trezor · onvej-sl · Oct 11, 2024 · Aug 8, 2024 · Aug 8, 2024 · Aug 8, 2024
@@ -0,0 +1,42 @@
+syntax = "proto2";
+package hw.trezor.messages.bitcoin;
+
+// Sugar for easier handling in Java
+option java_package = "com.satoshilabs.trezor.lib.protobuf";
+option java_outer_classname = "TrezorMessageBenchmark";
+
+/**
+ * Request: Ask device for a list of names of all supported benchmarks
+ * @start
+ * @next Benchmarks
+ * @next Failure
+ */
+message BenchmarkListNames {
+}
+
+/**
+ * Response: Contains the list of names of all supported benchmarks
+ * @end
+ */
+message BenchmarkNames {
+    repeated string names = 1;
+}
+
+/**
+ * Request: Ask device to run a benchmark
+ * @start
+ * @next BenchmarkResult
+ * @next Failure
+ */
+message BenchmarkRun {
+    optional string name = 1;
+}
+
+/**
+ * Response: Contains the result of the benchmark
+ * @end
+ */
+message BenchmarkResult {
+    optional string value = 1;
+    optional string unit = 3;
+}
@@ -376,4 +376,10 @@ enum MessageType {
     MessageType_SolanaAddress = 903 [(wire_out) = true];
     MessageType_SolanaSignTx = 904 [(wire_in) = true];
     MessageType_SolanaTxSignature = 905 [(wire_out) = true];
+
+    // Benchmark
+    MessageType_BenchmarkListNames = 9100 [(bitcoin_only) = true];
+    MessageType_BenchmarkNames = 9101 [(bitcoin_only) = true];
+    MessageType_BenchmarkRun = 9102 [(bitcoin_only) = true];
+    MessageType_BenchmarkResult = 9103 [(bitcoin_only) = true];
 }
diff --git a/core/.changelog.d/4101.added b/core/.changelog.d/4101.added
@@ -0,0 +1 @@
+Added benchmark application.
diff --git a/core/Makefile b/core/Makefile
@@ -40,6 +40,7 @@ PYTEST_TIMEOUT ?= 500
 TEST_LANG ?= "en"
 NEW_RENDERING ?= 1
 THP ?= 0
+BENCHMARK ?= 0
 
 # OpenOCD interface default. Alternative: ftdi/olimex-arm-usb-tiny-h
 OPENOCD_INTERFACE ?= stlink
@@ -291,25 +292,26 @@ build_firmware: templates build_cross build_kernel ## build firmware with frozen
 		PYOPT="$(PYOPT)" BITCOIN_ONLY="$(BITCOIN_ONLY)" \
 		BOOTLOADER_QA="$(BOOTLOADER_QA)" BOOTLOADER_DEVEL="$(BOOTLOADER_DEVEL)" \
 		DISABLE_OPTIGA="$(DISABLE_OPTIGA)" THP="$(THP)" NEW_RENDERING="$(NEW_RENDERING)" \
-		$(FIRMWARE_BUILD_DIR)/firmware.bin
+		BENCHMARK="$(BENCHMARK)" $(FIRMWARE_BUILD_DIR)/firmware.bin
 
 build_unix: templates ## build unix port
 	$(SCONS) CFLAGS="$(CFLAGS)" $(UNIX_BUILD_DIR)/trezor-emu-core $(UNIX_PORT_OPTS) \
 		TREZOR_MODEL="$(TREZOR_MODEL)" CMAKELISTS="$(CMAKELISTS)" THP="$(THP)" \
 		PYOPT="0" BITCOIN_ONLY="$(BITCOIN_ONLY)" TREZOR_EMULATOR_ASAN="$(ADDRESS_SANITIZER)" \
-		NEW_RENDERING="$(NEW_RENDERING)"
+		NEW_RENDERING="$(NEW_RENDERING)" BENCHMARK="$(BENCHMARK)"
 
 build_unix_frozen: templates build_cross ## build unix port with frozen modules
 	$(SCONS) CFLAGS="$(CFLAGS)" $(UNIX_BUILD_DIR)/trezor-emu-core $(UNIX_PORT_OPTS) \
 		TREZOR_MODEL="$(TREZOR_MODEL)" CMAKELISTS="$(CMAKELISTS)" \
 		PYOPT="$(PYOPT)" BITCOIN_ONLY="$(BITCOIN_ONLY)" TREZOR_EMULATOR_ASAN="$(ADDRESS_SANITIZER)" \
-		TREZOR_MEMPERF="$(TREZOR_MEMPERF)" TREZOR_EMULATOR_FROZEN=1 NEW_RENDERING="$(NEW_RENDERING)"
+		TREZOR_MEMPERF="$(TREZOR_MEMPERF)" TREZOR_EMULATOR_FROZEN=1 NEW_RENDERING="$(NEW_RENDERING)" \
+		BENCHMARK="$(BENCHMARK)"
 
