From b43d921775560bcfd66fe12b4a213b5ff1b56846 Mon Sep 17 00:00:00 2001 From: Hannes Reinecke Date: Mon, 20 Nov 2023 07:12:00 +0100 Subject: [PATCH] libnvme: reshuffle nvme_generate_tls_key_identity() Reshuffle nvme_generate_tls_key_identity and move it out of the '#ifdef CONFIG_KEYUTILS' section to avoid build failures. Signed-off-by: Hannes Reinecke --- src/nvme/linux.c | 79 +++++++++++++++++++++--------------------------- 1 file changed, 35 insertions(+), 44 deletions(-) diff --git a/src/nvme/linux.c b/src/nvme/linux.c index 7cb52d27..7bbd4a8f 100644 --- a/src/nvme/linux.c +++ b/src/nvme/linux.c @@ -1092,7 +1092,6 @@ out_free_ossl: } #endif /* !CONFIG_OPENSSL_3 */ -#ifdef CONFIG_KEYUTILS static int derive_nvme_keys(const char *hostnqn, const char *subsysnqn, char *identity, int version, int hmac, unsigned char *configured, @@ -1101,7 +1100,7 @@ static int derive_nvme_keys(const char *hostnqn, const char *subsysnqn, unsigned char *retained; int ret = -1; - if (!hostnqn || !subsysnqn || !identity) { + if (!hostnqn || !subsysnqn || !identity || !psk) { errno = EINVAL; return -1; } @@ -1141,6 +1140,40 @@ static size_t nvme_identity_len(int hmac, int version, const char *hostnqn, return len; } +char *nvme_generate_tls_key_identity(const char *hostnqn, const char *subsysnqn, + int version, int hmac, + unsigned char *configured_key, int key_len) +{ + char *identity; + size_t identity_len; + unsigned char *psk; + int ret = -1; + + identity_len = nvme_identity_len(hmac, version, hostnqn, subsysnqn); + if (identity_len < 0) + return NULL; + + identity = malloc(identity_len); + if (!identity) + return NULL; + + psk = malloc(key_len); + if (!psk) + goto out_free_identity; + + memset(psk, 0, key_len); + ret = derive_nvme_keys(hostnqn, subsysnqn, identity, version, hmac, + configured_key, psk, key_len); + free(psk); +out_free_identity: + if (ret < 0) { + free(identity); + identity = NULL; + } + return identity; +} + +#ifdef CONFIG_KEYUTILS long nvme_lookup_keyring(const char *keyring) { key_serial_t keyring_id; @@ -1233,38 +1266,6 @@ out_free_identity: return key; } -char *nvme_generate_tls_key_identity(const char *hostnqn, const char *subsysnqn, - int version, int hmac, - unsigned char *configured_key, int key_len) -{ - char *identity; - size_t identity_len; - unsigned char *psk; - int ret = -1; - - identity_len = nvme_identity_len(hmac, version, hostnqn, subsysnqn); - if (identity_len < 0) - return NULL; - - identity = malloc(identity_len); - if (!identity) - return NULL; - - psk = malloc(key_len); - if (!psk) - goto out_free_identity; - - memset(psk, 0, key_len); - ret = derive_nvme_keys(hostnqn, subsysnqn, identity, version, hmac, - configured_key, psk, key_len); - free(psk); -out_free_identity: - if (ret < 0) { - free(identity); - identity = NULL; - } - return identity; -} #else long nvme_lookup_keyring(const char *keyring) { @@ -1308,16 +1309,6 @@ long nvme_insert_tls_key_versioned(const char *keyring, const char *key_type, errno = ENOTSUP; return -1; } - -char *nvme_generate_tls_key_identity(const char *hostnqn, const char *subsysnqn, - int version, int hmac, - unsigned char *configured_key, int key_len) -{ - nvme_msg(NULL, LOG_ERR, "key operations not supported; " - "recompile with keyutils support.\n"); - errno = ENOTSUP; - return -1; -} #endif long nvme_insert_tls_key(const char *keyring, const char *key_type, -- 2.50.1