diff options
author | Mark O'Donovan <shiftee@posteo.net> | 2023-10-17 20:09:19 +0300 |
---|---|---|
committer | Keith Busch <kbusch@kernel.org> | 2023-10-17 23:57:55 +0300 |
commit | 32445526d836f827ea7e74ef933610b531d239df (patch) | |
tree | 2e8485dcf3570231e18463140e16a88c9c9ce3a3 | |
parent | f047daed179a451657d1e66b5fe4030a593a000c (diff) | |
download | linux-32445526d836f827ea7e74ef933610b531d239df.tar.xz |
nvme-auth: allow mixing of secret and hash lengths
We can now use any of the secret transformation hashes with a
secret, regardless of the secret size.
e.g. a 32 byte key with the SHA-512(64 byte) hash.
The example secret from the spec should now be permitted with
any of the following:
DHHC-1:00:ia6zGodOr4SEG0Zzaw398rpY0wqipUWj4jWjUh4HWUz6aQ2n:
DHHC-1:01:ia6zGodOr4SEG0Zzaw398rpY0wqipUWj4jWjUh4HWUz6aQ2n:
DHHC-1:02:ia6zGodOr4SEG0Zzaw398rpY0wqipUWj4jWjUh4HWUz6aQ2n:
DHHC-1:03:ia6zGodOr4SEG0Zzaw398rpY0wqipUWj4jWjUh4HWUz6aQ2n:
Note: Secrets are still restricted to 32,48 or 64 bits.
Co-developed-by: Akash Appaiah <Akash.Appaiah@dell.com>
Signed-off-by: Akash Appaiah <Akash.Appaiah@dell.com>
Signed-off-by: Mark O'Donovan <shiftee@posteo.net>
Reviewed-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: Keith Busch <kbusch@kernel.org>
-rw-r--r-- | drivers/nvme/common/auth.c | 8 |
1 files changed, 0 insertions, 8 deletions
diff --git a/drivers/nvme/common/auth.c b/drivers/nvme/common/auth.c index f954aeb647a5..a8e87dfbeab2 100644 --- a/drivers/nvme/common/auth.c +++ b/drivers/nvme/common/auth.c @@ -190,14 +190,6 @@ struct nvme_dhchap_key *nvme_auth_extract_key(unsigned char *secret, goto out_free_secret; } - if (key_hash > 0 && - (key_len - 4) != nvme_auth_hmac_hash_len(key_hash)) { - pr_err("Mismatched key len %d for %s\n", key_len, - nvme_auth_hmac_name(key_hash)); - ret = -EINVAL; - goto out_free_secret; - } - /* The last four bytes is the CRC in little-endian format */ key_len -= 4; /* |