Commit 7ea32e84 authored by Jack Doerner's avatar Jack Doerner

Removed dependence on openssl; replaced with libgcrypt which is also required by obliv-c.

Added benchmark for waksman network.
Note: it turns out sha512 is broken.
parent e37ae4ff
......@@ -2,3 +2,4 @@
*.d
*.o
*.oo
build
......@@ -5,6 +5,7 @@ OBLIVCC = $(OBLIVC_PATH)/bin/oblivcc
OBLIVCH = $(OBLIVC_PATH)/src/ext/oblivc
OBLIVCA = $(OBLIVC_PATH)/_build/libobliv.a
CFLAGS+= -O3 -march=native -I/usr/include -I . -I $(SRC_PATH) -std=c99 -fopenmp
LDFLAGS += -lm -lgomp -lgcrypt
SRC_PATH=src/
LIB_OUT_PATH=build/lib/
......@@ -24,7 +25,7 @@ TEST_DEPS=test_main.o
TEST_BINS = test_obig test_osha256 test_osha512 test_osalsa test_ochacha test_oaes\
test_oqueue test_oram test_oscrypt test_ograph test_omatch test_osearch\
bench_oram_write bench_oram_read bench_oram_init bench_oscrypt bench_bfs bench_bs\
bench_gs bench_rp bench_oaes bench_oqueue
bench_gs bench_rp bench_oaes bench_oqueue bench_waksman
default: $(ACKLIB) tests
......@@ -32,7 +33,7 @@ tests: $(TEST_BINS:%=$(TEST_OUT_PATH)/%)
$(TEST_BINS:%=$(TEST_OUT_PATH)/%): $(TEST_OUT_PATH)/%: $(TEST_PATH)/%.oo $(TEST_DEPS:%=$(TEST_PATH)/%) $(ACKLIB)
mkdir -p $(TEST_OUT_PATH)
$(OBLIVCC) -o $@ $(OBLIVCA) $^ -lm -lssl -lcrypto -lgomp
$(OBLIVCC) -o $@ $(OBLIVCA) $^ $(LDFLAGS)
$(ACKLIB): $(OBJS:%=$(SRC_PATH)/%)
mkdir -p $(LIB_OUT_PATH)
......
......@@ -37,7 +37,7 @@ Features
Installing
=====
1. You must first build [obliv-c](https://github.com/samee/obliv-c/), though it need not be installed in any particular location. In addition to obliv-c, you will need to install the package `openssl-dev` (or your distribution's equivalent). This is necessary only for test cases for SHA256, SHA512, and AES.
1. You must first build [obliv-c](https://github.com/samee/obliv-c/), though it need not be installed in any particular location.
2. To compile ACK, set the path to obliv-c's main project directory via `export OBLIVC_PATH=<path to obliv-c>`, then run `make`.
......
#include <obliv.oh>
#include "shuffle.oh"
#include <copy.oh>
#include "test_generic.h"
static const char TESTNAME[] = "waksman_network_benchmark";
#define TEXT_HELP_SUPPLEMENTARY "\
-e \x1b[4mNUMBER\x1b[0m, --element-count=\x1b[4mNUMBER\x1b[0m \n\t\tuse ORAMs of \x1b[4mNUMBER\x1b[0m elements\n\n\
-s \x1b[4mNUMBER\x1b[0m, --element-size=\x1b[4mNUMBER\x1b[0m \n\t\tuse ORAMs with elements containing \x1b[4mNUMBER\x1b[0m 32-bit words\n\n\
-i \x1b[4mNUMBER\x1b[0m, --samples=\x1b[4mNUMBER\x1b[0m \n\t\trun \x1b[4mNUMBER\x1b[0m iterations of the benchmark\n\n"
static const char options_string[] = "e:s:i:";
static struct option long_options[] = {
{"element-count", required_argument, NULL, 'e'},
{"element-size", required_argument, NULL, 's'},
{"samples", required_argument, NULL, 'i'},
{0, 0, 0, 0}
};
char* get_test_name() {
return TESTNAME;
}
char* get_supplementary_options_string() {
