|
Packit Service |
4684c1 |
/*
|
|
Packit Service |
4684c1 |
* Copyright (C) 2009-2012 Free Software Foundation, Inc.
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* This file is part of GnuTLS.
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* GnuTLS is free software: you can redistribute it and/or modify it
|
|
Packit Service |
4684c1 |
* under the terms of the GNU General Public License as published by
|
|
Packit Service |
4684c1 |
* the Free Software Foundation, either version 3 of the License, or
|
|
Packit Service |
4684c1 |
* (at your option) any later version.
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* GnuTLS is distributed in the hope that it will be useful, but
|
|
Packit Service |
4684c1 |
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Packit Service |
4684c1 |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Packit Service |
4684c1 |
* General Public License for more details.
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* You should have received a copy of the GNU General Public License
|
|
Packit Service |
4684c1 |
* along with this program. If not, see
|
|
Packit Service |
4684c1 |
* <https://www.gnu.org/licenses/>.
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* Written by Nikos Mavrogiannopoulos <nmav@gnutls.org>.
|
|
Packit Service |
4684c1 |
*/
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
#include <config.h>
|
|
Packit Service |
4684c1 |
#include <stdio.h>
|
|
Packit Service |
4684c1 |
#include <string.h>
|
|
Packit Service |
4684c1 |
#include <stdlib.h>
|
|
Packit Service |
4684c1 |
#include <unistd.h>
|
|
Packit Service |
4684c1 |
#include <gnutls/gnutls.h>
|
|
Packit Service |
4684c1 |
#include <gnutls/crypto.h>
|
|
Packit Service |
4684c1 |
#include <time.h>
|
|
Packit Service |
4684c1 |
#include <unistd.h>
|
|
Packit Service |
4684c1 |
#include <assert.h>
|
|
Packit Service |
4684c1 |
#include "benchmark.h"
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
static void tls_log_func(int level, const char *str)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
fprintf(stderr, "|<%d>| %s", level, str);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
static unsigned page_size = 4096;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
#define ALLOC(x) {x=malloc(step+64);assert(x!=NULL);}
|
|
Packit Service |
4684c1 |
#define ALLOCM(x, mem) {x=malloc(mem); assert(x!=NULL); assert(gnutls_rnd(GNUTLS_RND_NONCE, x, mem) >= 0);}
|
|
Packit Service |
4684c1 |
#define FREE(x) free(x)
|
|
Packit Service |
4684c1 |
#define INC(orig, x, s) x+=page_size; if ((x+step) >= (((unsigned char*)orig) + MAX_MEM)) { x = orig; }
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
#define MAX_MEM 64*1024*1024
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
static void cipher_mac_bench(int algo, int mac_algo, int size)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
int ret;
|
|
Packit Service |
4684c1 |
gnutls_cipher_hd_t ctx;
|
|
Packit Service |
4684c1 |
gnutls_hmac_hd_t mac_ctx;
|
|
Packit Service |
4684c1 |
void *_key, *_iv;
|
|
Packit Service |
4684c1 |
gnutls_datum_t key, iv;
|
|
Packit Service |
4684c1 |
int ivsize = gnutls_cipher_get_iv_size(algo);
|
|
Packit Service |
4684c1 |
int keysize = gnutls_cipher_get_key_size(algo);
|
|
Packit Service |
4684c1 |
int step = size * 1024;
|
|
Packit Service |
4684c1 |
struct benchmark_st st;
|
|
Packit Service |
4684c1 |
void *output, *input;
|
|
Packit Service |
4684c1 |
unsigned char c, *i;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
_key = malloc(keysize);
|
|
Packit Service |
4684c1 |
if (_key == NULL)
|
|
Packit Service |
4684c1 |
return;
|
|
Packit Service |
4684c1 |
memset(_key, 0xf0, keysize);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
_iv = malloc(ivsize);
|
|
Packit Service |
4684c1 |
if (_iv == NULL) {
|
|
Packit Service |
4684c1 |
free(_key);
|
|
Packit Service |
4684c1 |
return;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
memset(_iv, 0xf0, ivsize);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
iv.data = _iv;
|
|
Packit Service |
4684c1 |
iv.size = ivsize;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
key.data = _key;
|
|
Packit Service |
4684c1 |
key.size = keysize;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
assert(gnutls_rnd(GNUTLS_RND_NONCE, &c, 1) >= 0);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
printf("%19s-%s ", gnutls_cipher_get_name(algo),
|
|
Packit Service |
4684c1 |
gnutls_mac_get_name(mac_algo));
|
|
Packit Service |
4684c1 |
fflush(stdout);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ALLOCM(input, MAX_MEM);
|
|
Packit Service |
4684c1 |
ALLOC(output);
|
|
Packit Service |
4684c1 |
i = input;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
start_benchmark(&st);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ret = gnutls_hmac_init(&mac_ctx, mac_algo, key.data, key.size);
|
|
Packit Service |
4684c1 |
if (ret < 0) {
|
|
Packit Service |
4684c1 |
fprintf(stderr, "error: %s\n", gnutls_strerror(ret));
|
|
Packit Service |
4684c1 |
goto leave;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ret = gnutls_cipher_init(&ctx, algo, &key, &iv;;
|
|
Packit Service |
4684c1 |
if (ret < 0) {
|
|
Packit Service |
4684c1 |
fprintf(stderr, "error: %s\n", gnutls_strerror(ret));
|
|
Packit Service |
4684c1 |
goto leave;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
do {
|
|
Packit Service |
4684c1 |
gnutls_hmac(mac_ctx, i, step);
|
|
Packit Service |
4684c1 |
gnutls_cipher_encrypt2(ctx, i, step, output, step + 64);
|
|
Packit Service |
4684c1 |
st.size += step;
|
|
Packit Service |
4684c1 |
INC(input, i, step);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
while (benchmark_must_finish == 0);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
gnutls_cipher_deinit(ctx);
|
|
Packit Service |
4684c1 |
gnutls_hmac_deinit(mac_ctx, NULL);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
stop_benchmark(&st, NULL, 1);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
leave:
|
|
Packit Service |
4684c1 |
FREE(input);
|
|
Packit Service |
4684c1 |
FREE(output);
|
|
Packit Service |
4684c1 |
free(_key);
|
|
Packit Service |
4684c1 |
free(_iv);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
static void force_memcpy(void *dest, const void *src, size_t n)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
volatile unsigned volatile_zero = 0;
|
|
Packit Service |
4684c1 |
volatile char *vdest = (volatile char*)dest;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if (n > 0) {
|
|
Packit Service |
4684c1 |
do {
|
|
Packit Service |
4684c1 |
memcpy(dest, src, n);
|
|
Packit Service |
4684c1 |
} while(vdest[volatile_zero] != ((char*)src)[volatile_zero]);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
static void cipher_bench(int algo, int size, int aead)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
int ret;
|
|
Packit Service |
4684c1 |
gnutls_cipher_hd_t ctx;
|
|
Packit Service |
4684c1 |
void *_key, *_iv;
|
|
Packit Service |
4684c1 |
gnutls_aead_cipher_hd_t actx;
|
|
Packit Service |
4684c1 |
gnutls_datum_t key, iv;
|
|
Packit Service |
4684c1 |
int ivsize = gnutls_cipher_get_iv_size(algo);
|
|
Packit Service |
4684c1 |
int keysize = gnutls_cipher_get_key_size(algo);
|
|
Packit Service |
4684c1 |
int step = size * 1024;
|
|
Packit Service |
4684c1 |
void *input, *output;
|
|
Packit Service |
4684c1 |
struct benchmark_st st;
|
|
Packit Service |
4684c1 |
unsigned char c, *i;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
_key = malloc(keysize);
|
|
Packit Service |
4684c1 |
if (_key == NULL)
|
|
Packit Service |
4684c1 |
return;
|
|
Packit Service |
4684c1 |
memset(_key, 0xf0, keysize);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* For AES-XTS, the block and tweak key must be different */
|
|
Packit Service |
4684c1 |
if (algo == GNUTLS_CIPHER_AES_128_XTS ||
|
|
Packit Service |
4684c1 |
algo == GNUTLS_CIPHER_AES_256_XTS) {
|
|
Packit Service |
4684c1 |
memset((uint8_t *)_key + (keysize / 2), 0x0f, (keysize / 2));
