279 lines
14 KiB
Markdown
279 lines
14 KiB
Markdown
|
# Additional information
|
||
|
|
||
|
A lot of, mostly useless, details
|
||
|
|
||
|
## Appendix A
|
||
|
|
||
|
Default NDK flags
|
||
|
|
||
|
* CC:
|
||
|
```
|
||
|
--target=aarch64-none-linux-android
|
||
|
-DBORINGSSL_IMPLEMENTATION
|
||
|
-g
|
||
|
-DANDROID
|
||
|
-ffunction-sections
|
||
|
-funwind-tables
|
||
|
-fstack-protector-strong
|
||
|
-no-canonical-prefixes
|
||
|
-Wa,--noexecstack
|
||
|
-Wformat
|
||
|
-Werror=format-security
|
||
|
-Werror
|
||
|
-Wformat=2
|
||
|
-Wsign-compare
|
||
|
-Wmissing-field-initializers
|
||
|
-Wwrite-strings
|
||
|
-Wall
|
||
|
-ggdb
|
||
|
-fvisibility=hidden
|
||
|
-fno-common
|
||
|
-Wnewline-eof
|
||
|
-fcolor-diagnostics
|
||
|
-Wimplicit-fallthrough
|
||
|
-Wmissing-prototypes
|
||
|
-Wold-style-definition
|
||
|
-Wstrict-prototypes
|
||
|
-Wshadow
|
||
|
-D_XOPEN_SOURCE=700
|
||
|
-O2
|
||
|
-DNDEBUG
|
||
|
-fPIC
|
||
|
```
|
||
|
|
||
|
* CPP:
|
||
|
```
|
||
|
-cc1
|
||
|
-triple aarch64-none-linux-android
|
||
|
-emit-obj
|
||
|
-mnoexecstack
|
||
|
-disable-free
|
||
|
-disable-llvm-verifier
|
||
|
-discard-value-names
|
||
|
-mrelocation-model pic
|
||
|
-pic-level 2
|
||
|
-pic-is-pie
|
||
|
-mthread-model posix
|
||
|
-mdisable-fp-elim
|
||
|
-fmath-errno
|
||
|
-masm-verbose
|
||
|
-mconstructor-aliases
|
||
|
-munwind-tables
|
||
|
-fuse-init-array
|
||
|
-target-cpu generic
|
||
|
-target-feature +neon
|
||
|
-target-abi aapcs
|
||
|
-dwarf-column-info
|
||
|
-debug-info-kind=limited
|
||
|
-dwarf-version=4
|
||
|
-debugger-tuning=gdb
|
||
|
-ffunction-sections
|
||
|
-D BORINGSSL_IMPLEMENTATION
|
||
|
-D ANDROID
|
||
|
-D NDEBUG
|
||
|
-O2
|
||
|
-Wformat
|
||
|
-Werror=format-security
|
||
|
-Werror
|
||
|
-Wformat=2
|
||
|
-Wsign-compare
|
||
|
-Wmissing-field-initializers
|
||
|
-Wwrite-strings
|
||
|
-Wall
|
||
|
-Wnewline-eof
|
||
|
-Wimplicit-fallthrough
|
||
|
-Wmissing-declarations
|
||
|
-Wmissing-prototypes
|
||
|
-Wshadow
|
||
|
-std=c++11
|
||
|
-fdeprecated-macro
|
||
|
-fdebug-compilation-dir /home/hdc/repos/mbedtls_vs_boringssl/bssl/src/build/crypto
|
||
|
-ferror-limit 19
|
||
|
-fmessage-length 238
|
||
|
-fvisibility hidden
|
||
|
-femulated-tls
|
||
|
-stack-protector 2
