| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * cipher_driver.c | 2 * cipher_driver.c |
| 3 * | 3 * |
| 4 * A driver for the generic cipher type | 4 * A driver for the generic cipher type |
| 5 * | 5 * |
| 6 * David A. McGrew | 6 * David A. McGrew |
| 7 * Cisco Systems, Inc. | 7 * Cisco Systems, Inc. |
| 8 */ | 8 */ |
| 9 | 9 |
| 10 /* | 10 /* |
| (...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 51 #include <stdlib.h> /* for rand() */ | 51 #include <stdlib.h> /* for rand() */ |
| 52 #include <string.h> /* for memset() */ | 52 #include <string.h> /* for memset() */ |
| 53 #include "getopt_s.h" | 53 #include "getopt_s.h" |
| 54 #include "cipher.h" | 54 #include "cipher.h" |
| 55 #ifdef OPENSSL | 55 #ifdef OPENSSL |
| 56 #include "aes_icm_ossl.h" | 56 #include "aes_icm_ossl.h" |
| 57 #include "aes_gcm_ossl.h" | 57 #include "aes_gcm_ossl.h" |
| 58 #else | 58 #else |
| 59 #include "aes_icm.h" | 59 #include "aes_icm.h" |
| 60 #endif | 60 #endif |
| 61 #include "null_cipher.h" | |
| 62 | 61 |
| 63 #define PRINT_DEBUG 0 | 62 #define PRINT_DEBUG 0 |
| 64 | 63 |
| 65 void | 64 void |
| 66 cipher_driver_test_throughput(cipher_t *c); | 65 cipher_driver_test_throughput(srtp_cipher_t *c); |
| 67 | 66 |
| 68 err_status_t | 67 srtp_err_status_t |
| 69 cipher_driver_self_test(cipher_type_t *ct); | 68 cipher_driver_self_test(srtp_cipher_type_t *ct); |
| 70 | 69 |
| 71 | 70 |
| 72 /* | 71 /* |
| 73 * cipher_driver_test_buffering(ct) tests the cipher's output | 72 * cipher_driver_test_buffering(ct) tests the cipher's output |
| 74 * buffering for correctness by checking the consistency of succesive | 73 * buffering for correctness by checking the consistency of succesive |
| 75 * calls | 74 * calls |
| 76 */ | 75 */ |
| 77 | 76 |
| 78 err_status_t | 77 srtp_err_status_t |
| 79 cipher_driver_test_buffering(cipher_t *c); | 78 cipher_driver_test_buffering(srtp_cipher_t *c); |
| 80 | 79 |
| 81 | 80 |
| 82 /* | 81 /* |
| 83 * functions for testing cipher cache thrash | 82 * functions for testing cipher cache thrash |
| 84 */ | 83 */ |
| 85 err_status_t | 84 srtp_err_status_t |
| 86 cipher_driver_test_array_throughput(cipher_type_t *ct, | 85 cipher_driver_test_array_throughput(srtp_cipher_type_t *ct, |
| 87 int klen, int num_cipher); | 86 int klen, int num_cipher); |
| 88 | 87 |
| 89 void | 88 void |
| 90 cipher_array_test_throughput(cipher_t *ca[], int num_cipher); | 89 cipher_array_test_throughput(srtp_cipher_t *ca[], int num_cipher); |
| 91 | 90 |
| 92 uint64_t | 91 uint64_t |
| 93 cipher_array_bits_per_second(cipher_t *cipher_array[], int num_cipher, | 92 cipher_array_bits_per_second(srtp_cipher_t *cipher_array[], int num_cipher, |
| 94 unsigned octets_in_buffer, int num_trials); | 93 unsigned octets_in_buffer, int num_trials); |
| 95 | 94 |
| 96 err_status_t | 95 srtp_err_status_t |
| 97 cipher_array_delete(cipher_t *cipher_array[], int num_cipher); | 96 cipher_array_delete(srtp_cipher_t *cipher_array[], int num_cipher); |
| 98 | 97 |
| 99 err_status_t | 98 srtp_err_status_t |
| 100 cipher_array_alloc_init(cipher_t ***cipher_array, int num_ciphers, | 99 cipher_array_alloc_init(srtp_cipher_t ***cipher_array, int num_ciphers, |
| 101 » » » cipher_type_t *ctype, int klen); | 100 » » » srtp_cipher_type_t *ctype, int klen); |
| 102 | 101 |
| 103 void | 102 void |
| 104 usage(char *prog_name) { | 103 usage(char *prog_name) { |
| 105 printf("usage: %s [ -t | -v | -a ]\n", prog_name); | 104 printf("usage: %s [ -t | -v | -a ]\n", prog_name); |
| 106 exit(255); | 105 exit(255); |
| 107 } | 106 } |
| 108 | 107 |
| 109 void | 108 void |
| 110 check_status(err_status_t s) { | 109 check_status(srtp_err_status_t s) { |
| 111 if (s) { | 110 if (s) { |
| 112 printf("error (code %d)\n", s); | 111 printf("error (code %d)\n", s); |
| 113 exit(s); | 112 exit(s); |
| 114 } | 113 } |
| 115 return; | 114 return; |
| 116 } | 115 } |
| 117 | 116 |
| 118 /* | 117 /* |
| 119 * null_cipher, aes_icm, and aes_cbc are the cipher meta-objects | 118 * null_cipher and srtp_aes_icm are the cipher meta-objects |
| 120 * defined in the files in crypto/cipher subdirectory. these are | 119 * defined in the files in crypto/cipher subdirectory. these are |
| 121 * declared external so that we can use these cipher types here | 120 * declared external so that we can use these cipher types here |
| 122 */ | 121 */ |
| 123 | 122 |
| 124 extern cipher_type_t null_cipher; | 123 extern srtp_cipher_type_t srtp_null_cipher; |
