nettle-benchmark.c 17.6 KB
Newer Older
1
2
3
4
5
6
7
8
/* nettle-benchmark.c
 *
 * Tries the performance of the various algorithms.
 *
 */
 
/* nettle, low-level cryptographics library
 *
Niels Möller's avatar
Niels Möller committed
9
 * Copyright (C) 2001, 2010, 2014 Niels Möller
10
11
12
13
14
15
16
17
18
19
20
21
22
 *  
 * The nettle library is free software; you can redistribute it and/or modify
 * it under the terms of the GNU Lesser General Public License as published by
 * the Free Software Foundation; either version 2.1 of the License, or (at your
 * option) any later version.
 * 
 * The nettle library is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
 * License for more details.
 * 
 * You should have received a copy of the GNU Lesser General Public License
 * along with the nettle library; see the file COPYING.LIB.  If not, write to
23
24
 * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
 * MA 02111-1301, USA.
25
26
 */

27
28
#if HAVE_CONFIG_H
# include "config.h"
29
30
31
32
#endif

#include <assert.h>
#include <errno.h>
33
#include <math.h>
Niels Möller's avatar
Niels Möller committed
34
#include <stdarg.h>
35
36
37
38
39
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#include <time.h>
40

41
42
#include "timing.h"

43
#include "aes.h"
Niels Möller's avatar
Niels Möller committed
44
45
46
#include "arcfour.h"
#include "blowfish.h"
#include "cast128.h"
Niels Möller's avatar
Niels Möller committed
47
#include "cbc.h"
Niels Möller's avatar
Niels Möller committed
48
#include "ctr.h"
Niels Möller's avatar
Niels Möller committed
49
#include "des.h"
50
#include "eax.h"
Niels Möller's avatar
Niels Möller committed
51
#include "gcm.h"
52
#include "memxor.h"
53
#include "salsa20.h"
Niels Möller's avatar
Niels Möller committed
54
#include "serpent.h"
55
56
#include "sha1.h"
#include "sha2.h"
Niels Möller's avatar
Niels Möller committed
57
#include "sha3.h"
Niels Möller's avatar
Niels Möller committed
58
#include "twofish.h"
Niels Möller's avatar
Niels Möller committed
59
#include "umac.h"
60
#include "poly1305.h"
Niels Möller's avatar
Niels Möller committed
61

62
63
64
#include "nettle-meta.h"
#include "nettle-internal.h"

Niels Möller's avatar
Niels Möller committed
65
#include "getopt.h"
66

67
static double frequency = 0.0;
Niels Möller's avatar
Niels Möller committed
68

69
/* Process BENCH_BLOCK bytes at a time, for BENCH_INTERVAL seconds. */
70
#define BENCH_BLOCK 10240
71
#define BENCH_INTERVAL 0.1
Niels Möller's avatar
Niels Möller committed
72

73
74
/* FIXME: Proper configure test for rdtsc? */
#ifndef WITH_CYCLE_COUNTER
75
# if defined(__GNUC__) && (defined(__i386__) || defined(__x86_64__))
76
77
78
79
80
81
82
#  define WITH_CYCLE_COUNTER 1
# else
#  define WITH_CYCLE_COUNTER 0
# endif
#endif

#if WITH_CYCLE_COUNTER
83
# if defined(__i386__)
84
85
86
87
88
89
90
91
92
#define GET_CYCLE_COUNTER(hi, lo)		\
  __asm__("xorl %%eax,%%eax\n"			\
	  "movl %%ebx, %%edi\n"			\
	  "cpuid\n"				\
	  "rdtsc\n"				\
	  "movl %%edi, %%ebx\n"			\
	  : "=a" (lo), "=d" (hi)		\
	  : /* No inputs. */			\
	  : "%edi", "%ecx", "cc")
93
94
95
96
97
98
99
100
101
102
103
# elif defined(__x86_64__)
#define GET_CYCLE_COUNTER(hi, lo)		\
  __asm__("xorl %%eax,%%eax\n"			\
	  "mov %%rbx, %%r10\n"			\
	  "cpuid\n"				\
	  "rdtsc\n"				\
	  "mov %%r10, %%rbx\n"			\
	  : "=a" (lo), "=d" (hi)		\
	  : /* No inputs. */			\
	  : "%r10", "%rcx", "cc")
# endif
104
105
106
#define BENCH_ITERATIONS 10
#endif

