Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Bug 1265994 - enable ecperf tests, r=ttaubert
  • Loading branch information
franziskuskiefer committed Apr 29, 2016
1 parent 492330e commit cdb3e39
Show file tree
Hide file tree
Showing 6 changed files with 138 additions and 18 deletions.
50 changes: 40 additions & 10 deletions cmd/ecperf/ecperf.c
Expand Up @@ -125,6 +125,9 @@ PKCS11Thread(void *data)
PR_Lock(threadData->lock);
crv = NSC_OpenSession(1, CKF_SERIAL_SESSION, NULL, 0, &session);
PR_Unlock(threadData->lock);
if (crv != CKR_OK) {
return;
}

if (threadData->isSign) {
sig.data = sigData;
Expand Down Expand Up @@ -311,8 +314,9 @@ hexString2SECItem(PLArenaPool *arena, SECItem *item, const char *str)
int byteval = 0;
int tmp = PORT_Strlen(str);

if ((tmp % 2) != 0)
if ((tmp % 2) != 0) {
return NULL;
}

/* skip leading 00's unless the hex string is "00" */
while ((tmp > 2) && (str[0] == '0') && (str[1] == '0')) {
Expand Down Expand Up @@ -530,23 +534,27 @@ ectest_curve_pkcs11(ECCurveName curve, int iterations, int numThreads)
rv = M_TimeOperation(PKCS11Thread, (op_func)PKCS11_Derive, "ECDH_Derive",
&ecPriv, &mech, NULL, iterations, numThreads,
lock, session, 0, &deriveRate);
if (rv != SECSuccess)
if (rv != SECSuccess) {
goto cleanup;
}
rv = M_TimeOperation(PKCS11Thread, (op_func)PKCS11_Sign, "ECDSA_Sign",
(void *)&ecPriv, &sig, &digest, iterations, numThreads,
lock, session, 1, &signRate);
if (rv != SECSuccess)
if (rv != SECSuccess) {
goto cleanup;
}
printf(" ECDHE max rate = %.2f\n", (deriveRate + signRate) / 4.0);
/* get a signature */
rv = PKCS11_Sign(session, &ecPriv, &sig, &digest);
if (rv != SECSuccess)
if (rv != SECSuccess) {
goto cleanup;
}
rv = M_TimeOperation(PKCS11Thread, (op_func)PKCS11_Verify, "ECDSA_Verify",
(void *)&ecPub, &sig, &digest, iterations, numThreads,
lock, session, 0, NULL);
if (rv != SECSuccess)
if (rv != SECSuccess) {
goto cleanup;
}

cleanup:
if (lock) {
Expand Down Expand Up @@ -590,7 +598,7 @@ ectest_curve_freebl(ECCurveName curve, int iterations, int numThreads)
unsigned char digestData[20];
double signRate, deriveRate;
char genenc[3 + 2 * 2 * MAX_ECKEY_LEN];
SECStatus rv;
SECStatus rv = SECFailure;

GFP_POPULATE(ecParams, curve);

Expand All @@ -609,20 +617,23 @@ ectest_curve_freebl(ECCurveName curve, int iterations, int numThreads)

M_TimeOperation(genericThread, (op_func)ECDH_DeriveWrap, "ECDH_Derive",
ecPriv, &ecPub, NULL, iterations, numThreads, 0, 0, 0, &deriveRate);
if (rv != SECSuccess)
if (rv != SECSuccess) {
goto cleanup;
}
M_TimeOperation(genericThread, (op_func)ECDSA_SignDigest, "ECDSA_Sign",
ecPriv, &sig, &digest, iterations, numThreads, 0, 0, 1, &signRate);
if (rv != SECSuccess)
goto cleanup;
printf(" ECDHE max rate = %.2f\n", (deriveRate + signRate) / 4.0);
rv = ECDSA_SignDigest(ecPriv, &sig, &digest);
if (rv != SECSuccess)
if (rv != SECSuccess) {
goto cleanup;
}
M_TimeOperation(genericThread, (op_func)ECDSA_VerifyDigest, "ECDSA_Verify",
&ecPub, &sig, &digest, iterations, numThreads, 0, 0, 0, NULL);
if (rv != SECSuccess)
if (rv != SECSuccess) {
goto cleanup;
}

cleanup:
return rv;
Expand All @@ -632,7 +643,9 @@ ectest_curve_freebl(ECCurveName curve, int iterations, int numThreads)
void
printUsage(char *prog)
{
printf("Usage: %s [-i iterations] [-t threads ] [-ans] [-fp] [-A]\n", prog);
printf("Usage: %s [-i iterations] [-t threads ] [-ans] [-fp] [-Al]\n"
"-a: ansi\n-n: nist\n-s: secp\n-f: usefreebl\n-p: usepkcs11\n-A: all\n",
prog);
}

/* Performs tests of elliptic curve cryptography over prime fields If
Expand All @@ -651,6 +664,11 @@ main(int argv, char **argc)
int iterations = 100;
int numThreads = 1;

const CK_C_INITIALIZE_ARGS pk11args = {
NULL, NULL, NULL, NULL, CKF_LIBRARY_CANT_CREATE_OS_THREADS,
(void *)"flags=readOnly,noCertDB,noModDB", NULL
};

/* read command-line arguments */
for (i = 1; i < argv; i++) {
if (strcasecmp(argc[i], "-i") == 0) {
Expand Down Expand Up @@ -691,15 +709,26 @@ main(int argv, char **argc)
goto cleanup;
}

if (usepkcs11) {
CK_RV crv = NSC_Initialize((CK_VOID_PTR)&pk11args);
if (crv != CKR_OK) {
fprintf(stderr, "NSC_Initialize failed crv=0x%x\n", (unsigned int)crv);
return SECFailure;
}
}

