2 * Copyright (c) 2019 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
15 #include <vlib/vlib.h>
16 #include <vppinfra/time.h>
17 #include <vppinfra/cache.h>
18 #include <vppinfra/error.h>
19 #include <vnet/crypto/crypto.h>
20 #include <unittest/crypto/crypto.h>
22 crypto_test_main_t crypto_test_main;
25 sort_registrations (void *a0, void *a1)
27 unittest_crypto_test_registration_t **r0 = a0;
28 unittest_crypto_test_registration_t **r1 = a1;
30 return (strncmp (r0[0]->name, r1[0]->name, 256));
34 print_results (vlib_main_t * vm, unittest_crypto_test_registration_t ** rv,
35 vnet_crypto_op_t * ops, vnet_crypto_op_chunk_t * chunks,
36 u32 n_ops, crypto_test_main_t * tm)
39 unittest_crypto_test_registration_t *r;
40 vnet_crypto_op_chunk_t *chp;
47 r = rv[op->user_data];
48 unittest_crypto_test_data_t *exp_pt = 0, *exp_ct = 0, exp_pt_data;
49 unittest_crypto_test_data_t *exp_digest = 0, *exp_tag = 0;
50 unittest_crypto_test_data_t *exp_pt_chunks = 0, *exp_ct_chunks = 0;
52 switch (vnet_crypto_get_op_type (op->op))
54 case VNET_CRYPTO_OP_TYPE_AEAD_ENCRYPT:
57 case VNET_CRYPTO_OP_TYPE_ENCRYPT:
58 exp_ct = &r->ciphertext;
59 exp_ct_chunks = r->ct_chunks;
61 case VNET_CRYPTO_OP_TYPE_AEAD_DECRYPT:
62 case VNET_CRYPTO_OP_TYPE_DECRYPT:
63 if (r->plaintext_incremental)
65 exp_pt_data.length = r->plaintext_incremental;
66 exp_pt_data.data = tm->inc_data;
67 exp_pt = &exp_pt_data;
71 exp_pt = &r->plaintext;
72 exp_pt_chunks = r->pt_chunks;
75 case VNET_CRYPTO_OP_TYPE_HMAC:
76 exp_digest = &r->digest;
78 case VNET_CRYPTO_OP_TYPE_HASH:
79 exp_digest = &r->digest;
85 vec_reset_length (err);
87 if (op->status != VNET_CRYPTO_OP_STATUS_COMPLETED)
88 err = format (err, "%sengine error: %U", vec_len (err) ? ", " : "",
89 format_vnet_crypto_op_status, op->status);
91 if (op->flags & VNET_CRYPTO_OP_FLAG_CHAINED_BUFFERS)
95 chp = vec_elt_at_index (chunks, op->chunk_index);
96 for (i = 0; i < op->n_chunks; i++)
98 if (memcmp (chp->dst, exp_ct_chunks[i].data, chp->len))
99 err = format (err, "%sciphertext mismatch [chunk %d]",
100 vec_len (err) ? ", " : "", i);
107 chp = vec_elt_at_index (chunks, op->chunk_index);
108 for (i = 0; i < op->n_chunks; i++)
110 if (memcmp (chp->dst, exp_pt_chunks[i].data, chp->len))
111 err = format (err, "%splaintext mismatch [chunk %d]",
112 vec_len (err) ? ", " : "", i);
119 if (exp_ct && memcmp (op->dst, exp_ct->data, exp_ct->length) != 0)
120 err = format (err, "%sciphertext mismatch",
121 vec_len (err) ? ", " : "");
123 if (exp_pt && memcmp (op->dst, exp_pt->data, exp_pt->length) != 0)
124 err = format (err, "%splaintext mismatch",
125 vec_len (err) ? ", " : "");
128 if (exp_tag && memcmp (op->tag, exp_tag->data, exp_tag->length) != 0)
129 err = format (err, "%stag mismatch", vec_len (err) ? ", " : "");
132 memcmp (op->digest, exp_digest->data, exp_digest->length) != 0)
133 err = format (err, "%sdigest mismatch", vec_len (err) ? ", " : "");
