2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
13 #define RSA_SECONDS 10
14 #define DSA_SECONDS 10
15 #define ECDSA_SECONDS 10
16 #define ECDH_SECONDS 10
17 #define EdDSA_SECONDS 10
18 #define SM2_SECONDS 10
20 /* We need to use some deprecated APIs */
21 #define OPENSSL_SUPPRESS_DEPRECATED
29 #include <openssl/crypto.h>
30 #include <openssl/rand.h>
31 #include <openssl/err.h>
32 #include <openssl/evp.h>
33 #include <openssl/objects.h>
34 #include <openssl/async.h>
35 #if !defined(OPENSSL_SYS_MSDOS)
43 #include <openssl/bn.h>
44 #ifndef OPENSSL_NO_DES
45 # include <openssl/des.h>
47 #ifndef OPENSSL_NO_DEPRECATED_3_0
48 #include <openssl/aes.h>
50 #ifndef OPENSSL_NO_CAMELLIA
51 # include <openssl/camellia.h>
53 #ifndef OPENSSL_NO_MD2
54 # include <openssl/md2.h>
56 #ifndef OPENSSL_NO_MDC2
57 # include <openssl/mdc2.h>
59 #ifndef OPENSSL_NO_MD4
60 # include <openssl/md4.h>
62 #ifndef OPENSSL_NO_MD5
63 # include <openssl/md5.h>
65 #include <openssl/hmac.h>
66 #ifndef OPENSSL_NO_CMAC
67 #include <openssl/cmac.h>
69 #include <openssl/sha.h>
70 #ifndef OPENSSL_NO_RMD160
71 # include <openssl/ripemd.h>
73 #ifndef OPENSSL_NO_WHIRLPOOL
74 # include <openssl/whrlpool.h>
76 #ifndef OPENSSL_NO_RC4
77 # include <openssl/rc4.h>
79 #ifndef OPENSSL_NO_RC5
80 # include <openssl/rc5.h>
82 #ifndef OPENSSL_NO_RC2
83 # include <openssl/rc2.h>
85 #ifndef OPENSSL_NO_IDEA
86 # include <openssl/idea.h>
88 #ifndef OPENSSL_NO_SEED
89 # include <openssl/seed.h>
92 # include <openssl/blowfish.h>
94 #ifndef OPENSSL_NO_CAST
95 # include <openssl/cast.h>
97 #ifndef OPENSSL_NO_RSA
98 # include <openssl/rsa.h>
99 # include "./testrsa.h"
101 #include <openssl/x509.h>
102 #ifndef OPENSSL_NO_DSA
103 # include <openssl/dsa.h>
104 # include "./testdsa.h"
106 #ifndef OPENSSL_NO_EC
107 # include <openssl/ec.h>
109 #include <openssl/modes.h>
112 # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS)
125 #define MAX_MISALIGNMENT 63
126 #define MAX_ECDH_SIZE 256
129 typedef struct openssl_speed_sec_st {
137 } openssl_speed_sec_t;
139 static volatile int run = 0;
141 static int mr = 0; /* machine-readeable output format to merge fork results */
142 static int usertime = 1;
144 static double Time_F(int s);
145 static void print_message(const char *s, long num, int length, int tm);
146 static void pkey_print_message(const char *str, const char *str2,
147 long num, unsigned int bits, int sec);
148 static void print_result(int alg, int run_no, int count, double time_used);
150 static int do_multi(int multi, int size_num);
153 static const int lengths_list[] = {
154 16, 64, 256, 1024, 8 * 1024, 16 * 1024
156 #define SIZE_NUM OSSL_NELEM(lengths_list)
157 static const int *lengths = lengths_list;
159 static const int aead_lengths_list[] = {
160 2, 31, 136, 1024, 8 * 1024, 16 * 1024
168 static void alarmed(int sig)
170 signal(SIGALRM, alarmed);
174 static double Time_F(int s)
176 double ret = app_tminterval(s, usertime);
182 #elif defined(_WIN32)
186 static unsigned int lapse;
187 static volatile unsigned int schlock;
188 static void alarm_win32(unsigned int secs)
193 # define alarm alarm_win32
195 static DWORD WINAPI sleepy(VOID * arg)
203 static double Time_F(int s)
210 thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
212 DWORD err = GetLastError();
213 BIO_printf(bio_err, "unable to CreateThread (%lu)", err);
217 Sleep(0); /* scheduler spinlock */
218 ret = app_tminterval(s, usertime);
220 ret = app_tminterval(s, usertime);
222 TerminateThread(thr, 0);
229 static double Time_F(int s)
231 return app_tminterval(s, usertime);
235 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
236 const openssl_speed_sec_t *seconds);
238 static int opt_found(const char *name, unsigned int *result,
239 const OPT_PAIR pairs[], unsigned int nbelem)
243 for (idx = 0; idx < nbelem; ++idx, pairs++)
244 if (strcmp(name, pairs->name) == 0) {
245 *result = pairs->retval;
250 #define opt_found(value, pairs, result)\
251 opt_found(value, result, pairs, OSSL_NELEM(pairs))
253 typedef enum OPTION_choice {
254 OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
255 OPT_ELAPSED, OPT_EVP, OPT_HMAC, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
256 OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM,
257 OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD, OPT_CMAC
260 const OPTIONS speed_options[] = {
261 {OPT_HELP_STR, 1, '-', "Usage: %s [options] [algorithm...]\n"},
263 OPT_SECTION("General"),
264 {"help", OPT_HELP, '-', "Display this summary"},
266 "Enable (tls1>=1) multi-block mode on EVP-named cipher"},
267 {"mr", OPT_MR, '-', "Produce machine readable output"},
269 {"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"},
271 #ifndef OPENSSL_NO_ASYNC
272 {"async_jobs", OPT_ASYNCJOBS, 'p',
273 "Enable async mode and start specified number of jobs"},
275 #ifndef OPENSSL_NO_ENGINE
276 {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
278 {"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"},
280 OPT_SECTION("Selection"),
281 {"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"},
282 {"hmac", OPT_HMAC, 's', "HMAC using EVP-named digest"},
283 #ifndef OPENSSL_NO_CMAC
284 {"cmac", OPT_CMAC, 's', "CMAC using EVP-named cipher"},
286 {"decrypt", OPT_DECRYPT, '-',
287 "Time decryption instead of encryption (only EVP)"},
288 {"aead", OPT_AEAD, '-',
289 "Benchmark EVP-named AEAD cipher in TLS-like sequence"},
291 OPT_SECTION("Timing"),
292 {"elapsed", OPT_ELAPSED, '-',
293 "Use wall-clock time instead of CPU user time as divisor"},
294 {"seconds", OPT_SECONDS, 'p',
295 "Run benchmarks for specified amount of seconds"},
296 {"bytes", OPT_BYTES, 'p',
297 "Run [non-PKI] benchmarks on custom-sized buffer"},
298 {"misalign", OPT_MISALIGN, 'p',
299 "Use specified offset to mis-align buffers"},
304 {"algorithm", 0, 0, "Algorithm(s) to test (optional; otherwise tests all)"},
309 D_MD2, D_MDC2, D_MD4, D_MD5 , D_HMAC, D_SHA1, D_RMD160, D_RC4,
310 D_CBC_DES, D_EDE3_DES, D_CBC_IDEA, D_CBC_SEED,
311 D_CBC_RC2, D_CBC_RC5, D_CBC_BF, D_CBC_CAST,
312 D_CBC_128_AES, D_CBC_192_AES, D_CBC_256_AES,
313 D_CBC_128_CML, D_CBC_192_CML, D_CBC_256_CML,
314 D_EVP, D_SHA256, D_SHA512, D_WHIRLPOOL,
315 D_IGE_128_AES, D_IGE_192_AES, D_IGE_256_AES,
316 D_GHASH, D_RAND, D_EVP_HMAC, D_EVP_CMAC, ALGOR_NUM
318 /* name of algorithms to test. MUST BE KEEP IN SYNC with above enum ! */
319 static const char *names[ALGOR_NUM] = {
320 "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
321 "des cbc", "des ede3", "idea cbc", "seed cbc",
322 "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
323 "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
324 "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
325 "evp", "sha256", "sha512", "whirlpool",
326 "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
327 "rand", "hmac", "cmac"
330 /* list of configured algorithm (remaining), with some few alias */
331 static const OPT_PAIR doit_choices[] = {
332 #if !defined(OPENSSL_NO_MD2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
335 #if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
338 #if !defined(OPENSSL_NO_MD4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
341 #ifndef OPENSSL_NO_MD5
346 {"sha256", D_SHA256},
347 {"sha512", D_SHA512},
348 #if !defined(OPENSSL_NO_WHIRLPOOL) && !defined(OPENSSL_NO_DEPRECATED_3_0)
349 {"whirlpool", D_WHIRLPOOL},
351 #if !defined(OPENSSL_NO_RMD160) && !defined(OPENSSL_NO_DEPRECATED_3_0)
352 {"ripemd", D_RMD160},
353 {"rmd160", D_RMD160},
354 {"ripemd160", D_RMD160},
356 #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
359 #ifndef OPENSSL_NO_DES
360 {"des-cbc", D_CBC_DES},
361 {"des-ede3", D_EDE3_DES},
363 #ifndef OPENSSL_NO_DEPRECATED_3_0
364 {"aes-128-cbc", D_CBC_128_AES},
365 {"aes-192-cbc", D_CBC_192_AES},
366 {"aes-256-cbc", D_CBC_256_AES},
367 {"aes-128-ige", D_IGE_128_AES},
368 {"aes-192-ige", D_IGE_192_AES},
369 {"aes-256-ige", D_IGE_256_AES},
371 #if !defined(OPENSSL_NO_RC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
372 {"rc2-cbc", D_CBC_RC2},
375 #ifndef OPENSSL_NO_RC5
376 {"rc5-cbc", D_CBC_RC5},
379 #ifndef OPENSSL_NO_IDEA
380 {"idea-cbc", D_CBC_IDEA},
381 {"idea", D_CBC_IDEA},
383 #if !defined(OPENSSL_NO_SEED) && !defined(OPENSSL_NO_DEPRECATED_3_0)
384 {"seed-cbc", D_CBC_SEED},
385 {"seed", D_CBC_SEED},
387 #if !defined(OPENSSL_NO_BF) && !defined(OPENSSL_NO_DEPRECATED_3_0)
388 {"bf-cbc", D_CBC_BF},
389 {"blowfish", D_CBC_BF},
392 #if !defined(OPENSSL_NO_CAST) && !defined(OPENSSL_NO_DEPRECATED_3_0)
393 {"cast-cbc", D_CBC_CAST},
394 {"cast", D_CBC_CAST},
395 {"cast5", D_CBC_CAST},
401 static double results[ALGOR_NUM][SIZE_NUM];
403 #ifndef OPENSSL_NO_DSA
404 enum { R_DSA_512, R_DSA_1024, R_DSA_2048, DSA_NUM };
405 static const OPT_PAIR dsa_choices[DSA_NUM] = {
406 {"dsa512", R_DSA_512},
407 {"dsa1024", R_DSA_1024},
408 {"dsa2048", R_DSA_2048}
410 static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */
411 #endif /* OPENSSL_NO_DSA */
413 #ifndef OPENSSL_NO_RSA
415 R_RSA_512, R_RSA_1024, R_RSA_2048, R_RSA_3072, R_RSA_4096, R_RSA_7680,
418 static const OPT_PAIR rsa_choices[RSA_NUM] = {
419 {"rsa512", R_RSA_512},
420 {"rsa1024", R_RSA_1024},
421 {"rsa2048", R_RSA_2048},
422 {"rsa3072", R_RSA_3072},
423 {"rsa4096", R_RSA_4096},
424 {"rsa7680", R_RSA_7680},
425 {"rsa15360", R_RSA_15360}
428 static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */
429 #endif /* OPENSSL_NO_RSA */
431 #ifndef OPENSSL_NO_EC
433 R_EC_P160, R_EC_P192, R_EC_P224, R_EC_P256, R_EC_P384, R_EC_P521,
434 # ifndef OPENSSL_NO_EC2M
435 R_EC_K163, R_EC_K233, R_EC_K283, R_EC_K409, R_EC_K571,
436 R_EC_B163, R_EC_B233, R_EC_B283, R_EC_B409, R_EC_B571,
438 R_EC_BRP256R1, R_EC_BRP256T1, R_EC_BRP384R1, R_EC_BRP384T1,
439 R_EC_BRP512R1, R_EC_BRP512T1, ECDSA_NUM
441 /* list of ecdsa curves */
442 static const OPT_PAIR ecdsa_choices[ECDSA_NUM] = {
443 {"ecdsap160", R_EC_P160},
444 {"ecdsap192", R_EC_P192},
445 {"ecdsap224", R_EC_P224},
446 {"ecdsap256", R_EC_P256},
447 {"ecdsap384", R_EC_P384},
448 {"ecdsap521", R_EC_P521},
449 # ifndef OPENSSL_NO_EC2M
450 {"ecdsak163", R_EC_K163},
451 {"ecdsak233", R_EC_K233},
452 {"ecdsak283", R_EC_K283},
453 {"ecdsak409", R_EC_K409},
454 {"ecdsak571", R_EC_K571},
455 {"ecdsab163", R_EC_B163},
456 {"ecdsab233", R_EC_B233},
457 {"ecdsab283", R_EC_B283},
458 {"ecdsab409", R_EC_B409},
459 {"ecdsab571", R_EC_B571},
461 {"ecdsabrp256r1", R_EC_BRP256R1},
462 {"ecdsabrp256t1", R_EC_BRP256T1},
463 {"ecdsabrp384r1", R_EC_BRP384R1},
464 {"ecdsabrp384t1", R_EC_BRP384T1},
465 {"ecdsabrp512r1", R_EC_BRP512R1},
466 {"ecdsabrp512t1", R_EC_BRP512T1}
468 enum { R_EC_X25519 = ECDSA_NUM, R_EC_X448, EC_NUM };
469 /* list of ecdh curves, extension of |ecdsa_choices| list above */
470 static const OPT_PAIR ecdh_choices[EC_NUM] = {
471 {"ecdhp160", R_EC_P160},
472 {"ecdhp192", R_EC_P192},
473 {"ecdhp224", R_EC_P224},
474 {"ecdhp256", R_EC_P256},
475 {"ecdhp384", R_EC_P384},
476 {"ecdhp521", R_EC_P521},
477 # ifndef OPENSSL_NO_EC2M
478 {"ecdhk163", R_EC_K163},
479 {"ecdhk233", R_EC_K233},
480 {"ecdhk283", R_EC_K283},
481 {"ecdhk409", R_EC_K409},
482 {"ecdhk571", R_EC_K571},
483 {"ecdhb163", R_EC_B163},
484 {"ecdhb233", R_EC_B233},
485 {"ecdhb283", R_EC_B283},
