You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mynewt.apache.org by GitBox <gi...@apache.org> on 2020/01/31 13:05:26 UTC
[GitHub] [mynewt-core] utzig opened a new pull request #2174: Updates to
crypto_test app; STM32 crypto HW driver; CBC/CTR speed
utzig opened a new pull request #2174: Updates to crypto_test app; STM32 crypto HW driver; CBC/CTR speed
URL: https://github.com/apache/mynewt-core/pull/2174
* apps: crypto_test: add benchmarks for CBC/CTR
* stm32: crypto: make driver obey syscfg HW support
* crypto: use 32-bit XOR in CBC/CTR
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [mynewt-core] kasjer commented on a change in pull request #2174:
Updates to crypto_test app; STM32 crypto HW driver; CBC/CTR speed
Posted by GitBox <gi...@apache.org>.
kasjer commented on a change in pull request #2174: Updates to crypto_test app; STM32 crypto HW driver; CBC/CTR speed
URL: https://github.com/apache/mynewt-core/pull/2174#discussion_r384192790
##########
File path: hw/drivers/crypto/src/crypto.c
##########
@@ -56,8 +61,20 @@ crypto_do_ctr(struct crypto_dev *crypto, const void *key, uint16_t keylen,
return sz + rc;
}
- for (i = 0; i < len; i++) {
- outbuf8[i] = inbuf8[i] ^ _out[i];
+ /*
+ * For full blocks increase speed by doing 32-bit XOR; maintain the
+ * stream semantics doing byte XORs for smaller sizes (end of buffer).
+ */
+ if (len == AES_BLOCK_LEN) {
+ inbuf32 = (uint32_t *)inbuf8;
+ outbuf32 = (uint32_t *)outbuf8;
+ for (i = 0; i < len / 4; i++) {
+ outbuf32[i] = inbuf32[i] ^ _out32[i];
Review comment:
I'm not sure what is the usage of this function but unaligned access here could crash Cortex-M0
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [mynewt-core] kasjer commented on a change in pull request #2174:
Updates to crypto_test app; STM32 crypto HW driver; CBC/CTR speed
Posted by GitBox <gi...@apache.org>.
kasjer commented on a change in pull request #2174: Updates to crypto_test app; STM32 crypto HW driver; CBC/CTR speed
URL: https://github.com/apache/mynewt-core/pull/2174#discussion_r384193747
##########
File path: apps/crypto_test/src/main.c
##########
@@ -282,6 +286,66 @@ run_benchmark(char *name, block_encrypt_func_t encfn, void *data, uint8_t iter)
}
printf("done in %lu ticks\n", os_time_get() - t);
}
+
+static void
+run_cbc_bench(struct crypto_dev *crypto, uint8_t iter)
+{
+ int i, j;
+ uint8_t iv[AES_BLOCK_LEN];
+ uint8_t output[AES_BLOCK_LEN];
+ uint16_t blkidx;
+ os_time_t t;
+
+ printf("AES-128-CBC - running %d iterations of 4096 block encrypt... ", iter);
+ t = os_time_get();
+ for (i = 0; i < iter; i++) {
+ memcpy(iv, aes_128_cbc_iv, AES_BLOCK_LEN);
+ for (blkidx = 0; blkidx < 4096; blkidx += AES_BLOCK_LEN) {
+ (void)crypto_encrypt_aes_cbc(crypto, aes_128_key, 128, iv,
+ &aes_128_input[blkidx], output, AES_BLOCK_LEN);
+ if (memcmp(output, &aes_128_cbc_expected[blkidx],
+ AES_BLOCK_LEN)) {
+ printf("fail... blkidx=%u\n", blkidx);
+ for (j = 0; j < AES_BLOCK_LEN; j++) {
+ printf("[%02x]<%02x> ", output[j],
+ aes_128_cbc_expected[blkidx + j]);
+ }
+ return;
+ }
+ }
+ }
+ printf("done in %lu ticks\n", os_time_get() - t);
Review comment:
I would not use ticks to display time, you could not compare results of two different boards not knowing what tick mean on each one.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [mynewt-core] apache-mynewt-bot removed a comment on issue #2174:
Updates to crypto_test app; STM32 crypto HW driver; CBC/CTR speed
Posted by GitBox <gi...@apache.org>.
