Change the TYPE_PRNG_SEED length to 24.

This matches what the code actually sends. It's shorter than the ScrambleSuit PRNG seed, but that's because the SipHash-2-4 based Hash_DRBG has 24 bytes of internal state (key + initial output).

Change the TYPE_PRNG_SEED length to 24.
94d3fe9a · Yawning Angel · 468cd4bd · 94d3fe9a
Commit 94d3fe9a authored 10 years ago by Yawning Angel
--- a/doc/obfs4-spec.txt
+++ b/doc/obfs4-spec.txt
@@ -104,7 +104,7 @@

       Length of the ntor AUTH tag (A HMAC-SHA256 digest).

-     InlineSeedFrameLength = 53
+     InlineSeedFrameLength = 45

       Length of a unpadded TYPE_PRNG_SEED frame.

@@ -144,7 +144,7 @@

   The amount of padding is chosen such that the smallest possible request and
   response (requests and responses with the minimum amount of padding) are
-   equal in size.  For details on the InlineSeedFrameLength, see section 7.
+   equal in size.  For details on the InlineSeedFrameLength, see section 6.

   The client handshake process is as follows.

@@ -282,7 +282,7 @@
     TYPE_PRNG_SEED (0x01):

         The entire payload is to be treated as seeding material for the
-         protocol polymorphism PRNG.  The format is 32 bytes of seeding
+         protocol polymorphism PRNG.  The format is 24 bytes of seeding
         material.

   Implementations SHOULD ignore unknown packet types for the purposes of