README
¶
Ciphersuite Package
This package provides DTLS cipher suite implementations for GCM, CCM, and CBC modes.
Benchmarking
The package includes comprehensive benchmarks for all cipher operations across multiple payload sizes.
Note: Benchmarks are excluded from regular test runs using build tags. You must specify -tags=bench to run them.
Running all ciphersuite benchmarks
go test -tags=bench -bench=. -benchmem
Running a specific benchmark
- GCM benchmarks only:
go test -tags=bench -bench=BenchmarkGCM -benchmem
- GCM
Encryptbenchmark only:
go test -tags=bench -bench=BenchmarkGCMEncrypt -benchmem
- GCM
Decryptbenchmark only:
go test -tags=bench -bench=BenchmarkGCMDecrypt -benchmem
- CCM benchmarks only:
go test -tags=bench -bench=BenchmarkCCM -benchmem
- CCM
Encryptbenchmark only:
go test -tags=bench -bench=BenchmarkCCMEncrypt -benchmem
- CCM
Decryptbenchmark only:
go test -tags=bench -bench=BenchmarkCCMDecrypt -benchmem
- CBC benchmarks only:
go test -tags=bench -bench=BenchmarkCBC -benchmem
- CBC
Encryptbenchmark only:
go test -tags=bench -bench=BenchmarkCBCEncrypt -benchmem
- CBC
Decryptbenchmark only:
go test -tags=bench -bench=BenchmarkCBCDecrypt -benchmem
- All ciphers, with 1KB payloads only
go test -tags=bench -bench=/1KB -benchmem
- All ciphers, with 16B payloads only
go test -tags=bench -bench=/16B -benchmem
Benchmark Options
Increase benchmark time for more accurate results:
go test -tags=bench -bench=BenchmarkGCM -benchmem -benchtime=5s
Run benchmarks multiple times:
go test -tags=bench -bench=BenchmarkGCM -benchmem -count=5
Understanding Results
Example output:
BenchmarkGCMEncrypt/016B-8 5895367 202.6 ns/op 78.99 MB/s 160 B/op 5 allocs/op
5895367: Number of iterations202.6 ns/op: Time per operation78.99 MB/s: Throughput160 B/op: Bytes allocated per operation5 allocs/op: Number of allocations per operation
Profiling
Generate CPU profile:
go test -tags=bench -bench=BenchmarkGCMEncrypt -benchmem -cpuprofile=cpu.prof
go tool pprof -top cpu.prof
Generate memory profile:
go test -tags=bench -bench=BenchmarkGCMEncrypt -benchmem -memprofile=mem.prof
go tool pprof -top -alloc_objects mem.prof
Documentation
¶
Overview ¶
Package ciphersuite provides the crypto operations needed for a DTLS CipherSuite
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CBC ¶
type CBC struct {
// contains filtered or unexported fields
}
CBC Provides an API to Encrypt/Decrypt DTLS 1.2 Packets.
func NewCBC ¶
func NewCBC( localKey, localWriteIV, localMac, remoteKey, remoteWriteIV, remoteMac []byte, hashFunc prf.HashFunc, ) (*CBC, error)
NewCBC creates a DTLS CBC Cipher.
func (*CBC) Encrypt ¶
func (c *CBC) Encrypt(pkt *recordlayer.RecordLayer, raw []byte) ([]byte, error)
Encrypt encrypt a DTLS RecordLayer message.
type CCM ¶
type CCM struct {
// contains filtered or unexported fields
}
CCM Provides an API to Encrypt/Decrypt DTLS 1.2 Packets.
func NewCCM ¶
func NewCCM(tagLen CCMTagLen, localKey, localWriteIV, remoteKey, remoteWriteIV []byte) (*CCM, error)
NewCCM creates a DTLS GCM Cipher.
func (*CCM) Encrypt ¶
func (c *CCM) Encrypt(pkt *recordlayer.RecordLayer, raw []byte) ([]byte, error)
Encrypt encrypt a DTLS RecordLayer message.
type GCM ¶
type GCM struct {
// contains filtered or unexported fields
}
GCM Provides an API to Encrypt/Decrypt DTLS 1.2 Packets.
func (*GCM) Encrypt ¶
func (g *GCM) Encrypt(pkt *recordlayer.RecordLayer, raw []byte) ([]byte, error)
Encrypt encrypts a DTLS RecordLayer message.
Source Files