Hi David, On 14. Nov 2025, at 10:34, David Laight wrote: > On Thu, 13 Nov 2025 22:55:45 +0100 > Thorsten Blum <[email protected]> wrote: > >> strcpy() is deprecated; use the safer strscpy() and use its return >> value, the number of bytes copied, instead of calling strlen() on the >> destination buffer again. String truncation can be ignored since >> 'derived_buf' is guaranteed to be large enough. >> >> Link: https://github.com/KSPP/linux/issues/88 >> Signed-off-by: Thorsten Blum <[email protected]> >> --- >> [...] > > I'm not sure this is an improvement, but has this code ever been correct? > The buffer passed to sha256 is either: > "AUTH_KEY"'\0'master_key > or > "ENC_KEY"'\0'master_key > For short master_key the buffer is HASH_SIZE bytes and padded with zeros (ok). > However for long master_key the length is calculated using "AUTH_KEY" so > there is an additional trailing '\0' in the "ENC_KEY" case.
I removed the trailing '\0' in v1, but since Eric pointed out that it changes the sha256 hash, I reverted it in v2. Thanks, Thorsten