135 vec_reset_length (s);
136 s = format (s, "%s (%U)", r->name, format_vnet_crypto_op, op->op,
142 vlib_cli_output (vm, "%-60v%s%v", s, vec_len (err) ? "FAIL: " : "OK",
146 if (tm->verbose == 2)
150 vlib_cli_output (vm, "Expected ciphertext:\n%U"
151 "\nCalculated ciphertext:\n%U",
152 format_hexdump, exp_ct->data, exp_ct->length,
153 format_hexdump, op->dst, exp_ct->length);
155 vlib_cli_output (vm, "Expected plaintext:\n%U"
156 "\nCalculated plaintext:\n%U",
157 format_hexdump, exp_pt->data, exp_pt->length,
158 format_hexdump, op->dst, exp_pt->length);
159 if (r->tag.length && fail)
160 vlib_cli_output (vm, "Expected tag:\n%U"
161 "\nCalculated tag:\n%U",
162 format_hexdump, r->tag.data, r->tag.length,
163 format_hexdump, op->tag, op->tag_len);
164 if (exp_digest && fail)
165 vlib_cli_output (vm, "Expected digest:\n%U"
166 "\nCalculated Digest:\n%U",
167 format_hexdump, exp_digest->data,
168 exp_digest->length, format_hexdump, op->digest,
177 validate_data (u8 ** data, u32 len)
179 u32 i, diff, old_len;
180 if (vec_len (data[0]) >= len)
183 old_len = vec_len (data[0]);
184 diff = len - vec_len (data[0]);
185 vec_validate (data[0], old_len + diff - 1);
186 for (i = old_len; i < len; i++)
191 generate_digest (vlib_main_t * vm,
192 unittest_crypto_test_registration_t * r,
193 vnet_crypto_op_id_t id)
195 crypto_test_main_t *cm = &crypto_test_main;
196 vnet_crypto_op_t op[1];
197 vnet_crypto_op_init (op, id);
198 vec_validate (r->digest.data, r->digest.length - 1);
199 op->src = cm->inc_data;
200 op->len = r->plaintext_incremental;
201 op->digest = r->digest.data;
202 op->digest_len = r->digest.length;
203 op->key_index = vnet_crypto_key_add (vm, r->alg,
204 cm->inc_data, r->key.length);
206 /* at this point openssl is set for each algo */
207 vnet_crypto_process_ops (vm, op, 1);
211 restore_engines (u32 * engs)
213 vnet_crypto_main_t *cm = &crypto_main;
215 vnet_crypto_engine_t *ce;
217 for (i = 1; i < VNET_CRYPTO_N_OP_IDS; i++)
219 vnet_crypto_op_data_t *od = &cm->opt_data[i];
223 ce = vec_elt_at_index (cm->engines, engs[i]);
224 od->active_engine_index_simple = engs[i];
225 cm->ops_handlers[i] = ce->ops_handlers[i];
233 save_current_engines (u32 * engs)
235 vnet_crypto_main_t *cm = &crypto_main;
238 vnet_crypto_engine_t *ce;
240 p = hash_get_mem (cm->engine_index_by_name, "openssl");
244 ce = vec_elt_at_index (cm->engines, p[0]);
246 /* set openssl for all crypto algs to generate expected data */
247 for (i = 1; i < VNET_CRYPTO_N_OP_IDS; i++)
249 vnet_crypto_op_data_t *od = &cm->opt_data[i];
250 if (od->active_engine_index_simple != ~0)
252 /* save engine index */
253 engs[i] = od->active_engine_index_simple;
254 od->active_engine_index_simple = ce - cm->engines;
255 cm->ops_handlers[i] = ce->ops_handlers[i];
262 static clib_error_t *
263 test_crypto_incremental (vlib_main_t * vm, crypto_test_main_t * tm,
264 unittest_crypto_test_registration_t ** rv, u32 n_ops,
