Skip to content

crypto/cipher: NewGCMWithRandomNonce error with GOEXPERIMENT=boringcrypto #72016

Open
@ancientlore

Description

@ancientlore

Go version

go version go1.24.0 linux/amd64

Output of go env in your module/workspace:

AR='ar'
CC='gcc'
CGO_CFLAGS='-O2 -g'
CGO_CPPFLAGS=''
CGO_CXXFLAGS='-O2 -g'
CGO_ENABLED='1'
CGO_FFLAGS='-O2 -g'
CGO_LDFLAGS='-O2 -g'
CXX='g++'
GCCGO='gccgo'
GO111MODULE=''
GOAMD64='v1'
GOARCH='amd64'
GOAUTH='netrc'
GOBIN=''
GOCACHE='/home/ec2-user/.cache/go-build'
GOCACHEPROG=''
GODEBUG=''
GOENV='/home/ec2-user/.config/go/env'
GOEXE=''
GOEXPERIMENT='boringcrypto'
GOFIPS140='off'
GOFLAGS=''
GOGCCFLAGS='-fPIC -m64 -pthread -Wl,--no-gc-sections -fmessage-length=0 -ffile-prefix-map=/tmp/go-build2932934674=/tmp/go-build -gno-record-gcc-switches'
GOHOSTARCH='amd64'
GOHOSTOS='linux'
GOINSECURE=''
GOMOD='/home/ec2-user/sap/tools/me/fieldcrypt/go.mod'
GOMODCACHE='/home/ec2-user/go/pkg/mod'
GONOPROXY='*.concur.com,*.wdf.sap.corp,*.tools.sap'
GONOSUMDB='*.concur.com,*.wdf.sap.corp,*.tools.sap'
GOOS='linux'
GOPATH='/home/ec2-user/go'
GOPRIVATE='*.concur.com,*.wdf.sap.corp,*.tools.sap'
GOPROXY='https://proxy.golang.org,direct'
GOROOT='/usr/local/go'
GOSUMDB='sum.golang.org'
GOTELEMETRY='local'
GOTELEMETRYDIR='/home/ec2-user/.config/go/telemetry'
GOTMPDIR=''
GOTOOLCHAIN='auto'
GOTOOLDIR='/usr/local/go/pkg/tool/linux_amd64'
GOVCS=''
GOVERSION='go1.24.0'
GOWORK=''
PKG_CONFIG='pkg-config'

What did you do?

When using cipher.NewGCMWithRandomNonce, the function will error when GOEXPERIMENT=boringcrypto is enabled.

aesCipher, err := aes.NewCipher(key)
if err != nil {
        panic(err)
}
aead, err := cipher.NewGCMWithRandomNonce(aesCipher)
if err != nil {
        panic(err)
}

What did you see happen?

The function reports the error cipher: NewGCMWithRandomNonce requires aes.Block.
It does not do that when BoringCrypto is not used. The error comes from https://github.com/golang/go/blob/master/src/crypto/cipher/gcm.go#L96 where it tests for a cipher.(*aes.Block), which is apparently not the case when using BoringCrypto.

What did you expect to see?

I expected to see no error when using BoringCrypto. It is easy to work around by using cipher.NewGCM instead.

Metadata

Metadata

Assignees

No one assigned

    Labels

    BugReportIssues describing a possible bug in the Go implementation.NeedsInvestigationSomeone must examine and confirm this is a valid issue and not a duplicate of an existing one.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions