On Tue, May 12, 2009 at 08:37:27PM -0400, Neil Horman wrote:
>
> > Would there be any objections to dropping the noexit parameter
> > entirely and just making its behavior the default? It would make
> > all users regardless of fips mode notice failures more readily.
> >
> I think thats a fine idea
On Tue, May 12, 2009 at 04:02:45PM -0400, Jarod Wilson wrote:
> On Monday 11 May 2009 10:06:32 Jarod Wilson wrote:
> > At present, the tcrypt module always exits with an -EAGAIN upon
> > successfully completing all the tests its been asked to run. There
> > are cases where it would be much simpler
On Monday 11 May 2009 10:06:32 Jarod Wilson wrote:
> At present, the tcrypt module always exits with an -EAGAIN upon
> successfully completing all the tests its been asked to run. There
> are cases where it would be much simpler to verify all tests passed
> if tcrypt simply stayed loaded (i.e. retu
On Mon, May 11, 2009 at 09:52:43AM -0400, Jarod Wilson wrote:
> Set the fips_allowed flag in testmgr.c's alg_test_descs[] for algs
> that are allowed to be used when in fips mode.
>
> One caveat: des isn't actually allowed anymore, but des (and thus also
> ecb(des)) has to be permitted, because di
On Mon, May 11, 2009 at 09:53:06AM -0400, Jarod Wilson wrote:
> Because all fips-allowed algorithms must be self-tested before they
> can be used, they will all have entries in testmgr.c's alg_test_descs[].
> Skip self-tests for any algs not flagged as fips_approved and return
> -EINVAL when in fip
Hello. I'm developing driver for our crypto platform-device on
arm-realview arch. Could you please help with understanding some
CryptoAPI concepts?
Our device is hw implementation of 3DES/AES cipher. it allows:
- encrypt/decrypt 64-bit words (slave mode, data exchange via
registers, CBC/ECB con
