GitHub/GameNetworkingSockets
1
0
Fork 0
mirror of https://github.com/ValveSoftware/GameNetworkingSockets.git synced 2026-05-29 16:20:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Delete unused code and tests for AES-CBC encryption.

Browse Source 
We're using AES-GCM now.

Also:
- Tests now check the return value of CCrypto::PerformKeyExchange
- Fix some MSVC compiler warnings in tests
- Delete some more dead code
This commit is contained in:
Fletcher Dunn
2019-01-22 09:57:27 -08:00
parent 9bfa9b9bee
commit 403e9c4562
3 changed files with 8 additions and 403 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/common/crypto.cpp
-193
View File
@@ -26,7 +26,6 @@
#include "tier0/memdbgoff.h"
#include <openssl/evp.h>
#include <openssl/pem.h>
#include <openssl/evp.h>
#include "tier0/memdbgon.h"
#include "opensslwrapper.h"
@@ -42,30 +41,6 @@ void OneTimeCryptoInitOpenSSL()
}
}
// Allocate a EVP_CIPHER_CTX, and clean it up securely on scope exit
// using RAII
struct EVP_CIPHER_CTX_safe
{
// #if OPENSSL_API_LEVEL < 2
//
// // Nice, we can allocate on the stack, super simple and fast
// EVP_CIPHER_CTX_safe() { EVP_CIPHER_CTX_init( &ctx ); }
// ~EVP_CIPHER_CTX_safe() { EVP_CIPHER_CTX_cleanup( &ctx ); }
// inline EVP_CIPHER_CTX *Ptr() { return &ctx; }
// EVP_CIPHER_CTX ctx;
// #else
// Ug, we have to go through a generic allocator! What the heck
// guys, we need a way to do this efficiently! I don't want to be
// doing heap allocations just to encrypt 1000 bytes! Do they
// expect you to use a thread-local allocation and reuse it?
EVP_CIPHER_CTX_safe() { ctx = EVP_CIPHER_CTX_new(); }
~EVP_CIPHER_CTX_safe() { EVP_CIPHER_CTX_free( ctx ); }
inline EVP_CIPHER_CTX *Ptr() { return ctx; }
EVP_CIPHER_CTX *ctx;
// #endif
};
void CCrypto::Init()
{
OneTimeCryptoInitOpenSSL();
@@ -81,174 +56,6 @@ public:
EVPCTXPointer(CTXType ctx) { this->ctx = ctx; }
~EVPCTXPointer() { CleanupFunc(ctx); }
};
static bool SymmetricEncryptHelper( const uint8 *pubPlaintextData, const uint32 cubPlaintextData_,
const uint8 *pIV, const uint32 cubIV,
uint8 *pubEncryptedData, uint32 *pcubEncryptedData,
const uint8 *pubKey, const uint32 cubKey, bool bWriteIV )
{
uint32 cubPlaintextData = cubPlaintextData_;
VPROF_BUDGET( "CCrypto::SymmetricEncrypt", VPROF_BUDGETGROUP_ENCRYPTION );
Assert( pubPlaintextData );
Assert( cubPlaintextData );
Assert( pIV );
Assert( cubIV >= k_nSymmetricBlockSize );
Assert( pubEncryptedData );
Assert( pcubEncryptedData );
Assert( *pcubEncryptedData );
Assert( pubKey );
Assert( k_nSymmetricKeyLen256 == cubKey || k_nSymmetricKeyLen128 == cubKey );
uint32 cubEncryptedData = *pcubEncryptedData; // remember how big the caller's buffer is
// Output space required = IV block + encrypted data with padding
int nPaddingLength = 16 - ( cubPlaintextData & 15 );
uint32 cubTotalOutput = ( bWriteIV ? k_nSymmetricBlockSize : 0 ) + cubPlaintextData + nPaddingLength;
Assert( cubEncryptedData >= cubTotalOutput );
if ( cubEncryptedData < cubTotalOutput )
return false;
const EVP_CIPHER *cipher = NULL;
switch(cubKey * 8) {
case 128: cipher = EVP_aes_128_cbc(); break;
case 256: cipher = EVP_aes_256_cbc(); break;
}
if (!cipher)
return false;
EVP_CIPHER_CTX_safe ctx;
if (EVP_EncryptInit_ex( ctx.Ptr(), cipher, NULL, pubKey, pIV) != 1)
return false;
int ciphertext_len, len;
if (EVP_EncryptUpdate(ctx.Ptr(), pubEncryptedData, &len, pubPlaintextData, cubPlaintextData) != 1)
return false;
ciphertext_len = len;
if (EVP_EncryptFinal(ctx.Ptr(), pubEncryptedData + len, &len) != 1)
return false;
ciphertext_len += len;
*pcubEncryptedData = ciphertext_len;
return true;
}
//-----------------------------------------------------------------------------
// Purpose: Encrypts the specified data with the specified key and IV. Uses AES (Rijndael) symmetric
// encryption. The encrypted data may then be decrypted by calling SymmetricDecryptWithIV
// with the same key and IV.
// Input: pubPlaintextData - Data to be encrypted
// cubPlaintextData - Size of data to be encrypted
// pIV - Pointer to initialization vector
// cubIV - Size of initialization vector
// pubEncryptedData - Pointer to buffer to receive encrypted data
// pcubEncryptedData - Pointer to a variable that at time of call contains the size of
// the receive buffer for encrypted data. When the method returns, this will contain
// the actual size of the encrypted data.
// pubKey - the key to encrypt the data with
// cubKey - Size of the key (must be k_nSymmetricKeyLen)
// Output: true if successful, false if encryption failed
//-----------------------------------------------------------------------------
bool CCrypto::SymmetricEncryptWithIV( const uint8 * pubPlaintextData, uint32 cubPlaintextData,
const uint8 * pIV, uint32 cubIV, uint8 * pubEncryptedData,
uint32 * pcubEncryptedData, const uint8 * pubKey, uint32 cubKey )
{
return SymmetricEncryptHelper( pubPlaintextData, cubPlaintextData, pIV, cubIV, pubEncryptedData, pcubEncryptedData, pubKey, cubKey, false /*no prepended IV*/ );
}
// Local helper to perform AES+CBC decryption using optimized OpenSSL AES routines
static bool BDecryptAESUsingOpenSSL( const uint8 *pubEncryptedData,
uint32 cubEncryptedData, uint8 *pubPlaintextData, uint32 *pcubPlaintextData,
const uint8 *pubKey, const uint32 cubKey, const uint8 *pIV,
bool bVerifyPaddingBytes = true )
{
COMPILE_TIME_ASSERT( k_nSymmetricBlockSize == 16 );
// Block cipher encrypted text must be a multiple of the block size
if ( cubEncryptedData % k_nSymmetricBlockSize != 0 )
return false;
// Enough input? Requirement is one padded final block
if ( cubEncryptedData < k_nSymmetricBlockSize )
return false;
// Enough output space for all the full non-final blocks?
if ( *pcubPlaintextData < cubEncryptedData - k_nSymmetricBlockSize )
return false;
const EVP_CIPHER *cipher = NULL;
switch(cubKey * 8) {
case 128: cipher = EVP_aes_128_cbc(); break;
case 256: cipher = EVP_aes_256_cbc(); break;
}
if (!cipher)
return false;
EVP_CIPHER_CTX_safe ctx;
if (EVP_DecryptInit_ex(ctx.Ptr(), cipher, NULL, pubKey, pIV) != 1)
return false;
int plaintext_len, len;
if (EVP_DecryptUpdate(ctx.Ptr(), pubPlaintextData, &len, pubEncryptedData, cubEncryptedData) != 1)
return false;
plaintext_len = len;
if (EVP_DecryptFinal(ctx.Ptr(), pubPlaintextData + plaintext_len, &len) != 1)
return false;
plaintext_len += len;
*pcubPlaintextData = plaintext_len;
return true;
}
//-----------------------------------------------------------------------------
// Purpose: Decrypts the specified data with the specified key. Uses AES (Rijndael) symmetric
// decryption.
