eap-0.8.0.0: Extensible Authentication Protocol (EAP)

Copyright(c) Erick Gonzalez 2017
LicenseBSD3
Maintainererick@codemonkeylabs.de
Stabilityexperimental
PortabilityPOSIX
Safe HaskellNone
LanguageHaskell2010

Network.EAP.Authentication

Description

This module provides functions implements EAP authentication schemes. New authentication types will be added as needed and contributions are very welcome.

Synopsis

Documentation

authenticateMSCHAPv2 Source #

Arguments

:: MSCHAPv2Data

Decoded data from the MSCHAPv2 response

-> ByteString

Authenticator challenge sent to the peer on a previous request

-> ByteString

Authenticating user password NT hash (MD4)

-> Except CryptoError Bool

Returns either an error from one of the encryption routines or a boolean indicating whether the user response matches the expected value

Authenticate the MSCHAPv2 response data to a given challenge request, using the supplied cleartext password.

generateAuthenticatorResponse Source #

Arguments

:: ByteString

Username

-> ByteString

NT password hash (MD4)

-> ByteString

NT Response

-> ByteString

Authenticator challenge

-> ByteString

Peer challenge

-> Except CryptoError ByteString

Returns either an error from one of the crypto routines or upon success, a 42 byte authenticator response

Calculate authenticator response as per [RFC2759], Section 8.7

generateNTResponse Source #

Arguments

:: ByteString

Authenticator challenge sent to the peer on a previous request

-> ByteString

Challenge sent back by authenticating peer

-> ByteString

MSCHAP username

-> ByteString

NT hash (MD4) of user password

-> Except CryptoError ByteString

Returns either an error from one of the encryption routines or the calculated NT response

Calculate the NT Response as per [RFC2759], Section 8.1

ntPasswordHash :: ByteString -> ByteString Source #

Hash an NT ascii plain-text. Password with MD4. Note that this function converts then password internally to Unicode, so feeding a Unicode password to it will *not* work