summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJakob Unterwurzacher2021-09-02 11:33:06 +0200
committerJakob Unterwurzacher2021-09-07 18:14:05 +0200
commit9e1dd73e55e095b8e8b4264897c4d21fcdcdb2ae (patch)
tree65d6d0b60e0d34e04981b779466ab81771788bd8
parent4017e4b22c2fe1c31dc67163affc49c28fd8c391 (diff)
-speed: add XChaCha20-Poly1305-OpenSSL
$ ./gocryptfs -speed gocryptfs v2.1-56-gdb1466f-dirty.stupidchacha; go-fuse v2.1.1-0.20210825171523-3ab5d95a30ae; 2021-09-02 go1.17 linux/amd64 AES-GCM-256-OpenSSL 529.53 MB/s AES-GCM-256-Go 833.85 MB/s (selected in auto mode) AES-SIV-512-Go 155.27 MB/s XChaCha20-Poly1305-Go 715.33 MB/s (use via -xchacha flag) XChaCha20-Poly1305-OpenSSL 468.94 MB/s https://github.com/rfjakob/gocryptfs/issues/452
-rw-r--r--internal/cryptocore/cryptocore.go3
-rw-r--r--internal/speed/speed.go28
-rw-r--r--internal/speed/speed_test.go8
3 files changed, 35 insertions, 4 deletions
diff --git a/internal/cryptocore/cryptocore.go b/internal/cryptocore/cryptocore.go
index 8fb7936..1b692ff 100644
--- a/internal/cryptocore/cryptocore.go
+++ b/internal/cryptocore/cryptocore.go
@@ -48,6 +48,9 @@ var BackendAESSIV AEADTypeEnum = AEADTypeEnum{"AES-SIV-512-Go", siv_aead.NonceSi
// "XChaCha20-Poly1305-Go" in gocryptfs -speed.
var BackendXChaCha20Poly1305 AEADTypeEnum = AEADTypeEnum{"XChaCha20-Poly1305-Go", chacha20poly1305.NonceSizeX}
+// BackendXChaCha20Poly1305OpenSSL specifies XChaCha20-Poly1305-OpenSSL.
+var BackendXChaCha20Poly1305OpenSSL AEADTypeEnum = AEADTypeEnum{"XChaCha20-Poly1305-OpenSSL", chacha20poly1305.NonceSizeX}
+
// CryptoCore is the low level crypto implementation.
type CryptoCore struct {
// EME is used for filename encryption.
diff --git a/internal/speed/speed.go b/internal/speed/speed.go
index 46e138d..d53e402 100644
--- a/internal/speed/speed.go
+++ b/internal/speed/speed.go
@@ -35,10 +35,11 @@ func Run() {
{name: cryptocore.BackendOpenSSL.Name, f: bStupidGCM, preferred: stupidgcm.PreferOpenSSL()},
{name: cryptocore.BackendGoGCM.Name, f: bGoGCM, preferred: !stupidgcm.PreferOpenSSL()},
{name: cryptocore.BackendAESSIV.Name, f: bAESSIV, preferred: false},
- {name: cryptocore.BackendXChaCha20Poly1305.Name, f: bChacha20poly1305, preferred: false},
+ {name: cryptocore.BackendXChaCha20Poly1305.Name, f: bXchacha20poly1305, preferred: false},
+ {name: cryptocore.BackendXChaCha20Poly1305OpenSSL.Name, f: bStupidXchacha, preferred: false},
}
for _, b := range bTable {
- fmt.Printf("%-20s\t", b.name)
+ fmt.Printf("%-26s\t", b.name)
mbs := mbPerSec(testing.Benchmark(b.f))
if mbs > 0 {
fmt.Printf("%7.2f MB/s", mbs)
@@ -132,8 +133,8 @@ func bAESSIV(b *testing.B) {
}
}
-// bChacha20poly1305 benchmarks XChaCha20 from golang.org/x/crypto/chacha20poly1305
-func bChacha20poly1305(b *testing.B) {
+// bXchacha20poly1305 benchmarks XChaCha20 from golang.org/x/crypto/chacha20poly1305
+func bXchacha20poly1305(b *testing.B) {
key := randBytes(32)
authData := randBytes(adLen)
iv := randBytes(chacha20poly1305.NonceSizeX)
@@ -147,3 +148,22 @@ func bChacha20poly1305(b *testing.B) {
c.Seal(iv, iv, in, authData)
}
}
+
+// bStupidXchacha benchmarks OpenSSL XChaCha20
+func bStupidXchacha(b *testing.B) {
+ if stupidgcm.BuiltWithoutOpenssl {
+ b.Skip("openssl has been disabled at compile-time")
+ }
+ key := randBytes(32)
+ authData := randBytes(adLen)
+ iv := randBytes(chacha20poly1305.NonceSizeX)
+ in := make([]byte, blockSize)
+ b.SetBytes(int64(len(in)))
+ c := stupidgcm.NewXchacha20poly1305(key)
+
+ b.ResetTimer()
+ for i := 0; i < b.N; i++ {
+ // Encrypt and append to nonce
+ c.Seal(iv, iv, in, authData)
+ }
+}
diff --git a/internal/speed/speed_test.go b/internal/speed/speed_test.go
index f3ec66c..a6f3f30 100644
--- a/internal/speed/speed_test.go
+++ b/internal/speed/speed_test.go
@@ -27,3 +27,11 @@ func BenchmarkGoGCM(b *testing.B) {
func BenchmarkAESSIV(b *testing.B) {
bAESSIV(b)
}
+
+func BenchmarkXchacha(b *testing.B) {
+ bXchacha20poly1305(b)
+}
+
+func BenchmarkStupidXchacha(b *testing.B) {
+ bStupidXchacha(b)
+}