[PATCH 12/21] nvme-auth: common: use crypto library in nvme_auth_derive_tls_psk()
John Garry
john.g.garry at oracle.com
Thu Jun 25 02:02:27 PDT 2026
On 02/03/2026 07:59, Eric Biggers wrote:
> int nvme_auth_derive_tls_psk(int hmac_id, const u8 *psk, size_t psk_len,
> const char *psk_digest, u8 **ret_psk)
> {
> - struct crypto_shash *hmac_tfm;
> - const char *hmac_name;
> - const char *label = "nvme-tls-psk";
> static const u8 default_salt[NVME_AUTH_MAX_DIGEST_SIZE];
> - size_t prk_len;
> - const char *ctx;
> - u8 *prk, *tls_key;
> + static const char label[] = "tls13 nvme-tls-psk";
> + const size_t label_len = sizeof(label) - 1;
> + u8 prk[NVME_AUTH_MAX_DIGEST_SIZE];
> + size_t hash_len, ctx_len;
> + u8 *hmac_data = NULL, *tls_key;
> + size_t i;
> int ret;
>
> - hmac_name = nvme_auth_hmac_name(hmac_id);
> - if (!hmac_name) {
> + hash_len = nvme_auth_hmac_hash_len(hmac_id);
> + if (hash_len == 0) {
> pr_warn("%s: invalid hash algorithm %d\n",
...
> + i = 0;
> + hmac_data[i++] = hash_len >> 8;
> + hmac_data[i++] = hash_len;
> +
> + /* label */
> + static_assert(label_len <= 255);
JFYI, this is generating a C=1 warning for me:
CHECK drivers/nvme/common/auth.c
drivers/nvme/common/auth.c:746:9: error: bad constant expression
The following fixes/avoids it:
/* label */
- static_assert(label_len <= 255);
+ static_assert(sizeof(label) - 1 <= 255);
Even though label_len is declared as const, label_len <= 255 is not a
constant expression.
More information about the Linux-nvme
mailing list