diff options
Diffstat (limited to 'src/lib/util/perf_crypto_ecc_dlog.c')
-rw-r--r-- | src/lib/util/perf_crypto_ecc_dlog.c | 184 |
1 files changed, 184 insertions, 0 deletions
diff --git a/src/lib/util/perf_crypto_ecc_dlog.c b/src/lib/util/perf_crypto_ecc_dlog.c new file mode 100644 index 000000000..698a3aafa --- /dev/null +++ b/src/lib/util/perf_crypto_ecc_dlog.c | |||
@@ -0,0 +1,184 @@ | |||
1 | /* | ||
2 | This file is part of GNUnet. | ||
3 | Copyright (C) 2015 GNUnet e.V. | ||
4 | |||
5 | GNUnet is free software: you can redistribute it and/or modify it | ||
6 | under the terms of the GNU Affero General Public License as published | ||
7 | by the Free Software Foundation, either version 3 of the License, | ||
8 | or (at your option) any later version. | ||
9 | |||
10 | GNUnet is distributed in the hope that it will be useful, but | ||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
13 | Affero General Public License for more details. | ||
14 | |||
15 | You should have received a copy of the GNU Affero General Public License | ||
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | ||
17 | |||
18 | SPDX-License-Identifier: AGPL3.0-or-later | ||
19 | |||
20 | */ | ||
21 | /** | ||
22 | * @file util/perf_crypto_ecc_dlog.c | ||
23 | * @brief benchmark for ECC DLOG calculation | ||
24 | * @author Christian Grothoff | ||
25 | */ | ||
26 | |||
27 | #include "platform.h" | ||
28 | #include "gnunet_util_lib.h" | ||
29 | #include <gcrypt.h> | ||
30 | #include <gauger.h> | ||
31 | |||
32 | |||
33 | /** | ||
34 | * Name of the curve we are using. Note that we have hard-coded | ||
35 | * structs that use 256 bits, so using a bigger curve will require | ||
36 | * changes that break stuff badly. The name of the curve given here | ||
37 | * must be agreed by all peers and be supported by libgcrypt. | ||
38 | */ | ||
39 | #define CURVE "Ed25519" | ||
40 | |||
41 | /** | ||
42 | * Maximum value we benchmark dlog for. | ||
43 | */ | ||
44 | #define MAX_FACT (1024 * 1024) | ||
45 | |||
46 | /** | ||
47 | * Maximum memory to use, sqrt(MAX_FACT) is a good choice. | ||
48 | */ | ||
49 | #define MAX_MEM 1024 | ||
50 | |||
51 | /** | ||
52 | * How many values do we test? | ||
53 | */ | ||
54 | #define TEST_ITER 10 | ||
55 | |||
56 | |||
57 | /** | ||
58 | * Do some DLOG operations for testing. | ||
59 | * | ||
60 | * @param edc context for ECC operations | ||
61 | * @param do_dlog true if we want to actually do the bencharked operation | ||
62 | */ | ||
63 | static void | ||
64 | test_dlog (struct GNUNET_CRYPTO_EccDlogContext *edc, | ||
65 | bool do_dlog) | ||
66 | { | ||
67 | for (unsigned int i = 0; i < TEST_ITER; i++) | ||
68 | { | ||
69 | struct GNUNET_CRYPTO_EccScalar fact; | ||
70 | struct GNUNET_CRYPTO_EccScalar n; | ||
71 | struct GNUNET_CRYPTO_EccPoint q; | ||
72 | int x; | ||
73 | |||
74 | fprintf (stderr, "."); | ||
75 | x = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK, | ||
76 | MAX_FACT); | ||
77 | memset (&n, | ||
78 | 0, | ||
79 | sizeof (n)); | ||
80 | for (unsigned int j = 0; j < x; j++) | ||
81 | sodium_increment (n.v, | ||
82 | sizeof (n.v)); | ||
83 | if (0 == GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK, | ||
