Mirage_crypto.Block.ECB with {de,en}crypt_into

hannesm · hannesm · commit 8df75845c58e · 2024-06-07T11:15:45.000+02:00
Also provide unsafe_{en,de}crypt_into for further performance.
diff --git a/bench/speed.ml b/bench/speed.ml
@@ -45,6 +45,15 @@ let throughput title f =
     Printf.printf "    % 5d:  %04f MB/s  (%d iters in %.03f s)\n%!"
       size (bw /. mb) iters time
 
+let throughput_into title f =
+  Printf.printf "\n* [%s]\n%!" title ;
+  sizes |> List.iter @@ fun size ->
+    Gc.full_major () ;
+    let dst = Bytes.create size in
+    let (iters, time, bw) = burn (f dst) size in
+    Printf.printf "    % 5d:  %04f MB/s  (%d iters in %.03f s)\n%!"
+      size (bw /. mb) iters time
+
 let count_period = 10.
 
 let count f n =
@@ -353,7 +362,13 @@ let benchmarks = [
 
   bm "aes-128-ecb" (fun name ->
     let key = AES.ECB.of_secret (Mirage_crypto_rng.generate 16) in
-    throughput name (fun cs -> AES.ECB.encrypt ~key cs)) ;
+    throughput_into name
+      (fun dst cs -> AES.ECB.encrypt_into ~key cs ~src_off:0 dst ~dst_off:0 (String.length cs))) ;
+
+  bm "aes-128-ecb-unsafe" (fun name ->
+    let key = AES.ECB.of_secret (Mirage_crypto_rng.generate 16) in
+    throughput_into name
+      (fun dst cs -> AES.ECB.unsafe_encrypt_into ~key cs ~src_off:0 dst ~dst_off:0 (String.length cs))) ;
 
   bm "aes-128-cbc-e" (fun name ->
     let key = AES.CBC.of_secret (Mirage_crypto_rng.generate 16)
diff --git a/src/cipher_block.ml b/src/cipher_block.ml
@@ -28,6 +28,10 @@ module Block = struct
     val block_size : int
     val encrypt : key:key -> string -> string
     val decrypt : key:key -> string -> string
+    val encrypt_into : key:key -> string -> src_off:int -> bytes -> dst_off:int -> int -> unit
+    val decrypt_into : key:key -> string -> src_off:int -> bytes -> dst_off:int -> int -> unit
+    val unsafe_encrypt_into : key:key -> string -> src_off:int -> bytes -> dst_off:int -> int -> unit
+    val unsafe_decrypt_into : key:key -> string -> src_off:int -> bytes -> dst_off:int -> int -> unit
   end
 
   module type CBC = sig
@@ -135,17 +139,43 @@ module Modes = struct
 
     let of_secret = Core.of_secret
 
-    let (encrypt, decrypt) =
-      let ecb xform key src =
-        let n = String.length src in
-        if n mod block_size <> 0 then invalid_arg "ECB: length %u" n;
-        let dst = Bytes.create n in
-        xform ~key ~blocks:(n / block_size) src 0 dst 0 ;
-        Bytes.unsafe_to_string dst
-      in
-      (fun ~key:(key, _) src -> ecb Core.encrypt key src),
-      (fun ~key:(_, key) src -> ecb Core.decrypt key src)
+    let unsafe_ecb xform key src src_off dst dst_off len =
+      xform ~key ~blocks:(len / block_size) src src_off dst dst_off
+
+    let ecb xform key src src_off dst dst_off len =
+      if len mod block_size <> 0 then
+        invalid_arg "ECB: length %u not of block size" len;
+      if String.length src - src_off < len then
+        invalid_arg "ECB: source length %u - src_off %u < len %u"
+          (String.length src) src_off len;
+      if Bytes.length dst - dst_off < len then
+        invalid_arg "ECB: dst length %u - dst_off %u < len %u"
+          (Bytes.length dst) dst_off len;
+      unsafe_ecb xform key src src_off dst dst_off len
+
+    let encrypt_into ~key:(key, _) src ~src_off dst ~dst_off len =
+      ecb Core.encrypt key src src_off dst dst_off len
+
+    let unsafe_encrypt_into ~key:(key, _) src ~src_off dst ~dst_off len =
+      unsafe_ecb Core.encrypt key src src_off dst dst_off len
+
+    let decrypt_into ~key:(_, key) src ~src_off dst ~dst_off len =
+      ecb Core.decrypt key src src_off dst dst_off len
 
