diff options
author | Russ Cox <rsc@golang.org> | 2017-08-15 19:23:26 -0400 |
---|---|---|
committer | Russ Cox <rsc@golang.org> | 2017-08-26 00:52:26 +0000 |
commit | ddd775ff44b4b9917fe9517a515bd39516664f7f (patch) | |
tree | e8d377fdfd496e8da15b941c6807befcb62f2365 | |
parent | cb5b47443f5e3a94dc6a6563d00b08a2848afcdb (diff) | |
download | go-ddd775ff44b4b9917fe9517a515bd39516664f7f.tar.gz go-ddd775ff44b4b9917fe9517a515bd39516664f7f.zip |
[dev.boringcrypto.go1.8] crypto/tls: use TLS-specific AES-GCM mode if available
Change-Id: Ide00c40c0ca8d486f3bd8968e1d301c8b0ed6d05
Reviewed-on: https://go-review.googlesource.com/56011
Run-TryBot: Russ Cox <rsc@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
Reviewed-on: https://go-review.googlesource.com/57939
-rw-r--r-- | src/crypto/tls/cipher_suites.go | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/src/crypto/tls/cipher_suites.go b/src/crypto/tls/cipher_suites.go index d39c6d3b66..1c5144ae9e 100644 --- a/src/crypto/tls/cipher_suites.go +++ b/src/crypto/tls/cipher_suites.go @@ -220,12 +220,22 @@ func (f *xorNonceAEAD) Open(out, nonce, plaintext, additionalData []byte) ([]byt return result, err } +type gcmtls interface { + NewGCMTLS() (cipher.AEAD, error) +} + func aeadAESGCM(key, fixedNonce []byte) cipher.AEAD { aes, err := aes.NewCipher(key) if err != nil { panic(err) } - aead, err := cipher.NewGCM(aes) + var aead cipher.AEAD + if aesTLS, ok := aes.(gcmtls); ok { + aead, err = aesTLS.NewGCMTLS() + } else { + boring.Unreachable() + aead, err = cipher.NewGCM(aes) + } if err != nil { panic(err) } |