|
||
|
-fallow-half-arguments-and-returns
|
||
|
-fno-rtti
|
||
|
-fno-signed-char
|
||
|
-fobjc-runtime=gcc
|
||
|
-fno-common
|
||
|
-fdiagnostics-show-option
|
||
|
-fcolor-diagnostics
|
||
|
-vectorize-loops
|
||
|
-vectorize-slp
|
||
|
```
|
||
|
|
||
|
## Appendix B
|
||
|
|
||
|
Test platform settings
|
||
|
|
||
|
```
|
||
|
[ro.build.id]: [OPR6.170623.013]
|
||
|
[ro.bootimage.build.date]: [Wed Oct 11 15:46:15 BST 2017]
|
||
|
[ro.bootimage.build.fingerprint]: [Android/hikey/hikey:8.0.0/OPR6.170623.013/110:userdebug/test-keys]
|
||
|
[ro.product.cpu.abi]: [arm64-v8a]
|
||
|
[ro.product.cpu.abilist]: [arm64-v8a,armeabi-v7a,armeabi]
|
||
|
[ro.product.cpu.abilist32]: [armeabi-v7a,armeabi]
|
||
|
[ro.product.cpu.abilist64]: [arm64-v8a]
|
||
|
[ro.build.version.sdk]: [26]
|
||
|
[ro.build.version.security_patch]: [2017-08-05]
|
||
|
```
|
||
|
|
||
|
## Appendix C
|
||
|
|
||
|
Performance measures provied by ``bssl speed``:
|
||
|
|
||
|
| Operation | Small | Default |
|
||
|
|-----------|------|---------|
|
||
|
|RSA 2048 signing | (59.5 ops/sec) | (108.1 ops/sec) |
|
||
|
|RSA 2048 verify | (2377.5 ops/sec) | (4078.3 ops/sec) |
|
||
|
|RSA 4096 signing | (8.3 ops/sec) | (14.9 ops/sec) |
|
||
|
|RSA 4096 verify | (668.0 ops/sec) | (1088.4 ops/sec) |
|
||
|
|AES-128-GCM (16 bytes) | (497832.2 ops/sec): 8.0 MB/s | (1690241.1 ops/sec): 27.0 MB/s |
|
||
|
|AES-128-GCM (1350 bytes) | (17675.4 ops/sec): 23.9 MB/s | (291430.3 ops/sec): 393.4 MB/s |
|
||
|
|AES-128-GCM (8192 bytes) | (2991.6 ops/sec): 24.5 MB/s | (57088.8 ops/sec): 467.7 MB/s |
|
||
|
|AES-256-GCM (16 bytes) | (444847.4 ops/sec): 7.1 MB/s | (1615148.8 ops/sec): 25.8 MB/s |
|
||
|
|AES-256-GCM (1350 bytes) | (14792.6 ops/sec): 20.0 MB/s | (254718.5 ops/sec): 343.9 MB/s |
|
||
|
|AES-256-GCM (8192 bytes) | (2525.7 ops/sec): 20.7 MB/s | (49056.6 ops/sec): 401.9 MB/s |
|
||
|
|ChaCha20-Poly1305 (16 bytes) | (385043.6 ops/sec): 6.2 MB/s | (460788.5 ops/sec): 7.4 MB/s |
|
||
|
|ChaCha20-Poly1305 (1350 bytes) | (33108.8 ops/sec): 44.7 MB/s | (67622.8 ops/sec): 91.3 MB/s |
|
||
|
|ChaCha20-Poly1305 (8192 bytes) | (5905.1 ops/sec): 48.4 MB/s | (13219.5 ops/sec): 108.3 MB/s |
|
||
|
|DES-EDE3-CBC-SHA1 (16 bytes) | (100311.5 ops/sec): 1.6 MB/s | (110073.3 ops/sec): 1.8 MB/s |