return options_string;
}
struct option* get_long_options() {
return long_options;
}
void print_supplementary_help() {
fprintf(stderr, TEXT_HELP_SUPPLEMENTARY);
}
void test_main(void*varg) {
size_t elct = 4;
size_t elsz = 1;
int samples = 1;
args_t * args_pass = varg;
int arg;
optind = 0; // this allows us to getopt a second time
while ((arg = getopt_long(args_pass->argc, args_pass->argv, options_string, long_options, NULL)) != -1) {
if (arg == 'e') {
elct = atoll(optarg);
if (elct <= 0) {
fprintf (stderr, "Argument for -%c must be positive.\n", arg);
return;
}
} else if (arg == 's') {
elsz = atoll(optarg);
if (elsz <= 0) {
fprintf (stderr, "Argument for -%c must be positive.\n", arg);
return;
}
} else if (arg == 'i') {
samples = atoi(optarg);
if (samples <= 0) {
fprintf (stderr, "Argument for -%c must be positive.\n", arg);
return;
}
} else if (arg == '?' || arg == ':') {
if (optopt == 'e' || optopt == 's' || optopt == 'i') {
fprintf (stderr, "Option -%c requires an argument.\n", optopt);
return;
} else {
fprintf (stderr, "Option -%c not recognized.\n", optopt);
return;
}
} else {
abort();
}
}
fprintf(stdout, "# WAKSMAN (element count, element size, sample 1 microseconds, sample 1 gates, sample 1 bytes, ...)\n");
OcCopy cpy = ocCopyIntN(elsz);
uint64_t tally = 0;
uint64_t tallygates = 0;
uint64_t tallybytes = 0;
OcCopy cpy = ocCopyIntN(elsz);
obliv uint32_t * data = calloc(elsz * elct, sizeof(obliv uint32_t));
for (int kk = 0; kk < elsz*elct; kk++) data[kk] = feedOblivInt(rand(), 1);
fprintf(stdout, "%lld,%lld", elct, elsz);
for (int ii = 0; ii < samples; ii++) {
OcPermNetwork w = ocPermNetworkRandom(elct);
int64_t runtime = -current_timestamp();
int64_t rungates = -yaoGateCount();
int64_t runbytes = -tcp2PBytesSent(ocCurrentProto());
ocPermNetworkApply(&w,&cpy,data);
runtime += current_timestamp();
rungates += yaoGateCount();
runbytes += tcp2PBytesSent(ocCurrentProto());
ocPermNetworkCleanup(&w);
fprintf(stdout, ",%llu,%llu,%llu", runtime,rungates, runbytes);
fflush(stdout);
tally += runtime;
tallygates += rungates;
tallybytes += runbytes;
}
free(data);
fprintf(stdout, "\n");
fprintf(stderr, "Waksman (count:%lld, size: %lld): %llu microseconds avg, %llu gates avg, %llu bytes avg\n", elct, elsz, tally / samples, tallygates/samples, tallybytes/samples);
}
#include <openssl/conf.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <gcrypt.h>
#include <obliv.oh>
#include "oaes.oh"
......@@ -25,13 +23,20 @@ struct option* get_long_options() {
void print_supplementary_help() {}
void handleErrors(void) {
ERR_print_errors_fp(stderr);
abort();
}
GCRY_THREAD_OPTION_PTHREAD_IMPL;
void test_main(void*varg) {
if (!gcry_control(GCRYCTL_INITIALIZATION_FINISHED_P)) {
gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
if(!gcry_check_version(NULL)) {
fprintf(stderr,"libgcrypt init failed\n");
exit(1);
}
gcry_control (GCRYCTL_DISABLE_SECMEM, 0);
gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
}
/* test vectors in this file are taken from http://csrc.nist.gov/groups/STM/cavp/documents/aes/AESAVS.pdf */
{
......@@ -151,25 +156,16 @@ void test_main(void*varg) {
revealOblivInt(&iv_raw[ii*sizeof(uint32_t)], iv[ii*sizeof(uint32_t)], 0);
}
// OpenSSL setup
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
OPENSSL_config(NULL);
EVP_CIPHER_CTX *ctx;
if(!(ctx = EVP_CIPHER_CTX_new())) handleErrors();
if(1 != EVP_EncryptInit_ex(ctx, EVP_aes_128_ctr(), NULL, key_raw, iv_raw)) handleErrors();
if(1 != EVP_CIPHER_CTX_set_padding(ctx, 0)) handleErrors();
int len;
for (int ii = 0; ii < BLOCKCOUNT; ii ++) if(1 != EVP_EncryptUpdate(ctx, &expected_output[16*ii], &len, &input_raw[16*ii], 16)) handleErrors();
// OpenSSL Cleanup
EVP_CIPHER_CTX_free(ctx);
CONF_modules_unload(1);
EVP_cleanup();
CRYPTO_cleanup_all_ex_data();
ERR_remove_state(0);
ERR_free_strings();
// gcrypt setup
gcry_cipher_hd_t handle;
gcry_cipher_open(&handle, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CTR, 0);
gcry_cipher_setkey(handle, key_raw, 16);
gcry_cipher_setctr(handle, iv_raw, 16);
gcry_cipher_encrypt(handle, expected_output, 16*BLOCKCOUNT, input_raw, 16*BLOCKCOUNT);
// gcrypt cleanup
gcry_cipher_close(handle);
oaes_ctx * ctx2 = oaes_128_ctx_ctr_new(key, iv);
for (int ii = 0; ii < BLOCKCOUNT; ii++) oaes_128_encdec(&output[16*ii], ctx2, &input[16*ii]);
......@@ -223,25 +219,16 @@ void test_main(void*varg) {
revealOblivInt(&iv_raw[ii*sizeof(uint32_t)], iv[ii*sizeof(uint32_t)], 0);
}
// OpenSSL setup
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
OPENSSL_config(NULL);
EVP_CIPHER_CTX *ctx;
if(!(ctx = EVP_CIPHER_CTX_new())) handleErrors();
if(1 != EVP_EncryptInit_ex(ctx, EVP_aes_128_ctr(), NULL, key_raw, iv_raw)) handleErrors();
if(1 != EVP_CIPHER_CTX_set_padding(ctx, 0)) handleErrors();
int len;
for (int ii = 0; ii < BLOCKCOUNT; ii ++) if(1 != EVP_EncryptUpdate(ctx, &expected_output[16*ii], &len, &input_raw[16*ii], 16)) handleErrors();
// OpenSSL Cleanup
EVP_CIPHER_CTX_free(ctx);
CONF_modules_unload(1);
EVP_cleanup();
CRYPTO_cleanup_all_ex_data();
ERR_remove_state(0);
ERR_free_strings();
// gcrypt setup
gcry_cipher_hd_t handle;
gcry_cipher_open(&handle, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CTR, 0);
gcry_cipher_setkey(handle, key_raw, 16);
gcry_cipher_setctr(handle, iv_raw, 16);
gcry_cipher_encrypt(handle, expected_output, 16*BLOCKCOUNT, input_raw, 16*BLOCKCOUNT);
// gcrypt cleanup
gcry_cipher_close(handle);
oaes_ctx * ctx2 = oaes_128_ctx_ctr_new(key, iv);
for (int ii = 0; ii < BLOCKCOUNT/2; ii++) oaes_128_encdec_double(&output[32*ii], &output[32*ii+16], ctx2, &input[32*ii], &input[32*ii+16]);
......
#include <obliv.oh>
#include "openssl/sha.h"
#include <gcrypt.h>
#include "osha256.oh"
#include "test_generic.h"
......
