This series makes the crypto API mark shash, ahash, skcipher, and aead tfms as needing a key again if setting a key fails, since on failure many algorithms can leave the tfm in an intermediate state that is neither the old key nor the new key -- and use of such tfms for hashing, encryption, or decryption will produce bogus results or crashes. Eric Biggers (3): crypto: hash - set CRYPTO_TFM_NEED_KEY if ->setkey() fails crypto: skcipher - set CRYPTO_TFM_NEED_KEY if ->setkey() fails crypto: aead - set CRYPTO_TFM_NEED_KEY if ->setkey() fails crypto/aead.c | 4 +++- crypto/ahash.c | 28 +++++++++++++++++++--------- crypto/shash.c | 18 +++++++++++++----- crypto/skcipher.c | 27 ++++++++++++++++++--------- 4 files changed, 53 insertions(+), 24 deletions(-) -- 2.20.1
