LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update documentation for AES-GCM-ESP keymat length

Browse Source 
Added notes that keymat length must include 32 bits of salt.

Bug: 68672051
Test: Frameworks-net unit tests & IpSecManager CTS tests run
Change-Id: I0ae0c5be8a45b2374783b3bd1fa8bf930f15e687
This commit is contained in:
Benedict Wong
2017-11-01 17:14:25 -07:00
parent 8c302f08a9
commit 01b1ab4034
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
core/java/android/net/IpSecAlgorithm.java
View File

@@ -78,7 +78,11 @@ public final class IpSecAlgorithm implements Parcelable {
/** /**
* AES-GCM Authentication/Integrity + Encryption/Ciphering Algorithm. * AES-GCM Authentication/Integrity + Encryption/Ciphering Algorithm.
* *
* <p>Valid lengths for this key are {128, 192, 256}. * <p>Valid lengths for keying material are {160, 224, 288}.
*
* <p>As per RFC4106 (Section 8.1), keying material consists of a 128, 192, or 256 bit AES key
* followed by a 32-bit salt. RFC compliance requires that the salt must be unique per
* invocation with the same key.
* *
* <p>Valid ICV (truncation) lengths are {64, 96, 128}. * <p>Valid ICV (truncation) lengths are {64, 96, 128}.
*/ */