ACK
Fabio M. Di Nitto napsal(a):
> Just spotted a couple of mistakes.. can fix at merge time.
>
> On 10/13/2012 12:21 PM, Fabio M. Di Nitto wrote:
>
>> - |kv "crypto_type" /nss|aes256/
>> - |kv "crypto_cipher" /none|nss|aes256/
>> + |kv "crypto_type" /nss|aes256|aes192|aes128|3des/
>> + |kv "crypto_cipher" /none|nss|aes256|aes192|aes128/3des/
>
> there is a typo here between aes128 and 3des. should be |
>
>> size_t cipher_key_len[] = {
>> - 0, /* CRYPTO_CIPHER_TYPE_NONE */
>> - 32, /* CRYPTO_CIPHER_TYPE_AES256 */
>> + 0, /* CRYPTO_CIPHER_TYPE_NONE */
>> + AES_256_KEY_LENGTH, /* CRYPTO_CIPHER_TYPE_AES256 */
>> + AES_192_KEY_LENGTH, /* CRYPTO_CIPHER_TYPE_AES192 */
>> + AES_128_KEY_LENGTH, /* CRYPTO_CIPHER_TYPE_AES128 */
>> + 16 /* CRYPTO_CIPHER_TYPE_3DES - no magic in nss headers */
>
> 3des max key len is 24 bytes and not 16.
>
> I also found a call in nss that we might want to use at load time to
> avoid hardcoding all those info and could allow full dynamic config.
>
> Is it something we might be interested in?
>
> Fabio
> _______________________________________________
> discuss mailing list
> discuss@xxxxxxxxxxxx
> http://lists.corosync.org/mailman/listinfo/discuss
>
_______________________________________________
discuss mailing list
discuss@xxxxxxxxxxxx
http://lists.corosync.org/mailman/listinfo/discuss