apache-mynewt-bot removed a comment on issue #2174: Updates to crypto_test app; STM32 crypto HW driver; CBC/CTR speed
URL: https://github.com/apache/mynewt-core/pull/2174#issuecomment-580798808
<!-- style-bot -->
## Style check summary
### Our coding style is [here!](https://github.com/apache/mynewt-core/blob/master/CODING_STANDARDS.md)
#### hw/drivers/crypto/crypto_stm32/src/crypto_stm32.c
<details>
```diff
@@ -150,24 +150,24 @@
case CRYPTO_MODE_ECB:
if (op == CRYPTO_OP_ENCRYPT) {
status = HAL_CRYP_Encrypt(&g_hcryp, (uint32_t *)inbuf, len,
- (uint32_t *)outbuf, HAL_MAX_DELAY);
+ (uint32_t *)outbuf, HAL_MAX_DELAY);
} else {
status = HAL_CRYP_Decrypt(&g_hcryp, (uint32_t *)inbuf, len,
- (uint32_t *)outbuf, HAL_MAX_DELAY);
+ (uint32_t *)outbuf, HAL_MAX_DELAY);
}
break;
#if MYNEWT_VAL(CRYPTO_HW_AES_CBC)
case CRYPTO_MODE_CBC:
if (op == CRYPTO_OP_ENCRYPT) {
status = HAL_CRYP_Encrypt(&g_hcryp, (uint32_t *)inbuf, len,
- (uint32_t *)outbuf, HAL_MAX_DELAY);
+ (uint32_t *)outbuf, HAL_MAX_DELAY);
if (status == HAL_OK) {
memcpy(iv, &outbuf[len-AES_BLOCK_LEN], AES_BLOCK_LEN);
}
} else {
memcpy(iv_save, &inbuf[len-AES_BLOCK_LEN], AES_BLOCK_LEN);
status = HAL_CRYP_Decrypt(&g_hcryp, (uint32_t *)inbuf, len,
- (uint32_t *)outbuf, HAL_MAX_DELAY);
+ (uint32_t *)outbuf, HAL_MAX_DELAY);
if (status == HAL_OK) {
memcpy(iv, iv_save, AES_BLOCK_LEN);
}
```
</details>
#### hw/drivers/crypto/src/crypto.c
<details>
```diff
@@ -143,7 +143,7 @@
rc = crypto->interface.encrypt(crypto, CRYPTO_ALGO_AES,
CRYPTO_MODE_ECB, (const uint8_t *)key, keylen, NULL,
- (uint8_t *)tmp32, &outbuf8[i], AES_BLOCK_LEN);
+ (uint8_t *)tmp32, &outbuf8[i], AES_BLOCK_LEN);
if (rc != AES_BLOCK_LEN) {
return rc;
}
```
</details>
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [mynewt-core] apache-mynewt-bot removed a comment on issue #2174:
Updates to crypto_test app; STM32 crypto HW driver; CBC/CTR speed
Posted by GitBox <gi...@apache.org>.
apache-mynewt-bot removed a comment on issue #2174: Updates to crypto_test app; STM32 crypto HW driver; CBC/CTR speed
URL: https://github.com/apache/mynewt-core/pull/2174#issuecomment-581441346
<!-- style-bot -->
## Style check summary
#### No suggestions at this time!
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [mynewt-core] utzig commented on issue #2174: Updates to
crypto_test app; STM32 crypto HW driver; CBC/CTR speed
Posted by GitBox <gi...@apache.org>.
utzig commented on issue #2174: Updates to crypto_test app; STM32 crypto HW driver; CBC/CTR speed
URL: https://github.com/apache/mynewt-core/pull/2174#issuecomment-590944564
Could someone take a look?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [mynewt-core] utzig commented on a change in pull request #2174:
Updates to crypto_test app; STM32 crypto HW driver; CBC/CTR speed
Posted by GitBox <gi...@apache.org>.
