]> git.proxmox.com Git - mirror_edk2.git/blob - NetworkPkg/IScsiDxe/IScsiCHAP.h
projects / mirror_edk2.git / blob
? search:


b8811b7580f037e300f68ad893b9206086244159
[mirror_edk2.git] / NetworkPkg / IScsiDxe / IScsiCHAP.h
1 /** @file
2 The header file of CHAP configuration.
3
4 Copyright (c) 2004 - 2018, Intel Corporation. All rights reserved.<BR>
5 SPDX-License-Identifier: BSD-2-Clause-Patent
6
7 **/
8
9 #ifndef _ISCSI_CHAP_H_
10 #define _ISCSI_CHAP_H_
11
12 #define ISCSI_AUTH_METHOD_CHAP "CHAP"
13
14 #define ISCSI_KEY_CHAP_ALGORITHM "CHAP_A"
15 #define ISCSI_KEY_CHAP_IDENTIFIER "CHAP_I"
16 #define ISCSI_KEY_CHAP_CHALLENGE "CHAP_C"
17 #define ISCSI_KEY_CHAP_NAME "CHAP_N"
18 #define ISCSI_KEY_CHAP_RESPONSE "CHAP_R"
19
20 //
21 // Identifiers of supported CHAP hash algorithms:
22 // https://www.iana.org/assignments/ppp-numbers/ppp-numbers.xhtml#ppp-numbers-9
23 //
24 #define ISCSI_CHAP_ALGORITHM_MD5 5
25
26 //
27 // Byte count of the largest digest over the above-listed
28 // ISCSI_CHAP_ALGORITHM_* hash algorithms.
29 //
30 #define ISCSI_CHAP_MAX_DIGEST_SIZE MD5_DIGEST_SIZE
31
32 #define ISCSI_CHAP_STEP_ONE 1
33 #define ISCSI_CHAP_STEP_TWO 2
34 #define ISCSI_CHAP_STEP_THREE 3
35 #define ISCSI_CHAP_STEP_FOUR 4
36
37
38 #pragma pack(1)
39
40 typedef struct _ISCSI_CHAP_AUTH_CONFIG_NVDATA {
41 UINT8 CHAPType;
42 CHAR8 CHAPName[ISCSI_CHAP_NAME_STORAGE];
43 CHAR8 CHAPSecret[ISCSI_CHAP_SECRET_STORAGE];
44 CHAR8 ReverseCHAPName[ISCSI_CHAP_NAME_STORAGE];
45 CHAR8 ReverseCHAPSecret[ISCSI_CHAP_SECRET_STORAGE];
46 } ISCSI_CHAP_AUTH_CONFIG_NVDATA;
47
48 #pragma pack()
49
50 ///
51 /// ISCSI CHAP Authentication Data
52 ///
53 typedef struct _ISCSI_CHAP_AUTH_DATA {
54 ISCSI_CHAP_AUTH_CONFIG_NVDATA *AuthConfig;
55 UINT32 InIdentifier;
56 UINT8 InChallenge[1024];
57 UINT32 InChallengeLength;
58 //
59 // Calculated CHAP Response (CHAP_R) value.
60 //
61 UINT8 CHAPResponse[ISCSI_CHAP_MAX_DIGEST_SIZE];
62
63 //
64 // Auth-data to be sent out for mutual authentication.
65 //
66 // While the challenge size is technically independent of the hashing
67 // algorithm, it is good practice to avoid hashing *fewer bytes* than the
68 // digest size. In other words, it's good practice to feed *at least as many
69 // bytes* to the hashing algorithm as the hashing algorithm will output.
70 //
71 UINT32 OutIdentifier;
72 UINT8 OutChallenge[ISCSI_CHAP_MAX_DIGEST_SIZE];
73 } ISCSI_CHAP_AUTH_DATA;
74
75 /**
76 This function checks the received iSCSI Login Response during the security
77 negotiation stage.
78
79 @param[in] Conn The iSCSI connection.
80
81 @retval EFI_SUCCESS The Login Response passed the CHAP validation.
82 @retval EFI_OUT_OF_RESOURCES Failed to allocate memory.
83 @retval EFI_PROTOCOL_ERROR Some kind of protocol error occurred.
84 @retval Others Other errors as indicated.
85
86 **/
87 EFI_STATUS
88 IScsiCHAPOnRspReceived (
89 IN ISCSI_CONNECTION *Conn
90 );
91 /**
92 This function fills the CHAP authentication information into the login PDU
93 during the security negotiation stage in the iSCSI connection login.
94
95 @param[in] Conn The iSCSI connection.
96 @param[in, out] Pdu The PDU to send out.
97
98 @retval EFI_SUCCESS All check passed and the phase-related CHAP
99 authentication info is filled into the iSCSI
100 PDU.
101 @retval EFI_OUT_OF_RESOURCES Failed to allocate memory.
102 @retval EFI_PROTOCOL_ERROR Some kind of protocol error occurred.
103
104 **/
105 EFI_STATUS
106 IScsiCHAPToSendReq (
107 IN ISCSI_CONNECTION *Conn,
108 IN OUT NET_BUF *Pdu
109 );
110
111 #endif
EFI Development Kit II mirror for PVE