Re: [PATCH 12/21] nvme-auth: common: use crypto library in nvme_auth_derive_tls_psk()

Next message: Jean-Michel Hautbois: "[PATCH v3 2/5] dmaengine: fsl-edma: Add FSL_EDMA_DRV_MCF flag for ColdFire eDMA"
Previous message: lihuisong (C): "Re: [PATCH] mailbox: pcc: Fix probabilistic command execution timeout"
Next in thread: Eric Biggers: "Re: [PATCH 12/21] nvme-auth: common: use crypto library in nvme_auth_derive_tls_psk()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: John Garry

Date: Thu Jun 25 2026 - 05:03:34 EST

On 02/03/2026 07:59, Eric Biggers wrote:

int nvme_auth_derive_tls_psk(int hmac_id, const u8 *psk, size_t psk_len,
const char *psk_digest, u8 **ret_psk)
{
- struct crypto_shash *hmac_tfm;
- const char *hmac_name;
- const char *label = "nvme-tls-psk";
static const u8 default_salt[NVME_AUTH_MAX_DIGEST_SIZE];
- size_t prk_len;
- const char *ctx;
- u8 *prk, *tls_key;
+ static const char label[] = "tls13 nvme-tls-psk";
+ const size_t label_len = sizeof(label) - 1;
+ u8 prk[NVME_AUTH_MAX_DIGEST_SIZE];
+ size_t hash_len, ctx_len;
+ u8 *hmac_data = NULL, *tls_key;
+ size_t i;
int ret;
- hmac_name = nvme_auth_hmac_name(hmac_id);
- if (!hmac_name) {
+ hash_len = nvme_auth_hmac_hash_len(hmac_id);
+ if (hash_len == 0) {
pr_warn("%s: invalid hash algorithm %d\n",

...

+ i = 0;
+ hmac_data[i++] = hash_len >> 8;
+ hmac_data[i++] = hash_len;
+
+ /* label */
+ static_assert(label_len <= 255);

JFYI, this is generating a C=1 warning for me:

CHECK drivers/nvme/common/auth.c
drivers/nvme/common/auth.c:746:9: error: bad constant expression

The following fixes/avoids it:

/* label */
- static_assert(label_len <= 255);
+ static_assert(sizeof(label) - 1 <= 255);

Even though label_len is declared as const, label_len <= 255 is not a constant expression.