X-Git-Url: https://www.bearssl.org/gitweb//home/git/?p=BearSSL;a=blobdiff_plain;f=test%2Ftest_speed.c;h=eb1b9646f516536a0ff7d8d11e2a40c0493fd683;hp=245a8403fb1ad71ab542a59d762fc3e29f5e7601;hb=HEAD;hpb=dddc412922f42f9c7dd6177133828be724f44424

diff --git a/test/test_speed.c b/test/test_speed.c
index 245a840..eb1b964 100644
--- a/test/test_speed.c
+++ b/test/test_speed.c
@@ -229,15 +229,19 @@ SPEED_HASH(SHA-512, sha512)
 #define br_aes_big_cbcenc_get_vtable()     (&br_aes_big_cbcenc_vtable)
 #define br_aes_big_cbcdec_get_vtable()     (&br_aes_big_cbcdec_vtable)
 #define br_aes_big_ctr_get_vtable()        (&br_aes_big_ctr_vtable)
+#define br_aes_big_ctrcbc_get_vtable()     (&br_aes_big_ctrcbc_vtable)
 #define br_aes_small_cbcenc_get_vtable()   (&br_aes_small_cbcenc_vtable)
 #define br_aes_small_cbcdec_get_vtable()   (&br_aes_small_cbcdec_vtable)
 #define br_aes_small_ctr_get_vtable()      (&br_aes_small_ctr_vtable)
+#define br_aes_small_ctrcbc_get_vtable()   (&br_aes_small_ctrcbc_vtable)
 #define br_aes_ct_cbcenc_get_vtable()      (&br_aes_ct_cbcenc_vtable)
 #define br_aes_ct_cbcdec_get_vtable()      (&br_aes_ct_cbcdec_vtable)
 #define br_aes_ct_ctr_get_vtable()         (&br_aes_ct_ctr_vtable)
+#define br_aes_ct_ctrcbc_get_vtable()      (&br_aes_ct_ctrcbc_vtable)
 #define br_aes_ct64_cbcenc_get_vtable()    (&br_aes_ct64_cbcenc_vtable)
 #define br_aes_ct64_cbcdec_get_vtable()    (&br_aes_ct64_cbcdec_vtable)
 #define br_aes_ct64_ctr_get_vtable()       (&br_aes_ct64_ctr_vtable)
+#define br_aes_ct64_ctrcbc_get_vtable()    (&br_aes_ct64_ctrcbc_vtable)
 #define br_chacha20_ct_get()               (&br_chacha20_ct_run)
 
 #define SPEED_AES(iname) \
@@ -453,6 +457,11 @@ test_speed_eax_inner(char *name,
 	br_aes_gen_ctrcbc_keys ac;
 	br_eax_context ec;
 
+	if (vt == NULL) {
+		printf("%-30s UNAVAILABLE\n", name);
+		fflush(stdout);
+		return;
+	}
 	memset(key, 'K', key_len);
 	memset(nonce, 'N', sizeof nonce);
 	memset(aad, 'A', sizeof aad);
@@ -500,7 +509,8 @@ static void \
 test_speed_eax_ ## algo ## keysize ## _ ## impl(void) \
 { \
 	test_speed_eax_inner("EAX " #Algo "-" #keysize "(" #impl ")", \
-		&br_ ## algo ## _ ## impl ##  _ctrcbc_vtable, (keysize) >> 3); \
+		br_ ## algo ## _ ## impl ##  _ctrcbc_get_vtable() \
+		, (keysize) >> 3); \
 }
 
