]> Cypherpunks.ru repositories - govpn.git/blobdiff - doc/transport.texi
projects / govpn.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Simplify transport packet padding scheme, save 1 byte
[govpn.git] / doc / transport.texi
diff --git a/doc/transport.texi b/doc/transport.texi
index bfe35013d7de4cbf4676db0e6fa86fcd2778fcd4..4e26785b409c9138cba94e8282d469c71fc24ff8 100644 (file)
--- a/doc/transport.texi
+++ b/doc/transport.texi
@@ -19,7 +19,7 @@ TAG || ENCRYPTED || NONCE --> PACKET
 +--< ENCRYPT(KEY, NONCE, PAYLOAD)
                     ^       ^
                     |       |
-                    |       +--< SIZE || DATA [|| NOISE]
+                    |       +--< DATA || PAD [|| ZEROS]
                     |
                     +--< PRP(PRP_KEY, SERIAL)
 @end verbatim
@@ -44,11 +44,9 @@ PRP_KEY = ENCRYPT(KEY, 0, 128-bit)
 Salsa20's output is ignored and only remaining is XORed with ther data,
 encrypting it.
 
-@code{SIZE} is big-endian @emph{uint16} storing length of the
-@code{DATA}.
-
-@code{NOISE} is optional. It is just some junk data, intended to fill up
-packet to MTU size. This is useful for concealing payload packets length.
+@code{DATA} is padded with @code{PAD} (0x80 byte). Optional @code{ZEROS}
+may follow, to fillup packet with the junk to conceal pyload packet
+length.
 
 @code{AUTH} is Poly1305 authentication function. First 256 bits of
 Salsa20's output are used as a one-time key for @code{AUTH}.
Simple secure free software VPN daemon