This commit is contained in:
Wade Simmons
2026-06-01 10:21:34 -04:00
parent b5ad62aea1
commit 8671a4ebbd
4 changed files with 22 additions and 5 deletions
+3
View File
@@ -29,6 +29,9 @@ type CipherState interface {
// NewCipherState wraps the post-handshake noise.CipherState in the per-cipher type that matches cipherFunc.
// cipherFunc must be the same cipher used to build the noise CipherSuite that produced s.
func NewCipherState(s *noise.CipherState, cipherFunc noise.CipherFunc) CipherState {
if cs, ok := s.Cipher().(CipherState); ok {
return cs
}
switch cipherFunc.CipherName() {
case CipherAESGCM.CipherName():
return NewCipherStateAESGCM(s)
+2 -2
View File
@@ -34,12 +34,12 @@ func (c cipherFn) Cipher(k [32]byte) noise.Cipher { return c.fn(k) }
func (c cipherFn) CipherName() string { return c.name }
// CipherAESGCM is the AES256-GCM AEAD cipher (using aeadAESGCM when fips140 is enabled)
var CipherAESGCM noise.CipherFunc = cipherFn{cipherAESGCM, "AESGCM"}
var CipherAESGCM noise.CipherFunc = cipherFn{cipherAESGCMFIPS140, "AESGCM"}
// tls.aeadAESGCM uses a 4 byte static prefix and an 8 byte nonce
var emptyPrefix = []byte{0, 0, 0, 0}
func cipherAESGCM(k [32]byte) noise.Cipher {
func cipherAESGCMFIPS140(k [32]byte) noise.Cipher {
gcm := aeadAESGCM(k[:], emptyPrefix)
return aeadCipher{
gcm,