierStruct> * m_notifier_data_pckg_to_user;	
+
+	TEapFastNotifierStruct * m_notifier_data_from_user;
+	TPckg<TEapFastNotifierStruct> * m_notifier_data_pckg_from_user;	
+
+    /* For MMETEL */
+    
+	// ETel connection.
+    RTelServer iServer;
+    RMobilePhone iPhone;
+    
+    // Stores the last queried Phone identities like manufacturer, model, 
+    // revision and serial number
+    RMobilePhone::TMobilePhoneIdentityV1 iDeviceId; 
+    	
+    // Tells if MMETEL is connected already or not.
+    TBool iMMETELConnectionStatus;    
+    TBool m_completed_with_zero;   
+	TBool m_verificationStatus;
+
+	HBufC8* m_pacStorePWBuf8;
+	EEapFastNotifierUserAction m_userAction;
+	eap_pac_store_data_type_e m_pacStoreDataRefType;
+	eap_fast_pac_store_data_c m_data_reference;
+	TBool m_notifier_complete;
+	eap_variable_data_c m_userResponse;
+	eap_fast_pac_store_pending_operation_e m_pending_operation;
+	TInt m_both_completed;
+	TInt m_both_asked;
+	TUint m_ready_references_array_index;
+	eap_fast_completion_operation_e m_provisioning_mode;
+	
+	/**
+	* This member is used to store completion operation value
+	* in initialize_PAC_store() call from common side.
+	* The value is given later in complete call.
+	*/
+	eap_fast_completion_operation_e iCompletionOperation;
+	/**
+	* This member is used to store initialize-pac-store-completion value
+	* in initialize_PAC_store() call from common side.
+	* The value is given later in complete call.
+	*/
+	eap_fast_initialize_pac_store_completion_e iCompletion;
+
+#endif //#if defined(USE_FAST_EAP_TYPE)
+
+#ifdef USE_PAC_STORE
+	CPacStoreDatabase * iPacStoreDb;
+#endif
+
+#ifdef USE_EAP_CONFIGURATION_TO_SKIP_USER_INTERACTIONS
+    TBool m_skip_user_interactions;
+    /// This is object to handle file configuration.
+    eap_file_config_c * m_fileconfig;
+#endif
+
+	
+	
+	/**
+	* Maximum TTLS-PAP session time read from the configuration file.	
+	*/
+	TInt64 iEapTtlsPapMaxSessionConfigTime;
+
+	/**
+	* Provides asynch services used by the caller such as
+    * query for TTLS-PAP user name and password.
+    */
+	CEapTtlsPapActive* iEapTtlsPapActive;
+
+	
+//--------------------------------------------------
+private: // methods
+//--------------------------------------------------
+
+
+	EAP_FUNC_IMPORT abs_tls_am_services_c * get_tls_am_partner();
+
+	abs_eap_am_type_tls_peap_c * get_am_partner();
+	
+	void type_configure_readL(
+		eap_config_string field,
+		const u32_t field_length,
+		eap_variable_data_c * const data);
+
+	void verify_certificate_chainL(
+		EAP_TEMPLATE_CONST eap_array_c<eap_variable_data_c> * const certificate_chain,
+		const tls_cipher_suites_e required_cipher_suite);
+
+	void WriteBinaryParamL(
+		eap_config_string field,
+		const u32_t field_length,
+		const eap_variable_data_c * const data);
+
+	void WriteIntParamL(
+		eap_config_string field,
+		const u32_t field_length,
+		eap_variable_data_c * const data);
+
+	void WriteIntParamL(
+		eap_config_string field,
+		const u32_t field_length,
+		const u32_t value);
+
+	void get_identity_from_alternative_nameL(
+		const CX509Certificate * const aCertificate, 
+		eap_variable_data_c * const aIdentity);
+
+	void get_identities_from_distinguished_namesL(
+		const CX509Certificate * const aCertificate, 
+		eap_variable_data_c * const aSubjectIdentity,
+		eap_variable_data_c * const aIssuerIdentity);
+
+	eap_status_e load_module(
+		const eap_type_value_e type,
+		const eap_type_value_e /* tunneling_type */,
+		abs_eap_base_type_c * const partner,
+		eap_base_type_c ** const eap_type,
+		const bool is_client_when_true,
+		const eap_am_network_id_c * const receive_network_id);
+
+	eap_status_e check_is_valid_eap_type(const eap_type_value_e eap_type);
+
+	eap_status_e get_eap_type_list(
+		eap_array_c<eap_type_value_e> * const eap_type_list);
+
+	eap_status_e unload_module(const eap_type_value_e type);
+
+	void complete_signL(const RInteger& aR, const RInteger& aS, eap_status_e aStatus);
+
+	eap_status_e get_realms_from_certificate(
+		CX509Certificate* certificate,
+		eap_variable_data_c * const subject_realm,
+		eap_variable_data_c * const issuer_realm);
+
+	void authentication_finishedL(
+		const bool true_when_successful,
+		const tls_session_type_e tls_session_type);
+
+	void read_dsa_parametersL();
+
+	eap_status_e SaveManualIdentityL( 
+		const TBool use_manual_username,
+		TDesC& manual_username,
+		const TBool use_manual_realm,
+		TDesC& manual_realm);
+
+	void send_error_notification(const eap_status_e error);
+
+	eap_status_e show_certificate_selection_dialog();
+
+	eap_status_e show_manual_identity_dialog();
+
+	void ResetSessionIdL();
+	
+	/**
+	 * Returns true if the full authenticated session is valid.
+	 * It finds the difference between current time and the 
+	 * last full authentication time. If the difference is less than the
+	 * Maximum Session Validity Time, then session is valid, returns true.
+	 * Otherwise returns false. 
+	 * Full authentication should be done if the session is not valid.
+	 */
+	bool is_session_validL();
+	
+	/**
+	 * Stores current universal time as the the full authentication time
+	 * in the database. Returns KErrNone if storing succeeds.
+	 */
+	void store_authentication_timeL();
+	
+#ifdef USE_PAC_STORE
+	
+	void GetPacStoreDbDataL(
+		const eap_pac_store_data_type_e aPacStoreDataType,
+		eap_variable_data_c * aPacStoreData,
+		const eap_variable_data_c * const aPacStoreReference = NULL);
+	
+#endif	// End: #ifdef USE_PAC_STORE	
+
+#if defined(USE_FAST_EAP_TYPE)
+
+	void ReadPACStoredataL(
+		const eap_fast_pac_store_pending_operation_e in_pending_operation,
+		EAP_TEMPLATE_CONST eap_array_c<eap_fast_pac_store_data_c> * const in_references);
+	
+	void WritePACStoreDataL(
+		const eap_fast_pac_store_pending_operation_e in_pending_operation,
+		EAP_TEMPLATE_CONST eap_array_c<eap_fast_pac_store_data_c> * const in_references_and_data_blocks);
+		
+	eap_status_e ShowNotifierItemAndGetResponse(
+		EEapFastNotifierUiItem aNotifierUiItem, TBool aSetActive );
+
+	eap_status_e RemoveIAPReference();
+
+	eap_status_e ImportFilesL();
+	
+	eap_status_e PasswordQueryL();
+	
+	eap_status_e CompletePasswordQueryL();
+	
+	eap_status_e CompleteFilePasswordQueryL();
+	
+	eap_status_e CompleteNotifierL();
+		
+	eap_status_e CompleteFilePasswordQuery();
+	
+	eap_status_e FinalCompleteReadPACStoreDataL(eap_status_e status);
+
+	void ConvertUnicodeToAsciiL(const TDesC16& aFromUnicode, TDes8& aToAscii);
+	
+	void UpdatePasswordTimeL();
+	
+	void CheckPasswordTimeValidityL();
+	
+	/**
+	* Alter table: remove/add columns.