486 {"ecdhb409", R_EC_B409},
487 {"ecdhb571", R_EC_B571},
489 {"ecdhbrp256r1", R_EC_BRP256R1},
490 {"ecdhbrp256t1", R_EC_BRP256T1},
491 {"ecdhbrp384r1", R_EC_BRP384R1},
492 {"ecdhbrp384t1", R_EC_BRP384T1},
493 {"ecdhbrp512r1", R_EC_BRP512R1},
494 {"ecdhbrp512t1", R_EC_BRP512T1},
495 {"ecdhx25519", R_EC_X25519},
496 {"ecdhx448", R_EC_X448}
499 static double ecdh_results[EC_NUM][1]; /* 1 op: derivation */
500 static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */
502 enum { R_EC_Ed25519, R_EC_Ed448, EdDSA_NUM };
503 static const OPT_PAIR eddsa_choices[EdDSA_NUM] = {
504 {"ed25519", R_EC_Ed25519},
505 {"ed448", R_EC_Ed448}
508 static double eddsa_results[EdDSA_NUM][2]; /* 2 ops: sign then verify */
510 # ifndef OPENSSL_NO_SM2
511 enum { R_EC_CURVESM2, SM2_NUM };
512 static const OPT_PAIR sm2_choices[SM2_NUM] = {
513 {"curveSM2", R_EC_CURVESM2}
515 # define SM2_ID "TLSv1.3+GM+Cipher+Suite"
516 # define SM2_ID_LEN sizeof("TLSv1.3+GM+Cipher+Suite") - 1
517 static double sm2_results[SM2_NUM][2]; /* 2 ops: sign then verify */
518 # endif /* OPENSSL_NO_SM2 */
519 #endif /* OPENSSL_NO_EC */
522 # define COND(d) (count < (d))
523 # define COUNT(d) (d)
525 # define COND(unused_cond) (run && count<0x7fffffff)
526 # define COUNT(d) (count)
529 typedef struct loopargs_st {
530 ASYNC_JOB *inprogress_job;
531 ASYNC_WAIT_CTX *wait_ctx;
534 unsigned char *buf_malloc;
535 unsigned char *buf2_malloc;
539 #ifndef OPENSSL_NO_RSA
540 RSA *rsa_key[RSA_NUM];
542 #ifndef OPENSSL_NO_DSA
543 DSA *dsa_key[DSA_NUM];
545 #ifndef OPENSSL_NO_EC
546 EC_KEY *ecdsa[ECDSA_NUM];
547 EVP_PKEY_CTX *ecdh_ctx[EC_NUM];
548 EVP_MD_CTX *eddsa_ctx[EdDSA_NUM];
549 # ifndef OPENSSL_NO_SM2
550 EVP_MD_CTX *sm2_ctx[SM2_NUM];
551 EVP_MD_CTX *sm2_vfy_ctx[SM2_NUM];
552 EVP_PKEY *sm2_pkey[SM2_NUM];
554 unsigned char *secret_a;
555 unsigned char *secret_b;
556 size_t outlen[EC_NUM];
560 #ifndef OPENSSL_NO_CMAC
563 GCM128_CONTEXT *gcm_ctx;
565 static int run_benchmark(int async_jobs, int (*loop_function) (void *),
566 loopargs_t * loopargs);
568 static unsigned int testnum;
570 /* Nb of iterations to do per algorithm and key-size */
571 static long c[ALGOR_NUM][SIZE_NUM];
573 #if !defined(OPENSSL_NO_MD2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
574 static int EVP_Digest_MD2_loop(void *args)
576 loopargs_t *tempargs = *(loopargs_t **) args;
577 unsigned char *buf = tempargs->buf;
578 unsigned char md2[MD2_DIGEST_LENGTH];
581 for (count = 0; COND(c[D_MD2][testnum]); count++) {
582 if (!EVP_Digest(buf, (size_t)lengths[testnum], md2, NULL, EVP_md2(),
590 #if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
591 static int EVP_Digest_MDC2_loop(void *args)
593 loopargs_t *tempargs = *(loopargs_t **) args;
594 unsigned char *buf = tempargs->buf;
595 unsigned char mdc2[MDC2_DIGEST_LENGTH];
598 for (count = 0; COND(c[D_MDC2][testnum]); count++) {
599 if (!EVP_Digest(buf, (size_t)lengths[testnum], mdc2, NULL, EVP_mdc2(),
607 #if !defined(OPENSSL_NO_MD4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
608 static int EVP_Digest_MD4_loop(void *args)
610 loopargs_t *tempargs = *(loopargs_t **) args;
611 unsigned char *buf = tempargs->buf;
612 unsigned char md4[MD4_DIGEST_LENGTH];
615 for (count = 0; COND(c[D_MD4][testnum]); count++) {
616 if (!EVP_Digest(buf, (size_t)lengths[testnum], md4, NULL, EVP_md4(),
624 #ifndef OPENSSL_NO_MD5
625 static int MD5_loop(void *args)
627 loopargs_t *tempargs = *(loopargs_t **) args;
628 unsigned char *buf = tempargs->buf;
629 unsigned char md5[MD5_DIGEST_LENGTH];
631 for (count = 0; COND(c[D_MD5][testnum]); count++)
632 MD5(buf, lengths[testnum], md5);
636 static int HMAC_loop(void *args)
638 loopargs_t *tempargs = *(loopargs_t **) args;
639 unsigned char *buf = tempargs->buf;
640 HMAC_CTX *hctx = tempargs->hctx;
641 unsigned char hmac[MD5_DIGEST_LENGTH];
644 for (count = 0; COND(c[D_HMAC][testnum]); count++) {
645 HMAC_Init_ex(hctx, NULL, 0, NULL, NULL);
646 HMAC_Update(hctx, buf, lengths[testnum]);
647 HMAC_Final(hctx, hmac, NULL);
653 static int SHA1_loop(void *args)
655 loopargs_t *tempargs = *(loopargs_t **) args;
656 unsigned char *buf = tempargs->buf;
657 unsigned char sha[SHA_DIGEST_LENGTH];
659 for (count = 0; COND(c[D_SHA1][testnum]); count++)
660 SHA1(buf, lengths[testnum], sha);
664 static int SHA256_loop(void *args)
666 loopargs_t *tempargs = *(loopargs_t **) args;
667 unsigned char *buf = tempargs->buf;
668 unsigned char sha256[SHA256_DIGEST_LENGTH];
670 for (count = 0; COND(c[D_SHA256][testnum]); count++)
671 SHA256(buf, lengths[testnum], sha256);
675 static int SHA512_loop(void *args)
677 loopargs_t *tempargs = *(loopargs_t **) args;
678 unsigned char *buf = tempargs->buf;
679 unsigned char sha512[SHA512_DIGEST_LENGTH];
681 for (count = 0; COND(c[D_SHA512][testnum]); count++)
682 SHA512(buf, lengths[testnum], sha512);
686 #if !defined(OPENSSL_NO_WHIRLPOOL) && !defined(OPENSSL_NO_DEPRECATED_3_0)
687 static int WHIRLPOOL_loop(void *args)
689 loopargs_t *tempargs = *(loopargs_t **) args;
690 unsigned char *buf = tempargs->buf;
691 unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
693 for (count = 0; COND(c[D_WHIRLPOOL][testnum]); count++)
694 WHIRLPOOL(buf, lengths[testnum], whirlpool);
699 #if !defined(OPENSSL_NO_RMD160) && !defined(OPENSSL_NO_DEPRECATED_3_0)
700 static int EVP_Digest_RMD160_loop(void *args)
702 loopargs_t *tempargs = *(loopargs_t **) args;
703 unsigned char *buf = tempargs->buf;
704 unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
706 for (count = 0; COND(c[D_RMD160][testnum]); count++) {
707 if (!EVP_Digest(buf, (size_t)lengths[testnum], &(rmd160[0]),
708 NULL, EVP_ripemd160(), NULL))
715 #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
716 static RC4_KEY rc4_ks;
717 static int RC4_loop(void *args)
719 loopargs_t *tempargs = *(loopargs_t **) args;
720 unsigned char *buf = tempargs->buf;
722 for (count = 0; COND(c[D_RC4][testnum]); count++)
723 RC4(&rc4_ks, (size_t)lengths[testnum], buf, buf);
728 #ifndef OPENSSL_NO_DES
729 static unsigned char DES_iv[8];
730 static DES_key_schedule sch[3];
731 static int DES_ncbc_encrypt_loop(void *args)
733 loopargs_t *tempargs = *(loopargs_t **) args;
734 unsigned char *buf = tempargs->buf;
736 for (count = 0; COND(c[D_CBC_DES][testnum]); count++)
737 DES_ncbc_encrypt(buf, buf, lengths[testnum], &sch[0],
738 &DES_iv, DES_ENCRYPT);
742 static int DES_ede3_cbc_encrypt_loop(void *args)
744 loopargs_t *tempargs = *(loopargs_t **) args;
745 unsigned char *buf = tempargs->buf;
747 for (count = 0; COND(c[D_EDE3_DES][testnum]); count++)
748 DES_ede3_cbc_encrypt(buf, buf, lengths[testnum],
749 &sch[0], &sch[1], &sch[2], &DES_iv, DES_ENCRYPT);
754 #define MAX_BLOCK_SIZE 128
756 static unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
758 #ifndef OPENSSL_NO_DEPRECATED_3_0
759 static AES_KEY aes_ks1, aes_ks2, aes_ks3;
760 static int AES_cbc_128_encrypt_loop(void *args)
762 loopargs_t *tempargs = *(loopargs_t **) args;
763 unsigned char *buf = tempargs->buf;
765 for (count = 0; COND(c[D_CBC_128_AES][testnum]); count++)
766 AES_cbc_encrypt(buf, buf,
767 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
771 static int AES_cbc_192_encrypt_loop(void *args)
773 loopargs_t *tempargs = *(loopargs_t **) args;
774 unsigned char *buf = tempargs->buf;
776 for (count = 0; COND(c[D_CBC_192_AES][testnum]); count++)
777 AES_cbc_encrypt(buf, buf,
778 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
782 static int AES_cbc_256_encrypt_loop(void *args)
784 loopargs_t *tempargs = *(loopargs_t **) args;
785 unsigned char *buf = tempargs->buf;
787 for (count = 0; COND(c[D_CBC_256_AES][testnum]); count++)
788 AES_cbc_encrypt(buf, buf,
789 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
793 static int AES_ige_128_encrypt_loop(void *args)
795 loopargs_t *tempargs = *(loopargs_t **) args;
796 unsigned char *buf = tempargs->buf;
797 unsigned char *buf2 = tempargs->buf2;
799 for (count = 0; COND(c[D_IGE_128_AES][testnum]); count++)
800 AES_ige_encrypt(buf, buf2,
801 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
805 static int AES_ige_192_encrypt_loop(void *args)
807 loopargs_t *tempargs = *(loopargs_t **) args;
808 unsigned char *buf = tempargs->buf;
809 unsigned char *buf2 = tempargs->buf2;
811 for (count = 0; COND(c[D_IGE_192_AES][testnum]); count++)
812 AES_ige_encrypt(buf, buf2,
813 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
817 static int AES_ige_256_encrypt_loop(void *args)
819 loopargs_t *tempargs = *(loopargs_t **) args;
820 unsigned char *buf = tempargs->buf;
821 unsigned char *buf2 = tempargs->buf2;
823 for (count = 0; COND(c[D_IGE_256_AES][testnum]); count++)
824 AES_ige_encrypt(buf, buf2,
825 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
829 static int CRYPTO_gcm128_aad_loop(void *args)
831 loopargs_t *tempargs = *(loopargs_t **) args;
832 unsigned char *buf = tempargs->buf;
833 GCM128_CONTEXT *gcm_ctx = tempargs->gcm_ctx;
835 for (count = 0; COND(c[D_GHASH][testnum]); count++)
836 CRYPTO_gcm128_aad(gcm_ctx, buf, lengths[testnum]);
841 static int RAND_bytes_loop(void *args)
843 loopargs_t *tempargs = *(loopargs_t **) args;
844 unsigned char *buf = tempargs->buf;
847 for (count = 0; COND(c[D_RAND][testnum]); count++)
848 RAND_bytes(buf, lengths[testnum]);
852 static int decrypt = 0;
853 static int EVP_Update_loop(void *args)
855 loopargs_t *tempargs = *(loopargs_t **) args;
856 unsigned char *buf = tempargs->buf;
857 EVP_CIPHER_CTX *ctx = tempargs->ctx;
861 for (count = 0; COND(c[D_EVP][testnum]); count++) {
862 rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
864 /* reset iv in case of counter overflow */
865 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
869 for (count = 0; COND(c[D_EVP][testnum]); count++) {
870 rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
872 /* reset iv in case of counter overflow */
873 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
878 EVP_DecryptFinal_ex(ctx, buf, &outl);
880 EVP_EncryptFinal_ex(ctx, buf, &outl);
885 * CCM does not support streaming. For the purpose of performance measurement,
886 * each message is encrypted using the same (key,iv)-pair. Do not use this
887 * code in your application.
889 static int EVP_Update_loop_ccm(void *args)
891 loopargs_t *tempargs = *(loopargs_t **) args;
892 unsigned char *buf = tempargs->buf;
893 EVP_CIPHER_CTX *ctx = tempargs->ctx;
895 unsigned char tag[12];
898 for (count = 0; COND(c[D_EVP][testnum]); count++) {
899 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), tag);
901 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
902 /* counter is reset on every update */
903 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
906 for (count = 0; COND(c[D_EVP][testnum]); count++) {
907 /* restore iv length field */
908 EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
909 /* counter is reset on every update */
910 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
914 EVP_DecryptFinal_ex(ctx, buf, &outl);
916 EVP_EncryptFinal_ex(ctx, buf, &outl);
921 * To make AEAD benchmarking more relevant perform TLS-like operations,
922 * 13-byte AAD followed by payload. But don't use TLS-formatted AAD, as
923 * payload length is not actually limited by 16KB...
