[linux-block.git] / include / linux / nvme-auth.h

/* SPDX-License-Identifier: GPL-2.0 */
/*
 * Copyright (c) 2021 Hannes Reinecke, SUSE Software Solutions
 */

#ifndef _NVME_AUTH_H
#define _NVME_AUTH_H

#include <crypto/kpp.h>

struct nvme_dhchap_key {
	size_t len;
	u8 hash;
	u8 key[];
};

u32 nvme_auth_get_seqnum(void);
const char *nvme_auth_dhgroup_name(u8 dhgroup_id);
const char *nvme_auth_dhgroup_kpp(u8 dhgroup_id);
u8 nvme_auth_dhgroup_id(const char *dhgroup_name);

const char *nvme_auth_hmac_name(u8 hmac_id);
const char *nvme_auth_digest_name(u8 hmac_id);
size_t nvme_auth_hmac_hash_len(u8 hmac_id);
u8 nvme_auth_hmac_id(const char *hmac_name);

u32 nvme_auth_key_struct_size(u32 key_len);
struct nvme_dhchap_key *nvme_auth_extract_key(unsigned char *secret,
					      u8 key_hash);
void nvme_auth_free_key(struct nvme_dhchap_key *key);
struct nvme_dhchap_key *nvme_auth_alloc_key(u32 len, u8 hash);
struct nvme_dhchap_key *nvme_auth_transform_key(
				struct nvme_dhchap_key *key, char *nqn);
int nvme_auth_generate_key(u8 *secret, struct nvme_dhchap_key **ret_key);
int nvme_auth_augmented_challenge(u8 hmac_id, u8 *skey, size_t skey_len,
				  u8 *challenge, u8 *aug, size_t hlen);
int nvme_auth_gen_privkey(struct crypto_kpp *dh_tfm, u8 dh_gid);
int nvme_auth_gen_pubkey(struct crypto_kpp *dh_tfm,
			 u8 *host_key, size_t host_key_len);
int nvme_auth_gen_shared_secret(struct crypto_kpp *dh_tfm,
				u8 *ctrl_key, size_t ctrl_key_len,
				u8 *sess_key, size_t sess_key_len);

#endif /* _NVME_AUTH_H */
Commit	Line	Data
f50fff73 HR	1	/* SPDX-License-Identifier: GPL-2.0 */
	2	/*
	3	* Copyright (c) 2021 Hannes Reinecke, SUSE Software Solutions
	4	*/
	5
	6	#ifndef _NVME_AUTH_H
	7	#define _NVME_AUTH_H
	8
	9	#include <crypto/kpp.h>
	10
	11	struct nvme_dhchap_key {
f50fff73 HR	12	size_t len;
f50fff73 HR	13	u8 hash;
3ebed374	14	u8 key[];
f50fff73 HR	15	};
	16
	17	u32 nvme_auth_get_seqnum(void);
	18	const char *nvme_auth_dhgroup_name(u8 dhgroup_id);
	19	const char *nvme_auth_dhgroup_kpp(u8 dhgroup_id);
	20	u8 nvme_auth_dhgroup_id(const char *dhgroup_name);
	21
	22	const char *nvme_auth_hmac_name(u8 hmac_id);
	23	const char *nvme_auth_digest_name(u8 hmac_id);
	24	size_t nvme_auth_hmac_hash_len(u8 hmac_id);
	25	u8 nvme_auth_hmac_id(const char *hmac_name);
	26
3ebed374	27	u32 nvme_auth_key_struct_size(u32 key_len);
f50fff73 HR	28	struct nvme_dhchap_key nvme_auth_extract_key(unsigned char secret,
	29	u8 key_hash);
	30	void nvme_auth_free_key(struct nvme_dhchap_key *key);
3ebed374	31	struct nvme_dhchap_key *nvme_auth_alloc_key(u32 len, u8 hash);
f047daed MD	32	struct nvme_dhchap_key *nvme_auth_transform_key(
f047daed MD	33	struct nvme_dhchap_key key, char nqn);
f50fff73	34	int nvme_auth_generate_key(u8 secret, struct nvme_dhchap_key *ret_key);
b61775d1 HR	35	int nvme_auth_augmented_challenge(u8 hmac_id, u8 *skey, size_t skey_len,
	36	u8 challenge, u8 aug, size_t hlen);
	37	int nvme_auth_gen_privkey(struct crypto_kpp *dh_tfm, u8 dh_gid);
	38	int nvme_auth_gen_pubkey(struct crypto_kpp *dh_tfm,
	39	u8 *host_key, size_t host_key_len);
	40	int nvme_auth_gen_shared_secret(struct crypto_kpp *dh_tfm,
	41	u8 *ctrl_key, size_t ctrl_key_len,
	42	u8 *sess_key, size_t sess_key_len);
f50fff73 HR	43
f50fff73 HR	44	#endif /* _NVME_AUTH_H */