Am Freitag, 12. Februar 2016, 17:45:24 schrieb Roman Drahtmueller:

Hi Roman,

>56 bit keys are already prevented from being used, which conforms to rfc2451.
>As of 2016, 112 bit 3DES should be prevented, too, if the expectation is
>that the algorithm uses 168 bit.
>
>Signed-off-by: Roman Drahtmueller <dr...@schaltsekun.de>

This code is at least needed in FIPS 140-2 mode. As a caller would manually 
need to create a 2-key TDES key which would violate the newly added check ( 
which is very unlikely) I would think this patch is also appropriate for all 
users.

Acked-by: Stephan Mueller <smuel...@chronox.de>
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to