925 static int EVP_Update_loop_aead(void *args)
927 loopargs_t *tempargs = *(loopargs_t **) args;
928 unsigned char *buf = tempargs->buf;
929 EVP_CIPHER_CTX *ctx = tempargs->ctx;
931 unsigned char aad[13] = { 0xcc };
932 unsigned char faketag[16] = { 0xcc };
935 for (count = 0; COND(c[D_EVP][testnum]); count++) {
936 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
937 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
938 sizeof(faketag), faketag);
939 EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
940 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
941 EVP_DecryptFinal_ex(ctx, buf + outl, &outl);
944 for (count = 0; COND(c[D_EVP][testnum]); count++) {
945 EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv);
946 EVP_EncryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
947 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
948 EVP_EncryptFinal_ex(ctx, buf + outl, &outl);
954 static const EVP_MD *evp_md = NULL;
955 static int EVP_Digest_loop(void *args)
957 loopargs_t *tempargs = *(loopargs_t **) args;
958 unsigned char *buf = tempargs->buf;
959 unsigned char md[EVP_MAX_MD_SIZE];
962 for (count = 0; COND(c[D_EVP][testnum]); count++) {
963 if (!EVP_Digest(buf, lengths[testnum], md, NULL, evp_md, NULL))
969 static const EVP_MD *evp_hmac_md = NULL;
970 static char *evp_hmac_name = NULL;
971 static int EVP_HMAC_loop(void *args)
973 loopargs_t *tempargs = *(loopargs_t **) args;
974 unsigned char *buf = tempargs->buf;
975 unsigned char no_key[32];
978 for (count = 0; COND(c[D_EVP_HMAC][testnum]); count++) {
979 if (HMAC(evp_hmac_md, no_key, sizeof(no_key), buf, lengths[testnum],
986 #ifndef OPENSSL_NO_CMAC
987 static const EVP_CIPHER *evp_cmac_cipher = NULL;
988 static char *evp_cmac_name = NULL;
990 static int EVP_CMAC_loop(void *args)
992 loopargs_t *tempargs = *(loopargs_t **) args;
993 unsigned char *buf = tempargs->buf;
994 CMAC_CTX *cmac_ctx = tempargs->cmac_ctx;
995 static const char key[16] = "This is a key...";
996 unsigned char mac[16];
997 size_t len = sizeof(mac);
1000 for (count = 0; COND(c[D_EVP_CMAC][testnum]); count++) {
1001 if (!CMAC_Init(cmac_ctx, key, sizeof(key), evp_cmac_cipher, NULL)
1002 || !CMAC_Update(cmac_ctx, buf, lengths[testnum])
1003 || !CMAC_Final(cmac_ctx, mac, &len))
1010 #ifndef OPENSSL_NO_RSA
1011 static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */
1013 static int RSA_sign_loop(void *args)
1015 loopargs_t *tempargs = *(loopargs_t **) args;
1016 unsigned char *buf = tempargs->buf;
1017 unsigned char *buf2 = tempargs->buf2;
1018 unsigned int *rsa_num = &tempargs->siglen;
1019 RSA **rsa_key = tempargs->rsa_key;
1021 for (count = 0; COND(rsa_c[testnum][0]); count++) {
1022 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1024 BIO_printf(bio_err, "RSA sign failure\n");
1025 ERR_print_errors(bio_err);
1033 static int RSA_verify_loop(void *args)
1035 loopargs_t *tempargs = *(loopargs_t **) args;
1036 unsigned char *buf = tempargs->buf;
1037 unsigned char *buf2 = tempargs->buf2;
1038 unsigned int rsa_num = tempargs->siglen;
1039 RSA **rsa_key = tempargs->rsa_key;
1041 for (count = 0; COND(rsa_c[testnum][1]); count++) {
1043 RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1045 BIO_printf(bio_err, "RSA verify failure\n");
1046 ERR_print_errors(bio_err);
1055 #ifndef OPENSSL_NO_DSA
1056 static long dsa_c[DSA_NUM][2];
1057 static int DSA_sign_loop(void *args)
1059 loopargs_t *tempargs = *(loopargs_t **) args;
1060 unsigned char *buf = tempargs->buf;
1061 unsigned char *buf2 = tempargs->buf2;
1062 DSA **dsa_key = tempargs->dsa_key;
1063 unsigned int *siglen = &tempargs->siglen;
1065 for (count = 0; COND(dsa_c[testnum][0]); count++) {
1066 ret = DSA_sign(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1068 BIO_printf(bio_err, "DSA sign failure\n");
1069 ERR_print_errors(bio_err);
1077 static int DSA_verify_loop(void *args)
1079 loopargs_t *tempargs = *(loopargs_t **) args;
1080 unsigned char *buf = tempargs->buf;
1081 unsigned char *buf2 = tempargs->buf2;
1082 DSA **dsa_key = tempargs->dsa_key;
1083 unsigned int siglen = tempargs->siglen;
1085 for (count = 0; COND(dsa_c[testnum][1]); count++) {
1086 ret = DSA_verify(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1088 BIO_printf(bio_err, "DSA verify failure\n");
1089 ERR_print_errors(bio_err);
1098 #ifndef OPENSSL_NO_EC
1099 static long ecdsa_c[ECDSA_NUM][2];
1100 static int ECDSA_sign_loop(void *args)
1102 loopargs_t *tempargs = *(loopargs_t **) args;
1103 unsigned char *buf = tempargs->buf;
1104 EC_KEY **ecdsa = tempargs->ecdsa;
1105 unsigned char *ecdsasig = tempargs->buf2;
1106 unsigned int *ecdsasiglen = &tempargs->siglen;
1108 for (count = 0; COND(ecdsa_c[testnum][0]); count++) {
1109 ret = ECDSA_sign(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1111 BIO_printf(bio_err, "ECDSA sign failure\n");
1112 ERR_print_errors(bio_err);
1120 static int ECDSA_verify_loop(void *args)
1122 loopargs_t *tempargs = *(loopargs_t **) args;
1123 unsigned char *buf = tempargs->buf;
1124 EC_KEY **ecdsa = tempargs->ecdsa;
1125 unsigned char *ecdsasig = tempargs->buf2;
1126 unsigned int ecdsasiglen = tempargs->siglen;
1128 for (count = 0; COND(ecdsa_c[testnum][1]); count++) {
1129 ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1131 BIO_printf(bio_err, "ECDSA verify failure\n");
1132 ERR_print_errors(bio_err);
1140 /* ******************************************************************** */
1141 static long ecdh_c[EC_NUM][1];
1143 static int ECDH_EVP_derive_key_loop(void *args)
1145 loopargs_t *tempargs = *(loopargs_t **) args;
1146 EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum];
1147 unsigned char *derived_secret = tempargs->secret_a;
1149 size_t *outlen = &(tempargs->outlen[testnum]);
1151 for (count = 0; COND(ecdh_c[testnum][0]); count++)
1152 EVP_PKEY_derive(ctx, derived_secret, outlen);
1157 static long eddsa_c[EdDSA_NUM][2];
1158 static int EdDSA_sign_loop(void *args)
1160 loopargs_t *tempargs = *(loopargs_t **) args;
1161 unsigned char *buf = tempargs->buf;
1162 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1163 unsigned char *eddsasig = tempargs->buf2;
1164 size_t *eddsasigsize = &tempargs->sigsize;
1167 for (count = 0; COND(eddsa_c[testnum][0]); count++) {
1168 ret = EVP_DigestSign(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1170 BIO_printf(bio_err, "EdDSA sign failure\n");
1171 ERR_print_errors(bio_err);
1179 static int EdDSA_verify_loop(void *args)
1181 loopargs_t *tempargs = *(loopargs_t **) args;
1182 unsigned char *buf = tempargs->buf;
1183 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1184 unsigned char *eddsasig = tempargs->buf2;
1185 size_t eddsasigsize = tempargs->sigsize;
1188 for (count = 0; COND(eddsa_c[testnum][1]); count++) {
1189 ret = EVP_DigestVerify(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1191 BIO_printf(bio_err, "EdDSA verify failure\n");
1192 ERR_print_errors(bio_err);
1200 # ifndef OPENSSL_NO_SM2
1201 static long sm2_c[SM2_NUM][2];
1202 static int SM2_sign_loop(void *args)
1204 loopargs_t *tempargs = *(loopargs_t **) args;
1205 unsigned char *buf = tempargs->buf;
1206 EVP_MD_CTX **sm2ctx = tempargs->sm2_ctx;
1207 unsigned char *sm2sig = tempargs->buf2;
1208 size_t sm2sigsize = tempargs->sigsize;
1209 const size_t max_size = tempargs->sigsize;
1211 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1213 for (count = 0; COND(sm2_c[testnum][0]); count++) {
1214 if (!EVP_DigestSignInit(sm2ctx[testnum], NULL, EVP_sm3(),
1215 NULL, sm2_pkey[testnum])) {
1216 BIO_printf(bio_err, "SM2 init sign failure\n");
1217 ERR_print_errors(bio_err);
1221 ret = EVP_DigestSign(sm2ctx[testnum], sm2sig, &sm2sigsize,
1224 BIO_printf(bio_err, "SM2 sign failure\n");
1225 ERR_print_errors(bio_err);
1229 /* update the latest returned size and always use the fixed buffer size */
1230 tempargs->sigsize = sm2sigsize;
1231 sm2sigsize = max_size;
1237 static int SM2_verify_loop(void *args)
1239 loopargs_t *tempargs = *(loopargs_t **) args;
1240 unsigned char *buf = tempargs->buf;
1241 EVP_MD_CTX **sm2ctx = tempargs->sm2_vfy_ctx;
1242 unsigned char *sm2sig = tempargs->buf2;
1243 size_t sm2sigsize = tempargs->sigsize;
1245 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1247 for (count = 0; COND(sm2_c[testnum][1]); count++) {
1248 if (!EVP_DigestVerifyInit(sm2ctx[testnum], NULL, EVP_sm3(),
1249 NULL, sm2_pkey[testnum])) {
1250 BIO_printf(bio_err, "SM2 verify init failure\n");
1251 ERR_print_errors(bio_err);
1255 ret = EVP_DigestVerify(sm2ctx[testnum], sm2sig, sm2sigsize,
1258 BIO_printf(bio_err, "SM2 verify failure\n");
1259 ERR_print_errors(bio_err);
1266 # endif /* OPENSSL_NO_SM2 */
1267 #endif /* OPENSSL_NO_EC */
1269 static int run_benchmark(int async_jobs,
1270 int (*loop_function) (void *), loopargs_t * loopargs)
1272 int job_op_count = 0;
1273 int total_op_count = 0;
1274 int num_inprogress = 0;
1275 int error = 0, i = 0, ret = 0;
1276 OSSL_ASYNC_FD job_fd = 0;
1277 size_t num_job_fds = 0;
1279 if (async_jobs == 0) {
1280 return loop_function((void *)&loopargs);
1283 for (i = 0; i < async_jobs && !error; i++) {
1284 loopargs_t *looparg_item = loopargs + i;
1286 /* Copy pointer content (looparg_t item address) into async context */
1287 ret = ASYNC_start_job(&loopargs[i].inprogress_job, loopargs[i].wait_ctx,
1288 &job_op_count, loop_function,
1289 (void *)&looparg_item, sizeof(looparg_item));
1295 if (job_op_count == -1) {
1298 total_op_count += job_op_count;
1303 BIO_printf(bio_err, "Failure in the job\n");
1304 ERR_print_errors(bio_err);
1310 while (num_inprogress > 0) {
1311 #if defined(OPENSSL_SYS_WINDOWS)
1313 #elif defined(OPENSSL_SYS_UNIX)
1314 int select_result = 0;
1315 OSSL_ASYNC_FD max_fd = 0;
1318 FD_ZERO(&waitfdset);
1320 for (i = 0; i < async_jobs && num_inprogress > 0; i++) {
1321 if (loopargs[i].inprogress_job == NULL)
1324 if (!ASYNC_WAIT_CTX_get_all_fds
1325 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1326 || num_job_fds > 1) {
1327 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1328 ERR_print_errors(bio_err);
1332 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1334 FD_SET(job_fd, &waitfdset);
1335 if (job_fd > max_fd)
1339 if (max_fd >= (OSSL_ASYNC_FD)FD_SETSIZE) {
1341 "Error: max_fd (%d) must be smaller than FD_SETSIZE (%d). "
1342 "Decrease the value of async_jobs\n",
1343 max_fd, FD_SETSIZE);
1344 ERR_print_errors(bio_err);
1349 select_result = select(max_fd + 1, &waitfdset, NULL, NULL, NULL);
1350 if (select_result == -1 && errno == EINTR)
1353 if (select_result == -1) {
1354 BIO_printf(bio_err, "Failure in the select\n");
1355 ERR_print_errors(bio_err);
1360 if (select_result == 0)
1364 for (i = 0; i < async_jobs; i++) {
1365 if (loopargs[i].inprogress_job == NULL)
1368 if (!ASYNC_WAIT_CTX_get_all_fds
1369 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1370 || num_job_fds > 1) {
1371 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1372 ERR_print_errors(bio_err);
1376 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1379 #if defined(OPENSSL_SYS_UNIX)
1380 if (num_job_fds == 1 && !FD_ISSET(job_fd, &waitfdset))
1382 #elif defined(OPENSSL_SYS_WINDOWS)
1383 if (num_job_fds == 1
1384 && !PeekNamedPipe(job_fd, NULL, 0, NULL, &avail, NULL)
1389 ret = ASYNC_start_job(&loopargs[i].inprogress_job,
1390 loopargs[i].wait_ctx, &job_op_count,
1391 loop_function, (void *)(loopargs + i),
1392 sizeof(loopargs_t));
1397 if (job_op_count == -1) {
1400 total_op_count += job_op_count;
1403 loopargs[i].inprogress_job = NULL;
1408 loopargs[i].inprogress_job = NULL;
1409 BIO_printf(bio_err, "Failure in the job\n");
1410 ERR_print_errors(bio_err);
1417 return error ? -1 : total_op_count;
1420 #define stop_it(do_it, test_num)\
1421 memset(do_it + test_num, 0, OSSL_NELEM(do_it) - test_num);
1423 int speed_main(int argc, char **argv)
1426 loopargs_t *loopargs = NULL;
1428 const char *engine_id = NULL;
1429 const EVP_CIPHER *evp_cipher = NULL;
1432 int async_init = 0, multiblock = 0, pr_header = 0;
1433 uint8_t doit[ALGOR_NUM] = { 0 };
1434 int ret = 1, misalign = 0, lengths_single = 0, aead = 0;
1436 unsigned int size_num = SIZE_NUM;
1437 unsigned int i, k, loopargs_len = 0, async_jobs = 0;
1443 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) \
1444 || !defined(OPENSSL_NO_EC)
1447 openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS,
1448 ECDSA_SECONDS, ECDH_SECONDS,
1449 EdDSA_SECONDS, SM2_SECONDS };
1451 /* What follows are the buffers and key material. */
1452 #ifndef OPENSSL_NO_RC5
1455 #if !defined(OPENSSL_NO_RC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1458 #ifndef OPENSSL_NO_IDEA
1459 IDEA_KEY_SCHEDULE idea_ks;
1461 #if !defined(OPENSSL_NO_SEED) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1462 SEED_KEY_SCHEDULE seed_ks;
1464 #if !defined(OPENSSL_NO_BF) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1467 #if !defined(OPENSSL_NO_CAST) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1470 static const unsigned char key16[16] = {
1471 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1472 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1474 #ifndef OPENSSL_NO_DEPRECATED_3_0
1475 static const unsigned char key24[24] = {
1476 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1477 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1478 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1480 static const unsigned char key32[32] = {
1481 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1482 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1483 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1484 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1487 #if !defined(OPENSSL_NO_CAMELLIA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1488 CAMELLIA_KEY camellia_ks[3];
1490 #ifndef OPENSSL_NO_RSA
1491 static const struct {
1492 const unsigned char *data;
1493 unsigned int length;
1496 { test512, sizeof(test512), 512 },
1497 { test1024, sizeof(test1024), 1024 },
1498 { test2048, sizeof(test2048), 2048 },
1499 { test3072, sizeof(test3072), 3072 },
1500 { test4096, sizeof(test4096), 4092 },
1501 { test7680, sizeof(test7680), 7680 },
1502 { test15360, sizeof(test15360), 15360 }
1504 uint8_t rsa_doit[RSA_NUM] = { 0 };
1505 int primes = RSA_DEFAULT_PRIME_NUM;
1507 #ifndef OPENSSL_NO_DSA
1508 static const unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 };
1509 uint8_t dsa_doit[DSA_NUM] = { 0 };
1511 #ifndef OPENSSL_NO_EC
1512 typedef struct ec_curve_st {
1516 size_t sigsize; /* only used for EdDSA curves */
1519 * We only test over the following curves as they are representative, To
1520 * add tests over more curves, simply add the curve NID and curve name to
1521 * the following arrays and increase the |ecdh_choices| and |ecdsa_choices|
1522 * lists accordingly.
