Merge "Update documentation for AES-GCM-ESP keymat length"

author: Benedict Wong <benedictwong@google.com> 2017-11-08 17:47:40 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> 2017-11-08 17:47:40 +0000
commit: 3db35dfcd518bfe819d8d05f4fd13d0d8a0f891a (patch)
tree: 0ae716abdfa6c47ed6b6df72aaebeb0538695425 /core/java
parent: b5d2f0c24f678a3b478a227dc6087820fd19233d (diff)
parent: 4ebc2c59682f9bcaea1d455dad5beae1ab0b87b5 (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/core/java/android/net/IpSecAlgorithm.java b/core/java/android/net/IpSecAlgorithm.java
index 16b1452311a6..64f8f39e2bca 100644
--- a/core/java/android/net/IpSecAlgorithm.java
+++ b/core/java/android/net/IpSecAlgorithm.java
@@ -78,7 +78,11 @@ public final class IpSecAlgorithm implements Parcelable {
     /**
      * AES-GCM Authentication/Integrity + Encryption/Ciphering Algorithm.
      *
-     * <p>Valid lengths for this key are {128, 192, 256}.
+     * <p>Valid lengths for keying material are {160, 224, 288}.
+     *
+     * <p>As per RFC4106 (Section 8.1), keying material consists of a 128, 192, or 256 bit AES key
+     * followed by a 32-bit salt. RFC compliance requires that the salt must be unique per
+     * invocation with the same key.
      *
      * <p>Valid ICV (truncation) lengths are {64, 96, 128}.
      */
author	Benedict Wong <benedictwong@google.com>	2017-11-08 17:47:40 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	2017-11-08 17:47:40 +0000
commit	3db35dfcd518bfe819d8d05f4fd13d0d8a0f891a (patch)
tree	0ae716abdfa6c47ed6b6df72aaebeb0538695425 /core/java
parent	b5d2f0c24f678a3b478a227dc6087820fd19233d (diff)
parent	4ebc2c59682f9bcaea1d455dad5beae1ab0b87b5 (diff)