linux: add nvme_create_raw_secret

Move helper function to create the raw secret from the input string to
the library. This allows to use a common function to consistently create
the raw secret in nvme-cli and libnvme.

For testing purposes it is also helpful to generate a secret based from
a pin. Use the pin as seed and create the raw secret with a simple
algorithm:

	function create_key(seed, key_len):
	    output = []
	    counter = 0

	    while length(output) < key_len:
	        hash = HASH(seed || encode(counter))
	        output += hash
	        counter += 1

	    return output[0:key_len]

Signed-off-by: Daniel Wagner <[email protected]>

Author: igaw

libnvme/src/libnvme.ld

@@ -6,6 +6,7 @@ LIBNVME_3 {
 		nvme_close;
 		nvme_create_ctrl;
 		nvme_create_global_ctx;
+		nvme_create_raw_secret;
 		nvme_ctrl_first_ns;
 		nvme_ctrl_first_path;
 		nvme_ctrl_get_config;

libnvme/src/nvme/linux.c

@@ -19,6 +19,9 @@
 
 #include <sys/ioctl.h>
 #include <sys/param.h>
+#if HAVE_SYS_RANDOM
+#include <sys/random.h>
+#endif
 #include <sys/stat.h>
 
 #ifndef _GNU_SOURCE
@@ -163,6 +166,14 @@ __public int nvme_gen_dhchap_key(struct nvme_global_ctx *ctx,
 	return 0;
 }
 
+__public int nvme_create_raw_secret(struct nvme_global_ctx *ctx,
+		const char *secret, size_t key_len, unsigned char **raw_secret)
+{
+	nvme_msg(ctx, LOG_ERR, "NVMe TLS 2.0 is not supported; "
+		 "recompile with OpenSSL support.\n");
+	return -ENOTSUP;
+}
+
 static int derive_retained_key(struct nvme_global_ctx *ctx,
 		int hmac, const char *hostnqn, unsigned char *generated,
 		unsigned char *retained, size_t key_len)
@@ -745,7 +756,130 @@ static int derive_psk_digest(struct nvme_global_ctx *ctx,
 
 	return strlen(digest);
 }
-#endif /* !CONFIG_OPENSSL */
+
+static ssize_t getrandom_bytes(void *buf, size_t buflen)
+{
+	ssize_t result;
+#if HAVE_SYS_RANDOM
+	result = getrandom(buf, buflen, GRND_NONBLOCK);
+#else
+	_cleanup_fd_ int fd = -1;
+
+	fd = open("/dev/urandom", O_RDONLY);
+	if (fd < 0)
+		return -errno;
+	result = read(fd, buf, buflen);
+#endif
+	if (result < 0)
+		return -errno;
+	return result;
+}
+
+static ssize_t getswordfish(struct nvme_global_ctx *ctx,
+		const char *seed, void *buf, size_t buflen)
+{
+	unsigned char hash[EVP_MAX_MD_SIZE];
+	EVP_MD_CTX *md_ctx;
+	size_t copied = 0;
+
+	md_ctx = EVP_MD_CTX_new();
+	if (!md_ctx)
+		return -ENOMEM;
+
+	while (copied < buflen) {
+		unsigned int counter = 0;
+		unsigned int hash_len;
+		size_t to_copy;
+
+		if (EVP_DigestInit_ex(md_ctx, EVP_sha256(), NULL) != 1)
+			goto err;
+
+		EVP_DigestUpdate(md_ctx, seed, strlen(seed));
+		EVP_DigestUpdate(md_ctx, &counter, sizeof(counter));
+
+		if (EVP_DigestFinal_ex(md_ctx, hash, &hash_len) != 1)
+			goto err;
+
+		to_copy = buflen - copied;
+		if (to_copy > hash_len)
+			to_copy = hash_len;
+
+		memcpy((unsigned char *)buf + copied, hash, to_copy);
+		copied += to_copy;
+		counter++;
+	}
+
+	EVP_MD_CTX_free(md_ctx);
+	return buflen;
+
+err:
+	EVP_MD_CTX_free(md_ctx);
+	return -EIO;
+}
+
+__public int nvme_create_raw_secret(struct nvme_global_ctx *ctx,
+		const char *secret, size_t key_len, unsigned char **raw_secret)
+{
+	_cleanup_free_ unsigned char *buf = NULL;
+	int secret_len = 0, i, err;
+	unsigned int c;
+
+	if (key_len != 32 && key_len != 48 && key_len != 64) {
+		nvme_msg(ctx, LOG_ERR, "Invalid key length %ld", key_len);
+		return -EINVAL;
+	}
+
+	buf = malloc(key_len);
+	if (!buf)
+		return -ENOMEM;
+
+	if (!secret) {
+		err = getrandom_bytes(buf, key_len);
+		if (err < 0)
+			return err;
+
+		goto out;
+	}
+
+	if (strlen(secret) < 4) {
+		nvme_msg(ctx, LOG_ERR, "Input secret too short\n");
+		return -EINVAL;
+	}
+
+	if (!strncmp(secret, "pin:", 4)) {
+		err = getswordfish(ctx, &secret[4], buf, key_len);
+		if (err < 0)
+			return err;
+
+		goto out;
+	}
+
+	for (i = 0; i < strlen(secret); i += 2) {
+		if (sscanf(&secret[i], "%02x", &c) != 1) {
+			nvme_msg(ctx, LOG_ERR,
+				"Invalid secret '%s'", secret);
+			return -EINVAL;
+		}
+		if (i >= key_len * 2) {
+			nvme_msg(ctx, LOG_ERR,
+				"Skipping excess secret bytes\n");
+			break;
+		}
+		buf[secret_len++] = (unsigned char)c;
+	}
+	if (secret_len != key_len) {
+		nvme_msg(ctx, LOG_ERR,
+			"Invalid key length (%d bytes)\n", secret_len);
+		return -EINVAL;
+	}
+
+out:
+	*raw_secret = buf;
+	buf = NULL;
+	return 0;
+}
+
+#endif /* CONFIG_OPENSSL */
 
