1 /*
2  * Copyright (c) 2006-2021, RT-Thread Development Team
3  *
4  * SPDX-License-Identifier: Apache-2.0
5  *
6  * Change Logs:
7  * Date           Author       Notes
8  */
9 #ifndef __AUTH_H__
10 #define __AUTH_H__
11 
12 #include <rpc/xdr.h>
13 
14 /*
15  * Status returned from authentication check
16  */
17 enum auth_stat {
18     AUTH_OK=0,
19     /*
20      * failed at remote end
21      */
22     AUTH_BADCRED=1,         /* bogus credentials (seal broken) */
23     AUTH_REJECTEDCRED=2,        /* client should begin new session */
24     AUTH_BADVERF=3,         /* bogus verifier (seal broken) */
25     AUTH_REJECTEDVERF=4,        /* verifier expired or was replayed */
26     AUTH_TOOWEAK=5,         /* rejected due to security reasons */
27     /*
28      * failed locally
29     */
30     AUTH_INVALIDRESP=6,     /* bogus response verifier */
31     AUTH_FAILED=7           /* some unknown reason */
32 };
33 
34 union des_block {
35     struct {
36         uint32_t high;
37         uint32_t low;
38     } key;
39     char c[8];
40 };
41 typedef union des_block des_block;
42 
43 /*
44  * Authentication info.  Opaque to client.
45  */
46 struct opaque_auth {
47     enum_t  oa_flavor;      /* flavor of auth */
48     char*   oa_base;        /* address of more auth stuff */
49     unsigned int    oa_length;      /* not to exceed MAX_AUTH_BYTES */
50 };
51 
52 /*
53  * Auth handle, interface to client side authenticators.
54  */
55 typedef struct AUTH AUTH;
56 struct AUTH {
57   struct opaque_auth ah_cred;
58   struct opaque_auth ah_verf;
59   union des_block ah_key;
60   struct auth_ops {
61     void (*ah_nextverf) (AUTH *);
62     int  (*ah_marshal) (AUTH *, XDR *);     /* nextverf & serialize */
63     int  (*ah_validate) (AUTH *, struct opaque_auth *);
64                         /* validate verifier */
65     int  (*ah_refresh) (AUTH *);        /* refresh credentials */
66     void (*ah_destroy) (AUTH *);            /* destroy this structure */
67   } *ah_ops;
68   char* ah_private;
69 };
70 
71 extern struct opaque_auth _null_auth;
72 
73 
74 /*
75  * Authentication ops.
76  * The ops and the auth handle provide the interface to the authenticators.
77  *
78  * AUTH *auth;
79  * XDR  *xdrs;
80  * struct opaque_auth verf;
81  */
82 #define AUTH_NEXTVERF(auth)     \
83         ((*((auth)->ah_ops->ah_nextverf))(auth))
84 #define auth_nextverf(auth)     \
85         ((*((auth)->ah_ops->ah_nextverf))(auth))
86 
87 #define AUTH_MARSHALL(auth, xdrs)   \
88         ((*((auth)->ah_ops->ah_marshal))(auth, xdrs))
89 #define auth_marshall(auth, xdrs)   \
90         ((*((auth)->ah_ops->ah_marshal))(auth, xdrs))
91 
92 #define AUTH_VALIDATE(auth, verfp)  \
93         ((*((auth)->ah_ops->ah_validate))((auth), verfp))
94 #define auth_validate(auth, verfp)  \
95         ((*((auth)->ah_ops->ah_validate))((auth), verfp))
96 
97 #define AUTH_REFRESH(auth)      \
98         ((*((auth)->ah_ops->ah_refresh))(auth))
99 #define auth_refresh(auth)      \
100         ((*((auth)->ah_ops->ah_refresh))(auth))
101 
102 #define AUTH_DESTROY(auth)      \
103         ((*((auth)->ah_ops->ah_destroy))(auth))
104 #define auth_destroy(auth)      \
105         ((*((auth)->ah_ops->ah_destroy))(auth))
106 
107 #define MAX_AUTH_BYTES  400
108 #define MAXNETNAMELEN   255 /* maximum length of network user's name */
109 
110 AUTH *authnone_create(void);
111 
112 #endif
113