Somehow my previous reply was hidden by spambot (probably because of the link to the github repo). I don’t have a specific benchmarking tool. Just cloned the CardContact/sc-hsm-embedded project and made some small modifications to the test source code (src/tests/sc-hsm-pkcs11-test.c)
--- sc-hsm-pkcs11-test.c_OLD 2023-01-16 15:12:46.788364355 +0100
+++ sc-hsm-pkcs11-test.c_NEW 2023-01-16 15:12:43.295038445 +0100
@@ -37,6 +37,7 @@
#include <string.h>
#include <ctype.h>
#include <time.h>
+#include <sys/time.h>
#include <sc-hsm/sc-hsm-pkcs11.h>
@@ -1050,8 +1051,8 @@
char *tbs = "Hello World.....";
CK_BYTE signature[512];
- CK_BYTE plain[1216];
- CK_BYTE ciphertext[1216];
+ CK_BYTE plain[32];
+ CK_BYTE ciphertext[32];
CK_BYTE iv[16];
CK_ULONG len;
char scr[1024];
@@ -1102,8 +1103,17 @@
printf("Calling C_Encrypt()");
+ struct timeval start, end;
+ gettimeofday(&start, NULL);
rc = p11->C_Encrypt(session, plain, sizeof(plain), ciphertext, &len);
+ // stop timer.
+ gettimeofday(&end, NULL);
+ // Calculating total time taken by the program.
+
printf("- %s : %s\n", id2name(p11CKRName, rc, 0, namebuf), verdict(rc == CKR_OK));
+ printf("Encrypt took : %ld micro seconds\n",
+ ((end.tv_sec * 1000000 + end.tv_usec) -
+ (start.tv_sec * 1000000 + start.tv_usec)));
bin2str(scr, sizeof(scr), ciphertext, len);
printf("Ciphertext:\n%s\n", scr);
@@ -1750,8 +1760,17 @@
rc = p11->C_GenerateKey(session, &mech_genaes, secretKeyTemplate, secretKeyAttributes, &hndBaseKey);
printf("- %s : %s\n", id2name(p11CKRName, rc, 0, namebuf), verdict(rc == CKR_OK));
+ struct timeval start, end;
+ gettimeofday(&start, NULL);
rc = p11->C_DeriveKey(session, &mech_derive, hndBaseKey, deriveTemplate, derivedAttributes, &hndDerivedKey);
+ // stop timer.
+ gettimeofday(&end, NULL);
+ // Calculating total time taken by the program.
+
printf("- %s : %s\n", id2name(p11CKRName, rc, 0, namebuf), verdict(rc == CKR_OK));
+ printf("Derivation took : %ld micro seconds\n",
+ ((end.tv_sec * 1000000 + end.tv_usec) -
+ (start.tv_sec * 1000000 + start.tv_usec)));
if (rc == CKR_OK) {
printf("Derived Secret Key:\n");
After compiling I just run the test with src/tests/sc-hsm-pkcs11-test --module src/pkcs11/.libs/libsc-hsm-pkcs11.so --pin <user_pin> --invasive
. Beware that to run the encrypt and key generation tests --invasive is required.