Change how the length obfsucation mask is derived.

Instead of using the nonce for the secret box, just use SipHash-2-4 in OFB mode instead. The IV is generated as part of the KDF. This simplifies the code a decent amount and also is better on the off chance that SipHash-2-4 does not avalanche as well as it is currently assumed. While here, also decouple the fact that *this implementation* of obfs4 uses a PRNG with 24 bytes of internal state for protocol polymorphism instead of 32 bytes (that the spec requires). THIS CHANGE BREAKS WIRE PROTCOL COMPATIBILITY.
author: Yawning Angel <yawning@schwanenlied.me> 2014-06-02 17:50:01 +0000
committer: Yawning Angel <yawning@schwanenlied.me> 2014-06-02 17:50:01 +0000
commit: 5bdc376e2abaf5ac87816b763f5b26e314ee9536 (patch)
tree: 8746291873e187d7783116a2c9758bab23da5eb1 /packet.go
parent: 5cb3369e200c72aa23c3f86816cb854c35cc95cb (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/packet.go b/packet.go
index 3910604..dee5921 100644
--- a/packet.go
+++ b/packet.go
@@ -42,7 +42,7 @@ const (
 	packetOverhead          = 2 + 1
 	maxPacketPayloadLength  = framing.MaximumFramePayloadLength - packetOverhead
 	maxPacketPaddingLength  = maxPacketPayloadLength
-	seedPacketPayloadLength = drbg.SeedLength
+	seedPacketPayloadLength = SeedLength
 
 	consumeReadSize = framing.MaximumSegmentLength * 16
 )
author	Yawning Angel <yawning@schwanenlied.me>	2014-06-02 17:50:01 +0000
committer	Yawning Angel <yawning@schwanenlied.me>	2014-06-02 17:50:01 +0000
commit	5bdc376e2abaf5ac87816b763f5b26e314ee9536 (patch)
tree	8746291873e187d7783116a2c9758bab23da5eb1 /packet.go
parent	5cb3369e200c72aa23c3f86816cb854c35cc95cb (diff)