WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+ SPDX-License-Identifier: AGPL3.0-or-later
*/
/**
#include <gcrypt.h>
#include "gnunet_crypto_lib.h"
#include "gnunet_strings_lib.h"
+#include "benchmark.h"
#define EXTRA_CHECKS 0
#define LOG_GCRY(level, cmd, rc) do { LOG(level, _("`%s' failed at %s:%d with error: %s\n"), cmd, __FILE__, __LINE__, gcry_strerror(rc)); } while(0)
-#include "crypto_bug.c"
-
-
/**
* Extract values from an S-expression.
*
gcry_ctx_t ctx;
gcry_mpi_t q;
+ BENCHMARK_START (ecdsa_key_get_public);
+
sexp = decode_private_ecdsa_key (priv);
GNUNET_assert (NULL != sexp);
GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, sexp, NULL));
GNUNET_CRYPTO_mpi_print_unsigned (pub->q_y, sizeof (pub->q_y), q);
gcry_mpi_release (q);
gcry_ctx_release (ctx);
+
+ BENCHMARK_END (ecdsa_key_get_public);
}
gcry_ctx_t ctx;
gcry_mpi_t q;
+ BENCHMARK_START (eddsa_key_get_public);
+
sexp = decode_private_eddsa_key (priv);
GNUNET_assert (NULL != sexp);
GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, sexp, NULL));
GNUNET_CRYPTO_mpi_print_unsigned (pub->q_y, sizeof (pub->q_y), q);
gcry_mpi_release (q);
gcry_ctx_release (ctx);
+
+ BENCHMARK_END (eddsa_key_get_public);
}
gcry_ctx_t ctx;
gcry_mpi_t q;
+ BENCHMARK_START (ecdhe_key_get_public);
+
sexp = decode_private_ecdhe_key (priv);
GNUNET_assert (NULL != sexp);
GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, sexp, NULL));
GNUNET_CRYPTO_mpi_print_unsigned (pub->q_y, sizeof (pub->q_y), q);
gcry_mpi_release (q);
gcry_ctx_release (ctx);
+
+ BENCHMARK_END (ecdhe_key_get_public);
}
gcry_mpi_t d;
int rc;
+ BENCHMARK_START (ecdhe_key_create);
+
/* NOTE: For libgcrypt >= 1.7, we do not need the 'eddsa' flag here,
but should also be harmless. For libgcrypt < 1.7, using 'eddsa'
disables an expensive key testing routine. We do not want to run
gcry_sexp_release (priv_sexp);
GNUNET_CRYPTO_mpi_print_unsigned (pk->d, sizeof (pk->d), d);
gcry_mpi_release (d);
+
+ BENCHMARK_END (ecdhe_key_create);
+
return GNUNET_OK;
}
gcry_mpi_t d;
int rc;
+ BENCHMARK_START (ecdsa_key_create);
+
if (0 != (rc = gcry_sexp_build (&s_keyparam, NULL,
"(genkey(ecc(curve \"" CURVE "\")"
"(flags)))")))
priv = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPrivateKey);
GNUNET_CRYPTO_mpi_print_unsigned (priv->d, sizeof (priv->d), d);
gcry_mpi_release (d);
+
+ BENCHMARK_END (ecdsa_key_create);
+
return priv;
}
gcry_mpi_t d;
int rc;
+ BENCHMARK_START (eddsa_key_create);
+
#if CRYPTO_BUG
again:
#endif
}
#endif
+ BENCHMARK_END (eddsa_key_create);
+
return priv;
}
}
-/**
- * Compare two Peer Identities.
- *
- * @param first first peer identity
- * @param second second peer identity
- * @return bigger than 0 if first > second,
- * 0 if they are the same
- * smaller than 0 if second > first
- */
-int
-GNUNET_CRYPTO_cmp_peer_identity (const struct GNUNET_PeerIdentity *first,
- const struct GNUNET_PeerIdentity *second)
-{
- return memcmp (first, second, sizeof (struct GNUNET_PeerIdentity));
-}
-
-
/**
* Convert the data specified in the given purpose argument to an
* S-expression suitable for signature operations.
