projects / BearSSL / blob
? search:


5e177144e9cfe4ef5367c266004a3029f78e6a93
[BearSSL] / test / test_speed.c
1 /*
2 * Copyright (c) 2016 Thomas Pornin <pornin@bolet.org>
3 *
4 * Permission is hereby granted, free of charge, to any person obtaining
5 * a copy of this software and associated documentation files (the
6 * "Software"), to deal in the Software without restriction, including
7 * without limitation the rights to use, copy, modify, merge, publish,
8 * distribute, sublicense, and/or sell copies of the Software, and to
9 * permit persons to whom the Software is furnished to do so, subject to
10 * the following conditions:
11 *
12 * The above copyright notice and this permission notice shall be
13 * included in all copies or substantial portions of the Software.
14 *
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
16 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
17 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
18 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
19 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
20 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
21 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
22 * SOFTWARE.
23 */
24
25 #include <stdio.h>
26 #include <stdlib.h>
27 #include <string.h>
28 #include <time.h>
29 #include "inner.h"
30
31 #define HASH_SIZE(cname) br_ ## cname ## _SIZE
32
33 #define SPEED_HASH(Name, cname) \
34 static void \
35 test_speed_ ## cname(void) \
36 { \
37 unsigned char buf[8192]; \
38 unsigned char tmp[HASH_SIZE(cname)]; \
39 br_ ## cname ## _context mc; \
40 int i; \
41 long num; \
42 \
43 memset(buf, 'T', sizeof buf); \
44 for (i = 0; i < 10; i ++) { \
45 br_ ## cname ## _init(&mc); \
46 br_ ## cname ## _update(&mc, buf, sizeof buf); \
47 br_ ## cname ## _out(&mc, tmp); \
48 } \
49 num = 10; \
50 for (;;) { \
51 clock_t begin, end; \
52 double tt; \
53 long k; \
54 \
55 br_ ## cname ## _init(&mc); \
56 begin = clock(); \
57 for (k = num; k > 0; k --) { \
58 br_ ## cname ## _update(&mc, buf, sizeof buf); \
59 } \
60 end = clock(); \
61 br_ ## cname ## _out(&mc, tmp); \
62 tt = (double)(end - begin) / CLOCKS_PER_SEC; \
63 if (tt >= 2.0) { \
64 printf("%-30s %8.2f MB/s\n", #Name, \
65 ((double)sizeof buf) * (double)num \
66 / (tt * 1000000.0)); \
67 fflush(stdout); \
68 return; \
69 } \
70 num <<= 1; \
71 } \
72 }
73
74 #define BLOCK_SIZE(cname) br_ ## cname ## _BLOCK_SIZE
75
76 #define SPEED_BLOCKCIPHER_CBC(Name, fname, cname, klen, dir) \
77 static void \
78 test_speed_ ## fname(void) \
79 { \
80 unsigned char key[klen]; \
81 unsigned char buf[8192 - (8192 % BLOCK_SIZE(cname))]; \
82 unsigned char iv[BLOCK_SIZE(cname)]; \
83 const br_block_cbc ## dir ## _class *vt; \
84 br_ ## cname ## _cbc ## dir ## _keys ec; \
85 int i; \
86 long num; \
87 \
88 memset(key, 'T', sizeof key); \
89 memset(buf, 'P', sizeof buf); \
90 memset(iv, 'X', sizeof iv); \
91 vt = &br_ ## cname ## _cbc ## dir ## _vtable; \
92 for (i = 0; i < 10; i ++) { \
93 vt->init(&ec.vtable, key, sizeof key); \
94 vt->run(&ec.vtable, iv, buf, sizeof buf); \
95 } \
96 num = 10; \
97 for (;;) { \
98 clock_t begin, end; \
99 double tt; \
100 long k; \
101 \
102 vt->init(&ec.vtable, key, sizeof key); \
103 begin = clock(); \
104 for (k = num; k > 0; k --) { \
105 vt->run(&ec.vtable, iv, buf, sizeof buf); \
106 } \
107 end = clock(); \
108 tt = (double)(end - begin) / CLOCKS_PER_SEC; \
109 if (tt >= 2.0) { \
110 printf("%-30s %8.2f MB/s\n", #Name, \
111 ((double)sizeof buf) * (double)num \
112 / (tt * 1000000.0)); \
113 fflush(stdout); \
114 return; \
115 } \
116 num <<= 1; \
117 } \
118 }
119
120 #define SPEED_BLOCKCIPHER_CTR(Name, fname, cname, klen) \
121 static void \
122 test_speed_ ## fname(void) \
123 { \
124 unsigned char key[klen]; \
125 unsigned char buf[8192 - (8192 % BLOCK_SIZE(cname))]; \
126 unsigned char iv[BLOCK_SIZE(cname) - 4]; \
127 const br_block_ctr_class *vt; \
128 br_ ## cname ## _ctr_keys ec; \
129 int i; \
130 long num; \
131 \
132 memset(key, 'T', sizeof key); \
133 memset(buf, 'P', sizeof buf); \
134 memset(iv, 'X', sizeof iv); \
135 vt = &br_ ## cname ## _ctr_vtable; \
136 for (i = 0; i < 10; i ++) { \
137 vt->init(&ec.vtable, key, sizeof key); \
138 vt->run(&ec.vtable, iv, 1, buf, sizeof buf); \
139 } \
140 num = 10; \
141 for (;;) { \
142 clock_t begin, end; \
143 double tt; \
144 long k; \
145 \
146 vt->init(&ec.vtable, key, sizeof key); \
147 begin = clock(); \
148 for (k = num; k > 0; k --) { \
