1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at 9 * http://www.opensource.org/licenses/cddl1.txt. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright (c) 2004-2011 Emulex. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 #ifndef _EMLXS_DHCHAP_H 28 #define _EMLXS_DHCHAP_H 29 30 #ifdef __cplusplus 31 extern "C" { 32 #endif 33 34 #ifdef DHCHAP_SUPPORT 35 #include <sys/random.h> 36 37 38 /* emlxs_auth_cfg_t */ 39 #define PASSWORD_TYPE_ASCII 1 40 #define PASSWORD_TYPE_BINARY 2 41 #define PASSWORD_TYPE_IGNORE 3 42 43 #define AUTH_MODE_DISABLED 1 44 #define AUTH_MODE_ACTIVE 2 45 #define AUTH_MODE_PASSIVE 3 46 47 #define ELX_DHCHAP 0x01 /* Only one currently supported */ 48 #define ELX_FCAP 0x02 49 #define ELX_FCPAP 0x03 50 #define ELX_KERBEROS 0x04 51 52 #define ELX_MD5 0x01 53 #define ELX_SHA1 0x02 54 55 #define ELX_GROUP_NULL 0x01 56 #define ELX_GROUP_1024 0x02 57 #define ELX_GROUP_1280 0x03 58 #define ELX_GROUP_1536 0x04 59 #define ELX_GROUP_2048 0x05 60 61 62 /* AUTH_ELS Code */ 63 #define ELS_CMD_AUTH_CODE 0x90 64 65 /* AUTH_ELS Flags */ 66 67 /* state ? */ 68 #define AUTH_FINISH 0xFF 69 #define AUTH_ABORT 0xFE 70 71 /* auth_msg code for DHCHAP */ 72 #define AUTH_REJECT 0x0A 73 #define AUTH_NEGOTIATE 0x0B 74 #define AUTH_DONE 0x0C 75 #define DHCHAP_CHALLENGE 0x10 76 #define DHCHAP_REPLY 0x11 77 #define DHCHAP_SUCCESS 0x12 78 79 /* BIG ENDIAN and LITTLE ENDIAN */ 80 81 /* authentication protocol identifiers */ 82 #ifdef EMLXS_BIG_ENDIAN 83 84 #define AUTH_DHCHAP 0x00000001 85 #define AUTH_FCAP 0x00000002 86 #define AUTH_FCPAP 0x00000003 87 #define AUTH_KERBEROS 0x00000004 88 89 #define HASH_LIST_TAG 0x0001 90 #define DHGID_LIST_TAG 0x0002 91 92 /* hash function identifiers */ 93 #define AUTH_SHA1 0x00000006 94 #define AUTH_MD5 0x00000005 95 96 /* DHCHAP group ids */ 97 #define GROUP_NULL 0x00000000 98 #define GROUP_1024 0x00000001 99 #define GROUP_1280 0x00000002 100 #define GROUP_1536 0x00000003 101 #define GROUP_2048 0x00000004 102 103 /* Tran_id Mask */ 104 #define AUTH_TRAN_ID_MASK 0x000000FF 105 106 #endif /* EMLXS_BIG_ENDIAN */ 107 108 #ifdef EMLXS_LITTLE_ENDIAN 109 110 #define AUTH_DHCHAP 0x01000000 111 #define AUTH_FCAP 0x02000000 112 #define AUTH_FCPAP 0x03000000 113 #define AUTH_KERBEROS 0x04000000 114 115 #define HASH_LIST_TAG 0x0100 116 #define DHGID_LIST_TAG 0x0200 117 118 /* hash function identifiers */ 119 #define AUTH_SHA1 0x06000000 120 #define AUTH_MD5 0x05000000 121 122 /* DHCHAP group ids */ 123 #define GROUP_NULL 0x00000000 124 #define GROUP_1024 0x01000000 125 #define GROUP_1280 0x02000000 126 #define GROUP_1536 0x03000000 127 #define GROUP_2048 0x04000000 128 129 /* Tran_id Mask */ 130 #define AUTH_TRAN_ID_MASK 0xFF000000 131 132 #endif /* EMLXS_LITTLE_ENDIAN */ 133 134 /* hash funcs hash length in byte */ 135 #define SHA1_LEN 0x00000014 /* 20 bytes */ 136 #define