AES: Attempt to make performance tests faster and more stable.

2024-11-10 01:25:21 +00:00 · 2020-10-19 17:51:20 +03:00 · 2020-10-19 17:51:20 +03:00 · 1cf9781d4e
commit 1cf9781d4e
parent 4124538b56
4 changed files with 164 additions and 5 deletions
--- a/tests/performance/encrypt_decrypt.xml
+++ b/tests/performance/encrypt_decrypt.xml
@ -1,4 +1,6 @@
 <test>
+  <!-- "Strict" mode (key and iv length checks), non-empty plaintext.
+  See also other encrypt_decrypt_*.xml for more cases. -->

    <substitutions>
        <substitution>
@ -34,7 +36,6 @@

              <!-- decrypt + encrypt since it is really hard to compose decrypt-only case -->
              <value>decrypt('aes-128-cbc', encrypt('aes-128-cbc', materialize(plaintext), key16, iv16), key16, iv16)</value>
-              <value>decrypt('aes-128-cfb1', encrypt('aes-128-cfb1', materialize(plaintext), key16, iv16), key16, iv16)</value>
              <value>decrypt('aes-128-cfb8', encrypt('aes-128-cfb8', materialize(plaintext), key16, iv16), key16, iv16)</value>
              <value>decrypt('aes-128-cfb128', encrypt('aes-128-cfb128', materialize(plaintext), key16, iv16), key16, iv16)</value>
              <value>decrypt('aes-128-ctr', encrypt('aes-128-ctr', materialize(plaintext), key16, iv16), key16, iv16)</value>
@ -43,7 +44,6 @@
              <value>decrypt('aes-128-gcm', encrypt('aes-128-gcm', materialize(plaintext), key16, iv12, 'aadaadaadaad'), key16, iv12, 'aadaadaadaad')</value>

              <value>decrypt('aes-192-cbc', encrypt('aes-192-cbc', materialize(plaintext), key24, iv16), key24, iv16)</value>
-              <value>decrypt('aes-192-cfb1', encrypt('aes-192-cfb1', materialize(plaintext), key24, iv16), key24, iv16)</value>
              <value>decrypt('aes-192-cfb8', encrypt('aes-192-cfb8', materialize(plaintext), key24, iv16), key24, iv16)</value>
              <value>decrypt('aes-192-cfb128', encrypt('aes-192-cfb128', materialize(plaintext), key24, iv16), key24, iv16)</value>
              <value>decrypt('aes-192-ctr', encrypt('aes-192-ctr', materialize(plaintext), key24, iv16), key24, iv16)</value>
@ -52,7 +52,6 @@
              <value>decrypt('aes-192-gcm', encrypt('aes-192-gcm', materialize(plaintext), key24, iv12, 'aadaadaadaad'), key24, iv12, 'aadaadaadaad')</value>

              <value>decrypt('aes-256-cbc', encrypt('aes-256-cbc', materialize(plaintext), key32, iv16), key32, iv16)</value>
-              <value>decrypt('aes-256-cfb1', encrypt('aes-256-cfb1', materialize(plaintext), key32, iv16), key32, iv16)</value>
              <value>decrypt('aes-256-cfb8', encrypt('aes-256-cfb8', materialize(plaintext), key32, iv16), key32, iv16)</value>
              <value>decrypt('aes-256-cfb128', encrypt('aes-256-cfb128', materialize(plaintext), key32, iv16), key32, iv16)</value>
              <value>decrypt('aes-256-ctr', encrypt('aes-256-ctr', materialize(plaintext), key32, iv16), key32, iv16)</value>
@ -65,13 +64,12 @@
        <substitution>
           <name>table</name>
           <values>
-               <value>numbers(1000000)</value>
+               <value>numbers(100000)</value>
           </values>
        </substitution>
        <substitution>
           <name>plaintext</name>
           <values>
-              <value>''</value>
              <value>number</value>
              <value>'paintext'</value>
              <value>'\x12\x2B\xF9\x16\x93\xA4\xD6\x74\x22\xD9\x17\x5E\x38\xCD\x1D\x7B\xB0\x12\xEC\x43\x6B\xC7\x76\xFD\xA1\xA2\x4E\xFC\xBC\x19\x92\x3A\x12\x8B\xD4\xB3\x62\xA8\x9D\xBB\x3E\x0C\x08\x12\x67\x20\x7D\x02\x58\xCF\xE7\xD6\x06\xB8\xB0\x14\x0A\x70\xA1\x81\x94\x14\x24\x74'</value>
@ -79,5 +77,8 @@
        </substitution>
    </substitutions>

+    <!-- allow OpenSSL-related code load ciphers and warm-up -->
+    <fill_query>WITH {plaintext} as plaintext, repeat('k', 32) as key32, substring(key32, 1, 24) as key24, substring(key32, 1, 16) as key16, repeat('iv', 8) as iv16, substring(iv16, 1, 12) as iv12 SELECT count() FROM {table} WHERE NOT ignore({func}) LIMIT 1</fill_query>
+
    <query>WITH {plaintext} as plaintext, repeat('k', 32) as key32, substring(key32, 1, 24) as key24, substring(key32, 1, 16) as key16, repeat('iv', 8) as iv16, substring(iv16, 1, 12) as iv12 SELECT count() FROM {table} WHERE NOT ignore({func})</query>
 </test>
--- a/tests/performance/encrypt_decrypt_empty_string.xml
+++ b/tests/performance/encrypt_decrypt_empty_string.xml
@ -0,0 +1,67 @@
+<test>
+  <!-- "Strict" mode (key and iv length checks), empty plaintext.