// Input: pubEncryptedData - Data to be decrypted
// cubEncryptedData - Size of data to be decrypted
// pIV - Initialization vector. Byte array one block in size.
// cubIV - size of IV. This should be 16 (one block, 128 bits)
// pubPlaintextData - Pointer to buffer to receive decrypted data
// pcubPlaintextData - Pointer to a variable that at time of call contains the size of
// the receive buffer for decrypted data. When the method returns, this will contain
// the actual size of the decrypted data.
// pubKey - the key to decrypt the data with
// cubKey - Size of the key (must be k_nSymmetricKeyLen)
// Output: true if successful, false if decryption failed
//-----------------------------------------------------------------------------
bool CCrypto::SymmetricDecryptWithIV( const uint8 *pubEncryptedData, uint32 cubEncryptedData,
const uint8 * pIV, uint32 cubIV,
uint8 *pubPlaintextData, uint32 *pcubPlaintextData,
const uint8 *pubKey, const uint32 cubKey, bool bVerifyPaddingBytes )
{
Assert( pubEncryptedData );
Assert( cubEncryptedData);
Assert( pIV );
Assert( cubIV );
Assert( pubPlaintextData );
Assert( pcubPlaintextData );
Assert( *pcubPlaintextData );
Assert( pubKey );
Assert( k_nSymmetricKeyLen256 == cubKey || k_nSymmetricKeyLen128 == cubKey );
// IV input into CBC must be exactly one block size
if ( cubIV != k_nSymmetricBlockSize )
return false;
return BDecryptAESUsingOpenSSL( pubEncryptedData, cubEncryptedData, pubPlaintextData, pcubPlaintextData, pubKey, cubKey, pIV, bVerifyPaddingBytes );
}
SymmetricCryptContextBase::SymmetricCryptContextBase()
{
evp_cipher_ctx = nullptr;
src/common/crypto.h
-27
View File
@@ -93,35 +93,8 @@ public:
namespace CCrypto
{
enum ECDSACurve {
k_ECDSACurve_secp256k1,
k_ECDSACurve_secp256r1,
};
void Init();
// SymmetricEncryptWithIV is NOT compatible with SymmetricDecrypt, because it does not write
// the IV into the data stream - it is assumed that the IV is communicated or agreed upon by
// some other out-of-band method. Pair it with SymmetricDecryptWithIV to decrpyt. Output is
// always 1-16 bytes longer than input due to PKCS#7 block padding.
bool SymmetricEncryptWithIV( const uint8 * pubPlaintextData, uint32 cubPlaintextData,
const uint8 * pIV, uint32 cubIV,
uint8 * pubEncryptedData, uint32 * pcubEncryptedData,
const uint8 * pubKey, uint32 cubKey );
bool SymmetricDecryptRecoverIV( const uint8 * pubEncryptedData, uint32 cubEncryptedData,
uint8 * pubPlaintextData, uint32 * pcubPlaintextData, uint8 *pIV, uint32 cubIV,
const uint8 * pubKey, uint32 cubKey, bool bVerifyPaddingBytes = true );
// SymmetricDecryptWithIV assumes that the encrypted data does not begin with an IV.
// If you created the encrypted data with SymmetricEncryptChosenIV, you must discard
// the first 16 bytes of encrypted output before passing it to SymmetricDecryptWithIV.
bool SymmetricDecryptWithIV( const uint8 * pubEncryptedData, uint32 cubEncryptedData,
const uint8 * pIV, uint32 cubIV,
uint8 * pubPlaintextData, uint32 * pcubPlaintextData,
const uint8 * pubKey, uint32 cubKey, bool bVerifyPaddingBytes = true );
// Symmetric encryption and authentication using AES-GCM.
bool SymmetricAuthEncryptWithIV(
const void *pPlaintextData, size_t cbPlaintextData,
tests/test_crypto.cpp
+8 -183
View File
@@ -11,8 +11,8 @@
// I copied these tests from the Steam branch.