static gcry_sexp_t
data_to_eddsa_value (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose)
{
- struct GNUNET_HashCode hc;
gcry_sexp_t data;
int rc;
+/* SEE #5398 */
+#if 1
+ struct GNUNET_HashCode hc;
+
+ GNUNET_CRYPTO_hash (purpose,
+ ntohl (purpose->size),
+ &hc);
+ if (0 != (rc = gcry_sexp_build (&data, NULL,
+ "(data(flags eddsa)(hash-algo %s)(value %b))",
+ "sha512",
+ (int)sizeof (hc),
+ &hc)))
+ {
+ LOG_GCRY (GNUNET_ERROR_TYPE_ERROR,
+ "gcry_sexp_build",
+ rc);
+ return NULL;
+ }
+#else
GNUNET_CRYPTO_hash (purpose, ntohl (purpose->size), &hc);
if (0 != (rc = gcry_sexp_build (&data, NULL,
"(data(flags eddsa)(hash-algo %s)(value %b))",
"sha512",
- (int)sizeof (hc), &hc)))
+ ntohl (purpose->size),
+ purpose)))
{
- LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
+ LOG_GCRY (GNUNET_ERROR_TYPE_ERROR,
+ "gcry_sexp_build",
+ rc);
return NULL;
}
+#endif
return data;
}
static gcry_sexp_t
data_to_ecdsa_value (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose)
{
- struct GNUNET_HashCode hc;
gcry_sexp_t data;
int rc;
- GNUNET_CRYPTO_hash (purpose, ntohl (purpose->size), &hc);
+/* See #5398 */
+#if 1
+ struct GNUNET_HashCode hc;
+
+ GNUNET_CRYPTO_hash (purpose,
+ ntohl (purpose->size),
+ &hc);
if (0 != (rc = gcry_sexp_build (&data, NULL,
"(data(flags rfc6979)(hash %s %b))",
"sha512",
(int)sizeof (hc), &hc)))
{
- LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
+ LOG_GCRY (GNUNET_ERROR_TYPE_ERROR,
+ "gcry_sexp_build",
+ rc);
+ return NULL;
+ }
+#else
+ if (0 != (rc = gcry_sexp_build (&data, NULL,
+ "(data(flags rfc6979)(hash %s %b))",
+ "sha512",
+ ntohl (purpose->size),
+ purpose)))
+ {
+ LOG_GCRY (GNUNET_ERROR_TYPE_ERROR,
+ "gcry_sexp_build",
+ rc);
return NULL;
}
+#endif
return data;
}
int rc;
gcry_mpi_t rs[2];
+ BENCHMARK_START (ecdsa_sign);
+
priv_sexp = decode_private_ecdsa_key (priv);
data = data_to_ecdsa_value (purpose);
if (0 != (rc = gcry_pk_sign (&sig_sexp, data, priv_sexp)))
return GNUNET_SYSERR;
}
gcry_sexp_release (sig_sexp);
- GNUNET_CRYPTO_mpi_print_unsigned (sig->r, sizeof (sig->r), rs[0]);
- GNUNET_CRYPTO_mpi_print_unsigned (sig->s, sizeof (sig->s), rs[1]);
+ GNUNET_CRYPTO_mpi_print_unsigned (sig->r,
+ sizeof (sig->r),
+ rs[0]);
+ GNUNET_CRYPTO_mpi_print_unsigned (sig->s,
+ sizeof (sig->s),
+ rs[1]);
gcry_mpi_release (rs[0]);
gcry_mpi_release (rs[1]);
+
+ BENCHMARK_END (ecdsa_sign);
+
return GNUNET_OK;
}
int rc;
gcry_mpi_t rs[2];
+ BENCHMARK_START (eddsa_sign);
+
priv_sexp = decode_private_eddsa_key (priv);
data = data_to_eddsa_value (purpose);
if (0 != (rc = gcry_pk_sign (&sig_sexp, data, priv_sexp)))
GNUNET_CRYPTO_mpi_print_unsigned (sig->s, sizeof (sig->s), rs[1]);
gcry_mpi_release (rs[0]);
gcry_mpi_release (rs[1]);
+
+ BENCHMARK_END (eddsa_sign);
+
return GNUNET_OK;
}
gcry_sexp_t pub_sexpr;
int rc;
+ BENCHMARK_START (ecdsa_verify);
+
if (purpose != ntohl (validate->purpose))
return GNUNET_SYSERR; /* purpose mismatch */
LOG (GNUNET_ERROR_TYPE_INFO,
_("ECDSA signature verification failed at %s:%d: %s\n"), __FILE__,
__LINE__, gcry_strerror (rc));
+ BENCHMARK_END (ecdsa_verify);
return GNUNET_SYSERR;
}
+ BENCHMARK_END (ecdsa_verify);
return GNUNET_OK;
}
gcry_sexp_t pub_sexpr;
int rc;
+ BENCHMARK_START (eddsa_verify);
+
if (purpose != ntohl (validate->purpose))
return GNUNET_SYSERR; /* purpose mismatch */
LOG (GNUNET_ERROR_TYPE_INFO,
_("EdDSA signature verification failed at %s:%d: %s\n"), __FILE__,
__LINE__, gcry_strerror (rc));
+ BENCHMARK_END (eddsa_verify);
return GNUNET_SYSERR;
}
+ BENCHMARK_END (eddsa_verify);
return GNUNET_OK;
}
unsigned char xbuf[256 / 8];
size_t rsize;
+ BENCHMARK_START (ecc_ecdh);
+
/* first, extract the q = dP value from the public key */
if (0 != gcry_sexp_build (&pub_sexpr, NULL,
"(public-key(ecc(curve " CURVE ")(q %b)))",
rsize,
key_material);
gcry_mpi_release (result_x);
+ BENCHMARK_END (ecc_ecdh);
return GNUNET_OK;
}
gcry_sexp_t pub_sexpr;
int ret;
+ BENCHMARK_START (eddsa_ecdh);
+
/* first, extract the q = dP value from the public key */
if (0 != gcry_sexp_build (&pub_sexpr, NULL,
"(public-key(ecc(curve " CURVE ")(q %b)))",
key_material);
gcry_mpi_point_release (result);
gcry_ctx_release (ctx);
+ BENCHMARK_END (eddsa_ecdh);
return ret;
}
gcry_sexp_t pub_sexpr;
int ret;
+ BENCHMARK_START (ecdsa_ecdh);
+
/* first, extract the q = dP value from the public key */
if (0 != gcry_sexp_build (&pub_sexpr, NULL,
"(public-key(ecc(curve " CURVE ")(q %b)))",
key_material);
gcry_mpi_point_release (result);
gcry_ctx_release (ctx);
+ BENCHMARK_END (ecdsa_ecdh);
return ret;
}
gcry_sexp_t pub_sexpr;
int ret;
+ BENCHMARK_START (ecdh_eddsa);
+
/* first, extract the q = dP value from the public key */
if (0 != gcry_sexp_build (&pub_sexpr, NULL,
"(public-key(ecc(curve " CURVE ")(q %b)))",
key_material);
gcry_mpi_point_release (result);
gcry_ctx_release (ctx);
+ BENCHMARK_END (ecdh_eddsa);
return ret;
}