Re: [PATCH v4 06/30] crypto: caam/des - switch to new verification routines

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 15 Aug 2019 at 08:01, Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> wrote:
>
> On Thu, 15 Aug 2019 at 07:54, Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote:
> >
> > On Mon, Aug 05, 2019 at 08:00:13PM +0300, Ard Biesheuvel wrote:
> > >
> > > @@ -644,14 +643,8 @@ static int des3_aead_setkey(struct crypto_aead *aead, const u8 *key,
> > >       if (keys.enckeylen != DES3_EDE_KEY_SIZE)
> > >               goto badkey;
> > >
> > > -     flags = crypto_aead_get_flags(aead);
> > > -     err = __des3_verify_key(&flags, keys.enckey);
> > > -     if (unlikely(err)) {
> > > -             crypto_aead_set_flags(aead, flags);
> > > -             goto out;
> > > -     }
> > > -
> > > -     err = aead_setkey(aead, key, keylen);
> > > +     err = crypto_des3_ede_verify_key(crypto_aead_tfm(aead), keys.enckey) ?:
> > > +           aead_setkey(aead, key, keylen);
> >
> > Please don't use crypto_aead_tfm in new code (except in core crypto
> > API code).
> >
> > You should instead provide separate helpers that are type-specific.
> > So crypto_aead_des3_ede_verify_key or verify_aead_des3_key to be
> > more succinct.
> >
>
> OK

So I will end up with

static inline int verify_skcipher_des_key(struct crypto_skcipher *tfm,
  const u8 *key)
static inline int verify_skcipher_des3_key(struct crypto_skcipher *tfm,
   const u8 *key)
static inline int verify_ablkcipher_des_key(struct crypto_skcipher *tfm,
    const u8 *key)
static inline int verify_ablkcipher_des3_key(struct crypto_skcipher *tfm,
     const u8 *key)
static inline int verify_aead_des3_key(struct crypto_aead *tfm, const u8 *key,
       int keylen)
static inline int verify_aead_des_key(struct crypto_aead *tfm, const u8 *key,
      int keylen)

Is that what you had in mind?



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux