1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright 2009 Emulex. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 #ifndef _EMLXS_DHCHAP_H 28 #define _EMLXS_DHCHAP_H 29 30 #ifdef __cplusplus 31 extern "C" { 32 #endif 33 34 #ifdef DHCHAP_SUPPORT 35 #include <sys/random.h> 36 37 38 /* emlxs_auth_cfg_t */ 39 #define PASSWORD_TYPE_ASCII 1 40 #define PASSWORD_TYPE_BINARY 2 41 #define PASSWORD_TYPE_IGNORE 3 42 43 #define AUTH_MODE_DISABLED 1 44 #define AUTH_MODE_ACTIVE 2 45 #define AUTH_MODE_PASSIVE 3 46 47 #define ELX_DHCHAP 0x01 /* Only one currently supported */ 48 #define ELX_FCAP 0x02 49 #define ELX_FCPAP 0x03 50 #define ELX_KERBEROS 0x04 51 52 #define ELX_MD5 0x01 53 #define ELX_SHA1 0x02 54 55 #define ELX_GROUP_NULL 0x01 56 #define ELX_GROUP_1024 0x02 57 #define ELX_GROUP_1280 0x03 58 #define ELX_GROUP_1536 0x04 59 #define ELX_GROUP_2048 0x05 60 61 62 /* AUTH_ELS Code */ 63 #define ELS_CMD_AUTH_CODE 0x90 64 65 /* AUTH_ELS Flags */ 66 67 /* state ? */ 68 #define AUTH_FINISH 0xFF 69 #define AUTH_ABORT 0xFE 70 71 /* auth_msg code for DHCHAP */ 72 #define AUTH_REJECT 0x0A 73 #define AUTH_NEGOTIATE 0x0B 74 #define AUTH_DONE 0x0C 75 #define DHCHAP_CHALLENGE 0x10 76 #define DHCHAP_REPLY 0x11 77 #define DHCHAP_SUCCESS 0x12 78 79 /* BIG ENDIAN and LITTLE ENDIAN */ 80 81 /* authentication protocol identifiers */ 82 #ifdef EMLXS_BIG_ENDIAN 83 84 #define AUTH_DHCHAP 0x00000001 85 #define AUTH_FCAP 0x00000002 86 #define AUTH_FCPAP 0x00000003 87 #define AUTH_KERBEROS 0x00000004 88 89 #define HASH_LIST_TAG 0x0001 90 #define DHGID_LIST_TAG 0x0002 91 92 /* hash function identifiers */ 93 #define AUTH_SHA1 0x00000006 94 #define AUTH_MD5 0x00000005 95 96 /* DHCHAP group ids */ 97 #define GROUP_NULL 0x00000000 98 #define GROUP_1024 0x00000001 99 #define GROUP_1280 0x00000002 100 #define GROUP_1536 0x00000003 101 #define GROUP_2048 0x00000004 102 103 /* Tran_id Mask */ 104 #define AUTH_TRAN_ID_MASK 0x000000FF 105 106 #endif /* EMLXS_BIG_ENDIAN */ 107 108 #ifdef EMLXS_LITTLE_ENDIAN 109 110 #define AUTH_DHCHAP 0x01000000 111 #define AUTH_FCAP 0x02000000 112 #define AUTH_FCPAP 0x03000000 113 #define AUTH_KERBEROS 0x04000000 114 115 #define HASH_LIST_TAG 0x0100 116 #define DHGID_LIST_TAG 0x0200 117 118 /* hash function identifiers */ 119 #define AUTH_SHA1 0x06000000 120 #define AUTH_MD5 0x05000000 121 122 /* DHCHAP group ids */ 123 #define GROUP_NULL 0x00000000 124 #define GROUP_1024 0x01000000 125 #define GROUP_1280 0x02000000 126 #define GROUP_1536 0x03000000 127 #define GROUP_2048 0x04000000 128 129 /* Tran_id Mask */ 130 #define AUTH_TRAN_ID_MASK 0xFF000000 131 132 #endif /* EMLXS_LITTLE_ENDIAN */ 133 134 /* hash funcs hash length in byte */ 135 #define SHA1_LEN 0x00000014 /* 20 bytes */ 136 #define MD5_LEN 0x00000010 /* 16 bytes */ 137 138 /* 139 * #define AUTH_IKEV2 0x04 #define AUTH_IKEV2_AUTH 0x05 140 */ 141 142 #define HBA_SECURITY 0x20 143 144 /* AUTH_Reject Reason Codes */ 145 #define AUTHRJT_FAILURE 0x01 146 #define AUTHRJT_LOGIC_ERR 0x02 147 148 /* LS_RJT Reason Codes for AUTH_ELS */ 149 #define LSRJT_AUTH_REQUIRED 0x03 150 #define LSRJT_AUTH_LOGICAL_BSY 0x05 151 #define LSRJT_AUTH_ELS_NOT_SUPPORTED 0x0B 152 #define LSRJT_AUTH_NOT_LOGGED_IN 0x09 153 154 /* AUTH_Reject