[mirror_edk2.git] / NetworkPkg / IScsiDxe / IScsiCHAP.h

/** @file\r
  The header file of CHAP configuration.\r
\r
Copyright (c) 2004 - 2018, Intel Corporation. All rights reserved.<BR>\r
SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
#ifndef _ISCSI_CHAP_H_\r
#define _ISCSI_CHAP_H_\r
\r
#define ISCSI_AUTH_METHOD_CHAP                    "CHAP"\r
\r
#define ISCSI_KEY_CHAP_ALGORITHM                  "CHAP_A"\r
#define ISCSI_KEY_CHAP_IDENTIFIER                 "CHAP_I"\r
#define ISCSI_KEY_CHAP_CHALLENGE                  "CHAP_C"\r
#define ISCSI_KEY_CHAP_NAME                       "CHAP_N"\r
#define ISCSI_KEY_CHAP_RESPONSE                   "CHAP_R"\r
\r
//\r
// Identifiers of supported CHAP hash algorithms:\r
// https://www.iana.org/assignments/ppp-numbers/ppp-numbers.xhtml#ppp-numbers-9\r
//\r
#define ISCSI_CHAP_ALGORITHM_MD5                  5\r
\r
//\r
// Byte count of the largest digest over the above-listed\r
// ISCSI_CHAP_ALGORITHM_* hash algorithms.\r
//\r
#define ISCSI_CHAP_MAX_DIGEST_SIZE                MD5_DIGEST_SIZE\r
\r
#define ISCSI_CHAP_STEP_ONE                       1\r
#define ISCSI_CHAP_STEP_TWO                       2\r
#define ISCSI_CHAP_STEP_THREE                     3\r
#define ISCSI_CHAP_STEP_FOUR                      4\r
\r
\r
#pragma pack(1)\r
\r
typedef struct _ISCSI_CHAP_AUTH_CONFIG_NVDATA {\r
  UINT8 CHAPType;\r
  CHAR8 CHAPName[ISCSI_CHAP_NAME_STORAGE];\r
  CHAR8 CHAPSecret[ISCSI_CHAP_SECRET_STORAGE];\r
  CHAR8 ReverseCHAPName[ISCSI_CHAP_NAME_STORAGE];\r
  CHAR8 ReverseCHAPSecret[ISCSI_CHAP_SECRET_STORAGE];\r
} ISCSI_CHAP_AUTH_CONFIG_NVDATA;\r
\r
#pragma pack()\r
\r
///\r
/// ISCSI CHAP Authentication Data\r
///\r
typedef struct _ISCSI_CHAP_AUTH_DATA {\r
  ISCSI_CHAP_AUTH_CONFIG_NVDATA *AuthConfig;\r
  UINT32                        InIdentifier;\r
  UINT8                         InChallenge[1024];\r
  UINT32                        InChallengeLength;\r
  //\r
  // Calculated CHAP Response (CHAP_R) value.\r
  //\r
  UINT8                         CHAPResponse[ISCSI_CHAP_MAX_DIGEST_SIZE];\r
\r
  //\r
  // Auth-data to be sent out for mutual authentication.\r
  //\r
  // While the challenge size is technically independent of the hashing\r
  // algorithm, it is good practice to avoid hashing *fewer bytes* than the\r
  // digest size. In other words, it's good practice to feed *at least as many\r
  // bytes* to the hashing algorithm as the hashing algorithm will output.\r
  //\r
  UINT32                        OutIdentifier;\r
  UINT8                         OutChallenge[ISCSI_CHAP_MAX_DIGEST_SIZE];\r
} ISCSI_CHAP_AUTH_DATA;\r
\r
/**\r
  This function checks the received iSCSI Login Response during the security\r
  negotiation stage.\r
\r
  @param[in] Conn             The iSCSI connection.\r
\r
  @retval EFI_SUCCESS          The Login Response passed the CHAP validation.\r
  @retval EFI_OUT_OF_RESOURCES Failed to allocate memory.\r
  @retval EFI_PROTOCOL_ERROR   Some kind of protocol error occurred.\r
  @retval Others               Other errors as indicated.\r
\r
**/\r
EFI_STATUS\r
IScsiCHAPOnRspReceived (\r
  IN ISCSI_CONNECTION  *Conn\r
  );\r
/**\r
  This function fills the CHAP authentication information into the login PDU\r
  during the security negotiation stage in the iSCSI connection login.\r
\r
  @param[in]       Conn        The iSCSI connection.\r
  @param[in, out]  Pdu         The PDU to send out.\r
\r
  @retval EFI_SUCCESS           All check passed and the phase-related CHAP\r
                                authentication info is filled into the iSCSI\r
                                PDU.\r
  @retval EFI_OUT_OF_RESOURCES  Failed to allocate memory.\r
  @retval EFI_PROTOCOL_ERROR    Some kind of protocol error occurred.\r
\r
**/\r
EFI_STATUS\r
IScsiCHAPToSendReq (\r
  IN      ISCSI_CONNECTION  *Conn,\r
  IN OUT  NET_BUF           *Pdu\r
  );\r
\r
#endif\r
Commit	Line	Data
