2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
13 #define RSA_SECONDS 10
14 #define DSA_SECONDS 10
15 #define ECDSA_SECONDS 10
16 #define ECDH_SECONDS 10
17 #define EdDSA_SECONDS 10
18 #define SM2_SECONDS 10
20 /* We need to use some deprecated APIs */
21 #define OPENSSL_SUPPRESS_DEPRECATED
29 #include <openssl/crypto.h>
30 #include <openssl/rand.h>
31 #include <openssl/err.h>
32 #include <openssl/evp.h>
33 #include <openssl/objects.h>
34 #include <openssl/async.h>
35 #if !defined(OPENSSL_SYS_MSDOS)
43 #include <openssl/bn.h>
44 #ifndef OPENSSL_NO_DES
45 # include <openssl/des.h>
47 #include <openssl/aes.h>
48 #ifndef OPENSSL_NO_CAMELLIA
49 # include <openssl/camellia.h>
51 #ifndef OPENSSL_NO_MD2
52 # include <openssl/md2.h>
54 #ifndef OPENSSL_NO_MDC2
55 # include <openssl/mdc2.h>
57 #ifndef OPENSSL_NO_MD4
58 # include <openssl/md4.h>
60 #ifndef OPENSSL_NO_MD5
61 # include <openssl/md5.h>
63 #include <openssl/hmac.h>
64 #ifndef OPENSSL_NO_CMAC
65 #include <openssl/cmac.h>
67 #include <openssl/sha.h>
68 #ifndef OPENSSL_NO_RMD160
69 # include <openssl/ripemd.h>
71 #ifndef OPENSSL_NO_WHIRLPOOL
72 # include <openssl/whrlpool.h>
74 #ifndef OPENSSL_NO_RC4
75 # include <openssl/rc4.h>
77 #ifndef OPENSSL_NO_RC5
78 # include <openssl/rc5.h>
80 #ifndef OPENSSL_NO_RC2
81 # include <openssl/rc2.h>
83 #ifndef OPENSSL_NO_IDEA
84 # include <openssl/idea.h>
86 #ifndef OPENSSL_NO_SEED
87 # include <openssl/seed.h>
90 # include <openssl/blowfish.h>
92 #ifndef OPENSSL_NO_CAST
93 # include <openssl/cast.h>
95 #ifndef OPENSSL_NO_RSA
96 # include <openssl/rsa.h>
97 # include "./testrsa.h"
99 #include <openssl/x509.h>
100 #ifndef OPENSSL_NO_DSA
101 # include <openssl/dsa.h>
102 # include "./testdsa.h"
104 #ifndef OPENSSL_NO_EC
105 # include <openssl/ec.h>
107 #include <openssl/modes.h>
110 # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS)
123 #define MAX_MISALIGNMENT 63
124 #define MAX_ECDH_SIZE 256
127 typedef struct openssl_speed_sec_st {
135 } openssl_speed_sec_t;
137 static volatile int run = 0;
140 static int usertime = 1;
142 static double Time_F(int s);
143 static void print_message(const char *s, long num, int length, int tm);
144 static void pkey_print_message(const char *str, const char *str2,
145 long num, unsigned int bits, int sec);
146 static void print_result(int alg, int run_no, int count, double time_used);
148 static int do_multi(int multi, int size_num);
151 static const int lengths_list[] = {
152 16, 64, 256, 1024, 8 * 1024, 16 * 1024
154 static const int *lengths = lengths_list;
156 static const int aead_lengths_list[] = {
157 2, 31, 136, 1024, 8 * 1024, 16 * 1024
165 static void alarmed(int sig)
167 signal(SIGALRM, alarmed);
171 static double Time_F(int s)
173 double ret = app_tminterval(s, usertime);
179 #elif defined(_WIN32)
183 static unsigned int lapse;
184 static volatile unsigned int schlock;
185 static void alarm_win32(unsigned int secs)
190 # define alarm alarm_win32
192 static DWORD WINAPI sleepy(VOID * arg)
200 static double Time_F(int s)
207 thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
209 DWORD err = GetLastError();
210 BIO_printf(bio_err, "unable to CreateThread (%lu)", err);
214 Sleep(0); /* scheduler spinlock */
215 ret = app_tminterval(s, usertime);
217 ret = app_tminterval(s, usertime);
219 TerminateThread(thr, 0);
226 static double Time_F(int s)
228 return app_tminterval(s, usertime);
232 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
233 const openssl_speed_sec_t *seconds);
235 #define found(value, pairs, result)\
236 opt_found(value, result, pairs, OSSL_NELEM(pairs))
237 static int opt_found(const char *name, unsigned int *result,
238 const OPT_PAIR pairs[], unsigned int nbelem)
242 for (idx = 0; idx < nbelem; ++idx, pairs++)
243 if (strcmp(name, pairs->name) == 0) {
244 *result = pairs->retval;
250 typedef enum OPTION_choice {
251 OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
252 OPT_ELAPSED, OPT_EVP, OPT_HMAC, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
253 OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM,
254 OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD, OPT_CMAC
257 const OPTIONS speed_options[] = {
258 {OPT_HELP_STR, 1, '-', "Usage: %s [options] [algorithm...]\n"},
260 OPT_SECTION("General"),
261 {"help", OPT_HELP, '-', "Display this summary"},
263 "Enable (tls1>=1) multi-block mode on EVP-named cipher"},
264 {"mr", OPT_MR, '-', "Produce machine readable output"},
266 {"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"},
268 #ifndef OPENSSL_NO_ASYNC
269 {"async_jobs", OPT_ASYNCJOBS, 'p',
270 "Enable async mode and start specified number of jobs"},
272 #ifndef OPENSSL_NO_ENGINE
273 {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
275 {"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"},
277 OPT_SECTION("Selection"),
278 {"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"},
279 {"hmac", OPT_HMAC, 's', "HMAC using EVP-named digest"},
280 #ifndef OPENSSL_NO_CMAC
281 {"cmac", OPT_CMAC, 's', "CMAC using EVP-named cipher"},
283 {"decrypt", OPT_DECRYPT, '-',
284 "Time decryption instead of encryption (only EVP)"},
285 {"aead", OPT_AEAD, '-',
286 "Benchmark EVP-named AEAD cipher in TLS-like sequence"},
288 OPT_SECTION("Timing"),
289 {"elapsed", OPT_ELAPSED, '-',
290 "Use wall-clock time instead of CPU user time as divisor"},
291 {"seconds", OPT_SECONDS, 'p',
292 "Run benchmarks for specified amount of seconds"},
293 {"bytes", OPT_BYTES, 'p',
294 "Run [non-PKI] benchmarks on custom-sized buffer"},
295 {"misalign", OPT_MISALIGN, 'p',
296 "Use specified offset to mis-align buffers"},
301 {"algorithm", 0, 0, "Algorithm(s) to test (optional; otherwise tests all)"},
315 #define D_CBC_IDEA 10
316 #define D_CBC_SEED 11
320 #define D_CBC_CAST 15
321 #define D_CBC_128_AES 16
322 #define D_CBC_192_AES 17
323 #define D_CBC_256_AES 18
324 #define D_CBC_128_CML 19
325 #define D_CBC_192_CML 20
326 #define D_CBC_256_CML 21
330 #define D_WHIRLPOOL 25
331 #define D_IGE_128_AES 26
332 #define D_IGE_192_AES 27
333 #define D_IGE_256_AES 28
336 #define D_EVP_HMAC 31
337 #define D_EVP_CMAC 32
339 /* name of algorithms to test */
340 static const char *names[] = {
341 "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
342 "des cbc", "des ede3", "idea cbc", "seed cbc",
343 "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
344 "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
345 "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
346 "evp", "sha256", "sha512", "whirlpool",
347 "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
348 "rand", "hmac", "cmac"
350 #define ALGOR_NUM OSSL_NELEM(names)
352 /* list of configured algorithm (remaining) */
353 static const OPT_PAIR doit_choices[] = {
354 #ifndef OPENSSL_NO_MD2
357 #ifndef OPENSSL_NO_MDC2
360 #ifndef OPENSSL_NO_MD4
363 #ifndef OPENSSL_NO_MD5
368 {"sha256", D_SHA256},
369 {"sha512", D_SHA512},
370 #ifndef OPENSSL_NO_WHIRLPOOL
371 {"whirlpool", D_WHIRLPOOL},
373 #ifndef OPENSSL_NO_RMD160
374 {"ripemd", D_RMD160},
375 {"rmd160", D_RMD160},
376 {"ripemd160", D_RMD160},
378 #ifndef OPENSSL_NO_RC4
381 #ifndef OPENSSL_NO_DES
382 {"des-cbc", D_CBC_DES},
383 {"des-ede3", D_EDE3_DES},
385 {"aes-128-cbc", D_CBC_128_AES},
386 {"aes-192-cbc", D_CBC_192_AES},
387 {"aes-256-cbc", D_CBC_256_AES},
388 #ifndef OPENSSL_NO_DEPRECATED_3_0
389 {"aes-128-ige", D_IGE_128_AES},
390 {"aes-192-ige", D_IGE_192_AES},
391 {"aes-256-ige", D_IGE_256_AES},
393 #ifndef OPENSSL_NO_RC2
394 {"rc2-cbc", D_CBC_RC2},
397 #ifndef OPENSSL_NO_RC5
398 {"rc5-cbc", D_CBC_RC5},
401 #ifndef OPENSSL_NO_IDEA
402 {"idea-cbc", D_CBC_IDEA},
403 {"idea", D_CBC_IDEA},
405 #ifndef OPENSSL_NO_SEED
406 {"seed-cbc", D_CBC_SEED},
407 {"seed", D_CBC_SEED},
409 #ifndef OPENSSL_NO_BF
410 {"bf-cbc", D_CBC_BF},
411 {"blowfish", D_CBC_BF},
414 #ifndef OPENSSL_NO_CAST
415 {"cast-cbc", D_CBC_CAST},
416 {"cast", D_CBC_CAST},
417 {"cast5", D_CBC_CAST},
423 static double results[ALGOR_NUM][OSSL_NELEM(lengths_list)];
425 #ifndef OPENSSL_NO_DSA
427 # define R_DSA_1024 1
428 # define R_DSA_2048 2
429 static const OPT_PAIR dsa_choices[] = {
430 {"dsa512", R_DSA_512},
431 {"dsa1024", R_DSA_1024},
432 {"dsa2048", R_DSA_2048}
434 # define DSA_NUM OSSL_NELEM(dsa_choices)
436 static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */
437 #endif /* OPENSSL_NO_DSA */
445 #define R_RSA_15360 6
446 #ifndef OPENSSL_NO_RSA
447 static const OPT_PAIR rsa_choices[] = {
448 {"rsa512", R_RSA_512},
449 {"rsa1024", R_RSA_1024},
450 {"rsa2048", R_RSA_2048},
451 {"rsa3072", R_RSA_3072},
452 {"rsa4096", R_RSA_4096},
453 {"rsa7680", R_RSA_7680},
454 {"rsa15360", R_RSA_15360}
456 # define RSA_NUM OSSL_NELEM(rsa_choices)
458 static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */
459 #endif /* OPENSSL_NO_RSA */
468 #ifndef OPENSSL_NO_EC2M
490 #ifndef OPENSSL_NO_EC
491 static OPT_PAIR ecdsa_choices[] = {
492 {"ecdsap160", R_EC_P160},
