From 04378bc27c604e97353badbead8c435698abe97a Mon Sep 17 00:00:00 2001
From: Rob Napier <robnapier@gmail.com>
Date: Sat, 27 Jun 2015 15:26:10 -0400
Subject: [PATCH] Include magic in header/HMAC

---
 draft-RNCryptor-Spec-v4.0.md | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/draft-RNCryptor-Spec-v4.0.md b/draft-RNCryptor-Spec-v4.0.md
index d7f3c35..a7044ed 100644
--- a/draft-RNCryptor-Spec-v4.0.md
+++ b/draft-RNCryptor-Spec-v4.0.md
@@ -76,8 +76,9 @@ Expand().
 def Encrypt(prk[64], options[1], salt[16], plaintext) =
     (encryptionKey[32], hmacKey[32], iv[16], validator[16]) = Expand(prk)
 
+    magic = "RNC" (0x52 0x4e 0x43)
     version = 0x04
-    header = version || options || salt || validator
+    header = magic || version || options || salt || validator
     ciphertext = AESEncrypt(256 bits, CBCMode, encryptionKey, iv, plaintext)
     hmac = HMAC(SHA512, hmacKey, header || ciphertext, 256 bits)
     return header || ciphertext || hmac
@@ -96,8 +97,9 @@ def Decrypt(prk[64], options[1], salt[16], validator[16], ciphertext, hmac[32])
     (encryptionKey[32], hmacKey[32], iv[16], validator[16]) = Expand(prk)
     if (! ConsistentTimeEqual(expectedValidator, validator) return KEY_MISMATCH
 
+    magic = "RNC" (0x52 0x4e 0x43)
     version = 0x04
-    header = version || options || salt || validator
+    header = magic || version || options || salt || validator
     expectedHmac = HMAC(SHA512, hmacKey, header || ciphertext, 256 bits)
 
     if ! ConsistentTimeEqual(expectedHmac, hmac) return CORRUPT