[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 12/18] crypto: flip priority of backends to prefer gcrypt
From: |
Eric Blake |
Subject: |
Re: [PATCH 12/18] crypto: flip priority of backends to prefer gcrypt |
Date: |
Thu, 8 Jul 2021 13:59:33 -0500 |
User-agent: |
NeoMutt/20210205-556-f84451-dirty |
On Tue, Jul 06, 2021 at 10:59:18AM +0100, Daniel P. Berrangé wrote:
> Originally we preferred to use nettle, over gcrypt because
s/nettle, over gcrypt/nettle over gcrypt,/
> gnutls already links to nettle and thus it minimizes the
> dependencies. In retrospect this was the wrong criteria to
> optimize for.
>
> Currently shipping versions of gcrypt have cipher impls that
> are massively faster than those in nettle and this is way
> more important. The nettle library is also not capable of
> enforcing FIPS compliance, since it considers that out of
> scope. It merely aims to provide general purpose impls of
> algorithms, and usage policy is left upto the layer above,
> such as GNUTTLS.
GNUTLS
>
> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
> ---
> meson.build | 22 +++++++++++-----------
> 1 file changed, 11 insertions(+), 11 deletions(-)
>
My meson skills are weak, but the change looks reasonable, and the
proof is in building things.
Reviewed-by: Eric Blake <eblake@redhat.com>
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization: qemu.org | libvirt.org
- [PATCH 08/18] crypto: add crypto tests for single block DES-ECB and DES-CBC, (continued)
- [PATCH 08/18] crypto: add crypto tests for single block DES-ECB and DES-CBC, Daniel P . Berrangé, 2021/07/06
- [PATCH 07/18] crypto: drop custom XTS support in gcrypt driver, Daniel P . Berrangé, 2021/07/06
- [PATCH 04/18] crypto: use &error_fatal in crypto tests, Daniel P . Berrangé, 2021/07/06
- [PATCH 10/18] crypto: delete built-in XTS cipher mode support, Daniel P . Berrangé, 2021/07/06
- [PATCH 12/18] crypto: flip priority of backends to prefer gcrypt, Daniel P . Berrangé, 2021/07/06
- Re: [PATCH 12/18] crypto: flip priority of backends to prefer gcrypt,
Eric Blake <=
- [PATCH 13/18] crypto: introduce build system for gnutls crypto backend, Daniel P . Berrangé, 2021/07/06
- [PATCH 11/18] crypto: rename des-rfb cipher to just des, Daniel P . Berrangé, 2021/07/06
- Re: [PATCH 11/18] crypto: rename des-rfb cipher to just des, Eric Blake, 2021/07/08
[PATCH 14/18] crypto: add gnutls cipher provider, Daniel P . Berrangé, 2021/07/06