mbed-os-examples
Benchmark demonstration program for mbed TLS. The canonical source for this example lives at https://github.com/ARMmbed/mbed-os-example-tls
Mbed TLS Benchmark example on Mbed OS
This application benchmarks the various cryptographic primitives offered by Mbed TLS.
Getting started
Building with Mbed CLI
If you'd like to use Mbed CLI to build this, then you should set up your environment if you have not done so already. For instructions, refer to the main readme. The instructions on this page relate to using the developer.mbed.org Online Compiler
Import the program in to the Online Compiler, select your board from the drop down in the top right hand corner and then compile the application. Once it has built, you can drag and drop the binary onto your device.
Monitoring the application
The output in the terminal window should be similar to this:
terminal output
SHA-256 : 1673 Kb/s, 70 cycles/byte SHA-512 : 546 Kb/s, 215 cycles/byte AES-CBC-128 : 1428 Kb/s, 82 cycles/byte AES-CBC-192 : 1260 Kb/s, 93 cycles/byte AES-CBC-256 : 1127 Kb/s, 104 cycles/byte AES-GCM-128 : 486 Kb/s, 242 cycles/byte AES-GCM-192 : 464 Kb/s, 253 cycles/byte AES-GCM-256 : 445 Kb/s, 264 cycles/byte AES-CCM-128 : 610 Kb/s, 192 cycles/byte AES-CCM-192 : 547 Kb/s, 214 cycles/byte AES-CCM-256 : 496 Kb/s, 237 cycles/byte CTR_DRBG (NOPR) : 1139 Kb/s, 102 cycles/byte CTR_DRBG (PR) : 826 Kb/s, 142 cycles/byte HMAC_DRBG SHA-256 (NOPR) : 193 Kb/s, 611 cycles/byte HMAC_DRBG SHA-256 (PR) : 170 Kb/s, 695 cycles/byte RSA-2048 : 28 ms/ public RSA-2048 : 953 ms/private RSA-4096 : 93 ms/ public RSA-4096 : 5327 ms/private ECDSA-secp384r1 : 451 ms/sign ECDSA-secp256r1 : 304 ms/sign ECDSA-secp384r1 : 863 ms/verify ECDSA-secp256r1 : 594 ms/verify ECDHE-secp384r1 : 829 ms/handshake ECDHE-secp256r1 : 566 ms/handshake ECDHE-Curve25519 : 533 ms/handshake ECDH-secp384r1 : 407 ms/handshake ECDH-secp256r1 : 281 ms/handshake ECDH-Curve25519 : 268 ms/handshake DONE
Diff: main.cpp
- Revision:
- 70:72c865037f5d
- Parent:
- 63:9f7e5224fc60
- Child:
- 76:68ac2a548d58
--- a/main.cpp Mon Jul 16 16:45:10 2018 +0100
+++ b/main.cpp Thu Jul 19 15:30:05 2018 +0100
@@ -1,7 +1,7 @@
/*
* Benchmark demonstration program
*
- * Copyright (C) 2006-2016, Arm Limited, All Rights Reserved
+ * Copyright (C) 2006-2018, Arm Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
@@ -145,7 +145,7 @@
/*
* Uncomment this line to enable ECDSA benchmark.
*/
-//#define ENABLE_ECDSA
+#define ENABLE_ECDSA
/*
* For heap usage estimates, we need an estimate of the overhead per allocated
@@ -300,125 +300,59 @@
rsa, dhm, ecdsa, ecdh;
} todo_list;
-static int benchmark( int argc, char *argv[], mbedtls_platform_context* ctx )
+static int test_md( const todo_list * todo, mbedtls_platform_context* ctx )
{
- int i;
unsigned char tmp[200];
- char title[TITLE_LEN];
- todo_list todo;
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
- unsigned char malloc_buf[HEAP_SIZE] = { 0 };
-#endif
// The call below is used to avoid the "unused parameter" warning.
// The context itself can be used by cryptographic calls which require it.
// Please refer to https://github.com/ARMmbed/mbedtls/issues/1200 for more information.