149 vt->run(&ec.vtable, iv, 1, buf, sizeof buf); \
150 } \
151 end = clock(); \
152 tt = (double)(end - begin) / CLOCKS_PER_SEC; \
153 if (tt >= 2.0) { \
154 printf("%-30s %8.2f MB/s\n", #Name, \
155 ((double)sizeof buf) * (double)num \
156 / (tt * 1000000.0)); \
157 fflush(stdout); \
158 return; \
159 } \
160 num <<= 1; \
161 } \
162 }
163
164 #define SPEED_CHACHA20(Name, fname) \
165 static void \
166 test_speed_ ## fname(void) \
167 { \
168 unsigned char key[32]; \
169 unsigned char buf[8192]; \
170 unsigned char iv[12]; \
171 int i; \
172 long num; \
173 \
174 memset(key, 'T', sizeof key); \
175 memset(buf, 'P', sizeof buf); \
176 memset(iv, 'X', sizeof iv); \
177 for (i = 0; i < 10; i ++) { \
178 br_ ## fname ## _run(key, iv, i, buf, sizeof buf); \
179 } \
180 num = 10; \
181 for (;;) { \
182 clock_t begin, end; \
183 double tt; \
184 long k; \
185 \
186 begin = clock(); \
187 for (k = num; k > 0; k --) { \
188 br_ ## fname ## _run(key, iv, \
189 (uint32_t)k, buf, sizeof buf); \
190 } \
191 end = clock(); \
192 tt = (double)(end - begin) / CLOCKS_PER_SEC; \
193 if (tt >= 2.0) { \
194 printf("%-30s %8.2f MB/s\n", #Name, \
195 ((double)sizeof buf) * (double)num \
196 / (tt * 1000000.0)); \
197 fflush(stdout); \
198 return; \
199 } \
200 num <<= 1; \
201 } \
202 }
203
204 SPEED_HASH(MD5, md5)
205 SPEED_HASH(SHA-1, sha1)
206 SPEED_HASH(SHA-256, sha256)
207 SPEED_HASH(SHA-512, sha512)
208
209 #define SPEED_AES(iname) \
210 SPEED_BLOCKCIPHER_CBC(AES-128 CBC encrypt (iname), aes128_ ## iname ## _cbcenc, aes_ ## iname, 16, enc) \
211 SPEED_BLOCKCIPHER_CBC(AES-128 CBC decrypt (iname), aes128_ ## iname ## _cbcdec, aes_ ## iname, 16, dec) \
212 SPEED_BLOCKCIPHER_CBC(AES-192 CBC encrypt (iname), aes192_ ## iname ## _cbcenc, aes_ ## iname, 24, enc) \
213 SPEED_BLOCKCIPHER_CBC(AES-192 CBC decrypt (iname), aes192_ ## iname ## _cbcdec, aes_ ## iname, 24, dec) \
214 SPEED_BLOCKCIPHER_CBC(AES-256 CBC encrypt (iname), aes256_ ## iname ## _cbcenc, aes_ ## iname, 32, enc) \
215 SPEED_BLOCKCIPHER_CBC(AES-256 CBC decrypt (iname), aes256_ ## iname ## _cbcdec, aes_ ## iname, 32, dec) \
216 SPEED_BLOCKCIPHER_CTR(AES-128 CTR (iname), aes128_ ## iname ## _ctr, aes_ ## iname, 16) \
217 SPEED_BLOCKCIPHER_CTR(AES-192 CTR (iname), aes192_ ## iname ## _ctr, aes_ ## iname, 24) \
218 SPEED_BLOCKCIPHER_CTR(AES-256 CTR (iname), aes256_ ## iname ## _ctr, aes_ ## iname, 32)
219
220 SPEED_AES(big)
221 SPEED_AES(small)
222 SPEED_AES(ct)
223 SPEED_AES(ct64)
224
225 #define SPEED_DES(iname) \
226 SPEED_BLOCKCIPHER_CBC(DES CBC encrypt (iname), des_ ## iname ## _cbcenc, des_ ## iname, 8, enc) \
227 SPEED_BLOCKCIPHER_CBC(DES CBC decrypt (iname), des_ ## iname ## _cbcdec, des_ ## iname, 8, dec) \
228 SPEED_BLOCKCIPHER_CBC(3DES CBC encrypt (iname), 3des_ ## iname ## _cbcenc, des_ ## iname, 24, enc) \
229 SPEED_BLOCKCIPHER_CBC(3DES CBC decrypt (iname), 3des_ ## iname ## _cbcdec, des_ ## iname, 24, dec)
230
231 SPEED_DES(tab)
232 SPEED_DES(ct)
233
234 SPEED_CHACHA20(ChaCha20, chacha20_ct)
235
236 static void
237 test_speed_ghash_inner(char *name, br_ghash gh)
238 {
239 unsigned char buf[8192], h[16], y[16];
240 int i;
241 long num;
242
243 memset(buf, 'T', sizeof buf);
244 memset(h, 'P', sizeof h);
245 memset(y, 0, sizeof y);
246 for (i = 0; i < 10; i ++) {
247 gh(y, h, buf, sizeof buf);
248 }
249 num = 10;
250 for (;;) {
251 clock_t begin, end;
252 double tt;
253 long k;
254
255 begin = clock();
256 for (k = num; k > 0; k --) {
257 gh(y, h, buf, sizeof buf);
258 }
259 end = clock();
260 tt = (double)(end - begin) / CLOCKS_PER_SEC;
261 if (tt >= 2.0) {
262 printf("%-30s %8.2f MB/s\n", name,
263 ((double)sizeof buf) * (double)num
264 / (tt * 1000000.0));
265 fflush(stdout);
266 return;
267 }
268 num <<= 1;
269 }
270 }
271
272 static void
273 test_speed_ghash_ctmul(void)
274 {
275 test_speed_ghash_inner("GHASH (ctmul)", &br_ghash_ctmul);
276 }
277
278 static void
279 test_speed_ghash_ctmul32(void)
280 {
281 test_speed_ghash_inner("GHASH (ctmul32)", &br_ghash_ctmul32);
282 }
283
284 static void
285 test_speed_ghash_ctmul64(void)
286 {
287 test_speed_ghash_inner("GHASH (ctmul64)", &br_ghash_ctmul64);
288 }
289
290 static uint32_t
291 fake_chacha20(const void *key, const void *iv,
292 uint32_t cc, void *data, size_t len)
293 {
294 (void)key;
295 (void)iv;
296 (void)data;
297 (void)len;
298 return cc + (uint32_t)((len + 63) >> 6);
299 }
300
301 /*
302 * To speed-test Poly1305, we run it with a do-nothing stub instead of
303 * ChaCha20.
304 */
305 static void
306 test_speed_poly1305_inner(char *name, br_poly1305_run pl)
307 {
308 unsigned char buf[8192], key[32], iv[12], aad[13], tag[16];
309 int i;
310 long num;
311
312 memset(key, 'K', sizeof key);
313 memset(iv, 'I', sizeof iv);
314 memset(aad, 'A', sizeof aad);
315 memset(buf, 'T', sizeof buf);
316 for (i = 0; i < 10; i ++) {
317 pl(key, iv, buf, sizeof buf,
318 aad, sizeof aad, tag, &fake_chacha20, 0);
319 }
320 num = 10;
321 for (;;) {
322 clock_t begin, end;
323 double tt;
324 long k;
325
326 begin = clock();
327 for (k = num; k > 0; k --) {
328 pl(key, iv, buf, sizeof buf,
329 aad, sizeof aad, tag, &fake_chacha20, 0);
330 }
331 end = clock();
332 tt = (double)(end - begin) / CLOCKS_PER_SEC;
333 if (tt >= 2.0) {
334 printf("%-30s %8.2f MB/s\n", name,
335 ((double)sizeof buf) * (double)num
336 / (tt * 1000000.0));
337 fflush(stdout);
338 return;
339 }
340 num <<= 1;
341 }
342 }
343
344 static void
345 test_speed_poly1305_ctmul(void)
346 {
347 test_speed_poly1305_inner("Poly1305 (ctmul)", &br_poly1305_ctmul_run);
348 }
349
350 static const unsigned char RSA_N[] = {
351 0xE9, 0xF2, 0x4A, 0x2F, 0x96, 0xDF, 0x0A, 0x23,
352 0x01, 0x85, 0xF1, 0x2C, 0xB2, 0xA8, 0xEF, 0x23,
353 0xCE, 0x2E, 0xB0, 0x4E, 0x18, 0x31, 0x95, 0x5B,
354 0x98, 0x2D, 0x9B, 0x8C, 0xE3, 0x1A, 0x2B, 0x96,
355 0xB5, 0xC7, 0xEE, 0xED, 0x72, 0x43, 0x2D, 0xFE,
356 0x7F, 0x61, 0x33, 0xEA, 0x14, 0xFC, 0xDE, 0x80,
357 0x17, 0x42, 0xF0, 0xF3, 0xC3, 0xC7, 0x89, 0x47,
358 0x76, 0x5B, 0xFA, 0x33, 0xC4, 0x8C, 0x94, 0xDE,
359 0x6A, 0x75, 0xD8, 0x1A, 0xF4, 0x49, 0xBC, 0xF3,
360 0xB7, 0x9E, 0x2C, 0x8D, 0xEC, 0x5A, 0xEE, 0xBF,
361 0x4B, 0x5A, 0x7F, 0xEF, 0x21, 0x39, 0xDB, 0x1D,
362 0x83, 0x5E, 0x7E, 0x2F, 0xAA, 0x5E, 0xBA, 0x28,
363 0xC3, 0xA2, 0x53, 0x19, 0xFB, 0x2F, 0x78, 0x6B,
364 0x14, 0x60, 0x49, 0x3C, 0xCC, 0x1B, 0xE9, 0x1E,
365 0x3D, 0x10, 0xA4, 0xEB, 0x7F, 0x66, 0x98, 0xF6,
366 0xC3, 0xAC, 0x35, 0xF5, 0x01, 0x84, 0xFF, 0x7D,
367 0x1F, 0x72, 0xBE, 0xB4, 0xD1, 0x89, 0xC8, 0xDD,
368 0x44, 0xE7, 0xB5, 0x2E, 0x2C, 0xE1, 0x85, 0xF5,
369 0x15, 0x50, 0xA9, 0x08, 0xC7, 0x67, 0xD9, 0x2B,
370 0x6C, 0x11, 0xB3, 0xEB, 0x28, 0x8D, 0xF4, 0xCC,
371 0xE3, 0xC3, 0xC5, 0x04, 0x0E, 0x7C, 0x8D, 0xDB,
372 0x39, 0x06, 0x6A, 0x74, 0x75, 0xDF, 0xA8, 0x0F,
373 0xDA, 0x67, 0x5A, 0x73, 0x1E, 0xFD, 0x8E, 0x4C,
374 0xEE, 0x17, 0xEE, 0x1E, 0x67, 0xDB, 0x98, 0x70,
375 0x60, 0xF7, 0xB9, 0xB5, 0x1F, 0x19, 0x93, 0xD6,
376 0x3F, 0x2F, 0x1F, 0xB6, 0x5B, 0x59, 0xAA, 0x85,
377 0xBB, 0x25, 0xE4, 0x13, 0xEF, 0xE7, 0xB9, 0x87,
378 0x9C, 0x3F, 0x5E, 0xE4, 0x08, 0xA3, 0x51, 0xCF,
379 0x8B, 0xAD, 0xF4, 0xE6, 0x1A, 0x5F, 0x51, 0xDD,
380 0xA8, 0xBE, 0xE8, 0xD1, 0x20, 0x19, 0x61, 0x6C,
381 0x18, 0xAB, 0xCA, 0x0A, 0xD9, 0x82, 0xA6, 0x94,
382 0xD5, 0x69, 0x2A, 0xF6, 0x43, 0x66, 0x31, 0x09
383 };
384
385 static const unsigned char RSA_E[] = {
386 0x01, 0x00, 0x01
387 };
388
389 static const unsigned char RSA_P[] = {
390 0xFD, 0x39, 0x40, 0x56, 0x20, 0x80, 0xC5, 0x81,
391 0x4C, 0x5F, 0x0C, 0x1A, 0x52, 0x84, 0x03, 0x2F,
392 0xCE, 0x82, 0xB0, 0xD8, 0x30, 0x23, 0x7F, 0x77,
393 0x45, 0xC2, 0x01, 0xC4, 0x68, 0x96, 0x0D, 0xA7,
394 0x22, 0xA9, 0x6C, 0xA9, 0x1A, 0x33, 0xE5, 0x2F,
395 0xB5, 0x07, 0x9A, 0xF9, 0xEA, 0x33, 0xA5, 0xC8,
396 0x96, 0x60, 0x6A, 0xCA, 0xEB, 0xE5, 0x6E, 0x09,
397 0x46, 0x7E, 0x2D, 0xEF, 0x93, 0x7D, 0x56, 0xED,
398 0x75, 0x70, 0x3B, 0x96, 0xC4, 0xD5, 0xDB, 0x0B,
399 0x3F, 0x69, 0xDF, 0x06, 0x18, 0x76, 0xF4, 0xCF,
400 0xF8, 0x84, 0x22, 0xDF, 0xBD, 0x71, 0x62, 0x7B,
401 0x67, 0x99, 0xBC, 0x09, 0x95, 0x54, 0xA4, 0x98,
402 0x83, 0xF5, 0xA9, 0xCF, 0x09, 0xA5, 0x1F, 0x61,
403 0x25, 0xB4, 0x70, 0x6C, 0x91, 0xB8, 0xB3, 0xD0,
404 0xCE, 0x9C, 0x45, 0x65, 0x9B, 0xEF, 0xD4, 0x70,
405 0xBE, 0x86, 0xD2, 0x98, 0x5D, 0xEB, 0xE3, 0xFF
406 };
407
408 static const unsigned char RSA_Q[] = {
409 0xEC, 0x82, 0xEE, 0x63, 0x5F, 0x40, 0x52, 0xDB,
410 0x38, 0x7A, 0x37, 0x6A, 0x54, 0x5B, 0xD9, 0xA0,
411 0x73, 0xB4, 0xBB, 0x52, 0xB2, 0x84, 0x07, 0xD0,
412 0xCC, 0x82, 0x0D, 0x20, 0xB3, 0xFA, 0xD5, 0xB6,
413 0x25, 0x92, 0x35, 0x4D, 0xB4, 0xC7, 0x36, 0x48,
414 0xCE, 0x5E, 0x21, 0x4A, 0xA6, 0x74, 0x65, 0xF4,
415 0x7D, 0x1D, 0xBC, 0x3B, 0xE2, 0xF4, 0x3E, 0x11,
416 0x58, 0x10, 0x6C, 0x04, 0x46, 0x9E, 0x8D, 0x57,
417 0xE0, 0x04, 0xE2, 0xEC, 0x47, 0xCF, 0xB3, 0x2A,
418 0xFD, 0x4C, 0x55, 0x18, 0xDB, 0xDE, 0x3B, 0xDC,
419 0xF4, 0x5B, 0xDA, 0xF3, 0x1A, 0xC8, 0x41, 0x6F,