Reason Code Explanations */ 155 #define AUTHEXP_MECH_UNUSABLE 0x01 /* AUTHRJT_LOGIC_ERR */ 156 #define AUTHEXP_DHGROUP_UNUSABLE 0x02 /* AUTHRJT_LOGIC_ERR */ 157 #define AUTHEXP_HASHFUNC_UNUSABLE 0x03 /* AUTHRJT_LOGIC_ERR */ 158 #define AUTHEXP_AUTHTRAN_STARTED 0x04 /* AUTHRJT_LOGIC_ERR */ 159 #define AUTHEXP_AUTH_FAILED 0x05 /* AUTHRJT_FAILURE */ 160 #define AUTHEXP_BAD_PAYLOAD 0x06 /* AUTHRJT_FAILURE */ 161 #define AUTHEXP_BAD_PROTOCOL 0x07 /* AUTHRJT_FAILURE */ 162 #define AUTHEXP_RESTART_AUTH 0x08 /* AUTHRJT_LOGIC_ERR */ 163 #define AUTHEXP_CONCAT_UNSUPP 0x09 /* AUTHRJT_LOGIC_ERR */ 164 #define AUTHEXP_BAD_PROTOVERS 0x0A /* AUTHRJT_LOGIC_ERR */ 165 166 /* LS_RJT Reason Code Explanations for AUTH_ELS */ 167 #define LSEXP_AUTH_REQUIRED 0x48 168 #define LSEXP_AUTH_ELS_NOT_SUPPORTED 0x2C 169 #define LSEXP_AUTH_ELS_NOT_LOGGED_IN 0x1E 170 #define LSEXP_AUTH_LOGICAL_BUSY 0x00 171 172 173 #define MAX_AUTH_MSA_SIZE 1024 174 175 #define MAX_AUTH_PID 0x4 /* Max auth proto identifier list */ 176 177 /* parameter tag */ 178 #define HASH_LIST 0x0001 179 #define DHG_ID_LIST 0x0002 180 181 /* name tag from Table 13 v1.8 pp 30 */ 182 #ifdef EMLXS_BIG_ENDIAN 183 #define AUTH_NAME_ID 0x0001 184 #define AUTH_NAME_LEN 0x0008 185 #define AUTH_PROTO_NUM 0x00000001 186 #define AUTH_NULL_PARA_LEN 0x00000028 187 #endif /* EMLXS_BIG_ENDIAN */ 188 189 #ifdef EMLXS_LITTLE_ENDIAN 190 #define AUTH_NAME_ID 0x0100 191 #define AUTH_NAME_LEN 0x0800 192 #define AUTH_PROTO_NUM 0x01000000 193 #define AUTH_NULL_PARA_LEN 0x28000000 194 #endif /* EMLXS_LITTLE_ENDIAN */ 195 196 /* name tag from Table 103 v 1.8 pp 123 */ 197 #define AUTH_NODE_NAME 0x0002 198 #define AUTH_PORT_NAME 0x0003 199 200 /* 201 * Sysevent support 202 */ 203 /* ddi_log_sysevent() vendors */ 204 #define DDI_VENDOR_EMLX "EMLXS" 205 206 /* Class */ 207 #define EC_EMLXS "EC_emlxs" 208 209 /* Subclass */ 210 #define ESC_EMLXS_01 "ESC_emlxs_issue_auth_negotiate" 211 #define ESC_EMLXS_02 "ESC_emlxs_cmpl_auth_negotiate_issue" 212 213 #define ESC_EMLXS_03 "ESC_emlxs_rcv_auth_msg_auth_negotiate_issue" 214 #define ESC_EMLXS_04 "ESC_emlxs_cmpl_auth_msg_auth_negotiate_issue" 215 216 #define ESC_EMLXS_05 "ESC_emlxs_rcv_auth_msg_unmapped_node" 217 #define ESC_EMLXS_06 "ESC_emlxs_issue_dhchap_challenge" 218 #define ESC_EMLXS_07 "ESC_emlxs_cmpl_dhchap_challenge_issue" 219 220 #define ESC_EMLXS_08 "ESC_emlxs_rcv_auth_msg_dhchap_challenge_cmpl_wait4next" 221 222 #define ESC_EMLXS_09 "ESC_emlxs_rcv_auth_msg_auth_negotiate_rcv" 223 #define ESC_EMLXS_10 "ESC_emlxs_cmpl_auth_msg_auth_negotiate_rcv" 224 225 #define ESC_EMLXS_11 "ESC_emlxs_cmpl_cmpl_dhchap_reply_issue" 226 #define ESC_EMLXS_12 "ESC_emlxs_cmpl_dhchap_reply_issue" 227 #define ESC_EMLXS_13 "ESC_emlxs_cmpl_auth_msg_dhchap_reply_issue" 228 229 #define ESC_EMLXS_14 "ESC_emlxs_cmpl_auth_msg_auth_negotiate_cmpl_wait4next" 230 231 #define ESC_EMLXS_15 "ESC_emlxs_issue_dhchap_success" 232 233 #define ESC_EMLXS_16 "ESC_emlxs_rcv_auth_msg_dhchap_challenge_issue" 234 #define ESC_EMLXS_17 "ESC_emlxs_cmpl_auth_msg_dhchap_challenge_issue" 235 236 #define ESC_EMLXS_18 "ESC_emlxs_rcv_auth_msg_dhchap_reply_issue" 237 238 #define ESC_EMLXS_19 \ 239 "ESC_emlxs_cmpl_auth_msg_dhchap_challenge_cmpl_wait4next" 