HomePhabricator

packet: Implement rekeying based on the recommendation from RFC's

Authored by Jakuje on Nov 15 2018, 1:43 PM.

Description

packet: Implement rekeying based on the recommendation from RFC's

The default rekeying recommendations are specified in
RFC4344 Section 3 (First and Second Rekeying Recommendations).
Additionally, the rekeying can be specified in configuration
file/options allowing us to turn the rekeying off, base it
on time or make it more strict.

The code is highly inspired by the OpenSSH rekeying code.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Daiki Ueno <dueno@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>

Details

Committed
asnJan 9 2019, 10:31 AM
Parents
rLIBSSHc86a00d06b73: packet: Provide a function to switch crypto in separate directions
Branches
Unknown
Tags
Unknown