emlxs_dhchap.h revision e2ca2865a6870e9c6cbef6becbcc68cafde64537
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2009 Emulex. All rights reserved.
* Use is subject to license terms.
*/
#ifndef _EMLXS_DHCHAP_H
#define _EMLXS_DHCHAP_H
#ifdef __cplusplus
extern "C" {
#endif
#ifdef DHCHAP_SUPPORT
/* emlxs_auth_cfg_t */
#define PASSWORD_TYPE_ASCII 1
#define PASSWORD_TYPE_BINARY 2
#define PASSWORD_TYPE_IGNORE 3
#define AUTH_MODE_DISABLED 1
#define AUTH_MODE_ACTIVE 2
#define AUTH_MODE_PASSIVE 3
#define ELX_FCAP 0x02
#define ELX_FCPAP 0x03
#define ELX_KERBEROS 0x04
#define ELX_MD5 0x01
#define ELX_SHA1 0x02
#define ELX_GROUP_NULL 0x01
#define ELX_GROUP_1024 0x02
#define ELX_GROUP_1280 0x03
#define ELX_GROUP_1536 0x04
#define ELX_GROUP_2048 0x05
/* AUTH_ELS Code */
#define ELS_CMD_AUTH_CODE 0x90
/* AUTH_ELS Flags */
/* state ? */
#define AUTH_FINISH 0xFF
#define AUTH_ABORT 0xFE
/* auth_msg code for DHCHAP */
#define AUTH_REJECT 0x0A
#define AUTH_NEGOTIATE 0x0B
#define AUTH_DONE 0x0C
#define DHCHAP_CHALLENGE 0x10
#define DHCHAP_REPLY 0x11
#define DHCHAP_SUCCESS 0x12
/* BIG ENDIAN and LITTLE ENDIAN */
/* authentication protocol identifiers */
#ifdef EMLXS_BIG_ENDIAN
#define AUTH_DHCHAP 0x00000001
#define AUTH_FCAP 0x00000002
#define AUTH_FCPAP 0x00000003
#define AUTH_KERBEROS 0x00000004
#define HASH_LIST_TAG 0x0001
#define DHGID_LIST_TAG 0x0002
/* hash function identifiers */
#define AUTH_SHA1 0x00000006
#define AUTH_MD5 0x00000005
/* DHCHAP group ids */
#define GROUP_NULL 0x00000000
#define GROUP_1024 0x00000001
#define GROUP_1280 0x00000002
#define GROUP_1536 0x00000003
#define GROUP_2048 0x00000004
/* Tran_id Mask */
#define AUTH_TRAN_ID_MASK 0x000000FF
#endif /* EMLXS_BIG_ENDIAN */
#ifdef EMLXS_LITTLE_ENDIAN
#define AUTH_DHCHAP 0x01000000
#define AUTH_FCAP 0x02000000
#define AUTH_FCPAP 0x03000000
#define AUTH_KERBEROS 0x04000000
#define HASH_LIST_TAG 0x0100
#define DHGID_LIST_TAG 0x0200
/* hash function identifiers */
#define AUTH_SHA1 0x06000000
#define AUTH_MD5 0x05000000
/* DHCHAP group ids */
#define GROUP_NULL 0x00000000
#define GROUP_1024 0x01000000
#define GROUP_1280 0x02000000
#define GROUP_1536 0x03000000
#define GROUP_2048 0x04000000
/* Tran_id Mask */
#define AUTH_TRAN_ID_MASK 0xFF000000
#endif /* EMLXS_LITTLE_ENDIAN */
/* hash funcs hash length in byte */
#define HBA_SECURITY 0x20
/* AUTH_Reject Reason Codes */
#define AUTHRJT_FAILURE 0x01
#define AUTHRJT_LOGIC_ERR 0x02
/* LS_RJT Reason Codes for AUTH_ELS */
#define LSRJT_AUTH_REQUIRED 0x03
#define LSRJT_AUTH_LOGICAL_BSY 0x05
#define LSRJT_AUTH_ELS_NOT_SUPPORTED 0x0B
#define LSRJT_AUTH_NOT_LOGGED_IN 0x09
/* AUTH_Reject Reason Code Explanations */
/* LS_RJT Reason Code Explanations for AUTH_ELS */
#define LSEXP_AUTH_REQUIRED 0x48
#define LSEXP_AUTH_ELS_NOT_SUPPORTED 0x2C
#define LSEXP_AUTH_ELS_NOT_LOGGED_IN 0x1E
#define LSEXP_AUTH_LOGICAL_BUSY 0x00
#define MAX_AUTH_MSA_SIZE 1024
/* parameter tag */
#define HASH_LIST 0x0001
#define DHG_ID_LIST 0x0002
/* name tag from Table 13 v1.8 pp 30 */
#ifdef EMLXS_BIG_ENDIAN
#define AUTH_NAME_ID 0x0001
#define AUTH_NAME_LEN 0x0008
#define AUTH_PROTO_NUM 0x00000001
#define AUTH_NULL_PARA_LEN 0x00000028
