You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
- `<client-magic>`: a 8 byte identifier for the resolver certificate chosen by the client.
112
+
- `<client-magic>`: an 8 byte identifier for the resolver certificate chosen by the client.
113
113
- `<client-pk>`: the client's public key, whose length depends on the encryption algorithm defined in the chosen certificate.
114
114
- `<client-sk>`: the client's secret key.
115
115
- `<resolver-pk>`: the resolver's public key.
@@ -222,7 +222,7 @@ With the knowledge of the chosen certificate and corresponding secret key, along
222
222
223
223
### Padding For Client Queries Over UDP
224
224
225
-
Before encryption takes place, queries are padded according to the ISO/IEC 7816-4 standard. Padding begins with a single byte holding the value `0x80`, succeeded by any number of `NUL` bytes.
225
+
Before encryption takes place, queries are padded according to the ISO/IEC 7816-4 standard. Padding begins with a single byte holding the value `0x80`, followed by any number of `NUL` bytes.
226
226
227
227
`<client-query>``<client-query-pad>`MUST be at least `<min-query-len>` bytes.
228
228
In this context, `<client-query>` represents the original client query, while `<client-query-pad>` denotes the added padding.
@@ -233,9 +233,9 @@ Should the client query's length fall short of `<min-query-len>` bytes, the pad
233
233
234
234
### Client Queries Over UDP
235
235
236
-
UDP-based client queries need to follow the padding guidelines outlined in section 3.
236
+
UDP-based client queries need to follow the padding guidelines outlined in the previous section.
237
237
238
-
Each UDP packet MUST hold one query, with the complete content comprising the `<dnscrypt-query>` structure specified in section 2.
238
+
Each UDP packet MUST hold one query, with the complete content comprising the `<dnscrypt-query>` structure specified in the Protocol Components section.
239
239
240
240
UDP packets employing the DNSCrypt protocol have the capability to be split into distinct IP packets sharing the same source port.
241
241
@@ -256,8 +256,7 @@ The client MAY decrease `<min-query-len>`, but the length MUST remain a multiple
256
256
257
257
### Padding For Client Queries Over TCP
258
258
259
-
Queries MUST undergo padding using the ISO/IEC 7816-4 format before being encrypted. The padding starts with a byte valued `0x80` followed by a
260
-
variable number of NUL bytes.
259
+
Queries MUST undergo padding using the ISO/IEC 7816-4 format before being encrypted. The padding starts with a byte valued `0x80` followed by a variable number of NUL bytes.
261
260
262
261
The length of `<client-query-pad>` is selected randomly, ranging from 1 to 256 bytes, including the initial byte valued at `0x80`. The total length of `<client-query>` `<client-query-pad>` MUST be a multiple of 64 bytes.
0 commit comments