fix(ci): Update UT to verify fast psk calculations

Also update some comments
2025-03-09 09:09:10 -04:00 · 2025-01-08 12:12:43 +05:30 · 2025-01-08 12:12:43 +05:30 · a8e5fd4b86
commit a8e5fd4b86
parent 700f62e206
2 changed files with 63 additions and 21 deletions
--- a/components/wpa_supplicant/esp_supplicant/src/crypto/crypto_mbedtls.c
+++ b/components/wpa_supplicant/esp_supplicant/src/crypto/crypto_mbedtls.c
@ -752,6 +752,9 @@ int pbkdf2_sha1(const char *passphrase, const u8 *ssid, size_t ssid_len,
                int iterations, u8 *buf, size_t buflen)
 {
 #ifdef CONFIG_FAST_PBKDF2
+    /* For ESP32: Using pbkdf2_hmac_sha1() because esp_fast_psk() utilizes hardware,
+     * but for ESP32, the SHA1 hardware implementation is slower than the software implementation.
+     */
 #if CONFIG_IDF_TARGET_ESP32
    fastpbkdf2_hmac_sha1((const u8 *) passphrase, os_strlen(passphrase),
                         ssid, ssid_len, iterations, buf, buflen);
--- a/components/wpa_supplicant/test_apps/main/test_fast_pbkdf2.c
+++ b/components/wpa_supplicant/test_apps/main/test_fast_pbkdf2.c
@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2023-2025 Espressif Systems (Shanghai) CO LTD
 *
 * SPDX-License-Identifier: Unlicense OR CC0-1.0
 */
@ -12,6 +12,15 @@
 #include "test_wpa_supplicant_common.h"

 #define PMK_LEN 32
+#define NUM_ITERATIONS 15
+#define MIN_PASSPHARSE_LEN 8
+
+void fastpbkdf2_hmac_sha1(const uint8_t *pw, size_t npw,
+                          const uint8_t *salt, size_t nsalt,
+                          uint32_t iterations,
+                          uint8_t *out, size_t nout);
+
+int64_t esp_timer_get_time(void);

 TEST_CASE("Test pbkdf2", "[crypto-pbkdf2]")
 {
@ -40,29 +49,59 @@ TEST_CASE("Test pbkdf2", "[crypto-pbkdf2]")
                                  strlen("espressif2"), 4096, PMK_LEN, expected_pmk);
    TEST_ASSERT(memcmp(PMK, expected_pmk, PMK_LEN) == 0);

-    /* Calculate PMK using random ssid and passphrase and compare */
-    os_memset(ssid, 0, MAX_SSID_LEN);
-    os_memset(passphrase, 0, MAX_PASSPHRASE_LEN);
-    ssid_len = os_random();
-    ssid_len %= MAX_SSID_LEN;
+    int64_t total_time_pbkdf2 = 0;  // Variable to store total time for pbkdf2_sha1
+    int64_t total_time_mbedtls = 0;
+    int64_t total_time_fast_pbkdf2 = 0;
+    int i;
+    for (i = 0; i < NUM_ITERATIONS; i++) {
+        /* Calculate PMK using random ssid and passphrase and compare */
+        os_memset(ssid, 0, MAX_SSID_LEN);
+        os_memset(passphrase, 0, MAX_PASSPHRASE_LEN);
+        ssid_len = os_random();
+        ssid_len %= MAX_SSID_LEN;

-    os_get_random(ssid, ssid_len);
+        os_get_random(ssid, ssid_len);

-    passphrase_len = os_random();
-    passphrase_len %= MAX_PASSPHRASE_LEN;
+        passphrase_len = os_random();
+        passphrase_len %= MAX_PASSPHRASE_LEN;
+        if (passphrase_len < MIN_PASSPHARSE_LEN) {
+            passphrase_len += MIN_PASSPHARSE_LEN;
+        }

