On 8/20/25 21:48, Chris Leech wrote:
On Wed, Aug 20, 2025 at 11:46:33AM -0700, Eric Biggers wrote:
On Wed, Aug 20, 2025 at 11:12:10AM +0200, hare@xxxxxxxxxx wrote:
From: Chris Leech <cleech@xxxxxxxxxx>
Provide an implementation of RFC 8446 (TLS 1.3) HKDF-Expand-Label
Cc: Eric Biggers <ebiggers@xxxxxxxxxx>
Signed-off-by: Chris Leech <cleech@xxxxxxxxxx>
Signed-off-by: Hannes Reinecke <hare@xxxxxxxxxx>
---
crypto/hkdf.c | 55 +++++++++++++++++++++++++++++++++++++++++++
include/crypto/hkdf.h | 4 ++++
2 files changed, 59 insertions(+)
...
Does this belong in crypto/hkdf.c? It seems to be specific to a
particular user of HKDF.
While this is needed for NVMe/TLS, it's a case of the NVMe
specifications referencing a function defined in the TLS 1.3 RFC to be
used. I though it would be clearest to fix the open-coded implemenation
by creating an RFC complient function, which is now no-longer specific
to NVMe so I moved it out to crypto/hkdf.c
I don't know that there will be other users, it just seemed to make the
most sense there.
But having said that, we can easily move it into the nvme code, and let
others move it into crypto if there is a need.
Will be updating the patchset.
Cheers,
Hannes
--
Dr. Hannes Reinecke Kernel Storage Architect
hare@xxxxxxx +49 911 74053 688
SUSE Software Solutions GmbH, Frankenstr. 146, 90461 Nürnberg
HRB 36809 (AG Nürnberg), GF: I. Totev, A. McDonald, W. Knoblich