 SPEED_EAX(AES, aes, 128, big)
@@ -508,16 +518,96 @@ SPEED_EAX(AES, aes, 128, small)
 SPEED_EAX(AES, aes, 128, ct)
 SPEED_EAX(AES, aes, 128, ct64)
 SPEED_EAX(AES, aes, 128, x86ni)
+SPEED_EAX(AES, aes, 128, pwr8)
 SPEED_EAX(AES, aes, 192, big)
 SPEED_EAX(AES, aes, 192, small)
 SPEED_EAX(AES, aes, 192, ct)
 SPEED_EAX(AES, aes, 192, ct64)
 SPEED_EAX(AES, aes, 192, x86ni)
+SPEED_EAX(AES, aes, 192, pwr8)
 SPEED_EAX(AES, aes, 256, big)
 SPEED_EAX(AES, aes, 256, small)
 SPEED_EAX(AES, aes, 256, ct)
 SPEED_EAX(AES, aes, 256, ct64)
 SPEED_EAX(AES, aes, 256, x86ni)
+SPEED_EAX(AES, aes, 256, pwr8)
+
+static void
+test_speed_shake_inner(int security_level)
+{
+	unsigned char buf[8192];
+	br_shake_context sc;
+	int i;
+	long num;
+
+	memset(buf, 'D', sizeof buf);
+	br_shake_init(&sc, security_level);
+	for (i = 0; i < 10; i ++) {
+		br_shake_inject(&sc, buf, sizeof buf);
+	}
+	num = 10;
+	for (;;) {
+		clock_t begin, end;
+		double tt;
+		long k;
+
+		begin = clock();
+		for (k = num; k > 0; k --) {
+			br_shake_inject(&sc, buf, sizeof buf);
+		}
+		end = clock();
+		tt = (double)(end - begin) / CLOCKS_PER_SEC;
+		if (tt >= 2.0) {
+			printf("SHAKE%-3d (inject)              %8.2f MB/s\n",
+				security_level,
+				((double)sizeof buf) * (double)num
+				/ (tt * 1000000.0));
+			fflush(stdout);
+			break;
+		}
+		num <<= 1;
+	}
+
+	br_shake_flip(&sc);
+	for (i = 0; i < 10; i ++) {
+		br_shake_produce(&sc, buf, sizeof buf);
+	}
+
+	num = 10;
+	for (;;) {
+		clock_t begin, end;
+		double tt;
+		long k;
+
+		begin = clock();
+		for (k = num; k > 0; k --) {
+			br_shake_produce(&sc, buf, sizeof buf);
+		}
+		end = clock();
+		tt = (double)(end - begin) / CLOCKS_PER_SEC;
+		if (tt >= 2.0) {
+			printf("SHAKE%-3d (produce)             %8.2f MB/s\n",
+				security_level,
+				((double)sizeof buf) * (double)num
+				/ (tt * 1000000.0));
+			fflush(stdout);
+			break;
+		}
+		num <<= 1;
+	}
+}
+
+static void
+test_speed_shake128(void)
+{
+	test_speed_shake_inner(128);
+}
+
+static void
+test_speed_shake256(void)
+{
+	test_speed_shake_inner(256);
+}
 
 static const unsigned char RSA_N[] = {
 	0xE9, 0xF2, 0x4A, 0x2F, 0x96, 0xDF, 0x0A, 0x23,
@@ -669,11 +759,16 @@ static const br_rsa_private_key RSA_SK = {
 
 static void
 test_speed_rsa_inner(char *name,
-	br_rsa_public fpub, br_rsa_private fpriv)
+	br_rsa_public fpub, br_rsa_private fpriv, br_rsa_keygen kgen)
 {
 	unsigned char tmp[sizeof RSA_N];
 	int i;
 	long num;
+	/*
+	br_hmac_drbg_context rng;
+	*/
+	br_aesctr_drbg_context rng;
+	const br_block_ctr_class *ictr;
 
 	memset(tmp, 'R', sizeof tmp);
 	tmp[0] = 0;
@@ -727,27 +822,96 @@ test_speed_rsa_inner(char *name,
 		}
 		num <<= 1;
 	}
+
+	if (kgen == 0) {
+		printf("%-30s KEYGEN UNAVAILABLE\n", name);
+		fflush(stdout);
+		return;
+	}
+	/*
+	br_hmac_drbg_init(&rng, &br_sha256_vtable, "RSA keygen seed", 15);
+	*/
+	ictr = br_aes_x86ni_ctr_get_vtable();
+	if (ictr == NULL) {
+		ictr = br_aes_pwr8_ctr_get_vtable();
+		if (ictr == NULL) {
+#if BR_64
+			ictr = &br_aes_ct64_ctr_vtable;
+#else
+			ictr = &br_aes_ct_ctr_vtable;
+#endif
+		}
+	}
+	br_aesctr_drbg_init(&rng, ictr, "RSA keygen seed", 15);
+
+	num = 10;
+	for (;;) {
+		clock_t begin, end;
+		double tt;
+		long k;
+
+		begin = clock();
+		for (k = num; k > 0; k --) {
+			br_rsa_private_key sk;
+			unsigned char kbuf[BR_RSA_KBUF_PRIV_SIZE(1024)];
+
+			kgen(&rng.vtable, &sk, kbuf, NULL, NULL, 1024, 0);
+		}
+		end = clock();
+		tt = (double)(end - begin) / CLOCKS_PER_SEC;
+		if (tt >= 10.0) {
+			printf("%-30s %8.2f kgen[1024]/s\n", name,
+				(double)num / tt);
+			fflush(stdout);
+			break;
+		}
+		num <<= 1;
+	}
+
+	num = 10;
+	for (;;) {
+		clock_t begin, end;
+		double tt;
+		long k;
+
+		begin = clock();
+		for (k = num; k > 0; k --) {
+			br_rsa_private_key sk;
+			unsigned char kbuf[BR_RSA_KBUF_PRIV_SIZE(2048)];
+
+			kgen(&rng.vtable, &sk, kbuf, NULL, NULL, 2048, 0);
+		}
+		end = clock();
+		tt = (double)(end - begin) / CLOCKS_PER_SEC;
+		if (tt >= 10.0) {
+			printf("%-30s %8.2f kgen[2048]/s\n", name,
+				(double)num / tt);
+			fflush(stdout);
+			break;
+		}
+		num <<= 1;
+	}
 }
 