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
_iv = malloc(ivsize);
|
|
Packit Service |
4684c1 |
if (_iv == NULL) {
|
|
Packit Service |
4684c1 |
free(_key);
|
|
Packit Service |
4684c1 |
return;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
memset(_iv, 0xf0, ivsize);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
iv.data = _iv;
|
|
Packit Service |
4684c1 |
iv.size = ivsize;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
key.data = _key;
|
|
Packit Service |
4684c1 |
key.size = keysize;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
printf("%24s ", gnutls_cipher_get_name(algo));
|
|
Packit Service |
4684c1 |
fflush(stdout);
|
|
Packit Service |
4684c1 |
assert(gnutls_rnd(GNUTLS_RND_NONCE, &c, 1) >= 0);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ALLOCM(input, MAX_MEM);
|
|
Packit Service |
4684c1 |
ALLOCM(output, step+64);
|
|
Packit Service |
4684c1 |
i = input;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
start_benchmark(&st);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if (algo == GNUTLS_CIPHER_NULL) {
|
|
Packit Service |
4684c1 |
do {
|
|
Packit Service |
4684c1 |
force_memcpy(output, i, step);
|
|
Packit Service |
4684c1 |
st.size += step;
|
|
Packit Service |
4684c1 |
INC(input, i, step);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
while (benchmark_must_finish == 0);
|
|
Packit Service |
4684c1 |
} else if (aead != 0) {
|
|
Packit Service |
4684c1 |
unsigned tag_size = gnutls_cipher_get_tag_size(algo);
|
|
Packit Service |
4684c1 |
size_t out_size;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ret = gnutls_aead_cipher_init(&actx, algo, &key);
|
|
Packit Service |
4684c1 |
if (ret < 0) {
|
|
Packit Service |
4684c1 |
fprintf(stderr, "error: %s\n", gnutls_strerror(ret));
|
|
Packit Service |
4684c1 |
goto leave;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
do {
|
|
Packit Service |
4684c1 |
out_size = step+64;
|
|
Packit Service |
4684c1 |
assert(gnutls_aead_cipher_encrypt(actx, iv.data, iv.size, NULL, 0, tag_size,
|
|
Packit Service |
4684c1 |
i, step, output, &out_size) >= 0);
|
|
Packit Service |
4684c1 |
st.size += step;
|
|
Packit Service |
4684c1 |
INC(input, i, step);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
while (benchmark_must_finish == 0);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
gnutls_aead_cipher_deinit(actx);
|
|
Packit Service |
4684c1 |
} else {
|
|
Packit Service |
4684c1 |
ret = gnutls_cipher_init(&ctx, algo, &key, &iv;;
|
|
Packit Service |
4684c1 |
if (ret < 0) {
|
|
Packit Service |
4684c1 |
fprintf(stderr, "error: %s\n", gnutls_strerror(ret));
|
|
Packit Service |
4684c1 |
goto leave;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
do {
|
|
Packit Service |
4684c1 |
gnutls_cipher_encrypt2(ctx, i, step, output, step + 64);
|
|
Packit Service |
4684c1 |
st.size += step;
|
|
Packit Service |
4684c1 |
INC(input, i, step);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
while (benchmark_must_finish == 0);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
gnutls_cipher_deinit(ctx);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
stop_benchmark(&st, NULL, 1);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
FREE(input);
|
|
Packit Service |
4684c1 |
FREE(output);
|
|
Packit Service |
4684c1 |
leave:
|
|
Packit Service |
4684c1 |
free(_key);
|
|
Packit Service |
4684c1 |
free(_iv);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
static void mac_bench(int algo, int size)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
void *_key;
|
|
Packit Service |
4684c1 |
int key_size = gnutls_hmac_get_key_size(algo);
|
|
Packit Service |
4684c1 |
int step = size * 1024;
|
|
Packit Service |
4684c1 |
struct benchmark_st st;
|
|
Packit Service |
4684c1 |
void *input;
|
|
Packit Service |
4684c1 |
unsigned char c, *i;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ALLOCM(input, MAX_MEM);
|
|
Packit Service |
4684c1 |
i = input;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
_key = malloc(key_size);
|
|
