diff options
| -rw-r--r-- | scripts/.gitignore | 1 | ||||
| -rw-r--r-- | scripts/Makefile.am | 8 | ||||
| -rw-r--r-- | scripts/dh_speed.c | 129 | ||||
| -rw-r--r-- | src/charon/plugins/unit_tester/Makefile.am | 1 | ||||
| -rw-r--r-- | src/charon/plugins/unit_tester/tests.h | 1 | ||||
| -rw-r--r-- | src/charon/plugins/unit_tester/tests/test_dh_speed.c | 107 |
6 files changed, 136 insertions, 111 deletions
diff --git a/scripts/.gitignore b/scripts/.gitignore index a6679708a..f9da93bc4 100644 --- a/scripts/.gitignore +++ b/scripts/.gitignore @@ -4,3 +4,4 @@ id2sql key2keyid keyid2sql thread_analysis +dh_speed diff --git a/scripts/Makefile.am b/scripts/Makefile.am index ca6c47e54..5a0ad1d68 100644 --- a/scripts/Makefile.am +++ b/scripts/Makefile.am @@ -1,14 +1,18 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = \ --DIPSEC_PLUGINDIR=\"${plugindir}\" +-DIPSEC_PLUGINDIR=\"${plugindir}\" \ +-DSTRONGSWAN_CONF=\"${strongswan_conf}\" -noinst_PROGRAMS = bin2array bin2sql id2sql key2keyid keyid2sql thread_analysis +noinst_PROGRAMS = bin2array bin2sql id2sql key2keyid keyid2sql \ + thread_analysis dh_speed bin2array_SOURCES = bin2array.c bin2sql_SOURCES = bin2sql.c id2sql_SOURCES = id2sql.c key2keyid_SOURCES = key2keyid.c keyid2sql_SOURCES = keyid2sql.c thread_analysis_SOURCES = thread_analysis.c +dh_speed_SOURCES = dh_speed.c id2sql_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la key2keyid_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la keyid2sql_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la +dh_speed_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la -lrt diff --git a/scripts/dh_speed.c b/scripts/dh_speed.c new file mode 100644 index 000000000..76dafe752 --- /dev/null +++ b/scripts/dh_speed.c @@ -0,0 +1,129 @@ + +#include <stdio.h> +#include <time.h> +#include <library.h> +#include <debug.h> +#include <crypto/diffie_hellman.h> + +static void usage() +{ + printf("usage: dh_speed plugins rounds group1 [group2 [...]]\n"); + exit(1); +} + +struct { + char *name; + diffie_hellman_group_t group; +} groups[] = { + {"modp768", MODP_768_BIT}, + {"modp1024", MODP_1024_BIT}, + {"modp1536", MODP_1536_BIT}, + {"modp2048", MODP_2048_BIT}, + {"modp3072", MODP_3072_BIT}, + {"modp4096", MODP_4096_BIT}, + {"modp6144", MODP_6144_BIT}, + {"modp8192", MODP_8192_BIT}, + {"ecp256", ECP_256_BIT}, + {"ecp384", ECP_384_BIT}, + {"ecp521", ECP_521_BIT}, + {"ecp192", ECP_192_BIT}, + {"ecp224", ECP_224_BIT}, +}; + +static void start_timing(struct timespec *start) +{ + clock_gettime(CLOCK_THREAD_CPUTIME_ID, start); +} + +static double end_timing(struct timespec *start) +{ + struct timespec end; + + clock_gettime(CLOCK_THREAD_CPUTIME_ID, &end); + return (end.tv_nsec - start->tv_nsec) / 1000000000.0 + + (end.tv_sec - start->tv_sec) * 1.0; +} + +static void run_test(diffie_hellman_group_t group, int rounds) +{ + diffie_hellman_t *l[rounds], *r; + chunk_t chunk; + struct timespec timing; + int round; + + r = lib->crypto->create_dh(lib->crypto, group); + if (!r) + { + printf("skipping %N, not supported\n", + diffie_hellman_group_names, group); + return; + } + + printf("%N:\t", + diffie_hellman_group_names, group); + + start_timing(&timing); + for (round = 0; round < rounds; round++) + { + l[round] = lib->crypto->create_dh(lib->crypto, group); + } + printf("A = g^a/s: %8.1f", rounds / end_timing(&timing)); + + for (round = 0; round < rounds; round++) + { + l[round]->get_my_public_value(l[round], &chunk); + r->set_other_public_value(r, chunk); + chunk_free(&chunk); + } + + r->get_my_public_value(r, &chunk); + start_timing(&timing); + for (round = 0; round < rounds; round++) + { + l[round]->set_other_public_value(l[round], chunk); + } + printf(" | S = B^a/s: %8.1f\n", rounds / end_timing(&timing)); + chunk_free(&chunk); + + for (round = 0; round < rounds; round++) + { + l[round]->destroy(l[round]); + } + r->destroy(r); +} + +int main(int argc, char *argv[]) +{ + int rounds, i, j; + + if (argc < 4) + { + usage(); + } + + library_init(STRONGSWAN_CONF); + lib->plugins->load(lib->plugins, IPSEC_PLUGINDIR, argv[1]); + atexit(library_deinit); + + rounds = atoi(argv[2]); + + for (i = 3; i < argc; i++) + { + bool found = FALSE; + + for (j = 0; j < countof(groups); j++) + { + if (streq(groups[j].name, argv[i])) + { + run_test(groups[j].group, rounds); + found = TRUE; + } + } + if (!found) + { + printf("group %s not found\n", argv[i]); + } + } + return 0; +} + diff --git a/src/charon/plugins/unit_tester/Makefile.am b/src/charon/plugins/unit_tester/Makefile.am index 3d9cb5e1d..a1352a64e 100644 --- a/src/charon/plugins/unit_tester/Makefile.am +++ b/src/charon/plugins/unit_tester/Makefile.am @@ -15,7 +15,6 @@ libstrongswan_unit_tester_la_SOURCES = unit_tester.c unit_tester.h tests.h \ tests/test_mutex.c \ tests/test_rsa_gen.c \ tests/test_pubkey_speed.c \ - tests/test_dh_speed.c \ tests/test_cert.c \ tests/test_med_db.c \ tests/test_aes.c \ diff --git a/src/charon/plugins/unit_tester/tests.h b/src/charon/plugins/unit_tester/tests.h index 7e0c8196c..901251467 100644 --- a/src/charon/plugins/unit_tester/tests.h +++ b/src/charon/plugins/unit_tester/tests.h @@ -31,7 +31,6 @@ DEFINE_TEST("SQLite operations", test_sqlite, FALSE) DEFINE_TEST("mutex primitive", test_mutex, FALSE) DEFINE_TEST("RSA key generation", test_rsa_gen, FALSE) DEFINE_TEST("PublicKey speed test", test_pubkey_speed, FALSE) -DEFINE_TEST("Diffie-Hellman speed test", test_dh_speed, FALSE) DEFINE_TEST("RSA subjectPublicKeyInfo loading", test_rsa_load_any, FALSE) DEFINE_TEST("X509 certificate", test_cert_x509, FALSE) DEFINE_TEST("Mediation database key fetch", test_med_db, FALSE) diff --git a/src/charon/plugins/unit_tester/tests/test_dh_speed.c b/src/charon/plugins/unit_tester/tests/test_dh_speed.c deleted file mode 100644 index b15e01a5f..000000000 --- a/src/charon/plugins/unit_tester/tests/test_dh_speed.c +++ /dev/null @@ -1,107 +0,0 @@ -/* - * Copyright (C) 2009 Martin Willi - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include <library.h> -#include <daemon.h> - -#include <time.h> - -static void start_timing(struct timespec *start) -{ - clock_gettime(CLOCK_THREAD_CPUTIME_ID, start); -} - -static double end_timing(struct timespec *start) -{ - struct timespec end; - - clock_gettime(CLOCK_THREAD_CPUTIME_ID, &end); - return (end.tv_nsec - start->tv_nsec) / 1000000000.0 + - (end.tv_sec - start->tv_sec) * 1.0; -} - - -/******************************************************************************* - * public key sign/verify speed test - ******************************************************************************/ -bool test_dh_speed() -{ - struct { - diffie_hellman_group_t group; - int rounds; - } groups[] = { - { MODP_768_BIT, 600}, - { MODP_1024_BIT, 400}, - { MODP_1536_BIT, 200}, - { MODP_2048_BIT, 100}, - { ECP_192_BIT, 800}, - { ECP_224_BIT, 600}, - { ECP_256_BIT, 400}, - { ECP_384_BIT, 200}, - { ECP_521_BIT, 100}, - }; - int group, round; - - for (group = 0; group < countof(groups); group++) - { - diffie_hellman_t *l[groups[group].rounds], *r; - chunk_t chunk; - struct timespec timing; - - r = lib->crypto->create_dh(lib->crypto, groups[group].group); - if (!r) - { - DBG1(DBG_CFG, "skipping dh group %N, not supported", - diffie_hellman_group_names, groups[group].group); - continue; - } - - DBG1(DBG_CFG, "testing dh group %N:", - diffie_hellman_group_names, groups[group].group); - - start_timing(&timing); - for (round = 0; round < groups[group].rounds; round++) - { - l[round] = lib->crypto->create_dh(lib->crypto, groups[group].group); - } - DBG1(DBG_CFG, " %.0f A = g^a/s", - groups[group].rounds / end_timing(&timing)); - - for (round = 0; round < groups[group].rounds; round++) - { - l[round]->get_my_public_value(l[round], &chunk); - r->set_other_public_value(r, chunk); - chunk_free(&chunk); - } - - r->get_my_public_value(r, &chunk); - start_timing(&timing); - for (round = 0; round < groups[group].rounds; round++) - { - l[round]->set_other_public_value(l[round], chunk); - } - DBG1(DBG_CFG, " %.0f S = B^a/s", - groups[group].rounds / end_timing(&timing)); - chunk_free(&chunk); - - for (round = 0; round < groups[group].rounds; round++) - { - l[round]->destroy(l[round]); - } - r->destroy(r); - } - return TRUE; -} - |