493 {"ecdsap192", R_EC_P192},
494 {"ecdsap224", R_EC_P224},
495 {"ecdsap256", R_EC_P256},
496 {"ecdsap384", R_EC_P384},
497 {"ecdsap521", R_EC_P521},
498 # ifndef OPENSSL_NO_EC2M
499 {"ecdsak163", R_EC_K163},
500 {"ecdsak233", R_EC_K233},
501 {"ecdsak283", R_EC_K283},
502 {"ecdsak409", R_EC_K409},
503 {"ecdsak571", R_EC_K571},
504 {"ecdsab163", R_EC_B163},
505 {"ecdsab233", R_EC_B233},
506 {"ecdsab283", R_EC_B283},
507 {"ecdsab409", R_EC_B409},
508 {"ecdsab571", R_EC_B571},
510 {"ecdsabrp256r1", R_EC_BRP256R1},
511 {"ecdsabrp256t1", R_EC_BRP256T1},
512 {"ecdsabrp384r1", R_EC_BRP384R1},
513 {"ecdsabrp384t1", R_EC_BRP384T1},
514 {"ecdsabrp512r1", R_EC_BRP512R1},
515 {"ecdsabrp512t1", R_EC_BRP512T1}
517 # define ECDSA_NUM OSSL_NELEM(ecdsa_choices)
519 static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */
521 static const OPT_PAIR ecdh_choices[] = {
522 {"ecdhp160", R_EC_P160},
523 {"ecdhp192", R_EC_P192},
524 {"ecdhp224", R_EC_P224},
525 {"ecdhp256", R_EC_P256},
526 {"ecdhp384", R_EC_P384},
527 {"ecdhp521", R_EC_P521},
528 # ifndef OPENSSL_NO_EC2M
529 {"ecdhk163", R_EC_K163},
530 {"ecdhk233", R_EC_K233},
531 {"ecdhk283", R_EC_K283},
532 {"ecdhk409", R_EC_K409},
533 {"ecdhk571", R_EC_K571},
534 {"ecdhb163", R_EC_B163},
535 {"ecdhb233", R_EC_B233},
536 {"ecdhb283", R_EC_B283},
537 {"ecdhb409", R_EC_B409},
538 {"ecdhb571", R_EC_B571},
540 {"ecdhbrp256r1", R_EC_BRP256R1},
541 {"ecdhbrp256t1", R_EC_BRP256T1},
542 {"ecdhbrp384r1", R_EC_BRP384R1},
543 {"ecdhbrp384t1", R_EC_BRP384T1},
544 {"ecdhbrp512r1", R_EC_BRP512R1},
545 {"ecdhbrp512t1", R_EC_BRP512T1},
546 {"ecdhx25519", R_EC_X25519},
547 {"ecdhx448", R_EC_X448}
549 # define EC_NUM OSSL_NELEM(ecdh_choices)
551 static double ecdh_results[EC_NUM][1]; /* 1 op: derivation */
553 #define R_EC_Ed25519 0
555 static OPT_PAIR eddsa_choices[] = {
556 {"ed25519", R_EC_Ed25519},
557 {"ed448", R_EC_Ed448}
559 # define EdDSA_NUM OSSL_NELEM(eddsa_choices)
561 static double eddsa_results[EdDSA_NUM][2]; /* 2 ops: sign then verify */
563 # ifndef OPENSSL_NO_SM2
564 # define R_EC_CURVESM2 0
565 static OPT_PAIR sm2_choices[] = {
566 {"curveSM2", R_EC_CURVESM2}
568 # define SM2_ID "TLSv1.3+GM+Cipher+Suite"
569 # define SM2_ID_LEN sizeof("TLSv1.3+GM+Cipher+Suite") - 1
570 # define SM2_NUM OSSL_NELEM(sm2_choices)
572 static double sm2_results[SM2_NUM][2]; /* 2 ops: sign then verify */
573 # endif /* OPENSSL_NO_SM2 */
574 #endif /* OPENSSL_NO_EC */
577 # define COND(d) (count < (d))
578 # define COUNT(d) (d)
580 # define COND(unused_cond) (run && count<0x7fffffff)
581 # define COUNT(d) (count)
584 typedef struct loopargs_st {
585 ASYNC_JOB *inprogress_job;
586 ASYNC_WAIT_CTX *wait_ctx;
589 unsigned char *buf_malloc;
590 unsigned char *buf2_malloc;
594 #ifndef OPENSSL_NO_RSA
595 RSA *rsa_key[RSA_NUM];
597 #ifndef OPENSSL_NO_DSA
598 DSA *dsa_key[DSA_NUM];
600 #ifndef OPENSSL_NO_EC
601 EC_KEY *ecdsa[ECDSA_NUM];
602 EVP_PKEY_CTX *ecdh_ctx[EC_NUM];
603 EVP_MD_CTX *eddsa_ctx[EdDSA_NUM];
604 # ifndef OPENSSL_NO_SM2
605 EVP_MD_CTX *sm2_ctx[SM2_NUM];
606 EVP_MD_CTX *sm2_vfy_ctx[SM2_NUM];
607 EVP_PKEY *sm2_pkey[SM2_NUM];
609 unsigned char *secret_a;
610 unsigned char *secret_b;
611 size_t outlen[EC_NUM];
615 #ifndef OPENSSL_NO_CMAC
618 GCM128_CONTEXT *gcm_ctx;
620 static int run_benchmark(int async_jobs, int (*loop_function) (void *),
621 loopargs_t * loopargs);
623 static unsigned int testnum;
625 /* Nb of iterations to do per algorithm and key-size */
626 static long c[ALGOR_NUM][OSSL_NELEM(lengths_list)];
628 #ifndef OPENSSL_NO_MD2
629 static int EVP_Digest_MD2_loop(void *args)
631 loopargs_t *tempargs = *(loopargs_t **) args;
632 unsigned char *buf = tempargs->buf;
633 unsigned char md2[MD2_DIGEST_LENGTH];
636 for (count = 0; COND(c[D_MD2][testnum]); count++) {
637 if (!EVP_Digest(buf, (size_t)lengths[testnum], md2, NULL, EVP_md2(),
645 #ifndef OPENSSL_NO_MDC2
646 static int EVP_Digest_MDC2_loop(void *args)
648 loopargs_t *tempargs = *(loopargs_t **) args;
649 unsigned char *buf = tempargs->buf;
650 unsigned char mdc2[MDC2_DIGEST_LENGTH];
653 for (count = 0; COND(c[D_MDC2][testnum]); count++) {
654 if (!EVP_Digest(buf, (size_t)lengths[testnum], mdc2, NULL, EVP_mdc2(),
662 #ifndef OPENSSL_NO_MD4
663 static int EVP_Digest_MD4_loop(void *args)
665 loopargs_t *tempargs = *(loopargs_t **) args;
666 unsigned char *buf = tempargs->buf;
667 unsigned char md4[MD4_DIGEST_LENGTH];
670 for (count = 0; COND(c[D_MD4][testnum]); count++) {
671 if (!EVP_Digest(buf, (size_t)lengths[testnum], md4, NULL, EVP_md4(),
679 #ifndef OPENSSL_NO_MD5
680 static int MD5_loop(void *args)
682 loopargs_t *tempargs = *(loopargs_t **) args;
683 unsigned char *buf = tempargs->buf;
684 unsigned char md5[MD5_DIGEST_LENGTH];
686 for (count = 0; COND(c[D_MD5][testnum]); count++)
687 MD5(buf, lengths[testnum], md5);
691 static int HMAC_loop(void *args)
693 loopargs_t *tempargs = *(loopargs_t **) args;
694 unsigned char *buf = tempargs->buf;
695 HMAC_CTX *hctx = tempargs->hctx;
696 unsigned char hmac[MD5_DIGEST_LENGTH];
699 for (count = 0; COND(c[D_HMAC][testnum]); count++) {
700 HMAC_Init_ex(hctx, NULL, 0, NULL, NULL);
701 HMAC_Update(hctx, buf, lengths[testnum]);
702 HMAC_Final(hctx, hmac, NULL);
708 static int SHA1_loop(void *args)
710 loopargs_t *tempargs = *(loopargs_t **) args;
711 unsigned char *buf = tempargs->buf;
712 unsigned char sha[SHA_DIGEST_LENGTH];
714 for (count = 0; COND(c[D_SHA1][testnum]); count++)
715 SHA1(buf, lengths[testnum], sha);
719 static int SHA256_loop(void *args)
721 loopargs_t *tempargs = *(loopargs_t **) args;
722 unsigned char *buf = tempargs->buf;
723 unsigned char sha256[SHA256_DIGEST_LENGTH];
725 for (count = 0; COND(c[D_SHA256][testnum]); count++)
726 SHA256(buf, lengths[testnum], sha256);
730 static int SHA512_loop(void *args)
732 loopargs_t *tempargs = *(loopargs_t **) args;
733 unsigned char *buf = tempargs->buf;
734 unsigned char sha512[SHA512_DIGEST_LENGTH];
736 for (count = 0; COND(c[D_SHA512][testnum]); count++)
737 SHA512(buf, lengths[testnum], sha512);
741 #ifndef OPENSSL_NO_WHIRLPOOL
742 static int WHIRLPOOL_loop(void *args)
744 loopargs_t *tempargs = *(loopargs_t **) args;
745 unsigned char *buf = tempargs->buf;
746 unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
748 for (count = 0; COND(c[D_WHIRLPOOL][testnum]); count++)
749 WHIRLPOOL(buf, lengths[testnum], whirlpool);
754 #ifndef OPENSSL_NO_RMD160
755 static int EVP_Digest_RMD160_loop(void *args)
757 loopargs_t *tempargs = *(loopargs_t **) args;
758 unsigned char *buf = tempargs->buf;
759 unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
761 for (count = 0; COND(c[D_RMD160][testnum]); count++) {
762 if (!EVP_Digest(buf, (size_t)lengths[testnum], &(rmd160[0]),
763 NULL, EVP_ripemd160(), NULL))
770 #ifndef OPENSSL_NO_RC4
771 static RC4_KEY rc4_ks;
772 static int RC4_loop(void *args)
774 loopargs_t *tempargs = *(loopargs_t **) args;
775 unsigned char *buf = tempargs->buf;
777 for (count = 0; COND(c[D_RC4][testnum]); count++)
778 RC4(&rc4_ks, (size_t)lengths[testnum], buf, buf);
783 #ifndef OPENSSL_NO_DES
784 static unsigned char DES_iv[8];
785 static DES_key_schedule sch[3];
786 static int DES_ncbc_encrypt_loop(void *args)
788 loopargs_t *tempargs = *(loopargs_t **) args;
789 unsigned char *buf = tempargs->buf;
791 for (count = 0; COND(c[D_CBC_DES][testnum]); count++)
792 DES_ncbc_encrypt(buf, buf, lengths[testnum], &sch[0],
793 &DES_iv, DES_ENCRYPT);
797 static int DES_ede3_cbc_encrypt_loop(void *args)
799 loopargs_t *tempargs = *(loopargs_t **) args;
800 unsigned char *buf = tempargs->buf;
802 for (count = 0; COND(c[D_EDE3_DES][testnum]); count++)
803 DES_ede3_cbc_encrypt(buf, buf, lengths[testnum],
804 &sch[0], &sch[1], &sch[2], &DES_iv, DES_ENCRYPT);
809 #define MAX_BLOCK_SIZE 128
811 static unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
812 static AES_KEY aes_ks1, aes_ks2, aes_ks3;
813 static int AES_cbc_128_encrypt_loop(void *args)
815 loopargs_t *tempargs = *(loopargs_t **) args;
816 unsigned char *buf = tempargs->buf;
818 for (count = 0; COND(c[D_CBC_128_AES][testnum]); count++)
819 AES_cbc_encrypt(buf, buf,
820 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
824 static int AES_cbc_192_encrypt_loop(void *args)
826 loopargs_t *tempargs = *(loopargs_t **) args;
827 unsigned char *buf = tempargs->buf;
829 for (count = 0; COND(c[D_CBC_192_AES][testnum]); count++)
830 AES_cbc_encrypt(buf, buf,
831 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
835 static int AES_cbc_256_encrypt_loop(void *args)
837 loopargs_t *tempargs = *(loopargs_t **) args;
838 unsigned char *buf = tempargs->buf;
840 for (count = 0; COND(c[D_CBC_256_AES][testnum]); count++)
841 AES_cbc_encrypt(buf, buf,
842 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
846 #ifndef OPENSSL_NO_DEPRECATED_3_0
847 static int AES_ige_128_encrypt_loop(void *args)
849 loopargs_t *tempargs = *(loopargs_t **) args;