/* specific arithmetic tests */
if (nist) {
#ifdef NSS_ECC_MORE_THAN_SUITE_B
ECTEST_NAMED_GFP("SECP-160K1", ECCurve_SECG_PRIME_160K1);
ECTEST_NAMED_GFP("NIST-P192", ECCurve_NIST_P192);
ECTEST_NAMED_GFP("NIST-P224", ECCurve_NIST_P224);
#endif
ECTEST_NAMED_GFP("NIST-P256", ECCurve_NIST_P256);
ECTEST_NAMED_GFP("NIST-P384", ECCurve_NIST_P384);
ECTEST_NAMED_GFP("NIST-P521", ECCurve_NIST_P521);
}
#ifdef NSS_ECC_MORE_THAN_SUITE_B
if (ansi) {
ECTEST_NAMED_GFP("ANSI X9.62 PRIME192v1", ECCurve_X9_62_PRIME_192V1);
ECTEST_NAMED_GFP("ANSI X9.62 PRIME192v2", ECCurve_X9_62_PRIME_192V2);
Expand All @@ -726,6 +755,7 @@ main(int argv, char **argc)
ECTEST_NAMED_GFP("SECP-384R1", ECCurve_SECG_PRIME_384R1);
ECTEST_NAMED_GFP("SECP-521R1", ECCurve_SECG_PRIME_521R1);
}
#endif

cleanup:
if (rv != SECSuccess) {
Expand Down
14 changes: 7 additions & 7 deletions cmd/ecperf/manifest.mn
@@ -1,24 +1,24 @@
#
#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.

DEPTH = ../..
DEPTH = ../..
CORE_DEPTH = ../..

# MODULE public and private header directories are implicitly REQUIRED.
# MODULE public and private header directories are implicitly REQUIRED.
MODULE = nss

INCLUDES += -I$(CORE_DEPTH)/nss/lib/softoken

# This next line is used by .mk files
# and gets translated into $LINCS in manifest.mnw
REQUIRES = dbm seccmd
REQUIRES = dbm seccmd

# DIRS =
# DIRS =

CSRCS = ecperf.c
CSRCS = ecperf.c

PROGRAM = ecperf
PROGRAM = ecperf

USE_STATIC_LIBS = 1
1 change: 1 addition & 0 deletions cmd/manifest.mn
Expand Up @@ -42,6 +42,7 @@ NSS_SRCDIRS = \
dbtest \
derdump \
digest \
ecperf \
httpserv \
listsuites \
makepqg \
Expand Down
2 changes: 1 addition & 1 deletion tests/all.sh
Expand Up @@ -280,7 +280,7 @@ run_cycles()
cycles="standard pkix upgradedb sharedb"
CYCLES=${NSS_CYCLES:-$cycles}

tests="cipher lowhash libpkix cert dbtests tools fips sdr crmf smime ssl ocsp merge pkits chains ssl_gtests pk11_gtests der_gtests util_gtests"
tests="cipher lowhash libpkix cert dbtests tools fips sdr crmf smime ssl ocsp merge pkits chains ec ssl_gtests pk11_gtests der_gtests util_gtests"
TESTS=${NSS_TESTS:-$tests}

ALL_TESTS=${TESTS}
Expand Down
37 changes: 37 additions & 0 deletions tests/ec/ec.sh
@@ -0,0 +1,37 @@
#! /bin/bash
#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.

########################################################################
#
# tests/ec/ec.sh
#
# needs to work on all Unix and Windows platforms
# this is a meta script to drive all ec tests
#
# special strings
# ---------------
# FIXME ... known problems, search for this string
# NOTE .... unexpected behavior
#
########################################################################

############################## run_tests ###############################
# run test suites defined in ECTESTS variable
########################################################################
run_ec_tests()
{
for ECTEST in ${ECTESTS}
do
SCRIPTNAME=${ECTEST}.sh
echo "Running ec tests for ${ECTEST}"
echo "TIMESTAMP ${ECTEST} BEGIN: `date`"
(cd ${QADIR}/ec; . ./${SCRIPTNAME} 2>&1)
echo "TIMESTAMP ${ECTEST} END: `date`"
done
}

ECTESTS="ecperf"
run_ec_tests
52 changes: 52 additions & 0 deletions tests/ec/ecperf.sh
@@ -0,0 +1,52 @@
#! /bin/bash
#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.

########################################################################
#
# tests/ec/ecperf.sh
#
# needs to work on all Unix and Windows platforms
#
# special strings
# ---------------
# FIXME ... known problems, search for this string
# NOTE .... unexpected behavior
#
########################################################################

############################## ecperf_init #############################
# local shell function to initialize this script
########################################################################

ecperf_init()
{
SCRIPTNAME="ecperf.sh"
if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ] ; then
cd ../common
. ./init.sh
fi
SCRIPTNAME="ecperf.sh"
html_head "ecperf test"
}

ecperf_cleanup()
{
html "</TABLE><BR>"
cd ${QADIR}
chmod a+rw $RONLY_DIR
. common/cleanup.sh
}

ecperf_init
ECPERF_OUT=`ecperf`
ECPERF_OUT=`echo $ECPERF_OUT | grep -i "failed"`
# TODO: this is a perf test we don't check for performance here but only failed
if [ -n "$ECPERF_OUT" ] ; then
html_failed "ec(perf) test"
else
html_passed "ec(perf) test"
fi
ecperf_cleanup

0 comments on commit cdb3e39

Please sign in to comment.