// A little compatibility glue so I don't have to make any changes to them.
#define CHECK(x) do { bool _check_result; Assert(_check_result = (x)); g_failed |= !_check_result; } while(0)
#define CHECK_EQUAL(a,b) do { bool _check_eq_result; Assert(_check_eq_result = ((a)==(b))); g_failed |= !_check_eq_result; } while(0)
#define CHECK(x) do { bool _check_result; Assert( (_check_result = (x)) != false ); g_failed |= !_check_result; } while(0)
#define CHECK_EQUAL(a,b) do { bool _check_eq_result; Assert( (_check_eq_result = ((a)==(b))) != false ); g_failed |= !_check_eq_result; } while(0)
#define RETURNIFNOT(x) { if ( !(x) ) { AssertMsg( false, #x ); return; } }
#define RETURNFALSEIFNOT(x) { if ( !(x) ) { AssertMsg( false, #x ); return false; } }
const int k_cSmallBuff = 100; // smallish buffer
@@ -169,64 +169,6 @@ void TestCryptoEncoding()
}
}
void TestSymmetricCrypto()
{
bool bRet;
uint8 rgubIV[ k_nSymmetricBlockSize ];
uint8 rgubKey[k_nSymmetricKeyLen];
uint8 rgubKey2[k_nSymmetricKeyLen];
// Generate a couple of random keys and an IV.
CCrypto::GenerateRandomBlock( rgubKey, V_ARRAYSIZE( rgubKey ) );
CCrypto::GenerateRandomBlock( rgubKey2, V_ARRAYSIZE( rgubKey2 ) );
CCrypto::GenerateRandomBlock( rgubIV, V_ARRAYSIZE( rgubIV ) );
const char rgchSrc[] = "This is a test of symmetric encryption! It is at least 160 bytes long "
"to trigger at least two iterations of the 64-byte AES-NI optimized path on systems that "
"support AES-NI instructions. Blah blah blah blah blah. Blah blah blah blah blah. 12345 ";
uint8 rgubEncrypted[k_cMedBuff];
uint cubEncrypted = V_ARRAYSIZE( rgubEncrypted );
uint8 rgubOutput[k_cMedBuff];
// Repeat the same test but this time using ...WithIV so as to not prepend the IV at all.
cubEncrypted = V_ARRAYSIZE( rgubEncrypted );
bRet = CCrypto::SymmetricEncryptWithIV( (const uint8*)rgchSrc, V_ARRAYSIZE( rgchSrc ),
rgubIV, sizeof(rgubIV),
rgubEncrypted, &cubEncrypted,
rgubKey, V_ARRAYSIZE( rgubKey ) );
CHECK( bRet ); // must succeed
uint cubOutput = V_ARRAYSIZE( rgubOutput );
bRet = CCrypto::SymmetricDecryptWithIV( rgubEncrypted, cubEncrypted, rgubIV, sizeof(rgubIV),
rgubOutput, &cubOutput, rgubKey, V_ARRAYSIZE( rgubKey ) );
CHECK( bRet ); // must succeed
CHECK( cubOutput == V_ARRAYSIZE( rgchSrc ) ); // output length must be same as input length
CHECK( !V_strcmp( rgchSrc, (const char *) rgubOutput ) ); // output must be the same as input
//
// In-place decryption. Make sure that we get correct results if the destination buffer and
// source buffer are identical.
//
uint8 rgubInplace[k_cMedBuff];
uint cubInplace = V_ARRAYSIZE( rgubInplace );
// Now try ...WithIV in place as well
V_memcpy( rgubInplace, rgchSrc, V_ARRAYSIZE(rgchSrc) );
cubInplace = V_ARRAYSIZE( rgubInplace );
bRet = CCrypto::SymmetricEncryptWithIV( rgubInplace, V_ARRAYSIZE( rgchSrc ), rgubIV, sizeof(rgubIV), rgubInplace,
&cubInplace, rgubKey, V_ARRAYSIZE( rgubKey ) );
CHECK( bRet );
// In place encryption with ...WithIV should result in identical ciphertext again
CHECK( cubEncrypted == cubInplace );
CHECK( !V_memcmp( rgubEncrypted, rgubInplace, cubEncrypted ) );
// In-place ...WithIV decryption
bRet = CCrypto::SymmetricDecryptWithIV( rgubInplace, cubInplace, rgubIV, sizeof( rgubIV ), rgubInplace,
&cubInplace, rgubKey, V_ARRAYSIZE( rgubKey ) );
CHECK( bRet );
CHECK_EQUAL( cubInplace, V_ARRAYSIZE( rgchSrc ) );
CHECK( !V_strcmp( rgchSrc, (const char *)rgubInplace ) );
}
// https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/CAVP-TESTING-BLOCK-CIPHER-MODES
// https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/mac/gcmtestvectors.zip
class NISTTestVectorFile
@@ -356,7 +298,7 @@ void TestSymmetricAuthCrypto_EncryptTestVectorFile( const char *pszFilename )
void TestSymmetricAuthCryptoVectors()
{
#ifndef TEST_VECTOR_DIR
#define TEST_VECTOR_DIR "./aesgcmtestvectors/"
#define TEST_VECTOR_DIR "aesgcmtestvectors/"
#endif
// Check against known test vectors
@@ -394,8 +336,8 @@ void TestEllipticCrypto()
SHA256Digest_t aliceSharedSecret = {0};
SHA256Digest_t bobSharedSecret = {1};
CCrypto::PerformKeyExchange( alicePriv, bobPub, &aliceSharedSecret );
CCrypto::PerformKeyExchange( bobPriv, alicePub, &bobSharedSecret );
CHECK( CCrypto::PerformKeyExchange( alicePriv, bobPub, &aliceSharedSecret ) );
CHECK( CCrypto::PerformKeyExchange( bobPriv, alicePub, &bobSharedSecret ) );
CHECK( V_memcmp( aliceSharedSecret, bobSharedSecret, sizeof(SHA256Digest_t) ) == 0 );
CHECK( V_memcmp( expectedResult, aliceSharedSecret, sizeof(SHA256Digest_t) ) == 0 );
@@ -419,8 +361,8 @@ void TestEllipticCrypto()
CCrypto::GenerateKeyExchangeKeyPair( &alicePub, &alicePriv );
CCrypto::GenerateKeyExchangeKeyPair( &bobPub, &bobPriv );
// alice and bob send each other only their public keys.
CCrypto::PerformKeyExchange( alicePriv, bobPub, &aliceSharedSecret );
CCrypto::PerformKeyExchange( bobPriv, alicePub, &bobSharedSecret );
CHECK( CCrypto::PerformKeyExchange( alicePriv, bobPub, &aliceSharedSecret ) );
CHECK( CCrypto::PerformKeyExchange( bobPriv, alicePub, &bobSharedSecret ) );
// alice and bob should have computed the same shared secret.