850 unsigned char *buf = tempargs->buf;
851 unsigned char *buf2 = tempargs->buf2;
853 for (count = 0; COND(c[D_IGE_128_AES][testnum]); count++)
854 AES_ige_encrypt(buf, buf2,
855 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
859 static int AES_ige_192_encrypt_loop(void *args)
861 loopargs_t *tempargs = *(loopargs_t **) args;
862 unsigned char *buf = tempargs->buf;
863 unsigned char *buf2 = tempargs->buf2;
865 for (count = 0; COND(c[D_IGE_192_AES][testnum]); count++)
866 AES_ige_encrypt(buf, buf2,
867 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
871 static int AES_ige_256_encrypt_loop(void *args)
873 loopargs_t *tempargs = *(loopargs_t **) args;
874 unsigned char *buf = tempargs->buf;
875 unsigned char *buf2 = tempargs->buf2;
877 for (count = 0; COND(c[D_IGE_256_AES][testnum]); count++)
878 AES_ige_encrypt(buf, buf2,
879 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
884 static int CRYPTO_gcm128_aad_loop(void *args)
886 loopargs_t *tempargs = *(loopargs_t **) args;
887 unsigned char *buf = tempargs->buf;
888 GCM128_CONTEXT *gcm_ctx = tempargs->gcm_ctx;
890 for (count = 0; COND(c[D_GHASH][testnum]); count++)
891 CRYPTO_gcm128_aad(gcm_ctx, buf, lengths[testnum]);
895 static int RAND_bytes_loop(void *args)
897 loopargs_t *tempargs = *(loopargs_t **) args;
898 unsigned char *buf = tempargs->buf;
901 for (count = 0; COND(c[D_RAND][testnum]); count++)
902 RAND_bytes(buf, lengths[testnum]);
906 static int decrypt = 0;
907 static int EVP_Update_loop(void *args)
909 loopargs_t *tempargs = *(loopargs_t **) args;
910 unsigned char *buf = tempargs->buf;
911 EVP_CIPHER_CTX *ctx = tempargs->ctx;
915 for (count = 0; COND(c[D_EVP][testnum]); count++) {
916 rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
918 /* reset iv in case of counter overflow */
919 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
923 for (count = 0; COND(c[D_EVP][testnum]); count++) {
924 rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
926 /* reset iv in case of counter overflow */
927 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
932 EVP_DecryptFinal_ex(ctx, buf, &outl);
934 EVP_EncryptFinal_ex(ctx, buf, &outl);
939 * CCM does not support streaming. For the purpose of performance measurement,
940 * each message is encrypted using the same (key,iv)-pair. Do not use this
941 * code in your application.
943 static int EVP_Update_loop_ccm(void *args)
945 loopargs_t *tempargs = *(loopargs_t **) args;
946 unsigned char *buf = tempargs->buf;
947 EVP_CIPHER_CTX *ctx = tempargs->ctx;
949 unsigned char tag[12];
952 for (count = 0; COND(c[D_EVP][testnum]); count++) {
953 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), tag);
955 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
956 /* counter is reset on every update */
957 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
960 for (count = 0; COND(c[D_EVP][testnum]); count++) {
961 /* restore iv length field */
962 EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
963 /* counter is reset on every update */
964 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
968 EVP_DecryptFinal_ex(ctx, buf, &outl);
970 EVP_EncryptFinal_ex(ctx, buf, &outl);
975 * To make AEAD benchmarking more relevant perform TLS-like operations,
976 * 13-byte AAD followed by payload. But don't use TLS-formatted AAD, as
977 * payload length is not actually limited by 16KB...
979 static int EVP_Update_loop_aead(void *args)
981 loopargs_t *tempargs = *(loopargs_t **) args;
982 unsigned char *buf = tempargs->buf;
983 EVP_CIPHER_CTX *ctx = tempargs->ctx;
985 unsigned char aad[13] = { 0xcc };
986 unsigned char faketag[16] = { 0xcc };
989 for (count = 0; COND(c[D_EVP][testnum]); count++) {
990 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
991 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
992 sizeof(faketag), faketag);
993 EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
994 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
995 EVP_DecryptFinal_ex(ctx, buf + outl, &outl);
998 for (count = 0; COND(c[D_EVP][testnum]); count++) {
999 EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv);
1000 EVP_EncryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1001 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1002 EVP_EncryptFinal_ex(ctx, buf + outl, &outl);
1008 static const EVP_MD *evp_md = NULL;
1009 static int EVP_Digest_loop(void *args)
1011 loopargs_t *tempargs = *(loopargs_t **) args;
1012 unsigned char *buf = tempargs->buf;
1013 unsigned char md[EVP_MAX_MD_SIZE];
1016 for (count = 0; COND(c[D_EVP][testnum]); count++) {
1017 if (!EVP_Digest(buf, lengths[testnum], md, NULL, evp_md, NULL))
1023 static const EVP_MD *evp_hmac_md = NULL;
1024 static char *evp_hmac_name = NULL;
1025 static int EVP_HMAC_loop(void *args)
1027 loopargs_t *tempargs = *(loopargs_t **) args;
1028 unsigned char *buf = tempargs->buf;
1029 unsigned char no_key[32];
1032 for (count = 0; COND(c[D_EVP_HMAC][testnum]); count++) {
1033 if (HMAC(evp_hmac_md, no_key, sizeof(no_key), buf, lengths[testnum],
1034 NULL, NULL) == NULL)
1040 #ifndef OPENSSL_NO_CMAC
1041 static const EVP_CIPHER *evp_cmac_cipher = NULL;
1042 static char *evp_cmac_name = NULL;
1044 static int EVP_CMAC_loop(void *args)
1046 loopargs_t *tempargs = *(loopargs_t **) args;
1047 unsigned char *buf = tempargs->buf;
1048 CMAC_CTX *cmac_ctx = tempargs->cmac_ctx;
1049 static const char key[16] = "This is a key...";
1050 unsigned char mac[16];
1051 size_t len = sizeof(mac);
1054 for (count = 0; COND(c[D_EVP_CMAC][testnum]); count++) {
1055 if (!CMAC_Init(cmac_ctx, key, sizeof(key), evp_cmac_cipher, NULL)
1056 || !CMAC_Update(cmac_ctx, buf, lengths[testnum])
1057 || !CMAC_Final(cmac_ctx, mac, &len))
1064 #ifndef OPENSSL_NO_RSA
1065 static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */
1067 static int RSA_sign_loop(void *args)
1069 loopargs_t *tempargs = *(loopargs_t **) args;
1070 unsigned char *buf = tempargs->buf;
1071 unsigned char *buf2 = tempargs->buf2;
1072 unsigned int *rsa_num = &tempargs->siglen;
1073 RSA **rsa_key = tempargs->rsa_key;
1075 for (count = 0; COND(rsa_c[testnum][0]); count++) {
1076 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1078 BIO_printf(bio_err, "RSA sign failure\n");
1079 ERR_print_errors(bio_err);
1087 static int RSA_verify_loop(void *args)
1089 loopargs_t *tempargs = *(loopargs_t **) args;
1090 unsigned char *buf = tempargs->buf;
1091 unsigned char *buf2 = tempargs->buf2;
1092 unsigned int rsa_num = tempargs->siglen;
1093 RSA **rsa_key = tempargs->rsa_key;
1095 for (count = 0; COND(rsa_c[testnum][1]); count++) {
1097 RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1099 BIO_printf(bio_err, "RSA verify failure\n");
1100 ERR_print_errors(bio_err);
1109 #ifndef OPENSSL_NO_DSA
1110 static long dsa_c[DSA_NUM][2];
1111 static int DSA_sign_loop(void *args)
1113 loopargs_t *tempargs = *(loopargs_t **) args;
1114 unsigned char *buf = tempargs->buf;
1115 unsigned char *buf2 = tempargs->buf2;
1116 DSA **dsa_key = tempargs->dsa_key;
1117 unsigned int *siglen = &tempargs->siglen;
1119 for (count = 0; COND(dsa_c[testnum][0]); count++) {
1120 ret = DSA_sign(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1122 BIO_printf(bio_err, "DSA sign failure\n");
1123 ERR_print_errors(bio_err);
1131 static int DSA_verify_loop(void *args)
1133 loopargs_t *tempargs = *(loopargs_t **) args;
1134 unsigned char *buf = tempargs->buf;
1135 unsigned char *buf2 = tempargs->buf2;
1136 DSA **dsa_key = tempargs->dsa_key;
1137 unsigned int siglen = tempargs->siglen;
1139 for (count = 0; COND(dsa_c[testnum][1]); count++) {
1140 ret = DSA_verify(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1142 BIO_printf(bio_err, "DSA verify failure\n");
1143 ERR_print_errors(bio_err);
1152 #ifndef OPENSSL_NO_EC
1153 static long ecdsa_c[ECDSA_NUM][2];
1154 static int ECDSA_sign_loop(void *args)
1156 loopargs_t *tempargs = *(loopargs_t **) args;
1157 unsigned char *buf = tempargs->buf;
1158 EC_KEY **ecdsa = tempargs->ecdsa;
1159 unsigned char *ecdsasig = tempargs->buf2;
1160 unsigned int *ecdsasiglen = &tempargs->siglen;
1162 for (count = 0; COND(ecdsa_c[testnum][0]); count++) {
1163 ret = ECDSA_sign(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1165 BIO_printf(bio_err, "ECDSA sign failure\n");
1166 ERR_print_errors(bio_err);
1174 static int ECDSA_verify_loop(void *args)
1176 loopargs_t *tempargs = *(loopargs_t **) args;
1177 unsigned char *buf = tempargs->buf;
1178 EC_KEY **ecdsa = tempargs->ecdsa;
1179 unsigned char *ecdsasig = tempargs->buf2;
1180 unsigned int ecdsasiglen = tempargs->siglen;
1182 for (count = 0; COND(ecdsa_c[testnum][1]); count++) {
1183 ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1185 BIO_printf(bio_err, "ECDSA verify failure\n");
1186 ERR_print_errors(bio_err);
1194 /* ******************************************************************** */
1195 static long ecdh_c[EC_NUM][1];
