minimize allocations in logger and tunnel code (#1323)

* logs alloc Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org> * fix allocs Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org> * fix allocs Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org> * tunnel allocs Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org> * try to fix tunnel Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org> * cache cipher for send Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org> * more logger Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org> * more logger Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org> * more logger Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org> * more logger Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org> * more logger Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org> * more logger Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org> * more logger Signed-off-by: Vasiliy Tolstov <v.tolstov@unistack.org>
2020-03-11 20:55:39 +03:00
parent 4125ae8d53
commit 7b385bf163
47 changed files with 917 additions and 382 deletions
--- a/tunnel/crypto.go
+++ b/tunnel/crypto.go
@@ -24,20 +24,8 @@ func hash(key []byte) []byte {
 }

 // Encrypt encrypts data and returns the encrypted data
-func Encrypt(data []byte, key []byte) ([]byte, error) {
-	// generate a new AES cipher using our 32 byte key
-	c, err := aes.NewCipher(hash(key))
-	if err != nil {
-		return nil, err
-	}
-
-	// gcm or Galois/Counter Mode, is a mode of operation
-	// for symmetric key cryptographic block ciphers
-	// - https://en.wikipedia.org/wiki/Galois/Counter_Mode
-	gcm, err := cipher.NewGCM(c)
-	if err != nil {
-		return nil, err
-	}
+func Encrypt(gcm cipher.AEAD, data []byte) ([]byte, error) {
+	var err error

 	// get new byte array the size of the nonce from pool
 	// NOTE: we might use smaller nonce size in the future
@@ -54,19 +42,29 @@ func Encrypt(data []byte, key []byte) ([]byte, error) {
 }

 // Decrypt decrypts the payload and returns the decrypted data
-func Decrypt(data []byte, key []byte) ([]byte, error) {
-	// generate AES cipher for decrypting the message
+func newCipher(key []byte) (cipher.AEAD, error) {
+	var err error
+
+	// generate a new AES cipher using our 32 byte key for decrypting the message
 	c, err := aes.NewCipher(hash(key))
 	if err != nil {
 		return nil, err
 	}

-	// we use GCM to encrypt the payload
+	// gcm or Galois/Counter Mode, is a mode of operation
+	// for symmetric key cryptographic block ciphers
+	// - https://en.wikipedia.org/wiki/Galois/Counter_Mode
 	gcm, err := cipher.NewGCM(c)
 	if err != nil {
 		return nil, err
 	}

+	return gcm, nil
+}
+
+func Decrypt(gcm cipher.AEAD, data []byte) ([]byte, error) {
+	var err error
+
 	nonceSize := gcm.NonceSize()

 	if len(data) < nonceSize {