UMSKT
/
xpmgr
mirror of https://github.com/UMSKT/xpmgr.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
xpmgr/BuildTools/Include/eapmethodpeerapis.h

951 lines
34 KiB
C
Raw Blame History

///////////////////////////////////////////////////////////////////////////////
//
// Copyright (c) Microsoft Corporation
//
// SYNOPSIS
//
// Declares datastructures that are needed by eap methods on the Peer.
//
///////////////////////////////////////////////////////////////////////////////
#ifndef EAPPEERMETHODAPIS_H
#define EAPPEERMETHODAPIS_H
#pragma once
#include "objbase.h"
#include "msxml6.h"
#include "EapMethodTypes.h"
#ifndef EAPAUTHENTICATORACTIONDEFINE_H
#include "EapAuthenticatorActionDefine.h"
#endif
#ifdef __cplusplus
extern "C" {
#endif
//
// Defines used for installation of EAP DLL
// HKLM\System\CCS\Services\Eaphost\Methods\[AuthorId]\[EapTypeId])
//
// Custom EAP DLL registry installation example:
// Name = Sample.dll,
// AuthorId = 311(Microsoft),
// EapTypeId = (decimal 40)
// HKLM\System\CCS\Services\Eaphost\Methods\311\40
//
// PeerDllPath (REG_EXPAND_SZ) %SystemRoot%\system32\sample.dll
// PeerConfigUIPath (REG_EXPAND_SZ) %SystemRoot%\system32\sample.dll
// PeerInteractiveUIPath (REG_EXPAND_SZ) %SystemRoot%\system32\sample.dll
// PeerIdentityPath (REG_EXPAND_SZ) %SystemRoot%\system32\sample.dll
// PeerFriendlyName (REG_SZ) Sample EAP Protocol
// PeerRequireConfigUI (REG_DWORD) 1
//
// Defines used for installation of EAP DLL
// HKLM\System\CCS\Services\Eaphost\Methods\[AuthorId]\254\[VendorId]\[EapTypeId])
//
// Custom Expanded EAP DLL registry installation example:
// Name = Sample.dll,
// AuthorId = 311(Microsoft),
// VendorId = 311(Microsoft),
// EapTypeId = (decimal 40)
// HKLM\System\CCS\Services\Eaphost\Methods\311\254\311\40
//
// PeerDllPath (REG_EXPAND_SZ) %SystemRoot%\system32\sample.dll
// PeerConfigUIPath (REG_EXPAND_SZ) %SystemRoot%\system32\sample.dll
// PeerInteractiveUIPath (REG_EXPAND_SZ) %SystemRoot%\system32\sample.dll
// PeerIdentityPath (REG_EXPAND_SZ) %SystemRoot%\system32\sample.dll
// PeerFriendlyName (REG_SZ) Sample EAP Protocol
// PeerRequireConfigUI (REG_DWORD) 1
#define EAP_REGISTRY_LOCATION \
TEXT("System\\CurrentControlSet\\Services\\EapHost\\Methods")
#define EAP_PEER_VALUENAME_DLL_PATH TEXT("PeerDllPath")
#define EAP_PEER_VALUENAME_FRIENDLY_NAME TEXT("PeerFriendlyName")
#define EAP_PEER_VALUENAME_CONFIGUI TEXT("PeerConfigUIPath")
#define EAP_PEER_VALUENAME_REQUIRE_CONFIGUI TEXT("PeerRequireConfigUI")
#define EAP_PEER_VALUENAME_IDENTITY TEXT("PeerIdentityPath")
#define EAP_PEER_VALUENAME_INTERACTIVEUI TEXT("PeerInteractiveUIPath")
#define EAP_PEER_VALUENAME_INVOKE_NAMEDLG TEXT("PeerInvokeUsernameDialog")
#define EAP_PEER_VALUENAME_INVOKE_PWDDLG TEXT("PeerInvokePasswordDialog")
#define EAP_PEER_VALUENAME_PROPERTIES TEXT("Properties")
// This structure is used in EapPeerGetResult API to convey the authentication result and pass
// additional information to the EapHost and Supplicant.