#endif /* EMLXS_BIG_ENDIAN */
#ifdef EMLXS_LITTLE_ENDIAN
#define AUTH_NAME_ID 0x0100
#define AUTH_NAME_LEN 0x0800
#define AUTH_PROTO_NUM 0x01000000
#define AUTH_NULL_PARA_LEN 0x28000000
#endif /* EMLXS_LITTLE_ENDIAN */
/* name tag from Table 103 v 1.8 pp 123 */
#define AUTH_NODE_NAME 0x0002
#define AUTH_PORT_NAME 0x0003
/*
* Sysevent support
*/
/* ddi_log_sysevent() vendors */
#define DDI_VENDOR_EMLX "EMLXS"
/* Class */
#define EC_EMLXS "EC_emlxs"
/* Subclass */
#define ESC_EMLXS_01 "ESC_emlxs_issue_auth_negotiate"
#define ESC_EMLXS_02 "ESC_emlxs_cmpl_auth_negotiate_issue"
#define ESC_EMLXS_03 "ESC_emlxs_rcv_auth_msg_auth_negotiate_issue"
#define ESC_EMLXS_04 "ESC_emlxs_cmpl_auth_msg_auth_negotiate_issue"
#define ESC_EMLXS_05 "ESC_emlxs_rcv_auth_msg_unmapped_node"
#define ESC_EMLXS_06 "ESC_emlxs_issue_dhchap_challenge"
#define ESC_EMLXS_07 "ESC_emlxs_cmpl_dhchap_challenge_issue"
#define ESC_EMLXS_08 "ESC_emlxs_rcv_auth_msg_dhchap_challenge_cmpl_wait4next"
#define ESC_EMLXS_09 "ESC_emlxs_rcv_auth_msg_auth_negotiate_rcv"
#define ESC_EMLXS_10 "ESC_emlxs_cmpl_auth_msg_auth_negotiate_rcv"
#define ESC_EMLXS_11 "ESC_emlxs_cmpl_cmpl_dhchap_reply_issue"
#define ESC_EMLXS_12 "ESC_emlxs_cmpl_dhchap_reply_issue"
#define ESC_EMLXS_13 "ESC_emlxs_cmpl_auth_msg_dhchap_reply_issue"
#define ESC_EMLXS_14 "ESC_emlxs_cmpl_auth_msg_auth_negotiate_cmpl_wait4next"
#define ESC_EMLXS_15 "ESC_emlxs_issue_dhchap_success"
#define ESC_EMLXS_16 "ESC_emlxs_rcv_auth_msg_dhchap_challenge_issue"
#define ESC_EMLXS_17 "ESC_emlxs_cmpl_auth_msg_dhchap_challenge_issue"
#define ESC_EMLXS_18 "ESC_emlxs_rcv_auth_msg_dhchap_reply_issue"
#define ESC_EMLXS_19 \
"ESC_emlxs_cmpl_auth_msg_dhchap_challenge_cmpl_wait4next"
#define ESC_EMLXS_20 "ESC_emlxs_rcv_auth_msg_dhchap_reply_cmpl_wait4next"
#define ESC_EMLXS_21 "ESC_emlxs_cmpl_dhchap_success_issue"
#define ESC_EMLXS_22 "ESC_emlxs_cmpl_auth_msg_dhchap_success_issue"
#define ESC_EMLXS_23 "ESC_emlxs_cmpl_auth_msg_dhchap_reply_cmpl_wait4next"
#define ESC_EMLXS_24 "ESC_emlxs_rcv_auth_msg_dhchap_success_issue_wait4next"
#define ESC_EMLXS_25 "ESC_emlxs_cmpl_auth_msg_dhchap_success_issue_wait4next"
#define ESC_EMLXS_26 "ESC_emlxs_rcv_auth_msg_dhchap_success_cmpl_wait4next"
#define ESC_EMLXS_27 "ESC_emlxs_cmpl_auth_msg_dhchap_success_cmpl_wait4next"
#define ESC_EMLXS_28 "ESC_emlxs_issue_auth_reject"
#define ESC_EMLXS_29 "ESC_emlxs_cmpl_auth_reject_issue"
#define ESC_EMLXS_30 "ESC_emlxs_rcv_auth_msg_npr_node"
#define ESC_EMLXS_31 "ESC_emlxs_dhc_reauth_timeout"
#define ESC_EMLXS_32 "ESC_emlxs_dhc_authrsp_timeout"
#define ESC_EMLXS_33 "ESC_emlxs_ioctl_auth_setcfg"
#define ESC_EMLXS_34 "ESC_emlxs_ioctl_auth_setpwd"
#define ESC_EMLXS_35 "ESC_emlxs_ioctl_auth_delcfg"
#define ESC_EMLXS_36 "ESC_emlxs_ioctl_auth_delpwd"
/* From HBAnyware dfc lib FC-SP */
typedef struct emlxs_auth_cfg
{
struct emlxs_node *node;
struct emlxs_auth_cfg *prev;
struct emlxs_auth_cfg *next;
typedef struct emlxs_auth_key
{
/* (NPIV support) */
/* wwpn */
/* to switch */
/* to switch */
struct emlxs_node *node;
struct emlxs_auth_key *prev;
struct emlxs_auth_key *next;
typedef struct emlxs_auth_misc
{
/* auth in reply as initiator */
/* (g^y mod p) */
