Bitcoin Core  0.19.99
P2P Digital Currency
chacha_poly_aead.cpp
Go to the documentation of this file.
1 // Copyright (c) 2019 The Bitcoin Core developers
2 // Distributed under the MIT software license, see the accompanying
3 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
4 
5 #include <iostream>
6 
7 #include <bench/bench.h>
9 #include <crypto/poly1305.h> // for the POLY1305_TAGLEN constant
10 #include <hash.h>
11 
12 #include <limits>
13 #include <assert.h>
14 
15 /* Number of bytes to process per iteration */
16 static constexpr uint64_t BUFFER_SIZE_TINY = 64;
17 static constexpr uint64_t BUFFER_SIZE_SMALL = 256;
18 static constexpr uint64_t BUFFER_SIZE_LARGE = 1024 * 1024;
19 
20 static const unsigned char k1[32] = {0};
21 static const unsigned char k2[32] = {0};
22 
23 static ChaCha20Poly1305AEAD aead(k1, 32, k2, 32);
24 
25 static void CHACHA20_POLY1305_AEAD(benchmark::State& state, size_t buffersize, bool include_decryption)
26 {
27  std::vector<unsigned char> in(buffersize + CHACHA20_POLY1305_AEAD_AAD_LEN + POLY1305_TAGLEN, 0);
28  std::vector<unsigned char> out(buffersize + CHACHA20_POLY1305_AEAD_AAD_LEN + POLY1305_TAGLEN, 0);
29  uint64_t seqnr_payload = 0;
30  uint64_t seqnr_aad = 0;
31  int aad_pos = 0;
32  uint32_t len = 0;
33  while (state.KeepRunning()) {
34  // encrypt or decrypt the buffer with a static key
35  assert(aead.Crypt(seqnr_payload, seqnr_aad, aad_pos, out.data(), out.size(), in.data(), buffersize, true));
36 
37  if (include_decryption) {
38  // if we decrypt, include the GetLength
39  assert(aead.GetLength(&len, seqnr_aad, aad_pos, in.data()));
40  assert(aead.Crypt(seqnr_payload, seqnr_aad, aad_pos, out.data(), out.size(), in.data(), buffersize, true));
41  }
42 
43  // increase main sequence number
44  seqnr_payload++;
45  // increase aad position (position in AAD keystream)
48  aad_pos = 0;
49  seqnr_aad++;
50  }
51  if (seqnr_payload + 1 == std::numeric_limits<uint64_t>::max()) {
52  // reuse of nonce+key is okay while benchmarking.
53  seqnr_payload = 0;
54  seqnr_aad = 0;
55  aad_pos = 0;
56  }
57  }
58 }
59 
61 {
63 }
64 
66 {
68 }
69 
71 {
73 }
74 
76 {
78 }
79 
81 {
83 }
84 
86 {
88 }
89 
90 // Add Hash() (dbl-sha256) bench for comparison
91 
92 static void HASH(benchmark::State& state, size_t buffersize)
93 {
94  uint8_t hash[CHash256::OUTPUT_SIZE];
95  std::vector<uint8_t> in(buffersize,0);
96  while (state.KeepRunning())
97  CHash256().Write(in.data(), in.size()).Finalize(hash);
98 }
99 
100 static void HASH_64BYTES(benchmark::State& state)
101 {
102  HASH(state, BUFFER_SIZE_TINY);
103 }
104 
105 static void HASH_256BYTES(benchmark::State& state)
106 {
107  HASH(state, BUFFER_SIZE_SMALL);
108 }
109 
110 static void HASH_1MB(benchmark::State& state)
111 {
112  HASH(state, BUFFER_SIZE_LARGE);
113 }
114 
121 BENCHMARK(HASH_64BYTES, 500000);
122 BENCHMARK(HASH_256BYTES, 250000);
123 BENCHMARK(HASH_1MB, 340);
#define POLY1305_TAGLEN
Definition: poly1305.h:12
static void HASH_256BYTES(benchmark::State &state)
static void CHACHA20_POLY1305_AEAD_64BYTES_ONLY_ENCRYPT(benchmark::State &state)
bool GetLength(uint32_t *len24_out, uint64_t seqnr_aad, int aad_pos, const uint8_t *ciphertext)
decrypts the 3 bytes AAD data and decodes it into a uint32_t field
static void HASH(benchmark::State &state, size_t buffersize)
CHash256 & Write(const unsigned char *data, size_t len)
Definition: hash.h:34
static constexpr uint64_t BUFFER_SIZE_LARGE
static const unsigned char k2[32]
static void CHACHA20_POLY1305_AEAD_1MB_ONLY_ENCRYPT(benchmark::State &state)
bool KeepRunning()
Definition: bench.h:70
A hasher class for Bitcoin&#39;s 256-bit hash (double SHA-256).
Definition: hash.h:22
static void CHACHA20_POLY1305_AEAD_64BYTES_ENCRYPT_DECRYPT(benchmark::State &state)
static void CHACHA20_POLY1305_AEAD_1MB_ENCRYPT_DECRYPT(benchmark::State &state)
BENCHMARK(CHACHA20_POLY1305_AEAD_64BYTES_ONLY_ENCRYPT, 500000)
static constexpr int CHACHA20_POLY1305_AEAD_AAD_LEN
bool Crypt(uint64_t seqnr_payload, uint64_t seqnr_aad, int aad_pos, unsigned char *dest, size_t dest_len, const unsigned char *src, size_t src_len, bool is_encrypt)
Encrypts/decrypts a packet seqnr_payload, the message sequence number seqnr_aad, the messages AAD seq...
static const unsigned char k1[32]
static void CHACHA20_POLY1305_AEAD_256BYTES_ONLY_ENCRYPT(benchmark::State &state)
static void HASH_64BYTES(benchmark::State &state)
static void HASH_1MB(benchmark::State &state)
static void CHACHA20_POLY1305_AEAD_256BYTES_ENCRYPT_DECRYPT(benchmark::State &state)
static constexpr uint64_t BUFFER_SIZE_SMALL
static void CHACHA20_POLY1305_AEAD(benchmark::State &state, size_t buffersize, bool include_decryption)
static const size_t OUTPUT_SIZE
Definition: hash.h:26
static ChaCha20Poly1305AEAD aead(k1, 32, k2, 32)
static constexpr uint64_t BUFFER_SIZE_TINY
static constexpr int CHACHA20_ROUND_OUTPUT