#define br_aes_big_cbcenc_get_vtable() (&br_aes_big_cbcenc_vtable)
#define br_aes_big_cbcdec_get_vtable() (&br_aes_big_cbcdec_vtable)
#define br_aes_big_ctr_get_vtable() (&br_aes_big_ctr_vtable)
+#define br_aes_big_ctrcbc_get_vtable() (&br_aes_big_ctrcbc_vtable)
#define br_aes_small_cbcenc_get_vtable() (&br_aes_small_cbcenc_vtable)
#define br_aes_small_cbcdec_get_vtable() (&br_aes_small_cbcdec_vtable)
#define br_aes_small_ctr_get_vtable() (&br_aes_small_ctr_vtable)
+#define br_aes_small_ctrcbc_get_vtable() (&br_aes_small_ctrcbc_vtable)
#define br_aes_ct_cbcenc_get_vtable() (&br_aes_ct_cbcenc_vtable)
#define br_aes_ct_cbcdec_get_vtable() (&br_aes_ct_cbcdec_vtable)
#define br_aes_ct_ctr_get_vtable() (&br_aes_ct_ctr_vtable)
+#define br_aes_ct_ctrcbc_get_vtable() (&br_aes_ct_ctrcbc_vtable)
#define br_aes_ct64_cbcenc_get_vtable() (&br_aes_ct64_cbcenc_vtable)
#define br_aes_ct64_cbcdec_get_vtable() (&br_aes_ct64_cbcdec_vtable)
#define br_aes_ct64_ctr_get_vtable() (&br_aes_ct64_ctr_vtable)
+#define br_aes_ct64_ctrcbc_get_vtable() (&br_aes_ct64_ctrcbc_vtable)
#define br_chacha20_ct_get() (&br_chacha20_ct_run)
#define SPEED_AES(iname) \
test_speed_poly1305_inner("Poly1305 (i15)", &br_poly1305_i15_run);
}
+static void
+test_speed_eax_inner(char *name,
+ const br_block_ctrcbc_class *vt, size_t key_len)
+{
+ unsigned char buf[8192], key[32], nonce[16], aad[16], tag[16];
+ int i;
+ long num;
+ br_aes_gen_ctrcbc_keys ac;
+ br_eax_context ec;
+
+ if (vt == NULL) {
+ printf("%-30s UNAVAILABLE\n", name);
+ fflush(stdout);
+ return;
+ }
+ memset(key, 'K', key_len);
+ memset(nonce, 'N', sizeof nonce);
+ memset(aad, 'A', sizeof aad);
+ memset(buf, 'T', sizeof buf);
+ for (i = 0; i < 10; i ++) {
+ vt->init(&ac.vtable, key, key_len);
+ br_eax_init(&ec, &ac.vtable);
+ br_eax_reset(&ec, nonce, sizeof nonce);
+ br_eax_aad_inject(&ec, aad, sizeof aad);
+ br_eax_flip(&ec);
+ br_eax_run(&ec, 1, buf, sizeof buf);
+ br_eax_get_tag(&ec, tag);
+ }
+ num = 10;
+ for (;;) {
+ clock_t begin, end;
+ double tt;
+ long k;
+
+ begin = clock();
+ for (k = num; k > 0; k --) {
+ vt->init(&ac.vtable, key, key_len);
+ br_eax_init(&ec, &ac.vtable);
+ br_eax_reset(&ec, nonce, sizeof nonce);
+ br_eax_aad_inject(&ec, aad, sizeof aad);
+ br_eax_flip(&ec);
+ br_eax_run(&ec, 1, buf, sizeof buf);
+ br_eax_get_tag(&ec, tag);
+ }
+ end = clock();
+ tt = (double)(end - begin) / CLOCKS_PER_SEC;
+ if (tt >= 2.0) {
+ printf("%-30s %8.2f MB/s\n", name,
+ ((double)sizeof buf) * (double)num
+ / (tt * 1000000.0));
+ fflush(stdout);
+ return;
+ }
+ num <<= 1;
+ }
+}
+
+#define SPEED_EAX(Algo, algo, keysize, impl) \
+static void \
+test_speed_eax_ ## algo ## keysize ## _ ## impl(void) \
+{ \
+ test_speed_eax_inner("EAX " #Algo "-" #keysize "(" #impl ")", \
+ br_ ## algo ## _ ## impl ## _ctrcbc_get_vtable() \
+ , (keysize) >> 3); \
+}
+
+SPEED_EAX(AES, aes, 128, big)
+SPEED_EAX(AES, aes, 128, small)
+SPEED_EAX(AES, aes, 128, ct)
+SPEED_EAX(AES, aes, 128, ct64)
+SPEED_EAX(AES, aes, 128, x86ni)
+SPEED_EAX(AES, aes, 128, pwr8)
+SPEED_EAX(AES, aes, 192, big)
+SPEED_EAX(AES, aes, 192, small)
+SPEED_EAX(AES, aes, 192, ct)
+SPEED_EAX(AES, aes, 192, ct64)
+SPEED_EAX(AES, aes, 192, x86ni)
+SPEED_EAX(AES, aes, 192, pwr8)
+SPEED_EAX(AES, aes, 256, big)
+SPEED_EAX(AES, aes, 256, small)
+SPEED_EAX(AES, aes, 256, ct)
+SPEED_EAX(AES, aes, 256, ct64)
+SPEED_EAX(AES, aes, 256, x86ni)
+SPEED_EAX(AES, aes, 256, pwr8)
+
+static void
+test_speed_shake_inner(int security_level)
+{
+ unsigned char buf[8192];
+ br_shake_context sc;
+ int i;
+ long num;
+
+ memset(buf, 'D', sizeof buf);
+ br_shake_init(&sc, security_level);
+ for (i = 0; i < 10; i ++) {
+ br_shake_inject(&sc, buf, sizeof buf);
+ }
+ num = 10;
+ for (;;) {
+ clock_t begin, end;
+ double tt;
+ long k;
+
+ begin = clock();
+ for (k = num; k > 0; k --) {
+ br_shake_inject(&sc, buf, sizeof buf);
+ }
+ end = clock();
+ tt = (double)(end - begin) / CLOCKS_PER_SEC;
+ if (tt >= 2.0) {
+ printf("SHAKE%-3d (inject) %8.2f MB/s\n",
+ security_level,
+ ((double)sizeof buf) * (double)num
+ / (tt * 1000000.0));
+ fflush(stdout);
+ break;
+ }
+ num <<= 1;
+ }
+
+ br_shake_flip(&sc);
+ for (i = 0; i < 10; i ++) {
+ br_shake_produce(&sc, buf, sizeof buf);
+ }
+
+ num = 10;
+ for (;;) {
+ clock_t begin, end;
+ double tt;
+ long k;
+
+ begin = clock();
+ for (k = num; k > 0; k --) {
+ br_shake_produce(&sc, buf, sizeof buf);
+ }
+ end = clock();
+ tt = (double)(end - begin) / CLOCKS_PER_SEC;
+ if (tt >= 2.0) {
+ printf("SHAKE%-3d (produce) %8.2f MB/s\n",
+ security_level,
+ ((double)sizeof buf) * (double)num
+ / (tt * 1000000.0));
+ fflush(stdout);
+ break;
+ }
+ num <<= 1;
+ }
+}
+
+static void
+test_speed_shake128(void)
+{
+ test_speed_shake_inner(128);
+}
+
+static void
+test_speed_shake256(void)
+{
+ test_speed_shake_inner(256);
+}
+
static const unsigned char RSA_N[] = {
0xE9, 0xF2, 0x4A, 0x2F, 0x96, 0xDF, 0x0A, 0x23,
0x01, 0x85, 0xF1, 0x2C, 0xB2, 0xA8, 0xEF, 0x23,
static void
test_speed_rsa_inner(char *name,
- br_rsa_public fpub, br_rsa_private fpriv)
+ br_rsa_public fpub, br_rsa_private fpriv, br_rsa_keygen kgen)
{
unsigned char tmp[sizeof RSA_N];
int i;
long num;
+ /*
+ br_hmac_drbg_context rng;
+ */
+ br_aesctr_drbg_context rng;
+ const br_block_ctr_class *ictr;
memset(tmp, 'R', sizeof tmp);
tmp[0] = 0;
}
num <<= 1;
}
+
+ if (kgen == 0) {
+ printf("%-30s KEYGEN UNAVAILABLE\n", name);
+ fflush(stdout);
+ return;
+ }
+ /*
+ br_hmac_drbg_init(&rng, &br_sha256_vtable, "RSA keygen seed", 15);
+ */
+ ictr = br_aes_x86ni_ctr_get_vtable();
+ if (ictr == NULL) {
+ ictr = br_aes_pwr8_ctr_get_vtable();
+ if (ictr == NULL) {
+#if BR_64
+ ictr = &br_aes_ct64_ctr_vtable;
+#else
+ ictr = &br_aes_ct_ctr_vtable;
+#endif
+ }
+ }
+ br_aesctr_drbg_init(&rng, ictr, "RSA keygen seed", 15);
+
+ num = 10;
+ for (;;) {
+ clock_t begin, end;
+ double tt;
