From 19f34317ba024cfcf0061ff7587210b7be8fa2af Mon Sep 17 00:00:00 2001 From: Yawning Angel Date: Wed, 21 May 2014 01:45:17 +0000 Subject: Change the MSS to 1448 bytes, because timestamps are a thing. This breaks wireprotocol compatibility. --- doc/obfs4-spec.txt | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'doc') diff --git a/doc/obfs4-spec.txt b/doc/obfs4-spec.txt index de821c5..dedf09c 100644 --- a/doc/obfs4-spec.txt +++ b/doc/obfs4-spec.txt @@ -89,7 +89,7 @@ 2. The client sends a handshake request to the server where: X' = Elligator 2 representative of X (32 bytes) - P_C = Random padding [87, 1396] bytes long + P_C = Random padding [87, 1384] bytes long M_C = HMAC-SHA256-128(B | NODEID, X') E = String representation of the number of hours since the UNIX epoch @@ -145,7 +145,7 @@ Y' = Elligator 2 Representative of Y (32 bytes) AUTH = The ntor authentication tag (32 bytes) - P_S = Random padding [0, 1364] bytes long + P_S = Random padding [0, 1352] bytes long M_S = HMAC-SHA256-128(B | NODEID, Y') E' = E from the client request MAC_S = HMAC-SHA256-128(B | NODEID, Y' | AUTH | P_S | M_S | E') @@ -193,7 +193,7 @@ be 0 in which case all the remaining data is authenticated and decrypted, but ignored. - The maximum allowed frame length is 1460 bytes, which allows up to 1439 + The maximum allowed frame length is 1448 bytes, which allows up to 1427 bytes of useful payload to be transmitted per "frame". If unsealing a secretbox ever fails (due to a Tag mismatch), implementations @@ -228,7 +228,7 @@ part of the serverResponse if it always sends the frame immediately following the serverResponse body. If implementations chose to do this, the TYPE_PRNG_SEED frame MUST have 0 bytes of padding, and P_S MUST - consist of [0,1309] bytes of random padding. + consist of [0,1297] bytes of random padding. 7. References -- cgit v1.2.3