From 70d96d2ab51cc4e345af2c4e609eacec03163465 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Thu, 11 Apr 2019 23:01:51 +0300 Subject: [PATCH] Add esptest microbenchmark for ESP encryption Signed-off-by: David Woodhouse --- Makefile.am | 2 +- libopenconnect.map.in | 1 + tests/Makefile.am | 5 +++- tests/esptest.c | 58 +++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 64 insertions(+), 2 deletions(-) create mode 100644 tests/esptest.c diff --git a/Makefile.am b/Makefile.am index 869cc68c..b6d26309 100644 --- a/Makefile.am +++ b/Makefile.am @@ -23,7 +23,7 @@ AM_CPPFLAGS = -DLOCALEDIR="\"$(localedir)\"" openconnect_SOURCES = xml.c main.c openconnect_CFLAGS = $(AM_CFLAGS) $(SSL_CFLAGS) $(DTLS_SSL_CFLAGS) $(LIBXML2_CFLAGS) $(LIBPROXY_CFLAGS) $(ZLIB_CFLAGS) $(LIBSTOKEN_CFLAGS) $(LIBPSKC_CFLAGS) $(GSSAPI_CFLAGS) $(INTL_CFLAGS) $(ICONV_CFLAGS) $(LIBPCSCLITE_CFLAGS) openconnect_LDADD = libopenconnect.la $(SSL_LIBS) $(LIBXML2_LIBS) $(LIBPROXY_LIBS) $(INTL_LIBS) $(ICONV_LIBS) - +export openconnect_CFLAGS if OPENCONNECT_WIN32 openconnect_SOURCES += openconnect.rc endif diff --git a/libopenconnect.map.in b/libopenconnect.map.in index 58f04e76..015f7b86 100644 --- a/libopenconnect.map.in +++ b/libopenconnect.map.in @@ -109,6 +109,7 @@ OPENCONNECT_PRIVATE { openconnect_open_utf8; openconnect_sha1; openconnect_version_str; + openconnect_setup_esp_keys; local: *; }; diff --git a/tests/Makefile.am b/tests/Makefile.am index bacf1817..59c58fea 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -79,7 +79,10 @@ TESTS_ENVIRONMENT = srcdir="$(srcdir)" \ pkcs11_tokens="$(PKCS11_TOKENS)" -C_TESTS = lzstest seqtest +C_TESTS = lzstest seqtest esptest + +esptest_CFLAGS = $(openconnect_CFLAGS) +esptest_LDADD = ../libopenconnect.la if CHECK_DTLS diff --git a/tests/esptest.c b/tests/esptest.c new file mode 100644 index 00000000..d6c71fa9 --- /dev/null +++ b/tests/esptest.c @@ -0,0 +1,58 @@ +#include + +#include "../openconnect-internal.h" +#include + +static void write_progress(void *vpninfo, int level, const char *fmt, ...) +{ + va_list args; + + va_start(args, fmt); + vprintf(fmt, args); + va_end(args); +} + +static int pkt_size = 1400; +static long count; + +static void handle_alrm(int sig) +{ + printf("Count reached %ld in 5s (%ld Mb/s)\n", count, count * pkt_size / 5 / 250000); + exit(1); +} + +int main(void) +{ + struct openconnect_info *vpninfo = openconnect_vpninfo_new("", NULL, NULL, NULL, write_progress, NULL); + struct pkt *pkt = malloc(128 + pkt_size); + int ret; + + vpninfo->esp_enc = 2; /* AES128-CBC */ + vpninfo->esp_hmac = 2; /* HMAC-SHA1 */ + vpninfo->enc_key_len = 16; + vpninfo->hmac_key_len = 20; + + vpninfo->esp_out.spi = 0x12345678; + memset(vpninfo->esp_out.enc_key, 0x5a, vpninfo->enc_key_len); + memset(vpninfo->esp_out.hmac_key, 0x5a, vpninfo->hmac_key_len); + + vpninfo->dtls_state = DTLS_SLEEPING; + vpninfo->dtls_addr = (void *)vpninfo; + + ret = openconnect_setup_esp_keys(vpninfo, 0); + if (ret) { + printf("setup ESP failed: %d\n", ret); + exit(1); + } + + memset(pkt->data, 0x5a, pkt_size); + + alarm(5); + signal(SIGALRM, handle_alrm); + + while (1) { + pkt->len = pkt_size; + vpninfo->encrypt_esp_packet(vpninfo, pkt); + count++; + } +} -- 2.50.1