Add benchmarking

ProtonMail · May 17, 2023 · 1287b92 · 1287b92
1 parent 2887047
commit 1287b92
Showing 1 changed file with 328 additions and 0 deletions.
diff --git a/openpgp/benchmark_v6_test.go b/openpgp/benchmark_v6_test.go
@@ -0,0 +1,328 @@
+package openpgp
+
+import (
+	"bytes"
+	"crypto/rand"
+	"io"
+	"testing"
+	"time"
+
+	"github.com/ProtonMail/go-crypto/openpgp/packet"
+)
+
+const benchmarkMessageSize = 1024 // Signed / encrypted message size in bytes
+
+var benchmarkTestSet = map[string] *packet.Config {
+	"RSA_1024": {
+		Algorithm: packet.PubKeyAlgoRSA,
+		RSABits: 1024,
+	},
+	"RSA_2048": {
+		Algorithm: packet.PubKeyAlgoRSA,
+		RSABits: 2048,
+	},
+	"RSA_3072": {
+		Algorithm: packet.PubKeyAlgoRSA,
+		RSABits: 3072,
+	},
+	"RSA_4096": {
+		Algorithm: packet.PubKeyAlgoRSA,
+		RSABits: 4096,
+	},
+	"Ed25519_X25519": {
+		Algorithm: packet.PubKeyAlgoEd25519,
+	},
+	"Ed448_X448": {
+		Algorithm: packet.PubKeyAlgoEd448,
+	},
+	"P256": {
+		Algorithm: packet.PubKeyAlgoECDSA,
+		Curve: packet.CurveNistP256,
+	},
+	"P384": {
+		Algorithm: packet.PubKeyAlgoECDSA,
+		Curve: packet.CurveNistP384,
+	},
+	"P521": {
+		Algorithm: packet.PubKeyAlgoECDSA,
+		Curve: packet.CurveNistP521,
+	},
+	"Brainpool256": {
+		Algorithm: packet.PubKeyAlgoECDSA,
+		Curve: packet.CurveBrainpoolP256,
+	},
+	"Brainpool384": {
+		Algorithm: packet.PubKeyAlgoECDSA,
+		Curve: packet.CurveBrainpoolP384,
+	},
+	"Brainpool512": {
+		Algorithm: packet.PubKeyAlgoECDSA,
+		Curve: packet.CurveBrainpoolP512,
+	},
+	"Dilithium3Ed25519_Kyber768X25519": {
+		Algorithm: packet.PubKeyAlgoDilithium3Ed25519,
+	},
+	"Dilithium5Ed448_Kyber1024X448": {
+		Algorithm: packet.PubKeyAlgoDilithium5Ed448,
+	},
+	"Dilithium3P256_Kyber768P256": {
+		Algorithm: packet.PubKeyAlgoDilithium3p256,
+	},
+	"Dilithium5P384_Kyber1024P384": {
+		Algorithm: packet.PubKeyAlgoDilithium5p384,
+	},
+	"Dilithium3Brainpool256_Kyber768Brainpool256": {
+		Algorithm: packet.PubKeyAlgoDilithium3Brainpool256,
+	},
+	"Dilithium5Brainpool384_Kyber1024Brainpool384": {
+		Algorithm: packet.PubKeyAlgoDilithium5Brainpool384,
+	},
+	"SphincsPlusSHA2_128s_Kyber1024X448": {
+		Algorithm: packet.PubKeyAlgoSphincsPlusSha2,
+		SphincsPlusParameterId: 1,
+	},
+	"SphincsPlusSHA2_128f_Kyber1024X448": {
+		Algorithm: packet.PubKeyAlgoSphincsPlusSha2,
+		SphincsPlusParameterId: 2,
+	},
+	"SphincsPlusSHA2_192s_Kyber1024X448": {
+		Algorithm: packet.PubKeyAlgoSphincsPlusSha2,
+		SphincsPlusParameterId: 3,
+	},
+	"SphincsPlusSHA2_192f_Kyber1024X448": {
+		Algorithm: packet.PubKeyAlgoSphincsPlusSha2,
+		SphincsPlusParameterId: 4,
+	},
+	"SphincsPlusSHA2_256s_Kyber1024X448": {
+		Algorithm: packet.PubKeyAlgoSphincsPlusSha2,
+		SphincsPlusParameterId: 5,
+	},
+	"SphincsPlusSHA2_256f_Kyber1024X448": {
+		Algorithm: packet.PubKeyAlgoSphincsPlusSha2,
+		SphincsPlusParameterId: 6,
+	},
+	"SphincsPlusSHAKE_128s_Kyber1024X448":{
