mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-09-14 06:35:12 +00:00
f50fff73d6
Implement NVMe-oF In-Band authentication according to NVMe TPAR 8006. This patch adds two new fabric options 'dhchap_secret' to specify the pre-shared key (in ASCII respresentation according to NVMe 2.0 section 8.13.5.8 'Secret representation') and 'dhchap_ctrl_secret' to specify the pre-shared controller key for bi-directional authentication of both the host and the controller. Re-authentication can be triggered by writing the PSK into the new controller sysfs attribute 'dhchap_secret' or 'dhchap_ctrl_secret'. Signed-off-by: Hannes Reinecke <hare@suse.de> Reviewed-by: Sagi Grimberg <sagi@grimberg.me> Signed-off-by: Christoph Hellwig <hch@lst.de> [axboe: fold in clang build fix] Signed-off-by: Jens Axboe <axboe@kernel.dk>
33 lines
925 B
C
33 lines
925 B
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
/*
|
|
* Copyright (c) 2021 Hannes Reinecke, SUSE Software Solutions
|
|
*/
|
|
|
|
#ifndef _NVME_AUTH_H
|
|
#define _NVME_AUTH_H
|
|
|
|
#include <crypto/kpp.h>
|
|
|
|
struct nvme_dhchap_key {
|
|
u8 *key;
|
|
size_t len;
|
|
u8 hash;
|
|
};
|
|
|
|
u32 nvme_auth_get_seqnum(void);
|
|
const char *nvme_auth_dhgroup_name(u8 dhgroup_id);
|
|
const char *nvme_auth_dhgroup_kpp(u8 dhgroup_id);
|
|
u8 nvme_auth_dhgroup_id(const char *dhgroup_name);
|
|
|
|
const char *nvme_auth_hmac_name(u8 hmac_id);
|
|
const char *nvme_auth_digest_name(u8 hmac_id);
|
|
size_t nvme_auth_hmac_hash_len(u8 hmac_id);
|
|
u8 nvme_auth_hmac_id(const char *hmac_name);
|
|
|
|
struct nvme_dhchap_key *nvme_auth_extract_key(unsigned char *secret,
|
|
u8 key_hash);
|
|
void nvme_auth_free_key(struct nvme_dhchap_key *key);
|
|
u8 *nvme_auth_transform_key(struct nvme_dhchap_key *key, char *nqn);
|
|
int nvme_auth_generate_key(u8 *secret, struct nvme_dhchap_key **ret_key);
|
|
|
|
#endif /* _NVME_AUTH_H */
|