From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752015AbbFPC0w (ORCPT ); Mon, 15 Jun 2015 22:26:52 -0400 Received: from mga01.intel.com ([192.55.52.88]:40328 "EHLO mga01.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751172AbbFPC0o (ORCPT ); Mon, 15 Jun 2015 22:26:44 -0400 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.13,622,1427785200"; d="scan'208";a="744073879" Message-ID: <557F8960.3010604@intel.com> Date: Mon, 15 Jun 2015 19:26:40 -0700 From: Tadeusz Struk User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: Stephan Mueller CC: herbert@gondor.apana.org.au, linux-kernel@vger.kernel.org, keescook@chromium.org, jwboyer@redhat.com, richard@nod.at, steved@redhat.com, qat-linux@intel.com, dhowells@redhat.com, linux-crypto@vger.kernel.org, james.l.morris@oracle.com, jkosina@suse.cz, zohar@linux.vnet.ibm.com, davem@davemloft.net, vgoyal@redhat.com Subject: Re: [PATCH RFC v5 3/4] crypto: rsa: add a new rsa generic implementation References: <20150615201831.15697.57738.stgit@tstruk-mobl1> <3921303.7tkMvJ6vYE@tachyon.chronox.de> <557F809B.3060001@intel.com> <15593683.jmSB8WjLMD@tachyon.chronox.de> In-Reply-To: <15593683.jmSB8WjLMD@tachyon.chronox.de> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 06/15/2015 07:19 PM, Stephan Mueller wrote: >> I'm not familiar with the FIPS requirements. I checked the NIST >> > recommendations witch states that RSA: |n| >= 2048 is acceptable. If FIPS >> > allows 2K and 3K only then we need to change it. > The reason for exclusive 2k/3k is the CAVS testing: there is only the ability > to test 2/3k. Longer key sizes are even not allowed as per SP800-131A in favor > of EC. Ok I'll update it to only accept 2K & 3K. Thanks