mirrors
/
rspamd
mirror of https://github.com/vstakhov/rspamd.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 159 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4961 Commits
30 Branches
Tree: 790ca10c6d
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '790ca10c6d'
${ noResults }
rspamd/test/rspamd_cryptobox_test.c

rspamd_cryptobox_test.c 8.8KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332 
  1. /*

  2.  * Copyright (c) 2015, Vsevolod Stakhov

  3.  * All rights reserved.

  4.  *

  5.  * Redistribution and use in source and binary forms, with or without

  6.  * modification, are permitted provided that the following conditions are met:

  7.  *	 * Redistributions of source code must retain the above copyright

  8.  *	   notice, this list of conditions and the following disclaimer.

  9.  *	 * Redistributions in binary form must reproduce the above copyright

  10.  *	   notice, this list of conditions and the following disclaimer in the

  11.  *	   documentation and/or other materials provided with the distribution.

  12.  *

  13.  * THIS SOFTWARE IS PROVIDED BY AUTHOR ''AS IS'' AND ANY

  14.  * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED

  15.  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE

  16.  * DISCLAIMED. IN NO EVENT SHALL AUTHOR BE LIABLE FOR ANY

  17.  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES

  18.  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

  19.  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND

  20.  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT

  21.  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS

  22.  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

  23.  */

  24. 

  25. 

  26. #include "config.h"

  27. #include "rspamd.h"

  28. #include "shingles.h"

  29. #include "fstring.h"

  30. #include "ottery.h"

  31. #include "cryptobox.h"

  32. 

  33. static const int mapping_size = 64 * 8192 + 1;

  34. static const int max_seg = 32;

  35. static const int random_fuzz_cnt = 10000;

  36. 

  37. static void *

  38. create_mapping (int mapping_len, guchar **beg, guchar **end)

  39. {

  40. 	void *map;

  41. 	int psize = getpagesize ();

  42. 

  43. 	map = mmap (NULL, mapping_len + psize * 3, PROT_READ|PROT_WRITE,

  44. 			MAP_ANON|MAP_SHARED, -1, 0);

  45. 	g_assert (map != 0);

  46. 	memset (map, 0, mapping_len + psize * 3);

  47. 	mprotect (map, psize, PROT_NONE);

  48. 	/* Misalign pointer */

  49. 	*beg = ((guchar *)map) + psize + 1;

  50. 	*end = *beg + mapping_len;

  51. 	mprotect (*beg + mapping_len - 1 + psize, psize, PROT_NONE);

  52. 

  53. 	return map;

  54. }

  55. 

  56. static void

  57. check_result (const rspamd_nm_t key, const rspamd_nonce_t nonce,

  58. 		const rspamd_sig_t mac, guchar *begin, guchar *end)

  59. {

  60. 	guint64 *t = (guint64 *)begin;

  61. 

  62. 	g_assert (rspamd_cryptobox_decrypt_nm_inplace (begin, end - begin, nonce, key,

  63. 			mac));

  64. 

  65. 	while (t < (guint64 *)end) {

  66. 		g_assert (*t == 0);

  67. 		t ++;

  68. 	}

  69. }

  70. 

  71. static int

  72. create_random_split (struct rspamd_cryptobox_segment *seg, int mseg,

  73. 		guchar *begin, guchar *end)

  74. {

  75. 	gsize remain = end - begin;

  76. 	gint used = 0;

  77. 

  78. 	while (remain > 0 && used < mseg - 1) {

  79. 		seg->data = begin;

  80. 		seg->len = ottery_rand_range (remain - 1) + 1;

  81. 

  82. 		begin += seg->len;

  83. 		remain -= seg->len;

  84. 		used ++;

  85. 		seg ++;

  86. 	}

  87. 

  88. 	if (remain > 0) {

  89. 		seg->data = begin;

  90. 		seg->len = remain;

  91. 		used ++;

  92. 	}

  93. 

  94. 	return used;

  95. }

  96. 

  97. static int

  98. create_realistic_split (struct rspamd_cryptobox_segment *seg, int mseg,

  99. 		guchar *begin, guchar *end)

  100. {

  101. 	gsize remain = end - begin;

  102. 	gint used = 0;

  103. 	static const int small_seg = 512, medium_seg = 2048;

  104. 

  105. 	while (remain > 0 && used < mseg - 1) {

  106. 		seg->data = begin;

  107. 

  108. 		if (ottery_rand_uint32 () % 2 == 0) {

  109. 			seg->len = ottery_rand_range (small_seg) + 1;

  110. 		}

  111. 		else {

  112. 			seg->len = ottery_rand_range (medium_seg) +

  113. 					small_seg;

  114. 		}

  115. 		if (seg->len > remain) {

  116. 			seg->len = remain;

  117. 		}

  118. 

  119. 		begin += seg->len;

  120. 		remain -= seg->len;

  121. 		used ++;

  122. 		seg ++;

  123. 	}

  124. 

