- djm@cvs.openbsd.org 2013/01/03 12:49:01

[PROTOCOL] fix description of MAC calculation for EtM modes; ok markus@
author: Damien Miller <djm@mindrot.org> 2013-01-09 15:57:16 +1100
committer: Damien Miller <djm@mindrot.org> 2013-01-09 15:57:16 +1100
commit: 3739c8f0413bc7a90a1fc3a6c723436bd285bf86 (patch)
tree: 6554957cf787a62c947d040d7e3c89f5ecf980fb /PROTOCOL
parent: 441384453c7400e8b122e7368c50ab713399fd80 (diff)
1 files changed, 4 insertions, 3 deletions
diff --git a/PROTOCOL b/PROTOCOL
index 834716cc..eb5d0889 100644
--- a/PROTOCOL
+++ b/PROTOCOL
@@ -70,9 +70,10 @@ verified without decrypting unauthenticated data.
 
 As such, the MAC covers:
 
-      mac = MAC(key, sequence_number || encrypted_packet)
+      mac = MAC(key, sequence_number || packet_length || encrypted_packet)
 
-where "encrypted_packet" contains:
+where "packet_length" is encoded as a uint32 and "encrypted_packet"
+contains:
 
       byte      padding_length
       byte[n1]  payload; n1 = packet_length - padding_length - 1
@@ -318,4 +319,4 @@ link(oldpath, newpath) and will respond with a SSH_FXP_STATUS message.
 This extension is advertised in the SSH_FXP_VERSION hello with version
 "1".
 
-$OpenBSD: PROTOCOL,v 1.18 2012/12/11 22:31:18 markus Exp $
+$OpenBSD: PROTOCOL,v 1.19 2013/01/03 12:49:01 djm Exp $
author	Damien Miller <djm@mindrot.org>	2013-01-09 15:57:16 +1100
committer	Damien Miller <djm@mindrot.org>	2013-01-09 15:57:16 +1100
commit	3739c8f0413bc7a90a1fc3a6c723436bd285bf86 (patch)
tree	6554957cf787a62c947d040d7e3c89f5ecf980fb /PROTOCOL
parent	441384453c7400e8b122e7368c50ab713399fd80 (diff)