420 0x73, 0x3B, 0xFE, 0x3C, 0xA0, 0xDB, 0xBA, 0x6E,
421 0x65, 0xA5, 0xE8, 0x02, 0xA5, 0x6C, 0xEA, 0x03,
422 0xF6, 0x99, 0xF7, 0xCB, 0x4B, 0xB7, 0x11, 0x51,
423 0x93, 0x88, 0x3F, 0xF9, 0x06, 0x85, 0xA9, 0x1E,
424 0xCA, 0x64, 0xF8, 0x11, 0xA5, 0x1A, 0xCA, 0xF7
425 };
426
427 static const unsigned char RSA_DP[] = {
428 0x77, 0x95, 0xE0, 0x02, 0x4C, 0x9B, 0x43, 0xAA,
429 0xCA, 0x4C, 0x60, 0xC4, 0xD5, 0x8F, 0x2E, 0x8A,
430 0x17, 0x36, 0xB5, 0x19, 0x83, 0xB2, 0x5F, 0xF2,
431 0x0D, 0xE9, 0x8F, 0x38, 0x18, 0x44, 0x34, 0xF2,
432 0x67, 0x76, 0x27, 0xB0, 0xBC, 0x85, 0x21, 0x89,
433 0x24, 0x2F, 0x11, 0x4B, 0x51, 0x05, 0x4F, 0x17,
434 0xA9, 0x9C, 0xA3, 0x12, 0x6D, 0xD1, 0x0D, 0xE4,
435 0x27, 0x7C, 0x53, 0x69, 0x3E, 0xF8, 0x04, 0x63,
436 0x64, 0x00, 0xBA, 0xC3, 0x7A, 0xF5, 0x9B, 0xDA,
437 0x75, 0xFA, 0x23, 0xAF, 0x17, 0x42, 0xA6, 0x5E,
438 0xC8, 0xF8, 0x6E, 0x17, 0xC7, 0xB9, 0x92, 0x4E,
439 0xC1, 0x20, 0x63, 0x23, 0x0B, 0x78, 0xCB, 0xBA,
440 0x93, 0x27, 0x23, 0x28, 0x79, 0x5F, 0x97, 0xB0,
441 0x23, 0x44, 0x51, 0x8B, 0x94, 0x4D, 0xEB, 0xED,
442 0x82, 0x85, 0x5E, 0x68, 0x9B, 0xF9, 0xE9, 0x13,
443 0xCD, 0x86, 0x92, 0x52, 0x0E, 0x98, 0xE6, 0x35
444 };
445
446 static const unsigned char RSA_DQ[] = {
447 0xD8, 0xDD, 0x71, 0xB3, 0x62, 0xBA, 0xBB, 0x7E,
448 0xD1, 0xF9, 0x96, 0xE8, 0x83, 0xB3, 0xB9, 0x08,
449 0x9C, 0x30, 0x03, 0x77, 0xDF, 0xC2, 0x9A, 0xDC,
450 0x05, 0x39, 0xD6, 0xC9, 0xBE, 0xDE, 0x68, 0xA9,
451 0xDD, 0x27, 0x84, 0x82, 0xDD, 0x19, 0xB1, 0x97,
452 0xEE, 0xCA, 0x77, 0x22, 0x59, 0x20, 0xEF, 0xFF,
453 0xCF, 0xDD, 0xBD, 0x24, 0xF8, 0x84, 0xD6, 0x88,
454 0xD6, 0xC4, 0x30, 0x17, 0x77, 0x9D, 0x98, 0xA3,
455 0x14, 0x01, 0xC7, 0x05, 0xBB, 0x0F, 0x23, 0x0D,
456 0x6F, 0x37, 0x57, 0xEC, 0x34, 0x67, 0x41, 0x62,
457 0xE8, 0x19, 0x75, 0xD9, 0x66, 0x1C, 0x6B, 0x8B,
458 0xC3, 0x11, 0x26, 0x9C, 0xF7, 0x2E, 0xA3, 0x72,
459 0xE8, 0xF7, 0xC8, 0x96, 0xEC, 0x92, 0xC2, 0xBD,
460 0xA1, 0x98, 0x2A, 0x93, 0x99, 0xB8, 0xA2, 0x43,
461 0xB7, 0xD0, 0xBE, 0x40, 0x1C, 0x8F, 0xE0, 0xB4,
462 0x20, 0x07, 0x97, 0x43, 0xAE, 0xAD, 0xB3, 0x9F
463 };
464
465 static const unsigned char RSA_IQ[] = {
466 0xB7, 0xE2, 0x60, 0xA9, 0x62, 0xEC, 0xEC, 0x0B,
467 0x57, 0x02, 0x96, 0xF9, 0x36, 0x35, 0x2C, 0x37,
468 0xAF, 0xC2, 0xEE, 0x71, 0x49, 0x26, 0x8E, 0x0F,
469 0x27, 0xB1, 0xFA, 0x0F, 0xEA, 0xDC, 0xF0, 0x8B,
470 0x53, 0x6C, 0xB2, 0x46, 0x27, 0xCD, 0x29, 0xA2,
471 0x35, 0x0F, 0x5D, 0x8A, 0x3F, 0x20, 0x8C, 0x13,
472 0x3D, 0xA1, 0xFF, 0x85, 0x91, 0x99, 0xE8, 0x50,
473 0xED, 0xF1, 0x29, 0x00, 0xEE, 0x24, 0x90, 0xB5,
474 0x5F, 0x3A, 0x74, 0x26, 0xD7, 0xA2, 0x24, 0x8D,
475 0x89, 0x88, 0xD8, 0x35, 0x22, 0x22, 0x8A, 0x66,
476 0x5D, 0x5C, 0xDE, 0x83, 0x8C, 0xFA, 0x27, 0xE6,
477 0xB9, 0xEB, 0x72, 0x08, 0xCD, 0x53, 0x4B, 0x93,
478 0x0F, 0xAD, 0xC3, 0xF8, 0x7C, 0xFE, 0x84, 0xD7,
479 0x08, 0xF3, 0xBE, 0x3D, 0x60, 0x1E, 0x95, 0x8D,
480 0x44, 0x5B, 0x65, 0x7E, 0xC1, 0x30, 0xC3, 0x84,
481 0xC0, 0xB0, 0xFE, 0xBF, 0x28, 0x54, 0x1E, 0xC4
482 };
483
484 static const br_rsa_public_key RSA_PK = {
485 (void *)RSA_N, sizeof RSA_N,
486 (void *)RSA_E, sizeof RSA_E
487 };
488
489 static const br_rsa_private_key RSA_SK = {
490 2048,
491 (void *)RSA_P, sizeof RSA_P,
492 (void *)RSA_Q, sizeof RSA_Q,
493 (void *)RSA_DP, sizeof RSA_DP,
494 (void *)RSA_DQ, sizeof RSA_DQ,
495 (void *)RSA_IQ, sizeof RSA_IQ
496 };
497
498 static void
499 test_speed_rsa_inner(char *name,
500 br_rsa_public fpub, br_rsa_private fpriv)
501 {
502 unsigned char tmp[sizeof RSA_N];
503 int i;
504 long num;
505
506 memset(tmp, 'R', sizeof tmp);
507 tmp[0] = 0;
508 for (i = 0; i < 10; i ++) {
509 if (!fpriv(tmp, &RSA_SK)) {
510 abort();
511 }
512 }
513 num = 10;
514 for (;;) {
515 clock_t begin, end;
516 double tt;
517 long k;
518
519 begin = clock();
520 for (k = num; k > 0; k --) {
521 fpriv(tmp, &RSA_SK);
522 }
523 end = clock();
524 tt = (double)(end - begin) / CLOCKS_PER_SEC;
525 if (tt >= 2.0) {
526 printf("%-30s %8.2f priv/s\n", name,
527 (double)num / tt);
528 fflush(stdout);
529 break;
530 }
531 num <<= 1;
532 }
533 for (i = 0; i < 10; i ++) {
534 if (!fpub(tmp, sizeof tmp, &RSA_PK)) {
535 abort();
536 }
537 }
538 num = 10;
539 for (;;) {
540 clock_t begin, end;
541 double tt;
542 long k;
543
544 begin = clock();
545 for (k = num; k > 0; k --) {
546 fpub(tmp, sizeof tmp, &RSA_PK);
547 }
548 end = clock();
549 tt = (double)(end - begin) / CLOCKS_PER_SEC;
550 if (tt >= 2.0) {
551 printf("%-30s %8.2f pub/s\n", name,
552 (double)num / tt);
553 fflush(stdout);
554 break;
555 }
556 num <<= 1;
557 }
558 }
559
560 static void
561 test_speed_rsa_i15(void)
562 {
563 test_speed_rsa_inner("RSA i15",
564 &br_rsa_i15_public, &br_rsa_i15_private);
565 }
566
567 static void
568 test_speed_rsa_i31(void)
569 {
570 test_speed_rsa_inner("RSA i31",
571 &br_rsa_i31_public, &br_rsa_i31_private);
572 }
573
574 static void
575 test_speed_rsa_i32(void)
576 {
577 test_speed_rsa_inner("RSA i32",
578 &br_rsa_i32_public, &br_rsa_i32_private);
579 }
580
581 static void
582 test_speed_ec_inner(const char *name,
583 const br_ec_impl *impl, const br_ec_curve_def *cd)
584 {
585 unsigned char bx[80], U[160];
586 uint32_t x[22], n[22];
587 size_t nlen, ulen;
588 int i;
589 long num;
590
591 nlen = cd->order_len;
592 br_i31_decode(n, cd->order, nlen);
593 memset(bx, 'T', sizeof bx);
594 br_i31_decode_reduce(x, bx, sizeof bx, n);
595 br_i31_encode(bx, nlen, x);
596 ulen = cd->generator_len;
597 memcpy(U, cd->generator, ulen);
598 for (i = 0; i < 10; i ++) {
599 impl->mul(U, ulen, bx, nlen, cd->curve);
600 }
601 num = 10;
602 for (;;) {
603 clock_t begin, end;
604 double tt;
605 long k;
606
607 begin = clock();
608 for (k = num; k > 0; k --) {
609 impl->mul(U, ulen, bx, nlen, cd->curve);
610 }
611 end = clock();
612 tt = (double)(end - begin) / CLOCKS_PER_SEC;
613 if (tt >= 2.0) {
614 printf("%-30s %8.2f mul/s\n", name,
615 (double)num / tt);
616 fflush(stdout);
617 break;
618 }
619 num <<= 1;
620 }
621 }
622
623 static void
624 test_speed_ec_p256_i15(void)
625 {
626 test_speed_ec_inner("EC i15/spec P-256",
627 &br_ec_p256_i15, &br_secp256r1);
628 }
629
630 static void
631 test_speed_ec_prime_i15(void)
632 {
633 test_speed_ec_inner("EC i15 P-256", &br_ec_prime_i15, &br_secp256r1);
634 test_speed_ec_inner("EC i15 P-384", &br_ec_prime_i15, &br_secp384r1);
635 test_speed_ec_inner("EC i15 P-521", &br_ec_prime_i15, &br_secp521r1);
636 }
637
638 static void
639 test_speed_ec_prime_i31(void)
640 {
641 test_speed_ec_inner("EC i31 P-256", &br_ec_prime_i31, &br_secp256r1);
642 test_speed_ec_inner("EC i31 P-384", &br_ec_prime_i31, &br_secp384r1);
643 test_speed_ec_inner("EC i31 P-521", &br_ec_prime_i31, &br_secp521r1);
644 }
645
646 static void
647 test_speed_ecdsa_inner(const char *name,
648 const br_ec_impl *impl, const br_ec_curve_def *cd,
649 br_ecdsa_sign sign, br_ecdsa_vrfy vrfy)
650 {
651 unsigned char bx[80], U[160], hv[32], sig[160];
652 uint32_t x[22], n[22];
653 size_t nlen, ulen, sig_len;
654 int i;
655 long num;
656 br_ec_private_key sk;
657 br_ec_public_key pk;
658
659 nlen = cd->order_len;
660 br_i31_decode(n, cd->order, nlen);
661 memset(bx, 'T', sizeof bx);
662 br_i31_decode_reduce(x, bx, sizeof bx, n);
663 br_i31_encode(bx, nlen, x);
664 ulen = cd->generator_len;
665 memcpy(U, cd->generator, ulen);
666 impl->mul(U, ulen, bx, nlen, cd->curve);
667 sk.curve = cd->curve;
668 sk.x = bx;
669 sk.xlen = nlen;
670 pk.curve = cd->curve;
671 pk.q = U;
672 pk.qlen = ulen;
673
674 memset(hv, 'H', sizeof hv);
675 sig_len = sign(impl, &br_sha256_vtable, hv, &sk, sig);
676 if (vrfy(impl, hv, sizeof hv, &pk, sig, sig_len) != 1) {
677 fprintf(stderr, "self-test sign/verify failed\n");
678 exit(EXIT_FAILURE);
679 }
680
681 for (i = 0; i < 10; i ++) {
682 hv[1] ++;
683 sign(impl, &br_sha256_vtable, hv, &sk, sig);
684 vrfy(impl, hv, sizeof hv, &pk, sig, sig_len);
685 }
686
687 num = 10;
688 for (;;) {
689 clock_t begin, end;
690 double tt;
691 long k;
692
693 begin = clock();
694 for (k = num; k > 0; k --) {
695 hv[1] ++;
696 sig_len = sign(impl, &br_sha256_vtable, hv, &sk, sig);
697 }
698 end = clock();
699 tt = (double)(end - begin) / CLOCKS_PER_SEC;
700 if (tt >= 2.0) {
701 printf("%-30s %8.2f sign/s\n", name,
702 (double)num / tt);
703 fflush(stdout);
704 break;
705 }
706 num <<= 1;
707 }
708
709 num = 10;
710 for (;;) {
711 clock_t begin, end;
712 double tt;
713 long k;
714
715 begin = clock();
716 for (k = num; k > 0; k --) {
717 vrfy(impl, hv, sizeof hv, &pk, sig, sig_len);
718 }
719 end = clock();
720 tt = (double)(end - begin) / CLOCKS_PER_SEC;
721 if (tt >= 2.0) {
722 printf("%-30s %8.2f verify/s\n", name,
723 (double)num / tt);
724 fflush(stdout);
725 break;
726 }
727 num <<= 1;
728 }
729 }
730
731 static void
732 test_speed_ecdsa_i15(void)