+    let unsafe_decrypt_into ~key:(_, key) src ~src_off dst ~dst_off len =
+      ecb Core.decrypt key src src_off dst dst_off len
+
+    let encrypt ~key src =
+      let len = String.length src in
+      let dst = Bytes.create len in
+      encrypt_into ~key src ~src_off:0 dst ~dst_off:0 len;
+      Bytes.unsafe_to_string dst
+
+    let decrypt ~key src =
+      let len = String.length src in
+      let dst = Bytes.create len in
+      decrypt_into ~key src ~src_off:0 dst ~dst_off:0 len;
+      Bytes.unsafe_to_string dst
   end
 
   module CBC_of (Core : Block.Core) : Block.CBC = struct
diff --git a/src/mirage_crypto.mli b/src/mirage_crypto.mli
@@ -158,12 +158,70 @@ module Block : sig
   module type ECB = sig
 
     type key
+
     val of_secret : string -> key
+    (** Construct the encryption key corresponding to [secret].
+
+        @raise Invalid_argument if the length of [secret] is not in
+        {{!key_sizes}[key_sizes]}. *)
 
     val key_sizes  : int array
+    (** Key sizes allowed with this cipher. *)
+
     val block_size : int
+    (** The size of a single block. *)
+
     val encrypt : key:key -> string -> string
+    (** [encrypt ~key src] encrypts [src] into a freshly allocated buffer of the
+        same size using [key].
+
+        @raise Invalid_argument if the length of [src] is not a multiple of
+        {!block_size}. *)
+
     val decrypt : key:key -> string -> string
+    (** [decrypt ~key src] decrypts [src] into a freshly allocated buffer of the
+        same size using [key].
+
+        @raise Invalid_argument if the length of [src] is not a multiple of
+        {!block_size}. *)
+
+    val encrypt_into : key:key -> string -> src_off:int -> bytes -> dst_off:int -> int -> unit
+    (** [encrypt_into ~key src ~src_off dst dst_off len] encrypts [len] octets
+        from [src] starting at [src_off] into [dst] starting at [dst_off].
+
+        @raise Invalid_argument if [len] is not a multiple of {!block_size}.
+        @raise Invalid_argument if [String.length src - src_off < len].
+        @raise Invalid_argument if [Bytes.length dst - dst_off < len]. *)
+
+    val decrypt_into : key:key -> string -> src_off:int -> bytes -> dst_off:int -> int -> unit
+    (** [decrypt_into ~key src ~src_off dst dst_off len] decrypts [len] octets
+        from [src] starting at [src_off] into [dst] starting at [dst_off].
+
+        @raise Invalid_argument if [len] is not a multiple of {!block_size}.
+        @raise Invalid_argument if [String.length src - src_off < len].
+        @raise Invalid_argument if [Bytes.length dst - dst_off < len]. *)
+
+    (**/**)
+    val unsafe_encrypt_into : key:key -> string -> src_off:int -> bytes -> dst_off:int -> int -> unit
+    (** [unsafe_encrypt_into ~key src ~src_off dst dst_off len] encrypts [len]
+        octets from [src] starting at [src_off] into [dst] starting at
+        [dst_off]. Since buffer lengths and block sizes are not checked, this
+        may cause memory issues if an invariant is violated:
+        {ul
+        {- [len] must be a multiple of {!block_size},}
+        {- [String.length src - src_off >= len],}
+        {- [Bytes.length dst - dst_off >= len].}} *)
+
+    val unsafe_decrypt_into : key:key -> string -> src_off:int -> bytes -> dst_off:int -> int -> unit
+    (** [unsafe_decrypt_into ~key src ~src_off dst dst_off len] decrypts [len]
+        octets from [src] starting at [src_off] into [dst] starting at
+        [dst_off]. Since buffer lengths and block sizes are not checked, this
+        may cause memory issues if an invariant is violated:
+        {ul
+        {- [len] must be a multiple of {!block_size},}
+        {- [String.length src - src_off >= len],}
+        {- [Bytes.length dst - dst_off >= len].}} *)
+    (**/**)
   end
 
   (** {e Cipher-block chaining} mode. *)
