[thirdparty/strongswan.git] / scripts / pubkey_speed.c


#include <stdio.h>
#include <time.h>
#include <library.h>
#include <debug.h>
#include <credentials/keys/private_key.h>

void start_timing(struct timespec *start)
{
	clock_gettime(CLOCK_THREAD_CPUTIME_ID, start);
}

double end_timing(struct timespec *start)
{
	struct timespec end;
	
	clock_gettime(CLOCK_THREAD_CPUTIME_ID, &end);
	return (end.tv_nsec - start->tv_nsec) / 1000000000.0 +
			(end.tv_sec - start->tv_sec) * 1.0;
}

static void usage()
{
	printf("usage: pubkey_speed plugins rsa|ecdsa rounds\n");
	exit(1);
}

static char data_buf[] = {0x01,0x02,0x03,0x04,0x05,0x06,0x07};

int main(int argc, char *argv[])
{
	private_key_t *private;
	public_key_t *public;
	struct timespec timing;
	int round, rounds, read;
	char buf[8096], *pos = buf;
	key_type_t type = KEY_ANY;
	signature_scheme_t scheme = SIGN_UNKNOWN;
	chunk_t keydata, *sigs, data = chunk_from_buf(data_buf);
	
	if (argc < 4)
	{
		usage();
	}
	
	rounds = atoi(argv[3]);
	
	if (streq(argv[2], "rsa"))
	{
		type = KEY_RSA;
		scheme = SIGN_RSA_EMSA_PKCS1_SHA1;
	}
	else if (streq(argv[2], "ecdsa"))
	{
		type = KEY_ECDSA;
	}
	else
	{
		usage();
	}
	
	library_init(STRONGSWAN_CONF);
	lib->plugins->load(lib->plugins, IPSEC_PLUGINDIR, argv[1]);
	atexit(library_deinit);
	
	keydata = chunk_create(buf, 0);
	while ((read = fread(pos, 1, sizeof(buf) - (pos - buf), stdin)))
	{
		pos += read;
		keydata.len += read;
	}
	
	private = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, type,
								 BUILD_BLOB_PEM, keydata, BUILD_END);
	if (!private)
	{
		printf("parsing private key failed.\n");
		exit(1);
	}
	if (type == KEY_ECDSA)
	{
		switch (private->get_keysize(private))
		{
			case 32:
				scheme = SIGN_ECDSA_256; 
				break;
			case 48:
				scheme = SIGN_ECDSA_384;
				break;
			case 66:
				scheme = SIGN_ECDSA_521;
				break;
			default:
				printf("%d bit ECDSA private key size not supported",
						private->get_keysize(private) * 8);
				exit(1);
		}
	}
	
	printf("%4d bit %N: ", private->get_keysize(private)*8,
		key_type_names, type);
	
	sigs = malloc(sizeof(chunk_t) * rounds);
	
	start_timing(&timing);
	for (round = 0; round < rounds; round++)
	{
		if (!private->sign(private, scheme, data, &sigs[round]))
		{
			printf("creating signature failed\n");
			exit(1);
		}
	};
	printf("sign()/s: %8.1f   ", rounds / end_timing(&timing));
	
	public = private->get_public_key(private);
	if (!public)
	{
		printf("extracting public key failed\n");
		exit(1);
	}
	start_timing(&timing);
	for (round = 0; round < rounds; round++)
	{
		if (!public->verify(public, scheme, data, sigs[round]))
		{
			printf("signature verification failed\n");
			exit(1);
		}
	}
	printf("verify()/s: %8.1f\n", rounds / end_timing(&timing));
	public->destroy(public);
	private->destroy(private);
	
