From e2ec048a09889b2bf71e8bbfef9f0584ff7d69db Mon Sep 17 00:00:00 2001 From: Jakob Unterwurzacher Date: Sat, 4 Sep 2021 11:41:56 +0200 Subject: stupidgcm: introduce stupidAEADCommon and use for both chacha & gcm Nice deduplication and brings the GCM decrypt speed up to par. internal/speed$ benchstat old new name old time/op new time/op delta StupidGCM-4 4.71µs ± 0% 4.66µs ± 0% -0.99% (p=0.008 n=5+5) StupidGCMDecrypt-4 5.77µs ± 1% 4.51µs ± 0% -21.80% (p=0.008 n=5+5) name old speed new speed delta StupidGCM-4 870MB/s ± 0% 879MB/s ± 0% +1.01% (p=0.008 n=5+5) StupidGCMDecrypt-4 710MB/s ± 1% 908MB/s ± 0% +27.87% (p=0.008 n=5+5) --- internal/stupidgcm/gcm.go | 45 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 internal/stupidgcm/gcm.go (limited to 'internal/stupidgcm/gcm.go') diff --git a/internal/stupidgcm/gcm.go b/internal/stupidgcm/gcm.go new file mode 100644 index 0000000..439e7a7 --- /dev/null +++ b/internal/stupidgcm/gcm.go @@ -0,0 +1,45 @@ +// +build !without_openssl + +// Package stupidgcm is a thin wrapper for OpenSSL's GCM encryption and +// decryption functions. It only support 32-byte keys and 16-bit IVs. +package stupidgcm + +// #include +import "C" + +import ( + "crypto/cipher" + "log" +) + +const ( + // BuiltWithoutOpenssl indicates if openssl been disabled at compile-time + BuiltWithoutOpenssl = false + + keyLen = 32 + ivLen = 16 + tagLen = 16 +) + +// StupidGCM implements the cipher.AEAD interface +type StupidGCM struct { + stupidAEADCommon +} + +// Verify that we satisfy the interface +var _ cipher.AEAD = &StupidGCM{} + +// New returns a new cipher.AEAD implementation.. +func New(keyIn []byte, forceDecode bool) cipher.AEAD { + if len(keyIn) != keyLen { + log.Panicf("Only %d-byte keys are supported", keyLen) + } + return &StupidGCM{ + stupidAEADCommon{ + // Create a private copy of the key + key: append([]byte{}, keyIn...), + openSSLEVPCipher: C.EVP_aes_256_gcm(), + nonceSize: ivLen, + }, + } +} -- cgit v1.2.3