mirrors
/
rspamd
镜像来自 https://github.com/vstakhov/rspamd.git
關注 1
收藏 0
複製 0
程式碼 問題 0 版本發佈 159 Wiki 活動
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6035 提交
28 分支
目錄樹: 8766fba694
分支列表 標籤
${ item.name }
建立分支 ${ searchTerm }
從 '8766fba694'
${ noResults }
rspamd/test/rspamd_cryptobox_test.c

rspamd_cryptobox_test.c 8.6KB
原始文件 Blame 歷史記錄

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345 
  1. /*-

  2.  * Copyright 2016 Vsevolod Stakhov

  3.  *

  4.  * Licensed under the Apache License, Version 2.0 (the "License");

  5.  * you may not use this file except in compliance with the License.

  6.  * You may obtain a copy of the License at

  7.  *

  8.  *   http://www.apache.org/licenses/LICENSE-2.0

  9.  *

  10.  * Unless required by applicable law or agreed to in writing, software

  11.  * distributed under the License is distributed on an "AS IS" BASIS,

  12.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  13.  * See the License for the specific language governing permissions and

  14.  * limitations under the License.

  15.  */

  16. #include "config.h"

  17. #include "rspamd.h"

  18. #include "shingles.h"

  19. #include "fstring.h"

  20. #include "ottery.h"

  21. #include "cryptobox.h"

  22. #include "unix-std.h"

  23. 

  24. static const int mapping_size = 64 * 8192 + 1;

  25. static const int max_seg = 32;

  26. static const int random_fuzz_cnt = 10000;

  27. 

  28. static void *

  29. create_mapping (int mapping_len, guchar **beg, guchar **end)

  30. {

  31. 	void *map;

  32. 	int psize = getpagesize ();

  33. 

  34. 	map = mmap (NULL, mapping_len + psize * 3, PROT_READ|PROT_WRITE,

  35. 			MAP_ANON|MAP_SHARED, -1, 0);

  36. 	g_assert (map != 0);

  37. 	memset (map, 0, mapping_len + psize * 3);

  38. 	mprotect (map, psize, PROT_NONE);

  39. 	/* Misalign pointer */

  40. 	*beg = ((guchar *)map) + psize + 1;

  41. 	*end = *beg + mapping_len;

  42. 	mprotect (*beg + mapping_len - 1 + psize, psize, PROT_NONE);

  43. 

  44. 	return map;

  45. }

  46. 

  47. static void

  48. check_result (const rspamd_nm_t key, const rspamd_nonce_t nonce,

  49. 		const rspamd_mac_t mac, guchar *begin, guchar *end)

  50. {

  51. 	guint64 *t = (guint64 *)begin;

  52. 

  53. 	g_assert (rspamd_cryptobox_decrypt_nm_inplace (begin, end - begin, nonce, key,

  54. 			mac));

  55. 

  56. 	while (t < (guint64 *)end) {

  57. 		g_assert (*t == 0);

  58. 		t ++;

  59. 	}

  60. }

  61. 

  62. static int

  63. create_random_split (struct rspamd_cryptobox_segment *seg, int mseg,

  64. 		guchar *begin, guchar *end)

  65. {

  66. 	gsize remain = end - begin;

  67. 	gint used = 0;

  68. 

  69. 	while (remain > 0 && used < mseg - 1) {

  70. 		seg->data = begin;

  71. 		seg->len = ottery_rand_range (remain - 1) + 1;

  72. 

  73. 		begin += seg->len;

  74. 		remain -= seg->len;

  75. 		used ++;

  76. 		seg ++;

  77. 	}

  78. 

  79. 	if (remain > 0) {

  80. 		seg->data = begin;

  81. 		seg->len = remain;

  82. 		used ++;

  83. 	}

  84. 

  85. 	return used;

  86. }

  87. 

  88. static int

  89. create_realistic_split (struct rspamd_cryptobox_segment *seg, int mseg,

  90. 		guchar *begin, guchar *end)

  91. {

  92. 	gsize remain = end - begin;

  93. 	gint used = 0;

  94. 	static const int small_seg = 512, medium_seg = 2048;

  95. 

  96. 	while (remain > 0 && used < mseg - 1) {

  97. 		seg->data = begin;

  98. 

  99. 		if (ottery_rand_uint32 () % 2 == 0) {

  100. 			seg->len = ottery_rand_range (small_seg) + 1;

  101. 		}

  102. 		else {

  103. 			seg->len = ottery_rand_range (medium_seg) +

  104. 					small_seg;

  105. 		}

  106. 		if (seg->len > remain) {

  107. 			seg->len = remain;

  108. 		}

  109. 

  110. 		begin += seg->len;

  111. 		remain -= seg->len;

  112. 		used ++;

  113. 		seg ++;

  114. 	}

  115. 

  116. 	if (remain > 0) {

  117. 		seg->data = begin;

  118. 		seg->len = remain;

  119. 		used ++;

  120. 	}

  121. 

  122. 	return used;

  123. }

  124. 

  125. static int

  126. create_constrainted_split (struct rspamd_cryptobox_segment *seg, int mseg,

  127. 		int constraint,

  128. 		guchar *begin, guchar *end)

  129. {

  130. 	gsize remain = end - begin;

  131. 	gint used = 0;

  132. 

  133. 	while (remain > 0 && used < mseg - 1) {

  134. 		seg->data = begin;

  135. 		seg->len = constraint;

  136. 		if (seg->len > remain) {

  137. 			seg->len = remain;

  138. 		}

  139. 		begin += seg->len;

  140. 		remain -= seg->len;

  141. 		used ++;

  142. 		seg ++;

  143. 	}

  144. 

  145. 	if (remain > 0) {

  146. 		seg->data = begin;

  147. 		seg->len = remain;

  148. 		used ++;

  149. 	}

  150. 

  151. 	return used;

  152. }

  153. 

  154. void

  155. rspamd_cryptobox_test_func (void)

  156. {

  157. 	void *map;

  158. 	guchar *begin, *end;

  159. 	rspamd_nm_t key;

  160. 	rspamd_nonce_t nonce;

  161. 	rspamd_mac_t mac;

  162. 	struct rspamd_cryptobox_segment *seg;

  163. 	double t1, t2;

  164. 	gint i, cnt, ms;

  165. 	gboolean checked_openssl = FALSE;

  166. 

  167. 	map = create_mapping (mapping_size, &begin, &end);

  168. 

  169. 	ottery_rand_bytes (key, sizeof (key));

  170. 	ottery_rand_bytes (nonce, sizeof (nonce));

  171. 

  172. 	memset (mac, 0, sizeof (mac));

  173. 	seg = g_slice_alloc0 (sizeof (*seg) * max_seg * 10);

  174. 

  175. 	/* Test baseline */

  176. 	t1 = rspamd_get_ticks ();

  177. 	rspamd_cryptobox_encrypt_nm_inplace (begin, end - begin, nonce, key, mac);

  178. 	t2 = rspamd_get_ticks ();

  179. 	check_result (key, nonce, mac, begin, end);

  180. 

  181. 	msg_info ("baseline encryption: %.6f", t2 - t1);

  182. 

  183. 	if (rspamd_cryptobox_openssl_mode (TRUE)) {

  184. 		t1 = rspamd_get_ticks ();

  185. 		rspamd_cryptobox_encrypt_nm_inplace (begin,

  186. 				end - begin,

  187. 				nonce,

  188. 				key,

  189. 				mac);

  190. 		t2 = rspamd_get_ticks ();

  191. 		check_result (key, nonce, mac, begin, end);

  192. 

  193. 		msg_info ("openssl baseline encryption: %.6f", t2 - t1);

  194. 		rspamd_cryptobox_openssl_mode (FALSE);

  195. 	}

  196. 

