correct the comments, plus a question for nick

svn:r295

src/or/onion.c

@@ -418,16 +418,17 @@ crypt_path_t *onion_generate_cpath(routerinfo_t **firsthop) {
 
 /*----------------------------------------------------------------------*/
 
-/* Given a router's public key, generates a 208-byte encrypted DH pubkey,
+/* Given a router's public key, generates a 144-byte encrypted DH pubkey,
  * and stores it into onion_skin out.  Stores the DH private key into 
  * handshake_state_out for later completion of the handshake.
  *
  * The encrypted pubkey is formed as follows:
  *    16 bytes of symmetric key
- *   192 bytes of g^x for DH.
+ *   128 bytes of g^x for DH.
  * The first 128 bytes are RSA-encrypted with the server's public key,
- * and the last 80 are encrypted with the symmetric key.
+ * and the last 16 are encrypted with the symmetric key.
  */
+/* FIXME: Nick: looks like we could simplify this by just using 128 bytes for g^x. */
 int
 onion_skin_create(crypto_pk_env_t *dest_router_key,
                   crypto_dh_env_t **handshake_state_out,
@@ -502,7 +503,7 @@ onion_skin_create(crypto_pk_env_t *dest_router_key,
 }
 
 /* Given an encrypted DH public key as generated by onion_skin_create,
- * and the private key for this onion router, generate the 192-byte DH
+ * and the private key for this onion router, generate the 128-byte DH
  * reply, and key_out_len bytes of key material, stored in key_out.
  */
 int
@@ -563,7 +564,7 @@ onion_skin_server_handshake(char *onion_skin, /* DH_ONIONSKIN_LEN bytes long */
 }
 
 /* Finish the client side of the DH handshake.
- * Given the 192 byte DH reply as generated by onion_skin_server_handshake
+ * Given the 128 byte DH reply as generated by onion_skin_server_handshake
  * and the handshake state generated by onion_skin_create, generate
  * key_out_len bytes of shared key material and store them in key_out.
  *