Received: by 2002:a05:6a11:4021:0:0:0:0 with SMTP id ky33csp4610650pxb; Mon, 27 Sep 2021 23:05:47 -0700 (PDT) X-Google-Smtp-Source: ABdhPJys9CZQkykJz9sLnut+qo6CzSdjUkmK/vy0pk4jCqgBuKUjsc+RkL0cNTrMP5/rF/Bk8MKN X-Received: by 2002:aa7:9851:0:b0:44b:a36d:e0a2 with SMTP id n17-20020aa79851000000b0044ba36de0a2mr572327pfq.1.1632809147406; Mon, 27 Sep 2021 23:05:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1632809147; cv=none; d=google.com; s=arc-20160816; b=DDmhPuPO58p/MUUuwG17ujgMvdkWyF8wLKUuOSQ1e7dwRQJiu36f75CE86Y7y1z3WS zLuSE4GXWi0ApyBmfpgEq7mSpCK4U4nWvh6Sj1aLobLvXGrkhMfze2WEWt2eQWMYbUum 4xE6zdrsjAlQLQYaakk4NSr+UeRPYddedVzkgdVgMpQMLoLJhnhT9fYPQQkcwm+nnZ3S /MydofXkajwSUODjBAs0loJ8Z1NB+ygsuAwNWfR2MUJ0SuzjoaHcWKARCMT6458kc7O7 PGXe9WH4ROZbpn5eWnCX39EbK0ppnRZ5VqjDo0h2wLEMJQbURvcxPUg+LoB/5cy4CHC2 R59A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature:dkim-signature; bh=y7wWcq2bCho1TOihoMwqKabWvWMzlR1Tm9w3HJidScg=; b=aCEjhEVC4BSFOCpEAt7qg2TJZERRBp9byvg+j4dFcJFXtwmjhEJVTpow2hMX3Va71T yD9W1SP+FEYd9fhreZqdE61lIugPZ2Gi/YK3ZM/lFFzIiEc5mNkPvC3+LpiJA1MLeqml HcW3K4US52I6TOYMR1B7t5EsDYnF6NMoicdTBbyufjMBJEftfOC+xTuyPUr/E42V6jPi g5agBtL5XALOjD9ftFA4HNzaUSLAlUsrCpF2WPnoZyiZ7IDl+VVAuwqxKkRrriiDHCQL CsFE8NJbGqijb66/RE9qjjaB8Kn0GVD88Uko2eUWOJP9wYeqYrWc7caLrYHomlpLWjvp PXfQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=tkZ9Vdpe; dkim=neutral (no key) header.i=@suse.de header.s=susede2_ed25519 header.b=G+7DT22F; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id j1si22374019plt.92.2021.09.27.23.05.04; Mon, 27 Sep 2021 23:05:47 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=tkZ9Vdpe; dkim=neutral (no key) header.i=@suse.de header.s=susede2_ed25519 header.b=G+7DT22F; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238935AbhI1GGi (ORCPT + 99 others); Tue, 28 Sep 2021 02:06:38 -0400 Received: from smtp-out2.suse.de ([195.135.220.29]:45344 "EHLO smtp-out2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239512AbhI1GFr (ORCPT ); Tue, 28 Sep 2021 02:05:47 -0400 Received: from relay1.suse.de (relay1.suse.de [149.44.160.133]) by smtp-out2.suse.de (Postfix) with ESMTP id C2F3C201BB; Tue, 28 Sep 2021 06:04:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1632809047; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=y7wWcq2bCho1TOihoMwqKabWvWMzlR1Tm9w3HJidScg=; b=tkZ9Vdpeg5gPPOmSZvwBo0zW72RVa+9AoKLxMFxb4WThtnhLwlzki8Lm8U7D7dccnWOO5U jwPWoLhs27oXueFdE9MtXyFQxU81wZFggB6vLxilhJAbGX9KXPW70dEHDezq2hUs325Ckn 5V6vGoSKdGFkk7XgaN/7MJ0y0W2xpOQ= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1632809047; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=y7wWcq2bCho1TOihoMwqKabWvWMzlR1Tm9w3HJidScg=; b=G+7DT22F0MMxC1YwsrF1j51CHpTL7c4khnlDxyEkotmBpNvEUBI1WH1pj1ngkwFEbBmGzP 4bDH1pNMcp+SLyAA== Received: from adalid.arch.suse.de (adalid.arch.suse.de [10.161.8.13]) by relay1.suse.de (Postfix) with ESMTP id 7DCD925E63; Tue, 28 Sep 2021 06:04:06 +0000 (UTC) Received: by adalid.arch.suse.de (Postfix, from userid 16045) id 3C08A518EE1E; Tue, 28 Sep 2021 08:04:06 +0200 (CEST) From: Hannes Reinecke To: Sagi Grimberg Cc: Christoph Hellwig , Keith Busch , Herbert Xu , "David S . Miller" , linux-nvme@lists.infradead.org, linux-crypto@vger.kernel.org, Hannes Reinecke Subject: [PATCHv4 00/12] nvme: In-band authentication support Date: Tue, 28 Sep 2021 08:03:44 +0200 Message-Id: <20210928060356.27338-1-hare@suse.de> X-Mailer: git-send-email 2.29.