From b06b8816fa00d57d056881950eb3a9d9ceea1297 Mon Sep 17 00:00:00 2001
From: Filippo Valsorda <filippo@golang.org>
Date: Fri, 8 Nov 2024 19:56:50 +0100
Subject: [PATCH] crypto/internal/fips/aes/gcm: add GCMForTLS12 and GCMForTLS13

For #69536

Change-Id: I2d7b6e7b9932d0f0f582a5ab0bb871395dc2a1e8
Reviewed-on: https://go-review.googlesource.com/c/go/+/626675
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
---
 cipher_suites.go | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/cipher_suites.go b/cipher_suites.go
index ec867ce..1c849e3 100644
--- a/cipher_suites.go
+++ b/cipher_suites.go
@@ -11,6 +11,8 @@ import (
 	"crypto/des"
 	"crypto/hmac"
 	"crypto/internal/boring"
+	fipsaes "crypto/internal/fips/aes"
+	"crypto/internal/fips/aes/gcm"
 	"crypto/rc4"
 	"crypto/sha1"
 	"crypto/sha256"
@@ -521,7 +523,7 @@ func aeadAESGCM(key, noncePrefix []byte) aead {
 		aead, err = boring.NewGCMTLS(aes)
 	} else {
 		boring.Unreachable()
-		aead, err = cipher.NewGCM(aes)
+		aead, err = gcm.NewGCMForTLS12(aes.(*fipsaes.Block))
 	}
 	if err != nil {
 		panic(err)
@@ -555,7 +557,7 @@ func aeadAESGCMTLS13(key, nonceMask []byte) aead {
 		aead, err = boring.NewGCMTLS13(aes)
 	} else {
 		boring.Unreachable()
-		aead, err = cipher.NewGCM(aes)
+		aead, err = gcm.NewGCMForTLS13(aes.(*fipsaes.Block))
 	}
 	if err != nil {
 		panic(err)