mirrors/uquic
1
0
Fork 0
mirror of https://github.com/refraction-networking/uquic.git synced 2025-04-04 12:47:36 +03:00
Code Issues Projects Releases Packages Wiki Activity

handshake: embed the mask as an array into the aesHeaderProtector (#4324)

Browse source
This commit is contained in:
Marten Seemann 2024-03-03 23:02:32 +10:30 committed by GitHub
parent 067e7db750
commit f856163f1e
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 2 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

5
internal/handshake/header_protector.go
View file

@ -37,7 +37,7 @@ func newHeaderProtector(suite *cipherSuite, trafficSecret []byte, isLongHeader b
} }
type aesHeaderProtector struct { type aesHeaderProtector struct {
mask []byte mask [16]byte // AES always has a 16 byte block size
block cipher.Block block cipher.Block
isLongHeader bool isLongHeader bool
} }
@ -52,7 +52,6 @@ func newAESHeaderProtector(suite *cipherSuite, trafficSecret []byte, isLongHeade
} }
return &aesHeaderProtector{ return &aesHeaderProtector{
block: block, block: block,
mask: make([]byte, block.BlockSize()),
isLongHeader: isLongHeader, isLongHeader: isLongHeader,
} }
} }
@ -69,7 +68,7 @@ func (p *aesHeaderProtector) apply(sample []byte, firstByte *byte, hdrBytes []by
if len(sample) != len(p.mask) { if len(sample) != len(p.mask) {
panic("invalid sample size") panic("invalid sample size")
} }
p.block.Encrypt(p.mask, sample) p.block.Encrypt(p.mask[:], sample)
if p.isLongHeader { if p.isLongHeader {
*firstByte ^= p.mask[0] & 0xf *firstByte ^= p.mask[0] & 0xf
} else { } else {