Incorrect max handshake message payload size calculation
Scratch-net opened this issue · comments
Alex commented
As stated in spec,
A Noise handshake message is also less than or equal to 65535 bytes.
It includes plain & encrypted public keys as well as authentication tag, provided by AEAD cipher.
So, this code
if len(payload) > MaxMsgLen {
panic("noise: message is too long")
}
is incorrect. MaxMsgLen depends on DHLen & token/pattern