1f50fff73SHannes Reinecke /* SPDX-License-Identifier: GPL-2.0 */ 2f50fff73SHannes Reinecke /* 3f50fff73SHannes Reinecke * Copyright (c) 2021 Hannes Reinecke, SUSE Software Solutions 4f50fff73SHannes Reinecke */ 5f50fff73SHannes Reinecke 6f50fff73SHannes Reinecke #ifndef _NVME_AUTH_H 7f50fff73SHannes Reinecke #define _NVME_AUTH_H 8f50fff73SHannes Reinecke 9f50fff73SHannes Reinecke #include <crypto/kpp.h> 10f50fff73SHannes Reinecke 11f50fff73SHannes Reinecke struct nvme_dhchap_key { 12f50fff73SHannes Reinecke u8 *key; 13f50fff73SHannes Reinecke size_t len; 14f50fff73SHannes Reinecke u8 hash; 15f50fff73SHannes Reinecke }; 16f50fff73SHannes Reinecke 17f50fff73SHannes Reinecke u32 nvme_auth_get_seqnum(void); 18f50fff73SHannes Reinecke const char *nvme_auth_dhgroup_name(u8 dhgroup_id); 19f50fff73SHannes Reinecke const char *nvme_auth_dhgroup_kpp(u8 dhgroup_id); 20f50fff73SHannes Reinecke u8 nvme_auth_dhgroup_id(const char *dhgroup_name); 21f50fff73SHannes Reinecke 22f50fff73SHannes Reinecke const char *nvme_auth_hmac_name(u8 hmac_id); 23f50fff73SHannes Reinecke const char *nvme_auth_digest_name(u8 hmac_id); 24f50fff73SHannes Reinecke size_t nvme_auth_hmac_hash_len(u8 hmac_id); 25f50fff73SHannes Reinecke u8 nvme_auth_hmac_id(const char *hmac_name); 26f50fff73SHannes Reinecke 27f50fff73SHannes Reinecke struct nvme_dhchap_key *nvme_auth_extract_key(unsigned char *secret, 28f50fff73SHannes Reinecke u8 key_hash); 29f50fff73SHannes Reinecke void nvme_auth_free_key(struct nvme_dhchap_key *key); 30f50fff73SHannes Reinecke u8 *nvme_auth_transform_key(struct nvme_dhchap_key *key, char *nqn); 31f50fff73SHannes Reinecke int nvme_auth_generate_key(u8 *secret, struct nvme_dhchap_key **ret_key); 32*b61775d1SHannes Reinecke int nvme_auth_augmented_challenge(u8 hmac_id, u8 *skey, size_t skey_len, 33*b61775d1SHannes Reinecke u8 *challenge, u8 *aug, size_t hlen); 34*b61775d1SHannes Reinecke int nvme_auth_gen_privkey(struct crypto_kpp *dh_tfm, u8 dh_gid); 35*b61775d1SHannes Reinecke int nvme_auth_gen_pubkey(struct crypto_kpp *dh_tfm, 36*b61775d1SHannes Reinecke u8 *host_key, size_t host_key_len); 37*b61775d1SHannes Reinecke int nvme_auth_gen_shared_secret(struct crypto_kpp *dh_tfm, 38*b61775d1SHannes Reinecke u8 *ctrl_key, size_t ctrl_key_len, 39*b61775d1SHannes Reinecke u8 *sess_key, size_t sess_key_len); 40f50fff73SHannes Reinecke 41f50fff73SHannes Reinecke #endif /* _NVME_AUTH_H */ 42