hsskey

package

v3.0.0-...-66753ca Latest Latest Go to latest Published: Mar 20, 2023 License: BSD-3-Clause Imports: 8 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Package hsskey provides functionality for generating a key for unlocking drives based on the following procedure:

Via BMC, read a 32-byte secret seed known as the Host Secret Seed (HSS) using the OpenBMC IPMI blob transfer protocol
Compute a password as follows: We get the deterministically computed 32-byte HDKF-SHA256 using: - salt: "SKM PROD_V2 ACCESS" (default) - hss: 32-byte HSS - device identity: strings formed by concatenating the assembly serial number, the _ character, and the assembly part number.

View Source

const (
	DefaultPasswordSalt = "SKM PROD_V2 ACCESS"
)

This section is empty.

func GenPassword(hss []byte, salt string, identifiers ...string) ([]byte, error)

GenPassword computes the password deterministically as the 32-byte HDKF-SHA256 of the HSS plus the device identity.

func GetAllHss(verbose bool, verboseDangerous bool) ([][]uint8, error)

GetAllHss reads all host secret seeds over IPMI.

This section is empty.