Issue(s):

1. Bug: Derived TLS PSK implementation is not specification compliant
2. Improvement(s):
      - hkdf function implementations do not support ability to run known-answer test (KAT) as algorithm verification
      - Thus, no KAT is run as an algorithm verification before using the hkdf algorithms as a robustness

Solution(s):
1. Bug Fix: Introduce and use compliant HKDF-Extract, HKDF-Expand, and HKDF-Expand-Label crypto services to derive TLS PSK
2. Enhancement(s):
    - Implement KAT for HKDF-Extract, HKDF-Expand, and HKDF-Expand-Label
    - Introduce KAT to before using the algorithm to ensure accidentally wrong keys are not generated
    - The new crypto services can be used to address similar issues in the other part of the livnvme code

Author: chiranjeb-wdc

src/meson.build

@@ -16,7 +16,8 @@ sources = [
     'nvme/tree.c',
     'nvme/util.c',
     'nvme/base64.c',
-    'nvme/crc32.c'
+    'nvme/crc32.c',
+    'nvme/crypto_services.c'
 ]
 
 mi_sources = [