Am Dienstag, 9. August 2016, 16:55:52 CEST schrieb Stephan Mueller: Hi Tapas, David, > > David, the x509.genkey file seems to generate a 4k RSA key per default. This > will cause a panic with fips=1 as only 2k and 3k keys are allowed. Just yesterday, a new ruling came out from NIST allowing any key size >= 2048 provided that at least either 2048 or 3072 is a usable key size to allow CAVS testing. I will send a patch that changes this in the code. Thanks Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html