[dev.boringcrypto.go1.8] crypto/tls: use TLS-specific AES-GCM mode if available

Change-Id: Ide00c40c0ca8d486f3bd8968e1d301c8b0ed6d05 Reviewed-on: https://go-review.googlesource.com/56011 Run-TryBot: Russ Cox <rsc@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org> Reviewed-on: https://go-review.googlesource.com/57939
author: Russ Cox <rsc@golang.org> 2017-08-15 19:23:26 -0400
committer: Russ Cox <rsc@golang.org> 2017-08-26 00:52:26 +0000
commit: ddd775ff44b4b9917fe9517a515bd39516664f7f (patch)
tree: e8d377fdfd496e8da15b941c6807befcb62f2365
parent: cb5b47443f5e3a94dc6a6563d00b08a2848afcdb (diff)
download: go-ddd775ff44b4b9917fe9517a515bd39516664f7f.tar.gz
go-ddd775ff44b4b9917fe9517a515bd39516664f7f.zip
1 files changed, 11 insertions, 1 deletions
diff --git a/src/crypto/tls/cipher_suites.go b/src/crypto/tls/cipher_suites.go
index d39c6d3b66..1c5144ae9e 100644
--- a/src/crypto/tls/cipher_suites.go
+++ b/src/crypto/tls/cipher_suites.go
@@ -220,12 +220,22 @@ func (f *xorNonceAEAD) Open(out, nonce, plaintext, additionalData []byte) ([]byt
 	return result, err
 }
 
+type gcmtls interface {
+	NewGCMTLS() (cipher.AEAD, error)
+}
+
 func aeadAESGCM(key, fixedNonce []byte) cipher.AEAD {
 	aes, err := aes.NewCipher(key)
 	if err != nil {
 		panic(err)
 	}
-	aead, err := cipher.NewGCM(aes)
+	var aead cipher.AEAD
+	if aesTLS, ok := aes.(gcmtls); ok {
+		aead, err = aesTLS.NewGCMTLS()
+	} else {
+		boring.Unreachable()
+		aead, err = cipher.NewGCM(aes)
+	}
 	if err != nil {
 		panic(err)
 	}
author	Russ Cox <rsc@golang.org>	2017-08-15 19:23:26 -0400
committer	Russ Cox <rsc@golang.org>	2017-08-26 00:52:26 +0000
commit	ddd775ff44b4b9917fe9517a515bd39516664f7f (patch)
tree	e8d377fdfd496e8da15b941c6807befcb62f2365
parent	cb5b47443f5e3a94dc6a6563d00b08a2848afcdb (diff)
download	go-ddd775ff44b4b9917fe9517a515bd39516664f7f.tar.gz go-ddd775ff44b4b9917fe9517a515bd39516664f7f.zip