HirbodBehnam · March 2, 2020 13:33
diff --git a/key_derivation_bench.go b/key_derivation_bench.go
 package main

 import (
 	"crypto/rand"
 	"crypto/rsa"
 	"crypto/sha256"
 	"crypto/sha512"
 	"crypto/x509"
 	"encoding/pem"
 	"fmt"
 	"github.com/HirbodBehnam/EasyX25519"
 	"golang.org/x/crypto/argon2"
 	"golang.org/x/crypto/pbkdf2"
 	"golang.org/x/crypto/scrypt"
 	"log"
 	"time"
 )

 func main() {
 	keySize := 2048
 	priv,pub := GenerateKeyPair(keySize)
 	pem_pub := PublicKeyToBytes(pub)
 	fmt.Println("Key size",keySize)
 	fmt.Println("========= sha 256 =========")
 	{
 		now := time.Now()
 		h := sha256.New()
 		h.Write([]byte("some password"))
 		h.Sum(nil)
 		fmt.Println(time.Since(now))
 	}
 	fmt.Println("========= rsa + x25519 =========")
 	{
 		now := time.Now()
 		xC, _ := x25519.NewX25519()
 		xS, _ := x25519.NewX25519()
 		_, _ = xC.GenerateSharedSecret(xS.PublicKey)
 		_, _ = xS.GenerateSharedSecret(xC.PublicKey)
 		pub_nonpem := BytesToPublicKey(pem_pub)
 		encrypted := EncryptWithPublicKey([]byte("some password"), pub_nonpem)
 		DecryptWithPrivateKey(encrypted,priv)
 		fmt.Println(time.Since(now))
 	}
 	fmt.Println("========= pbkdf2 =========")
 	{
 		now := time.Now()
 		_ = pbkdf2.Key([]byte("some password"), []byte("12345678"), 1024*16, 32, sha256.New)
 		fmt.Println(time.Since(now))
 	}
 	fmt.Println("========= rsa + scrypt =========")
 	{
 		now := time.Now()
 		pub_nonpem := BytesToPublicKey(pem_pub)
 		encrypted := EncryptWithPublicKey([]byte("some password"), pub_nonpem)
 		DecryptWithPrivateKey(encrypted,priv)
 		_, _ = scrypt.Key([]byte("some password"), []byte("12345678"), 1<<14, 8, 1, 32)
 		fmt.Println(time.Since(now))
 	}
 	fmt.Println("========= rsa + argon2 =========")
 	{
 		now := time.Now()
 		pub_nonpem := BytesToPublicKey(pem_pub)
 		encrypted := EncryptWithPublicKey([]byte("some password"), pub_nonpem)
 		DecryptWithPrivateKey(encrypted,priv)
 		argon2.IDKey([]byte("some password"), []byte("1234567812345678"), 10, 1<<14, 2, 32)
 		fmt.Println(time.Since(now))
 	}
 }

 // from https://gist.github.com/miguelmota/3ea9286bd1d3c2a985b67cac4ba2130a

 // GenerateKeyPair generates a new key pair
 func GenerateKeyPair(bits int) (*rsa.PrivateKey, *rsa.PublicKey) {
 	privkey, err := rsa.GenerateKey(rand.Reader, bits)
 	if err != nil {
 		log.Fatalln(err)
 	}
 	return privkey, &privkey.PublicKey
 }

 // PrivateKeyToBytes private key to bytes
 func PrivateKeyToBytes(priv *rsa.PrivateKey) []byte {
 	privBytes := pem.EncodeToMemory(
 		&pem.Block{
 			Type:  "RSA PRIVATE KEY",
 			Bytes: x509.MarshalPKCS1PrivateKey(priv),
 		},
 	)

 	return privBytes
 }

 // PublicKeyToBytes public key to bytes
 func PublicKeyToBytes(pub *rsa.PublicKey) []byte {
 	pubASN1, err := x509.MarshalPKIXPublicKey(pub)
 	if err != nil {
 		log.Fatalln(err)
 	}

 	pubBytes := pem.EncodeToMemory(&pem.Block{
 		Type:  "RSA PUBLIC KEY",
 		Bytes: pubASN1,
 	})