1524 static const EC_CURVE ec_curves[EC_NUM] = {
1526 {"secp160r1", NID_secp160r1, 160},
1527 {"nistp192", NID_X9_62_prime192v1, 192},
1528 {"nistp224", NID_secp224r1, 224},
1529 {"nistp256", NID_X9_62_prime256v1, 256},
1530 {"nistp384", NID_secp384r1, 384},
1531 {"nistp521", NID_secp521r1, 521},
1532 # ifndef OPENSSL_NO_EC2M
1534 {"nistk163", NID_sect163k1, 163},
1535 {"nistk233", NID_sect233k1, 233},
1536 {"nistk283", NID_sect283k1, 283},
1537 {"nistk409", NID_sect409k1, 409},
1538 {"nistk571", NID_sect571k1, 571},
1539 {"nistb163", NID_sect163r2, 163},
1540 {"nistb233", NID_sect233r1, 233},
1541 {"nistb283", NID_sect283r1, 283},
1542 {"nistb409", NID_sect409r1, 409},
1543 {"nistb571", NID_sect571r1, 571},
1545 {"brainpoolP256r1", NID_brainpoolP256r1, 256},
1546 {"brainpoolP256t1", NID_brainpoolP256t1, 256},
1547 {"brainpoolP384r1", NID_brainpoolP384r1, 384},
1548 {"brainpoolP384t1", NID_brainpoolP384t1, 384},
1549 {"brainpoolP512r1", NID_brainpoolP512r1, 512},
1550 {"brainpoolP512t1", NID_brainpoolP512t1, 512},
1551 /* Other and ECDH only ones */
1552 {"X25519", NID_X25519, 253},
1553 {"X448", NID_X448, 448}
1555 static const EC_CURVE ed_curves[EdDSA_NUM] = {
1557 {"Ed25519", NID_ED25519, 253, 64},
1558 {"Ed448", NID_ED448, 456, 114}
1560 # ifndef OPENSSL_NO_SM2
1561 static const EC_CURVE sm2_curves[SM2_NUM] = {
1563 {"CurveSM2", NID_sm2, 256}
1565 uint8_t sm2_doit[SM2_NUM] = { 0 };
1567 uint8_t ecdsa_doit[ECDSA_NUM] = { 0 };
1568 uint8_t ecdh_doit[EC_NUM] = { 0 };
1569 uint8_t eddsa_doit[EdDSA_NUM] = { 0 };
1571 /* checks declarated curves against choices list. */
1572 OPENSSL_assert(ed_curves[EdDSA_NUM - 1].nid == NID_ED448);
1573 OPENSSL_assert(strcmp(eddsa_choices[EdDSA_NUM - 1].name, "ed448") == 0);
1575 OPENSSL_assert(ec_curves[EC_NUM - 1].nid == NID_X448);
1576 OPENSSL_assert(strcmp(ecdh_choices[EC_NUM - 1].name, "ecdhx448") == 0);
1578 OPENSSL_assert(ec_curves[ECDSA_NUM - 1].nid == NID_brainpoolP512t1);
1579 OPENSSL_assert(strcmp(ecdsa_choices[ECDSA_NUM - 1].name, "ecdsabrp512t1") == 0);
1581 # ifndef OPENSSL_NO_SM2
1582 OPENSSL_assert(sm2_curves[SM2_NUM - 1].nid == NID_sm2);
1583 OPENSSL_assert(strcmp(sm2_choices[SM2_NUM - 1].name, "curveSM2") == 0);
1585 #endif /* ndef OPENSSL_NO_EC */
1587 prog = opt_init(argc, argv, speed_options);
1588 while ((o = opt_next()) != OPT_EOF) {
1593 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
1596 opt_help(speed_options);
1604 evp_cipher = EVP_get_cipherbyname(opt_arg());
1605 if (evp_cipher == NULL)
1606 evp_md = EVP_get_digestbyname(opt_arg());
1607 if (evp_cipher == NULL && evp_md == NULL) {
1609 "%s: %s is an unknown cipher or digest\n",
1616 evp_hmac_md = EVP_get_digestbyname(opt_arg());
1617 if (evp_hmac_md == NULL) {
1618 BIO_printf(bio_err, "%s: %s is an unknown digest\n",
1622 doit[D_EVP_HMAC] = 1;
1625 #ifndef OPENSSL_NO_CMAC
1626 evp_cmac_cipher = EVP_get_cipherbyname(opt_arg());
1627 if (evp_cmac_cipher == NULL) {
1628 BIO_printf(bio_err, "%s: %s is an unknown cipher\n",
1632 doit[D_EVP_CMAC] = 1;
1640 * In a forked execution, an engine might need to be
1641 * initialised by each child process, not by the parent.
1642 * So store the name here and run setup_engine() later on.
1644 engine_id = opt_arg();
1648 multi = atoi(opt_arg());
1652 #ifndef OPENSSL_NO_ASYNC
1653 async_jobs = atoi(opt_arg());
1654 if (!ASYNC_is_capable()) {
1656 "%s: async_jobs specified but async not supported\n",
1660 if (async_jobs > 99999) {
1661 BIO_printf(bio_err, "%s: too many async_jobs\n", prog);
1667 if (!opt_int(opt_arg(), &misalign))
1669 if (misalign > MISALIGN) {
1671 "%s: Maximum offset is %d\n", prog, MISALIGN);
1680 #ifdef OPENSSL_NO_MULTIBLOCK
1682 "%s: -mb specified but multi-block support is disabled\n",
1692 if (!opt_int(opt_arg(), &primes))
1696 seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa
1697 = seconds.ecdh = seconds.eddsa
1698 = seconds.sm2 = atoi(opt_arg());
1701 lengths_single = atoi(opt_arg());
1702 lengths = &lengths_single;
1710 argc = opt_num_rest();
1713 /* Remaining arguments are algorithms. */
1714 for (; *argv; argv++) {
1715 const char *algo = *argv;
1717 if (opt_found(algo, doit_choices, &i)) {
1721 #ifndef OPENSSL_NO_DES
1722 if (strcmp(algo, "des") == 0) {
1723 doit[D_CBC_DES] = doit[D_EDE3_DES] = 1;
1727 if (strcmp(algo, "sha") == 0) {
1728 doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1;
1731 #ifndef OPENSSL_NO_RSA
1732 if (strcmp(algo, "openssl") == 0) /* just for compatibility */
1734 if (strncmp(algo, "rsa", 3) == 0) {
1735 if (algo[3] == '\0') {
1736 memset(rsa_doit, 1, sizeof(rsa_doit));
1739 if (opt_found(algo, rsa_choices, &i)) {
1745 #ifndef OPENSSL_NO_DSA
1746 if (strncmp(algo, "dsa", 3) == 0) {
1747 if (algo[3] == '\0') {
1748 memset(dsa_doit, 1, sizeof(dsa_doit));
1751 if (opt_found(algo, dsa_choices, &i)) {
1757 #ifndef OPENSSL_NO_DEPRECATED_3_0
1758 if (strcmp(algo, "aes") == 0) {
1759 doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1;
1763 #if !defined(OPENSSL_NO_CAMELLIA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1764 if (strcmp(algo, "camellia") == 0) {
1765 doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1;
1769 #ifndef OPENSSL_NO_EC
1770 if (strncmp(algo, "ecdsa", 5) == 0) {
1771 if (algo[5] == '\0') {
1772 memset(ecdsa_doit, 1, sizeof(ecdsa_doit));
1775 if (opt_found(algo, ecdsa_choices, &i)) {
1780 if (strncmp(algo, "ecdh", 4) == 0) {
1781 if (algo[4] == '\0') {
1782 memset(ecdh_doit, 1, sizeof(ecdh_doit));
1785 if (opt_found(algo, ecdh_choices, &i)) {
1790 if (strcmp(algo, "eddsa") == 0) {
1791 memset(eddsa_doit, 1, sizeof(eddsa_doit));
1794 if (opt_found(algo, eddsa_choices, &i)) {
1798 # ifndef OPENSSL_NO_SM2
1799 if (strcmp(algo, "sm2") == 0) {
1800 memset(sm2_doit, 1, sizeof(sm2_doit));
1803 if (opt_found(algo, sm2_choices, &i)) {
1808 #endif /* OPENSSL_NO_EC */
1809 BIO_printf(bio_err, "%s: Unknown algorithm %s\n", prog, algo);
1815 if (evp_cipher == NULL) {
1816 BIO_printf(bio_err, "-aead can be used only with an AEAD cipher\n");
1818 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1819 EVP_CIPH_FLAG_AEAD_CIPHER)) {
1820 BIO_printf(bio_err, "%s is not an AEAD cipher\n",
1821 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1826 if (evp_cipher == NULL) {
1827 BIO_printf(bio_err,"-mb can be used only with a multi-block"
1828 " capable cipher\n");
1830 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1831 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
1832 BIO_printf(bio_err, "%s is not a multi-block capable\n",
1833 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1835 } else if (async_jobs > 0) {
1836 BIO_printf(bio_err, "Async mode is not supported with -mb");
1841 /* Initialize the job pool if async mode is enabled */
1842 if (async_jobs > 0) {
1843 async_init = ASYNC_init_thread(async_jobs, async_jobs);
1845 BIO_printf(bio_err, "Error creating the ASYNC job pool\n");
1850 loopargs_len = (async_jobs == 0 ? 1 : async_jobs);
1852 app_malloc(loopargs_len * sizeof(loopargs_t), "array of loopargs");
1853 memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));
1855 for (i = 0; i < loopargs_len; i++) {
1856 if (async_jobs > 0) {
1857 loopargs[i].wait_ctx = ASYNC_WAIT_CTX_new();
1858 if (loopargs[i].wait_ctx == NULL) {
1859 BIO_printf(bio_err, "Error creating the ASYNC_WAIT_CTX\n");
1864 buflen = lengths[size_num - 1];
1865 if (buflen < 36) /* size of random vector in RSA benchmark */
1867 buflen += MAX_MISALIGNMENT + 1;
1868 loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
1869 loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");
1870 memset(loopargs[i].buf_malloc, 0, buflen);
1871 memset(loopargs[i].buf2_malloc, 0, buflen);
1873 /* Align the start of buffers on a 64 byte boundary */
1874 loopargs[i].buf = loopargs[i].buf_malloc + misalign;
1875 loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;
1876 #ifndef OPENSSL_NO_EC
1877 loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a");
1878 loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b");
1883 if (multi && do_multi(multi, size_num))
1887 /* Initialize the engine after the fork */
1888 e = setup_engine(engine_id, 0);
1890 /* No parameters; turn on everything. */
1891 if (argc == 0 && !doit[D_EVP] && !doit[D_EVP_HMAC] && !doit[D_EVP_CMAC]) {
1892 memset(doit, 1, sizeof(doit));
1893 doit[D_EVP] = doit[D_EVP_HMAC] = doit[D_EVP_CMAC] = 0;
1894 #ifndef OPENSSL_NO_RSA
1895 memset(rsa_doit, 1, sizeof(rsa_doit));
1897 #ifndef OPENSSL_NO_DSA
1898 memset(dsa_doit, 1, sizeof(dsa_doit));
1900 #ifndef OPENSSL_NO_EC
1901 memset(ecdsa_doit, 1, sizeof(ecdsa_doit));
1902 memset(ecdh_doit, 1, sizeof(ecdh_doit));
1903 memset(eddsa_doit, 1, sizeof(eddsa_doit));
1904 # ifndef OPENSSL_NO_SM2
1905 memset(sm2_doit, 1, sizeof(sm2_doit));
1909 for (i = 0; i < ALGOR_NUM; i++)
1913 if (usertime == 0 && !mr)
1915 "You have chosen to measure elapsed time "
1916 "instead of user CPU time.\n");
1918 #ifndef OPENSSL_NO_RSA
1919 for (i = 0; i < loopargs_len; i++) {
1920 if (primes > RSA_DEFAULT_PRIME_NUM) {
1921 /* for multi-prime RSA, skip this */
1924 for (k = 0; k < RSA_NUM; k++) {
1925 const unsigned char *p = rsa_keys[k].data;
1927 loopargs[i].rsa_key[k] =
1928 d2i_RSAPrivateKey(NULL, &p, rsa_keys[k].length);
1929 if (loopargs[i].rsa_key[k] == NULL) {
1931 "internal error loading RSA key number %d\n", k);
1937 #ifndef OPENSSL_NO_DSA
1938 for (i = 0; i < loopargs_len; i++) {
1939 loopargs[i].dsa_key[0] = get_dsa(512);
1940 loopargs[i].dsa_key[1] = get_dsa(1024);
1941 loopargs[i].dsa_key[2] = get_dsa(2048);
1944 #ifndef OPENSSL_NO_DES
1945 if (doit[D_CBC_DES] || doit[D_EDE3_DES]) {
1946 static DES_cblock keys[] = {
1947 { 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0 }, /* keys[0] */
1948 { 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12 }, /* keys[1] */
1949 { 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34 } /* keys[3] */
1951 DES_set_key_unchecked(&keys[0], &sch[0]);
1952 DES_set_key_unchecked(&keys[1], &sch[1]);
1953 DES_set_key_unchecked(&keys[2], &sch[2]);
1956 #ifndef OPENSSL_NO_DEPRECATED_3_0
1957 AES_set_encrypt_key(key16, 128, &aes_ks1);
1958 AES_set_encrypt_key(key24, 192, &aes_ks2);
1959 AES_set_encrypt_key(key32, 256, &aes_ks3);
1961 #if !defined(OPENSSL_NO_CAMELLIA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1962 if (doit[D_CBC_128_CML] || doit[D_CBC_192_CML] || doit[D_CBC_256_CML]) {
1963 Camellia_set_key(key16, 128, &camellia_ks[0]);
1964 Camellia_set_key(key24, 192, &camellia_ks[1]);
1965 Camellia_set_key(key32, 256, &camellia_ks[2]);
1968 #ifndef OPENSSL_NO_IDEA
1969 if (doit[D_CBC_IDEA])
1970 IDEA_set_encrypt_key(key16, &idea_ks);
1972 #if !defined(OPENSSL_NO_SEED) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1973 if (doit[D_CBC_SEED])
1974 SEED_set_key(key16, &seed_ks);
1976 #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1978 RC4_set_key(&rc4_ks, 16, key16);
1980 #if !defined(OPENSSL_NO_RC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1981 if (doit[D_CBC_RC2])
1982 RC2_set_key(&rc2_ks, 16, key16, 128);
1984 #ifndef OPENSSL_NO_RC5
1985 if (doit[D_CBC_RC5])
1986 if (!RC5_32_set_key(&rc5_ks, 16, key16, 12)) {
1987 BIO_printf(bio_err, "Failed setting RC5 key\n");
1991 #if !defined(OPENSSL_NO_BF) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1993 BF_set_key(&bf_ks, 16, key16);
1995 #if !defined(OPENSSL_NO_CAST) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1996 if (doit[D_CBC_CAST])
1997 CAST_set_key(&cast_ks, 16, key16);
2000 # ifndef OPENSSL_NO_DES
2001 BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
2007 for (it = count; it; it--)
2008 DES_ecb_encrypt((DES_cblock *)loopargs[0].buf,
2009 (DES_cblock *)loopargs[0].buf, &sch, DES_ENCRYPT);
2012 c[D_MD2][0] = count / 10;
2013 c[D_MDC2][0] = count / 10;
2014 c[D_MD4][0] = count;
2015 c[D_MD5][0] = count;
2016 c[D_HMAC][0] = count;
2017 c[D_SHA1][0] = count;
2018 c[D_RMD160][0] = count;
2019 c[D_RC4][0] = count * 5;
2020 c[D_CBC_DES][0] = count;
2021 c[D_EDE3_DES][0] = count / 3;
2022 c[D_CBC_IDEA][0] = count;
2023 c[D_CBC_SEED][0] = count;
2024 c[D_CBC_RC2][0] = count;
2025 c[D_CBC_RC5][0] = count;
2026 c[D_CBC_BF][0] = count;
2027 c[D_CBC_CAST][0] = count;
2028 c[D_CBC_128_AES][0] = count;
2029 c[D_CBC_192_AES][0] = count;
2030 c[D_CBC_256_AES][0] = count;
2031 c[D_CBC_128_CML][0] = count;
2032 c[D_CBC_192_CML][0] = count;
2033 c[D_CBC_256_CML][0] = count;
2034 c[D_EVP][0] = count;
2035 c[D_SHA256][0] = count;
2036 c[D_SHA512][0] = count;
2037 c[D_WHIRLPOOL][0] = count;
2038 c[D_IGE_128_AES][0] = count;
2039 c[D_IGE_192_AES][0] = count;
2040 c[D_IGE_256_AES][0] = count;
2041 c[D_GHASH][0] = count;
2042 c[D_RAND][0] = count;
2043 c[D_EVP_HMAC][0] = count;
2044 c[D_EVP_CMAC][0] = count;
2046 for (i = 1; i < size_num; i++) {
2047 long l0 = (long)lengths[0];
2048 long l1 = (long)lengths[i];
2050 c[D_MD2][i] = c[D_MD2][0] * 4 * l0 / l1;
2051 c[D_MDC2][i] = c[D_MDC2][0] * 4 * l0 / l1;
2052 c[D_MD4][i] = c[D_MD4][0] * 4 * l0 / l1;
2053 c[D_MD5][i] = c[D_MD5][0] * 4 * l0 / l1;
2054 c[D_HMAC][i] = c[D_HMAC][0] * 4 * l0 / l1;
2055 c[D_SHA1][i] = c[D_SHA1][0] * 4 * l0 / l1;
2056 c[D_RMD160][i] = c[D_RMD160][0] * 4 * l0 / l1;
2057 c[D_EVP][i] = = c[D_EVP][0] * 4 * l0 / l1;
2058 c[D_SHA256][i] = c[D_SHA256][0] * 4 * l0 / l1;
2059 c[D_SHA512][i] = c[D_SHA512][0] * 4 * l0 / l1;
2060 c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * l0 / l1;
2061 c[D_GHASH][i] = c[D_GHASH][0] * 4 * l0 / l1;
2062 c[D_RAND][i] = c[D_RAND][0] * 4 * l0 / l1;
2063 c[D_EVP_HMAC][i] = = c[D_EVP_HMAC][0] * 4 * l0 / l1;
2064 c[D_EVP_CMAC][i] = = c[D_EVP_CMAC][0] * 4 * l0 / l1;
2066 l0 = (long)lengths[i - 1];
2068 c[D_RC4][i] = c[D_RC4][i - 1] * l0 / l1;
2069 c[D_CBC_DES][i] = c[D_CBC_DES][i - 1] * l0 / l1;
2070 c[D_EDE3_DES][i] = c[D_EDE3_DES][i - 1] * l0 / l1;
