From 1e98ae10c2dc793b7ee033b83856285f3a8fe718 Mon Sep 17 00:00:00 2001
From: wangyu- <wangyucn@gmail.com>
Date: Sat, 21 Jul 2018 07:45:10 -0500
Subject: [PATCH] trival

---
 encrypt.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/encrypt.cpp b/encrypt.cpp
index a06ecc5..394eab9 100755
--- a/encrypt.cpp
+++ b/encrypt.cpp
@@ -19,7 +19,7 @@ static int8_t zero_iv[]={0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,   0,0,0,0};//this prog
 ****/
 
 char normal_key[16 + 100];//generated from key_string by md5. reserved for compatiblity
-const int hmac_key_len=64;//generate 512bit long keys, but its necessary to use the full length
+const int hmac_key_len=64;//generate 512bit long keys, use first n chars when needed
 const int cipher_key_len=64;
 unsigned char hmac_key_encrypt[hmac_key_len + 100];  //key for hmac
 unsigned char hmac_key_decrypt[hmac_key_len + 100];  //key for hmac
@@ -161,7 +161,7 @@ int auth_hmac_sha1_cal(const char *data,char * output,int &len)
 	mylog(log_trace,"auth_hmac_sha1_cal() is called\n");
 	memcpy(output,data,len);//TODO inefficient code
 	sha1_hmac(hmac_key_encrypt, 20, (const unsigned char *)data, len,(unsigned char *)(output+len));
-	//use key len of 20 instead of hmac_key_len, key_len >sha1_block_size doesnt provide extra strength
+	//use key len of 20 instead of hmac_key_len, "extra length would not significantly increase the function strength" (rfc2104)
 	len+=20;
 	return 0;
 }