| 125 extern cipher_type_t aes_icm; | 124 extern srtp_cipher_type_t srtp_aes_icm; |
| 126 #ifndef OPENSSL | 125 #ifdef OPENSSL |
| 127 extern cipher_type_t aes_cbc; | 126 extern srtp_cipher_type_t srtp_aes_icm_192; |
| 128 #else | 127 extern srtp_cipher_type_t srtp_aes_icm_256; |
| 129 #ifndef SRTP_NO_AES192 | 128 extern srtp_cipher_type_t srtp_aes_gcm_128_openssl; |
| 130 extern cipher_type_t aes_icm_192; | 129 extern srtp_cipher_type_t srtp_aes_gcm_256_openssl; |
| 131 #endif | |
| 132 extern cipher_type_t aes_icm_256; | |
| 133 extern cipher_type_t aes_gcm_128_openssl; | |
| 134 extern cipher_type_t aes_gcm_256_openssl; | |
| 135 #endif | 130 #endif |
| 136 | 131 |
| 137 int | 132 int |
| 138 main(int argc, char *argv[]) { | 133 main(int argc, char *argv[]) { |
| 139 cipher_t *c = NULL; | 134 srtp_cipher_t *c = NULL; |
| 140 err_status_t status; | 135 srtp_err_status_t status; |
| 141 unsigned char test_key[48] = { | 136 unsigned char test_key[48] = { |
| 142 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, | 137 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, |
| 143 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, | 138 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, |
| 144 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, | 139 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, |
| 145 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, | 140 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, |
| 146 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, | 141 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, |
| 147 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, | 142 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, |
| 148 }; | 143 }; |
| 149 int q; | 144 int q; |
| 150 unsigned do_timing_test = 0; | 145 unsigned do_timing_test = 0; |
| (...skipping 12 matching lines...) Expand all Loading... |
| 163 case 'v': | 158 case 'v': |
| 164 do_validation = 1; | 159 do_validation = 1; |
| 165 break; | 160 break; |
| 166 case 'a': | 161 case 'a': |
| 167 do_array_timing_test = 1; | 162 do_array_timing_test = 1; |
| 168 break; | 163 break; |
| 169 default: | 164 default: |
| 170 usage(argv[0]); | 165 usage(argv[0]); |
| 171 } | 166 } |
| 172 } | 167 } |
| 173 | 168 |
| 174 printf("cipher test driver\n" | 169 printf("cipher test driver\n" |
| 175 "David A. McGrew\n" | 170 "David A. McGrew\n" |
| 176 "Cisco Systems, Inc.\n"); | 171 "Cisco Systems, Inc.\n"); |
| 177 | 172 |
| 178 if (!do_validation && !do_timing_test && !do_array_timing_test) | 173 if (!do_validation && !do_timing_test && !do_array_timing_test) |
| 179 usage(argv[0]); | 174 usage(argv[0]); |
| 180 | 175 |
| 181 /* arry timing (cache thrash) test */ | 176 /* arry timing (cache thrash) test */ |
| 182 if (do_array_timing_test) { | 177 if (do_array_timing_test) { |
| 183 int max_num_cipher = 1 << 16; /* number of ciphers in cipher_array */ | 178 int max_num_cipher = 1 << 16; /* number of ciphers in cipher_array */ |
| 184 int num_cipher; | 179 int num_cipher; |
| 185 | 180 |
| 186 for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8) | 181 for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8) |
| 187 cipher_driver_test_array_throughput(&null_cipher, 0, num_cipher); | 182 cipher_driver_test_array_throughput(&srtp_null_cipher, 0, num_cipher); |
| 188 | 183 |
| 189 for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8) | 184 for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8) |
| 190 cipher_driver_test_array_throughput(&aes_icm, 30, num_cipher); | 185 cipher_driver_test_array_throughput(&srtp_aes_icm, 30, num_cipher); |
| 191 | 186 |
| 192 #ifndef OPENSSL | 187 #ifndef OPENSSL |
| 193 for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8) | 188 for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8) |
| 194 cipher_driver_test_array_throughput(&aes_icm, 46, num_cipher); | 189 cipher_driver_test_array_throughput(&srtp_aes_icm, 46, num_cipher); |
| 190 #else |
| 191 for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8) |
| 192 cipher_driver_test_array_throughput(&srtp_aes_icm_192, 38, num_cipher); |
| 195 | 193 |
| 196 for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8) | 194 for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8) |
| 197 cipher_driver_test_array_throughput(&aes_cbc, 16, num_cipher); | 195 cipher_driver_test_array_throughput(&srtp_aes_icm_256, 46, num_cipher); |
