nvme-auth: common: explicitly verify psk_len == hash_len

nvme_auth_derive_tls_psk() is always called with psk_len == hash_len.
And based on the comments above nvme_auth_generate_psk() and
nvme_auth_derive_tls_psk(), this isn't an implementation choice but
rather just the length the spec uses.  Add a check which makes this
explicit, so that when cleaning up nvme_auth_derive_tls_psk() we don't
have to retain support for arbitrary values of psk_len.

Acked-by: Ard Biesheuvel <ardb@kernel.org>
Acked-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: Eric Biggers <ebiggers@kernel.org>
Signed-off-by: Keith Busch <kbusch@kernel.org>

diff --git a/drivers/nvme/common/auth.c b/drivers/nvme/common/auth.c
index 2f83c9ddea5ec687d34c6be3edc632072e44d5e7..9e33fc02cf51ae21e31bd716c8401da544e431bf 100644 (file)
--- a/drivers/nvme/common/auth.c
+++ b/drivers/nvme/common/auth.c
@@ -788,6 +788,11 @@ int nvme_auth_derive_tls_psk(int hmac_id, const u8 *psk, size_t psk_len,
                return -EINVAL;
        }
 
+       if (psk_len != nvme_auth_hmac_hash_len(hmac_id)) {
+               pr_warn("%s: unexpected psk_len %zu\n", __func__, psk_len);
+               return -EINVAL;
+       }
+
        hmac_tfm = crypto_alloc_shash(hmac_name, 0, 0);
        if (IS_ERR(hmac_tfm))
                return PTR_ERR(hmac_tfm);