4c5a5e0c	1	/** @file\r
	2	The header file of CHAP configuration.\r
	3	\r
f75a7f56	4	Copyright (c) 2004 - 2018, Intel Corporation. All rights reserved.<BR>\r
ecf98fbc	5	SPDX-License-Identifier: BSD-2-Clause-Patent\r
4c5a5e0c	6	\r
	7	**/\r
	8	\r
	9	#ifndef _ISCSI_CHAP_H_\r
	10	#define _ISCSI_CHAP_H_\r
	11	\r
7eba9f69	12	#define ISCSI_AUTH_METHOD_CHAP "CHAP"\r
4c5a5e0c	13	\r
7eba9f69 LE	14	#define ISCSI_KEY_CHAP_ALGORITHM "CHAP_A"\r
	15	#define ISCSI_KEY_CHAP_IDENTIFIER "CHAP_I"\r
	16	#define ISCSI_KEY_CHAP_CHALLENGE "CHAP_C"\r
	17	#define ISCSI_KEY_CHAP_NAME "CHAP_N"\r
	18	#define ISCSI_KEY_CHAP_RESPONSE "CHAP_R"\r
4c5a5e0c	19	\r
7b6c2b2a LE	20	//\r
	21	// Identifiers of supported CHAP hash algorithms:\r
	22	// https://www.iana.org/assignments/ppp-numbers/ppp-numbers.xhtml#ppp-numbers-9\r
	23	//\r
7eba9f69	24	#define ISCSI_CHAP_ALGORITHM_MD5 5\r
4c5a5e0c	25	\r
7b6c2b2a LE	26	//\r
	27	// Byte count of the largest digest over the above-listed\r
	28	// ISCSI_CHAP_ALGORITHM_* hash algorithms.\r
	29	//\r
	30	#define ISCSI_CHAP_MAX_DIGEST_SIZE MD5_DIGEST_SIZE\r
4c5a5e0c	31	\r
7eba9f69 LE	32	#define ISCSI_CHAP_STEP_ONE 1\r
	33	#define ISCSI_CHAP_STEP_TWO 2\r
	34	#define ISCSI_CHAP_STEP_THREE 3\r
	35	#define ISCSI_CHAP_STEP_FOUR 4\r
4c5a5e0c	36	\r
	37	\r
	38	#pragma pack(1)\r
	39	\r
	40	typedef struct _ISCSI_CHAP_AUTH_CONFIG_NVDATA {\r
	41	UINT8 CHAPType;\r
	42	CHAR8 CHAPName[ISCSI_CHAP_NAME_STORAGE];\r
	43	CHAR8 CHAPSecret[ISCSI_CHAP_SECRET_STORAGE];\r
	44	CHAR8 ReverseCHAPName[ISCSI_CHAP_NAME_STORAGE];\r
	45	CHAR8 ReverseCHAPSecret[ISCSI_CHAP_SECRET_STORAGE];\r
	46	} ISCSI_CHAP_AUTH_CONFIG_NVDATA;\r
	47	\r
	48	#pragma pack()\r
	49	\r
	50	///\r
	51	/// ISCSI CHAP Authentication Data\r
	52	///\r
	53	typedef struct _ISCSI_CHAP_AUTH_DATA {\r
	54	ISCSI_CHAP_AUTH_CONFIG_NVDATA *AuthConfig;\r
	55	UINT32 InIdentifier;\r
29cab43b	56	UINT8 InChallenge[1024];\r
4c5a5e0c	57	UINT32 InChallengeLength;\r
	58	//\r
	59	// Calculated CHAP Response (CHAP_R) value.\r
	60	//\r
7b6c2b2a	61	UINT8 CHAPResponse[ISCSI_CHAP_MAX_DIGEST_SIZE];\r
4c5a5e0c	62	\r
	63	//\r
	64	// Auth-data to be sent out for mutual authentication.\r
	65	//\r
95616b86 LE	66	// While the challenge size is technically independent of the hashing\r
	67	// algorithm, it is good practice to avoid hashing fewer bytes than the\r
	68	// digest size. In other words, it's good practice to feed *at least as many\r
	69	// bytes* to the hashing algorithm as the hashing algorithm will output.\r
	70	//\r
4c5a5e0c	71	UINT32 OutIdentifier;\r
7b6c2b2a	72	UINT8 OutChallenge[ISCSI_CHAP_MAX_DIGEST_SIZE];\r
4c5a5e0c	73	} ISCSI_CHAP_AUTH_DATA;\r
	74	\r
	75	/**\r
	76	This function checks the received iSCSI Login Response during the security\r
	77	negotiation stage.\r
	78	\r
	79	@param[in] Conn The iSCSI connection.\r
	80	\r
	81	@retval EFI_SUCCESS The Login Response passed the CHAP validation.\r
	82	@retval EFI_OUT_OF_RESOURCES Failed to allocate memory.\r
	83	@retval EFI_PROTOCOL_ERROR Some kind of protocol error occurred.\r
	84	@retval Others Other errors as indicated.\r
	85	\r
	86	**/\r
	87	EFI_STATUS\r
	88	IScsiCHAPOnRspReceived (\r
	89	IN ISCSI_CONNECTION *Conn\r
	90	);\r
	91	/**\r
	92	This function fills the CHAP authentication information into the login PDU\r
	93	during the security negotiation stage in the iSCSI connection login.\r
	94	\r
	95	@param[in] Conn The iSCSI connection.\r
	96	@param[in, out] Pdu The PDU to send out.\r
	97	\r
	98	@retval EFI_SUCCESS All check passed and the phase-related CHAP\r
83761337 LE	99	authentication info is filled into the iSCSI\r
83761337 LE	100	PDU.\r
4c5a5e0c	101	@retval EFI_OUT_OF_RESOURCES Failed to allocate memory.\r
	102	@retval EFI_PROTOCOL_ERROR Some kind of protocol error occurred.\r
	103	\r
	104	**/\r
	105	EFI_STATUS\r
	106	IScsiCHAPToSendReq (\r
	107	IN ISCSI_CONNECTION *Conn,\r
	108	IN OUT NET_BUF *Pdu\r
	109	);\r
	110	\r
	111	#endif\r