 static int gen_tls_identity(const char *hostnqn, const char *subsysnqn,
 			    int version, int cipher, char *digest,

libnvme/src/nvme/linux.h

@@ -103,6 +103,24 @@ int nvme_lookup_key(struct nvme_global_ctx *ctx, const char *type,
  */
 int nvme_set_keyring(struct nvme_global_ctx *ctx, long keyring_id);
 
+/**
+ * nvme_create_raw_secret - Generate a raw secret buffer from input data
+ * @ctx:		struct nvme_global_ctx object
+ * @secret:		Input secret data
+ * @key_len:		The length of the raw_secret in bytes
+ * @raw_secret:		Return buffer with the generated raw secret
+ *
+ * Transforms the provided @secret into a raw secret buffer suitable for
+ * use with NVMe key management operations.
+ *
+ * The generated raw secret can subsequently be passed to nvme_read_key()
+ * or nvme_update_key().
+ *
+ * Return: 0 on success, or a negative error code on failure.
+ */
+int nvme_create_raw_secret(struct nvme_global_ctx *ctx,
+		const char *secret, size_t key_len, unsigned char **raw_secret);
+
 /**
  * nvme_read_key() - Read key raw data
  * @ctx:		struct nvme_global_ctx object

nvme.c

@@ -46,9 +46,6 @@
 #include <sys/stat.h>
 #include <sys/types.h>
 
-#if HAVE_SYS_RANDOM
-	#include <sys/random.h>
-#endif
 
 #include <libnvme.h>
 
@@ -311,24 +308,6 @@ static OPT_VALS(feature_name) = {
 	VAL_END()
 };
 
-static ssize_t getrandom_bytes(void *buf, size_t buflen)
-{
-	ssize_t result;
-#if HAVE_SYS_RANDOM
-	result = getrandom(buf, buflen, GRND_NONBLOCK);
-#else
-	_cleanup_fd_ int fd = -1;
-
-	fd = open("/dev/urandom", O_RDONLY);
-	if (fd < 0)
-		return -errno;
-	result = read(fd, buf, buflen);
-#endif
-	if (result < 0)
-		return -errno;
-	return result;
-}
-
 static int check_arg_dev(int argc, char **argv)
 {
 	if (optind >= argc) {
@@ -9642,32 +9621,9 @@ static int gen_dhchap_key(int argc, char **argv, struct command *acmd, struct pl
 		cfg.key_len = 32;
 	}
 
-	if (cfg.key_len != 32 && cfg.key_len != 48 && cfg.key_len != 64) {
-		nvme_show_error("Invalid key length %u", cfg.key_len);
-		return -EINVAL;
-	}
-	raw_secret = malloc(cfg.key_len);
-	if (!raw_secret)
-		return -ENOMEM;
-	if (!cfg.secret) {
-		if (getrandom_bytes(raw_secret, cfg.key_len) < 0)
-			return -errno;
-	} else {
-		int secret_len = 0, i;
-		unsigned int c;
-
-		for (i = 0; i < strlen(cfg.secret); i += 2) {
-			if (sscanf(&cfg.secret[i], "%02x", &c) != 1) {
-				nvme_show_error("Invalid secret '%s'", cfg.secret);
-				return -EINVAL;
-			}
-			raw_secret[secret_len++] = (unsigned char)c;
-		}
-		if (secret_len != cfg.key_len) {
-			nvme_show_error("Invalid key length (%d bytes)", secret_len);
-			return -EINVAL;
-		}
-	}
+	err = nvme_create_raw_secret(ctx, cfg.secret, cfg.key_len, &raw_secret);
+	if (err)
+		return err;
 
 	if (!cfg.nqn) {
 		cfg.nqn = hnqn = nvme_read_hostnqn();
@@ -9950,32 +9906,9 @@ static int gen_tls_key(int argc, char **argv, struct command *acmd, struct plugi
 		return -ENOMEM;
 	}
 
-	raw_secret = malloc(key_len + 4);
-	if (!raw_secret)
-		return -ENOMEM;
-	if (!cfg.secret) {
-		if (getrandom_bytes(raw_secret, key_len) < 0)
-			return -errno;
-	} else {
-		int secret_len = 0, i;
-		unsigned int c;
-
-		for (i = 0; i < strlen(cfg.secret); i += 2) {
-			if (sscanf(&cfg.secret[i], "%02x", &c) != 1) {
-				nvme_show_error("Invalid secret '%s'", cfg.secret);
-				return -EINVAL;
-			}
-			if (i >= key_len * 2) {
-				fprintf(stderr, "Skipping excess secret bytes\n");
-				break;
-			}
-			raw_secret[secret_len++] = (unsigned char)c;
-		}
-		if (secret_len != key_len) {
-			nvme_show_error("Invalid key length (%d bytes)", secret_len);
-			return -EINVAL;
-		}
-	}
+	err = nvme_create_raw_secret(ctx, cfg.secret, key_len, &raw_secret);
+	if (err)
+		return err;
 
 	err = nvme_export_tls_key(ctx, raw_secret, key_len, &encoded_key);
 	if (err) {