+	* 
+	* @param aDb Reference to database.
+	* @param aCmd Action type: remove/add column.
+	* @param aTableName Name of table to be altered.
+	* @param aColumnName Name of column.
+	* @param aColumnDef Drop-column-set.
+	*/  
+	void AlterTableL( RDbNamedDatabase& aDb,
+			          TAlterTableCmd aCmd,
+			          const TDesC& aTableName,
+			          const TDesC& aColumnName,
+			          const TDesC& aColumnDef = KNullDesC );
+	
+	/**
+	* Fix old tables for password identity time. 
+	* 
+	* Remove password identity time from fast table;
+	* add password identity time to PAC store table;
+	* update password identity time.
+	*/
+	void FixOldTablesForPwdIdentityTimeL();
+		
+	/**
+	* Add PAC_store_initialized to PAC store
+	* if it does not exists.
+	*/
+	void FixOldTableForPacStoreInitL();
+	
+	/**
+	* Read integer column value.
+	* 
+	* @param aDb Reference to database.
+	* @param aColumnName Name of the target column.
+	* @param aSqlStatement SQL statement to be used.
+	* @return Column value.  
+	**/
+	TInt64 ReadIntDbValueL( RDbNamedDatabase& aDb,
+			                const TDesC& aColumnName,
+			                const TDesC& aSqlStatement );
+	
+	eap_status_e ConfigureL();
+	
+	eap_status_e CreateMasterkeyL();
+	
+	eap_status_e QueryUserPermissionForAIDL(
+			const eap_fast_variable_data_c * const in_pac_attribute_A_ID_info,
+			const eap_fast_variable_data_c * const in_pac_attribute_A_ID);
+	
+	void CompleteAddImportedPACFileL(
+			const eap_variable_data_c * const in_imported_PAC_filename,
+			const eap_variable_data_c * const out_used_group_reference);
+	
+#endif //#if defined(USE_FAST_EAP_TYPE)		
+
+
+
+    /**
+    * Check whether password is older than allowed
+    * by max TTLS-PAP session timeout.
+    * 
+    * @return ETrue - session is valid, EFalse - otherwise.
+    */ 
+	TBool IsTtlsPapSessionValidL();
+	
+
+	/**
+	* Check TTLS-PAP session validity.
+	* 
+	* @return ETrue if currentTime < aInLastFullAuthTime + aInMaxSessionTime,
+	*         EFalse - otherwise.
+	*/ 
+	TBool CheckTtlsPapSessionValidity(
+		const TInt64& aInMaxSessionTime,
+		const TInt64& aInLastFullAuthTime );
+	
+	
+//--------------------------------------------------
+protected: // methods
+//--------------------------------------------------
+
+
+	eap_am_type_tls_peap_symbian_c(
+		abs_eap_am_tools_c * const aTools,
+		abs_eap_base_type_c * const aPartner,
+		const TIndexType aIndexType,
+		const TInt aIndex,
+		const eap_type_value_e aTunnelingType,
+		const eap_type_value_e aEapType,
+		const bool aIsClient,
+		const eap_am_network_id_c * const receive_network_id);
+
+	void ConstructL();
+
+	void RunL();
+	
+	void DoCancel();
+	
+	
+//--------------------------------------------------
+public: // methods
+//--------------------------------------------------
+
+	// 
+	static eap_am_type_tls_peap_symbian_c* NewL(
+		abs_eap_am_tools_c * const aTools,
+		abs_eap_base_type_c * const aPartner,
+		const TIndexType aIndexType,
+		const TInt aIndex,
+		const eap_type_value_e aTunnelingType,
+		const eap_type_value_e aEapType,
+		const bool aIsClient,
+		const eap_am_network_id_c * const receive_network_id);
+
+	EAP_FUNC_IMPORT virtual ~eap_am_type_tls_peap_symbian_c();
+
+	EAP_FUNC_EXPORT eap_status_e shutdown();
+
+	EAP_FUNC_IMPORT void set_is_valid();
+
+	EAP_FUNC_IMPORT bool get_is_valid();
+
+	EAP_FUNC_IMPORT void set_tls_am_partner(abs_tls_am_services_c * const tls_am_partner);
+
+#if defined(USE_FAST_EAP_TYPE)
+	/// This function sets pointer to application of TLS. See abs_tls_am_application_eap_fast_c.
