Hi, On Thu, Nov 26, 2020 at 05:04:45PM +0800, Tony He wrote: > Because there is HW crypto engine in some embedded devices, the crypto > engine maybe only supports hmac-sha256-cbc-aes.
OK, I was not aware that there is such special-case hardware. Thanks
for the explanation.
Yes, in that case it might be nice to add support for these crypto
modes to DCO later, when the initial feature set is done, well tested
and properly shaken down.
For the initial feature set, DCO needs to focus on a subset of features
that benefit most users - and that's AES-GCM and CHACHA.
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
