Manually allocate output array of XAES-GCM decryption.

This makes sure that we always allocate the output once of the right size. The go library sometimes doesn't do that, which results in many re-allocations and copies, which make it inefficient. This is the same change that we already did for AES-GCM. PiperOrigin-RevId: 712859932 Change-Id: Iff142f1fb55e644ed99cb10995eb9f5d5f3f43f2
tink-crypto · Jan 7, 2025 · c271797 · c271797
1 parent dc87b8b
commit c271797
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 1 deletion.
diff --git a/aead/aead_benchmark_test.go b/aead/aead_benchmark_test.go
@@ -59,6 +59,9 @@ func BenchmarkEncrypt(b *testing.B) {
 		}, {
 			name:     "AES256_GCM_SIV",
 			template: aead.AES256GCMSIVKeyTemplate(),
+		}, {
+			name:     "XAES256_GCM",
+			template: aead.XAES256GCM192BitNonceKeyTemplate(),
 		},
 	}
 	for _, tc := range testCases {
@@ -120,6 +123,9 @@ func BenchmarkDecrypt(b *testing.B) {
 		}, {
 			name:     "AES256_GCM_SIV",
 			template: aead.AES256GCMSIVKeyTemplate(),
+		}, {
+			name:     "XAES256_GCM",
+			template: aead.XAES256GCM192BitNonceKeyTemplate(),
 		},
 	}
 	for _, tc := range testCases {

diff --git a/aead/xaesgcm/aead.go b/aead/xaesgcm/aead.go
@@ -136,5 +136,6 @@ func (a *aead) Decrypt(ciphertext, associatedData []byte) ([]byte, error) {
 	if err != nil {
 		return nil, fmt.Errorf("xaesgcm: failed to create cipher.AEAD")
 	}
-	return aesGCM.Open(nil, iv, ciphertextNoPrefixWithTag, associatedData)
+	dst := make([]byte, 0, len(ciphertextNoPrefixWithTag)-tagSize)
+	return aesGCM.Open(dst, iv, ciphertextNoPrefixWithTag, associatedData)
 }