static void mac_bench(int algo, int size) { void *_key; int blocksize = gnutls_hmac_get_len(algo); int step = size * 1024; struct benchmark_st st; _key = malloc(blocksize); if (_key == NULL) return; memset(_key, 0xf0, blocksize); printf("%16s ", gnutls_mac_get_name(algo)); fflush(stdout); start_benchmark(&st); do { gnutls_hmac_fast(algo, _key, blocksize, data, step, _key); st.size += step; } while (benchmark_must_finish == 0); stop_benchmark(&st, NULL, 1); free(_key); }
static void mac_bench (int algo, int size) { void *_key; struct timespec start, stop; double secs; double data_size = 0; double ddata, dspeed; int blocksize = gnutls_hmac_get_len (algo); char metric[16]; _key = malloc (blocksize); if (_key == NULL) return; memset (_key, 0xf0, blocksize); printf ("Checking %s (%dkb payload)... ", gnutls_mac_get_name (algo), size); fflush (stdout); must_finish = 0; alarm (5); gettime (&start); do { gnutls_hmac_fast (algo, _key, blocksize, data, size * 1024, _key); data_size += size * 1024; } while (must_finish == 0); gettime (&stop); secs = (stop.tv_sec * 1000 + stop.tv_nsec / (1000 * 1000) - (start.tv_sec * 1000 + start.tv_nsec / (1000 * 1000))); secs /= 1000; value2human (data_size, secs, &ddata, &dspeed, metric); printf ("Hashed %.2f %s in %.2f secs: ", ddata, metric, secs); printf ("%.2f %s/sec\n", dspeed, metric); free (_key); }
static void mac_bench(int algo, int size) { void *_key; int blocksize = gnutls_hmac_get_len(algo); int step = size * 1024; struct benchmark_st st; void *input; unsigned char c, *i; ALLOCM(input, MAX_MEM); i = input; _key = malloc(blocksize); if (_key == NULL) return; memset(_key, 0xf0, blocksize); printf("%16s ", gnutls_mac_get_name(algo)); fflush(stdout); assert(gnutls_rnd(GNUTLS_RND_NONCE, &c, 1) >= 0); start_benchmark(&st); do { gnutls_hmac_fast(algo, _key, blocksize, i, step, _key); st.size += step; INC(input, i, step); } while (benchmark_must_finish == 0); stop_benchmark(&st, NULL, 1); FREE(input); free(_key); }
void doit (void) { unsigned char digest[20]; int err; /* XXX: We need this to fix secure memory. */ global_init (); gnutls_global_set_log_function (tls_log_func); if (debug) gnutls_global_set_log_level (4711); err = gnutls_hmac_fast (GNUTLS_MAC_MD5, "keykeykey", 9, "abcdefgh", 8, digest); if (err < 0) fail ("gnutls_hmac_fast(MD5) failed: %d\n", err); else { if (memcmp (digest, "\x3c\xb0\x9d\x83\x28\x01\xef\xc0" "\x7b\xb3\xaf\x42\x69\xe5\x93\x9a", 16) == 0) { if (debug) success ("gnutls_hmac_fast(MD5) OK\n"); } else { hexprint (digest, 16); fail ("gnutls_hmac_fast(MD5) failure\n"); } } err = gnutls_hmac_fast (GNUTLS_MAC_SHA1, "keykeykey", 9, "abcdefgh", 8, digest); if (err < 0) fail ("gnutls_hmac_fast(SHA1) failed: %d\n", err); else { if (memcmp (digest, "\x58\x93\x7a\x58\xfe\xea\x82\xf8" "\x0e\x64\x62\x01\x40\x2b\x2c\xed\x5d\x54\xc1\xfa", 20) == 0) { if (debug) success ("gnutls_hmac_fast(SHA1) OK\n"); } else { hexprint (digest, 20); fail ("gnutls_hmac_fast(SHA1) failure\n"); } } err = _gnutls_pbkdf2_sha1 ("password", 8, (unsigned char*)"salt", 4, 4711, digest, 16); if (err < 0) fail ("_gnutls_pkcs5_pbkdf2_sha1() failed: %d\n", err); else { if (memcmp (digest, "\x09\xb7\x85\x57\xdd\xf6\x07\x15" "\x1c\x52\x34\xde\xba\x5c\xdc\x59", 16) == 0) { if (debug) success ("_gnutls_pkcs5_pbkdf2_sha1() OK\n"); } else { hexprint (digest, 16); fail ("_gnutls_pkcs5_pbkdf2_sha1() failure\n"); } } gnutls_global_deinit (); }
/* Run an HMAC using the key above on the library binary data. * Returns true on success and false on error. */ static unsigned check_binary_integrity(const char* libname, const char* symbol) { int ret; unsigned prev; char mac_file[GNUTLS_PATH_MAX]; char file[GNUTLS_PATH_MAX]; uint8_t hmac[HMAC_SIZE]; uint8_t new_hmac[HMAC_SIZE]; size_t hmac_size; gnutls_datum_t data; ret = get_library_path(libname, symbol, file, sizeof(file)); if (ret < 0) { _gnutls_debug_log("Could not get path for library %s\n", libname); return 0; } _gnutls_debug_log("Loading: %s\n", file); ret = gnutls_load_file(file, &data); if (ret < 0) { _gnutls_debug_log("Could not load: %s\n", file); return gnutls_assert_val(0); } prev = _gnutls_get_lib_state(); _gnutls_switch_lib_state(LIB_STATE_OPERATIONAL); ret = gnutls_hmac_fast(HMAC_ALGO, FIPS_KEY, sizeof(FIPS_KEY)-1, data.data, data.size, new_hmac); _gnutls_switch_lib_state(prev); gnutls_free(data.data); if (ret < 0) return gnutls_assert_val(0); /* now open the .hmac file and compare */ get_hmac_file(mac_file, sizeof(mac_file), file); ret = gnutls_load_file(mac_file, &data); if (ret < 0) { get_hmac_file2(mac_file, sizeof(mac_file), file); ret = gnutls_load_file(mac_file, &data); if (ret < 0) { _gnutls_debug_log("Could not open %s for MAC testing: %s\n", mac_file, gnutls_strerror(ret)); return gnutls_assert_val(0); } } hmac_size = hex_data_size(data.size); ret = gnutls_hex_decode(&data, hmac, &hmac_size); gnutls_free(data.data); if (ret < 0) { _gnutls_debug_log("Could not convert hex data to binary for MAC testing for %s.\n", libname); return gnutls_assert_val(0); } if (hmac_size != sizeof(hmac) || memcmp(hmac, new_hmac, sizeof(hmac)) != 0) { _gnutls_debug_log("Calculated MAC for %s does not match\n", libname); return gnutls_assert_val(0); } _gnutls_debug_log("Successfully verified MAC for %s (%s)\n", mac_file, libname); return 1; }