1197 static int ECDH_EVP_derive_key_loop(void *args)
1199 loopargs_t *tempargs = *(loopargs_t **) args;
1200 EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum];
1201 unsigned char *derived_secret = tempargs->secret_a;
1203 size_t *outlen = &(tempargs->outlen[testnum]);
1205 for (count = 0; COND(ecdh_c[testnum][0]); count++)
1206 EVP_PKEY_derive(ctx, derived_secret, outlen);
1211 static long eddsa_c[EdDSA_NUM][2];
1212 static int EdDSA_sign_loop(void *args)
1214 loopargs_t *tempargs = *(loopargs_t **) args;
1215 unsigned char *buf = tempargs->buf;
1216 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1217 unsigned char *eddsasig = tempargs->buf2;
1218 size_t *eddsasigsize = &tempargs->sigsize;
1221 for (count = 0; COND(eddsa_c[testnum][0]); count++) {
1222 ret = EVP_DigestSign(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1224 BIO_printf(bio_err, "EdDSA sign failure\n");
1225 ERR_print_errors(bio_err);
1233 static int EdDSA_verify_loop(void *args)
1235 loopargs_t *tempargs = *(loopargs_t **) args;
1236 unsigned char *buf = tempargs->buf;
1237 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1238 unsigned char *eddsasig = tempargs->buf2;
1239 size_t eddsasigsize = tempargs->sigsize;
1242 for (count = 0; COND(eddsa_c[testnum][1]); count++) {
1243 ret = EVP_DigestVerify(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1245 BIO_printf(bio_err, "EdDSA verify failure\n");
1246 ERR_print_errors(bio_err);
1254 # ifndef OPENSSL_NO_SM2
1255 static long sm2_c[SM2_NUM][2];
1256 static int SM2_sign_loop(void *args)
1258 loopargs_t *tempargs = *(loopargs_t **) args;
1259 unsigned char *buf = tempargs->buf;
1260 EVP_MD_CTX **sm2ctx = tempargs->sm2_ctx;
1261 unsigned char *sm2sig = tempargs->buf2;
1262 size_t sm2sigsize = tempargs->sigsize;
1263 const size_t max_size = tempargs->sigsize;
1265 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1267 for (count = 0; COND(sm2_c[testnum][0]); count++) {
1268 if (!EVP_DigestSignInit(sm2ctx[testnum], NULL, EVP_sm3(),
1269 NULL, sm2_pkey[testnum])) {
1270 BIO_printf(bio_err, "SM2 init sign failure\n");
1271 ERR_print_errors(bio_err);
1275 ret = EVP_DigestSign(sm2ctx[testnum], sm2sig, &sm2sigsize,
1278 BIO_printf(bio_err, "SM2 sign failure\n");
1279 ERR_print_errors(bio_err);
1283 /* update the latest returned size and always use the fixed buffer size */
1284 tempargs->sigsize = sm2sigsize;
1285 sm2sigsize = max_size;
1291 static int SM2_verify_loop(void *args)
1293 loopargs_t *tempargs = *(loopargs_t **) args;
1294 unsigned char *buf = tempargs->buf;
1295 EVP_MD_CTX **sm2ctx = tempargs->sm2_vfy_ctx;
1296 unsigned char *sm2sig = tempargs->buf2;
1297 size_t sm2sigsize = tempargs->sigsize;
1299 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1301 for (count = 0; COND(sm2_c[testnum][1]); count++) {
1302 if (!EVP_DigestVerifyInit(sm2ctx[testnum], NULL, EVP_sm3(),
1303 NULL, sm2_pkey[testnum])) {
1304 BIO_printf(bio_err, "SM2 verify init failure\n");
1305 ERR_print_errors(bio_err);
1309 ret = EVP_DigestVerify(sm2ctx[testnum], sm2sig, sm2sigsize,
1312 BIO_printf(bio_err, "SM2 verify failure\n");
1313 ERR_print_errors(bio_err);
1320 # endif /* OPENSSL_NO_SM2 */
1321 #endif /* OPENSSL_NO_EC */
1323 static int run_benchmark(int async_jobs,
1324 int (*loop_function) (void *), loopargs_t * loopargs)
1326 int job_op_count = 0;
1327 int total_op_count = 0;
1328 int num_inprogress = 0;
1329 int error = 0, i = 0, ret = 0;
1330 OSSL_ASYNC_FD job_fd = 0;
1331 size_t num_job_fds = 0;
1335 if (async_jobs == 0) {
1336 return loop_function((void *)&loopargs);
1339 for (i = 0; i < async_jobs && !error; i++) {
1340 loopargs_t *looparg_item = loopargs + i;
1342 /* Copy pointer content (looparg_t item address) into async context */
1343 ret = ASYNC_start_job(&loopargs[i].inprogress_job, loopargs[i].wait_ctx,
1344 &job_op_count, loop_function,
1345 (void *)&looparg_item, sizeof(looparg_item));
1351 if (job_op_count == -1) {
1354 total_op_count += job_op_count;
1359 BIO_printf(bio_err, "Failure in the job\n");
1360 ERR_print_errors(bio_err);
1366 while (num_inprogress > 0) {
1367 #if defined(OPENSSL_SYS_WINDOWS)
1369 #elif defined(OPENSSL_SYS_UNIX)
1370 int select_result = 0;
1371 OSSL_ASYNC_FD max_fd = 0;
1374 FD_ZERO(&waitfdset);
1376 for (i = 0; i < async_jobs && num_inprogress > 0; i++) {
1377 if (loopargs[i].inprogress_job == NULL)
1380 if (!ASYNC_WAIT_CTX_get_all_fds
1381 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1382 || num_job_fds > 1) {
1383 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1384 ERR_print_errors(bio_err);
1388 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1390 FD_SET(job_fd, &waitfdset);
1391 if (job_fd > max_fd)
1395 if (max_fd >= (OSSL_ASYNC_FD)FD_SETSIZE) {
1397 "Error: max_fd (%d) must be smaller than FD_SETSIZE (%d). "
1398 "Decrease the value of async_jobs\n",
1399 max_fd, FD_SETSIZE);
1400 ERR_print_errors(bio_err);
1405 select_result = select(max_fd + 1, &waitfdset, NULL, NULL, NULL);
1406 if (select_result == -1 && errno == EINTR)
1409 if (select_result == -1) {
1410 BIO_printf(bio_err, "Failure in the select\n");
1411 ERR_print_errors(bio_err);
1416 if (select_result == 0)
1420 for (i = 0; i < async_jobs; i++) {
1421 if (loopargs[i].inprogress_job == NULL)
1424 if (!ASYNC_WAIT_CTX_get_all_fds
1425 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1426 || num_job_fds > 1) {
1427 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1428 ERR_print_errors(bio_err);
1432 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1435 #if defined(OPENSSL_SYS_UNIX)
1436 if (num_job_fds == 1 && !FD_ISSET(job_fd, &waitfdset))
1438 #elif defined(OPENSSL_SYS_WINDOWS)
1439 if (num_job_fds == 1
1440 && !PeekNamedPipe(job_fd, NULL, 0, NULL, &avail, NULL)
1445 ret = ASYNC_start_job(&loopargs[i].inprogress_job,
1446 loopargs[i].wait_ctx, &job_op_count,
1447 loop_function, (void *)(loopargs + i),
1448 sizeof(loopargs_t));
1453 if (job_op_count == -1) {
1456 total_op_count += job_op_count;
1459 loopargs[i].inprogress_job = NULL;
1464 loopargs[i].inprogress_job = NULL;
1465 BIO_printf(bio_err, "Failure in the job\n");
1466 ERR_print_errors(bio_err);
1473 return error ? -1 : total_op_count;
1476 #define stop_it(do_it, test_num)\
1477 memset(do_it + test_num, 0, OSSL_NELEM(do_it) - test_num);
1479 int speed_main(int argc, char **argv)
1482 loopargs_t *loopargs = NULL;
1484 const char *engine_id = NULL;
1485 const EVP_CIPHER *evp_cipher = NULL;
1488 int async_init = 0, multiblock = 0, pr_header = 0;
1489 uint8_t doit[ALGOR_NUM] = { 0 };
1490 int ret = 1, misalign = 0, lengths_single = 0, aead = 0;
1492 unsigned int size_num = OSSL_NELEM(lengths_list);
1493 unsigned int i, k, loopargs_len = 0, async_jobs = 0;
1499 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) \
1500 || !defined(OPENSSL_NO_EC)
1503 openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS,
1504 ECDSA_SECONDS, ECDH_SECONDS,
1505 EdDSA_SECONDS, SM2_SECONDS };
1507 /* What follows are the buffers and key material. */
1508 #ifndef OPENSSL_NO_RC5
1511 #ifndef OPENSSL_NO_RC2
1514 #ifndef OPENSSL_NO_IDEA
1515 IDEA_KEY_SCHEDULE idea_ks;
1517 #ifndef OPENSSL_NO_SEED
1518 SEED_KEY_SCHEDULE seed_ks;
1520 #ifndef OPENSSL_NO_BF
1523 #ifndef OPENSSL_NO_CAST
1526 static const unsigned char key16[16] = {
1527 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1528 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1530 static const unsigned char key24[24] = {
1531 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1532 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1533 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1535 static const unsigned char key32[32] = {
1536 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1537 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1538 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1539 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1541 #ifndef OPENSSL_NO_CAMELLIA
1542 CAMELLIA_KEY camellia_ks[3];
1544 #ifndef OPENSSL_NO_RSA
1545 static const unsigned int rsa_bits[RSA_NUM] = {
1546 512, 1024, 2048, 3072, 4096, 7680, 15360
1548 static const unsigned char *rsa_data[RSA_NUM] = {
1549 test512, test1024, test2048, test3072, test4096, test7680, test15360
1551 static const int rsa_data_length[RSA_NUM] = {
1552 sizeof(test512), sizeof(test1024),
1553 sizeof(test2048), sizeof(test3072),
1554 sizeof(test4096), sizeof(test7680),
1557 uint8_t rsa_doit[RSA_NUM] = { 0 };
1558 int primes = RSA_DEFAULT_PRIME_NUM;
1560 #ifndef OPENSSL_NO_DSA
1561 static const unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 };
1562 uint8_t dsa_doit[DSA_NUM] = { 0 };
1564 #ifndef OPENSSL_NO_EC
1566 * We only test over the following curves as they are representative, To
1567 * add tests over more curves, simply add the curve NID and curve name to
1568 * the following arrays and increase the |ecdh_choices| list accordingly.
1570 static const struct {
1576 {"secp160r1", NID_secp160r1, 160},
1577 {"nistp192", NID_X9_62_prime192v1, 192},
1578 {"nistp224", NID_secp224r1, 224},
1579 {"nistp256", NID_X9_62_prime256v1, 256},
1580 {"nistp384", NID_secp384r1, 384},
1581 {"nistp521", NID_secp521r1, 521},
1582 # ifndef OPENSSL_NO_EC2M
1584 {"nistk163", NID_sect163k1, 163},
1585 {"nistk233", NID_sect233k1, 233},
1586 {"nistk283", NID_sect283k1, 283},
1587 {"nistk409", NID_sect409k1, 409},
1588 {"nistk571", NID_sect571k1, 571},
1589 {"nistb163", NID_sect163r2, 163},
1590 {"nistb233", NID_sect233r1, 233},
1591 {"nistb283", NID_sect283r1, 283},
1592 {"nistb409", NID_sect409r1, 409},
1593 {"nistb571", NID_sect571r1, 571},
1595 {"brainpoolP256r1", NID_brainpoolP256r1, 256},
1596 {"brainpoolP256t1", NID_brainpoolP256t1, 256},
1597 {"brainpoolP384r1", NID_brainpoolP384r1, 384},
1598 {"brainpoolP384t1", NID_brainpoolP384t1, 384},
1599 {"brainpoolP512r1", NID_brainpoolP512r1, 512},
1600 {"brainpoolP512t1", NID_brainpoolP512t1, 512},
1601 /* Other and ECDH only ones */
1602 {"X25519", NID_X25519, 253},
1603 {"X448", NID_X448, 448}
1605 static const struct {
1610 } test_ed_curves[] = {
1612 {"Ed25519", NID_ED25519, 253, 64},
1613 {"Ed448", NID_ED448, 456, 114}
1615 # ifndef OPENSSL_NO_SM2
1616 static const struct {
1620 } test_sm2_curves[] = {
1622 {"CurveSM2", NID_sm2, 256}
1624 uint8_t sm2_doit[SM2_NUM] = { 0 };
1626 uint8_t ecdsa_doit[ECDSA_NUM] = { 0 };
1627 uint8_t ecdh_doit[EC_NUM] = { 0 };
1628 uint8_t eddsa_doit[EdDSA_NUM] = { 0 };
1629 OPENSSL_assert(OSSL_NELEM(test_curves) >= EC_NUM);
1630 OPENSSL_assert(OSSL_NELEM(test_ed_curves) >= EdDSA_NUM);
1631 # ifndef OPENSSL_NO_SM2
1632 OPENSSL_assert(OSSL_NELEM(test_sm2_curves) >= SM2_NUM);
1634 #endif /* ndef OPENSSL_NO_EC */
1636 prog = opt_init(argc, argv, speed_options);
1637 while ((o = opt_next()) != OPT_EOF) {
1642 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
1645 opt_help(speed_options);
1653 evp_cipher = EVP_get_cipherbyname(opt_arg());
1654 if (evp_cipher == NULL)
1655 evp_md = EVP_get_digestbyname(opt_arg());
1656 if (evp_cipher == NULL && evp_md == NULL) {
1658 "%s: %s is an unknown cipher or digest\n",
1665 evp_hmac_md = EVP_get_digestbyname(opt_arg());
1666 if (evp_hmac_md == NULL) {
1667 BIO_printf(bio_err, "%s: %s is an unknown digest\n",
1671 doit[D_EVP_HMAC] = 1;
1674 #ifndef OPENSSL_NO_CMAC
1675 evp_cmac_cipher = EVP_get_cipherbyname(opt_arg());
1676 if (evp_cmac_cipher == NULL) {
1677 BIO_printf(bio_err, "%s: %s is an unknown cipher\n",
1681 doit[D_EVP_CMAC] = 1;
1689 * In a forked execution, an engine might need to be
1690 * initialised by each child process, not by the parent.
1691 * So store the name here and run setup_engine() later on.
1693 engine_id = opt_arg();
1697 multi = atoi(opt_arg());
1701 #ifndef OPENSSL_NO_ASYNC
1702 async_jobs = atoi(opt_arg());
1703 if (!ASYNC_is_capable()) {
1705 "%s: async_jobs specified but async not supported\n",
1709 if (async_jobs > 99999) {
1710 BIO_printf(bio_err, "%s: too many async_jobs\n", prog);
1716 if (!opt_int(opt_arg(), &misalign))
1718 if (misalign > MISALIGN) {
1720 "%s: Maximum offset is %d\n", prog, MISALIGN);
1729 #ifdef OPENSSL_NO_MULTIBLOCK
1731 "%s: -mb specified but multi-block support is disabled\n",
1741 if (!opt_int(opt_arg(), &primes))
1745 seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa
1746 = seconds.ecdh = seconds.eddsa
1747 = seconds.sm2 = atoi(opt_arg());
1750 lengths_single = atoi(opt_arg());
1751 lengths = &lengths_single;
1759 argc = opt_num_rest();
1762 /* Remaining arguments are algorithms. */
1763 for (; *argv; argv++) {
1764 const char *algo = *argv;
1766 if (found(algo, doit_choices, &i)) {
1770 #ifndef OPENSSL_NO_DES
1771 if (strcmp(algo, "des") == 0) {
1772 doit[D_CBC_DES] = doit[D_EDE3_DES] = 1;
1776 if (strcmp(algo, "sha") == 0) {
1777 doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1;
1780 #ifndef OPENSSL_NO_RSA
1781 if (strcmp(algo, "openssl") == 0) /* just for compatibility */
1783 if (strncmp(algo, "rsa", 3) == 0) {
1784 if (algo[3] == '\0') {
1785 memset(rsa_doit, 1, sizeof(rsa_doit));
1788 if (found(algo, rsa_choices, &i)) {
1794 #ifndef OPENSSL_NO_DSA
1795 if (strncmp(algo, "dsa", 3) == 0) {
1796 if (algo[3] == '\0') {
1797 memset(dsa_doit, 1, sizeof(dsa_doit));
1800 if (found(algo, dsa_choices, &i)) {
1806 if (strcmp(algo, "aes") == 0) {
1807 doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1;
1810 #ifndef OPENSSL_NO_CAMELLIA
1811 if (strcmp(algo, "camellia") == 0) {
1812 doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1;
1816 #ifndef OPENSSL_NO_EC
1817 if (strncmp(algo, "ecdsa", 5) == 0) {
1818 if (algo[5] == '\0') {
1819 memset(ecdsa_doit, 1, sizeof(ecdsa_doit));
1822 if (found(algo, ecdsa_choices, &i)) {
1827 if (strncmp(algo, "ecdh", 4) == 0) {
1828 if (algo[4] == '\0') {
1829 memset(ecdh_doit, 1, sizeof(ecdh_doit));
1832 if (found(algo, ecdh_choices, &i)) {
1837 if (strncmp(algo, "ed", 2) == 0) {
1838 if (strcmp(algo, "eddsa") == 0) {
1839 memset(eddsa_doit, 1, sizeof(eddsa_doit));
1842 if (found(algo, eddsa_choices, &i)) {
1847 # ifndef OPENSSL_NO_SM2
1848 if (strcmp(algo, "sm2") == 0) {
1849 memset(sm2_doit, 1, sizeof(sm2_doit));
1852 if (found(algo, sm2_choices, &i)) {
1858 BIO_printf(bio_err, "%s: Unknown algorithm %s\n", prog, algo);
1864 if (evp_cipher == NULL) {
1865 BIO_printf(bio_err, "-aead can be used only with an AEAD cipher\n");
1867 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1868 EVP_CIPH_FLAG_AEAD_CIPHER)) {
1869 BIO_printf(bio_err, "%s is not an AEAD cipher\n",
1870 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1875 if (evp_cipher == NULL) {
1876 BIO_printf(bio_err,"-mb can be used only with a multi-block"
1877 " capable cipher\n");
1879 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1880 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
1881 BIO_printf(bio_err, "%s is not a multi-block capable\n",
1882 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1884 } else if (async_jobs > 0) {
1885 BIO_printf(bio_err, "Async mode is not supported with -mb");
1890 /* Initialize the job pool if async mode is enabled */
1891 if (async_jobs > 0) {
1892 async_init = ASYNC_init_thread(async_jobs, async_jobs);
1894 BIO_printf(bio_err, "Error creating the ASYNC job pool\n");
1899 loopargs_len = (async_jobs == 0 ? 1 : async_jobs);
1901 app_malloc(loopargs_len * sizeof(loopargs_t), "array of loopargs");
1902 memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));
1904 for (i = 0; i < loopargs_len; i++) {
1905 if (async_jobs > 0) {
1906 loopargs[i].wait_ctx = ASYNC_WAIT_CTX_new();
1907 if (loopargs[i].wait_ctx == NULL) {
1908 BIO_printf(bio_err, "Error creating the ASYNC_WAIT_CTX\n");
1913 buflen = lengths[size_num - 1];
1914 if (buflen < 36) /* size of random vector in RSA benchmark */
1916 buflen += MAX_MISALIGNMENT + 1;
1917 loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
1918 loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");
1919 memset(loopargs[i].buf_malloc, 0, buflen);
1920 memset(loopargs[i].buf2_malloc, 0, buflen);
1922 /* Align the start of buffers on a 64 byte boundary */
1923 loopargs[i].buf = loopargs[i].buf_malloc + misalign;
1924 loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;
1925 #ifndef OPENSSL_NO_EC
1926 loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a");
1927 loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b");
1932 if (multi && do_multi(multi, size_num))
1936 /* Initialize the engine after the fork */
1937 e = setup_engine(engine_id, 0);
1939 /* No parameters; turn on everything. */
1940 if (argc == 0 && !doit[D_EVP] && !doit[D_EVP_HMAC] && !doit[D_EVP_CMAC]) {
1941 memset(doit, 1, sizeof(doit));
1942 doit[D_EVP] = doit[D_EVP_HMAC] = doit[D_EVP_CMAC] = 0;
1943 #ifndef OPENSSL_NO_RSA
1944 memset(rsa_doit, 1, sizeof(rsa_doit));
1946 #ifndef OPENSSL_NO_DSA
1947 memset(dsa_doit, 1, sizeof(dsa_doit));
1949 #ifndef OPENSSL_NO_EC
