explicitNonceLen returns the number of bytes of explicit nonce or IV included in each record. Explicit nonces are present only in CBC modes after TLS 1.0 and in certain AEAD modes in TLS 1.2.
()
| 262 | // in each record. Explicit nonces are present only in CBC modes after TLS 1.0 |
| 263 | // and in certain AEAD modes in TLS 1.2. |
| 264 | func (hc *halfConn) explicitNonceLen() int { |
| 265 | if hc.cipher == nil { |
| 266 | return 0 |
| 267 | } |
| 268 | |
| 269 | switch c := hc.cipher.(type) { |
| 270 | case cipher.Stream: |
| 271 | return 0 |
| 272 | case aead: |
| 273 | return c.explicitNonceLen() |
| 274 | case cbcMode: |
| 275 | // TLS 1.1 introduced a per-record explicit IV to fix the BEAST attack. |
| 276 | if hc.version >= VersionTLS11 { |
| 277 | return c.BlockSize() |
| 278 | } |
| 279 | return 0 |
| 280 | default: |
| 281 | panic("unknown cipher type") |
| 282 | } |
| 283 | } |
| 284 | |
| 285 | // extractPadding returns, in constant time, the length of the padding to remove |
| 286 | // from the end of payload. It also returns a byte which is equal to 255 if the |
no test coverage detected