2071 c[D_CBC_IDEA][i] = c[D_CBC_IDEA][i - 1] * l0 / l1;
2072 c[D_CBC_SEED][i] = c[D_CBC_SEED][i - 1] * l0 / l1;
2073 c[D_CBC_RC2][i] = c[D_CBC_RC2][i - 1] * l0 / l1;
2074 c[D_CBC_RC5][i] = c[D_CBC_RC5][i - 1] * l0 / l1;
2075 c[D_CBC_BF][i] = c[D_CBC_BF][i - 1] * l0 / l1;
2076 c[D_CBC_CAST][i] = c[D_CBC_CAST][i - 1] * l0 / l1;
2077 c[D_CBC_128_AES][i] = c[D_CBC_128_AES][i - 1] * l0 / l1;
2078 c[D_CBC_192_AES][i] = c[D_CBC_192_AES][i - 1] * l0 / l1;
2079 c[D_CBC_256_AES][i] = c[D_CBC_256_AES][i - 1] * l0 / l1;
2080 c[D_CBC_128_CML][i] = c[D_CBC_128_CML][i - 1] * l0 / l1;
2081 c[D_CBC_192_CML][i] = c[D_CBC_192_CML][i - 1] * l0 / l1;
2082 c[D_CBC_256_CML][i] = c[D_CBC_256_CML][i - 1] * l0 / l1;
2083 c[D_IGE_128_AES][i] = c[D_IGE_128_AES][i - 1] * l0 / l1;
2084 c[D_IGE_192_AES][i] = c[D_IGE_192_AES][i - 1] * l0 / l1;
2085 c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
2088 # ifndef OPENSSL_NO_RSA
2089 rsa_c[R_RSA_512][0] = count / 2000;
2090 rsa_c[R_RSA_512][1] = count / 400;
2091 for (i = 1; i < RSA_NUM; i++) {
2092 rsa_c[i][0] = rsa_c[i - 1][0] / 8;
2093 rsa_c[i][1] = rsa_c[i - 1][1] / 4;
2094 if (rsa_doit[i] <= 1 && rsa_c[i][0] == 0)
2097 if (rsa_c[i][0] == 0) {
2098 rsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2105 # ifndef OPENSSL_NO_DSA
2106 dsa_c[R_DSA_512][0] = count / 1000;
2107 dsa_c[R_DSA_512][1] = count / 1000 / 2;
2108 for (i = 1; i < DSA_NUM; i++) {
2109 dsa_c[i][0] = dsa_c[i - 1][0] / 4;
2110 dsa_c[i][1] = dsa_c[i - 1][1] / 4;
2111 if (dsa_doit[i] <= 1 && dsa_c[i][0] == 0)
2114 if (dsa_c[i][0] == 0) {
2115 dsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2122 # ifndef OPENSSL_NO_EC
2123 ecdsa_c[R_EC_P160][0] = count / 1000;
2124 ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
2125 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2126 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2127 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2128 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2131 if (ecdsa_c[i][0] == 0) {
2137 # ifndef OPENSSL_NO_EC2M
2138 ecdsa_c[R_EC_K163][0] = count / 1000;
2139 ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
2140 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2141 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2142 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2143 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2146 if (ecdsa_c[i][0] == 0) {
2152 ecdsa_c[R_EC_B163][0] = count / 1000;
2153 ecdsa_c[R_EC_B163][1] = count / 1000 / 2;
2154 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2155 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2156 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2157 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2160 if (ecdsa_c[i][0] == 0) {
2168 ecdh_c[R_EC_P160][0] = count / 1000;
2169 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2170 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2171 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2174 if (ecdh_c[i][0] == 0) {
2179 # ifndef OPENSSL_NO_EC2M
2180 ecdh_c[R_EC_K163][0] = count / 1000;
2181 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2182 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2183 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2186 if (ecdh_c[i][0] == 0) {
2191 ecdh_c[R_EC_B163][0] = count / 1000;
2192 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2193 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2194 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2197 if (ecdh_c[i][0] == 0) {
2203 /* repeated code good to factorize */
2204 ecdh_c[R_EC_BRP256R1][0] = count / 1000;
2205 for (i = R_EC_BRP384R1; i <= R_EC_BRP512R1; i += 2) {
2206 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2207 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2210 if (ecdh_c[i][0] == 0) {
2215 ecdh_c[R_EC_BRP256T1][0] = count / 1000;
2216 for (i = R_EC_BRP384T1; i <= R_EC_BRP512T1; i += 2) {
2217 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2218 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2221 if (ecdh_c[i][0] == 0) {
2226 /* default iteration count for the last two EC Curves */
2227 ecdh_c[R_EC_X25519][0] = count / 1800;
2228 ecdh_c[R_EC_X448][0] = count / 7200;
2230 eddsa_c[R_EC_Ed25519][0] = count / 1800;
2231 eddsa_c[R_EC_Ed448][0] = count / 7200;
2233 # ifndef OPENSSL_NO_SM2
2234 sm2_c[R_EC_SM2P256][0] = count / 1800;
2236 # endif /* OPENSSL_NO_EC */
2239 /* not worth fixing */
2240 # error "You cannot disable DES on systems without SIGALRM."
2241 # endif /* OPENSSL_NO_DES */
2243 signal(SIGALRM, alarmed);
2244 #endif /* SIGALRM */
2246 #if !defined(OPENSSL_NO_MD2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2248 for (testnum = 0; testnum < size_num; testnum++) {
2249 print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum],
2252 count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs);
2254 print_result(D_MD2, testnum, count, d);
2258 #if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2260 for (testnum = 0; testnum < size_num; testnum++) {
2261 print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum],
2264 count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs);
2266 print_result(D_MDC2, testnum, count, d);
2273 #if !defined(OPENSSL_NO_MD4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2275 for (testnum = 0; testnum < size_num; testnum++) {
2276 print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum],
2279 count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs);
2281 print_result(D_MD4, testnum, count, d);
2288 #ifndef OPENSSL_NO_MD5
2290 for (testnum = 0; testnum < size_num; testnum++) {
2291 print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum],
2294 count = run_benchmark(async_jobs, MD5_loop, loopargs);
2296 print_result(D_MD5, testnum, count, d);
2301 static const char hmac_key[] = "This is a key...";
2302 int len = strlen(hmac_key);
2304 for (i = 0; i < loopargs_len; i++) {
2305 loopargs[i].hctx = HMAC_CTX_new();
2306 if (loopargs[i].hctx == NULL) {
2307 BIO_printf(bio_err, "HMAC malloc failure, exiting...");
2311 HMAC_Init_ex(loopargs[i].hctx, hmac_key, len, EVP_md5(), NULL);
2313 for (testnum = 0; testnum < size_num; testnum++) {
2314 print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum],
2317 count = run_benchmark(async_jobs, HMAC_loop, loopargs);
2319 print_result(D_HMAC, testnum, count, d);
2321 for (i = 0; i < loopargs_len; i++)
2322 HMAC_CTX_free(loopargs[i].hctx);
2326 for (testnum = 0; testnum < size_num; testnum++) {
2327 print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum],
2330 count = run_benchmark(async_jobs, SHA1_loop, loopargs);
2332 print_result(D_SHA1, testnum, count, d);
2335 if (doit[D_SHA256]) {
2336 for (testnum = 0; testnum < size_num; testnum++) {
2337 print_message(names[D_SHA256], c[D_SHA256][testnum],
2338 lengths[testnum], seconds.sym);
2340 count = run_benchmark(async_jobs, SHA256_loop, loopargs);
2342 print_result(D_SHA256, testnum, count, d);
2345 if (doit[D_SHA512]) {
2346 for (testnum = 0; testnum < size_num; testnum++) {
2347 print_message(names[D_SHA512], c[D_SHA512][testnum],
2348 lengths[testnum], seconds.sym);
2350 count = run_benchmark(async_jobs, SHA512_loop, loopargs);
2352 print_result(D_SHA512, testnum, count, d);
2355 #if !defined(OPENSSL_NO_WHIRLPOOL) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2356 if (doit[D_WHIRLPOOL]) {
2357 for (testnum = 0; testnum < size_num; testnum++) {
2358 print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][testnum],
2359 lengths[testnum], seconds.sym);
2361 count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs);
2363 print_result(D_WHIRLPOOL, testnum, count, d);
2368 #if !defined(OPENSSL_NO_RMD160) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2369 if (doit[D_RMD160]) {
2370 for (testnum = 0; testnum < size_num; testnum++) {
2371 print_message(names[D_RMD160], c[D_RMD160][testnum],
2372 lengths[testnum], seconds.sym);
2374 count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs);
2376 print_result(D_RMD160, testnum, count, d);
2382 #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2384 for (testnum = 0; testnum < size_num; testnum++) {
2385 print_message(names[D_RC4], c[D_RC4][testnum], lengths[testnum],
2388 count = run_benchmark(async_jobs, RC4_loop, loopargs);
2390 print_result(D_RC4, testnum, count, d);
2394 #ifndef OPENSSL_NO_DES
2395 if (doit[D_CBC_DES]) {
2396 for (testnum = 0; testnum < size_num; testnum++) {
2397 print_message(names[D_CBC_DES], c[D_CBC_DES][testnum],
2398 lengths[testnum], seconds.sym);
2400 count = run_benchmark(async_jobs, DES_ncbc_encrypt_loop, loopargs);
2402 print_result(D_CBC_DES, testnum, count, d);
2406 if (doit[D_EDE3_DES]) {
2407 for (testnum = 0; testnum < size_num; testnum++) {
2408 print_message(names[D_EDE3_DES], c[D_EDE3_DES][testnum],
2409 lengths[testnum], seconds.sym);
2412 run_benchmark(async_jobs, DES_ede3_cbc_encrypt_loop, loopargs);
2414 print_result(D_EDE3_DES, testnum, count, d);
2419 #ifndef OPENSSL_NO_DEPRECATED_3_0
2420 if (doit[D_CBC_128_AES]) {
2421 for (testnum = 0; testnum < size_num; testnum++) {
2422 print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][testnum],
2423 lengths[testnum], seconds.sym);
2426 run_benchmark(async_jobs, AES_cbc_128_encrypt_loop, loopargs);
2428 print_result(D_CBC_128_AES, testnum, count, d);
2431 if (doit[D_CBC_192_AES]) {
2432 for (testnum = 0; testnum < size_num; testnum++) {
2433 print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][testnum],
2434 lengths[testnum], seconds.sym);
2437 run_benchmark(async_jobs, AES_cbc_192_encrypt_loop, loopargs);
2439 print_result(D_CBC_192_AES, testnum, count, d);
2442 if (doit[D_CBC_256_AES]) {
2443 for (testnum = 0; testnum < size_num; testnum++) {
2444 print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][testnum],
2445 lengths[testnum], seconds.sym);
2448 run_benchmark(async_jobs, AES_cbc_256_encrypt_loop, loopargs);
2450 print_result(D_CBC_256_AES, testnum, count, d);
2455 if (doit[D_IGE_128_AES]) {
2456 for (testnum = 0; testnum < size_num; testnum++) {
2457 print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][testnum],
2458 lengths[testnum], seconds.sym);
2461 run_benchmark(async_jobs, AES_ige_128_encrypt_loop, loopargs);
2463 print_result(D_IGE_128_AES, testnum, count, d);
2466 if (doit[D_IGE_192_AES]) {
2467 for (testnum = 0; testnum < size_num; testnum++) {
2468 print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][testnum],
2469 lengths[testnum], seconds.sym);
2472 run_benchmark(async_jobs, AES_ige_192_encrypt_loop, loopargs);
2474 print_result(D_IGE_192_AES, testnum, count, d);
2477 if (doit[D_IGE_256_AES]) {
2478 for (testnum = 0; testnum < size_num; testnum++) {
2479 print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][testnum],
2480 lengths[testnum], seconds.sym);
2483 run_benchmark(async_jobs, AES_ige_256_encrypt_loop, loopargs);
2485 print_result(D_IGE_256_AES, testnum, count, d);
2488 if (doit[D_GHASH]) {
2489 for (i = 0; i < loopargs_len; i++) {
2490 loopargs[i].gcm_ctx =
2491 CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
2492 CRYPTO_gcm128_setiv(loopargs[i].gcm_ctx,
2493 (unsigned char *)"0123456789ab", 12);
2496 for (testnum = 0; testnum < size_num; testnum++) {
2497 print_message(names[D_GHASH], c[D_GHASH][testnum],
2498 lengths[testnum], seconds.sym);
2500 count = run_benchmark(async_jobs, CRYPTO_gcm128_aad_loop, loopargs);
2502 print_result(D_GHASH, testnum, count, d);
2504 for (i = 0; i < loopargs_len; i++)
2505 CRYPTO_gcm128_release(loopargs[i].gcm_ctx);
2507 #endif /* OPENSSL_NO_DEPRECATED_3_0 */
2508 #if !defined(OPENSSL_NO_CAMELLIA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2509 if (doit[D_CBC_128_CML]) {
2510 if (async_jobs > 0) {
2511 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2512 names[D_CBC_128_CML]);
2513 doit[D_CBC_128_CML] = 0;
2515 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2516 print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][testnum],
2517 lengths[testnum], seconds.sym);
2519 for (count = 0; COND(c[D_CBC_128_CML][testnum]); count++)
2520 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2521 (size_t)lengths[testnum], &camellia_ks[0],
2522 iv, CAMELLIA_ENCRYPT);
2524 print_result(D_CBC_128_CML, testnum, count, d);
2527 if (doit[D_CBC_192_CML]) {
2528 if (async_jobs > 0) {
2529 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2530 names[D_CBC_192_CML]);
2531 doit[D_CBC_192_CML] = 0;
2533 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2534 print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][testnum],
2535 lengths[testnum], seconds.sym);
2536 if (async_jobs > 0) {
2537 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2541 for (count = 0; COND(c[D_CBC_192_CML][testnum]); count++)
2542 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2543 (size_t)lengths[testnum], &camellia_ks[1],
2544 iv, CAMELLIA_ENCRYPT);
2546 print_result(D_CBC_192_CML, testnum, count, d);
2549 if (doit[D_CBC_256_CML]) {
2550 if (async_jobs > 0) {
2551 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2552 names[D_CBC_256_CML]);
2553 doit[D_CBC_256_CML] = 0;
2555 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2556 print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][testnum],
2557 lengths[testnum], seconds.sym);
2559 for (count = 0; COND(c[D_CBC_256_CML][testnum]); count++)
2560 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2561 (size_t)lengths[testnum], &camellia_ks[2],
2562 iv, CAMELLIA_ENCRYPT);
2564 print_result(D_CBC_256_CML, testnum, count, d);
2568 #ifndef OPENSSL_NO_IDEA
2569 if (doit[D_CBC_IDEA]) {
2570 if (async_jobs > 0) {
2571 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2573 doit[D_CBC_IDEA] = 0;
2575 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2576 print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][testnum],
2577 lengths[testnum], seconds.sym);
2579 for (count = 0; COND(c[D_CBC_IDEA][testnum]); count++)
2580 IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2581 (size_t)lengths[testnum], &idea_ks,
2584 print_result(D_CBC_IDEA, testnum, count, d);
2588 #if !defined(OPENSSL_NO_SEED) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2589 if (doit[D_CBC_SEED]) {
2590 if (async_jobs > 0) {
2591 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2593 doit[D_CBC_SEED] = 0;
2595 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2596 print_message(names[D_CBC_SEED], c[D_CBC_SEED][testnum],
2597 lengths[testnum], seconds.sym);
2599 for (count = 0; COND(c[D_CBC_SEED][testnum]); count++)
2600 SEED_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2601 (size_t)lengths[testnum], &seed_ks, iv, 1);
2603 print_result(D_CBC_SEED, testnum, count, d);
2607 #if !defined(OPENSSL_NO_RC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2608 if (doit[D_CBC_RC2]) {
2609 if (async_jobs > 0) {
2610 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2612 doit[D_CBC_RC2] = 0;
2614 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2615 print_message(names[D_CBC_RC2], c[D_CBC_RC2][testnum],
2616 lengths[testnum], seconds.sym);
2617 if (async_jobs > 0) {
2618 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2622 for (count = 0; COND(c[D_CBC_RC2][testnum]); count++)
2623 RC2_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2624 (size_t)lengths[testnum], &rc2_ks,
2627 print_result(D_CBC_RC2, testnum, count, d);
2631 #ifndef OPENSSL_NO_RC5
2632 if (doit[D_CBC_RC5]) {
2633 if (async_jobs > 0) {
2634 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2636 doit[D_CBC_RC5] = 0;
2638 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2639 print_message(names[D_CBC_RC5], c[D_CBC_RC5][testnum],
2640 lengths[testnum], seconds.sym);
2641 if (async_jobs > 0) {
2642 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2646 for (count = 0; COND(c[D_CBC_RC5][testnum]); count++)
2647 RC5_32_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2648 (size_t)lengths[testnum], &rc5_ks,
2651 print_result(D_CBC_RC5, testnum, count, d);
2655 #if !defined(OPENSSL_NO_BF) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2656 if (doit[D_CBC_BF]) {
2657 if (async_jobs > 0) {
2658 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2662 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2663 print_message(names[D_CBC_BF], c[D_CBC_BF][testnum],
2664 lengths[testnum], seconds.sym);
2666 for (count = 0; COND(c[D_CBC_BF][testnum]); count++)
2667 BF_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2668 (size_t)lengths[testnum], &bf_ks,
2671 print_result(D_CBC_BF, testnum, count, d);
2675 #if !defined(OPENSSL_NO_CAST) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2676 if (doit[D_CBC_CAST]) {
2677 if (async_jobs > 0) {
2678 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2680 doit[D_CBC_CAST] = 0;
2682 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2683 print_message(names[D_CBC_CAST], c[D_CBC_CAST][testnum],
2684 lengths[testnum], seconds.sym);
2686 for (count = 0; COND(c[D_CBC_CAST][testnum]); count++)
2687 CAST_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2688 (size_t)lengths[testnum], &cast_ks,
2691 print_result(D_CBC_CAST, testnum, count, d);
2696 for (testnum = 0; testnum < size_num; testnum++) {
2697 print_message(names[D_RAND], c[D_RAND][testnum], lengths[testnum],
2700 count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs);
2702 print_result(D_RAND, testnum, count, d);
2707 if (evp_cipher != NULL) {
2708 int (*loopfunc) (void *) = EVP_Update_loop;
2710 if (multiblock && (EVP_CIPHER_flags(evp_cipher) &
2711 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
2712 multiblock_speed(evp_cipher, lengths_single, &seconds);
2717 names[D_EVP] = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
2719 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_CCM_MODE) {
2720 loopfunc = EVP_Update_loop_ccm;
2721 } else if (aead && (EVP_CIPHER_flags(evp_cipher) &
2722 EVP_CIPH_FLAG_AEAD_CIPHER)) {
2723 loopfunc = EVP_Update_loop_aead;
2724 if (lengths == lengths_list) {
2725 lengths = aead_lengths_list;
2726 size_num = OSSL_NELEM(aead_lengths_list);
2730 for (testnum = 0; testnum < size_num; testnum++) {
2731 print_message(names[D_EVP], c[D_EVP][testnum], lengths[testnum],
2734 for (k = 0; k < loopargs_len; k++) {
2735 loopargs[k].ctx = EVP_CIPHER_CTX_new();
2736 if (loopargs[k].ctx == NULL) {
2737 BIO_printf(bio_err, "\nEVP_CIPHER_CTX_new failure\n");
2740 if (!EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL,
2741 NULL, iv, decrypt ? 0 : 1)) {
2742 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2743 ERR_print_errors(bio_err);
2747 EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
2749 keylen = EVP_CIPHER_CTX_key_length(loopargs[k].ctx);
2750 loopargs[k].key = app_malloc(keylen, "evp_cipher key");
2751 EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key);
2752 if (!EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
2753 loopargs[k].key, NULL, -1)) {
2754 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2755 ERR_print_errors(bio_err);
2758 OPENSSL_clear_free(loopargs[k].key, keylen);
2760 /* SIV mode only allows for a single Update operation */
2761 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_SIV_MODE)
2762 EVP_CIPHER_CTX_ctrl(loopargs[k].ctx, EVP_CTRL_SET_SPEED, 1, NULL);
2766 count = run_benchmark(async_jobs, loopfunc, loopargs);
2768 for (k = 0; k < loopargs_len; k++) {
2769 EVP_CIPHER_CTX_free(loopargs[k].ctx);
2771 print_result(D_EVP, testnum, count, d);
2773 } else if (evp_md != NULL) {
2774 names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md));
2776 for (testnum = 0; testnum < size_num; testnum++) {
2777 print_message(names[D_EVP], c[D_EVP][testnum], lengths[testnum],
2780 count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs);
2782 print_result(D_EVP, testnum, count, d);
2787 if (doit[D_EVP_HMAC] && evp_hmac_md != NULL) {
2788 const char *md_name = OBJ_nid2ln(EVP_MD_type(evp_hmac_md));
2790 evp_hmac_name = app_malloc(sizeof("HMAC()") + strlen(md_name),
2792 sprintf(evp_hmac_name, "HMAC(%s)", md_name);
2793 names[D_EVP_HMAC] = evp_hmac_name;
2795 for (testnum = 0; testnum < size_num; testnum++) {
2796 print_message(names[D_EVP_HMAC], c[D_EVP_HMAC][testnum], lengths[testnum],
2799 count = run_benchmark(async_jobs, EVP_HMAC_loop, loopargs);
2801 print_result(D_EVP_HMAC, testnum, count, d);
2805 #ifndef OPENSSL_NO_CMAC
2806 if (doit[D_EVP_CMAC] && evp_cmac_cipher != NULL) {
2807 const char *cipher_name = OBJ_nid2ln(EVP_CIPHER_type(evp_cmac_cipher));
2809 evp_cmac_name = app_malloc(sizeof("CMAC()") + strlen(cipher_name),
2811 sprintf(evp_cmac_name, "CMAC(%s)", cipher_name);
2812 names[D_EVP_CMAC] = evp_cmac_name;
2814 for (i = 0; i < loopargs_len; i++) {
2815 loopargs[i].cmac_ctx = CMAC_CTX_new();
2816 if (loopargs[i].cmac_ctx == NULL) {
2817 BIO_printf(bio_err, "CMAC malloc failure, exiting...");
2821 for (testnum = 0; testnum < size_num; testnum++) {
2822 print_message(names[D_EVP_CMAC], c[D_EVP_CMAC][testnum], lengths[testnum],
2825 count = run_benchmark(async_jobs, EVP_CMAC_loop, loopargs);
2827 print_result(D_EVP_CMAC, testnum, count, d);
2829 for (i = 0; i < loopargs_len; i++)
2830 CMAC_CTX_free(loopargs[i].cmac_ctx);
2834 for (i = 0; i < loopargs_len; i++)
2835 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2838 #ifndef OPENSSL_NO_RSA
2839 for (testnum = 0; testnum < RSA_NUM; testnum++) {
2841 if (!rsa_doit[testnum])
2843 for (i = 0; i < loopargs_len; i++) {
2844 if (primes > RSA_DEFAULT_PRIME_NUM) {
2845 /* we haven't set keys yet, generate multi-prime RSA keys */
2846 BIGNUM *bn = BN_new();
2850 if (!BN_set_word(bn, RSA_F4)) {
2855 BIO_printf(bio_err, "Generate multi-prime RSA key for %s\n",
2856 rsa_choices[testnum].name);
2858 loopargs[i].rsa_key[testnum] = RSA_new();
2859 if (loopargs[i].rsa_key[testnum] == NULL) {
2864 if (!RSA_generate_multi_prime_key(loopargs[i].rsa_key[testnum],
2865 rsa_keys[testnum].bits,
2866 primes, bn, NULL)) {
2872 st = RSA_sign(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2873 &loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2879 "RSA sign failure. No RSA sign will be done.\n");
2880 ERR_print_errors(bio_err);
2883 pkey_print_message("private", "rsa",
2884 rsa_c[testnum][0], rsa_keys[testnum].bits,
2886 /* RSA_blinding_on(rsa_key[testnum],NULL); */
2888 count = run_benchmark(async_jobs, RSA_sign_loop, loopargs);
2891 mr ? "+R1:%ld:%d:%.2f\n"
2892 : "%ld %u bits private RSA's in %.2fs\n",
2893 count, rsa_keys[testnum].bits, d);
2894 rsa_results[testnum][0] = (double)count / d;
2898 for (i = 0; i < loopargs_len; i++) {
2899 st = RSA_verify(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2900 loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2906 "RSA verify failure. No RSA verify will be done.\n");
2907 ERR_print_errors(bio_err);
2908 rsa_doit[testnum] = 0;
2910 pkey_print_message("public", "rsa",
2911 rsa_c[testnum][1], rsa_keys[testnum].bits,
2914 count = run_benchmark(async_jobs, RSA_verify_loop, loopargs);
2917 mr ? "+R2:%ld:%d:%.2f\n"
2918 : "%ld %u bits public RSA's in %.2fs\n",
2919 count, rsa_keys[testnum].bits, d);
2920 rsa_results[testnum][1] = (double)count / d;
2923 if (rsa_count <= 1) {
2924 /* if longer than 10s, don't do any more */
2925 stop_it(rsa_doit, testnum);
2928 #endif /* OPENSSL_NO_RSA */
2930 for (i = 0; i < loopargs_len; i++)
2931 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2934 #ifndef OPENSSL_NO_DSA
2935 for (testnum = 0; testnum < DSA_NUM; testnum++) {
2937 if (!dsa_doit[testnum])
2940 /* DSA_generate_key(dsa_key[testnum]); */
2941 /* DSA_sign_setup(dsa_key[testnum],NULL); */
2942 for (i = 0; i < loopargs_len; i++) {
2943 st = DSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
2944 &loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2950 "DSA sign failure. No DSA sign will be done.\n");
2951 ERR_print_errors(bio_err);
2954 pkey_print_message("sign", "dsa",
2955 dsa_c[testnum][0], dsa_bits[testnum],
2958 count = run_benchmark(async_jobs, DSA_sign_loop, loopargs);
2961 mr ? "+R3:%ld:%u:%.2f\n"
2962 : "%ld %u bits DSA signs in %.2fs\n",
2963 count, dsa_bits[testnum], d);
2964 dsa_results[testnum][0] = (double)count / d;
2968 for (i = 0; i < loopargs_len; i++) {
2969 st = DSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
2970 loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2976 "DSA verify failure. No DSA verify will be done.\n");
2977 ERR_print_errors(bio_err);
2978 dsa_doit[testnum] = 0;
2980 pkey_print_message("verify", "dsa",
2981 dsa_c[testnum][1], dsa_bits[testnum],
2984 count = run_benchmark(async_jobs, DSA_verify_loop, loopargs);
2987 mr ? "+R4:%ld:%u:%.2f\n"
2988 : "%ld %u bits DSA verify in %.2fs\n",
2989 count, dsa_bits[testnum], d);
2990 dsa_results[testnum][1] = (double)count / d;
2993 if (rsa_count <= 1) {
2994 /* if longer than 10s, don't do any more */
2995 stop_it(dsa_doit, testnum);
2998 #endif /* OPENSSL_NO_DSA */
3000 #ifndef OPENSSL_NO_EC
3001 for (testnum = 0; testnum < ECDSA_NUM; testnum++) {
3004 if (!ecdsa_doit[testnum])
3005 continue; /* Ignore Curve */
3006 for (i = 0; i < loopargs_len; i++) {
3007 loopargs[i].ecdsa[testnum] =
3008 EC_KEY_new_by_curve_name(ec_curves[testnum].nid);
3009 if (loopargs[i].ecdsa[testnum] == NULL) {
3015 BIO_printf(bio_err, "ECDSA failure.\n");
3016 ERR_print_errors(bio_err);
3019 for (i = 0; i < loopargs_len; i++) {
3020 EC_KEY_precompute_mult(loopargs[i].ecdsa[testnum], NULL);
3021 /* Perform ECDSA signature test */
3022 EC_KEY_generate_key(loopargs[i].ecdsa[testnum]);
3023 st = ECDSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
3024 &loopargs[i].siglen,
3025 loopargs[i].ecdsa[testnum]);
3031 "ECDSA sign failure. No ECDSA sign will be done.\n");
3032 ERR_print_errors(bio_err);
3035 pkey_print_message("sign", "ecdsa",
3036 ecdsa_c[testnum][0],
3037 ec_curves[testnum].bits, seconds.ecdsa);
3039 count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs);
3043 mr ? "+R5:%ld:%u:%.2f\n" :
3044 "%ld %u bits ECDSA signs in %.2fs \n",
3045 count, ec_curves[testnum].bits, d);
3046 ecdsa_results[testnum][0] = (double)count / d;
3050 /* Perform ECDSA verification test */
3051 for (i = 0; i < loopargs_len; i++) {
3052 st = ECDSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
3054 loopargs[i].ecdsa[testnum]);
3060 "ECDSA verify failure. No ECDSA verify will be done.\n");
3061 ERR_print_errors(bio_err);
3062 ecdsa_doit[testnum] = 0;
3064 pkey_print_message("verify", "ecdsa",
3065 ecdsa_c[testnum][1],
3066 ec_curves[testnum].bits, seconds.ecdsa);
3068 count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs);
3071 mr ? "+R6:%ld:%u:%.2f\n"
3072 : "%ld %u bits ECDSA verify in %.2fs\n",
3073 count, ec_curves[testnum].bits, d);
3074 ecdsa_results[testnum][1] = (double)count / d;
3077 if (rsa_count <= 1) {
3078 /* if longer than 10s, don't do any more */
3079 stop_it(ecdsa_doit, testnum);
3084 for (testnum = 0; testnum < EC_NUM; testnum++) {
3085 int ecdh_checks = 1;
3087 if (!ecdh_doit[testnum])
3090 for (i = 0; i < loopargs_len; i++) {
3091 EVP_PKEY_CTX *kctx = NULL;
3092 EVP_PKEY_CTX *test_ctx = NULL;
3093 EVP_PKEY_CTX *ctx = NULL;
3094 EVP_PKEY *key_A = NULL;
3095 EVP_PKEY *key_B = NULL;
3099 /* Ensure that the error queue is empty */
3100 if (ERR_peek_error()) {
3102 "WARNING: the error queue contains previous unhandled errors.\n");
3103 ERR_print_errors(bio_err);
3106 /* Let's try to create a ctx directly from the NID: this works for
3107 * curves like Curve25519 that are not implemented through the low
3108 * level EC interface.
3109 * If this fails we try creating a EVP_PKEY_EC generic param ctx,
3110 * then we set the curve by NID before deriving the actual keygen
3111 * ctx for that specific curve. */
3112 kctx = EVP_PKEY_CTX_new_id(ec_curves[testnum].nid, NULL); /* keygen ctx from NID */
3114 EVP_PKEY_CTX *pctx = NULL;
3115 EVP_PKEY *params = NULL;
3117 /* If we reach this code EVP_PKEY_CTX_new_id() failed and a
3118 * "int_ctx_new:unsupported algorithm" error was added to the
3120 * We remove it from the error queue as we are handling it. */
3121 unsigned long error = ERR_peek_error(); /* peek the latest error in the queue */
3122 if (error == ERR_peek_last_error() && /* oldest and latest errors match */
3123 /* check that the error origin matches */
3124 ERR_GET_LIB(error) == ERR_LIB_EVP &&
3125 ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM)
3126 ERR_get_error(); /* pop error from queue */
3127 if (ERR_peek_error()) {
3129 "Unhandled error in the error queue during ECDH init.\n");
3130 ERR_print_errors(bio_err);
3135 /* Create the context for parameter generation */
3136 if (!(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) ||
3137 /* Initialise the parameter generation */
3138 !EVP_PKEY_paramgen_init(pctx) ||
3139 /* Set the curve by NID */
3140 !EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3143 /* Create the parameter object params */
3144 !EVP_PKEY_paramgen(pctx, ¶ms)) {
3146 BIO_printf(bio_err, "ECDH EC params init failure.\n");
3147 ERR_print_errors(bio_err);
3151 /* Create the context for the key generation */
3152 kctx = EVP_PKEY_CTX_new(params, NULL);
3154 EVP_PKEY_free(params);
3156 EVP_PKEY_CTX_free(pctx);
3159 if (kctx == NULL || /* keygen ctx is not null */
3160 EVP_PKEY_keygen_init(kctx) <= 0/* init keygen ctx */ ) {
3162 BIO_printf(bio_err, "ECDH keygen failure.\n");
3163 ERR_print_errors(bio_err);
3168 if (EVP_PKEY_keygen(kctx, &key_A) <= 0 || /* generate secret key A */
3169 EVP_PKEY_keygen(kctx, &key_B) <= 0 || /* generate secret key B */
3170 !(ctx = EVP_PKEY_CTX_new(key_A, NULL)) || /* derivation ctx from skeyA */
3171 EVP_PKEY_derive_init(ctx) <= 0 || /* init derivation ctx */
3172 EVP_PKEY_derive_set_peer(ctx, key_B) <= 0 || /* set peer pubkey in ctx */
3173 EVP_PKEY_derive(ctx, NULL, &outlen) <= 0 || /* determine max length */
3174 outlen == 0 || /* ensure outlen is a valid size */
3175 outlen > MAX_ECDH_SIZE /* avoid buffer overflow */ ) {
3177 BIO_printf(bio_err, "ECDH key generation failure.\n");
3178 ERR_print_errors(bio_err);
3183 /* Here we perform a test run, comparing the output of a*B and b*A;
3184 * we try this here and assume that further EVP_PKEY_derive calls
3185 * never fail, so we can skip checks in the actually benchmarked
3186 * code, for maximum performance. */
3187 if (!(test_ctx = EVP_PKEY_CTX_new(key_B, NULL)) || /* test ctx from skeyB */
3188 !EVP_PKEY_derive_init(test_ctx) || /* init derivation test_ctx */
3189 !EVP_PKEY_derive_set_peer(test_ctx, key_A) || /* set peer pubkey in test_ctx */
3190 !EVP_PKEY_derive(test_ctx, NULL, &test_outlen) || /* determine max length */
3191 !EVP_PKEY_derive(ctx, loopargs[i].secret_a, &outlen) || /* compute a*B */
3192 !EVP_PKEY_derive(test_ctx, loopargs[i].secret_b, &test_outlen) || /* compute b*A */
3193 test_outlen != outlen /* compare output length */ ) {
3195 BIO_printf(bio_err, "ECDH computation failure.\n");
3196 ERR_print_errors(bio_err);
3201 /* Compare the computation results: CRYPTO_memcmp() returns 0 if equal */
3202 if (CRYPTO_memcmp(loopargs[i].secret_a,
3203 loopargs[i].secret_b, outlen)) {
3205 BIO_printf(bio_err, "ECDH computations don't match.\n");
3206 ERR_print_errors(bio_err);
3211 loopargs[i].ecdh_ctx[testnum] = ctx;
3212 loopargs[i].outlen[testnum] = outlen;
3214 EVP_PKEY_free(key_A);
3215 EVP_PKEY_free(key_B);
3216 EVP_PKEY_CTX_free(kctx);
3218 EVP_PKEY_CTX_free(test_ctx);
3221 if (ecdh_checks != 0) {
3222 pkey_print_message("", "ecdh",
3224 ec_curves[testnum].bits, seconds.ecdh);
3227 run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs);
3230 mr ? "+R7:%ld:%d:%.2f\n" :
3231 "%ld %u-bits ECDH ops in %.2fs\n", count,
3232 ec_curves[testnum].bits, d);
3233 ecdh_results[testnum][0] = (double)count / d;
3237 if (rsa_count <= 1) {
3238 /* if longer than 10s, don't do any more */
3239 stop_it(ecdh_doit, testnum);
3243 for (testnum = 0; testnum < EdDSA_NUM; testnum++) {
3245 EVP_PKEY *ed_pkey = NULL;
3246 EVP_PKEY_CTX *ed_pctx = NULL;
3248 if (!eddsa_doit[testnum])
3249 continue; /* Ignore Curve */
3250 for (i = 0; i < loopargs_len; i++) {
3251 loopargs[i].eddsa_ctx[testnum] = EVP_MD_CTX_new();
3252 if (loopargs[i].eddsa_ctx[testnum] == NULL) {
3257 if ((ed_pctx = EVP_PKEY_CTX_new_id(ed_curves[testnum].nid, NULL))
3259 || EVP_PKEY_keygen_init(ed_pctx) <= 0
3260 || EVP_PKEY_keygen(ed_pctx, &ed_pkey) <= 0) {
3262 EVP_PKEY_CTX_free(ed_pctx);
3265 EVP_PKEY_CTX_free(ed_pctx);
3267 if (!EVP_DigestSignInit(loopargs[i].eddsa_ctx[testnum], NULL, NULL,
3270 EVP_PKEY_free(ed_pkey);
3273 EVP_PKEY_free(ed_pkey);
3276 BIO_printf(bio_err, "EdDSA failure.\n");
3277 ERR_print_errors(bio_err);
3280 for (i = 0; i < loopargs_len; i++) {
3281 /* Perform EdDSA signature test */
3282 loopargs[i].sigsize = ed_curves[testnum].sigsize;
3283 st = EVP_DigestSign(loopargs[i].eddsa_ctx[testnum],
3284 loopargs[i].buf2, &loopargs[i].sigsize,
3285 loopargs[i].buf, 20);
3291 "EdDSA sign failure. No EdDSA sign will be done.\n");
3292 ERR_print_errors(bio_err);
3295 pkey_print_message("sign", ed_curves[testnum].name,
3296 eddsa_c[testnum][0],
3297 ed_curves[testnum].bits, seconds.eddsa);
3299 count = run_benchmark(async_jobs, EdDSA_sign_loop, loopargs);
3303 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3304 "%ld %u bits %s signs in %.2fs \n",
3305 count, ed_curves[testnum].bits,
3306 ed_curves[testnum].name, d);
3307 eddsa_results[testnum][0] = (double)count / d;
3311 /* Perform EdDSA verification test */
3312 for (i = 0; i < loopargs_len; i++) {
3313 st = EVP_DigestVerify(loopargs[i].eddsa_ctx[testnum],
3314 loopargs[i].buf2, loopargs[i].sigsize,
3315 loopargs[i].buf, 20);
3321 "EdDSA verify failure. No EdDSA verify will be done.\n");
3322 ERR_print_errors(bio_err);
3323 eddsa_doit[testnum] = 0;
3325 pkey_print_message("verify", ed_curves[testnum].name,
3326 eddsa_c[testnum][1],
3327 ed_curves[testnum].bits, seconds.eddsa);
3329 count = run_benchmark(async_jobs, EdDSA_verify_loop, loopargs);
3332 mr ? "+R9:%ld:%u:%s:%.2f\n"
3333 : "%ld %u bits %s verify in %.2fs\n",
3334 count, ed_curves[testnum].bits,
3335 ed_curves[testnum].name, d);
3336 eddsa_results[testnum][1] = (double)count / d;
3339 if (rsa_count <= 1) {
3340 /* if longer than 10s, don't do any more */
3341 stop_it(eddsa_doit, testnum);
3346 # ifndef OPENSSL_NO_SM2
3347 for (testnum = 0; testnum < SM2_NUM; testnum++) {
3349 EVP_PKEY *sm2_pkey = NULL;
3351 if (!sm2_doit[testnum])
3352 continue; /* Ignore Curve */
3353 /* Init signing and verification */
3354 for (i = 0; i < loopargs_len; i++) {
3355 EVP_PKEY_CTX *sm2_pctx = NULL;
3356 EVP_PKEY_CTX *sm2_vfy_pctx = NULL;
3357 EVP_PKEY_CTX *pctx = NULL;
3360 loopargs[i].sm2_ctx[testnum] = EVP_MD_CTX_new();
3361 loopargs[i].sm2_vfy_ctx[testnum] = EVP_MD_CTX_new();
3362 if (loopargs[i].sm2_ctx[testnum] == NULL
3363 || loopargs[i].sm2_vfy_ctx[testnum] == NULL)
3366 /* SM2 keys are generated as normal EC keys with a special curve */
3367 st = !((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) == NULL
3368 || EVP_PKEY_keygen_init(pctx) <= 0
3369 || EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3370 sm2_curves[testnum].nid) <= 0
3371 || EVP_PKEY_keygen(pctx, &sm2_pkey) <= 0);
3372 EVP_PKEY_CTX_free(pctx);
3376 st = 0; /* set back to zero */
3377 /* attach it sooner to rely on main final cleanup */
3378 loopargs[i].sm2_pkey[testnum] = sm2_pkey;
3379 loopargs[i].sigsize = ECDSA_size(EVP_PKEY_get0_EC_KEY(sm2_pkey));
3380 if (!EVP_PKEY_set_alias_type(sm2_pkey, EVP_PKEY_SM2))
3383 sm2_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3384 sm2_vfy_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3385 if (sm2_pctx == NULL || sm2_vfy_pctx == NULL) {
3386 EVP_PKEY_CTX_free(sm2_vfy_pctx);
3389 /* attach them directly to respective ctx */
3390 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_ctx[testnum], sm2_pctx);
3391 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_vfy_ctx[testnum], sm2_vfy_pctx);
3394 * No need to allow user to set an explicit ID here, just use
3395 * the one defined in the 'draft-yang-tls-tl13-sm-suites' I-D.