733 {
734 test_speed_ecdsa_inner("ECDSA i15 P-256",
735 &br_ec_prime_i15, &br_secp256r1,
736 &br_ecdsa_i15_sign_asn1,
737 &br_ecdsa_i15_vrfy_asn1);
738 test_speed_ecdsa_inner("ECDSA i15 P-384",
739 &br_ec_prime_i15, &br_secp384r1,
740 &br_ecdsa_i15_sign_asn1,
741 &br_ecdsa_i15_vrfy_asn1);
742 test_speed_ecdsa_inner("ECDSA i15 P-521",
743 &br_ec_prime_i15, &br_secp521r1,
744 &br_ecdsa_i15_sign_asn1,
745 &br_ecdsa_i15_vrfy_asn1);
746 }
747
748 static void
749 test_speed_ecdsa_i31(void)
750 {
751 test_speed_ecdsa_inner("ECDSA i31 P-256",
752 &br_ec_prime_i31, &br_secp256r1,
753 &br_ecdsa_i31_sign_asn1,
754 &br_ecdsa_i31_vrfy_asn1);
755 test_speed_ecdsa_inner("ECDSA i31 P-384",
756 &br_ec_prime_i31, &br_secp384r1,
757 &br_ecdsa_i31_sign_asn1,
758 &br_ecdsa_i31_vrfy_asn1);
759 test_speed_ecdsa_inner("ECDSA i31 P-521",
760 &br_ec_prime_i31, &br_secp521r1,
761 &br_ecdsa_i31_sign_asn1,
762 &br_ecdsa_i31_vrfy_asn1);
763 }
764
765 #if 0
766 /* obsolete */
767 static void
768 test_speed_ec_prime_i31_inner(const char *name,
769 const unsigned char *bg, const br_ec_prime_i31_curve *cc)
770 {
771 unsigned char bx[80], point[160];
772 uint32_t x[BR_EC_I31_LEN];
773 br_ec_prime_i31_jacobian P;
774 uint32_t xbl;
775 size_t plen;
776 int i;
777 long num;
778
779 xbl = cc->p[0];
780 xbl -= (xbl >> 5);
781 plen = (xbl + 7) >> 3;
782 memset(bx, 'T', sizeof bx);
783 br_i31_decode_reduce(x, bx, sizeof bx, cc->p);
784 br_i31_encode(bx, plen, x);
785 br_ec_prime_i31_decode(&P, bg, 1 + (plen << 1), cc);
786 for (i = 0; i < 10; i ++) {
787 br_ec_prime_i31_mul(&P, bx, plen, cc);
788 br_ec_prime_i31_encode(point, &P, cc);
789 }
790 num = 10;
791 for (;;) {
792 clock_t begin, end;
793 double tt;
794 long k;
795
796 begin = clock();
797 for (k = num; k > 0; k --) {
798 br_ec_prime_i31_mul(&P, bx, plen, cc);
799 br_ec_prime_i31_encode(point, &P, cc);
800 }
801 end = clock();
802 tt = (double)(end - begin) / CLOCKS_PER_SEC;
803 if (tt >= 2.0) {
804 printf("%-30s %8.2f mul/s\n", name,
805 (double)num / tt);
806 fflush(stdout);
807 break;
808 }
809 num <<= 1;
810 }
811 }
812
813 static void
814 test_speed_ec_prime_i31(void)
815 {
816 test_speed_ec_prime_i31_inner("EC i31 P-256",
817 br_g_secp256r1, &br_ec_prime_i31_secp256r1);
818 test_speed_ec_prime_i31_inner("EC i31 P-384",
819 br_g_secp384r1, &br_ec_prime_i31_secp384r1);
820 test_speed_ec_prime_i31_inner("EC i31 P-521",
821 br_g_secp521r1, &br_ec_prime_i31_secp521r1);
822 }
823
824 static void
825 test_speed_ec_prime_i32_inner(const char *name,
826 const unsigned char *bg, const br_ec_prime_i32_curve *cc)
827 {
828 unsigned char bx[80], point[160];
829 uint32_t x[BR_EC_I32_LEN];
830 br_ec_prime_i32_jacobian P;
831 size_t plen;
832 int i;
833 long num;
834
835 plen = (cc->p[0] + 7) >> 3;
836 memset(bx, 'T', sizeof bx);
837 br_i32_decode_reduce(x, bx, sizeof bx, cc->p);
838 br_i32_encode(bx, plen, x);
839 br_ec_prime_i32_decode(&P, bg, 1 + (plen << 1), cc);
840 for (i = 0; i < 10; i ++) {
841 br_ec_prime_i32_mul(&P, bx, plen, cc);
842 br_ec_prime_i32_encode(point, &P, cc);
843 }
844 num = 10;
845 for (;;) {
846 clock_t begin, end;
847 double tt;
848 long k;
849
850 begin = clock();
851 for (k = num; k > 0; k --) {
852 br_ec_prime_i32_mul(&P, bx, plen, cc);
853 br_ec_prime_i32_encode(point, &P, cc);
854 }
855 end = clock();
856 tt = (double)(end - begin) / CLOCKS_PER_SEC;
857 if (tt >= 2.0) {
858 printf("%-30s %8.2f mul/s\n", name,
859 (double)num / tt);
860 fflush(stdout);
861 break;
862 }
863 num <<= 1;
864 }
865 }
866
867 static void
868 test_speed_ec_prime_i32(void)
869 {
870 test_speed_ec_prime_i32_inner("EC i32 P-256",
871 br_g_secp256r1, &br_ec_prime_i32_secp256r1);
872 test_speed_ec_prime_i32_inner("EC i32 P-384",
873 br_g_secp384r1, &br_ec_prime_i32_secp384r1);
874 test_speed_ec_prime_i32_inner("EC i32 P-521",
875 br_g_secp521r1, &br_ec_prime_i32_secp521r1);
876 }
877 #endif
878
879 static void
880 test_speed_i31(void)
881 {
882 static const unsigned char bp[] = {
883 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00,
884 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
885 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
886 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
887 };
888
889 unsigned char tmp[60 + sizeof bp];
890 uint32_t p[10], x[10], y[10], z[10], p0i;
891 int i;
892 long num;
893