+	EAP_FUNC_IMPORT void set_tls_application(abs_tls_am_application_eap_fast_c * const tls_application);
+	
+ 	
+    /**
+    * Check provisioning mode.
+    * 
+    * @return ETrue - authenticated provisioning mode,
+    *         EFalse - unauthenticated provisioning mode.
+    */
+	TBool IsProvisioningMode();
+	
+    /**
+    * Send error notification to common side.
+    * 
+    * @param aUserAction EEapFastNotifierUserActionOk or
+    *                    EEapFastNotifierUserActionCancel.
+    * @return EAP status.
+    */
+	eap_status_e CompleteQueryUserPermissionForAid(
+		EEapFastNotifierUserAction aUserAction );
+	
+	
+	void ContinueInitializePacStore();
+
+	
+#endif //#if defined(USE_FAST_EAP_TYPE)
+
+   /**
+    * Send error notification to common side.
+    * 
+    * @param aError EAP status.
+    */
+	void SendErrorNotification( const eap_status_e aError );
+
+	EAP_FUNC_IMPORT void notify_configuration_error(
+		const eap_status_e configuration_status);
+
+	EAP_FUNC_IMPORT eap_status_e configure();
+
+	void set_am_partner(abs_eap_am_type_tls_peap_c * const partner);
+	
+	/** Client calls this function.
+	 *  EAP-TLS/PEAP AM could do finishing operations to databases etc. based on authentication status and type.
+	 */
+	EAP_FUNC_IMPORT eap_status_e reset();
+
+	/** Client calls this function.
+	 *  EAP-TLS/PEAP AM could make some fast operations here, heavy operations should be done in the reset() function.
+	 */
+	EAP_FUNC_IMPORT eap_status_e authentication_finished(
+		const bool true_when_successfull,
+		const tls_session_type_e tls_session_type);
+
+	/** Client calls this function.
+	 *  AM must copy identity to output parameters if call is syncronous.
+	 *  This function could be completed asyncronously with abs_eap_am_type_tls_peap_c::complete_query_eap_identity_query() function call.
+	 */
+	EAP_FUNC_IMPORT eap_status_e query_eap_identity(
+		eap_variable_data_c * const identity,
+		const eap_am_network_id_c * const receive_network_id,
+		const u8_t eap_identifier,
+		bool * const use_manual_username,
+		eap_variable_data_c * const manual_username,
+		bool *const use_manual_realm,
+		eap_variable_data_c * const manual_realm);
+
+	/** Client calls this function.
+	 *  This call cancels asyncronous query_SIM_IMSI_or_pseudonym_or_reauthentication_id() function call.
+	 *  AM must not complete query_SIM_IMSI_or_pseudonym_or_reauthentication_id()
+	 *  with abs_eap_am_type_gsmsim_c::complete_SIM_IMSI_or_pseudonym_or_reauthentication_id_query() after
+	 *  cancel_SIM_IMSI_or_pseudonym_or_reauthentication_id_query() call.
+	 */
+	EAP_FUNC_IMPORT eap_status_e cancel_identity_query();
+
+	//
+	EAP_FUNC_IMPORT eap_status_e timer_expired(
+		const u32_t id, void *data);
+
+	//
+	EAP_FUNC_IMPORT eap_status_e timer_delete_data(
+		const u32_t id, void *data);
+
+	/**
+	 * The type_configure_read() function reads the configuration data identified
+	 * by the field string of field_length bytes length. Adaptation module must direct
+	 * the query to some persistent store.