|
||
|
|DES-EDE3-CBC-SHA1 (1350 bytes) | (3787.2 ops/sec): 5.1 MB/s | (3926.7 ops/sec): 5.3 MB/s |
|
||
|
|DES-EDE3-CBC-SHA1 (8192 bytes) | (638.4 ops/sec): 5.2 MB/s | (661.2 ops/sec): 5.4 MB/s |
|
||
|
|AES-128-CBC-SHA1 (16 bytes) | (268159.9 ops/sec): 4.3 MB/s | (540844.8 ops/sec): 8.7 MB/s |
|
||
|
|AES-128-CBC-SHA1 (1350 bytes) | (22535.6 ops/sec): 30.4 MB/s | (162597.6 ops/sec): 219.5 MB/s |
|
||
|
|AES-128-CBC-SHA1 (8192 bytes) | (3959.9 ops/sec): 32.4 MB/s | (37787.3 ops/sec): 309.6 MB/s |
|
||
|
|AES-256-CBC-SHA1 (16 bytes) | (244904.2 ops/sec): 3.9 MB/s | (524976.9 ops/sec): 8.4 MB/s |
|
||
|
|AES-256-CBC-SHA1 (1350 bytes) | (18272.3 ops/sec): 24.7 MB/s | (141626.7 ops/sec): 191.2 MB/s |
|
||
|
|AES-256-CBC-SHA1 (8192 bytes) | (3181.3 ops/sec): 26.1 MB/s | (31195.9 ops/sec): 255.6 MB/s |
|
||
|
|AES-128-GCM-SIV (16 bytes) | (244929.5 ops/sec): 3.9 MB/s | (776750.7 ops/sec): 12.4 MB/s |
|
||
|
|AES-128-GCM-SIV (1350 bytes) | (14640.5 ops/sec): 19.8 MB/s | (66627.7 ops/sec): 89.9 MB/s |
|
||
|
|AES-128-GCM-SIV (8192 bytes) | (2531.6 ops/sec): 20.7 MB/s | (11850.0 ops/sec): 97.1 MB/s |
|
||
|
|AES-256-GCM-SIV (16 bytes) | (171899.3 ops/sec): 2.8 MB/s | (660748.9 ops/sec): 10.6 MB/s |
|
||
|
|AES-256-GCM-SIV (1350 bytes) | (12489.6 ops/sec): 16.9 MB/s | (61124.5 ops/sec): 82.5 MB/s |
|
||
|
|AES-256-GCM-SIV (8192 bytes) | (2182.7 ops/sec): 17.9 MB/s | (10936.1 ops/sec): 89.6 MB/s |
|
||
|
|AES-128-GCM-SIV (16 bytes) | (239698.0 ops/sec): 3.8 MB/s | (733661.0 ops/sec): 11.7 MB/s |
|
||
|
|AES-128-GCM-SIV (1350 bytes) | (14616.0 ops/sec): 19.7 MB/s | (65984.0 ops/sec): 89.1 MB/s |
|
||
|
|AES-128-GCM-SIV (8192 bytes) | (2529.8 ops/sec): 20.7 MB/s | (11745.7 ops/sec): 96.2 MB/s |
|
||
|
|AES-256-GCM-SIV (16 bytes) | (170826.1 ops/sec): 2.7 MB/s | (626465.6 ops/sec): 10.0 MB/s |
|
||
|
|AES-256-GCM-SIV (1350 bytes) | (12474.8 ops/sec): 16.8 MB/s | (60595.5 ops/sec): 81.8 MB/s |
|
||
|
|AES-256-GCM-SIV (8192 bytes) | (2182.1 ops/sec): 17.9 MB/s | (10841.9 ops/sec): 88.8 MB/s |
|
||
|
|AES-128-CCM-Bluetooth (16 bytes) | (438558.8 ops/sec): 7.0 MB/s | (1405567.1 ops/sec): 22.5 MB/s |
|
||
|
|AES-128-CCM-Bluetooth (1350 bytes) | (14776.5 ops/sec): 19.9 MB/s | (140168.4 ops/sec): 189.2 MB/s |
