libgocryptfs/internal/stupidgcm/gcm.go

// +build !without_openssl

package stupidgcm

// #include <openssl/evp.h>
import "C"

import (
	"crypto/cipher"
	"log"
)

const (
	// BuiltWithoutOpenssl indicates if openssl been disabled at compile-time
	BuiltWithoutOpenssl = false

	keyLen = 32
	ivLen  = 16
	tagLen = 16
)

type stupidGCM struct {
	stupidAEADCommon
}

// NewAES256GCM returns a new AES-256-GCM cipher that satisfies the cipher.AEAD interface.
//
// Only 32-bytes keys and 16-byte IVs are supported.
func NewAES256GCM(keyIn []byte) cipher.AEAD {
	if len(keyIn) != keyLen {
		log.Panicf("Only %d-byte keys are supported", keyLen)
	}
	return &stupidGCM{
		stupidAEADCommon{
			// Create a private copy of the key
			key:              append([]byte{}, keyIn...),
			openSSLEVPCipher: C.EVP_aes_256_gcm(),
			nonceSize:        ivLen,
		},
	}
}
stupidgcm: introduce stupidAEADCommon and use for both chacha & gcm Nice deduplication and brings the GCM decrypt speed up to par. internal/speed$ benchstat old new name old time/op new time/op delta StupidGCM-4 4.71µs ± 0% 4.66µs ± 0% -0.99% (p=0.008 n=5+5) StupidGCMDecrypt-4 5.77µs ± 1% 4.51µs ± 0% -21.80% (p=0.008 n=5+5) name old speed new speed delta StupidGCM-4 870MB/s ± 0% 879MB/s ± 0% +1.01% (p=0.008 n=5+5) StupidGCMDecrypt-4 710MB/s ± 1% 908MB/s ± 0% +27.87% (p=0.008 n=5+5) 2021-09-04 11:41:56 +02:00			`// +build !without_openssl`

			`package stupidgcm`

			`// #include <openssl/evp.h>`
			`import "C"`

			`import (`
			`"crypto/cipher"`
			`"log"`
			`)`

			`const (`
			`// BuiltWithoutOpenssl indicates if openssl been disabled at compile-time`
			`BuiltWithoutOpenssl = false`

			`keyLen = 32`
			`ivLen = 16`
			`tagLen = 16`
			`)`

stupidgcm: unexport stupidGCM struct No need to have it exported. 2021-09-07 17:48:55 +02:00			`type stupidGCM struct {`
stupidgcm: introduce stupidAEADCommon and use for both chacha & gcm Nice deduplication and brings the GCM decrypt speed up to par. internal/speed$ benchstat old new name old time/op new time/op delta StupidGCM-4 4.71µs ± 0% 4.66µs ± 0% -0.99% (p=0.008 n=5+5) StupidGCMDecrypt-4 5.77µs ± 1% 4.51µs ± 0% -21.80% (p=0.008 n=5+5) name old speed new speed delta StupidGCM-4 870MB/s ± 0% 879MB/s ± 0% +1.01% (p=0.008 n=5+5) StupidGCMDecrypt-4 710MB/s ± 1% 908MB/s ± 0% +27.87% (p=0.008 n=5+5) 2021-09-04 11:41:56 +02:00			`stupidAEADCommon`
			`}`

stupidgcm: normalize constructor naming New() -> NewAES256GCM() Also add missing NewChacha20poly1305 constructor in without_openssl.go. 2021-09-07 18:11:11 +02:00			`// NewAES256GCM returns a new AES-256-GCM cipher that satisfies the cipher.AEAD interface.`
stupidgcm: revamp package documentation Maybe interesting for people following https://github.com/rfjakob/gocryptfs/issues/452 2021-09-07 17:58:42 +02:00			`//`
			`// Only 32-bytes keys and 16-byte IVs are supported.`
cli: drop -forcedecode flag The rewritten openssl backend does not support this flag anymore, and it was inherently dangerour. Drop it (ignored for compatibility) 2021-09-10 12:14:19 +02:00			`func NewAES256GCM(keyIn []byte) cipher.AEAD {`
stupidgcm: introduce stupidAEADCommon and use for both chacha & gcm Nice deduplication and brings the GCM decrypt speed up to par. internal/speed$ benchstat old new name old time/op new time/op delta StupidGCM-4 4.71µs ± 0% 4.66µs ± 0% -0.99% (p=0.008 n=5+5) StupidGCMDecrypt-4 5.77µs ± 1% 4.51µs ± 0% -21.80% (p=0.008 n=5+5) name old speed new speed delta StupidGCM-4 870MB/s ± 0% 879MB/s ± 0% +1.01% (p=0.008 n=5+5) StupidGCMDecrypt-4 710MB/s ± 1% 908MB/s ± 0% +27.87% (p=0.008 n=5+5) 2021-09-04 11:41:56 +02:00			`if len(keyIn) != keyLen {`
			`log.Panicf("Only %d-byte keys are supported", keyLen)`
			`}`
stupidgcm: unexport stupidGCM struct No need to have it exported. 2021-09-07 17:48:55 +02:00			`return &stupidGCM{`
stupidgcm: introduce stupidAEADCommon and use for both chacha & gcm Nice deduplication and brings the GCM decrypt speed up to par. internal/speed$ benchstat old new name old time/op new time/op delta StupidGCM-4 4.71µs ± 0% 4.66µs ± 0% -0.99% (p=0.008 n=5+5) StupidGCMDecrypt-4 5.77µs ± 1% 4.51µs ± 0% -21.80% (p=0.008 n=5+5) name old speed new speed delta StupidGCM-4 870MB/s ± 0% 879MB/s ± 0% +1.01% (p=0.008 n=5+5) StupidGCMDecrypt-4 710MB/s ± 1% 908MB/s ± 0% +27.87% (p=0.008 n=5+5) 2021-09-04 11:41:56 +02:00			`stupidAEADCommon{`
			`// Create a private copy of the key`
			`key: append([]byte{}, keyIn...),`
			`openSSLEVPCipher: C.EVP_aes_256_gcm(),`
			`nonceSize: ivLen,`
			`},`
			`}`
			`}`