Re: authenc methods vs FIPS in light of unencrypted associated data

From: Herbert Xu
Date: Fri Jun 03 2016 - 06:12:23 EST

Next message: Vitaly Kuznetsov: "[PATCH] Drivers: hv: fix infinite wait when channel open timeouts"
Previous message: Herbert Xu: "Re: [RFC v2 2/3] crypto: Introduce CRYPTO_ALG_BULK flag"
In reply to: Stephan Mueller: "Re: authenc methods vs FIPS in light of unencrypted associated data"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Jun 03, 2016 at 08:42:31AM +0200, Stephan Mueller wrote:
>
> Herbert, when using crypto_spawn_*, is there a flag set by the crypto API that
> the to-be-instantiated cipher is invoked by the kernel crypto API instead of
> by a user? I would assume that the INTERNAL flag could be of relevance here.
> If that INTERNAL flag is set, I think that the function alg_test could be
> changed such that if the INTERNAL flag is set, the fips_allowed flag is not
> enforced.

Yes we can certainly set INTERNAL for this case.

Thanks,
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Next message: Vitaly Kuznetsov: "[PATCH] Drivers: hv: fix infinite wait when channel open timeouts"
Previous message: Herbert Xu: "Re: [RFC v2 2/3] crypto: Introduce CRYPTO_ALG_BULK flag"
In reply to: Stephan Mueller: "Re: authenc methods vs FIPS in light of unencrypted associated data"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]