265 u32 computed_data_total_len)
267 vnet_crypto_main_t *cm = &crypto_main;
268 vnet_crypto_alg_data_t *ad;
269 vnet_crypto_key_index_t *key_indices = 0;
271 unittest_crypto_test_registration_t *r;
272 vnet_crypto_op_t *ops = 0, *op;
273 u8 *encrypted_data = 0, *decrypted_data = 0, *s = 0, *err = 0;
278 vec_validate_aligned (encrypted_data, computed_data_total_len - 1,
279 CLIB_CACHE_LINE_BYTES);
280 vec_validate_aligned (decrypted_data, computed_data_total_len - 1,
281 CLIB_CACHE_LINE_BYTES);
282 vec_validate_aligned (ops, n_ops - 1, CLIB_CACHE_LINE_BYTES);
283 computed_data_total_len = 0;
286 /* first stage: encrypt only */
288 vec_foreach_index (i, rv)
292 ad = vec_elt_at_index (cm->algs, r->alg);
293 for (t = 0; t < VNET_CRYPTO_OP_N_TYPES; t++)
295 vnet_crypto_op_id_t id = ad->op_by_type[t];
302 case VNET_CRYPTO_OP_TYPE_ENCRYPT:
303 vnet_crypto_op_init (op, id);
304 op->iv = tm->inc_data;
305 op->key_index = vnet_crypto_key_add (vm, r->alg,
306 tm->inc_data, r->key.length);
307 vec_add1 (key_indices, op->key_index);
308 op->len = r->plaintext_incremental;
309 op->src = tm->inc_data;
310 op->dst = encrypted_data + computed_data_total_len;
311 computed_data_total_len += r->plaintext_incremental;
315 case VNET_CRYPTO_OP_TYPE_AEAD_ENCRYPT:
316 vnet_crypto_op_init (op, id);
317 op->iv = tm->inc_data;
318 op->key_index = vnet_crypto_key_add (vm, r->alg,
319 tm->inc_data, r->key.length);
320 vec_add1 (key_indices, op->key_index);
321 op->aad = tm->inc_data;
322 op->aad_len = r->aad.length;
323 op->len = r->plaintext_incremental;
324 op->dst = encrypted_data + computed_data_total_len;
325 computed_data_total_len += r->plaintext_incremental;
326 op->src = tm->inc_data;
327 op->tag = encrypted_data + computed_data_total_len;
328 computed_data_total_len += r->tag.length;
329 op->tag_len = r->tag.length;
333 case VNET_CRYPTO_OP_TYPE_HMAC:
334 /* compute hmac in the next stage */
335 op->op = VNET_CRYPTO_OP_NONE;
336 computed_data_total_len += r->digest.length;
346 vnet_crypto_process_ops (vm, ops, n_ops);
347 computed_data_total_len = 0;
349 /* second stage: hash/decrypt previously encrypted data */
352 vec_foreach_index (i, rv)
356 ad = vec_elt_at_index (cm->algs, r->alg);
357 for (t = 0; t < VNET_CRYPTO_OP_N_TYPES; t++)
359 vnet_crypto_op_id_t id = ad->op_by_type[t];
366 case VNET_CRYPTO_OP_TYPE_DECRYPT:
367 vnet_crypto_op_init (op, id);
368 op->iv = tm->inc_data;
369 op->key_index = vnet_crypto_key_add (vm, r->alg,
370 tm->inc_data, r->key.length);
371 vec_add1 (key_indices, op->key_index);
372 op->len = r->plaintext_incremental;
373 op->src = encrypted_data + computed_data_total_len;
374 op->dst = decrypted_data + computed_data_total_len;
375 computed_data_total_len += r->plaintext_incremental;
379 case VNET_CRYPTO_OP_TYPE_AEAD_DECRYPT:
380 vnet_crypto_op_init (op, id);
381 op->iv = tm->inc_data;
382 op->key_index = vnet_crypto_key_add (vm, r->alg,
383 tm->inc_data, r->key.length);
384 vec_add1 (key_indices, op->key_index);
385 op->aad = tm->inc_data;
386 op->aad_len = r->aad.length;
387 op->len = r->plaintext_incremental;
388 op->dst = decrypted_data + computed_data_total_len;
389 op->src = encrypted_data + computed_data_total_len;
390 computed_data_total_len += r->plaintext_incremental;
392 op->tag = encrypted_data + computed_data_total_len;
393 computed_data_total_len += r->tag.length;
394 op->tag_len = r->tag.length;
398 case VNET_CRYPTO_OP_TYPE_HMAC:
399 vnet_crypto_op_init (op, id);
400 op->key_index = vnet_crypto_key_add (vm, r->alg,
401 tm->inc_data, r->key.length);
402 vec_add1 (key_indices, op->key_index);
403 op->src = tm->inc_data;
404 op->len = r->plaintext_incremental;
405 op->digest_len = r->digest.length;
406 op->digest = encrypted_data + computed_data_total_len;
407 computed_data_total_len += r->digest.length;
418 vnet_crypto_process_ops (vm, ops, n_ops);
419 print_results (vm, rv, ops, 0, n_ops, tm);
421 vec_foreach_index (i, key_indices) vnet_crypto_key_del (vm, key_indices[i]);
422 vec_free (tm->inc_data);
424 vec_free (encrypted_data);
425 vec_free (decrypted_data);
431 static clib_error_t *
432 test_crypto_static (vlib_main_t * vm, crypto_test_main_t * tm,
433 unittest_crypto_test_registration_t ** rv, u32 n_ops,
434 u32 n_chained_ops, u32 computed_data_total_len)
436 unittest_crypto_test_data_t *pt, *ct;
437 vnet_crypto_op_chunk_t *chunks = 0, ch;
438 unittest_crypto_test_registration_t *r;
439 vnet_crypto_op_t *ops = 0, *op, *chained_ops = 0;
440 vnet_crypto_op_t *current_chained_op = 0, *current_op = 0;
441 vnet_crypto_main_t *cm = &crypto_main;
442 vnet_crypto_alg_data_t *ad;
443 vnet_crypto_key_index_t *key_indices = 0;
444 u8 *computed_data = 0;
447 vec_sort_with_function (rv, sort_registrations);
449 vec_validate_aligned (computed_data, computed_data_total_len - 1,
450 CLIB_CACHE_LINE_BYTES);
451 vec_validate_aligned (ops, n_ops - 1, CLIB_CACHE_LINE_BYTES);
452 vec_validate_aligned (chained_ops, n_chained_ops - 1,
453 CLIB_CACHE_LINE_BYTES);
454 computed_data_total_len = 0;
457 current_chained_op = chained_ops;
459 vec_foreach_index (i, rv)
463 ad = vec_elt_at_index (cm->algs, r->alg);
464 for (t = 0; t < VNET_CRYPTO_OP_N_TYPES; t++)
466 vnet_crypto_op_id_t id = ad->op_by_type[t];
473 op = current_chained_op;
474 current_chained_op += 1;
482 vnet_crypto_op_init (op, id);
486 case VNET_CRYPTO_OP_TYPE_ENCRYPT:
487 case VNET_CRYPTO_OP_TYPE_DECRYPT:
489 op->key_index = vnet_crypto_key_add (vm, r->alg,
492 vec_add1 (key_indices, op->key_index);
498 op->flags |= VNET_CRYPTO_OP_FLAG_CHAINED_BUFFERS;
499 op->chunk_index = vec_len (chunks);
502 ch.src = t == VNET_CRYPTO_OP_TYPE_ENCRYPT ?
505 ch.dst = computed_data + computed_data_total_len;
506 computed_data_total_len += pt->length;
507 vec_add1 (chunks, ch);
515 op->len = r->plaintext.length;
516 op->src = t == VNET_CRYPTO_OP_TYPE_ENCRYPT ?
