torvalds-linux

mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2026-01-20 05:13:55 +00:00

History

Chris Leech c5931d590e nvme-auth: use hkdf_expand_label()

When generating keying material during an authentication transaction
(secure channel concatenation), the HKDF-Expand-Label function is part
of the specified key derivation process.

The current open-coded implementation misses the length prefix
requirements on the HkdfLabel label and context variable-length vectors
(RFC 8446 Section 3.4).

Instead, use the hkdf_expand_label() function.

Signed-off-by: Chris Leech <cleech@redhat.com>
Signed-off-by: Hannes Reinecke <hare@kernel.org>
Signed-off-by: Keith Busch <kbusch@kernel.org>

2025-09-15 16:42:07 -07:00

auth.c

nvme-auth: use hkdf_expand_label()

2025-09-15 16:42:07 -07:00

Kconfig

nvme: add nvme_auth_derive_tls_psk()

2025-03-20 16:53:53 -07:00

keyring.c

nvme-keyring: add nvme_tls_psk_refresh()

2025-03-20 16:53:54 -07:00

Makefile

nvme: common: make keyring and auth separate modules

2023-11-07 10:05:15 -08:00