From 9e1dd73e55e095b8e8b4264897c4d21fcdcdb2ae Mon Sep 17 00:00:00 2001 From: Jakob Unterwurzacher Date: Thu, 2 Sep 2021 11:33:06 +0200 Subject: -speed: add XChaCha20-Poly1305-OpenSSL $ ./gocryptfs -speed gocryptfs v2.1-56-gdb1466f-dirty.stupidchacha; go-fuse v2.1.1-0.20210825171523-3ab5d95a30ae; 2021-09-02 go1.17 linux/amd64 AES-GCM-256-OpenSSL 529.53 MB/s AES-GCM-256-Go 833.85 MB/s (selected in auto mode) AES-SIV-512-Go 155.27 MB/s XChaCha20-Poly1305-Go 715.33 MB/s (use via -xchacha flag) XChaCha20-Poly1305-OpenSSL 468.94 MB/s https://github.com/rfjakob/gocryptfs/issues/452 --- internal/cryptocore/cryptocore.go | 3 +++ internal/speed/speed.go | 28 ++++++++++++++++++++++++---- internal/speed/speed_test.go | 8 ++++++++ 3 files changed, 35 insertions(+), 4 deletions(-) diff --git a/internal/cryptocore/cryptocore.go b/internal/cryptocore/cryptocore.go index 8fb7936..1b692ff 100644 --- a/internal/cryptocore/cryptocore.go +++ b/internal/cryptocore/cryptocore.go @@ -48,6 +48,9 @@ var BackendAESSIV AEADTypeEnum = AEADTypeEnum{"AES-SIV-512-Go", siv_aead.NonceSi // "XChaCha20-Poly1305-Go" in gocryptfs -speed. var BackendXChaCha20Poly1305 AEADTypeEnum = AEADTypeEnum{"XChaCha20-Poly1305-Go", chacha20poly1305.NonceSizeX} +// BackendXChaCha20Poly1305OpenSSL specifies XChaCha20-Poly1305-OpenSSL. +var BackendXChaCha20Poly1305OpenSSL AEADTypeEnum = AEADTypeEnum{"XChaCha20-Poly1305-OpenSSL", chacha20poly1305.NonceSizeX} + // CryptoCore is the low level crypto implementation. type CryptoCore struct { // EME is used for filename encryption. diff --git a/internal/speed/speed.go b/internal/speed/speed.go index 46e138d..d53e402 100644 --- a/internal/speed/speed.go +++ b/internal/speed/speed.go @@ -35,10 +35,11 @@ func Run() { {name: cryptocore.BackendOpenSSL.Name, f: bStupidGCM, preferred: stupidgcm.PreferOpenSSL()}, {name: cryptocore.BackendGoGCM.Name, f: bGoGCM, preferred: !stupidgcm.PreferOpenSSL()}, {name: cryptocore.BackendAESSIV.Name, f: bAESSIV, preferred: false}, - {name: cryptocore.BackendXChaCha20Poly1305.Name, f: bChacha20poly1305, preferred: false}, + {name: cryptocore.BackendXChaCha20Poly1305.Name, f: bXchacha20poly1305, preferred: false}, + {name: cryptocore.BackendXChaCha20Poly1305OpenSSL.Name, f: bStupidXchacha, preferred: false}, } for _, b := range bTable { - fmt.Printf("%-20s\t", b.name) + fmt.Printf("%-26s\t", b.name) mbs := mbPerSec(testing.Benchmark(b.f)) if mbs > 0 { fmt.Printf("%7.2f MB/s", mbs) @@ -132,8 +133,8 @@ func bAESSIV(b *testing.B) { } } -// bChacha20poly1305 benchmarks XChaCha20 from golang.org/x/crypto/chacha20poly1305 -func bChacha20poly1305(b *testing.B) { +// bXchacha20poly1305 benchmarks XChaCha20 from golang.org/x/crypto/chacha20poly1305 +func bXchacha20poly1305(b *testing.B) { key := randBytes(32) authData := randBytes(adLen) iv := randBytes(chacha20poly1305.NonceSizeX) @@ -147,3 +148,22 @@ func bChacha20poly1305(b *testing.B) { c.Seal(iv, iv, in, authData) } } + +// bStupidXchacha benchmarks OpenSSL XChaCha20 +func bStupidXchacha(b *testing.B) { + if stupidgcm.BuiltWithoutOpenssl { + b.Skip("openssl has been disabled at compile-time") + } + key := randBytes(32) + authData := randBytes(adLen) + iv := randBytes(chacha20poly1305.NonceSizeX) + in := make([]byte, blockSize) + b.SetBytes(int64(len(in))) + c := stupidgcm.NewXchacha20poly1305(key) + + b.ResetTimer() + for i := 0; i < b.N; i++ { + // Encrypt and append to nonce + c.Seal(iv, iv, in, authData) + } +} diff --git a/internal/speed/speed_test.go b/internal/speed/speed_test.go index f3ec66c..a6f3f30 100644 --- a/internal/speed/speed_test.go +++ b/internal/speed/speed_test.go @@ -27,3 +27,11 @@ func BenchmarkGoGCM(b *testing.B) { func BenchmarkAESSIV(b *testing.B) { bAESSIV(b) } + +func BenchmarkXchacha(b *testing.B) { + bXchacha20poly1305(b) +} + +func BenchmarkStupidXchacha(b *testing.B) { + bStupidXchacha(b) +} -- cgit v1.2.3