Merge branch 'openssl-bench-update'

2707d5a8 · Niels Möller · f1a07b86 · d78c3266 · 2707d5a8 · 2707d5a8
Commit 2707d5a8 authored Aug 29, 2017 by Niels Möller
--- a/ChangeLog
+++ b/ChangeLog
@@ -13,6 +13,25 @@
 	* ecc-mod-inv.c (ecc_mod_inv): Add missing assert. Fixes a
 	"dead increment" warning from the clang static analyzer.

+2017-08-26  Niels Möller  <nisse@lysator.liu.se>
+
+	* examples/nettle-openssl.c (struct openssl_cipher_ctx): New
+	struct. Use everywhere, instead of typing EVP_CIPHER_CTX pointers
+	directly.
+
+	* configure.ac: Update openssl-related tests. Checks for
+	cipher-specific headers are replaced by a check for openssl/evp.h,
+	and the check for the BF_ecb_encrypt function is replaced by a
+	check for EVP_CIPHER_CTX_new.
+
+2017-08-03  Daniel P. Berrange  <berrange@redhat.com>
+
+	* examples/nettle-openssl.c: Rewritten to use openssl's EVP APIs.
+	The older cipher-specific functions always use openssl's generic
+	software implementation, while the EVP functions enables
+	platform-specific code, e.g., using the x86 AES-NI instructions.
+	(nettle_openssl_init): New function.
+
 2017-07-18  Niels Möller  <nisse@lysator.liu.se>

 	* ecc-add-eh.c (ecc_add_eh): Fix in-place operation by reordering

--- a/configure.ac
+++ b/configure.ac
@@ -185,7 +185,7 @@ AC_HEADER_TIME
 AC_CHECK_SIZEOF(long)
 AC_CHECK_SIZEOF(size_t)

-AC_CHECK_HEADERS([openssl/blowfish.h openssl/des.h openssl/cast.h openssl/aes.h openssl/ecdsa.h],,
+AC_CHECK_HEADERS([openssl/evp.h openssl/ecdsa.h],,
 [enable_openssl=no
 break])

@@ -885,7 +885,7 @@ OPENSSL_LIBFLAGS=''

 # Check for openssl's libcrypto (used only for benchmarking)
 if test x$enable_openssl = xyes ; then
-  AC_CHECK_LIB(crypto, BF_ecb_encrypt,
+  AC_CHECK_LIB(crypto, EVP_CIPHER_CTX_new,
    [OPENSSL_LIBFLAGS='-lcrypto'],
    [enable_openssl=no])
 fi

--- a/examples/nettle-benchmark.c
+++ b/examples/nettle-benchmark.c
@@ -723,6 +723,10 @@ main(int argc, char **argv)
  int c;
  const char *alg;

+#if WITH_OPENSSL
+  nettle_openssl_init();
+#endif
+
  const struct nettle_hash *hashes[] =
    {
      &nettle_md2, &nettle_md4, &nettle_md5,

--- a/examples/nettle-openssl.c
+++ b/examples/nettle-openssl.c
@@ -2,7 +2,8 @@

   Glue that's used only by the benchmark, and subject to change.

-   Copyright (C) 2002 Niels Möller
+   Copyright (C) 2002, 2017 Niels Möller
+   Copyright (C) 2017 Red Hat, Inc.

   This file is part of GNU Nettle.

@@ -45,17 +46,69 @@

 #include <assert.h>

-#include <openssl/aes.h>
-#include <openssl/blowfish.h>
-#include <openssl/des.h>
-#include <openssl/cast.h>
-#include <openssl/rc4.h>
+#include <openssl/conf.h>
+#include <openssl/evp.h>
+#include <openssl/err.h>

 #include <openssl/md5.h>
 #include <openssl/sha.h>

 #include "nettle-internal.h"

+/* We use Openssl's EVP api for all openssl ciphers. This API selects
+   platform-specific implementations if appropriate, e.g., using x86
+   AES-NI instructions. */
+struct openssl_cipher_ctx {
+  EVP_CIPHER_CTX *evp;
+};
+
+void
+nettle_openssl_init(void)
+{
+  ERR_load_crypto_strings();
+  OpenSSL_add_all_algorithms();
+#if OPENSSL_VERSION_NUMBER >= 0x1010000
+  CONF_modules_load_file(NULL, NULL, 0);
+#else
+  OPENSSL_config(NULL);
+#endif
+}
+
+static void
+openssl_evp_set_encrypt_key(void *p, const uint8_t *key,
+			    const EVP_CIPHER *cipher)
+{
+  struct openssl_cipher_ctx *ctx = p;
+  ctx->evp = EVP_CIPHER_CTX_new();
+  assert(EVP_EncryptInit_ex(ctx->evp, cipher, NULL, key, NULL) == 1);
+  EVP_CIPHER_CTX_set_padding(ctx->evp, 0);
+}
+static void
+openssl_evp_set_decrypt_key(void *p, const uint8_t *key,
+			    const EVP_CIPHER *cipher)
+{
+  struct openssl_cipher_ctx *ctx = p;
+  ctx->evp = EVP_CIPHER_CTX_new();
+  assert(EVP_DecryptInit_ex(ctx->evp, cipher, NULL, key, NULL) == 1);
+  EVP_CIPHER_CTX_set_padding(ctx->evp, 0);
+}
+
+static void
+openssl_evp_encrypt(const void *p, size_t length,
+		    uint8_t *dst, const uint8_t *src)
+{
+  const struct openssl_cipher_ctx *ctx = p;
+  int len;
+  assert(EVP_EncryptUpdate(ctx->evp, dst, &len, src, length) == 1);
+}
+static void
+openssl_evp_decrypt(const void *p, size_t length,
+		    uint8_t *dst, const uint8_t *src)
+{
+  const struct openssl_cipher_ctx *ctx = p;
+  int len;
+  assert(EVP_DecryptUpdate(ctx->evp, dst, &len, src, length) == 1);
+}

 /* AES */
 static nettle_set_key_func openssl_aes128_set_encrypt_key;
@@ -64,273 +117,152 @@ static nettle_set_key_func openssl_aes192_set_encrypt_key;
 static nettle_set_key_func openssl_aes192_set_decrypt_key;
 static nettle_set_key_func openssl_aes256_set_encrypt_key;
 static nettle_set_key_func openssl_aes256_set_decrypt_key;
+
 static void
 openssl_aes128_set_encrypt_key(void *ctx, const uint8_t *key)
 {
-  AES_set_encrypt_key(key, 128, ctx);
+  openssl_evp_set_encrypt_key(ctx, key, EVP_aes_128_ecb());
 }
 static void
 openssl_aes128_set_decrypt_key(void *ctx, const uint8_t *key)
 {
-  AES_set_decrypt_key(key, 128, ctx);
+  openssl_evp_set_decrypt_key(ctx, key, EVP_aes_128_ecb());
 }

 static void
 openssl_aes192_set_encrypt_key(void *ctx, const uint8_t *key)
 {
-  AES_set_encrypt_key(key, 192, ctx);
+  openssl_evp_set_encrypt_key(ctx, key, EVP_aes_192_ecb());
 }
 static void
 openssl_aes192_set_decrypt_key(void *ctx, const uint8_t *key)
 {
-  AES_set_decrypt_key(key, 192, ctx);
+  openssl_evp_set_decrypt_key(ctx, key, EVP_aes_192_ecb());
 }

