Mercurial Mercurial > oss > FCL > sf > mw > accesssec / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
accesssec_plat/eap_type_api/inc/EapSettings.h
author Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
Mon, 18 Jan 2010 20:22:35 +0200
changeset 2 1c7bc153c08e
parent 0 c8830336c852
child 26 9abfd4f00d37
permissions -rw-r--r--
Revision: 201001 Kit: 201003

/*
* Copyright (c) 2001-2006 Nokia Corporation and/or its subsidiary(-ies).
* All rights reserved.
* This component and the accompanying materials are made available
* under the terms of the License "Eclipse Public License v1.0"
* which accompanies this distribution, and is available
* at the URL "http://www.eclipse.org/legal/epl-v10.html".
*
* Initial Contributors:
* Nokia Corporation - initial contribution.
*
* Contributors:
*
* Description:  EAP and WLAN authentication protocols.
*
*/

/*
* %version: 11.1.2.1.3 %
*/

// Refer the document S60_3_1_EAP_Symbian_Adaptation_Design_C.doc for more 
// details of using EAPSettings. Refer section 9.2 for code samples.

#ifndef EAP_SETTINGS_H
#define EAP_SETTINGS_H

const TUint KGeneralStringMaxLength = 255;
const TUint KKeyIdentifierLength = 255;
const TUint KThumbprintMaxLength = 64;

class CertificateEntry
{
public:

	CertificateEntry();

	enum TCertType {
		EUser,
		ECA
	};

	// Specifies whether this entry describes user or CA certificate (mandatory)
	TCertType iCertType;
	
	// Subject name in distinguished name ASCII form. This is optional.
	// For example "/C=US/O=Some organization/CN=Some common name".	
	TBool iSubjectNamePresent;
	TBuf<KGeneralStringMaxLength> iSubjectName;
		
	// Issuer name in distinguished name ASCII form. This is optional.
	// For example "/C=US/O=Some organization/CN=Some common name".
	TBool iIssuerNamePresent;
	TBuf<KGeneralStringMaxLength> iIssuerName;
	
	// Serial number in ASCII form. This is optional.
	TBool iSerialNumberPresent;
	TBuf<KGeneralStringMaxLength> iSerialNumber;
	
	// Subject key in binary form. This is mandatory.
	TBool iSubjectKeyIDPresent;
	TBuf8<KKeyIdentifierLength> iSubjectKeyID;
	
	// Thumbprint in binary form. This is optional.
	TBool iThumbprintPresent;
	TBuf<KThumbprintMaxLength> iThumbprint;
};

class EAPSettings : public CBase
{
public:	

	EAPSettings();
		
	enum TEapType
	{
		EEapNone		= 0,
		EEapGtc			= 6,
		EEapTls			= 13,
		EEapLeap		= 17,
		EEapSim			= 18,
		EEapTtls		= 21,
		EEapAka			= 23,
		EEapPeap		= 25,
		EEapMschapv2	= 26,
		EEapSecurid		= 32,
		EEapFast		= 43,
		ETtlsPlainPap   = 98,
		EPlainMschapv2	= 99		
	};

	// Specifies the EAP type these settings are for. 
	// Is not really needed but is here so just some sanity checks can be made
	TEapType iEAPType; 
	
	// Username in ASCII format
	TBool iUsernamePresent;
	TBuf<KGeneralStringMaxLength> iUsername; 
		
	// Password in ASCII format
	TBool iPasswordPresent;
	TBuf<KGeneralStringMaxLength> iPassword;
		
	// Realm in ASCII format
	TBool iRealmPresent;
	TBuf<KGeneralStringMaxLength> iRealm; 
	
	// Use pseudonym identities in EAP-SIM/AKA
	TBool iUsePseudonymsPresent;
	TBool iUsePseudonyms;		
	
	// Whether EAP-TLS/TTLS/PEAP should verify server realm
	TBool iVerifyServerRealmPresent;
	TBool iVerifyServerRealm;
	
	// Whether EAP-TLS/TTLS/PEAP should require client authentication
	TBool iRequireClientAuthenticationPresent;
	TBool iRequireClientAuthentication;
	
	// General session validity time (in minutes)
	TBool iSessionValidityTimePresent;
	TUint iSessionValidityTime;
	
	// An array of allowed cipher suites for EAP-TLS/TTLS/PEAP. 
	// Refer to RFC2246 chapter A.5 for the values.
	TBool iCipherSuitesPresent;
	RArray<TUint> iCipherSuites;

	// In EAP-PEAP is version 0 allowed
	TBool iPEAPVersionsPresent;
	TBool iPEAPv0Allowed;
	TBool iPEAPv1Allowed;
	TBool iPEAPv2Allowed;
  	  
  	// Array listing the allowed certificates for EAP-TLS/TTLS/PEAP.
  	// Subject key ID and Certificate type are the only mandatory certificate 
  	// details needed at the moment.
  	TBool iCertificatesPresent;
	CArrayFixFlat<CertificateEntry> iCertificates;
	
	// Array listing the encapsulated EAP types (in priority order).
	// Use EAP type values from TEapType.
	TBool iEncapsulatedEAPTypesPresent;
	RArray<TUint> iEncapsulatedEAPTypes;
	
	// Whether Authenticated provisioning mode allowed or not in EAP-FAST.
	TBool iAuthProvModeAllowedPresent;
	TBool iAuthProvModeAllowed;

	// Whether Unauthenticated provisioning mode allowed or not in EAP-FAST.
	TBool iUnauthProvModeAllowedPresent;
	TBool iUnauthProvModeAllowed;
	
	// PAC group reference in ASCII format for EAP-FAST.
	TBool iPACGroupReferencePresent;
	TBuf<KGeneralStringMaxLength> iPACGroupReference;
	
	// Whether to Warn (or Prompt) for ADHP (Authenticated Diffie-Hellman Protocol) 
	// auto-provisioning when there is no PAC at all. EAP-FAST specific.
	TBool iWarnADHPNoPACPresent;	
	TBool iWarnADHPNoPAC;

	// Whether to Warn (or Prompt) for ADHP auto-provisioning when 
	// there is no PAC that matches the A-ID sent by server. EAP-FAST specific.
	TBool iWarnADHPNoMatchingPACPresent;	
	TBool iWarnADHPNoMatchingPAC;
	
	// Whether to Warn (or Prompt) when client encouters a server that has provisioned 
	// the client with a PAC before but is not currently selected as the default server. 
	// EAP-FAST specific.
	TBool iWarnNotDefaultServerPresent;
	TBool iWarnNotDefaultServer;	
};

#include "EapSettings.inl"

#endif
// End of file
FCL/sf/mw/accesssec