The SetGroupPresharedKey method allows a management application to configure an initiator HBA to use the indicated preshared key whenever a key is required but no key is currently associated with the identifier (ID) for a session
When an initiator uses a preshared key in a key exchange, it associates the key with an identifier for the initiator and passes the identifier and its associated key to the target in the data portion of an identification packet (also known as the identification payload). The initiator passes the identifier and its associated key during phase 1 of an aggressive or main-mode Internet key exchange (IKE), as described in RFC 2407. 标识有效负载允许目标以安全的方式标识发起程序,并选择适合与该特定发起程序的连接的安全策略。
The SetGroupPresharedKey method configures an initiator to use the default preshared key for identifiers that are not already associated with a key. To establish an explicit association between a key and a particular initiator identifier, a management application must call the SetPresharedKeyForId method. 如果标识符和键之间存在显式关联,则关联优先于默认键的键。
After the SetGroupPresharedKey method specifies the default key, the initiator should store this key in nonvolatile storage if nonvolatile storage is available. 但是,发起程序还应将密钥保留在工作内存中,以便在 IKE 阶段 1 协商期间快速可用。 这提高了密钥交换的效率。
SetGroupPresharedKey belongs to the unpublished MSiSCSI_SecurityConfigOperations WMI class. For a description of the parameters of the SetGroupPresharedKey method, see the member descriptions for the SetGroupPresharedKey_IN and SetGroupPresharedKey_OUT structures.
Miniport drivers that implement the MSiSCSI_SecurityConfigOperations WMI class must support SetGroupPresharedKey.