Re: [PATCH 07/12] nvme: Implement In-Band authentication
From: Sagi Grimberg <sagi@grimberg.me>
Date: 2021-11-22 09:38:01
Also in:
linux-nvme
From: Sagi Grimberg <sagi@grimberg.me>
Date: 2021-11-22 09:38:01
Also in:
linux-nvme
+int nvme_auth_generate_key(struct nvme_ctrl *ctrl, u8 *secret, bool set_ctrl)
Maybe instead of set_ctrl introduct struct dhchap_key and pass a pointer into that?
+{
+ u8 *key;
+ size_t key_len;
+ u8 key_hash;
+
+ if (!secret)
+ return 0;
+
+ if (sscanf(secret, "DHHC-1:%hhd:%*s:", &key_hash) != 1)
+ return -EINVAL;
+
+ /* Pass in the secret without the 'DHHC-1:XX:' prefix */
+ key = nvme_auth_extract_secret(secret + 10, key_hash,
+ &key_len);
+ if (IS_ERR(key)) {
+ dev_dbg(ctrl->device, "failed to extract key, error %ld\n",
+ PTR_ERR(key));
+ return PTR_ERR(key);
+ }
+
+ if (set_ctrl) {
+ ctrl->dhchap_ctrl_key = key;
+ ctrl->dhchap_ctrl_key_len = key_len;
+ ctrl->dhchap_ctrl_key_hash = key_hash;
+ } else {
+ ctrl->dhchap_key = key;
+ ctrl->dhchap_key_len = key_len;
+ ctrl->dhchap_key_hash = key_hash;
+ }Then it becomes: dhchap_key->key = key; dhchap_key->len = key_len; dhchap_key->hash = key_hash;