+  Ciphers that produce empty ciphertext on empty plaintext, and hence can be optimized to almost NO-OP. -->
+
+    <substitutions>
+        <substitution>
+          <name>func</name>
+          <values>
+              <!-- materialize(plaitext) is to avoid all-args-are-const optimization, resulting in executing function exactly once. -->
+              <value>encrypt('aes-128-cfb1', materialize(plaintext), key16, iv16)</value>
+              <value>encrypt('aes-128-cfb8', materialize(plaintext), key16, iv16)</value>
+              <value>encrypt('aes-128-cfb128', materialize(plaintext), key16, iv16)</value>
+              <value>encrypt('aes-128-ctr', materialize(plaintext), key16, iv16)</value>
+              <value>encrypt('aes-128-ofb', materialize(plaintext), key16, iv16)</value>
+
+              <value>encrypt('aes-192-cfb1', materialize(plaintext), key24, iv16)</value>
+              <value>encrypt('aes-192-cfb8', materialize(plaintext), key24, iv16)</value>
+              <value>encrypt('aes-192-cfb128', materialize(plaintext), key24, iv16)</value>
+              <value>encrypt('aes-192-ctr', materialize(plaintext), key24, iv16)</value>
+              <value>encrypt('aes-192-ofb', materialize(plaintext), key24, iv16)</value>
+
+              <value>encrypt('aes-256-cfb1', materialize(plaintext), key32, iv16)</value>
+              <value>encrypt('aes-256-cfb8', materialize(plaintext), key32, iv16)</value>
+              <value>encrypt('aes-256-cfb128', materialize(plaintext), key32, iv16)</value>
+              <value>encrypt('aes-256-ctr', materialize(plaintext), key32, iv16)</value>
+              <value>encrypt('aes-256-ofb', materialize(plaintext), key32, iv16)</value>
+
+              <!-- decrypt + encrypt since it is really hard to compose decrypt-only case -->
+              <value>decrypt('aes-128-cfb1', encrypt('aes-128-cfb1', materialize(plaintext), key16, iv16), key16, iv16)</value>
+              <value>decrypt('aes-128-cfb8', encrypt('aes-128-cfb8', materialize(plaintext), key16, iv16), key16, iv16)</value>
+              <value>decrypt('aes-128-cfb128', encrypt('aes-128-cfb128', materialize(plaintext), key16, iv16), key16, iv16)</value>
+              <value>decrypt('aes-128-ctr', encrypt('aes-128-ctr', materialize(plaintext), key16, iv16), key16, iv16)</value>
+              <value>decrypt('aes-128-ofb', encrypt('aes-128-ofb', materialize(plaintext), key16, iv16), key16, iv16)</value>
+
+              <value>decrypt('aes-192-cfb1', encrypt('aes-192-cfb1', materialize(plaintext), key24, iv16), key24, iv16)</value>
+              <value>decrypt('aes-192-cfb8', encrypt('aes-192-cfb8', materialize(plaintext), key24, iv16), key24, iv16)</value>
+              <value>decrypt('aes-192-cfb128', encrypt('aes-192-cfb128', materialize(plaintext), key24, iv16), key24, iv16)</value>
+              <value>decrypt('aes-192-ctr', encrypt('aes-192-ctr', materialize(plaintext), key24, iv16), key24, iv16)</value>
+              <value>decrypt('aes-192-ofb', encrypt('aes-192-ofb', materialize(plaintext), key24, iv16), key24, iv16)</value>
+
+              <value>decrypt('aes-256-cfb1', encrypt('aes-256-cfb1', materialize(plaintext), key32, iv16), key32, iv16)</value>
+              <value>decrypt('aes-256-cfb8', encrypt('aes-256-cfb8', materialize(plaintext), key32, iv16), key32, iv16)</value>
+              <value>decrypt('aes-256-cfb128', encrypt('aes-256-cfb128', materialize(plaintext), key32, iv16), key32, iv16)</value>
