From: Loup Vaillant <loup@loup-vaillant.fr>
Date: Sun, 6 Aug 2017 16:59:09 +0000 (+0200)
Subject: added ed25519-donna speed benchmark
X-Git-Url: https://git.codecow.com/?a=commitdiff_plain;h=8883cfcb1ba3a9aeee9694d9cc6916f961a99c1d;p=Monocypher.git

added ed25519-donna speed benchmark
---

diff --git a/makefile b/makefile
index df5043d..b6d30db 100644
--- a/makefile
+++ b/makefile
@@ -64,7 +64,7 @@ sodium: tests/sodium.c bin/rename_monocypher.o bin/rename_sha512.o
 	$(CC) $(CFLAGS) -o $@ $^ $(C_SODIUM_FLAGS) $(LD_SODIUM_FLAGS)
 
 # Speed benchmark
-speed: tests/speed.c bin/rename_monocypher.o bin/rename_sha512.o bin/tweetnacl.o bin/poly-donna.o
+speed: tests/speed.c bin/rename_monocypher.o bin/tweetnacl.o bin/poly-donna.o bin/ed25519-donna.o bin/rename_sha512.o
 	$(CC) $(CFLAGS) -o $@ $^ $(C_SODIUM_FLAGS) $(LD_SODIUM_FLAGS)
 
 bin/tweetnacl.o: tests/tweetnacl/tweetnacl.c tests/tweetnacl/tweetnacl.h
@@ -75,6 +75,10 @@ bin/poly-donna.o: tests/poly1305-donna/poly1305-donna.c \
                   tests/poly1305-donna/poly1305-donna-32.h
 	$(CC) $(CFLAGS) -o $@ -c $< -DPOLY1305_32BIT
 
+bin/ed25519-donna.o: tests/ed25519-donna/ed25519.c
+	@mkdir -p $(@D)
+	$(CC) $(CFLAGS) -o $@ -c $< -DED25519_CUSTOMHASH -DED25519_SHA512 -DED25519_TEST -DED25519_NO_INLINE_ASM -DED25519_FORCE_32BIT
+
 # Test edDSA/blake2b by comparing with the donna implementation
 # Note: we're using Blake2b, the default hash for monocypher edDSA
 donna: tests/donna.c bin/classic_monocypher.o bin/donna.o
diff --git a/tests/ed25519-donna/ed25519-hash-custom.h b/tests/ed25519-donna/ed25519-hash-custom.h
index 8dc3771..c73f637 100644
--- a/tests/ed25519-donna/ed25519-hash-custom.h
+++ b/tests/ed25519-donna/ed25519-hash-custom.h
@@ -1,24 +1,38 @@
 #include "monocypher.h"
 
+
+#ifdef ED25519_SHA512
+    #include "rename_sha512.h"
+    #define HASH rename_sha512
+#else
+    #define HASH crypto_blake2b
+#endif
+#define COMBINE1(x, y) x ## y
+#define COMBINE2(x, y) COMBINE1(x, y)
+#define HASH_CTX    COMBINE2(HASH, _ctx)
+#define HASH_INIT   COMBINE2(HASH, _init)
+#define HASH_UPDATE COMBINE2(HASH, _update)
+#define HASH_FINAL  COMBINE2(HASH, _final)
+
 typedef struct {
-    crypto_blake2b_ctx ctx;
+    HASH_CTX ctx;
 } ed25519_hash_context;
 
 void ed25519_hash_init(ed25519_hash_context *ctx)
 {
-    crypto_blake2b_init(&(ctx->ctx));
+    HASH_INIT(&(ctx->ctx));
 }
 void ed25519_hash_update(ed25519_hash_context *ctx, const uint8_t *in, size_t inlen)
 {
-    crypto_blake2b_update(&(ctx->ctx), in, inlen);
+    HASH_UPDATE(&(ctx->ctx), in, inlen);
 }
 void ed25519_hash_final(ed25519_hash_context *ctx, uint8_t *hash)
 {
-    crypto_blake2b_final(&(ctx->ctx), hash);
+    HASH_FINAL(&(ctx->ctx), hash);
 }
 void ed25519_hash(uint8_t *hash, const uint8_t *in, size_t inlen)
 {
-    crypto_blake2b(hash, in, inlen);
+    HASH(hash, in, inlen);
 }
 
 
diff --git a/tests/speed.c b/tests/speed.c
index f0c3d1c..4fc506b 100644
--- a/tests/speed.c
+++ b/tests/speed.c
@@ -7,7 +7,7 @@
 #include "rename_sha512.h"
 #include "tweetnacl/tweetnacl.h"
 #include "poly1305-donna/poly1305-donna.h"
-//#include "ed25519-donna/ed25519.h"
+#include "ed25519-donna/ed25519.h"
 
 #define FOR(i, start, end) for (size_t (i) = (start); (i) < (end); (i)++)
 typedef uint8_t u8;
@@ -434,6 +434,49 @@ static speed_t d_poly1305(void)
     TIMING_RESULT("Poly1305", 16);
 }
 
+static void d_ed25519(void)
+{
+    u8 sk       [32];   p_random(sk, 32);
+    u8 pk       [32];
+    ed25519_publickey(sk, pk);
+
+    u8 message   [64];  p_random(message, 64);
+    u8 mono_sig  [64];
+    u8 sodium_sig[64];
+
+    // Testing signature speed
+    TIMING_START(monocypher_sig) {
+        rename_sign(mono_sig, sk, pk, message, 64);
+    }
+    TIMING_END(monocypher_sig);
+    TIMING_START(libsodium_sig) {
+        ed25519_sign(message, 64, sk, pk, sodium_sig);
+    }
+    TIMING_END(libsodium_sig);
+
+    // testing verification speed (for correct signatures)
+    TIMING_START(monocypher_chk) {
+        if (rename_check(mono_sig, pk, message, 64)) {
+            printf("Monocypher verification failed\n");
+        }
+    }
+    TIMING_END(monocypher_chk);
+    TIMING_START(libsodium_chk) {
+        if (ed25519_sign_open(message, 64, pk, sodium_sig)) {
+            printf("ed25519-donna verification failed\n");
+        }
+    }
+    TIMING_END(libsodium_chk);
+
+
+    if (rename_memcmp(mono_sig, sodium_sig, 64) != 0) {
+        printf("ed25519 benchmark failed (different results)\n");
+    }
+    print("ed25519(sig)", speed(libsodium_sig, monocypher_sig),
+          "32 bits ed25519-donna");
+    print("ed25519(chk)", speed(libsodium_chk, monocypher_chk),
+          "32 bits ed25519-donna");
+}
 
 int main()
 {
@@ -459,6 +502,7 @@ int main()
     printf("\nComparing with Donna\n");
     printf("----------------------\n");
     print("Poly1305    ", d_poly1305(), "32 bit Poly1305 Donna");
+    d_ed25519();
 
     printf("\n");
     return 0;