CHECK( V_memcmp( aliceSharedSecret, bobSharedSecret, sizeof( bobSharedSecret ) ) == 0 );
@@ -586,7 +528,7 @@ void TestEllipticPerf()
CECKeyExchangePublicKey pub;
CECKeyExchangePrivateKey priv;
CCrypto::GenerateKeyExchangeKeyPair( &pub, &priv );
CCrypto::PerformKeyExchange( priv, lastPub, &sharedsecret );
CHECK( CCrypto::PerformKeyExchange( priv, lastPub, &sharedsecret ) );
x ^= sharedsecret[0] ^ sharedsecret[sizeof(sharedsecret)-1];
}
double dMicrosecPerECDH = double( Plat_USTime() - usecStart ) / k_cIterationsECDH;
@@ -647,50 +589,6 @@ void TestEllipticPerf()
printf( "\tVerify ed25519 signature (big):\t\t\t%f MB/sec (%d iterations)\n", dRateLargeMBPerSecCheck, k_cIterationsSignBig );
}
//-----------------------------------------------------------------------------
// Purpose: Performs specified # of symmetric encryptions
//-----------------------------------------------------------------------------
void SymmetricEncryptRepeatedly( int cIterations, uint8 *pubData, int cubToEncrypt, uint8 *pubIV, uint cubIV, uint8 *pubKey, uint cubKey )
{
int nBufSize = cubToEncrypt + 32; // 16 = AES block size.. worst case for padded data
uint8 *pEncrypted = new uint8[ nBufSize ];
// try a bunch of iterations of symmetric encrypting big packets
for ( int iIteration = 0; iIteration < cIterations; iIteration++ )
{
uint cubEncrypted = nBufSize;
bool bRet = CCrypto::SymmetricEncryptWithIV( &pubData[iIteration], cubToEncrypt,
pubIV, cubIV,
pEncrypted, &cubEncrypted,
pubKey, cubKey );
CHECK( bRet ); // must succeed
}
delete [] pEncrypted;
}
//-----------------------------------------------------------------------------
// Purpose: Performs specified # of symmetric descryptions
//-----------------------------------------------------------------------------
void SymmetricDecryptRepeatedly( int cIterations, uint8 *pubEncrypted, int cubEncrypted, uint8 *pubIV, uint cubIV, uint8 *pubKey, uint cubKey )
{
int nBufSize = cubEncrypted + 32; // 16 = AES block size.. worst case for padded data
uint8 *pEncrypted = new uint8[ nBufSize ];
// try a bunch of iterations of symmetric encrypting big packets
for ( int iIteration = 0; iIteration < cIterations; iIteration++ )
{
uint cubOutput = nBufSize;
bool bRet = CCrypto::SymmetricDecryptWithIV( pubEncrypted, cubEncrypted,
pubIV, cubIV,
pEncrypted, &cubOutput,
pubKey, cubKey );
CHECK( bRet ); // must succeed
}
delete [] pEncrypted;
}
//-----------------------------------------------------------------------------
// Purpose: Performs specified # of symmetric encryptions
//-----------------------------------------------------------------------------
@@ -737,77 +635,6 @@ void SymmetricAuthDecryptRepeatedly( int cIterations, AES_GCM_DecryptContext &ct
delete [] pDecrypted;
}
//-----------------------------------------------------------------------------
// Purpose: Tests symmetric crypto perf
//-----------------------------------------------------------------------------
void TestSymmetricCryptoPerf()
{
uint64 usecStart;
// generate a random key
uint8 rgubKey[k_nSymmetricKeyLen];
uint8 rgubIV[ k_nSymmetricBlockSize ];
CCrypto::GenerateRandomBlock( rgubKey, V_ARRAYSIZE( rgubKey ) );
const int k_cIterations = 10000;
const int k_cMaxData = 800;
const int k_cBufs = 5;
const int k_cubTestBuf = k_cMaxData * k_cBufs + k_cIterations;
