[strongSwan-dev] PRF+ and wrapping
Jean-Francois HREN
jean-francois.hren at stormshield.eu
Thu Oct 17 12:57:51 CEST 2019
Hello all,
In 'src/libstrongswan/crypto/prf_plus.c:get_bytes()' if 'this->counter' wraps, the feature is disabled.
The RFC says " The prf+ function is not defined beyond 255 times the size of the prf function output." however when wrapping occurs, we can set 'this->counter' to 0x01 since the behavior is not defined anyway.
What do you think ?
Jean-François Hren
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20191017/b6414184/attachment.html>
More information about the Dev
mailing list