mirror of
https://github.com/refraction-networking/utls.git
synced 2025-04-03 20:17:36 +03:00
[dev.boringcrypto] crypto/tls: restore AES-GCM priority when BoringCrypto is enabled
This patch used to be in crypto/internal/cipherhw.AESGCMSupport which was removed from the tree. It was meant and documented to affect only crypto/tls, so move the logic there. Change-Id: I36ed4f08a5fe2abaab18907910899ae0297d1611 Reviewed-on: https://go-review.googlesource.com/114816 Run-TryBot: Filippo Valsorda <filippo@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org>
This commit is contained in:
Filippo Valsorda
Filippo Valsorda
parent
7007fbaa33
commit
08e88f637e
1 changed files with 3 additions and 1 deletions
|
|
@ -7,6 +7,7 @@ package tls
|
|||
import (
|
||||
"container/list"
|
||||
"crypto"
|
||||
"crypto/internal/boring"
|
||||
"crypto/rand"
|
||||
"crypto/sha512"
|
||||
"crypto/x509"
|
||||
|
|
@ -945,7 +946,8 @@ func initDefaultCipherSuites() {
|
|||
|
||||
hasGCMAsm := hasGCMAsmAMD64 || hasGCMAsmARM64 || hasGCMAsmS390X
|
||||
|
||||
if hasGCMAsm {
|
||||
if hasGCMAsm || boring.Enabled {
|
||||
// If BoringCrypto is enabled, always prioritize AES-GCM.
|
||||
// If AES-GCM hardware is provided then prioritise AES-GCM
|
||||
// cipher suites.
|
||||
topCipherSuites = []uint16{
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue