mirror of
https://github.com/bunkerity/bunkerweb
synced 2026-05-24 09:28:37 +00:00
dda63ddcee
7f25f00ba release: 1.2.0 40fdbbbdd feat(mac) add reset API b36ccba3f feat(openssl) list functions can now optionally drop provider name 5381f10c3 chore(tests) bump openssl to 3.2.0 (#140) b72870ce1 chore(perf) calculate openssl speed numbers d23b34ae8 fix(compat) works better with plain luajit e9edc76cb tests(perf) add kdf dac54bf76 perf(kdf) use table.nkeys for params 3d0a51cca feat(cipher) add set_buffer_size API ba5de3e53 perf(cipher) improve performance on cipher e87e93f66 tests(perf) pretty up tests c8745f9ba chore(tests) format tests 073c943bf feat(bn) add from_mpi, to_mpi and set API 253d11c54 release: 1.1.0 2e401b335 feat(pkey) support pass in ctrl str options 12f5209ff chore(tests) revert BoringSSL specific patterns d155657e6 feat(err) standardize error format and add new API to get reason and library name 3c0027d0b doc(readme) remove docs about BoringSSL git-subtree-dir: src/deps/src/lua-resty-openssl git-subtree-split: 7f25f00ba2b2140b794c94b5ae17f5a0736e3b03
52 lines
1.7 KiB
Lua
52 lines
1.7 KiB
Lua
local path = debug.getinfo(1, "S").source:sub(2):match("(.*/)")
|
|
package.path = path .. "/?.lua;" .. package.path
|
|
|
|
local test = require "framework".test
|
|
local set_iteration = require "framework".set_iteration
|
|
local write_seperator = require "framework".write_seperator
|
|
local cipher = require "resty.openssl.cipher"
|
|
local version = require("resty.openssl.version")
|
|
|
|
local key = string.rep("0", 32)
|
|
local iv = string.rep("0", 16)
|
|
local data = string.rep("1", 4096)
|
|
local aad = string.rep("2", 10)
|
|
|
|
set_iteration(100000)
|
|
|
|
for _, t in ipairs({"aes-256-cbc", "aes-256-gcm", "chacha20-poly1305"}) do
|
|
for _, op in ipairs({"encrypt", "decrypt"}) do
|
|
-- the fips version of boringssl we used seems don't have chacha20
|
|
if t == "chacha20-poly1305" and (not version.OPENSSL_111_OR_LATER or version.BORINGSSL) then
|
|
goto continue
|
|
end
|
|
|
|
local c = assert(cipher.new(t))
|
|
local _iv = iv
|
|
local _aad
|
|
if t == "aes-256-gcm" or t == "chacha20-poly1305" then
|
|
_iv = string.rep("0", 12)
|
|
_aad = aad
|
|
end
|
|
|
|
if op == "encrypt" then
|
|
test("encrypt with " .. t .. " on " .. #data .. " bytes", function()
|
|
return c:encrypt(key, _iv, data, false, _aad)
|
|
end)
|
|
|
|
else
|
|
local ciphertext = assert(c:encrypt(key, _iv, data, false, _aad))
|
|
|
|
local tag
|
|
if t == "aes-256-gcm" or t == "chacha20-poly1305" then
|
|
tag = assert(c:get_aead_tag())
|
|
end
|
|
test("decrypt with " .. t .. " on " .. #ciphertext .. " bytes", function()
|
|
return c:decrypt(key, _iv, ciphertext, false, _aad, tag)
|
|
end)
|
|
end
|
|
::continue::
|
|
end
|
|
|
|
write_seperator()
|
|
end
|