| 198 | |
| 199 for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8) | |
| 200 cipher_driver_test_array_throughput(&aes_cbc, 32, num_cipher); | |
| 201 #else | |
| 202 #ifndef SRTP_NO_AES192 | |
| 203 for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8) | |
| 204 cipher_driver_test_array_throughput(&aes_icm_192, 38, num_cipher); | |
| 205 #endif | |
| 206 for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8) | |
| 207 cipher_driver_test_array_throughput(&aes_icm_256, 46, num_cipher); | |
| 208 | 196 |
| 209 for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8) { | 197 for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8) { |
| 210 » cipher_driver_test_array_throughput(&aes_gcm_128_openssl, AES_128_GCM_KE
YSIZE_WSALT, num_cipher); | 198 » cipher_driver_test_array_throughput(&srtp_aes_gcm_128_openssl, SRTP_AES_
128_GCM_KEYSIZE_WSALT, num_cipher); |
| 211 } | 199 } |
| 212 | 200 |
| 213 for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8) { | 201 for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8) { |
| 214 » cipher_driver_test_array_throughput(&aes_gcm_256_openssl, AES_256_GCM_KE
YSIZE_WSALT, num_cipher); | 202 » cipher_driver_test_array_throughput(&srtp_aes_gcm_256_openssl, SRTP_AES_
256_GCM_KEYSIZE_WSALT, num_cipher); |
| 215 } | 203 } |
| 216 #endif | 204 #endif |
| 217 } | 205 } |
| 218 | 206 |
| 219 if (do_validation) { | 207 if (do_validation) { |
| 220 cipher_driver_self_test(&null_cipher); | 208 cipher_driver_self_test(&srtp_null_cipher); |
| 221 cipher_driver_self_test(&aes_icm); | 209 cipher_driver_self_test(&srtp_aes_icm); |
| 222 #ifndef OPENSSL | 210 #ifdef OPENSSL |
| 223 cipher_driver_self_test(&aes_cbc); | 211 cipher_driver_self_test(&srtp_aes_icm_192); |
| 224 #else | 212 cipher_driver_self_test(&srtp_aes_icm_256); |
| 225 #ifndef SRTP_NO_AES192 | 213 cipher_driver_self_test(&srtp_aes_gcm_128_openssl); |
| 226 cipher_driver_self_test(&aes_icm_192); | 214 cipher_driver_self_test(&srtp_aes_gcm_256_openssl); |
| 227 #endif | |
| 228 cipher_driver_self_test(&aes_icm_256); | |
| 229 cipher_driver_self_test(&aes_gcm_128_openssl); | |
| 230 cipher_driver_self_test(&aes_gcm_256_openssl); | |
| 231 #endif | 215 #endif |
| 232 } | 216 } |
| 233 | 217 |
| 234 /* do timing and/or buffer_test on null_cipher */ | 218 /* do timing and/or buffer_test on srtp_null_cipher */ |
| 235 status = cipher_type_alloc(&null_cipher, &c, 0, 0); | 219 status = srtp_cipher_type_alloc(&srtp_null_cipher, &c, 0, 0); |
| 236 check_status(status); | 220 check_status(status); |
| 237 | 221 |
| 238 status = cipher_init(c, NULL); | 222 status = srtp_cipher_init(c, NULL); |
| 239 check_status(status); | 223 check_status(status); |
| 240 | 224 |
| 241 if (do_timing_test) | 225 if (do_timing_test) |
| 242 cipher_driver_test_throughput(c); | 226 cipher_driver_test_throughput(c); |
| 243 if (do_validation) { | 227 if (do_validation) { |
| 244 status = cipher_driver_test_buffering(c); | 228 status = cipher_driver_test_buffering(c); |
| 245 check_status(status); | 229 check_status(status); |
| 246 } | 230 } |
| 247 status = cipher_dealloc(c); | 231 status = srtp_cipher_dealloc(c); |
| 248 check_status(status); | 232 check_status(status); |
| 249 | 233 |
| 250 | 234 |
| 251 /* run the throughput test on the aes_icm cipher (128-bit key) */ | 235 /* run the throughput test on the aes_icm cipher (128-bit key) */ |
| 252 status = cipher_type_alloc(&aes_icm, &c, 30, 0); | 236 status = srtp_cipher_type_alloc(&srtp_aes_icm, &c, 30, 0); |
| 253 if (status) { | 237 if (status) { |
| 254 fprintf(stderr, "error: can't allocate cipher\n"); | 238 fprintf(stderr, "error: can't allocate cipher\n"); |
| 255 exit(status); | 239 exit(status); |
| 256 } | 240 } |
| 257 | 241 |
| 258 status = cipher_init(c, test_key); | 242 status = srtp_cipher_init(c, test_key); |
| 259 check_status(status); | 243 check_status(status); |
| 260 | 244 |
| 261 if (do_timing_test) | 245 if (do_timing_test) |
| 262 cipher_driver_test_throughput(c); | 246 cipher_driver_test_throughput(c); |
| 263 | 247 |
| 264 if (do_validation) { | 248 if (do_validation) { |
| 265 status = cipher_driver_test_buffering(c); | 249 status = cipher_driver_test_buffering(c); |
| 266 check_status(status); | 250 check_status(status); |
| 267 } | 251 } |
| 268 | 252 |
| 269 status = cipher_dealloc(c); | 253 status = srtp_cipher_dealloc(c); |
| 270 check_status(status); | 254 check_status(status); |
