Received: by 2002:a05:6a10:c604:0:0:0:0 with SMTP id y4csp3599681pxt; Tue, 10 Aug 2021 07:14:10 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzn4Y1vYDA86P4jzx5S23+MJBsz4+HVpvPA5t9lfCQfvgh/Ct5PCUfoSEqzLVX8oGVCtp8a X-Received: by 2002:aa7:d296:: with SMTP id w22mr5223901edq.170.1628604850680; Tue, 10 Aug 2021 07:14:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1628604850; cv=none; d=google.com; s=arc-20160816; b=Yslq9XULJfm75NJVPGDPhOJyhi83nlCotO1o7pHQOV252fKvQATv+XfO8P4yZsVqtl cTtu3XhaRGhXknIV9S1XIdbN9Ri3U7I0559CgEcbAH36Wkzk8xgypRDKO72vOIqLIxOC v71qwht/9hYDSamKtFohj7w9h0g6hz9h7PrDdCnD7CCY2YsSO57Mr/inkGMjOGxMBWPY wid+AO2dAxBc+/IO1QXYLwVftmXQIYB16JFP9KRTZbRrb13npah0VcAXFPDuP7Juzutc i9+wZhsMUZIewpaZMo+ICI1LOg8kKr9NhamHzRxxwReQJrEx/CPjl8cTyXj2mzy+aiFj f4rQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature:dkim-signature; bh=7TVDZAujBf7sFXgpvFDzO1aGEdIfIwzMjsRhQOMUQwo=; b=qgX2vqjeY7w8txnjsCOVq/DWXHE3OrjoDe98Mi8Ti1ZZMy8AKv7XUZmqA5l9eJd63o 9C6WfEtNdjP2F0nVtIIjxZ2NR6dit7vtxJNCfEbpQdwN8ZYDkYs9pDgQj5jtUhTA8cuN zeVnXOIDbZGrPsxEXKi1lfs0fyAb74zPoIC8zZwrWNMGWHhFy3aGDyl3ao8smh+YLiiy Ri+jvPwCyCTxmHEHn7vSFsDLqMuzJYdScQMWw4vGQuI0aIX5EesJvBmwew4jmUnHTLve SwL2l5Vjr9ph8lUkPBhrrp5a+Bd8ANk8LRaz+3OUAl1YvZD0SRPtfvbM33KSyWDcUSo8 Ixrw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=eH5whLwp; dkim=neutral (no key) header.i=@suse.de; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id nd19si16029228ejc.48.2021.08.10.07.13.38; Tue, 10 Aug 2021 07:14:10 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=eH5whLwp; dkim=neutral (no key) header.i=@suse.de; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239115AbhHJMnQ (ORCPT + 99 others); Tue, 10 Aug 2021 08:43:16 -0400 Received: from smtp-out1.suse.de ([195.135.220.28]:40758 "EHLO smtp-out1.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240713AbhHJMnP (ORCPT ); Tue, 10 Aug 2021 08:43:15 -0400 Received: from relay2.suse.de (relay2.suse.de [149.44.160.134]) by smtp-out1.suse.de (Postfix) with ESMTP id 1C0562205B; Tue, 10 Aug 2021 12:42:52 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1628599372; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=7TVDZAujBf7sFXgpvFDzO1aGEdIfIwzMjsRhQOMUQwo=; b=eH5whLwpBBtkeVGA5erzBsS4CVSDqYbCLEhgMQ1QThRwz+h17KYCkOBQyc7pr/AclHaNfz xqwyHKpqLwRWky7gsxXByFojp7xUC+MZJ5OIezyY0I2oDKNEln1SP4n9iTagR79cxsrYJ8 rXZ9fHg91MMKcUKSsu0+f/GWQoiri+w= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1628599372; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=7TVDZAujBf7sFXgpvFDzO1aGEdIfIwzMjsRhQOMUQwo=; b=eAC0vzIta0tLf0R2qApvcnMGvTYMa5/NnAC4UbEdBOLdzGJV4i7ywFusl/2ocQgo/W2Xfs d97U/KD0xEXsVWDA== Received: from adalid.arch.suse.de (adalid.arch.suse.de [10.161.8.13]) by relay2.suse.de (Postfix) with ESMTP id 9B006A3B8C; Tue, 10 Aug 2021 12:42:50 +0000 (UTC) Received: by adalid.arch.suse.de (Postfix, from userid 16045) id 50C32518C540; Tue, 10 Aug 2021 14:42:50 +0200 (CEST) From: Hannes Reinecke To: Christoph Hellwig Cc: Sagi Grimberg , Keith Busch , Herbert Xu , "David S . Miller" , linux-nvme@lists.infradead.org, linux-crypto@vger.kernel.org, Hannes Reinecke Subject: [PATCHv2 00/13] nvme: In-band authentication support Date: Tue, 10 Aug 2021 14:42:17 +0200 Message-Id: <20210810124230.12161-1-hare@suse.de> X-Mailer: git-send-email 2.29.