From e5d73b0dfa6bc57b2ed8745df4409308eeaf272e Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Fri, 31 Jan 2014 15:53:38 +0100 Subject: aead: Support custom AEAD salt sizes The salt, or often called implicit nonce, varies between AEAD algorithms and their use in protocols. For IKE and ESP, GCM uses 4 bytes, while CCM uses 3 bytes. With TLS, however, AEAD mode uses 4 bytes for both GCM and CCM. Our GCM backends currently support 4 bytes and CCM 3 bytes only. This is fine until we go for CCM mode support in TLS, which requires 4 byte nonces. --- scripts/aes-test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'scripts/aes-test.c') diff --git a/scripts/aes-test.c b/scripts/aes-test.c index eb94180f8..425a4dc4f 100644 --- a/scripts/aes-test.c +++ b/scripts/aes-test.c @@ -313,7 +313,7 @@ static bool do_test_gcm(test_vector_t *test) return FALSE; } - aead = lib->crypto->create_aead(lib->crypto, alg, test->key.len); + aead = lib->crypto->create_aead(lib->crypto, alg, test->key.len, 4); if (!aead) { DBG1(DBG_APP, "algorithm %N or key length (%d bits) not supported", -- cgit v1.2.3