diff options
| author | Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> | 2019-12-24 16:26:27 +0300 |
|---|---|---|
| committer | Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> | 2019-12-27 11:59:42 +0300 |
| commit | 1babf0c5834fb39c5c1064b59180adaf386c6e01 (patch) | |
| tree | bc1139291f21c86502fbf25d4399d80e1cda3fd4 | |
| parent | 4a6a7b83c2da5e90fca7032f7526d9149a90fc65 (diff) | |
| download | gnutls-1babf0c5834fb39c5c1064b59180adaf386c6e01.tar.gz | |
benchmark: enable benchmarking of GOST CNT ciphersuite/KX
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| -rw-r--r-- | src/benchmark-tls.c | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/src/benchmark-tls.c b/src/benchmark-tls.c index 9df0102cfe..14a3d190cc 100644 --- a/src/benchmark-tls.c +++ b/src/benchmark-tls.c @@ -61,6 +61,7 @@ const char *side = ""; #define PRIO_TLS12_CHACHA_POLY1305 "NONE:+VERS-TLS1.2:+CHACHA20-POLY1305:+AEAD:+SIGN-ALL:+COMP-NULL:+ECDHE-RSA:+CURVE-ALL" #define PRIO_CHACHA_POLY1305 "NONE:+VERS-TLS1.3:+CHACHA20-POLY1305:+AEAD:+SIGN-ALL:+COMP-NULL:+ECDHE-RSA:+CURVE-ALL" #define PRIO_CAMELLIA_CBC_SHA1 "NONE:+VERS-TLS1.0:+CAMELLIA-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+RSA" +#define PRIO_GOST_CNT "NONE:+VERS-TLS1.2:+GOST28147-TC26Z-CNT:+GOST28147-TC26Z-IMIT:+SIGN-ALL:+SIGN-GOSTR341012-256:+COMP-NULL:+VKO-GOST-12:+GROUP-GOST-ALL" static const int rsa_bits = 3072, ec_bits = 256; @@ -202,6 +203,42 @@ static unsigned char server_ed25519_cert_pem[] = "7barRoh+qx7ZVYpe+5w3JYuxy16w\n" "-----END CERTIFICATE-----\n"; +#ifdef ENABLE_GOST +static unsigned char server_gost12_256_key_pem[] = + "-----BEGIN PRIVATE KEY-----\n" + "MEgCAQAwHwYIKoUDBwEBAQEwEwYHKoUDAgIkAAYIKoUDBwEBAgIEIgQg0+JttJEV\n" + "Ud+XBzX9q13ByKK+j2b+mEmNIo1yB0wGleo=\n" + "-----END PRIVATE KEY-----\n"; + +static unsigned char server_gost12_256_cert_pem[] = + "-----BEGIN CERTIFICATE-----\n" + "MIIC8DCCAVigAwIBAgIIWcZKgxkCMvcwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UE\n" + "AxMEQ0EtMzAgFw0xOTEwMDgxMDQ4MTZaGA85OTk5MTIzMTIzNTk1OVowDTELMAkG\n" + "A1UEAxMCR1IwZjAfBggqhQMHAQEBATATBgcqhQMCAiQABggqhQMHAQECAgNDAARA\n" + "J9sMEEx0JW9QsT5bDqyc0TNcjVg9ZSdp4GkMtShM+OOgyBGrWK3zLP5IzHYSXja8\n" + "373QrJOUvdX7T7TUk5yU5aOBjTCBijAMBgNVHRMBAf8EAjAAMBQGA1UdEQQNMAuC\n" + "CWxvY2FsaG9zdDATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB4AA\n" + "MB0GA1UdDgQWBBQYSEtdwsYrtnOq6Ya3nt8DgFPCQjAfBgNVHSMEGDAWgBT5qIYZ\n" + "Y7akFBNgdg8BmjU27/G0rzANBgkqhkiG9w0BAQsFAAOCAYEAR0xtx7MWEP1KyIzM\n" + "4lXKdTyU4Nve5RcgqF82yR/0odqT5MPoaZDvLuRWEcQryztZD3kmRUmPmn1ujSfc\n" + "BbPfRnSutDXcf6imq0/U1/TV/BF3vpS1plltzetvibf8MYetHVFQHUBJDZJHh9h7\n" + "PGwA9SnmnGKFIxFdV6bVOLkPR54Gob9zN3E17KslL19lNtht1pxk9pshwTn35oRY\n" + "uOdxof9F4XjpI/4WbC8kp15QeG8XyZd5JWSl+niNOqYK31+ilQdVBr4RiZSDIcAg\n" + "twS5yV9Ap+R8rM8TLbeT2io4rhdUgmDllUf49zV3t6AbVvbsQfkqXmHXW8uW2WBu\n" + "A8FiXEbIIOb+QIW0ZGwk3BVQ7wdiw1M5w6kYtz5kBtNPxBmc+eu1+e6EAfYbFNr3\n" + "pkxtMk3veYWHb5s3dHZ4/t2Rn85hWqh03CWwCkKTN3qmEs4/XpybbXE/UE49e7u1\n" + "FkpM1bT/0gUNsNt5h3pyUzQZdiB0XbdGGFta3tB3+inIO45h\n" + "-----END