Specify Decrypt Failure Action

microsoft / net-offloads

Specs for new networking hardware offloads.

MIT License

27 stars 3 forks source link

Specify Decrypt Failure Action #38

Closed nibanks closed 2 years ago

nibanks commented 2 years ago

Closes #32.

maolson-msft commented 2 years ago

In #32 you said: "since the stateless reset token is the end of the packet, which is where the authentication tag is, I think it should be unmodified". What do you mean by this?

nibanks commented 2 years ago

In #32 you said: "since the stateless reset token is the end of the packet, which is where the authentication tag is, I think it should be unmodified". What do you mean by this?

The tag is the hash you compare to the result of your decryption. So you read it, not write it. So it should be unmodified.