Update our MAC definition to include the key len.

It was recently changed to include the key len as first argument, but the spec was never updated. See the following gitlab review comment for more info: https://gitlab.com/asn/tor/merge_requests/7#note_19342504
author: George Kadianakis <desnacked@riseup.net> 2017-03-09 16:56:33 +0200
committer: George Kadianakis <desnacked@riseup.net> 2017-03-13 16:45:44 +0200
commit: 33bcbe24d6d526a347b74c3678f700da5f1a6e54 (patch)
tree: d42a6e6e3e758d8e40aa1008e12ad65315a05c40 /proposals/224-rend-spec-ng.txt
parent: 86382b8a36433ed0a4e8c7da6ebe993ffe2e48be (diff)
download: torspec-33bcbe24d6d526a347b74c3678f700da5f1a6e54.tar.gz
torspec-33bcbe24d6d526a347b74c3678f700da5f1a6e54.zip
1 files changed, 3 insertions, 2 deletions
diff --git a/proposals/224-rend-spec-ng.txt b/proposals/224-rend-spec-ng.txt
index ae990d4..8bff173 100644
--- a/proposals/224-rend-spec-ng.txt
+++ b/proposals/224-rend-spec-ng.txt
@@ -209,10 +209,11 @@ Table of contents:
 
       * Instantiate H with SHA3-256.
 
-      * Instantiate MAC(key=k, message=m) with H(k || m).
-
       * Instantiate KDF with SHAKE-256.
 
+      * Instantiate MAC(key=k, message=m) with H(k_len || k || m),
+        where k_len is htonll(len(k)).
+
    For legacy purposes, we specify compatibility with older versions of
    the Tor introduction point and rendezvous point protocols. These used
    RSA1024, DH1024, AES128, and SHA1, as discussed in
author	George Kadianakis <desnacked@riseup.net>	2017-03-09 16:56:33 +0200
committer	George Kadianakis <desnacked@riseup.net>	2017-03-13 16:45:44 +0200
commit	33bcbe24d6d526a347b74c3678f700da5f1a6e54 (patch)
tree	d42a6e6e3e758d8e40aa1008e12ad65315a05c40 /proposals/224-rend-spec-ng.txt
parent	86382b8a36433ed0a4e8c7da6ebe993ffe2e48be (diff)
download	torspec-33bcbe24d6d526a347b74c3678f700da5f1a6e54.tar.gz torspec-33bcbe24d6d526a347b74c3678f700da5f1a6e54.zip