typedef struct tagEapPeerMethodResult
{
BOOL fIsSuccess;
DWORD dwFailureReasonCode;
BOOL fSaveConnectionData;
DWORD dwSizeofConnectionData;
__field_bcount(dwSizeofConnectionData) BYTE* pConnectionData;
BOOL fSaveUserData;
DWORD dwSizeofUserData;
__field_bcount(dwSizeofUserData) BYTE* pUserData;
EAP_ATTRIBUTES* pAttribArray;
EAP_ERROR* pEapError;
} EapPeerMethodResult;
// List of functions corresponding to the particular EAP method
typedef struct _EAP_PEER_METHOD_ROUTINES
{
DWORD dwVersion;
EAP_TYPE* pEapType;
DWORD (APIENTRY * EapPeerInitialize) (EAP_ERROR** ppEapError);
DWORD (APIENTRY * EapPeerGetIdentity) (
IN DWORD flags,
IN DWORD dwSizeofConnectionData,
IN const BYTE* pConnectionData,
IN DWORD dwSizeofUserData,
IN const BYTE* pUserData,
IN HANDLE hTokenImpersonateUser,
OUT BOOL* pfInvokeUI,
IN OUT DWORD* pdwSizeOfUserDataOut,
OUT BYTE** ppUserDataOut,
OUT WCHAR** ppwszIdentity,
OUT EAP_ERROR** ppEapError
);
DWORD (APIENTRY * EapPeerBeginSession) (
IN DWORD dwFlags,
IN const EapAttributes* const pAttributeArray,
IN HANDLE hTokenImpersonateUser,
IN DWORD dwSizeofConnectionData,
IN BYTE* pConnectionData,
IN DWORD dwSizeofUserData,
IN BYTE* pUserData,
IN DWORD dwMaxSendPacketSize,
OUT EAP_SESSION_HANDLE* pSessionHandle,
OUT EAP_ERROR** ppEapError
);
DWORD (APIENTRY * EapPeerSetCredentials) (
IN EAP_SESSION_HANDLE sessionHandle,
IN WCHAR* pwszIdentity,
IN WCHAR* pwszPassword,
OUT EAP_ERROR** ppEapError
);
DWORD (APIENTRY * EapPeerProcessRequestPacket) (
IN EAP_SESSION_HANDLE sessionHandle,
IN DWORD cbReceivePacket,
IN EapPacket* pReceivePacket,
OUT EapPeerMethodOutput* pEapOutput,
OUT EAP_ERROR** ppEapError
);
DWORD (APIENTRY * EapPeerGetResponsePacket) (
IN EAP_SESSION_HANDLE sessionHandle,
IN OUT DWORD* pcbSendPacket,
OUT EapPacket* pSendPacket,
OUT EAP_ERROR** ppEapError
);
DWORD (APIENTRY * EapPeerGetResult) (
IN EAP_SESSION_HANDLE sessionHandle,
IN EapPeerMethodResultReason reason,
OUT EapPeerMethodResult* ppResult,
OUT EAP_ERROR** ppEapError
);
DWORD (APIENTRY * EapPeerGetUIContext) (
IN EAP_SESSION_HANDLE sessionHandle,
OUT DWORD* dwSizeOfUIContextData,
OUT BYTE** pUIContextData,
OUT EAP_ERROR** ppEapError
);
DWORD (APIENTRY * EapPeerSetUIContext) (
IN EAP_SESSION_HANDLE sessionHandle,
IN DWORD dwSizeOfUIContextData,
IN const BYTE* pUIContextData,
OUT EapPeerMethodOutput* pEapOutput,
OUT EAP_ERROR** ppEapError
);
DWORD (APIENTRY * EapPeerGetResponseAttributes) (
IN EAP_SESSION_HANDLE sessionHandle,
OUT EapAttributes* pAttribs,
OUT EAP_ERROR** ppEapError
);
DWORD (APIENTRY * EapPeerSetResponseAttributes) (
IN EAP_SESSION_HANDLE sessionHandle,
IN EapAttributes* pAttribs,
OUT EapPeerMethodOutput* pEapOutput,
OUT EAP_ERROR** ppEapError
);
DWORD (APIENTRY * EapPeerEndSession) (
IN EAP_SESSION_HANDLE sessionHandle,
OUT EAP_ERROR** ppEapError
);
DWORD (APIENTRY * EapPeerShutdown) (OUT EAP_ERROR** ppEapError);
} EAP_PEER_METHOD_ROUTINES;
//
// EAP Functions
//
// General comment regarding all APIs defined in this file:
//
// If the function succeeds, it returns ERROR_SUCCESS. Otherwise, it is
// considered failure.
//
// If an error code is returned, the out parameter ppEapError will contain
// related error information. The caller is expected to look into it to
// find out the error informations.