517 r->plaintext.data : r->ciphertext.data;
518 op->dst = computed_data + computed_data_total_len;
519 computed_data_total_len += r->ciphertext.length;
522 case VNET_CRYPTO_OP_TYPE_AEAD_ENCRYPT:
523 case VNET_CRYPTO_OP_TYPE_AEAD_DECRYPT:
527 op->key_index = vnet_crypto_key_add (vm, r->alg,
530 vec_add1 (key_indices, op->key_index);
531 op->aad = r->aad.data;
532 op->aad_len = r->aad.length;
533 if (t == VNET_CRYPTO_OP_TYPE_AEAD_ENCRYPT)
536 op->flags |= VNET_CRYPTO_OP_FLAG_CHAINED_BUFFERS;
537 op->chunk_index = vec_len (chunks);
540 clib_memset (&ch, 0, sizeof (ch));
543 ch.dst = computed_data + computed_data_total_len;
544 computed_data_total_len += pt->length;
545 vec_add1 (chunks, ch);
549 op->tag = computed_data + computed_data_total_len;
550 computed_data_total_len += r->tag.length;
555 op->flags |= VNET_CRYPTO_OP_FLAG_CHAINED_BUFFERS;
556 op->chunk_index = vec_len (chunks);
559 clib_memset (&ch, 0, sizeof (ch));
562 ch.dst = computed_data + computed_data_total_len;
563 computed_data_total_len += ct->length;
564 vec_add1 (chunks, ch);
568 op->tag = r->tag.data;
570 op->tag_len = r->tag.length;
575 op->key_index = vnet_crypto_key_add (vm, r->alg,
578 vec_add1 (key_indices, op->key_index);
579 op->aad = r->aad.data;
580 op->aad_len = r->aad.length;
581 op->len = r->plaintext.length;
582 op->dst = computed_data + computed_data_total_len;
583 computed_data_total_len += r->ciphertext.length;
585 if (t == VNET_CRYPTO_OP_TYPE_AEAD_ENCRYPT)
587 op->src = r->plaintext.data;
588 op->tag = computed_data + computed_data_total_len;
589 computed_data_total_len += r->tag.length;
593 op->tag = r->tag.data;
594 op->src = r->ciphertext.data;
596 op->tag_len = r->tag.length;
599 case VNET_CRYPTO_OP_TYPE_HMAC:
602 op->key_index = vnet_crypto_key_add (vm, r->alg,
605 vec_add1 (key_indices, op->key_index);
606 op->digest_len = r->digest.length;
607 op->digest = computed_data + computed_data_total_len;
608 computed_data_total_len += r->digest.length;
610 op->flags |= VNET_CRYPTO_OP_FLAG_CHAINED_BUFFERS;
611 op->chunk_index = vec_len (chunks);
614 clib_memset (&ch, 0, sizeof (ch));
617 vec_add1 (chunks, ch);
624 op->key_index = vnet_crypto_key_add (vm, r->alg,
627 vec_add1 (key_indices, op->key_index);
628 op->digest_len = r->digest.length;
629 op->digest = computed_data + computed_data_total_len;
630 computed_data_total_len += r->digest.length;
631 op->src = r->plaintext.data;
632 op->len = r->plaintext.length;
635 case VNET_CRYPTO_OP_TYPE_HASH:
636 op->digest = computed_data + computed_data_total_len;
637 computed_data_total_len += r->digest.length;
638 op->src = r->plaintext.data;
639 op->len = r->plaintext.length;
650 vnet_crypto_process_ops (vm, ops, vec_len (ops));
651 vnet_crypto_process_chained_ops (vm, chained_ops, chunks,
652 vec_len (chained_ops));
654 print_results (vm, rv, ops, chunks, vec_len (ops), tm);
655 print_results (vm, rv, chained_ops, chunks, vec_len (chained_ops), tm);
657 vec_foreach_index (i, key_indices) vnet_crypto_key_del (vm, key_indices[i]);
659 vec_free (computed_data);
