Hi, I'm facing an issue running tcrypt with rfc4309-aes-ccm. My hardware and drive only implements support to key size 128, what is specify in the documentation (http://tools.ietf.org/html/rfc4309) as a 'MUST' support, but does not support the other sizes. However tcrypt tests not only 128, but also 192 and 256bits size, which in ietf documentation are 'MAY' also support. The issue is if I run my machines with FIPS enable it won't work at all, since tcrypt will try to the other key sizes and so fails making my system crash in a kernel panic. I wondering if this tcrypt to 192 and 256 are correct since it's not a 'MUST' support size. Either if have any option to disable tcrypt to test with this other key sizes. And once more, since they are not a must support, what is the history about this test? A workround for us in the moment is to disable ccm in FIPs mode. Best regards, Leonidas.) -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html