| 271 | 255 |
| 272 /* repeat the tests with 256-bit keys */ | 256 /* repeat the tests with 256-bit keys */ |
| 273 #ifndef OPENSSL | 257 #ifndef OPENSSL |
| 274 status = cipher_type_alloc(&aes_icm, &c, 46, 0); | 258 status = srtp_cipher_type_alloc(&srtp_aes_icm, &c, 46, 0); |
| 275 #else | 259 #else |
| 276 status = cipher_type_alloc(&aes_icm_256, &c, 46, 0); | 260 status = srtp_cipher_type_alloc(&srtp_aes_icm_256, &c, 46, 0); |
| 277 #endif | 261 #endif |
| 278 if (status) { | 262 if (status) { |
| 279 fprintf(stderr, "error: can't allocate cipher\n"); | 263 fprintf(stderr, "error: can't allocate cipher\n"); |
| 280 exit(status); | 264 exit(status); |
| 281 } | 265 } |
| 282 | 266 |
| 283 status = cipher_init(c, test_key); | 267 status = srtp_cipher_init(c, test_key); |
| 284 check_status(status); | 268 check_status(status); |
| 285 | 269 |
| 286 if (do_timing_test) | 270 if (do_timing_test) |
| 287 cipher_driver_test_throughput(c); | 271 cipher_driver_test_throughput(c); |
| 288 | 272 |
| 289 if (do_validation) { | 273 if (do_validation) { |
| 290 status = cipher_driver_test_buffering(c); | 274 status = cipher_driver_test_buffering(c); |
| 291 check_status(status); | 275 check_status(status); |
| 292 } | 276 } |
| 293 | 277 |
| 294 status = cipher_dealloc(c); | 278 status = srtp_cipher_dealloc(c); |
| 295 check_status(status); | 279 check_status(status); |
| 296 | 280 |
| 297 #ifdef OPENSSL | 281 #ifdef OPENSSL |
| 298 /* run the throughput test on the aes_gcm_128_openssl cipher */ | 282 /* run the throughput test on the aes_gcm_128_openssl cipher */ |
| 299 status = cipher_type_alloc(&aes_gcm_128_openssl, &c, AES_128_GCM_KEYSIZE_WSA
LT, 8); | 283 status = srtp_cipher_type_alloc(&srtp_aes_gcm_128_openssl, &c, SRTP_AES_128_
GCM_KEYSIZE_WSALT, 8); |
| 300 if (status) { | 284 if (status) { |
| 301 fprintf(stderr, "error: can't allocate GCM 128 cipher\n"); | 285 fprintf(stderr, "error: can't allocate GCM 128 cipher\n"); |
| 302 exit(status); | 286 exit(status); |
| 303 } | 287 } |
| 304 status = cipher_init(c, test_key); | 288 status = srtp_cipher_init(c, test_key); |
| 305 check_status(status); | 289 check_status(status); |
| 306 if (do_timing_test) { | 290 if (do_timing_test) { |
| 307 cipher_driver_test_throughput(c); | 291 cipher_driver_test_throughput(c); |
| 308 } | 292 } |
| 309 | 293 |
| 310 if (do_validation) { | 294 if (do_validation) { |
| 311 status = cipher_driver_test_buffering(c); | 295 status = cipher_driver_test_buffering(c); |
| 312 check_status(status); | 296 check_status(status); |
| 313 } | 297 } |
| 314 status = cipher_dealloc(c); | 298 status = srtp_cipher_dealloc(c); |
| 315 check_status(status); | 299 check_status(status); |
| 316 | 300 |
| 317 /* run the throughput test on the aes_gcm_256_openssl cipher */ | 301 /* run the throughput test on the aes_gcm_256_openssl cipher */ |
| 318 status = cipher_type_alloc(&aes_gcm_256_openssl, &c, AES_256_GCM_KEYSIZE_WSA
LT, 16); | 302 status = srtp_cipher_type_alloc(&srtp_aes_gcm_256_openssl, &c, SRTP_AES_256_
GCM_KEYSIZE_WSALT, 16); |
| 319 if (status) { | 303 if (status) { |
| 320 fprintf(stderr, "error: can't allocate GCM 256 cipher\n"); | 304 fprintf(stderr, "error: can't allocate GCM 256 cipher\n"); |
| 321 exit(status); | 305 exit(status); |
| 322 } | 306 } |
| 323 status = cipher_init(c, test_key); | 307 status = srtp_cipher_init(c, test_key); |
| 324 check_status(status); | 308 check_status(status); |
| 325 if (do_timing_test) { | 309 if (do_timing_test) { |
| 326 cipher_driver_test_throughput(c); | 310 cipher_driver_test_throughput(c); |
| 327 } | 311 } |
| 328 | 312 |
| 329 if (do_validation) { | 313 if (do_validation) { |
| 330 status = cipher_driver_test_buffering(c); | 314 status = cipher_driver_test_buffering(c); |
| 331 check_status(status); | 315 check_status(status); |
| 332 } | 316 } |
| 333 status = cipher_dealloc(c); | 317 status = srtp_cipher_dealloc(c); |
| 334 check_status(status); | 318 check_status(status); |
| 335 #endif | 319 #endif |
| 336 | 320 |
| 337 return 0; | 321 return 0; |
| 338 } | 322 } |
| 339 | 323 |
| 340 void | 324 void |
| 341 cipher_driver_test_throughput(cipher_t *c) { | 325 cipher_driver_test_throughput(srtp_cipher_t *c) { |
| 342 int i; | 326 int i; |
| 343 int min_enc_len = 32; | 327 int min_enc_len = 32; |
| 344 int max_enc_len = 2048; /* should be a power of two */ | 328 int max_enc_len = 2048; /* should be a power of two */ |
