mirror of
https://github.com/espressif/esp-idf.git
synced 2024-10-05 20:47:46 -04:00
test_rsa.c: remove 'use_blinding' variable.
The "mbedtls_rsa_private" has made f_rng function mandatory for the operation. Also updated the MAX_PERFORMANCE values with offset added with blinding Added the SOC_CCOMP_TIMER_SUPPORTED Check
This commit is contained in:
parent
fe904085fb
commit
1b4cc4c9f2
@ -16,11 +16,11 @@
|
|||||||
#define IDF_PERFORMANCE_MAX_TIME_SHA512_32KB 4500
|
#define IDF_PERFORMANCE_MAX_TIME_SHA512_32KB 4500
|
||||||
|
|
||||||
#define IDF_PERFORMANCE_MAX_RSA_2048KEY_PUBLIC_OP 19000
|
#define IDF_PERFORMANCE_MAX_RSA_2048KEY_PUBLIC_OP 19000
|
||||||
#define IDF_PERFORMANCE_MAX_RSA_2048KEY_PRIVATE_OP 190000
|
#define IDF_PERFORMANCE_MAX_RSA_2048KEY_PRIVATE_OP 420000
|
||||||
#define IDF_PERFORMANCE_MAX_RSA_3072KEY_PUBLIC_OP 33000
|
#define IDF_PERFORMANCE_MAX_RSA_3072KEY_PUBLIC_OP 33000
|
||||||
#define IDF_PERFORMANCE_MAX_RSA_3072KEY_PRIVATE_OP 360000
|
#define IDF_PERFORMANCE_MAX_RSA_3072KEY_PRIVATE_OP 950000
|
||||||
#define IDF_PERFORMANCE_MAX_RSA_4096KEY_PUBLIC_OP 90000
|
#define IDF_PERFORMANCE_MAX_RSA_4096KEY_PUBLIC_OP 90000
|
||||||
#define IDF_PERFORMANCE_MAX_RSA_4096KEY_PRIVATE_OP 870000
|
#define IDF_PERFORMANCE_MAX_RSA_4096KEY_PRIVATE_OP 1700000
|
||||||
|
|
||||||
#define IDF_PERFORMANCE_MAX_SPI_PER_TRANS_POLLING 15
|
#define IDF_PERFORMANCE_MAX_SPI_PER_TRANS_POLLING 15
|
||||||
#define IDF_PERFORMANCE_MAX_SPI_PER_TRANS_POLLING_NO_DMA 15
|
#define IDF_PERFORMANCE_MAX_SPI_PER_TRANS_POLLING_NO_DMA 15
|
||||||
|
@ -17,11 +17,11 @@
|
|||||||
#define IDF_PERFORMANCE_MAX_TIME_SHA512_32KB 900
|
#define IDF_PERFORMANCE_MAX_TIME_SHA512_32KB 900
|
||||||
|
|
||||||
#define IDF_PERFORMANCE_MAX_RSA_2048KEY_PUBLIC_OP 13500
|
#define IDF_PERFORMANCE_MAX_RSA_2048KEY_PUBLIC_OP 13500
|
||||||
#define IDF_PERFORMANCE_MAX_RSA_2048KEY_PRIVATE_OP 130000
|
#define IDF_PERFORMANCE_MAX_RSA_2048KEY_PRIVATE_OP 420000
|
||||||
#define IDF_PERFORMANCE_MAX_RSA_3072KEY_PUBLIC_OP 36000
|
#define IDF_PERFORMANCE_MAX_RSA_3072KEY_PUBLIC_OP 36000
|
||||||
#define IDF_PERFORMANCE_MAX_RSA_3072KEY_PRIVATE_OP 400000
|
#define IDF_PERFORMANCE_MAX_RSA_3072KEY_PRIVATE_OP 960000
|
||||||
#define IDF_PERFORMANCE_MAX_RSA_4096KEY_PUBLIC_OP 62000
|
#define IDF_PERFORMANCE_MAX_RSA_4096KEY_PUBLIC_OP 62000
|
||||||
#define IDF_PERFORMANCE_MAX_RSA_4096KEY_PRIVATE_OP 800000
|
#define IDF_PERFORMANCE_MAX_RSA_4096KEY_PRIVATE_OP 1850000
|
||||||
|
|
||||||
#define IDF_PERFORMANCE_MAX_SPI_PER_TRANS_POLLING 15
|
#define IDF_PERFORMANCE_MAX_SPI_PER_TRANS_POLLING 15
|
||||||
