Adding upstream version 2.7.1.
Signed-off-by: Daniel Baumann <daniel@debian.org>
This commit is contained in:
parent
83f51a6dde
commit
e08cb5ae68
GPG key ID:
FBB4F0E80A80222F
663 changed files with 15529 additions and 6994 deletions
|
|
@ -9,24 +9,29 @@ SYNOPSIS
|
|||
--------
|
||||
[verse]
|
||||
'nvme gen-tls-key' [--keyring=<name> | -k <name>]
|
||||
[--keytype=<type> | -t <type> ]
|
||||
[--hostnqn=<nqn> | -n <nqn>]
|
||||
[--subsysnqn=<nqn> | -c <nqn>]
|
||||
[--hmac=<hmac-id> | -h <hmac-id>]
|
||||
[--secret=<secret> | -s <secret> ]
|
||||
[--insert | -i ]
|
||||
[--keytype=<type> | -t <type>]
|
||||
[--hostnqn=<nqn> | -n <nqn>]
|
||||
[--subsysnqn=<nqn> | -c <nqn>]
|
||||
[--hmac=<hmac-id> | -h <hmac-id>]
|
||||
[--identity=<id-vers> | -I <id-vers>]
|
||||
[--secret=<secret> | -s <secret>]
|
||||
[--insert | -i]
|
||||
[--output-format=<fmt> | -o <fmt>] [--verbose | -v]
|
||||
|
||||
DESCRIPTION
|
||||
-----------
|
||||
Generate a base64-encoded NVMe TLS pre-shared key (PSK).
|
||||
The resulting key is either printed in the PSK interchange format
|
||||
'NVMeTLSkey-1:01:<base64 encoded data>:',
|
||||
inserted as a 'retained' key into the specified keyring, or both.
|
||||
'NVMeTLSkey-1:01:<base64 encoded data>:' or inserted as a
|
||||
'retained' key into the specified keyring if the '--insert' option
|
||||
is given.
|
||||
When the PSK should be inserted into the keyring a 'retained' key
|
||||
is derived from the secret key material, and the resulting 'retained'
|
||||
is derived from the secret key material. The resulting 'retained'
|
||||
key is stored with the identity
|
||||
'NVMe0R0<hmac> <host NQN> <subsystem NQN>'
|
||||
in the keyring.
|
||||
(for identity version '0') or
|
||||
'NVMe1R0<hmac> <host NQN> <subsystem NQN> <PSK hash>'
|
||||
(for identity version '1') in the keyring.
|
||||
The 'retained' key is derived from the secret key material,
|
||||
the specified subsystem NQN, and the host NQN.
|
||||
Once the 'retained' key is stored in the keyring the original
|
||||
|
|
@ -60,6 +65,12 @@ OPTIONS
|
|||
1 - SHA-256 (default)
|
||||
2 - SHA-384
|
||||
|
||||
-I <vers>::
|
||||
--identity=<id-vers>::
|
||||
Select the TLS identity to use. Possible values are:
|
||||
0 - Original NVMe TLS 1.0c identity
|
||||
1 - NVMe TLS 2.0 (TP8018) identity
|
||||
|
||||
-s <secret>::
|
||||
--secret=<secret>::
|
||||
Secret value (in hexadecimal) to be used for the key. If none are
|
||||
|
|
@ -70,6 +81,15 @@ OPTIONS
|
|||
Insert the resulting TLS key into the keyring without printing out
|
||||
the key in PSK interchange format.
|
||||
|
||||
-o <fmt>::
|
||||
--output-format=<fmt>::
|
||||
Set the reporting format to 'normal', 'json' or 'binary'. Only one
|
||||
output format can be used at a time.
|
||||
|
||||
-v::
|
||||
--verbose::
|
||||
Increase the information detail in the output.
|
||||
|
||||
EXAMPLES
|
||||
--------
|
||||
No Examples
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue