summaryrefslogtreecommitdiffstats
path: root/resources/ansible_roles/openssl
diff options
context:
space:
mode:
Diffstat (limited to 'resources/ansible_roles/openssl')
-rw-r--r--resources/ansible_roles/openssl/tasks/main.yml65
-rw-r--r--resources/ansible_roles/openssl/templates/ssl-metrics.j225
2 files changed, 90 insertions, 0 deletions
diff --git a/resources/ansible_roles/openssl/tasks/main.yml b/resources/ansible_roles/openssl/tasks/main.yml
new file mode 100644
index 00000000..7975c177
--- /dev/null
+++ b/resources/ansible_roles/openssl/tasks/main.yml
@@ -0,0 +1,65 @@
+##############################################################################
+# Copyright (c) 2017 ZTE Corporation and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+
+- name: install openssl - Cryptography and SSL/TLS Toolkit
+ package:
+ name: openssl
+ state: present
+
+- name: RSA signatures speed measurement
+ command: openssl speed rsa
+ register: openssl_rsa_log
+
+- name: AES speed measurement
+ command: openssl speed -evp aes-128-cbc
+ register: openssl_aes_log
+
+- name: collect ssl rsa metrics
+ collect:
+ string: "{{ openssl_rsa_log.stdout }}"
+ patterns:
+ - |-
+ ^rsa\s+512\sbits\s.+\s+
+ ?(?P<rsa_sign_512>\d+\.\d)\s+
+ ?(?P<rsa_verify_512>\d+\.\d)$
+ - |-
+ ^rsa\s+1024\sbits\s.+\s+
+ ?(?P<rsa_sign_1024>\d+\.\d)\s+
+ ?(?P<rsa_verify_1024>\d+\.\d)$
+ - |-
+ ^rsa\s+2048\sbits\s.+\s+
+ ?(?P<rsa_sign_2048>\d+\.\d)\s+
+ ?(?P<rsa_verify_2048>\d+\.\d)$
+ - |-
+ ^rsa\s+4096\sbits\s.+\s+
+ ?(?P<rsa_sign_4096>\d+\.\d)\s+
+ ?(?P<rsa_verify_4096>\d+\.\d)$
+ dump: openssl_rsa.log
+ register: ssl_rsa_metrics
+
+- name: collect ssl aes metrics
+ collect:
+ string: "{{ openssl_aes_log.stdout }}"
+ patterns:
+ - |-
+ ^aes-128-cbc\s+
+ ?(?P<aes_128_cbc_16_bytes>\d+\.\w+)\s+
+ ?(?P<aes_128_cbc_64_bytes>\d+\.\w+)\s+
+ ?(?P<aes_128_cbc_256_bytes>\d+\.\w+)\s+
+ ?(?P<aes_128_cbc_1024_bytes>\d+\.\w+)\s+
+ ?(?P<aes_128_cbc_8192_bytes>\d+\.\w+)$
+ dump: openssl_aes.log
+ register: ssl_aes_metrics
+
+- name: create SSL report
+ template:
+ src: ssl-metrics.j2
+ dest: "{{ qtip_results }}/{{ inventory_hostname }}/ssl-metrics"
+ delegate_to: localhost
+ tags: [report]
diff --git a/resources/ansible_roles/openssl/templates/ssl-metrics.j2 b/resources/ansible_roles/openssl/templates/ssl-metrics.j2
new file mode 100644
index 00000000..6f8f8c71
--- /dev/null
+++ b/resources/ansible_roles/openssl/templates/ssl-metrics.j2
@@ -0,0 +1,25 @@
+SSL metrics
+===========
+
+{{ ('Tool', 'openssl')|justify }}
+
+RSA
+---
+
+{{ ('Sign 512 bits', ssl_rsa_metrics.rsa_sign_512)|justify }}
+{{ ('Verify 512 bits', ssl_rsa_metrics.rsa_verify_512)|justify }}
+{{ ('Sign 1024 bits', ssl_rsa_metrics.rsa_sign_1024)|justify }}
+{{ ('Verify 1024 bits', ssl_rsa_metrics.rsa_verify_1024)|justify }}
+{{ ('Sign 2048 bits', ssl_rsa_metrics.rsa_sign_2048)|justify }}
+{{ ('Verify 2048 bits', ssl_rsa_metrics.rsa_verify_2048)|justify }}
+{{ ('Sign 4096 bits', ssl_rsa_metrics.rsa_sign_4096)|justify }}
+{{ ('Verify 4096 bits', ssl_rsa_metrics.rsa_verify_4096)|justify }}
+
+AES
+---
+
+{{ ('128 CBC 16 bytes', ssl_aes_metrics.aes_128_cbc_16_bytes)|justify }}
+{{ ('128 CBC 64 bytes', ssl_aes_metrics.aes_128_cbc_64_bytes)|justify }}
+{{ ('128 CBC 256 bytes', ssl_aes_metrics.aes_128_cbc_256_bytes)|justify }}
+{{ ('128 CBC 1024 bytes', ssl_aes_metrics.aes_128_cbc_1024_bytes)|justify }}
+{{ ('128 CBC 8192 bytes', ssl_aes_metrics.aes_128_cbc_8192_bytes)|justify }}