 	return pubBytes
 }

 // BytesToPrivateKey bytes to private key
 func BytesToPrivateKey(priv []byte) *rsa.PrivateKey {
 	block, _ := pem.Decode(priv)
 	enc := x509.IsEncryptedPEMBlock(block)
 	b := block.Bytes
 	var err error
 	if enc {
 		log.Println("is encrypted pem block")
 		b, err = x509.DecryptPEMBlock(block, nil)
 		if err != nil {
 			log.Fatalln(err)
 		}
 	}
 	key, err := x509.ParsePKCS1PrivateKey(b)
 	if err != nil {
 		log.Fatalln(err)
 	}
 	return key
 }

 // BytesToPublicKey bytes to public key
 func BytesToPublicKey(pub []byte) *rsa.PublicKey {
 	block, _ := pem.Decode(pub)
 	enc := x509.IsEncryptedPEMBlock(block)
 	b := block.Bytes
 	var err error
 	if enc {
 		log.Println("is encrypted pem block")
 		b, err = x509.DecryptPEMBlock(block, nil)
 		if err != nil {
 			log.Fatalln(err)
 		}
 	}
 	ifc, err := x509.ParsePKIXPublicKey(b)
 	if err != nil {
 		log.Fatalln(err)
 	}
 	key, ok := ifc.(*rsa.PublicKey)
 	if !ok {
 		log.Fatalln("not ok")
 	}
 	return key
 }

 // EncryptWithPublicKey encrypts data with public key
 func EncryptWithPublicKey(msg []byte, pub *rsa.PublicKey) []byte {
 	hash := sha512.New()
 	ciphertext, err := rsa.EncryptOAEP(hash, rand.Reader, pub, msg, nil)
 	if err != nil {
 		log.Fatalln(err)
 	}
 	return ciphertext
 }

 // DecryptWithPrivateKey decrypts data with private key
 func DecryptWithPrivateKey(ciphertext []byte, priv *rsa.PrivateKey) []byte {
 	hash := sha512.New()
 	plaintext, err := rsa.DecryptOAEP(hash, rand.Reader, priv, ciphertext, nil)
 	if err != nil {
 		log.Fatalln(err)
 	}
 	return plaintext
 }
	package main

	import (
	"crypto/rand"
	"crypto/rsa"
	"crypto/sha256"
	"crypto/sha512"
	"crypto/x509"
	"encoding/pem"
	"fmt"
	"github.com/HirbodBehnam/EasyX25519"
	"golang.org/x/crypto/argon2"
	"golang.org/x/crypto/pbkdf2"
	"golang.org/x/crypto/scrypt"
	"log"
	"time"
	)

	func main() {
	keySize := 2048
	priv,pub := GenerateKeyPair(keySize)
	pem_pub := PublicKeyToBytes(pub)
	fmt.Println("Key size",keySize)
	fmt.Println("========= sha 256 =========")
	{
	now := time.Now()
	h := sha256.New()
	h.Write([]byte("some password"))
	h.Sum(nil)
	fmt.Println(time.Since(now))
	}
	fmt.Println("========= rsa + x25519 =========")
	{
	now := time.Now()
	xC, _ := x25519.NewX25519()
	xS, _ := x25519.NewX25519()
	_, _ = xC.GenerateSharedSecret(xS.PublicKey)
	_, _ = xS.GenerateSharedSecret(xC.PublicKey)
	pub_nonpem := BytesToPublicKey(pem_pub)
	encrypted := EncryptWithPublicKey([]byte("some password"), pub_nonpem)
	DecryptWithPrivateKey(encrypted,priv)
	fmt.Println(time.Since(now))
	}
	fmt.Println("========= pbkdf2 =========")
	{
	now := time.Now()
	_ = pbkdf2.Key([]byte("some password"), []byte("12345678"), 1024*16, 32, sha256.New)
	fmt.Println(time.Since(now))
	}
	fmt.Println("========= rsa + scrypt =========")
	{
	now := time.Now()
	pub_nonpem := BytesToPublicKey(pem_pub)
	encrypted := EncryptWithPublicKey([]byte("some password"), pub_nonpem)
	DecryptWithPrivateKey(encrypted,priv)
	_, _ = scrypt.Key([]byte("some password"), []byte("12345678"), 1<<14, 8, 1, 32)
	fmt.Println(time.Since(now))
	}
	fmt.Println("========= rsa + argon2 =========")
	{
	now := time.Now()
	pub_nonpem := BytesToPublicKey(pem_pub)
	encrypted := EncryptWithPublicKey([]byte("some password"), pub_nonpem)
	DecryptWithPrivateKey(encrypted,priv)
	argon2.IDKey([]byte("some password"), []byte("1234567812345678"), 10, 1<<14, 2, 32)
	fmt.Println(time.Since(now))
	}
	}

