src/crypto · 7e2bf952a905f16a17099970392ea17545cdd193 · go / golang

crypto/tls: only store a single nonce for AES-GCM. · 007c907b

Adam Langley authored Oct 12, 2016

Although an AEAD, in general, can be used concurrently in both the seal
and open directions, TLS is easier. Since the transport keys are
different for different directions in TLS, an AEAD will only ever be
used in one direction. Thus we don't need separate buffers for seal and
open because they can never happen concurrently.

Also, fix the nonce size to twelve bytes since the fixed-prefix
construction for AEADs is superseded and will never be used for anything
else now.

Change-Id: Ibbf6c6b1da0e639f4ee0e3604410945dc7dcbb46
Reviewed-on: https://go-review.googlesource.com/30959
Run-TryBot: Adam Langley <agl@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>

007c907b

Name	Last commit	Last update
..
aes		Loading commit data...
cipher		Loading commit data...
des		Loading commit data...
dsa		Loading commit data...
ecdsa		Loading commit data...
elliptic		Loading commit data...
hmac		Loading commit data...
md5		Loading commit data...
rand		Loading commit data...
rc4		Loading commit data...
rsa		Loading commit data...
sha1		Loading commit data...
sha256		Loading commit data...
sha512		Loading commit data...
subtle		Loading commit data...
tls		Loading commit data...
x509		Loading commit data...
crypto.go		Loading commit data...