CERTIFICATE-----\n"; + +static const gnutls_datum_t server_gost12_256_key = { server_gost12_256_key_pem, + sizeof(server_gost12_256_key_pem)-1 +}; + +static const gnutls_datum_t server_gost12_256_cert = { server_gost12_256_cert_pem, + sizeof(server_gost12_256_cert_pem)-1 +}; +#endif + const gnutls_datum_t server_cert = { server_cert_pem, sizeof(server_cert_pem) }; @@ -264,6 +301,11 @@ static void test_ciphersuite(const char *cipher_prio, int size) gnutls_certificate_set_x509_key_mem(s_certcred, &server_ecc_cert, &server_ecc_key, GNUTLS_X509_FMT_PEM); +#ifdef ENABLE_GOST + gnutls_certificate_set_x509_key_mem(s_certcred, &server_gost12_256_cert, + &server_gost12_256_key, + GNUTLS_X509_FMT_PEM); +#endif gnutls_init(&server, GNUTLS_SERVER); ret = gnutls_priority_set_direct(server, cipher_prio, &str); @@ -432,6 +474,10 @@ static void test_ciphersuite_kx(const char *cipher_prio, unsigned pk) ret = gnutls_certificate_set_x509_key_mem(s_certcred, &server_ed25519_cert, &server_ed25519_key, GNUTLS_X509_FMT_PEM); + else if (pk == GNUTLS_PK_GOST_12_256) + ret = gnutls_certificate_set_x509_key_mem(s_certcred, &server_gost12_256_cert, + &server_gost12_256_key, + GNUTLS_X509_FMT_PEM); if (ret < 0) { fprintf(stderr, "Error in %d: %s\n", __LINE__, gnutls_strerror(ret)); @@ -560,6 +606,9 @@ void benchmark_tls(int debug_level, int ciphers) test_ciphersuite(PRIO_CHACHA_POLY1305, size); test_ciphersuite(PRIO_AES_CBC_SHA1, size); test_ciphersuite(PRIO_CAMELLIA_CBC_SHA1, size); +#ifdef ENABLE_GOST + test_ciphersuite(PRIO_GOST_CNT, size); +#endif size = 16 * 1024; printf @@ -573,6 +622,9 @@ void benchmark_tls(int debug_level, int ciphers) test_ciphersuite(PRIO_CHACHA_POLY1305, size); test_ciphersuite(PRIO_AES_CBC_SHA1, size); test_ciphersuite(PRIO_CAMELLIA_CBC_SHA1, size); +#ifdef ENABLE_GOST + test_ciphersuite(PRIO_GOST_CNT, size); +#endif } else { printf ("Testing key exchanges (RSA/DH bits: %d, EC bits: %d)\n\n", @@ -585,6 +637,9 @@ void benchmark_tls(int debug_level, int ciphers) test_ciphersuite_kx(PRIO_ECDH_X25519_ECDSA, GNUTLS_PK_ECC); test_ciphersuite_kx(PRIO_ECDH_X25519_EDDSA, GNUTLS_PK_EDDSA_ED25519); test_ciphersuite_kx(PRIO_RSA, GNUTLS_PK_RSA); +#ifdef ENABLE_GOST + test_ciphersuite_kx(PRIO_GOST_CNT, GNUTLS_PK_GOST_12_256); +#endif } gnutls_global_deinit(); |