tests: add encryption benchmarks to cryptfs
This commit is contained in:
parent
21abf57abb
commit
c6a6641b58
4
.gitignore
vendored
4
.gitignore
vendored
@ -6,4 +6,6 @@
|
|||||||
|
|
||||||
# binary releases
|
# binary releases
|
||||||
/*.tar.gz
|
/*.tar.gz
|
||||||
c
|
|
||||||
|
# Binaries created for cpu profiling
|
||||||
|
*.test
|
||||||
|
3
cryptfs/openssl_benchmark.bash
Executable file
3
cryptfs/openssl_benchmark.bash
Executable file
@ -0,0 +1,3 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
go test -run NONE -bench BenchmarkEnc
|
76
cryptfs/openssl_test.go
Normal file
76
cryptfs/openssl_test.go
Normal file
@ -0,0 +1,76 @@
|
|||||||
|
package cryptfs
|
||||||
|
|
||||||
|
// Benchmark go built-int GCM against spacemonkey openssl bindings
|
||||||
|
//
|
||||||
|
// Note: The benchmarks in this file supersede the ones in the openssl_benchmark
|
||||||
|
// directory as they use the same code paths that gocryptfs actually uses.
|
||||||
|
//
|
||||||
|
// Run benchmark:
|
||||||
|
// go test -bench Enc
|
||||||
|
|
||||||
|
import (
|
||||||
|
"crypto/aes"
|
||||||
|
"crypto/cipher"
|
||||||
|
"testing"
|
||||||
|
)
|
||||||
|
|
||||||
|
func benchmarkGoEnc(b *testing.B, plaintext []byte, key []byte, nonce []byte) (ciphertext []byte) {
|
||||||
|
b.SetBytes(int64(len(plaintext)))
|
||||||
|
aes, err := aes.NewCipher(key[:])
|
||||||
|
if err != nil {
|
||||||
|
b.Fatal(err)
|
||||||
|
}
|
||||||
|
aesgcm, err := cipher.NewGCMWithNonceSize(aes, len(nonce))
|
||||||
|
if err != nil {
|
||||||
|
b.Fatal(err)
|
||||||
|
}
|
||||||
|
// This would be fileID + blockNo
|
||||||
|
aData := make([]byte, 24)
|
||||||
|
b.ResetTimer()
|
||||||
|
for i := 0; i < b.N; i++ {
|
||||||
|
// Encrypt plaintext and append to nonce
|
||||||
|
ciphertext = aesgcm.Seal(nonce, nonce, plaintext, aData)
|
||||||
|
}
|
||||||
|
return ciphertext
|
||||||
|
}
|
||||||
|
|
||||||
|
func benchmarkOpensslEnc(b *testing.B, plaintext []byte, key []byte, nonce []byte) (ciphertext []byte) {
|
||||||
|
b.SetBytes(int64(len(plaintext)))
|
||||||
|
var aesgcm opensslGCM
|
||||||
|
aesgcm.key = key
|
||||||
|
// This would be fileID + blockNo
|
||||||
|
aData := make([]byte, 24)
|
||||||
|
for i := 0; i < b.N; i++ {
|
||||||
|
// Encrypt plaintext and append to nonce
|
||||||
|
ciphertext = aesgcm.Seal(nonce, nonce, plaintext, aData)
|
||||||
|
}
|
||||||
|
return ciphertext
|
||||||
|
}
|
||||||
|
|
||||||
|
func BenchmarkEnc_Go_4k_AES256_nonce96(b *testing.B) {
|
||||||
|
plaintext := make([]byte, 4048)
|
||||||
|
key := make([]byte, 256/8)
|
||||||
|
nonce := make([]byte, 96/8)
|
||||||
|
benchmarkGoEnc(b, plaintext, key, nonce)
|
||||||
|
}
|
||||||
|
|
||||||
|
func BenchmarkEnc_Go_4k_AES256_nonce128(b *testing.B) {
|
||||||
|
plaintext := make([]byte, 4048)
|
||||||
|
key := make([]byte, 256/8)
|
||||||
|
nonce := make([]byte, 128/8)
|
||||||
|
benchmarkGoEnc(b, plaintext, key, nonce)
|
||||||
|
}
|
||||||
|
|
||||||
|
func BenchmarkEnc_OpenSSL_4k_AES256_nonce96(b *testing.B) {
|
||||||
|
plaintext := make([]byte, 4048)
|
||||||
|
key := make([]byte, 256/8)
|
||||||
|
nonce := make([]byte, 96/8)
|
||||||
|
benchmarkOpensslEnc(b, plaintext, key, nonce)
|
||||||
|
}
|
||||||
|
|
||||||
|
func BenchmarkEnc_OpenSSL_4k_AES256_nonce128(b *testing.B) {
|
||||||
|
plaintext := make([]byte, 4048)
|
||||||
|
key := make([]byte, 256/8)
|
||||||
|
nonce := make([]byte, 96/8)
|
||||||
|
benchmarkOpensslEnc(b, plaintext, key, nonce)
|
||||||
|
}
|
@ -2,6 +2,8 @@ package benchmark
|
|||||||
|
|
||||||
// Benchmark go built-int GCM against spacemonkey openssl bindings
|
// Benchmark go built-int GCM against spacemonkey openssl bindings
|
||||||
//
|
//
|
||||||
|
// Note: This is deprecated in favor of the benchmarks integrated in cryptfs.
|
||||||
|
//
|
||||||
// Run benchmark:
|
// Run benchmark:
|
||||||
// go test -bench=.
|
// go test -bench=.
|
||||||
|
|
||||||
@ -33,10 +35,11 @@ func BenchmarkGoEnc4K(b *testing.B) {
|
|||||||
aes, _ := aes.NewCipher(key[:])
|
aes, _ := aes.NewCipher(key[:])
|
||||||
aesgcm, _ := cipher.NewGCM(aes)
|
aesgcm, _ := cipher.NewGCM(aes)
|
||||||
var out []byte
|
var out []byte
|
||||||
|
// This would be fileID + blockNo
|
||||||
|
aData := make([]byte, 24)
|
||||||
b.ResetTimer()
|
b.ResetTimer()
|
||||||
for i := 0; i < b.N; i++ {
|
for i := 0; i < b.N; i++ {
|
||||||
out = aesgcm.Seal(out[:0], nonce[:], buf, nil)
|
out = aesgcm.Seal(out[:0], nonce[:], buf, aData)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -67,6 +70,9 @@ func BenchmarkOpensslEnc4K(b *testing.B) {
|
|||||||
var key [cryptfs.KEY_LEN]byte
|
var key [cryptfs.KEY_LEN]byte
|
||||||
var nonce [12]byte
|
var nonce [12]byte
|
||||||
|
|
||||||
|
// This would be fileID + blockNo
|
||||||
|
aData := make([]byte, 24)
|
||||||
|
|
||||||
var ciphertext bytes.Buffer
|
var ciphertext bytes.Buffer
|
||||||
var part []byte
|
var part []byte
|
||||||
|
|
||||||
@ -77,6 +83,10 @@ func BenchmarkOpensslEnc4K(b *testing.B) {
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
b.FailNow()
|
b.FailNow()
|
||||||
}
|
}
|
||||||
|
err = ectx.ExtraData(aData)
|
||||||
|
if err != nil {
|
||||||
|
b.FailNow()
|
||||||
|
}
|
||||||
part, err = ectx.EncryptUpdate(buf)
|
part, err = ectx.EncryptUpdate(buf)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
b.FailNow()
|
b.FailNow()
|
||||||
|
Loading…
Reference in New Issue
Block a user