Milan Broz wrote:
> The cipher_null is not a real cipher, FIPS mode should not restrict its use.
>
> It is used for several tests (for example in cryptsetup testsuite) and also
> temporarily for reencryption of not yet encrypted device in
> cryptsetup-reencrypt tool.
>
> Problem is easily repro
Am Samstag, 22. April 2017, 09:54:08 CEST schrieb Sandy Harris:
Hi Sandy,
> In the FreeS/WAN project, back around the turn of the century,
> we refused to implement several things required by the RFCs
> because we thought they were insecure: null cipher, single
> DES & 768-bit DH Group 1.
>
> At
On Sat, Apr 22, 2017 at 3:54 PM, Sandy Harris wrote:
> In the FreeS/WAN project, back around the turn of the century,
> we refused to implement several things required by the RFCs
Link to documentation:
http://www.freeswan.org/freeswan_trees/freeswan-2.06/doc/compat.html#dropped
On Sat, Apr 22, 2017 at 2:56 AM, Stephan Müller wrote:
> Am Freitag, 21. April 2017, 17:25:41 CEST schrieb Stephan Müller:
> Just for the records: for FIPS 140-2 rules, cipher_null is to be interpreted
> as a memcpy on SGLs. Thus it is no cipher even though it sounds like one.
>
> cipher_null is
Am Freitag, 21. April 2017, 17:25:41 CEST schrieb Stephan Müller:
Hi,
>
> Acked-by: Stephan Müller
Just for the records: for FIPS 140-2 rules, cipher_null is to be interpreted
as a memcpy on SGLs. Thus it is no cipher even though it sounds like one.
cipher_null is also needed for seqiv which
Am Freitag, 21. April 2017, 14:18:20 CEST schrieb Herbert Xu:
Hi Herbert,
> Milan Broz wrote:
> > The cipher_null is not a real cipher, FIPS mode should not restrict its
> > use.
> >
> > It is used for several tests (for example in cryptsetup testsuite) and
> > also
> > temporarily for reencryp
Milan Broz wrote:
> The cipher_null is not a real cipher, FIPS mode should not restrict its use.
>
> It is used for several tests (for example in cryptsetup testsuite) and also
> temporarily for reencryption of not yet encrypted device in
> cryptsetup-reencrypt tool.
>
> Problem is easily repro
The cipher_null is not a real cipher, FIPS mode should not restrict its use.
It is used for several tests (for example in cryptsetup testsuite) and also
temporarily for reencryption of not yet encrypted device in
cryptsetup-reencrypt tool.
Problem is easily reproducible with
cryptsetup benchma