+              <value>decrypt('aes-256-ctr', encrypt('aes-256-ctr', materialize(plaintext), key32, iv16), key32, iv16)</value>
+              <value>decrypt('aes-256-ofb', encrypt('aes-256-ofb', materialize(plaintext), key32, iv16), key32, iv16)</value>
+
+           </values>
+        </substitution>
+        <substitution>
+           <name>table</name>
+           <values>
+               <value>numbers(10000000)</value>
+           </values>
+        </substitution>
+        <substitution>
+           <name>plaintext</name>
+           <values>
+              <value>''</value>
+           </values>
+        </substitution>
+    </substitutions>
+
+    <!-- allow OpenSSL-related code load ciphers and warm-up -->
+    <fill_query>WITH {plaintext} as plaintext, repeat('k', 32) as key32, substring(key32, 1, 24) as key24, substring(key32, 1, 16) as key16, repeat('iv', 8) as iv16, substring(iv16, 1, 12) as iv12 SELECT count() FROM {table} WHERE NOT ignore({func}) LIMIT 1</fill_query>
+
+    <query>WITH {plaintext} as plaintext, repeat('k', 32) as key32, substring(key32, 1, 24) as key24, substring(key32, 1, 16) as key16, repeat('iv', 8) as iv16, substring(iv16, 1, 12) as iv12 SELECT count() FROM {table} WHERE NOT ignore({func})</query>
+</test>
--- a/tests/performance/encrypt_decrypt_empty_string_slow.xml
+++ b/tests/performance/encrypt_decrypt_empty_string_slow.xml
@ -0,0 +1,55 @@
+<test>
+  <!-- "Strict" mode (key and iv length checks), empty plaintext.
+  Ciphers that produce non-empty ciphertext on empty plaintext, and hence can't be optimized.-->
+
+    <substitutions>
+        <substitution>
+          <name>func</name>
+          <values>
+              <!-- materialize(plaitext) is to avoid all-args-are-const optimization, resulting in executing function exactly once. -->
+              <value>encrypt('aes-128-cbc', materialize(plaintext), key16, iv16)</value>
+              <value>encrypt('aes-128-ecb', materialize(plaintext), key16)</value>
+              <value>encrypt('aes-128-gcm', materialize(plaintext), key16, iv12, 'aadaadaadaad')</value>
+
+              <value>encrypt('aes-192-cbc', materialize(plaintext), key24, iv16)</value>
+              <value>encrypt('aes-192-ecb', materialize(plaintext), key24)</value>
+              <value>encrypt('aes-192-gcm', materialize(plaintext), key24, iv12, 'aadaadaadaad')</value>
+
+              <value>encrypt('aes-256-cbc', materialize(plaintext), key32, iv16)</value>
+              <value>encrypt('aes-256-ecb', materialize(plaintext), key32)</value>
+              <value>encrypt('aes-256-gcm', materialize(plaintext), key32, iv12, 'aadaadaadaad')</value>
+
+              <!-- decrypt + encrypt since it is really hard to compose decrypt-only case -->
+              <value>decrypt('aes-128-cbc', encrypt('aes-128-cbc', materialize(plaintext), key16, iv16), key16, iv16)</value>
+              <value>decrypt('aes-128-ecb', encrypt('aes-128-ecb', materialize(plaintext), key16), key16)</value>
+              <value>decrypt('aes-128-gcm', encrypt('aes-128-gcm', materialize(plaintext), key16, iv12, 'aadaadaadaad'), key16, iv12, 'aadaadaadaad')</value>
+
+              <value>decrypt('aes-192-cbc', encrypt('aes-192-cbc', materialize(plaintext), key24, iv16), key24, iv16)</value>
+              <value>decrypt('aes-192-ecb', encrypt('aes-192-ecb', materialize(plaintext), key24), key24)</value>
+              <value>decrypt('aes-192-gcm', encrypt('aes-192-gcm', materialize(plaintext), key24, iv12, 'aadaadaadaad'), key24, iv12, 'aadaadaadaad')</value>
+
