[VOL-4396] OMCI lib update to be incorporated into ONU adapter, make use of relaxed decoding
Signed-off-by: mpagenko <michael.pagenkopf@adtran.com>
Change-Id: Ic8bc15ae061af8e27d73879f27bb5b80637a8dea
diff --git a/vendor/github.com/opencord/omci-lib-go/v2/generated/enhancedsecuritycontrol.go b/vendor/github.com/opencord/omci-lib-go/v2/generated/enhancedsecuritycontrol.go
new file mode 100644
index 0000000..7c2948a
--- /dev/null
+++ b/vendor/github.com/opencord/omci-lib-go/v2/generated/enhancedsecuritycontrol.go
@@ -0,0 +1,276 @@
+/*
+ * Copyright (c) 2018 - present. Boling Consulting Solutions (bcsw.net)
+ * Copyright 2020-present Open Networking Foundation
+
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+
+ * http://www.apache.org/licenses/LICENSE-2.0
+
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/*
+ * NOTE: This file was generated, manual edits will be overwritten!
+ *
+ * Generated by 'goCodeGenerator.py':
+ * https://github.com/cboling/OMCI-parser/README.md
+ */
+
+package generated
+
+import "github.com/deckarep/golang-set"
+
+// EnhancedSecurityControlClassID is the 16-bit ID for the OMCI
+// Managed entity Enhanced security control
+const EnhancedSecurityControlClassID = ClassID(332) // 0x014c
+
+var enhancedsecuritycontrolBME *ManagedEntityDefinition
+
+// EnhancedSecurityControl (Class ID: #332 / 0x014c)
+// This ME contains the capabilities, parameters and controls of enhanced GPON security features
+// when they are negotiated via the OMCI (Note). The attributes in this ME are intended to be used
+// to implement a symmetric-key-based three step authentication process as described in the
+// supplemental information section in the following.
+//
+// NOTE - If an ITU-T G.987 system uses 802.1X authentication as defined in [ITU-T G.987.3], the
+// only applicable attribute of this ME is the broadcast key table.
+//
+// Relationships
+// One instance of this ME is associated with the ONU ME.
+//
+// Attributes
+// Managed Entity Id
+// This attribute uniquely identifies each instance of this ME. There is only one instance, number
+// 0. (R) (mandatory) (2 bytes)
+//
+// Olt Crypto Capabilities
+// This attribute specifies the cryptographic mechanisms available at the OLT. It is written by the
+// OLT during authentication step 1. It is formatted as a bit map, where a 1 bit indicates that the
+// particular algorithm is supported, and a 0 bit indicates it is not supported.
+//
+// Bit position Algorithm
+//
+// 1 (LSB) AES-CMAC-128 (support is mandatory)
+//
+// 2 HMAC-SHA-256
+//
+// 3 HMAC-SHA-512
+//
+// 4-128 Reserved
+//
+// (W) (mandatory) (16 bytes)
+//
+// Olt Random Challenge Table
+// This attribute specifies the random challenge OLT_challenge issued by the OLT during
+// authentication step 1. It is structured as a table, with each entry being 17 bytes. The first
+// byte is the table row number, starting at 1, and the remaining 16 bytes are the contents of the
+// entry. OLT_challenge is the concatenation of all 16-byte content fields. In normal use, the OLT
+// will write all the entries in the table, and then trigger the ONU's processing of the entire
+// table using the OLT challenge status attribute. The table size is known by the maximum index set
+// by the OLT. The OLT can clear the table with a set operation to row 0. (R, W) (mandatory) (17 *
+// N-bytes)
+//
+// NOTE - It is assumed that the length of OLT_challenge is always an integer multiple of 16-bytes.
+//
+// Olt Challenge Status
+// This Boolean attribute controls the completion of authentication step 1. This attribute behaves
+// as follows.
+//
+// When the OLT performs the first of possibly several set operations to the OLT crypto
+// capabilities or the OLT random challenge table attributes, a side effect of the set operation is
+// that the ONU sets the OLT challenge status attribute to false.
+//
+// When the OLT completes the set operation(s) to the OLT crypto capabilities and the OLT random
+// challenge table attributes, then it sets the OLT challenge status attribute to true. This
+// triggers the ONU to process the OLT random challenge table, using its choice of the OLT's
+// candidate cryptographic hash algorithms.
+//
+// The ONU initializes this attribute to the value false. (R, W) (mandatory) (1-byte)
+//
+// Onu Selected Crypto Capabilities
+// This attribute specifies the cryptographic capability selected by the ONU in authentication step
+// 2. Its value specifies one of the bit positions that has the value 1 in the OLT crypto
+// capabilities attribute. (R) (mandatory) (1 byte)
+//
+// Onu Random Challenge Table
+// This attribute specifies the random challenge ONU_challenge issued by the ONU during
+// authentication step 2. It is structured as a table, with each entry being 16-bytes of content.