const int k_cubPktBig = 1200;
const int k_cubPktSmall = 100;
uint8 rgubData[k_cubTestBuf];
CCrypto::GenerateRandomBlock( rgubIV, V_ARRAYSIZE( rgubIV ) );
// fill data buffer with arbitrary data
uint8 rgubEncrypted[ k_cubPktBig + 32 ]; // 16 = AES block size.. worst case for padded data
for ( int iubData = 0; iubData < V_ARRAYSIZE( rgubData ); iubData ++ )
rgubData[iubData] = (uint8) iubData;
// try a bunch of iterations of symmetric encrypting small packets
usecStart = Plat_USTime();
SymmetricEncryptRepeatedly( k_cIterations, rgubData, k_cubPktSmall, rgubIV, k_nSymmetricBlockSize, rgubKey, V_ARRAYSIZE( rgubKey ) );
int cMicroSecPerEncryptSmall = Plat_USTime() - usecStart;
// try a bunch of iterations of symmetric encrypting big packets
usecStart = Plat_USTime();
SymmetricEncryptRepeatedly( k_cIterations, rgubData, k_cubPktBig, rgubIV, k_nSymmetricBlockSize, rgubKey, V_ARRAYSIZE( rgubKey ) );
int cMicroSecPerEncryptBig = Plat_USTime() - usecStart;
double dRateLargeEncrypt = double( k_cubPktBig ) * k_cIterations / cMicroSecPerEncryptBig;
// try a bunch of iterations decrypting small packets
uint cubEncrypted = V_ARRAYSIZE( rgubEncrypted );
bool bRet = CCrypto::SymmetricEncryptWithIV( rgubData, k_cubPktSmall,
rgubIV, k_nSymmetricBlockSize,
rgubEncrypted, &cubEncrypted,
rgubKey, V_ARRAYSIZE( rgubKey ) );
CHECK( bRet );
usecStart = Plat_USTime();
SymmetricDecryptRepeatedly( k_cIterations, rgubEncrypted, cubEncrypted, rgubIV, k_nSymmetricBlockSize, rgubKey, V_ARRAYSIZE( rgubKey ) );
int cMicroSecPerDecryptSmall = Plat_USTime() - usecStart;
// try a bunch of iterations decrypting big packets
cubEncrypted = V_ARRAYSIZE( rgubEncrypted );
bRet = CCrypto::SymmetricEncryptWithIV( rgubData, k_cubPktBig,
rgubIV, k_nSymmetricBlockSize,
rgubEncrypted, &cubEncrypted,
rgubKey, V_ARRAYSIZE( rgubKey ) );
CHECK( bRet );
usecStart = Plat_USTime();
SymmetricDecryptRepeatedly( k_cIterations, rgubEncrypted, cubEncrypted, rgubIV, k_nSymmetricBlockSize, rgubKey, V_ARRAYSIZE( rgubKey ) );
int cMicroSecPerDecryptBig = Plat_USTime() - usecStart;
double dRateLargeDecrypt = double( k_cubPktBig ) * k_cIterations / cMicroSecPerDecryptBig;
printf( "\tSymmetric encrypt (small):\t\t%d microsec (%d iterations)\n", cMicroSecPerEncryptSmall, k_cIterations );
printf( "\tSymmetric encrypt (big):\t\t%d microsec (%d iterations)\n", cMicroSecPerEncryptBig, k_cIterations );
printf( "\tSymmetric encrypt (big):\t\t%f MB/sec (%d iterations)\n", dRateLargeEncrypt, k_cIterations );
printf( "\tSymmetric decrypt (small):\t\t%d microsec (%d iterations)\n", cMicroSecPerDecryptSmall, k_cIterations );
printf( "\tSymmetric decrypt (big):\t\t%d microsec (%d iterations)\n", cMicroSecPerDecryptBig, k_cIterations );
printf( "\tSymmetric decrypt (big):\t\t%f MB/sec (%d iterations)\n", dRateLargeDecrypt, k_cIterations );
}
//-----------------------------------------------------------------------------
// Purpose: Tests symmetric crypto perf
//-----------------------------------------------------------------------------
@@ -916,12 +743,10 @@ int main()
CCrypto::Init();
TestCryptoEncoding();
TestSymmetricCrypto();
TestSymmetricAuthCryptoVectors();
TestEllipticCrypto();
TestOpenSSHEd25519();
TestEllipticPerf();
TestSymmetricCryptoPerf();
TestSymmetricAuthCryptoPerf();
return g_failed ? 1 : 0;