 static void
 openssl_aes256_set_encrypt_key(void *ctx, const uint8_t *key)
 {
-  AES_set_encrypt_key(key, 256, ctx);
+  openssl_evp_set_encrypt_key(ctx, key, EVP_aes_256_ecb());
 }
 static void
 openssl_aes256_set_decrypt_key(void *ctx, const uint8_t *key)
 {
-  AES_set_decrypt_key(key, 256, ctx);
-}
-
-static nettle_cipher_func openssl_aes_encrypt;
-static void
-openssl_aes_encrypt(const void *ctx, size_t length,
-		    uint8_t *dst, const uint8_t *src)
-{
-  assert (!(length % AES_BLOCK_SIZE));
-  while (length)
-    {
-      AES_ecb_encrypt(src, dst, ctx, AES_ENCRYPT);
-      length -= AES_BLOCK_SIZE;
-      dst += AES_BLOCK_SIZE;
-      src += AES_BLOCK_SIZE;
-    }
-}
-
-static nettle_cipher_func openssl_aes_decrypt;
-static void
-openssl_aes_decrypt(const void *ctx, size_t length,
-		    uint8_t *dst, const uint8_t *src)
-{
-  assert (!(length % AES_BLOCK_SIZE));
-  while (length)
-    {
-      AES_ecb_encrypt(src, dst, ctx, AES_DECRYPT);
-      length -= AES_BLOCK_SIZE;
-      dst += AES_BLOCK_SIZE;
-      src += AES_BLOCK_SIZE;
-    }
+  openssl_evp_set_decrypt_key(ctx, key, EVP_aes_256_ecb());
 }

 const struct nettle_cipher
 nettle_openssl_aes128 = {
-  "openssl aes128", sizeof(AES_KEY),
+  "openssl aes128", sizeof(struct openssl_cipher_ctx),
  16, 16,
  openssl_aes128_set_encrypt_key, openssl_aes128_set_decrypt_key,
-  openssl_aes_encrypt, openssl_aes_decrypt
+  openssl_evp_encrypt, openssl_evp_decrypt
 };

 const struct nettle_cipher
 nettle_openssl_aes192 = {
-  "openssl aes192", sizeof(AES_KEY),
-  /* Claim no block size, so that the benchmark doesn't try CBC mode
-   * (as openssl cipher + nettle cbc is somewhat pointless to
-   * benchmark). */
+  "openssl aes192", sizeof(struct openssl_cipher_ctx),
  16, 24,
  openssl_aes192_set_encrypt_key, openssl_aes192_set_decrypt_key,
-  openssl_aes_encrypt, openssl_aes_decrypt
+  openssl_evp_encrypt, openssl_evp_decrypt
 };

 const struct nettle_cipher
 nettle_openssl_aes256 = {
-  "openssl aes256", sizeof(AES_KEY),
-  /* Claim no block size, so that the benchmark doesn't try CBC mode
-   * (as openssl cipher + nettle cbc is somewhat pointless to
-   * benchmark). */
+  "openssl aes256", sizeof(struct openssl_cipher_ctx),
  16, 32,
  openssl_aes256_set_encrypt_key, openssl_aes256_set_decrypt_key,
-  openssl_aes_encrypt, openssl_aes_decrypt
+  openssl_evp_encrypt, openssl_evp_decrypt
 };

 /* Arcfour */
-static nettle_set_key_func openssl_arcfour128_set_key;
 static void
-openssl_arcfour128_set_key(void *ctx, const uint8_t *key)
+openssl_arcfour128_set_encrypt_key(void *ctx, const uint8_t *key)
 {
-  RC4_set_key(ctx, 16, key);
+  openssl_evp_set_encrypt_key(ctx, key, EVP_rc4());
 }

-static nettle_crypt_func openssl_arcfour_crypt;
 static void
-openssl_arcfour_crypt(void *ctx, size_t length,
-		      uint8_t *dst, const uint8_t *src)
+openssl_arcfour128_set_decrypt_key(void *ctx, const uint8_t *key)
 {
-  RC4(ctx, length, src, dst);
+  openssl_evp_set_decrypt_key(ctx, key, EVP_rc4());
 }

 const struct nettle_aead
 nettle_openssl_arcfour128 = {
-  "openssl arcfour128", sizeof(RC4_KEY),
+  "openssl arcfour128", sizeof(struct openssl_cipher_ctx),
  1, 16, 0, 0,
-  openssl_arcfour128_set_key,
-  openssl_arcfour128_set_key,
+  openssl_arcfour128_set_encrypt_key,
+  openssl_arcfour128_set_decrypt_key,
  NULL, NULL,
-  openssl_arcfour_crypt,
-  openssl_arcfour_crypt,
+  (nettle_crypt_func *)openssl_evp_encrypt,
+  (nettle_crypt_func *)openssl_evp_decrypt,
  NULL,  
 };