107
static void NORETURN PRINTF_STYLE(1,2)
Niels Möller's avatar
Niels Möller committed
108
109
110
111
112
113
114
115
116
117
die(const char *format, ...)
{
  va_list args;
  va_start(args, format);
  vfprintf(stderr, format, args);
  va_end(args);

  exit(EXIT_FAILURE);
}

118
119
static double overhead = 0.0; 

120
/* Returns second per function call */
121
122
123
static double
time_function(void (*f)(void *arg), void *arg)
{
124
  unsigned ncalls;
125
126
  double elapsed;

127
  for (ncalls = 10 ;;)
128
    {
129
      unsigned i;
130
131

      time_start();
132
133
      for (i = 0; i < ncalls; i++)
	f(arg);
134
      elapsed = time_end();
135
136
137
138
139
140
      if (elapsed > BENCH_INTERVAL)
	break;
      else if (elapsed < BENCH_INTERVAL / 10)
	ncalls *= 10;
      else
	ncalls *= 2;
141
    }
142
143
144
145
146
147
148
  return elapsed / ncalls - overhead;
}

static void
bench_nothing(void *arg UNUSED)
{
  return;
149
150
}

151
152
153
154
struct bench_memxor_info
{
  uint8_t *dst;
  const uint8_t *src;
155
  const uint8_t *other;  
156
157
158
159
160
161
162
163
164
};

static void
bench_memxor(void *arg)
{
  struct bench_memxor_info *info = arg;
  memxor (info->dst, info->src, BENCH_BLOCK);
}

165
166
167
168
169
170
171
static void
bench_memxor3(void *arg)
{
  struct bench_memxor_info *info = arg;
  memxor3 (info->dst, info->src, info->other, BENCH_BLOCK);
}

172
173
174
struct bench_hash_info
{
  void *ctx;
175
  nettle_hash_update_func *update;
176
177
178
179
180
181
182
183
184
185
  const uint8_t *data;
};

static void
bench_hash(void *arg)
{
  struct bench_hash_info *info = arg;
  info->update(info->ctx, BENCH_BLOCK, info->data);
}

186
187
188
struct bench_cipher_info
{
  void *ctx;
189
  nettle_crypt_func *crypt;
190
191
192
193
194
195
196
  uint8_t *data;
};

static void
bench_cipher(void *arg)
{
  struct bench_cipher_info *info = arg;
197
  info->crypt(info->ctx, BENCH_BLOCK, info->data, info->data);
198
199
200
201
202
}

struct bench_cbc_info
{
  void *ctx;
203
  nettle_crypt_func *crypt;
204
 
205
  uint8_t *data;
206
  
207
208
209
210
211
212
213
214
  unsigned block_size;
  uint8_t *iv;
};

static void
bench_cbc_encrypt(void *arg)
{
  struct bench_cbc_info *info = arg;
215
216
217
  cbc_encrypt(info->ctx, info->crypt,
	      info->block_size, info->iv,
	      BENCH_BLOCK, info->data, info->data);
218
219
220
221
222
223
}

static void
bench_cbc_decrypt(void *arg)
{
  struct bench_cbc_info *info = arg;
224
225
226
  cbc_decrypt(info->ctx, info->crypt,
	      info->block_size, info->iv,
	      BENCH_BLOCK, info->data, info->data);
227
228
}

Niels Möller's avatar
Niels Möller committed
229
230
231
232
233
234
235
236
237
static void
bench_ctr(void *arg)
{
  struct bench_cbc_info *info = arg;
  ctr_crypt(info->ctx, info->crypt,
	    info->block_size, info->iv,
	    BENCH_BLOCK, info->data, info->data);
}

238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
struct bench_aead_info
{
  void *ctx;
  nettle_crypt_func *crypt;
  nettle_hash_update_func *update;
  uint8_t *data;
};

static void
bench_aead_crypt(void *arg)
{
  const struct bench_aead_info *info = arg;
  info->crypt (info->ctx, BENCH_BLOCK, info->data, info->data);
}

static void
bench_aead_update(void *arg)
{
  const struct bench_aead_info *info = arg;
  info->update (info->ctx, BENCH_BLOCK, info->data);
}

260
261
262
263
264
/* Set data[i] = floor(sqrt(i)) */
static void
init_data(uint8_t *data)
{
  unsigned i,j;
Niels Möller's avatar
Niels Möller committed
265
  for (i = j = 0; i<BENCH_BLOCK;  i++)
266
267
268
269
270
271
272
273
    {
      if (j*j < i)
	j++;
      data[i] = j;
    }
}

static void
Niels Möller's avatar
Niels Möller committed
274
275
init_key(unsigned length,
         uint8_t *key)
276
{
Niels Möller's avatar
Niels Möller committed
277
278
279
  unsigned i;
  for (i = 0; i<length; i++)
    key[i] = i;
280
281
}

282
283
284
285
286
287
288
289
290
static void
init_nonce(unsigned length,
	   uint8_t *nonce)
{
  unsigned i;
  for (i = 0; i<length; i++)
    nonce[i] = 3*i;
}

291
292
293
294
295
static void
header(void)
{
  printf("%18s %11s Mbyte/s%s\n",
	 "Algorithm", "mode", 
Niels Möller's avatar
Niels Möller committed
296
	 frequency > 0.0 ? " cycles/byte cycles/block" : "");  
297
298
}

Niels Möller's avatar
Niels Möller committed
299
static void
Niels Möller's avatar
Niels Möller committed
300
display(const char *name, const char *mode, unsigned block_size,
301
	double time)
Niels Möller's avatar
Niels Möller committed
302
{
303
  printf("%18s %11s %7.2f",
Niels Möller's avatar
Niels Möller committed
304
	 name, mode,
305
	 BENCH_BLOCK / (time * 1048576.0));
306
  if (frequency > 0.0)
Niels Möller's avatar
Niels Möller committed
307
    {
308
      printf(" %11.2f", time * frequency / BENCH_BLOCK);
Niels Möller's avatar
Niels Möller committed
309
      if (block_size > 0)
310
	printf(" %12.2f", time * frequency * block_size / BENCH_BLOCK);
Niels Möller's avatar
Niels Möller committed
311
    }
312
  printf("\n");
Niels Möller's avatar
Niels Möller committed
313
314
}

315
316
317
318
319
static void *
xalloc(size_t size)
{
  void *p = malloc(size);
  if (!p)
320
    die("Virtual memory exhausted.\n");
321
322
323
324

  return p;
}

325
326
327
328
329
330
331
332
333
334
335
336
static void
time_overhead(void)
{
  overhead = time_function(bench_nothing, NULL);
  printf("benchmark call overhead: %7f us", overhead * 1e6);
  if (frequency > 0.0)
    printf("%7.2f cycles\n", overhead * frequency);
  printf("\n");  
}



337
338
339
340
static void
time_memxor(void)
{
  struct bench_memxor_info info;
341
  uint8_t src[BENCH_BLOCK + sizeof(long)];
342
  uint8_t other[BENCH_BLOCK + sizeof(long)];
343
  uint8_t dst[BENCH_BLOCK];
344
345
346
347

  info.src = src;
  info.dst = dst;

348
349
  display ("memxor", "aligned", sizeof(unsigned long),
	   time_function(bench_memxor, &info));
350
  info.src = src + 1;
351
  display ("memxor", "unaligned", sizeof(unsigned long),
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
	   time_function(bench_memxor, &info));

  info.src = src;
  info.other = other;
  display ("memxor3", "aligned", sizeof(unsigned long),
	   time_function(bench_memxor3, &info));

  info.other = other + 1;
  display ("memxor3", "unaligned01", sizeof(unsigned long),
	   time_function(bench_memxor3, &info));
  info.src = src + 1;
  display ("memxor3", "unaligned11", sizeof(unsigned long),
	   time_function(bench_memxor3, &info));
  info.other = other + 2;
  display ("memxor3", "unaligned12", sizeof(unsigned long),
	   time_function(bench_memxor3, &info));  
368
369
}

370
371
372
373
374
static void
time_hash(const struct nettle_hash *hash)
{
  static uint8_t data[BENCH_BLOCK];
  struct bench_hash_info info;
375

376
  info.ctx = xalloc(hash->context_size); 
377
378
379
380
381
382
  info.update = hash->update;
  info.data = data;

  init_data(data);
  hash->init(info.ctx);

