From f1b1dcdb106c00fef1acffe04caaeabb3a34239b Mon Sep 17 00:00:00 2001 From: Yawning Angel Date: Thu, 15 May 2014 18:33:24 +0000 Subject: Change hashDrbg to take a drbgSeed for initialization. This paves the way for having servers use the same seed for all incoming connections, across multiple startup/shutdown cycles. As opposed to the current situation where each Obfs4Listener will randomly generate it's seed at creation time. Additionally, use 256 bit seeds (128 bit SipHash-2-4 key + 16 bytes of initial material). --- packet.go | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'packet.go') diff --git a/packet.go b/packet.go index 75179cb..2528a53 100644 --- a/packet.go +++ b/packet.go @@ -173,8 +173,13 @@ func (c *Obfs4Conn) consumeFramedPackets(w io.Writer) (n int, err error) { } case packetTypePrngSeed: // Only regenerate the distribution if we are the client. - if len(payload) >= distSeedLength && !c.isServer { - c.lenProbDist.reset(payload[:distSeedLength]) + if len(payload) >= drbgSeedLength && !c.isServer { + var seed *drbgSeed + seed, err = drbgSeedFromBytes(payload[:drbgSeedLength]) + if err != nil { + break + } + c.lenProbDist.reset(seed) } default: // Ignore unrecognised packet types. -- cgit v1.2.3