aboutsummaryrefslogtreecommitdiff
path: root/internal/stupidgcm/gcm.go
diff options
context:
space:
mode:
authorJakob Unterwurzacher2021-09-04 11:41:56 +0200
committerJakob Unterwurzacher2021-09-07 18:14:05 +0200
commite2ec048a09889b2bf71e8bbfef9f0584ff7d69db (patch)
tree84bb1f8c709f8db3b2dd551c7c5343c0ffe44ed9 /internal/stupidgcm/gcm.go
parentbf572aef88963732849b8e5ae679e63c6be4aa46 (diff)
stupidgcm: introduce stupidAEADCommon and use for both chacha & gcm
Nice deduplication and brings the GCM decrypt speed up to par. internal/speed$ benchstat old new name old time/op new time/op delta StupidGCM-4 4.71µs ± 0% 4.66µs ± 0% -0.99% (p=0.008 n=5+5) StupidGCMDecrypt-4 5.77µs ± 1% 4.51µs ± 0% -21.80% (p=0.008 n=5+5) name old speed new speed delta StupidGCM-4 870MB/s ± 0% 879MB/s ± 0% +1.01% (p=0.008 n=5+5) StupidGCMDecrypt-4 710MB/s ± 1% 908MB/s ± 0% +27.87% (p=0.008 n=5+5)
Diffstat (limited to 'internal/stupidgcm/gcm.go')
-rw-r--r--internal/stupidgcm/gcm.go45
1 files changed, 45 insertions, 0 deletions
diff --git a/internal/stupidgcm/gcm.go b/internal/stupidgcm/gcm.go
new file mode 100644
index 0000000..439e7a7
--- /dev/null
+++ b/internal/stupidgcm/gcm.go
@@ -0,0 +1,45 @@
+// +build !without_openssl
+
+// Package stupidgcm is a thin wrapper for OpenSSL's GCM encryption and
+// decryption functions. It only support 32-byte keys and 16-bit IVs.
+package stupidgcm
+
+// #include <openssl/evp.h>
+import "C"
+
+import (
+ "crypto/cipher"
+ "log"
+)
+
+const (
+ // BuiltWithoutOpenssl indicates if openssl been disabled at compile-time
+ BuiltWithoutOpenssl = false
+
+ keyLen = 32
+ ivLen = 16
+ tagLen = 16
+)
+
+// StupidGCM implements the cipher.AEAD interface
+type StupidGCM struct {
+ stupidAEADCommon
+}
+
+// Verify that we satisfy the interface
+var _ cipher.AEAD = &StupidGCM{}
+
+// New returns a new cipher.AEAD implementation..
+func New(keyIn []byte, forceDecode bool) cipher.AEAD {
+ if len(keyIn) != keyLen {
+ log.Panicf("Only %d-byte keys are supported", keyLen)
+ }
+ return &StupidGCM{
+ stupidAEADCommon{
+ // Create a private copy of the key
+ key: append([]byte{}, keyIn...),
+ openSSLEVPCipher: C.EVP_aes_256_gcm(),
+ nonceSize: ivLen,
+ },
+ }
+}