Re: [PATCH] crypto: don't raise alarm for no ctr(aes*) tests infips mode

From: Herbert Xu
Date: Tue May 05 2009 - 01:29:27 EST


On Mon, May 04, 2009 at 11:45:08PM -0400, Jarod Wilson wrote:
>
> Can't keep all the RFCs and SPs and whatnot straight in my head, and they
> aren't in front of me, but I thought I read that the basic counter increment
> routine wasn't mandated to be any specific way, the only mandate was to
> ensure unique values. Suggestions for how to do so were made though.

It doesn't matter what is or isn't specified for CTR, the thing
that we call "ctr" is the one that's used for RFC 3686, CCM, and
GCM. It is completely pinned down and can be tested.

Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/