Source File
ciphersuite.go
Belonging Package
github.com/pion/dtls/v3/pkg/crypto/ciphersuite
// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>// SPDX-License-Identifier: MIT// Package ciphersuite provides the crypto operations needed for a DTLS CipherSuitepackage ciphersuiteimport ()const (// 8 bytes of 0xff.// https://datatracker.ietf.org/doc/html/rfc9146#name-record-payload-protectionseqNumPlaceholder = 0xffffffffffffffff)var (//nolint:goerr113errNotEnoughRoomForNonce = &protocol.InternalError{Err: errors.New("buffer not long enough to contain nonce")}//nolint:goerr113errDecryptPacket = &protocol.TemporaryError{Err: errors.New("failed to decrypt packet")}//nolint:goerr113errInvalidMAC = &protocol.TemporaryError{Err: errors.New("invalid mac")}//nolint:goerr113errFailedToCast = &protocol.FatalError{Err: errors.New("failed to cast")})func generateAEADAdditionalData( *recordlayer.Header, int) []byte {var [13]byte// SequenceNumber MUST be set first// we only want uint48, clobbering an extra 2 (using uint64, Golang doesn't have uint48)binary.BigEndian.PutUint64([:], .SequenceNumber)binary.BigEndian.PutUint16([:], .Epoch)[8] = byte(.ContentType)[9] = .Version.Major[10] = .Version.Minor//nolint:gosec //G115binary.BigEndian.PutUint16([len()-2:], uint16())return [:]}// generateAEADAdditionalDataCID generates additional data for AEAD ciphers// according to https://datatracker.ietf.org/doc/html/rfc9146#name-aead-ciphersfunc generateAEADAdditionalDataCID( *recordlayer.Header, int) []byte {var cryptobyte.Builder.AddUint64(seqNumPlaceholder).AddUint8(uint8(protocol.ContentTypeConnectionID)).AddUint8(uint8(len(.ConnectionID))) //nolint:gosec //G115.AddUint8(uint8(protocol.ContentTypeConnectionID)).AddUint8(.Version.Major).AddUint8(.Version.Minor).AddUint16(.Epoch)util.AddUint48(&, .SequenceNumber).AddBytes(.ConnectionID).AddUint16(uint16()) //nolint:gosec //G115return .BytesOrPanic()}// examinePadding returns, in constant time, the length of the padding to remove// from the end of payload. It also returns a byte which is equal to 255 if the// padding was valid and 0 otherwise. See RFC 2246, Section 6.2.3.2.//// https://github.com/golang/go/blob/039c2081d1178f90a8fa2f4e6958693129f8de33/src/crypto/tls/conn.go#L245func examinePadding( []byte) ( int, byte) {if len() < 1 {return 0, 0}:= [len()-1]:= uint(len()-1) - uint() //nolint:gosec //G115// if len(payload) >= (paddingLen - 1) then the MSB of t is zero= byte(int32(^) >> 31) //nolint:gosec //G115// The maximum possible padding length plus the actual length field:= 256// The length of the padded data is public, so we can use an if hereif > len() {= len()}for := 0; < ; ++ {:= uint() - uint() //nolint:gosec //G115// if i <= paddingLen then the MSB of t is zero:= byte(int32(^) >> 31) //nolint:gosec //G115:= [len()-1-]&^= & ^ &}// We AND together the bits of good and replicate the result across// all the bits.&= << 4&= << 2&= << 1= uint8(int8() >> 7) //nolint:gosec //G115= int() + 1return ,}
 |
The pages are generated with Golds v0.8.2. (GOOS=linux GOARCH=amd64) Golds is a Go 101 project developed by Tapir Liu. PR and bug reports are welcome and can be submitted to the issue list. Please follow @zigo_101 (reachable from the left QR code) to get the latest news of Golds. |