[PATCH 12/21] nvme-auth: common: use crypto library in nvme_auth_derive_tls_psk()
Hannes Reinecke
hare at suse.de
Mon Mar 2 23:40:09 PST 2026
On 3/2/26 08:59, Eric Biggers wrote:
> For the HKDF-Expand-Label computation in nvme_auth_derive_tls_psk(), use
> the crypto library instead of crypto_shash and crypto/hkdf.c.
>
> While this means the HKDF "helper" functions are no longer utilized,
> they clearly weren't buying us much: it's simpler to just inline the
> HMAC computations directly, and this code needs to be tested anyway. (A
> similar result was seen in fs/crypto/. As a result, this eliminates the
> last user of crypto/hkdf.c, which we'll be able to remove as well.)
>
> As usual this is also a lot more efficient, eliminating the allocation
> of a transformation object and multiple other dynamic allocations.
>
> Signed-off-by: Eric Biggers <ebiggers at kernel.org>
> ---
> drivers/nvme/common/auth.c | 156 +++++++++++++------------------------
> 1 file changed, 53 insertions(+), 103 deletions(-)
>
Reviewed-by: Hannes Reinecke <hare at suse.de>
Cheers,
Hannes
--
Dr. Hannes Reinecke Kernel Storage Architect
hare at suse.de +49 911 74053 688
SUSE Software Solutions GmbH, Frankenstr. 146, 90461 Nürnberg
HRB 36809 (AG Nürnberg), GF: I. Totev, A. McDonald, W. Knoblich
More information about the Linux-nvme
mailing list