From 5bdc376e2abaf5ac87816b763f5b26e314ee9536 Mon Sep 17 00:00:00 2001 From: Yawning Angel Date: Mon, 2 Jun 2014 17:50:01 +0000 Subject: Change how the length obfsucation mask is derived. Instead of using the nonce for the secret box, just use SipHash-2-4 in OFB mode instead. The IV is generated as part of the KDF. This simplifies the code a decent amount and also is better on the off chance that SipHash-2-4 does not avalanche as well as it is currently assumed. While here, also decouple the fact that *this implementation* of obfs4 uses a PRNG with 24 bytes of internal state for protocol polymorphism instead of 32 bytes (that the spec requires). THIS CHANGE BREAKS WIRE PROTCOL COMPATIBILITY. --- drbg/hash_drbg.go | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) (limited to 'drbg') diff --git a/drbg/hash_drbg.go b/drbg/hash_drbg.go index 13cc188..7186fd0 100644 --- a/drbg/hash_drbg.go +++ b/drbg/hash_drbg.go @@ -44,10 +44,10 @@ import ( const Size = siphash.Size // SeedLength is the length of the HashDrbg seed. -const SeedLength = 32 +const SeedLength = 16 + Size // Seed is the initial state for a HashDrbg. It consists of a SipHash-2-4 -// key, and 16 bytes of initial data. +// key, and 8 bytes of initial data. type Seed [SeedLength]byte // Bytes returns a pointer to the raw HashDrbg seed. @@ -71,9 +71,10 @@ func NewSeed() (seed *Seed, err error) { return } -// SeedFromBytes creates a Seed from the raw bytes. +// SeedFromBytes creates a Seed from the raw bytes, truncating to SeedLength as +// appropriate. func SeedFromBytes(src []byte) (seed *Seed, err error) { - if len(src) != SeedLength { + if len(src) < SeedLength { return nil, InvalidSeedLengthError(len(src)) } @@ -83,7 +84,8 @@ func SeedFromBytes(src []byte) (seed *Seed, err error) { return } -// SeedFromBase64 creates a Seed from the Base64 representation. +// SeedFromBase64 creates a Seed from the Base64 representation, truncating to +// SeedLength as appropriate. func SeedFromBase64(encoded string) (seed *Seed, err error) { var raw []byte raw, err = base64.StdEncoding.DecodeString(encoded) -- cgit v1.2.3