661 vec_free (chained_ops);
667 test_crypto_get_key_sz (vnet_crypto_alg_t alg)
672 case VNET_CRYPTO_ALG_##n: \
675 foreach_crypto_cipher_alg
676 foreach_crypto_aead_alg
679 case VNET_CRYPTO_ALG_HMAC_MD5:
680 case VNET_CRYPTO_ALG_HMAC_SHA1:
682 case VNET_CRYPTO_ALG_HMAC_SHA224:
684 case VNET_CRYPTO_ALG_HMAC_SHA256:
686 case VNET_CRYPTO_ALG_HMAC_SHA384:
688 case VNET_CRYPTO_ALG_HMAC_SHA512:
696 static clib_error_t *
697 test_crypto (vlib_main_t * vm, crypto_test_main_t * tm)
699 clib_error_t *err = 0;
700 vnet_crypto_main_t *cm = &crypto_main;
701 unittest_crypto_test_registration_t *r = tm->test_registrations;
702 unittest_crypto_test_registration_t **static_tests = 0, **inc_tests = 0;
703 u32 i, j, n_ops_static = 0, n_ops_incr = 0, n_chained_ops = 0;
704 vnet_crypto_alg_data_t *ad;
705 u32 computed_data_total_len = 0;
706 u32 computed_data_total_incr_len = 0;
707 u32 saved_engs[VNET_CRYPTO_N_OP_IDS] = { ~0, };
708 unittest_crypto_test_data_t *ct;
710 /* pre-allocate plaintext data with reasonable length */
711 validate_data (&tm->inc_data, 2048);
713 int rc = save_current_engines (saved_engs);
715 return clib_error_return (0, "failed to set default crypto engine!");
717 /* construct registration vector */
720 if (r->plaintext_incremental)
721 vec_add1 (inc_tests, r);
723 vec_add1 (static_tests, r);
725 ad = vec_elt_at_index (cm->algs, r->alg);
727 for (i = 0; i < VNET_CRYPTO_OP_N_TYPES; i++)
729 vnet_crypto_op_id_t id = ad->op_by_type[i];
736 case VNET_CRYPTO_OP_TYPE_ENCRYPT:
737 if (r->plaintext_incremental)
739 computed_data_total_incr_len += r->plaintext_incremental;
743 case VNET_CRYPTO_OP_TYPE_DECRYPT:
744 case VNET_CRYPTO_OP_TYPE_AEAD_DECRYPT:
751 if (j > CRYPTO_TEST_MAX_OP_CHUNKS)
752 return clib_error_return (0,
753 "test case '%s' exceeds extra data!",
755 computed_data_total_len += ct->length;
761 else if (!r->plaintext_incremental)
763 computed_data_total_len += r->ciphertext.length;
767 case VNET_CRYPTO_OP_TYPE_AEAD_ENCRYPT:
768 if (r->plaintext_incremental)
770 computed_data_total_incr_len += r->plaintext_incremental;
771 computed_data_total_incr_len += r->tag.length;
776 computed_data_total_len += r->ciphertext.length;
777 computed_data_total_len += r->tag.length;
784 if (j > CRYPTO_TEST_MAX_OP_CHUNKS)
785 return clib_error_return (0,
786 "test case '%s' exceeds extra data!",
788 computed_data_total_len += ct->length;
798 case VNET_CRYPTO_OP_TYPE_HMAC:
799 if (r->plaintext_incremental)
801 computed_data_total_incr_len += r->digest.length;
803 generate_digest (vm, r, id);
807 computed_data_total_len += r->digest.length;
814 case VNET_CRYPTO_OP_TYPE_HASH:
815 computed_data_total_len += r->digest.length;
826 restore_engines (saved_engs);
828 err = test_crypto_static (vm, tm, static_tests, n_ops_static, n_chained_ops,
829 computed_data_total_len);
833 err = test_crypto_incremental (vm, tm, inc_tests, n_ops_incr,
834 computed_data_total_incr_len);
836 r = tm->test_registrations;
839 if (r->plaintext_incremental)
840 vec_free (r->digest.data);
845 vec_free (inc_tests);
846 vec_free (static_tests);