84 | 2)) | ||
85 | { | ||
86 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | ||
87 | "Trying negative %d\n", | ||
88 | -x); | ||
89 | crypto_core_ed25519_scalar_negate (fact.v, | ||
90 | n.v); | ||
91 | x = -x; | ||
92 | } | ||
93 | else | ||
94 | { | ||
95 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | ||
96 | "Trying positive %d\n", | ||
97 | x); | ||
98 | fact = n; | ||
99 | } | ||
100 | if (0 == x) | ||
101 | { | ||
102 | /* libsodium does not like to multiply with zero; make sure | ||
103 | 'q' is a valid point (g) first, then use q = q - q to get | ||
104 | the product with zero */ | ||
105 | sodium_increment (fact.v, | ||
106 | sizeof (fact.v)); | ||
107 | GNUNET_assert (0 == | ||
108 | crypto_scalarmult_ed25519_base_noclamp (q.v, | ||
109 | fact.v)); | ||
110 | GNUNET_assert ( | ||
111 | 0 == | ||
112 | crypto_core_ed25519_sub (q.v, | ||
113 | q.v, | ||
114 | q.v)); | ||
115 | } | ||
116 | else | ||
117 | GNUNET_assert (0 == | ||
118 | crypto_scalarmult_ed25519_base_noclamp (q.v, | ||
119 | fact.v)); | ||
120 | if (do_dlog) | ||
121 | { | ||
122 | int iret; | ||
123 | |||
124 | if (x != | ||
125 | (iret = GNUNET_CRYPTO_ecc_dlog (edc, | ||
126 | &q))) | ||
127 | { | ||
128 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
129 | "DLOG failed for value %d (got: %d)\n", | ||
130 | x, | ||
131 | iret); | ||
132 | GNUNET_assert (0); | ||
133 | } | ||
134 | } | ||
135 | } | ||
136 | fprintf (stderr, | ||
137 | "\n"); | ||
138 | } | ||
139 | |||
140 | |||
141 | int | ||
142 | main (int argc, char *argv[]) | ||
143 | { | ||
144 | struct GNUNET_CRYPTO_EccDlogContext *edc; | ||
145 | struct GNUNET_TIME_Absolute start; | ||
146 | struct GNUNET_TIME_Relative delta; | ||
147 | |||
148 | GNUNET_log_setup ("perf-crypto-ecc-dlog", | ||
149 | "WARNING", | ||
150 | NULL); | ||
151 | start = GNUNET_TIME_absolute_get (); | ||
152 | edc = GNUNET_CRYPTO_ecc_dlog_prepare (MAX_FACT, | ||
153 | MAX_MEM); | ||
154 | printf ("DLOG precomputation 1M/1K took %s\n", | ||
155 | GNUNET_STRINGS_relative_time_to_string ( | ||
156 | GNUNET_TIME_absolute_get_duration (start), | ||
157 | GNUNET_YES)); | ||
158 | GAUGER ("UTIL", "ECC DLOG initialization", | ||
159 | GNUNET_TIME_absolute_get_duration | ||
160 | (start).rel_value_us / 1000LL, "ms/op"); | ||
161 | start = GNUNET_TIME_absolute_get (); | ||
162 | /* first do a baseline run without the DLOG */ | ||
163 | test_dlog (edc, false); | ||
164 | delta = GNUNET_TIME_absolute_get_duration (start); | ||
165 | start = GNUNET_TIME_absolute_get (); | ||
166 | test_dlog (edc, true); | ||
167 | delta = GNUNET_TIME_relative_subtract (GNUNET_TIME_absolute_get_duration ( | ||
168 | start), | ||
169 | delta); | ||
170 | printf ("%u DLOG calculations took %s\n", | ||
171 | TEST_ITER, | ||
172 | GNUNET_STRINGS_relative_time_to_string (delta, | ||
173 | GNUNET_YES)); | ||
174 | GAUGER ("UTIL", | ||
175 | "ECC DLOG operations", | ||
176 | delta.rel_value_us / 1000LL / TEST_ITER, | ||
177 | "ms/op"); | ||
178 | |||
179 | GNUNET_CRYPTO_ecc_dlog_release (edc); | ||
180 | return 0; | ||
181 | } | ||
182 | |||
183 | |||
184 | /* end of perf_crypto_ecc_dlog.c */ | ||