+		Algorithm: packet.PubKeyAlgoSphincsPlusShake,
+		SphincsPlusParameterId: 1,
+	},
+	"SphincsPlusSHAKE_128f_Kyber1024X448":{
+		Algorithm: packet.PubKeyAlgoSphincsPlusShake,
+		SphincsPlusParameterId: 2,
+	},
+	"SphincsPlusSHAKE_192s_Kyber1024X448":{
+		Algorithm: packet.PubKeyAlgoSphincsPlusShake,
+		SphincsPlusParameterId: 3,
+	},
+	"SphincsPlusSHAKE_192f_Kyber1024X448":{
+		Algorithm: packet.PubKeyAlgoSphincsPlusShake,
+		SphincsPlusParameterId: 4,
+	},
+	"SphincsPlusSHAKE_256s_Kyber1024X448":{
+		Algorithm: packet.PubKeyAlgoSphincsPlusShake,
+		SphincsPlusParameterId: 5,
+	},
+	"SphincsPlusSHAKE_256f_Kyber1024X448":{
+		Algorithm: packet.PubKeyAlgoSphincsPlusShake,
+		SphincsPlusParameterId: 6,
+	},
+}
+
+func benchmarkGenerateKey(b *testing.B, config *packet.Config) []byte {
+	var serializedEntity *bytes.Buffer
+	config.V6Keys = true
+
+	config.AEADConfig = &packet.AEADConfig{
+		DefaultMode: packet.AEADModeOCB,
+	}
+
+	config.Time = func() time.Time {
+		parsed, _ := time.Parse("2006-01-02", "2013-07-01")
+		return parsed
+	}
+
+	b.ResetTimer()
+	for n := 0; n < b.N; n++ {
+		entity, err := NewEntity("Golang Gopher", "Test Key", "[email protected]", config)
+		if err != nil {
+			b.Fatal(err)
+		}
+
+		serializedEntity = bytes.NewBuffer(nil)
+		err = entity.SerializePrivate(serializedEntity, nil)
+		if err != nil {
+			b.Fatalf("Failed to serialize entity: %s", err)
+		}
+	}
+
+	return serializedEntity.Bytes()
+}
+
+func benchmarkEncrypt(b *testing.B, key, plaintext []byte, sign bool) [][]byte {
+	var encryptedMessages [][]byte
+
+	b.ResetTimer()
+	for n := 0; n < b.N; n++ {
+		var config = &packet.Config{
+			AEADConfig: &packet.AEADConfig{
+				DefaultMode: packet.AEADModeOCB,
+			},
+			V6Keys: true,
+		}
+		buf := new(bytes.Buffer)
+		kring, _ := ReadKeyRing(bytes.NewReader(key))
+
+		var signed *Entity
+		if sign {
+			signed = kring[0]
+		}
+
+		w, err := Encrypt(buf, kring[:1], signed, nil, config)
+		if err != nil {
+			b.Errorf("Failed to initalize encryption: %s", err)
+			continue
+		}
+
+		_, err = w.Write(plaintext)
+		if err != nil {
+			b.Errorf("Error writing plaintext: %s", err)
+			continue
+		}
+
+		err = w.Close()
+		if err != nil {
+			b.Errorf("Error closing WriteCloser: %s", err)
+			continue
+		}
+
+		encryptedMessages = append(encryptedMessages, buf.Bytes())
+	}
+
+	return encryptedMessages
+}
+
+func benchmarkDecrypt(b *testing.B, key, plaintext []byte, encryptedMessages [][]byte, verify bool) {
+	b.ResetTimer()
+	for n := 0; n < b.N; n++ {
+		reader := bytes.NewReader(encryptedMessages[n % len(encryptedMessages)])
+		kring, _ := ReadKeyRing(bytes.NewReader(key))
+		md, err := ReadMessage(reader, kring, nil, nil)
+		if err != nil {
+			b.Errorf("Error reading message: %s", err)
+			continue
+		}
+
+		decrypted, err := io.ReadAll(md.UnverifiedBody)
+		if err != nil {
+			b.Errorf("Error reading encrypted content: %s", err)