(void)ctx;
- if( argc <= 1 )
- {
- memset( &todo, 1, sizeof( todo ) );
- }
- else
- {
- memset( &todo, 0, sizeof( todo ) );
-
- for( i = 1; i < argc; i++ )
- {
- if( strcmp( argv[i], "md4" ) == 0 )
- todo.md4 = 1;
- else if( strcmp( argv[i], "md5" ) == 0 )
- todo.md5 = 1;
- else if( strcmp( argv[i], "ripemd160" ) == 0 )
- todo.ripemd160 = 1;
- else if( strcmp( argv[i], "sha1" ) == 0 )
- todo.sha1 = 1;
- else if( strcmp( argv[i], "sha256" ) == 0 )
- todo.sha256 = 1;
- else if( strcmp( argv[i], "sha512" ) == 0 )
- todo.sha512 = 1;
- else if( strcmp( argv[i], "arc4" ) == 0 )
- todo.arc4 = 1;
- else if( strcmp( argv[i], "des3" ) == 0 )
- todo.des3 = 1;
- else if( strcmp( argv[i], "des" ) == 0 )
- todo.des = 1;
- else if( strcmp( argv[i], "aes_cbc" ) == 0 )
- todo.aes_cbc = 1;
- else if( strcmp( argv[i], "aes_ctr" ) == 0 )
- todo.aes_ctr = 1;
- else if( strcmp( argv[i], "aes_gcm" ) == 0 )
- todo.aes_gcm = 1;
- else if( strcmp( argv[i], "aes_ccm" ) == 0 )
- todo.aes_ccm = 1;
- else if( strcmp( argv[i], "aes_cmac" ) == 0 )
- todo.aes_cmac = 1;
- else if( strcmp( argv[i], "des3_cmac" ) == 0 )
- todo.des3_cmac = 1;
- else if( strcmp( argv[i], "camellia" ) == 0 )
- todo.camellia = 1;
- else if( strcmp( argv[i], "blowfish" ) == 0 )
- todo.blowfish = 1;
- else if( strcmp( argv[i], "havege" ) == 0 )
- todo.havege = 1;
- else if( strcmp( argv[i], "ctr_drbg" ) == 0 )
- todo.ctr_drbg = 1;
- else if( strcmp( argv[i], "hmac_drbg" ) == 0 )
- todo.hmac_drbg = 1;
- else if( strcmp( argv[i], "rsa" ) == 0 )
- todo.rsa = 1;
- else if( strcmp( argv[i], "dhm" ) == 0 )
- todo.dhm = 1;
- else if( strcmp( argv[i], "ecdsa" ) == 0 )
- todo.ecdsa = 1;
- else if( strcmp( argv[i], "ecdh" ) == 0 )
- todo.ecdh = 1;
- else
- {
- mbedtls_printf( "Unrecognized option: %s\r\n", argv[i] );
- mbedtls_printf( "Available options: " OPTIONS );
- }
- }
- }
-
- mbedtls_printf( "\r\n\r\n" );
-
-#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
- mbedtls_memory_buffer_alloc_init( malloc_buf, sizeof( malloc_buf ) );
-#endif
- memset( buf, 0xAA, sizeof( buf ) );
memset( tmp, 0xBB, sizeof( tmp ) );
#if defined(MBEDTLS_MD4_C)
- if( todo.md4 )
+ if( todo->md4 )
TIME_AND_TSC( "MD4", mbedtls_md4( buf, BUFSIZE, tmp ) );
#endif
#if defined(MBEDTLS_MD5_C)
- if( todo.md5 )
+ if( todo->md5 )
TIME_AND_TSC( "MD5", mbedtls_md5( buf, BUFSIZE, tmp ) );
#endif
#if defined(MBEDTLS_RIPEMD160_C)
- if( todo.ripemd160 )
+ if( todo->ripemd160 )
TIME_AND_TSC( "RIPEMD160", mbedtls_ripemd160( buf, BUFSIZE, tmp ) );
#endif
#if defined(MBEDTLS_SHA1_C)
- if( todo.sha1 )
+ if( todo->sha1 )
TIME_AND_TSC( "SHA-1", mbedtls_sha1( buf, BUFSIZE, tmp ) );
#endif
#if defined(MBEDTLS_SHA256_C)
- if( todo.sha256 )
+ if( todo->sha256 )
TIME_AND_TSC( "SHA-256", mbedtls_sha256( buf, BUFSIZE, tmp, 0 ) );
#endif
#if defined(MBEDTLS_SHA512_C)
- if( todo.sha512 )
+ if( todo->sha512 )
TIME_AND_TSC( "SHA-512", mbedtls_sha512( buf, BUFSIZE, tmp, 0 ) );
#endif
+ return ( 0 );
+}
+
+static int test_crypt( const todo_list * todo, mbedtls_platform_context* ctx )
+{
+ unsigned char tmp[200];
+ char title[TITLE_LEN];
+ // The call below is used to avoid the "unused parameter" warning.
+ // The context itself can be used by cryptographic calls which require it.
+ // Please refer to https://github.com/ARMmbed/mbedtls/issues/1200 for more information.
+ (void)ctx;
+ memset( tmp, 0xBB, sizeof( tmp ) );
#if defined(MBEDTLS_ARC4_C)
- if( todo.arc4 )
+ if( todo->arc4 )
{
mbedtls_arc4_context arc4;
mbedtls_arc4_init( &arc4 );
@@ -429,7 +363,7 @@
#endif
#if defined(MBEDTLS_DES_C) && defined(MBEDTLS_CIPHER_MODE_CBC)
- if( todo.des3 )
+ if( todo->des3 )
{
mbedtls_des3_context des3;
mbedtls_des3_init( &des3 );
@@ -439,7 +373,7 @@
mbedtls_des3_free( &des3 );
}
- if( todo.des )
+ if( todo->des )
{
mbedtls_des_context des;
mbedtls_des_init( &des );
@@ -449,7 +383,7 @@
mbedtls_des_free( &des );
}
#if defined(MBEDTLS_CMAC_C)
- if( todo.des3_cmac )
+ if( todo->des3_cmac )
{
unsigned char output[8];
const mbedtls_cipher_info_t *cipher_info;
@@ -468,7 +402,7 @@
#if defined(MBEDTLS_AES_C)
#if defined(MBEDTLS_CIPHER_MODE_CBC)
- if( todo.aes_cbc )
+ if( todo->aes_cbc )
{
int keysize;
mbedtls_aes_context aes;
@@ -489,7 +423,7 @@
#endif
#if defined(MBEDTLS_CIPHER_MODE_CTR)
- if( todo.aes_ctr )
+ if( todo->aes_ctr )
{
int keysize;
size_t nc_offset = 0;
@@ -512,7 +446,7 @@
#endif
#if defined(MBEDTLS_GCM_C)
- if( todo.aes_gcm )
+ if( todo->aes_gcm )
{
int keysize;
mbedtls_gcm_context gcm;
@@ -535,7 +469,7 @@
}
#endif
#if defined(MBEDTLS_CCM_C)
- if( todo.aes_ccm )
+ if( todo->aes_ccm )
{
int keysize;
mbedtls_ccm_context ccm;
@@ -558,7 +492,7 @@
}
#endif
#if defined(MBEDTLS_CMAC_C)
- if( todo.aes_cmac )
+ if( todo->aes_cmac )
{
unsigned char output[16];
const mbedtls_cipher_info_t *cipher_info;
@@ -591,7 +525,7 @@
#endif
#if defined(MBEDTLS_CAMELLIA_C) && defined(MBEDTLS_CIPHER_MODE_CBC)
- if( todo.camellia )
+ if( todo->camellia )
{
int keysize;
mbedtls_camellia_context camellia;
@@ -613,7 +547,7 @@
#endif
#if defined(MBEDTLS_BLOWFISH_C) && defined(MBEDTLS_CIPHER_MODE_CBC)
- if( todo.blowfish )
+ if( todo->blowfish )
{
int keysize;
mbedtls_blowfish_context blowfish;
@@ -636,8 +570,20 @@
}
#endif
+ return ( 0 );
+}
+
+static int test_rng( const todo_list * todo, mbedtls_platform_context* ctx )
+{
+ unsigned char tmp[200];
+ // The call below is used to avoid the "unused parameter" warning.
+ // The context itself can be used by cryptographic calls which require it.
+ // Please refer to https://github.com/ARMmbed/mbedtls/issues/1200 for more information.
