2017-02-22 23:55:43 +01:00
|
|
|
// Package speed implements the "-speed" command-line option,
|
|
|
|
// similar to "openssl speed".
|
|
|
|
// It benchmarks the crypto algorithms and libraries used by
|
|
|
|
// gocryptfs.
|
|
|
|
package speed
|
|
|
|
|
|
|
|
import (
|
|
|
|
"crypto/aes"
|
|
|
|
"crypto/cipher"
|
|
|
|
"crypto/rand"
|
|
|
|
"fmt"
|
|
|
|
"log"
|
|
|
|
"testing"
|
|
|
|
|
2020-02-29 21:27:05 +01:00
|
|
|
"golang.org/x/crypto/chacha20poly1305"
|
|
|
|
|
2021-08-23 22:13:49 +02:00
|
|
|
"github.com/rfjakob/gocryptfs/v2/internal/cryptocore"
|
2021-08-23 15:05:15 +02:00
|
|
|
"github.com/rfjakob/gocryptfs/v2/internal/siv_aead"
|
|
|
|
"github.com/rfjakob/gocryptfs/v2/internal/stupidgcm"
|
2017-02-22 23:55:43 +01:00
|
|
|
)
|
|
|
|
|
2020-02-29 21:26:28 +01:00
|
|
|
// 128-bit file ID + 64 bit block number = 192 bits = 24 bytes
|
|
|
|
const adLen = 24
|
|
|
|
|
|
|
|
// gocryptfs uses fixed-size 4 kiB blocks
|
|
|
|
const blockSize = 4096
|
|
|
|
|
2017-04-29 14:50:58 +02:00
|
|
|
// Run - run the speed the test and print the results.
|
2017-02-22 23:55:43 +01:00
|
|
|
func Run() {
|
|
|
|
bTable := []struct {
|
|
|
|
name string
|
|
|
|
f func(*testing.B)
|
|
|
|
preferred bool
|
|
|
|
}{
|
2021-08-23 22:13:49 +02:00
|
|
|
{name: cryptocore.BackendOpenSSL.Name, f: bStupidGCM, preferred: stupidgcm.PreferOpenSSL()},
|
|
|
|
{name: cryptocore.BackendGoGCM.Name, f: bGoGCM, preferred: !stupidgcm.PreferOpenSSL()},
|
|
|
|
{name: cryptocore.BackendAESSIV.Name, f: bAESSIV, preferred: false},
|
|
|
|
{name: cryptocore.BackendXChaCha20Poly1305.Name, f: bChacha20poly1305, preferred: false},
|
2017-02-22 23:55:43 +01:00
|
|
|
}
|
|
|
|
for _, b := range bTable {
|
|
|
|
fmt.Printf("%-20s\t", b.name)
|
|
|
|
mbs := mbPerSec(testing.Benchmark(b.f))
|
|
|
|
if mbs > 0 {
|
|
|
|
fmt.Printf("%7.2f MB/s", mbs)
|
|
|
|
} else {
|
|
|
|
fmt.Printf(" N/A")
|
|
|
|
}
|
|
|
|
if b.preferred {
|
|
|
|
fmt.Printf("\t(selected in auto mode)\n")
|
2021-08-23 22:13:49 +02:00
|
|
|
} else if b.name == cryptocore.BackendXChaCha20Poly1305.Name {
|
2021-08-24 14:02:12 +02:00
|
|
|
fmt.Printf("\t(use via -xchacha flag)\n")
|
2017-02-22 23:55:43 +01:00
|
|
|
} else {
|
|
|
|
fmt.Printf("\t\n")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func mbPerSec(r testing.BenchmarkResult) float64 {
|
|
|
|
if r.Bytes <= 0 || r.T <= 0 || r.N <= 0 {
|
|
|
|
return 0
|
|
|
|
}
|
|
|
|
return (float64(r.Bytes) * float64(r.N) / 1e6) / r.T.Seconds()
|
|
|
|
}
|
|
|
|
|
|
|
|
// Get "n" random bytes from /dev/urandom or panic
|
|
|
|
func randBytes(n int) []byte {
|
|
|
|
b := make([]byte, n)
|
|
|
|
_, err := rand.Read(b)
|
|
|
|
if err != nil {
|
|
|
|
log.Panic("Failed to read random bytes: " + err.Error())
|
|
|
|
}
|
|
|
|
return b
|
|
|
|
}
|
|
|
|
|
2020-02-29 21:26:28 +01:00
|
|
|
// bStupidGCM benchmarks stupidgcm's openssl GCM
|
2017-02-22 23:55:43 +01:00
|
|
|
func bStupidGCM(b *testing.B) {
|
|
|
|
if stupidgcm.BuiltWithoutOpenssl {
|
|
|
|
b.Skip("openssl has been disabled at compile-time")
|
|
|
|
}
|
|
|
|
key := randBytes(32)
|
2020-02-29 21:26:28 +01:00
|
|
|
authData := randBytes(adLen)
|
2017-02-22 23:55:43 +01:00
|
|
|
iv := randBytes(16)
|
|
|
|
in := make([]byte, blockSize)
|
|
|
|
b.SetBytes(int64(len(in)))
|
|
|
|
|
2017-04-08 02:09:28 +02:00
|
|
|
sGCM := stupidgcm.New(key, false)
|
2017-02-22 23:55:43 +01:00
|
|
|
|
|
|
|
b.ResetTimer()
|
|
|
|
for i := 0; i < b.N; i++ {
|
|
|
|
// Encrypt and append to nonce
|
|
|
|
sGCM.Seal(iv, iv, in, authData)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-02-29 21:26:28 +01:00
|
|
|
// bGoGCM benchmarks Go stdlib GCM
|
2017-02-22 23:55:43 +01:00
|
|
|
func bGoGCM(b *testing.B) {
|
|
|
|
key := randBytes(32)
|
2020-02-29 21:26:28 +01:00
|
|
|
authData := randBytes(adLen)
|
2017-02-22 23:55:43 +01:00
|
|
|
iv := randBytes(16)
|
|
|
|
in := make([]byte, blockSize)
|
|
|
|
b.SetBytes(int64(len(in)))
|
|
|
|
|
|
|
|
gAES, err := aes.NewCipher(key)
|
|
|
|
if err != nil {
|
|
|
|
b.Fatal(err)
|
|
|
|
}
|
|
|
|
gGCM, err := cipher.NewGCMWithNonceSize(gAES, 16)
|
|
|
|
if err != nil {
|
|
|
|
b.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
b.ResetTimer()
|
|
|
|
for i := 0; i < b.N; i++ {
|
|
|
|
// Encrypt and append to nonce
|
|
|
|
gGCM.Seal(iv, iv, in, authData)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-02-29 21:26:28 +01:00
|
|
|
// bAESSIV benchmarks AES-SIV from github.com/jacobsa/crypto/siv
|
2017-02-22 23:55:43 +01:00
|
|
|
func bAESSIV(b *testing.B) {
|
|
|
|
key := randBytes(64)
|
2020-02-29 21:26:28 +01:00
|
|
|
authData := randBytes(adLen)
|
2017-02-22 23:55:43 +01:00
|
|
|
iv := randBytes(16)
|
|
|
|
in := make([]byte, blockSize)
|
|
|
|
b.SetBytes(int64(len(in)))
|
|
|
|
gGCM := siv_aead.New(key)
|
|
|
|
|
|
|
|
b.ResetTimer()
|
|
|
|
for i := 0; i < b.N; i++ {
|
|
|
|
// Encrypt and append to nonce
|
|
|
|
gGCM.Seal(iv, iv, in, authData)
|
|
|
|
}
|
|
|
|
}
|
2020-02-29 21:27:05 +01:00
|
|
|
|
|
|
|
// bChacha20poly1305 benchmarks XChaCha20 from golang.org/x/crypto/chacha20poly1305
|
|
|
|
func bChacha20poly1305(b *testing.B) {
|
|
|
|
key := randBytes(32)
|
|
|
|
authData := randBytes(adLen)
|
|
|
|
iv := randBytes(chacha20poly1305.NonceSizeX)
|
|
|
|
in := make([]byte, blockSize)
|
|
|
|
b.SetBytes(int64(len(in)))
|
|
|
|
c, _ := chacha20poly1305.NewX(key)
|
|
|
|
|
|
|
|
b.ResetTimer()
|
|
|
|
for i := 0; i < b.N; i++ {
|
|
|
|
// Encrypt and append to nonce
|
|
|
|
c.Seal(iv, iv, in, authData)
|
|
|
|
}
|
|
|
|
}
|