+ long k;
+
+ begin = clock();
+ for (k = num; k > 0; k --) {
+ br_rsa_private_key sk;
+ unsigned char kbuf[BR_RSA_KBUF_PRIV_SIZE(1024)];
+
+ kgen(&rng.vtable, &sk, kbuf, NULL, NULL, 1024, 0);
+ }
+ end = clock();
+ tt = (double)(end - begin) / CLOCKS_PER_SEC;
+ if (tt >= 10.0) {
+ printf("%-30s %8.2f kgen[1024]/s\n", name,
+ (double)num / tt);
+ fflush(stdout);
+ break;
+ }
+ num <<= 1;
+ }
+
+ num = 10;
+ for (;;) {
+ clock_t begin, end;
+ double tt;
+ long k;
+
+ begin = clock();
+ for (k = num; k > 0; k --) {
+ br_rsa_private_key sk;
+ unsigned char kbuf[BR_RSA_KBUF_PRIV_SIZE(2048)];
+
+ kgen(&rng.vtable, &sk, kbuf, NULL, NULL, 2048, 0);
+ }
+ end = clock();
+ tt = (double)(end - begin) / CLOCKS_PER_SEC;
+ if (tt >= 10.0) {
+ printf("%-30s %8.2f kgen[2048]/s\n", name,
+ (double)num / tt);
+ fflush(stdout);
+ break;
+ }
+ num <<= 1;
+ }
}
static void
test_speed_rsa_i15(void)
{
test_speed_rsa_inner("RSA i15",
- &br_rsa_i15_public, &br_rsa_i15_private);
+ &br_rsa_i15_public, &br_rsa_i15_private, &br_rsa_i15_keygen);
}
static void
test_speed_rsa_i31(void)
{
test_speed_rsa_inner("RSA i31",
- &br_rsa_i31_public, &br_rsa_i31_private);
+ &br_rsa_i31_public, &br_rsa_i31_private, &br_rsa_i31_keygen);
}
static void
test_speed_rsa_i32(void)
{
test_speed_rsa_inner("RSA i32",
- &br_rsa_i32_public, &br_rsa_i32_private);
+ &br_rsa_i32_public, &br_rsa_i32_private, 0);
}
static void
{
br_rsa_public pub;
br_rsa_private priv;
+ br_rsa_keygen kgen;
pub = br_rsa_i62_public_get();
priv = br_rsa_i62_private_get();
+ kgen = br_rsa_i62_keygen_get();
if (pub) {
- test_speed_rsa_inner("RSA i62", pub, priv);
+ test_speed_rsa_inner("RSA i62", pub, priv, kgen);
} else {
printf("%-30s UNAVAILABLE\n", "RSA i62");
}
};
unsigned char tmp[60 + sizeof bp];
- uint32_t p[10], x[10], y[10], z[10], p0i;
+ uint32_t p[10], x[10], y[10], z[10], uu[30], p0i;
int i;
long num;
}
num <<= 1;
}
+
+ for (i = 0; i < 10; i ++) {
+ br_i31_moddiv(x, y, p, p0i, uu);
+ }
+ num = 10;
+ for (;;) {
+ clock_t begin, end;
+ double tt;
+ long k;
+
+ begin = clock();
+ for (k = num; k > 0; k --) {
+ br_i31_moddiv(x, y, p, p0i, uu);
+ }
+ end = clock();
+ tt = (double)(end - begin) / CLOCKS_PER_SEC;
+ if (tt >= 2.0) {
+ printf("%-30s %8.2f ops/s\n", "i31 moddiv",
+ (double)num / tt);
+ fflush(stdout);
+ break;
+ }
+ num <<= 1;
+ }
}
#if 0
STU(poly1305_ctmulq),
STU(poly1305_i15),
+ STU(eax_aes128_big),
+ STU(eax_aes192_big),
+ STU(eax_aes256_big),
+ STU(eax_aes128_small),
+ STU(eax_aes192_small),
+ STU(eax_aes256_small),
+ STU(eax_aes128_ct),
+ STU(eax_aes192_ct),
+ STU(eax_aes256_ct),
+ STU(eax_aes128_ct64),
+ STU(eax_aes192_ct64),
+ STU(eax_aes256_ct64),
+ STU(eax_aes128_x86ni),
+ STU(eax_aes192_x86ni),
+ STU(eax_aes256_x86ni),
+ STU(eax_aes128_pwr8),
+ STU(eax_aes192_pwr8),
+ STU(eax_aes256_pwr8),
+
+ STU(shake128),
+ STU(shake256),
+
STU(rsa_i15),
STU(rsa_i31),
STU(rsa_i32),
projects / BearSSL / blobdiff