240 241 #define ESC_EMLXS_20 "ESC_emlxs_rcv_auth_msg_dhchap_reply_cmpl_wait4next" 242 #define ESC_EMLXS_21 "ESC_emlxs_cmpl_dhchap_success_issue" 243 #define ESC_EMLXS_22 "ESC_emlxs_cmpl_auth_msg_dhchap_success_issue" 244 245 #define ESC_EMLXS_23 "ESC_emlxs_cmpl_auth_msg_dhchap_reply_cmpl_wait4next" 246 247 #define ESC_EMLXS_24 "ESC_emlxs_rcv_auth_msg_dhchap_success_issue_wait4next" 248 #define ESC_EMLXS_25 "ESC_emlxs_cmpl_auth_msg_dhchap_success_issue_wait4next" 249 250 #define ESC_EMLXS_26 "ESC_emlxs_rcv_auth_msg_dhchap_success_cmpl_wait4next" 251 #define ESC_EMLXS_27 "ESC_emlxs_cmpl_auth_msg_dhchap_success_cmpl_wait4next" 252 253 #define ESC_EMLXS_28 "ESC_emlxs_issue_auth_reject" 254 #define ESC_EMLXS_29 "ESC_emlxs_cmpl_auth_reject_issue" 255 256 #define ESC_EMLXS_30 "ESC_emlxs_rcv_auth_msg_npr_node" 257 258 #define ESC_EMLXS_31 "ESC_emlxs_dhc_reauth_timeout" 259 260 #define ESC_EMLXS_32 "ESC_emlxs_dhc_authrsp_timeout" 261 262 #define ESC_EMLXS_33 "ESC_emlxs_ioctl_auth_setcfg" 263 #define ESC_EMLXS_34 "ESC_emlxs_ioctl_auth_setpwd" 264 #define ESC_EMLXS_35 "ESC_emlxs_ioctl_auth_delcfg" 265 #define ESC_EMLXS_36 "ESC_emlxs_ioctl_auth_delpwd" 266 267 268 /* From HBAnyware dfc lib FC-SP */ 269 typedef struct emlxs_auth_cfg 270 { 271 NAME_TYPE local_entity; /* host wwpn (NPIV support) */ 272 NAME_TYPE remote_entity; /* switch or target wwpn */ 273 uint32_t authentication_timeout; 274 uint32_t authentication_mode; 275 uint32_t bidirectional:1; 276 uint32_t reserved:31; 277 uint32_t authentication_type_priority[4]; 278 uint32_t hash_priority[4]; 279 uint32_t dh_group_priority[8]; 280 uint32_t reauthenticate_time_interval; 281 282 dfc_auth_status_t auth_status; 283 time_t auth_time; 284 struct emlxs_node *node; 285 286 struct emlxs_auth_cfg *prev; 287 struct emlxs_auth_cfg *next; 288 } emlxs_auth_cfg_t; 289 290 291 typedef struct emlxs_auth_key 292 { 293 NAME_TYPE local_entity; /* host wwpn */ 294 /* (NPIV support) */ 295 NAME_TYPE remote_entity; /* switch or target */ 296 /* wwpn */ 297 uint16_t local_password_length; 298 uint16_t local_password_type; 299 uint8_t local_password[128]; /* hba authenticates */ 300 /* to switch */ 301 uint16_t remote_password_length; 302 uint16_t remote_password_type; 303 uint8_t remote_password[128]; /* hba authenticates */ 304 /* to switch */ 305 306 struct emlxs_node *node; 307 308 struct emlxs_auth_key *prev; 309 struct emlxs_auth_key *next; 310 } emlxs_auth_key_t; 311 312 313 typedef struct emlxs_auth_misc 314 { 315 uint8_t bi_cval[20]; /* our challenge for bi-dir */ 316 /* auth in reply as initiator */ 317 uint32_t bi_cval_len; /* 16 for MD5, 20 for SHA1 */ 318 uint8_t pub_key[512]; /* max is 512 bytes value of */ 319 /* (g^y mod p) */ 320 uint32_t pubkey_len; /* real length of the pub key */ 321 uint8_t ses_key[512]; /* session key: value of */ 322 /* (g^xy mod p) */ 323 uint32_t seskey_len; /* real length of the session */ 324 /* key */ 325 326 /* The following are parameters when host is the responder */ 327 uint8_t hrsp_cval[20]; /* challenge value from host */ 328 /* as responder */ 329 uint32_t hrsp_cval_len; /* host as the responder its */ 330 /* challenge value len */ 331 uint8_t hrsp_priv_key[20]; /* the private key generated */ 