// However, there are some situation that it may not be possible to fill
// out information for ppEapError. For example, in out of memory situation,
// the method implementation may not be able to allocate memory for
// ppEapError as well. If for any reason it is not possible to fill ppEapError,
// *ppEapError should be set to NULL.
// This function should be an exported function from the DLL
//
// If any other APIs in this file returns EAP_ERROR, use this
// function to free the memory allocated for it
VOID WINAPI EapPeerFreeErrorMemory(IN EAP_ERROR* pEapError);
// This function should be an exported function from the DLL
//
// Returns information related to a given EAP type.
// Parameters:
// - pEapType:
// the EAP type for this EAP method. Implementation should check this input
// to make sure that it is the same as the method being implemented.
//
// - pEapInfo:
// returns all the information related for pEapType.
DWORD WINAPI EapPeerGetInfo(
IN EAP_TYPE* pEapType,
OUT EAP_PEER_METHOD_ROUTINES* pEapInfo,
OUT EAP_ERROR** ppEapError
);
// This is the first function that EAPHost should call on this method.
// The only exception is EapPeerFreeErrorMemory() and EapPeerGetInfo(),
// which can be called at any time.
// This function should be called only once and it should initialize
// everything needed for this method work properly.
DWORD WINAPI EapPeerInitialize(OUT EAP_ERROR** ppEapError);
// EAPHost will call this function, and it would return user data
// and user identity.
// Parameters:
// - dwFlags:
// EAP_FLAG_xxx defined in eaptypes.w
//
// - dwSizeofConnectionData:
// size of the buffer (pConnectionData) in bytes
//
// - pConnectionData:
// connection data specific to this method. It will be used to decide
// the user data returned from this API, when the user data depends on
// certain connection data configuration. The method implementation should
// have default values for connection data, and when this parameter
// is NULL, the default connection data should be used.
//
// - dwSizeofUserData:
// size of the buffer (pUserData) in bytes.
//
// - pUserData:
// the user data specific to this authentication. It will be used to
// pre-populate the user data.
// When this API is called for the first time, or when it needs to start
// a fresh authentication sessin, this parameter will be NULL.
// When it is not NULL, its content should be the user data returned
// from EapPeerGetResult() (*ppResult)->pUserData from previous successful
// authentication session, if that session indicated that user data should be
// saved.
//
// - pfInvokeUI:
// should return true if the user identity and user data blob can not be
// returned successfully and the method decides that it has to collect the
// information from the user through UI.
//
// - pdwSizeOfUserDataOut:
// *pdwSizeOfUserDataOut is the size of buffer *ppUserDataOut
//
// - ppUserDataOut:
// returned user data. The data will be passed to EapPeerBeginSession()
// as input pUserData
//
// - ppwszIdentity:
// returned user identity. It will be included in the identity response packet
// and returned to the server.
DWORD WINAPI EapPeerGetIdentity (
IN DWORD dwFlags,
IN DWORD dwSizeofConnectionData,
IN const BYTE* pConnectionData,
IN DWORD dwSizeofUserData,
IN const BYTE* pUserData,
IN HANDLE hTokenImpersonateUser,
OUT BOOL* pfInvokeUI,
IN OUT DWORD* pdwSizeOfUserDataOut,
OUT BYTE** ppUserDataOut,
OUT __out LPWSTR* ppwszIdentity,
OUT EAP_ERROR** ppEapError
);
// Start an authentication session.
// Parameters:
// - dwFlags:
// EAP_FLAG_xxx defined in eaptypes.w
//
// - pAttributeArray:
// attributes passed to the method.
//
// - hTokenImpersonateUser:
// Impersonation token for the user to be authenticated.
//
// - dwSizeofConnectionData:
// size of the buffer (pConnectionData) in bytes
//
// - pConnectionData:
// See the comment for pConnectionData for EapPeerGetIdentity()
//
// - dwSizeofUserData:
// size of the buffer (pUserData) in bytes
//
// - pUserData:
// user data returned from EapPeerGetIdentity()
//
// - dwMaxSendPacketSize:
// maximum packet size that the method can send. If the method needs to
// send a message larger than this size, the method has to handle fragmentation
// and resembling.
//
// - pSessionHandle:
// This is an "identifier" of the authentication session.
// When other EapPeerXxxx() functions with a sessionHandle parameter
// being called, *pSessionHandle will be passed as the session handle.
// The method should be able to use this to find the information related
// the authentication session.