| 345 int num_trials = 1000000; | 329 int num_trials = 1000000; |
| 346 | 330 |
| 347 printf("timing %s throughput, key length %d:\n", c->type->description, c->key_
len); | 331 printf("timing %s throughput, key length %d:\n", c->type->description, c->key_
len); |
| 348 fflush(stdout); | 332 fflush(stdout); |
| 349 for (i=min_enc_len; i <= max_enc_len; i = i * 2) | 333 for (i=min_enc_len; i <= max_enc_len; i = i * 2) |
| 350 printf("msg len: %d\tgigabits per second: %f\n", | 334 printf("msg len: %d\tgigabits per second: %f\n", |
| 351 » i, cipher_bits_per_second(c, i, num_trials) / 1e9); | 335 » i, srtp_cipher_bits_per_second(c, i, num_trials) / 1e9); |
| 352 | 336 |
| 353 } | 337 } |
| 354 | 338 |
| 355 err_status_t | 339 srtp_err_status_t |
| 356 cipher_driver_self_test(cipher_type_t *ct) { | 340 cipher_driver_self_test(srtp_cipher_type_t *ct) { |
| 357 err_status_t status; | 341 srtp_err_status_t status; |
| 358 | 342 |
| 359 printf("running cipher self-test for %s...", ct->description); | 343 printf("running cipher self-test for %s...", ct->description); |
| 360 status = cipher_type_self_test(ct); | 344 status = srtp_cipher_type_self_test(ct); |
| 361 if (status) { | 345 if (status) { |
| 362 printf("failed with error code %d\n", status); | 346 printf("failed with error code %d\n", status); |
| 363 exit(status); | 347 exit(status); |
| 364 } | 348 } |
| 365 printf("passed\n"); | 349 printf("passed\n"); |
| 366 | 350 |
| 367 return err_status_ok; | 351 return srtp_err_status_ok; |
| 368 } | 352 } |
| 369 | 353 |
| 370 /* | 354 /* |
| 371 * cipher_driver_test_buffering(ct) tests the cipher's output | 355 * cipher_driver_test_buffering(ct) tests the cipher's output |
| 372 * buffering for correctness by checking the consistency of succesive | 356 * buffering for correctness by checking the consistency of succesive |
| 373 * calls | 357 * calls |
| 374 */ | 358 */ |
| 375 | 359 |
| 376 #define INITIAL_BUFLEN 1024 | 360 #define INITIAL_BUFLEN 1024 |
| 377 err_status_t | 361 srtp_err_status_t |
| 378 cipher_driver_test_buffering(cipher_t *c) { | 362 cipher_driver_test_buffering(srtp_cipher_t *c) { |
| 379 int i, j, num_trials = 1000; | 363 int i, j, num_trials = 1000; |
| 380 unsigned len, buflen = INITIAL_BUFLEN; | 364 unsigned len, buflen = INITIAL_BUFLEN; |
| 381 uint8_t buffer0[INITIAL_BUFLEN], buffer1[INITIAL_BUFLEN], *current, *end; | 365 uint8_t buffer0[INITIAL_BUFLEN], buffer1[INITIAL_BUFLEN], *current, *end; |
| 382 uint8_t idx[16] = { | 366 uint8_t idx[16] = { |
| 383 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | 367 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
| 384 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x12, 0x34 | 368 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x12, 0x34 |
| 385 }; | 369 }; |
| 386 err_status_t status; | 370 srtp_err_status_t status; |
| 387 | 371 |
| 388 printf("testing output buffering for cipher %s...", | 372 printf("testing output buffering for cipher %s...", |
| 389 c->type->description); | 373 c->type->description); |
| 390 | 374 |
| 391 for (i=0; i < num_trials; i++) { | 375 for (i=0; i < num_trials; i++) { |
| 392 | 376 |
| 393 /* set buffers to zero */ | 377 /* set buffers to zero */ |
| 394 for (j=0; j < (int) buflen; j++) { | 378 for (j=0; j < (int) buflen; j++) { |
| 395 buffer0[j] = buffer1[j] = 0; | 379 buffer0[j] = buffer1[j] = 0; |
| 396 } | 380 } |
| 397 | 381 |
| 398 /* initialize cipher */ | 382 /* initialize cipher */ |
| 399 status = cipher_set_iv(c, idx, direction_encrypt); | 383 status = srtp_cipher_set_iv(c, (uint8_t*)idx, srtp_direction_encrypt); |
| 400 if (status) | 384 if (status) |
| 401 return status; | 385 return status; |
| 402 | 386 |
| 403 /* generate 'reference' value by encrypting all at once */ | 387 /* generate 'reference' value by encrypting all at once */ |
| 404 status = cipher_encrypt(c, buffer0, &buflen); | 388 status = srtp_cipher_encrypt(c, buffer0, &buflen); |
| 405 if (status) | 389 if (status) |
| 406 return status; | 390 return status; |
| 407 | 391 |
| 408 /* re-initialize cipher */ | 392 /* re-initialize cipher */ |
| 409 status = cipher_set_iv(c, idx, direction_encrypt); | 393 status = srtp_cipher_set_iv(c, (uint8_t*)idx, srtp_direction_encrypt); |
| 410 if (status) | 394 if (status) |
| 411 return status; | 395 return status; |
| 412 | 396 |
| 413 /* now loop over short lengths until buffer1 is encrypted */ | 397 /* now loop over short lengths until buffer1 is encrypted */ |
