ClickHouse/tests/performance/encrypt_decrypt.xml

<test>
  <!-- "Strict" mode (key and iv length checks), non-empty plaintext.
  See also other encrypt_decrypt_*.xml for more cases. -->

    <substitutions>
        <substitution>
          <name>func</name>
          <values>
              <!-- materialize(plaitext) is to avoid all-args-are-const optimization, resulting in executing function exactly once. -->
              <value>encrypt('aes-128-cbc', materialize(plaintext), key16, iv16)</value>
              <value>encrypt('aes-128-cfb128', materialize(plaintext), key16, iv16)</value>
              <value>encrypt('aes-128-ctr', materialize(plaintext), key16, iv16)</value>
              <value>encrypt('aes-128-ecb', materialize(plaintext), key16)</value>
              <value>encrypt('aes-128-ofb', materialize(plaintext), key16, iv16)</value>
              <value>encrypt('aes-128-gcm', materialize(plaintext), key16, iv12, 'aadaadaadaad')</value>

              <value>encrypt('aes-192-cbc', materialize(plaintext), key24, iv16)</value>
              <value>encrypt('aes-192-ctr', materialize(plaintext), key24, iv16)</value>
              <value>encrypt('aes-192-ecb', materialize(plaintext), key24)</value>
              <value>encrypt('aes-192-ofb', materialize(plaintext), key24, iv16)</value>
              <value>encrypt('aes-192-gcm', materialize(plaintext), key24, iv12, 'aadaadaadaad')</value>

              <value>encrypt('aes-256-cbc', materialize(plaintext), key32, iv16)</value>
              <value>encrypt('aes-256-ctr', materialize(plaintext), key32, iv16)</value>
              <value>encrypt('aes-256-ecb', materialize(plaintext), key32)</value>
              <value>encrypt('aes-256-ofb', materialize(plaintext), key32, iv16)</value>
              <value>encrypt('aes-256-gcm', materialize(plaintext), key32, iv12, 'aadaadaadaad')</value>

              <!-- decrypt + encrypt since it is really hard to compose decrypt-only case -->
              <value>decrypt('aes-128-cbc', encrypt('aes-128-cbc', materialize(plaintext), key16, iv16), key16, iv16)</value>
              <value>decrypt('aes-128-cfb128', encrypt('aes-128-cfb128', materialize(plaintext), key16, iv16), key16, iv16)</value>
              <value>decrypt('aes-128-ctr', encrypt('aes-128-ctr', materialize(plaintext), key16, iv16), key16, iv16)</value>
              <value>decrypt('aes-128-ecb', encrypt('aes-128-ecb', materialize(plaintext), key16), key16)</value>
              <value>decrypt('aes-128-ofb', encrypt('aes-128-ofb', materialize(plaintext), key16, iv16), key16, iv16)</value>
              <value>decrypt('aes-128-gcm', encrypt('aes-128-gcm', materialize(plaintext), key16, iv12, 'aadaadaadaad'), key16, iv12, 'aadaadaadaad')</value>

              <value>decrypt('aes-192-cbc', encrypt('aes-192-cbc', materialize(plaintext), key24, iv16), key24, iv16)</value>
              <value>decrypt('aes-192-ctr', encrypt('aes-192-ctr', materialize(plaintext), key24, iv16), key24, iv16)</value>
              <value>decrypt('aes-192-ecb', encrypt('aes-192-ecb', materialize(plaintext), key24), key24)</value>
              <value>decrypt('aes-192-ofb', encrypt('aes-192-ofb', materialize(plaintext), key24, iv16), key24, iv16)</value>
              <value>decrypt('aes-192-gcm', encrypt('aes-192-gcm', materialize(plaintext), key24, iv12, 'aadaadaadaad'), key24, iv12, 'aadaadaadaad')</value>

              <value>decrypt('aes-256-cbc', encrypt('aes-256-cbc', materialize(plaintext), key32, iv16), key32, iv16)</value>
              <value>decrypt('aes-256-ctr', encrypt('aes-256-ctr', materialize(plaintext), key32, iv16), key32, iv16)</value>
              <value>decrypt('aes-256-ecb', encrypt('aes-256-ecb', materialize(plaintext), key32), key32)</value>
              <value>decrypt('aes-256-ofb', encrypt('aes-256-ofb', materialize(plaintext), key32, iv16), key32, iv16)</value>
              <value>decrypt('aes-256-gcm', encrypt('aes-256-gcm', materialize(plaintext), key32, iv12, 'aadaadaadaad'), key32, iv12, 'aadaadaadaad')</value>

           </values>
        </substitution>
        <substitution>
           <name>table</name>
           <values>
               <value>numbers(2000000)</value>
           </values>
        </substitution>
        <substitution>
           <name>plaintext</name>
           <values>
              <value>'paintext'</value>
              <value>'\x12\x2B\xF9\x16\x93\xA4\xD6\x74\x22\xD9\x17\x5E\x38\xCD\x1D\x7B\xB0\x12\xEC\x43\x6B\xC7\x76\xFD\xA1\xA2\x4E\xFC\xBC\x19\x92\x3A\x12\x8B\xD4\xB3\x62\xA8\x9D\xBB\x3E\x0C\x08\x12\x67\x20\x7D\x02\x58\xCF\xE7\xD6\x06\xB8\xB0\x14\x0A\x70\xA1\x81\x94\x14\x24\x74'</value>
           </values>
        </substitution>
    </substitutions>

    <!-- allow OpenSSL-related code load ciphers and warm-up -->
    <fill_query>WITH {plaintext} as plaintext, repeat('k', 32) as key32, substring(key32, 1, 24) as key24, substring(key32, 1, 16) as key16, repeat('iv', 8) as iv16, substring(iv16, 1, 12) as iv12 SELECT count() FROM {table} WHERE NOT ignore({func}) LIMIT 1</fill_query>

    <query>WITH {plaintext} as plaintext, repeat('k', 32) as key32, substring(key32, 1, 24) as key24, substring(key32, 1, 16) as key16, repeat('iv', 8) as iv16, substring(iv16, 1, 12) as iv12 SELECT count() FROM {table} WHERE NOT ignore({func})</query>
</test>