Code Review / vpp.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: d577e1f) | patch
crypto: enforce per-alg crypto key length 40/19240/2
authorBenoît Ganne <bganne@cisco.com>
Mon, 29 Apr 2019 14:05:46 +0000 (16:05 +0200)
committerDamjan Marion <dmarion@me.com>
Tue, 30 Apr 2019 15:33:53 +0000 (15:33 +0000)
commitbe95444fbb31b875c2ab98cd330fdcb36027ced8
treecdd489306a290cff918b954be950eca0fb4b61bdtree | snapshot
parentd577e1f578182d7f663e0f8519dadc81f21cb7a6commit | diff
crypto: enforce per-alg crypto key length

Crypto algorithms have different requirements on key length. As we do
not support key stretching (eg. PBKDF2), user must provide the exact
key length used by the algorithm.
Failing that means low-level crypto functions might read garbage (eg.
aes128_key_expand() will read 16-bytes, regardless of the key provided
by the user).

Change-Id: I347a1ea7a59720a1ed07ceaad8b00a31f78458c9
Signed-off-by: Benoît Ganne <bganne@cisco.com>
src/scripts/vnet/ipsec diff | blob | history
src/vnet/crypto/crypto.c diff | blob | history
src/vnet/crypto/crypto.h diff | blob | history
src/vnet/ipsec/ipsec_sa.c diff | blob | history
Vector Packet Processing