+// ONU_challenge is the concatenation of all 16-byte content fields in the table. Once the OLT
+// triggers a response to be generated using the OLT challenge status attribute, the ONU generates
+// the response and writes the table (in a single operation). The AVC generated by this attribute
+// signals to the OLT that the challenge is ready, so that the OLT can commence a get/get-next
+// sequence to obtain the table's contents. (R) (mandatory) (16 * P-bytes)
+//
+// Onu Authentication Result Table
+// (authentication step 2). This attribute contains the result of the authentication computation
+// from the ONU (ONU_result), according to the ONU's selected crypto capabilities attribute.
+//
+// ONU_result-= SelectedHashFunction (PSK, (ONU_selected_crypto capabilities | OLT_challenge |
+// ONU_challenge | 0x0000 0000 0000 0000)),
+//
+// where "|" denotes concatenation.
+//
+// This attribute is structured as a table, with each entry being 16 bytes of content. The number
+// of rows Q is implicit in the choice of hash algorithm.
+//
+// Once the OLT triggers a response to be generated using the OLT challenge status attribute, the
+// ONU generates ONU_result and writes the table (in a single operation). The AVC generated by this
+// attribute signals to the OLT that the response is ready, so that the OLT can commence a get/get-
+// next sequence to obtain the table's contents. (R) (mandatory) (16 * Q-bytes)
+//
+// Olt Authentication Result Table
+// This attribute is structured as a table, with each entry being 17 bytes. The first byte is the
+// table row number, starting at 1; the remaining 16 bytes are content. OLT_result is the
+// concatenation of all 16-byte content fields. The OLT writes all entries into the table, and then
+// triggers the ONU's processing of the table using the OLT result status attribute. The number of
+// rows R is implicit in the choice of hash algorithm. The OLT can clear the table with a set
+// operation to row 0. (W) (mandatory) (17 * R-bytes)
+//
+// This attribute is used in authentication step 3. It contains OLT_result, the result of the
+// authentication computation from the OLT.
+//
+// OLT_result-= SelectedHashFunction (PSK, (ONU_selected_crypto capabilities | ONU_challenge |
+// OLT_challenge | ONU_serial_number)).
+//
+// The ONU_serial_number is the serial number attribute of the ONU-G ME, 8 bytes.
+//
+// Olt Result Status
+// (authentication step 3). This Boolean attribute controls and reports the status of the OLT
+// authentication result table attribute. This attribute behaves as follows.
+//
+// When the OLT performs the first of possibly several set operations to the OLT authentication
+// result table attribute, a side effect of the set operation is that the ONU sets the OLT result
+// status attribute to false.
+//
+// When the OLT completes the set operation(s) to the OLT authentication result table, then it sets
+// the OLT result status attribute to true. This triggers the ONU to process the OLT authentication
+// result table.
+//
+// (R, W) (mandatory) (1 byte)
+//
+// Onu Authentication Status
+// This attribute indicates the status of the authentication relationship from the perspective of
+// the ONU. It has the following values.
+//
+// 0 Indeterminate. This initial value indicates that the OMCI authentication process has not yet
+// completed, and may not even have been started.
+//
+// 1 Reserved.
+//
+// 2 Reserved.
+//
+// 3 Authentication success: the procedure has completed at least once since the latest ONU
+// activation and in its most recent execution, the ONU has authenticated the OLT.
+//
+// 4 Authentication failure: the procedure has completed at least once since the latest ONU
+// activation, and either its most recent execution resulted in an error or the ONU has failed to
+// authenticate the OLT.
+//
+// 5 Reserved.
+//
+// Upon ONU activation, the ONU sets the attribute to the initial value. When the ONU
+// authentication status has the value 3, encryption keys exchanged in the TC layer will be
+// encrypted using the master session key (ITUT G.984 systems) or the key encryption key (KEK,
+// ITU-T G.987 systems). The OLT should check the value of this attribute before initiating a key
+// switch.
+//
+// (R) (mandatory) (1 byte)
+//
+// Master Session Key Name
+// Following successful authentication, this register contains the "name," or the hash signature,
+// of the current master session key. The master session key is defined as:
+//
+// MSK-= SelectedHashFunction (PSK, (OLT_challenge | ONU_challenge)).
+//
+// The master session key name is defined as:
+//
+// MSKname-= SelectedHashFunction (PSK, (ONU_challenge | OLT_challenge | 0x 3141 5926 5358 9793
+// 3141 5926 5358 9793)).
+//
+// If the selected hash function generates more than 128 bits, the result is truncated to the
+// leftmost (most significant) 128 bits.
+//
+// Upon the invalidation of a master session key (e.g., due to an ONU reset or deactivation, or due
+// to an ONU-local decision that the master session key has expired), the ONU sets the master
+// session key name to all zeros. (R) (mandatory) (16 bytes)
+//
+// Broadcast Key Table
+// 10 Clear the entire table.