/* (g^xy mod p) */
/* key */
/* The following are parameters when host is the responder */
/* as responder */
/* challenge value len */
/* in host as responder */
/* host as responder */
/* host is responder */
/* host is responder */
/* host is responder */
/*
* emlxs_port_dhc struct to be used by emlxs_port_t in emlxs_fc.h
*
* This structure contains all the data used by DHCHAP.
* They are from EMLXSHBA_t in emlxs driver.
*
*/
typedef struct emlxs_port_dhc
{
#define ELX_FABRIC_STATE_UNKNOWN 0x00
#define ELX_FABRIC_AUTH_DISABLED 0x01
#define ELX_FABRIC_AUTH_FAILED 0x02
#define ELX_FABRIC_AUTH_SUCCESS 0x03
#define ELX_FABRIC_IN_AUTH 0x04
#define ELX_FABRIC_IN_REAUTH 0x05
/* Node Events */
/* fail */
/* recovery */
#define NODE_EVENT_CMPL_AUTH_MSG 0x3
#define NODE_EVENT_MAX_EVENT 0x4
/*
* emlxs_node_dhc struct to be used in emlxs_node_t.
* They are from emlxs_nodelist_t in emlxs driver.
*/
typedef struct emlxs_node_dhc
{
#define NODE_STATE_UNKNOWN 0x00
#define NODE_STATE_AUTH_DISABLED 0x01
#define NODE_STATE_AUTH_FAILED 0x02
#define NODE_STATE_AUTH_SUCCESS 0x03
#define NODE_STATE_AUTH_NEGOTIATE_ISSUE 0x04
#define NODE_STATE_AUTH_NEGOTIATE_RCV 0x05
#define NODE_STATE_AUTH_NEGOTIATE_CMPL_WAIT4NEXT 0x06
#define NODE_STATE_DHCHAP_CHALLENGE_ISSUE 0x07
#define NODE_STATE_DHCHAP_REPLY_ISSUE 0x08
#define NODE_STATE_DHCHAP_CHALLENGE_CMPL_WAIT4NEXT 0x09
#define NODE_STATE_DHCHAP_REPLY_CMPL_WAIT4NEXT 0x0A
#define NODE_STATE_DHCHAP_SUCCESS_ISSUE 0x0B
#define NODE_STATE_DHCHAP_SUCCESS_ISSUE_WAIT4NEXT 0x0C
#define NODE_STATE_DHCHAP_SUCCESS_CMPL_WAIT4NEXT 0x0D
#define NODE_STATE_NOCHANGE 0xFFFFFFFF
/* node is initiator */
/* node is responder */
/* 2:responder */
/* 2: full support */
/* information in DHCHAP_Challenge as the auth responder */
#define NLP_HOST_REAUTH_DISABLED 0x0
#define NLP_HOST_REAUTH_ENABLED 0x1
#define NLP_HOST_REAUTH_IN_PROGRESS 0x2
#define NLP_FABRIC_CISCO 0x1
#define NLP_FABRIC_OTHERS 0x2
/* hash_id, dhgp_id are set from responder, host is the initiator */
/* 0x06 for SHA-1 */
/* bi-dir auth in */
/* reply as initiator */
/* 20 for SHA1 */
/* value (g^y mod p) */
/* pub key */
/* value (g^xy mod p) */
/* session key */
/* The following are parameters when host is the responder */
/* length */
/* generated */
/* computed */
/* computed */
/* auth completion */
#define NLP_REMOTE_AUTH 0x00000001
#define NLP_SET_REAUTH_TIME 0x00000002
/* table entry */
/* table entry */
/* For NULL DHCHAP with MD5 and SHA-1 */
typedef struct _AUTH_NEGOT_PARAMS_1
{
typedef struct _AUTH_NEGOT_PARAMS_2
{
/* For NULL DHCHAP with MD5 and SHA-1 */
typedef struct _AUTH_NEGOT_PARAMS
{
typedef struct _AUTH_NEGOT_PARAMS_NULL_1
{
typedef struct _AUTH_NEGOT_PARAMS_NULL_2
{
/* Generic AUTH ELS Header */
typedef struct _AUTH_MSG_HDR
{
/* 20 bytes in total */
} AUTH_MSG_HDR;
typedef struct _SHA1_CVAL
{
} SHA1_CVAL;
typedef struct _MD5_CVAL
{
} MD5_CVAL;
union challenge_val
{
};
/* DHCHAP_Replay */
typedef struct _DHCHAP_REPLY_HDR
{
/* DHCHAP_Challenge */
typedef struct _DHCHAP_CHALL_NULL
{
typedef struct _DHCHAP_CHALL
{
} DHCHAP_CHALL;
/*
* size of msg_payload is variable based on the different protocol
* parameters supported in the driver.