894 br_i31_decode(p, bp, sizeof bp);
895 p0i = br_i31_ninv31(p[1]);
896 memset(tmp, 'T', sizeof tmp);
897 br_i31_decode_reduce(x, tmp, sizeof tmp, p);
898 memset(tmp, 'U', sizeof tmp);
899 br_i31_decode_reduce(y, tmp, sizeof tmp, p);
900
901 for (i = 0; i < 10; i ++) {
902 br_i31_to_monty(x, p);
903 }
904 num = 10;
905 for (;;) {
906 clock_t begin, end;
907 double tt;
908 long k;
909
910 begin = clock();
911 for (k = num; k > 0; k --) {
912 br_i31_to_monty(x, p);
913 }
914 end = clock();
915 tt = (double)(end - begin) / CLOCKS_PER_SEC;
916 if (tt >= 2.0) {
917 printf("%-30s %8.2f ops/s\n", "i31 to_monty",
918 (double)num / tt);
919 fflush(stdout);
920 break;
921 }
922 num <<= 1;
923 }
924
925 for (i = 0; i < 10; i ++) {
926 br_i31_from_monty(x, p, p0i);
927 }
928 num = 10;
929 for (;;) {
930 clock_t begin, end;
931 double tt;
932 long k;
933
934 begin = clock();
935 for (k = num; k > 0; k --) {
936 br_i31_from_monty(x, p, p0i);
937 }
938 end = clock();
939 tt = (double)(end - begin) / CLOCKS_PER_SEC;
940 if (tt >= 2.0) {
941 printf("%-30s %8.2f ops/s\n", "i31 from_monty",
942 (double)num / tt);
943 fflush(stdout);
944 break;
945 }
946 num <<= 1;
947 }
948
949 for (i = 0; i < 10; i ++) {
950 br_i31_montymul(z, x, y, p, p0i);
951 }
952 num = 10;
953 for (;;) {
954 clock_t begin, end;
955 double tt;
956 long k;
957
958 begin = clock();
959 for (k = num; k > 0; k --) {
960 br_i31_montymul(z, x, y, p, p0i);
961 }
962 end = clock();
963 tt = (double)(end - begin) / CLOCKS_PER_SEC;
964 if (tt >= 2.0) {
965 printf("%-30s %8.2f ops/s\n", "i31 montymul",
966 (double)num / tt);
967 fflush(stdout);
968 break;
969 }
970 num <<= 1;
971 }
972 }
973
974 #if 0
975
976 static unsigned char P2048[] = {
977 0xFD, 0xB6, 0xE0, 0x3E, 0x00, 0x49, 0x4C, 0xF0, 0x69, 0x3A, 0xDD, 0x7D,
978 0xF8, 0xA2, 0x41, 0xB0, 0x6C, 0x67, 0xC5, 0xBA, 0xB8, 0x46, 0x80, 0xF5,
979 0xBF, 0xAB, 0x98, 0xFC, 0x84, 0x73, 0xA5, 0x63, 0xC9, 0x52, 0x12, 0xDA,
980 0x4C, 0xC1, 0x5B, 0x9D, 0x8D, 0xDF, 0xCD, 0xFE, 0xC5, 0xAD, 0x5A, 0x6F,
981 0xDD, 0x02, 0xD9, 0xEC, 0x71, 0xEF, 0xEB, 0xB6, 0x95, 0xED, 0x94, 0x25,
982 0x0E, 0x63, 0xDD, 0x6A, 0x52, 0xC7, 0x93, 0xAF, 0x85, 0x9D, 0x2C, 0xBE,
983 0x5C, 0xBE, 0x35, 0xD8, 0xDD, 0x39, 0xEF, 0x1B, 0xB1, 0x49, 0x67, 0xB2,
984 0x33, 0xC9, 0x7C, 0xE1, 0x51, 0x79, 0x51, 0x59, 0xCA, 0x6E, 0x2A, 0xDF,
985 0x0D, 0x76, 0x1C, 0xE7, 0xA5, 0xC0, 0x1E, 0x6C, 0x56, 0x3A, 0x32, 0xE5,
986 0xB5, 0xC5, 0xD4, 0xDB, 0xFE, 0xFF, 0xF8, 0xF2, 0x96, 0xA9, 0xC9, 0x65,
987 0x59, 0x9E, 0x01, 0x79, 0x9D, 0x38, 0x68, 0x0F, 0xAD, 0x43, 0x3A, 0xD6,
988 0x84, 0x0A, 0xE2, 0xEF, 0x96, 0xC1, 0x6D, 0x89, 0x74, 0x19, 0x63, 0x82,
989 0x3B, 0xA0, 0x9C, 0xBA, 0x78, 0xDE, 0xDC, 0xC2, 0xE7, 0xD4, 0xFA, 0xD6,
990 0x19, 0x21, 0x29, 0xAE, 0x5E, 0xF4, 0x38, 0x81, 0xC6, 0x9E, 0x0E, 0x3C,
991 0xCD, 0xC0, 0xDC, 0x93, 0x5D, 0xFD, 0x9A, 0x5C, 0xAB, 0x54, 0x1F, 0xFF,
992 0x9C, 0x12, 0x1B, 0x4C, 0xDF, 0x2D, 0x9C, 0x85, 0xF9, 0x68, 0x15, 0x89,
993 0x42, 0x9B, 0x6C, 0x45, 0x89, 0x3A, 0xBC, 0xE9, 0x19, 0x91, 0xBE, 0x0C,
994 0xEF, 0x90, 0xCC, 0xF6, 0xD6, 0xF0, 0x3D, 0x5C, 0xF5, 0xE5, 0x0F, 0x2F,
995 0x02, 0x8A, 0x83, 0x4B, 0x93, 0x2F, 0x14, 0x12, 0x1F, 0x56, 0x9A, 0x12,
996 0x58, 0x88, 0xAE, 0x60, 0xB8, 0x5A, 0xE4, 0xA1, 0xBF, 0x4A, 0x81, 0x84,
997 0xAB, 0xBB, 0xE4, 0xD0, 0x1D, 0x41, 0xD9, 0x0A, 0xAB, 0x1E, 0x47, 0x5B,
998 0x31, 0xAC, 0x2B, 0x73
999 };
1000
1001 static unsigned char G2048[] = {
1002 0x02
1003 };
1004
1005 static void
1006 test_speed_modpow(void)
1007 {
1008 uint32_t mx[65], mp[65], me[65], t1[65], t2[65], len;
1009 unsigned char e[64];
1010 int i;
1011 long num;
1012
1013 len = br_int_decode(mp, sizeof mp / sizeof mp[0],
1014 P2048, sizeof P2048);
1015 if (len != 65) {
1016 abort();
1017 }
1018 memset(e, 'P', sizeof e);
1019 if (!br_int_decode(me, sizeof me / sizeof me[0], e, sizeof e)) {
1020 abort();
1021 }
1022 if (!br_modint_decode(mx, mp, G2048, sizeof G2048)) {
1023 abort();
1024 }
1025 for (i = 0; i < 10; i ++) {
1026 br_modint_to_monty(mx, mp);
1027 br_modint_montypow(mx, me, mp, t1, t2);
1028 br_modint_from_monty(mx, mp);
1029 }
1030 num = 10;
1031 for (;;) {
1032 clock_t begin, end;
1033 double tt;
1034 long k;
1035
1036 begin = clock();
1037 for (k = num; k > 0; k --) {
1038 br_modint_to_monty(mx, mp);
1039 br_modint_montypow(mx, me, mp, t1, t2);
1040 br_modint_from_monty(mx, mp);
1041 }
1042 end = clock();
