Share via

3.2.5.4.5 Received SoH Request TLV

  • Article

If the currentState variable is set to TUNNEL_ESTABLISHED or INNER_IDENTITY_SENT, then:

  • If isSoHEnabled is set to FALSE:

    1. Prepare an EAP NAK packet as per [RFC3748].

    2. Compress the EAP packet obtained in step 1 (as specified in section 3.1.5.6), and encrypt the compressed data by passing it to the TLS layer using the EncryptMessage method.

    3. Prepare a PEAP packet by keeping the encrypted data returned by the EncryptMessage method as the Data field of the PEAP packet. Then, send the PEAP packet to the server (see section 3.1.5.2.2).

  • If isSoHEnabled is set to TRUE:

    1. Obtain the SoH message using an implementation-specific mechanism. 

    2. Prepare a SoH TLV (section 2.2.8.2.2) with the SoH message obtained in step 1, and encrypt it by passing it to the TLS layer using the EncryptMessage method.

    3. Prepare a PEAP packet by keeping the encrypted data returned by the EncryptMessage method as the Data field of the PEAP packet. Then, send the PEAP packet to the server (see section 3.1.5.2.2).

If currentState is not set to TUNNEL_ESTABLISHED or INNER_IDENTITY_SENT, then the packet is ignored.