diff options
author | Yawning Angel <yawning@schwanenlied.me> | 2014-06-02 17:50:01 +0000 |
---|---|---|
committer | Yawning Angel <yawning@schwanenlied.me> | 2014-06-02 17:50:01 +0000 |
commit | 5bdc376e2abaf5ac87816b763f5b26e314ee9536 (patch) | |
tree | 8746291873e187d7783116a2c9758bab23da5eb1 /drbg/hash_drbg.go | |
parent | 5cb3369e200c72aa23c3f86816cb854c35cc95cb (diff) |
Change how the length obfsucation mask is derived.
Instead of using the nonce for the secret box, just use SipHash-2-4 in
OFB mode instead. The IV is generated as part of the KDF. This
simplifies the code a decent amount and also is better on the off
chance that SipHash-2-4 does not avalanche as well as it is currently
assumed.
While here, also decouple the fact that *this implementation* of obfs4
uses a PRNG with 24 bytes of internal state for protocol polymorphism
instead of 32 bytes (that the spec requires).
THIS CHANGE BREAKS WIRE PROTCOL COMPATIBILITY.
Diffstat (limited to 'drbg/hash_drbg.go')
-rw-r--r-- | drbg/hash_drbg.go | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/drbg/hash_drbg.go b/drbg/hash_drbg.go index 13cc188..7186fd0 100644 --- a/drbg/hash_drbg.go +++ b/drbg/hash_drbg.go @@ -44,10 +44,10 @@ import ( const Size = siphash.Size // SeedLength is the length of the HashDrbg seed. -const SeedLength = 32 +const SeedLength = 16 + Size // Seed is the initial state for a HashDrbg. It consists of a SipHash-2-4 -// key, and 16 bytes of initial data. +// key, and 8 bytes of initial data. type Seed [SeedLength]byte // Bytes returns a pointer to the raw HashDrbg seed. @@ -71,9 +71,10 @@ func NewSeed() (seed *Seed, err error) { return } -// SeedFromBytes creates a Seed from the raw bytes. +// SeedFromBytes creates a Seed from the raw bytes, truncating to SeedLength as +// appropriate. func SeedFromBytes(src []byte) (seed *Seed, err error) { - if len(src) != SeedLength { + if len(src) < SeedLength { return nil, InvalidSeedLengthError(len(src)) } @@ -83,7 +84,8 @@ func SeedFromBytes(src []byte) (seed *Seed, err error) { return } -// SeedFromBase64 creates a Seed from the Base64 representation. +// SeedFromBase64 creates a Seed from the Base64 representation, truncating to +// SeedLength as appropriate. func SeedFromBase64(encoded string) (seed *Seed, err error) { var raw []byte raw, err = base64.StdEncoding.DecodeString(encoded) |