+	 * @param field is generic configure string idenfying the required configure data.
+	 * @param data is pointer to existing eap_variable_data object.
+	 */
+	EAP_FUNC_IMPORT eap_status_e type_configure_read(
+		const eap_configuration_field_c * const field,
+		eap_variable_data_c * const data);
+
+	/**
+	 * The type_configure_write() function writes the configuration data identified
+	 * by the field string of field_length bytes length. Adaptation module must direct
+	 * the action to some persistent store.
+	 * @param field is generic configure string idenfying the required configure data.
+	 * @param data is pointer to existing eap_variable_data object.
+	 */
+	EAP_FUNC_IMPORT eap_status_e type_configure_write(
+		const eap_configuration_field_c * const field,
+		eap_variable_data_c * const data);
+
+	EAP_FUNC_IMPORT eap_status_e alert_received(
+		const tls_alert_level_e alert_level,
+		const tls_alert_description_e alert_description);
+
+	EAP_FUNC_IMPORT eap_status_e query_cipher_suites_and_previous_session();
+
+#if defined(USE_EAP_TLS_SESSION_TICKET)
+	EAP_FUNC_IMPORT eap_status_e query_new_session_ticket();
+#endif //#if defined(USE_EAP_TLS_SESSION_TICKET)
+
+	EAP_FUNC_IMPORT eap_status_e select_cipher_suite_and_check_session_id(
+		EAP_TEMPLATE_CONST eap_array_c<u16_t> * const cipher_suite_proposal,
+		const eap_variable_data_c * const session_id
+#if defined(USE_EAP_TLS_SESSION_TICKET)
+		, const tls_extension_c * const session_ticket
+#endif //#if defined(USE_EAP_TLS_SESSION_TICKET)
+		); 
+
+
+	EAP_FUNC_IMPORT eap_status_e verify_certificate_chain(
+		EAP_TEMPLATE_CONST eap_array_c<eap_variable_data_c> * const certificate_chain,
+		const tls_cipher_suites_e required_cipher_suite);
+
+	EAP_FUNC_IMPORT eap_status_e query_certificate_chain(
+		EAP_TEMPLATE_CONST eap_array_c<eap_variable_data_c> * const certificate_authorities,
+		EAP_TEMPLATE_CONST eap_array_c<u8_t> * const certificate_types,
+		const tls_cipher_suites_e required_cipher_suite);
+
+	EAP_FUNC_IMPORT eap_status_e query_certificate_authorities_and_types();
+
+	EAP_FUNC_IMPORT eap_status_e query_dh_parameters(
+		EAP_TEMPLATE_CONST eap_array_c<eap_variable_data_c> * const certificate_chain,
+		const tls_cipher_suites_e required_cipher_suite);
+
+	EAP_FUNC_IMPORT eap_status_e query_realm(
+		EAP_TEMPLATE_CONST eap_array_c<eap_variable_data_c> * const certificate_chain);
+
+	// This is always syncronous call.
+	EAP_FUNC_IMPORT eap_status_e save_tls_session(
+		const eap_variable_data_c * const session_id,
+		const eap_variable_data_c * const master_secret,
+		const tls_cipher_suites_e used_cipher_suite
+#if defined(USE_EAP_TLS_SESSION_TICKET)
+		, const tls_extension_c * const new_session_ticket
+#endif //#if defined(USE_EAP_TLS_SESSION_TICKET)
+		);
+
+		/// This is always syncronous call.
+	/// Function encrypts data with own RSA private key.
+	EAP_FUNC_IMPORT eap_status_e rsa_encrypt_with_public_key(
+		const eap_variable_data_c * const premaster_secret);
+
+	/// This is always syncronous call.
+	/// Function decrypts data with own RSA private key.