850 static clib_error_t *
851 test_crypto_perf (vlib_main_t * vm, crypto_test_main_t * tm)
853 vnet_crypto_main_t *cm = &crypto_main;
854 clib_error_t *err = 0;
855 u32 n_buffers, n_alloc = 0, warmup_rounds, rounds;
856 u32 *buffer_indices = 0;
857 vnet_crypto_op_t *ops1 = 0, *ops2 = 0, *op1, *op2;
858 vnet_crypto_alg_data_t *ad = vec_elt_at_index (cm->algs, tm->alg);
859 vnet_crypto_key_index_t key_index = ~0;
861 int buffer_size = vlib_buffer_get_default_data_size (vm);
862 u64 seed = clib_cpu_time_now ();
863 u64 t0[5], t1[5], t2[5], n_bytes = 0;
866 if (tm->buffer_size > buffer_size)
867 return clib_error_return (0, "buffer size must be <= %u", buffer_size);
869 rounds = tm->rounds ? tm->rounds : 100;
870 n_buffers = tm->n_buffers ? tm->n_buffers : 256;
871 buffer_size = tm->buffer_size ? tm->buffer_size : 2048;
872 warmup_rounds = tm->warmup_rounds ? tm->warmup_rounds : 100;
874 if (buffer_size > vlib_buffer_get_default_data_size (vm))
875 return clib_error_return (0, "buffer size too big");
877 vec_validate_aligned (buffer_indices, n_buffers - 1, CLIB_CACHE_LINE_BYTES);
878 vec_validate_aligned (ops1, n_buffers - 1, CLIB_CACHE_LINE_BYTES);
879 vec_validate_aligned (ops2, n_buffers - 1, CLIB_CACHE_LINE_BYTES);
881 n_alloc = vlib_buffer_alloc (vm, buffer_indices, n_buffers);
882 if (n_alloc != n_buffers)
885 vlib_buffer_free (vm, buffer_indices, n_alloc);
886 err = clib_error_return (0, "buffer alloc failure");
890 vlib_cli_output (vm, "%U: n_buffers %u buffer-size %u rounds %u "
892 format_vnet_crypto_alg, tm->alg, n_buffers, buffer_size,
893 rounds, warmup_rounds);
894 vlib_cli_output (vm, " cpu-freq %.2f GHz",
895 (f64) vm->clib_time.clocks_per_second * 1e-9);
897 vnet_crypto_op_type_t ot = 0;
899 for (i = 0; i < sizeof (key); i++)
902 key_index = vnet_crypto_key_add (vm, tm->alg, key,
903 test_crypto_get_key_sz (tm->alg));
905 for (i = 0; i < VNET_CRYPTO_OP_N_TYPES; i++)
907 vnet_crypto_op_id_t id = ad->op_by_type[i];
914 for (i = 0; i < n_buffers; i++)
916 vlib_buffer_t *b = vlib_get_buffer (vm, buffer_indices[i]);
922 case VNET_CRYPTO_OP_TYPE_ENCRYPT:
923 case VNET_CRYPTO_OP_TYPE_DECRYPT:
924 vnet_crypto_op_init (op1,
925 ad->op_by_type[VNET_CRYPTO_OP_TYPE_ENCRYPT]);
926 vnet_crypto_op_init (op2,
927 ad->op_by_type[VNET_CRYPTO_OP_TYPE_DECRYPT]);
928 op1->flags = VNET_CRYPTO_OP_FLAG_INIT_IV;
929 op1->src = op2->src = op1->dst = op2->dst = b->data;
930 op1->key_index = op2->key_index = key_index;
931 op1->iv = op2->iv = b->data - 64;
932 n_bytes += op1->len = op2->len = buffer_size;
934 case VNET_CRYPTO_OP_TYPE_AEAD_ENCRYPT:
935 case VNET_CRYPTO_OP_TYPE_AEAD_DECRYPT:
936 vnet_crypto_op_init (op1,
938 [VNET_CRYPTO_OP_TYPE_AEAD_ENCRYPT]);
939 vnet_crypto_op_init (op2,
941 [VNET_CRYPTO_OP_TYPE_AEAD_DECRYPT]);
942 op1->src = op2->src = op1->dst = op2->dst = b->data;
943 op1->key_index = op2->key_index = key_index;
944 op1->tag = op2->tag = b->data - 32;
945 op1->iv = op2->iv = b->data - 64;
946 op1->aad = op2->aad = b->data - VLIB_BUFFER_PRE_DATA_SIZE;
947 op1->aad_len = op2->aad_len = 64;
