Hi, On Fri, Apr 22, 2022 at 03:40:33PM +0200, Arne Schwabe wrote: > +/** > + * Move a packet authentication HMAC + related fields to or from the front > + * of the buffer so it can be processed by encrypt/decrypt. > + * > + * Turning the on wire format that starts with the opcode to a format > + * that starts with the hmac > + * e.g. "onwire" [opcode + packet id] [hmac] [remainder of packed] > + * > + * > + * "internal" [hmac] [opcode + packet id] [remainer of packet] > + *
I was about to merge this as "it is easy, and does not change code", but
if we add documentation, it should be correct :-) - and this schematic
does not match my understanding of the actual code - which seems to
swap
[opcode + session id] [hmac + packet id]
could you double check that? The size of the "things it swaps" is
/* hmac + packet_id (8 bytes) */
const int hmac_size = hmac_ctx_size(ctx->hmac) + packet_id_size(true);
/* opcode + session_id */
const int osid_size = 1 + SID_SIZE;
... so that would make it "[hmac + packet id]" not "[hmac]" and
"[opcode + packet id]"...?!
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany [email protected]
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
