openssl AEAD wrapper: handle authenticated data
This commit is contained in:
parent
e6b7353f4e
commit
53ecebc71e
|
@ -23,8 +23,6 @@ func (be opensslGCM) NonceSize() int {
|
||||||
// additional data and appends the result to dst, returning the updated
|
// additional data and appends the result to dst, returning the updated
|
||||||
// slice. The nonce must be NonceSize() bytes long and unique for all
|
// slice. The nonce must be NonceSize() bytes long and unique for all
|
||||||
// time, for a given key.
|
// time, for a given key.
|
||||||
//
|
|
||||||
// The plaintext and dst may alias exactly or not at all.
|
|
||||||
func (be opensslGCM) Seal(dst, nonce, plaintext, data []byte) []byte {
|
func (be opensslGCM) Seal(dst, nonce, plaintext, data []byte) []byte {
|
||||||
|
|
||||||
cipherBuf := bytes.NewBuffer(dst)
|
cipherBuf := bytes.NewBuffer(dst)
|
||||||
|
@ -33,6 +31,10 @@ func (be opensslGCM) Seal(dst, nonce, plaintext, data []byte) []byte {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
panic(err)
|
panic(err)
|
||||||
}
|
}
|
||||||
|
err = ectx.ExtraData(data)
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
part, err := ectx.EncryptUpdate(plaintext)
|
part, err := ectx.EncryptUpdate(plaintext)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
panic(err)
|
panic(err)
|
||||||
|
@ -88,6 +90,10 @@ func (be opensslGCM) Open(dst, nonce, ciphertext, data []byte) ([]byte, error) {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
plainBuf.Write(part)
|
plainBuf.Write(part)
|
||||||
|
err = dctx.ExtraData(data)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
return plainBuf.Bytes(), nil
|
return plainBuf.Bytes(), nil
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue