test_rsa.c: remove 'use_blinding' variable.

The "mbedtls_rsa_private" has made f_rng function mandatory for the
    operation.
    Also updated the MAX_PERFORMANCE values with offset added with blinding
    Added the SOC_CCOMP_TIMER_SUPPORTED Check
This commit is contained in:
Aditya Patwardhan 2022-04-19 09:05:42 +05:30 committed by BOT
parent fe904085fb
commit 1b4cc4c9f2
4 changed files with 26 additions and 21 deletions

View File

@ -16,11 +16,11 @@
#define IDF_PERFORMANCE_MAX_TIME_SHA512_32KB 4500 #define IDF_PERFORMANCE_MAX_TIME_SHA512_32KB 4500
#define IDF_PERFORMANCE_MAX_RSA_2048KEY_PUBLIC_OP 19000 #define IDF_PERFORMANCE_MAX_RSA_2048KEY_PUBLIC_OP 19000
#define IDF_PERFORMANCE_MAX_RSA_2048KEY_PRIVATE_OP 190000 #define IDF_PERFORMANCE_MAX_RSA_2048KEY_PRIVATE_OP 420000
#define IDF_PERFORMANCE_MAX_RSA_3072KEY_PUBLIC_OP 33000 #define IDF_PERFORMANCE_MAX_RSA_3072KEY_PUBLIC_OP 33000
#define IDF_PERFORMANCE_MAX_RSA_3072KEY_PRIVATE_OP 360000 #define IDF_PERFORMANCE_MAX_RSA_3072KEY_PRIVATE_OP 950000
#define IDF_PERFORMANCE_MAX_RSA_4096KEY_PUBLIC_OP 90000 #define IDF_PERFORMANCE_MAX_RSA_4096KEY_PUBLIC_OP 90000
#define IDF_PERFORMANCE_MAX_RSA_4096KEY_PRIVATE_OP 870000 #define IDF_PERFORMANCE_MAX_RSA_4096KEY_PRIVATE_OP 1700000
#define IDF_PERFORMANCE_MAX_SPI_PER_TRANS_POLLING 15 #define IDF_PERFORMANCE_MAX_SPI_PER_TRANS_POLLING 15
#define IDF_PERFORMANCE_MAX_SPI_PER_TRANS_POLLING_NO_DMA 15 #define IDF_PERFORMANCE_MAX_SPI_PER_TRANS_POLLING_NO_DMA 15

View File

@ -17,11 +17,11 @@
#define IDF_PERFORMANCE_MAX_TIME_SHA512_32KB 900 #define IDF_PERFORMANCE_MAX_TIME_SHA512_32KB 900
#define IDF_PERFORMANCE_MAX_RSA_2048KEY_PUBLIC_OP 13500 #define IDF_PERFORMANCE_MAX_RSA_2048KEY_PUBLIC_OP 13500
#define IDF_PERFORMANCE_MAX_RSA_2048KEY_PRIVATE_OP 130000 #define IDF_PERFORMANCE_MAX_RSA_2048KEY_PRIVATE_OP 420000
#define IDF_PERFORMANCE_MAX_RSA_3072KEY_PUBLIC_OP 36000 #define IDF_PERFORMANCE_MAX_RSA_3072KEY_PUBLIC_OP 36000
#define IDF_PERFORMANCE_MAX_RSA_3072KEY_PRIVATE_OP 400000 #define IDF_PERFORMANCE_MAX_RSA_3072KEY_PRIVATE_OP 960000
#define IDF_PERFORMANCE_MAX_RSA_4096KEY_PUBLIC_OP 62000 #define IDF_PERFORMANCE_MAX_RSA_4096KEY_PUBLIC_OP 62000
#define IDF_PERFORMANCE_MAX_RSA_4096KEY_PRIVATE_OP 800000 #define IDF_PERFORMANCE_MAX_RSA_4096KEY_PRIVATE_OP 1850000
#define IDF_PERFORMANCE_MAX_SPI_PER_TRANS_POLLING 15 #define IDF_PERFORMANCE_MAX_SPI_PER_TRANS_POLLING 15
#define IDF_PERFORMANCE_MAX_SPI_PER_TRANS_POLLING_NO_DMA 15 #define IDF_PERFORMANCE_MAX_SPI_PER_TRANS_POLLING_NO_DMA 15