Packit Service |
4684c1 |
if (_key == NULL)
|
|
Packit Service |
4684c1 |
return;
|
|
Packit Service |
4684c1 |
memset(_key, 0xf0, key_size);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
printf("%16s ", gnutls_mac_get_name(algo));
|
|
Packit Service |
4684c1 |
fflush(stdout);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
assert(gnutls_rnd(GNUTLS_RND_NONCE, &c, 1) >= 0);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
start_benchmark(&st);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
do {
|
|
Packit Service |
4684c1 |
gnutls_hmac_fast(algo, _key, key_size, i, step, _key);
|
|
Packit Service |
4684c1 |
st.size += step;
|
|
Packit Service |
4684c1 |
INC(input, i, step);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
while (benchmark_must_finish == 0);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
stop_benchmark(&st, NULL, 1);
|
|
Packit Service |
4684c1 |
FREE(input);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
free(_key);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
void benchmark_cipher(int debug_level)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
int size = 16;
|
|
Packit Service |
4684c1 |
gnutls_global_set_log_function(tls_log_func);
|
|
Packit Service |
4684c1 |
gnutls_global_set_log_level(debug_level);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
#ifdef _SC_PAGESIZE
|
|
Packit Service |
4684c1 |
page_size = sysconf(_SC_PAGESIZE);
|
|
Packit Service |
4684c1 |
#endif
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
printf("Checking AEAD ciphers, payload size: %u\n", size * 1024);
|
|
Packit Service |
4684c1 |
cipher_bench(GNUTLS_CIPHER_AES_128_GCM, size, 1);
|
|
Packit Service |
4684c1 |
cipher_bench(GNUTLS_CIPHER_AES_128_CCM, size, 1);
|
|
Packit Service |
4684c1 |
cipher_bench(GNUTLS_CIPHER_CHACHA20_POLY1305, size, 1);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
printf("\nChecking cipher-MAC combinations, payload size: %u\n", size * 1024);
|
|
Packit Service |
4684c1 |
cipher_mac_bench(GNUTLS_CIPHER_SALSA20_256, GNUTLS_MAC_SHA1, size);
|
|
Packit Service |
4684c1 |
cipher_mac_bench(GNUTLS_CIPHER_AES_128_CBC, GNUTLS_MAC_SHA1, size);
|
|
Packit Service |
4684c1 |
cipher_mac_bench(GNUTLS_CIPHER_AES_128_CBC, GNUTLS_MAC_SHA256,
|
|
Packit Service |
4684c1 |
size);
|
|
Packit Service |
4684c1 |
#ifdef ENABLE_GOST
|
|
Packit Service |
4684c1 |
cipher_mac_bench(GNUTLS_CIPHER_GOST28147_TC26Z_CNT, GNUTLS_MAC_GOST28147_TC26Z_IMIT,
|
|
Packit Service |
4684c1 |
size);
|
|
Packit Service |
4684c1 |
#endif
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
printf("\nChecking MAC algorithms, payload size: %u\n", size * 1024);
|
|
Packit Service |
4684c1 |
mac_bench(GNUTLS_MAC_SHA1, size);
|
|
Packit Service |
4684c1 |
mac_bench(GNUTLS_MAC_SHA256, size);
|
|
Packit Service |
4684c1 |
mac_bench(GNUTLS_MAC_SHA512, size);
|
|
Packit Service |
4684c1 |
#ifdef ENABLE_GOST
|
|
Packit Service |
4684c1 |
mac_bench(GNUTLS_MAC_GOST28147_TC26Z_IMIT, size);
|
|
Packit Service |
4684c1 |
mac_bench(GNUTLS_MAC_GOSTR_94, size);
|
|
Packit Service |
4684c1 |
mac_bench(GNUTLS_MAC_STREEBOG_512, size);
|
|
Packit Service |
4684c1 |
#endif
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
printf("\nChecking ciphers, payload size: %u\n", size * 1024);
|
|
Packit Service |
4684c1 |
cipher_bench(GNUTLS_CIPHER_3DES_CBC, size, 0);
|
|
Packit Service |
4684c1 |
cipher_bench(GNUTLS_CIPHER_AES_128_CBC, size, 0);
|
|
Packit Service |
4684c1 |
cipher_bench(GNUTLS_CIPHER_AES_128_XTS, size, 0);
|
|
Packit Service |
4684c1 |
cipher_bench(GNUTLS_CIPHER_AES_256_XTS, size, 0);
|
|
Packit Service |
4684c1 |
cipher_bench(GNUTLS_CIPHER_SALSA20_256, size, 0);
|
|
Packit Service |
4684c1 |
cipher_bench(GNUTLS_CIPHER_NULL, size, 1);
|
|
Packit Service |
4684c1 |
#ifdef ENABLE_GOST
|
|
Packit Service |
4684c1 |
cipher_bench(GNUTLS_CIPHER_GOST28147_TC26Z_CNT, size, 0);
|
|
Packit Service |
4684c1 |
#endif
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
gnutls_global_deinit();
|
|
Packit Service |
4684c1 |
}
|