bytes, and out must be 16 bytes longer than plaintext. // out and plaintext may overlap exactly or not at all. additionalData and out // must not overlap. // // This complies with FIPS 140-3 IG C.H Scenario 2. // // Note that this is NOT a [cipher.AEAD].Seal method. func SealWithRandomNonce(g *GCM, nonce, out, plaintext, additionalData []byte) { if uint64(len(plaintext)) > uint64((1<<32)-2)*gcmBlockSize { panic("crypto/cipher: message too large for GCM") } if len(nonce) != gcmStandardNonceSize {...