 /* Blowfish */
-static nettle_set_key_func openssl_bf128_set_key;
 static void
-openssl_bf128_set_key(void *ctx, const uint8_t *key)
+openssl_bf128_set_encrypt_key(void *ctx, const uint8_t *key)
 {
-  BF_set_key(ctx, 16, key);
+  openssl_evp_set_encrypt_key(ctx, key, EVP_bf_ecb());
 }

-static nettle_cipher_func openssl_bf_encrypt;
 static void
-openssl_bf_encrypt(const void *ctx, size_t length,
-		   uint8_t *dst, const uint8_t *src)
+openssl_bf128_set_decrypt_key(void *ctx, const uint8_t *key)
 {
-  assert (!(length % BF_BLOCK));
-  while (length)
-    {
-      BF_ecb_encrypt(src, dst, ctx, BF_ENCRYPT);
-      length -= BF_BLOCK;
-      dst += BF_BLOCK;
-      src += BF_BLOCK;
-    }
-}
-
-static nettle_cipher_func openssl_bf_decrypt;
-static void
-openssl_bf_decrypt(const void *ctx, size_t length,
-		   uint8_t *dst, const uint8_t *src)
-{
-  assert (!(length % BF_BLOCK));
-  while (length)
-    {
-      BF_ecb_encrypt(src, dst, ctx, BF_DECRYPT);
-      length -= BF_BLOCK;
-      dst += BF_BLOCK;
-      src += BF_BLOCK;
-    }
+  openssl_evp_set_decrypt_key(ctx, key, EVP_bf_ecb());
 }

 const struct nettle_cipher
 nettle_openssl_blowfish128 = {
-  "openssl bf128", sizeof(BF_KEY),
+  "openssl bf128", sizeof(struct openssl_cipher_ctx),
  8, 16,
-  openssl_bf128_set_key, openssl_bf128_set_key,
-  openssl_bf_encrypt, openssl_bf_decrypt
+  openssl_bf128_set_encrypt_key, openssl_bf128_set_decrypt_key,
+  openssl_evp_encrypt, openssl_evp_decrypt
 };


 /* DES */
-static nettle_set_key_func openssl_des_set_key;
-static void
-openssl_des_set_key(void *ctx, const uint8_t *key)
-{
-  /* Not sure what "unchecked" means. We want to ignore parity bits,
-     but it would still make sense to check for weak keys. */
-  /* Explicit cast used as I don't want to care about openssl's broken
-     array typedefs DES_cblock and const_DES_cblock. */
-  DES_set_key_unchecked( (void *) key, ctx);
-}
-
-#define DES_BLOCK_SIZE 8
-
-static nettle_cipher_func openssl_des_encrypt;
 static void
-openssl_des_encrypt(const void *ctx, size_t length,
-		    uint8_t *dst, const uint8_t *src)
+openssl_des_set_encrypt_key(void *ctx, const uint8_t *key)
 {
-  assert (!(length % DES_BLOCK_SIZE));
-  while (length)
-    {
-      DES_ecb_encrypt((void *) src, (void *) dst,
-		      (void *) ctx, DES_ENCRYPT);
-      length -= DES_BLOCK_SIZE;
-      dst += DES_BLOCK_SIZE;
-      src += DES_BLOCK_SIZE;
-    }
+  openssl_evp_set_encrypt_key(ctx, key, EVP_des_ecb());
 }