Niels Möller's avatar
Niels Möller committed
383
  display(hash->name, "update", hash->block_size,
384
	  time_function(bench_hash, &info));
385
386

  free(info.ctx);
387
388
}

Niels Möller's avatar
Niels Möller committed
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
static void
time_umac(void)
{
  static uint8_t data[BENCH_BLOCK];
  struct bench_hash_info info;
  struct umac32_ctx ctx32;
  struct umac64_ctx ctx64;
  struct umac96_ctx ctx96;
  struct umac128_ctx ctx128;
  
  uint8_t key[16];

  umac32_set_key (&ctx32, key);
  info.ctx = &ctx32;
  info.update = (nettle_hash_update_func *) umac32_update;
  info.data = data;

406
  display("umac32", "update", UMAC_DATA_SIZE,
Niels Möller's avatar
Niels Möller committed
407
408
409
410
411
412
413
	  time_function(bench_hash, &info));

  umac64_set_key (&ctx64, key);
  info.ctx = &ctx64;
  info.update = (nettle_hash_update_func *) umac64_update;
  info.data = data;

414
  display("umac64", "update", UMAC_DATA_SIZE,
Niels Möller's avatar
Niels Möller committed
415
416
417
418
419
420
421
	  time_function(bench_hash, &info));

  umac96_set_key (&ctx96, key);
  info.ctx = &ctx96;
  info.update = (nettle_hash_update_func *) umac96_update;
  info.data = data;

422
  display("umac96", "update", UMAC_DATA_SIZE,
Niels Möller's avatar
Niels Möller committed
423
424
425
426
427
428
429
	  time_function(bench_hash, &info));

  umac128_set_key (&ctx128, key);
  info.ctx = &ctx128;
  info.update = (nettle_hash_update_func *) umac128_update;
  info.data = data;

430
  display("umac128", "update", UMAC_DATA_SIZE,
Niels Möller's avatar
Niels Möller committed
431
432
433
	  time_function(bench_hash, &info));
}

434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
static void
time_poly1305_aes(void)
{
  static uint8_t data[BENCH_BLOCK];
  struct bench_hash_info info;
  struct poly1305_aes_ctx ctx;
  uint8_t key[32];

  poly1305_aes_set_key (&ctx, key);
  info.ctx = &ctx;
  info.update = (nettle_hash_update_func *) poly1305_aes_update;
  info.data = data;

  display("poly1305-aes", "update", 1024,
	  time_function(bench_hash, &info));
}

451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
static int
prefix_p(const char *prefix, const char *s)
{
  size_t i;
  for (i = 0; prefix[i]; i++)
    if (prefix[i] != s[i])
      return 0;
  return 1;
}

static int
block_cipher_p(const struct nettle_cipher *cipher)
{
  /* Don't use nettle cbc and ctr for openssl ciphers. */
  return cipher->block_size > 0 && !prefix_p("openssl", cipher->name);
}

Niels Möller's avatar
Niels Möller committed
468
static void
469
time_cipher(const struct nettle_cipher *cipher)
Niels Möller's avatar
Niels Möller committed
470
{
471
472
  void *ctx = xalloc(cipher->context_size);
  uint8_t *key = xalloc(cipher->key_size);
Niels Möller's avatar
Niels Möller committed
473

474
  static uint8_t data[BENCH_BLOCK];
Niels Möller's avatar
Niels Möller committed
475
476
477
478

  printf("\n");
  
  init_data(data);
479
480

  {
Niels Möller's avatar
Niels Möller committed
481
482
483
484
485
    /* Decent initializers are a GNU extension, so don't use it here. */
    struct bench_cipher_info info;
    info.ctx = ctx;
    info.crypt = cipher->encrypt;
    info.data = data;
486
    
Niels Möller's avatar
Niels Möller committed
487
    init_key(cipher->key_size, key);
488
    cipher->set_encrypt_key(ctx, key);
Niels Möller's avatar
Niels Möller committed
489

Niels Möller's avatar
Niels Möller committed
490
    display(cipher->name, "ECB encrypt", cipher->block_size,
Niels Möller's avatar
Niels Möller committed
491
	    time_function(bench_cipher, &info));
492
  }
Niels Möller's avatar
Niels Möller committed
493
  