 static void
 test_speed_rsa_i15(void)
 {
 	test_speed_rsa_inner("RSA i15",
-		&br_rsa_i15_public, &br_rsa_i15_private);
+		&br_rsa_i15_public, &br_rsa_i15_private, &br_rsa_i15_keygen);
 }
 
 static void
 test_speed_rsa_i31(void)
 {
 	test_speed_rsa_inner("RSA i31",
-		&br_rsa_i31_public, &br_rsa_i31_private);
+		&br_rsa_i31_public, &br_rsa_i31_private, &br_rsa_i31_keygen);
 }
 
 static void
 test_speed_rsa_i32(void)
 {
 	test_speed_rsa_inner("RSA i32",
-		&br_rsa_i32_public, &br_rsa_i32_private);
+		&br_rsa_i32_public, &br_rsa_i32_private, 0);
 }
 
 static void
@@ -755,11 +919,13 @@ test_speed_rsa_i62(void)
 {
 	br_rsa_public pub;
 	br_rsa_private priv;
+	br_rsa_keygen kgen;
 
 	pub = br_rsa_i62_public_get();
 	priv = br_rsa_i62_private_get();
+	kgen = br_rsa_i62_keygen_get();
 	if (pub) {
-		test_speed_rsa_inner("RSA i62", pub, priv);
+		test_speed_rsa_inner("RSA i62", pub, priv, kgen);
 	} else {
 		printf("%-30s UNAVAILABLE\n", "RSA i62");
 	}
@@ -872,6 +1038,32 @@ test_speed_ec_p256_m31(void)
 		&br_ec_p256_m31, &br_secp256r1);
 }
 
+static void
+test_speed_ec_p256_m62(void)
+{
+	const br_ec_impl *ec;
+
+	ec = br_ec_p256_m62_get();
+	if (ec != NULL) {
+		test_speed_ec_inner("EC p256_m62", ec, &br_secp256r1);
+	} else {
+		printf("%-30s UNAVAILABLE\n", "EC p256_m62");
+	}
+}
+
+static void
+test_speed_ec_p256_m64(void)
+{
+	const br_ec_impl *ec;
+
+	ec = br_ec_p256_m64_get();
+	if (ec != NULL) {
+		test_speed_ec_inner("EC p256_m64", ec, &br_secp256r1);
+	} else {
+		printf("%-30s UNAVAILABLE\n", "EC p256_m64");
+	}
+}
+
 static void
 test_speed_ec_prime_i15(void)
 {
@@ -922,6 +1114,32 @@ test_speed_ec_c25519_m31(void)
 		&br_ec_c25519_m31, &br_curve25519);
 }
 
+static void
+test_speed_ec_c25519_m62(void)
+{
+	const br_ec_impl *ec;
+
+	ec = br_ec_c25519_m62_get();
+	if (ec != NULL) {
+		test_speed_ec_inner("EC c25519_m62", ec, &br_curve25519);
+	} else {
+		printf("%-30s UNAVAILABLE\n", "EC c25519_m62");
+	}
+}
+
+static void
+test_speed_ec_c25519_m64(void)
+{
+	const br_ec_impl *ec;
+
+	ec = br_ec_c25519_m64_get();
+	if (ec != NULL) {
+		test_speed_ec_inner("EC c25519_m64", ec, &br_curve25519);
+	} else {
+		printf("%-30s UNAVAILABLE\n", "EC c25519_m64");
+	}
+}
+
 static void
 test_speed_ecdsa_inner(const char *name,
 	const br_ec_impl *impl, const br_ec_curve_def *cd,
@@ -1025,6 +1243,38 @@ test_speed_ecdsa_p256_m31(void)
 		&br_ecdsa_i31_vrfy_asn1);
 }
 
