From 2278df5c4f286ed2c4809b798e6ac008a2fe9d16 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Sun, 11 Dec 2011 12:03:43 +0100 Subject: [PATCH] generate libthreshold.a to find out a threshold after which kernel based operation is optimal. --- lib/Makefile | 14 ++++++--- lib/combo.c | 8 ++++-- lib/hash.c | 3 ++ lib/main.c | 89 ++++++++++++++++++--------------------------------------- lib/threshold.c | 61 +++++++++++++++++++++++++++++++++++++++ lib/threshold.h | 10 +++++++ 6 files changed, 117 insertions(+), 68 deletions(-) rewrite lib/main.c (61%) create mode 100644 lib/threshold.c create mode 100644 lib/threshold.h diff --git a/lib/Makefile b/lib/Makefile index 460b4ba..af87795 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -1,9 +1,15 @@ -CFLAGS=-g -O2 -Wall -DDEBUG +CFLAGS=-g -O2 -Wall all: benchmark -benchmark: benchmark.c hash.c main.c combo.c - gcc $(CFLAGS) -o $@ $^ -lssl +benchmark: main.c libthreshold.a + gcc $(CFLAGS) -DDEBUG -o $@ $^ -lssl libthreshold.a + +.o: + gcc $(CCFLAGS) -c $< -o $@ + +libthreshold.a: benchmark.o hash.o threshold.o combo.o + ar rcs $@ $^ clean: - rm -f *.o *~ benchmark + rm -f *.o *~ benchmark libthreshold.a diff --git a/lib/combo.c b/lib/combo.c index 29160ff..6d649cd 100644 --- a/lib/combo.c +++ b/lib/combo.c @@ -39,9 +39,11 @@ int aead_ctx_init(struct cryptodev_ctx* ctx, int cipher, int hash, void* key, in perror("ioctl(CIOCGSESSINFO)"); return -1; } +#ifdef DEBUG printf("Got %s-%s with drivers %s and %s\n", siop.cipher_info.cra_name, siop.hash_info.cra_name, siop.cipher_info.cra_driver_name, siop.hash_info.cra_driver_name); +#endif /*printf("Alignmask is %x\n", (unsigned int)siop.alignmask);*/ ctx->alignmask = siop.alignmask; #endif @@ -147,13 +149,13 @@ int aead_test(int cipher, int mac, void* ukey, int ukey_size, t2 = (double)counted/(double)elapsed; +#ifdef DEBUG + printf("%d: kernel: %.4f bytes/msec, user: %.4f bytes/msec\n", sizes[i], t1, t2); +#endif if (t1 > t2) { ret = sizes[i]; goto finish; } -#ifdef DEBUG - printf("%d: kernel: %.4f bytes/msec, user: %.4f bytes/msec\n", sizes[i], t1, t2); -#endif } ret = -1; diff --git a/lib/hash.c b/lib/hash.c index e4d6693..a90e226 100644 --- a/lib/hash.c +++ b/lib/hash.c @@ -30,13 +30,16 @@ int hash_ctx_init(struct cryptodev_ctx* ctx, int hash, int cfd) } #ifdef CIOCGSESSINFO + memset(&siop, 0, sizeof(siop)); siop.ses = ctx->sess.ses; if (ioctl(ctx->cfd, CIOCGSESSINFO, &siop)) { perror("ioctl(CIOCGSESSINFO)"); return -1; } +#ifdef DEBUG printf("Got %s with driver %s\n", siop.hash_info.cra_name, siop.hash_info.cra_driver_name); +#endif /*printf("Alignmask is %x\n", (unsigned int)siop.alignmask);*/ ctx->alignmask = siop.alignmask; #endif diff --git a/lib/main.c b/lib/main.c dissimilarity index 61% index 4e0474b..49ca05b 100644 --- a/lib/main.c +++ b/lib/main.c @@ -1,61 +1,28 @@ -/* - * Demo on how to use /dev/crypto device for ciphering. - * - * Placed under public domain. - * - */ -#include -#include -#include -#include -#include -#include -#include -#include -#include "hash.h" - -void sha_hash(void* text, int