494
  {
Niels Möller's avatar
Niels Möller committed
495
496
497
498
    struct bench_cipher_info info;
    info.ctx = ctx;
    info.crypt = cipher->decrypt;
    info.data = data;
499
    
Niels Möller's avatar
Niels Möller committed
500
    init_key(cipher->key_size, key);
501
    cipher->set_decrypt_key(ctx, key);
Niels Möller's avatar
Niels Möller committed
502

Niels Möller's avatar
Niels Möller committed
503
    display(cipher->name, "ECB decrypt", cipher->block_size,
Niels Möller's avatar
Niels Möller committed
504
	    time_function(bench_cipher, &info));
505
506
  }

507
  if (block_cipher_p(cipher))
Niels Möller's avatar
Niels Möller committed
508
    {
509
      uint8_t *iv = xalloc(cipher->block_size);
Niels Möller's avatar
Niels Möller committed
510
511
512
      
      /* Do CBC mode */
      {
Niels Möller's avatar
Niels Möller committed
513
514
515
516
517
518
        struct bench_cbc_info info;
	info.ctx = ctx;
	info.crypt = cipher->encrypt;
	info.data = data;
	info.block_size = cipher->block_size;
	info.iv = iv;
519
    
520
        memset(iv, 0, sizeof(cipher->block_size));
521
    
522
        cipher->set_encrypt_key(ctx, key);
523

Niels Möller's avatar
Niels Möller committed
524
	display(cipher->name, "CBC encrypt", cipher->block_size,
Niels Möller's avatar
Niels Möller committed
525
		time_function(bench_cbc_encrypt, &info));
Niels Möller's avatar
Niels Möller committed
526
      }
527

Niels Möller's avatar
Niels Möller committed
528
      {
Niels Möller's avatar
Niels Möller committed
529
530
531
532
533
534
        struct bench_cbc_info info;
	info.ctx = ctx;
	info.crypt = cipher->decrypt;
	info.data = data;
	info.block_size = cipher->block_size;
	info.iv = iv;
535
    
536
        memset(iv, 0, sizeof(cipher->block_size));
537

538
        cipher->set_decrypt_key(ctx, key);
539

Niels Möller's avatar
Niels Möller committed
540
	display(cipher->name, "CBC decrypt", cipher->block_size,
Niels Möller's avatar
Niels Möller committed
541
		time_function(bench_cbc_decrypt, &info));
Niels Möller's avatar
Niels Möller committed
542
      }
Niels Möller's avatar
Niels Möller committed
543
544
545
546
547
548
549
550
551
552

      /* Do CTR mode */
      {
        struct bench_cbc_info info;
	info.ctx = ctx;
	info.crypt = cipher->encrypt;
	info.data = data;
	info.block_size = cipher->block_size;
	info.iv = iv;
    
553
        memset(iv, 0, sizeof(cipher->block_size));
Niels Möller's avatar
Niels Möller committed
554
    
555
        cipher->set_encrypt_key(ctx, key);
Niels Möller's avatar
Niels Möller committed
556
557
558
559
560

	display(cipher->name, "CTR", cipher->block_size,
		time_function(bench_ctr, &info));	
      }
      
561
      free(iv);
Niels Möller's avatar
Niels Möller committed
562
    }
563
564
  free(ctx);
  free(key);
Niels Möller's avatar
Niels Möller committed
565
566
}

567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
static void
time_aead(const struct nettle_aead *aead)
{
  void *ctx = xalloc(aead->context_size);
  uint8_t *key = xalloc(aead->key_size);
  uint8_t *nonce = xalloc(aead->nonce_size);
  static uint8_t data[BENCH_BLOCK];

  printf("\n");
  
  init_data(data);
  if (aead->set_nonce)
    init_nonce (aead->nonce_size, nonce);

  {
    /* Decent initializers are a GNU extension, so don't use it here. */
    struct bench_aead_info info;
    info.ctx = ctx;
    info.crypt = aead->encrypt;
    info.data = data;
    
    init_key(aead->key_size, key);
    aead->set_encrypt_key(ctx, key);
    if (aead->set_nonce)
      aead->set_nonce (ctx, nonce);

    display(aead->name, "encrypt", aead->block_size,
	    time_function(bench_aead_crypt, &info));
  }
  