332 /* in host as responder */ 333 uint8_t hrsp_pub_key[512]; /* public key calculated when */ 334 /* host as responder */ 335 uint32_t hrsp_pubkey_len; /* public key length when */ 336 /* host is responder */ 337 uint8_t hrsp_ses_key[512]; /* session key computed when */ 338 /* host is responder */ 339 uint32_t hrsp_seskey_len; /* session key length when */ 340 /* host is responder */ 341 } emlxs_auth_misc_t; 342 343 344 /* 345 * emlxs_port_dhc struct to be used by emlxs_port_t in emlxs_fc.h 346 * 347 * This structure contains all the data used by DHCHAP. 348 * They are from EMLXSHBA_t in emlxs driver. 349 * 350 */ 351 typedef struct emlxs_port_dhc 352 { 353 354 int32_t state; 355 #define ELX_FABRIC_STATE_UNKNOWN 0x00 356 #define ELX_FABRIC_AUTH_DISABLED 0x01 357 #define ELX_FABRIC_AUTH_FAILED 0x02 358 #define ELX_FABRIC_AUTH_SUCCESS 0x03 359 #define ELX_FABRIC_IN_AUTH 0x04 360 #define ELX_FABRIC_IN_REAUTH 0x05 361 362 dfc_auth_status_t auth_status; /* Fabric auth status */ 363 time_t auth_time; 364 365 } emlxs_port_dhc_t; 366 367 368 /* Node Events */ 369 #define NODE_EVENT_DEVICE_RM 0x0 /* Auth response timeout and */ 370 /* fail */ 371 #define NODE_EVENT_DEVICE_RECOVERY 0x1 /* Auth response timeout and */ 372 /* recovery */ 373 #define NODE_EVENT_RCV_AUTH_MSG 0x2 /* Unsolicited Auth received */ 374 #define NODE_EVENT_CMPL_AUTH_MSG 0x3 375 #define NODE_EVENT_MAX_EVENT 0x4 376 377 /* 378 * emlxs_node_dhc struct to be used in emlxs_node_t. 379 * They are from emlxs_nodelist_t in emlxs driver. 380 */ 381 typedef struct emlxs_node_dhc 382 { 383 uint16_t state; /* used for state machine */ 384 #define NODE_STATE_UNKNOWN 0x00 385 #define NODE_STATE_AUTH_DISABLED 0x01 386 #define NODE_STATE_AUTH_FAILED 0x02 387 #define NODE_STATE_AUTH_SUCCESS 0x03 388 #define NODE_STATE_AUTH_NEGOTIATE_ISSUE 0x04 389 #define NODE_STATE_AUTH_NEGOTIATE_RCV 0x05 390 #define NODE_STATE_AUTH_NEGOTIATE_CMPL_WAIT4NEXT 0x06 391 #define NODE_STATE_DHCHAP_CHALLENGE_ISSUE 0x07 392 #define NODE_STATE_DHCHAP_REPLY_ISSUE 0x08 393 #define NODE_STATE_DHCHAP_CHALLENGE_CMPL_WAIT4NEXT 0x09 394 #define NODE_STATE_DHCHAP_REPLY_CMPL_WAIT4NEXT 0x0A 395 #define NODE_STATE_DHCHAP_SUCCESS_ISSUE 0x0B 396 #define NODE_STATE_DHCHAP_SUCCESS_ISSUE_WAIT4NEXT 0x0C 397 #define NODE_STATE_DHCHAP_SUCCESS_CMPL_WAIT4NEXT 0x0D 398 #define NODE_STATE_NOCHANGE 0xFFFFFFFF 399 400 uint16_t prev_state; /* for info only */ 401 402 uint32_t disc_refcnt; 403 404 emlxs_auth_cfg_t auth_cfg; 405 emlxs_auth_key_t auth_key; 406 407 uint32_t nlp_authrsp_tmo; /* Response timeout */ 408 uint32_t nlp_authrsp_tmocnt; 409 410 uint32_t nlp_auth_tranid_ini; /* tran_id when this */ 411 /* node is initiator */ 412 uint32_t nlp_auth_tranid_rsp; /* tran_id when this */ 413 /* node is responder */ 414 415 uint32_t nlp_auth_flag; /* 1:initiator */ 416 /* 2:responder */ 417 uint32_t nlp_auth_limit; /* 1: NULL DHCHAP */ 418 /* 2: full support */ 419 420 /* information in DHCHAP_Challenge as the auth responder */ 421 uint32_t nlp_auth_hashid; 422 uint32_t nlp_auth_dhgpid; 423 uint32_t nlp_auth_bidir; 424 NAME_TYPE nlp_auth_wwn; 425 426 emlxs_auth_misc_t nlp_auth_misc; 427 428 uint32_t nlp_reauth_tmo; 429 uint16_t nlp_reauth_status; 430 #define NLP_HOST_REAUTH_DISABLED 