[PATCH] eap: disable IKEv2 MD5 when building with CONFIG_FIPS
Jouni Malinen
j at w1.fi
Mon Feb 9 12:19:16 PST 2026
On Mon, Feb 09, 2026 at 01:38:56PM +0530, Chaitanya Tata wrote:
> RFC 4306 allows HMAC-MD5 for integrity and PRF, but MD5 is not
> FIPS-approved. Exclude AUTH_HMAC_MD5_96 and PRF_HMAC_MD5 from the
> supported algorithm tables and switch branches when CONFIG_FIPS is set.
> HMAC-SHA1 remains enabled.
Thanks, applied.
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list