From: Russ Cox <rsc@golang.org>
Date: Tue, 15 Aug 2017 23:23:26 +0000 (-0400)
Subject: [dev.boringcrypto] crypto/tls: use TLS-specific AES-GCM mode if available
X-Git-Tag: go1.19beta1~484^2~189
X-Git-Url: http://www.git.cypherpunks.su/?a=commitdiff_plain;h=2efded1cd2df8f6afea54acc6b06e083a3ba2f70;p=gostls13.git

[dev.boringcrypto] crypto/tls: use TLS-specific AES-GCM mode if available

Change-Id: Ide00c40c0ca8d486f3bd8968e1d301c8b0ed6d05
Reviewed-on: https://go-review.googlesource.com/56011
Run-TryBot: Russ Cox <rsc@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
---

diff --git a/src/crypto/tls/cipher_suites.go b/src/crypto/tls/cipher_suites.go
index d39c6d3b66..1c5144ae9e 100644
--- a/src/crypto/tls/cipher_suites.go
+++ b/src/crypto/tls/cipher_suites.go
@@ -220,12 +220,22 @@ func (f *xorNonceAEAD) Open(out, nonce, plaintext, additionalData []byte) ([]byt
 	return result, err
 }
 
+type gcmtls interface {
+	NewGCMTLS() (cipher.AEAD, error)
+}
+
 func aeadAESGCM(key, fixedNonce []byte) cipher.AEAD {
 	aes, err := aes.NewCipher(key)
 	if err != nil {
 		panic(err)
 	}
-	aead, err := cipher.NewGCM(aes)
+	var aead cipher.AEAD
+	if aesTLS, ok := aes.(gcmtls); ok {
+		aead, err = aesTLS.NewGCMTLS()
+	} else {
+		boring.Unreachable()
+		aead, err = cipher.NewGCM(aes)
+	}
 	if err != nil {
 		panic(err)
 	}