diff --git a/src/common/crypto.cpp b/src/common/crypto.cpp index 5708b07..fcc97d0 100644 --- a/src/common/crypto.cpp +++ b/src/common/crypto.cpp @@ -26,7 +26,6 @@ #include "tier0/memdbgoff.h" #include #include -#include #include "tier0/memdbgon.h" #include "opensslwrapper.h" @@ -42,30 +41,6 @@ void OneTimeCryptoInitOpenSSL() } } -// Allocate a EVP_CIPHER_CTX, and clean it up securely on scope exit -// using RAII -struct EVP_CIPHER_CTX_safe -{ -// #if OPENSSL_API_LEVEL < 2 -// -// // Nice, we can allocate on the stack, super simple and fast -// EVP_CIPHER_CTX_safe() { EVP_CIPHER_CTX_init( &ctx ); } -// ~EVP_CIPHER_CTX_safe() { EVP_CIPHER_CTX_cleanup( &ctx ); } -// inline EVP_CIPHER_CTX *Ptr() { return &ctx; } -// EVP_CIPHER_CTX ctx; -// #else - - // Ug, we have to go through a generic allocator! What the heck - // guys, we need a way to do this efficiently! I don't want to be - // doing heap allocations just to encrypt 1000 bytes! Do they - // expect you to use a thread-local allocation and reuse it? - EVP_CIPHER_CTX_safe() { ctx = EVP_CIPHER_CTX_new(); } - ~EVP_CIPHER_CTX_safe() { EVP_CIPHER_CTX_free( ctx ); } - inline EVP_CIPHER_CTX *Ptr() { return ctx; } - EVP_CIPHER_CTX *ctx; -// #endif -}; - void CCrypto::Init() { OneTimeCryptoInitOpenSSL(); @@ -81,174 +56,6 @@ public: EVPCTXPointer(CTXType ctx) { this->ctx = ctx; } ~EVPCTXPointer() { CleanupFunc(ctx); } }; - -static bool SymmetricEncryptHelper( const uint8 *pubPlaintextData, const uint32 cubPlaintextData_, - const uint8 *pIV, const uint32 cubIV, - uint8 *pubEncryptedData, uint32 *pcubEncryptedData, - const uint8 *pubKey, const uint32 cubKey, bool bWriteIV ) -{ - uint32 cubPlaintextData = cubPlaintextData_; - - VPROF_BUDGET( "CCrypto::SymmetricEncrypt", VPROF_BUDGETGROUP_ENCRYPTION ); - Assert( pubPlaintextData ); - Assert( cubPlaintextData ); - Assert( pIV ); - Assert( cubIV >= k_nSymmetricBlockSize ); - Assert( pubEncryptedData ); - Assert( pcubEncryptedData ); - Assert( *pcubEncryptedData ); - Assert( pubKey ); - Assert( k_nSymmetricKeyLen256 == cubKey || k_nSymmetricKeyLen128 == cubKey ); - - uint32 cubEncryptedData = *pcubEncryptedData; // remember how big the caller's buffer is - - // Output space required = IV block + encrypted data with padding - int nPaddingLength = 16 - ( cubPlaintextData & 15 ); - uint32 cubTotalOutput = ( bWriteIV ? k_nSymmetricBlockSize : 0 ) + cubPlaintextData + nPaddingLength; - Assert( cubEncryptedData >= cubTotalOutput ); - if ( cubEncryptedData < cubTotalOutput ) - return false; - - - const EVP_CIPHER *cipher = NULL; - switch(cubKey * 8) { - case 128: cipher = EVP_aes_128_cbc(); break; - case 256: cipher = EVP_aes_256_cbc(); break; - } - - if (!cipher) - return false; - - EVP_CIPHER_CTX_safe ctx; - if (EVP_EncryptInit_ex( ctx.Ptr(), cipher, NULL, pubKey, pIV) != 1) - return false; - - int ciphertext_len, len; - - if (EVP_EncryptUpdate(ctx.Ptr(), pubEncryptedData, &len, pubPlaintextData, cubPlaintextData) != 1) - return false; - ciphertext_len = len; - - if (EVP_EncryptFinal(ctx.Ptr(), pubEncryptedData + len, &len) != 1) - return false; - ciphertext_len += len; - - *pcubEncryptedData = ciphertext_len; - - return true; -} - -//----------------------------------------------------------------------------- -// Purpose: Encrypts the specified data with the specified key and IV. Uses AES (Rijndael) symmetric -// encryption. The encrypted data may then be decrypted by calling SymmetricDecryptWithIV -// with the same key and IV. -// Input: pubPlaintextData - Data to be encrypted -// cubPlaintextData - Size of data to be encrypted -// pIV - Pointer to initialization vector -// cubIV - Size of initialization vector -// pubEncryptedData - Pointer to buffer to receive encrypted data -// pcubEncryptedData - Pointer to a variable that at time of call contains the size of -// the receive buffer for encrypted data. When the method returns, this will contain -// the actual size of the encrypted data. -// pubKey - the key to encrypt the data with -// cubKey - Size of the key (must be k_nSymmetricKeyLen) -// Output: true if successful, false if encryption failed -//----------------------------------------------------------------------------- - -bool CCrypto::SymmetricEncryptWithIV( const uint8 * pubPlaintextData, uint32 cubPlaintextData, - const uint8 * pIV, uint32 cubIV, uint8 * pubEncryptedData, - uint32 * pcubEncryptedData, const uint8 * pubKey, uint32 cubKey ) -{ - return SymmetricEncryptHelper( pubPlaintextData, cubPlaintextData, pIV, cubIV, pubEncryptedData, pcubEncryptedData, pubKey, cubKey, false /*no prepended IV*/ ); -} - - -// Local helper to perform AES+CBC decryption using optimized OpenSSL AES routines -static bool BDecryptAESUsingOpenSSL( const uint8 *pubEncryptedData, - uint32 cubEncryptedData, uint8 *pubPlaintextData, uint32 *pcubPlaintextData, - const uint8 *pubKey, const uint32 cubKey, const uint8 *pIV, - bool bVerifyPaddingBytes = true ) -{ - COMPILE_TIME_ASSERT( k_nSymmetricBlockSize == 16 ); - - // Block cipher encrypted text must be a multiple of the block size - if ( cubEncryptedData % k_nSymmetricBlockSize != 0 ) - return false; - - // Enough input? Requirement is one padded final block - if ( cubEncryptedData < k_nSymmetricBlockSize ) - return false; - - // Enough output space for all the full non-final blocks? - if ( *pcubPlaintextData < cubEncryptedData - k_nSymmetricBlockSize ) - return false; - - const EVP_CIPHER *cipher = NULL; - switch(cubKey * 8) { - case 128: cipher = EVP_aes_128_cbc(); break; - case 256: cipher = EVP_aes_256_cbc(); break; - } - - if (!cipher) - return false; - - EVP_CIPHER_CTX_safe ctx; - if (EVP_DecryptInit_ex(ctx.Ptr(), cipher, NULL, pubKey, pIV) != 1) - return false; - - int plaintext_len, len; - - if (EVP_DecryptUpdate(ctx.Ptr(), pubPlaintextData, &len, pubEncryptedData, cubEncryptedData) != 1) - return false; - plaintext_len = len; - - if (EVP_DecryptFinal(ctx.Ptr(), pubPlaintextData + plaintext_len, &len) != 1) - return false; - plaintext_len += len; - - *pcubPlaintextData = plaintext_len; - - return true; -} - - -//----------------------------------------------------------------------------- -// Purpose: Decrypts the specified data with the specified key. Uses AES (Rijndael) symmetric -// decryption. -// Input: pubEncryptedData - Data to be decrypted -// cubEncryptedData - Size of data to be decrypted -// pIV - Initialization vector. Byte array one block in size. -// cubIV - size of IV. This should be 16 (one block, 128 bits) -// pubPlaintextData - Pointer to buffer to receive decrypted data -// pcubPlaintextData - Pointer to a variable that at time of call contains the size of -// the receive buffer for decrypted data. When the method returns, this will contain -// the actual size of the decrypted data. -// pubKey - the key to decrypt the data with -// cubKey - Size of the key (must be k_nSymmetricKeyLen) -// Output: true if successful, false if decryption failed -//----------------------------------------------------------------------------- -bool CCrypto::SymmetricDecryptWithIV( const uint8 *pubEncryptedData, uint32 cubEncryptedData, - const uint8 * pIV, uint32 cubIV, - uint8 *pubPlaintextData, uint32 *pcubPlaintextData, - const uint8 *pubKey, const uint32 cubKey, bool bVerifyPaddingBytes ) -{ - Assert( pubEncryptedData ); - Assert( cubEncryptedData); - Assert( pIV ); - Assert( cubIV ); - Assert( pubPlaintextData ); - Assert( pcubPlaintextData ); - Assert( *pcubPlaintextData ); - Assert( pubKey ); - Assert( k_nSymmetricKeyLen256 == cubKey || k_nSymmetricKeyLen128 == cubKey ); - - // IV input into CBC must be exactly one block size - if ( cubIV != k_nSymmetricBlockSize ) - return false; - - return BDecryptAESUsingOpenSSL( pubEncryptedData, cubEncryptedData, pubPlaintextData, pcubPlaintextData, pubKey, cubKey, pIV, bVerifyPaddingBytes ); -} - SymmetricCryptContextBase::SymmetricCryptContextBase() { evp_cipher_ctx = nullptr; diff --git a/src/common/crypto.h b/src/common/crypto.h index c15bf09..e34b0b9 100644 --- a/src/common/crypto.h +++ b/src/common/crypto.h @@ -93,35 +93,8 @@ public: namespace CCrypto { - enum ECDSACurve { - k_ECDSACurve_secp256k1, - k_ECDSACurve_secp256r1, - }; - void Init(); - // SymmetricEncryptWithIV is NOT compatible with SymmetricDecrypt, because it does not write - // the IV into the data stream - it is assumed that the IV is communicated or agreed upon by - // some other out-of-band method. Pair it with SymmetricDecryptWithIV to decrpyt. Output is - // always 1-16 bytes longer than input due to PKCS#7 block padding. - bool SymmetricEncryptWithIV( const uint8 * pubPlaintextData, uint32 cubPlaintextData, - const uint8 * pIV, uint32 cubIV, - uint8 * pubEncryptedData, uint32 * pcubEncryptedData, - const uint8 * pubKey, uint32 cubKey ); - - bool SymmetricDecryptRecoverIV( const uint8 * pubEncryptedData, uint32 cubEncryptedData, - uint8 * pubPlaintextData, uint32 * pcubPlaintextData, uint8 *pIV, uint32 cubIV, - const uint8 * pubKey, uint32 cubKey, bool bVerifyPaddingBytes = true ); - - - // SymmetricDecryptWithIV assumes that the encrypted data does not begin with an IV. - // If you created the encrypted data with SymmetricEncryptChosenIV, you must discard - // the first 16 bytes of encrypted output before passing it to SymmetricDecryptWithIV. - bool SymmetricDecryptWithIV( const uint8 * pubEncryptedData, uint32 cubEncryptedData, - const uint8 * pIV, uint32 