+//
+// 11 Reserved.
+//
+// The four MSBs specify the length of the fragment, which is left-justified in the key fragment
+// field. The value 0 indicates 16-bytes of key fragment.
+//
+// The other two bits are reserved.
+//
+// Row identifier (1 byte): The two MSBs of this field are the key index, which appears in the
+// header of encrypted multicast GEM frames. Key index 0 always indicates cleartext, and should
+// therefore not appear in the identifier. The four LSBs identify the key fragment number, starting
+// with 0. The other two bits are reserved.
+//
+// Key fragment (16 bytes): This field contains the specified fragment of the key (encrypted with
+// AES-ECB using the KEK).
+//
+// (R, W) (optional) (18N bytes)
+//
+// This attribute is defined only in ITU-T G.987 systems. It contains the broadcast key generated
+// by the OLT. It is a table, each of whose rows is structured as follows.
+//
+// Row control (1 byte): The two LSBs of this byte determine the attribute's behaviour under the
+// set action. They always read back as 0 under the get next action.
+//
+// 00 Set the specified row.
+//
+// 01 Clear the specified row.
+//
+// Effective Key Length
+// This attribute specifies the maximum effective length, in bits, of keys generated by the ONU.
+// (R) (optional) (2 bytes)
+//
+type EnhancedSecurityControl struct {
+ ManagedEntityDefinition
+ Attributes AttributeValueMap
+}
+
+func init() {
+ enhancedsecuritycontrolBME = &ManagedEntityDefinition{
+ Name: "EnhancedSecurityControl",
+ ClassID: 332,
+ MessageTypes: mapset.NewSetWith(
+ Get,
+ GetNext,
+ Set,
+ ),
+ AllowedAttributeMask: 0xfff0,
+ AttributeDefinitions: AttributeDefinitionMap{
+ 0: Uint16Field("ManagedEntityId", PointerAttributeType, 0x0000, 0, mapset.NewSetWith(Read), false, false, false, 0),
+ 1: MultiByteField("OltCryptoCapabilities", OctetsAttributeType, 0x8000, 16, toOctets("AAAAAAAAAAAAAAAAAAAAAA=="), mapset.NewSetWith(Write), false, false, false, 1),
+ 2: TableField("OltRandomChallengeTable", TableAttributeType, 0x4000, TableInfo{nil, 17}, mapset.NewSetWith(Read, Write), false, false, false, 2),
+ 3: ByteField("OltChallengeStatus", UnsignedIntegerAttributeType, 0x2000, 0, mapset.NewSetWith(Read, Write), false, false, false, 3),
+ 4: ByteField("OnuSelectedCryptoCapabilities", UnsignedIntegerAttributeType, 0x1000, 0, mapset.NewSetWith(Read), false, false, false, 4),
+ 5: TableField("OnuRandomChallengeTable", TableAttributeType, 0x0800, TableInfo{nil, 16}, mapset.NewSetWith(Read), true, false, false, 5),
+ 6: TableField("OnuAuthenticationResultTable", TableAttributeType, 0x0400, TableInfo{nil, 16}, mapset.NewSetWith(Read), true, false, false, 6),
+ 7: TableField("OltAuthenticationResultTable", TableAttributeType, 0x0200, TableInfo{nil, 17}, mapset.NewSetWith(Read, Write), false, false, false, 7),
+ 8: ByteField("OltResultStatus", UnsignedIntegerAttributeType, 0x0100, 0, mapset.NewSetWith(Read, Write), false, false, false, 8),
+ 9: ByteField("OnuAuthenticationStatus", UnsignedIntegerAttributeType, 0x0080, 0, mapset.NewSetWith(Read), true, false, false, 9),
+ 10: MultiByteField("MasterSessionKeyName", OctetsAttributeType, 0x0040, 16, toOctets("AAAAAAAAAAAAAAAAAAAAAA=="), mapset.NewSetWith(Read), false, false, false, 10),
+ 11: TableField("BroadcastKeyTable", TableAttributeType, 0x0020, TableInfo{nil, 18}, mapset.NewSetWith(Read, Write), false, true, false, 11),
+ 12: Uint16Field("EffectiveKeyLength", UnsignedIntegerAttributeType, 0x0010, 0, mapset.NewSetWith(Read), false, true, false, 12),
+ },
+ Access: CreatedByOnu,
+ Support: UnknownSupport,
+ }
+}
+
+// NewEnhancedSecurityControl (class ID 332) creates the basic
+// Managed Entity definition that is used to validate an ME of this type that
+// is received from or transmitted to the OMCC.
+func NewEnhancedSecurityControl(params ...ParamData) (*ManagedEntity, OmciErrors) {
+ return NewManagedEntity(*enhancedsecuritycontrolBME, params...)
+}