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Hi all, recent updates to the NVMe spec have added definitions for in-band authentication, and seeing that it provides some real benefit especially for NVMe-TCP here's an attempt to implement it. Tricky bit here is that the specification orients itself on TLS 1.3, but supports only the FFDHE groups. Which of course the kernel doesn't support. I've been able to come up with a patch for this, but as this is my first attempt to fix anything in the crypto area I would invite people more familiar with these matters to have a look. Also note that this is just for in-band authentication. Secure concatenation (ie starting TLS with the negotiated parameters) is not implemented; one would need to update the kernel TLS implementation for this, which at this time is beyond scope. As usual, comments and reviews are welcome. Changes to the original submission: - Included reviews from Vladislav - Included reviews from Sagi - Implemented re-authentication support - Fixed up key handling Hannes Reinecke (13): crypto: add crypto_has_shash() crypto: add crypto_has_kpp() crypto/ffdhe: Finite Field DH Ephemeral Parameters lib/base64: RFC4648-compliant base64 encoding nvme: add definitions for NVMe In-Band authentication nvme-fabrics: decode 'authentication required' connect error nvme: Implement In-Band authentication nvme-auth: Diffie-Hellman key exchange support nvmet: Parse fabrics commands on all queues nvmet: Implement basic In-Band Authentication nvmet-auth: Diffie-Hellman key exchange support nvmet-auth: expire authentication sessions nvme: add non-standard ECDH and curve25517 algorithms crypto/Kconfig | 8 + crypto/Makefile | 1 + crypto/ffdhe_helper.c | 880 ++++++++++++++ crypto/kpp.c | 6 + crypto/shash.c | 6 + drivers/nvme/host/Kconfig | 12 + drivers/nvme/host/Makefile | 1 + drivers/nvme/host/auth.c | 1470 ++++++++++++++++++++++++ drivers/nvme/host/auth.h | 33 + drivers/nvme/host/core.c | 79 +- drivers/nvme/host/fabrics.c | 77 +- drivers/nvme/host/fabrics.h | 6 + drivers/nvme/host/nvme.h | 30 + drivers/nvme/host/trace.c | 32 + drivers/nvme/target/Kconfig | 10 + drivers/nvme/target/Makefile | 1 + drivers/nvme/target/admin-cmd.c | 4 + drivers/nvme/target/auth.c | 442 +++++++ drivers/nvme/target/configfs.c | 102 +- drivers/nvme/target/core.c | 10 + drivers/nvme/target/fabrics-cmd-auth.c | 506 ++++++++ drivers/nvme/target/fabrics-cmd.c | 30 +- drivers/nvme/target/nvmet.h | 70 ++ include/crypto/ffdhe.h | 24 + include/crypto/hash.h | 2 + include/crypto/kpp.h | 2 + include/linux/base64.h | 16 + include/linux/nvme.h | 188 ++- lib/Makefile | 2 +- lib/base64.c | 115 ++ 30 files changed, 4154 insertions(+), 11 deletions(-) create mode 100644 crypto/ffdhe_helper.c create mode 100644 drivers/nvme/host/auth.c create mode 100644 drivers/nvme/host/auth.h create mode 100644 drivers/nvme/target/auth.c create mode 100644 drivers/nvme/target/fabrics-cmd-auth.c create mode 100644 include/crypto/ffdhe.h create mode 100644 include/linux/base64.h create mode 100644 lib/base64.c -- 2.29.2