On 6/27/2019 3:03 PM, Ard Biesheuvel wrote: > @@ -785,20 +781,23 @@ static int skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, > static int des_skcipher_setkey(struct crypto_skcipher *skcipher, > const u8 *key, unsigned int keylen) > { > - u32 tmp[DES3_EDE_EXPKEY_WORDS]; > - struct crypto_tfm *tfm = crypto_skcipher_tfm(skcipher); > + int err; > > - if (keylen == DES3_EDE_KEY_SIZE && > - __des3_ede_setkey(tmp, &tfm->crt_flags, key, DES3_EDE_KEY_SIZE)) { > - return -EINVAL; > - } > + err = crypto_des_verify_key(crypto_skcipher_tfm(skcipher), key); > + if (unlikely(err)) > + return err; > > - if (!des_ekey(tmp, key) && (crypto_skcipher_get_flags(skcipher) & > - CRYPTO_TFM_REQ_FORBID_WEAK_KEYS)) { > - crypto_skcipher_set_flags(skcipher, > - CRYPTO_TFM_RES_WEAK_KEY); > - return -EINVAL; > - } > + return skcipher_setkey(skcipher, key, keylen); This would be a bit more compact: return unlikely(crypto_des_verify_key(crypto_skcipher_tfm(skcipher), key)) ?: skcipher_setkey(skcipher, key, keylen); and could be used in most places. Actually here: > @@ -697,8 +693,13 @@ static int skcipher_setkey(struct crypto_skcipher *skcipher, const u8 *key, > static int des3_skcipher_setkey(struct crypto_skcipher *skcipher, > const u8 *key, unsigned int keylen) > { > - return unlikely(des3_verify_key(skcipher, key)) ?: > - skcipher_setkey(skcipher, key, keylen); > + int err; > + > + err = crypto_des3_ede_verify_key(crypto_skcipher_tfm(skcipher), key); > + if (unlikely(err)) > + return err; > + > + return skcipher_setkey(skcipher, key, keylen); > } this pattern is already used, only the verification function has to be replaced. Horia