|
||
|
|AES-128-CCM-Bluetooth (8192 bytes) | (2498.7 ops/sec): 20.5 MB/s | (25890.2 ops/sec): 212.1 MB/s |
|
||
|
|SHA-1 (16 bytes) | (1244563.2 ops/sec): 19.9 MB/s | (2567122.0 ops/sec): 41.1 MB/s |
|
||
|
|SHA-1 (256 bytes) | (341934.0 ops/sec): 87.5 MB/s | (1162590.8 ops/sec): 297.6 MB/s |
|
||
|
|SHA-1 (8192 bytes) | (14574.3 ops/sec): 119.4 MB/s | (66844.3 ops/sec): 547.6 MB/s |
|
||
|
|SHA-256 (16 bytes) | (691326.6 ops/sec): 11.1 MB/s | (2431927.0 ops/sec): 38.9 MB/s |
|
||
|
|SHA-256 (256 bytes) | (166138.9 ops/sec): 42.5 MB/s | (1120621.2 ops/sec): 286.9 MB/s |
|
||
|
|SHA-256 (8192 bytes) | (6824.7 ops/sec): 55.9 MB/s | (63214.7 ops/sec): 517.9 MB/s |
|
||
|
|SHA-512 (16 bytes) | (688007.9 ops/sec): 11.0 MB/s | (729988.3 ops/sec): 11.7 MB/s |
|
||
|
|SHA-512 (256 bytes) | (272146.5 ops/sec): 69.7 MB/s | (289178.7 ops/sec): 74.0 MB/s |
|
||
|
|SHA-512 (8192 bytes) | (14014.7 ops/sec): 114.8 MB/s | (14759.6 ops/sec): 120.9 MB/s |
|
||
|
|RNG (16 bytes) | (137217.4 ops/sec): 2.2 MB/s | (249239.3 ops/sec): 4.0 MB/s |
|
||
|
|RNG (256 bytes) | (69898.9 ops/sec): 17.9 MB/s | (224698.5 ops/sec): 57.5 MB/s |
|
||
|
|RNG (8192 bytes) | (4058.7 ops/sec): 33.2 MB/s | (55705.4 ops/sec): 456.3 MB/s |
|
||
|
|ECDH P-224 operations | (151.0 ops/sec) | (1602.4 ops/sec) |
|
||
|
|ECDH P-256 operations | (594.7 ops/sec) | (642.8 ops/sec) |
|
||
|
|ECDH P-384 operations | (59.0 ops/sec) | (97.4 ops/sec) |
|
||
|
|ECDH P-521 operations | (27.1 ops/sec) | (43.4 ops/sec) |
|
||
|
|ECDSA P-224 signing | (277.8 ops/sec) | (3312.7 ops/sec) |
|
||
|
|ECDSA P-224 verify | (241.2 ops/sec) | (1451.7 ops/sec) |
|
||
|
|ECDSA P-256 signing | (1396.6 ops/sec) | (1738.5 ops/sec) |
|
||
|
|ECDSA P-256 verify | (672.1 ops/sec) | (704.2 ops/sec) |
|
||
|
|ECDSA P-384 signing | (107.0 ops/sec) | (177.6 ops/sec) |
|
||
|
|ECDSA P-384 verify | (94.4 ops/sec) | (156.9 ops/sec) |
|
||
|
|ECDSA P-521 signing | (49.0 ops/sec) | (78.2 ops/sec) |
|
||
|
|ECDSA P-521 verify | (43.8 ops/sec) | (70.8 ops/sec) |
|
||
|
|
||
|
Performance measures provided by ``benchmark``:
|
||
|
|
||
|
| Algo | Small | Normal |
|
||
|
|-------------------------------|----------------------|----------------------|
|
||
|
|MD5 | 131223 KiB/s | 131761 KiB/s |
