On Thu, 15 Aug 2019 at 07:54, Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote: > > On Mon, Aug 05, 2019 at 08:00:13PM +0300, Ard Biesheuvel wrote: > > > > @@ -644,14 +643,8 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, > > if (keys.enckeylen != DES3_EDE_KEY_SIZE) > > goto badkey; > > > > - flags = crypto_aead_get_flags(aead); > > - err = __des3_verify_key(&flags, keys.enckey); > > - if (unlikely(err)) { > > - crypto_aead_set_flags(aead, flags); > > - goto out; > > - } > > - > > - err = aead_setkey(aead, key, keylen); > > + err = crypto_des3_ede_verify_key(crypto_aead_tfm(aead), keys.enckey) ?: > > + aead_setkey(aead, key, keylen); > > Please don't use crypto_aead_tfm in new code (except in core crypto > API code). > > You should instead provide separate helpers that are type-specific. > So crypto_aead_des3_ede_verify_key or verify_aead_des3_key to be > more succinct. > OK