DWORD WINAPI EapPeerBeginSession(
IN DWORD dwFlags,
IN const EapAttributes* const pAttributeArray,
IN HANDLE hTokenImpersonateUser,
IN DWORD dwSizeofConnectionData,
IN BYTE* pConnectionData,
IN DWORD dwSizeofUserData,
IN BYTE* pUserData,
IN DWORD dwMaxSendPacketSize,
OUT EAP_SESSION_HANDLE* pSessionHandle,
OUT EAP_ERROR** ppEapError
);
// A method exports either EapPeerGetIdentity (and EapPeerInvokeIdentityUI) or
// exports EapPeerSetCredentials (and sets the InvokeUserNameDlg regkey). The
// registry key controls which of the two apis will get called.
DWORD WINAPI EapPeerSetCredentials(
IN EAP_SESSION_HANDLE sessionHandle,
IN __in LPWSTR pwszIdentity,
IN __in LPWSTR pwszPassword,
OUT EAP_ERROR** ppEapError
);
// EAPHost will pass the packet to the method for processing.
// Parameters:
// - sessionHandle:
// the value returned through *pSessionHandle from EapPeerBeginSession()
//
// - cbRecevedPacket:
// buffer size of (pReceivePacket) in bytes
//
// - pReceivedPacket:
// pointer to received packet
//
// - pEapOutput:
// the method should fill this struct to tell the supplicant what to do.
DWORD WINAPI EapPeerProcessRequestPacket(
IN EAP_SESSION_HANDLE sessionHandle,
IN DWORD cbReceivedPacket,
IN EapPacket* pReceivedPacket,
OUT EapPeerMethodOutput* pEapOutput,
OUT EAP_ERROR** ppEapError
);
// This function returns the packet to be sent to the server.
// Parameters:
// - sessionHandle:
// the value returned through *pSessionHandle from EapPeerBeginSession()
//
// - pcbSendPacket:
// *pcbSendPacket is the size of the buffer for (pSendPacket) when passed in.
// Upon return, *pcbSendPacket is the sizeof the actual content in pSendPacket
//
// - pSendPacket:
// pointer to a buffer that contains the packet to send upon return
DWORD WINAPI EapPeerGetResponsePacket(
IN EAP_SESSION_HANDLE sessionHandle,
IN OUT DWORD* pcbSendPacket,
OUT EapPacket* pSendPacket,
OUT EAP_ERROR** ppEapError
);
// This will get called either when a method says that it has completed auth.
// or when the lower layer receives an alternative result.
// parameters:
// - sessionHandle:
// the value returned through *pSessionHandle from EapPeerBeginSession()
//
// - reason:
// one of the reason enum defined above in this file.
//
// - ppResult:
// Method should fill this struct with related information as defined
// by EapPeerMethodResult
DWORD WINAPI EapPeerGetResult(
IN EAP_SESSION_HANDLE sessionHandle,
IN EapPeerMethodResultReason reason,
OUT EapPeerMethodResult* ppResult,
OUT EAP_ERROR** ppEapError
);
// This will get called if UI should be raised during authentication session.
// This function will always be followed by EapPeerInvokeInteractiveUI() and
// then followed by EapPeerSetUIContext()
// parameters:
// - sessionHandle:
// the value returned through *pSessionHandle from EapPeerBeginSession()
//
// - pdwSizeOfUIContextData:
// *pdwSizeOfUIContextData is the size of *ppUIContextData in bytes.
//
// - ppUIContextData:
// It will be passed to EapPeerInvokeInteractiveUI() as IN parameter
// pUIContextData
DWORD WINAPI EapPeerGetUIContext(
IN EAP_SESSION_HANDLE sessionHandle,
OUT DWORD* pdwSizeOfUIContextData,
OUT BYTE** ppUIContextData,
OUT EAP_ERROR** ppEapError
);
// It will be called after UI has been raised. Refer to EapPeerGetUIContext()
// for more information.
// parameters:
// - sessionHandle:
// the value returned through *pSessionHandle from EapPeerBeginSession()
//
// - dwSizeOfUIContextData:
// size of pUIContextData in bytes.
//
// - pUIContextData:
// This is the data returned from EapPeerInvokeInteractiveUI() OUT parameter
// *ppDataFromInteractiveUI
//
// - pEapOutput:
// the method should fill this struct to tell the supplicant what to do.
DWORD WINAPI EapPeerSetUIContext(
IN EAP_SESSION_HANDLE sessionHandle,
IN DWORD dwSizeOfUIContextData,
IN const BYTE* pUIContextData,
OUT EapPeerMethodOutput* pEapOutput,
OUT EAP_ERROR** ppEapError
);
// If EAPHost calls any of the EapPeerXxxx() function, and that function has
// pEapOutput as a OUT parameter, and the action code in it is
// EapPeerMethodResponseActionRespond, this function will be the next function
// that EAPHost will call.
