summaryrefslogtreecommitdiff
path: root/internal/cryptocore/crypto_api.go
diff options
context:
space:
mode:
Diffstat (limited to 'internal/cryptocore/crypto_api.go')
-rw-r--r--internal/cryptocore/crypto_api.go56
1 files changed, 56 insertions, 0 deletions
diff --git a/internal/cryptocore/crypto_api.go b/internal/cryptocore/crypto_api.go
new file mode 100644
index 0000000..c6b6869
--- /dev/null
+++ b/internal/cryptocore/crypto_api.go
@@ -0,0 +1,56 @@
+package cryptocore
+
+import (
+ "crypto/cipher"
+ "crypto/aes"
+ "fmt"
+)
+
+const (
+ KeyLen = 32 // AES-256
+ AuthTagLen = 16
+)
+
+type CryptoCore struct {
+ BlockCipher cipher.Block
+ Gcm cipher.AEAD
+ GcmIVGen *nonceGenerator
+ IVLen int
+}
+
+func New(key []byte, useOpenssl bool, GCMIV128 bool) *CryptoCore {
+
+ if len(key) != KeyLen {
+ panic(fmt.Sprintf("Unsupported key length %d", len(key)))
+ }
+
+ // We want the IV size in bytes
+ IVLen := 96 / 8
+ if GCMIV128 {
+ IVLen = 128 / 8
+ }
+
+ // We always use built-in Go crypto for blockCipher because it is not
+ // performance-critical.
+ blockCipher, err := aes.NewCipher(key)
+ if err != nil {
+ panic(err)
+ }
+
+ var gcm cipher.AEAD
+ if useOpenssl {
+ gcm = opensslGCM{key}
+ } else {
+ gcm, err = goGCMWrapper(blockCipher, IVLen)
+ if err != nil {
+ panic(err)
+ }
+ }
+
+ return &CryptoCore{
+ BlockCipher: blockCipher,
+ Gcm: gcm,
+ GcmIVGen: &nonceGenerator{nonceLen: IVLen},
+ IVLen: IVLen,
+ }
+}
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-23 19:01:55 +0000