diff options
-rw-r--r-- | NEWS | 3 | ||||
-rw-r--r-- | src/Makefile.am | 11 | ||||
-rw-r--r-- | src/benchmark-cipher.c | 10 | ||||
-rw-r--r-- | src/benchmark-tls.c | 407 | ||||
-rw-r--r-- | src/benchmark.h | 3 | ||||
-rw-r--r-- | src/cli-gaa.c | 213 | ||||
-rw-r--r-- | src/cli-gaa.h | 60 | ||||
-rw-r--r-- | src/cli.gaa | 4 |
8 files changed, 353 insertions, 358 deletions
@@ -4,6 +4,9 @@ See the end for copying conditions. * Version 3.0.2 (unreleased) +** gnutls-cli: Benchmark applications were incorporated +with it. + ** libgnutls: Corrected parsing of XMPP subject alternative names. diff --git a/src/Makefile.am b/src/Makefile.am index 10813cf1e3..9e6a0dd81f 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -32,7 +32,6 @@ AM_CPPFLAGS = \ -I$(srcdir)/../libextra/includes \ -I$(srcdir)/cfg -noinst_PROGRAMS = benchmark-cipher benchmark-tls bin_PROGRAMS = gnutls-serv gnutls-cli psktool gnutls-cli-debug if ENABLE_PKI bin_PROGRAMS += certtool @@ -77,16 +76,12 @@ noinst_LTLIBRARIES += libcmd-psk.la libcmd_psk_la_CFLAGS = libcmd_psk_la_SOURCES = psk.gaa psk-gaa.h psk-gaa.c -benchmark_cipher_SOURCES = benchmark-cipher.c benchmark.c benchmark.h -benchmark_cipher_LDADD = ../lib/libgnutls.la ../gl/libgnu.la $(LIB_CLOCK_GETTIME) +BENCHMARK_SRCS = benchmark-cipher.c benchmark.c benchmark.h benchmark-tls.c -benchmark_tls_SOURCES = benchmark-tls.c benchmark.c benchmark.h -benchmark_tls_LDADD = ../lib/libgnutls.la ../gl/libgnu.la $(LIB_CLOCK_GETTIME) - -gnutls_cli_SOURCES = cli.c common.h common.c $(PKCS11_SRCS) +gnutls_cli_SOURCES = cli.c common.h common.c $(PKCS11_SRCS) $(BENCHMARK_SRCS) gnutls_cli_LDADD = ../lib/libgnutls.la ../libextra/libgnutls-extra.la gnutls_cli_LDADD += libcmd-cli.la ../gl/libgnu.la -gnutls_cli_LDADD += $(LTLIBGCRYPT) $(LIBSOCKET) $(GETADDRINFO_LIB) +gnutls_cli_LDADD += $(LTLIBGCRYPT) $(LIBSOCKET) $(GETADDRINFO_LIB) $(LIB_CLOCK_GETTIME) noinst_LTLIBRARIES += libcmd-cli.la libcmd_cli_la_CFLAGS = libcmd_cli_la_SOURCES = cli.gaa cli-gaa.h cli-gaa.c diff --git a/src/benchmark-cipher.c b/src/benchmark-cipher.c index f23c8990d8..d43bc0cd1f 100644 --- a/src/benchmark-cipher.c +++ b/src/benchmark-cipher.c @@ -202,14 +202,8 @@ mac_bench (int algo, int size) free (_key); } -int -main (int argc, char **argv) +void benchmark_cipher (int debug_level) { - int debug_level = 0; - - if (argc > 1) - debug_level = 2; - gnutls_global_set_log_function (tls_log_func); gnutls_global_set_log_level (debug_level); gnutls_global_init (); @@ -230,5 +224,5 @@ main (int argc, char **argv) cipher_bench (GNUTLS_CIPHER_ARCFOUR, 16, 0); - return 0; + gnutls_global_deinit(); } diff --git a/src/benchmark-tls.c b/src/benchmark-tls.c index 91117b228f..81b236b594 100644 --- a/src/benchmark-tls.c +++ b/src/benchmark-tls.c @@ -51,265 +51,238 @@ /* DH of 2432 bits that is pretty equivalent to 224 bits of ECDH. */ const char *pkcs3 = -"-----BEGIN DH PARAMETERS-----\n" -"MIICagKCATEBWS7COZB/f58zwMlPUWBEoRwPjS8W0vMl2bGvnbCBYuUkgk0T5uUz\n" -"bLOV6vMNWxkO/jNLyR06T3nHiqr0j+pYkpGv3PXy0IcIG4CsXySicqCAn/9zmiVO\n" -"GTkqAZfMskByWZRkSRU9lW8ca7po+PpJ9id2I0SlhDwgcpjw4f47ajXOBeil0uXs\n" -"NWtQZlcd1NFjTDaToAnmN6x+pS6BXZ2It0/sPPGNdTsvF7Ym0fWWMV6JbZlXDODL\n" -"kaT81cCdygUvaPEOUAcm/TXcelaTiBMlU2uBtfFjuI45+kzEWkNCNENvULyCoqZ+\n" -"AH/dqer/DqnliJX7tnnlQLsuT7EIIyXtfM0F7XMLGU3WlKxpgWmWDdhpGHcM5xfv\n" -"trUZWr/DWfeWyhwDDYashpYXcrYHf7iP3wKCATEA4nwYa0AFL3i1+4DNvZr0O47x\n" -"pRf7dMK29Nh/WDdhIvl51c532I/2vBSUH4Mjd+Ao+rBxYAutRcz3kF+YhQjcdCMf\n" -"/aKnbtepJ9Lz5xOKfqZdFfR2ANw7I+rNNd0LKHnzpm12xTZcAX7IT4eoIxrB2FYw\n" -"vcQ6K2Soaan0clq8iCPuPx1HBPDNpFvQ7H+kF7o9Z0+7W7jFLpsdc2+x1mlo5/iT\n" -"hw0yjuqm4rNX7VU/Vw1H1m/OIXarzURSE2C70uXBQaaDbOTDb+LZOExR1tGS16ZM\n" -"PreiK1pH8v64OAbihB+OYd/QLU2y6YBjGPHxJQ/bAYFCnsEslkkgOot6bv81iktB\n" -"mPny0He9Qafb1DaNMcXBBG9tZVMJD7HwobjciAQJx+bz9Ckb0EvkyD5N2t5ovw==\n" -"-----END DH PARAMETERS-----\n" -"\n"; + "-----BEGIN DH