Received: by 2002:a05:7412:d8a:b0:e2:908c:2ebd with SMTP id b10csp2805314rdg;
        Mon, 16 Oct 2023 16:00:44 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IFC0RdqOZmbmaps7kptSKCTYanYPaykXE66cfzUbbEC46e+r6bc52/k2ti+3ZDgtYnXeGuV
X-Received: by 2002:a05:6e02:1c0b:b0:357:49f1:96a9 with SMTP id l11-20020a056e021c0b00b0035749f196a9mr830080ilh.26.1697497243830;
        Mon, 16 Oct 2023 16:00:43 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1697497243; cv=none;
        d=google.com; s=arc-20160816;
        b=XmunKx4cJPTxHY9lAtzQf/b8UuRrCqa9llOm+nmP5uCJRejJYrYZhLnhrp50E2boqW
         1vcWjwDfi5j0F8dt3hHP1HUq3m5OnlVLUDSltT7obFdNrUfFgiV7f6Rm83POekTvOH1h
         uLX0jWw4zz6Z0sfhaudxIa+V56QjABrMWioTfFHa27bAFvbOtB2U78UGFYdcn9hk/VuH
         a9tqqTmenFeP7yluefEKixbnUAMuo33zww7mjsltPST/StgjyNdT3j2C0CO4uxUSrLeV
         pPEuSRPuac4hw1NFGaBNn5ngRFksRxBMH7BlUZ2Q3V+ureD0xp81UAxyLJN5u4A2nQbi
         zeUg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :message-id:date:subject:cc:to:from:dkim-signature;
        bh=QZD6lVcxYxA9BVfi+MXOuA9u1vCnrZMcBnWGmwFzWk4=;
        fh=nK/B2gIzvYPsKU0sJgdKEVdz5eoE00hHt727sEimwsQ=;
        b=Wxp2hitbp7NkwKxcyxlhehFQXEdT+OPCKJ+OSs7BQHoWXjgmEVA4sxLVV3rdfK1OOz
         lzgHek+eBH3R/SWADWT52wZDTt2iQnldRssLObTQ2hKTFkaupUG6ffFR3A8P9qQ8tj2U
         gEnDM6ovC+JD6SdaOZ3RnUBfMETg1GSzzMjKdPIfXxeC0rfTzsNqO8AFqIhNwfnyBc20
         Wg+Zek1NcT4uPgDHbgRoHo1paDOM7VIHOHYa9HJgmUShD4g5W/hTQgoxw4QZufjU4DJO
         ZswzklrY1c5Mvob/lD+LsRE35WXaZnbwJxrbFATR427rFNEcfWQlYiBx/ahbLYQ00Y/V
         eg0A==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@posteo.net header.s=2017 header.b="iZQez9/k";
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.34 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=posteo.net
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from howler.vger.email (howler.vger.email. [23.128.96.34])
        by mx.google.com with ESMTPS id a22-20020a637f16000000b0057751b7788esi335941pgd.488.2023.10.16.16.00.43
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 16 Oct 2023 16:00:43 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.34 as permitted sender) client-ip=23.128.96.34;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@posteo.net header.s=2017 header.b="iZQez9/k";
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.34 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=posteo.net
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by howler.vger.email (Postfix) with ESMTP id 059C4806E152;
	Mon, 16 Oct 2023 16:00:14 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at howler.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S233567AbjJPW77 (ORCPT <rfc822;0xff07.lkml@gmail.com>
        + 99 others); Mon, 16 Oct 2023 18:59:59 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50642 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S232172AbjJPW77 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 16 Oct 2023 18:59:59 -0400
Received: from mout02.posteo.de (mout02.posteo.de [185.67.36.66])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E305583
        for <linux-kernel@vger.kernel.org>; Mon, 16 Oct 2023 15:59:56 -0700 (PDT)
Received: from submission (posteo.de [185.67.36.169]) 
        by mout02.posteo.de (Postfix) with ESMTPS id 94CFE240101
        for <linux-kernel@vger.kernel.org>; Tue, 17 Oct 2023 00:59:54 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=posteo.net; s=2017;
        t=1697497194; bh=ax3OYaNyzb/CAjT3t3j/wT9jnoQetJ33Pay44iGgCeE=;
        h=From:To:Cc:Subject:Date:Message-Id:MIME-Version:
         Content-Transfer-Encoding:From;
        b=iZQez9/kHdocquhh+VWzKq4hdZhsG/hdSrJjWmQi/dMkECPQNjUa4OiztJ9p7ExXJ
         9Ky74IjH4yBdEKDoGX21yHPqHTX7vCrGzyC6hOR4aOkEjlrQcY3OyYyPZAxr1St7iA
         m7pFvRl4o+6keb0xszrwjzAj4ytZO7p7gCchA7pBd4NAgIBIfiOizV5si+iMLdga+I
         xkd7emQMJQ/lPFum2ArFhjq9vkRgLx/HQrScknw33hZ97bw+WvMAp4H5zRRZFC7d3D
         zjEdCVIzHNbV24xrIi1+mSvAyGgiRexqADcTwWnyGzRPB7u46pHTogmd4gKuATMnZK
         Hpugqn3m5hHiA==
Received: from customer (localhost [127.0.0.1])
        by submission (posteo.de) with ESMTPSA id 4S8Xcl6Mlbz9rxK;
        Tue, 17 Oct 2023 00:59:51 +0200 (CEST)
From:   Mark O'Donovan <shiftee@posteo.net>
To:     linux-kernel@vger.kernel.org
Cc:     linux-nvme@lists.infradead.org, sagi@grimberg.me, hch@lst.de,
        axboe@kernel.dk, kbusch@kernel.org, hare@suse.de,
        Mark O'Donovan <shiftee@posteo.net>
Subject: [PATCH v3 0/3] Remove secret-size restrictions for hashes
Date:   Mon, 16 Oct 2023 22:58:54 +0000
Message-Id: <20231016225857.3085234-1-shiftee@posteo.net>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,
	SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no
	version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on howler.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (howler.vger.email [0.0.0.0]); Mon, 16 Oct 2023 16:00:14 -0700 (PDT)

