Vboot Reference: Add a RSA verify benchmark.

In addtion, add test cases and a script to generate them for benchmarking. Also fixes a path problem with the run_rsa_tests.sh script. Review URL: http://codereview.chromium.org/626011
author: Gaurav Shah <gauravsh@google.com> 2010-02-17 16:37:33 -0800
committer: Gaurav Shah <gauravsh@google.com> 2010-02-17 16:37:33 -0800
commit: 52898d3c268e1cdb695b1c9a25fb4190d84a24f8 (patch)
tree: 466246ec78ca4493292d3776bc6e04abc0d42fa6 /tests
parent: 27bfc8be07935ccb0dab251c5d084c64830163c2 (diff)
download: vboot-52898d3c268e1cdb695b1c9a25fb4190d84a24f8.tar.gz
20 files changed, 165 insertions, 7 deletions
diff --git a/tests/Makefile b/tests/Makefile
index 5d4faf98..cd47d221 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -7,10 +7,10 @@ CFLAGS = -Wall -DNDEBUG
 INCLUDES ?= -I../include/
 TOP ?= ../
 
-LIBS = $(TOP)/utils/firmware_image.o $(TOP)/crypto/libcrypto.a $(TOP)/common/libcommon.a  \
-	$(TOP)/utils/file_keys.o -lrt
+LIBS = $(TOP)/utils/firmware_image.o $(TOP)/crypto/libcrypto.a \
+	$(TOP)/common/libcommon.a $(TOP)/utils/file_keys.o -lrt
 
-tests: firmware_image_tests sha_tests sha_benchmark
+tests: firmware_image_tests sha_tests sha_benchmark rsa_verify_benchmark
 
 sha_tests: sha_tests.c
 	$(CC) $(CFLAGS) $(INCLUDES) $< -o $@ $(LIBS)
@@ -21,5 +21,8 @@ firmware_image_tests: firmware_image_tests.c
 sha_benchmark:	sha_benchmark.c timer_utils.c
 	$(CC) $(CFLAGS) $(INCLUDES) $^ -o $@ $(LIBS)
 
+rsa_verify_benchmark: rsa_verify_benchmark.c timer_utils.c
+	$(CC) $(CFLAGS) $(INCLUDES) $^ -o $@ $(LIBS)
+
 clean:
-	rm -f sha_tests sha_benchmark firmware_image_tests
+	rm -f sha_tests sha_benchmark rsa_verify_benchmark firmware_image_tests
diff --git a/tests/gen_test_cases.sh b/tests/gen_test_cases.sh
new file mode 100755
index 00000000..b15921d6
--- /dev/null
+++ b/tests/gen_test_cases.sh
@@ -0,0 +1,54 @@
+#!/bin/bash
+
+# Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+
+# Generate test cases for use for the RSA verify benchmark.
+
+KEY_DIR=testkeys
+TESTCASE_DIR=testcases
+UTIL_DIR=../utils/
+TEST_FILE=test_file 
+TEST_FILE_SIZE=1000000
+
+hash_algos=( sha1 sha256 sha512 )
+key_lengths=( 1024 2048 4096 8192 ) 
+
+# Generate public key signatures and digest on an input file for 
+# various combinations of message digest algorithms and RSA key sizes.
+function generate_test_signatures {
+  algorithmcounter=0
+  for keylen in ${key_lengths[@]}
+  do
+    for hashalgo in ${hash_algos[@]}
+    do
+      openssl dgst -${hashalgo} -binary -out $1.${hashalgo}.digest $1
+      ${UTIL_DIR}/signature_digest $algorithmcounter $1 | openssl rsautl -sign \
+        -pkcs -inkey ${KEY_DIR}/key_rsa${keylen}.pem \
+        > $1.rsa${keylen}_${hashalgo}.sig
+      let algorithmcounter=algorithmcounter+1
+    done
+  done
+}
+
+function pre_work {
+  # Generate a file with random bytes for signature tests.
+  echo "Generating test file..."
+  dd if=/dev/urandom of=${TESTCASE_DIR}/${TEST_FILE} bs=${TEST_FILE_SIZE} count=1
+}
+
+if [ ! -d "$KEY_DIR" ]
+then
+  echo "You must run gen_test_cases.sh to generate test keys first."
+  exit 1
+fi
+
+if [ ! -d "$TESTCASE_DIR" ]
+then
+  mkdir  "$TESTCASE_DIR"
+fi
+
+pre_work
+echo "Generating test signatures..."
+generate_test_signatures ${TESTCASE_DIR}/$TEST_FILE
diff --git a/tests/rsa_verify_benchmark.c b/tests/rsa_verify_benchmark.c
new file mode 100644
index 00000000..a728426d
--- /dev/null
+++ b/tests/rsa_verify_benchmark.c
@@ -0,0 +1,87 @@
+/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include "file_keys.h"
+#include "padding.h"
+#include "rsa.h"
+#include "timer_utils.h"
+#include "utility.h"
+
+#define FILE_NAME_SIZE 128
+#define NUM_OPERATIONS 100 /* Number of signature operations to time. */
+
+void SpeedTestAlgorithm(int algorithm) {
+  int i, key_size;
+  double speed, msecs;
+  char file_name[FILE_NAME_SIZE];
+  uint8_t* digest = NULL;
+  uint8_t* signature = NULL;
+  int digest_len;
+  int sig_len;
+  RSAPublicKey* key = NULL;
+  ClockTimerState ct;
+  char* sha_strings[] = {  /* Maps algorithm->SHA algorithm. */
+    "sha1", "sha256", "sha512",  /* RSA-1024 */
+    "sha1", "sha256", "sha512",  /* RSA-2048 */
+    "sha1", "sha256", "sha512",  /* RSA-4096 */
+    "sha1", "sha256", "sha512",  /* RSA-8192 */
+  };
+
+  key_size = siglen_map[algorithm] * sizeof(uint32_t) * 8;  /* in bits. */
+  /* Get key. */
+  snprintf(file_name, FILE_NAME_SIZE, "testkeys/key_rsa%d.keyb", key_size);
+  key = RSAPublicKeyFromFile(file_name);
+  if (!key) {
+    fprintf(stderr, "Couldn't read key from file.\n");
+    goto failure;
+  }
+
+  /* Get expected digest. */
+  snprintf(file_name, FILE_NAME_SIZE, "testcases/test_file.%s.digest",
+           sha_strings[algorithm]);
+  digest = BufferFromFile(file_name, &digest_len);
+  if (!digest) {
+    fprintf(stderr, "Couldn't read digest file.\n");
+    goto failure;
+  }
+
+  /* Get signature to verify against. */
+  snprintf(file_name, FILE_NAME_SIZE, "testcases/test_file.rsa%d_%s.sig",
+           key_size, sha_strings[algorithm]);
+  signature = BufferFromFile(file_name, &sig_len);
+  if (!signature) {
+    fprintf(stderr, "Couldn't read signature file.\n");
+    goto failure;
+  }
+
+  StartTimer(&ct);
+  for (i = 0; i < NUM_OPERATIONS; i++) {
+    if (!RSA_verify(key, signature, sig_len, algorithm, digest))
+      fprintf(stderr, "Warning: Signature Check Failed.\n");
+  }
+  StopTimer(&ct);
+
+  msecs = (float) GetDurationMsecs(&ct) / NUM_OPERATIONS;
+  speed = 1000.0 / msecs ;
+  fprintf(stderr, "rsa%d/%s bits:\tTime taken per verification = %.02f ms,"
+          " Speed = %.02f verifications/s\n", key_size, sha_strings[algorithm],
+          msecs, speed);
+
+failure:
+  Free(signature);
+  Free(digest);
+  Free(key);
+}
+
+int main(int argc, char* argv[]) {
+  int i;
+  for (i = 0; i < kNumAlgorithms; ++i) {
+    SpeedTestAlgorithm(i);
+  }
+  return 0;
+}
diff --git a/tests/run_rsa_tests.sh b/tests/run_rsa_tests.sh
index 20384836..2aa74263 100755
--- a/tests/run_rsa_tests.sh
+++ b/tests/run_rsa_tests.sh
@@ -55,9 +55,11 @@ function test_verification {
     for hashalgo in ${hash_algos[@]}
     do
       echo -e "For ${COL_YELLOW}RSA-$keylen and $hashalgo${COL_STOP}:"
-      cd ${UTIL_DIR} && ${TEST_DIR}/firmware_image_tests $algorithmcounter testkeys/key_rsa8192.pem \
-        testkeys/key_rsa8192.keyb testkeys/key_rsa${keylen}.pem \
-        testkeys/key_rsa${keylen}.keyb
+      cd ${UTIL_DIR} && ${TEST_DIR}/firmware_image_tests $algorithmcounter \
+        ${TEST_DIR}/testkeys/key_rsa8192.pem \
+        ${TEST_DIR}/testkeys/key_rsa8192.keyb \
+        ${TEST_DIR}/testkeys/key_rsa${keylen}.pem \
+        ${TEST_DIR}/testkeys/key_rsa${keylen}.keyb
       let algorithmcounter=algorithmcounter+1
     done
   done
diff --git a/tests/testcases/test_file b/tests/testcases/test_file
new file mode 100644
index 00000000..3780a87a
--- /dev/null
+++ b/tests/testcases/test_file
diff --git a/tests/testcases/test_file.rsa1024_sha1.sig b/tests/testcases/test_file.rsa1024_sha1.sig
new file mode 100644
index 00000000..ab0f23f6
--- /dev/null
+++ b/tests/testcases/test_file.rsa1024_sha1.sig
@@ -0,0 +1 @@
+&���A��EYD���0>�`��}��>���۵�A�B����1���E��dV�$t��dF��,��ہH5$5���ő{Z������W�X�~�S.�+N:�a�q�k&����G�8V'=�h#[aUٷf�
+\ No newline at end of file
diff --git a/tests/testcases/test_file.rsa1024_sha256.sig b/tests/testcases/test_file.rsa1024_sha256.sig
new file mode 100644
index 00000000..bfea38d2
--- /dev/null
+++ b/tests/testcases/test_file.rsa1024_sha256.sig
diff --git a/tests/testcases/test_file.rsa1024_sha512.sig b/tests/testcases/test_file.rsa1024_sha512.sig
new file mode 100644
index 00000000..ecd166a7
--- /dev/null
+++ b/tests/testcases/test_file.rsa1024_sha512.sig
diff --git a/tests/testcases/test_file.rsa2048_sha1.sig b/tests/testcases/test_file.rsa2048_sha1.sig
new file mode 100644
index 00000000..3c7c93fb
--- /dev/null
+++ b/tests/testcases/test_file.rsa2048_sha1.sig
diff --git a/tests/testcases/test_file.rsa2048_sha256.sig b/tests/testcases/test_file.rsa2048_sha256.sig
new file mode 100644
index 00000000..7a5362b7
--- /dev/null
+++ b/tests/testcases/test_file.rsa2048_sha256.sig
@@ -0,0 +1 @@
+GO:s,�gG��2��D��ͳ��t�~1ނ�#��j"�P�5�Mź����2��	��ǩ$�Q�F�!���8��6��TӂF�"f{9������w��MB��m�\|;�'��'̑�� _(3�d�%9�7�.�_��Ô{��g�ʴ4� H�}���6���$Fz��\P<�8`{�t)�t�������v�[�渥\I�@�4�G��C��a���z̵��9�񷈋�ҮR����K]�9�,��Xy:5Tkic
+\ No newline at end of file
diff --git a/tests/testcases/test_file.rsa2048_sha512.sig b/tests/testcases/test_file.rsa2048_sha512.sig
new file mode 100644
index 00000000..d0475978
--- /dev/null
+++ b/tests/testcases/test_file.rsa2048_sha512.sig
diff --git a/tests/testcases/test_file.rsa4096_sha1.sig b/tests/testcases/test_file.rsa4096_sha1.sig
