summaryrefslogtreecommitdiff
path: root/internal/stupidgcm/gcm.go
diff options
context:
space:
mode:
Diffstat (limited to 'internal/stupidgcm/gcm.go')
-rw-r--r--internal/stupidgcm/gcm.go45
1 files changed, 45 insertions, 0 deletions
diff --git a/internal/stupidgcm/gcm.go b/internal/stupidgcm/gcm.go
new file mode 100644
index 0000000..439e7a7
--- /dev/null
+++ b/internal/stupidgcm/gcm.go
@@ -0,0 +1,45 @@
+// +build !without_openssl
+
+// Package stupidgcm is a thin wrapper for OpenSSL's GCM encryption and
+// decryption functions. It only support 32-byte keys and 16-bit IVs.
+package stupidgcm
+
+// #include <openssl/evp.h>
+import "C"
+
+import (
+ "crypto/cipher"
+ "log"
+)
+
+const (
+ // BuiltWithoutOpenssl indicates if openssl been disabled at compile-time
+ BuiltWithoutOpenssl = false
+
+ keyLen = 32
+ ivLen = 16
+ tagLen = 16
+)
+
+// StupidGCM implements the cipher.AEAD interface
+type StupidGCM struct {
+ stupidAEADCommon
+}
+
+// Verify that we satisfy the interface
+var _ cipher.AEAD = &StupidGCM{}
+
+// New returns a new cipher.AEAD implementation..
+func New(keyIn []byte, forceDecode bool) cipher.AEAD {
+ if len(keyIn) != keyLen {
+ log.Panicf("Only %d-byte keys are supported", keyLen)
+ }
+ return &StupidGCM{
+ stupidAEADCommon{
+ // Create a private copy of the key
+ key: append([]byte{}, keyIn...),
+ openSSLEVPCipher: C.EVP_aes_256_gcm(),
+ nonceSize: ivLen,
+ },
+ }
+}