diff options
| author | Laszlo Ersek <lersek@redhat.com> | 2021-06-29 18:33:36 +0200 |
|---|---|---|
| committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2021-06-30 19:20:41 +0000 |
| commit | 47fea2abcb8b73a503568e1e2bb83a52d00a73b2 (patch) | |
| tree | e4a2f558efa215cb94d67770d2761d4f9825890c /NetworkPkg | |
| parent | 903ce1d8f868e394d5cea477bd568c7d68d109e9 (diff) | |
| download | edk2-47fea2abcb8b73a503568e1e2bb83a52d00a73b2.tar.gz edk2-47fea2abcb8b73a503568e1e2bb83a52d00a73b2.tar.bz2 edk2-47fea2abcb8b73a503568e1e2bb83a52d00a73b2.zip | |
NetworkPkg/IScsiDxe: support SHA256 in CHAP
Insert a SHA256 CHAP_HASH structure at the start of "mChapHash".
Update ISCSI_CHAP_MAX_DIGEST_SIZE to SHA256_DIGEST_SIZE (32).
This enables the initiator and the target to negotiate SHA256 for CHAP, in
preference to MD5.
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Cc: Philippe Mathieu-Daudé <philmd@redhat.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3355
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Message-Id: <20210629163337.14120-6-lersek@redhat.com>
Diffstat (limited to 'NetworkPkg')
| -rw-r--r-- | NetworkPkg/IScsiDxe/IScsiCHAP.c | 12 | ||||
| -rw-r--r-- | NetworkPkg/IScsiDxe/IScsiCHAP.h | 3 |
2 files changed, 14 insertions, 1 deletions
diff --git a/NetworkPkg/IScsiDxe/IScsiCHAP.c b/NetworkPkg/IScsiDxe/IScsiCHAP.c index 351bf329b7..80035ece98 100644 --- a/NetworkPkg/IScsiDxe/IScsiCHAP.c +++ b/NetworkPkg/IScsiDxe/IScsiCHAP.c @@ -16,6 +16,18 @@ SPDX-License-Identifier: BSD-2-Clause-Patent //
STATIC CONST CHAP_HASH mChapHash[] = {
{
+ ISCSI_CHAP_ALGORITHM_SHA256,
+ SHA256_DIGEST_SIZE,
+ Sha256GetContextSize,
+ Sha256Init,
+ Sha256Update,
+ Sha256Final
+ },
+ //
+ // Keep the deprecated MD5 entry at the end of the array (making MD5 the
+ // least preferred choice of the initiator).
+ //
+ {
ISCSI_CHAP_ALGORITHM_MD5,
MD5_DIGEST_SIZE,
Md5GetContextSize,
diff --git a/NetworkPkg/IScsiDxe/IScsiCHAP.h b/NetworkPkg/IScsiDxe/IScsiCHAP.h index 1e5cc0b287..e2df634c4e 100644 --- a/NetworkPkg/IScsiDxe/IScsiCHAP.h +++ b/NetworkPkg/IScsiDxe/IScsiCHAP.h @@ -22,12 +22,13 @@ SPDX-License-Identifier: BSD-2-Clause-Patent // https://www.iana.org/assignments/ppp-numbers/ppp-numbers.xhtml#ppp-numbers-9
//
#define ISCSI_CHAP_ALGORITHM_MD5 5
+#define ISCSI_CHAP_ALGORITHM_SHA256 7
//
// Byte count of the largest digest over the above-listed
// ISCSI_CHAP_ALGORITHM_* hash algorithms.
//
-#define ISCSI_CHAP_MAX_DIGEST_SIZE MD5_DIGEST_SIZE
+#define ISCSI_CHAP_MAX_DIGEST_SIZE SHA256_DIGEST_SIZE
#define ISCSI_CHAP_STEP_ONE 1
#define ISCSI_CHAP_STEP_TWO 2
|