cipher-speed.sh revision 248613
155682Smarkm# $OpenBSD: cipher-speed.sh,v 1.7 2013/01/12 11:23:53 djm Exp $ 255682Smarkm# Placed in the Public Domain. 355682Smarkm 455682Smarkmtid="cipher speed" 555682Smarkm 655682Smarkmgetbytes () 755682Smarkm{ 855682Smarkm sed -n -e '/transferred/s/.*secs (\(.* bytes.sec\).*/\1/p' \ 955682Smarkm -e '/copied/s/.*s, \(.* MB.s\).*/\1/p' 1055682Smarkm} 1155682Smarkm 1255682Smarkmtries="1 2" 13178825Sdfr 1455682Smarkmciphers="aes128-cbc 3des-cbc blowfish-cbc cast128-cbc 1555682Smarkm arcfour128 arcfour256 arcfour 1655682Smarkm aes192-cbc aes256-cbc rijndael-cbc@lysator.liu.se 1755682Smarkm aes128-ctr aes192-ctr aes256-ctr" 1855682Smarkmconfig_defined OPENSSL_HAVE_EVPGCM && \ 1955682Smarkm ciphers="$ciphers aes128-gcm@openssh.com aes256-gcm@openssh.com" 2055682Smarkmmacs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com 2155682Smarkm hmac-sha1-96 hmac-md5-96" 2255682Smarkmconfig_defined HAVE_EVP_SHA256 && \ 2355682Smarkm macs="$macs hmac-sha2-256 hmac-sha2-512" 2455682Smarkm 2555682Smarkmfor c in $ciphers; do n=0; for m in $macs; do 2655682Smarkm trace "proto 2 cipher $c mac $m" 2755682Smarkm for x in $tries; do 2855682Smarkm printf "%-60s" "$c/$m:" 2955682Smarkm ( ${SSH} -o 'compression no' \ 3055682Smarkm -F $OBJ/ssh_proxy -2 -m $m -c $c somehost \ 3155682Smarkm exec sh -c \'"dd of=/dev/null obs=32k"\' \ 3255682Smarkm < ${DATA} ) 2>&1 | getbytes 3355682Smarkm 3455682Smarkm if [ $? -ne 0 ]; then 3555682Smarkm fail "ssh -2 failed with mac $m cipher $c" 3655682Smarkm fi 3755682Smarkm done 3855682Smarkm # No point trying all MACs for GCM since they are ignored. 3955682Smarkm case $c in 4055682Smarkm aes*-gcm@openssh.com) test $n -gt 0 && break;; 4155682Smarkm esac 4255682Smarkm n=`expr $n + 1` 4355682Smarkmdone; done 4455682Smarkm 4555682Smarkmciphers="3des blowfish" 4655682Smarkmfor c in $ciphers; do 4755682Smarkm trace "proto 1 cipher $c" 4855682Smarkm for x in $tries; do 4955682Smarkm printf "%-60s" "$c:" 50233294Sstas ( ${SSH} -o 'compression no' \ 5155682Smarkm -F $OBJ/ssh_proxy -1 -c $c somehost \ 5255682Smarkm exec sh -c \'"dd of=/dev/null obs=32k"\' \ 5355682Smarkm < ${DATA} ) 2>&1 | getbytes 5455682Smarkm if [ $? -ne 0 ]; then 5555682Smarkm fail "ssh -1 failed with cipher $c" 5655682Smarkm fi 5755682Smarkm done 5855682Smarkmdone 5955682Smarkm