PARAMETERS-----\n" + "MIICagKCATEBWS7COZB/f58zwMlPUWBEoRwPjS8W0vMl2bGvnbCBYuUkgk0T5uUz\n" + "bLOV6vMNWxkO/jNLyR06T3nHiqr0j+pYkpGv3PXy0IcIG4CsXySicqCAn/9zmiVO\n" + "GTkqAZfMskByWZRkSRU9lW8ca7po+PpJ9id2I0SlhDwgcpjw4f47ajXOBeil0uXs\n" + "NWtQZlcd1NFjTDaToAnmN6x+pS6BXZ2It0/sPPGNdTsvF7Ym0fWWMV6JbZlXDODL\n" + "kaT81cCdygUvaPEOUAcm/TXcelaTiBMlU2uBtfFjuI45+kzEWkNCNENvULyCoqZ+\n" + "AH/dqer/DqnliJX7tnnlQLsuT7EIIyXtfM0F7XMLGU3WlKxpgWmWDdhpGHcM5xfv\n" + "trUZWr/DWfeWyhwDDYashpYXcrYHf7iP3wKCATEA4nwYa0AFL3i1+4DNvZr0O47x\n" + "pRf7dMK29Nh/WDdhIvl51c532I/2vBSUH4Mjd+Ao+rBxYAutRcz3kF+YhQjcdCMf\n" + "/aKnbtepJ9Lz5xOKfqZdFfR2ANw7I+rNNd0LKHnzpm12xTZcAX7IT4eoIxrB2FYw\n" + "vcQ6K2Soaan0clq8iCPuPx1HBPDNpFvQ7H+kF7o9Z0+7W7jFLpsdc2+x1mlo5/iT\n" + "hw0yjuqm4rNX7VU/Vw1H1m/OIXarzURSE2C70uXBQaaDbOTDb+LZOExR1tGS16ZM\n" + "PreiK1pH8v64OAbihB+OYd/QLU2y6YBjGPHxJQ/bAYFCnsEslkkgOot6bv81iktB\n" + "mPny0He9Qafb1DaNMcXBBG9tZVMJD7HwobjciAQJx+bz9Ckb0EvkyD5N2t5ovw==\n" + "-----END DH PARAMETERS-----\n" "\n"; char buffer[64 * 1024]; -static void -tls_log_func (int level, const char *str) +static void tls_log_func(int level, const char *str) { - fprintf (stderr, "|<%d>| %s", level, str); + fprintf(stderr, "|<%d>| %s", level, str); } -static void -test_ciphersuite (const char* cipher_prio, int size) +static void test_ciphersuite(const char *cipher_prio, int size) { - /* Server stuff. */ - gnutls_anon_server_credentials_t s_anoncred; - const gnutls_datum_t p3 = { (char *) pkcs3, strlen (pkcs3) }; - static gnutls_dh_params_t dh_params; - gnutls_session_t server; - int sret, cret; - const char *str; - /* Client stuff. */ - gnutls_anon_client_credentials_t c_anoncred; - gnutls_session_t client; - /* Need to enable anonymous KX specifically. */ - int ret; - struct benchmark_st st; - - /* Init server */ - gnutls_anon_allocate_server_credentials (&s_anoncred); - gnutls_dh_params_init (&dh_params); - gnutls_dh_params_import_pkcs3 (dh_params, &p3, GNUTLS_X509_FMT_PEM); - gnutls_anon_set_server_dh_params (s_anoncred, dh_params); - gnutls_init (&server, GNUTLS_SERVER); - ret = gnutls_priority_set_direct (server, cipher_prio, &str); - if (ret < 0) - { - fprintf (stderr, "Error in %s\n", str); - exit (1); + /* Server stuff. */ + gnutls_anon_server_credentials_t s_anoncred; + const gnutls_datum_t p3 = { (char *) pkcs3, strlen(pkcs3) }; + static gnutls_dh_params_t dh_params; + gnutls_session_t server; + int sret, cret; + const char *str; + /* Client stuff. */ + gnutls_anon_client_credentials_t c_anoncred; + gnutls_session_t client; + /* Need to enable anonymous KX specifically. */ + int ret; + struct benchmark_st st; + + /* Init server */ + gnutls_anon_allocate_server_credentials(&s_anoncred); + gnutls_dh_params_init(&dh_params); + gnutls_dh_params_import_pkcs3(dh_params, &p3, GNUTLS_X509_FMT_PEM); + gnutls_anon_set_server_dh_params(s_anoncred, dh_params); + gnutls_init(&server, GNUTLS_SERVER); + ret = gnutls_priority_set_direct(server, cipher_prio, &str); + if (ret < 0) { + fprintf(stderr, "Error in %s\n", str); + exit(1); } - gnutls_credentials_set (server, GNUTLS_CRD_ANON, s_anoncred); - gnutls_dh_set_prime_bits (server, 1024); - gnutls_transport_set_push_function (server, server_push); - gnutls_transport_set_pull_function (server, server_pull); - gnutls_transport_set_ptr (server, (gnutls_transport_ptr_t) server); - reset_buffers(); - - /* Init client */ - gnutls_anon_allocate_client_credentials (&c_anoncred); - gnutls_init (&client, GNUTLS_CLIENT); - - ret = gnutls_priority_set_direct (client, cipher_prio, &str); - if (ret < 0) - { - fprintf (stderr, "Error in %s\n", str); - exit (1); + gnutls_credentials_set(server, GNUTLS_CRD_ANON, s_anoncred); + gnutls_dh_set_prime_bits(server, 1024); + gnutls_transport_set_push_function(server, server_push); + gnutls_transport_set_pull_function(server, server_pull); + gnutls_transport_set_ptr(server, (gnutls_transport_ptr_t) server); + reset_buffers(); + + /* Init client */ + gnutls_anon_allocate_client_credentials(&c_anoncred); + gnutls_init(&client, GNUTLS_CLIENT); + + ret = gnutls_priority_set_direct(client, cipher_prio, &str); + if (ret < 0) { + fprintf(stderr, "Error in %s\n", str); + exit(1); } - gnutls_credentials_set (client, GNUTLS_CRD_ANON, c_anoncred); - gnutls_transport_set_push_function (client, client_push); - gnutls_transport_set_pull_function (client, client_pull); - gnutls_transport_set_ptr (client, (gnutls_transport_ptr_t) client); + gnutls_credentials_set(client, GNUTLS_CRD_ANON, c_anoncred); + gnutls_transport_set_push_function(client, client_push); + gnutls_transport_set_pull_function(client, client_pull); + gnutls_transport_set_ptr(client, (gnutls_transport_ptr_t) client); - HANDSHAKE (client, server); + HANDSHAKE(client, server); - fprintf (stdout, "Testing %s with %d packet size: ", - gnutls_cipher_suite_get_name(gnutls_kx_get(server), - gnutls_cipher_get(server), gnutls_mac_get(server)), size); - fflush (stdout); + fprintf(stdout, "Testing %s with %d packet size: ", + gnutls_cipher_suite_get_name(gnutls_kx_get(server), + gnutls_cipher_get(server), + gnutls_mac_get(server)), size); + fflush(stdout); - gnutls_rnd (GNUTLS_RND_NONCE, buffer, sizeof (buffer)); + gnutls_rnd(GNUTLS_RND_NONCE, buffer, sizeof(buffer)); - start_benchmark (&st); + start_benchmark(&st); - do - { - do - { - ret = gnutls_record_send (client, buffer, size); + do { + do { + ret = gnutls_record_send(client, buffer, size); } - while (ret == GNUTLS_E_AGAIN); + while (ret == GNUTLS_E_AGAIN); - if (ret < 0) - { - fprintf (stderr, "Failed sending to server\n"); - exit (1); + if (ret < 0) { + fprintf(stderr, "Failed sending to server\n"); + exit(1); } - do - { - ret = gnutls_record_recv (server, buffer, sizeof (buffer)); + do { + ret = gnutls_record_recv(server, buffer, sizeof(buffer)); } - while (ret == GNUTLS_E_AGAIN); + while (ret == GNUTLS_E_AGAIN); - if (ret < 0) - { - fprintf (stderr, "Failed receiving from client\n"); - exit (1); + if (ret < 0) { + fprintf(stderr, "Failed receiving from client\n"); + exit(1); } - st.size += size; + st.size += size; } - while (benchmark_must_finish == 0); + while (benchmark_must_finish == 0); - stop_benchmark (&st, NULL); + stop_benchmark(&st, NULL); - gnutls_bye (client, GNUTLS_SHUT_WR); - gnutls_bye (server, GNUTLS_SHUT_WR); + gnutls_bye(client, GNUTLS_SHUT_WR); + gnutls_bye(server, GNUTLS_SHUT_WR); - gnutls_deinit (client); - gnutls_deinit (server); + gnutls_deinit(client); + gnutls_deinit(server); - gnutls_anon_free_client_credentials (c_anoncred); - gnutls_anon_free_server_credentials (s_anoncred); + gnutls_anon_free_client_credentials(c_anoncred); + gnutls_anon_free_server_credentials(s_anoncred); - gnutls_dh_params_deinit (dh_params); + gnutls_dh_params_deinit(dh_params); } -static void -test_ciphersuite_kx (const char* cipher_prio) +static void test_ciphersuite_kx(const char *cipher_prio) { - /* Server stuff. */ - gnutls_anon_server_credentials_t s_anoncred; - const gnutls_datum_t p3 = { (char *) pkcs3, strlen (pkcs3) }; - static gnutls_dh_params_t dh_params; - gnutls_session_t server; - int sret, cret; - const char *str; - const char* suite=NULL; - /* Client stuff. */ - gnutls_anon_client_credentials_t c_anoncred; - gnutls_session_t client; - /* Need to enable anonymous KX specifically. */ - int ret; - struct benchmark_st st; - - /* Init server */ - gnutls_anon_allocate_server_credentials (&s_anoncred); - gnutls_dh_params_init (&dh_params); - gnutls_dh_params_import_pkcs3 (dh_params, &p3, GNUTLS_X509_FMT_PEM); - gnutls_anon_set_server_dh_params (s_anoncred, dh_params); - - start_benchmark (&st); - - do - { - gnutls_init (&server, GNUTLS_SERVER); - ret = gnutls_priority_set_direct (server, cipher_prio, &str); - if (ret < 0) - { - fprintf (stderr, "Error in %s\n", str); - exit (1); - } - gnutls_credentials_set (server, GNUTLS_CRD_ANON, s_anoncred); - gnutls_transport_set_push_function (server, server_push); - gnutls_transport_set_pull_function (server, server_pull); - gnutls_transport_set_ptr (server, (gnutls_transport_ptr_t) server); - reset_buffers(); - - /* Init client */ - gnutls_anon_allocate_client_credentials (&c_anoncred); - gnutls_init (&client, GNUTLS_CLIENT); - - ret = gnutls_priority_set_direct (client, cipher_prio, &str); - if (ret < 0) - { - fprintf (stderr, "Error in %s\n", str); - exit (1); - } - gnutls_credentials_set (client, GNUTLS_CRD_ANON, c_anoncred); - gnutls_transport_set_push_function (client, client_push); - gnutls_transport_set_pull_function (client, client_pull); - gnutls_transport_set_ptr (client, (gnutls_transport_ptr_t) client); + /* Server stuff. */ + gnutls_anon_server_credentials_t s_anoncred; + const gnutls_datum_t p3 = { (char *) pkcs3, strlen(pkcs3) }; + static gnutls_dh_params_t dh_params; + gnutls_session_t server; + int sret, cret; + const char *str; + const char *suite = NULL; + /* Client stuff. */ + gnutls_anon_client_credentials_t c_anoncred; + gnutls_session_t client; + /* Need to enable anonymous KX specifically. */ + int ret; + struct benchmark_st st; + + /* Init server */ + gnutls_anon_allocate_server_credentials(&s_anoncred); + gnutls_dh_params_init(&dh_params); + gnutls_dh_params_import_pkcs3(dh_params, &p3, GNUTLS_X509_FMT_PEM); + gnutls_anon_set_server_dh_params(s_anoncred, dh_params); + + start_benchmark(&st); + + do { + gnutls_init(&server, GNUTLS_SERVER); + ret = gnutls_priority_set_direct(server, cipher_prio, &str); + if (ret < 0) { + fprintf(stderr, "Error in %s\n", str); + exit(1); + } + gnutls_credentials_set(server, GNUTLS_CRD_ANON, s_anoncred); + gnutls_transport_set_push_function(server, server_push); + gnutls_transport_set_pull_function(server, server_pull); + gnutls_transport_set_ptr(server, (gnutls_transport_ptr_t) server); + reset_buffers(); + + /* Init client */ + gnutls_anon_allocate_client_credentials(&c_anoncred); + gnutls_init(&client, GNUTLS_CLIENT); + + ret = gnutls_priority_set_direct(client, cipher_prio, &str); + if (ret < 0) { + fprintf(stderr, "Error in %s\n", str); + exit(1); + } + gnutls_credentials_set(client, GNUTLS_CRD_ANON, c_anoncred); + gnutls_transport_set_push_function(client, client_push); + gnutls_transport_set_pull_function(client, client_pull); + gnutls_transport_set_ptr(client, (gnutls_transport_ptr_t) client); - HANDSHAKE (client, server); + HANDSHAKE(client, server); - if (suite==NULL) - suite = gnutls_cipher_suite_get_name(gnutls_kx_get(server), - gnutls_cipher_get(server), gnutls_mac_get(server)); + if (suite == NULL) + suite = gnutls_cipher_suite_get_name(gnutls_kx_get(server), + gnutls_cipher_get(server), + gnutls_mac_get(server)); - gnutls_deinit (client); - gnutls_deinit (server); + gnutls_deinit(client); + gnutls_deinit(server); - st.size += 1; + st.size += 1; } - while (benchmark_must_finish == 0); + while (benchmark_must_finish == 0); - fprintf (stdout, "Tested %s: ", suite); - stop_benchmark (&st, "transactions"); + fprintf(stdout, "Tested %s: ", suite); + stop_benchmark(&st, "transactions"); - gnutls_anon_free_client_credentials (c_anoncred); - gnutls_anon_free_server_credentials (s_anoncred); + gnutls_anon_free_client_credentials(c_anoncred); + gnutls_anon_free_server_credentials(s_anoncred); - gnutls_dh_params_deinit (dh_params); + gnutls_dh_params_deinit(dh_params); } -int -main (int argc, char **argv) +void benchmark_tls(int debug_level) { -int ciphers = 1; - - if (argc > 1) - { - if (strcmp(argv[1], "--kx")==0) - { - ciphers = 0; - } - else if (strcmp(argv[1], "-v")==0) - { - gnutls_global_set_log_function (tls_log_func); - gnutls_global_set_log_level (2); - } - } - gnutls_global_init (); - - if (ciphers != 0) - { - printf("Testing throughput in cipher/MAC combinations:\n"); - test_ciphersuite (PRIO_ARCFOUR_128_MD5, 1024); - test_ciphersuite (PRIO_ARCFOUR_128_MD5, 4096); - test_ciphersuite (PRIO_ARCFOUR_128_MD5, 8*1024); - test_ciphersuite (PRIO_ARCFOUR_128_MD5, 15*1024); - - test_ciphersuite (PRIO_AES_GCM, 1024); - test_ciphersuite (PRIO_AES_GCM, 4096); - test_ciphersuite (PRIO_AES_GCM, 8*1024); - test_ciphersuite (PRIO_AES_GCM, 15*1024); - - test_ciphersuite (PRIO_AES_CBC_SHA1, 1024); - test_ciphersuite (PRIO_AES_CBC_SHA1, 4096); - test_ciphersuite (PRIO_AES_CBC_SHA1, 8*1024); - test_ciphersuite (PRIO_AES_CBC_SHA1, 15*1024); - - test_ciphersuite (PRIO_CAMELLIA_CBC_SHA1, 1024); - test_ciphersuite (PRIO_CAMELLIA_CBC_SHA1, 4096); - test_ciphersuite (PRIO_CAMELLIA_CBC_SHA1, 8*1024); - test_ciphersuite (PRIO_CAMELLIA_CBC_SHA1, 15*1024); - printf("\n"); - } - - printf("Testing key exchanges:\n"); - test_ciphersuite_kx (PRIO_DH); - test_ciphersuite_kx (PRIO_ECDH); - - - gnutls_global_deinit (); + gnutls_global_set_log_function(tls_log_func); + gnutls_global_set_log_level(debug_level); + gnutls_global_init(); + + printf("Testing throughput in cipher/MAC combinations:\n"); + test_ciphersuite(PRIO_ARCFOUR_128_MD5, 1024); + test_ciphersuite(PRIO_ARCFOUR_128_MD5, 4096); + test_ciphersuite(PRIO_ARCFOUR_128_MD5, 8 * 1024); + test_ciphersuite(PRIO_ARCFOUR_128_MD5, 15 * 1024); + + test_ciphersuite(PRIO_AES_GCM, 1024); + test_ciphersuite(PRIO_AES_GCM, 4096); + test_ciphersuite(PRIO_AES_GCM, 8 * 1024); + test_ciphersuite(PRIO_AES_GCM, 15 * 1024); + + test_ciphersuite(PRIO_AES_CBC_SHA1, 1024); + test_ciphersuite(PRIO_AES_CBC_SHA1, 4096); + test_ciphersuite(PRIO_AES_CBC_SHA1, 8 * 1024); + test_ciphersuite(PRIO_AES_CBC_SHA1, 15 * 1024); + + test_ciphersuite(PRIO_CAMELLIA_CBC_SHA1, 1024); + test_ciphersuite(PRIO_CAMELLIA_CBC_SHA1, 4096); + test_ciphersuite(PRIO_CAMELLIA_CBC_SHA1, 8 * 1024); + test_ciphersuite(PRIO_CAMELLIA_CBC_SHA1, 15 * 1024); + printf("\n"); + + printf("Testing key exchanges:\n"); + test_ciphersuite_kx(PRIO_DH); + test_ciphersuite_kx(PRIO_ECDH); + + + gnutls_global_deinit(); + } diff --git a/src/benchmark.h b/src/benchmark.h index b5a7f86a4f..1485a034ec 100644 --- a/src/benchmark.h +++ b/src/benchmark.h @@ -5,6 +5,9 @@ typedef void (*sighandler_t)(int); +void benchmark_cipher (int debug_level); +void benchmark_tls (int debug_level); + struct benchmark_st { struct timespec start; diff --git a/src/cli-gaa.c b/src/cli-gaa.c index fc0f53fbd2..7c86e2b569 100644 --- a/src/cli-gaa.c +++ b/src/cli-gaa.c @@ -8,6 +8,7 @@ #include <config.h> #include <common.h> +#include <benchmark.h> void cli_version(void); @@ -156,6 +157,8 @@ void gaa_help(void) __gaa_helpsingle(0, "pskkey", "KEY ", "PSK key (in hex) to use."); __gaa_helpsingle('p', "port", "PORT ", "The port to connect to."); __gaa_helpsingle(0, "insecure", "", "Don't abort program if server certificate can't be validated."); + __gaa_helpsingle(0, "benchmark-ciphers", "", "Benchmark individual ciphers."); + __gaa_helpsingle(0, "benchmark-tls", "", "Benchmark ciphers and key exchange methods in TLS."); __gaa_helpsingle('l', "list", "", "Print a list of the supported algorithms and modes."); __gaa_helpsingle('h', "help", "", "prints this help"); __gaa_helpsingle('v', "version", "", "prints the program's version number"); @@ -173,65 +176,65 @@ typedef struct _gaainfo gaainfo; struct _gaainfo { -#line 106 "cli.gaa" +#line 110 "cli.gaa" char *rest_args; -#line 98 "cli.gaa" +#line 99 "cli.gaa" int insecure; -#line 95 "cli.gaa" +#line 96 "cli.gaa" char *port; -#line 92 "cli.gaa" +#line 93 "cli.gaa" char *psk_key; -#line 89 "cli.gaa" +#line 90 "cli.gaa" char *psk_username; -#line 86 "cli.gaa" +#line 87 "cli.gaa" char *srp_passwd; -#line 83 "cli.gaa" +#line 84 "cli.gaa" char *srp_username; -#line 80 "cli.gaa" +#line 81 "cli.gaa" char *x509_certfile; -#line 77 "cli.gaa" +#line 78 "cli.gaa" char *x509_keyfile; -#line 74 "cli.gaa" +#line 75 "cli.gaa" char *pgp_subkey; -#line 71 "cli.gaa" +#line 72 "cli.gaa" char *pgp_certfile; -#line 68 "cli.gaa" +#line 69 "cli.gaa" char *pgp_keyring; -#line 65 "cli.gaa" +#line 66 "cli.gaa" char *pgp_keyfile; -#line 62 "cli.gaa" +#line 63 "cli.gaa" char *x509_crlfile; -#line 59 "cli.gaa" +#line 60 "cli.gaa" char *x509_cafile; -#line 56 "cli.gaa" +#line 57 "cli.gaa" char *priorities; -#line 53 "cli.gaa" +#line 54 "cli.gaa" int verbose; -#line 50 "cli.gaa" +#line 51 "cli.gaa" int record_size; -#line 47 "cli.gaa" +#line 48 "cli.gaa" int print_cert; -#line 44 "cli.gaa" +#line 45 "cli.gaa" int disable_extensions; -#line 41 "cli.gaa" +#line 42 "cli.gaa" int fingerprint; -#line 38 "cli.gaa" +#line 39 "cli.gaa" int fmtder; -#line 35 "cli.gaa" +#line 36 "cli.gaa" int crlf; -#line 32 "cli.gaa" +#line 33 "cli.gaa" int mtu; -#line 29 "cli.gaa" +#line 30 "cli.gaa" int udp; -#line 26 "cli.gaa" +#line 27 "cli.gaa" int starttls; -#line 23 "cli.gaa" +#line 24 "cli.gaa" int noticket; -#line 20 "cli.gaa" +#line 21 "cli.gaa" int rehandshake; -#line 17 "cli.gaa" +#line 18 "cli.gaa" int resume; -#line 14 "cli.gaa" +#line 15 "cli.gaa" int debug; #line 114 "gaa.skel" @@ -287,39 +290,41 @@ static int gaa_error = 0; #define GAA_MULTIPLE_OPTION 3 #define GAA_REST 0 -#define GAA_NB_OPTION 32 +#define GAA_NB_OPTION 34 #define GAAOPTID_version 1 #define GAAOPTID_help 2 #define GAAOPTID_list 3 -#define GAAOPTID_insecure 4 -#define GAAOPTID_port 5 -#define GAAOPTID_pskkey 6 -#define GAAOPTID_pskusername 7 -#define GAAOPTID_srppasswd 8 -#define GAAOPTID_srpusername 9 -#define GAAOPTID_x509certfile 10 -#define GAAOPTID_x509keyfile 11 -#define GAAOPTID_pgpsubkey 12 -#define GAAOPTID_pgpcertfile 13 -#define GAAOPTID_pgpkeyring 14 -#define GAAOPTID_pgpkeyfile 15 -#define GAAOPTID_x509crlfile 16 -#define GAAOPTID_x509cafile 17 -#define GAAOPTID_priority 18 -#define GAAOPTID_verbose 19 -#define GAAOPTID_recordsize 20 -#define GAAOPTID_print_cert 21 -#define GAAOPTID_disable_extensions 22 -#define GAAOPTID_fingerprint 23 -#define GAAOPTID_x509fmtder 24 -#define GAAOPTID_crlf 25 -#define GAAOPTID_mtu 26 -#define GAAOPTID_udp 27 -#define GAAOPTID_starttls 28 -#define GAAOPTID_noticket 29 -#define GAAOPTID_rehandshake 30 -#define GAAOPTID_resume 31 -#define GAAOPTID_debug 32 +#define GAAOPTID_benchmark_tls 4 +#define GAAOPTID_benchmark_ciphers 5 +#define GAAOPTID_insecure 6 +#define GAAOPTID_port 7 +#define GAAOPTID_pskkey 8 +#define GAAOPTID_pskusername 9 +#define GAAOPTID_srppasswd 10 +#define GAAOPTID_srpusername 11 +#define GAAOPTID_x509certfile 12 +#define GAAOPTID_x509keyfile 13 +#define GAAOPTID_pgpsubkey 14 +#define GAAOPTID_pgpcertfile 15 +#define GAAOPTID_pgpkeyring 16 +#define GAAOPTID_pgpkeyfile 17 +#define GAAOPTID_x509crlfile 18 +#define GAAOPTID_x509cafile 19 +#define GAAOPTID_priority 20 +#define GAAOPTID_verbose 21 +#define GAAOPTID_recordsize 22 +#define GAAOPTID_print_cert 23 +#define GAAOPTID_disable_extensions 24 +#define GAAOPTID_fingerprint 25 +#define GAAOPTID_x509fmtder 26 +#define GAAOPTID_crlf 27 +#define GAAOPTID_mtu 28 +#define GAAOPTID_udp 29 +#define GAAOPTID_starttls 30 +#define GAAOPTID_noticket 31 +#define GAAOPTID_rehandshake 32 +#define GAAOPTID_resume 33 +#define GAAOPTID_debug 34 #line 168 "gaa.skel" @@ -666,6 +671,8 @@ static int gaa_get_option_num(char *str, int status) GAA_CHECK1STR("v", GAAOPTID_version); GAA_CHECK1STR("h", GAAOPTID_help); GAA_CHECK1STR("l", GAAOPTID_list); + GAA_CHECK1STR("", GAAOPTID_benchmark_tls); + GAA_CHECK1STR("", GAAOPTID_benchmark_ciphers); GAA_CHECK1STR("", GAAOPTID_insecure); GAA_CHECK1STR("V", GAAOPTID_verbose); GAA_CHECK1STR("", GAAOPTID_print_cert); @@ -685,6 +692,8 @@ static int gaa_get_option_num(char *str, int status) GAA_CHECKSTR("version", GAAOPTID_version); GAA_CHECKSTR("help", GAAOPTID_help); GAA_CHECKSTR("list", GAAOPTID_list); + GAA_CHECKSTR("benchmark-tls", GAAOPTID_benchmark_tls); + GAA_CHECKSTR("benchmark-ciphers", GAAOPTID_benchmark_ciphers); GAA_CHECKSTR("insecure", GAAOPTID_insecure); GAA_CHECKSTR("port", GAAOPTID_port); GAA_CHECKSTR("pskkey", GAAOPTID_pskkey); @@ -765,28 +774,42 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) { case GAAOPTID_version: OK = 0; -#line 104 "cli.gaa" +#line 108 "cli.gaa" { cli_version(); exit(0); ;}; return GAA_OK; break; case GAAOPTID_help: OK = 0; -#line 102 "cli.gaa" +#line 106 "cli.gaa" { gaa_help(); exit(0); ;}; return GAA_OK; break; case GAAOPTID_list: OK = 0; -#line 101 "cli.gaa" +#line 105 "cli.gaa" { print_list(gaaval->verbose); exit(0); ;}; return GAA_OK; break; + case GAAOPTID_benchmark_tls: + OK = 0; +#line 103 "cli.gaa" +{ benchmark_tls(gaaval->debug); exit(0) ;}; + + return GAA_OK; + break; + case GAAOPTID_benchmark_ciphers: + OK = 0; +#line 102 "cli.gaa" +{ benchmark_cipher(gaaval->debug); exit(0) ;}; + + return GAA_OK; + break; case GAAOPTID_insecure: OK = 0; -#line 99 "cli.gaa" +#line 100 "cli.gaa" { gaaval->insecure = 1 ;}; return GAA_OK; @@ -796,7 +819,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_port.arg1, gaa_getstr, GAATMP_port.size1); gaa_index++; -#line 96 "cli.gaa" +#line 97 "cli.gaa" { gaaval->port = GAATMP_port.arg1 ;}; return GAA_OK; @@ -806,7 +829,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_pskkey.arg1, gaa_getstr, GAATMP_pskkey.size1); gaa_index++; -#line 93 "cli.gaa" +#line 94 "cli.gaa" { gaaval->psk_key = GAATMP_pskkey.arg1 ;}; return GAA_OK; @@ -816,7 +839,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_pskusername.arg1, gaa_getstr, GAATMP_pskusername.size1); gaa_index++; -#line 