-static nettle_cipher_func openssl_des_decrypt;
 static void
-openssl_des_decrypt(const void *ctx, size_t length,
-		    uint8_t *dst, const uint8_t *src)
+openssl_des_set_decrypt_key(void *ctx, const uint8_t *key)
 {
-  assert (!(length % DES_BLOCK_SIZE));
-  while (length)
-    {
-      DES_ecb_encrypt((void *) src, (void *) dst,
-		      (void *) ctx, DES_DECRYPT);
-      length -= DES_BLOCK_SIZE;
-      dst += DES_BLOCK_SIZE;
-      src += DES_BLOCK_SIZE;
-    }
+  openssl_evp_set_decrypt_key(ctx, key, EVP_des_ecb());
 }

 const struct nettle_cipher
 nettle_openssl_des = {
-  "openssl des", sizeof(DES_key_schedule),
+  "openssl des", sizeof(struct openssl_cipher_ctx),
  8, 8,
-  openssl_des_set_key, openssl_des_set_key,
-  openssl_des_encrypt, openssl_des_decrypt
+  openssl_des_set_encrypt_key, openssl_des_set_decrypt_key,
+  openssl_evp_encrypt, openssl_evp_decrypt
 };


 /* Cast128 */
-static nettle_set_key_func openssl_cast128_set_key;
 static void
-openssl_cast128_set_key(void *ctx, const uint8_t *key)
+openssl_cast128_set_encrypt_key(void *ctx, const uint8_t *key)
 {
-  CAST_set_key(ctx, 16, key);
+  openssl_evp_set_encrypt_key(ctx, key, EVP_cast5_ecb());
 }

-static nettle_cipher_func openssl_cast_encrypt;
 static void
-openssl_cast_encrypt(const void *ctx, size_t length,
-		     uint8_t *dst, const uint8_t *src)
+openssl_cast128_set_decrypt_key(void *ctx, const uint8_t *key)
 {
-  assert (!(length % CAST_BLOCK));
-  while (length)
-    {
-      CAST_ecb_encrypt(src, dst, ctx, CAST_ENCRYPT);
-      length -= CAST_BLOCK;
-      dst += CAST_BLOCK;
-      src += CAST_BLOCK;
-    }
-}
-
-static nettle_cipher_func openssl_cast_decrypt;
-static void
-openssl_cast_decrypt(const void *ctx, size_t length,
-		     uint8_t *dst, const uint8_t *src)
-{
-  assert (!(length % CAST_BLOCK));
-  while (length)
-    {
-      CAST_ecb_encrypt(src, dst, ctx, CAST_DECRYPT);
-      length -= CAST_BLOCK;
-      dst += CAST_BLOCK;
-      src += CAST_BLOCK;
-    }
+  openssl_evp_set_decrypt_key(ctx, key, EVP_cast5_ecb());
 }

 const struct nettle_cipher
 nettle_openssl_cast128 = {
-  "openssl cast128", sizeof(CAST_KEY),
-  8, CAST_KEY_LENGTH,
-  openssl_cast128_set_key, openssl_cast128_set_key,
-  openssl_cast_encrypt, openssl_cast_decrypt
+  "openssl cast128", sizeof(struct openssl_cipher_ctx),
+  8, 16,
+  openssl_cast128_set_encrypt_key, openssl_cast128_set_decrypt_key,
+  openssl_evp_encrypt, openssl_evp_decrypt
 };

 /* Hash functions */

--- a/nettle-internal.h
+++ b/nettle-internal.h
@@ -79,6 +79,7 @@ extern const struct nettle_aead nettle_salsa20r12;

 /* Glue to openssl, for comparative benchmarking. Code in
 * examples/nettle-openssl.c. */
+extern void nettle_openssl_init(void);
 extern const struct nettle_cipher nettle_openssl_aes128;
 extern const struct nettle_cipher nettle_openssl_aes192;
 extern const struct nettle_cipher nettle_openssl_aes256;