[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 12/18] crypto: flip priority of backends to prefer gcrypt

From: Eric Blake
Subject: Re: [PATCH 12/18] crypto: flip priority of backends to prefer gcrypt
Date: Thu, 8 Jul 2021 13:59:33 -0500
User-agent: NeoMutt/20210205-556-f84451-dirty

On Tue, Jul 06, 2021 at 10:59:18AM +0100, Daniel P. Berrangé wrote:
> Originally we preferred to use nettle, over gcrypt because

s/nettle, over gcrypt/nettle over gcrypt,/

> gnutls already links to nettle and thus it minimizes the
> dependencies. In retrospect this was the wrong criteria to
> optimize for.
> Currently shipping versions of gcrypt have cipher impls that
> are massively faster than those in nettle and this is way
> more important.  The nettle library is also not capable of
> enforcing FIPS compliance, since it considers that out of
> scope. It merely aims to provide general purpose impls of
> algorithms, and usage policy is left upto the layer above,
> such as GNUTTLS.


> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
> ---
>  meson.build | 22 +++++++++++-----------
>  1 file changed, 11 insertions(+), 11 deletions(-)

My meson skills are weak, but the change looks reasonable, and the
proof is in building things.

Reviewed-by: Eric Blake <eblake@redhat.com>

Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

reply via email to

[Prev in Thread] Current Thread [Next in Thread]