+static void
+test_speed_ecdsa_p256_m62(void)
+{
+	const br_ec_impl *ec;
+
+	ec = br_ec_p256_m62_get();
+	if (ec != NULL) {
+		test_speed_ecdsa_inner("ECDSA m62 P-256",
+			ec, &br_secp256r1,
+			&br_ecdsa_i31_sign_asn1,
+			&br_ecdsa_i31_vrfy_asn1);
+	} else {
+		printf("%-30s UNAVAILABLE\n", "ECDSA m62 P-256");
+	}
+}
+
+static void
+test_speed_ecdsa_p256_m64(void)
+{
+	const br_ec_impl *ec;
+
+	ec = br_ec_p256_m64_get();
+	if (ec != NULL) {
+		test_speed_ecdsa_inner("ECDSA m64 P-256",
+			ec, &br_secp256r1,
+			&br_ecdsa_i31_sign_asn1,
+			&br_ecdsa_i31_vrfy_asn1);
+	} else {
+		printf("%-30s UNAVAILABLE\n", "ECDSA m64 P-256");
+	}
+}
+
 static void
 test_speed_ecdsa_i15(void)
 {
@@ -1063,14 +1313,20 @@ static void
 test_speed_i31(void)
 {
 	static const unsigned char bp[] = {
-		0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00,
+		/* A 521-bit prime integer (order of the P-521 curve). */
+		0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
 		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
-		0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
+		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+		0xFF, 0xFA, 0x51, 0x86, 0x87, 0x83, 0xBF, 0x2F,
+		0x96, 0x6B, 0x7F, 0xCC, 0x01, 0x48, 0xF7, 0x09,
+		0xA5, 0xD0, 0x3B, 0xB5, 0xC9, 0xB8, 0x89, 0x9C,
+		0x47, 0xAE, 0xBB, 0x6F, 0xB7, 0x1E, 0x91, 0x38,
+		0x64, 0x09
 	};
 
 	unsigned char tmp[60 + sizeof bp];
-	uint32_t p[10], x[10], y[10], z[10], p0i;
+	uint32_t p[20], x[20], y[20], z[20], uu[60], p0i;
 	int i;
 	long num;
 
@@ -1152,6 +1408,30 @@ test_speed_i31(void)
 		}
 		num <<= 1;
 	}
+
+	for (i = 0; i < 10; i ++) {
+		br_i31_moddiv(x, y, p, p0i, uu);
+	}
+	num = 10;
+	for (;;) {
+		clock_t begin, end;
+		double tt;
+		long k;
+
+		begin = clock();
+		for (k = num; k > 0; k --) {
+			br_i31_moddiv(x, y, p, p0i, uu);
+		}
+		end = clock();
+		tt = (double)(end - begin) / CLOCKS_PER_SEC;
+		if (tt >= 2.0) {
+			printf("%-30s %8.2f ops/s\n", "i31 moddiv",
+				(double)num / tt);
+			fflush(stdout);
+			break;
+		}
+		num <<= 1;
+	}
 }
 
 #if 0
@@ -1391,6 +1671,12 @@ static const struct {
 	STU(eax_aes128_x86ni),
 	STU(eax_aes192_x86ni),
 	STU(eax_aes256_x86ni),
+	STU(eax_aes128_pwr8),
+	STU(eax_aes192_pwr8),
+	STU(eax_aes256_pwr8),
+
+	STU(shake128),
+	STU(shake256),
 
 	STU(rsa_i15),
 	STU(rsa_i31),
@@ -1400,12 +1686,18 @@ static const struct {
 	STU(ec_prime_i31),
 	STU(ec_p256_m15),
 	STU(ec_p256_m31),
+	STU(ec_p256_m62),
+	STU(ec_p256_m64),
 	STU(ec_c25519_i15),
 	STU(ec_c25519_i31),
 	STU(ec_c25519_m15),
 	STU(ec_c25519_m31),
+	STU(ec_c25519_m62),
+	STU(ec_c25519_m64),
 	STU(ecdsa_p256_m15),
 	STU(ecdsa_p256_m31),
+	STU(ecdsa_p256_m62),
+	STU(ecdsa_p256_m64),
 	STU(ecdsa_i15),
 	STU(ecdsa_i31),