MD5_LEN 0x00000010 /* 16 bytes */ 137 138 #define HBA_SECURITY 0x20 139 140 /* AUTH_Reject Reason Codes */ 141 #define AUTHRJT_FAILURE 0x01 142 #define AUTHRJT_LOGIC_ERR 0x02 143 144 /* LS_RJT Reason Codes for AUTH_ELS */ 145 #define LSRJT_AUTH_REQUIRED 0x03 146 #define LSRJT_AUTH_LOGICAL_BSY 0x05 147 #define LSRJT_AUTH_ELS_NOT_SUPPORTED 0x0B 148 #define LSRJT_AUTH_NOT_LOGGED_IN 0x09 149 150 /* AUTH_Reject Reason Code Explanations */ 151 #define AUTHEXP_MECH_UNUSABLE 0x01 /* AUTHRJT_LOGIC_ERR */ 152 #define AUTHEXP_DHGROUP_UNUSABLE 0x02 /* AUTHRJT_LOGIC_ERR */ 153 #define AUTHEXP_HASHFUNC_UNUSABLE 0x03 /* AUTHRJT_LOGIC_ERR */ 154 #define AUTHEXP_AUTHTRAN_STARTED 0x04 /* AUTHRJT_LOGIC_ERR */ 155 #define AUTHEXP_AUTH_FAILED 0x05 /* AUTHRJT_FAILURE */ 156 #define AUTHEXP_BAD_PAYLOAD 0x06 /* AUTHRJT_FAILURE */ 157 #define AUTHEXP_BAD_PROTOCOL 0x07 /* AUTHRJT_FAILURE */ 158 #define AUTHEXP_RESTART_AUTH 0x08 /* AUTHRJT_LOGIC_ERR */ 159 #define AUTHEXP_CONCAT_UNSUPP 0x09 /* AUTHRJT_LOGIC_ERR */ 160 #define AUTHEXP_BAD_PROTOVERS 0x0A /* AUTHRJT_LOGIC_ERR */ 161 162 /* LS_RJT Reason Code Explanations for AUTH_ELS */ 163 #define LSEXP_AUTH_REQUIRED 0x48 164 #define LSEXP_AUTH_ELS_NOT_SUPPORTED 0x2C 165 #define LSEXP_AUTH_ELS_NOT_LOGGED_IN 0x1E 166 #define LSEXP_AUTH_LOGICAL_BUSY 0x00 167 168 169 #define MAX_AUTH_MSA_SIZE 1024 170 171 #define MAX_AUTH_PID 0x4 /* Max auth proto identifier list */ 172 173 /* parameter tag */ 174 #define HASH_LIST 0x0001 175 #define DHG_ID_LIST 0x0002 176 177 /* name tag from Table 13 v1.8 pp 30 */ 178 #ifdef EMLXS_BIG_ENDIAN 179 #define AUTH_NAME_ID 0x0001 180 #define AUTH_NAME_LEN 0x0008 181 #define AUTH_PROTO_NUM 0x00000001 182 #define AUTH_NULL_PARA_LEN 0x00000028 183 #endif /* EMLXS_BIG_ENDIAN */ 184 185 #ifdef EMLXS_LITTLE_ENDIAN 186 #define AUTH_NAME_ID 0x0100 187 #define AUTH_NAME_LEN 0x0800 188 #define AUTH_PROTO_NUM 0x01000000 189 #define AUTH_NULL_PARA_LEN 0x28000000 190 #endif /* EMLXS_LITTLE_ENDIAN */ 191 192 /* name tag from Table 103 v 1.8 pp 123 */ 193 #define AUTH_NODE_NAME 0x0002 194 #define AUTH_PORT_NAME 0x0003 195 196 197 /* From HBAnyware dfc lib FC-SP */ 198 typedef struct emlxs_auth_cfg 199 { 200 NAME_TYPE local_entity; /* host wwpn (NPIV support) */ 201 NAME_TYPE remote_entity; /* switch or target wwpn */ 202 uint32_t authentication_timeout; 203 uint32_t authentication_mode; 204 uint32_t bidirectional:1; 205 uint32_t reserved:31; 206 uint32_t authentication_type_priority[4]; 207 uint32_t hash_priority[4]; 208 uint32_t dh_group_priority[8]; 209 uint32_t reauthenticate_time_interval; 210 211 dfc_auth_status_t auth_status; 212 time_t auth_time; 213 struct emlxs_node *node; 214 215 struct emlxs_auth_cfg *prev; 216 struct emlxs_auth_cfg *next; 217 } emlxs_auth_cfg_t; 218 219 220 typedef struct emlxs_auth_key 221 { 222 NAME_TYPE local_entity; /* host wwpn */ 223 /* (NPIV support) */ 224 NAME_TYPE remote_entity; /* switch or target */ 225 /* wwpn */ 226 uint16_t local_password_length; 227 uint16_t local_password_type; 228 uint8_t local_password[128]; /* hba authenticates */ 229 /* to switch */ 230 uint16_t remote_password_length; 231 uint16_t remote_password_type; 232 uint8_t remote_password[128]; /* hba authenticates */ 233 /* to switch */ 234 235 struct emlxs_node *node; 236 237 struct emlxs_auth_key *prev; 238 struct emlxs_auth_key *next; 239 } emlxs_auth_key_t; 240 241 242 typedef struct emlxs_auth_misc 243 { 244 uint8_t bi_cval[20]; /* our challenge for bi-dir */ 245 /* auth in reply as initiator */ 246 uint32_t bi_cval_len; /* 16 for MD5, 20 for SHA1 */ 247 uint8_t pub_key[512]; /* max is 512 bytes value of */ 248 /* (g^y mod p) */ 249 uint32_t pubkey_len; /* real length of the pub key */ 250 uint8_t ses_key[512]; /* session key: value of */ 251 /* (g^xy mod p) */ 252 uint32_t seskey_len; /* real length of the session */ 253 /* key */ 254 255 /* The following are parameters when host is the responder */ 256 uint8_t hrsp_cval[20]; /* challenge value from host */ 257 /* as responder */ 258 uint32_t hrsp_cval_len; /* host as the responder its */ 259 /* challenge value len */ 260 uint8_t hrsp_priv_key[20]; /* the private key generated */ 261 /* in host as responder */ 262 uint8_t hrsp_pub_key[512]; /* public key calculated when */ 263 /* host as responder */ 264 uint32_t hrsp_pubkey_len; /* public key length when */ 265 /* host is responder */ 266 uint8_t hrsp_ses_key[512]; /* session key computed when */ 267 /* host is responder */ 268 uint32_t hrsp_seskey_len; /* session key length when */ 269 /* host is responder */ 270 } emlxs_auth_misc_t; 271 272 273 /* 274 * emlxs_port_dhc struct to be used by emlxs_port_t in emlxs_fc.h 275 * 276 * This structure contains all the data used by DHCHAP. 277 * They are from EMLXSHBA_t in emlxs driver. 278 * 279 */ 280 typedef struct emlxs_port_dhc 281 { 282 283 int32_t state; 284 #define ELX_FABRIC_STATE_UNKNOWN 0x00 285 #define ELX_FABRIC_AUTH_DISABLED 0x01 286 #define ELX_FABRIC_AUTH_FAILED 0x02 287 #define ELX_FABRIC_AUTH_SUCCESS 0x03 288 #define ELX_FABRIC_IN_AUTH 0x04 289 #define ELX_FABRIC_IN_REAUTH 0x05 290 291 dfc_auth_status_t auth_status; /* Fabric auth status */ 292 time_t auth_time; 293 294 } emlxs_port_dhc_t; 295 296 297 /* Node Events */ 298 #define NODE_EVENT_DEVICE_RM 0x0 /* Auth response timeout and */ 299 /* fail */ 300 #define NODE_EVENT_DEVICE_RECOVERY 0x1 /* Auth response timeout and */ 301 /* recovery */ 302 #define NODE_EVENT_RCV_AUTH_MSG 0x2 /* Unsolicited Auth received */ 303 #define NODE_EVENT_CMPL_AUTH_MSG 0x3 304 #define NODE_EVENT_MAX_EVENT 0x4 305 306 /* 307 * emlxs_node_dhc struct to be used in emlxs_node_t. 308 * They are from emlxs_nodelist_t in emlxs driver. 309 */ 310 typedef struct emlxs_node_dhc 311 { 312 uint16_t state; /* used for state machine */ 313 #define NODE_STATE_UNKNOWN 0x00 314 #define NODE_STATE_AUTH_DISABLED 0x01 315 #define NODE_STATE_AUTH_FAILED 0x02 316 #define NODE_STATE_AUTH_SUCCESS 0x03 317 #define NODE_STATE_AUTH_NEGOTIATE_ISSUE 0x04 318 #define NODE_STATE_AUTH_NEGOTIATE_RCV 0x05 319 #define NODE_STATE_AUTH_NEGOTIATE_CMPL_WAIT4NEXT 0x06 320 #define NODE_STATE_DHCHAP_CHALLENGE_ISSUE 0x07 321 #define NODE_STATE_DHCHAP_REPLY_ISSUE 0x08 322 #define NODE_STATE_DHCHAP_CHALLENGE_CMPL_WAIT4NEXT 0x09 323 #define NODE_STATE_DHCHAP_REPLY_CMPL_WAIT4NEXT 0x0A 324 #define NODE_STATE_DHCHAP_SUCCESS_ISSUE 0x0B 325 #define NODE_STATE_DHCHAP_SUCCESS_ISSUE_WAIT4NEXT 0x0C 326 #define NODE_STATE_DHCHAP_SUCCESS_CMPL_WAIT4NEXT 0x0D 327 #define NODE_STATE_NOCHANGE 0xFFFFFFFF 328 329 uint16_t prev_state; /* for info only */ 330 331 uint32_t disc_refcnt; 332 333 emlxs_auth_cfg_t auth_cfg; 334 emlxs_auth_key_t auth_key; 335 336 uint32_t nlp_authrsp_tmo; /* Response timeout */ 337 uint32_t nlp_authrsp_tmocnt; 338 339 uint32_t nlp_auth_tranid_ini; /* tran_id when this */ 340 /* node is initiator */ 341 uint32_t nlp_auth_tranid_rsp; /* tran_id when this */ 342 /* node is responder */ 343 344 uint32_t nlp_auth_flag; /* 1:initiator */ 345 /* 2:responder */ 346 uint32_t nlp_auth_limit; /* 1: NULL DHCHAP */ 347 /* 2: full support */ 348 349 /* information in DHCHAP_Challenge as the auth responder */ 350 uint32_t nlp_auth_hashid; 351 uint32_t nlp_auth_dhgpid; 352 uint32_t nlp_auth_bidir; 353 NAME_TYPE nlp_auth_wwn; 354 355 emlxs_auth_misc_t nlp_auth_misc; 356 357 uint32_t nlp_reauth_tmo; 358 uint16_t nlp_reauth_status; 359 #define NLP_HOST_REAUTH_DISABLED 0x0 360 #define NLP_HOST_REAUTH_ENABLED 0x1 361 #define NLP_HOST_REAUTH_IN_PROGRESS 0x2 362 363 uint32_t nlp_fb_vendor; 364 #define NLP_FABRIC_CISCO 0x1 365 #define NLP_FABRIC_OTHERS 0x2 366 367 uint32_t fc_dhchap_success_expected; 368 369 /* hash_id, dhgp_id are set from responder, host is the initiator */ 370 uint32_t hash_id; /* 0x05 for MD5 */ 371 /* 0x06 for SHA-1 */ 372 uint32_t dhgp_id; /* DH grp identifier */ 373 374 uint8_t bi_cval[20]; /* our challenge for */ 375 /* bi-dir auth in */ 376 /* reply as initiator */ 377 uint32_t bi_cval_len; /* 16 for MD5 */ 378 /* 20 for SHA1 */ 379 uint8_t pub_key[512]; /* max is 512 bytes */ 380 /* value (g^y mod p) */ 381 uint32_t pubkey_len; /* real length of the */ 382 /* pub key */ 383 uint8_t ses_key[512]; /* session key: */ 384 /* value (g^xy mod p) */ 385 uint32_t seskey_len; /* real length of the */ 386 /* session key */ 387 388 /* The following are parameters when host is the responder */ 389 390 uint8_t hrsp_cval[20]; /* challenge value */ 391 uint32_t hrsp_cval_len; /* challenge value */ 392 /* length */ 393 uint8_t hrsp_priv_key[20]; /* private key */ 394 /* generated */ 395 uint8_t