Received: by 2002:a05:7412:d8a:b0:e2:908c:2ebd with SMTP id b10csp3299799rdg;
        Tue, 17 Oct 2023 10:10:04 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IFXeUeUf9Hgct8p9Vi7AMWnCD6Gm6J5toNFXCHzeqFJe1hd3/pAoBk7aGm9hMD85RZLOlGP
X-Received: by 2002:a05:6870:8a14:b0:1ba:cc77:1d81 with SMTP id p20-20020a0568708a1400b001bacc771d81mr2655803oaq.46.1697562604294;
        Tue, 17 Oct 2023 10:10:04 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1697562604; cv=none;
        d=google.com; s=arc-20160816;
        b=SzQ2HwEMVVUbpXU775GwihGEFob4uUOmhEEhe0vQlembsfsUSJKZIfcssoO8twWqlu
         931XFVfvAh6eqkOG0xzSEVkmz59sW0Zb/YjTR+zkPuBpM8X7B9hjcgZ5TZ7EWeWrzNQE
         1AeIsg0OZmiN8SxyWoQfOgJrNSR4iRMb9NaAz2GhBR3TTyXdN2W8Z1konJVyHs30CciO
         2rYze9g/xhOBMc9V2XulUYb1BJXqgbCc5QhrAaJRavBtmDDgWFkThPVkZKFey7oexz8Q
         DUcDh4yHjg+nIeSQkYReSwVJQlXiLxkoAs4ji3jONFIyzwT4K1qyGdJ9nL+FRduCXSN1
         lwaw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :message-id:date:subject:cc:to:from:dkim-signature;
        bh=Rw5yrnw5vfwiQI7TlmbzXdImcMob6nX5Hn71Zy5uSAQ=;
        fh=nK/B2gIzvYPsKU0sJgdKEVdz5eoE00hHt727sEimwsQ=;
        b=FgeN/RveQ5ZbQgJRpzDRwR3qViGn2jz/TUYtW5cHCPYmn1XdRCqhqCfETWh4/4vjSS
         hA76UfjIxAjFMI0UhHtjq5K+ZWDg05qMZ6eW9LOWbaRnk5JTWZNR2ATd6+DwOBC9L4Nb
         dsDc37k/03Zr//Z+vD+9WNk4umQDbBB/CwQVgXiaN0HnTpLs+1lTh/3BErQ5KLmZjTRi
         XIF2q2R8MMo1y2JgrLo9G5oYWOmPn5WZ6HmZkSVl6VpgcVCrv9BfyxJKf2gNzwGv5bXW
         Dp9+o5dbxAVIRFh+R8VBsp1gAXoMMEmRCjHgcRQyL1AldONHAjlnocUqlvR0w5ddu7qe
         B7HA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@posteo.net header.s=2017 header.b=amnelQWD;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.36 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=posteo.net
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from pete.vger.email (pete.vger.email. [23.128.96.36])
        by mx.google.com with ESMTPS id k26-20020a637b5a000000b005b1445aad18si178766pgn.285.2023.10.17.10.10.03
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 17 Oct 2023 10:10:04 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.36 as permitted sender) client-ip=23.128.96.36;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@posteo.net header.s=2017 header.b=amnelQWD;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.36 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=posteo.net
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by pete.vger.email (Postfix) with ESMTP id 3A49280292A6;
	Tue, 17 Oct 2023 10:09:58 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at pete.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1343900AbjJQRJm (ORCPT <rfc822;tarbal@gmail.com> + 99 others);
        Tue, 17 Oct 2023 13:09:42 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56664 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1343863AbjJQRJk (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 17 Oct 2023 13:09:40 -0400
Received: from mout02.posteo.de (mout02.posteo.de [185.67.36.66])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 70A3BB0
        for <linux-kernel@vger.kernel.org>; Tue, 17 Oct 2023 10:09:38 -0700 (PDT)
Received: from submission (posteo.de [185.67.36.169]) 
        by mout02.posteo.de (Postfix) with ESMTPS id 147BB240101
        for <linux-kernel@vger.kernel.org>; Tue, 17 Oct 2023 19:09:36 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=posteo.net; s=2017;
        t=1697562576; bh=rlnHe0oU2ussQlwYxHpMoHyDbTunIDkyFCYAe1fYEf4=;
        h=From:To:Cc:Subject:Date:Message-Id:MIME-Version:
         Content-Transfer-Encoding:From;
        b=amnelQWDhpzqm4QS6Cc0ixV2zH5qDtADR7lfBvwPcUUtHfohhw0OIXJ35dk9WtMlm
         NqIUI/cz7tnrTTAn/U7lnhKgCeTN08vVc+6KMkY+BLYWaUcV74ZuaZvV5RBESxV7a1
         mJ5K93oJc1pSaMVGToHuq0iKeFFiauJ+LGwiKbiFOkX101kmOrCZnsW62eAGnFo/ra
         TCNrMSVrYwbtpjYTUoovLFzgVtC/6ps1w+bV7vPcKk9iR+YOyI3z2CnkxXnG2itMDt
         9QWCFerkmN843m8F9rwu016tCK4rPU+mbxbxAXOSy1F5S3dctkcVDrIHUwhOQ7fBvR
         CmMM10vD5djig==
Received: from customer (localhost [127.0.0.1])
        by submission (posteo.de) with ESMTPSA id 4S90p52DsNz9rxS;
        Tue, 17 Oct 2023 19:09:33 +0200 (CEST)
From:   Mark O'Donovan <shiftee@posteo.net>
To:     linux-kernel@vger.kernel.org
Cc:     linux-nvme@lists.infradead.org, sagi@grimberg.me, hch@lst.de,
        axboe@kernel.dk, kbusch@kernel.org, hare@suse.de,
        Mark O'Donovan <shiftee@posteo.net>
Subject: [PATCH v5 0/3] Remove secret-size restrictions for hashes
Date:   Tue, 17 Oct 2023 17:09:16 +0000
Message-Id: <20231017170919.30358-1-shiftee@posteo.net>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,
	SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no
	version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on pete.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (pete.vger.email [0.0.0.0]); Tue, 17 Oct 2023 10:09:58 -0700 (PDT)

