From 90dd9218cdf72b80748c4fc8f4b4b992e32eae56 Mon Sep 17 00:00:00 2001 From: Brian Smith Date: Mon, 20 Nov 2023 14:17:21 -0800 Subject: [PATCH] RSA: Add benchmarks for signature verification. --- bench/Cargo.toml | 5 ++ bench/data/rsa-2048-3-public-key.der | Bin 0 -> 268 bytes bench/data/rsa-2048-3-signature.bin | 1 + bench/data/rsa-2048-65537-public-key.der | Bin 0 -> 270 bytes bench/data/rsa-2048-65537-signature.bin | 1 + bench/data/rsa-3072-3-public-key.der | Bin 0 -> 268 bytes bench/data/rsa-3072-3-signature.bin | Bin 0 -> 256 bytes bench/data/rsa-4096-3-public-key.der | Bin 0 -> 268 bytes bench/data/rsa-4096-3-signature.bin | 4 ++ bench/data/rsa-8192-3-public-key.der | Bin 0 -> 268 bytes bench/data/rsa-8192-3-signature.bin | Bin 0 -> 256 bytes bench/data/rsa-generate.sh | 53 +++++++++++++++ bench/rsa.rs | 80 +++++++++++++++++++++++ 13 files changed, 144 insertions(+) create mode 100644 bench/data/rsa-2048-3-public-key.der create mode 100644 bench/data/rsa-2048-3-signature.bin create mode 100644 bench/data/rsa-2048-65537-public-key.der create mode 100644 bench/data/rsa-2048-65537-signature.bin create mode 100644 bench/data/rsa-3072-3-public-key.der create mode 100644 bench/data/rsa-3072-3-signature.bin create mode 100644 bench/data/rsa-4096-3-public-key.der create mode 100644 bench/data/rsa-4096-3-signature.bin create mode 100644 bench/data/rsa-8192-3-public-key.der create mode 100644 bench/data/rsa-8192-3-signature.bin create mode 100755 bench/data/rsa-generate.sh create mode 100644 bench/rsa.rs diff --git a/bench/Cargo.toml b/bench/Cargo.toml index 4effb4273..c647968da 100644 --- a/bench/Cargo.toml +++ b/bench/Cargo.toml @@ -24,3 +24,8 @@ path = "agreement.rs" name = "ecdsa" harness = false path = "ecdsa.rs" + +[[bench]] +name = "rsa" +harness = false +path = "rsa.rs" diff --git a/bench/data/rsa-2048-3-public-key.der b/bench/data/rsa-2048-3-public-key.der new file mode 100644 index 0000000000000000000000000000000000000000..8f3b0a283066ebb25270c34d3d756a54be776a58 GIT binary patch literal 268 zcmV+n0rUPaf&mBuf&l>l#DL`gjXNTBWv3n+gPF1lNCKK40=jfwx-E>bMmJw3gmM8a zaIs$yl28mW=DrZ=-&m#btZ7HI-Cw>zK8dB%cUTUyDq&3C@AS6h>K-M%cENwGqOFre zXW_DBU@n$@@i?z0S=(rb?jIOjmgS)-571HaFMEx1I%5pP~Bw{>yONpwr(jc(rZ7%H)sDgQvIoL0(fUdJug0;0MMl>@~h79m| zB*l)b2tc7^ih+$Lc9JnaaIL1AfZ?YeA+6mmxeG=T=EmwDVML1lj?D{=l~|8{Iv0^;@|-xs5#3~zA>H%9bf!FAHFACJkOppO zCC)TEbs)Nw4Pu+mqiVO7+|;K8*(UYh3d`}K#@7#rkD-olxh)i}jW6~`#*Vf^itx58 zTihF#hw`MtyNoOGcOU;v#?*e;x}FinD$FPXRPW!7ac%WNHj%`M&x;bb+EH3($@4dz zHMk{x!+Z<%)jBmA&8qec(U*BWA&&dkzx5Q_OO;y0i1`M>3d29U`0DBsKD}K~>`|s9 z+KM~_`d`OG>WUteQZ0Xt!;-xN`T~a2kCQ)s1vV)1af7G23l1VpV!s3xaS}1MinCQ_ U8-&1iZz;e~F~C1x0s{d60i0}tpa1{> literal 0 HcmV?d00001 diff --git a/bench/data/rsa-2048-65537-signature.bin b/bench/data/rsa-2048-65537-signature.bin new file mode 100644 index 000000000..7d7c3a90b --- /dev/null +++ b/bench/data/rsa-2048-65537-signature.bin @@ -0,0 +1 @@ +gm?wAjgDgmEYU$t=g ؎|\DAm0¾S0z!' Qk[s'4\oA4l@\:JWҵi9>n$T@cpzKg豏.ʘzBjrLR\ fpCS\׽i!uX˾L1ZwR_ay/`X._]X4h۫}$?"Ǭ#΀ոA< + \ No newline at end of file diff --git a/bench/data/rsa-3072-3-public-key.der b/bench/data/rsa-3072-3-public-key.der new file mode 100644 index 0000000000000000000000000000000000000000..da1be09f24785a99dffde31a1a3a8119119b5498 GIT binary patch literal 268 zcmV+n0rUPaf&mBuf&l>luTppX58&EKsM(Ry068L{94V|snx*U=&g6M$%WAwXf&2!9 zu=>_#q7tfnPmTu;j0hEAorMRGO~PlF;GibftE31u{LX+6nR08+>!`8{R{$lG zQoqn1cCMqFqypf<;bgXIL%H`Ai=tD#FRbuTYzKg=qmh$kjKGvLQl9mqnOPs>7e_e% zaG?i|)?ooSiUUlQ!!D!z3O-+q%(!n!MF?Ldf}^s6`dkWo2Jo#Om697b8bB{UmSYd6 zK=S+~z*!+=Ep*LPQLe2^`82scg27LUf}S4l9qdz!qb~#$vH9diA@qf;{v)zd3aV(u Sj0Y;9D7P`dw6(J{0s#XvGJEm> literal 0 HcmV?d00001 diff --git a/bench/data/rsa-3072-3-signature.bin b/bench/data/rsa-3072-3-signature.bin new file mode 100644 index 0000000000000000000000000000000000000000..d8f6a9afc4071d7e26edace9ab05229402283bf7 GIT binary patch literal 256 zcmV+b0ssCDnb5Z6(`0zE3fi-EtLp&(I~%Uw-jO7UQ1(Euah82u2|}@P;}sXX^_vM{ z7CxhR^CuRJk?UnBA~VdQD%mAVEhB2&0jhX+)5Hhuw_~w%$=i4B4!1`iY>aqxp}=N; z3}&2Z1x$7HA`34a&9EL!flVgr>e!fJbIE(2+;;qm6&Im@(C<*XRni%j7yG`UY2|g_ zrdz{0b`r(=4PN1zo-$bk1?~j-0^Z(l-YpBIKiM z5yq$Tr$>DY5tPPq|3)`>sC{@BI>eDe26f@sCXpHqBxq7Bi0rh!OGQzy)4Dq!Ke*aj GPlWjQ+kKP( literal 0 HcmV?d00001 diff --git a/bench/data/rsa-4096-3-public-key.der b/bench/data/rsa-4096-3-public-key.der new file mode 100644 index 0000000000000000000000000000000000000000..e05c687673a39fc85e068c49b421062d78fb9c02 GIT binary patch literal 268 zcmV+n0rUPaf&mBuf&l>lyd`vSB9WCTSVTh(^$!HXj9M}MV=rJC94{ZRdEoD~6D@8l zXTbL`-ZPCbYI0eOxQzwc;ppZ}*WfdZ`ukFV?1o{p7iATid@|;t#K8ZgOtl`VP(sL|qzToNsR_fb zm=H6Uay67T7VQ2gg%mnEe+p!S0~pFH-sVrghSP;uDVIn;z^xhJS8)MZqYm9=wRD{_ SkaV$za+WWbA;~Mz0s#Ym!hTr* literal 0 HcmV?d00001 diff --git a/bench/data/rsa-4096-3-signature.bin b/bench/data/rsa-4096-3-signature.bin new file mode 100644 index 000000000..17e61989a --- /dev/null +++ b/bench/data/rsa-4096-3-signature.bin @@ -0,0 +1,4 @@ +A$6(ƍ/;dRKvZ7nlJ?8_Iu[(ਯ7_,VŎ/MGڐs8Bs>aaA6+)} 3}O%zyP9Y|}7 +Tj %4?5ٛaU_iȇVkȪ8!$SбSb2s/ +OKXUQ<a +YUr^!.Z \ No newline at end of file diff --git a/bench/data/rsa-8192-3-public-key.der b/bench/data/rsa-8192-3-public-key.der new file mode 100644 index 0000000000000000000000000000000000000000..52b6de512639d37dcef41b07eaccb23ce2a5f0d7 GIT binary patch literal 268 zcmV+n0rUPaf&mBuf&l>l!@Ti}O%Sf6&KA;RR9lYb^n~Xo_@zh`-7CnS5}Bi#)U-O9 zRq!0F3{v$43`&#A*uR|oK`S8aM@wDmmvzNv3Lj1q9l?vBP8dqIIeBc!SIPYOr~#rO z&dUdzAm0(E#CuZA4x|rAfSpOvPpv7HIxI6t0K-!dpVLc^w7Xr|7b5k|MGJbBl^f^m z!hFvgd*%+@X|+0;WZL1M^8iPj4_1%K&cE-K?YGIW#+m_inYfyK?7~ACb5Aax9VTNp SL7J}j&C0W*_}%Q~0s#XW+JL

b1HQW$|nhKa7cq+Wa6Z)HU}v-|A6o%JY_9@@=7 z5a@g((q5QxG8akt!gs^3)FN{}^k1rNBW6sBp%|>q2GFJc7F*^uqX^#f1&XXjqwk1< z38!+2jESgPHd1>+5zjAsL-nP+cGs&WMjK5?JIYbw`*~Xtk~D>xnbNKh+tB<2k_C&? z0#ZQDrA4j$&zy^3tk^@sa#l#Yo#w&tMc7x#1k6ZULNo~*#yGNS^%k0Vy;h3fLF@kd z${NZSLww)x^u0c?=>WJ;PXO)A1p(_od+oVsU^rAhOYh>I<<6RFC;1y{H`G;Ldlb0Z G79|f)K!3~t literal 0 HcmV?d00001 diff --git a/bench/data/rsa-generate.sh b/bench/data/rsa-generate.sh new file mode 100755 index 000000000..cf07722fc --- /dev/null +++ b/bench/data/rsa-generate.sh @@ -0,0 +1,53 @@ +#!