Welcome to a python-based CRDP stressing utility
It works fairly simply. It create random plaintext data and then submits that to CRDP to determine how long CRDP takes to protect (encrypt) or reveal (decrypt).
Command line parameters allow the user to specify the number of times to repeat the encryption process as well as whether the protection process is record-by-record or as a bulk submission (which alwasy performs faster).
Usage: py CRDP_Stress.py [-h] -e HOSTNAMECRDP -p PROTECTIONPOLICY -b BATCHSIZE -u USERNAME [-bulk] [-c {ALPHANUMERIC, DIGITSONLY, PRINTABLEASCII}] [-t TASKCOUNT] [-f FILENAME] where:
-e HOSTNAME - The host name (or IP address) and port (optional) where CRDP is hosted. E.g., crdp.test256.io:8090
-p PROTECTIONPOLICY - The name of the Protection Policy that has been defined in CRDP. E.g., CRDP-DP-Policy1
-b BATCHSIZE - How many times the protection / reveal action should be be performed during the test.
This is an integer between 1 and 1,000,000.
Note that NON-bulk testing can take a LONG TIME with large bulk sizes.
-u USERNAME - The name of the user that will be used during the REVEAL test
-c (optional) ALPHANUMERIC - for plaintext, generate alphanumeric data DIGITSONLY - for plaintext, generate characters only using numeric digits PRINTABLEASCII - for plaintext, generate plaintenxt consisting of any printable character (including $pecial characters)
[-bulk] - just a FLAG that indicates whether the test should be formed as a bulk submission
-t TASKCOUNT - To stress CRDP when multiple pods are deployed, TASKCOUNT will take the BATCHSIZE and divide it by the TASKCOUNT and then issue a PROTECT/REVEAL task for each task in TASKCOUNT. E.g., if your BATCHSIZE is 10,000 and your TASKCOUNT is 10, then 10 TASKS will be independantly started with a batch size of 1000 per TASK (either descretely or as bulk payloads)
-f FILENAME - If you want to supply an actual file for encryption, you can add it here (text or binary). - If a file is supplied, then the BULK flag is automatically set and the BATCHSIZE is ignored. - If filename is specified and TASKCOUNT is greater than 1, then the file is sent once for each task.
Additional File Information:
I have also included a file called crdp-app-svc-ing.yml which will establish a Kubernetes cluster of CRDP pods. To use this file, you will need to use MicroK8s or some Kubernetes controller and have defined a crdp-secret-name prior to deploying the yml file.
The makeSecretandDeploy.sh script will do this for you (but you must still edit it and update the RegToken). It executes the following steps:
-
Define a secret, by using the command: microk8s kubectl create secret generic crdp-secret-name --from-literal=regtoken=myCRDPAppregistrationtokenfromCipherTrust
-
Deploy the environment by the following command: mkcrok8s kubectl apply -f crdp-app-svc-ing.yml