On Thu, 15 Aug 2019 at 08:01, Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> wrote:
>
> On Thu, 15 Aug 2019 at 07:54, Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote:
> >
> > On Mon, Aug 05, 2019 at 08:00:13PM +0300, Ard Biesheuvel wrote:
> > >
> > > @@ -644,14 +643,8 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key,
> > > if (keys.enckeylen != DES3_EDE_KEY_SIZE)
> > > goto badkey;
> > >
> > > - flags = crypto_aead_get_flags(aead);
> > > - err = __des3_verify_key(&flags, keys.enckey);
> > > - if (unlikely(err)) {
> > > - crypto_aead_set_flags(aead, flags);
> > > - goto out;
> > > - }
> > > -
> > > - err = aead_setkey(aead, key, keylen);
> > > + err = crypto_des3_ede_verify_key(crypto_aead_tfm(aead), keys.enckey) ?:
> > > + aead_setkey(aead, key, keylen);
> >
> > Please don't use crypto_aead_tfm in new code (except in core crypto
> > API code).
> >
> > You should instead provide separate helpers that are type-specific.
> > So crypto_aead_des3_ede_verify_key or verify_aead_des3_key to be
> > more succinct.
> >
>
> OK
So I will end up with
static inline int verify_skcipher_des_key(struct crypto_skcipher *tfm,
const u8 *key)
static inline int verify_skcipher_des3_key(struct crypto_skcipher *tfm,
const u8 *key)
static inline int verify_ablkcipher_des_key(struct crypto_skcipher *tfm,
const u8 *key)
static inline int verify_ablkcipher_des3_key(struct crypto_skcipher *tfm,
const u8 *key)
static inline int verify_aead_des3_key(struct crypto_aead *tfm, const u8 *key,
int keylen)
static inline int verify_aead_des_key(struct crypto_aead *tfm, const u8 *key,
int keylen)
Is that what you had in mind?
