AES-C | A C implementation of AES got from OpenSSL | Encryption library

You cannot use a password as a key this way. If you have a human-typable password (such as "key"), you need to convert that to a key using a PBKDF such as PBKDF2. See http://bxr.su/OpenBSD/lib/libutil/pkcs5_pbkdf2.c#77 for an example implementation in C and https://en.wikipedia.org/wiki/PBKDF2 for a description of the algorithm.

In your code, the key you're using is 0x6b 0x65 0x79 0x00 ("key\0") followed by some number of semi-random garbage bytes that happened to be after argv[1] in memory. That's why you get different results every time. (The number of garbage bytes depends on what key size you compiled into Tiny AES. The default key size is 128 bits, so it'll pick up 12 bytes of garbage data.)

Also, even with a proper key, the output content will be unprintable. It will be a series of bytes with values between 0 and 255. Many of those values cannot be printed on a terminal, and as you've written it, you'll keep printing until you find the first zero (which will be at a random location, possibly somewhere inside the ciphertext, possibly after it). In order to print cipher text, you need to encode it somehow, such as Base64 or Hex. Tiny AES has no features for any of this; that's part of why it's so tiny. It just does the most basic AES encryption and decryption. Everything else is up to you.

As @stefan said in the comments, it's just a typo: use fill = Tasks, not Fill.

Changing that fixes the problem immediately.

This type of data is commonly called "additional authenticated data" (AAD). It will be included in the calculation of the authentication tag, but not encrypted (resp. decrypted).

You can use the ProcessAadBytes (also ProcessAadByte) method to provide this type of input to CcmBlockCipher. Note that there is no output buffer for these methods because the cipher doesn't consider AAD part of its "stream".

So in your case, for "encryption", with no actual data to encrypt, you just add all the plaintext using ProcessAadBytes and then call DoFinal to get the output, which will consist only of the authentication tag. If you need to send the plaintext also, you have to arrange that yourself.

Similarly for decryption, CcmBlockCipher does not consider the AAD as part of its usual input; it should be added using ProcessAadBytes, followed by a DoFinal that consists of just the tag in your case.

finaly find the solution: this command added text watermark to encrypted file and show it during playtime

Unlike ECB, CBC does require an initialization vector. As the documentation says:

If [iv argument] not provided, a random byte string is generated (you must then read its value with the iv attribute).

To apply that to your code:

You can use async & await as below

here one i just finished for AES-CBC-256 from a password using PBKdf2, this is using the Web crypto api https://developer.mozilla.org/en-US/docs/Web/API/Web_Crypto_API

not what you are looking for exactly but it might help with direction, remove importKey from below and read up on https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/generateKey

Based on the logs and live to debug it is concluded the performance is in line with the expected values of both SW and HW. Following are the reasons variation

1. QAT HW crypto is done on Xeon cascade lake cores
2. SW Crypto is run on corei7 11th gen platform
3. Core clocks on corei7 goes up to 5Ghz with turbo boost
4. HW crypto is run with CPU cores from remote NUMA
5. HW crypto is limited with memory controller to use with -n 4
6. HW crypto runs for a total of 30000000 and SW crypto is run for 10000000
7. HW crypto devices are 3 but lcores passed is 5 causing 2 lcores to share the same HW.
8. HW crypto is done over 3 VF hence total capacity should be summed up rather than individual results.

With these the right command to use is

HW: ./dpdk-test-crypto-perf --socket-mem 2048,1 --legacy-mem -l 4,6 -w 0000:3d:01.0 -- --buffer-sz 64,128,256,512,1024,2048 --optype cipher-then-auth --ptest throughput --auth-key-sz 64 --cipher-key-sz 16 --cipher-iv-sz 16 --auth-op generate --burst-sz 32 --total-ops 30000000 --silent --digest-sz 20 --auth-algo sha1-hmac --cipher-algo aes-cbc --cipher-op encrypt --devtype crypto_qat

SW: ./dpdk-test-crypto-perf --socket-mem 2048,1 --legacy-mem -l 4,6 --vdev crypto_aesni_mb_pmd_1 -a 0000:00:00.0 -- --buffer-sz 64,128,256,512,1024,2048 --optype cipher-then-auth --ptest throughput --auth-key-sz 64 --cipher-key-sz 16 --cipher-iv-sz 16 --auth-op generate --burst-sz 32 --total-ops 30000000 --silent --digest-sz 20 --auth-algo sha1-hmac --cipher-algo aes-cbc --cipher-op encrypt --devtype crypto_aesni_mb

for 64B on Xeon (3.1Ghz) we were able to get 3.2Gbps, while corei7 (5Ghz) with SW was able to get 4.2Gbps. with 2048B HW on Xeon were able to achieve 50Gbps while SW 19.2Gbps.

Note: in Xeon there are drops for enqueue and dequeue, which can be reduced with platform and BIOS settings further.

The reason is you are using StreamWriter, which is intended to write text into the stream, but then you write raw bytes there: