Commit edfb12c0 authored by Niels Möller's avatar Niels Möller

Add benchmarking of OpenSSL's RSA functions.

parent 8760fa60
2013-04-25 Niels Möller <nisse@lysator.liu.se>
* examples/hogweed-benchmark.c: Add benchmarking of OpenSSL's RSA
functions.
2013-04-24 Niels Möller <nisse@lysator.liu.se> 2013-04-24 Niels Möller <nisse@lysator.liu.se>
* nettle.texinfo (Miscellaneous functions): Updated memxor * nettle.texinfo (Miscellaneous functions): Updated memxor
......
...@@ -48,9 +48,11 @@ ...@@ -48,9 +48,11 @@
#include "../gmp-glue.h" #include "../gmp-glue.h"
#if WITH_OPENSSL #if WITH_OPENSSL
#include <openssl/rsa.h>
#include <openssl/ec.h> #include <openssl/ec.h>
#include <openssl/ecdsa.h> #include <openssl/ecdsa.h>
#include <openssl/objects.h> #include <openssl/objects.h>
#include <openssl/err.h>
#endif #endif
#define BENCH_INTERVAL 0.1 #define BENCH_INTERVAL 0.1
...@@ -492,7 +494,64 @@ bench_ecdsa_clear (void *p) ...@@ -492,7 +494,64 @@ bench_ecdsa_clear (void *p)
} }
#if WITH_OPENSSL #if WITH_OPENSSL
struct openssl_ctx struct openssl_rsa_ctx
{
RSA *key;
unsigned char *ref;
unsigned char *signature;
unsigned int siglen;
uint8_t *digest;
};
static void *
bench_openssl_rsa_init (unsigned size)
{
struct openssl_rsa_ctx *ctx = xalloc (sizeof (*ctx));
ctx->key = RSA_generate_key (size, 65537, NULL, NULL);
ctx->ref = xalloc (RSA_size (ctx->key));
ctx->signature = xalloc (RSA_size (ctx->key));
ctx->digest = hash_string (&nettle_sha1, 3, "foo");
if (! RSA_sign (NID_sha1, ctx->digest, SHA1_DIGEST_SIZE,
ctx->ref, &ctx->siglen, ctx->key))
die ("OpenSSL RSA_sign failed: error = %ld.\n", ERR_get_error());
return ctx;
}
static void
bench_openssl_rsa_sign (void *p)
{
const struct openssl_rsa_ctx *ctx = (const struct openssl_rsa_ctx *) p;
unsigned siglen;
if (! RSA_sign (NID_sha1, ctx->digest, SHA1_DIGEST_SIZE,
ctx->signature, &siglen, ctx->key))
die ("OpenSSL RSA_sign failed: error = %ld.\n", ERR_get_error());
}
static void
bench_openssl_rsa_verify (void *p)
{
const struct openssl_rsa_ctx *ctx = (const struct openssl_rsa_ctx *) p;
if (! RSA_verify (NID_sha1, ctx->digest, SHA1_DIGEST_SIZE,
ctx->ref, ctx->siglen, ctx->key))
die ("OpenSSL RSA_verify failed: error = %ld.\n", ERR_get_error());
}
static void
bench_openssl_rsa_clear (void *p)
{
struct openssl_rsa_ctx *ctx = (struct openssl_rsa_ctx *) p;
RSA_free (ctx->key);
free (ctx->ref);
free (ctx->signature);
free (ctx->digest);
free (ctx);
}
struct openssl_ecdsa_ctx
{ {
EC_KEY *key; EC_KEY *key;
ECDSA_SIG *signature; ECDSA_SIG *signature;
...@@ -501,9 +560,9 @@ struct openssl_ctx ...@@ -501,9 +560,9 @@ struct openssl_ctx
}; };
static void * static void *
bench_openssl_init (unsigned size) bench_openssl_ecdsa_init (unsigned size)
{ {
struct openssl_ctx *ctx = xalloc (sizeof (*ctx)); struct openssl_ecdsa_ctx *ctx = xalloc (sizeof (*ctx));
/* Apparently, secp192r1 and secp256r1 are missing */ /* Apparently, secp192r1 and secp256r1 are missing */
switch (size) switch (size)
...@@ -551,26 +610,26 @@ bench_openssl_init (unsigned size) ...@@ -551,26 +610,26 @@ bench_openssl_init (unsigned size)
} }
static void static void
bench_openssl_sign (void *p) bench_openssl_ecdsa_sign (void *p)
{ {
const struct openssl_ctx *ctx = (const struct openssl_ctx *) p; const struct openssl_ecdsa_ctx *ctx = (const struct openssl_ecdsa_ctx *) p;
ECDSA_SIG *sig = ECDSA_do_sign (ctx->digest, ctx->digest_length, ctx->key); ECDSA_SIG *sig = ECDSA_do_sign (ctx->digest, ctx->digest_length, ctx->key);