90 "cli.gaa" +#line 91 "cli.gaa" { gaaval->psk_username = GAATMP_pskusername.arg1 ;}; return GAA_OK; @@ -826,7 +849,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_srppasswd.arg1, gaa_getstr, GAATMP_srppasswd.size1); gaa_index++; -#line 87 "cli.gaa" +#line 88 "cli.gaa" { gaaval->srp_passwd = GAATMP_srppasswd.arg1 ;}; return GAA_OK; @@ -836,7 +859,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_srpusername.arg1, gaa_getstr, GAATMP_srpusername.size1); gaa_index++; -#line 84 "cli.gaa" +#line 85 "cli.gaa" { gaaval->srp_username = GAATMP_srpusername.arg1 ;}; return GAA_OK; @@ -846,7 +869,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_x509certfile.arg1, gaa_getstr, GAATMP_x509certfile.size1); gaa_index++; -#line 81 "cli.gaa" +#line 82 "cli.gaa" { gaaval->x509_certfile = GAATMP_x509certfile.arg1 ;}; return GAA_OK; @@ -856,7 +879,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_x509keyfile.arg1, gaa_getstr, GAATMP_x509keyfile.size1); gaa_index++; -#line 78 "cli.gaa" +#line 79 "cli.gaa" { gaaval->x509_keyfile = GAATMP_x509keyfile.arg1 ;}; return GAA_OK; @@ -866,7 +889,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_pgpsubkey.arg1, gaa_getstr, GAATMP_pgpsubkey.size1); gaa_index++; -#line 75 "cli.gaa" +#line 76 "cli.gaa" { gaaval->pgp_subkey = GAATMP_pgpsubkey.arg1 ;}; return GAA_OK; @@ -876,7 +899,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_pgpcertfile.arg1, gaa_getstr, GAATMP_pgpcertfile.size1); gaa_index++; -#line 72 "cli.gaa" +#line 73 "cli.gaa" { gaaval->pgp_certfile = GAATMP_pgpcertfile.arg1 ;}; return GAA_OK; @@ -886,7 +909,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_pgpkeyring.arg1, gaa_getstr, GAATMP_pgpkeyring.size1); gaa_index++; -#line 69 "cli.gaa" +#line 70 "cli.gaa" { gaaval->pgp_keyring = GAATMP_pgpkeyring.arg1 ;}; return GAA_OK; @@ -896,7 +919,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_pgpkeyfile.arg1, gaa_getstr, GAATMP_pgpkeyfile.size1); gaa_index++; -#line 66 "cli.gaa" +#line 67 "cli.gaa" { gaaval->pgp_keyfile = GAATMP_pgpkeyfile.arg1 ;}; return GAA_OK; @@ -906,7 +929,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_x509crlfile.arg1, gaa_getstr, GAATMP_x509crlfile.size1); gaa_index++; -#line 63 "cli.gaa" +#line 64 "cli.gaa" { gaaval->x509_crlfile = GAATMP_x509crlfile.arg1 ;}; return GAA_OK; @@ -916,7 +939,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_x509cafile.arg1, gaa_getstr, GAATMP_x509cafile.size1); gaa_index++; -#line 60 "cli.gaa" +#line 61 "cli.gaa" { gaaval->x509_cafile = GAATMP_x509cafile.arg1 ;}; return GAA_OK; @@ -926,14 +949,14 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_priority.arg1, gaa_getstr, GAATMP_priority.size1); gaa_index++; -#line 57 "cli.gaa" +#line 58 "cli.gaa" { gaaval->priorities = GAATMP_priority.arg1 ;}; return GAA_OK; break; case GAAOPTID_verbose: OK = 0; -#line 54 "cli.gaa" +#line 55 "cli.gaa" { gaaval->verbose = 1 ;}; return GAA_OK; @@ -943,42 +966,42 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_recordsize.arg1, gaa_getint, GAATMP_recordsize.size1); gaa_index++; -#line 51 "cli.gaa" +#line 52 "cli.gaa" { gaaval->record_size = GAATMP_recordsize.arg1 ;}; return GAA_OK; break; case GAAOPTID_print_cert: OK = 0; -#line 48 "cli.gaa" +#line 49 "cli.gaa" { gaaval->print_cert = 1 ;}; return GAA_OK; break; case GAAOPTID_disable_extensions: OK = 0; -#line 45 "cli.gaa" +#line 46 "cli.gaa" { gaaval->disable_extensions = 1 ;}; return GAA_OK; break; case GAAOPTID_fingerprint: OK = 0; -#line 42 "cli.gaa" +#line 43 "cli.gaa" { gaaval->fingerprint = 1 ;}; return GAA_OK; break; case GAAOPTID_x509fmtder: OK = 0; -#line 39 "cli.gaa" +#line 40 "cli.gaa" { gaaval->fmtder = 1 ;}; return GAA_OK; break; case GAAOPTID_crlf: OK = 0; -#line 36 "cli.gaa" +#line 37 "cli.gaa" { gaaval->crlf = 1 ;}; return GAA_OK; @@ -988,42 +1011,42 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_mtu.arg1, gaa_getint, GAATMP_mtu.size1); gaa_index++; -#line 33 "cli.gaa" +#line 34 "cli.gaa" { gaaval->mtu = GAATMP_mtu.arg1 ;}; return GAA_OK; break; case GAAOPTID_udp: OK = 0; -#line 30 "cli.gaa" +#line 31 "cli.gaa" { gaaval->udp = 1 ;}; return GAA_OK; break; case