aboutsummaryrefslogtreecommitdiff
path: root/src/crypto/internal/boring/aes.go
diff options
context:
space:
mode:
Diffstat (limited to 'src/crypto/internal/boring/aes.go')
-rw-r--r--src/crypto/internal/boring/aes.go29
1 files changed, 22 insertions, 7 deletions
diff --git a/src/crypto/internal/boring/aes.go b/src/crypto/internal/boring/aes.go
index 6fae1d54f8..a85c4684c8 100644
--- a/src/crypto/internal/boring/aes.go
+++ b/src/crypto/internal/boring/aes.go
@@ -228,26 +228,41 @@ func (c *aesCipher) NewGCM(nonceSize, tagSize int) (cipher.AEAD, error) {
if tagSize != gcmTagSize {
return cipher.NewGCMWithTagSize(&noGCM{c}, tagSize)
}
- return c.newGCM(false)
+ return c.newGCM(0)
}
+const (
+ VersionTLS12 = 0x0303
+ VersionTLS13 = 0x0304
+)
+
func NewGCMTLS(c cipher.Block) (cipher.AEAD, error) {
- return c.(*aesCipher).newGCM(true)
+ return c.(*aesCipher).newGCM(VersionTLS12)
+}
+
+func NewGCMTLS13(c cipher.Block) (cipher.AEAD, error) {
+ return c.(*aesCipher).newGCM(VersionTLS13)
}
-func (c *aesCipher) newGCM(tls bool) (cipher.AEAD, error) {
+func (c *aesCipher) newGCM(tlsVersion uint16) (cipher.AEAD, error) {
var aead *C.GO_EVP_AEAD
switch len(c.key) * 8 {
case 128:
- if tls {
+ switch tlsVersion {
+ case VersionTLS12:
aead = C._goboringcrypto_EVP_aead_aes_128_gcm_tls12()
- } else {
+ case VersionTLS13:
+ aead = C._goboringcrypto_EVP_aead_aes_128_gcm_tls13()
+ default:
aead = C._goboringcrypto_EVP_aead_aes_128_gcm()
}
case 256:
- if tls {
+ switch tlsVersion {
+ case VersionTLS12:
aead = C._goboringcrypto_EVP_aead_aes_256_gcm_tls12()
- } else {
+ case VersionTLS13:
+ aead = C._goboringcrypto_EVP_aead_aes_256_gcm_tls13()
+ default:
aead = C._goboringcrypto_EVP_aead_aes_256_gcm()
}
default:
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion