#ifndef _ISCSI_CHAP_H_\r
#define _ISCSI_CHAP_H_\r
\r
-#define ISCSI_AUTH_METHOD_CHAP "CHAP"\r
+#define ISCSI_AUTH_METHOD_CHAP "CHAP"\r
\r
-#define ISCSI_KEY_CHAP_ALGORITHM "CHAP_A"\r
-#define ISCSI_KEY_CHAP_IDENTIFIER "CHAP_I"\r
-#define ISCSI_KEY_CHAP_CHALLENGE "CHAP_C"\r
-#define ISCSI_KEY_CHAP_NAME "CHAP_N"\r
-#define ISCSI_KEY_CHAP_RESPONSE "CHAP_R"\r
+#define ISCSI_KEY_CHAP_ALGORITHM "CHAP_A"\r
+#define ISCSI_KEY_CHAP_IDENTIFIER "CHAP_I"\r
+#define ISCSI_KEY_CHAP_CHALLENGE "CHAP_C"\r
+#define ISCSI_KEY_CHAP_NAME "CHAP_N"\r
+#define ISCSI_KEY_CHAP_RESPONSE "CHAP_R"\r
\r
//\r
// Identifiers of supported CHAP hash algorithms:\r
// https://www.iana.org/assignments/ppp-numbers/ppp-numbers.xhtml#ppp-numbers-9\r
//\r
-#define ISCSI_CHAP_ALGORITHM_MD5 5\r
+#define ISCSI_CHAP_ALGORITHM_MD5 5\r
+#define ISCSI_CHAP_ALGORITHM_SHA256 7\r
\r
//\r
// Byte count of the largest digest over the above-listed\r
// ISCSI_CHAP_ALGORITHM_* hash algorithms.\r
//\r
-#define ISCSI_CHAP_MAX_DIGEST_SIZE MD5_DIGEST_SIZE\r
-\r
-#define ISCSI_CHAP_STEP_ONE 1\r
-#define ISCSI_CHAP_STEP_TWO 2\r
-#define ISCSI_CHAP_STEP_THREE 3\r
-#define ISCSI_CHAP_STEP_FOUR 4\r
+#define ISCSI_CHAP_MAX_DIGEST_SIZE SHA256_DIGEST_SIZE\r
\r
+#define ISCSI_CHAP_STEP_ONE 1\r
+#define ISCSI_CHAP_STEP_TWO 2\r
+#define ISCSI_CHAP_STEP_THREE 3\r
+#define ISCSI_CHAP_STEP_FOUR 4\r
\r
#pragma pack(1)\r
\r
typedef struct _ISCSI_CHAP_AUTH_CONFIG_NVDATA {\r
- UINT8 CHAPType;\r
- CHAR8 CHAPName[ISCSI_CHAP_NAME_STORAGE];\r
- CHAR8 CHAPSecret[ISCSI_CHAP_SECRET_STORAGE];\r
- CHAR8 ReverseCHAPName[ISCSI_CHAP_NAME_STORAGE];\r
- CHAR8 ReverseCHAPSecret[ISCSI_CHAP_SECRET_STORAGE];\r
+ UINT8 CHAPType;\r
+ CHAR8 CHAPName[ISCSI_CHAP_NAME_STORAGE];\r
+ CHAR8 CHAPSecret[ISCSI_CHAP_SECRET_STORAGE];\r
+ CHAR8 ReverseCHAPName[ISCSI_CHAP_NAME_STORAGE];\r
+ CHAR8 ReverseCHAPSecret[ISCSI_CHAP_SECRET_STORAGE];\r
} ISCSI_CHAP_AUTH_CONFIG_NVDATA;\r
\r
#pragma pack()\r
//\r
typedef\r
UINTN\r
-(EFIAPI *CHAP_HASH_GET_CONTEXT_SIZE) (\r
+(EFIAPI *CHAP_HASH_GET_CONTEXT_SIZE)(\r
VOID\r
);\r
\r
typedef\r
BOOLEAN\r
-(EFIAPI *CHAP_HASH_INIT) (\r
+(EFIAPI *CHAP_HASH_INIT)(\r
OUT VOID *Context\r
);\r
\r
typedef\r
BOOLEAN\r
-(EFIAPI *CHAP_HASH_UPDATE) (\r
+(EFIAPI *CHAP_HASH_UPDATE)(\r
IN OUT VOID *Context,\r
IN CONST VOID *Data,\r
IN UINTN DataSize\r
\r
typedef\r
BOOLEAN\r
-(EFIAPI *CHAP_HASH_FINAL) (\r
+(EFIAPI *CHAP_HASH_FINAL)(\r
IN OUT VOID *Context,\r
OUT UINT8 *HashValue\r
);\r
\r
typedef struct {\r
- UINT8 Algorithm; // ISCSI_CHAP_ALGORITHM_*, CHAP_A\r
- UINT32 DigestSize;\r
- CHAP_HASH_GET_CONTEXT_SIZE GetContextSize;\r
- CHAP_HASH_INIT Init;\r
- CHAP_HASH_UPDATE Update;\r
- CHAP_HASH_FINAL Final;\r
+ UINT8 Algorithm; // ISCSI_CHAP_ALGORITHM_*, CHAP_A\r
+ UINT32 DigestSize;\r
+ CHAP_HASH_GET_CONTEXT_SIZE GetContextSize;\r
+ CHAP_HASH_INIT Init;\r
+ CHAP_HASH_UPDATE Update;\r
+ CHAP_HASH_FINAL Final;\r
} CHAP_HASH;\r
\r
///\r
/// ISCSI CHAP Authentication Data\r
///\r
typedef struct _ISCSI_CHAP_AUTH_DATA {\r
- ISCSI_CHAP_AUTH_CONFIG_NVDATA *AuthConfig;\r
- UINT32 InIdentifier;\r
- UINT8 InChallenge[1024];\r
- UINT32 InChallengeLength;\r
+ ISCSI_CHAP_AUTH_CONFIG_NVDATA *AuthConfig;\r
+ UINT32 InIdentifier;\r
+ UINT8 InChallenge[1024];\r
+ UINT32 InChallengeLength;\r
//\r
// The hash algorithm (CHAP_A) that the target selects in\r
// ISCSI_CHAP_STEP_TWO.\r
//\r
- CONST CHAP_HASH *Hash;\r
+ CONST CHAP_HASH *Hash;\r
//\r
// Calculated CHAP Response (CHAP_R) value.\r
//\r
- UINT8 CHAPResponse[ISCSI_CHAP_MAX_DIGEST_SIZE];\r
+ UINT8 CHAPResponse[ISCSI_CHAP_MAX_DIGEST_SIZE];\r
\r
//\r
// Auth-data to be sent out for mutual authentication.\r
// digest size. In other words, it's good practice to feed *at least as many\r
// bytes* to the hashing algorithm as the hashing algorithm will output.\r
//\r
- UINT32 OutIdentifier;\r
- UINT8 OutChallenge[ISCSI_CHAP_MAX_DIGEST_SIZE];\r
+ UINT32 OutIdentifier;\r
+ UINT8 OutChallenge[ISCSI_CHAP_MAX_DIGEST_SIZE];\r
} ISCSI_CHAP_AUTH_DATA;\r
\r
/**\r
IScsiCHAPOnRspReceived (\r
IN ISCSI_CONNECTION *Conn\r
);\r
+\r
/**\r
This function fills the CHAP authentication information into the login PDU\r
during the security negotiation stage in the iSCSI connection login.\r
IScsiCHAPInitHashList (\r
VOID\r
);\r
+\r
#endif\r