948 op1->tag_len = op2->tag_len = 16;
949 n_bytes += op1->len = op2->len = buffer_size;
951 case VNET_CRYPTO_OP_TYPE_HMAC:
952 vnet_crypto_op_init (op1, ad->op_by_type[VNET_CRYPTO_OP_TYPE_HMAC]);
954 op1->key_index = key_index;
956 op1->digest = b->data - VLIB_BUFFER_PRE_DATA_SIZE;
958 n_bytes += op1->len = buffer_size;
964 for (j = -VLIB_BUFFER_PRE_DATA_SIZE; j < buffer_size; j += 8)
965 *(u64 *) (b->data + j) = 1 + random_u64 (&seed);
968 for (i = 0; i < 5; i++)
970 for (j = 0; j < warmup_rounds; j++)
972 vnet_crypto_process_ops (vm, ops1, n_buffers);
973 if (ot != VNET_CRYPTO_OP_TYPE_HMAC)
974 vnet_crypto_process_ops (vm, ops2, n_buffers);
977 t0[i] = clib_cpu_time_now ();
978 for (j = 0; j < rounds; j++)
979 vnet_crypto_process_ops (vm, ops1, n_buffers);
980 t1[i] = clib_cpu_time_now ();
982 if (ot != VNET_CRYPTO_OP_TYPE_HMAC)
984 for (j = 0; j < rounds; j++)
985 vnet_crypto_process_ops (vm, ops2, n_buffers);
986 t2[i] = clib_cpu_time_now ();
990 for (i = 0; i < 5; i++)
992 f64 tpb1 = (f64) (t1[i] - t0[i]) / (n_bytes * rounds);
993 f64 gbps1 = vm->clib_time.clocks_per_second * 1e-9 * 8 / tpb1;
996 if (ot != VNET_CRYPTO_OP_TYPE_HMAC)
998 tpb2 = (f64) (t2[i] - t1[i]) / (n_bytes * rounds);
999 gbps2 = vm->clib_time.clocks_per_second * 1e-9 * 8 / tpb2;
1000 vlib_cli_output (vm, "%-2u: encrypt %.03f ticks/byte, %.02f Gbps; "
1001 "decrypt %.03f ticks/byte, %.02f Gbps",
1002 i + 1, tpb1, gbps1, tpb2, gbps2);
1006 vlib_cli_output (vm, "%-2u: hash %.03f ticks/byte, %.02f Gbps\n",
1007 i + 1, tpb1, gbps1);
1013 vlib_buffer_free (vm, buffer_indices, n_alloc);
1015 if (key_index != ~0)
1016 vnet_crypto_key_del (vm, key_index);
1018 vec_free (buffer_indices);
1024 static clib_error_t *
1025 test_crypto_command_fn (vlib_main_t * vm,
1026 unformat_input_t * input, vlib_cli_command_t * cmd)
1028 crypto_test_main_t *tm = &crypto_test_main;
1029 unittest_crypto_test_registration_t *tr;
1032 tr = tm->test_registrations;
1033 memset (tm, 0, sizeof (crypto_test_main_t));
1034 tm->test_registrations = tr;
1037 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
1039 if (unformat (input, "verbose"))
1041 else if (unformat (input, "detail"))
1044 if (unformat (input, "perf %U", unformat_vnet_crypto_alg, &tm->alg))
1046 else if (unformat (input, "buffers %u", &tm->n_buffers))
1048 else if (unformat (input, "rounds %u", &tm->rounds))
1050 else if (unformat (input, "warmup-rounds %u", &tm->warmup_rounds))
1052 else if (unformat (input, "buffer-size %u", &tm->buffer_size))
1055 return clib_error_return (0, "unknown input '%U'",
1056 format_unformat_error, input);
1060 return test_crypto_perf (vm, tm);
1062 return test_crypto (vm, tm);
1066 VLIB_CLI_COMMAND (test_crypto_command, static) =
1068 .path = "test crypto",
1069 .short_help = "test crypto",
1070 .function = test_crypto_command_fn,
1074 static clib_error_t *
1075 crypto_test_init (vlib_main_t * vm)
1080 VLIB_INIT_FUNCTION (crypto_test_init);
1083 * fd.io coding-style-patch-verification: ON
1086 * eval: (c-set-style "gnu")
Code Review / vpp.git / blob