+	EAP_FUNC_IMPORT eap_status_e rsa_decrypt_with_private_key(
+		const eap_variable_data_c * const encrypted_premaster_secret);
+
+	/// Function signs data with own PKI private key.
+	/// NOTE this is syncronous at moment. Asyncronous completion needs many changes.
+	EAP_FUNC_IMPORT eap_status_e sign_with_private_key(
+		const eap_variable_data_c * const message_hash);
+
+	/// Function verifies signed data with peer PKI public key.
+	/// NOTE this is syncronous at moment. Asyncronous completion needs many changes.
+	EAP_FUNC_IMPORT eap_status_e verify_with_public_key(
+		const eap_variable_data_c * const message_hash,
+		const eap_variable_data_c * const signed_message_hash);
+
+
+	EAP_FUNC_IMPORT eap_status_e cancel_query_cipher_suites_and_previous_session();
+
+	EAP_FUNC_IMPORT eap_status_e cancel_select_cipher_suite_and_check_session_id();
+
+	EAP_FUNC_IMPORT eap_status_e cancel_verify_certificate_chain();
+
+	EAP_FUNC_IMPORT eap_status_e cancel_query_certificate_chain();
+
+	EAP_FUNC_IMPORT eap_status_e cancel_query_certificate_authorities_and_types();
+
+	EAP_FUNC_IMPORT eap_status_e cancel_query_dh_parameters();
+
+	EAP_FUNC_IMPORT eap_status_e cancel_query_realm();
+
+	EAP_FUNC_IMPORT eap_status_e cancel_query_dsa_parameters();
+
+	EAP_FUNC_IMPORT eap_status_e cancel_rsa_encrypt_with_public_key();
+
+	EAP_FUNC_IMPORT eap_status_e cancel_rsa_decrypt_with_private_key();
+
+	EAP_FUNC_IMPORT eap_status_e cancel_sign_with_private_key();
+
+	EAP_FUNC_IMPORT eap_status_e cancel_verify_with_public_key();
+
+
+	eap_status_e complete_read_own_certificate(
+		const RPointerArray<CX509Certificate>& aCertChain, eap_status_e aStatus);
+		
+	eap_status_e complete_read_ca_certificate(
+		const RPointerArray<CX509Certificate>& aCertChain, eap_status_e aStatus);
+
+	void complete_validate_chain(CPKIXValidationResult& aValidationResult, eap_status_e aStatus);
+
+	void complete_get_matching_certificates(CArrayFixFlat<SCertEntry>& aMatchingCerts, eap_status_e aStatus);
+
+	void complete_sign(const RInteger& aR, const RInteger& aS, eap_status_e aStatus);
+
+	void complete_decrypt(TDes8& aData, eap_status_e aStatus);
+	
+	/**
+	 * Returns true if the full authenticated session is valid.
+	 * It finds the difference between current time and the 
+	 * last full authentication time. If the difference is less than the
+	 * Maximum Session Validity Time, then session is valid, returns true.
+	 * Otherwise returns false. 
+	 * Full authentication should be done if the session is not valid.
+	 */
+	bool is_session_valid();
+	
+	EAP_FUNC_IMPORT void set_peap_version(
+		const peap_version_e peap_version,
+		const bool use_tppd_tls_peap,
+		const bool use_tppd_peapv1_acknowledge_hack);
+
+#if defined(USE_FAST_EAP_TYPE)
+
+	// This is commented in tls_am_application_eap_fast_c::read_authority_identity().
+	// Parameter is the authority identity (A-ID).
+	EAP_FUNC_IMPORT eap_status_e read_authority_identity(eap_variable_data_c * const authority_identity);
+
+	// This is commented in tls_am_application_eap_fast_c::query_pac_of_type().
+	EAP_FUNC_IMPORT eap_status_e query_pac_of_type(const eap_fast_pac_type_e pac_type);
+	
+#if defined(USE_EAP_CORE_SERVER)
+	/**
+	 * This function call is always asyncronous.
