svn commit: r348876 - head/sys/opencrypto
John Baldwin
jhb at FreeBSD.org
Mon Jun 10 19:34:41 UTC 2019
On 6/10/19 12:26 PM, John Baldwin wrote:
> Author: jhb
> Date: Mon Jun 10 19:26:57 2019
> New Revision: 348876
> URL: https://svnweb.freebsd.org/changeset/base/348876
>
> Log:
> Add warnings to /dev/crypto for deprecated algorithms.
>
> These algorithms are deprecated algorithms that will have no in-kernel
> consumers in FreeBSD 13. Specifically, deprecate the following
> algorithms:
> - ARC4
> - Blowfish
> - CAST128
> - DES
> - 3DES
> - MD5-HMAC
> - Skipjack
>
> MFC after: 1 month
> Relnotes: yes
> Sponsored by: Chelsio Communications
> Differential Revision: https://reviews.freebsd.org/D20554
cryptocheck doesn't test any of these. The cryptotest.py tests do test 3DES
so cryptotest.py will emit a warning due to that. The /dev/crypto engine for
OpenSSL does support several of these, but calling into the kernel just to do
software crypto instead of doing the software crypto userland is rather
pointless (just adds overhead).
--
John Baldwin
More information about the svn-src-all
mailing list