]> git.ipfire.org Git - thirdparty/kernel/linux.git/commit
projects / thirdparty / kernel / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1cab50d) | patch
nvme-auth: use hkdf_expand_label()
authorChris Leech <cleech@redhat.com>
Thu, 21 Aug 2025 20:48:16 +0000 (13:48 -0700)
committerKeith Busch <kbusch@kernel.org>
Mon, 15 Sep 2025 23:42:07 +0000 (16:42 -0700)
commitc5931d590e793c0291c0ba9fd1247567786612ea
treea5c01100f716a02944eeca46b81b0d2721bcdb52tree | snapshot
parent1cab50da62aa810e532396fcaeb96cf9c3fdf87acommit | diff
nvme-auth: use hkdf_expand_label()

When generating keying material during an authentication transaction
(secure channel concatenation), the HKDF-Expand-Label function is part
of the specified key derivation process.

The current open-coded implementation misses the length prefix
requirements on the HkdfLabel label and context variable-length vectors
(RFC 8446 Section 3.4).

Instead, use the hkdf_expand_label() function.

Signed-off-by: Chris Leech <cleech@redhat.com>
Signed-off-by: Hannes Reinecke <hare@kernel.org>
Signed-off-by: Keith Busch <kbusch@kernel.org>
drivers/nvme/common/auth.c diff | blob | blame | history
A mirror of Linus' kernel repository