OpenBSD kernel implementation
Jason A. Donenfeld
Jason at zx2c4.com
Wed Dec 12 23:36:11 CET 2018
On Wed, Dec 12, 2018 at 11:35 PM David Gwynne <david at gwynne.id.au> wrote:
> Did you tie the handshake and data state machines together so you would only have to handle packet crypto operations with a single set of keys? If so, what happens to data packets that are in flight while the handshake is happening? Do you keep the old keys around for a bit to allow operation on them?
Yes. There's a rotation on a fixed amount of state.
More information about the WireGuard