  197. start:

  198. 	/* A single chunk as vector */

  199. 	seg[0].data = begin;

  200. 	seg[0].len = end - begin;

  201. 	t1 = rspamd_get_ticks ();

  202. 	rspamd_cryptobox_encryptv_nm_inplace (seg, 1, nonce, key, mac);

  203. 	t2 = rspamd_get_ticks ();

  204. 

  205. 	check_result (key, nonce, mac, begin, end);

  206. 

  207. 	msg_info ("bulk encryption: %.6f", t2 - t1);

  208. 

  209. 	/* Two chunks as vector */

  210. 	seg[0].data = begin;

  211. 	seg[0].len = (end - begin) / 2;

  212. 	seg[1].data = begin + seg[0].len;

  213. 	seg[1].len = (end - begin) - seg[0].len;

  214. 	t1 = rspamd_get_ticks ();

  215. 	rspamd_cryptobox_encryptv_nm_inplace (seg, 2, nonce, key, mac);

  216. 	t2 = rspamd_get_ticks ();

  217. 

  218. 	check_result (key, nonce, mac, begin, end);

  219. 

  220. 	msg_info ("2 equal chunks encryption: %.6f", t2 - t1);

  221. 

  222. 	seg[0].data = begin;

  223. 	seg[0].len = 1;

  224. 	seg[1].data = begin + seg[0].len;

  225. 	seg[1].len = (end - begin) - seg[0].len;

  226. 	t1 = rspamd_get_ticks ();

  227. 	rspamd_cryptobox_encryptv_nm_inplace (seg, 2, nonce, key, mac);

  228. 	t2 = rspamd_get_ticks ();

  229. 

  230. 	check_result (key, nonce, mac, begin, end);

  231. 

  232. 	msg_info ("small and large chunks encryption: %.6f", t2 - t1);

  233. 

  234. 	seg[0].data = begin;

  235. 	seg[0].len = (end - begin) - 3;

  236. 	seg[1].data = begin + seg[0].len;

  237. 	seg[1].len = (end - begin) - seg[0].len;

  238. 	t1 = rspamd_get_ticks ();

  239. 	rspamd_cryptobox_encryptv_nm_inplace (seg, 2, nonce, key, mac);

  240. 	t2 = rspamd_get_ticks ();

  241. 

  242. 	check_result (key, nonce, mac, begin, end);

  243. 

  244. 	msg_info ("large and small chunks encryption: %.6f", t2 - t1);

  245. 

  246. 	/* Random two chunks as vector */

  247. 	seg[0].data = begin;

  248. 	seg[0].len = ottery_rand_range (end - begin - 1) + 1;

  249. 	seg[1].data = begin + seg[0].len;

  250. 	seg[1].len = (end - begin) - seg[0].len;

  251. 	t1 = rspamd_get_ticks ();

  252. 	rspamd_cryptobox_encryptv_nm_inplace (seg, 2, nonce, key, mac);

  253. 	t2 = rspamd_get_ticks ();

  254. 

  255. 	check_result (key, nonce, mac, begin, end);

  256. 

  257. 	msg_info ("random 2 chunks encryption: %.6f", t2 - t1);

  258. 

  259. 	/* 3 specific chunks */

  260. 	seg[0].data = begin;

  261. 	seg[0].len = 2;

  262. 	seg[1].data = begin + seg[0].len;

  263. 	seg[1].len = 2049;

  264. 	seg[2].data = begin + seg[0].len + seg[1].len;

  265. 	seg[2].len = (end - begin) - seg[0].len - seg[1].len;

  266. 	t1 = rspamd_get_ticks ();

  267. 	rspamd_cryptobox_encryptv_nm_inplace (seg, 3, nonce, key, mac);

  268. 	t2 = rspamd_get_ticks ();

  269. 

  270. 	check_result (key, nonce, mac, begin, end);

  271. 