|
||
|
|RIPEMD160 | 81451 KiB/s | 89899 KiB/s |
|
||
|
|SHA-1 | 104117 KiB/s | 104375 KiB/s |
|
||
|
|SHA-256 | 46809 KiB/s | 52044 KiB/s |
|
||
|
|SHA-512 | 56760 KiB/s | 57648 KiB/s |
|
||
|
|ARC4 | 65014 KiB/s | 65023 KiB/s |
|
||
|
|3DES | 7785 KiB/s | 7885 KiB/s |
|
||
|
|DES | 19071 KiB/s | 19512 KiB/s |
|
||
|
|AES-CBC-128 | 32460 KiB/s | 35995 KiB/s |
|
||
|
|AES-CBC-192 | 28392 KiB/s | 31044 KiB/s |
|
||
|
|AES-CBC-256 | 25213 KiB/s | 27296 KiB/s |
|
||
|
|AES-GCM-128 | 16399 KiB/s | 16398 KiB/s |
|
||
|
|AES-GCM-192 | 15272 KiB/s | 15271 KiB/s |
|
||
|
|AES-GCM-256 | 14287 KiB/s | 14286 KiB/s |
|
||
|
|AES-CCM-128 | 15824 KiB/s | 15887 KiB/s |
|
||
|
|AES-CCM-192 | 13853 KiB/s | 13899 KiB/s |
|
||
|
|AES-CCM-256 | 12315 KiB/s | 12356 KiB/s |
|
||
|
|CAMELLIA-CBC-128 | 19735 KiB/s | 26762 KiB/s |
|
||
|
|CAMELLIA-CBC-192 | 15458 KiB/s | 20839 KiB/s |
|
||
|
|CAMELLIA-CBC-256 | 15459 KiB/s | 20839 KiB/s |
|
||
|
|BLOWFISH-CBC-128 | 25188 KiB/s | 28955 KiB/s |
|
||
|
|BLOWFISH-CBC-192 | 25189 KiB/s | 28954 KiB/s |
|
||
|
|BLOWFISH-CBC-256 | 25183 KiB/s | 28955 KiB/s |
|
||
|
|CTR_DRBG (NOPR) | 27122 KiB/s | 27050 KiB/s |
|
||
|
|CTR_DRBG (PR) | 18397 KiB/s | 19111 KiB/s |
|
||
|
|HMAC_DRBG SHA-1 (NOPR) | 6746 KiB/s | 6968 KiB/s |
|
||
|
|HMAC_DRBG SHA-1 (PR) | 6208 KiB/s | 6426 KiB/s |
|
||
|
|HMAC_DRBG SHA-256 (NOPR) | 5321 KiB/s | 5795 KiB/s |
|
||
|
|HMAC_DRBG SHA-256 (PR) | 4657 KiB/s | 5083 KiB/s |
|
||
|
|RSA-2048 | 652 public/s | 653 public/s |
|
||
|
|RSA-2048 | 17 private/s | 17 private/s |
|
||
|
|RSA-4096 | 168 public/s | 168 public/s |
|
||
|
|RSA-4096 | 3 private/s | 3 private/s |
|
||
|
|DHE-2048 | 3 handshake/s | 3 handshake/s |
|
||
|
|DH-2048 | 5 handshake/s | 6 handshake/s |
|
||
|
|DHE-3072 | 1 handshake/s | 1 handshake/s |
|
||
|
|DH-3072 | 2 handshake/s | 2 handshake/s |
|
||
|
|ECDSA-secp521r1 | 70 sign/s | 74 sign/s |
|
||
|
|ECDSA-brainpoolP512r1 | 8 sign/s | 9 sign/s |
|
||
|
|ECDSA-secp384r1 | 126 sign/s | 133 sign/s |
|
||
|
|ECDSA-brainpoolP384r1 | 16 sign/s | 18 sign/s |
|
||
|
|ECDSA-secp256r1 | 189 sign/s | 195 sign/s |
|
||
|
|ECDSA-secp256k1 | 176 sign/s | 189 sign/s |
|
||
|
|ECDSA-brainpoolP256r1 | 27 sign/s | 31 sign/s |
|
||
|
|ECDSA-secp224r1 | 277 sign/s | 291 sign/s |