	for (round = 0; round < rounds; round++)
	{
		free(sigs[round].ptr);
	}
	free(sigs);
	return 0;
}
Commit	Line	Data
a4caeac7 MW	1
	2	#include <stdio.h>
	3	#include <time.h>
	4	#include <library.h>
	5	#include <debug.h>
	6	#include <credentials/keys/private_key.h>
a4caeac7 MW	7
	8	void start_timing(struct timespec *start)
	9	{
	10	clock_gettime(CLOCK_THREAD_CPUTIME_ID, start);
	11	}
	12
	13	double end_timing(struct timespec *start)
	14	{
	15	struct timespec end;
	16
	17	clock_gettime(CLOCK_THREAD_CPUTIME_ID, &end);
	18	return (end.tv_nsec - start->tv_nsec) / 1000000000.0 +
	19	(end.tv_sec - start->tv_sec) * 1.0;
	20	}
	21
	22	static void usage()
	23	{
	24	printf("usage: pubkey_speed plugins rsa\|ecdsa rounds\n");
	25	exit(1);
	26	}
	27
	28	static char data_buf[] = {0x01,0x02,0x03,0x04,0x05,0x06,0x07};
	29
	30	int main(int argc, char *argv[])
	31	{
	32	private_key_t *private;
	33	public_key_t *public;
	34	struct timespec timing;
	35	int round, rounds, read;
	36	char buf[8096], *pos = buf;
aab814c7 MW	37	key_type_t type = KEY_ANY;
aab814c7 MW	38	signature_scheme_t scheme = SIGN_UNKNOWN;
a4caeac7 MW	39	chunk_t keydata, *sigs, data = chunk_from_buf(data_buf);
	40
	41	if (argc < 4)
	42	{
	43	usage();
	44	}
	45
	46	rounds = atoi(argv[3]);
	47
	48	if (streq(argv[2], "rsa"))
	49	{
	50	type = KEY_RSA;
	51	scheme = SIGN_RSA_EMSA_PKCS1_SHA1;
	52	}
	53	else if (streq(argv[2], "ecdsa"))
	54	{
	55	type = KEY_ECDSA;
	56	}
	57	else
	58	{
	59	usage();
	60	}
	61
	62	library_init(STRONGSWAN_CONF);
	63	lib->plugins->load(lib->plugins, IPSEC_PLUGINDIR, argv[1]);
	64	atexit(library_deinit);
	65
	66	keydata = chunk_create(buf, 0);
	67	while ((read = fread(pos, 1, sizeof(buf) - (pos - buf), stdin)))
	68	{
	69	pos += read;
	70	keydata.len += read;
	71	}
a4caeac7 MW	72
a4caeac7 MW	73	private = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, type,
2b7e085d	74	BUILD_BLOB_PEM, keydata, BUILD_END);
a4caeac7 MW	75	if (!private)
	76	{
	77	printf("parsing private key failed.\n");
	78	exit(1);
	79	}
	80	if (type == KEY_ECDSA)
	81	{
	82	switch (private->get_keysize(private))
	83	{
	84	case 32:
	85	scheme = SIGN_ECDSA_256;
	86	break;
	87	case 48:
	88	scheme = SIGN_ECDSA_384;
	89	break;
	90	case 66:
	91	scheme = SIGN_ECDSA_521;
	92	break;
	93	default:
	94	printf("%d bit ECDSA private key size not supported",
	95	private->get_keysize(private) * 8);
	96	exit(1);
	97	}
	98	}
	99
	100	printf("%4d bit %N: ", private->get_keysize(private)*8,
	101	key_type_names, type);
	102
	103	sigs = malloc(sizeof(chunk_t) * rounds);
	104
	105	start_timing(&timing);
	106	for (round = 0; round < rounds; round++)
	107	{
	108	if (!private->sign(private, scheme, data, &sigs[round]))
	109	{
	110	printf("creating signature failed\n");
	111	exit(1);
	112	}
	113	};
	114	printf("sign()/s: %8.1f ", rounds / end_timing(&timing));
	115
	116	public = private->get_public_key(private);
	117	if (!public)
	118	{
	119	printf("extracting public key failed\n");
	120	exit(1);
	121	}
	122	start_timing(&timing);
	123	for (round = 0; round < rounds; round++)
	124	{
	125	if (!public->verify(public, scheme, data, sigs[round]))
	126	{
	127	printf("signature verification failed\n");
	128	exit(1);
	129	}
	130	}
	131	printf("verify()/s: %8.1f\n", rounds / end_timing(&timing));
	132	public->destroy(public);
	133	private->destroy(private);
	134
	135	for (round = 0; round < rounds; round++)
	136	{
	137	free(sigs[round].ptr);
	138	}
139	free(sigs);
140	return 0;
141	}
142