ECDSA_SIG_free (sig); ECDSA_SIG_free (sig);
} }
static void static void
bench_openssl_verify (void *p) bench_openssl_ecdsa_verify (void *p)
{ {
const struct openssl_ctx *ctx = (const struct openssl_ctx *) p; const struct openssl_ecdsa_ctx *ctx = (const struct openssl_ecdsa_ctx *) p;
int res = ECDSA_do_verify (ctx->digest, ctx->digest_length, int res = ECDSA_do_verify (ctx->digest, ctx->digest_length,
ctx->signature, ctx->key); ctx->signature, ctx->key);
if (res != 1) if (res != 1)
die ("Openssl ECDSA_do_verify failed.\n"); die ("Openssl ECDSA_do_verify failed.\n");
} }
static void static void
bench_openssl_clear (void *p) bench_openssl_ecdsa_clear (void *p)
{ {
struct openssl_ctx *ctx = (struct openssl_ctx *) p; struct openssl_ecdsa_ctx *ctx = (struct openssl_ecdsa_ctx *) p;
ECDSA_SIG_free (ctx->signature); ECDSA_SIG_free (ctx->signature);
EC_KEY_free (ctx->key); EC_KEY_free (ctx->key);
free (ctx->digest); free (ctx->digest);
...@@ -581,6 +640,10 @@ bench_openssl_clear (void *p) ...@@ -581,6 +640,10 @@ bench_openssl_clear (void *p)
struct alg alg_list[] = { struct alg alg_list[] = {
{ "rsa", 1024, bench_rsa_init, bench_rsa_sign, bench_rsa_verify, bench_rsa_clear }, { "rsa", 1024, bench_rsa_init, bench_rsa_sign, bench_rsa_verify, bench_rsa_clear },
{ "rsa", 2048, bench_rsa_init, bench_rsa_sign, bench_rsa_verify, bench_rsa_clear }, { "rsa", 2048, bench_rsa_init, bench_rsa_sign, bench_rsa_verify, bench_rsa_clear },
#if WITH_OPENSSL
{ "rsa (openssl)", 1024, bench_openssl_rsa_init, bench_openssl_rsa_sign, bench_openssl_rsa_verify, bench_openssl_rsa_clear },
{ "rsa (openssl)", 2048, bench_openssl_rsa_init, bench_openssl_rsa_sign, bench_openssl_rsa_verify, bench_openssl_rsa_clear },
#endif
{ "dsa", 1024, bench_dsa_init, bench_dsa_sign, bench_dsa_verify, bench_dsa_clear }, { "dsa", 1024, bench_dsa_init, bench_dsa_sign, bench_dsa_verify, bench_dsa_clear },
#if 0 #if 0
{ "dsa",2048, bench_dsa_init, bench_dsa_sign, bench_dsa_verify, bench_dsa_clear }, { "dsa",2048, bench_dsa_init, bench_dsa_sign, bench_dsa_verify, bench_dsa_clear },
...@@ -591,9 +654,9 @@ struct alg alg_list[] = { ...@@ -591,9 +654,9 @@ struct alg alg_list[] = {
{ "ecdsa", 384, bench_ecdsa_init, bench_ecdsa_sign, bench_ecdsa_verify, bench_ecdsa_clear }, { "ecdsa", 384, bench_ecdsa_init, bench_ecdsa_sign, bench_ecdsa_verify, bench_ecdsa_clear },
{ "ecdsa", 521, bench_ecdsa_init, bench_ecdsa_sign, bench_ecdsa_verify, bench_ecdsa_clear }, { "ecdsa", 521, bench_ecdsa_init, bench_ecdsa_sign, bench_ecdsa_verify, bench_ecdsa_clear },
#if WITH_OPENSSL #if WITH_OPENSSL
{ "ecdsa (openssl)", 224, bench_openssl_init, bench_openssl_sign, bench_openssl_verify, bench_openssl_clear }, { "ecdsa (openssl)", 224, bench_openssl_ecdsa_init, bench_openssl_ecdsa_sign, bench_openssl_ecdsa_verify, bench_openssl_ecdsa_clear },
{ "ecdsa (openssl)", 384, bench_openssl_init, bench_openssl_sign, bench_openssl_verify, bench_openssl_clear }, { "ecdsa (openssl)", 384, bench_openssl_ecdsa_init, bench_openssl_ecdsa_sign, bench_openssl_ecdsa_verify, bench_openssl_ecdsa_clear },
{ "ecdsa (openssl)", 521, bench_openssl_init, bench_openssl_sign, bench_openssl_verify, bench_openssl_clear }, { "ecdsa (openssl)", 521, bench_openssl_ecdsa_init, bench_openssl_ecdsa_sign, bench_openssl_ecdsa_verify, bench_openssl_ecdsa_clear },
#endif #endif
}; };
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment