From 39f3a24484ffc343d2d5225d5c419082aabb9baa Mon Sep 17 00:00:00 2001 From: Jakob Unterwurzacher Date: Wed, 4 May 2016 19:09:14 +0200 Subject: stupidgcm: completely replace spacemonkeygo/openssl --- openssl_benchmark/go-vs-openssl.md | 90 ----------------- openssl_benchmark/openssl_benchmark.bash | 5 - openssl_benchmark/openssl_test.go | 163 ------------------------------- 3 files changed, 258 deletions(-) delete mode 100644 openssl_benchmark/go-vs-openssl.md delete mode 100755 openssl_benchmark/openssl_benchmark.bash delete mode 100644 openssl_benchmark/openssl_test.go (limited to 'openssl_benchmark') diff --git a/openssl_benchmark/go-vs-openssl.md b/openssl_benchmark/go-vs-openssl.md deleted file mode 100644 index 222ae8e..0000000 --- a/openssl_benchmark/go-vs-openssl.md +++ /dev/null @@ -1,90 +0,0 @@ -Go 1.4.2 -======== - -39MB/s @1k - - go1.4/src/crypto/cipher$ go test -bench=. - - BenchmarkAESGCMSeal1K 50000 25968 ns/op 39.43 MB/s - BenchmarkAESGCMOpen1K 50000 25914 ns/op 39.51 MB/s - [...] - -Go 1.5 -====== - -41MB/s @1k - - go1.5/src/crypto/cipher$ ~/go/src/go1.5/bin/go test -bench=. - - BenchmarkAESGCMSeal1K-2 50000 24429 ns/op 41.92 MB/s - BenchmarkAESGCMOpen1K-2 50000 24578 ns/op 41.66 MB/s - BenchmarkAESGCMSeal8K-2 10000 190340 ns/op 43.04 MB/s - BenchmarkAESGCMOpen8K-2 10000 190308 ns/op 43.05 MB/s - [...] - -openssl 1.0.1k -============== - -302MB/s @1k - - $ openssl speed -elapsed -evp aes-128-gcm - - [...] - The 'numbers' are in 1000s of bytes per second processed. - type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes - aes-128-gcm 71275.15k 80063.19k 275048.36k 302066.69k 308912.13k - - -gocryptfs with openssl bindings -=============================== - -148MB/s @4k - - gocryptfs/openssl_benchmark$ ./openssl_benchmark.bash - - BenchmarkAESGCMSeal4K 20000 98671 ns/op 41.51 MB/s - BenchmarkAESGCMOpen4K 20000 98679 ns/op 41.51 MB/s - BenchmarkOpensslGCMenc4K 50000 27542 ns/op 148.72 MB/s - BenchmarkOpensslGCMdec4K 50000 27564 ns/op 148.60 MB/s - - -CPU Info -======== - -This is tested on a dual-core Intel Sandy Bridge Pentium G630 which does NOT have -aes instructions ( https://en.wikipedia.org/wiki/AES_instruction_set ) - - $ cat /proc/cpuinfo | fold -s -w 80 - - processor : 0 - vendor_id : GenuineIntel - cpu family : 6 - model : 42 - model name : Intel(R) Pentium(R) CPU G630 @ 2.70GHz - stepping : 7 - microcode : 0x29 - cpu MHz : 1617.574 - cache size : 3072 KB - physical id : 0 - siblings : 2 - core id : 0 - cpu cores : 2 - apicid : 0 - initial apicid : 0 - fpu : yes - fpu_exception : yes - cpuid level : 13 - wp : yes - flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov - pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm - constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc - aperfmperf eagerfpu pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 - xtpr pdcm pcid sse4_1 sse4_2 popcnt tsc_deadline_timer xsave lahf_lm arat epb - pln pts dtherm tpr_shadow vnmi flexpriority ept vpid xsaveopt - bugs : - bogomips : 5387.68 - clflush size : 64 - cache_alignment : 64 - address sizes : 36 bits physical, 48 bits virtual - power management: - [...] diff --git a/openssl_benchmark/openssl_benchmark.bash b/openssl_benchmark/openssl_benchmark.bash deleted file mode 100755 index b328d24..0000000 --- a/openssl_benchmark/openssl_benchmark.bash +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash - -set -eux - -go test -bench=. diff --git a/openssl_benchmark/openssl_test.go b/openssl_benchmark/openssl_test.go deleted file mode 100644 