  125. 	if (remain > 0) {

  126. 		seg->data = begin;

  127. 		seg->len = remain;

  128. 		used ++;

  129. 	}

  130. 

  131. 	return used;

  132. }

  133. 

  134. static int

  135. create_constrainted_split (struct rspamd_cryptobox_segment *seg, int mseg,

  136. 		int constraint,

  137. 		guchar *begin, guchar *end)

  138. {

  139. 	gsize remain = end - begin;

  140. 	gint used = 0;

  141. 

  142. 	while (remain > 0 && used < mseg - 1) {

  143. 		seg->data = begin;

  144. 		seg->len = constraint;

  145. 		if (seg->len > remain) {

  146. 			seg->len = remain;

  147. 		}

  148. 		begin += seg->len;

  149. 		remain -= seg->len;

  150. 		used ++;

  151. 		seg ++;

  152. 	}

  153. 

  154. 	if (remain > 0) {

  155. 		seg->data = begin;

  156. 		seg->len = remain;

  157. 		used ++;

  158. 	}

  159. 

  160. 	return used;

  161. }

  162. 

  163. void

  164. rspamd_cryptobox_test_func (void)

  165. {

  166. 	void *map;

  167. 	guchar *begin, *end;

  168. 	rspamd_nm_t key;

  169. 	rspamd_nonce_t nonce;

  170. 	rspamd_sig_t mac;

  171. 	struct rspamd_cryptobox_segment *seg;

  172. 	double t1, t2;

  173. 	gint i, cnt, ms;

  174. 

  175. 	map = create_mapping (mapping_size, &begin, &end);

  176. 

  177. 	ottery_rand_bytes (key, sizeof (key));

  178. 	ottery_rand_bytes (nonce, sizeof (nonce));

  179. 

  180. 	memset (mac, 0, sizeof (mac));

  181. 	seg = g_slice_alloc0 (sizeof (*seg) * max_seg * 10);

  182. 

  183. 	/* Test baseline */

  184. 	t1 = rspamd_get_ticks ();

  185. 	rspamd_cryptobox_encrypt_nm_inplace (begin, end - begin, nonce, key, mac);

  186. 	t2 = rspamd_get_ticks ();

  187. 	check_result (key, nonce, mac, begin, end);

  188. 

  189. 	msg_info ("baseline encryption: %.6f", t2 - t1);

  190. 	/* A single chunk as vector */

  191. 	seg[0].data = begin;

  192. 	seg[0].len = end - begin;

  193. 	t1 = rspamd_get_ticks ();

  194. 	rspamd_cryptobox_encryptv_nm_inplace (seg, 1, nonce, key, mac);

  195. 	t2 = rspamd_get_ticks ();

  196. 

  197. 	check_result (key, nonce, mac, begin, end);

  198. 

  199. 	msg_info ("bulk encryption: %.6f", t2 - t1);

  200. 

  201. 	/* Two chunks as vector */

  202. 	seg[0].data = begin;

  203. 	seg[0].len = (end - begin) / 2;

  204. 	seg[1].data = begin + seg[0].len;

  205. 	seg[1].len = (end - begin) - seg[0].len;

  206. 	t1 = rspamd_get_ticks ();

  207. 	rspamd_cryptobox_encryptv_nm_inplace (seg, 2, nonce, key, mac);

  208. 	t2 = rspamd_get_ticks ();

  209. 

  210. 	check_result (key, nonce, mac, begin, end);

  211. 

  212. 	msg_info ("2 equal chunks encryption: %.6f", t2 - t1);

  213. 

  214. 	seg[0].data = begin;

  215. 	seg[0].len = 1;

  216. 	seg[1].data = begin + seg[0].len;

  217. 	seg[1].len = (end - begin) - seg[0].len;

  218. 	t1 = rspamd_get_ticks ();

  219. 	rspamd_cryptobox_encryptv_nm_inplace (seg, 2, nonce, key, mac);

  220. 	t2 = rspamd_get_ticks ();

  221. 

  222. 	check_result (key, nonce, mac, begin, end);

  223. 

  224. 	msg_info ("small and large chunks encryption: %.6f", t2 - t1);

  225. 

  226. 	seg[0].data = begin;

  227. 	seg[0].len = (end - begin) - 3;

  228. 	seg[1].data = begin + seg[0].len;

  229. 	seg[1].len = (end - begin) - seg[0].len;

  230. 	t1 = rspamd_get_ticks ();

  231. 	rspamd_cryptobox_encryptv_nm_inplace (seg, 2, nonce, key, mac);

  232. 	t2 = rspamd_get_ticks ();

  233. 

  234. 	check_result (key, nonce, mac, begin, end);

  235. 

  236. 	msg_info ("large and small chunks encryption: %.6f", t2 - t1);

  237. 