 build_unix_debug: templates ## build unix port
 	$(SCONS) --max-drift=1 CFLAGS="$(CFLAGS)" $(UNIX_BUILD_DIR)/trezor-emu-core $(UNIX_PORT_OPTS) \
 		TREZOR_MODEL="$(TREZOR_MODEL)" CMAKELISTS="$(CMAKELISTS)" \
 		BITCOIN_ONLY="$(BITCOIN_ONLY)" TREZOR_EMULATOR_ASAN=1 TREZOR_EMULATOR_DEBUGGABLE=1 \
-		NEW_RENDERING="$(NEW_RENDERING)"
+		NEW_RENDERING="$(NEW_RENDERING)" BENCHMARK="$(BENCHMARK)"
 
 build_cross: ## build mpy-cross port
 	$(MAKE) -C vendor/micropython/mpy-cross $(CROSS_PORT_OPTS)

diff --git a/core/SConscript.firmware b/core/SConscript.firmware
@@ -17,11 +17,17 @@ HW_REVISION = ARGUMENTS.get('HW_REVISION', None)
 THP = ARGUMENTS.get('THP', '0') == '1' # Trezor-Host Protocol
 NEW_RENDERING = ARGUMENTS.get('NEW_RENDERING', '1') == '1'
 MODEL_IDENTIFIER = models.get_model_identifier(TREZOR_MODEL)
+BENCHMARK = ARGUMENTS.get('BENCHMARK', '0') == '1'
+
+if BENCHMARK and PYOPT != '0':
+  print("BENCHMARK=1 works only with PYOPT=0.")
+  exit(1)
 
 FEATURE_FLAGS = {
     "RDI": True,
     "SECP256K1_ZKP": True,  # required for trezor.crypto.curve.bip340 (BIP340/Taproot)
     "AES_GCM": False,
+    "AES_GCM": BENCHMARK,
 }
 
 FEATURES_WANTED = ["input", "sbu", "sd_card", "rgb_led", "dma2d", "consumption_mask", "usb" ,"optiga", "haptic"]
@@ -671,6 +677,9 @@ if FROZEN:
         SOURCE_PY.extend(Glob(SOURCE_PY_DIR + 'apps/bitcoin/sign_tx/zcash_v4.py'))
         SOURCE_PY.extend(Glob(SOURCE_PY_DIR + 'trezor/enums/Zcash*.py'))
 
+    if BENCHMARK:
+        SOURCE_PY.extend(Glob(SOURCE_PY_DIR + 'apps/benchmark/*.py'))
+
     source_mpy = env.FrozenModule(
         source=SOURCE_PY,
         source_dir=SOURCE_PY_DIR,

diff --git a/core/SConscript.unix b/core/SConscript.unix
@@ -11,8 +11,16 @@ CMAKELISTS = int(ARGUMENTS.get('CMAKELISTS', 0))
 HW_REVISION ='emulator'
 THP = ARGUMENTS.get('THP', '0') == '1' # Trezor-Host Protocol
 NEW_RENDERING = ARGUMENTS.get('NEW_RENDERING', '1') == '1'
+BENCHMARK = ARGUMENTS.get('BENCHMARK', '0') == '1'
+PYOPT = ARGUMENTS.get('PYOPT', '1')
+FROZEN = ARGUMENTS.get('TREZOR_EMULATOR_FROZEN', 0)
+RASPI = os.getenv('TREZOR_EMULATOR_RASPI') == '1'
 
 
+if BENCHMARK and PYOPT != '0':
+  print("BENCHMARK=1 works only with PYOPT=0.")
+  exit(1)
+
 FEATURES_WANTED = ["input", "sd_card", "dma2d", "optiga", "sbu"]
 if NEW_RENDERING:
     FEATURES_WANTED.append("new_rendering")
@@ -44,10 +52,6 @@ SOURCE_MOD = [
 SOURCE_MOD_CRYPTO = []
 RUST_UI_FEATURES = []
 
-PYOPT = ARGUMENTS.get('PYOPT', '1')
-FROZEN = ARGUMENTS.get('TREZOR_EMULATOR_FROZEN', 0)
-RASPI = os.getenv('TREZOR_EMULATOR_RASPI') == '1'
-
 # modtrezorconfig
 CPPPATH_MOD += [
     'embed/extmod/modtrezorconfig',
@@ -751,6 +755,9 @@ if FROZEN:
         SOURCE_PY.extend(Glob(SOURCE_PY_DIR + 'apps/bitcoin/sign_tx/zcash_v4.py'))
         SOURCE_PY.extend(Glob(SOURCE_PY_DIR + 'trezor/enums/Zcash*.py'))
 
