From 3013231f46908bf5908624385cc9717354c0deba Mon Sep 17 00:00:00 2001
From: Roland Shoemaker <roland@golang.org>
Date: Wed, 19 Feb 2025 14:14:54 -0800
Subject: [PATCH] crypto/tls: fix incorrect EncryptedClientHelloKey comment

Updates #71706

Change-Id: Id689ec476eb3f76500dbf59d716a4376749de700
Reviewed-on: https://go-review.googlesource.com/c/go/+/650719
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Auto-Submit: Roland Shoemaker <roland@golang.org>
Reviewed-by: Michael Knyszek <mknyszek@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
---
 src/crypto/tls/common.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/crypto/tls/common.go b/src/crypto/tls/common.go
index d6942d2ef1..f2dde9754b 100644
--- a/src/crypto/tls/common.go
+++ b/src/crypto/tls/common.go
@@ -870,7 +870,7 @@ type EncryptedClientHelloKey struct {
 	// must match the config provided to clients byte-for-byte. The config
 	// should only specify the DHKEM(X25519, HKDF-SHA256) KEM ID (0x0020), the
 	// HKDF-SHA256 KDF ID (0x0001), and a subset of the following AEAD IDs:
-	// AES-128-GCM (0x0000), AES-256-GCM (0x0001), ChaCha20Poly1305 (0x0002).
+	// AES-128-GCM (0x0001), AES-256-GCM (0x0002), ChaCha20Poly1305 (0x0003).
 	Config []byte
 	// PrivateKey should be a marshalled private key. Currently, we expect
 	// this to be the output of [ecdh.PrivateKey.Bytes].
-- 
2.50.0