From a21fd9c1bcd9d1f75bdf036eb453652608571df5 Mon Sep 17 00:00:00 2001 From: Kris Kwiatkowski Date: Mon, 13 Aug 2018 11:45:26 +0100 Subject: [PATCH] refactors record encryption code (#122) --- conn.go | 22 ++++++++++------------ 1 file changed, 10 insertions(+), 12 deletions(-) diff --git a/conn.go b/conn.go index 689c5ca..4693453 100644 --- a/conn.go +++ b/conn.go @@ -472,12 +472,6 @@ func (hc *halfConn) encrypt(b *block, explicitIVLen int) (bool, alert) { case aead: // explicitIVLen is always 0 for TLS1.3 payloadLen := len(b.data) - recordHeaderLen - explicitIVLen - overhead := c.Overhead() - if hc.version >= VersionTLS13 { - overhead++ // TODO(kk): why this is done? - } - b.resize(len(b.data) + overhead) - nonce := b.data[recordHeaderLen : recordHeaderLen+explicitIVLen] if len(nonce) == 0 { nonce = hc.seq[:] @@ -491,19 +485,23 @@ func (hc *halfConn) encrypt(b *block, explicitIVLen int) (bool, alert) { copy(hc.additionalData[8:], b.data[:3]) binary.BigEndian.PutUint16(hc.additionalData[11:], uint16(payloadLen)) additionalData = hc.additionalData[:] + b.resize(len(b.data) + c.Overhead()) } else { - // opaque type - payload = payload[:len(payload)+1] - payload[len(payload)-1] = b.data[0] + // 1 byte of content type is appended to payload and encrypted + payload = append(payload, b.data[0]) + + // opaque_type b.data[0] = byte(recordTypeApplicationData) // Add AD header, see 5.2 of RFC8446 additionalData = make([]byte, 5) - additionalData[0] = byte(recordTypeApplicationData) + additionalData[0] = b.data[0] binary.BigEndian.PutUint16(additionalData[1:], VersionTLS12) - binary.BigEndian.PutUint16(additionalData[3:], uint16(payloadLen+overhead)) - } + binary.BigEndian.PutUint16(additionalData[3:], uint16(len(payload)+c.Overhead())) + // make room for TLSCiphertext.encrypted_record + b.resize(len(payload) + recordHeaderLen + c.Overhead()) + } c.Seal(payload[:0], nonce, payload, additionalData) case cbcMode: blockSize := c.BlockSize()