+			continue
+		}
+
+		if !bytes.Equal(decrypted, plaintext) {
+			b.Error("Decrypted wrong plaintext")
+		}
+
+		if verify {
+			if md.SignatureError != nil {
+				b.Errorf("Signature error: %s", md.SignatureError)
+			}
+			if md.Signature == nil {
+				b.Error("Signature missing")
+			}
+		}
+	}
+}
+
+func benchmarkSign(b *testing.B, key, plaintext []byte) [][]byte {
+	var signatures [][]byte
+
+	b.ResetTimer()
+	for n := 0; n < b.N; n++ {
+		buf := new(bytes.Buffer)
+		kring, _ := ReadKeyRing(bytes.NewReader(key))
+
+		err := DetachSign(buf, kring[0], bytes.NewReader(plaintext), nil)
+		if err != nil {
+			b.Errorf("Failed to sign: %s", err)
+			continue
+		}
+
+		signatures = append(signatures, buf.Bytes())
+	}
+
+	return signatures
+}
+
+func benchmarkVerify(b *testing.B, key, plaintext []byte, signatures [][]byte) {
+	b.ResetTimer()
+	for n := 0; n < b.N; n++ {
+		signed := bytes.NewReader(plaintext)
+		signature := bytes.NewReader(signatures[n % len(signatures)])
+		kring, _ := ReadKeyRing(bytes.NewReader(key))
+
+		parsedSignature, signer, signatureError := VerifyDetachedSignature(kring, signed, signature,nil)
+
+		if signatureError != nil {
+			b.Errorf("Signature error: %s", signatureError)
+		}
+
+		if parsedSignature == nil {
+			b.Error("Signature missing")
+		}
+
+		if signer == nil {
+			b.Error("Signer missing")
+		}
+	}
+}
+
+func BenchmarkV6Keys(b *testing.B) {
+	serializedKeys := make(map[string] []byte)
+	encryptedMessages := make(map[string] [][]byte)
+	encryptedSignedMessages := make(map[string] [][]byte)
+	signatures := make(map[string] [][]byte)
+
+	var plaintext [benchmarkMessageSize]byte
+	_, _ = rand.Read(plaintext[:])
+
+	for name, config := range benchmarkTestSet {
+		b.Run("Generate " + name, func(b *testing.B) {
+			serializedKeys[name] = benchmarkGenerateKey(b, config)
+		})
+	}
+
+	for name, key := range serializedKeys {
+		b.Run("Encrypt_" + name, func(b *testing.B) {
+			encryptedMessages[name] = benchmarkEncrypt(b, key, plaintext[:], false)
+		})
+	}
+
+	for name, key := range serializedKeys {
+		b.Run("Decrypt_" + name, func(b *testing.B) {
+			benchmarkDecrypt(b, key, plaintext[:], encryptedMessages[name], false)
+		})
+	}
+
+	for name, key := range serializedKeys {
+		b.Run("Encrypt_Sign_" + name, func(b *testing.B) {
+			encryptedSignedMessages[name] = benchmarkEncrypt(b, key, plaintext[:], true)
+		})
+	}
+
+	for name, key := range serializedKeys {
+		b.Run("Decrypt_Verify_" + name, func(b *testing.B) {
+			benchmarkDecrypt(b, key, plaintext[:], encryptedSignedMessages[name], true)
+		})
+	}
+
+	for name, key := range serializedKeys {
+		b.Run("Sign_" + name, func(b *testing.B) {
+			signatures[name] = benchmarkSign(b, key, plaintext[:])
+		})
+	}
+
+	for name, key := range serializedKeys {
+		b.Run("Verify_" + name, func(b *testing.B) {
+			benchmarkVerify(b, key, plaintext[:], signatures[name])
+		})
+	}
+}