// And it will be follow by a call to EapPeerSetResponseAttributes()
// parameters:
// - sessionHandle:
// the value returned through *pSessionHandle from EapPeerBeginSession()
//
// - pAttributes:
// method should fill this with the attributes it need to return.
DWORD WINAPI EapPeerGetResponseAttributes(
IN EAP_SESSION_HANDLE sessionHandle,
OUT EapAttributes* pAttribs,
OUT EAP_ERROR** ppEapError
);
// See EapPeerGetResponseAttributes() for when this function will be called.
// parameters:
// - sessionHandle:
// the value returned through *pSessionHandle from EapPeerBeginSession()
//
// - pAttributes:
// attributes passed to this method.
//
// - pEapOutput:
// the method should fill this struct to tell the supplicant what to do.
DWORD WINAPI EapPeerSetResponseAttributes(
IN EAP_SESSION_HANDLE sessionHandle,
IN EapAttributes* pAttribs,
OUT EapPeerMethodOutput* pEapOutput,
OUT EAP_ERROR** ppEapError
);
// The last function that will be called for this authentication session.
// - sessionHandle:
// the value returned through *pSessionHandle from EapPeerBeginSession()
//
DWORD WINAPI EapPeerEndSession(
IN EAP_SESSION_HANDLE sessionHandle,
OUT EAP_ERROR** ppEapError
);
// This is the last function that EAPHost should call on this method.
// The only exception is EapPeerFreeErrorMemory() and EapPeerGetInfo(),
// which can be called at any time.
// This function should be called only once and it should un-initialize
// everything for this method.
DWORD WINAPI EapPeerShutdown(OUT EAP_ERROR** ppEapError);
// It should raise a configuration UI so that the user can configure the method
// parameters:
// - pEapType:
// method type for this method
//
// - hwndParent:
// The parent window for the UI to be raised by this function.
//
// - dwFlags:
// EAP_FLAG_xxx defined in eaptypes.w
//
// - dwSizeOfConnectionDataIn:
// size of pConnectionDataIn in bytes
//
// - pConnectionDataIn:
// Used to pre-populate the configuration UI. The first time this function
// is called, or if it is desired to start from scratch, it will be NULL,
// otherwise, it will be the data returned from previous
// EapPeerInvokeConfigUI() ppConnectionDataOut OUT parameter
//
// - pdwSizeOfConnectionDataOut:
// *pdwSizeOfConnectionDataOut is the size of *ppConnectionDataOut
//
// - ppConnectionDataOut:
// *ppConnectionDataOut is configuration data returned from this functioin.
// It will be used to pass to next EapPeerInvokeConfigUI() call.
DWORD WINAPI EapPeerInvokeConfigUI(
IN EAP_METHOD_TYPE* pEapType,
IN HWND hwndParent,
IN DWORD dwFlags,
IN DWORD dwSizeOfConnectionDataIn,
IN BYTE* pConnectionDataIn,
OUT DWORD* pdwSizeOfConnectionDataOut,
OUT BYTE** ppConnectionDataOut,
OUT EAP_ERROR** ppEapError
);
// This function should raise interactive UI for the Method. What UI to be raised and how to raise
// is Method specific information that is embedded in pUIContextData.
//
// Parameters:
// - pEapType:
// method type for this method
//
// - hwndParent:
// The parent window for the UI to be raised by this function.
//
// - dwFlags:
// EAP_FLAG_xxx defined in eaptypes.w
// - dwSizeofUIContextData:
// Number of bytes of UIContext data referred by pUIContextData.
// - pUIContextData:
// A blob that conveys the state of the authentication and describes what and how to show the UI
// to the user.
// - pdwSizeOfDataFromInteractiveUI
// Number of bytes of blob referred by *ppDataFromInteractiveUI.
// - ppDataFromInteractiveUI
// A UI context blob that captures the result of UI interaction
// - pEapError
// Pointer to pointer to EAP_ERROR that will be filled by the Method in the case of error. In some cases
// the structure might not be filled.
DWORD WINAPI EapPeerInvokeInteractiveUI(
IN EAP_METHOD_TYPE* pEapType,
IN HWND hwndParent,
IN DWORD dwSizeofUIContextData,
IN BYTE* pUIContextData,
OUT DWORD* pdwSizeOfDataFromInteractiveUI,
OUT BYTE** ppDataFromInteractiveUI,
OUT EAP_ERROR** ppEapError
);
// This function should raise credential UI for the Method. Method can use the configuration passed in to
// decide what kind of UI should be shown to the user.
