[strongSwan-dev] PRF+ and wrapping
jean-francois.hren at stormshield.eu
Thu Oct 17 12:57:51 CEST 2019
In 'src/libstrongswan/crypto/prf_plus.c:get_bytes()' if 'this->counter' wraps, the feature is disabled.
The RFC says " The prf+ function is not defined beyond 255 times the size of the prf function output." however when wrapping occurs, we can set 'this->counter' to 0x01 since the behavior is not defined anyway.
What do you think ?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Dev