From mboxrd@z Thu Jan  1 00:00:00 1970
From: Maurizio Lombardi <mlombard@redhat.com>
Date: Fri, 25 Oct 2019 08:58:00 +0000
Subject: Re: [PATCH V2 0/3] iscsi: chap: introduce support for SHA1, SHA256 and SHA3-256
Message-Id: <4a399a7c-e776-7844-1c30-ca41f61ddc3f@redhat.com>
List-Id: <target-devel.vger.kernel.org>
References: <20191017131037.9903-1-mlombard@redhat.com>
In-Reply-To: <20191017131037.9903-1-mlombard@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: target-devel@vger.kernel.org

Hello,

Dne 25.10.2019 v 02:20 Martin K. Petersen napsal(a):
> 
> Hi Maurizio,
> 
>> iSCSI with the Challenge-Handshake Authentication Protocol is not FIPS
>> compliant.  This is due to the fact that CHAP currently uses MD5 as
>> the only supported digest algorithm and MD5 is not allowed by FIPS.
>>
>> When FIPS mode is enabled on the target server, the CHAP
>> authentication won't work because the target driver will be prevented
>> from using the MD5 module.
>>
>> Given that CHAP is agnostic regarding the algorithm it uses, this
>> patchset introduce support for three new alternatives: SHA1, SHA256
>> and SHA3-256.
> 
> Can you please submit these on top of 5.5/scsi-queue which has your
> string parsing fixes in place?
> 

I will rebase on top of 5.5/scsi-queue and send a V3.

Thanks,
Maurizio