  238. 	/* Random two chunks as vector */

  239. 	seg[0].data = begin;

  240. 	seg[0].len = ottery_rand_range (end - begin - 1) + 1;

  241. 	seg[1].data = begin + seg[0].len;

  242. 	seg[1].len = (end - begin) - seg[0].len;

  243. 	t1 = rspamd_get_ticks ();

  244. 	rspamd_cryptobox_encryptv_nm_inplace (seg, 2, nonce, key, mac);

  245. 	t2 = rspamd_get_ticks ();

  246. 

  247. 	check_result (key, nonce, mac, begin, end);

  248. 

  249. 	msg_info ("random 2 chunks encryption: %.6f", t2 - t1);

  250. 

  251. 	/* 3 specific chunks */

  252. 	seg[0].data = begin;

  253. 	seg[0].len = 2;

  254. 	seg[1].data = begin + seg[0].len;

  255. 	seg[1].len = 2049;

  256. 	seg[2].data = begin + seg[0].len + seg[1].len;

  257. 	seg[2].len = (end - begin) - seg[0].len - seg[1].len;

  258. 	t1 = rspamd_get_ticks ();

  259. 	rspamd_cryptobox_encryptv_nm_inplace (seg, 3, nonce, key, mac);

  260. 	t2 = rspamd_get_ticks ();

  261. 

  262. 	check_result (key, nonce, mac, begin, end);

  263. 

  264. 	msg_info ("small, medium and large chunks encryption: %.6f", t2 - t1);

  265. 

  266. 	cnt = create_random_split (seg, max_seg, begin, end);

  267. 	t1 = rspamd_get_ticks ();

  268. 	rspamd_cryptobox_encryptv_nm_inplace (seg, cnt, nonce, key, mac);

  269. 	t2 = rspamd_get_ticks ();

  270. 

  271. 	check_result (key, nonce, mac, begin, end);

  272. 

  273. 	msg_info ("random split of %d chunks encryption: %.6f", cnt, t2 - t1);

  274. 

  275. 	cnt = create_realistic_split (seg, max_seg, begin, end);

  276. 	t1 = rspamd_get_ticks ();

  277. 	rspamd_cryptobox_encryptv_nm_inplace (seg, cnt, nonce, key, mac);

  278. 	t2 = rspamd_get_ticks ();

  279. 

  280. 	check_result (key, nonce, mac, begin, end);

  281. 

  282. 	msg_info ("realistic split of %d chunks encryption: %.6f", cnt, t2 - t1);

  283. 

  284. 	cnt = create_constrainted_split (seg, max_seg + 1, 32, begin, end);

  285. 	t1 = rspamd_get_ticks ();

  286. 	rspamd_cryptobox_encryptv_nm_inplace (seg, cnt, nonce, key, mac);

  287. 	t2 = rspamd_get_ticks ();

  288. 

  289. 	check_result (key, nonce, mac, begin, end);

  290. 

  291. 	msg_info ("constrainted split of %d chunks encryption: %.6f", cnt, t2 - t1);

  292. 

  293. 	for (i = 0; i < random_fuzz_cnt; i ++) {

  294. 		ms = ottery_rand_range (i % max_seg * 2) + 1;

  295. 		cnt = create_random_split (seg, ms, begin, end);

  296. 		t1 = rspamd_get_ticks ();

  297. 		rspamd_cryptobox_encryptv_nm_inplace (seg, cnt, nonce, key, mac);

  298. 		t2 = rspamd_get_ticks ();

  299. 

  300. 		check_result (key, nonce, mac, begin, end);

  301. 

  302. 		if (i % 1000 == 0) {

  303. 			msg_info ("random fuzz iterations: %d", i);

  304. 		}

  305. 	}

  306. 	for (i = 0; i < random_fuzz_cnt; i ++) {

  307. 		ms = ottery_rand_range (i % max_seg * 2) + 1;

  308. 		cnt = create_realistic_split (seg, ms, begin, end);

  309. 		t1 = rspamd_get_ticks ();

  310. 		rspamd_cryptobox_encryptv_nm_inplace (seg, cnt, nonce, key, mac);

  311. 		t2 = rspamd_get_ticks ();

  312. 

  313. 		check_result (key, nonce, mac, begin, end);

  314. 

  315. 		if (i % 1000 == 0) {

  316. 			msg_info ("realistic fuzz iterations: %d", i);

  317. 		}

  318. 	}

  319. 	for (i = 0; i < random_fuzz_cnt; i ++) {

  320. 		ms = ottery_rand_range (i % max_seg * 10) + 1;

  321. 		cnt = create_constrainted_split (seg, ms, i, begin, end);

  322. 		t1 = rspamd_get_ticks ();

  323. 		rspamd_cryptobox_encryptv_nm_inplace (seg, cnt, nonce, key, mac);

  324. 		t2 = rspamd_get_ticks ();

  325. 

  326. 		check_result (key, nonce, mac, begin, end);

  327. 

  328. 		if (i % 1000 == 0) {

  329. 			msg_info ("constrainted fuzz iterations: %d", i);

  330. 		}

  331. 	}

  332. }