#define IDF_PERFORMANCE_MAX_SPI_PER_TRANS_POLLING_NO_DMA 15
|
#define IDF_PERFORMANCE_MAX_SPI_PER_TRANS_POLLING_NO_DMA 15
|
||||||
|
@ -15,11 +15,11 @@
|
|||||||
#define IDF_PERFORMANCE_MAX_TIME_SHA512_32KB 900
|
#define IDF_PERFORMANCE_MAX_TIME_SHA512_32KB 900
|
||||||
|
|
||||||
#define IDF_PERFORMANCE_MAX_RSA_2048KEY_PUBLIC_OP 18000
|
#define IDF_PERFORMANCE_MAX_RSA_2048KEY_PUBLIC_OP 18000
|
||||||
#define IDF_PERFORMANCE_MAX_RSA_2048KEY_PRIVATE_OP 210000
|
#define IDF_PERFORMANCE_MAX_RSA_2048KEY_PRIVATE_OP 490000
|
||||||
#define IDF_PERFORMANCE_MAX_RSA_3072KEY_PUBLIC_OP 45000
|
#define IDF_PERFORMANCE_MAX_RSA_3072KEY_PUBLIC_OP 45000
|
||||||
#define IDF_PERFORMANCE_MAX_RSA_3072KEY_PRIVATE_OP 670000
|
#define IDF_PERFORMANCE_MAX_RSA_3072KEY_PRIVATE_OP 1300000
|
||||||
#define IDF_PERFORMANCE_MAX_RSA_4096KEY_PUBLIC_OP 80000
|
#define IDF_PERFORMANCE_MAX_RSA_4096KEY_PUBLIC_OP 80000
|
||||||
#define IDF_PERFORMANCE_MAX_RSA_4096KEY_PRIVATE_OP 1500000
|
#define IDF_PERFORMANCE_MAX_RSA_4096KEY_PRIVATE_OP 2500000
|
||||||
|
|
||||||
#define IDF_PERFORMANCE_MAX_SPI_PER_TRANS_POLLING 15
|
#define IDF_PERFORMANCE_MAX_SPI_PER_TRANS_POLLING 15
|
||||||
#define IDF_PERFORMANCE_MAX_SPI_PER_TRANS_POLLING_NO_DMA 15
|
#define IDF_PERFORMANCE_MAX_SPI_PER_TRANS_POLLING_NO_DMA 15
|
||||||
|
@ -396,7 +396,7 @@ static void test_cert(const char *cert, const uint8_t *expected_output, size_t o
|
|||||||
}
|
}
|
||||||
|
|
||||||
#ifdef CONFIG_MBEDTLS_HARDWARE_MPI
|
#ifdef CONFIG_MBEDTLS_HARDWARE_MPI
|
||||||
static void rsa_key_operations(int keysize, bool check_performance, bool use_blinding, bool generate_new_rsa);
|
static void rsa_key_operations(int keysize, bool check_performance, bool generate_new_rsa);
|
||||||
|
|
||||||
static int myrand(void *rng_state, unsigned char *output, size_t len)
|
static int myrand(void *rng_state, unsigned char *output, size_t len)
|
||||||
{
|
{
|
||||||
@ -421,48 +421,44 @@ static void print_rsa_details(mbedtls_rsa_context *rsa)
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
// TODO: IDF-4708
|
|
||||||
#if !TEMPORARY_DISABLED_FOR_TARGETS(ESP32, ESP32S2, ESP32S3, ESP32C3)
|
|
||||||
TEST_CASE("test performance RSA key operations", "[bignum]")
|
TEST_CASE("test performance RSA key operations", "[bignum]")
|
||||||
{
|
{
|
||||||
for (int keysize = 2048; keysize <= SOC_RSA_MAX_BIT_LEN; keysize += 1024) {
|
for (int keysize = 2048; keysize <= SOC_RSA_MAX_BIT_LEN; keysize += 1024) {
|
||||||
rsa_key_operations(keysize, true, false, false);
|
rsa_key_operations(keysize, true, false);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
#endif
|
|
||||||
|
|
||||||
