[Swan-dev] how should a proposal (SA's crytpo suite) be selected
Paul Wouters
paul at nohats.ca
Fri Dec 11 19:32:11 UTC 2015
On Fri, 11 Dec 2015, Andrew Cagney wrote:
> On 11 December 2015 at 13:27, Paul Wouters <paul at nohats.ca> wrote:
>>
>> Note Hugh had one comment regarding the "stop reading when you found
>> an acceptable proposal to return". It could be that the unread remainder
>> of the proposal/transforms are badly formed. It could be argued that
>> we should return NO_PROPOSAL_CHOSEN or INVALID_SYNTAX.
>
> How liberal should we be in what we accept :-)
liberal does apply to cryptography :)
> We need to be careful. I been wondering if the current code, which
> does parse the entire set of proposals, is rejecting things it should
> have skipped.
>
> How about I parse everything and:
>
> - if packet.[hc] returns an error then I'll bail
>
> - however, if the contents are messed up (zero or missing keylen for
> aes; AEAD with AUTH; unknown type; ...), I'll skip and continue
>
> I believe that follows the intent of the RFC.
That sounds perfect.
Paul
More information about the Swan-dev
mailing list