......@@ -44,7 +44,7 @@ fprintf(stderr, "\n");
fprintf(stderr, "Test Item: %-70s %s\n", "oHMAC_SHA256 - RFC4231 Test Case 1", (success)?STATUS_SUCCESS:STATUS_FAILURE);
if (!success) {
fprintf(stderr, "\tExpected Digest:\t");
for (int ii = 0; ii < SHA256_DIGEST_LENGTH; ii++) {
for (int ii = 0; ii < OSHA256_DIGEST_LENGTH; ii++) {
fprintf(stderr, "%02hhX", expected_output[ii]);
}
fprintf(stderr, "\n\tActual Digest: \t\t");
......@@ -99,7 +99,7 @@ fprintf(stderr, "\n");
fprintf(stderr, "Test Item: %-70s %s\n", "oHMAC_SHA256 - RFC4231 Test Case 2", (success)?STATUS_SUCCESS:STATUS_FAILURE);
if (!success) {
fprintf(stderr, "\tExpected Digest:\t");
for (int ii = 0; ii < SHA256_DIGEST_LENGTH; ii++) {
for (int ii = 0; ii < OSHA256_DIGEST_LENGTH; ii++) {
fprintf(stderr, "%02hhX", expected_output[ii]);
}
fprintf(stderr, "\n\tActual Digest: \t\t");
......@@ -157,7 +157,7 @@ fprintf(stderr, "\n");
fprintf(stderr, "Test Item: %-70s %s\n", "oHMAC_SHA256 - RFC4231 Test Case 3", (success)?STATUS_SUCCESS:STATUS_FAILURE);
if (!success) {
fprintf(stderr, "\tExpected Digest:\t");
for (int ii = 0; ii < SHA256_DIGEST_LENGTH; ii++) {
for (int ii = 0; ii < OSHA256_DIGEST_LENGTH; ii++) {
fprintf(stderr, "%02hhX", expected_output[ii]);
}
fprintf(stderr, "\n\tActual Digest: \t\t");
......@@ -215,7 +215,7 @@ fprintf(stderr, "\n");
fprintf(stderr, "Test Item: %-70s %s\n", "oHMAC_SHA256 - RFC4231 Test Case 4", (success)?STATUS_SUCCESS:STATUS_FAILURE);
if (!success) {
fprintf(stderr, "\tExpected Digest:\t");
for (int ii = 0; ii < SHA256_DIGEST_LENGTH; ii++) {
for (int ii = 0; ii < OSHA256_DIGEST_LENGTH; ii++) {
fprintf(stderr, "%02hhX", expected_output[ii]);
}
fprintf(stderr, "\n\tActual Digest: \t\t");
......@@ -270,7 +270,7 @@ fprintf(stderr, "\n");
fprintf(stderr, "Test Item: %-70s %s\n", "oHMAC_SHA256 - RFC4231 Test Case 5", (success)?STATUS_SUCCESS:STATUS_FAILURE);
if (!success) {
fprintf(stderr, "\tExpected Digest:\t");
for (int ii = 0; ii < SHA256_DIGEST_LENGTH/2; ii++) {
for (int ii = 0; ii < OSHA256_DIGEST_LENGTH/2; ii++) {
fprintf(stderr, "%02hhX", expected_output[ii]);
}
fprintf(stderr, "\n\tActual Digest: \t\t");
......@@ -335,7 +335,7 @@ fprintf(stderr, "\n");
fprintf(stderr, "Test Item: %-70s %s\n", "oHMAC_SHA256 - RFC4231 Test Case 6", (success)?STATUS_SUCCESS:STATUS_FAILURE);
if (!success) {
fprintf(stderr, "\tExpected Digest:\t");
for (int ii = 0; ii < SHA256_DIGEST_LENGTH; ii++) {
for (int ii = 0; ii < OSHA256_DIGEST_LENGTH; ii++) {
fprintf(stderr, "%02hhX", expected_output[ii]);
}
fprintf(stderr, "\n\tActual Digest: \t\t");
......@@ -406,7 +406,7 @@ fprintf(stderr, "\n");
fprintf(stderr, "Test Item: %-70s %s\n", "oHMAC_SHA256 - RFC4231 Test Case 7", (success)?STATUS_SUCCESS:STATUS_FAILURE);
if (!success) {
fprintf(stderr, "\tExpected Digest:\t");
for (int ii = 0; ii < SHA256_DIGEST_LENGTH; ii++) {
for (int ii = 0; ii < OSHA256_DIGEST_LENGTH; ii++) {
fprintf(stderr, "%02hhX", expected_output[ii]);
}
fprintf(stderr, "\n\tActual Digest: \t\t");
......
This diff is collapsed.
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment