miracle091/dnscrypt-proxy
miracle091/dnscrypt-proxy
1
0
Fork 0
mirror of https://github.com/DNSCrypt/dnscrypt-proxy.git synced 2025-01-06 01:37:12 +01:00
Code Issues Releases Wiki Activity

Don't hardcode the HPKE cipher

Browse Source
This commit is contained in:
Frank Denis 2021-06-07 18:16:15 +02:00
parent 72a354caf9
commit d5e9ed3aa9
1 changed files with 2 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
dnscrypt-proxy/oblivious_doh.go
View File

@ -1,8 +1,6 @@
package main
import (
"crypto/aes"
"crypto/cipher"
"crypto/subtle"
"encoding/binary"
"fmt"
@ -157,12 +155,7 @@ func (q ODoHQuery) decryptResponse(response []byte) ([]byte, error) {
return nil, err
}
block, err := aes.NewCipher(key)
if err != nil {
return nil, err
}
aesgcm, err := cipher.NewGCM(block)
cipher, err := q.suite.NewRawCipher(key)
if err != nil {
return nil, err
}
@ -175,7 +168,7 @@ func (q ODoHQuery) decryptResponse(response []byte) ([]byte, error) {
ct := response[5+int(responseNonceLength):]
aad := response[0 : 3+int(responseNonceLength)]
responsePlaintext, err := aesgcm.Open(nil, nonce, ct, aad)
responsePlaintext, err := cipher.Open(nil, nonce, ct, aad)
if err != nil {
return nil, err
}