hrsp_pub_key[512]; /* public key */ 396 /* computed */ 397 uint32_t hrsp_pubkey_len; /* public key length */ 398 uint8_t hrsp_ses_key[512]; /* session key */ 399 /* computed */ 400 uint32_t hrsp_seskey_len; /* session key length */ 401 402 uint8_t *deferred_sbp; /* Pending IO for */ 403 /* auth completion */ 404 uint8_t *deferred_ubp; 405 406 uint32_t flag; 407 #define NLP_REMOTE_AUTH 0x00000001 408 #define NLP_SET_REAUTH_TIME 0x00000002 409 410 emlxs_auth_cfg_t *parent_auth_cfg; /* Original auth_cfg */ 411 /* table entry */ 412 emlxs_auth_key_t *parent_auth_key; /* Original auth_key */ 413 /* table entry */ 414 } emlxs_node_dhc_t; 415 416 417 /* For NULL DHCHAP with MD5 and SHA-1 */ 418 typedef struct _AUTH_NEGOT_PARAMS_1 419 { 420 uint16_t name_tag; /* set to 0x0001 */ 421 uint16_t name_len; /* set to 0x0008 */ 422 NAME_TYPE nodeName; /* WWPN */ 423 uint32_t proto_num; /* set to 0x5 */ 424 uint32_t para_len; /* set to 0x28 i.e., 40 bytes */ 425 uint32_t proto_id; /* set to HDCHAP */ 426 uint16_t HashList_tag; /* set to 0x0001 */ 427 uint16_t HashList_wcnt; /* set to 0x0002 i.e. MD5 and SHA-1 */ 428 uint32_t HashList_value1; /* set to MD5 or SHA1 ID 0x00000005,6 */ 429 uint16_t DHgIDList_tag; /* set to 0x0002 */ 430 uint16_t DHgIDList_wnt; /* set to 0x0005 i.e., Full DH groups */ 431 uint32_t DHgIDList_g0; /* set to 0x0000 0000 */ 432 uint32_t DHgIDList_g1; /* set to 0x0000 0001 */ 433 uint32_t DHgIDList_g2; /* set to 0x0000 0002 */ 434 uint32_t DHgIDList_g3; /* set to 0x0000 0003 */ 435 uint32_t DHgIDList_g4; /* set to 0x0000 0004 */ 436 } AUTH_NEGOT_PARAMS_1; 437 438 439 typedef struct _AUTH_NEGOT_PARAMS_2 440 { 441 uint16_t name_tag; /* set to 0x0001 */ 442 uint16_t name_len; /* set to 0x0008 */ 443 NAME_TYPE nodeName; /* WWPN */ 444 uint32_t proto_num; /* set to 0x5 */ 445 uint32_t para_len; /* set to 0x28 i.e., 40 bytes */ 446 uint32_t proto_id; /* set to HDCHAP */ 447 uint16_t HashList_tag; /* set to 0x0001 */ 448 uint16_t HashList_wcnt; /* set to 0x0002 i.e. MD5 and SHA-1 */ 449 uint32_t HashList_value1; /* set to MD5's ID 0x00000005 */ 450 uint32_t HashList_value2; /* set to SHA-1's ID 0x00000006 */ 451 uint16_t DHgIDList_tag; /* set to 0x0002 */ 452 uint16_t DHgIDList_wnt; /* set to 0x0005 i.e., Full DH groups */ 453 uint32_t DHgIDList_g0; /* set to 0x0000 0000 */ 454 uint32_t DHgIDList_g1; /* set to 0x0000 0001 */ 455 uint32_t DHgIDList_g2; /* set to 0x0000 0002 */ 456 uint32_t DHgIDList_g3; /* set to 0x0000 0003 */ 457 uint32_t DHgIDList_g4; /* set to 0x0000 0004 */ 458 } AUTH_NEGOT_PARAMS_2; 459 460 461 /* For NULL DHCHAP with MD5 and SHA-1 */ 462 typedef struct _AUTH_NEGOT_PARAMS 463 { 464 uint16_t name_tag; /* set to 0x0001 */ 465 uint16_t name_len; /* set to 0x0008 */ 466 NAME_TYPE nodeName; /* WWPN */ 467 uint32_t proto_num; /* set to 0x5 */ 468 uint32_t para_len; /* set to 0x28 i.e., 40 