This relates to the hash functions used to transform the secret.
The kernel currently restricts us to using secrets equal in size
to the transformation hash function they use.
e.g. 32 byte secrets with the SHA-256(32 byte) hash function.

This restriction is not required by the spec and means
incompatibility with more permissive implementations.

With these patches the example secret from the spec should now
be permitted with any of the following:
DHHC-1:00:ia6zGodOr4SEG0Zzaw398rpY0wqipUWj4jWjUh4HWUz6aQ2n:
DHHC-1:01:ia6zGodOr4SEG0Zzaw398rpY0wqipUWj4jWjUh4HWUz6aQ2n:
DHHC-1:02:ia6zGodOr4SEG0Zzaw398rpY0wqipUWj4jWjUh4HWUz6aQ2n:
DHHC-1:03:ia6zGodOr4SEG0Zzaw398rpY0wqipUWj4jWjUh4HWUz6aQ2n:

Note: Secrets are still restricted to 32,48 or 64 bits.

v1:
- Initial submission

v2:
- Added transformed_len as member of struct nvme_dhchap_key

v3:
- Return a struct nvme_dhchap_key from nvme_auth_transform_key()

v4:
- added helper to caclulate key struct size using struct_size()
- Break up lines which were too long
- Replace ternary operator with if
- Add missing ERR_CAST()

v5:
- Removed newly redundant check found by kernel test robot

Mark O'Donovan (3):
  nvme-auth: alloc nvme_dhchap_key as single buffer
  nvme-auth: use transformed key size to create resp
  nvme-auth: allow mixing of secret and hash lengths

 drivers/nvme/common/auth.c | 68 ++++++++++++++++++++++----------------
 drivers/nvme/host/auth.c   | 30 ++++++++---------
 drivers/nvme/target/auth.c | 31 +++++++++--------
 include/linux/nvme-auth.h  |  7 ++--
 4 files changed, 76 insertions(+), 60 deletions(-)

-- 
2.39.2