Update documentation for AES-GCM-ESP keymat length Added notes that keymat length must include 32 bits of salt. Bug: 68672051 Test: Frameworks-net unit tests & IpSecManager CTS tests run Change-Id: I0ae0c5be8a45b2374783b3bd1fa8bf930f15e687

commit: 01b1ab403426c82b854deac54598dffe67fedbd3 [log] [tgz]
author: Benedict Wong <benedictwong@google.com> Wed Nov 01 17:14:25 2017 -0700
committer: Benedict Wong <benedictwong@google.com> Tue Nov 07 17:39:35 2017 -0800
tree: eee97a13fd5cebc8c0db65a99a35ed4966b32e72
parent: 8c302f08a9f96dba2af69297b1d3ee7db258cf36 [diff]
diff --git a/core/java/android/net/IpSecAlgorithm.java b/core/java/android/net/IpSecAlgorithm.java
index 16b1452..64f8f39 100644
--- a/core/java/android/net/IpSecAlgorithm.java
+++ b/core/java/android/net/IpSecAlgorithm.java

@@ -78,7 +78,11 @@
     /**
      * AES-GCM Authentication/Integrity + Encryption/Ciphering Algorithm.
      *
-     * <p>Valid lengths for this key are {128, 192, 256}.
+     * <p>Valid lengths for keying material are {160, 224, 288}.
+     *
+     * <p>As per RFC4106 (Section 8.1), keying material consists of a 128, 192, or 256 bit AES key
+     * followed by a 32-bit salt. RFC compliance requires that the salt must be unique per
+     * invocation with the same key.
      *
      * <p>Valid ICV (truncation) lengths are {64, 96, 128}.
      */
commit	01b1ab403426c82b854deac54598dffe67fedbd3	[log] [tgz]
author	Benedict Wong <benedictwong@google.com>	Wed Nov 01 17:14:25 2017 -0700
committer	Benedict Wong <benedictwong@google.com>	Tue Nov 07 17:39:35 2017 -0800
tree	eee97a13fd5cebc8c0db65a99a35ed4966b32e72
parent	8c302f08a9f96dba2af69297b1d3ee7db258cf36 [diff]