dh-speed: Include the get_my_public_value() call in public exponent timing
[strongswan.git] / scripts / crypt_burn.c
index 138fcb2..3bd36d2 100644 (file)
@@ -16,7 +16,7 @@
 #include <stdio.h>
 #include <library.h>
 
-static int burn_crypter(const proposal_token_t *token, u_int limit)
+static int burn_crypter(const proposal_token_t *token, u_int limit, u_int len)
 {
        chunk_t iv, key, data;
        crypter_t *crypter;
@@ -34,7 +34,7 @@ static int burn_crypter(const proposal_token_t *token, u_int limit)
 
        iv = chunk_alloc(crypter->get_iv_size(crypter));
        memset(iv.ptr, 0xFF, iv.len);
-       data = chunk_alloc(round_up(1024, crypter->get_block_size(crypter)));
+       data = chunk_alloc(round_up(len, crypter->get_block_size(crypter)));
        memset(data.ptr, 0xDD, data.len);
        key = chunk_alloc(crypter->get_key_size(crypter));
        memset(key.ptr, 0xAA, key.len);
@@ -68,7 +68,7 @@ static int burn_crypter(const proposal_token_t *token, u_int limit)
        return ok;
 }
 
-static bool burn_aead(const proposal_token_t *token, u_int limit)
+static bool burn_aead(const proposal_token_t *token, u_int limit, u_int len)
 {
        chunk_t iv, key, data, dataicv, assoc;
        aead_t *aead;
@@ -86,7 +86,7 @@ static bool burn_aead(const proposal_token_t *token, u_int limit)
 
        iv = chunk_alloc(aead->get_iv_size(aead));
        memset(iv.ptr, 0xFF, iv.len);
-       dataicv = chunk_alloc(round_up(1024, aead->get_block_size(aead)) +
+       dataicv = chunk_alloc(round_up(len, aead->get_block_size(aead)) +
                                                  aead->get_icv_size(aead));
        data = chunk_create(dataicv.ptr, dataicv.len - aead->get_icv_size(aead));
        memset(data.ptr, 0xDD, data.len);
@@ -120,6 +120,57 @@ static bool burn_aead(const proposal_token_t *token, u_int limit)
        free(iv.ptr);
        free(data.ptr);
        free(key.ptr);
+       free(assoc.ptr);
+
+       return ok;
+}
+
+static int burn_signer(const proposal_token_t *token, u_int limit, u_int len)
+{
+       chunk_t  key, data, sig;
+       signer_t *signer;
+       int i = 0;
+       bool ok;
+
+       signer = lib->crypto->create_signer(lib->crypto, token->algorithm);
+       if (!signer)
+       {
+               fprintf(stderr, "%N not supported\n",
+                               integrity_algorithm_names, token->algorithm);
+               return FALSE;
+       }
+
+       data = chunk_alloc(len);
+       memset(data.ptr, 0xDD, data.len);
+       key = chunk_alloc(signer->get_key_size(signer));
+       memset(key.ptr, 0xAA, key.len);
+       sig = chunk_alloc(signer->get_block_size(signer));
+
+       ok = signer->set_key(signer, key);
+       while (ok)
+       {
+               if (!signer->get_signature(signer, data, sig.ptr))
+               {
+                       fprintf(stderr, "creating signature failed!\n");
+                       ok = FALSE;
+                       break;
+               }
+               if (!signer->verify_signature(signer, data, sig))
+               {
+                       fprintf(stderr, "verifying signature failed!\n");
+                       ok = FALSE;
+                       break;
+               }
+               if (limit && ++i == limit)
+               {
+                       break;
+               }
+       }
+       signer->destroy(signer);
+
+       free(data.ptr);
+       free(key.ptr);
+       free(sig.ptr);
 
        return ok;
 }
@@ -127,7 +178,7 @@ static bool burn_aead(const proposal_token_t *token, u_int limit)
 int main(int argc, char *argv[])
 {
        const proposal_token_t *token;
-       int limit = 0;
+       u_int limit = 0, len = 1024;
        bool ok;
 
        library_init(NULL, "crypt_burn");
@@ -138,12 +189,17 @@ int main(int argc, char *argv[])
 
        if (argc < 2)
        {
-               fprintf(stderr, "usage: %s <algorithm>!\n", argv[0]);
+               fprintf(stderr, "usage: %s <algorithm> [buflen=%u] [rounds=%u]\n",
+                               argv[0], len, limit);
                return 1;
        }
        if (argc > 2)
        {
-               limit = atoi(argv[2]);
+               len = atoi(argv[2]);
+       }
+       if (argc > 3)
+       {
+               limit = atoi(argv[3]);
        }
 
        token = lib->proposal->get_token(lib->proposal, argv[1]);
@@ -158,13 +214,16 @@ int main(int argc, char *argv[])
                case ENCRYPTION_ALGORITHM:
                        if (encryption_algorithm_is_aead(token->algorithm))
                        {
-                               ok = burn_aead(token, limit);
+                               ok = burn_aead(token, limit, len);
                        }
                        else
                        {
-                               ok = burn_crypter(token, limit);
+                               ok = burn_crypter(token, limit, len);
                        }
                        break;
+               case INTEGRITY_ALGORITHM:
+                       ok = burn_signer(token, limit, len);
+                       break;
                default:
                        fprintf(stderr, "'%s' is not a crypter/aead algorithm!\n", argv[1]);
                        ok = FALSE;