Am Freitag, 21. April 2017, 17:25:41 CEST schrieb Stephan Müller: Hi, > > Acked-by: Stephan Müller <smueller@xxxxxxxxxx> Just for the records: for FIPS 140-2 rules, cipher_null is to be interpreted as a memcpy on SGLs. Thus it is no cipher even though it sounds like one. cipher_null is also needed for seqiv which is required for rfc4106(gcm(aes)), which is an approved cipher. Also, it is needed for authenc() which uses it for copying the AAD from src to dst. That said, cipher_null must not be used for "encryption" operation but rather for handling data that is not subjected to FIPS 140-2 rules. Ciao Stephan