1 /* mbedTLS AES performance test
2 */
3 #include <string.h>
4 #include <stdio.h>
5 #include <stdbool.h>
6 #include <esp_system.h>
7 #include "mbedtls/aes.h"
8 #include "mbedtls/gcm.h"
9 #include "unity.h"
10 #include "sdkconfig.h"
11 #include "esp_heap_caps.h"
12 #include "test_utils.h"
13 #include "ccomp_timer.h"
14 
15 TEST_CASE("mbedtls AES performance", "[aes][timeout=60]")
16 {
17     const unsigned CALLS = 256;
18     const unsigned CALL_SZ = 32 * 1024;
19     mbedtls_aes_context ctx;
20     float elapsed_usec;
21     uint8_t iv[16];
22     uint8_t key[16];
23 
24     memset(iv, 0xEE, 16);
25     memset(key, 0x44, 16);
26 
27     // allocate internal memory
28     uint8_t *buf = heap_caps_malloc(CALL_SZ, MALLOC_CAP_DMA | MALLOC_CAP_8BIT | MALLOC_CAP_INTERNAL);
29     TEST_ASSERT_NOT_NULL(buf);
30     mbedtls_aes_init(&ctx);
31     mbedtls_aes_setkey_enc(&ctx, key, 128);
32 
33     ccomp_timer_start();
34     for (int c = 0; c < CALLS; c++) {
35         memset(buf, 0xAA, CALL_SZ);
36         mbedtls_aes_crypt_cbc(&ctx, MBEDTLS_AES_ENCRYPT, CALL_SZ, iv, buf, buf);
37     }
38     elapsed_usec = ccomp_timer_stop();
39 
40     /* Sanity check: make sure the last ciphertext block matches
41        what we expect to see.
42 
43        Last block produced via this Python:
44        import os, binascii
45        from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
46        from cryptography.hazmat.backends import default_backend
47        key = b'\x44' * 16
48        iv = b'\xee' * 16
49        cipher = Cipher(algorithms.AES(key), modes.CBC(iv), backend=default_backend())
50        encryptor = cipher.encryptor()
51        ct = encryptor.update(b'\xaa' * 256 * 32 * 1024) + encryptor.finalize()
52        print(binascii.hexlify(ct[-16:]))
53     */
54     const uint8_t expected_last_block[] = {
55         0x50, 0x81, 0xe0, 0xe1, 0x15, 0x2f, 0x14, 0xe9,
56         0x97, 0xa0, 0xc6, 0xe6, 0x36, 0xf3, 0x5c, 0x25,
57     };
58     TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_last_block, buf + CALL_SZ - 16, 16);
59 
60     mbedtls_aes_free(&ctx);
61     free(buf);
62 
63     // bytes/usec = MB/sec
64     float mb_sec = (CALL_SZ * CALLS) / elapsed_usec;
65     printf("Encryption rate %.3fMB/sec\n", mb_sec);
66 #ifdef CONFIG_MBEDTLS_HARDWARE_AES
67     // Don't put a hard limit on software AES performance
68     TEST_PERFORMANCE_CCOMP_GREATER_THAN(AES_CBC_THROUGHPUT_MBSEC, "%.3fMB/sec", mb_sec);
69 #endif
70 }
71