stupidgcm: introduce stupidAEADCommon and use for both chacha & gcm

Nice deduplication and brings the GCM decrypt speed up to par.

internal/speed$ benchstat old new
name                old time/op   new time/op   delta
StupidGCM-4          4.71µs ± 0%   4.66µs ± 0%   -0.99%  (p=0.008 n=5+5)
StupidGCMDecrypt-4   5.77µs ± 1%   4.51µs ± 0%  -21.80%  (p=0.008 n=5+5)

name                old speed     new speed     delta
StupidGCM-4         870MB/s ± 0%  879MB/s ± 0%   +1.01%  (p=0.008 n=5+5)
StupidGCMDecrypt-4  710MB/s ± 1%  908MB/s ± 0%  +27.87%  (p=0.008 n=5+5)

1 files changed, 45 insertions, 0 deletions

diff --git a/internal/stupidgcm/gcm.go b/internal/stupidgcm/gcm.go
new file mode 100644
index 0000000..439e7a7
--- /dev/null
+++ b/internal/stupidgcm/gcm.go
@@ -0,0 +1,45 @@
+// +build !without_openssl
+
+// Package stupidgcm is a thin wrapper for OpenSSL's GCM encryption and
+// decryption functions. It only support 32-byte keys and 16-bit IVs.
+package stupidgcm
+
+// #include <openssl/evp.h>
+import "C"
+
+import (
+	"crypto/cipher"
+	"log"
+)
+
+const (
+	// BuiltWithoutOpenssl indicates if openssl been disabled at compile-time
+	BuiltWithoutOpenssl = false
+
+	keyLen = 32
+	ivLen  = 16
+	tagLen = 16
+)
+
+// StupidGCM implements the cipher.AEAD interface
+type StupidGCM struct {
+	stupidAEADCommon
+}
+
+// Verify that we satisfy the interface
+var _ cipher.AEAD = &StupidGCM{}
+
+// New returns a new cipher.AEAD implementation..
+func New(keyIn []byte, forceDecode bool) cipher.AEAD {
+	if len(keyIn) != keyLen {
+		log.Panicf("Only %d-byte keys are supported", keyLen)
+	}
+	return &StupidGCM{
+		stupidAEADCommon{
+			// Create a private copy of the key
+			key:              append([]byte{}, keyIn...),
+			openSSLEVPCipher: C.EVP_aes_256_gcm(),
+			nonceSize:        ivLen,
+		},
+	}
+}