On Wed, Jul 27, 2022 at 06:52:27PM +0300, Leonard Crestez wrote: > > The fact that setkey is implemented at the crypto_ahash instead of the > ahash_request level is baked into all algorithm implementations (including > many hardware-specific ones). Changing this seems extremely difficult. What I had in mind is simply making the tfm setkey optional. That way you could then have an additional setkey at the request level. If the key is provided in either place you're allowed to perform the hash. This should have minimal impact on existing code. Cheers, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt