From a3a8cc155e64874a57b840da687361030cbc5bcc Mon Sep 17 00:00:00 2001 From: Martin Thomson Date: Thu, 26 Oct 2023 23:12:49 +1100 Subject: [PATCH] Header protection application and removal This pseudocode could be dual purpose. The current code is only for applying header protection, but the language before talks about removal more. This might be clearer. --- rfc9001.md | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/rfc9001.md b/rfc9001.md index d965a7625f..d24f89d24a 100644 --- a/rfc9001.md +++ b/rfc9001.md @@ -1190,20 +1190,24 @@ of the packet are masked by the least significant bits of the first mask byte, and the packet number is masked with the remaining bytes. Any unused bytes of mask that might result from a shorter packet number encoding are unused. -{{pseudo-hp}} shows a sample algorithm for applying header protection. Removing -header protection only differs in the order in which the packet number length -(pn_length) is determined (here "^" is used to represent exclusive OR). +{{pseudo-hp}} shows a sample algorithm for applying or removing header +protection. Applying or removing header protection only differ in the order in +which the packet number length (pn_length) is determined (here "^" is used to +represent exclusive OR). ~~~pseudocode mask = header_protection(hp_key, sample) -pn_length = (packet[0] & 0x03) + 1 +if encoding: + pn_length = (packet[0] & 0x03) + 1 if (packet[0] & 0x80) == 0x80: # Long header: 4 bits masked packet[0] ^= mask[0] & 0x0f else: # Short header: 5 bits masked packet[0] ^= mask[0] & 0x1f +if decoding: + pn_length = (packet[0] & 0x03) + 1 # pn_offset is the start of the Packet Number field. packet[pn_offset:pn_offset+pn_length] ^= mask[1:1+pn_length]