+	 * It will be completed always with complete_verify_pac() function call.
+	 * Function verifies the received PAC is valid.
+	 */
+	EAP_FUNC_IMPORT eap_status_e verify_pac(const eap_fast_variable_data_c * const tlv_pac);
+#endif //#if defined(USE_EAP_CORE_SERVER)
+
+	// This is commented in eap_am_fast_pac_store_services_c::query_user_permission_for_A_ID().
+	EAP_FUNC_IMPORT eap_status_e query_user_permission_for_A_ID(
+		const eap_fast_pac_store_pending_operation_e in_pending_operation,
+		const eap_fast_variable_data_c * const in_pac_attribute_A_ID_info,
+		const eap_fast_variable_data_c * const in_pac_attribute_A_ID);
+
+	// This is commented in eap_am_fast_pac_store_services_c::read_PAC_store_data().
+	EAP_FUNC_IMPORT eap_status_e read_PAC_store_data(
+		const eap_fast_pac_store_pending_operation_e in_pending_operation,
+		EAP_TEMPLATE_CONST eap_array_c<eap_fast_pac_store_data_c> * const in_references);
+
+	// This is commented in eap_am_fast_pac_store_services_c::write_PAC_store_data().
+	EAP_FUNC_IMPORT eap_status_e write_PAC_store_data(
+		const bool when_true_must_be_synchronous_operation,
+		const eap_fast_pac_store_pending_operation_e in_pending_operation,
+		EAP_TEMPLATE_CONST eap_array_c<eap_fast_pac_store_data_c> * const in_references_and_data_blocks);
+
+	// This is commented in eap_am_fast_pac_store_services_c::complete_add_imported_PAC_file().
+	EAP_FUNC_IMPORT eap_status_e complete_add_imported_PAC_file(
+		const eap_status_e in_completion_status,
+		const eap_variable_data_c * const in_imported_PAC_filename,
+		const eap_variable_data_c * const out_used_group_reference);
+		
+	// This is commented in eap_am_fast_pac_store_services_c::complete_remove_PAC().
+	EAP_FUNC_IMPORT eap_status_e complete_remove_PAC(
+		const eap_status_e completion_status,
+		const eap_variable_data_c * const out_used_group_reference);
+
+	// This is commented in eap_am_fast_pac_store_services_c::complete_remove_IAP_reference().
+	EAP_FUNC_IMPORT eap_status_e complete_remove_IAP_reference(
+		const eap_status_e completion_status);
+
+	// This is commented in eap_am_fast_pac_store_services_c::cancel_PAC_store_operations().
+	EAP_FUNC_IMPORT eap_status_e cancel_PAC_store_operations();
+	
+	/**
+	 * This function initializes PAC store.
+	 * Imported PACs and other configuration can be done within this function call.
+	 * If asyncronous operations are needed the operations must be completed
+	 * by complete_initialize_PAC_store() function call.
+	 */
+	EAP_FUNC_IMPORT eap_status_e initialize_PAC_store(
+	    const eap_fast_completion_operation_e aCompletionOperation,
+	    const eap_fast_initialize_pac_store_completion_e aCompletion );
+
+	
+	/**
+    * Indicate provisioning start.
+    * 
+    * Common side indicates that PAC provisioning started.
+    * Waiting note is displayed.
+    * 
+    * @param provisioning_mode Authenticated or unauthenticated provisioning mode.
+    * @param pac_type PAC type provisioned by server.
+    */
+	EAP_FUNC_IMPORT eap_status_e indicates_eap_fast_provisioning_starts(
+		const eap_fast_completion_operation_e provisioning_mode,
+		const eap_fast_pac_type_e pac_type );
+
+	/**
+	* Indicate provisioning end.
+	* 
+	* Common side indicates that PAC provisioning ended.
