4 arquivos alterados com 85 adições e 1 exclusões
Visão dividida
Opções de diferenças
-
+1 -1bssl_perf/Makefile
-
+23 -0bssl_perf/src/client.c
-
+1 -0bssl_perf/src/common.h
-
+60 -0bssl_perf/src/server.c
+ 1
- 1
bssl_perf/Makefile
Ver arquivo
| @@ -12,7 +12,7 @@ else | |||
| DEBUG = -O3 -g | |||
| endif | |||
| CFLAGS = -std=c99 | |||
| CFLAGS = -std=c99 -D_POSIX_C_SOURCE=199309L | |||
| CFLAGS+= $(DEBUG) | |||
| CFLAGS+= -I$(BORINGSSL_DIR)/ -I$(BORINGSSL_DIR)/include | |||
+ 23
- 0
bssl_perf/src/client.c
Ver arquivo
| @@ -10,6 +10,28 @@ unsigned char rw_buf[BUFFER_SIZE]; | |||
| static const char* DefaultCurves = "CECPQ2b:CECPQ2:X25519"; | |||
| static const uint16_t TLS_PROT_VERSION = TLS1_3_VERSION; | |||
| // This is just for testing server hello duration | |||
| static void after_keygen_handshake_time(const SSL *ssl, int type, int value) { | |||
| static const char* ss_exp = "TLS 1.3 client read_server_hello"; | |||
| // OZAPTF: should be static | |||
| const size_t ss_exp_len = strlen(ss_exp); | |||
| switch (type) { | |||
| case SSL_CB_CONNECT_LOOP: { | |||
| const char* ss = SSL_state_string_long(ssl); | |||
| size_t ss_len = strlen(ss); | |||
| // OZAPTF: jak to zrobic to porzadnie? | |||
| if ((ss_len >= strlen(ss_exp)) && | |||
| !memcmp(ss_exp, &ss[ss_len-ss_exp_len], ss_exp_len)) { | |||
| printf("%s\n", SSL_state_string_long(ssl)); | |||
| getchar(); | |||
| } | |||
| break; | |||
| } | |||
| default: ;; | |||
| } | |||
| } | |||
| SSL_CTX *setup_client_ctx(const char* curves) | |||
| { | |||
| SSL_CTX* ctx = NULL; | |||
| @@ -31,6 +53,7 @@ SSL_CTX *setup_client_ctx(const char* curves) | |||
| } | |||
| SSL_CTX_enable_pq_experiment_signal(ctx); | |||
| //SSL_CTX_set_info_callback(ctx, after_keygen_handshake_time); | |||
| return ctx; | |||
| } | |||
+ 1
- 0
bssl_perf/src/common.h
Ver arquivo
| @@ -10,6 +10,7 @@ | |||
| #endif | |||
| #define PORT 1443 | |||
| #define SSL_CONN_DATA 0x01 | |||
| #define SERVER "localhost" | |||
| #define CLIENT "localhost" | |||
| #define CACERT "etc/ca/ca.cert.pem" | |||
+ 60
- 0
bssl_perf/src/server.c
Ver arquivo
| @@ -1,7 +1,12 @@ | |||
| #include <unistd.h> | |||
| #include <string.h> | |||
| #include <netinet/tcp.h> | |||
| #include <sys/socket.h> | |||
| #include <arpa/inet.h> | |||
| #include <time.h> | |||
| // include/ path is here for a reason - to make sure we compile against boringssl (temporary solution) | |||
| #include <include/openssl/rand.h> | |||
| #include <include/openssl/ssl.h> | |||
| @@ -98,6 +103,58 @@ static int accept_once(void) { | |||
| return client; | |||
| } | |||
| struct st_t { | |||
| uint64_t duration; | |||
| }; | |||
| static uint64_t time_now() { | |||
| struct timespec ts; | |||
| clock_gettime(CLOCK_MONOTONIC, &ts); | |||
| return ts.tv_sec * 1000000000 + ts.tv_nsec; | |||
| } | |||
| // Starts counting time after key has been generated on client side | |||
| static void after_keygen_handshake_time(const SSL *ssl, int type, int value) { | |||
| static const char* ss_exp = "send_server_hello"; | |||
| // OZAPTF: should be static | |||
| const size_t ss_exp_len = strlen(ss_exp); | |||
| switch (type) { | |||
| case SSL_CB_ACCEPT_LOOP: { | |||
| const char* ss = SSL_state_string_long(ssl); | |||
| size_t ss_len = strlen(ss); | |||
| // OZAPTF: jak to zrobic to porzadnie? | |||
| if ((ss_len >= strlen(ss_exp)) && | |||
| !memcmp(ss_exp, &ss[ss_len-ss_exp_len], ss_exp_len)) { | |||
| struct st_t *data = | |||
| (struct st_t*) SSL_get_ex_data(ssl, SSL_CONN_DATA); | |||
| if (!data) { | |||
| return; | |||
| } | |||
| data->duration = time_now(); | |||
| } | |||
| break; | |||
| } | |||
| case SSL_CB_HANDSHAKE_DONE: { | |||
| struct st_t *data = | |||
| (struct st_t*) SSL_get_ex_data(ssl, SSL_CONN_DATA); | |||
| if (!data->duration) { | |||
| // if initial time not set, then do not report | |||
| return; | |||
| } | |||
| printf("SH to FIN duration [%s]> %lu\n", | |||
| SSL_get_curve_name(SSL_get_curve_id(ssl)), | |||
| time_now() - data->duration); | |||
| } | |||
| default: ;; | |||
| } | |||
| } | |||
| static SSL_CTX* setup_server_ctx(const char* cert_name) { | |||
| SSL_CTX* ctx = SSL_CTX_new(TLS_method()); | |||
| assert(ctx); | |||
| @@ -123,6 +180,7 @@ static SSL_CTX* setup_server_ctx(const char* cert_name) { | |||
| ERR("Enforcing protocol to TLSv1.2"); | |||
| } | |||
| SSL_CTX_set_info_callback(ctx, after_keygen_handshake_time); | |||
| return ctx; | |||
| } | |||
| @@ -211,6 +269,8 @@ int main(int argc, char *argv[]) | |||
| DBG("Error creating SSL context"); | |||
| } | |||
| struct st_t data = {0}; | |||
| SSL_set_ex_data(ssl, SSL_CONN_DATA, (void*)&data); | |||
| SSL_set_fd(ssl, fd); | |||
| ret = SSL_accept(ssl); | |||
| if (ret<=0) { | |||