//
// Parameters:
// - pEapType:
// method type for this method
//
// - dwFlags:
// EAP_FLAG_xxx defined in eaptypes.w
//
// - hwndParent:
// The parent window for the UI to be raised by this function.
//
// - dwSizeOfConnectionData:
// Number of bytes of pConnectionData.
//
// - pConnectionData:
// Configuration blob for the Method.
//
// - dwSizeOfUserData
// Number of bytes of pUserData.
//
// - pUserData
// Cached credential blob. This would be NULL if this is the first time successful authentication is being done.
//
// - ppwszIdentity
// Pointer to unicode string that receives the identity that EapHost should use as part of EAP Identity reponse.
//
// - pEapError
// Pointer to pointer to EAP_ERROR that will be filled by the Method in the case of error. In some cases
// the structure might not be filled.
DWORD WINAPI EapPeerInvokeIdentityUI(
IN EAP_METHOD_TYPE* pEapType,
IN DWORD dwFlags,
IN HWND hwndParent,
IN DWORD dwSizeOfConnectionData,
IN const BYTE* pConnectionData,
IN DWORD dwSizeOfUserData,
IN const BYTE* pUserData,
OUT DWORD* pdwSizeOfUserDataOut,
OUT BYTE** ppUserDataOut,
OUT __out LPWSTR* ppwszIdentity,
OUT EAP_ERROR** ppEapError
);
// This function returns credential fields to be shown to the user for the authentication. As part of this function
// Method should not bring up UI instead it should describe what credentials are to be obtained. Based on the
// return values, Supplicant draws the UI to the user and obtains the requested credentials.
//
// Parameters:
// - hUserImpersonationToken:
// Impersonation token of the user/machine who is being authenticated.
//
// - eapMethodType
// method type for this method
//
// - dwFlags:
// EAP_FLAG_xxx defined in eaptypes.w
//
// - dwEapConnDataSize:
// Number of bytes of pbEapConnData.
//
// - pbEapConnData:
// Configuration blob for the Method.
//
// - dwSizeOfUserData
// Number of bytes of pUserData.
//
// - pEapConfigFieldsArray
// Pointer to EAP_CONFIG_INPUT_FIELD_ARRAY that receives array of credential fields.
//
// - pEapError
// Pointer to pointer to EAP_ERROR that will be filled by the Method in the case of error. In some cases
// the structure might not be filled.
DWORD WINAPI EapPeerQueryCredentialInputFields(
IN HANDLE hUserImpersonationToken,
IN EAP_METHOD_TYPE eapMethodType,
IN DWORD dwFlags,
IN DWORD dwEapConnDataSize,
IN __in_ecount(dwEapConnDataSize) BYTE* pbEapConnData,
OUT EAP_CONFIG_INPUT_FIELD_ARRAY* pEapConfigFieldsArray,
OUT EAP_ERROR** ppEapError
);
// This function returns credential blob based on the credentials passed in the credential array structure.
// Method should not bring up UI. It should convert the credentials in to a blob that could be passed to
// EapPeerBeginSession.
//
// Parameters:
// - hUserImpersonationToken:
// Impersonation token of the user/machine who is being authenticated.
//
// - eapMethodType
// method type for this method
//
// - dwFlags:
// EAP_FLAG_xxx defined in eaptypes.w
//
// - dwEapConnDataSize:
// Number of bytes of pbEapConnData.
//
// - pbEapConnData:
// Configuration blob for the Method.
//
// - dwSizeOfUserData
// Number of bytes of pUserData.
//
// - pEapConfigFieldsArray
// Pointer to EAP_CONFIG_INPUT_FIELD_ARRAY that contains array of credential fields filled by supplicant.
//
// - pdwUserBlobSize:
// Pointer to DWORD that receives the size of the ppbUserBlob.
//
// - ppbUserBlob
// Pointer to buffer that receives credential blob.
//
// - pEapError
// Pointer to pointer to EAP_ERROR that will be filled by the Method in the case of error. In some cases
// the structure might not be filled.