0x0 431 #define NLP_HOST_REAUTH_ENABLED 0x1 432 #define NLP_HOST_REAUTH_IN_PROGRESS 0x2 433 434 uint32_t nlp_fb_vendor; 435 #define NLP_FABRIC_CISCO 0x1 436 #define NLP_FABRIC_OTHERS 0x2 437 438 uint32_t fc_dhchap_success_expected; 439 440 /* hash_id, dhgp_id are set from responder, host is the initiator */ 441 uint32_t hash_id; /* 0x05 for MD5 */ 442 /* 0x06 for SHA-1 */ 443 uint32_t dhgp_id; /* DH grp identifier */ 444 445 uint8_t bi_cval[20]; /* our challenge for */ 446 /* bi-dir auth in */ 447 /* reply as initiator */ 448 uint32_t bi_cval_len; /* 16 for MD5 */ 449 /* 20 for SHA1 */ 450 uint8_t pub_key[512]; /* max is 512 bytes */ 451 /* value (g^y mod p) */ 452 uint32_t pubkey_len; /* real length of the */ 453 /* pub key */ 454 uint8_t ses_key[512]; /* session key: */ 455 /* value (g^xy mod p) */ 456 uint32_t seskey_len; /* real length of the */ 457 /* session key */ 458 459 /* The following are parameters when host is the responder */ 460 461 uint8_t hrsp_cval[20]; /* challenge value */ 462 uint32_t hrsp_cval_len; /* challenge value */ 463 /* length */ 464 uint8_t hrsp_priv_key[20]; /* private key */ 465 /* generated */ 466 uint8_t hrsp_pub_key[512]; /* public key */ 467 /* computed */ 468 uint32_t hrsp_pubkey_len; /* public key length */ 469 uint8_t hrsp_ses_key[512]; /* session key */ 470 /* computed */ 471 uint32_t hrsp_seskey_len; /* session key length */ 472 473 uint8_t *deferred_sbp; /* Pending IO for */ 474 /* auth completion */ 475 uint8_t *deferred_ubp; 476 477 uint32_t flag; 478 #define NLP_REMOTE_AUTH 0x00000001 479 #define NLP_SET_REAUTH_TIME 0x00000002 480 481 emlxs_auth_cfg_t *parent_auth_cfg; /* Original auth_cfg */ 482 /* table entry */ 483 emlxs_auth_key_t *parent_auth_key; /* Original auth_key */ 484 /* table entry */ 485 } emlxs_node_dhc_t; 486 487 488 /* For NULL DHCHAP with MD5 and SHA-1 */ 489 typedef struct _AUTH_NEGOT_PARAMS_1 490 { 491 uint16_t name_tag; /* set to 0x0001 */ 492 uint16_t name_len; /* set to 0x0008 */ 493 NAME_TYPE nodeName; /* WWPN */ 494 uint32_t proto_num; /* set to 0x5 */ 495 uint32_t para_len; /* set to 0x28 i.e., 40 bytes */ 496 uint32_t proto_id; /* set to HDCHAP */ 497 uint16_t HashList_tag; /* set to 0x0001 */ 498 uint16_t HashList_wcnt; /* set to 0x0002 i.e. MD5 and SHA-1 */ 499 uint32_t HashList_value1; /* set to MD5 or SHA1 ID 0x00000005,6 */ 500 uint16_t DHgIDList_tag; /* set to 0x0002 */ 501 uint16_t DHgIDList_wnt; /* set to 0x0005 i.e., Full DH groups */ 502 uint32_t DHgIDList_g0; /* set to 0x0000 0000 */ 503 uint32_t DHgIDList_g1; /* set to 0x0000 0001 */ 504 uint32_t DHgIDList_g2; /* set to 0x0000 0002 */ 505 uint32_t DHgIDList_g3; /* set to 0x0000 0003 */ 506 uint32_t DHgIDList_g4; /* set to 0x0000 0004 */ 507 } AUTH_NEGOT_PARAMS_1; 508 509 510 typedef struct _AUTH_NEGOT_PARAMS_2 511 { 512 uint16_t name_tag; /* set to 0x0001 */ 513 uint16_t name_len; /* set to 0x0008 */ 514 NAME_TYPE nodeName; /* WWPN */ 515 uint32_t proto_num; /* set to 0x5 */ 516 uint32_t para_len; /* set to 0x28 i.e., 40 bytes */ 517 uint32_t proto_id; /* set to HDCHAP */ 518 uint16_t HashList_tag; /* set to 0x0001 */ 519 uint16_t HashList_wcnt; /* set to 0x0002 i.e. MD5 and SHA-1 */ 520 uint32_t HashList_value1; /* set to MD5's ID 0x00000005 */ 521 uint32_t HashList_value2; /* set to SHA-1's ID 0x00000006 */ 522 uint16_t DHgIDList_tag; /* set to 0x0002 */ 523 uint16_t DHgIDList_wnt; /* set to 0x0005 i.e., Full DH groups */ 524 uint32_t DHgIDList_g0; /* set to 0x0000 0000 */ 525 uint32_t DHgIDList_g1; /* set to 0x0000 0001 */ 526 uint32_t DHgIDList_g2; /* set to 0x0000 0002 */ 527 uint32_t DHgIDList_g3; /* set to 0x0000 0003 */ 528 uint32_t DHgIDList_g4; /* set to 0x0000 0004 */ 529 } AUTH_NEGOT_PARAMS_2; 530 531 532 /* For NULL DHCHAP with MD5 and SHA-1 */ 533 typedef struct _AUTH_NEGOT_PARAMS 534 { 535 uint16_t name_tag; /* set to 0x0001 */ 536 uint16_t name_len; /* set to 0x0008 */ 537 NAME_TYPE nodeName; /* WWPN */ 538 uint32_t proto_num; /* set to 0x5 */ 539 uint32_t para_len; /* set to 0x28 i.e., 40 bytes */ 540 uint32_t proto_id; /* set to HDCHAP */ 541 uint16_t HashList_tag; /* set to 0x0001 */ 542 uint16_t HashList_wcnt; /* set to 0x0002 i.e. MD5 and SHA-1 */ 543 uint32_t HashList_value1; /* set to MD5's ID 0x00000005 */ 544 uint32_t HashList_value2; /* set to SHA-1's ID 0x00000006 */ 545 uint16_t DHgIDList_tag; /* set to 0x0002 */ 546 uint16_t DHgIDList_wnt; /* set to 0x0005 i.e., Full DH groups */ 547 uint32_t DHgIDList_g0; /* set to 0x0000 0000 */ 548 uint32_t DHgIDList_g1; /* set to 0x0000 0001 */ 549 uint32_t DHgIDList_g2; /* set to 0x0000 0002 */ 550 uint32_t DHgIDList_g3; /* set to 0x0000 0003 */ 551 uint32_t DHgIDList_g4; /* set to 0x0000 0004 */ 552 } AUTH_NEGOT_PARAMS; 553 554 typedef struct _AUTH_NEGOT_PARAMS_NULL_1 555 { 556 uint16_t name_tag; /* set to 0x0001 */ 557 uint16_t name_len; /* set to 0x0008 */ 558 NAME_TYPE nodeName; /* WWPN */ 559 uint32_t proto_num; /* set to 0x5 */ 560 uint32_t para_len; /* set to 0x28 i.e., 40 bytes */ 561 uint32_t proto_id; /* set to HDCHAP */ 562 uint16_t HashList_tag; /* set to 0x0001 */ 563 uint16_t HashList_wcnt; /* set to 0x0002 i.e. MD5 and SHA-1 */ 564 uint32_t HashList_value1; /* set to MD5's ID 0x00000005 */ 565 uint16_t DHgIDList_tag; /* set to 0x0002 */ 566 uint16_t DHgIDList_wnt; /* set to 0x0005 i.e., Full DH groups */ 567 uint32_t DHgIDList_g0; /* set to 0x0000 0000 */ 568 } AUTH_NEGOT_PARAMS_NULL_1; 569 570 typedef struct _AUTH_NEGOT_PARAMS_NULL_2 571 { 572 uint16_t name_tag; /* set to 0x0001 */ 573 uint16_t name_len; /* set to 0x0008 */ 574 NAME_TYPE nodeName; /* WWPN */ 575 uint32_t proto_num; /* set to 0x5 */ 576 uint32_t para_len; /* set to 0x28 i.e., 40 bytes */ 577 uint32_t proto_id; /* set to HDCHAP */ 578 uint16_t HashList_tag; /* set to 0x0001 */ 579 uint16_t HashList_wcnt; /* set to 0x0002 i.e. MD5 and SHA-1 */ 580 uint32_t HashList_value1; /* set to MD5's ID 0x00000005 */ 581 uint32_t HashList_value2; 582 uint16_t DHgIDList_tag; /* set to 0x0002 */ 583 uint16_t DHgIDList_wnt; /* set to 0x0005 i.e., Full DH groups */ 584 uint32_t DHgIDList_g0; /* set to 0x0000 0000 */ 585 } AUTH_NEGOT_PARAMS_NULL_2; 586 587 588 /* Generic AUTH ELS Header */ 589 typedef struct _AUTH_MSG_HDR 590 { 591 /* 20 bytes in total */ 592 uint8_t auth_els_code; /* always 0x90h */ 593 uint8_t auth_els_flags; 594 uint8_t auth_msg_code; /* see above */ 595 uint8_t proto_version; 596 uint32_t msg_len; /* size of msg payload in byte */ 597 uint32_t tran_id; 598 uint16_t name_tag; /* set to 0x0001 */ 599 uint16_t name_len; /* set to 0x0008 */ 600 NAME_TYPE nodeName; /* WWPN */ 601 } AUTH_MSG_HDR; 602 603 604 typedef struct _SHA1_CVAL 605 { 606 uint8_t val[20]; 607 } SHA1_CVAL; 608 609 610 typedef struct _MD5_CVAL 611 { 612 uint8_t val[16]; 613 } MD5_CVAL; 614 615 616 union challenge_val 617 { 618 SHA1_CVAL sha1; 619 MD5_CVAL md5; 620 }; 621 622 623 /* DHCHAP_Replay */ 624 typedef struct _DHCHAP_REPLY_HDR 625 { 626 uint8_t auth_els_code; /* always 0x90h */ 627 uint8_t auth_els_flags; 628 uint8_t auth_msg_code; /* see above */ 629 uint8_t proto_version; 630 uint32_t msg_len; /* size of msg payload in byte */ 631 uint32_t tran_id; /* transaction id */ 632 } DHCHAP_REPLY_HDR; 633 634 635 /* DHCHAP_Challenge */ 636 typedef struct _DHCHAP_CHALL_NULL 637 { 638 AUTH_MSG_HDR msg_hdr; 639 uint32_t hash_id; 640 uint32_t dhgp_id; 641 uint32_t cval_len; 642 } DHCHAP_CHALL_NULL; 643 644 typedef struct _DHCHAP_CHALL 645 { 646 DHCHAP_CHALL_NULL cnul; 647 uint8_t *dhval; 648 } DHCHAP_CHALL; 649 650 /* 651 * size of msg_payload is variable based on the different protocol 652 * parameters supported in the driver. 653 * 654 * For DHCHAP we plan to support NULL, group 1, 2, 3, 4. 655 * 656 * For NULL DHCHAP protocol only: of these protocol identifiers, 657 * we need name_tag = 2 bytes name_len_size = 2 bytes name_len = 8 bytes 658 * number of usable auth proto = 4 bytes 659 * 660 * --------- for example for NULL DHCAHP only -------------------- 661 * auth proto #1 len = 4 bytes #1 ID = 4 bytes #1 params = 4 + 16 bytes. 662 * ------ Total for NULL DHCHAP = (16 + 12 + 16 ) = 44 bytes. 663 * 664 * If number of usable auth proto is 5, then we should have 5 auth proto params. 665 * assume we are using name_tag 0x0001, then auth name in total = 12 bytes. 666 * 667 * 12 bytes + 4 bytes = 16 bytes. 4 + 4 + 4 = 12 bytes 668 * (num of usable auth proto size = 4 669 * auth proto params #1 len size = 4 670 * auth prot ID for #1 size = 4 671 * 672 * For DHCHAP param: HashList 2 param tag size (set to 0x0001 as HashList) 673 * 2 param word cnt size (set to 0x0002 as two hash funcs) 674 * 8 for hash ids: MD5 and SHA-1 DHgIDList 675 * 2 param tag size (set to 0x0002 as DHgIDList) 676 * 2 param word cnt size (set to 0x0005 as NULL and 1/2/3/4 groups) 20 for 677 * 5 groups 0x0000 0000 0x0000 0001 0x0000 0002 0x0000 0003 0x0000 0004 678 * Total for FULL group support (16 + 12 + 12 + 24 ) = 64 bytes. 679 * 680 */ 681 682 typedef struct _AUTH_MSG_NEGOT_1 { /* in Big Endian format */ 683 uint8_t auth_els_code; /* always 0x90h */ 684 uint8_t auth_els_flags; 685 uint8_t auth_msg_code; /* see above */ 686 uint8_t proto_version; 687 uint32_t msg_len; /* size of msg payload */ 688 /* in byte */ 689 uint32_t tran_id; /* transaction identifier */ 690 691 /* anything else is variable in size (bytes) */ 692 /* uint8_t msg_payload[MAX_AUTH_MSG_SIZE]; */ 693 AUTH_NEGOT_PARAMS_1 params; 694 } AUTH_MSG_NEGOT_1, *PAUTH_MSG_NEGOT_1; 695 696 697 typedef struct _AUTH_MSG_NEGOT_2 { /* in Big Endian format */ 698 uint8_t auth_els_code; /* always 0x90h */ 699 uint8_t auth_els_flags; 700 uint8_t auth_msg_code; /* see above */ 701 uint8_t proto_version; 702 uint32_t