utzig commented on a change in pull request #2174: Updates to crypto_test app; STM32 crypto HW driver; CBC/CTR speed
URL: https://github.com/apache/mynewt-core/pull/2174#discussion_r387697896
##########
File path: hw/drivers/crypto/src/crypto.c
##########
@@ -56,8 +61,20 @@ crypto_do_ctr(struct crypto_dev *crypto, const void *key, uint16_t keylen,
return sz + rc;
}
- for (i = 0; i < len; i++) {
- outbuf8[i] = inbuf8[i] ^ _out[i];
+ /*
+ * For full blocks increase speed by doing 32-bit XOR; maintain the
+ * stream semantics doing byte XORs for smaller sizes (end of buffer).
+ */
+ if (len == AES_BLOCK_LEN) {
+ inbuf32 = (uint32_t *)inbuf8;
+ outbuf32 = (uint32_t *)outbuf8;
+ for (i = 0; i < len / 4; i++) {
+ outbuf32[i] = inbuf32[i] ^ _out32[i];
Review comment:
This should be fixed now, thanks!
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [mynewt-core] utzig commented on a change in pull request #2174:
Updates to crypto_test app; STM32 crypto HW driver; CBC/CTR speed
Posted by GitBox <gi...@apache.org>.
utzig commented on a change in pull request #2174: Updates to crypto_test app; STM32 crypto HW driver; CBC/CTR speed
URL: https://github.com/apache/mynewt-core/pull/2174#discussion_r387698511
##########
File path: apps/crypto_test/src/main.c
##########
@@ -282,6 +286,66 @@ run_benchmark(char *name, block_encrypt_func_t encfn, void *data, uint8_t iter)
}
printf("done in %lu ticks\n", os_time_get() - t);
}
+
+static void
+run_cbc_bench(struct crypto_dev *crypto, uint8_t iter)
+{
+ int i, j;
+ uint8_t iv[AES_BLOCK_LEN];
+ uint8_t output[AES_BLOCK_LEN];
+ uint16_t blkidx;
+ os_time_t t;
+
+ printf("AES-128-CBC - running %d iterations of 4096 block encrypt... ", iter);
+ t = os_time_get();
+ for (i = 0; i < iter; i++) {
+ memcpy(iv, aes_128_cbc_iv, AES_BLOCK_LEN);
+ for (blkidx = 0; blkidx < 4096; blkidx += AES_BLOCK_LEN) {
+ (void)crypto_encrypt_aes_cbc(crypto, aes_128_key, 128, iv,
+ &aes_128_input[blkidx], output, AES_BLOCK_LEN);
+ if (memcmp(output, &aes_128_cbc_expected[blkidx],
+ AES_BLOCK_LEN)) {
+ printf("fail... blkidx=%u\n", blkidx);
+ for (j = 0; j < AES_BLOCK_LEN; j++) {
+ printf("[%02x]<%02x> ", output[j],
+ aes_128_cbc_expected[blkidx + j]);
+ }
+ return;
+ }
+ }
+ }
+ printf("done in %lu ticks\n", os_time_get() - t);
Review comment:
Comparing to different boards is not relevant IMO, what is being done here is to compare the HW acceleration speed to SW implementations using tinycrypt/mbedTLS.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [mynewt-core] utzig merged pull request #2174: Updates to
crypto_test app; STM32 crypto HW driver; CBC/CTR speed
Posted by GitBox <gi...@apache.org>.
utzig merged pull request #2174: Updates to crypto_test app; STM32 crypto HW driver; CBC/CTR speed
URL: https://github.com/apache/mynewt-core/pull/2174
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [mynewt-core] apache-mynewt-bot commented on issue #2174: Updates
to crypto_test app; STM32 crypto HW driver; CBC/CTR speed
Posted by GitBox <gi...@apache.org>.
apache-mynewt-bot commented on issue #2174: Updates to crypto_test app; STM32 crypto HW driver; CBC/CTR speed
URL: https://github.com/apache/mynewt-core/pull/2174#issuecomment-581441346
<!-- style-bot -->
## Style check summary
#### No suggestions at this time!
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [mynewt-core] apache-mynewt-bot commented on issue #2174: Updates
to crypto_test app; STM32 crypto HW driver; CBC/CTR speed
Posted by GitBox <gi...@apache.org>.
