RSA: Add benchmarks for signature verification.

bench/Cargo.toml

@@ -24,3 +24,8 @@ path = "agreement.rs"
 name = "ecdsa"
 harness = false
 path = "ecdsa.rs"
+
+[[bench]]
+name = "rsa"
+harness = false
+path = "rsa.rs"

bench/data/rsa-2048-3-signature.bin

@@ -0,0 +1 @@
+"<22>ЈOяМу!ќ<11>йfв,н<>/}d<>KџХ=4ІsхL<>u <20>ёўв*<2A>mN|&<26>ўвФЉ];xжЮ
вбP<D0B1>Nїебѓ<D0B1><D193>"{<7B>qвy!т{iуЄкQ"ЦwH
шSжЈqСр<D0A1>нЯК.оFа<46>ы<EFBFBD>bђљ6е"<22>А*ќRмЉs&в;<3B>о6ВD1<44>soќЂЌoGF<11>оG<D0BE>оШќйвНr<1E>Г5dМѓhП<68>ЧЃ<D0A7><D083>X2Б<32>фsЬOТхо9s<39>кf<D0BA>sraь<61>b№=WRЈqBюЖ<>фй$<24>т<EFBFBD>Ѕ+^<5E>ЫЂІzбш.ceЂЌ<D082>ХEўгЧEЂт~ѓЈ*<2A>sџ?%8LCЖ

bench/data/rsa-2048-65537-signature.bin

@@ -0,0 +1 @@
+gmà¢?w³ÏAÖj¥<6A>ÚgD†gmŠE“íYìçU$Óýt=±gØŽÛ|\DA”®Çm0¾±ºS0z!'ù°ÐQÁk[ú<>ás'§4\oAý4lä@\þœ:JôWÜÒµi9õ>n$T’@¡©cpz‰Kõ<4B>øÁµ©‡gè±<C3A8>.ʘézÎÙBjçâr‘¦LôÖÛRÄ\ f¡ŸpŠÐàC•SŸ\×½i‡´ˆ!«ŒuX˾Lþ1
µÔZwR_“ay³ôñÔ/å§`—ïËXƒ.Ê_Ó]XÒ4hÛ«}øìÍ$ø?Î"Îï¿Ç¬ç#¥Î€Õ¸ÓA<Ãù	
+

bench/data/rsa-4096-3-signature.bin

@@ -0,0 +1,4 @@
+©ýÁAð$ÿÅÕÖ6(Æ<>/;dìRKµv½›Z7n×
ŸlJ¥ÚýÙ?8_¤ÏIöu[÷¤º¡Ã(ਯ7Ç_,¸¢VÅŽŸ/MGÚ<>s8Bs>¤aý©ÌÒa¢Ašò6+É)}
þ–3}O£%zyPøÇþ<C387>ß9’£<E28099>Y|Š¡ÿ“’ú‚}âþü7
+öÆTj

…¢ú%4?¥¢ýÀ5Ù›§ô±Êa½<61>ÃUäº_iȇ¦Vk¡Èª8¸!«$SáéбS¾Äb¶·2sý´óà/›
+ƒOKë×XÛUQà<鈒¬Ôa
+•…Øü<EFBFBD>Y³×Ur¾^!.ƒZùÜ×

bench/data/rsa-generate.sh

@@ -0,0 +1,53 @@
+#!/usr/bin/env bash
+#
+# Copyright 2023 Brian Smith.
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
+# SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+# OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+# CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+set -eux -o pipefail
+IFS=$'\n\t'
+
+truncate --size 0 empty_message
+
+openssl genpkey -algorithm RSA \
+    -pkeyopt rsa_keygen_bits:2048 \
+    -pkeyopt rsa_keygen_pubexp:65537 | \
+  openssl pkcs8 -topk8 -nocrypt -outform der > rsa-2048-65537.p8
+
+openssl pkey -pubout -inform der -outform der \
+    -in rsa-2048-65537.p8 | \
+  openssl rsa -pubin -RSAPublicKey_out -inform DER -outform DER \
+    -out rsa-2048-65537-public-key.der
+openssl dgst -sha256 -sign rsa-2048-65537.p8 -out rsa-2048-65537-signature.bin empty_message
+rm rsa-2048-65537.p8
+
+m=(2048 3072 4096 8192)
+for i in "${m[@]}"
+do
+    echo $i
+    openssl genpkey -algorithm RSA \
+        -pkeyopt rsa_keygen_bits:2048 \
+        -pkeyopt rsa_keygen_pubexp:3 | \
+      openssl pkcs8 -topk8 -nocrypt -outform der > rsa-$i-3.p8
+
+    openssl pkey -pubout -inform der -outform der \
+        -in rsa-$i-3.p8 | \
+      openssl rsa -pubin -RSAPublicKey_out -inform DER -outform DER \
+        -out rsa-$i-3-public-key.der
+
+    openssl dgst -sha256 -sign rsa-$i-3.p8 -out rsa-$i-3-signature.bin empty_message
+
+    rm rsa-$i-3.p8
+done
+
+rm empty_message

bench/rsa.rs

@@ -0,0 +1,80 @@
+// Copyright 2023 Brian Smith.
+//
+// Permission to use, copy, modify, and/or distribute this software for any
+// purpose with or without fee is hereby granted, provided that the above
+// copyright notice and this permission notice appear in all copies.
+//
+// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES
+// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
+// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#![allow(missing_docs)]
+
+use criterion::{criterion_group, criterion_main, Criterion};
+use ring::signature::{UnparsedPublicKey, RSA_PKCS1_2048_8192_SHA256};
+
+macro_rules! verify_case {
+    ( $modulus_bits:expr, $exponent_value:expr ) => {
+        TestCase {
+            modulus_bits: $modulus_bits,
+            exponent_value: $exponent_value,
+            public_key: include_bytes!(concat!(
+                "data/rsa-",
+                stringify!($modulus_bits),
+                "-",
+                stringify!($exponent_value),
+                "-public-key.der"
+            )),
+            signature: include_bytes!(concat!(
+                "data/rsa-",
+                stringify!($modulus_bits),
+                "-",
+                stringify!($exponent_value),
+                "-signature.bin"
+            )),
+        }
+    };
+}
+
+fn verify(c: &mut Criterion) {
+    struct TestCase {
+        modulus_bits: usize,
+        exponent_value: usize,
+        public_key: &'static [u8],
+        signature: &'static [u8],
+    }
+    static TEST_CASES: &[TestCase] = &[
+        verify_case!(2048, 65537),
+        verify_case!(2048, 3),
+        verify_case!(3072, 3),
+        verify_case!(4096, 3),
+        verify_case!(8192, 3),
+    ];
+
+    for TestCase {
+        modulus_bits,
+        exponent_value,
+        public_key,
+        signature,
+    } in TEST_CASES
+    {
+        c.bench_function(
+            &format!("rsa_verify_{modulus_bits}_{exponent_value}"),
+            |b| {
+                const MESSAGE: &[u8] = &[];
+
+                b.iter(|| {
+                    let public_key =
+                        UnparsedPublicKey::new(&RSA_PKCS1_2048_8192_SHA256, public_key);
+                    public_key.verify(MESSAGE, signature).unwrap();
+                });
+            },
+        );
+    }
+}
+
+criterion_group!(rsa, verify);
+criterion_main!(rsa);