This relates to the hash functions used to transform the secret.
The kernel currently restricts us to using secrets equal in size
to the transformation hash function they use.
e.g. 32 byte secrets with the SHA-256(32 byte) hash function.

This restriction is not required by the spec and means
incompatibility with more permissive implementations.

With these patches the example secret from the spec should now
be permitted with any of the following:
DHHC-1:00:ia6zGodOr4SEG0Zzaw398rpY0wqipUWj4jWjUh4HWUz6aQ2n:
DHHC-1:01:ia6zGodOr4SEG0Zzaw398rpY0wqipUWj4jWjUh4HWUz6aQ2n:
DHHC-1:02:ia6zGodOr4SEG0Zzaw398rpY0wqipUWj4jWjUh4HWUz6aQ2n:
DHHC-1:03:ia6zGodOr4SEG0Zzaw398rpY0wqipUWj4jWjUh4HWUz6aQ2n:

Note: Secrets are still restricted to 32,48 or 64 bits.

v1:
- Initial submission

v2:
- Added transformed_len as member of struct nvme_dhchap_key

v3:
- Return a struct nvme_dhchap_key from nvme_auth_transform_key()

Mark O'Donovan (3):
  nvme-auth: alloc nvme_dhchap_key as single buffer
  nvme-auth: use transformed key size to create resp
  nvme-auth: allow mixing of secret and hash lengths

 drivers/nvme/common/auth.c | 52 ++++++++++++++++++--------------------
 drivers/nvme/host/auth.c   | 30 +++++++++++-----------
 drivers/nvme/target/auth.c | 30 ++++++++++++----------
 include/linux/nvme-auth.h  |  5 ++--
 4 files changed, 59 insertions(+), 58 deletions(-)

-- 
2.39.2