apache-mynewt-bot commented on issue #2174: Updates to crypto_test app; STM32 crypto HW driver; CBC/CTR speed
URL: https://github.com/apache/mynewt-core/pull/2174#issuecomment-580798808
<!-- style-bot -->
## Style check summary
### Our coding style is [here!](https://github.com/apache/mynewt-core/blob/master/CODING_STANDARDS.md)
#### hw/drivers/crypto/crypto_stm32/src/crypto_stm32.c
<details>
```diff
@@ -150,24 +150,24 @@
case CRYPTO_MODE_ECB:
if (op == CRYPTO_OP_ENCRYPT) {
status = HAL_CRYP_Encrypt(&g_hcryp, (uint32_t *)inbuf, len,
- (uint32_t *)outbuf, HAL_MAX_DELAY);
+ (uint32_t *)outbuf, HAL_MAX_DELAY);
} else {
status = HAL_CRYP_Decrypt(&g_hcryp, (uint32_t *)inbuf, len,
- (uint32_t *)outbuf, HAL_MAX_DELAY);
+ (uint32_t *)outbuf, HAL_MAX_DELAY);
}
break;
#if MYNEWT_VAL(CRYPTO_HW_AES_CBC)
case CRYPTO_MODE_CBC:
if (op == CRYPTO_OP_ENCRYPT) {
status = HAL_CRYP_Encrypt(&g_hcryp, (uint32_t *)inbuf, len,
- (uint32_t *)outbuf, HAL_MAX_DELAY);
+ (uint32_t *)outbuf, HAL_MAX_DELAY);
if (status == HAL_OK) {
memcpy(iv, &outbuf[len-AES_BLOCK_LEN], AES_BLOCK_LEN);
}
} else {
memcpy(iv_save, &inbuf[len-AES_BLOCK_LEN], AES_BLOCK_LEN);
status = HAL_CRYP_Decrypt(&g_hcryp, (uint32_t *)inbuf, len,
- (uint32_t *)outbuf, HAL_MAX_DELAY);
+ (uint32_t *)outbuf, HAL_MAX_DELAY);
if (status == HAL_OK) {
memcpy(iv, iv_save, AES_BLOCK_LEN);
}
```
</details>
#### hw/drivers/crypto/src/crypto.c
<details>
```diff
@@ -143,7 +143,7 @@
rc = crypto->interface.encrypt(crypto, CRYPTO_ALGO_AES,
CRYPTO_MODE_ECB, (const uint8_t *)key, keylen, NULL,
- (uint8_t *)tmp32, &outbuf8[i], AES_BLOCK_LEN);
+ (uint8_t *)tmp32, &outbuf8[i], AES_BLOCK_LEN);
if (rc != AES_BLOCK_LEN) {
return rc;
}
```
</details>
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [mynewt-core] apache-mynewt-bot commented on issue #2174: Updates
to crypto_test app; STM32 crypto HW driver; CBC/CTR speed
Posted by GitBox <gi...@apache.org>.
apache-mynewt-bot commented on issue #2174: Updates to crypto_test app; STM32 crypto HW driver; CBC/CTR speed
URL: https://github.com/apache/mynewt-core/pull/2174#issuecomment-594609670
<!-- style-bot -->
## Style check summary
### Our coding style is [here!](https://github.com/apache/mynewt-core/blob/master/CODING_STANDARDS.md)
#### hw/drivers/crypto/src/crypto.c
<details>
```diff
@@ -77,11 +77,11 @@
}
} else {
#endif
- for (i = 0; i < len; i++) {
- outbuf8[i] = inbuf8[i] ^ _out[i];
- }
-#if defined(__ARM_FEATURE_UNALIGNED)
- }
+ for (i = 0; i < len; i++) {
+ outbuf8[i] = inbuf8[i] ^ _out[i];
+ }
+#if defined(__ARM_FEATURE_UNALIGNED)
+ }
#endif
for (i = AES_BLOCK_LEN; i > 0; --i) {
```
</details>
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services