From: najeira <najeira@gmail.com>
Date: Tue, 14 Sep 2021 04:47:41 +0000 (+0000)
Subject: crypto/cipher: use AEAD.NonceSize to make nonce in the example
X-Git-Tag: go1.25rc1~460
X-Git-Url: http://www.git.cypherpunks.su/?a=commitdiff_plain;h=2cb9e7f68f90ea9119fd4172fc61630279d79d67;p=gostls13.git

crypto/cipher: use AEAD.NonceSize to make nonce in the example

The existing example uses hard-coded constant to make nonce buffer.
Using AEAD.NonceSize makes it a more portable and appropriate example.

Fixes: #48372

Change-Id: I7c7a38ed48aff46ca11ef4f5654c778eac13dde6
GitHub-Last-Rev: 03ccbb16df4ca9cbd4a014836aee0f54b2ff3002
GitHub-Pull-Request: golang/go#48373
Reviewed-on: https://go-review.googlesource.com/c/go/+/349603
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Sean Liao <sean@liao.dev>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Sean Liao <sean@liao.dev>
Reviewed-by: Roland Shoemaker <roland@golang.org>
---

diff --git a/src/crypto/cipher/example_test.go b/src/crypto/cipher/example_test.go
index 9c32d6a934..86dbda9ec0 100644
--- a/src/crypto/cipher/example_test.go
+++ b/src/crypto/cipher/example_test.go
@@ -29,14 +29,14 @@ func ExampleNewGCM_encrypt() {
 		panic(err.Error())
 	}
 
-	// Never use more than 2^32 random nonces with a given key because of the risk of a repeat.
-	nonce := make([]byte, 12)
-	if _, err := io.ReadFull(rand.Reader, nonce); err != nil {
+	aesgcm, err := cipher.NewGCM(block)
+	if err != nil {
 		panic(err.Error())
 	}
 
-	aesgcm, err := cipher.NewGCM(block)
-	if err != nil {
+	// Never use more than 2^32 random nonces with a given key because of the risk of a repeat.
+	nonce := make([]byte, aesgcm.NonceSize())
+	if _, err := io.ReadFull(rand.Reader, nonce); err != nil {
 		panic(err.Error())
 	}