mirrors
/
rspamd
mirror of https://github.com/vstakhov/rspamd.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 159 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5492 Commits
29 Branches
Tree: b9ca3adcab
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'b9ca3adcab'
${ noResults }
rspamd/test/rspamd_cryptobox_test.c

rspamd_cryptobox_test.c 9.3KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355 
  1. /*

  2.  * Copyright (c) 2015, Vsevolod Stakhov

  3.  * All rights reserved.

  4.  *

  5.  * Redistribution and use in source and binary forms, with or without

  6.  * modification, are permitted provided that the following conditions are met:

  7.  *	 * Redistributions of source code must retain the above copyright

  8.  *	   notice, this list of conditions and the following disclaimer.

  9.  *	 * Redistributions in binary form must reproduce the above copyright

  10.  *	   notice, this list of conditions and the following disclaimer in the

  11.  *	   documentation and/or other materials provided with the distribution.

  12.  *

  13.  * THIS SOFTWARE IS PROVIDED BY AUTHOR ''AS IS'' AND ANY

  14.  * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED

  15.  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE

  16.  * DISCLAIMED. IN NO EVENT SHALL AUTHOR BE LIABLE FOR ANY

  17.  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES

  18.  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

  19.  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND

  20.  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT

  21.  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS

  22.  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

  23.  */

  24. 

  25. 

  26. #include "config.h"

  27. #include "rspamd.h"

  28. #include "shingles.h"

  29. #include "fstring.h"

  30. #include "ottery.h"

  31. #include "cryptobox.h"

  32. #include "unix-std.h"

  33. 

  34. static const int mapping_size = 64 * 8192 + 1;

  35. static const int max_seg = 32;

  36. static const int random_fuzz_cnt = 10000;

  37. 

  38. static void *

  39. create_mapping (int mapping_len, guchar **beg, guchar **end)

  40. {

  41. 	void *map;

  42. 	int psize = getpagesize ();

  43. 

  44. 	map = mmap (NULL, mapping_len + psize * 3, PROT_READ|PROT_WRITE,

  45. 			MAP_ANON|MAP_SHARED, -1, 0);

  46. 	g_assert (map != 0);

  47. 	memset (map, 0, mapping_len + psize * 3);

  48. 	mprotect (map, psize, PROT_NONE);

  49. 	/* Misalign pointer */

  50. 	*beg = ((guchar *)map) + psize + 1;

  51. 	*end = *beg + mapping_len;

  52. 	mprotect (*beg + mapping_len - 1 + psize, psize, PROT_NONE);

  53. 

  54. 	return map;

  55. }

  56. 

  57. static void

  58. check_result (const rspamd_nm_t key, const rspamd_nonce_t nonce,

  59. 		const rspamd_sig_t mac, guchar *begin, guchar *end)

  60. {

  61. 	guint64 *t = (guint64 *)begin;

  62. 

  63. 	g_assert (rspamd_cryptobox_decrypt_nm_inplace (begin, end - begin, nonce, key,

  64. 			mac));

  65. 

  66. 	while (t < (guint64 *)end) {

  67. 		g_assert (*t == 0);

  68. 		t ++;

  69. 	}

  70. }

  71. 

  72. static int

  73. create_random_split (struct rspamd_cryptobox_segment *seg, int mseg,

  74. 		guchar *begin, guchar *end)

  75. {

  76. 	gsize remain = end - begin;

  77. 	gint used = 0;

  78. 

  79. 	while (remain > 0 && used < mseg - 1) {

  80. 		seg->data = begin;

  81. 		seg->len = ottery_rand_range (remain - 1) + 1;

  82. 

  83. 		begin += seg->len;

  84. 		remain -= seg->len;

  85. 		used ++;

  86. 		seg ++;

  87. 	}

  88. 

  89. 	if (remain > 0) {

  90. 		seg->data = begin;

  91. 		seg->len = remain;

  92. 		used ++;

  93. 	}

  94. 

  95. 	return used;

  96. }

  97. 

  98. static int

  99. create_realistic_split (struct rspamd_cryptobox_segment *seg, int mseg,

  100. 		guchar *begin, guchar *end)

  101. {

  102. 	gsize remain = end - begin;

  103. 	gint used = 0;

  104. 	static const int small_seg = 512, medium_seg = 2048;

  105. 

  106. 	while (remain > 0 && used < mseg - 1) {

  107. 		seg->data = begin;

  108. 

  109. 		if (ottery_rand_uint32 () % 2 == 0) {

  110. 			seg->len = ottery_rand_range (small_seg) + 1;

  111. 		}

  112. 		else {

  113. 			seg->len = ottery_rand_range (medium_seg) +

  114. 					small_seg;

  115. 		}

  116. 		if (seg->len > remain) {

  117. 			seg->len = remain;

  118. 		}

  119. 

  120. 		begin += seg->len;

  121. 		remain -= seg->len;

  122. 		used ++;

  123. 		seg ++;

  124. 	}

  125. 

  126. 	if (remain > 0) {

  127. 		seg->data = begin;

  128. 		seg->len = remain;

  129. 		used ++;

  130. 	}

  131. 

  132. 	return used;

  133. }

  134. 

  135. static int

  136. create_constrainted_split (struct rspamd_cryptobox_segment *seg, int mseg,

  137. 		int constraint,

  138. 		guchar *begin, guchar *end)

  139. {

  140. 	gsize remain = end - begin;

  141. 	gint used = 0;

  142. 

  143. 	while (remain > 0 && used < mseg - 1) {

  144. 		seg->data = begin;

  145. 		seg->len = constraint;

  146. 		if (seg->len > remain) {

  147. 			seg->len = remain;

  148. 		}

  149. 		begin += seg->len;

  150. 		remain -= seg->len;

  151. 		used ++;

  152. 		seg ++;

  153. 	}

  154. 

  155. 	if (remain > 0) {

  156. 		seg->data = begin;

  157. 		seg->len = remain;

  158. 		used ++;

  159. 	}

  160. 

  161. 	return used;

  162. }

  163. 

  164. void

  165. rspamd_cryptobox_test_func (void)

  166. {

  167. 	void *map;

  168. 	guchar *begin, *end;

  169. 	rspamd_nm_t key;

  170. 	rspamd_nonce_t nonce;

  171. 	rspamd_sig_t mac;

  172. 	struct rspamd_cryptobox_segment *seg;

  173. 	double t1, t2;

  174. 	gint i, cnt, ms;

  175. 	gboolean checked_openssl = FALSE;

  176. 

  177. 	map = create_mapping (mapping_size, &begin, &end);

  178. 

  179. 	ottery_rand_bytes (key, sizeof (key));

  180. 	ottery_rand_bytes (nonce, sizeof (nonce));

  181. 

  182. 	memset (mac, 0, sizeof (mac));

  183. 	seg = g_slice_alloc0 (sizeof (*seg) * max_seg * 10);

  184. 

  185. 	/* Test baseline */

  186. 	t1 = rspamd_get_ticks ();

  187. 	rspamd_cryptobox_encrypt_nm_inplace (begin, end - begin, nonce, key, mac);

  188. 	t2 = rspamd_get_ticks ();

  189. 	check_result (key, nonce, mac, begin, end);

  190. 

  191. 	msg_info ("baseline encryption: %.6f", t2 - t1);

  192. 

  193. 	if (rspamd_cryptobox_openssl_mode (TRUE)) {

  194. 		t1 = rspamd_get_ticks ();

  195. 		rspamd_cryptobox_encrypt_nm_inplace (begin,

  196. 				end - begin,

  197. 				nonce,

  198. 				key,

  199. 				mac);

  200. 		t2 = rspamd_get_ticks ();

  201. 		check_result (key, nonce, mac, begin, end);

  202. 

  203. 		msg_info ("openssl baseline encryption: %.6f", t2 - t1);

  204. 		rspamd_cryptobox_openssl_mode (FALSE);

  205. 	}

  206. 

  207. start:

  208. 	/* A single chunk as vector */

  209. 	seg[0].data = begin;

  210. 	seg[0].len = end - begin;

  211. 	t1 = rspamd_get_ticks ();

  212. 	rspamd_cryptobox_encryptv_nm_inplace (seg, 1, nonce, key, mac);

  213. 	t2 = rspamd_get_ticks ();

  214. 

  215. 	check_result (key, nonce, mac, begin, end);

  216. 

  217. 	msg_info ("bulk encryption: %.6f", t2 - t1);

  218. 

  219. 	/* Two chunks as vector */

  220. 	seg[0].data = begin;

  221. 	seg[0].len = (end - begin) / 2;

  222. 	seg[1].data = begin + seg[0].len;

  223. 	seg[1].len = (end - begin) - seg[0].len;

  224. 	t1 = rspamd_get_ticks ();

  225. 	rspamd_cryptobox_encryptv_nm_inplace (seg, 2, nonce, key, mac);

  226. 	t2 = rspamd_get_ticks ();

  227. 

  228. 	check_result (key, nonce, mac, begin, end);

  229. 

  230. 	msg_info ("2 equal chunks encryption: %.6f", t2 - t1);

  231. 

  232. 	seg[0].data = begin;

  233. 	seg[0].len = 1;

  234. 	seg[1].data = begin + seg[0].len;

  235. 	seg[1].len = (end - begin) - seg[0].len;

  236. 	t1 = rspamd_get_ticks ();

  237. 	rspamd_cryptobox_encryptv_nm_inplace (seg, 2, nonce, key, mac);

  238. 	t2 = rspamd_get_ticks ();

  239. 

  240. 	check_result (key, nonce, mac, begin, end);

  241. 

  242. 	msg_info ("small and large chunks encryption: %.6f", t2 - t1);

  243. 

  244. 	seg[0].data = begin;

  245. 	seg[0].len = (end - begin) - 3;

  246. 	seg[1].data = begin + seg[0].len;

  247. 	seg[1].len = (end - begin) - seg[0].len;

  248. 	t1 = rspamd_get_ticks ();

  249. 	rspamd_cryptobox_encryptv_nm_inplace (seg, 2, nonce, key, mac);

  250. 	t2 = rspamd_get_ticks ();

  251. 

  252. 	check_result (key, nonce, mac, begin, end);

  253. 

  254. 	msg_info ("large and small chunks encryption: %.6f", t2 - t1);

  255. 

  256. 	/* Random two chunks as vector */

  257. 	seg[0].data = begin;

  258. 	seg[0].len = ottery_rand_range (end - begin - 1) + 1;

  259. 	seg[1].data = begin + seg[0].len;

  260. 	seg[1].len = (end - begin) - seg[0].len;

  261. 	t1 = rspamd_get_ticks ();

  262. 	rspamd_cryptobox_encryptv_nm_inplace (seg, 2, nonce, key, mac);

  263. 	t2 = rspamd_get_ticks ();

  264. 

  265. 	check_result (key, nonce, mac, begin, end);

  266. 

  267. 	msg_info ("random 2 chunks encryption: %.6f", t2 - t1);

  268. 

  269. 	/* 3 specific chunks */

  270. 	seg[0].data = begin;

  271. 	seg[0].len = 2;

  272. 	seg[1].data = begin + seg[0].len;

  273. 	seg[1].len = 2049;

  274. 	seg[2].data = begin + seg[0].len + seg[1].len;

  275. 	seg[2].len = (end - begin) - seg[0].len - seg[1].len;

  276. 	t1 = rspamd_get_ticks ();

  277. 	rspamd_cryptobox_encryptv_nm_inplace (seg, 3, nonce, key, mac);

  278. 	t2 = rspamd_get_ticks ();

  279. 

  280. 	check_result (key, nonce, mac, begin, end);

  281. 

  282. 	msg_info ("small, medium and large chunks encryption: %.6f", t2 - t1);

  283. 

  284. 	cnt = create_random_split (seg, max_seg, begin, end);

  285. 	t1 = rspamd_get_ticks ();

  286. 	rspamd_cryptobox_encryptv_nm_inplace (seg, cnt, nonce, key, mac);

  287. 	t2 = rspamd_get_ticks ();

  288. 

  289. 	check_result (key, nonce, mac, begin, end);

  290. 

  291. 	msg_info ("random split of %d chunks encryption: %.6f", cnt, t2 - t1);

  292. 

  293. 	cnt = create_realistic_split (seg, max_seg, begin, end);

  294. 	t1 = rspamd_get_ticks ();

  295. 	rspamd_cryptobox_encryptv_nm_inplace (seg, cnt, nonce, key, mac);

  296. 	t2 = rspamd_get_ticks ();

  297. 

  298. 	check_result (key, nonce, mac, begin, end);

  299. 

  300. 	msg_info ("realistic split of %d chunks encryption: %.6f", cnt, t2 - t1);

  301. 

  302. 	cnt = create_constrainted_split (seg, max_seg + 1, 32, begin, end);

  303. 	t1 = rspamd_get_ticks ();

  304. 	rspamd_cryptobox_encryptv_nm_inplace (seg, cnt, nonce, key, mac);

  305. 	t2 = rspamd_get_ticks ();

  306. 

  307. 	check_result (key, nonce, mac, begin, end);

  308. 

  309. 	msg_info ("constrainted split of %d chunks encryption: %.6f", cnt, t2 - t1);

  310. 

  311. 	for (i = 0; i < random_fuzz_cnt; i ++) {

  312. 		ms = ottery_rand_range (i % max_seg * 2) + 1;

  313. 		cnt = create_random_split (seg, ms, begin, end);

  314. 		t1 = rspamd_get_ticks ();

  315. 		rspamd_cryptobox_encryptv_nm_inplace (seg, cnt, nonce, key, mac);

  316. 		t2 = rspamd_get_ticks ();

  317. 

  318. 		check_result (key, nonce, mac, begin, end);

  319. 

  320. 		if (i % 1000 == 0) {

  321. 			msg_info ("random fuzz iterations: %d", i);

  322. 		}

  323. 	}

  324. 	for (i = 0; i < random_fuzz_cnt; i ++) {

  325. 		ms = ottery_rand_range (i % max_seg * 2) + 1;

  326. 		cnt = create_realistic_split (seg, ms, begin, end);

  327. 		t1 = rspamd_get_ticks ();

  328. 		rspamd_cryptobox_encryptv_nm_inplace (seg, cnt, nonce, key, mac);

  329. 		t2 = rspamd_get_ticks ();

  330. 

  331. 		check_result (key, nonce, mac, begin, end);

  332. 

  333. 		if (i % 1000 == 0) {

  334. 			msg_info ("realistic fuzz iterations: %d", i);

  335. 		}

  336. 	}

  337. 	for (i = 0; i < random_fuzz_cnt; i ++) {

  338. 		ms = ottery_rand_range (i % max_seg * 10) + 1;

  339. 		cnt = create_constrainted_split (seg, ms, i, begin, end);

  340. 		t1 = rspamd_get_ticks ();

  341. 		rspamd_cryptobox_encryptv_nm_inplace (seg, cnt, nonce, key, mac);

  342. 		t2 = rspamd_get_ticks ();

  343. 

  344. 		check_result (key, nonce, mac, begin, end);

  345. 

  346. 		if (i % 1000 == 0) {

  347. 			msg_info ("constrainted fuzz iterations: %d", i);

  348. 		}

  349. 	}

  350. 

  351. 	if (!checked_openssl && rspamd_cryptobox_openssl_mode (TRUE)) {

  352. 		checked_openssl = TRUE;

  353. 		goto start;

  354. 	}

  355. }