  272. 	msg_info ("small, medium and large chunks encryption: %.6f", t2 - t1);

  273. 

  274. 	cnt = create_random_split (seg, max_seg, begin, end);

  275. 	t1 = rspamd_get_ticks ();

  276. 	rspamd_cryptobox_encryptv_nm_inplace (seg, cnt, nonce, key, mac);

  277. 	t2 = rspamd_get_ticks ();

  278. 

  279. 	check_result (key, nonce, mac, begin, end);

  280. 

  281. 	msg_info ("random split of %d chunks encryption: %.6f", cnt, t2 - t1);

  282. 

  283. 	cnt = create_realistic_split (seg, max_seg, begin, end);

  284. 	t1 = rspamd_get_ticks ();

  285. 	rspamd_cryptobox_encryptv_nm_inplace (seg, cnt, nonce, key, mac);

  286. 	t2 = rspamd_get_ticks ();

  287. 

  288. 	check_result (key, nonce, mac, begin, end);

  289. 

  290. 	msg_info ("realistic split of %d chunks encryption: %.6f", cnt, t2 - t1);

  291. 

  292. 	cnt = create_constrainted_split (seg, max_seg + 1, 32, begin, end);

  293. 	t1 = rspamd_get_ticks ();

  294. 	rspamd_cryptobox_encryptv_nm_inplace (seg, cnt, nonce, key, mac);

  295. 	t2 = rspamd_get_ticks ();

  296. 

  297. 	check_result (key, nonce, mac, begin, end);

  298. 

  299. 	msg_info ("constrainted split of %d chunks encryption: %.6f", cnt, t2 - t1);

  300. 

  301. 	for (i = 0; i < random_fuzz_cnt; i ++) {

  302. 		ms = ottery_rand_range (i % max_seg * 2) + 1;

  303. 		cnt = create_random_split (seg, ms, begin, end);

  304. 		t1 = rspamd_get_ticks ();

  305. 		rspamd_cryptobox_encryptv_nm_inplace (seg, cnt, nonce, key, mac);

  306. 		t2 = rspamd_get_ticks ();

  307. 

  308. 		check_result (key, nonce, mac, begin, end);

  309. 

  310. 		if (i % 1000 == 0) {

  311. 			msg_info ("random fuzz iterations: %d", i);

  312. 		}

  313. 	}

  314. 	for (i = 0; i < random_fuzz_cnt; i ++) {

  315. 		ms = ottery_rand_range (i % max_seg * 2) + 1;

  316. 		cnt = create_realistic_split (seg, ms, begin, end);

  317. 		t1 = rspamd_get_ticks ();

  318. 		rspamd_cryptobox_encryptv_nm_inplace (seg, cnt, nonce, key, mac);

  319. 		t2 = rspamd_get_ticks ();

  320. 

  321. 		check_result (key, nonce, mac, begin, end);

  322. 

  323. 		if (i % 1000 == 0) {

  324. 			msg_info ("realistic fuzz iterations: %d", i);

  325. 		}

  326. 	}

  327. 	for (i = 0; i < random_fuzz_cnt; i ++) {

  328. 		ms = ottery_rand_range (i % max_seg * 10) + 1;

  329. 		cnt = create_constrainted_split (seg, ms, i, begin, end);

  330. 		t1 = rspamd_get_ticks ();

  331. 		rspamd_cryptobox_encryptv_nm_inplace (seg, cnt, nonce, key, mac);

  332. 		t2 = rspamd_get_ticks ();

  333. 

  334. 		check_result (key, nonce, mac, begin, end);

  335. 

  336. 		if (i % 1000 == 0) {

  337. 			msg_info ("constrainted fuzz iterations: %d", i);

  338. 		}

  339. 	}

  340. 

  341. 	if (!checked_openssl && rspamd_cryptobox_openssl_mode (TRUE)) {

  342. 		checked_openssl = TRUE;

  343. 		goto start;

  344. 	}

  345. }