3.3.5.4.7 Received EAP TLV Extensions Method Packet

If currentState is set to FAILURE_TLV_SENT, then:

  1. If a Result TLV (section 2.2.8.1.2) is received with the value field set to 2, then send an EAP Failure packet (as specified in [RFC3748]) and change currentState to PEAP_FAILED.

If currentState is set to SUCCESS_TLV_SENT, then:

  1. If the received packet does not have a Result TLV, then ignore it and stop processing the packet.

  2. If a Result TLV is received with the value field set to 2 and isFastReconnectAllowed is set to TRUE, then prepare an EAP Request packet with the Type field as Identity (as specified in [RFC3748]).

    • Set isFastReconnectAllowed to FALSE, and change currentState to INNER_IDENTITY_REQ_SENT.

    • Compress the packet, and then encrypt it by passing it to the TLS layer using the EncryptMessage method.

    • Prepare a PEAP packet by keeping the encrypted data returned by the EncryptMessage method as the Data field of the PEAP packet.

    • Send the PEAP packet to the peer (see section 3.1.5.2.2).

    This completes the processing of the packet.

  3. If Result TLV is received with the value field set to 2, then send an EAP Failure packet (as specified in [RFC3748]) to peer. Change currentState to PEAP_FAILED. This completes the processing of the packet.

  4. If isCryptoSupported is set to FALSE, then send an EAP Success packet (as specified in [RFC3748]) to peer. Change currentState to PEAP_SUCCESS. This completes the processing of the packet.

  5. If the received packet contains a Cryptobinding TLV (section 2.2.8.1.1) whose validation (described in section 3.3.5.3) fails, then send a EAP Failure packet (as specified in [RFC3748]) to peer. Change currentState to PEAP_FAILED. This completes the processing of the packet.

  6. If the received packet does not contain a Cryptobinding TLV and isCryptoRequired is set to TRUE, then send an EAP Failure packet (as specified in [RFC3748]) to peer. Change currentState to PEAP_FAILED. This completes the processing of the packet.

  7. If the received packet does not satisfy any of the above conditions, then send an EAP Success packet (as specified in [RFC3748]) to peer. Change currentState to PEAP_SUCCESS.

If currentState is not set to FAILURE_TLV_SENT or SUCCESS_TLV_SENT, then the packet is ignored.