Skip to content

Commit

Permalink
[dev.boringcrypto] crypto/tls: use TLS-specific AES-GCM mode if avail…
Browse files Browse the repository at this point in the history 
…able

Change-Id: Ide00c40c0ca8d486f3bd8968e1d301c8b0ed6d05
Reviewed-on: https://go-review.googlesource.com/56011
Run-TryBot: Russ Cox <rsc@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
  • Loading branch information
@rsc
rsc committed Aug 17, 2017
1 parent 335a0f8 commit 2efded1
Showing 1 changed file with 11 additions and 1 deletion.
12 changes: 11 additions & 1 deletion src/crypto/tls/cipher_suites.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -220,12 +220,22 @@ func (f *xorNonceAEAD) Open(out, nonce, plaintext, additionalData []byte) ([]byt
return result, err
}

type gcmtls interface {
NewGCMTLS() (cipher.AEAD, error)
}

func aeadAESGCM(key, fixedNonce []byte) cipher.AEAD {
aes, err := aes.NewCipher(key)
if err != nil {
panic(err)
}
aead, err := cipher.NewGCM(aes)
var aead cipher.AEAD
if aesTLS, ok := aes.(gcmtls); ok {
aead, err = aesTLS.NewGCMTLS()
} else {
boring.Unreachable()
aead, err = cipher.NewGCM(aes)
}
if err != nil {
panic(err)
}
Expand Down

0 comments on commit 2efded1

Please sign in to comment.