+              <value>decrypt('aes-256-cbc', encrypt('aes-256-cbc', materialize(plaintext), key32, iv16), key32, iv16)</value>
+              <value>decrypt('aes-256-ecb', encrypt('aes-256-ecb', materialize(plaintext), key32), key32)</value>
+              <value>decrypt('aes-256-gcm', encrypt('aes-256-gcm', materialize(plaintext), key32, iv12, 'aadaadaadaad'), key32, iv12, 'aadaadaadaad')</value>
+
+           </values>
+        </substitution>
+        <substitution>
+           <name>table</name>
+           <values>
+               <value>numbers(100000)</value>
+           </values>
+        </substitution>
+        <substitution>
+           <name>plaintext</name>
+           <values>
+              <value>''</value>
+           </values>
+        </substitution>
+    </substitutions>
+
+    <!-- allow OpenSSL-related code load ciphers and warm-up -->
+    <fill_query>WITH {plaintext} as plaintext, repeat('k', 32) as key32, substring(key32, 1, 24) as key24, substring(key32, 1, 16) as key16, repeat('iv', 8) as iv16, substring(iv16, 1, 12) as iv12 SELECT count() FROM {table} WHERE NOT ignore({func}) LIMIT 1</fill_query>
+
+    <query>WITH {plaintext} as plaintext, repeat('k', 32) as key32, substring(key32, 1, 24) as key24, substring(key32, 1, 16) as key16, repeat('iv', 8) as iv16, substring(iv16, 1, 12) as iv12 SELECT count() FROM {table} WHERE NOT ignore({func})</query>
+</test>
--- a/tests/performance/encrypt_decrypt_slow.xml
+++ b/tests/performance/encrypt_decrypt_slow.xml
@ -0,0 +1,36 @@
+<test>
+  <!-- "Strict" mode (key and iv length checks), non-empty plaintext.
+  Ciphers that are slow on every input are put here. -->
+
+    <substitutions>
+        <substitution>
+          <name>func</name>
+          <values>
+              <!-- decrypt + encrypt since it is really hard to compose decrypt-only case -->
+              <value>decrypt('aes-128-cfb1', encrypt('aes-128-cfb1', materialize(plaintext), key16, iv16), key16, iv16)</value>
+              <value>decrypt('aes-192-cfb1', encrypt('aes-192-cfb1', materialize(plaintext), key24, iv16), key24, iv16)</value>
+              <value>decrypt('aes-256-cfb1', encrypt('aes-256-cfb1', materialize(plaintext), key32, iv16), key32, iv16)</value>
+
+           </values>
+        </substitution>
+        <substitution>
+           <name>table</name>
+           <values>
+               <value>numbers(50000)</value>
+           </values>
+        </substitution>
+        <substitution>
+           <name>plaintext</name>
+           <values>
+              <value>number</value>
+              <value>'paintext'</value>
+              <value>'\x12\x2B\xF9\x16\x93\xA4\xD6\x74\x22\xD9\x17\x5E\x38\xCD\x1D\x7B\xB0\x12\xEC\x43\x6B\xC7\x76\xFD\xA1\xA2\x4E\xFC\xBC\x19\x92\x3A\x12\x8B\xD4\xB3\x62\xA8\x9D\xBB\x3E\x0C\x08\x12\x67\x20\x7D\x02\x58\xCF\xE7\xD6\x06\xB8\xB0\x14\x0A\x70\xA1\x81\x94\x14\x24\x74'</value>
+           </values>
+        </substitution>
+    </substitutions>
+
+    <!-- allow OpenSSL-related code load ciphers and warm-up -->
+    <fill_query>WITH {plaintext} as plaintext, repeat('k', 32) as key32, substring(key32, 1, 24) as key24, substring(key32, 1, 16) as key16, repeat('iv', 8) as iv16, substring(iv16, 1, 12) as iv12 SELECT count() FROM {table} WHERE NOT ignore({func}) LIMIT 1</fill_query>
+
+    <query>WITH {plaintext} as plaintext, repeat('k', 32) as key32, substring(key32, 1, 24) as key24, substring(key32, 1, 16) as key16, repeat('iv', 8) as iv16, substring(iv16, 1, 12) as iv12 SELECT count() FROM {table} WHERE NOT ignore({func})</query>
+</test>