+ (void)ctx;
+ memset( tmp, 0xBB, sizeof( tmp ) );
+
#if defined(MBEDTLS_HAVEGE_C)
- if( todo.havege )
+ if( todo->havege )
{
mbedtls_havege_state hs;
mbedtls_havege_init( &hs );
@@ -647,7 +593,7 @@
#endif
#if defined(MBEDTLS_CTR_DRBG_C)
- if( todo.ctr_drbg )
+ if( todo->ctr_drbg )
{
mbedtls_ctr_drbg_context ctr_drbg;
@@ -657,20 +603,20 @@
return(1);
TIME_AND_TSC( "CTR_DRBG (NOPR)",
if( mbedtls_ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 )
- return(1) );
+ return(1) );
if( mbedtls_ctr_drbg_seed( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 )
return(1);
mbedtls_ctr_drbg_set_prediction_resistance( &ctr_drbg, MBEDTLS_CTR_DRBG_PR_ON );
TIME_AND_TSC( "CTR_DRBG (PR)",
if( mbedtls_ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 )
- return(1) );
+ return(1) );
mbedtls_ctr_drbg_free( &ctr_drbg );
}
#endif
#if defined(MBEDTLS_HMAC_DRBG_C)
- if( todo.hmac_drbg )
+ if( todo->hmac_drbg )
{
mbedtls_hmac_drbg_context hmac_drbg;
const mbedtls_md_info_t *md_info;
@@ -685,7 +631,7 @@
return(1);
TIME_AND_TSC( "HMAC_DRBG SHA-1 (NOPR)",
if( mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
- return(1) );
+ return(1) );
mbedtls_hmac_drbg_free( &hmac_drbg );
if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
@@ -694,7 +640,7 @@
MBEDTLS_HMAC_DRBG_PR_ON );
TIME_AND_TSC( "HMAC_DRBG SHA-1 (PR)",
if( mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
- return(1) );
+ return(1) );
mbedtls_hmac_drbg_free( &hmac_drbg );
#endif
@@ -706,7 +652,7 @@
return(1);
TIME_AND_TSC( "HMAC_DRBG SHA-256 (NOPR)",
if( mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
- return(1) );
+ return(1) );
mbedtls_hmac_drbg_free( &hmac_drbg );
if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
@@ -715,15 +661,27 @@
MBEDTLS_HMAC_DRBG_PR_ON );
TIME_AND_TSC( "HMAC_DRBG SHA-256 (PR)",
if( mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
- return(1) );
+ return(1) );
mbedtls_hmac_drbg_free( &hmac_drbg );
#endif
}
#endif
+ return (0 );
+}
+
+static int test_pk( const todo_list * todo, mbedtls_platform_context* ctx )
+{
+ unsigned char tmp[200];
+ char title[TITLE_LEN];
+ // The call below is used to avoid the "unused parameter" warning.
+ // The context itself can be used by cryptographic calls which require it.
+ // Please refer to https://github.com/ARMmbed/mbedtls/issues/1200 for more information.
+ (void)ctx;
+ memset( tmp, 0xBB, sizeof( tmp ) );
#if defined(MBEDTLS_RSA_C) && \
defined(MBEDTLS_PEM_PARSE_C) && defined(MBEDTLS_PK_PARSE_C)
- if( todo.rsa )
+ if( todo->rsa )
{
mbedtls_pk_context pk;
mbedtls_rsa_context *rsa;
@@ -753,7 +711,7 @@
#endif
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_BIGNUM_C)
- if( todo.dhm )
+ if( todo->dhm )
{
int dhm_sizes[] = { 2048, 3072 };
const char *dhm_P[] = {
@@ -798,7 +756,7 @@
#endif
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_SHA256_C) && defined(ENABLE_ECDSA)
- if( todo.ecdsa )
+ if( todo->ecdsa )
{
mbedtls_ecdsa_context ecdsa;
const mbedtls_ecp_curve_info *curve_info;
@@ -819,7 +777,7 @@
mbedtls_snprintf( title, sizeof( title ), "ECDSA-%s",
curve_info->name );
TIME_PUBLIC( title, "sign",
- ret = mbedtls_ecdsa_write_signature( &ecdsa, MBEDTLS_MD_SHA256, buf, curve_info->bit_size,
+ ret = mbedtls_ecdsa_write_signature( &ecdsa, MBEDTLS_MD_SHA256, buf, ( curve_info->bit_size + 7 ) / 8,
tmp, &sig_len, myrand, NULL ) );
mbedtls_ecdsa_free( &ecdsa );
@@ -832,7 +790,7 @@