+    if BENCHMARK:
+        SOURCE_PY.extend(Glob(SOURCE_PY_DIR + 'apps/benchmark/*.py'))
+
     source_mpy = env.FrozenModule(
         source=SOURCE_PY,
         source_dir=SOURCE_PY_DIR,

diff --git a/core/src/all_modules.py b/core/src/all_modules.py
diff --git a/core/src/apps/benchmark/__init__.py b/core/src/apps/benchmark/__init__.py
@@ -0,0 +1,4 @@
+if not __debug__:
+    from trezor import utils
+
+    utils.halt("Disabled in production mode")
diff --git a/core/src/apps/benchmark/benchmark.py b/core/src/apps/benchmark/benchmark.py
@@ -0,0 +1,29 @@
+import utime
+from typing import TYPE_CHECKING
+
+if TYPE_CHECKING:
+    from typing import Protocol
+
+    from trezor.messages import BenchmarkResult
+
+    class Benchmark(Protocol):
+        def prepare(self) -> None: ...
+
+        def run(self) -> None: ...
+
+        def get_result(self, duration_us: int, repetitions: int) -> BenchmarkResult: ...
+
+
+def run_benchmark(benchmark: Benchmark) -> BenchmarkResult:
+    minimum_duration_s = 1
+    minimum_duration_us = minimum_duration_s * 1000000
+    benchmark.prepare()
+    start_time_us = utime.ticks_us()
+    repetitions = 0
+    while True:
+        benchmark.run()
+        repetitions += 1
+        duration_us = utime.ticks_diff(utime.ticks_us(), start_time_us)
+        if duration_us > minimum_duration_us:
+            break
+    return benchmark.get_result(duration_us, repetitions)
diff --git a/core/src/apps/benchmark/benchmarks.py b/core/src/apps/benchmark/benchmarks.py
@@ -0,0 +1,95 @@
+from trezor.crypto import aes, aesgcm, chacha20poly1305
+from trezor.crypto.curve import curve25519, ed25519, nist256p1, secp256k1
+from trezor.crypto.hashlib import (
+    blake2b,
+    blake2s,
+    blake256,
+    groestl512,
+    ripemd160,
+    sha1,
+    sha3_256,
+    sha3_512,
+    sha256,
+    sha512,
+)
+
+from .cipher_benchmark import DecryptBenchmark, EncryptBenchmark
+from .common import random_bytes
+from .curve_benchmark import (
+    MultiplyBenchmark,
+    PublickeyBenchmark,
+    SignBenchmark,
+    VerifyBenchmark,
+)
+from .hash_benchmark import HashBenchmark
+
+
+# This is a wrapper above the trezor.crypto.curve.ed25519 module that satisfies SignCurve protocol, the modules uses `message` instead of `digest` in `sign()` and `verify()`
+class Ed25519:
+    def __init__(self):
+        pass
+
+    def generate_secret(self) -> bytes:
+        return ed25519.generate_secret()
+
+    def publickey(self, secret_key: bytes) -> bytes:
+        return ed25519.publickey(secret_key)
+
+    def sign(self, secret_key: bytes, digest: bytes) -> bytes:
+        # ed25519.sign(secret_key: bytes, message: bytes, hasher: str = "") -> bytes:
+        return ed25519.sign(secret_key, digest)
+
+    def verify(self, public_key: bytes, signature: bytes, digest: bytes) -> bool:
+        # ed25519.verify(public_key: bytes, signature: bytes, message: bytes) -> bool:
+        return ed25519.verify(public_key, signature, digest)
+
+
+benchmarks = {
+    "crypto/hash/blake2b": HashBenchmark(lambda: blake2b()),
+    "crypto/hash/blake2s": HashBenchmark(lambda: blake2s()),
+    "crypto/hash/blake256": HashBenchmark(lambda: blake256()),
+    "crypto/hash/groestl512": HashBenchmark(lambda: groestl512()),
+    "crypto/hash/ripemd160": HashBenchmark(lambda: ripemd160()),
+    "crypto/hash/sha1": HashBenchmark(lambda: sha1()),
+    "crypto/hash/sha3_256": HashBenchmark(lambda: sha3_256()),
+    "crypto/hash/sha3_512": HashBenchmark(lambda: sha3_512()),
+    "crypto/hash/sha256": HashBenchmark(lambda: sha256()),
+    "crypto/hash/sha512": HashBenchmark(lambda: sha512()),
+    "crypto/cipher/aes128-ecb/encrypt": EncryptBenchmark(
+        lambda: aes(aes.ECB, random_bytes(16), random_bytes(16)), 16
+    ),
+    "crypto/cipher/aes128-ecb/decrypt": DecryptBenchmark(
+        lambda: aes(aes.ECB, random_bytes(16), random_bytes(16)), 16
+    ),
+    "crypto/cipher/aesgcm128/encrypt": EncryptBenchmark(
+        lambda: aesgcm(random_bytes(16), random_bytes(16)), 16