*
* For DHCHAP we plan to support NULL, group 1, 2, 3, 4.
*
* For NULL DHCHAP protocol only: of these protocol identifiers,
* we need name_tag = 2 bytes name_len_size = 2 bytes name_len = 8 bytes
* number of usable auth proto = 4 bytes
*
* --------- for example for NULL DHCAHP only --------------------
* auth proto #1 len = 4 bytes #1 ID = 4 bytes #1 params = 4 + 16 bytes.
* ------ Total for NULL DHCHAP = (16 + 12 + 16 ) = 44 bytes.
*
* If number of usable auth proto is 5, then we should have 5 auth proto params.
* assume we are using name_tag 0x0001, then auth name in total = 12 bytes.
*
* 12 bytes + 4 bytes = 16 bytes. 4 + 4 + 4 = 12 bytes
* (num of usable auth proto size = 4
* auth proto params #1 len size = 4
* auth prot ID for #1 size = 4
*
* For DHCHAP param: HashList 2 param tag size (set to 0x0001 as HashList)
* 2 param word cnt size (set to 0x0002 as two hash funcs)
* 8 for hash ids: MD5 and SHA-1 DHgIDList
* 2 param tag size (set to 0x0002 as DHgIDList)
* 2 param word cnt size (set to 0x0005 as NULL and 1/2/3/4 groups) 20 for
* 5 groups 0x0000 0000 0x0000 0001 0x0000 0002 0x0000 0003 0x0000 0004
* Total for FULL group support (16 + 12 + 12 + 24 ) = 64 bytes.
*
*/
typedef struct _AUTH_MSG_NEGOT_1 { /* in Big Endian format */
/* in byte */
/* anything else is variable in size (bytes) */
/* uint8_t msg_payload[MAX_AUTH_MSG_SIZE]; */
typedef struct _AUTH_MSG_NEGOT_2 { /* in Big Endian format */
/* in byte */
/* anything else is variable in size (bytes) */
/* uint8_t msg_payload[MAX_AUTH_MSG_SIZE]; */
typedef struct _AUTH_MSG_NEGOT
{
/* in Big Endian format */
/* in byte */
/* anything else is variable in size (bytes) */
/* uint8_t msg_payload[MAX_AUTH_MSG_SIZE]; */
/* AUTH_Negotiate msg for NULL DH support only */
typedef struct _AUTH_MSG_NEGOT_NULL
{
typedef struct _AUTH_MSG_NEGOT_NULL_1
{
typedef struct _AUTH_MSG_NEGOT_NULL_2
{
/* auth_els_flags */
#define AUTH_ELS_FLAGS_MASK 0x0f;
typedef struct _AUTH_RJT
{
typedef struct _DHCHAP_SUCCESS_HDR
{
typedef struct dh_group_st
{
unsigned long groupid;
unsigned long length;
unsigned char value[256];
static char *emlxs_local_pwd = "11223344556677881122334455667788";
static char *emlxs_remote_pwd = "aabbccddeeffgghhaabbccddeeffgghh";
{0, 0, 0, 0, 0, 0, 0, 0};
{0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
#pragma weak random_get_pseudo_bytes
#endif /* DHCHAP_SUPPORT */
#ifdef __cplusplus
}
#endif
#endif /* _EMLXS_DHCHAP_H */