From b96955cb926e527bd4b065572498b1c489386ab9 Mon Sep 17 00:00:00 2001 From: Loup Vaillant Date: Wed, 25 Nov 2020 23:11:53 +0100 Subject: [PATCH] Added speed benchmark for ed25519-donna --- CHANGELOG.md | 1 + README.md | 5 +- dist_ignore | 1 - makefile | 22 ++++- .../ed25519-donna/ed25519-hash-custom.h | 30 ++++++ tests/speed/speed-donna.c | 92 +++++++++++++++++++ 6 files changed, 146 insertions(+), 5 deletions(-) create mode 100644 tests/speed/speed-donna.c diff --git a/CHANGELOG.md b/CHANGELOG.md index 719b444..2e84f51 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,6 +12,7 @@ - Enforced slightly safer invariants. - Made the vectors.h header more compact and easier to modify. - TIS-CI integration. +- Added speed benchmark for ed25519-donna. 3.1.1 diff --git a/README.md b/README.md index 304079d..2118b5f 100644 --- a/README.md +++ b/README.md @@ -144,13 +144,14 @@ always switch later. Note: the speed benchmark currently requires the POSIX `clock_gettime()` function. -There are similar benchmarks for Libsodium, TweetNaCl, LibHydrogen, and -c25519: +There are similar benchmarks for Libsodium, TweetNaCl, LibHydrogen, +c25519, and ed25519-donna (the portable, 32-bit version): $ make speed-sodium $ make speed-tweetnacl $ make speed-hydrogen $ make speed-c25519 + $ make speed-donna (The `speed-hydrogen` target assumes it has pkg-config installed. Try `make pkg-config-libhydrogen` as root if it is not.) diff --git a/dist_ignore b/dist_ignore index 4aabd33..4c6b623 100644 --- a/dist_ignore +++ b/dist_ignore @@ -27,7 +27,6 @@ lib* dist.sh dist_ignore tests/gen* -tests/externals/ed25519-donna* doc/*.sh tis.config tests/tis-ci* diff --git a/makefile b/makefile index 7e838c4..68bbe05 100644 --- a/makefile +++ b/makefile @@ -70,6 +70,7 @@ endif install install-doc pkg-config-libhydrogen \ check test ctgrind \ speed speed-sodium speed-tweetnacl speed-hydrogen speed-c25519 \ + speed-donna \ clean uninstall \ dist @@ -120,7 +121,8 @@ speed-sodium : speed-sodium.out speed-tweetnacl: speed-tweetnacl.out speed-hydrogen : speed-hydrogen.out speed-c25519 : speed-c25519.out -test test-legacy speed speed-sodium speed-tweetnacl speed-hydrogen speed-c25519: +speed-donna : speed-donna.out +test test-legacy speed speed-sodium speed-tweetnacl speed-hydrogen speed-c25519 speed-donna: ./$< ctgrind: ctgrind.out @@ -185,6 +187,12 @@ lib/speed-hydrogen.o:$(SPEED)/speed-hydrogen.c $(TEST_COMMON) $(SPEED)/speed.h `pkg-config --cflags libhydrogen` \ -fPIC -c -o $@ $< +lib/speed-donna.o:$(SPEED)/speed-donna.c $(TEST_COMMON) $(SPEED)/speed.h + @mkdir -p $(@D) + $(CC) $(CFLAGS) \ + -I src -I src/optional -I tests -I tests/externals/ed25519-donna \ + -fPIC -c -o $@ $< + C25519= c25519 edsign ed25519 morph25519 fprime f25519 sha512 C25519_H= $(patsubst %, tests/externals/c25519/%.h, $(C25519)) C25519_OBJECTS= $(patsubst %, lib/c25519/%.o, $(C25519)) @@ -206,6 +214,15 @@ lib/speed-c25519.o:$(SPEED)/speed-c25519.c \ @mkdir -p $(@D) $(CC) $(CFLAGS) -I tests -I tests/externals/c25519 -c -o $@ $< +lib/speed-ed25519.o: tests/externals/ed25519-donna/ed25519.c \ + $(wildcard tests/externals/ed25519-donna/*.h) + $(CC) $(CFLAGS) -c $< -o$@ \ + -I src \ + -DUSE_MONOCYPHER \ + -DED25519_CUSTOMHASH \ + -DED25519_TEST \ + -DED25519_NO_INLINE_ASM \ + -DED25519_FORCE_32BIT # test & speed executables TEST_OBJ= lib/utils.o lib/monocypher.o @@ -230,7 +247,8 @@ lib/tweetnacl.o: tests/externals/tweetnacl/tweetnacl.c \ $(CC) $(CFLAGS) -c -o $@ $< speed-tweetnacl.out: lib/speed-tweetnacl.o lib/tweetnacl.o lib/utils.o speed-c25519.out : lib/speed-c25519.o $(C25519_OBJECTS) lib/utils.o -speed-tweetnacl.out