mbedtls_ecdsa_init( &ecdsa );
if( mbedtls_ecdsa_genkey( &ecdsa, curve_info->grp_id, myrand, NULL ) != 0 ||
- mbedtls_ecdsa_write_signature( &ecdsa, MBEDTLS_MD_SHA256, buf, curve_info->bit_size,
+ mbedtls_ecdsa_write_signature( &ecdsa, MBEDTLS_MD_SHA256, buf, ( curve_info->bit_size + 7 ) / 8,
tmp, &sig_len, myrand, NULL ) != 0 )
{
return( 1 );
@@ -842,7 +800,7 @@
mbedtls_snprintf( title, sizeof( title ), "ECDSA-%s",
curve_info->name );
TIME_PUBLIC( title, "verify",
- ret = mbedtls_ecdsa_read_signature( &ecdsa, buf, curve_info->bit_size,
+ ret = mbedtls_ecdsa_read_signature( &ecdsa, buf, ( curve_info->bit_size + 7 ) / 8,
tmp, sig_len ) );
mbedtls_ecdsa_free( &ecdsa );
@@ -851,7 +809,7 @@
#endif
#if defined(MBEDTLS_ECDH_C)
- if( todo.ecdh )
+ if( todo->ecdh )
{
mbedtls_ecdh_context ecdh;
#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
@@ -953,6 +911,99 @@
#endif
}
#endif
+ return ( 0 );
+
+}
+
+static int benchmark( int argc, char *argv[], mbedtls_platform_context* ctx )
+{
+ int i;
+ todo_list todo;
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+ unsigned char malloc_buf[HEAP_SIZE] = { 0 };
+#endif
+
+ if( argc <= 1 )
+ {
+ memset( &todo, 1, sizeof( todo ) );
+ }
+ else
+ {
+ memset( &todo, 0, sizeof( todo ) );
+
+ for( i = 1; i < argc; i++ )
+ {
+ if( strcmp( argv[i], "md4" ) == 0 )
+ todo.md4 = 1;
+ else if( strcmp( argv[i], "md5" ) == 0 )
+ todo.md5 = 1;
+ else if( strcmp( argv[i], "ripemd160" ) == 0 )
+ todo.ripemd160 = 1;
+ else if( strcmp( argv[i], "sha1" ) == 0 )
+ todo.sha1 = 1;
+ else if( strcmp( argv[i], "sha256" ) == 0 )
+ todo.sha256 = 1;
+ else if( strcmp( argv[i], "sha512" ) == 0 )
+ todo.sha512 = 1;
+ else if( strcmp( argv[i], "arc4" ) == 0 )
+ todo.arc4 = 1;
+ else if( strcmp( argv[i], "des3" ) == 0 )
+ todo.des3 = 1;
+ else if( strcmp( argv[i], "des" ) == 0 )
+ todo.des = 1;
+ else if( strcmp( argv[i], "aes_cbc" ) == 0 )
+ todo.aes_cbc = 1;
+ else if( strcmp( argv[i], "aes_ctr" ) == 0 )
+ todo.aes_ctr = 1;
+ else if( strcmp( argv[i], "aes_gcm" ) == 0 )
+ todo.aes_gcm = 1;
+ else if( strcmp( argv[i], "aes_ccm" ) == 0 )
+ todo.aes_ccm = 1;
+ else if( strcmp( argv[i], "aes_cmac" ) == 0 )
+ todo.aes_cmac = 1;
+ else if( strcmp( argv[i], "des3_cmac" ) == 0 )
+ todo.des3_cmac = 1;
+ else if( strcmp( argv[i], "camellia" ) == 0 )
+ todo.camellia = 1;
+ else if( strcmp( argv[i], "blowfish" ) == 0 )
+ todo.blowfish = 1;
+ else if( strcmp( argv[i], "havege" ) == 0 )
+ todo.havege = 1;
+ else if( strcmp( argv[i], "ctr_drbg" ) == 0 )
+ todo.ctr_drbg = 1;
+ else if( strcmp( argv[i], "hmac_drbg" ) == 0 )
+ todo.hmac_drbg = 1;
+ else if( strcmp( argv[i], "rsa" ) == 0 )
+ todo.rsa = 1;
+ else if( strcmp( argv[i], "dhm" ) == 0 )
+ todo.dhm = 1;
+ else if( strcmp( argv[i], "ecdsa" ) == 0 )
+ todo.ecdsa = 1;
+ else if( strcmp( argv[i], "ecdh" ) == 0 )
+ todo.ecdh = 1;
+ else
+ {
+ mbedtls_printf( "Unrecognized option: %s\r\n", argv[i] );
+ mbedtls_printf( "Available options: " OPTIONS );
+ }
+ }
+ }
+
+ mbedtls_printf( "\r\n\r\n" );
+
+#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
+ mbedtls_memory_buffer_alloc_init( malloc_buf, sizeof( malloc_buf ) );
+#endif
+ memset( buf, 0xAA, sizeof( buf ) );
+
+ if( test_md( &todo, ctx ) != 0)
+ return ( 1 );
+ if( test_crypt( &todo, ctx ) != 0)
+ return ( 1 );
+ if( test_rng( &todo, ctx ) != 0)
+ return ( 1 );
+ if( test_pk( &todo, ctx ) != 0)
+ return ( 1 );
mbedtls_printf("\r\nDONE\r\n");