DWORD WINAPI EapPeerQueryUserBlobFromCredentialInputFields(
IN HANDLE hUserImpersonationToken,
IN EAP_METHOD_TYPE eapMethodType,
IN DWORD dwFlags,
IN DWORD dwEapConnDataSize,
IN __in_ecount(dwEapConnDataSize) BYTE* pbEapConnData,
IN const EAP_CONFIG_INPUT_FIELD_ARRAY *pEapConfigInputFieldArray,
// pointer to DWORD that receives size of credential blob, if EAPHost passes in
// non-zero size and non-NULL data below, EAP-method will just attempt to Update
// the blob with passed in values (if supported) instead of creating a new one. EAP-method
// is not expected to release the passed in buffer, EAPHost will release it after API completion..
IN OUT DWORD *pdwUserBlobSize,
IN OUT __deref_out_ecount(*pdwUserBlobSize) BYTE **ppbUserBlob,
OUT EAP_ERROR** ppEapError
);
// This function returns fields to be displayed during interactive time when alternative UI is used.
// Method should not bring up UI in this function.
//
DWORD WINAPI EapPeerQueryInteractiveUIInputFields(
// API's version number for ease of interoperability. It must be 0.
IN DWORD dwVersion,
// control the behavior of the EAP Methods
IN DWORD dwFlags,
// size of UIcontext data EAPHost runtime
IN DWORD dwSizeofUIContextData,
// UIContext data received from EAPHost runtime
IN __in_ecount(dwSizeofUIContextData) const BYTE* pUIContextData,
//structure that gets filled with fields and how they should be shown to the user.
// Caller (EapHost) should free the memory using EapPeerFreeMemory.
OUT EAP_INTERACTIVE_UI_DATA* pEapInteractiveUIData,
// In case of error, API fills ppEapError if possible. Caller should free ppEapError using EapPeerFreeErrorMemory
OUT EAP_ERROR** ppEapError,
// Reserved for future usage. It must be NULL.
IN OUT LPVOID *ppvReserved
);
// This function returns interactive UI blob from the UI fields filled by the user
//
DWORD WINAPI EapPeerQueryUIBlobFromInteractiveUIInputFields(
// API's version number for ease of interoperability. It must be 0.
IN DWORD dwVersion,
// control the behavior of the EAP Methods
IN DWORD dwFlags,
// size of UIcontext data EAPHost runtime
IN DWORD dwSizeofUIContextData,
// UIContext data received from EAPHost runtime
IN __in_ecount(dwSizeofUIContextData) const BYTE* pUIContextData,
// structure that carries data provided by user
IN const EAP_INTERACTIVE_UI_DATA *pEapInteractiveUIData,
// pointer to DWORD that receives size of credential blob
OUT DWORD * pdwSizeOfDataFromInteractiveUI,
// Pointer that receives the credential blob that can be used in authentication.
// Caller (EapHost) should free the memory using EapPeerFreeMemory.
OUT __deref_out_ecount(*pdwSizeOfDataFromInteractiveUI) BYTE ** ppDataFromInteractiveUI,
// In case of error, API fills ppEapError if possible. Caller should free ppEapError using EapPeerFreeErrorMemory
OUT EAP_ERROR** ppEapError,
// Reserved for future usage. It must be NULL.
IN OUT LPVOID *ppvReserved
);
// This function converts XML document containing configuration information into a blob that could be passed to other
// APIs that expect configuration blob.
//
// Parameters:
// - dwFlags:
// EAP_FLAG_xxx defined in eaptypes.w
//
// - eapMethodType
// method type for this method
//
// - dwEapConnDataSize:
// Number of bytes of pbEapConnData.
//
// - pConfigDoc:
// Pointer to XMLDOMDocument2 that refers to the XML document containg the configuration XML
//
// - ppConfigOut
// Pointer to buffer that receives configuration blob.
//
// - pdwSizeOfConfigOut
// Pointer to DWORD that receives size of ppConfigOut.
//
// - pEapError
// Pointer to pointer to EAP_ERROR that will be filled by the Method in the case of error. In some cases
// the structure might not be filled.
DWORD WINAPI EapPeerConfigXml2Blob(
IN DWORD dwFlags,
IN EAP_METHOD_TYPE eapMethodType,
IN IXMLDOMDocument2* pConfigDoc,
OUT __out_ecount(*pdwSizeOfConfigOut) BYTE** ppConfigOut,
OUT DWORD* pdwSizeOfConfigOut,
OUT EAP_ERROR** ppEapError
);
// This function converts XML document containing credential information into a blob that could be passed to other
// APIs that expect credential blob.
