mirror of
https://github.com/slackhq/nebula.git
synced 2026-07-02 03:20:29 +02:00
cleanup
This commit is contained in:
@@ -29,6 +29,9 @@ type CipherState interface {
|
||||
// NewCipherState wraps the post-handshake noise.CipherState in the per-cipher type that matches cipherFunc.
|
||||
// cipherFunc must be the same cipher used to build the noise CipherSuite that produced s.
|
||||
func NewCipherState(s *noise.CipherState, cipherFunc noise.CipherFunc) CipherState {
|
||||
if cs, ok := s.Cipher().(CipherState); ok {
|
||||
return cs
|
||||
}
|
||||
switch cipherFunc.CipherName() {
|
||||
case CipherAESGCM.CipherName():
|
||||
return NewCipherStateAESGCM(s)
|
||||
|
||||
@@ -34,12 +34,12 @@ func (c cipherFn) Cipher(k [32]byte) noise.Cipher { return c.fn(k) }
|
||||
func (c cipherFn) CipherName() string { return c.name }
|
||||
|
||||
// CipherAESGCM is the AES256-GCM AEAD cipher (using aeadAESGCM when fips140 is enabled)
|
||||
var CipherAESGCM noise.CipherFunc = cipherFn{cipherAESGCM, "AESGCM"}
|
||||
var CipherAESGCM noise.CipherFunc = cipherFn{cipherAESGCMFIPS140, "AESGCM"}
|
||||
|
||||
// tls.aeadAESGCM uses a 4 byte static prefix and an 8 byte nonce
|
||||
var emptyPrefix = []byte{0, 0, 0, 0}
|
||||
|
||||
func cipherAESGCM(k [32]byte) noise.Cipher {
|
||||
func cipherAESGCMFIPS140(k [32]byte) noise.Cipher {
|
||||
gcm := aeadAESGCM(k[:], emptyPrefix)
|
||||
return aeadCipher{
|
||||
gcm,
|
||||
|
||||
Reference in New Issue
Block a user