AIT-DSN icon indicating copy to clipboard operation
AIT-DSN copied to clipboard

Published 20 hours ago verified publisher icon NASA-AMMOS

Update AIT Encryption documentation

Open nttoole opened this issue 3 years ago • 1 comments

  1. Include more recent example for KMC client config
  2. Fix typo in example code that uses 'ait_result' instead of 'crypt_result'

nttoole avatar Jan 31 '22 21:01 nttoole

Nick, we might want to make a note of the following:

For KMC Client:

libgcrypt under FIPS will not support AES GCM encryption.

MGSS kickstarts have FIPS mode enabled by default, and some users may have it enabled on their systems. Disabling FIPS will allow gcrypt to use the algorithm.

See: https://dev.gnupg.org/T4873

It might save some headaches until it gets fixed.
Ibraheem might have more info for you.

Mejiro-McQueen avatar Feb 07 '22 21:02 Mejiro-McQueen