[strongSwan-dev] PRF+ and wrapping
Tobias Brunner
tobias at strongswan.org
Mon Oct 21 12:37:27 CEST 2019
Hi Jean-François,
> This behavior was asked to us by ANSSI (French Cybersecurity agency) so
> it might make some sense but I'm no expert on the subject.
> However they also told us that wrapping should not happen so returning
> FALSE is surely good enough.
OK, I've pushed a change that lets the methods fail after the counter
wrapped to the prf-plus-wrap branch [1].
Regards,
Tobias
[1]
https://git.strongswan.org/?p=strongswan.git;a=shortlog;h=refs/heads/prf-plus-wrap
More information about the Dev
mailing list