On Thu, 15 Aug 2019 at 07:54, Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote:
>
> On Mon, Aug 05, 2019 at 08:00:13PM +0300, Ard Biesheuvel wrote:
> >
> > @@ -644,14 +643,8 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key,
> > if (keys.enckeylen != DES3_EDE_KEY_SIZE)
> > goto badkey;
> >
> > - flags = crypto_aead_get_flags(aead);
> > - err = __des3_verify_key(&flags, keys.enckey);
> > - if (unlikely(err)) {
> > - crypto_aead_set_flags(aead, flags);
> > - goto out;
> > - }
> > -
> > - err = aead_setkey(aead, key, keylen);
> > + err = crypto_des3_ede_verify_key(crypto_aead_tfm(aead), keys.enckey) ?:
> > + aead_setkey(aead, key, keylen);
>
> Please don't use crypto_aead_tfm in new code (except in core crypto
> API code).
>
> You should instead provide separate helpers that are type-specific.
> So crypto_aead_des3_ede_verify_key or verify_aead_des3_key to be
> more succinct.
>
OK
