diff --git a/src/bench/crypto_aes.cpp b/src/bench/crypto_aes.cpp --- a/src/bench/crypto_aes.cpp +++ b/src/bench/crypto_aes.cpp @@ -7,38 +7,16 @@ #include #include -#define BENCH_AES128_ITERATION 800000 -#define BENCH_AES128CBC_ITERATION 200000 #define BENCH_AES256_ITERATION 640000 #define BENCH_AES256CBC_ITERATION 160000 -static void AES128_Encrypt(benchmark::State &state) { - const std::vector key(AES128_KEYSIZE, 0); - const std::vector plaintext(16, 0); - std::vector cyphertext(16, 0); - - while (state.KeepRunning()) { - AES128Encrypt(key.data()).Encrypt(cyphertext.data(), plaintext.data()); - } -} - -static void AES128_Decrypt(benchmark::State &state) { - const std::vector key(AES128_KEYSIZE, 0); - const std::vector cyphertext(16, 0); - std::vector plaintext(16, 0); - - while (state.KeepRunning()) { - AES128Decrypt(key.data()).Decrypt(plaintext.data(), cyphertext.data()); - } -} - static void AES256_Encrypt(benchmark::State &state) { const std::vector key(AES256_KEYSIZE, 0); const std::vector plaintext(16, 0); std::vector cyphertext(16, 0); while (state.KeepRunning()) { - AES128Encrypt(key.data()).Encrypt(cyphertext.data(), plaintext.data()); + AES256Encrypt(key.data()).Encrypt(cyphertext.data(), plaintext.data()); } } @@ -48,55 +26,7 @@ std::vector plaintext(16, 0); while (state.KeepRunning()) { - AES128Decrypt(key.data()).Decrypt(plaintext.data(), cyphertext.data()); - } -} - -static void AES128CBC_EncryptNoPad(benchmark::State &state) { - const std::vector key(AES128_KEYSIZE, 0); - const std::vector iv(AES_BLOCKSIZE, 0); - const std::vector plaintext(128, 0); - std::vector cyphertext(128, 0); - - while (state.KeepRunning()) { - AES128CBCEncrypt(key.data(), iv.data(), false) - .Encrypt(plaintext.data(), plaintext.size(), cyphertext.data()); - } -} - -static void AES128CBC_DecryptNoPad(benchmark::State &state) { - const std::vector key(AES128_KEYSIZE, 0); - const std::vector iv(AES_BLOCKSIZE, 0); - const std::vector cyphertext(128, 0); - std::vector plaintext(128, 0); - - while (state.KeepRunning()) { - AES128CBCDecrypt(key.data(), iv.data(), false) - .Decrypt(cyphertext.data(), cyphertext.size(), plaintext.data()); - } -} - -static void AES128CBC_EncryptWithPad(benchmark::State &state) { - const std::vector key(AES128_KEYSIZE, 0); - const std::vector iv(AES_BLOCKSIZE, 0); - const std::vector plaintext(128, 0); - std::vector cyphertext(128 + AES_BLOCKSIZE, 0); - - while (state.KeepRunning()) { - AES128CBCEncrypt(key.data(), iv.data(), true) - .Encrypt(plaintext.data(), plaintext.size(), cyphertext.data()); - } -} - -static void AES128CBC_DecryptWithPad(benchmark::State &state) { - const std::vector key(AES128_KEYSIZE, 0); - const std::vector iv(AES_BLOCKSIZE, 0); - const std::vector cyphertext(128, 0); - std::vector plaintext(128 + AES_BLOCKSIZE, 0); - - while (state.KeepRunning()) { - AES128CBCDecrypt(key.data(), iv.data(), true) - .Decrypt(cyphertext.data(), cyphertext.size(), plaintext.data()); + AES256Decrypt(key.data()).Decrypt(plaintext.data(), cyphertext.data()); } } @@ -148,14 +78,8 @@ } } -BENCHMARK(AES128_Encrypt, BENCH_AES128_ITERATION); -BENCHMARK(AES128_Decrypt, BENCH_AES128_ITERATION); BENCHMARK(AES256_Encrypt, BENCH_AES256_ITERATION); BENCHMARK(AES256_Decrypt, BENCH_AES256_ITERATION); -BENCHMARK(AES128CBC_EncryptNoPad, BENCH_AES128CBC_ITERATION); -BENCHMARK(AES128CBC_DecryptNoPad, BENCH_AES128CBC_ITERATION); -BENCHMARK(AES128CBC_EncryptWithPad, BENCH_AES128CBC_ITERATION); -BENCHMARK(AES128CBC_DecryptWithPad, BENCH_AES128CBC_ITERATION); BENCHMARK(AES256CBC_EncryptNoPad, BENCH_AES256CBC_ITERATION); BENCHMARK(AES256CBC_DecryptNoPad, BENCH_AES256CBC_ITERATION); BENCHMARK(AES256CBC_EncryptWithPad, BENCH_AES256CBC_ITERATION); diff --git a/src/crypto/aes.h b/src/crypto/aes.h --- a/src/crypto/aes.h +++ b/src/crypto/aes.h @@ -12,31 +12,8 @@ } static const int AES_BLOCKSIZE = 16; -static const int AES128_KEYSIZE = 16; static const int AES256_KEYSIZE = 32; -/** An encryption class for AES-128. */ -class AES128Encrypt { -private: - AES128_ctx ctx; - -public: - explicit AES128Encrypt(const uint8_t key[16]); - ~AES128Encrypt(); - void Encrypt(uint8_t ciphertext[16], const uint8_t plaintext[16]) const; -}; - -/** A decryption class for AES-128. */ -class AES128Decrypt { -private: - AES128_ctx ctx; - -public: - explicit AES128Decrypt(const uint8_t key[16]); - ~AES128Decrypt(); - void Decrypt(uint8_t plaintext[16], const uint8_t ciphertext[16]) const; -}; - /** An encryption class for AES-256. */ class AES256Encrypt { private: @@ -85,30 +62,4 @@ uint8_t iv[AES_BLOCKSIZE]; }; -class AES128CBCEncrypt { -public: - explicit AES128CBCEncrypt(const uint8_t key[AES128_KEYSIZE], - const uint8_t ivIn[AES_BLOCKSIZE], bool padIn); - ~AES128CBCEncrypt(); - int Encrypt(const uint8_t *data, int size, uint8_t *out) const; - -private: - const AES128Encrypt enc; - const bool pad; - uint8_t iv[AES_BLOCKSIZE]; -}; - -class AES128CBCDecrypt { -public: - explicit AES128CBCDecrypt(const uint8_t key[AES128_KEYSIZE], - const uint8_t ivIn[AES_BLOCKSIZE], bool padIn); - ~AES128CBCDecrypt(); - int Decrypt(const uint8_t *data, int size, uint8_t *out) const; - -private: - const AES128Decrypt dec; - const bool pad; - uint8_t iv[AES_BLOCKSIZE]; -}; - #endif // BITCOIN_CRYPTO_AES_H diff --git a/src/crypto/aes.cpp b/src/crypto/aes.cpp --- a/src/crypto/aes.cpp +++ b/src/crypto/aes.cpp @@ -12,32 +12,6 @@ #include } -AES128Encrypt::AES128Encrypt(const uint8_t key[16]) { - AES128_init(&ctx, key); -} - -AES128Encrypt::~AES128Encrypt() { - memset(&ctx, 0, sizeof(ctx)); -} - -void AES128Encrypt::Encrypt(uint8_t ciphertext[16], - const uint8_t plaintext[16]) const { - AES128_encrypt(&ctx, 1, ciphertext, plaintext); -} - -AES128Decrypt::AES128Decrypt(const uint8_t key[16]) { - AES128_init(&ctx, key); -} - -AES128Decrypt::~AES128Decrypt() { - memset(&ctx, 0, sizeof(ctx)); -} - -void AES128Decrypt::Decrypt(uint8_t plaintext[16], - const uint8_t ciphertext[16]) const { - AES128_decrypt(&ctx, 1, plaintext, ciphertext); -} - AES256Encrypt::AES256Encrypt(const uint8_t key[32]) { AES256_init(&ctx, key); } @@ -168,35 +142,3 @@ AES256CBCDecrypt::~AES256CBCDecrypt() { memset(iv, 0, sizeof(iv)); } - -AES128CBCEncrypt::AES128CBCEncrypt(const uint8_t key[AES128_KEYSIZE], - const uint8_t ivIn[AES_BLOCKSIZE], - bool padIn) - : enc(key), pad(padIn) { - memcpy(iv, ivIn, AES_BLOCKSIZE); -} - -AES128CBCEncrypt::~AES128CBCEncrypt() { - memset(iv, 