View File

@ -15,11 +15,11 @@
#define IDF_PERFORMANCE_MAX_TIME_SHA512_32KB 900 #define IDF_PERFORMANCE_MAX_TIME_SHA512_32KB 900
#define IDF_PERFORMANCE_MAX_RSA_2048KEY_PUBLIC_OP 18000 #define IDF_PERFORMANCE_MAX_RSA_2048KEY_PUBLIC_OP 18000
#define IDF_PERFORMANCE_MAX_RSA_2048KEY_PRIVATE_OP 210000 #define IDF_PERFORMANCE_MAX_RSA_2048KEY_PRIVATE_OP 490000
#define IDF_PERFORMANCE_MAX_RSA_3072KEY_PUBLIC_OP 45000 #define IDF_PERFORMANCE_MAX_RSA_3072KEY_PUBLIC_OP 45000
#define IDF_PERFORMANCE_MAX_RSA_3072KEY_PRIVATE_OP 670000 #define IDF_PERFORMANCE_MAX_RSA_3072KEY_PRIVATE_OP 1300000
#define IDF_PERFORMANCE_MAX_RSA_4096KEY_PUBLIC_OP 80000 #define IDF_PERFORMANCE_MAX_RSA_4096KEY_PUBLIC_OP 80000
#define IDF_PERFORMANCE_MAX_RSA_4096KEY_PRIVATE_OP 1500000 #define IDF_PERFORMANCE_MAX_RSA_4096KEY_PRIVATE_OP 2500000
#define IDF_PERFORMANCE_MAX_SPI_PER_TRANS_POLLING 15 #define IDF_PERFORMANCE_MAX_SPI_PER_TRANS_POLLING 15
#define IDF_PERFORMANCE_MAX_SPI_PER_TRANS_POLLING_NO_DMA 15 #define IDF_PERFORMANCE_MAX_SPI_PER_TRANS_POLLING_NO_DMA 15

