|
Packit |
1c819f |
/*
|
|
Packit |
1c819f |
* iSNS authentication functions
|
|
Packit |
1c819f |
*
|
|
Packit |
1c819f |
* Copyright (C) 2007 Olaf Kirch <olaf.kirch@oracle.com>
|
|
Packit |
1c819f |
*/
|
|
Packit |
1c819f |
|
|
Packit |
1c819f |
#include <stdlib.h>
|
|
Packit |
1c819f |
#include <string.h>
|
|
Packit |
1c819f |
#include <libisns/isns.h>
|
|
Packit |
1c819f |
#include <libisns/attrs.h>
|
|
Packit |
1c819f |
#include <libisns/message.h>
|
|
Packit |
1c819f |
#include <libisns/util.h>
|
|
Packit |
1c819f |
|
|
Packit |
1c819f |
/* We impose an artificial limit on the size of
|
|
Packit |
1c819f |
* the size of the authenticator
|
|
Packit |
1c819f |
*/
|
|
Packit |
1c819f |
#define ISNS_SPISTR_MAX 512
|
|
Packit |
1c819f |
|
|
Packit |
1c819f |
int
|
|
Packit |
1c819f |
isns_authblock_decode(buf_t *bp, struct isns_authblk *auth)
|
|
Packit |
1c819f |
{
|
|
Packit |
1c819f |
unsigned int avail = buf_avail(bp);
|
|
Packit |
1c819f |
|
|
Packit |
1c819f |
if (!buf_get32(bp, &auth->iab_bsd)
|
|
Packit |
1c819f |
|| !buf_get32(bp, &auth->iab_length)
|
|
Packit |
1c819f |
|| !buf_get64(bp, &auth->iab_timestamp)
|
|
Packit |
1c819f |
|| !buf_get32(bp, &auth->iab_spi_len))
|
|
Packit |
1c819f |
return 0;
|
|
Packit |
1c819f |
|
|
Packit |
1c819f |
/* Make sure the length specified by the auth block
|
|
Packit |
1c819f |
* is reasonable. */
|
|
Packit |
1c819f |
if (auth->iab_length < ISNS_AUTHBLK_SIZE
|
|
Packit |
1c819f |
|| auth->iab_length > avail)
|
|
Packit |
1c819f |
return 0;
|
|
Packit |
1c819f |
|
|
Packit |
1c819f |
/* This chops off any data trailing the auth block.
|
|
Packit |
1c819f |
* It also makes sure that we detect if iab_length
|
|
Packit |
1c819f |
* exceeds the amount of available data. */
|
|
Packit |
1c819f |
if (!buf_truncate(bp, auth->iab_length - ISNS_AUTHBLK_SIZE))
|
|
Packit |
1c819f |
return 0;
|
|
Packit |
1c819f |
|
|
Packit |
1c819f |
auth->iab_spi = buf_head(bp);
|
|
Packit |
1c819f |
if (!buf_pull(bp, auth->iab_spi_len))
|
|
Packit |
1c819f |
return 0;
|
|
Packit |
1c819f |
|
|
Packit |
1c819f |
auth->iab_sig = buf_head(bp);
|
|
Packit |
1c819f |
auth->iab_sig_len = buf_avail(bp);
|
|
Packit |
1c819f |
return 1;
|
|
Packit |
1c819f |
}
|
|
Packit |
1c819f |
|
|
Packit |
1c819f |
int
|
|
Packit |
1c819f |
isns_authblock_encode(buf_t *bp, const struct isns_authblk *auth)
|
|
Packit |
1c819f |
{
|
|
Packit |
1c819f |
if (!buf_put32(bp, auth->iab_bsd)
|
|
Packit |
1c819f |
|| !buf_put32(bp, auth->iab_length)
|
|
Packit |
1c819f |
|| !buf_put64(bp, auth->iab_timestamp)
|
|
Packit |
1c819f |
|| !buf_put32(bp, auth->iab_spi_len)
|
|
Packit |
1c819f |
|| !buf_put(bp, auth->iab_spi, auth->iab_spi_len)
|
|
Packit |
1c819f |
|| !buf_put(bp, auth->iab_sig, auth->iab_sig_len))
|
|
Packit |
1c819f |
return 0;
|
|
Packit |
1c819f |
return 1;
|
|
Packit |
1c819f |
}
|