-speed: add XChaCha20-Poly1305-OpenSSL

$ ./gocryptfs -speed gocryptfs v2.1-56-gdb1466f-dirty.stupidchacha; go-fuse v2.1.1-0.20210825171523-3ab5d95a30ae; 2021-09-02 go1.17 linux/amd64 AES-GCM-256-OpenSSL 529.53 MB/s AES-GCM-256-Go 833.85 MB/s (selected in auto mode) AES-SIV-512-Go 155.27 MB/s XChaCha20-Poly1305-Go 715.33 MB/s (use via -xchacha flag) XChaCha20-Poly1305-OpenSSL 468.94 MB/s https://github.com/rfjakob/gocryptfs/issues/452
2 years ago · 9e1dd73e55
parent 4017e4b22c
commit 9e1dd73e55
3 changed files with 35 additions and 4 deletions
--- a/internal/cryptocore/cryptocore.go
+++ b/internal/cryptocore/cryptocore.go
@ -48,6 +48,9 @@ var BackendAESSIV AEADTypeEnum = AEADTypeEnum{"AES-SIV-512-Go", siv_aead.NonceSi
 // "XChaCha20-Poly1305-Go" in gocryptfs -speed.
 var BackendXChaCha20Poly1305 AEADTypeEnum = AEADTypeEnum{"XChaCha20-Poly1305-Go", chacha20poly1305.NonceSizeX}

+// BackendXChaCha20Poly1305OpenSSL specifies XChaCha20-Poly1305-OpenSSL.
+var BackendXChaCha20Poly1305OpenSSL AEADTypeEnum = AEADTypeEnum{"XChaCha20-Poly1305-OpenSSL", chacha20poly1305.NonceSizeX}
+
 // CryptoCore is the low level crypto implementation.
 type CryptoCore struct {
 	// EME is used for filename encryption.
--- a/internal/speed/speed.go
+++ b/internal/speed/speed.go
@ -35,10 +35,11 @@ func Run() {
 		{name: cryptocore.BackendOpenSSL.Name, f: bStupidGCM, preferred: stupidgcm.PreferOpenSSL()},
 		{name: cryptocore.BackendGoGCM.Name, f: bGoGCM, preferred: !stupidgcm.PreferOpenSSL()},
 		{name: cryptocore.BackendAESSIV.Name, f: bAESSIV, preferred: false},
-		{name: cryptocore.BackendXChaCha20Poly1305.Name, f: bChacha20poly1305, preferred: false},
+		{name: cryptocore.BackendXChaCha20Poly1305.Name, f: bXchacha20poly1305, preferred: false},
+		{name: cryptocore.BackendXChaCha20Poly1305OpenSSL.Name, f: bStupidXchacha, preferred: false},
 	}
 	for _, b := range bTable {
-		fmt.Printf("%-20s\t", b.name)
+		fmt.Printf("%-26s\t", b.name)
 		mbs := mbPerSec(testing.Benchmark(b.f))
 		if mbs > 0 {
 			fmt.Printf("%7.2f MB/s", mbs)
@ -132,8 +133,8 @@ func bAESSIV(b *testing.B) {
 	}
 }

-// bChacha20poly1305 benchmarks XChaCha20 from golang.org/x/crypto/chacha20poly1305
-func bChacha20poly1305(b *testing.B) {
+// bXchacha20poly1305 benchmarks XChaCha20 from golang.org/x/crypto/chacha20poly1305
+func bXchacha20poly1305(b *testing.B) {
 	key := randBytes(32)
 	authData := randBytes(adLen)
 	iv := randBytes(chacha20poly1305.NonceSizeX)
@ -147,3 +148,22 @@ func bChacha20poly1305(b *testing.B) {
 		c.Seal(iv, iv, in, authData)
 	}
 }
+
+// bStupidXchacha benchmarks OpenSSL XChaCha20
+func bStupidXchacha(b *testing.B) {
+	if stupidgcm.BuiltWithoutOpenssl {
+		b.Skip("openssl has been disabled at compile-time")
+	}
+	key := randBytes(32)
+	authData := randBytes(adLen)
+	iv := randBytes(chacha20poly1305.NonceSizeX)
+	in := make([]byte, blockSize)
+	b.SetBytes(int64(len(in)))
+	c := stupidgcm.NewXchacha20poly1305(key)
+
+	b.ResetTimer()
+	for i := 0; i < b.N; i++ {
+		// Encrypt and append to nonce
+		c.Seal(iv, iv, in, authData)
+	}
+}
--- a/internal/speed/speed_test.go
+++ b/internal/speed/speed_test.go
@ -27,3 +27,11 @@ func BenchmarkGoGCM(b *testing.B) {
 func BenchmarkAESSIV(b *testing.B) {
 	bAESSIV(b)
 }
+
+func BenchmarkXchacha(b *testing.B) {
+	bXchacha20poly1305(b)
+}
+
+func BenchmarkStupidXchacha(b *testing.B) {
+	bStupidXchacha(b)
+}