View File

@ -396,7 +396,7 @@ static void test_cert(const char *cert, const uint8_t *expected_output, size_t o
} }
#ifdef CONFIG_MBEDTLS_HARDWARE_MPI #ifdef CONFIG_MBEDTLS_HARDWARE_MPI
static void rsa_key_operations(int keysize, bool check_performance, bool use_blinding, bool generate_new_rsa); static void rsa_key_operations(int keysize, bool check_performance, bool generate_new_rsa);
static int myrand(void *rng_state, unsigned char *output, size_t len) static int myrand(void *rng_state, unsigned char *output, size_t len)
{ {
@ -421,48 +421,44 @@ static void print_rsa_details(mbedtls_rsa_context *rsa)
} }
#endif #endif
// TODO: IDF-4708
#if !TEMPORARY_DISABLED_FOR_TARGETS(ESP32, ESP32S2, ESP32S3, ESP32C3)
TEST_CASE("test performance RSA key operations", "[bignum]") TEST_CASE("test performance RSA key operations", "[bignum]")
{ {
for (int keysize = 2048; keysize <= SOC_RSA_MAX_BIT_LEN; keysize += 1024) { for (int keysize = 2048; keysize <= SOC_RSA_MAX_BIT_LEN; keysize += 1024) {
rsa_key_operations(keysize, true, false, false); rsa_key_operations(keysize, true, false);
} }
} }
#endif
TEST_CASE("test RSA-3072 calculations", "[bignum]") TEST_CASE("test RSA-3072 calculations", "[bignum]")
{ {
// use pre-genrated keys to make the test run a bit faster // use pre-genrated keys to make the test run a bit faster
rsa_key_operations(3072, false, true, false); rsa_key_operations(3072, false, false);
} }
TEST_CASE("test RSA-2048 calculations", "[bignum]") TEST_CASE("test RSA-2048 calculations", "[bignum]")
{ {
// use pre-genrated keys to make the test run a bit faster // use pre-genrated keys to make the test run a bit faster
rsa_key_operations(2048, false, true, false); rsa_key_operations(2048, false, false);
} }
TEST_CASE("test RSA-4096 calculations", "[bignum]") TEST_CASE("test RSA-4096 calculations", "[bignum]")
{ {
// use pre-genrated keys to make the test run a bit faster // use pre-genrated keys to make the test run a bit faster
rsa_key_operations(4096, false, true, false); rsa_key_operations(4096, false, false);
} }
static void rsa_key_operations(int keysize, bool check_performance, bool use_blinding, bool generate_new_rsa) static void rsa_key_operations(int keysize, bool check_performance, bool generate_new_rsa)
{ {
mbedtls_pk_context clientkey; mbedtls_pk_context clientkey;
mbedtls_rsa_context rsa; mbedtls_rsa_context rsa;
unsigned char orig_buf[4096 / 8]; unsigned char orig_buf[4096 / 8];
unsigned char encrypted_buf[4096 / 8]; unsigned char encrypted_buf[4096 / 8];
unsigned char decrypted_buf[4096 / 8]; unsigned char decrypted_buf[4096 / 8];
int public_perf, private_perf;
int res = 0; int res = 0;
printf("First, orig_buf is encrypted by the public key, and then decrypted by the private key\n"); printf("First, orig_buf is encrypted by the public key, and then decrypted by the private key\n");
printf("keysize=%d check_performance=%d use_blinding=%d generate_new_rsa=%d\n", keysize, check_performance, use_blinding, generate_new_rsa); printf("keysize=%d check_performance=%d generate_new_rsa=%d\n", keysize, check_performance, generate_new_rsa);
memset(orig_buf, 0xAA, sizeof(orig_buf)); memset(orig_buf, 0xAA, sizeof(orig_buf));
orig_buf[0] = 0; // Ensure that orig_buf is smaller than rsa.N orig_buf[0] = 0; // Ensure that orig_buf is smaller than rsa.N
@ -498,6 +494,8 @@ static void rsa_key_operations(int keysize, bool check_performance, bool use_bli
TEST_ASSERT_EQUAL(keysize, (int)rsa.MBEDTLS_PRIVATE(len) * 8); TEST_ASSERT_EQUAL(keysize, (int)rsa.MBEDTLS_PRIVATE(len) * 8);
TEST_ASSERT_EQUAL(keysize, (int)rsa.MBEDTLS_PRIVATE(D).MBEDTLS_PRIVATE(n) * sizeof(mbedtls_mpi_uint) * 8); // The private exponent TEST_ASSERT_EQUAL(keysize, (int)rsa.MBEDTLS_PRIVATE(D).MBEDTLS_PRIVATE(n) * sizeof(mbedtls_mpi_uint) * 8); // The private exponent
#ifdef SOC_CCOMP_TIMER_SUPPORTED
int public_perf, private_perf;
ccomp_timer_start(); ccomp_timer_start();
res = mbedtls_rsa_public(&rsa, orig_buf, encrypted_buf); res = mbedtls_rsa_public(&rsa, orig_buf, encrypted_buf);
public_perf = ccomp_timer_stop(); public_perf = ccomp_timer_stop();
@ -509,7 +507,7 @@ static void rsa_key_operations(int keysize, bool check_performance, bool use_bli
TEST_ASSERT_EQUAL_HEX16(0, -res); TEST_ASSERT_EQUAL_HEX16(0, -res);
ccomp_timer_start(); ccomp_timer_start();
res = mbedtls_rsa_private(&rsa, use_blinding?myrand:NULL, NULL, encrypted_buf, decrypted_buf); res = mbedtls_rsa_private(&rsa, myrand, NULL, encrypted_buf, decrypted_buf);
private_perf = ccomp_timer_stop(); private_perf = ccomp_timer_stop();
TEST_ASSERT_EQUAL_HEX16(0, -res); TEST_ASSERT_EQUAL_HEX16(0, -res);
@ -520,6 +518,13 @@ static void rsa_key_operations(int keysize, bool check_performance, bool use_bli
TEST_PERFORMANCE_CCOMP_LESS_THAN(RSA_4096KEY_PUBLIC_OP, "%d us", public_perf); TEST_PERFORMANCE_CCOMP_LESS_THAN(RSA_4096KEY_PUBLIC_OP, "%d us", public_perf);
TEST_PERFORMANCE_CCOMP_LESS_THAN(RSA_4096KEY_PRIVATE_OP, "%d us", private_perf); TEST_PERFORMANCE_CCOMP_LESS_THAN(RSA_4096KEY_PRIVATE_OP, "%d us", private_perf);
} }
#else
res = mbedtls_rsa_public(&rsa, orig_buf, encrypted_buf);
TEST_ASSERT_EQUAL_HEX16(0, -res);
res = mbedtls_rsa_private(&rsa, myrand, NULL, encrypted_buf, decrypted_buf);
TEST_ASSERT_EQUAL_HEX16(0, -res);
TEST_IGNORE_MESSAGE("Performance check skipped! (soc doesn't support ccomp timer)");
#endif
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(orig_buf, decrypted_buf, keysize / 8, "RSA operation"); TEST_ASSERT_EQUAL_MEMORY_MESSAGE(orig_buf, decrypted_buf, keysize / 8, "RSA operation");