index 1530f9b..0000000 --- a/openssl_benchmark/openssl_test.go +++ /dev/null @@ -1,163 +0,0 @@ -package benchmark - -// Benchmark go built-int GCM against spacemonkey openssl bindings -// -// Note: This is deprecated in favor of the benchmarks integrated in cryptfs. -// -// Run benchmark: -// go test -bench=. - -import ( - "bytes" - "crypto/aes" - "crypto/cipher" - "fmt" - "os" - "testing" - - "github.com/spacemonkeygo/openssl" - - "github.com/rfjakob/gocryptfs/internal/cryptocore" -) - -func TestMain(m *testing.M) { - - fmt.Printf("Benchmarking AES-GCM-%d with 4kB block size\n", cryptocore.KeyLen*8) - - r := m.Run() - os.Exit(r) -} - -func BenchmarkGoEnc4K(b *testing.B) { - buf := make([]byte, 1024*4) - b.SetBytes(int64(len(buf))) - - var key [cryptocore.KeyLen]byte - var nonce [12]byte - aes, _ := aes.NewCipher(key[:]) - aesgcm, _ := cipher.NewGCM(aes) - var out []byte - // This would be fileID + blockNo - aData := make([]byte, 24) - b.ResetTimer() - for i := 0; i < b.N; i++ { - out = aesgcm.Seal(out[:0], nonce[:], buf, aData) - } -} - -func BenchmarkGoDec4K(b *testing.B) { - buf := make([]byte, 1024*4) - b.SetBytes(int64(len(buf))) - - var key [cryptocore.KeyLen]byte - var nonce [12]byte - aes, _ := aes.NewCipher(key[:]) - aesgcm, _ := cipher.NewGCM(aes) - var out []byte - out = aesgcm.Seal(out[:0], nonce[:], buf, nil) - - b.ResetTimer() - for i := 0; i < b.N; i++ { - _, err := aesgcm.Open(buf[:0], nonce[:], out, nil) - if err != nil { - b.Errorf("Open: %v", err) - } - } -} - -func BenchmarkOpensslEnc4K(b *testing.B) { - buf := make([]byte, 1024*4) - b.SetBytes(int64(len(buf))) - - var key [cryptocore.KeyLen]byte - var nonce [12]byte - - // This would be fileID + blockNo - aData := make([]byte, 24) - - var ciphertext bytes.Buffer - var part []byte - - b.ResetTimer() - for i := 0; i < b.N; i++ { - ciphertext.Reset() - ectx, err := openssl.NewGCMEncryptionCipherCtx(cryptocore.KeyLen*8, nil, key[:], nonce[:]) - if err != nil { - b.FailNow() - } - err = ectx.ExtraData(aData) - if err != nil { - b.FailNow() - } - part, err = ectx.EncryptUpdate(buf) - if err != nil { - b.FailNow() - } - ciphertext.Write(part) - part, err = ectx.EncryptFinal() - if err != nil { - b.FailNow() - } - ciphertext.Write(part) - part, err = ectx.GetTag() - if err != nil { - b.FailNow() - } - ciphertext.Write(part) - } -} - -func BenchmarkOpensslDec4K(b *testing.B) { - buf := makeOpensslCiphertext() - b.SetBytes(int64(1024 * 4)) - - tag := buf[4096:] - buf = buf[0:4096] - - var key [cryptocore.KeyLen]byte - var nonce [12]byte - - var plaintext bytes.Buffer - var part []byte - - b.ResetTimer() - for i := 0; i < b.N; i++ { - plaintext.Reset() - dctx, err := openssl.NewGCMDecryptionCipherCtx(cryptocore.KeyLen*8, nil, key[:], nonce[:]) - if err != nil { - b.FailNow() - } - part, err = dctx.DecryptUpdate(buf) - if err != nil { - b.FailNow() - } - plaintext.Write(part) - err = dctx.SetTag(tag) - if err != nil { - b.FailNow() - } - part, err = dctx.DecryptFinal() - if err != nil { - b.FailNow() - } - plaintext.Write(part) - } -} - -func makeOpensslCiphertext() []byte { - buf := make([]byte, 1024*4) - var key [cryptocore.KeyLen]byte - var nonce [12]byte - var ciphertext bytes.Buffer - var part []byte - - ectx, _ := openssl.NewGCMEncryptionCipherCtx(cryptocore.KeyLen*8, nil, key[:], nonce[:]) - part, _ = ectx.EncryptUpdate(buf) - ciphertext.Write(part) - part, _ = ectx.EncryptFinal() - ciphertext.Write(part) - part, _ = ectx.GetTag() - ciphertext.Write(part) - - return ciphertext.Bytes() -} -- cgit v1.2.3