+    ),
+    "crypto/cipher/aesgcm128/decrypt": DecryptBenchmark(
+        lambda: aesgcm(random_bytes(16), random_bytes(16)), 16
+    ),
+    "crypto/cipher/aesgcm256/encrypt": EncryptBenchmark(
+        lambda: aesgcm(random_bytes(32), random_bytes(16)), 16
+    ),
+    "crypto/cipher/aesgcm256/decrypt": DecryptBenchmark(
+        lambda: aesgcm(random_bytes(32), random_bytes(16)), 16
+    ),
+    "crypto/cipher/chacha20poly1305/encrypt": EncryptBenchmark(
+        lambda: chacha20poly1305(random_bytes(32), random_bytes(12)), 64
+    ),
+    "crypto/cipher/chacha20poly1305/decrypt": DecryptBenchmark(
+        lambda: chacha20poly1305(random_bytes(32), random_bytes(12)), 64
+    ),
+    "crypto/curve/secp256k1/sign": SignBenchmark(secp256k1),
+    "crypto/curve/secp256k1/verify": VerifyBenchmark(secp256k1),
+    "crypto/curve/secp256k1/publickey": PublickeyBenchmark(secp256k1),
+    "crypto/curve/secp256k1/multiply": MultiplyBenchmark(secp256k1),
+    "crypto/curve/nist256p1/sign": SignBenchmark(nist256p1),
+    "crypto/curve/nist256p1/verify": VerifyBenchmark(nist256p1),
+    "crypto/curve/nist256p1/publickey": PublickeyBenchmark(nist256p1),
+    "crypto/curve/nist256p1/multiply": MultiplyBenchmark(nist256p1),
+    "crypto/curve/ed25519/sign": SignBenchmark(Ed25519()),
+    "crypto/curve/ed25519/verify": VerifyBenchmark(Ed25519()),
+    "crypto/curve/ed25519/publickey": PublickeyBenchmark(ed25519),
+    "crypto/curve/curve25519/publickey": PublickeyBenchmark(curve25519),
+    "crypto/curve/curve25519/multiply": MultiplyBenchmark(curve25519),
+}
diff --git a/core/src/apps/benchmark/cipher_benchmark.py b/core/src/apps/benchmark/cipher_benchmark.py
@@ -0,0 +1,69 @@
+from typing import TYPE_CHECKING, Callable
+
+from trezor.messages import BenchmarkResult
+
+from .common import format_float, maximum_used_memory_in_bytes, random_bytes
+
+if TYPE_CHECKING:
+    from typing import Protocol
+
+    class CipherCtx(Protocol):
+        def encrypt(self, data: bytes) -> bytes: ...
+
+        def decrypt(self, data: bytes) -> bytes: ...
+
+
+class EncryptBenchmark:
+    def __init__(
+        self, cipher_ctx_constructor: Callable[[], CipherCtx], block_size: int
+    ):
+        self.cipher_ctx_constructor = cipher_ctx_constructor
+        self.block_size = block_size
+
+    def prepare(self):
+        self.cipher_ctx = self.cipher_ctx_constructor()
+        self.blocks_count = maximum_used_memory_in_bytes // self.block_size
+        self.iterations_count = 100
+        self.data = random_bytes(self.blocks_count * self.block_size)
+
+    def run(self):
+        for _ in range(self.iterations_count):
+            self.cipher_ctx.encrypt(self.data)
+
+    def get_result(self, duration_us: int, repetitions: int) -> BenchmarkResult:
+        value = (repetitions * self.iterations_count * len(self.data) * 1000 * 1000) / (
+            duration_us * 1024 * 1024
+        )
+
+        return BenchmarkResult(
+            value=format_float(value),
+            unit="MB/s",
+        )
+
+
+class DecryptBenchmark:
+    def __init__(
+        self, cipher_ctx_constructor: Callable[[], CipherCtx], block_size: int
+    ):
+        self.cipher_ctx_constructor = cipher_ctx_constructor
+        self.block_size = block_size
+
+    def prepare(self):
+        self.cipher_ctx = self.cipher_ctx_constructor()
+        self.blocks_count = maximum_used_memory_in_bytes // self.block_size
+        self.iterations_count = 100
+        self.data = random_bytes(self.blocks_count * self.block_size)
+
+    def run(self):
+        for _ in range(self.iterations_count):
+            self.cipher_ctx.decrypt(self.data)
+
+    def get_result(self, duration_us: int, repetitions: int) -> BenchmarkResult:
+        value = (repetitions * self.iterations_count * len(self.data) * 1000 * 1000) / (
+            duration_us * 1024 * 1024
+        )
+
+        return BenchmarkResult(
+            value=format_float(value),
+            unit="MB/s",
+        )