new file mode 100644
index 00000000..cd3c2daf
--- /dev/null
+++ b/tests/testcases/test_file.rsa4096_sha1.sig
diff --git a/tests/testcases/test_file.rsa4096_sha256.sig b/tests/testcases/test_file.rsa4096_sha256.sig
new file mode 100644
index 00000000..140c564e
--- /dev/null
+++ b/tests/testcases/test_file.rsa4096_sha256.sig
diff --git a/tests/testcases/test_file.rsa4096_sha512.sig b/tests/testcases/test_file.rsa4096_sha512.sig
new file mode 100644
index 00000000..a088735f
--- /dev/null
+++ b/tests/testcases/test_file.rsa4096_sha512.sig
@@ -0,0 +1,7 @@
+l�"ca�?�69���p'
+�z�b(�7)fQ�tݤ)��z��y\�E��2ğ�>�E�;�+d��@(*9?����UN��N$I�**P��`7(�T�����
+�c䮽��v�Q%�?FbG���ޭ�1w��Xᥟ:M��`v��Qv
+��zJb�XkWRȫѳ-��ȵ�݀��<{�sX��j��#M�8��6ArjS�z�Y��y�U;��uq����A���ܪ�su�����
+p�YD(����A�-����n6�iD�nM�H��
+~ж��5���&+j���%YHB��o<���)Ka���2�ڈ��Oãoe�`���x��٬
+@H��jX�ܯQ�:�;m�Z�M��b��m����O$��4�U&��*�lg��VܰV<h��'�nf>�z���x�y̚PO=��qD��.k���
+�!�0ecsS��`.��txD�.F=����I�(p76��E�!���.����Ij�����v.g��V� l�f�#1V
+\ No newline at end of file
diff --git a/tests/testcases/test_file.rsa8192_sha1.sig b/tests/testcases/test_file.rsa8192_sha1.sig
new file mode 100644
index 00000000..4b704fa5
--- /dev/null
+++ b/tests/testcases/test_file.rsa8192_sha1.sig
diff --git a/tests/testcases/test_file.rsa8192_sha256.sig b/tests/testcases/test_file.rsa8192_sha256.sig
new file mode 100644
index 00000000..75ed86d7
--- /dev/null
+++ b/tests/testcases/test_file.rsa8192_sha256.sig
diff --git a/tests/testcases/test_file.rsa8192_sha512.sig b/tests/testcases/test_file.rsa8192_sha512.sig
new file mode 100644
index 00000000..49d002ca
--- /dev/null
+++ b/tests/testcases/test_file.rsa8192_sha512.sig
diff --git a/tests/testcases/test_file.sha1.digest b/tests/testcases/test_file.sha1.digest
new file mode 100644
index 00000000..96aabb0a
--- /dev/null
+++ b/tests/testcases/test_file.sha1.digest
@@ -0,0 +1 @@
+�k���f���ĒƢ�d
+\ No newline at end of file
diff --git a/tests/testcases/test_file.sha256.digest b/tests/testcases/test_file.sha256.digest
new file mode 100644
index 00000000..4e3497f6
--- /dev/null
+++ b/tests/testcases/test_file.sha256.digest
@@ -0,0 +1 @@
+3e#<@lP���P�����M�		�	�G"b��k
+\ No newline at end of file
diff --git a/tests/testcases/test_file.sha512.digest b/tests/testcases/test_file.sha512.digest
new file mode 100644
index 00000000..b599d7d6
--- /dev/null
+++ b/tests/testcases/test_file.sha512.digest
@@ -0,0 +1 @@
+2g��<�[�.(��X�B�@aiwa�xk��&�j��F�j9�%�q�$���lh	��p��r
+\ No newline at end of file
author	Gaurav Shah <gauravsh@google.com>	2010-02-17 16:37:33 -0800
committer	Gaurav Shah <gauravsh@google.com>	2010-02-17 16:37:33 -0800
commit	52898d3c268e1cdb695b1c9a25fb4190d84a24f8 (patch)
tree	466246ec78ca4493292d3776bc6e04abc0d42fa6 /tests
parent	27bfc8be07935ccb0dab251c5d084c64830163c2 (diff)
download	vboot-52898d3c268e1cdb695b1c9a25fb4190d84a24f8.tar.gz