speed-c25519.out: +speed-donna.out : lib/speed-donna.o lib/speed-ed25519.o lib/utils.o lib/monocypher.o +speed-tweetnacl.out speed-c25519.out speed-donna.out: $(CC) $(CFLAGS) -o $@ $^ tests/vectors.h: diff --git a/tests/externals/ed25519-donna/ed25519-hash-custom.h b/tests/externals/ed25519-donna/ed25519-hash-custom.h index 94a0076..0bf61d2 100644 --- a/tests/externals/ed25519-donna/ed25519-hash-custom.h +++ b/tests/externals/ed25519-donna/ed25519-hash-custom.h @@ -1,3 +1,31 @@ +#ifdef USE_MONOCYPHER + +#include + +typedef crypto_blake2b_ctx ed25519_hash_context; + +void ed25519_hash_init(ed25519_hash_context *ctx) +{ + crypto_blake2b_init(ctx); +} + +void ed25519_hash_update(ed25519_hash_context *ctx, const uint8_t *in, size_t inlen) +{ + crypto_blake2b_update(ctx, in, inlen); +} + +void ed25519_hash_final(ed25519_hash_context *ctx, uint8_t *hash) +{ + crypto_blake2b_final(ctx, hash); +} + +void ed25519_hash(uint8_t *hash, const uint8_t *in, size_t inlen) +{ + crypto_blake2b(hash, in, inlen); +} + +#else + #include typedef crypto_generichash_state ed25519_hash_context; @@ -21,3 +49,5 @@ void ed25519_hash(uint8_t *hash, const uint8_t *in, size_t inlen) { crypto_generichash(hash, 64, in, inlen, 0, 0); } + +#endif diff --git a/tests/speed/speed-donna.c b/tests/speed/speed-donna.c new file mode 100644 index 0000000..6a2abb7 --- /dev/null +++ b/tests/speed/speed-donna.c @@ -0,0 +1,92 @@ +// This file is dual-licensed. Choose whichever licence you want from +// the two licences listed below. +// +// The first licence is a regular 2-clause BSD licence. The second licence +// is the CC-0 from Creative Commons. It is intended to release Monocypher +// to the public domain. The BSD licence serves as a fallback option. +// +// SPDX-License-Identifier: BSD-2-Clause OR CC0-1.0 +// +// ------------------------------------------------------------------------ +// +// Copyright (c) 2020, Loup Vaillant +// All rights reserved. +// +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// 1. Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// +// 2. Redistributions in binary form must reproduce the above copyright +// notice, this list of conditions and the following disclaimer in the +// documentation and/or other materials provided with the +// distribution. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +// +// ------------------------------------------------------------------------ +// +// Written in 2020 by Loup Vaillant +// +// To the extent possible under law, the author(s) have dedicated all copyright +// and related neighboring rights to this software to the public domain +// worldwide. This software is distributed without any warranty. +// +// You should have received a copy of the CC0 Public Domain Dedication along +// with this software. If not, see +// + +#include "speed.h" +#include "ed25519.h" + +static u64 edDSA_sign(void) +{ + u8 pk [32]; + u8 signature[64]; + RANDOM_INPUT(sk , 32); + RANDOM_INPUT(message, 64); + ed25519_publickey(sk, pk); + + TIMING_START { + ed25519_sign(message, 64, sk, pk, signature); + } + TIMING_END; +} + +static u64 edDSA_check(void) +{ + u8 pk [32]; + u8 signature[64]; + RANDOM_INPUT(sk , 32); + RANDOM_INPUT(message, 64); + ed25519_publickey(sk, pk); + ed25519_sign(message, 64, sk, pk, signature); + + TIMING_START { + if (ed25519_sign_open(message, 64, pk, signature)) { + printf("Donna verification failed\n"); + } + } + TIMING_END; +} + +int main() +{ + print("EdDSA(sign) ",edDSA_sign() , "signatures per second"); + print("EdDSA(check)",edDSA_check(), "checks per second"); + printf("\n"); + return 0; +} -- 2.47.3