  {
    struct bench_aead_info info;
    info.ctx = ctx;
    info.crypt = aead->decrypt;
    info.data = data;
    
    init_key(aead->key_size, key);
    aead->set_decrypt_key(ctx, key);
    if (aead->set_nonce)
      aead->set_nonce (ctx, nonce);

    display(aead->name, "decrypt", aead->block_size,
	    time_function(bench_aead_crypt, &info));
  }

  if (aead->update)
    {
      struct bench_aead_info info;
      info.ctx = ctx;
      info.update = aead->update;
      info.data = data;

      aead->set_encrypt_key(ctx, key);

      if (aead->set_nonce)
	aead->set_nonce (ctx, nonce);
    
      display(aead->name, "update", aead->block_size,
	      time_function(bench_aead_update, &info));
    }
  free(ctx);
  free(key);
  free(nonce);
}

Niels Möller's avatar
Niels Möller committed
632
633
/* Try to get accurate cycle times for assembler functions. */
#if WITH_CYCLE_COUNTER
634
635
636
637
638
639
640
641
642
643
644
645
646
static int
compare_double(const void *ap, const void *bp)
{
  double a = *(const double *) ap;
  double b = *(const double *) bp;
  if (a < b)
    return -1;
  else if (a > b)
    return 1;
  else
    return 0;
}

Niels Möller's avatar
Niels Möller committed
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
#define TIME_CYCLES(t, code) do {				\
  double tc_count[5];						\
  uint32_t tc_start_lo, tc_start_hi, tc_end_lo, tc_end_hi;	\
  unsigned tc_i, tc_j;						\
  for (tc_j = 0; tc_j < 5; tc_j++)				\
    {								\
      tc_i = 0;							\
      GET_CYCLE_COUNTER(tc_start_hi, tc_start_lo);		\
      for (; tc_i < BENCH_ITERATIONS; tc_i++)			\
	{ code; }						\
								\
      GET_CYCLE_COUNTER(tc_end_hi, tc_end_lo);			\
								\
      tc_end_hi -= (tc_start_hi + (tc_start_lo > tc_end_lo));	\
      tc_end_lo -= tc_start_lo;					\
								\
      tc_count[tc_j] = ldexp(tc_end_hi, 32) + tc_end_lo;	\
    }								\
  qsort(tc_count, 5, sizeof(double), compare_double);		\
  (t) = tc_count[2] / BENCH_ITERATIONS;				\
} while (0)

669
670
671
672
static void
bench_sha1_compress(void)
{
  uint32_t state[_SHA1_DIGEST_LENGTH];
Niels Möller's avatar
Niels Möller committed
673
674
  uint8_t data[SHA1_DATA_SIZE];
  double t;
675

Niels Möller's avatar
Niels Möller committed
676
  TIME_CYCLES (t, _nettle_sha1_compress(state, data));
677

Niels Möller's avatar
Niels Möller committed
678
  printf("sha1_compress: %.2f cycles\n", t);  
679
680
}

681
682
683
684
static void
bench_salsa20_core(void)
{
  uint32_t state[_SALSA20_INPUT_LENGTH];
Niels Möller's avatar
Niels Möller committed
685
  double t;
686

Niels Möller's avatar
Niels Möller committed
687
688
689
  TIME_CYCLES (t, _nettle_salsa20_core(state, state, 20));
  printf("salsa20_core: %.2f cycles\n", t);  
}
690

Niels Möller's avatar
Niels Möller committed
691
692
693
694
695
static void
bench_sha3_permute(void)
{
  struct sha3_state state;
  double t;
696

Niels Möller's avatar
Niels Möller committed
697
698
  TIME_CYCLES (t, sha3_permute (&state));
  printf("sha3_permute: %.2f cycles (%.2f / round)\n", t, t / 24.0);
699
700
701
702
}
#else
#define bench_sha1_compress()
#define bench_salsa20_core()
Niels Möller's avatar
Niels Möller committed
703
#define bench_sha3_permute()
704
705
#endif