| 414 current = buffer1; | 398 current = buffer1; |
| 415 end = buffer1 + buflen; | 399 end = buffer1 + buflen; |
| 416 while (current < end) { | 400 while (current < end) { |
| 417 | 401 |
| 418 /* choose a short length */ | 402 /* choose a short length */ |
| 419 len = rand() & 0x01f; | 403 len = rand() & 0x01f; |
| 420 | 404 |
| 421 /* make sure that len doesn't cause us to overreach the buffer */ | 405 /* make sure that len doesn't cause us to overreach the buffer */ |
| 422 if (current + len > end) | 406 if (current + len > end) |
| 423 len = end - current; | 407 len = end - current; |
| 424 | 408 |
| 425 status = cipher_encrypt(c, current, &len); | 409 status = srtp_cipher_encrypt(c, current, &len); |
| 426 if (status) | 410 if (status) |
| 427 return status; | 411 return status; |
| 428 | 412 |
| 429 /* advance pointer into buffer1 to reflect encryption */ | 413 /* advance pointer into buffer1 to reflect encryption */ |
| 430 current += len; | 414 current += len; |
| 431 | 415 |
| 432 /* if buffer1 is all encrypted, break out of loop */ | 416 /* if buffer1 is all encrypted, break out of loop */ |
| 433 if (current == end) | 417 if (current == end) |
| 434 break; | 418 break; |
| 435 } | 419 } |
| 436 | 420 |
| 437 /* compare buffers */ | 421 /* compare buffers */ |
| 438 for (j=0; j < (int) buflen; j++) { | 422 for (j=0; j < (int) buflen; j++) { |
| 439 if (buffer0[j] != buffer1[j]) { | 423 if (buffer0[j] != buffer1[j]) { |
| 440 #if PRINT_DEBUG | 424 #if PRINT_DEBUG |
| 441 printf("test case %d failed at byte %d\n", i, j); | 425 printf("test case %d failed at byte %d\n", i, j); |
| 442 printf("computed: %s\n", octet_string_hex_string(buffer1, buflen)); | 426 printf("computed: %s\n", octet_string_hex_string(buffer1, buflen)); |
| 443 printf("expected: %s\n", octet_string_hex_string(buffer0, buflen)); | 427 printf("expected: %s\n", octet_string_hex_string(buffer0, buflen)); |
| 444 #endif | 428 #endif |
| 445 » return err_status_algo_fail; | 429 » return srtp_err_status_algo_fail; |
| 446 } | 430 } |
| 447 } | 431 } |
| 448 } | 432 } |
| 449 | 433 |
| 450 printf("passed\n"); | 434 printf("passed\n"); |
| 451 | 435 |
| 452 return err_status_ok; | 436 return srtp_err_status_ok; |
| 453 } | 437 } |
| 454 | 438 |
| 455 | 439 |
| 456 /* | 440 /* |
| 457 * The function cipher_test_throughput_array() tests the effect of CPU | 441 * The function cipher_test_throughput_array() tests the effect of CPU |
| 458 * cache thrash on cipher throughput. | 442 * cache thrash on cipher throughput. |
| 459 * | 443 * |
| 460 * cipher_array_alloc_init(ctype, array, num_ciphers) creates an array | 444 * cipher_array_alloc_init(ctype, array, num_ciphers) creates an array |
| 461 * of cipher_t of type ctype | 445 * of srtp_cipher_t of type ctype |
| 462 */ | 446 */ |
| 463 | 447 |
| 464 err_status_t | 448 srtp_err_status_t |
| 465 cipher_array_alloc_init(cipher_t ***ca, int num_ciphers, | 449 cipher_array_alloc_init(srtp_cipher_t ***ca, int num_ciphers, |
| 466 » » » cipher_type_t *ctype, int klen) { | 450 » » » srtp_cipher_type_t *ctype, int klen) { |
| 467 int i, j; | 451 int i, j; |
| 468 err_status_t status; | 452 srtp_err_status_t status; |
| 469 uint8_t *key; | 453 uint8_t *key; |
| 470 cipher_t **cipher_array; | 454 srtp_cipher_t **cipher_array; |
| 471 /* pad klen allocation, to handle aes_icm reading 16 bytes for the | 455 /* pad klen allocation, to handle aes_icm reading 16 bytes for the |
| 472 14-byte salt */ | 456 14-byte salt */ |
| 473 int klen_pad = ((klen + 15) >> 4) << 4; | 457 int klen_pad = ((klen + 15) >> 4) << 4; |
| 474 | 458 |
| 475 /* allocate array of pointers to ciphers */ | 459 /* allocate array of pointers to ciphers */ |
| 476 cipher_array = (cipher_t **) malloc(sizeof(cipher_t *) * num_ciphers); | 460 cipher_array = (srtp_cipher_t **) malloc(sizeof(srtp_cipher_t *) * num_ciphers
); |
| 477 if (cipher_array == NULL) | 461 if (cipher_array == NULL) |
| 478 return err_status_alloc_fail; | 462 return srtp_err_status_alloc_fail; |
| 479 | 463 |
| 480 /* set ca to location of cipher_array */ | 464 /* set ca to location of cipher_array */ |
| 481 *ca = cipher_array; | 465 *ca = cipher_array; |
| 482 | 466 |
| 483 /* allocate key */ | 467 /* allocate key */ |
| 484 key = crypto_alloc(klen_pad); | 468 key = srtp_crypto_alloc(klen_pad); |
| 485 if (key == NULL) { | 469 if (key == NULL) { |
