blob: e09ed0b1149ddeea20f5aa64b589fb1cdf631efc (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
// +build !without_openssl
package stupidgcm
import (
"crypto/cipher"
"log"
"golang.org/x/crypto/chacha20poly1305"
)
/*
#include <openssl/evp.h>
*/
import "C"
type stupidChacha20poly1305 struct {
stupidAEADCommon
}
// Verify that we satisfy the cipher.AEAD interface
var _ cipher.AEAD = &stupidChacha20poly1305{}
// _EVP_chacha20_poly1305 caches C.EVP_chacha20_poly1305() to avoid the Cgo call
// overhead for each instantiation of NewChacha20poly1305.
var _EVP_chacha20_poly1305 *C.EVP_CIPHER
func init() {
_EVP_chacha20_poly1305 = C.EVP_chacha20_poly1305()
}
// NewChacha20poly1305 returns a new instance of the OpenSSL ChaCha20-Poly1305 AEAD
// cipher ( https://www.openssl.org/docs/man1.1.1/man3/EVP_chacha20_poly1305.html ).
//
// gocryptfs only uses ChaCha20-Poly1305 as a building block for OpenSSL
// XChaCha20-Poly1305. This function is hot because it gets called once for each
// block by XChaCha20-Poly1305.
//
// Only 32-bytes keys and 12-byte IVs are supported.
func NewChacha20poly1305(key []byte) cipher.AEAD {
if len(key) != chacha20poly1305.KeySize {
log.Panicf("Only %d-byte keys are supported, you passed %d bytes", chacha20poly1305.KeySize, len(key))
}
// private copy
key2 := make([]byte, chacha20poly1305.KeySize)
copy(key2, key)
return &stupidChacha20poly1305{
stupidAEADCommon{
key: key2,
openSSLEVPCipher: _EVP_chacha20_poly1305,
nonceSize: chacha20poly1305.NonceSize,
},
}
}
|