+	* Waiting note is stopped. Provisioning result note is displayed.
+	* 
+	* @param provisioning_successfull True if provisioning is successful,
+	*                                 false - otherwise.
+	* @param provisioning_mode Authenticated or unauthenticated provisioning mode.
+	* @param pac_type PAC type provisioned by server.
+	*/
+	EAP_FUNC_IMPORT eap_status_e indicates_eap_fast_provisioning_ends(
+		const bool provisioning_successfull,
+		const eap_fast_completion_operation_e provisioning_mode,
+		const eap_fast_pac_type_e pac_type );
+
+#endif //#if defined(USE_FAST_EAP_TYPE)
+
+    
+	// from tls_am_services_c
+	
+	/**
+	* Check whether the PAP password is still valid or
+	* should we prompt user again to enter the password.
+	* @return True - password is valid, false - otherwise.
+	*/ 
+	EAP_FUNC_IMPORT bool is_ttls_pap_session_valid();
+
+	/**
+	* From interface tls_am_services_c.
+	* 
+	* The interface is defined in common part. Request asynchronously
+	* user name and password for TTLS-PAP authentication.
+	* Complete request with abs_tls_am_services_c::
+	* complete_query_ttls_pap_username_and_password( ... ).
+	* 	* 
+	* @param aInSrvChallenge Server challenge. It could be empty.
+    * @return EAP status.
+	*/
+	EAP_FUNC_IMPORT eap_status_e query_ttls_pap_username_and_password(
+		const eap_variable_data_c * const aInSrvChallenge );
+	
+	/**
+	* The method has empty implementation which is defined for
+	* compilation purpose.
+	*/ 
+	eap_status_e verify_ttls_pap_username_and_password(
+		const eap_variable_data_c * const aUserName,
+		const eap_variable_data_c * const aUserPassword);
+	
+	// new
+	
+    /**
+    * Complete asynch query for TTLS-PAP user name and password.
+    * 
+    * @param aEapStatus Status of asynch. query completion.
+    * @param aUserName PAP user name.
+    * @param aPassword PAP password.
+    * @return EAP status.
+    */
+	eap_status_e CompleteQueryTtlsPapUserNameAndPassword( 
+		eap_status_e aEapStatus,
+		const TDesC8& aUserNameUtf8,
+		const TDesC8& aPasswordUtf8 );
+	
+	/**
+	* Delegate the task to m_am_tools.
+	* 
+	* @param aErr Symbian general error.
+	* @return Eapol error converted from aErr.
+	*/ 
+	eap_status_e ConvertAmErrorToEapolError( TInt aErr );	
+	
+    /**
+     * Read TTLS-PAP database.
+     * 
+     * @param aOutDbInfo Reference to structure containing TTLS-PAP
+     *                   database information.
+     */
+ 	void ReadTtlsPapDbL( TTtlsPapDbInfo& aOutDbInfo );
+ 	
+     /**
+     * Update TTLS-PAP database.
+     * 
+     * @param aInDbInfo Reference to structure containing TTLS-PAP
+     *                  database information.
+     */
+ 	void WriteTtlsPapDbL( const TTtlsPapDbInfo& aInDbInfo );
+ 	
+ 	/**
+ 	* Set value of specified column to NULL.
+ 	* 
+ 	* @param aColName Reference to column name.
+ 	*/ 
+ 	void SetTtlsPapColumnToNullL( const TDesC& aColName );
+	
+#if defined(USE_FAST_EAP_TYPE)
+#if defined(USE_EAP_CONFIGURATION_TO_SKIP_USER_INTERACTIONS)
+ 	eap_status_e ReadFileConfig();
+#endif
+#endif 	
+}; // class eap_am_type_tls_peap_symbian_c
+
+
+#endif //#if !defined(_EAP_AM_TYPE_TLS_PEAP_SYMBIAN_H_)
+
+//--------------------------------------------------
+
+
+
+// End.