Dear team
as per the documnet
http://csrc.nist.gov/groups/STM/cmvp/documents/fips140-2/FIPS1402IG.pdf
page 150 , Its mentioned
The implementation of the nonce_explicit management logic inside the
module shall ensure that
when the nonce_explicit part of the IV exhausts the maximum number of
possible values for a given
session key (e.g., a 64-bit counter starting from 0 and increasing,
when it reaches the maximum value
of 2 64 -1),
*either party (the client or the server) that encounters this condition
triggers a handshake to establish a new encryption key – see Sections
7.4.1.1 and 7.4.1.2 in RFC 5246*.
is this being handled by openssl ? in the source code of openssl i am
not able find out the
exact location where this renegotiation is initiated when the counter
over flows ?
Thanks in advance
Thanks and regards
Akshar
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