size, void* digest) -{ -SHA_CTX ctx; - - SHA_Init(&ctx); - - SHA_Update(&ctx, text, size); - - SHA_Final(digest, &ctx); -} - -void aes_sha_combo(void* ctx, void* plaintext, void* ciphertext, int size, void* tag) -{ -SHA_CTX sha_ctx; -uint8_t iv[16]; -AES_KEY* key = ctx; - - SHA_Init(&sha_ctx); - - SHA_Update(&sha_ctx, plaintext, size); - - SHA_Final(tag, &sha_ctx); - - AES_cbc_encrypt(plaintext, ciphertext, size, key, iv, 1); -} - -int main() -{ -int ret; -AES_KEY key; -uint8_t ukey[16]; - - ret = hash_test(CRYPTO_SHA1, sha_hash); - if (ret > 0) - printf("SHA1 in kernel outperforms user-space after %d input bytes\n", ret); - - memset(ukey, 0xaf, sizeof(ukey)); - AES_set_encrypt_key(ukey, 16, &key); - - ret = aead_test(CRYPTO_AES_CBC, CRYPTO_SHA1, ukey, 16, &key, aes_sha_combo); - if (ret > 0) - printf("AES-SHA1 in kernel outperforms user-space after %d input bytes\n", ret); - - return 0; -} +/* + * Demo on how to use /dev/crypto device for ciphering. + * + * Placed under public domain. + * + */ +#include +#include +#include +#include +#include +#include +#include "threshold.h" + +int main() +{ +int ret; + + ret = get_sha1_threshold(); + if (ret > 0) + printf("SHA1 in kernel outperforms user-space after %d input bytes\n", ret); + + ret = get_aes_sha1_threshold(); + if (ret > 0) + printf("AES-SHA1 in kernel outperforms user-space after %d input bytes\n", ret); + + return 0; +} diff --git a/lib/threshold.c b/lib/threshold.c new file mode 100644 index 0000000..f1215a3 --- /dev/null +++ b/lib/threshold.c @@ -0,0 +1,61 @@ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "hash.h" +#include "threshold.h" + +void sha_hash(void* text, int size, void* digest) +{ +SHA_CTX ctx; + + SHA_Init(&ctx); + + SHA_Update(&ctx, text, size); + + SHA_Final(digest, &ctx); +} + +void aes_sha_combo(void* ctx, void* plaintext, void* ciphertext, int size, void* tag) +{ +uint8_t iv[16]; +AES_KEY* key = ctx; +HMAC_CTX hctx; +unsigned int rlen = 20; + + HMAC_CTX_init(&hctx); + HMAC_Init_ex(&hctx, iv, 16, EVP_sha1(), NULL); + + HMAC_Update(&hctx, plaintext, size); + + HMAC_Final(&hctx, tag, &rlen); + HMAC_CTX_cleanup(&hctx); + + AES_cbc_encrypt(plaintext, ciphertext, size, key, iv, 1); +} + +int get_sha1_threshold() +{ + return hash_test(CRYPTO_SHA1, sha_hash); +} + +int get_aes_sha1_threshold() +{ +AES_KEY key; +uint8_t ukey[16]; + + ENGINE_load_builtin_engines(); + ENGINE_register_all_complete(); + + memset(ukey, 0xaf, sizeof(ukey)); + AES_set_encrypt_key(ukey, 16*8, &key); + + return aead_test(CRYPTO_AES_CBC, CRYPTO_SHA1, ukey, 16, &key, aes_sha_combo); +} + diff --git a/lib/threshold.h b/lib/threshold.h new file mode 100644 index 0000000..6c11019 --- /dev/null +++ b/lib/threshold.h @@ -0,0 +1,10 @@ +/* Return the number of bytes after which the + * kernel operation is more efficient to use. + * If return value is -1, then kernel operation + * cannot, or shouldn't be used, because it is always + * slower. + * + * Running time ~= 1.2 seconds per call. + */ +int get_sha1_threshold(); +int get_aes_sha1_threshold(); -- 2.11.4.GIT