Added a crypto transform stress test for profiling
authorMartin Willi <martin@revosec.ch>
Thu, 19 Aug 2010 10:18:11 +0000 (12:18 +0200)
committerMartin Willi <martin@revosec.ch>
Thu, 19 Aug 2010 17:05:14 +0000 (19:05 +0200)
configure.in
scripts/.gitignore
scripts/Makefile.am
scripts/crypt_burn.c [new file with mode: 0644]

index a30ac74..e97cea7 100644 (file)
@@ -716,8 +716,8 @@ ADD_PLUGIN([agent],                [s libcharon])
 ADD_PLUGIN([pkcs11],               [s libcharon pki])
 ADD_PLUGIN([xcbc],                 [s libcharon])
 ADD_PLUGIN([hmac],                 [s libcharon pluto])
-ADD_PLUGIN([ctr],                  [s libcharon])
-ADD_PLUGIN([ccm],                  [s libcharon])
+ADD_PLUGIN([ctr],                  [s libcharon scripts])
+ADD_PLUGIN([ccm],                  [s libcharon scripts])
 ADD_PLUGIN([xauth],                [p pluto])
 ADD_PLUGIN([attr],                 [h libcharon pluto])
 ADD_PLUGIN([attr-sql],             [h libcharon pluto])
index 8ab4cc4..4b908ee 100644 (file)
@@ -6,3 +6,4 @@ keyid2sql
 thread_analysis
 dh_speed
 pubkey_speed
+crypt_burn
index 5fdb8c6..921761c 100644 (file)
@@ -1,9 +1,9 @@
 INCLUDES = -I$(top_srcdir)/src/libstrongswan
 AM_CFLAGS = \
--DPLUGINS="\"${crypto_plugins}\""
+-DPLUGINS="\"${scripts_plugins}\""
 
 noinst_PROGRAMS = bin2array bin2sql id2sql key2keyid keyid2sql \
-       thread_analysis dh_speed pubkey_speed
+       thread_analysis dh_speed pubkey_speed crypt_burn
 bin2array_SOURCES = bin2array.c
 bin2sql_SOURCES = bin2sql.c
 id2sql_SOURCES = id2sql.c
@@ -12,11 +12,13 @@ keyid2sql_SOURCES = keyid2sql.c
 thread_analysis_SOURCES = thread_analysis.c
 dh_speed_SOURCES = dh_speed.c
 pubkey_speed_SOURCES = pubkey_speed.c
+crypt_burn_SOURCES = crypt_burn.c
 id2sql_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la
 key2keyid_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la
 keyid2sql_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la
 dh_speed_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la -lrt
 pubkey_speed_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la -lrt
+crypt_burn_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la
 
 key2keyid.o :  $(top_builddir)/config.status
 
diff --git a/scripts/crypt_burn.c b/scripts/crypt_burn.c
new file mode 100644 (file)
index 0000000..25f18d4
--- /dev/null
@@ -0,0 +1,102 @@
+
+#include <stdio.h>
+#include <library.h>
+#include <crypto/proposal/proposal_keywords.h>
+
+int main(int argc, char *argv[])
+{
+       const proposal_token_t *token;
+       aead_t *aead;
+       crypter_t *crypter;
+       char buffer[1024], assoc[8], iv[32];
+       size_t bs;
+       int i = 0, limit = 0;
+
+
+       library_init(NULL);
+       lib->plugins->load(lib->plugins, NULL, PLUGINS);
+       atexit(library_deinit);
+
+       printf("loaded: %s\n", PLUGINS);
+
+       memset(buffer, 0x12, sizeof(buffer));
+       memset(assoc, 0x34, sizeof(assoc));
+       memset(iv, 0x56, sizeof(iv));
+
+       if (argc < 2)
+       {
+               fprintf(stderr, "usage: %s <algorithm>!\n", argv[0]);
+               return 1;
+       }
+       if (argc > 2)
+       {
+               limit = atoi(argv[2]);
+       }
+
+       token = proposal_get_token(argv[1], strlen(argv[1]));
+       if (!token)
+       {
+               fprintf(stderr, "algorithm '%s' unknown!\n", argv[1]);
+               return 1;
+       }
+       if (token->type != ENCRYPTION_ALGORITHM)
+       {
+               fprintf(stderr, "'%s' is not an encryption/aead algorithm!\n", argv[1]);
+               return 1;
+       }
+
+       if (encryption_algorithm_is_aead(token->algorithm))
+       {
+               aead = lib->crypto->create_aead(lib->crypto,
+                                                                               token->algorithm, token->keysize / 8);
+               if (!aead)
+               {
+                       fprintf(stderr, "aead '%s' not supported!\n", argv[1]);
+                       return 1;
+               }
+               while (TRUE)
+               {
+                       aead->encrypt(aead,
+                               chunk_create(buffer, sizeof(buffer) - aead->get_icv_size(aead)),
+                               chunk_from_thing(assoc),
+                               chunk_create(iv, aead->get_iv_size(aead)), NULL);
+                       if (!aead->decrypt(aead, chunk_create(buffer, sizeof(buffer)),
+                               chunk_from_thing(assoc),
+                               chunk_create(iv, aead->get_iv_size(aead)), NULL))
+                       {
+                               fprintf(stderr, "aead integrity check failed!\n");
+                               return FALSE;
+                       }
+                       if (limit && ++i == limit)
+                       {
+                               break;
+                       }
+               }
+       }
+       else
+       {
+               crypter = lib->crypto->create_crypter(lib->crypto,
+                                                                               token->algorithm, token->keysize / 8);
+               if (!crypter)
+               {
+                       fprintf(stderr, "crypter '%s' not supported!\n", argv[1]);
+                       return 1;
+               }
+               bs = crypter->get_block_size(crypter);
+
+               while (i--)
+               {
+                       crypter->encrypt(crypter,
+                               chunk_create(buffer, sizeof(buffer) / bs * bs),
+                               chunk_create(iv, crypter->get_iv_size(crypter)), NULL);
+                       crypter->decrypt(crypter,
+                               chunk_create(buffer, sizeof(buffer) / bs * bs),
+                               chunk_create(iv, crypter->get_iv_size(crypter)), NULL);
+                       if (limit && ++i == limit)
+                       {
+                               break;
+                       }
+               }
+       }
+       return 0;
+}