On Thu, 15 Aug 2019 at 08:01, Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> wrote: > > On Thu, 15 Aug 2019 at 07:54, Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote: > > > > On Mon, Aug 05, 2019 at 08:00:13PM +0300, Ard Biesheuvel wrote: > > > > > > @@ -644,14 +643,8 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key, > > > if (keys.enckeylen != DES3_EDE_KEY_SIZE) > > > goto badkey; > > > > > > - flags = crypto_aead_get_flags(aead); > > > - err = __des3_verify_key(&flags, keys.enckey); > > > - if (unlikely(err)) { > > > - crypto_aead_set_flags(aead, flags); > > > - goto out; > > > - } > > > - > > > - err = aead_setkey(aead, key, keylen); > > > + err = crypto_des3_ede_verify_key(crypto_aead_tfm(aead), keys.enckey) ?: > > > + aead_setkey(aead, key, keylen); > > > > Please don't use crypto_aead_tfm in new code (except in core crypto > > API code). > > > > You should instead provide separate helpers that are type-specific. > > So crypto_aead_des3_ede_verify_key or verify_aead_des3_key to be > > more succinct. > > > > OK So I will end up with static inline int verify_skcipher_des_key(struct crypto_skcipher *tfm, const u8 *key) static inline int verify_skcipher_des3_key(struct crypto_skcipher *tfm, const u8 *key) static inline int verify_ablkcipher_des_key(struct crypto_skcipher *tfm, const u8 *key) static inline int verify_ablkcipher_des3_key(struct crypto_skcipher *tfm, const u8 *key) static inline int verify_aead_des3_key(struct crypto_aead *tfm, const u8 *key, int keylen) static inline int verify_aead_des_key(struct crypto_aead *tfm, const u8 *key, int keylen) Is that what you had in mind?