-    os_get_random(passphrase, passphrase_len);
-    pbkdf2_sha1((char *)passphrase, ssid, ssid_len, 4096, PMK, PMK_LEN);
-    mbedtls_pkcs5_pbkdf2_hmac_ext(MBEDTLS_MD_SHA1, (const unsigned char *) passphrase,
-                                  strlen((char *)passphrase), (const unsigned char *)ssid,
-                                  ssid_len, 4096, PMK_LEN, expected_pmk);
+        os_get_random(passphrase, passphrase_len);
+        int64_t start_time = esp_timer_get_time();
+        pbkdf2_sha1((char *)passphrase, ssid, ssid_len, 4096, PMK, PMK_LEN);
+        int64_t end_time = esp_timer_get_time();
+        total_time_pbkdf2 += (end_time - start_time);
+        start_time = esp_timer_get_time();
+        mbedtls_pkcs5_pbkdf2_hmac_ext(MBEDTLS_MD_SHA1, (const unsigned char *) passphrase,
+                                      strlen((char *)passphrase), (const unsigned char *)ssid,
+                                      ssid_len, 4096, PMK_LEN, expected_pmk);
+        end_time = esp_timer_get_time();
+        total_time_mbedtls += (end_time - start_time);
+        /* Dump values if fails */
+        if (memcmp(PMK, expected_pmk, PMK_LEN) != 0) {
+            ESP_LOG_BUFFER_HEXDUMP("passphrase", passphrase, passphrase_len, ESP_LOG_INFO);
+            ESP_LOG_BUFFER_HEXDUMP("ssid", ssid, ssid_len, ESP_LOG_INFO);
+            ESP_LOG_BUFFER_HEXDUMP("PMK", PMK, PMK_LEN, ESP_LOG_INFO);
+            ESP_LOG_BUFFER_HEXDUMP("expected_pmk", expected_pmk, PMK_LEN, ESP_LOG_INFO);
+        }
+        TEST_ASSERT(memcmp(PMK, expected_pmk, PMK_LEN) == 0);

-    /* Dump values if fails */
-    if (memcmp(PMK, expected_pmk, PMK_LEN) != 0) {
-        ESP_LOG_BUFFER_HEXDUMP("passphrase", passphrase, passphrase_len, ESP_LOG_INFO);
-        ESP_LOG_BUFFER_HEXDUMP("ssid", ssid, ssid_len, ESP_LOG_INFO);
-        ESP_LOG_BUFFER_HEXDUMP("PMK", PMK, PMK_LEN, ESP_LOG_INFO);
-        ESP_LOG_BUFFER_HEXDUMP("expected_pmk", expected_pmk, PMK_LEN, ESP_LOG_INFO);
+        start_time = esp_timer_get_time();
+        fastpbkdf2_hmac_sha1((const u8 *)passphrase, os_strlen((char *)passphrase), ssid, ssid_len, 4096, PMK, PMK_LEN);
+        end_time = esp_timer_get_time();
+        total_time_fast_pbkdf2 += (end_time - start_time);
    }
-    TEST_ASSERT(memcmp(PMK, expected_pmk, PMK_LEN) == 0);
+
+    // Calculate average time for pbkdf2_sha1
+    int64_t avg_time_pbkdf2 = total_time_pbkdf2 / NUM_ITERATIONS;
+    // Calculate average time for mbedtls_pkcs5_pbkdf2_hmac_ext
+    int64_t avg_time_mbedtls = total_time_mbedtls / NUM_ITERATIONS;
+    int64_t avg_time_fast = total_time_fast_pbkdf2 / NUM_ITERATIONS;
+
+    // Log average times
+    ESP_LOGI("Timing", "Average time for pbkdf2_sha1: %lld microseconds", avg_time_pbkdf2);
+    ESP_LOGI("Timing", "Average time for fast_pbkdf2_sha1: %lld microseconds", avg_time_fast);
+    ESP_LOGI("Timing", "Average time for mbedtls_pkcs5_pbkdf2_hmac_ext: %lld microseconds", avg_time_mbedtls);
 }