|
||
|
|ECDSA-secp224k1 | 216 sign/s | 230 sign/s |
|
||
|
|ECDSA-secp192r1 | 329 sign/s | 352 sign/s |
|
||
|
|ECDSA-secp192k1 | 264 sign/s | 277 sign/s |
|
||
|
|ECDSA-secp521r1 | 19 verify/s | 21 verify/s |
|
||
|
|ECDSA-brainpoolP512r1 | 2 verify/s | 2 verify/s |
|
||
|
|ECDSA-secp384r1 | 35 verify/s | 36 verify/s |
|
||
|
|ECDSA-brainpoolP384r1 | 4 verify/s | 4 verify/s |
|
||
|
|ECDSA-secp256r1 | 54 verify/s | 57 verify/s |
|
||
|
|ECDSA-secp256k1 | 53 verify/s | 57 verify/s |
|
||
|
|ECDSA-brainpoolP256r1 | 7 verify/s | 8 verify/s |
|
||
|
|ECDSA-secp224r1 | 82 verify/s | 86 verify/s |
|
||
|
|ECDSA-secp224k1 | 63 verify/s | 67 verify/s |
|
||
|
|ECDSA-secp192r1 | 102 verify/s | 110 verify/s |
|
||
|
|ECDSA-secp192k1 | 77 verify/s | 82 verify/s |
|
||
|
|ECDHE-secp521r1 | 20 handshake/s | 21 handshake/s |
|
||
|
|ECDHE-brainpoolP512r1 | 2 handshake/s | 2 handshake/s |
|
||
|
|ECDHE-secp384r1 | 37 handshake/s | 39 handshake/s |
|
||
|
|ECDHE-brainpoolP384r1 | 4 handshake/s | 4 handshake/s |
|
||
|
|ECDHE-secp256r1 | 57 handshake/s | 60 handshake/s |
|
||
|
|ECDHE-secp256k1 | 56 handshake/s | 60 handshake/s |
|
||
|
|ECDHE-brainpoolP256r1 | 7 handshake/s | 8 handshake/s |
|
||
|
|ECDHE-secp224r1 | 89 handshake/s | 92 handshake/s |
|
||
|
|ECDHE-secp224k1 | 67 handshake/s | 71 handshake/s |
|
||
|
|ECDHE-secp192r1 | 111 handshake/s | 118 handshake/s |
|
||
|
|ECDHE-secp192k1 | 83 handshake/s | 87 handshake/s |
|
||
|
|ECDHE-Curve25519 | 41 handshake/s | 41 handshake/s |
|
||
|
|ECDH-secp521r1 | 27 handshake/s | 28 handshake/s |
|
||
|
|ECDH-brainpoolP512r1 | 3 handshake/s | 3 handshake/s |
|
||
|
|ECDH-secp384r1 | 49 handshake/s | 51 handshake/s |
|
||
|
|ECDH-brainpoolP384r1 | 5 handshake/s | 5 handshake/s |
|
||
|
|ECDH-secp256r1 | 77 handshake/s | 81 handshake/s |
|
||
|
|ECDH-secp256k1 | 78 handshake/s | 82 handshake/s |
|
||
|
|ECDH-brainpoolP256r1 | 9 handshake/s | 11 handshake/s |
|
||
|
|ECDH-secp224r1 | 121 handshake/s | 126 handshake/s |
|
||
|
|ECDH-secp224k1 | 91 handshake/s | 97 handshake/s |
|
||
|
|ECDH-secp192r1 | 150 handshake/s | 159 handshake/s |
|
||
|
|ECDH-secp192k1 | 113 handshake/s | 120 handshake/s |
|
||
|
|ECDH-Curve25519 | 80 handshake/s | 82 handshake/s |
|
||
|
|