Am Donnerstag, 11. Januar 2018, 10:17:10 CET schrieb Gilad Ben-Yossef: Hi Gilad, > + // verify weak keys > + if (ctx_p->flow_mode == S_DIN_to_DES) { > + if (!des_ekey(tmp, key) && > + (crypto_tfm_get_flags(tfm) & CRYPTO_TFM_REQ_WEAK_KEY)) { > + tfm->crt_flags |= CRYPTO_TFM_RES_WEAK_KEY; > + dev_dbg(dev, "weak DES key"); > + return -EINVAL; > + } > + } > + if (ctx_p->cipher_mode == DRV_CIPHER_XTS && > + xts_check_key(tfm, key, keylen)) { > + dev_dbg(dev, "weak XTS key"); > + return -EINVAL; > + } > + if (ctx_p->flow_mode == S_DIN_to_DES && > + keylen == DES3_EDE_KEY_SIZE && > + cc_verify_3des_keys(key, keylen)) { > + dev_dbg(dev, "weak 3DES key"); > + return -EINVAL; > + } For the DES key, wouldn't it make sense to use __des3_ede_setkey? Note, I would plan to release a patch for review to change that function to disallow key1 == key2 or key1 == key3 or key2 == key3 in FIPS mode. Ciao Stephan