projects / strongswan.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
android: Pass the type of VPN to the native parts
[strongswan.git] / scripts / pubkey_speed.c
1
2 #include <stdio.h>
3 #include <time.h>
4 #include <library.h>
5 #include <debug.h>
6 #include <credentials/keys/private_key.h>
7
8 void start_timing(struct timespec *start)
9 {
10 clock_gettime(CLOCK_THREAD_CPUTIME_ID, start);
11 }
12
13 double end_timing(struct timespec *start)
14 {
15 struct timespec end;
16
17 clock_gettime(CLOCK_THREAD_CPUTIME_ID, &end);
18 return (end.tv_nsec - start->tv_nsec) / 1000000000.0 +
19 (end.tv_sec - start->tv_sec) * 1.0;
20 }
21
22 static void usage()
23 {
24 printf("usage: pubkey_speed plugins rsa|ecdsa rounds\n");
25 exit(1);
26 }
27
28 int main(int argc, char *argv[])
29 {
30 private_key_t *private;
31 public_key_t *public;
32 struct timespec timing;
33 int round, rounds, read;
34 char buf[8096], *pos = buf;
35 key_type_t type = KEY_ANY;
36 signature_scheme_t scheme = SIGN_UNKNOWN;
37 chunk_t keydata, *sigs, data;
38
39 if (argc < 4)
40 {
41 usage();
42 }
43
44 rounds = atoi(argv[3]);
45
46 if (streq(argv[2], "rsa"))
47 {
48 type = KEY_RSA;
49 scheme = SIGN_RSA_EMSA_PKCS1_SHA1;
50 }
51 else if (streq(argv[2], "ecdsa"))
52 {
53 type = KEY_ECDSA;
54 }
55 else
56 {
57 usage();
58 }
59
60 library_init(NULL);
61 lib->plugins->load(lib->plugins, NULL, argv[1]);
62 atexit(library_deinit);
63
64 keydata = chunk_create(buf, 0);
65 while ((read = fread(pos, 1, sizeof(buf) - (pos - buf), stdin)))
66 {
67 pos += read;
68 keydata.len += read;
69 }
70
71 private = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, type,
72 BUILD_BLOB_PEM, keydata, BUILD_END);
73 if (!private)
74 {
75 printf("parsing private key failed.\n");
76 exit(1);
77 }
78 if (type == KEY_ECDSA)
79 {
80 switch (private->get_keysize(private))
81 {
82 case 256:
83 scheme = SIGN_ECDSA_256;
84 break;
85 case 384:
86 scheme = SIGN_ECDSA_384;
87 break;
88 case 521:
89 scheme = SIGN_ECDSA_521;
90 break;
91 default:
92 printf("%d bit ECDSA private key size not supported",
93 private->get_keysize(private));
94 exit(1);
95 }
96 }
97
98 printf("%4d bit %N: ", private->get_keysize(private),
99 key_type_names, type);
100
101 sigs = malloc(sizeof(chunk_t) * rounds);
102
103 data = chunk_from_chars(0x01,0x02,0x03,0x04,0x05,0x06,0x07);
104 start_timing(&timing);
105 for (round = 0; round < rounds; round++)
106 {
107 if (!private->sign(private, scheme, data, &sigs[round]))
108 {
109 printf("creating signature failed\n");
110 exit(1);
111 }
112 };
113 printf("sign()/s: %8.1f ", rounds / end_timing(&timing));
114
115 public = private->get_public_key(private);
116 if (!public)
117 {
118 printf("extracting public key failed\n");
119 exit(1);
120 }
121 start_timing(&timing);
122 for (round = 0; round < rounds; round++)
123 {
124 if (!public->verify(public, scheme, data, sigs[round]))
125 {
126 printf("signature verification failed\n");
127 exit(1);
128 }
129 }
130 printf("verify()/s: %8.1f\n", rounds / end_timing(&timing));
131 public->destroy(public);
132 private->destroy(private);
133
134 for (round = 0; round < rounds; round++)
135 {
136 free(sigs[round].ptr);
137 }
138 free(sigs);
139 return 0;
140 }
141
strongSwan - IPsec VPN