/usr/bin/env bash +# +# Copyright 2023 Brian Smith. +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES +# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY +# SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION +# OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN +# CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + +set -eux -o pipefail +IFS=$'\n\t' + +truncate --size 0 empty_message + +openssl genpkey -algorithm RSA \ + -pkeyopt rsa_keygen_bits:2048 \ + -pkeyopt rsa_keygen_pubexp:65537 | \ + openssl pkcs8 -topk8 -nocrypt -outform der > rsa-2048-65537.p8 + +openssl pkey -pubout -inform der -outform der \ + -in rsa-2048-65537.p8 | \ + openssl rsa -pubin -RSAPublicKey_out -inform DER -outform DER \ + -out rsa-2048-65537-public-key.der +openssl dgst -sha256 -sign rsa-2048-65537.p8 -out rsa-2048-65537-signature.bin empty_message +rm rsa-2048-65537.p8 + +m=(2048 3072 4096 8192) +for i in "${m[@]}" +do + echo $i + openssl genpkey -algorithm RSA \ + -pkeyopt rsa_keygen_bits:2048 \ + -pkeyopt rsa_keygen_pubexp:3 | \ + openssl pkcs8 -topk8 -nocrypt -outform der > rsa-$i-3.p8 + + openssl pkey -pubout -inform der -outform der \ + -in rsa-$i-3.p8 | \ + openssl rsa -pubin -RSAPublicKey_out -inform DER -outform DER \ + -out rsa-$i-3-public-key.der + + openssl dgst -sha256 -sign rsa-$i-3.p8 -out rsa-$i-3-signature.bin empty_message + + rm rsa-$i-3.p8 +done + +rm empty_message diff --git a/bench/rsa.rs b/bench/rsa.rs new file mode 100644 index 000000000..3f1e38dc0 --- /dev/null +++ b/bench/rsa.rs @@ -0,0 +1,80 @@ +// Copyright 2023 Brian Smith. +// +// Permission to use, copy, modify, and/or distribute this software for any +// purpose with or without fee is hereby granted, provided that the above +// copyright notice and this permission notice appear in all copies. +// +// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES +// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY +// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION +// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN +// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +#![allow(missing_docs)] + +use criterion::{criterion_group, criterion_main, Criterion}; +use ring::signature::{UnparsedPublicKey, RSA_PKCS1_2048_8192_SHA256}; + +macro_rules! verify_case { + ( $modulus_bits:expr, $exponent_value:expr ) => { + TestCase { + modulus_bits: $modulus_bits, + exponent_value: $exponent_value, + public_key: include_bytes!(concat!( + "data/rsa-", + stringify!($modulus_bits), + "-", + stringify!($exponent_value), + "-public-key.der" + )), + signature: include_bytes!(concat!( + "data/rsa-", + stringify!($modulus_bits), + "-", + stringify!($exponent_value), + "-signature.bin" + )), + } + }; +} + +fn verify(c: &mut Criterion) { + struct TestCase { + modulus_bits: usize, + exponent_value: usize, + public_key: &'static [u8], + signature: &'static [u8], + } + static TEST_CASES: &[TestCase] = &[ + verify_case!(2048, 65537), + verify_case!(2048, 3), + verify_case!(3072, 3), + verify_case!(4096, 3), + verify_case!(8192, 3), + ]; + + for TestCase { + modulus_bits, + exponent_value, + public_key, + signature, + } in TEST_CASES + { + c.bench_function( + &format!("rsa_verify_{modulus_bits}_{exponent_value}"), + |b| { + const MESSAGE: &[u8] = &[]; + + b.iter(|| { + let public_key = + UnparsedPublicKey::new(&RSA_PKCS1_2048_8192_SHA256, public_key); + public_key.verify(MESSAGE, signature).unwrap(); + }); + }, + ); + } +} + +criterion_group!(rsa, verify); +criterion_main!(rsa);