msg_len; /* size of msg payload */ 703 /* in byte */ 704 uint32_t tran_id; /* transaction identifier */ 705 706 /* anything else is variable in size (bytes) */ 707 /* uint8_t msg_payload[MAX_AUTH_MSG_SIZE]; */ 708 AUTH_NEGOT_PARAMS_2 params; 709 } AUTH_MSG_NEGOT_2, *PAUTH_MSG_NEGOT_2; 710 711 712 typedef struct _AUTH_MSG_NEGOT 713 { 714 /* in Big Endian format */ 715 uint8_t auth_els_code; /* always 0x90h */ 716 uint8_t auth_els_flags; 717 uint8_t auth_msg_code; /* see above */ 718 uint8_t proto_version; 719 uint32_t msg_len; /* size of msg payload */ 720 /* in byte */ 721 uint32_t tran_id; /* transaction identifier */ 722 723 /* anything else is variable in size (bytes) */ 724 /* uint8_t msg_payload[MAX_AUTH_MSG_SIZE]; */ 725 AUTH_NEGOT_PARAMS params; 726 } AUTH_MSG_NEGOT, *PAUTH_MSG_NEGOT; 727 728 729 /* AUTH_Negotiate msg for NULL DH support only */ 730 typedef struct _AUTH_MSG_NEGOT_NULL 731 { 732 uint8_t auth_els_code; 733 uint8_t auth_els_flags; 734 uint8_t auth_msg_code; 735 uint8_t proto_version; 736 uint32_t msg_len; 737 uint32_t tran_id; 738 } AUTH_MSG_NEGOT_NULL, *PAUTH_MSG_NEGOT_NULL; 739 740 typedef struct _AUTH_MSG_NEGOT_NULL_1 741 { 742 uint8_t auth_els_code; 743 uint8_t auth_els_flags; 744 uint8_t auth_msg_code; 745 uint8_t proto_version; 746 uint32_t msg_len; 747 uint32_t tran_id; 748 749 AUTH_NEGOT_PARAMS_NULL_1 params; 750 751 } AUTH_MSG_NEGOT_NULL_1, *PAUTH_MSG_NEGOT_NULL_1; 752 753 typedef struct _AUTH_MSG_NEGOT_NULL_2 754 { 755 uint8_t auth_els_code; 756 uint8_t auth_els_flags; 757 uint8_t auth_msg_code; 758 uint8_t proto_version; 759 uint32_t msg_len; 760 uint32_t tran_id; 761 762 AUTH_NEGOT_PARAMS_NULL_2 params; 763 764 } AUTH_MSG_NEGOT_NULL_2, *PAUTH_MSG_NEGOT_NULL_2; 765 766 767 /* auth_els_flags */ 768 #define AUTH_ELS_FLAGS_MASK 0x0f; 769 770 771 typedef struct _AUTH_RJT 772 { 773 uint8_t auth_els_code; /* always 0x90h */ 774 uint8_t auth_els_flags; 775 uint8_t auth_msg_code; /* see above */ 776 uint8_t proto_version; 777 uint32_t msg_len; /* size of msg payload in byte */ 778 uint32_t tran_id; /* transaction identifier */ 779 780 uint8_t ReasonCode; 781 uint8_t ReasonCodeExplanation; 782 uint16_t Reserved; 783 } AUTH_RJT, *PAUTH_RJT; 784 785 typedef struct _DHCHAP_SUCCESS_HDR 786 { 787 uint8_t auth_els_code; /* always 0x90h */ 788 uint8_t auth_els_flags; 789 uint8_t auth_msg_code; /* see above */ 790 uint8_t proto_version; 791 uint32_t msg_len; /* size of msg payload in byte */ 792 uint32_t tran_id; /* transaction identifier */ 793 794 uint32_t RspVal_len; 795 } DHCHAP_SUCCESS_HDR, *PDHCHAP_SUCCESS_HDR; 796 797 798 typedef struct dh_group_st 799 { 800 unsigned long groupid; 801 unsigned long length; 802 unsigned char value[256]; 803 } DH_GROUP, *PDH_GROUP; 804 805 static char *emlxs_local_pwd = "11223344556677881122334455667788"; 806 static char *emlxs_remote_pwd = "aabbccddeeffgghhaabbccddeeffgghh"; 807 808 static uint8_t emlxs_null_wwn[8] = 809 {0, 0, 0, 0, 0, 0, 0, 0}; 810 static uint8_t emlxs_fabric_wwn[8] = 811 {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}; 812 813 #pragma weak random_get_pseudo_bytes 814 815 816 #endif /* DHCHAP_SUPPORT */ 817 818 #ifdef __cplusplus 819 } 820 #endif 821 822 #endif /* _EMLXS_DHCHAP_H */ 823