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Hi all, recent updates to the NVMe spec have added definitions for in-band authentication, and seeing that it provides some real benefit especially for NVMe-TCP here's an attempt to implement it. Tricky bit here is that the specification orients itself on TLS 1.3, but supports only the FFDHE groups. Which of course the kernel doesn't support. I've been able to come up with a patch for this, but as this is my first attempt to fix anything in the crypto area I would invite people more familiar with these matters to have a look. Also note that this is just for in-band authentication. Secure concatenation (ie starting TLS with the negotiated parameters) is not implemented; one would need to update the kernel TLS implementation for this, which at this time is beyond scope. As usual, comments and reviews are welcome. Changes to v3: - Renamed parameter to 'dhchap_ctrl_key' - Fixed bi-directional authentication - Included reviews from Sagi - Fixed base64 algorithm for transport encoding Changes to v2: - Dropped non-standard algorithms - Reworked base64 based on fs/crypto/fname.c - Fixup crash with no keys Changes to the original submission: - Included reviews from Vladislav - Included reviews from Sagi - Implemented re-authentication support - Fixed up key handling Hannes Reinecke (12): crypto: add crypto_has_shash() crypto: add crypto_has_kpp() crypto/ffdhe: Finite Field DH Ephemeral Parameters lib/base64: RFC4648-compliant base64 encoding nvme: add definitions for NVMe In-Band authentication nvme-fabrics: decode 'authentication required' connect error nvme: Implement In-Band authentication nvme-auth: Diffie-Hellman key exchange support nvmet: Parse fabrics commands on all queues nvmet: Implement basic In-Band Authentication nvmet-auth: Diffie-Hellman key exchange support nvmet-auth: expire authentication sessions crypto/Kconfig | 8 + crypto/Makefile | 1 + crypto/ffdhe_helper.c | 880 ++++++++++++++ crypto/kpp.c | 6 + crypto/shash.c | 6 + drivers/nvme/host/Kconfig | 12 + drivers/nvme/host/Makefile | 1 + drivers/nvme/host/auth.c | 1501 ++++++++++++++++++++++++ drivers/nvme/host/auth.h | 33 + drivers/nvme/host/core.c | 126 +- drivers/nvme/host/fabrics.c | 85 +- drivers/nvme/host/fabrics.h | 7 + drivers/nvme/host/nvme.h | 33 + drivers/nvme/host/trace.c | 32 + drivers/nvme/target/Kconfig | 12 + drivers/nvme/target/Makefile | 1 + drivers/nvme/target/admin-cmd.c | 4 + drivers/nvme/target/auth.c | 486 ++++++++ drivers/nvme/target/configfs.c | 133 ++- drivers/nvme/target/core.c | 10 + drivers/nvme/target/fabrics-cmd-auth.c | 507 ++++++++ drivers/nvme/target/fabrics-cmd.c | 30 +- drivers/nvme/target/nvmet.h | 74 ++ include/crypto/ffdhe.h | 24 + include/crypto/hash.h | 2 + include/crypto/kpp.h | 2 + include/linux/base64.h | 16 + include/linux/nvme.h | 186 ++- lib/Makefile | 2 +- lib/base64.c | 100 ++ 30 files changed, 4309 insertions(+), 11 deletions(-) create mode 100644 crypto/ffdhe_helper.c create mode 100644 drivers/nvme/host/auth.c create mode 100644 drivers/nvme/host/auth.h create mode 100644 drivers/nvme/target/auth.c create mode 100644 drivers/nvme/target/fabrics-cmd-auth.c create mode 100644 include/crypto/ffdhe.h create mode 100644 include/linux/base64.h create mode 100644 lib/base64.c -- 2.29.2