test(aead): Sample fragment sizes in AEAD record tests#5851
Open
alexw91 wants to merge 3 commits into
Open
Conversation
The AEAD record encryption tests iterated over every fragment size from 0 to S2N_SMALL_FRAGMENT_LENGTH + 1 (1437 iterations) and for each size ran inner tamper-detection loops that scaled linearly with the payload. This quadratic structure made the tests dominate unit test iteration time without providing meaningfully better coverage than sampling representative sizes. Replace the exhaustive outer loop with a fixed set of 33 fragment sizes covering the boundaries that actually matter: all sizes 0-8, values around each power of two through 1024, and the fragment length limit (max-1, max, max+1). Runtime on an M4 MacBook Pro: - s2n_aead_aes_test: 232.37s -> 5.10s (~45x faster) - s2n_aead_chacha20_poly1305_test: 121.70s -> 3.28s (~37x faster) Both tests now comfortably meet the sub-20s target. Refs: aws#5704
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Goal
Reduce the runtime of the two slowest s2n-tls unit tests,
s2n_aead_aes_testands2n_aead_chacha20_poly1305_test.Why
See: #5704
These two tests dominated local unit test iteration time on developer machines:
s2n_aead_aes_test: 232.37 secs2n_aead_chacha20_poly1305_test: 121.70 secBoth tests iterated over every fragment size from
0toS2N_SMALL_FRAGMENT_LENGTH + 1(1437 iterations), and for each size ran inner tamper-detection loops that scaled linearly with the payload size. This quadratic structure made them the longest-running unit tests in the suite without providing meaningfully better coverage than sampling representative sizes would.Before this change:
After this change:
Runtime comparison:
s2n_aead_aes_tests2n_aead_chacha20_poly1305_testHow
Replace the exhaustive
for (size_t i = 0; i <= max_fragment + 1; i++)outer loop in both test files with iteration over a fixed set of 33 fragment sizes chosen to cover the boundaries that actually matter:The inner tamper-detection and validation logic is unchanged. The AES test still covers both AES128-GCM and AES256-GCM; the ChaCha20-Poly1305 test is unchanged in scope.
Callouts
for (j = 0; j < i; j++)) are still O(N) per outer iteration. That's why the max-fragment case (size 1435) still dominates the remaining runtime.Testing
Ran unit tests locally on an M4 MacBook Pro. Both tests pass, and all other unit tests continue to pass.
Related
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.