iscsit-nwsnv-clone New src/sun_nws/comstar/port_providers/iscsit/hdrs/iscsit

   1 /*
   2  * CDDL HEADER START
   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License (the "License").
   6  * You may not use this file except in compliance with the License.
   7  *
   8  * You can obtain a copy of the license at src/sun_nws/OPENSOLARIS.LICENSE
   9  * or http://www.opensolaris.org/os/licensing.
  10  * See the License for the specific language governing permissions
  11  * and limitations under the License.
  12  *
  13  * When distributing Covered Code, include this CDDL HEADER in each
  14  * file and include the License file at src/sun_nws/OPENSOLARIS.LICENSE.
  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 /*
  22  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
  23  * Use is subject to license terms.
  24  */
  25 #ifndef _ISCSIT_AUTHCLIENT_H_
  26 #define _ISCSIT_AUTHCLIENT_H_
  27 
  28 #pragma ident   "@(#)iscsit_authclient.h        1.6     08/02/14 SMI"
  29 
  30 #define ISCSI_AUTH_PASSED       0
  31 #define ISCSI_AUTH_FAILED       1
  32 
  33 enum { iscsiAuthStringMaxLength = 256 };
  34 
  35 enum { AuthStringMaxLength = 256 };
  36 enum { AuthStringBlockMaxLength = 1024 };
  37 enum { AuthLargeBinaryMaxLength = 1024 };
  38 
  39 enum { iscsiAuthChapResponseLength = 16 };
  40 
  41 enum { iscsiAuthMethodMaxCount = 2 };
  42 
  43 enum { iscsiAuthChapAlgorithmMd5 = 5 };
  44 
  45 enum {
  46         AKT_CHAP_A = 0,
  47         AKT_CHAP_I,
  48         AKT_CHAP_C,
  49         AKT_CHAP_N,
  50         AKT_CHAP_R,
  51         AUTH_KEY_TYPE_MAX
  52 };
  53 
  54 typedef union auth_value {
  55         uint32_t        numeric;
  56         char            *string;
  57         unsigned char   *binary;
  58 } auth_value_t;
  59 
  60 typedef struct auth_key {
  61         unsigned char   present;
  62         unsigned int    len;
  63         auth_value_t    value;
  64 } auth_key_t;
  65 
  66 typedef struct iscsit_auth_key_block {
  67         auth_key_t      key[AUTH_KEY_TYPE_MAX];
  68 } auth_key_block_t;
  69 
  70 typedef struct auth_large_binary {
  71         unsigned char largeBinary[AuthLargeBinaryMaxLength];
  72 } auth_large_binary_t;
  73 
  74 typedef enum {
  75         AM_CHAP = 1, /* keep 0 as invalid */
  76         AM_KRB5,
  77         AM_SPKM1,
  78         AM_SPKM2,
  79         AM_SRP,
  80         AM_NONE
  81 } iscsit_auth_method_t;
  82 
  83 typedef enum {
  84         /* authentication phase start status */
  85         AP_AM_UNDECIDED = 0,
  86         AP_AM_PROPOSED,
  87         AP_AM_DECIDED,
  88 
  89         /* authentication phase for chap */
  90         AP_CHAP_A_WAITING,
  91         AP_CHAP_A_RCVD,
  92         AP_CHAP_R_WAITING,
  93         AP_CHAP_R_RCVD,
  94 
  95         /* authentication phase for kerberos */
  96         AP_KRB_REQ_WAITING,
  97         AP_KRB_REQ_RCVD,
  98 
  99         /* authentication phase done */
 100         AP_DONE
 101 } iscsit_auth_phase_t;
 102 
 103 typedef struct iscsit_auth_client {
 104         iscsit_auth_phase_t     phase;
 105         iscsit_auth_method_t    negotiatedMethod;
 106 
 107         auth_large_binary_t     auth_send_binary_block;
 108 
 109         auth_key_block_t        recvKeyBlock;
 110         auth_key_block_t        sendKeyBlock;
 111 } iscsit_auth_client_t;
 112 
 113 void
 114 client_set_numeric_data(auth_key_block_t *keyBlock,
 115     int key_type,
 116     uint32_t numeric);
 117 
 118 void
 119 client_set_string_data(auth_key_block_t *keyBlock,
 120     int key_type,
 121     char *string);
 122 
 123 void
 124 client_set_binary_data(auth_key_block_t *keyBlock,
 125     int key_type,
 126     unsigned char *binary, unsigned int len);
 127 
 128 void
 129 client_get_numeric_data(auth_key_block_t *keyBlock,
 130     int key_type,
 131     uint32_t *numeric);
 132 
 133 void
 134 client_get_string_data(auth_key_block_t *keyBlock,
 135     int key_type,
 136     char **string);
 137 
 138 void
 139 client_get_binary_data(auth_key_block_t *keyBlock,
 140     int key_type,
 141     unsigned char **binary, unsigned int *len);
 142 
 143 int
 144 client_auth_key_present(auth_key_block_t *keyBlock,
 145     int key_type);
 146 
 147 void
 148 client_compute_chap_resp(uchar_t *resp,
 149     unsigned int chap_i,
 150     uint8_t *password, int password_len,
 151     uchar_t *chap_c, unsigned int challenge_len);
 152 
 153 int
 154 client_verify_chap_resp(char *target_chap_name, char *initiator_chap_name,
 155     uint8_t *password, int password_len,
 156     unsigned int chap_i, uchar_t *chap_c, unsigned int challenge_len,
 157     uchar_t *chap_r, unsigned int resp_len);
 158 
 159 void
 160 auth_random_set_data(uchar_t *data, unsigned int length);
 161 
 162 #endif /* _ISCSIT_AUTHCLIENT_H_ */