TEST_CASE("test RSA-3072 calculations", "[bignum]")
|
TEST_CASE("test RSA-3072 calculations", "[bignum]")
|
||||||
{
|
{
|
||||||
// use pre-genrated keys to make the test run a bit faster
|
// use pre-genrated keys to make the test run a bit faster
|
||||||
rsa_key_operations(3072, false, true, false);
|
rsa_key_operations(3072, false, false);
|
||||||
}
|
}
|
||||||
|
|
||||||
TEST_CASE("test RSA-2048 calculations", "[bignum]")
|
TEST_CASE("test RSA-2048 calculations", "[bignum]")
|
||||||
{
|
{
|
||||||
// use pre-genrated keys to make the test run a bit faster
|
// use pre-genrated keys to make the test run a bit faster
|
||||||
rsa_key_operations(2048, false, true, false);
|
rsa_key_operations(2048, false, false);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
TEST_CASE("test RSA-4096 calculations", "[bignum]")
|
TEST_CASE("test RSA-4096 calculations", "[bignum]")
|
||||||
{
|
{
|
||||||
// use pre-genrated keys to make the test run a bit faster
|
// use pre-genrated keys to make the test run a bit faster
|
||||||
rsa_key_operations(4096, false, true, false);
|
rsa_key_operations(4096, false, false);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static void rsa_key_operations(int keysize, bool check_performance, bool use_blinding, bool generate_new_rsa)
|
static void rsa_key_operations(int keysize, bool check_performance, bool generate_new_rsa)
|
||||||
{
|
{
|
||||||
mbedtls_pk_context clientkey;
|
mbedtls_pk_context clientkey;
|
||||||
mbedtls_rsa_context rsa;
|
mbedtls_rsa_context rsa;
|
||||||
unsigned char orig_buf[4096 / 8];
|
unsigned char orig_buf[4096 / 8];
|
||||||
unsigned char encrypted_buf[4096 / 8];
|
unsigned char encrypted_buf[4096 / 8];
|
||||||
unsigned char decrypted_buf[4096 / 8];
|
unsigned char decrypted_buf[4096 / 8];
|
||||||
int public_perf, private_perf;
|
|
||||||
int res = 0;
|
int res = 0;
|
||||||
|
|
||||||
printf("First, orig_buf is encrypted by the public key, and then decrypted by the private key\n");
|
printf("First, orig_buf is encrypted by the public key, and then decrypted by the private key\n");
|
||||||
printf("keysize=%d check_performance=%d use_blinding=%d generate_new_rsa=%d\n", keysize, check_performance, use_blinding, generate_new_rsa);
|
printf("keysize=%d check_performance=%d generate_new_rsa=%d\n", keysize, check_performance, generate_new_rsa);
|
||||||
|
|
||||||
memset(orig_buf, 0xAA, sizeof(orig_buf));
|
memset(orig_buf, 0xAA, sizeof(orig_buf));
|
||||||
orig_buf[0] = 0; // Ensure that orig_buf is smaller than rsa.N
|
orig_buf[0] = 0; // Ensure that orig_buf is smaller than rsa.N
|
||||||