GAAOPTID_starttls: OK = 0; -#line 27 "cli.gaa" +#line 28 "cli.gaa" { gaaval->starttls = 1 ;}; return GAA_OK; break; case GAAOPTID_noticket: OK = 0; -#line 24 "cli.gaa" +#line 25 "cli.gaa" { gaaval->noticket = 1 ;}; return GAA_OK; break; case GAAOPTID_rehandshake: OK = 0; -#line 21 "cli.gaa" +#line 22 "cli.gaa" { gaaval->rehandshake = 1 ;}; return GAA_OK; break; case GAAOPTID_resume: OK = 0; -#line 18 "cli.gaa" +#line 19 "cli.gaa" { gaaval->resume = 1 ;}; return GAA_OK; @@ -1033,7 +1056,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_debug.arg1, gaa_getint, GAATMP_debug.size1); gaa_index++; -#line 15 "cli.gaa" +#line 16 "cli.gaa" { gaaval->debug = GAATMP_debug.arg1 ;}; return GAA_OK; @@ -1042,7 +1065,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAAREST_tmp.arg1, gaa_getstr, GAAREST_tmp.size1); gaa_index++; -#line 107 "cli.gaa" +#line 111 "cli.gaa" { gaaval->rest_args = GAAREST_tmp.arg1; ;}; return GAA_OK; @@ -1071,7 +1094,7 @@ int gaa(int argc, char **argv, gaainfo *gaaval) if(inited == 0) { -#line 109 "cli.gaa" +#line 113 "cli.gaa" { gaaval->resume=0; gaaval->noticket=0; gaaval->port="443"; gaaval->rest_args=NULL; gaaval->record_size=0; gaaval->fingerprint=0; gaaval->pgp_keyring=NULL; gaaval->x509_crlfile = NULL; @@ -1228,7 +1251,7 @@ static int gaa_internal_get_next_str(FILE *file, gaa_str_node *tmp_str, int argc len++; a = fgetc( file); - if(a==EOF) return 0; //a = ' '; + if(a==EOF) return 0; } len += 1; diff --git a/src/cli-gaa.h b/src/cli-gaa.h index bebca5f10e..d4a5188b75 100644 --- a/src/cli-gaa.h +++ b/src/cli-gaa.h @@ -8,65 +8,65 @@ typedef struct _gaainfo gaainfo; struct _gaainfo { -#line 106 "cli.gaa" +#line 110 "cli.gaa" char *rest_args; -#line 98 "cli.gaa" +#line 99 "cli.gaa" int insecure; -#line 95 "cli.gaa" +#line 96 "cli.gaa" char *port; -#line 92 "cli.gaa" +#line 93 "cli.gaa" char *psk_key; -#line 89 "cli.gaa" +#line 90 "cli.gaa" char *psk_username; -#line 86 "cli.gaa" +#line 87 "cli.gaa" char *srp_passwd; -#line 83 "cli.gaa" +#line 84 "cli.gaa" char *srp_username; -#line 80 "cli.gaa" +#line 81 "cli.gaa" char *x509_certfile; -#line 77 "cli.gaa" +#line 78 "cli.gaa" char *x509_keyfile; -#line 74 "cli.gaa" +#line 75 "cli.gaa" char *pgp_subkey; -#line 71 "cli.gaa" +#line 72 "cli.gaa" char *pgp_certfile; -#line 68 "cli.gaa" +#line 69 "cli.gaa" char *pgp_keyring; -#line 65 "cli.gaa" +#line 66 "cli.gaa" char *pgp_keyfile; -#line 62 "cli.gaa" +#line 63 "cli.gaa" char *x509_crlfile; -#line 59 "cli.gaa" +#line 60 "cli.gaa" char *x509_cafile; -#line 56 "cli.gaa" +#line 57 "cli.gaa" char *priorities; -#line 53 "cli.gaa" +#line 54 "cli.gaa" int verbose; -#line 50 "cli.gaa" +#line 51 "cli.gaa" int record_size; -#line 47 "cli.gaa" +#line 48 "cli.gaa" int print_cert; -#line 44 "cli.gaa" +#line 45 "cli.gaa" int disable_extensions; -#line 41 "cli.gaa" +#line 42 "cli.gaa" int fingerprint; -#line 38 "cli.gaa" +#line 39 "cli.gaa" int fmtder; -#line 35 "cli.gaa" +#line 36 "cli.gaa" int crlf; -#line 32 "cli.gaa" +#line 33 "cli.gaa" int mtu; -#line 29 "cli.gaa" +#line 30 "cli.gaa" int udp; -#line 26 "cli.gaa" +#line 27 "cli.gaa" int starttls; -#line 23 "cli.gaa" +#line 24 "cli.gaa" int noticket; -#line 20 "cli.gaa" +#line 21 "cli.gaa" int rehandshake; -#line 17 "cli.gaa" +#line 18 "cli.gaa" int resume; -#line 14 "cli.gaa" +#line 15 "cli.gaa" int debug; #line 114 "gaa.skel" diff --git a/src/cli.gaa b/src/cli.gaa index 0576d5ffd3..1d1c74f7d1 100644 --- a/src/cli.gaa +++ b/src/cli.gaa @@ -4,6 +4,7 @@ #include <config.h> #include <common.h> +#include <benchmark.h> void cli_version(void); @@ -98,6 +99,9 @@ option (p, port) STR "PORT" { $port = $1 } "The port to connect to." #int insecure; option (insecure) { $insecure = 1 } "Don't abort program if server certificate can't be validated." +option ( benchmark-ciphers) { benchmark_cipher($debug); exit(0) } "Benchmark individual ciphers." +option ( benchmark-tls) { benchmark_tls($debug); exit(0) } "Benchmark ciphers and key exchange methods in TLS." + option (l, list) { print_list($verbose); exit(0); } "Print a list of the supported algorithms and modes." option (h, help) { gaa_help(); exit(0); } "prints this help" |