-/*++\r
+/** @file\r
+ This file is for Challenge-Handshake Authentication Protocol (CHAP) Configuration.\r
\r
-Copyright (c) 2004 - 2007, Intel Corporation\r
+Copyright (c) 2004 - 2010, Intel Corporation.<BR>\r
All rights reserved. This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
which accompanies this distribution. The full text of the license may be found at\r
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
\r
-Module Name:\r
-\r
- IScsiCHAP.c\r
-\r
-Abstract:\r
-\r
---*/\r
+**/\r
\r
#include "IScsiImpl.h"\r
#include "Md5.h"\r
\r
EFI_GUID mIScsiCHAPAuthInfoGuid = ISCSI_CHAP_AUTH_INFO_GUID;\r
\r
+/**\r
+ Initator caculates its own expected hash value.\r
+\r
+ @param[in] ChapIdentifier iSCSI CHAP identifier sent by authenticator.\r
+ @param[in] ChapSecret iSCSI CHAP secret of the authenticator.\r
+ @param[in] SecretLength The length of iSCSI CHAP secret.\r
+ @param[in] ChapChallenge The challenge message sent by authenticator.\r
+ @param[in] ChallengeLength The length of iSCSI CHAP challenge message.\r
+ @param[out] ChapResponse The calculation of the expected hash value.\r
+\r
+ @retval EFI_SUCCESS The expected hash value was caculatedly successfully.\r
+ @retval EFI_PROTOCOL_ERROR The length of the secret should be at least the\r
+ length of the hash value for the hashing algorithm chosen.\r
+ @retval Others Other errors as indicated.\r
+**/\r
EFI_STATUS\r
IScsiCHAPCalculateResponse (\r
IN UINT32 ChapIdentifier,\r
return Status;\r
}\r
\r
+/**\r
+ The initator checks the CHAP response replied by target against its own\r
+ calculation of the expected hash value.\r
+\r
+ @param[in] AuthData iSCSI CHAP authentication data.\r
+ @param[in] TargetResponse The response from target.\r
+\r
+ @retval EFI_SUCCESS The response from target passed authentication.\r
+ @retval EFI_SECURITY_VIOLATION The response from target was not expected value.\r
+ @retval Others Other errors as indicated.\r
+**/\r
EFI_STATUS\r
IScsiCHAPAuthTarget (\r
IN ISCSI_CHAP_AUTH_DATA *AuthData,\r
VerifyRsp\r
);\r
\r
- if (CompareMem (VerifyRsp, TargetResponse, ISCSI_CHAP_RSP_LEN)) {\r
+ if (CompareMem (VerifyRsp, TargetResponse, ISCSI_CHAP_RSP_LEN) != 0) {\r
Status = EFI_SECURITY_VIOLATION;\r
}\r
\r
return Status;\r
}\r
\r
-EFI_STATUS\r
-IScsiCHAPOnRspReceived (\r
- IN ISCSI_CONNECTION *Conn,\r
- IN BOOLEAN Transit\r
- )\r
-/*++\r
-\r
-Routine Description:\r
-\r
+/**\r
This function checks the received iSCSI Login Response during the security\r
negotiation stage.\r
- \r
-Arguments:\r
\r
- Conn - The iSCSI connection.\r
- Transit - The transit flag of the latest iSCSI Login Response.\r
+ @param[in] Conn The iSCSI connection.\r
\r
-Returns:\r
-\r
- EFI_SUCCESS - The Login Response passed the CHAP validation.\r
- EFI_OUT_OF_RESOURCES - Failed to allocate memory.\r
- EFI_PROTOCOL_ERROR - Some kind of protocol error happend.\r
-\r
---*/\r
+ @retval EFI_SUCCESS The Login Response passed the CHAP validation.\r
+ @retval EFI_OUT_OF_RESOURCES Failed to allocate memory.\r
+ @retval EFI_PROTOCOL_ERROR Some kind of protocol error happend.\r
+ @retval Others Other errors as indicated.\r
+**/\r
+EFI_STATUS\r
+IScsiCHAPOnRspReceived (\r
+ IN ISCSI_CONNECTION *Conn\r
+ )\r
{\r
EFI_STATUS Status;\r
ISCSI_SESSION *Session;\r
//\r
KeyValueList = IScsiBuildKeyValueList ((CHAR8 *) Data, Len);\r
if (KeyValueList == NULL) {\r
- Status = EFI_OUT_OF_RESOURCES;\r
- goto ON_EXIT;\r
+ FreePool (Data);\r
+ return EFI_OUT_OF_RESOURCES;\r
}\r
\r
Status = EFI_PROTOCOL_ERROR;\r
IScsiHexToBin (TargetRsp, &RspLen, Response);\r
\r
//\r
- // Check the CHAP Name and Response replied by Target.\r
+ // Check the CHAP Response replied by Target.\r
//\r
Status = IScsiCHAPAuthTarget (AuthData, TargetRsp);\r
break;\r
\r
IScsiFreeKeyValueList (KeyValueList);\r
\r
- gBS->FreePool (Data);\r
+ FreePool (Data);\r
\r
return Status;\r
}\r
\r
-EFI_STATUS\r
-IScsiCHAPToSendReq (\r
- IN ISCSI_CONNECTION *Conn,\r
- IN NET_BUF *Pdu\r
- )\r
-/*++\r
-\r
-Routine Description:\r
-\r
+/**\r
This function fills the CHAP authentication information into the login PDU\r
during the security negotiation stage in the iSCSI connection login.\r
- \r
-Arguments:\r
-\r
- Conn - The iSCSI connection.\r
- Pdu - The PDU to send out.\r
-\r
-Returns:\r
\r
- EFI_SUCCESS - All check passed and the phase-related CHAP authentication\r
- info is filled into the iSCSI PDU.\r
- EFI_OUT_OF_RESOURCES - Failed to allocate memory.\r
- EFI_PROTOCOL_ERROR - Some kind of protocol error happend.\r
+ @param[in] Conn The iSCSI connection.\r
+ @param[in, out] Pdu The PDU to send out.\r
\r
---*/\r
+ @retval EFI_SUCCESS All check passed and the phase-related CHAP\r
+ authentication info is filled into the iSCSI PDU.\r
+ @retval EFI_OUT_OF_RESOURCES Failed to allocate memory.\r
+ @retval EFI_PROTOCOL_ERROR Some kind of protocol error happend.\r
+**/\r
+EFI_STATUS\r
+IScsiCHAPToSendReq (\r
+ IN ISCSI_CONNECTION *Conn,\r
+ IN OUT NET_BUF *Pdu\r
+ )\r
{\r
EFI_STATUS Status;\r
ISCSI_SESSION *Session;\r
break;\r
}\r
\r
- gBS->FreePool (Response);\r
- gBS->FreePool (Challenge);\r
+ FreePool (Response);\r
+ FreePool (Challenge);\r
\r
return Status;\r
}\r
projects / mirror_edk2.git / blobdiff