1043 tt = (double)(end - begin) / CLOCKS_PER_SEC;
1044 if (tt >= 2.0) {
1045 printf("%-30s %8.2f exp/s\n", "pow[2048:256]",
1046 (double)num / tt);
1047 fflush(stdout);
1048 return;
1049 }
1050 num <<= 1;
1051 }
1052 }
1053
1054 static void
1055 test_speed_moddiv(void)
1056 {
1057 uint32_t mx[65], my[65], mp[65], t1[65], t2[65], t3[65], len;
1058 unsigned char x[255], y[255];
1059 int i;
1060 long num;
1061
1062 len = br_int_decode(mp, sizeof mp / sizeof mp[0],
1063 P2048, sizeof P2048);
1064 if (len != 65) {
1065 abort();
1066 }
1067 memset(x, 'T', sizeof x);
1068 memset(y, 'P', sizeof y);
1069 if (!br_modint_decode(mx, mp, x, sizeof x)) {
1070 abort();
1071 }
1072 if (!br_modint_decode(my, mp, y, sizeof y)) {
1073 abort();
1074 }
1075 for (i = 0; i < 10; i ++) {
1076 br_modint_div(mx, my, mp, t1, t2, t3);
1077 }
1078 num = 10;
1079 for (;;) {
1080 clock_t begin, end;
1081 double tt;
1082 long k;
1083
1084 begin = clock();
1085 for (k = num; k > 0; k --) {
1086 br_modint_div(mx, my, mp, t1, t2, t3);
1087 }
1088 end = clock();
1089 tt = (double)(end - begin) / CLOCKS_PER_SEC;
1090 if (tt >= 2.0) {
1091 printf("%-30s %8.2f div/s\n", "div[2048]",
1092 (double)num / tt);
1093 fflush(stdout);
1094 return;
1095 }
1096 num <<= 1;
1097 }
1098 }
1099 #endif
1100
1101 #define STU(x) { test_speed_ ## x, #x }
1102
1103 static const struct {
1104 void (*fn)(void);
1105 char *name;
1106 } tfns[] = {
1107 STU(md5),
1108 STU(sha1),
1109 STU(sha256),
1110 STU(sha512),
1111
1112 STU(aes128_big_cbcenc),
1113 STU(aes128_big_cbcdec),
1114 STU(aes192_big_cbcenc),
1115 STU(aes192_big_cbcdec),
1116 STU(aes256_big_cbcenc),
1117 STU(aes256_big_cbcdec),
1118 STU(aes128_big_ctr),
1119 STU(aes192_big_ctr),
1120 STU(aes256_big_ctr),
1121
1122 STU(aes128_small_cbcenc),
1123 STU(aes128_small_cbcdec),
1124 STU(aes192_small_cbcenc),
1125 STU(aes192_small_cbcdec),
1126 STU(aes256_small_cbcenc),
1127 STU(aes256_small_cbcdec),
1128 STU(aes128_small_ctr),
1129 STU(aes192_small_ctr),
1130 STU(aes256_small_ctr),
1131
1132 STU(aes128_ct_cbcenc),
1133 STU(aes128_ct_cbcdec),
1134 STU(aes192_ct_cbcenc),
1135 STU(aes192_ct_cbcdec),
1136 STU(aes256_ct_cbcenc),
1137 STU(aes256_ct_cbcdec),
1138 STU(aes128_ct_ctr),
1139 STU(aes192_ct_ctr),
1140 STU(aes256_ct_ctr),
1141
1142 STU(aes128_ct64_cbcenc),
1143 STU(aes128_ct64_cbcdec),
1144 STU(aes192_ct64_cbcenc),
1145 STU(aes192_ct64_cbcdec),
1146 STU(aes256_ct64_cbcenc),
1147 STU(aes256_ct64_cbcdec),
1148 STU(aes128_ct64_ctr),
1149 STU(aes192_ct64_ctr),
1150 STU(aes256_ct64_ctr),
1151
1152 STU(des_tab_cbcenc),
1153 STU(des_tab_cbcdec),
1154 STU(3des_tab_cbcenc),
1155 STU(3des_tab_cbcdec),
1156
1157 STU(des_ct_cbcenc),
1158 STU(des_ct_cbcdec),
1159 STU(3des_ct_cbcenc),
1160 STU(3des_ct_cbcdec),
1161
1162 STU(chacha20_ct),
1163
1164 STU(ghash_ctmul),
1165 STU(ghash_ctmul32),
1166 STU(ghash_ctmul64),
1167
1168 STU(poly1305_ctmul),
1169
1170 STU(rsa_i15),
1171 STU(rsa_i31),
1172 STU(rsa_i32),
1173 STU(ec_p256_i15),
1174 STU(ec_prime_i15),
1175 STU(ec_prime_i31),
1176 STU(ecdsa_i15),
1177 STU(ecdsa_i31),
1178
1179 STU(i31)
1180 };
1181
1182 static int
1183 eq_name(const char *s1, const char *s2)
1184 {
1185 for (;;) {
1186 int c1, c2;
1187
1188 for (;;) {
1189 c1 = *s1 ++;
1190 if (c1 >= 'A' && c1 <= 'Z') {
1191 c1 += 'a' - 'A';
1192 } else {
1193 switch (c1) {
1194 case '-': case '_': case '.': case ' ':
1195 continue;
1196 }
1197 }
1198 break;
1199 }
1200 for (;;) {
1201 c2 = *s2 ++;
1202 if (c2 >= 'A' && c2 <= 'Z') {
1203 c2 += 'a' - 'A';
1204 } else {
1205 switch (c2) {
1206 case '-': case '_': case '.': case ' ':
1207 continue;
1208 }
1209 }
1210 break;
1211 }
1212 if (c1 != c2) {
1213 return 0;
1214 }
1215 if (c1 == 0) {
1216 return 1;
1217 }
1218 }
1219 }
1220
1221 int
1222 main(int argc, char *argv[])
1223 {
1224 size_t u;
1225
1226 if (argc <= 1) {
1227 printf("usage: testspeed all | name...\n");
1228 printf("individual test names:\n");
1229 for (u = 0; u < (sizeof tfns) / (sizeof tfns[0]); u ++) {
1230 printf(" %s\n", tfns[u].name);
1231 }
1232 } else {
1233 for (u = 0; u < (sizeof tfns) / (sizeof tfns[0]); u ++) {
1234 int i;
1235
1236 for (i = 1; i < argc; i ++) {
1237 if (eq_name(argv[i], tfns[u].name)
1238 || eq_name(argv[i], "all"))
1239 {
1240 tfns[u].fn();
1241 break;
1242 }
1243 }
1244 }
1245 }
1246 return 0;
1247 }
The BearSSL library and tools.