3397 if (EVP_PKEY_CTX_set1_id(sm2_pctx, SM2_ID, SM2_ID_LEN) != 1
3398 || EVP_PKEY_CTX_set1_id(sm2_vfy_pctx, SM2_ID, SM2_ID_LEN) != 1)
3401 if (!EVP_DigestSignInit(loopargs[i].sm2_ctx[testnum], NULL,
3402 EVP_sm3(), NULL, sm2_pkey))
3404 if (!EVP_DigestVerifyInit(loopargs[i].sm2_vfy_ctx[testnum], NULL,
3405 EVP_sm3(), NULL, sm2_pkey))
3407 st = 1; /* mark loop as succeeded */
3410 BIO_printf(bio_err, "SM2 init failure.\n");
3411 ERR_print_errors(bio_err);
3414 for (i = 0; i < loopargs_len; i++) {
3415 size_t sm2_sigsize = loopargs[i].sigsize;
3417 /* Perform SM2 signature test */
3418 st = EVP_DigestSign(loopargs[i].sm2_ctx[testnum],
3419 loopargs[i].buf2, &sm2_sigsize,
3420 loopargs[i].buf, 20);
3426 "SM2 sign failure. No SM2 sign will be done.\n");
3427 ERR_print_errors(bio_err);
3430 pkey_print_message("sign", sm2_curves[testnum].name,
3432 sm2_curves[testnum].bits, seconds.sm2);
3434 count = run_benchmark(async_jobs, SM2_sign_loop, loopargs);
3438 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3439 "%ld %u bits %s signs in %.2fs \n",
3440 count, sm2_curves[testnum].bits,
3441 sm2_curves[testnum].name, d);
3442 sm2_results[testnum][0] = (double)count / d;
3446 /* Perform SM2 verification test */
3447 for (i = 0; i < loopargs_len; i++) {
3448 st = EVP_DigestVerify(loopargs[i].sm2_vfy_ctx[testnum],
3449 loopargs[i].buf2, loopargs[i].sigsize,
3450 loopargs[i].buf, 20);
3456 "SM2 verify failure. No SM2 verify will be done.\n");
3457 ERR_print_errors(bio_err);
3458 sm2_doit[testnum] = 0;
3460 pkey_print_message("verify", sm2_curves[testnum].name,
3462 sm2_curves[testnum].bits, seconds.sm2);
3464 count = run_benchmark(async_jobs, SM2_verify_loop, loopargs);
3467 mr ? "+R9:%ld:%u:%s:%.2f\n"
3468 : "%ld %u bits %s verify in %.2fs\n",
3469 count, sm2_curves[testnum].bits,
3470 sm2_curves[testnum].name, d);
3471 sm2_results[testnum][1] = (double)count / d;
3474 if (rsa_count <= 1) {
3475 /* if longer than 10s, don't do any more */
3476 for (testnum++; testnum < SM2_NUM; testnum++)
3477 sm2_doit[testnum] = 0;
3481 # endif /* OPENSSL_NO_SM2 */
3483 #endif /* OPENSSL_NO_EC */
3488 printf("version: %s\n", OpenSSL_version(OPENSSL_FULL_VERSION_STRING));
3489 printf("built on: %s\n", OpenSSL_version(OPENSSL_BUILT_ON));
3491 printf("%s ", BN_options());
3492 #if !defined(OPENSSL_NO_MD2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
3493 printf("%s ", MD2_options());
3495 #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
3496 printf("%s ", RC4_options());
3498 #ifndef OPENSSL_NO_DES
3499 printf("%s ", DES_options());
3501 #ifndef OPENSSL_NO_DEPRECATED_3_0
3502 printf("%s ", AES_options());
3504 #ifndef OPENSSL_NO_IDEA
3505 printf("%s ", IDEA_options());
3507 #if !defined(OPENSSL_NO_BF) && !defined(OPENSSL_NO_DEPRECATED_3_0)
3508 printf("%s ", BF_options());
3510 printf("\n%s\n", OpenSSL_version(OPENSSL_CFLAGS));
3511 printf("%s\n", OpenSSL_version(OPENSSL_CPU_INFO));
3519 ("The 'numbers' are in 1000s of bytes per second processed.\n");
3522 for (testnum = 0; testnum < size_num; testnum++)
3523 printf(mr ? ":%d" : "%7d bytes", lengths[testnum]);
3527 for (k = 0; k < ALGOR_NUM; k++) {
3531 printf("+F:%u:%s", k, names[k]);
3533 printf("%-13s", names[k]);
3534 for (testnum = 0; testnum < size_num; testnum++) {
3535 if (results[k][testnum] > 10000 && !mr)
3536 printf(" %11.2fk", results[k][testnum] / 1e3);
3538 printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]);
3542 #ifndef OPENSSL_NO_RSA
3544 for (k = 0; k < RSA_NUM; k++) {
3547 if (testnum && !mr) {
3548 printf("%18ssign verify sign/s verify/s\n", " ");
3552 printf("+F2:%u:%u:%f:%f\n",
3553 k, rsa_keys[k].bits, rsa_results[k][0], rsa_results[k][1]);
3555 printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3556 rsa_keys[k].bits, 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1],
3557 rsa_results[k][0], rsa_results[k][1]);
3560 #ifndef OPENSSL_NO_DSA
3562 for (k = 0; k < DSA_NUM; k++) {
3565 if (testnum && !mr) {
3566 printf("%18ssign verify sign/s verify/s\n", " ");
3570 printf("+F3:%u:%u:%f:%f\n",
3571 k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
3573 printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3574 dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1],
3575 dsa_results[k][0], dsa_results[k][1]);
3578 #ifndef OPENSSL_NO_EC
3580 for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) {
3583 if (testnum && !mr) {
3584 printf("%30ssign verify sign/s verify/s\n", " ");
3589 printf("+F4:%u:%u:%f:%f\n",
3590 k, ec_curves[k].bits,
3591 ecdsa_results[k][0], ecdsa_results[k][1]);
3593 printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3594 ec_curves[k].bits, ec_curves[k].name,
3595 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1],
3596 ecdsa_results[k][0], ecdsa_results[k][1]);
3600 for (k = 0; k < EC_NUM; k++) {
3603 if (testnum && !mr) {
3604 printf("%30sop op/s\n", " ");
3608 printf("+F5:%u:%u:%f:%f\n",
3609 k, ec_curves[k].bits,
3610 ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
3613 printf("%4u bits ecdh (%s) %8.4fs %8.1f\n",
3614 ec_curves[k].bits, ec_curves[k].name,
3615 1.0 / ecdh_results[k][0], ecdh_results[k][0]);
3619 for (k = 0; k < OSSL_NELEM(eddsa_doit); k++) {
3622 if (testnum && !mr) {
3623 printf("%30ssign verify sign/s verify/s\n", " ");
3628 printf("+F6:%u:%u:%s:%f:%f\n",
3629 k, ed_curves[k].bits, ed_curves[k].name,
3630 eddsa_results[k][0], eddsa_results[k][1]);
3632 printf("%4u bits EdDSA (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3633 ed_curves[k].bits, ed_curves[k].name,
3634 1.0 / eddsa_results[k][0], 1.0 / eddsa_results[k][1],
3635 eddsa_results[k][0], eddsa_results[k][1]);
3638 # ifndef OPENSSL_NO_SM2
3640 for (k = 0; k < OSSL_NELEM(sm2_doit); k++) {
3643 if (testnum && !mr) {
3644 printf("%30ssign verify sign/s verify/s\n", " ");
3649 printf("+F6:%u:%u:%s:%f:%f\n",
3650 k, sm2_curves[k].bits, sm2_curves[k].name,
3651 sm2_results[k][0], sm2_results[k][1]);
3653 printf("%4u bits SM2 (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3654 sm2_curves[k].bits, sm2_curves[k].name,
3655 1.0 / sm2_results[k][0], 1.0 / sm2_results[k][1],
3656 sm2_results[k][0], sm2_results[k][1]);
3659 #endif /* OPENSSL_NO_EC */
3664 ERR_print_errors(bio_err);
3665 for (i = 0; i < loopargs_len; i++) {
3666 OPENSSL_free(loopargs[i].buf_malloc);
3667 OPENSSL_free(loopargs[i].buf2_malloc);
3669 #ifndef OPENSSL_NO_RSA
3670 for (k = 0; k < RSA_NUM; k++)
3671 RSA_free(loopargs[i].rsa_key[k]);
3673 #ifndef OPENSSL_NO_DSA
3674 for (k = 0; k < DSA_NUM; k++)
3675 DSA_free(loopargs[i].dsa_key[k]);
3677 #ifndef OPENSSL_NO_EC
3678 for (k = 0; k < ECDSA_NUM; k++)
3679 EC_KEY_free(loopargs[i].ecdsa[k]);
3680 for (k = 0; k < EC_NUM; k++)
3681 EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]);
3682 for (k = 0; k < EdDSA_NUM; k++)
3683 EVP_MD_CTX_free(loopargs[i].eddsa_ctx[k]);
3684 # ifndef OPENSSL_NO_SM2
3685 for (k = 0; k < SM2_NUM; k++) {
3686 EVP_PKEY_CTX *pctx = NULL;
3688 /* free signing ctx */
3689 if (loopargs[i].sm2_ctx[k] != NULL
3690 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_ctx[k])) != NULL)
3691 EVP_PKEY_CTX_free(pctx);
3692 EVP_MD_CTX_free(loopargs[i].sm2_ctx[k]);
3693 /* free verification ctx */
3694 if (loopargs[i].sm2_vfy_ctx[k] != NULL
3695 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_vfy_ctx[k])) != NULL)
3696 EVP_PKEY_CTX_free(pctx);
3697 EVP_MD_CTX_free(loopargs[i].sm2_vfy_ctx[k]);
3699 EVP_PKEY_free(loopargs[i].sm2_pkey[k]);
3702 OPENSSL_free(loopargs[i].secret_a);
3703 OPENSSL_free(loopargs[i].secret_b);
3706 OPENSSL_free(evp_hmac_name);
3707 #ifndef OPENSSL_NO_CMAC
3708 OPENSSL_free(evp_cmac_name);
3711 if (async_jobs > 0) {
3712 for (i = 0; i < loopargs_len; i++)
3713 ASYNC_WAIT_CTX_free(loopargs[i].wait_ctx);
3717 ASYNC_cleanup_thread();
3719 OPENSSL_free(loopargs);
3724 static void print_message(const char *s, long num, int length, int tm)
3728 mr ? "+DT:%s:%d:%d\n"
3729 : "Doing %s for %ds on %d size blocks: ", s, tm, length);
3730 (void)BIO_flush(bio_err);
3735 mr ? "+DN:%s:%ld:%d\n"
3736 : "Doing %s %ld times on %d size blocks: ", s, num, length);
3737 (void)BIO_flush(bio_err);
3741 static void pkey_print_message(const char *str, const char *str2, long num,
3742 unsigned int bits, int tm)
3746 mr ? "+DTP:%d:%s:%s:%d\n"
3747 : "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm);
3748 (void)BIO_flush(bio_err);
3753 mr ? "+DNP:%ld:%d:%s:%s\n"
3754 : "Doing %ld %u bits %s %s's: ", num, bits, str, str2);
3755 (void)BIO_flush(bio_err);
3759 static void print_result(int alg, int run_no, int count, double time_used)
3762 BIO_printf(bio_err, "%s error!\n", names[alg]);
3763 ERR_print_errors(bio_err);
3764 /* exit(1); disable exit until default provider enabled */
3768 mr ? "+R:%d:%s:%f\n"
3769 : "%d %s's in %.2fs\n", count, names[alg], time_used);
3770 results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
3774 static char *sstrsep(char **string, const char *delim)
3777 char *token = *string;
3782 memset(isdelim, 0, sizeof(isdelim));
3786 isdelim[(unsigned char)(*delim)] = 1;
3790 while (!isdelim[(unsigned char)(**string)]) {
3802 static int do_multi(int multi, int size_num)
3807 static char sep[] = ":";
3809 fds = app_malloc(sizeof(*fds) * multi, "fd buffer for do_multi");
3810 for (n = 0; n < multi; ++n) {
3811 if (pipe(fd) == -1) {
3812 BIO_printf(bio_err, "pipe failure\n");
3816 (void)BIO_flush(bio_err);
3823 if (dup(fd[1]) == -1) {
3824 BIO_printf(bio_err, "dup failed\n");
3833 printf("Forked child %d\n", n);
3836 /* for now, assume the pipe is long enough to take all the output */
3837 for (n = 0; n < multi; ++n) {
3842 f = fdopen(fds[n], "r");
3843 while (fgets(buf, sizeof(buf), f)) {
3844 p = strchr(buf, '\n');
3847 if (buf[0] != '+') {
3849 "Don't understand line '%s' from child %d\n", buf,
3853 printf("Got: %s from %d\n", buf, n);
3854 if (strncmp(buf, "+F:", 3) == 0) {
3859 alg = atoi(sstrsep(&p, sep));
3861 for (j = 0; j < size_num; ++j)
3862 results[alg][j] += atof(sstrsep(&p, sep));
3863 } else if (strncmp(buf, "+F2:", 4) == 0) {
3868 k = atoi(sstrsep(&p, sep));
3871 d = atof(sstrsep(&p, sep));
3872 rsa_results[k][0] += d;
3874 d = atof(sstrsep(&p, sep));
3875 rsa_results[k][1] += d;
3877 # ifndef OPENSSL_NO_DSA
3878 else if (strncmp(buf, "+F3:", 4) == 0) {
3883 k = atoi(sstrsep(&p, sep));
3886 d = atof(sstrsep(&p, sep));
3887 dsa_results[k][0] += d;
3889 d = atof(sstrsep(&p, sep));
3890 dsa_results[k][1] += d;
3893 # ifndef OPENSSL_NO_EC
3894 else if (strncmp(buf, "+F4:", 4) == 0) {
3899 k = atoi(sstrsep(&p, sep));
3902 d = atof(sstrsep(&p, sep));
3903 ecdsa_results[k][0] += d;
3905 d = atof(sstrsep(&p, sep));
3906 ecdsa_results[k][1] += d;
3907 } else if (strncmp(buf, "+F5:", 4) == 0) {
3912 k = atoi(sstrsep(&p, sep));
3915 d = atof(sstrsep(&p, sep));
3916 ecdh_results[k][0] += d;
3917 } else if (strncmp(buf, "+F6:", 4) == 0) {
3922 k = atoi(sstrsep(&p, sep));
3926 d = atof(sstrsep(&p, sep));
3927 eddsa_results[k][0] += d;
3929 d = atof(sstrsep(&p, sep));
3930 eddsa_results[k][1] += d;
3932 # ifndef OPENSSL_NO_SM2
3933 else if (strncmp(buf, "+F7:", 4) == 0) {
3938 k = atoi(sstrsep(&p, sep));
3941 d = atof(sstrsep(&p, sep));
3942 sm2_results[k][0] += d;
3944 d = atof(sstrsep(&p, sep));
3945 sm2_results[k][1] += d;
3947 # endif /* OPENSSL_NO_SM2 */
3950 else if (strncmp(buf, "+H:", 3) == 0) {
3953 BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf,
3964 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
3965 const openssl_speed_sec_t *seconds)
3967 static const int mblengths_list[] =
3968 { 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 };
3969 const int *mblengths = mblengths_list;
3970 int j, count, keylen, num = OSSL_NELEM(mblengths_list);
3971 const char *alg_name;
3972 unsigned char *inp, *out, *key, no_key[32], no_iv[16];
3973 EVP_CIPHER_CTX *ctx;
3976 if (lengths_single) {
3977 mblengths = &lengths_single;
3981 inp = app_malloc(mblengths[num - 1], "multiblock input buffer");
3982 out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer");
3983 ctx = EVP_CIPHER_CTX_new();
3984 EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv);
3986 keylen = EVP_CIPHER_CTX_key_length(ctx);
3987 key = app_malloc(keylen, "evp_cipher key");
3988 EVP_CIPHER_CTX_rand_key(ctx, key);
3989 EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
3990 OPENSSL_clear_free(key, keylen);
3992 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key), no_key);
3993 alg_name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
3995 for (j = 0; j < num; j++) {
3996 print_message(alg_name, 0, mblengths[j], seconds->sym);
3998 for (count = 0; run && count < 0x7fffffff; count++) {
3999 unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
4000 EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
4001 size_t len = mblengths[j];
4004 memset(aad, 0, 8); /* avoid uninitialized values */
4005 aad[8] = 23; /* SSL3_RT_APPLICATION_DATA */
4006 aad[9] = 3; /* version */
4008 aad[11] = 0; /* length */
4010 mb_param.out = NULL;
4013 mb_param.interleave = 8;
4015 packlen = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
4016 sizeof(mb_param), &mb_param);
4022 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
4023 sizeof(mb_param), &mb_param);
4027 RAND_bytes(out, 16);
4029 aad[11] = (unsigned char)(len >> 8);
4030 aad[12] = (unsigned char)(len);
4031 pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD,
4032 EVP_AEAD_TLS1_AAD_LEN, aad);
4033 EVP_Cipher(ctx, out, inp, len + pad);
4037 BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n"
4038 : "%d %s's in %.2fs\n", count, "evp", d);
4039 results[D_EVP][j] = ((double)count) / d * mblengths[j];
4043 fprintf(stdout, "+H");
4044 for (j = 0; j < num; j++)
4045 fprintf(stdout, ":%d", mblengths[j]);
4046 fprintf(stdout, "\n");
4047 fprintf(stdout, "+F:%d:%s", D_EVP, alg_name);
4048 for (j = 0; j < num; j++)
4049 fprintf(stdout, ":%.2f", results[D_EVP][j]);
4050 fprintf(stdout, "\n");
4053 "The 'numbers' are in 1000s of bytes per second processed.\n");
4054 fprintf(stdout, "type ");
4055 for (j = 0; j < num; j++)
4056 fprintf(stdout, "%7d bytes", mblengths[j]);
4057 fprintf(stdout, "\n");
4058 fprintf(stdout, "%-24s", alg_name);
4060 for (j = 0; j < num; j++) {
4061 if (results[D_EVP][j] > 10000)
4062 fprintf(stdout, " %11.2fk", results[D_EVP][j] / 1e3);
4064 fprintf(stdout, " %11.2f ", results[D_EVP][j]);
4066 fprintf(stdout, "\n");
4071 EVP_CIPHER_CTX_free(ctx);
projects / openssl.git / blob