| 486 free(cipher_array); | 470 free(cipher_array); |
| 487 return err_status_alloc_fail; | 471 return srtp_err_status_alloc_fail; |
| 488 } | 472 } |
| 489 | 473 |
| 490 /* allocate and initialize an array of ciphers */ | 474 /* allocate and initialize an array of ciphers */ |
| 491 for (i=0; i < num_ciphers; i++) { | 475 for (i=0; i < num_ciphers; i++) { |
| 492 | 476 |
| 493 /* allocate cipher */ | 477 /* allocate cipher */ |
| 494 status = cipher_type_alloc(ctype, cipher_array, klen, 16); | 478 status = srtp_cipher_type_alloc(ctype, cipher_array, klen, 16); |
| 495 if (status) | 479 if (status) |
| 496 return status; | 480 return status; |
| 497 | 481 |
| 498 /* generate random key and initialize cipher */ | 482 /* generate random key and initialize cipher */ |
| 499 for (j=0; j < klen; j++) | 483 for (j=0; j < klen; j++) |
| 500 key[j] = (uint8_t) rand(); | 484 key[j] = (uint8_t) rand(); |
| 501 for (; j < klen_pad; j++) | 485 for (; j < klen_pad; j++) |
| 502 key[j] = 0; | 486 key[j] = 0; |
| 503 status = cipher_init(*cipher_array, key); | 487 status = srtp_cipher_init(*cipher_array, key); |
| 504 if (status) | 488 if (status) |
| 505 return status; | 489 return status; |
| 506 | 490 |
| 507 /* printf("%dth cipher is at %p\n", i, *cipher_array); */ | 491 /* printf("%dth cipher is at %p\n", i, *cipher_array); */ |
| 508 /* printf("%dth cipher description: %s\n", i, */ | 492 /* printf("%dth cipher description: %s\n", i, */ |
| 509 /* (*cipher_array)->type->description); */ | 493 /* (*cipher_array)->type->description); */ |
| 510 | 494 |
| 511 /* advance cipher array pointer */ | 495 /* advance cipher array pointer */ |
| 512 cipher_array++; | 496 cipher_array++; |
| 513 } | 497 } |
| 514 | 498 |
| 515 crypto_free(key); | 499 srtp_crypto_free(key); |
| 516 | 500 |
| 517 return err_status_ok; | 501 return srtp_err_status_ok; |
| 518 } | 502 } |
| 519 | 503 |
| 520 err_status_t | 504 srtp_err_status_t |
| 521 cipher_array_delete(cipher_t *cipher_array[], int num_cipher) { | 505 cipher_array_delete(srtp_cipher_t *cipher_array[], int num_cipher) { |
| 522 int i; | 506 int i; |
| 523 | 507 |
| 524 for (i=0; i < num_cipher; i++) { | 508 for (i=0; i < num_cipher; i++) { |
| 525 cipher_dealloc(cipher_array[i]); | 509 srtp_cipher_dealloc(cipher_array[i]); |
| 526 } | 510 } |
| 527 | 511 |
| 528 free(cipher_array); | 512 free(cipher_array); |
| 529 | 513 |
| 530 return err_status_ok; | 514 return srtp_err_status_ok; |
| 531 } | 515 } |
| 532 | 516 |
| 533 | 517 |
| 534 /* | 518 /* |
| 535 * cipher_array_bits_per_second(c, l, t) computes (an estimate of) the | 519 * cipher_array_bits_per_second(c, l, t) computes (an estimate of) the |
| 536 * number of bits that a cipher implementation can encrypt in a second | 520 * number of bits that a cipher implementation can encrypt in a second |
| 537 * when distinct keys are used to encrypt distinct messages | 521 * when distinct keys are used to encrypt distinct messages |
| 538 * | 522 * |
| 539 * c is a cipher (which MUST be allocated an initialized already), l | 523 * c is a cipher (which MUST be allocated an initialized already), l |
| 540 * is the length in octets of the test data to be encrypted, and t is | 524 * is the length in octets of the test data to be encrypted, and t is |
| 541 * the number of trials | 525 * the number of trials |
| 542 * | 526 * |
| 543 * if an error is encountered, the value 0 is returned | 527 * if an error is encountered, the value 0 is returned |
| 544 */ | 528 */ |
| 545 | 529 |
| 546 uint64_t | 530 uint64_t |
| 547 cipher_array_bits_per_second(cipher_t *cipher_array[], int num_cipher, | 531 cipher_array_bits_per_second(srtp_cipher_t *cipher_array[], int num_cipher, |
| 548 unsigned octets_in_buffer, int num_trials) { | 532 unsigned octets_in_buffer, int num_trials) { |
| 549 int i; | 533 int i; |
| 550 v128_t nonce; | 534 v128_t nonce; |
| 551 clock_t timer; | 535 clock_t timer; |
| 552 unsigned char *enc_buf; | 536 unsigned char *enc_buf; |
| 553 int cipher_index = rand() % num_cipher; | 537 int cipher_index = rand() % num_cipher; |
| 554 | 538 |
| 555 /* Over-alloc, for NIST CBC padding */ | 539 /* Over-alloc, for NIST CBC padding */ |
| 556 enc_buf = crypto_alloc(octets_in_buffer+17); | 540 enc_buf = srtp_crypto_alloc(octets_in_buffer+17); |
| 557 if (enc_buf == NULL) | 541 if (enc_buf == NULL) |
| 558 return 0; /* indicate bad parameters by returning null */ | 542 return 0; /* indicate bad parameters by returning null */ |
