SECIO Message Framing - specification issue

Hello guys, hope you are not about to totally ignore my messages image

SECIO spec says that the packet structure is the following:

[uint32 length of packet | encrypted body | hmac signature of encrypted body]

The packet length is in bytes, and it is encoded as an unsigned 32-bit integer in network (big endian) byte order.

Considering that the depicted packet bytes are enclosed into [ and ], then it seems that 4 bytes of uint32 length field should also be counted in the value of that filed. Thus, packet len = len(of uint32 len field = 4bytes) + len(enc body) + len(hmac signature).

On the other hand, go implementation of secio’s etmReader shows that this field does not count the space taken by itself. And framing becomes look like this:

[uint32 length of the following packet ] <!!!> [encrypted body | hmac signature of encrypted body]

Could you please clarify which is right? Please confirm if there is a bug in the spec

The latter is correct, the spec could use some clarifying. A message will look like:

[uint32 length of frame][ secio frame ]

The secio frame includes the enrypted body and hmac signature. There is an open PR to set the max frame size of secio to 8MB, which is the current limit of the go implementation. This means that your total message size could be 4bytes + 8MB.

1 Like

Many thanks for the answer