cubIV, - uint8 * pubPlaintextData, uint32 * pcubPlaintextData, - const uint8 * pubKey, uint32 cubKey, bool bVerifyPaddingBytes = true ); - // Symmetric encryption and authentication using AES-GCM. bool SymmetricAuthEncryptWithIV( const void *pPlaintextData, size_t cbPlaintextData, diff --git a/tests/test_crypto.cpp b/tests/test_crypto.cpp index ecc818e..280cced 100644 --- a/tests/test_crypto.cpp +++ b/tests/test_crypto.cpp @@ -11,8 +11,8 @@ // I copied these tests from the Steam branch. // A little compatibility glue so I don't have to make any changes to them. -#define CHECK(x) do { bool _check_result; Assert(_check_result = (x)); g_failed |= !_check_result; } while(0) -#define CHECK_EQUAL(a,b) do { bool _check_eq_result; Assert(_check_eq_result = ((a)==(b))); g_failed |= !_check_eq_result; } while(0) +#define CHECK(x) do { bool _check_result; Assert( (_check_result = (x)) != false ); g_failed |= !_check_result; } while(0) +#define CHECK_EQUAL(a,b) do { bool _check_eq_result; Assert( (_check_eq_result = ((a)==(b))) != false ); g_failed |= !_check_eq_result; } while(0) #define RETURNIFNOT(x) { if ( !(x) ) { AssertMsg( false, #x ); return; } } #define RETURNFALSEIFNOT(x) { if ( !(x) ) { AssertMsg( false, #x ); return false; } } const int k_cSmallBuff = 100; // smallish buffer @@ -169,64 +169,6 @@ void TestCryptoEncoding() } } -void TestSymmetricCrypto() -{ - bool bRet; - uint8 rgubIV[ k_nSymmetricBlockSize ]; - uint8 rgubKey[k_nSymmetricKeyLen]; - uint8 rgubKey2[k_nSymmetricKeyLen]; - - // Generate a couple of random keys and an IV. - CCrypto::GenerateRandomBlock( rgubKey, V_ARRAYSIZE( rgubKey ) ); - CCrypto::GenerateRandomBlock( rgubKey2, V_ARRAYSIZE( rgubKey2 ) ); - CCrypto::GenerateRandomBlock( rgubIV, V_ARRAYSIZE( rgubIV ) ); - - const char rgchSrc[] = "This is a test of symmetric encryption! It is at least 160 bytes long " - "to trigger at least two iterations of the 64-byte AES-NI optimized path on systems that " - "support AES-NI instructions. Blah blah blah blah blah. Blah blah blah blah blah. 12345 "; - uint8 rgubEncrypted[k_cMedBuff]; - uint cubEncrypted = V_ARRAYSIZE( rgubEncrypted ); - uint8 rgubOutput[k_cMedBuff]; - - // Repeat the same test but this time using ...WithIV so as to not prepend the IV at all. - cubEncrypted = V_ARRAYSIZE( rgubEncrypted ); - bRet = CCrypto::SymmetricEncryptWithIV( (const uint8*)rgchSrc, V_ARRAYSIZE( rgchSrc ), - rgubIV, sizeof(rgubIV), - rgubEncrypted, &cubEncrypted, - rgubKey, V_ARRAYSIZE( rgubKey ) ); - CHECK( bRet ); // must succeed - uint cubOutput = V_ARRAYSIZE( rgubOutput ); - bRet = CCrypto::SymmetricDecryptWithIV( rgubEncrypted, cubEncrypted, rgubIV, sizeof(rgubIV), - rgubOutput, &cubOutput, rgubKey, V_ARRAYSIZE( rgubKey ) ); - CHECK( bRet ); // must succeed - CHECK( cubOutput == V_ARRAYSIZE( rgchSrc ) ); // output length must be same as input length - CHECK( !V_strcmp( rgchSrc, (const char *) rgubOutput ) ); // output must be the same as input - - // - // In-place decryption. Make sure that we get correct results if the destination buffer and - // source buffer are identical. - // - uint8 rgubInplace[k_cMedBuff]; - uint cubInplace = V_ARRAYSIZE( rgubInplace ); - - // Now try ...WithIV in place as well - V_memcpy( rgubInplace, rgchSrc, V_ARRAYSIZE(rgchSrc) ); - cubInplace = V_ARRAYSIZE( rgubInplace ); - bRet = CCrypto::SymmetricEncryptWithIV( rgubInplace, V_ARRAYSIZE( rgchSrc ), rgubIV, sizeof(rgubIV), rgubInplace, - &cubInplace, rgubKey, V_ARRAYSIZE( rgubKey ) ); - CHECK( bRet ); - // In place encryption with ...WithIV should result in identical ciphertext again - CHECK( cubEncrypted == cubInplace ); - CHECK( !V_memcmp( rgubEncrypted, rgubInplace, cubEncrypted ) ); - - // In-place ...WithIV decryption - bRet = CCrypto::SymmetricDecryptWithIV( rgubInplace, cubInplace, rgubIV, sizeof( rgubIV ), rgubInplace, - &cubInplace, rgubKey, V_ARRAYSIZE( rgubKey ) ); - CHECK( bRet ); - CHECK_EQUAL( cubInplace, V_ARRAYSIZE( rgchSrc ) ); - CHECK( !V_strcmp( rgchSrc, (const char *)rgubInplace ) ); -} - // https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/CAVP-TESTING-BLOCK-CIPHER-MODES // https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/mac/gcmtestvectors.zip class NISTTestVectorFile @@ -356,7 +298,7 @@ void TestSymmetricAuthCrypto_EncryptTestVectorFile( const char *pszFilename ) void TestSymmetricAuthCryptoVectors() { #ifndef TEST_VECTOR_DIR - #define TEST_VECTOR_DIR "./aesgcmtestvectors/" + #define TEST_VECTOR_DIR "aesgcmtestvectors/" #endif // Check against known test vectors @@ -394,8 +336,8 @@ void TestEllipticCrypto() SHA256Digest_t aliceSharedSecret = {0}; SHA256Digest_t bobSharedSecret = {1}; - CCrypto::PerformKeyExchange( alicePriv, bobPub, &aliceSharedSecret ); - CCrypto::PerformKeyExchange( bobPriv, alicePub, &bobSharedSecret ); + CHECK( CCrypto::PerformKeyExchange( alicePriv, bobPub, &aliceSharedSecret ) ); + CHECK( CCrypto::PerformKeyExchange( bobPriv, alicePub, &bobSharedSecret ) ); CHECK( V_memcmp( aliceSharedSecret, bobSharedSecret, sizeof(SHA256Digest_t) ) == 0 ); CHECK( V_memcmp( expectedResult, aliceSharedSecret, sizeof(SHA256Digest_t) ) == 0 ); @@ -419,8 +361,8 @@ void TestEllipticCrypto() CCrypto::GenerateKeyExchangeKeyPair( &alicePub, &alicePriv ); CCrypto::GenerateKeyExchangeKeyPair( &bobPub, &bobPriv ); // alice and bob send each other only their public keys. - CCrypto::PerformKeyExchange( alicePriv, bobPub, &aliceSharedSecret ); - CCrypto::PerformKeyExchange( bobPriv, alicePub, &bobSharedSecret ); + CHECK( CCrypto::PerformKeyExchange( alicePriv, bobPub, &aliceSharedSecret ) ); + CHECK( CCrypto::PerformKeyExchange( bobPriv, alicePub, &bobSharedSecret ) ); // alice and bob should have computed the same shared secret. CHECK( V_memcmp( aliceSharedSecret, bobSharedSecret, sizeof( bobSharedSecret ) ) == 0 ); @@ -586,7 +528,7 @@ void TestEllipticPerf() CECKeyExchangePublicKey pub; CECKeyExchangePrivateKey priv; CCrypto::GenerateKeyExchangeKeyPair( &pub, &priv ); - CCrypto::PerformKeyExchange( priv, lastPub, &sharedsecret ); + CHECK( CCrypto::PerformKeyExchange( priv, lastPub, &sharedsecret ) ); x ^= sharedsecret[0] ^ sharedsecret[sizeof(sharedsecret)-1]; } double dMicrosecPerECDH = double( Plat_USTime() - usecStart ) / k_cIterationsECDH; @@ -647,50 +589,6 @@ void TestEllipticPerf() printf( "\tVerify ed25519 signature (big):\t\t\t%f MB/sec (%d iterations)\n", dRateLargeMBPerSecCheck, k_cIterationsSignBig ); } -//----------------------------------------------------------------------------- -// Purpose: Performs specified # of symmetric encryptions -//----------------------------------------------------------------------------- -void SymmetricEncryptRepeatedly( int cIterations, uint8 *pubData, int cubToEncrypt, uint8 *pubIV, uint cubIV, uint8 *pubKey, uint cubKey ) -{ - int nBufSize = cubToEncrypt + 32; // 16 = AES block size.. worst case for padded data - uint8 *pEncrypted = new uint8[ nBufSize ]; - - // try a bunch of iterations of symmetric encrypting big packets - for ( int iIteration = 0; iIteration < cIterations; iIteration++ ) - { - uint cubEncrypted = nBufSize; - bool bRet = CCrypto::SymmetricEncryptWithIV( &pubData[iIteration], cubToEncrypt, - pubIV, cubIV, - pEncrypted, &cubEncrypted, - pubKey, cubKey ); - CHECK( bRet ); // must succeed - } - - delete [] pEncrypted; -} - -//----------------------------------------------------------------------------- -// Purpose: Performs specified # of symmetric descryptions -//----------------------------------------------------------------------------- -void SymmetricDecryptRepeatedly( int cIterations, uint8 *pubEncrypted, int cubEncrypted, uint8 *pubIV, uint cubIV, uint8 *pubKey, uint cubKey ) -{ - int nBufSize = cubEncrypted + 32; // 16 = AES block size.. worst case for padded data - uint8 *pEncrypted = new uint8[ nBufSize ]; - - // try a bunch of iterations of symmetric encrypting big packets - for ( int iIteration = 0; iIteration < cIterations; iIteration++ ) - { - uint cubOutput = nBufSize; - bool bRet = CCrypto::SymmetricDecryptWithIV( pubEncrypted, cubEncrypted, - pubIV, cubIV, - pEncrypted, &cubOutput, - pubKey, cubKey ); - CHECK( bRet ); // must succeed - } - - delete [] pEncrypted; -} - //----------------------------------------------------------------------------- // Purpose: Performs specified # of symmetric encryptions //----------------------------------------------------------------------------- @@ -737,77 +635,6 @@ void SymmetricAuthDecryptRepeatedly( int cIterations, AES_GCM_DecryptContext &ct delete [] pDecrypted; } -//----------------------------------------------------------------------------- -// Purpose: Tests symmetric crypto perf -//----------------------------------------------------------------------------- -void TestSymmetricCryptoPerf() -{ - uint64 usecStart; - - // generate a random key - uint8 rgubKey[k_nSymmetricKeyLen]; - uint8 rgubIV[ k_nSymmetricBlockSize ]; - CCrypto::GenerateRandomBlock( rgubKey, V_ARRAYSIZE( rgubKey ) ); - - const int k_cIterations = 10000; - - const int k_cMaxData = 800; - const int k_cBufs = 5; - const int k_cubTestBuf = k_cMaxData * k_cBufs + k_cIterations; - - const int k_cubPktBig = 1200; - const int k_cubPktSmall = 100; - uint8 rgubData[k_cubTestBuf]; - - CCrypto::GenerateRandomBlock( rgubIV, V_ARRAYSIZE( rgubIV ) ); - - // fill data buffer with arbitrary data - uint8 rgubEncrypted[ k_cubPktBig + 32 ]; // 16 = AES block size.. worst case for padded data - for ( int iubData = 0; iubData < V_ARRAYSIZE( rgubData ); iubData ++ ) - rgubData[iubData] = (uint8) iubData; - - // try a bunch of iterations of symmetric encrypting small packets - usecStart = Plat_USTime(); - SymmetricEncryptRepeatedly( k_cIterations, rgubData, k_cubPktSmall, rgubIV, k_nSymmetricBlockSize, rgubKey, V_ARRAYSIZE( rgubKey ) ); - int cMicroSecPerEncryptSmall = Plat_USTime() - usecStart; - - // try a bunch of iterations of symmetric encrypting big packets - usecStart = Plat_USTime(); - SymmetricEncryptRepeatedly( k_cIterations, rgubData, k_cubPktBig, rgubIV, k_nSymmetricBlockSize, rgubKey, V_ARRAYSIZE( rgubKey ) ); - int cMicroSecPerEncryptBig = Plat_USTime() - usecStart; - double dRateLargeEncrypt = double( k_cubPktBig ) * k_cIterations / cMicroSecPerEncryptBig; - - // try a bunch of iterations decrypting small packets - uint cubEncrypted = V_ARRAYSIZE( rgubEncrypted ); - bool bRet = CCrypto::SymmetricEncryptWithIV( rgubData, k_cubPktSmall, - rgubIV, k_nSymmetricBlockSize, - rgubEncrypted, &cubEncrypted, - rgubKey, V_ARRAYSIZE( rgubKey ) ); - CHECK( bRet ); - usecStart = Plat_USTime(); - SymmetricDecryptRepeatedly( k_cIterations, rgubEncrypted, cubEncrypted, rgubIV, k_nSymmetricBlockSize, rgubKey, V_ARRAYSIZE( rgubKey ) ); - int cMicroSecPerDecryptSmall = Plat_USTime() - usecStart; - - // try a bunch of iterations decrypting big packets - cubEncrypted = V_ARRAYSIZE( rgubEncrypted ); - bRet = CCrypto::SymmetricEncryptWithIV( rgubData, k_cubPktBig, - rgubIV, k_nSymmetricBlockSize, - rgubEncrypted, &cubEncrypted, - rgubKey, V_ARRAYSIZE( rgubKey ) ); - CHECK( bRet ); - usecStart = Plat_USTime(); - SymmetricDecryptRepeatedly( k_cIterations, rgubEncrypted, cubEncrypted, rgubIV, k_nSymmetricBlockSize, rgubKey, V_ARRAYSIZE( rgubKey ) ); - int cMicroSecPerDecryptBig = Plat_USTime() - usecStart; - double dRateLargeDecrypt = double( k_cubPktBig ) * k_cIterations / cMicroSecPerDecryptBig; - - printf( "\tSymmetric encrypt (small):\t\t%d microsec (%d iterations)\n", cMicroSecPerEncryptSmall, k_cIterations ); - printf( "\tSymmetric encrypt (big):\t\t%d microsec (%d iterations)\n", cMicroSecPerEncryptBig, k_cIterations ); - printf( "\tSymmetric encrypt (big):\t\t%f MB/sec (%d iterations)\n", dRateLargeEncrypt, k_cIterations ); - printf( "\tSymmetric decrypt (small):\t\t%d microsec (%d iterations)\n", cMicroSecPerDecryptSmall, k_cIterations ); - printf( "\tSymmetric decrypt (big):\t\t%d microsec (%d iterations)\n", cMicroSecPerDecryptBig, k_cIterations ); - printf( "\tSymmetric decrypt (big):\t\t%f MB/sec (%d iterations)\n", dRateLargeDecrypt, k_cIterations ); -} - //----------------------------------------------------------------------------- // Purpose: Tests symmetric crypto perf //----------------------------------------------------------------------------- @@ -916,12 +743,10 @@ int main() CCrypto::Init(); TestCryptoEncoding(); - TestSymmetricCrypto(); TestSymmetricAuthCryptoVectors(); TestEllipticCrypto(); TestOpenSSHEd25519(); TestEllipticPerf(); - TestSymmetricCryptoPerf(); TestSymmetricAuthCryptoPerf(); return g_failed ? 1 : 0;