strongSwan

Hi,

I'm experiencing an issue running speed tests with scripts/pubkey_speed from the latest stable release 5.1.0.

Precisely, I configured strongswan like this :

$ ./configure --enable-openssl

then of course :

$ make && sudo make install

Using the script pubkey_speed.sh from 5.1.1 (but it's actually an old script :) ), I get:

$ sudo ./pubkey_speed.sh
testing: gmp gcrypt pem
 e=3    building CRED_PRIVATE_KEY - RSA failed, tried 2 builders
parsing private key failed.
 e=f4   building CRED_PRIVATE_KEY - RSA failed, tried 2 builders
...

I encounter the same problem with gmp, gcrypt, or openssl (the latter's installation being effective, of course)
which means with:

$ ./configure --enable-openssl --enable-gcrypt --enable-gmp

...and for rsa and ecdsa crypto as well...

Simply debugging by writing :

    printf("-lib->creds->create");
    private = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, type,
                                 BUILD_BLOB_PEM, keydata, BUILD_END);
    printf("+lib->creds->create");

in pubkey_speed.c, I get (./configure --enable-openssl --enable-gcrypt --enable-gmp case):

$ ./pubkey_speed.sh
testing: gmp gcrypt pem
 e=3    building CRED_PRIVATE_KEY - RSA failed, tried 5 builders
-lib->creds->create+lib->creds->createparsing private key failed.
 e=f4   building CRED_PRIVATE_KEY - RSA failed, tried 5 builders
-lib->creds->create+lib->creds->createparsing private key failed.
 e=3    building CRED_PRIVATE_KEY - RSA failed, tried 5 builders
-lib->creds->create+lib->creds->createparsing private key failed.
...

Thus, the line responsible for my issue seems to be :

private = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, type, BUILD_BLOB_PEM, keydata, BUILD_END);

... but I can't figure out why... hence this message.

Thank you very much in advance for any help !

And by the way, pubkey_speed usage says :

usage: pubkey_speed plugins rsa|ecdsa rounds

whereas pubkey_speed needs a key "to pipe from".

Best regards,

Charles Ibrahim