As per RFC 8446 (TLS 1.3) the HKDF-Expand-Label function is using vectors for the 'label' and 'context' field, but defines these vectors as a string prefixed with the string length (in binary). The implementation in nvme is missing the length prefix which was causing interoperability issues with spec-conformant implementations. This patchset adds a function 'hkdf_expand_label()' to correctly implement the HKDF-Expand-Label functionality and modifies the nvme driver to utilize this function instead of the open-coded implementation. As usual, comments and reviews are welcome. Changes from v1: - Moved hkdf_expand_label() from crypto/hkdf.c to nvme/common/auth.c. It's not really an RFC 5869 HKDF function, it's defined for TLS but currently only used by nvme in-kernel. - Fixed kdoc label_len -> labellen - Replaced "static const char []" with "const char *", it's just clearer and generates the same code with a string literal assignment. (I've left the crypto emails on this version, mostly to make it known that hkdf_expand_label() has been moved as Eric asked.) Chris Leech (2): nvme-auth: add hkdf_expand_label() nvme-auth: use hkdf_expand_label() drivers/nvme/common/auth.c | 86 +++++++++++++++++++++++++++++--------- 1 file changed, 66 insertions(+), 20 deletions(-) -- 2.50.1