//
// Parameters:
// - dwFlags:
// EAP_FLAG_xxx defined in eaptypes.w
//
// - eapMethodType
// method type for this method
//
// - pCredentialsDoc:
// Pointer to XMLDOMDocument2 that refers to the XML document containg the credential XML
//
// - pConfigIn
// Pointer to buffer that contains configuration blob.
//
// - dwSizeOfConfigIn
// Size of pConfigIn
//
// - ppCredentialsOut
// Pointer to buffer that receives the credential blob
//
// - pdwSizeOfCredentialsOut
// Pointer to DWORD that receives size of ppCredentialsOut
//
// - pEapError
// Pointer to pointer to EAP_ERROR that will be filled by the Method in the case of error. In some cases
// the structure might not be filled.
DWORD WINAPI EapPeerCredentialsXml2Blob(
IN DWORD dwFlags,
IN EAP_METHOD_TYPE eapMethodType,
IN IXMLDOMDocument2* pCredentialsDoc,
IN __in_ecount(dwSizeOfConfigIn) const BYTE* pConfigIn,
IN DWORD dwSizeOfConfigIn,
OUT __out_ecount(*pdwSizeOfCredentialsOut) BYTE** ppCredentialsOut,
OUT DWORD* pdwSizeOfCredentialsOut,
OUT EAP_ERROR** ppEapError
);
// This function converts configuration blob into configuration XML document. Methods exporting this API
// will be supporting exporting of and importing of configuration with out problem. It also helps administrators
// modify the configuration.
//
// Parameters:
// - dwFlags:
// EAP_FLAG_xxx defined in eaptypes.w
//
// - eapMethodType
// method type for this method
//
// - pConfigIn:
// Configuration blob
//
// - dwSizeOfConfigIn
// Size of pConfigIn
//
// - ppConfigDoc
// Pointer to IXMLDOMDocument2 that receives configuration XML for the given configuration blob.
//
// - pEapError
// Pointer to pointer to EAP_ERROR that will be filled by the Method in the case of error. In some cases
// the structure might not be filled.
DWORD WINAPI EapPeerConfigBlob2Xml(
IN DWORD dwFlags,
IN EAP_METHOD_TYPE eapMethodType,
IN __in_ecount(dwSizeOfConfigIn) const BYTE* pConfigIn,
IN DWORD dwSizeOfConfigIn,
OUT IXMLDOMDocument2** ppConfigDoc,
OUT EAP_ERROR** ppEapError
);
// This function retrieves the method properties for a specific configuration data. The method properties
// returned by the API will be a subset of the properties value in the registry.
//
// Parameters:
// - dwVersion:
// The version number of the API.
//
// - dwFlags
// A combination of EAP flags that describe the EAP authentication session behavior.
//
// - hUserImpersonationToken
// An impersonation token for the user whose credentials are to be requested and obtained.
//
// - eapMethodType
// An EAP_METHOD_TYPE structure that contains vendor and author information about the
// EAP method used for authenticating the connection.
//
// - dwSizeOfConnectionDataIn
// The size, in bytes, of the connection data buffer provided in pConnectionDataIn
//
// - pConnectionDataIn
// Connection data used for the EAP method
//
// - dwSizeOfUserDataIn
// The size in bytes of the user data buffer provided in pUserDataIn
//
// - pUserDataIn
// A pointer to a byte buffer that contains the opaque user data BLOB
//
// - pMethodPropertyArray
// A pointer to the method properties array.
//
// - ppEapError
// A pointer to a pointer to an EAP_ERROR structure that contains any errors raised by
// EAPHost during the execution of this function call.
DWORD WINAPI EapPeerGetMethodProperties(
IN DWORD dwVersion,
IN DWORD dwFlags,
IN EAP_METHOD_TYPE eapMethodType,
IN HANDLE hUserImpersonationToken,
IN DWORD dwSizeOfConnectionDataIn,
IN BYTE* pConnectionDataIn,
IN DWORD dwSizeOfUserDataIn,
IN BYTE* pUserDataIn,
OUT EAP_METHOD_PROPERTY_ARRAY* pMethodPropertyArray,
OUT EAP_ERROR** ppEapError
);
// This function frees memory returned by the configuration APIs. This function is called by EapHost when
// it is done with the memory returned by the Method.
//
// Parameters:
// - pUIContextData:
// Any memory returned by configuration APIs.
//
VOID WINAPI EapPeerFreeMemory(
IN void* pUIContextData
);
#ifdef __cplusplus
}
#endif
#endif // EAP_PEER_METHOD_APIS_H
Reference in New Issue View Git Blame Copy Permalink