bytes */ 469 uint32_t proto_id; /* set to HDCHAP */ 470 uint16_t HashList_tag; /* set to 0x0001 */ 471 uint16_t HashList_wcnt; /* set to 0x0002 i.e. MD5 and SHA-1 */ 472 uint32_t HashList_value1; /* set to MD5's ID 0x00000005 */ 473 uint32_t HashList_value2; /* set to SHA-1's ID 0x00000006 */ 474 uint16_t DHgIDList_tag; /* set to 0x0002 */ 475 uint16_t DHgIDList_wnt; /* set to 0x0005 i.e., Full DH groups */ 476 uint32_t DHgIDList_g0; /* set to 0x0000 0000 */ 477 uint32_t DHgIDList_g1; /* set to 0x0000 0001 */ 478 uint32_t DHgIDList_g2; /* set to 0x0000 0002 */ 479 uint32_t DHgIDList_g3; /* set to 0x0000 0003 */ 480 uint32_t DHgIDList_g4; /* set to 0x0000 0004 */ 481 } AUTH_NEGOT_PARAMS; 482 483 typedef struct _AUTH_NEGOT_PARAMS_NULL_1 484 { 485 uint16_t name_tag; /* set to 0x0001 */ 486 uint16_t name_len; /* set to 0x0008 */ 487 NAME_TYPE nodeName; /* WWPN */ 488 uint32_t proto_num; /* set to 0x5 */ 489 uint32_t para_len; /* set to 0x28 i.e., 40 bytes */ 490 uint32_t proto_id; /* set to HDCHAP */ 491 uint16_t HashList_tag; /* set to 0x0001 */ 492 uint16_t HashList_wcnt; /* set to 0x0002 i.e. MD5 and SHA-1 */ 493 uint32_t HashList_value1; /* set to MD5's ID 0x00000005 */ 494 uint16_t DHgIDList_tag; /* set to 0x0002 */ 495 uint16_t DHgIDList_wnt; /* set to 0x0005 i.e., Full DH groups */ 496 uint32_t DHgIDList_g0; /* set to 0x0000 0000 */ 497 } AUTH_NEGOT_PARAMS_NULL_1; 498 499 typedef struct _AUTH_NEGOT_PARAMS_NULL_2 500 { 501 uint16_t name_tag; /* set to 0x0001 */ 502 uint16_t name_len; /* set to 0x0008 */ 503 NAME_TYPE nodeName; /* WWPN */ 504 uint32_t proto_num; /* set to 0x5 */ 505 uint32_t para_len; /* set to 0x28 i.e., 40 bytes */ 506 uint32_t proto_id; /* set to HDCHAP */ 507 uint16_t HashList_tag; /* set to 0x0001 */ 508 uint16_t HashList_wcnt; /* set to 0x0002 i.e. MD5 and SHA-1 */ 509 uint32_t HashList_value1; /* set to MD5's ID 0x00000005 */ 510 uint32_t HashList_value2; 511 uint16_t DHgIDList_tag; /* set to 0x0002 */ 512 uint16_t DHgIDList_wnt; /* set to 0x0005 i.e., Full DH groups */ 513 uint32_t DHgIDList_g0; /* set to 0x0000 0000 */ 514 } AUTH_NEGOT_PARAMS_NULL_2; 515 516 517 /* Generic AUTH ELS Header */ 518 typedef struct _AUTH_MSG_HDR 519 { 520 /* 20 bytes in total */ 521 uint8_t auth_els_code; /* always 0x90h */ 522 uint8_t auth_els_flags; 523 uint8_t auth_msg_code; /* see above */ 524 uint8_t proto_version; 525 uint32_t msg_len; /* size of msg payload in byte */ 526 uint32_t tran_id; 527 uint16_t name_tag; /* set to 0x0001 */ 528 uint16_t name_len; /* set to 0x0008 */ 529 NAME_TYPE nodeName; /* WWPN */ 530 } AUTH_MSG_HDR; 531 532 533 typedef struct _SHA1_CVAL 534 { 535 uint8_t val[20]; 536 } SHA1_CVAL; 537 538 539 typedef struct _MD5_CVAL 540 { 541 uint8_t val[16]; 542 } MD5_CVAL; 543 544 545 union challenge_val 546 { 547 SHA1_CVAL sha1; 548 MD5_CVAL md5; 549 }; 550 551 552 /* DHCHAP_Replay */ 553 typedef struct _DHCHAP_REPLY_HDR 554 { 555 uint8_t auth_els_code; /* always 0x90h */ 556 uint8_t auth_els_flags; 557 uint8_t auth_msg_code; /* see above */ 558 uint8_t proto_version; 559 uint32_t msg_len; /* size of msg payload in byte */ 560 uint32_t tran_id; /* transaction id */ 561 } DHCHAP_REPLY_HDR; 562 563 564 /* DHCHAP_Challenge */ 565 typedef struct _DHCHAP_CHALL_NULL 566 { 567 AUTH_MSG_HDR msg_hdr; 568 uint32_t hash_id; 569 uint32_t dhgp_id; 570 uint32_t cval_len; 571 } DHCHAP_CHALL_NULL; 572 573 typedef struct _DHCHAP_CHALL 574 { 575 DHCHAP_CHALL_NULL cnul; 576 uint8_t *dhval; 577 } DHCHAP_CHALL; 578 579 /* 580 * size of msg_payload is variable based on the different protocol 581 * parameters supported in the driver. 582 * 583 * For DHCHAP we plan to support NULL, group 1, 2, 3, 4. 584 * 585 * For NULL DHCHAP protocol only: of these protocol identifiers, 586 * we need name_tag = 2 bytes name_len_size = 2 bytes name_len = 8 bytes 587 * number of usable auth proto = 4 bytes 588 * 589 * --------- for example for NULL DHCAHP only -------------------- 590 * auth proto #1 len = 4 bytes #1 ID = 4 bytes #1 params = 4 + 16 bytes. 591 * ------ Total for NULL DHCHAP = (16 + 12 + 16 ) = 44 bytes. 592 * 593 * If number of usable auth proto is 5, then we should have 5 auth proto params. 594 * assume we are using name_tag 0x0001, then auth name in total = 12 bytes. 595 * 596 * 12 bytes + 4 bytes = 16 bytes. 4 + 4 + 4 = 12 bytes 597 * (num of usable auth proto size = 4 598 * auth proto params #1 len size = 4 599 * auth prot ID for #1 size = 4 600 * 601 * For DHCHAP param: HashList 2 param tag size (set to 0x0001 as HashList) 602 * 2 param word cnt size (set to 0x0002 as two hash funcs) 603 * 8 for hash ids: MD5 and SHA-1 DHgIDList 604 * 2 param tag size (set to 0x0002 as DHgIDList) 605 * 2 param word cnt size (set to 0x0005 as NULL and 1/2/3/4 groups) 20 for 606 * 5 groups 0x0000 0000 0x0000 0001 0x0000 0002 0x0000 0003 0x0000 0004 607 * Total for FULL group support (16 + 12 + 12 + 24 ) = 64 bytes. 608 * 609 */ 610 611 typedef struct _AUTH_MSG_NEGOT_1 { /* in Big Endian format */ 612 uint8_t auth_els_code; /* always 0x90h */ 613 uint8_t auth_els_flags; 614 uint8_t auth_msg_code; /* see above */ 615 uint8_t proto_version; 616 uint32_t msg_len; /* size of msg payload */ 617 /* in byte */ 618 uint32_t tran_id; /* transaction identifier */ 619 620 /* anything else is variable in size (bytes) */ 621 /* uint8_t msg_payload[MAX_AUTH_MSG_SIZE]; */ 622 AUTH_NEGOT_PARAMS_1 params; 623 } AUTH_MSG_NEGOT_1, *PAUTH_MSG_NEGOT_1; 624 625 626 typedef struct _AUTH_MSG_NEGOT_2 { /* in Big Endian format */ 627 uint8_t auth_els_code; /* always 0x90h */ 628 uint8_t auth_els_flags; 629 uint8_t auth_msg_code; /* see above */ 630 uint8_t proto_version; 631 uint32_t msg_len; /* size of msg payload */ 632 /* in byte */ 633 uint32_t tran_id; /* transaction identifier */ 634 635 /* anything else is variable in size (bytes) */ 636 /* uint8_t msg_payload[MAX_AUTH_MSG_SIZE]; */ 637 AUTH_NEGOT_PARAMS_2 params; 638 } AUTH_MSG_NEGOT_2, *PAUTH_MSG_NEGOT_2; 639 640 641 typedef struct _AUTH_MSG_NEGOT 642 { 643 /* in Big Endian format */ 644 uint8_t auth_els_code; /* always 0x90h */ 645 uint8_t auth_els_flags; 646 uint8_t auth_msg_code; /* see above */ 647 uint8_t proto_version; 648 uint32_t msg_len; /* size of msg payload */ 649 /* in byte */ 650 uint32_t tran_id; /* transaction identifier */ 651 652 /* anything else is variable in size (bytes) */ 653 /* uint8_t msg_payload[MAX_AUTH_MSG_SIZE]; */ 654 AUTH_NEGOT_PARAMS params; 655 } AUTH_MSG_NEGOT, *PAUTH_MSG_NEGOT; 656 657 658 /* AUTH_Negotiate msg for NULL DH support only */ 659 typedef struct _AUTH_MSG_NEGOT_NULL 660 { 661 uint8_t auth_els_code; 662 uint8_t auth_els_flags; 663 uint8_t auth_msg_code; 664 uint8_t proto_version; 665 uint32_t msg_len; 666 uint32_t tran_id; 667 } AUTH_MSG_NEGOT_NULL, *PAUTH_MSG_NEGOT_NULL; 668 669 typedef struct _AUTH_MSG_NEGOT_NULL_1 670 { 671 uint8_t auth_els_code; 672 uint8_t auth_els_flags; 673 uint8_t auth_msg_code; 674 uint8_t proto_version; 675 uint32_t msg_len; 676 uint32_t tran_id; 677 678 AUTH_NEGOT_PARAMS_NULL_1 params; 679 680 } AUTH_MSG_NEGOT_NULL_1, *PAUTH_MSG_NEGOT_NULL_1; 681 682 typedef struct _AUTH_MSG_NEGOT_NULL_2 683 { 684 uint8_t auth_els_code; 685 uint8_t auth_els_flags; 686 uint8_t auth_msg_code; 687 uint8_t proto_version; 688 uint32_t msg_len; 689 uint32_t tran_id; 690 691 AUTH_NEGOT_PARAMS_NULL_2 params; 692 693 } AUTH_MSG_NEGOT_NULL_2, *PAUTH_MSG_NEGOT_NULL_2; 694 695 696 /* auth_els_flags */ 697 #define AUTH_ELS_FLAGS_MASK 0x0f; 698 699 700 typedef struct _AUTH_RJT 701 { 702 uint8_t auth_els_code; /* always 0x90h */ 703 uint8_t auth_els_flags; 704 uint8_t auth_msg_code; /* see above */ 705 uint8_t proto_version; 706 uint32_t msg_len; /* size of msg payload in byte */ 707 uint32_t tran_id; /* transaction identifier */ 708 709 uint8_t ReasonCode; 710 uint8_t ReasonCodeExplanation; 711 uint16_t Reserved; 712 } AUTH_RJT, *PAUTH_RJT; 713 714 typedef struct _DHCHAP_SUCCESS_HDR 715 { 716 uint8_t auth_els_code; /* always 0x90h */ 717 uint8_t auth_els_flags; 718 uint8_t auth_msg_code; /* see above */ 719 uint8_t proto_version; 720 uint32_t msg_len; /* size of msg payload in byte */ 721 uint32_t tran_id; /* transaction identifier */ 722 723 uint32_t RspVal_len; 724 } DHCHAP_SUCCESS_HDR, *PDHCHAP_SUCCESS_HDR; 725 726 727 typedef struct dh_group_st 728 { 729 unsigned long groupid; 730 unsigned long length; 731 unsigned char value[256]; 732 } DH_GROUP, *PDH_GROUP; 733 734 #pragma weak random_get_pseudo_bytes 735 736 737 #endif /* DHCHAP_SUPPORT */ 738 739 #ifdef __cplusplus 740 } 741 #endif 742 743 #endif /* _EMLXS_DHCHAP_H */ 744