kris/pq-tls-perf-testing
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Implement SH to FIN duration

Browse Source
This commit is contained in:
Henry Case 2019-08-20 11:24:26 +01:00
parent 5317ff100e
commit c78bc6101d
4 changed files with 85 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
bssl_perf/Makefile
View File

@ -12,7 +12,7 @@ else
DEBUG = -O3 -g DEBUG = -O3 -g
endif endif
CFLAGS = -std=c99 CFLAGS = -std=c99 -D_POSIX_C_SOURCE=199309L
CFLAGS+= $(DEBUG) CFLAGS+= $(DEBUG)
CFLAGS+= -I$(BORINGSSL_DIR)/ -I$(BORINGSSL_DIR)/include CFLAGS+= -I$(BORINGSSL_DIR)/ -I$(BORINGSSL_DIR)/include

23
bssl_perf/src/client.c
View File

@ -10,6 +10,28 @@ unsigned char rw_buf[BUFFER_SIZE];
static const char* DefaultCurves = "CECPQ2b:CECPQ2:X25519"; static const char* DefaultCurves = "CECPQ2b:CECPQ2:X25519";
static const uint16_t TLS_PROT_VERSION = TLS1_3_VERSION; static const uint16_t TLS_PROT_VERSION = TLS1_3_VERSION;
// This is just for testing server hello duration
static void after_keygen_handshake_time(const SSL *ssl, int type, int value) {
static const char* ss_exp = "TLS 1.3 client read_server_hello";
// OZAPTF: should be static
const size_t ss_exp_len = strlen(ss_exp);
switch (type) {
case SSL_CB_CONNECT_LOOP: {
const char* ss = SSL_state_string_long(ssl);
size_t ss_len = strlen(ss);
// OZAPTF: jak to zrobic to porzadnie?
if ((ss_len >= strlen(ss_exp)) &&
!memcmp(ss_exp, &ss[ss_len-ss_exp_len], ss_exp_len)) {
printf("%s\n", SSL_state_string_long(ssl));
getchar();
}
break;
}
default: ;;
}
}
SSL_CTX *setup_client_ctx(const char* curves) SSL_CTX *setup_client_ctx(const char* curves)
{ {
SSL_CTX* ctx = NULL; SSL_CTX* ctx = NULL;
@ -31,6 +53,7 @@ SSL_CTX *setup_client_ctx(const char* curves)
} }
SSL_CTX_enable_pq_experiment_signal(ctx); SSL_CTX_enable_pq_experiment_signal(ctx);
//SSL_CTX_set_info_callback(ctx, after_keygen_handshake_time);
return ctx; return ctx;
} }

1
bssl_perf/src/common.h
View File

@ -10,6 +10,7 @@
#endif #endif
#define PORT 1443 #define PORT 1443
#define SSL_CONN_DATA 0x01
#define SERVER "localhost" #define SERVER "localhost"
#define CLIENT "localhost" #define CLIENT "localhost"
#define CACERT "etc/ca/ca.cert.pem" #define CACERT "etc/ca/ca.cert.pem"

60
bssl_perf/src/server.c
View File

@ -1,7 +1,12 @@
#include <unistd.h>
#include <string.h>
#include <netinet/tcp.h> #include <netinet/tcp.h>
#include <sys/socket.h> #include <sys/socket.h>
#include <arpa/inet.h> #include <arpa/inet.h>
#include <time.h>
// include/ path is here for a reason - to make sure we compile against boringssl (temporary solution) // include/ path is here for a reason - to make sure we compile against boringssl (temporary solution)
#include <include/openssl/rand.h> #include <include/openssl/rand.h>
#include <include/openssl/ssl.h> #include <include/openssl/ssl.h>
@ -98,6 +103,58 @@ static int accept_once(void) {
return client; return client;
} }
struct st_t {
uint64_t duration;
};
static uint64_t time_now() {
struct timespec ts;
clock_gettime(CLOCK_MONOTONIC, &ts);
return ts.tv_sec * 1000000000 + ts.tv_nsec;
}
// Starts counting time after key has been generated on client side
static void after_keygen_handshake_time(const SSL *ssl, int type, int value) {
static const char* ss_exp = "send_server_hello";
// OZAPTF: should be static
const size_t ss_exp_len = strlen(ss_exp);
switch (type) {
case SSL_CB_ACCEPT_LOOP: {
const char* ss = SSL_state_string_long(ssl);
size_t ss_len = strlen(ss);
// OZAPTF: jak to zrobic to porzadnie?
if ((ss_len >= strlen(ss_exp)) &&
!memcmp(ss_exp, &ss[ss_len-ss_exp_len], ss_exp_len)) {
struct st_t *data =
(struct st_t*) SSL_get_ex_data(ssl, SSL_CONN_DATA);
if (!data) {
return;
}
data->duration = time_now();
}
break;
}
case SSL_CB_HANDSHAKE_DONE: {
struct st_t *data =
(struct st_t*) SSL_get_ex_data(ssl, SSL_CONN_DATA);
if (!data->duration) {
// if initial time not set, then do not report
return;
}
printf("SH to FIN duration [%s]> %lu\n",
SSL_get_curve_name(SSL_get_curve_id(ssl)),
time_now() - data->duration);
}
default: ;;
}
}
static SSL_CTX* setup_server_ctx(const char* cert_name) { static SSL_CTX* setup_server_ctx(const char* cert_name) {
SSL_CTX* ctx = SSL_CTX_new(TLS_method()); SSL_CTX* ctx = SSL_CTX_new(TLS_method());
assert(ctx); assert(ctx);
@ -123,6 +180,7 @@ static SSL_CTX* setup_server_ctx(const char* cert_name) {
ERR("Enforcing protocol to TLSv1.2"); ERR("Enforcing protocol to TLSv1.2");
} }
SSL_CTX_set_info_callback(ctx, after_keygen_handshake_time);
return ctx; return ctx;
} }
@ -211,6 +269,8 @@ int main(int argc, char *argv[])
DBG("Error creating SSL context"); DBG("Error creating SSL context");
} }
struct st_t data = {0};
SSL_set_ex_data(ssl, SSL_CONN_DATA, (void*)&data);
SSL_set_fd(ssl, fd); SSL_set_fd(ssl, fd);
ret = SSL_accept(ssl); ret = SSL_accept(ssl);
if (ret<=0) { if (ret<=0) {