0, AES_BLOCKSIZE); -} - -int AES128CBCEncrypt::Encrypt(const uint8_t *data, int size, - uint8_t *out) const { - return CBCEncrypt(enc, iv, data, size, pad, out); -} - -AES128CBCDecrypt::AES128CBCDecrypt(const uint8_t key[AES128_KEYSIZE], - const uint8_t ivIn[AES_BLOCKSIZE], - bool padIn) - : dec(key), pad(padIn) { - memcpy(iv, ivIn, AES_BLOCKSIZE); -} - -AES128CBCDecrypt::~AES128CBCDecrypt() { - memset(iv, 0, AES_BLOCKSIZE); -} - -int AES128CBCDecrypt::Decrypt(const uint8_t *data, int size, - uint8_t *out) const { - return CBCDecrypt(dec, iv, data, size, pad, out); -} diff --git a/src/test/crypto_tests.cpp b/src/test/crypto_tests.cpp --- a/src/test/crypto_tests.cpp +++ b/src/test/crypto_tests.cpp @@ -85,26 +85,6 @@ ParseHex(hexout)); } -static void TestAES128(const std::string &hexkey, const std::string &hexin, - const std::string &hexout) { - std::vector key = ParseHex(hexkey); - std::vector in = ParseHex(hexin); - std::vector correctout = ParseHex(hexout); - std::vector buf, buf2; - - assert(key.size() == 16); - assert(in.size() == 16); - assert(correctout.size() == 16); - AES128Encrypt enc(key.data()); - buf.resize(correctout.size()); - buf2.resize(correctout.size()); - enc.Encrypt(buf.data(), in.data()); - BOOST_CHECK_EQUAL(HexStr(buf), HexStr(correctout)); - AES128Decrypt dec(key.data()); - dec.Decrypt(buf2.data(), buf.data()); - BOOST_CHECK_EQUAL(HexStr(buf2), HexStr(in)); -} - static void TestAES256(const std::string &hexkey, const std::string &hexin, const std::string &hexout) { std::vector key = ParseHex(hexkey); @@ -124,52 +104,6 @@ BOOST_CHECK(buf == in); } -static void TestAES128CBC(const std::string &hexkey, const std::string &hexiv, - bool pad, const std::string &hexin, - const std::string &hexout) { - std::vector key = ParseHex(hexkey); - std::vector iv = ParseHex(hexiv); - std::vector in = ParseHex(hexin); - std::vector correctout = ParseHex(hexout); - std::vector realout(in.size() + AES_BLOCKSIZE); - - // Encrypt the plaintext and verify that it equals the cipher - AES128CBCEncrypt enc(key.data(), iv.data(), pad); - int size = enc.Encrypt(in.data(), in.size(), realout.data()); - realout.resize(size); - BOOST_CHECK(realout.size() == correctout.size()); - BOOST_CHECK_MESSAGE(realout == correctout, - HexStr(realout) + std::string(" != ") + hexout); - - // Decrypt the cipher and verify that it equals the plaintext - std::vector decrypted(correctout.size()); - AES128CBCDecrypt dec(key.data(), iv.data(), pad); - size = dec.Decrypt(correctout.data(), correctout.size(), decrypted.data()); - decrypted.resize(size); - BOOST_CHECK(decrypted.size() == in.size()); - BOOST_CHECK_MESSAGE(decrypted == in, - HexStr(decrypted) + std::string(" != ") + hexin); - - // Encrypt and re-decrypt substrings of the plaintext and verify that they - // equal each-other - for (std::vector::iterator i(in.begin()); i != in.end(); ++i) { - std::vector sub(i, in.end()); - std::vector subout(sub.size() + AES_BLOCKSIZE); - int _size = enc.Encrypt(sub.data(), sub.size(), subout.data()); - if (_size != 0) { - subout.resize(_size); - std::vector subdecrypted(subout.size()); - _size = - dec.Decrypt(subout.data(), subout.size(), subdecrypted.data()); - subdecrypted.resize(_size); - BOOST_CHECK(decrypted.size() == in.size()); - BOOST_CHECK_MESSAGE(subdecrypted == sub, HexStr(subdecrypted) + - std::string(" != ") + - HexStr(sub)); - } - } -} - static void TestAES256CBC(const std::string &hexkey, const std::string &hexiv, bool pad, const std::string &hexin, const std::string &hexout) { @@ -503,26 +437,11 @@ BOOST_AUTO_TEST_CASE(aes_testvectors) { // AES test vectors from FIPS 197. - TestAES128("000102030405060708090a0b0c0d0e0f", - "00112233445566778899aabbccddeeff", - "69c4e0d86a7b0430d8cdb78070b4c55a"); TestAES256( "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", "00112233445566778899aabbccddeeff", "8ea2b7ca516745bfeafc49904b496089"); // AES-ECB test vectors from NIST sp800-38a. - TestAES128("2b7e151628aed2a6abf7158809cf4f3c", - "6bc1bee22e409f96e93d7e117393172a", - "3ad77bb40d7a3660a89ecaf32466ef97"); - TestAES128("2b7e151628aed2a6abf7158809cf4f3c", - "ae2d8a571e03ac9c9eb76fac45af8e51", - "f5d3d58503b9699de785895a96fdbaaf"); - TestAES128("2b7e151628aed2a6abf7158809cf4f3c", - "30c81c46a35ce411e5fbc1191a0a52ef", - "43b1cd7f598ece23881b00e3ed030688"); - TestAES128("2b7e151628aed2a6abf7158809cf4f3c", - "f69f2445df4f9b17ad2b417be66c3710", - "7b0c785e27e8ad3f8223207104725dd4"); TestAES256( "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", "6bc1bee22e409f96e93d7e117393172a", "f3eed1bdb5d2a03c064b5a7e3db181f8"); @@ -538,43 +457,6 @@ } BOOST_AUTO_TEST_CASE(aes_cbc_testvectors) { - - // NIST AES CBC 128-bit encryption test-vectors - TestAES128CBC("2b7e151628aed2a6abf7158809cf4f3c", - "000102030405060708090A0B0C0D0E0F", false, - "6bc1bee22e409f96e93d7e117393172a", - "7649abac8119b246cee98e9b12e9197d"); - TestAES128CBC("2b7e151628aed2a6abf7158809cf4f3c", - "7649ABAC8119B246CEE98E9B12E9197D", false, - "ae2d8a571e03ac9c9eb76fac45af8e51", - "5086cb9b507219ee95db113a917678b2"); - TestAES128CBC("2b7e151628aed2a6abf7158809cf4f3c", - "5086cb9b507219ee95db113a917678b2", false, - "30c81c46a35ce411e5fbc1191a0a52ef", - "73bed6b8e3c1743b7116e69e22229516"); - TestAES128CBC("2b7e151628aed2a6abf7158809cf4f3c", - "73bed6b8e3c1743b7116e69e22229516", false, - "f69f2445df4f9b17ad2b417be66c3710", - "3ff1caa1681fac09120eca307586e1a7"); - - // The same vectors with padding enabled - TestAES128CBC( - "2b7e151628aed2a6abf7158809cf4f3c", "000102030405060708090A0B0C0D0E0F", - true, "6bc1bee22e409f96e93d7e117393172a", - "7649abac8119b246cee98e9b12e9197d8964e0b149c10b7b682e6e39aaeb731c"); - TestAES128CBC( - "2b7e151628aed2a6abf7158809cf4f3c", "7649ABAC8119B246CEE98E9B12E9197D", - true, "ae2d8a571e03ac9c9eb76fac45af8e51", - "5086cb9b507219ee95db113a917678b255e21d7100b988ffec32feeafaf23538"); - TestAES128CBC( - "2b7e151628aed2a6abf7158809cf4f3c", "5086cb9b507219ee95db113a917678b2", - true, "30c81c46a35ce411e5fbc1191a0a52ef", - "73bed6b8e3c1743b7116e69e22229516f6eccda327bf8e5ec43718b0039adceb"); - TestAES128CBC( - "2b7e151628aed2a6abf7158809cf4f3c", "73bed6b8e3c1743b7116e69e22229516", - true, "f69f2445df4f9b17ad2b417be66c3710", - "3ff1caa1681fac09120eca307586e1a78cb82807230e1321d3fae00d18cc2012"); - // NIST AES CBC 256-bit encryption test-vectors TestAES256CBC( "603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4",