iscsit_authclient.h revision a6d42e7d71324c5193c3b94d57d96ba2925d52e1
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* or http://www.opensolaris.org/os/licensing.
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2008 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#ifndef _ISCSIT_AUTHCLIENT_H_
#define _ISCSIT_AUTHCLIENT_H_
#define ISCSI_AUTH_PASSED 0
#define ISCSI_AUTH_FAILED 1
enum { iscsiAuthStringMaxLength = 256 };
enum { AuthStringMaxLength = 256 };
enum { AuthStringBlockMaxLength = 1024 };
enum { AuthLargeBinaryMaxLength = 1024 };
enum { iscsiAuthChapResponseLength = 16 };
enum { iscsiAuthMethodMaxCount = 2 };
enum { iscsiAuthChapAlgorithmMd5 = 5 };
enum {
AKT_CHAP_A = 0,
AKT_CHAP_I,
AKT_CHAP_C,
AKT_CHAP_N,
AKT_CHAP_R,
AUTH_KEY_TYPE_MAX
};
typedef union auth_value {
uint32_t numeric;
char *string;
unsigned char *binary;
} auth_value_t;
typedef struct auth_key {
unsigned char present;
unsigned int len;
auth_value_t value;
} auth_key_t;
typedef struct iscsit_auth_key_block {
auth_key_t key[AUTH_KEY_TYPE_MAX];
} auth_key_block_t;
typedef struct auth_large_binary {
unsigned char largeBinary[AuthLargeBinaryMaxLength];
} auth_large_binary_t;
typedef enum {
AM_CHAP = 1, /* keep 0 as invalid */
AM_KRB5,
AM_SPKM1,
AM_SPKM2,
AM_SRP,
AM_NONE
} iscsit_auth_method_t;
typedef enum {
/* authentication phase start status */
AP_AM_UNDECIDED = 0,
AP_AM_PROPOSED,
AP_AM_DECIDED,
/* authentication phase for chap */
AP_CHAP_A_WAITING,
AP_CHAP_A_RCVD,
AP_CHAP_R_WAITING,
AP_CHAP_R_RCVD,
/* authentication phase for kerberos */
AP_KRB_REQ_WAITING,
AP_KRB_REQ_RCVD,
/* authentication phase done */
AP_DONE
} iscsit_auth_phase_t;
typedef struct iscsit_auth_client {
iscsit_auth_phase_t phase;
iscsit_auth_method_t negotiatedMethod;
auth_large_binary_t auth_send_binary_block;
auth_key_block_t recvKeyBlock;
auth_key_block_t sendKeyBlock;
} iscsit_auth_client_t;
void
client_set_numeric_data(auth_key_block_t *keyBlock,
int key_type,
uint32_t numeric);
void
client_set_string_data(auth_key_block_t *keyBlock,
int key_type,
char *string);
void
client_set_binary_data(auth_key_block_t *keyBlock,
int key_type,
unsigned char *binary, unsigned int len);
void
client_get_numeric_data(auth_key_block_t *keyBlock,
int key_type,
uint32_t *numeric);
void
client_get_string_data(auth_key_block_t *keyBlock,
int key_type,
char **string);
void
client_get_binary_data(auth_key_block_t *keyBlock,
int key_type,
unsigned char **binary, unsigned int *len);
int
client_auth_key_present(auth_key_block_t *keyBlock,
int key_type);
void
client_compute_chap_resp(uchar_t *resp,
unsigned int chap_i,
uint8_t *password, int password_len,
uchar_t *chap_c, unsigned int challenge_len);
int
client_verify_chap_resp(char *target_chap_name, char *initiator_chap_name,
uint8_t *password, int password_len,
unsigned int chap_i, uchar_t *chap_c, unsigned int challenge_len,
uchar_t *chap_r, unsigned int resp_len);
void
auth_random_set_data(uchar_t *data, unsigned int length);
#endif /* _ISCSIT_AUTHCLIENT_H_ */