Skip to content

Commit 1cab50d

Browse files
cleechkeithbusch
cleech
authored and
keithbusch
committed
nvme-auth: add hkdf_expand_label()
Provide an implementation of RFC 8446 (TLS 1.3) HKDF-Expand-Label Signed-off-by: Chris Leech <cleech@redhat.com> Signed-off-by: Hannes Reinecke <hare@kernel.org> Signed-off-by: Keith Busch <kbusch@kernel.org>
1 parent df4666a commit 1cab50d

1 file changed

Lines changed: 53 additions & 0 deletions

File tree

drivers/nvme/common/auth.c

Lines changed: 53 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -683,6 +683,59 @@ int nvme_auth_generate_digest(u8 hmac_id, u8 *psk, size_t psk_len,
683683
}
684684
EXPORT_SYMBOL_GPL(nvme_auth_generate_digest);
685685

686+
/**
687+
* hkdf_expand_label - HKDF-Expand-Label (RFC 8846 section 7.1)
688+
* @hmac_tfm: hash context keyed with pseudorandom key
689+
* @label: ASCII label without "tls13 " prefix
690+
* @labellen: length of @label
691+
* @context: context bytes
692+
* @contextlen: length of @context
693+
* @okm: output keying material
694+
* @okmlen: length of @okm
695+
*
696+
* Build the TLS 1.3 HkdfLabel structure and invoke hkdf_expand().
697+
*
698+
* Returns 0 on success with output keying material stored in @okm,
699+
* or a negative errno value otherwise.
700+
*/
701+
static int hkdf_expand_label(struct crypto_shash *hmac_tfm,
702+
const u8 *label, unsigned int labellen,
703+
const u8 *context, unsigned int contextlen,
704+
u8 *okm, unsigned int okmlen)
705+
{
706+
int err;
707+
u8 *info;
708+
unsigned int infolen;
709+
const char *tls13_prefix = "tls13 ";
710+
unsigned int prefixlen = strlen(tls13_prefix);
711+
712+
if (WARN_ON(labellen > (255 - prefixlen)))
713+
return -EINVAL;
714+
if (WARN_ON(contextlen > 255))
715+
return -EINVAL;
716+
717+
infolen = 2 + (1 + prefixlen + labellen) + (1 + contextlen);
718+
info = kzalloc(infolen, GFP_KERNEL);
719+
if (!info)
720+
return -ENOMEM;
721+
722+
/* HkdfLabel.Length */
723+
put_unaligned_be16(okmlen, info);
724+
725+
/* HkdfLabel.Label */
726+
info[2] = prefixlen + labellen;
727+
memcpy(info + 3, tls13_prefix, prefixlen);
728+
memcpy(info + 3 + prefixlen, label, labellen);
729+
730+
/* HkdfLabel.Context */
731+
info[3 + prefixlen + labellen] = contextlen;
732+
memcpy(info + 4 + prefixlen + labellen, context, contextlen);
733+
734+
err = hkdf_expand(hmac_tfm, info, infolen, okm, okmlen);
735+
kfree_sensitive(info);
736+
return err;
737+
}
738+
686739
/**
687740
* nvme_auth_derive_tls_psk - Derive TLS PSK
688741
* @hmac_id: Hash function identifier

0 commit comments

Comments
 (0)