qbit/go
1
0
Fork 0
mirror of https://github.com/golang/go synced 2024-09-28 22:24:29 -06:00
Code Releases Activity

[dev.boringcrypto] crypto/tls: restore AES-GCM priority when BoringCrypto is enabled

Browse Source 
This patch used to be in crypto/internal/cipherhw.AESGCMSupport which
was removed from the tree. It was meant and documented to affect only
crypto/tls, so move the logic there.

Change-Id: I36ed4f08a5fe2abaab18907910899ae0297d1611
Reviewed-on: https://go-review.googlesource.com/114816
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
This commit is contained in:
Filippo Valsorda 2018-05-25 18:20:36 -04:00 committed by Filippo Valsorda
parent 3d9a6ac709
commit 18db93d7e6
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/crypto/tls/common.go
View File

@ -7,6 +7,7 @@ package tls
import ( import (
"container/list" "container/list"
"crypto" "crypto"
"crypto/internal/boring"
"crypto/rand" "crypto/rand"
"crypto/sha512" "crypto/sha512"
"crypto/x509" "crypto/x509"
@ -945,7 +946,8 @@ func initDefaultCipherSuites() {
hasGCMAsm := hasGCMAsmAMD64 || hasGCMAsmARM64 || hasGCMAsmS390X hasGCMAsm := hasGCMAsmAMD64 || hasGCMAsmARM64 || hasGCMAsmS390X
if hasGCMAsm { if hasGCMAsm || boring.Enabled {
// If BoringCrypto is enabled, always prioritize AES-GCM.
// If AES-GCM hardware is provided then prioritise AES-GCM // If AES-GCM hardware is provided then prioritise AES-GCM
// cipher suites. // cipher suites.
topCipherSuites = []uint16{ topCipherSuites = []uint16{