@ -498,6 +494,8 @@ static void rsa_key_operations(int keysize, bool check_performance, bool use_bli
|
|||||||
TEST_ASSERT_EQUAL(keysize, (int)rsa.MBEDTLS_PRIVATE(len) * 8);
|
TEST_ASSERT_EQUAL(keysize, (int)rsa.MBEDTLS_PRIVATE(len) * 8);
|
||||||
TEST_ASSERT_EQUAL(keysize, (int)rsa.MBEDTLS_PRIVATE(D).MBEDTLS_PRIVATE(n) * sizeof(mbedtls_mpi_uint) * 8); // The private exponent
|
TEST_ASSERT_EQUAL(keysize, (int)rsa.MBEDTLS_PRIVATE(D).MBEDTLS_PRIVATE(n) * sizeof(mbedtls_mpi_uint) * 8); // The private exponent
|
||||||
|
|
||||||
|
#ifdef SOC_CCOMP_TIMER_SUPPORTED
|
||||||
|
int public_perf, private_perf;
|
||||||
ccomp_timer_start();
|
ccomp_timer_start();
|
||||||
res = mbedtls_rsa_public(&rsa, orig_buf, encrypted_buf);
|
res = mbedtls_rsa_public(&rsa, orig_buf, encrypted_buf);
|
||||||
public_perf = ccomp_timer_stop();
|
public_perf = ccomp_timer_stop();
|
||||||
@ -509,7 +507,7 @@ static void rsa_key_operations(int keysize, bool check_performance, bool use_bli
|
|||||||
TEST_ASSERT_EQUAL_HEX16(0, -res);
|
TEST_ASSERT_EQUAL_HEX16(0, -res);
|
||||||
|
|
||||||
ccomp_timer_start();
|
ccomp_timer_start();
|
||||||
res = mbedtls_rsa_private(&rsa, use_blinding?myrand:NULL, NULL, encrypted_buf, decrypted_buf);
|
res = mbedtls_rsa_private(&rsa, myrand, NULL, encrypted_buf, decrypted_buf);
|
||||||
private_perf = ccomp_timer_stop();
|
private_perf = ccomp_timer_stop();
|
||||||
TEST_ASSERT_EQUAL_HEX16(0, -res);
|
TEST_ASSERT_EQUAL_HEX16(0, -res);
|
||||||
|
|
||||||
@ -520,6 +518,13 @@ static void rsa_key_operations(int keysize, bool check_performance, bool use_bli
|
|||||||
TEST_PERFORMANCE_CCOMP_LESS_THAN(RSA_4096KEY_PUBLIC_OP, "%d us", public_perf);
|
TEST_PERFORMANCE_CCOMP_LESS_THAN(RSA_4096KEY_PUBLIC_OP, "%d us", public_perf);
|
||||||
TEST_PERFORMANCE_CCOMP_LESS_THAN(RSA_4096KEY_PRIVATE_OP, "%d us", private_perf);
|
TEST_PERFORMANCE_CCOMP_LESS_THAN(RSA_4096KEY_PRIVATE_OP, "%d us", private_perf);
|
||||||
}
|
}
|
||||||
|
#else
|
||||||
|
res = mbedtls_rsa_public(&rsa, orig_buf, encrypted_buf);
|
||||||
|
TEST_ASSERT_EQUAL_HEX16(0, -res);
|
||||||
|
res = mbedtls_rsa_private(&rsa, myrand, NULL, encrypted_buf, decrypted_buf);
|
||||||
|
TEST_ASSERT_EQUAL_HEX16(0, -res);
|
||||||
|
TEST_IGNORE_MESSAGE("Performance check skipped! (soc doesn't support ccomp timer)");
|
||||||
|
#endif
|
||||||
|
|
||||||
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(orig_buf, decrypted_buf, keysize / 8, "RSA operation");
|
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(orig_buf, decrypted_buf, keysize / 8, "RSA operation");
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user