	// from https://gist.github.com/miguelmota/3ea9286bd1d3c2a985b67cac4ba2130a

	// GenerateKeyPair generates a new key pair
	func GenerateKeyPair(bits int) (rsa.PrivateKey, rsa.PublicKey) {
	privkey, err := rsa.GenerateKey(rand.Reader, bits)
	if err != nil {
	log.Fatalln(err)
	}
	return privkey, &privkey.PublicKey
	}

	// PrivateKeyToBytes private key to bytes
	func PrivateKeyToBytes(priv *rsa.PrivateKey) []byte {
	privBytes := pem.EncodeToMemory(
	&pem.Block{
	Type: "RSA PRIVATE KEY",
	Bytes: x509.MarshalPKCS1PrivateKey(priv),
	},
	)

	return privBytes
	}

	// PublicKeyToBytes public key to bytes
	func PublicKeyToBytes(pub *rsa.PublicKey) []byte {
	pubASN1, err := x509.MarshalPKIXPublicKey(pub)
	if err != nil {
	log.Fatalln(err)
	}

	pubBytes := pem.EncodeToMemory(&pem.Block{
	Type: "RSA PUBLIC KEY",
	Bytes: pubASN1,
	})

	return pubBytes
	}

	// BytesToPrivateKey bytes to private key
	func BytesToPrivateKey(priv []byte) *rsa.PrivateKey {
	block, _ := pem.Decode(priv)
	enc := x509.IsEncryptedPEMBlock(block)
	b := block.Bytes
	var err error
	if enc {
	log.Println("is encrypted pem block")
	b, err = x509.DecryptPEMBlock(block, nil)
	if err != nil {
	log.Fatalln(err)
	}
	}
	key, err := x509.ParsePKCS1PrivateKey(b)
	if err != nil {
	log.Fatalln(err)
	}
	return key
	}

	// BytesToPublicKey bytes to public key
	func BytesToPublicKey(pub []byte) *rsa.PublicKey {
	block, _ := pem.Decode(pub)
	enc := x509.IsEncryptedPEMBlock(block)
	b := block.Bytes
	var err error
	if enc {
	log.Println("is encrypted pem block")
	b, err = x509.DecryptPEMBlock(block, nil)
	if err != nil {
	log.Fatalln(err)
	}
	}
	ifc, err := x509.ParsePKIXPublicKey(b)
	if err != nil {
	log.Fatalln(err)
	}
	key, ok := ifc.(*rsa.PublicKey)
	if !ok {
	log.Fatalln("not ok")
	}
	return key
	}

	// EncryptWithPublicKey encrypts data with public key
	func EncryptWithPublicKey(msg []byte, pub *rsa.PublicKey) []byte {
	hash := sha512.New()
	ciphertext, err := rsa.EncryptOAEP(hash, rand.Reader, pub, msg, nil)
	if err != nil {
	log.Fatalln(err)
	}
	return ciphertext
	}

	// DecryptWithPrivateKey decrypts data with private key
	func DecryptWithPrivateKey(ciphertext []byte, priv *rsa.PrivateKey) []byte {
	hash := sha512.New()
	plaintext, err := rsa.DecryptOAEP(hash, rand.Reader, priv, ciphertext, nil)
	if err != nil {
	log.Fatalln(err)
	}
	return plaintext
	}