| 559 memset(enc_buf, 0, octets_in_buffer); | 543 memset(enc_buf, 0, octets_in_buffer); |
| 560 | 544 |
| 561 /* time repeated trials */ | 545 /* time repeated trials */ |
| 562 v128_set_to_zero(&nonce); | 546 v128_set_to_zero(&nonce); |
| 563 timer = clock(); | 547 timer = clock(); |
| 564 for(i=0; i < num_trials; i++, nonce.v32[3] = i) { | 548 for(i=0; i < num_trials; i++, nonce.v32[3] = i) { |
| 565 /* length parameter to cipher_encrypt is in/out -- out is total, padded | 549 /* length parameter to srtp_cipher_encrypt is in/out -- out is total, padded |
| 566 * length -- so reset it each time. */ | 550 * length -- so reset it each time. */ |
| 567 unsigned octets_to_encrypt = octets_in_buffer; | 551 unsigned octets_to_encrypt = octets_in_buffer; |
| 568 | 552 |
| 569 /* encrypt buffer with cipher */ | 553 /* encrypt buffer with cipher */ |
| 570 cipher_set_iv(cipher_array[cipher_index], &nonce, direction_encrypt); | 554 srtp_cipher_set_iv(cipher_array[cipher_index], (uint8_t*)&nonce, srtp_direct
ion_encrypt); |
| 571 cipher_encrypt(cipher_array[cipher_index], enc_buf, &octets_to_encrypt); | 555 srtp_cipher_encrypt(cipher_array[cipher_index], enc_buf, &octets_to_encrypt)
; |
| 572 | 556 |
| 573 /* choose a cipher at random from the array*/ | 557 /* choose a cipher at random from the array*/ |
| 574 cipher_index = (*((uint32_t *)enc_buf)) % num_cipher; | 558 cipher_index = (*((uint32_t *)enc_buf)) % num_cipher; |
| 575 } | 559 } |
| 576 timer = clock() - timer; | 560 timer = clock() - timer; |
| 577 | 561 |
| 578 free(enc_buf); | 562 free(enc_buf); |
| 579 | 563 |
| 580 if (timer == 0) { | 564 if (timer == 0) { |
| 581 /* Too fast! */ | 565 /* Too fast! */ |
| 582 return 0; | 566 return 0; |
| 583 } | 567 } |
| 584 | 568 |
| 585 return (uint64_t)CLOCKS_PER_SEC * num_trials * 8 * octets_in_buffer / timer; | 569 return (uint64_t)CLOCKS_PER_SEC * num_trials * 8 * octets_in_buffer / timer; |
| 586 } | 570 } |
| 587 | 571 |
| 588 void | 572 void |
| 589 cipher_array_test_throughput(cipher_t *ca[], int num_cipher) { | 573 cipher_array_test_throughput(srtp_cipher_t *ca[], int num_cipher) { |
| 590 int i; | 574 int i; |
| 591 int min_enc_len = 16; | 575 int min_enc_len = 16; |
| 592 int max_enc_len = 2048; /* should be a power of two */ | 576 int max_enc_len = 2048; /* should be a power of two */ |
| 593 int num_trials = 1000000; | 577 int num_trials = 1000000; |
| 594 | 578 |
| 595 printf("timing %s throughput with key length %d, array size %d:\n", | 579 printf("timing %s throughput with key length %d, array size %d:\n", |
| 596 (ca[0])->type->description, (ca[0])->key_len, num_cipher); | 580 (ca[0])->type->description, (ca[0])->key_len, num_cipher); |
| 597 fflush(stdout); | 581 fflush(stdout); |
| 598 for (i=min_enc_len; i <= max_enc_len; i = i * 4) | 582 for (i=min_enc_len; i <= max_enc_len; i = i * 4) |
| 599 printf("msg len: %d\tgigabits per second: %f\n", i, | 583 printf("msg len: %d\tgigabits per second: %f\n", i, |
| 600 cipher_array_bits_per_second(ca, num_cipher, i, num_trials) / 1e9); | 584 cipher_array_bits_per_second(ca, num_cipher, i, num_trials) / 1e9); |
| 601 | 585 |
| 602 } | 586 } |
| 603 | 587 |
| 604 err_status_t | 588 srtp_err_status_t |
| 605 cipher_driver_test_array_throughput(cipher_type_t *ct, | 589 cipher_driver_test_array_throughput(srtp_cipher_type_t *ct, |
| 606 int klen, int num_cipher) { | 590 int klen, int num_cipher) { |
| 607 cipher_t **ca = NULL; | 591 srtp_cipher_t **ca = NULL; |
| 608 err_status_t status; | 592 srtp_err_status_t status; |
| 609 | 593 |
| 610 status = cipher_array_alloc_init(&ca, num_cipher, ct, klen); | 594 status = cipher_array_alloc_init(&ca, num_cipher, ct, klen); |
| 611 if (status) { | 595 if (status) { |
| 612 printf("error: cipher_array_alloc_init() failed with error code %d\n", | 596 printf("error: cipher_array_alloc_init() failed with error code %d\n", |
| 613 status); | 597 status); |
| 614 return status; | 598 return status; |
| 615 } | 599 } |
| 616 | 600 |
| 617 cipher_array_test_throughput(ca, num_cipher); | 601 cipher_array_test_throughput(ca, num_cipher); |
| 618 | 602 |
| 619 cipher_array_delete(ca, num_cipher); | 603 cipher_array_delete(ca, num_cipher); |
| 620 | 604 |
| 621 return err_status_ok; | 605 return srtp_err_status_ok; |
| 622 } | 606 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2344973002:
Update libsrtp to version 2.0 (Closed)
