From: Eric Biggers <ebiggers@kernel.org>
To: Hannes Reinecke <hare@kernel.org>
Cc: Christoph Hellwig <hch@lst.de>, Keith Busch <kbusch@kernel.org>,
Sagi Grimberg <sagi@grimberg.me>,
linux-crypto@vger.kernel.org, linux-nvme@lists.infradead.org
Subject: Re: [PATCH 8/9] nvmet-tcp: support secure channel concatenation
Date: Tue, 23 Jul 2024 01:48:54 +0000 [thread overview]
Message-ID: <20240723014854.GC2319848@google.com> (raw)
In-Reply-To: <20240722142122.128258-9-hare@kernel.org>
On Mon, Jul 22, 2024 at 04:21:21PM +0200, Hannes Reinecke wrote:
> + ret = nvme_auth_generate_digest(sq->ctrl->shash_id, psk, psk_len,
> + sq->ctrl->subsysnqn,
> + sq->ctrl->hostnqn, &digest);
> + if (ret) {
> + pr_warn("%s: ctrl %d qid %d failed to generate digest, error %d\n",
> + __func__, sq->ctrl->cntlid, sq->qid, ret);
> + goto out_free_psk;
> + }
> + ret = nvme_auth_derive_tls_psk(sq->ctrl->shash_id, psk, psk_len,
> + digest, &tls_psk);
> + if (ret) {
> + pr_warn("%s: ctrl %d qid %d failed to derive TLS PSK, error %d\n",
> + __func__, sq->ctrl->cntlid, sq->qid, ret);
> + goto out_free_digest;
> + }
This reuses 'psk' as both an HMAC key and as input keying material for HKDF.
It's *probably* still secure, but this violates cryptographic best practices in
that it reuses a key for multiple purposes. Is this a defect in the spec?
- Eric
next prev parent reply other threads:[~2024-07-23 1:48 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-07-22 14:21 [PATCHv8 0/9] nvme: implement secure concatenation Hannes Reinecke
2024-07-22 14:21 ` [PATCH 1/9] crypto,fs: Separate out hkdf_extract() and hkdf_expand() Hannes Reinecke
2024-07-23 1:36 ` Eric Biggers
2024-07-23 6:24 ` Hannes Reinecke
2024-07-22 14:21 ` [PATCH 2/9] nvme: add nvme_auth_generate_psk() Hannes Reinecke
2024-07-22 14:21 ` [PATCH 3/9] nvme: add nvme_auth_generate_digest() Hannes Reinecke
2024-07-22 14:21 ` [PATCH 4/9] nvme: add nvme_auth_derive_tls_psk() Hannes Reinecke
2024-07-23 1:47 ` Eric Biggers
2024-07-23 6:26 ` Hannes Reinecke
2024-07-22 14:21 ` [PATCH 5/9] nvme-keyring: add nvme_tls_psk_refresh() Hannes Reinecke
2024-07-23 1:54 ` Eric Biggers
2024-07-22 14:21 ` [PATCH 6/9] nvme-tcp: request secure channel concatenation Hannes Reinecke
2024-07-22 14:21 ` [PATCH 7/9] nvme-fabrics: reset admin connection for secure concatenation Hannes Reinecke
2024-07-22 14:21 ` [PATCH 8/9] nvmet-tcp: support secure channel concatenation Hannes Reinecke
2024-07-23 1:48 ` Eric Biggers [this message]
2024-07-25 11:50 ` Hannes Reinecke
2024-07-25 17:21 ` Eric Biggers
2024-07-26 6:17 ` Hannes Reinecke
2024-07-22 14:21 ` [PATCH 9/9] nvmet: add tls_concat and tls_key debugfs entries Hannes Reinecke
2024-07-22 22:28 ` [PATCHv8 0/9] nvme: implement secure concatenation Eric Biggers
2024-07-23 6:16 ` Hannes Reinecke
-- strict thread matches above, loose matches on Subject: below --
2024-08-13 11:15 [PATCHv9 " Hannes Reinecke
2024-08-13 11:15 ` [PATCH 8/9] nvmet-tcp: support secure channel concatenation Hannes Reinecke
2024-10-11 15:54 [PATCHv10 0/9] nvme: implement secure concatenation Hannes Reinecke
2024-10-11 15:54 ` [PATCH 8/9] nvmet-tcp: support secure channel concatenation Hannes Reinecke
2024-10-18 6:33 [PATCHv11 0/9] nvme: implement secure concatenaion Hannes Reinecke
2024-10-18 6:33 ` [PATCH 8/9] nvmet-tcp: support secure channel concatenation Hannes Reinecke
2024-10-20 21:13 ` Sagi Grimberg
2024-10-21 7:29 ` Hannes Reinecke
2024-10-21 7:36 ` Sagi Grimberg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240723014854.GC2319848@google.com \
--to=ebiggers@kernel.org \
--cc=hare@kernel.org \
--cc=hch@lst.de \
--cc=kbusch@kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-nvme@lists.infradead.org \
--cc=sagi@grimberg.me \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).