Miroslav Lichvar 790a336eb2 nts: add server support for authentication with AES-128-GCM-SIV ...

Keep a server SIV instance for each available algorithm.

Select AES-128-GCM-SIV if requested by NTS-KE client as the first
supported algorithm.

Instead of encoding the AEAD ID in the cookie, select the algorithm
according to the length of decrypted keys. (This can work as a long as
all supported algorithms use keys with different lengths.)

2022-10-19 15:50:39 +02:00

8.6 KiB

Raw Blame History

View Raw