Since the key is used for AES/3DES and HMAC operations only, this is
safe. AES/3DES use keys in the 128- to 256-bit range, HMAC with
MD5/SHA1/SHA2 should use keys with a minimum of 128- to 512-bit (in both
cases, depending on the actual algorithm used).
This reduction also keeps knet compatible with existing Corosync 2.x
keyfiles, which are 1024-bit.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
unsigned int *data_mtu);
-
-#define KNET_MIN_KEY_LEN 256
+#define KNET_MIN_KEY_LEN 128
#define KNET_MAX_KEY_LEN 4096
struct knet_handle_crypto_cfg {