diff options
Diffstat (limited to 'internal/stupidgcm/chacha.go')
| -rw-r--r-- | internal/stupidgcm/chacha.go | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/internal/stupidgcm/chacha.go b/internal/stupidgcm/chacha.go index 2e6e6e6..c90d721 100644 --- a/internal/stupidgcm/chacha.go +++ b/internal/stupidgcm/chacha.go @@ -21,6 +21,20 @@ type stupidChacha20poly1305 struct { // Verify that we satisfy the cipher.AEAD interface var _ cipher.AEAD = &stupidChacha20poly1305{} +// _EVP_chacha20_poly1305 caches C.EVP_chacha20_poly1305() to avoid the Cgo call +// overhead for each instantiation of NewChacha20poly1305. +var _EVP_chacha20_poly1305 *C.EVP_CIPHER + +func init() { + _EVP_chacha20_poly1305 = C.EVP_chacha20_poly1305() +} + +// NewChacha20poly1305 returns a new instance of the OpenSSL ChaCha20-Poly1305 AEAD +// cipher ( https://www.openssl.org/docs/man1.1.1/man3/EVP_chacha20_poly1305.html ). +// +// gocryptfs only uses ChaCha20-Poly1305 as a building block for OpenSSL +// XChaCha20-Poly1305. This function is hot because it gets called once for each +// block by XChaCha20-Poly1305. func NewChacha20poly1305(key []byte) *stupidChacha20poly1305 { if len(key) != chacha20poly1305.KeySize { log.Panicf("Only %d-byte keys are supported, you passed %d bytes", chacha20poly1305.KeySize, len(key)) @@ -28,7 +42,7 @@ func NewChacha20poly1305(key []byte) *stupidChacha20poly1305 { return &stupidChacha20poly1305{ stupidAEADCommon{ key: append([]byte{}, key...), // private copy - openSSLEVPCipher: C.EVP_chacha20_poly1305(), + openSSLEVPCipher: _EVP_chacha20_poly1305, nonceSize: chacha20poly1305.NonceSize, }, } |