From: Hannes Reinecke <hare@xxxxxxxxxx> As per RFC 8446 (TLS 1.3) the HKDF-Expand-Label function is using vectors for the 'label' and 'context' field, but defines these vectors as a string prefixed with the string length (in binary). The implementation in nvme is missing the length prefix which was causing interoperability issues with spec-conformant implementations. This patchset adds a function 'hkdf_expand_label()' to correctly implement the HKDF-Expand-Label functionality and modifies the nvme driver to utilize this function instead of the open-coded implementation. As usual, comments and reviews are welcome. Chris Leech (1): crypto: hkdf: add hkdf_expand_label() Hannes Reinecke (1): nvme-auth: use hkdf_expand_label() crypto/hkdf.c | 55 ++++++++++++++++++++++++++++++++++++++ drivers/nvme/common/auth.c | 33 +++++++++-------------- include/crypto/hkdf.h | 4 +++ 3 files changed, 72 insertions(+), 20 deletions(-) -- 2.43.0
