Stowage/go
2
0
Fork 0
mirror of https://github.com/golang/go.git synced 2025-12-08 06:10:04 +00:00
Code Issues Projects Releases Packages Wiki Activity

[dev.boringcrypto] crypto/tls: use TLS-specific AES-GCM mode if available

Browse source 
Change-Id: Ide00c40c0ca8d486f3bd8968e1d301c8b0ed6d05
Reviewed-on: https://go-review.googlesource.com/56011
Run-TryBot: Russ Cox <rsc@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
This commit is contained in:
Russ Cox 2017-08-15 19:23:26 -04:00
parent 335a0f87bf
commit 2efded1cd2
1 changed files with 11 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

12
src/crypto/tls/cipher_suites.go
View file

@ -220,12 +220,22 @@ func (f *xorNonceAEAD) Open(out, nonce, plaintext, additionalData []byte) ([]byt
return result, err return result, err
} }
type gcmtls interface {
NewGCMTLS() (cipher.AEAD, error)
}
func aeadAESGCM(key, fixedNonce []byte) cipher.AEAD { func aeadAESGCM(key, fixedNonce []byte) cipher.AEAD {
aes, err := aes.NewCipher(key) aes, err := aes.NewCipher(key)
if err != nil { if err != nil {
panic(err) panic(err)
} }
aead, err := cipher.NewGCM(aes) var aead cipher.AEAD
if aesTLS, ok := aes.(gcmtls); ok {
aead, err = aesTLS.NewGCMTLS()
} else {
boring.Unreachable()
aead, err = cipher.NewGCM(aes)
}
if err != nil { if err != nil {
panic(err) panic(err)
} }