Niels Möller's avatar
Niels Möller committed
706
#if WITH_OPENSSL
707
708
709
710
# define OPENSSL(x) x,
#else
# define OPENSSL(x)
#endif
Niels Möller's avatar
Niels Möller committed
711
712

int
713
main(int argc, char **argv)
Niels Möller's avatar
Niels Möller committed
714
715
{
  unsigned i;
716
  int c;
717
  const char *alg;
718
719
720
721

  const struct nettle_hash *hashes[] =
    {
      &nettle_md2, &nettle_md4, &nettle_md5,
722
      OPENSSL(&nettle_openssl_md5)
723
      &nettle_sha1, OPENSSL(&nettle_openssl_sha1)
Niels Möller's avatar
Niels Möller committed
724
725
      &nettle_sha224, &nettle_sha256,
      &nettle_sha384, &nettle_sha512,
726
727
      &nettle_sha3_224, &nettle_sha3_256,
      &nettle_sha3_384, &nettle_sha3_512,
728
      &nettle_ripemd160, &nettle_gosthash94,
729
730
731
      NULL
    };

732
  const struct nettle_cipher *ciphers[] =
Niels Möller's avatar
Niels Möller committed
733
    {
734
      &nettle_aes128, &nettle_aes192, &nettle_aes256,
Niels Möller's avatar
Niels Möller committed
735
736
737
738
      OPENSSL(&nettle_openssl_aes128)
      OPENSSL(&nettle_openssl_aes192)
      OPENSSL(&nettle_openssl_aes256)
      &nettle_blowfish128, OPENSSL(&nettle_openssl_blowfish128)
Niels Möller's avatar
Niels Möller committed
739
      &nettle_camellia128, &nettle_camellia192, &nettle_camellia256,
740
741
742
      &nettle_cast128, OPENSSL(&nettle_openssl_cast128)
      &nettle_des, OPENSSL(&nettle_openssl_des)
      &nettle_des3,
743
744
      &nettle_serpent256,
      &nettle_twofish128, &nettle_twofish192, &nettle_twofish256,
745
746
747
748
749
750
751
752
753
754
755
756
      NULL
    };

  const struct nettle_aead *aeads[] =
    {
      &nettle_gcm_aes128,
      &nettle_gcm_aes192,
      &nettle_gcm_aes256,
      &nettle_gcm_camellia128,
      &nettle_gcm_camellia256,
      &nettle_eax_aes128,
      &nettle_chacha_poly1305,
757
      NULL
Niels Möller's avatar
Niels Möller committed
758
    };
759

760
761
762
763
764
765
766
767
768
769
  enum { OPT_HELP = 300 };
  static const struct option options[] =
    {
      /* Name, args, flag, val */
      { "help", no_argument, NULL, OPT_HELP },
      { "clock-frequency", required_argument, NULL, 'f' },
      { NULL, 0, NULL, 0 }
    };
  
  while ( (c = getopt_long(argc, argv, "f:", options, NULL)) != -1)
770
771
772
773
774
775
776
    switch (c)
      {
      case 'f':
	frequency = atof(optarg);
	if (frequency > 0.0)
	  break;

777
778
779
780
781
      case OPT_HELP:
	printf("Usage: nettle-benchmark [-f clock frequency] [alg]\n");
	return EXIT_SUCCESS;

      case '?':
782
783
784
785
786
787
	return EXIT_FAILURE;

      default:
	abort();
    }

788
  alg = argv[optind];
789

790
  time_init();
791
  bench_sha1_compress();
792
  bench_salsa20_core();
Niels Möller's avatar
Niels Möller committed
793
794
  bench_sha3_permute();
  printf("\n");
795
796
  time_overhead();

797
798
  header();

799
800
801
802
803
  if (!alg || strstr ("memxor", alg))
    {
      time_memxor();
      printf("\n");
    }
804
  
805
  for (i = 0; hashes[i]; i++)
806
807
    if (!alg || strstr(hashes[i]->name, alg))
      time_hash(hashes[i]);
Niels Möller's avatar
Niels Möller committed
808

Niels Möller's avatar
Niels Möller committed
809
810
811
  if (!alg || strstr ("umac", alg))
    time_umac();

812
813
814
  if (!alg || strstr ("poly1305-aes", alg))
    time_poly1305_aes();

815
  for (i = 0; ciphers[i]; i++)
816
817
818
    if (!alg || strstr(ciphers[i]->name, alg))
      time_cipher(ciphers[i]);

819
820
821
  for (i = 0; aeads[i]; i++)
    if (!alg || strstr(aeads[i]->name, alg))
      time_aead(aeads[i]);
Niels Möller's avatar
Niels Möller committed
822

823
824
  return 0;
}