obfsproxy: obfs2: When deriving padding keys we truncate the shared-secret hash

In derive_padding_key() we do:

  if (shared_seed_nonzero(state->secret_seed))
    digest_update(c, state->secret_seed, OBFUSCATE_SEED_LENGTH);

OBFUSCATE_SEED_LENGTH should read SHARED_SECRET_LENGTH, similarly to how it is in derive_key().

This is a bug in obfsproxy master, and it will break compatibility with any correct obfs2 implementations.

Good thing is that obfsproxy is going obsolete these days, so most (all?) obfs2 shared-secret users will probably be using pyobfsproxy.