1950 memset(ecdsa_doit, 1, sizeof(ecdsa_doit));
1951 memset(ecdh_doit, 1, sizeof(ecdh_doit));
1952 memset(eddsa_doit, 1, sizeof(eddsa_doit));
1953 # ifndef OPENSSL_NO_SM2
1954 memset(sm2_doit, 1, sizeof(sm2_doit));
1958 for (i = 0; i < ALGOR_NUM; i++)
1962 if (usertime == 0 && !mr)
1964 "You have chosen to measure elapsed time "
1965 "instead of user CPU time.\n");
1967 #ifndef OPENSSL_NO_RSA
1968 for (i = 0; i < loopargs_len; i++) {
1969 if (primes > RSA_DEFAULT_PRIME_NUM) {
1970 /* for multi-prime RSA, skip this */
1973 for (k = 0; k < RSA_NUM; k++) {
1974 const unsigned char *p;
1977 loopargs[i].rsa_key[k] =
1978 d2i_RSAPrivateKey(NULL, &p, rsa_data_length[k]);
1979 if (loopargs[i].rsa_key[k] == NULL) {
1981 "internal error loading RSA key number %d\n", k);
1987 #ifndef OPENSSL_NO_DSA
1988 for (i = 0; i < loopargs_len; i++) {
1989 loopargs[i].dsa_key[0] = get_dsa(512);
1990 loopargs[i].dsa_key[1] = get_dsa(1024);
1991 loopargs[i].dsa_key[2] = get_dsa(2048);
1994 #ifndef OPENSSL_NO_DES
1995 if (doit[D_CBC_DES] || doit[D_EDE3_DES]) {
1996 static DES_cblock keys[] = {
1997 { 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0 }, /* keys[0] */
1998 { 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12 }, /* keys[1] */
1999 { 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34 } /* keys[3] */
2001 DES_set_key_unchecked(&keys[0], &sch[0]);
2002 DES_set_key_unchecked(&keys[1], &sch[1]);
2003 DES_set_key_unchecked(&keys[2], &sch[2]);
2006 AES_set_encrypt_key(key16, 128, &aes_ks1);
2007 AES_set_encrypt_key(key24, 192, &aes_ks2);
2008 AES_set_encrypt_key(key32, 256, &aes_ks3);
2009 #ifndef OPENSSL_NO_CAMELLIA
2010 if (doit[D_CBC_128_CML] || doit[D_CBC_192_CML] || doit[D_CBC_256_CML]) {
2011 Camellia_set_key(key16, 128, &camellia_ks[0]);
2012 Camellia_set_key(key24, 192, &camellia_ks[1]);
2013 Camellia_set_key(key32, 256, &camellia_ks[2]);
2016 #ifndef OPENSSL_NO_IDEA
2017 if (doit[D_CBC_IDEA])
2018 IDEA_set_encrypt_key(key16, &idea_ks);
2020 #ifndef OPENSSL_NO_SEED
2021 if (doit[D_CBC_SEED])
2022 SEED_set_key(key16, &seed_ks);
2024 #ifndef OPENSSL_NO_RC4
2026 RC4_set_key(&rc4_ks, 16, key16);
2028 #ifndef OPENSSL_NO_RC2
2029 if (doit[D_CBC_RC2])
2030 RC2_set_key(&rc2_ks, 16, key16, 128);
2032 #ifndef OPENSSL_NO_RC5
2033 if (doit[D_CBC_RC5])
2034 if (!RC5_32_set_key(&rc5_ks, 16, key16, 12)) {
2035 BIO_printf(bio_err, "Failed setting RC5 key\n");
2039 #ifndef OPENSSL_NO_BF
2041 BF_set_key(&bf_ks, 16, key16);
2043 #ifndef OPENSSL_NO_CAST
2044 if (doit[D_CBC_CAST])
2045 CAST_set_key(&cast_ks, 16, key16);
2048 # ifndef OPENSSL_NO_DES
2049 BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
2055 for (it = count; it; it--)
2056 DES_ecb_encrypt((DES_cblock *)loopargs[0].buf,
2057 (DES_cblock *)loopargs[0].buf, &sch, DES_ENCRYPT);
2060 c[D_MD2][0] = count / 10;
2061 c[D_MDC2][0] = count / 10;
2062 c[D_MD4][0] = count;
2063 c[D_MD5][0] = count;
2064 c[D_HMAC][0] = count;
2065 c[D_SHA1][0] = count;
2066 c[D_RMD160][0] = count;
2067 c[D_RC4][0] = count * 5;
2068 c[D_CBC_DES][0] = count;
2069 c[D_EDE3_DES][0] = count / 3;
2070 c[D_CBC_IDEA][0] = count;
2071 c[D_CBC_SEED][0] = count;
2072 c[D_CBC_RC2][0] = count;
2073 c[D_CBC_RC5][0] = count;
2074 c[D_CBC_BF][0] = count;
2075 c[D_CBC_CAST][0] = count;
2076 c[D_CBC_128_AES][0] = count;
2077 c[D_CBC_192_AES][0] = count;
2078 c[D_CBC_256_AES][0] = count;
2079 c[D_CBC_128_CML][0] = count;
2080 c[D_CBC_192_CML][0] = count;
2081 c[D_CBC_256_CML][0] = count;
2082 c[D_EVP][0] = count;
2083 c[D_SHA256][0] = count;
2084 c[D_SHA512][0] = count;
2085 c[D_WHIRLPOOL][0] = count;
2086 c[D_IGE_128_AES][0] = count;
2087 c[D_IGE_192_AES][0] = count;
2088 c[D_IGE_256_AES][0] = count;
2089 c[D_GHASH][0] = count;
2090 c[D_RAND][0] = count;
2091 c[D_EVP_HMAC][0] = count;
2092 c[D_EVP_CMAC][0] = count;
2094 for (i = 1; i < size_num; i++) {
2095 long l0 = (long)lengths[0];
2096 long l1 = (long)lengths[i];
2098 c[D_MD2][i] = c[D_MD2][0] * 4 * l0 / l1;
2099 c[D_MDC2][i] = c[D_MDC2][0] * 4 * l0 / l1;
2100 c[D_MD4][i] = c[D_MD4][0] * 4 * l0 / l1;
2101 c[D_MD5][i] = c[D_MD5][0] * 4 * l0 / l1;
2102 c[D_HMAC][i] = c[D_HMAC][0] * 4 * l0 / l1;
2103 c[D_SHA1][i] = c[D_SHA1][0] * 4 * l0 / l1;
2104 c[D_RMD160][i] = c[D_RMD160][0] * 4 * l0 / l1;
2105 c[D_EVP][i] = = c[D_EVP][0] * 4 * l0 / l1;
2106 c[D_SHA256][i] = c[D_SHA256][0] * 4 * l0 / l1;
2107 c[D_SHA512][i] = c[D_SHA512][0] * 4 * l0 / l1;
2108 c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * l0 / l1;
2109 c[D_GHASH][i] = c[D_GHASH][0] * 4 * l0 / l1;
2110 c[D_RAND][i] = c[D_RAND][0] * 4 * l0 / l1;
2111 c[D_EVP_HMAC][i] = = c[D_EVP_HMAC][0] * 4 * l0 / l1;
2112 c[D_EVP_CMAC][i] = = c[D_EVP_CMAC][0] * 4 * l0 / l1;
2114 l0 = (long)lengths[i - 1];
2116 c[D_RC4][i] = c[D_RC4][i - 1] * l0 / l1;
2117 c[D_CBC_DES][i] = c[D_CBC_DES][i - 1] * l0 / l1;
2118 c[D_EDE3_DES][i] = c[D_EDE3_DES][i - 1] * l0 / l1;
2119 c[D_CBC_IDEA][i] = c[D_CBC_IDEA][i - 1] * l0 / l1;
2120 c[D_CBC_SEED][i] = c[D_CBC_SEED][i - 1] * l0 / l1;
2121 c[D_CBC_RC2][i] = c[D_CBC_RC2][i - 1] * l0 / l1;
2122 c[D_CBC_RC5][i] = c[D_CBC_RC5][i - 1] * l0 / l1;
2123 c[D_CBC_BF][i] = c[D_CBC_BF][i - 1] * l0 / l1;
2124 c[D_CBC_CAST][i] = c[D_CBC_CAST][i - 1] * l0 / l1;
2125 c[D_CBC_128_AES][i] = c[D_CBC_128_AES][i - 1] * l0 / l1;
2126 c[D_CBC_192_AES][i] = c[D_CBC_192_AES][i - 1] * l0 / l1;
2127 c[D_CBC_256_AES][i] = c[D_CBC_256_AES][i - 1] * l0 / l1;
2128 c[D_CBC_128_CML][i] = c[D_CBC_128_CML][i - 1] * l0 / l1;
2129 c[D_CBC_192_CML][i] = c[D_CBC_192_CML][i - 1] * l0 / l1;
2130 c[D_CBC_256_CML][i] = c[D_CBC_256_CML][i - 1] * l0 / l1;
2131 c[D_IGE_128_AES][i] = c[D_IGE_128_AES][i - 1] * l0 / l1;
2132 c[D_IGE_192_AES][i] = c[D_IGE_192_AES][i - 1] * l0 / l1;
2133 c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
2136 # ifndef OPENSSL_NO_RSA
2137 rsa_c[R_RSA_512][0] = count / 2000;
2138 rsa_c[R_RSA_512][1] = count / 400;
2139 for (i = 1; i < RSA_NUM; i++) {
2140 rsa_c[i][0] = rsa_c[i - 1][0] / 8;
2141 rsa_c[i][1] = rsa_c[i - 1][1] / 4;
2142 if (rsa_doit[i] <= 1 && rsa_c[i][0] == 0)
2145 if (rsa_c[i][0] == 0) {
2146 rsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2153 # ifndef OPENSSL_NO_DSA
2154 dsa_c[R_DSA_512][0] = count / 1000;
2155 dsa_c[R_DSA_512][1] = count / 1000 / 2;
2156 for (i = 1; i < DSA_NUM; i++) {
2157 dsa_c[i][0] = dsa_c[i - 1][0] / 4;
2158 dsa_c[i][1] = dsa_c[i - 1][1] / 4;
2159 if (dsa_doit[i] <= 1 && dsa_c[i][0] == 0)
2162 if (dsa_c[i][0] == 0) {
2163 dsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2170 # ifndef OPENSSL_NO_EC
2171 ecdsa_c[R_EC_P160][0] = count / 1000;
2172 ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
2173 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2174 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2175 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2176 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2179 if (ecdsa_c[i][0] == 0) {
2185 # ifndef OPENSSL_NO_EC2M
2186 ecdsa_c[R_EC_K163][0] = count / 1000;
2187 ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
2188 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2189 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2190 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2191 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2194 if (ecdsa_c[i][0] == 0) {
2200 ecdsa_c[R_EC_B163][0] = count / 1000;
2201 ecdsa_c[R_EC_B163][1] = count / 1000 / 2;
2202 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2203 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2204 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2205 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2208 if (ecdsa_c[i][0] == 0) {
2216 ecdh_c[R_EC_P160][0] = count / 1000;
2217 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2218 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2219 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2222 if (ecdh_c[i][0] == 0) {
2227 # ifndef OPENSSL_NO_EC2M
2228 ecdh_c[R_EC_K163][0] = count / 1000;
2229 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2230 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2231 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2234 if (ecdh_c[i][0] == 0) {
2239 ecdh_c[R_EC_B163][0] = count / 1000;
2240 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2241 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2242 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2245 if (ecdh_c[i][0] == 0) {
2251 /* repeated code good to factorize */
2252 ecdh_c[R_EC_BRP256R1][0] = count / 1000;
2253 for (i = R_EC_BRP384R1; i <= R_EC_BRP512R1; i += 2) {
2254 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2255 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2258 if (ecdh_c[i][0] == 0) {
2263 ecdh_c[R_EC_BRP256T1][0] = count / 1000;
2264 for (i = R_EC_BRP384T1; i <= R_EC_BRP512T1; i += 2) {
2265 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2266 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2269 if (ecdh_c[i][0] == 0) {
2274 /* default iteration count for the last two EC Curves */
2275 ecdh_c[R_EC_X25519][0] = count / 1800;
2276 ecdh_c[R_EC_X448][0] = count / 7200;
2278 eddsa_c[R_EC_Ed25519][0] = count / 1800;
2279 eddsa_c[R_EC_Ed448][0] = count / 7200;
2281 # ifndef OPENSSL_NO_SM2
2282 sm2_c[R_EC_SM2P256][0] = count / 1800;
2287 /* not worth fixing */
2288 # error "You cannot disable DES on systems without SIGALRM."
2289 # endif /* OPENSSL_NO_DES */
2291 signal(SIGALRM, alarmed);
2292 #endif /* SIGALRM */
2294 #ifndef OPENSSL_NO_MD2
2296 for (testnum = 0; testnum < size_num; testnum++) {
2297 print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum],
2300 count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs);
2302 print_result(D_MD2, testnum, count, d);
2306 #ifndef OPENSSL_NO_MDC2
2308 for (testnum = 0; testnum < size_num; testnum++) {
2309 print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum],
2312 count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs);
2314 print_result(D_MDC2, testnum, count, d);
2321 #ifndef OPENSSL_NO_MD4
2323 for (testnum = 0; testnum < size_num; testnum++) {
2324 print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum],
2327 count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs);
2329 print_result(D_MD4, testnum, count, d);
2336 #ifndef OPENSSL_NO_MD5
2338 for (testnum = 0; testnum < size_num; testnum++) {
2339 print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum],
2342 count = run_benchmark(async_jobs, MD5_loop, loopargs);
2344 print_result(D_MD5, testnum, count, d);
2349 static const char hmac_key[] = "This is a key...";
2350 int len = strlen(hmac_key);
2352 for (i = 0; i < loopargs_len; i++) {
2353 loopargs[i].hctx = HMAC_CTX_new();
2354 if (loopargs[i].hctx == NULL) {
2355 BIO_printf(bio_err, "HMAC malloc failure, exiting...");
2359 HMAC_Init_ex(loopargs[i].hctx, hmac_key, len, EVP_md5(), NULL);
2361 for (testnum = 0; testnum < size_num; testnum++) {
2362 print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum],
2365 count = run_benchmark(async_jobs, HMAC_loop, loopargs);
2367 print_result(D_HMAC, testnum, count, d);
2369 for (i = 0; i < loopargs_len; i++)
2370 HMAC_CTX_free(loopargs[i].hctx);
2374 for (testnum = 0; testnum < size_num; testnum++) {
2375 print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum],
2378 count = run_benchmark(async_jobs, SHA1_loop, loopargs);
2380 print_result(D_SHA1, testnum, count, d);
2383 if (doit[D_SHA256]) {
2384 for (testnum = 0; testnum < size_num; testnum++) {
2385 print_message(names[D_SHA256], c[D_SHA256][testnum],
2386 lengths[testnum], seconds.sym);
2388 count = run_benchmark(async_jobs, SHA256_loop, loopargs);
2390 print_result(D_SHA256, testnum, count, d);
2393 if (doit[D_SHA512]) {
2394 for (testnum = 0; testnum < size_num; testnum++) {
2395 print_message(names[D_SHA512], c[D_SHA512][testnum],
2396 lengths[testnum], seconds.sym);
2398 count = run_benchmark(async_jobs, SHA512_loop, loopargs);
2400 print_result(D_SHA512, testnum, count, d);
2403 #ifndef OPENSSL_NO_WHIRLPOOL
2404 if (doit[D_WHIRLPOOL]) {
2405 for (testnum = 0; testnum < size_num; testnum++) {
2406 print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][testnum],
2407 lengths[testnum], seconds.sym);
2409 count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs);
2411 print_result(D_WHIRLPOOL, testnum, count, d);
2416 #ifndef OPENSSL_NO_RMD160
2417 if (doit[D_RMD160]) {
2418 for (testnum = 0; testnum < size_num; testnum++) {
2419 print_message(names[D_RMD160], c[D_RMD160][testnum],
2420 lengths[testnum], seconds.sym);
2422 count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs);
2424 print_result(D_RMD160, testnum, count, d);
2430 #ifndef OPENSSL_NO_RC4
2432 for (testnum = 0; testnum < size_num; testnum++) {
2433 print_message(names[D_RC4], c[D_RC4][testnum], lengths[testnum],
2436 count = run_benchmark(async_jobs, RC4_loop, loopargs);
2438 print_result(D_RC4, testnum, count, d);
2442 #ifndef OPENSSL_NO_DES
2443 if (doit[D_CBC_DES]) {
2444 for (testnum = 0; testnum < size_num; testnum++) {
2445 print_message(names[D_CBC_DES], c[D_CBC_DES][testnum],
2446 lengths[testnum], seconds.sym);
2448 count = run_benchmark(async_jobs, DES_ncbc_encrypt_loop, loopargs);
2450 print_result(D_CBC_DES, testnum, count, d);
2454 if (doit[D_EDE3_DES]) {
2455 for (testnum = 0; testnum < size_num; testnum++) {
2456 print_message(names[D_EDE3_DES], c[D_EDE3_DES][testnum],
2457 lengths[testnum], seconds.sym);
2460 run_benchmark(async_jobs, DES_ede3_cbc_encrypt_loop, loopargs);
2462 print_result(D_EDE3_DES, testnum, count, d);
2467 if (doit[D_CBC_128_AES]) {
2468 for (testnum = 0; testnum < size_num; testnum++) {
2469 print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][testnum],
2470 lengths[testnum], seconds.sym);
2473 run_benchmark(async_jobs, AES_cbc_128_encrypt_loop, loopargs);
2475 print_result(D_CBC_128_AES, testnum, count, d);
2478 if (doit[D_CBC_192_AES]) {
2479 for (testnum = 0; testnum < size_num; testnum++) {
2480 print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][testnum],
2481 lengths[testnum], seconds.sym);
2484 run_benchmark(async_jobs, AES_cbc_192_encrypt_loop, loopargs);
2486 print_result(D_CBC_192_AES, testnum, count, d);
2489 if (doit[D_CBC_256_AES]) {
2490 for (testnum = 0; testnum < size_num; testnum++) {
2491 print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][testnum],
2492 lengths[testnum], seconds.sym);
2495 run_benchmark(async_jobs, AES_cbc_256_encrypt_loop, loopargs);
2497 print_result(D_CBC_256_AES, testnum, count, d);
2501 #ifndef OPENSSL_NO_DEPRECATED_3_0
2502 if (doit[D_IGE_128_AES]) {
2503 for (testnum = 0; testnum < size_num; testnum++) {
2504 print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][testnum],
2505 lengths[testnum], seconds.sym);
2508 run_benchmark(async_jobs, AES_ige_128_encrypt_loop, loopargs);
2510 print_result(D_IGE_128_AES, testnum, count, d);
2513 if (doit[D_IGE_192_AES]) {
2514 for (testnum = 0; testnum < size_num; testnum++) {
2515 print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][testnum],
2516 lengths[testnum], seconds.sym);
2519 run_benchmark(async_jobs, AES_ige_192_encrypt_loop, loopargs);
2521 print_result(D_IGE_192_AES, testnum, count, d);
2524 if (doit[D_IGE_256_AES]) {
2525 for (testnum = 0; testnum < size_num; testnum++) {
2526 print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][testnum],
2527 lengths[testnum], seconds.sym);
2530 run_benchmark(async_jobs, AES_ige_256_encrypt_loop, loopargs);
2532 print_result(D_IGE_256_AES, testnum, count, d);
2536 if (doit[D_GHASH]) {
2537 for (i = 0; i < loopargs_len; i++) {
2538 loopargs[i].gcm_ctx =
2539 CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
2540 CRYPTO_gcm128_setiv(loopargs[i].gcm_ctx,
2541 (unsigned char *)"0123456789ab", 12);
2544 for (testnum = 0; testnum < size_num; testnum++) {
2545 print_message(names[D_GHASH], c[D_GHASH][testnum],
2546 lengths[testnum], seconds.sym);
2548 count = run_benchmark(async_jobs, CRYPTO_gcm128_aad_loop, loopargs);
2550 print_result(D_GHASH, testnum, count, d);
2552 for (i = 0; i < loopargs_len; i++)
2553 CRYPTO_gcm128_release(loopargs[i].gcm_ctx);
2555 #ifndef OPENSSL_NO_CAMELLIA
2556 if (doit[D_CBC_128_CML]) {
2557 if (async_jobs > 0) {
2558 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2559 names[D_CBC_128_CML]);
2560 doit[D_CBC_128_CML] = 0;
2562 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2563 print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][testnum],
2564 lengths[testnum], seconds.sym);
2566 for (count = 0, run = 1; COND(c[D_CBC_128_CML][testnum]); count++)
2567 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2568 (size_t)lengths[testnum], &camellia_ks[0],
2569 iv, CAMELLIA_ENCRYPT);
2571 print_result(D_CBC_128_CML, testnum, count, d);
2574 if (doit[D_CBC_192_CML]) {
2575 if (async_jobs > 0) {
2576 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2577 names[D_CBC_192_CML]);
2578 doit[D_CBC_192_CML] = 0;
2580 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2581 print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][testnum],
2582 lengths[testnum], seconds.sym);
2583 if (async_jobs > 0) {
2584 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2588 for (count = 0, run = 1; COND(c[D_CBC_192_CML][testnum]); count++)
2589 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2590 (size_t)lengths[testnum], &camellia_ks[1],
2591 iv, CAMELLIA_ENCRYPT);
2593 print_result(D_CBC_192_CML, testnum, count, d);
2596 if (doit[D_CBC_256_CML]) {
2597 if (async_jobs > 0) {
2598 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2599 names[D_CBC_256_CML]);
2600 doit[D_CBC_256_CML] = 0;
2602 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2603 print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][testnum],
2604 lengths[testnum], seconds.sym);
2606 for (count = 0, run = 1; COND(c[D_CBC_256_CML][testnum]); count++)
2607 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2608 (size_t)lengths[testnum], &camellia_ks[2],
2609 iv, CAMELLIA_ENCRYPT);
2611 print_result(D_CBC_256_CML, testnum, count, d);
2615 #ifndef OPENSSL_NO_IDEA
2616 if (doit[D_CBC_IDEA]) {
2617 if (async_jobs > 0) {
2618 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2620 doit[D_CBC_IDEA] = 0;
2622 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2623 print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][testnum],
2624 lengths[testnum], seconds.sym);
2626 for (count = 0, run = 1; COND(c[D_CBC_IDEA][testnum]); count++)
2627 IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2628 (size_t)lengths[testnum], &idea_ks,
2631 print_result(D_CBC_IDEA, testnum, count, d);
2635 #ifndef OPENSSL_NO_SEED
2636 if (doit[D_CBC_SEED]) {
2637 if (async_jobs > 0) {
2638 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2640 doit[D_CBC_SEED] = 0;
2642 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2643 print_message(names[D_CBC_SEED], c[D_CBC_SEED][testnum],
2644 lengths[testnum], seconds.sym);
2646 for (count = 0, run = 1; COND(c[D_CBC_SEED][testnum]); count++)
2647 SEED_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2648 (size_t)lengths[testnum], &seed_ks, iv, 1);
2650 print_result(D_CBC_SEED, testnum, count, d);
2654 #ifndef OPENSSL_NO_RC2
2655 if (doit[D_CBC_RC2]) {
2656 if (async_jobs > 0) {
2657 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2659 doit[D_CBC_RC2] = 0;
2661 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2662 print_message(names[D_CBC_RC2], c[D_CBC_RC2][testnum],
2663 lengths[testnum], seconds.sym);
2664 if (async_jobs > 0) {
2665 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2669 for (count = 0, run = 1; COND(c[D_CBC_RC2][testnum]); count++)
2670 RC2_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2671 (size_t)lengths[testnum], &rc2_ks,
2674 print_result(D_CBC_RC2, testnum, count, d);
2678 #ifndef OPENSSL_NO_RC5
2679 if (doit[D_CBC_RC5]) {
2680 if (async_jobs > 0) {
2681 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2683 doit[D_CBC_RC5] = 0;
2685 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2686 print_message(names[D_CBC_RC5], c[D_CBC_RC5][testnum],
2687 lengths[testnum], seconds.sym);
2688 if (async_jobs > 0) {
2689 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2693 for (count = 0, run = 1; COND(c[D_CBC_RC5][testnum]); count++)
2694 RC5_32_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2695 (size_t)lengths[testnum], &rc5_ks,
2698 print_result(D_CBC_RC5, testnum, count, d);
2702 #ifndef OPENSSL_NO_BF
2703 if (doit[D_CBC_BF]) {
2704 if (async_jobs > 0) {
2705 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2709 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2710 print_message(names[D_CBC_BF], c[D_CBC_BF][testnum],
2711 lengths[testnum], seconds.sym);
2713 for (count = 0, run = 1; COND(c[D_CBC_BF][testnum]); count++)
2714 BF_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2715 (size_t)lengths[testnum], &bf_ks,
2718 print_result(D_CBC_BF, testnum, count, d);
2722 #ifndef OPENSSL_NO_CAST
2723 if (doit[D_CBC_CAST]) {
2724 if (async_jobs > 0) {
2725 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2727 doit[D_CBC_CAST] = 0;
2729 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2730 print_message(names[D_CBC_CAST], c[D_CBC_CAST][testnum],
2731 lengths[testnum], seconds.sym);
2733 for (count = 0, run = 1; COND(c[D_CBC_CAST][testnum]); count++)
2734 CAST_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2735 (size_t)lengths[testnum], &cast_ks,
2738 print_result(D_CBC_CAST, testnum, count, d);
2743 for (testnum = 0; testnum < size_num; testnum++) {
2744 print_message(names[D_RAND], c[D_RAND][testnum], lengths[testnum],
2747 count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs);
2749 print_result(D_RAND, testnum, count, d);
2754 if (evp_cipher != NULL) {
2755 int (*loopfunc) (void *) = EVP_Update_loop;
2757 if (multiblock && (EVP_CIPHER_flags(evp_cipher) &
2758 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
2759 multiblock_speed(evp_cipher, lengths_single, &seconds);
2764 names[D_EVP] = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
2766 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_CCM_MODE) {
2767 loopfunc = EVP_Update_loop_ccm;
2768 } else if (aead && (EVP_CIPHER_flags(evp_cipher) &
2769 EVP_CIPH_FLAG_AEAD_CIPHER)) {
2770 loopfunc = EVP_Update_loop_aead;
2771 if (lengths == lengths_list) {
2772 lengths = aead_lengths_list;
2773 size_num = OSSL_NELEM(aead_lengths_list);
2777 for (testnum = 0; testnum < size_num; testnum++) {
2778 print_message(names[D_EVP], c[D_EVP][testnum], lengths[testnum],
2781 for (k = 0; k < loopargs_len; k++) {
2782 loopargs[k].ctx = EVP_CIPHER_CTX_new();
2783 if (loopargs[k].ctx == NULL) {
2784 BIO_printf(bio_err, "\nEVP_CIPHER_CTX_new failure\n");
2787 if (!EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL,
2788 NULL, iv, decrypt ? 0 : 1)) {
2789 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2790 ERR_print_errors(bio_err);
2794 EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
2796 keylen = EVP_CIPHER_CTX_key_length(loopargs[k].ctx);
2797 loopargs[k].key = app_malloc(keylen, "evp_cipher key");
2798 EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key);
2799 if (!EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
2800 loopargs[k].key, NULL, -1)) {
2801 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2802 ERR_print_errors(bio_err);
2805 OPENSSL_clear_free(loopargs[k].key, keylen);
2807 /* SIV mode only allows for a single Update operation */
2808 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_SIV_MODE)
2809 EVP_CIPHER_CTX_ctrl(loopargs[k].ctx, EVP_CTRL_SET_SPEED, 1, NULL);
2813 count = run_benchmark(async_jobs, loopfunc, loopargs);
2815 for (k = 0; k < loopargs_len; k++) {
2816 EVP_CIPHER_CTX_free(loopargs[k].ctx);
2818 print_result(D_EVP, testnum, count, d);
2820 } else if (evp_md != NULL) {
2821 names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md));
2823 for (testnum = 0; testnum < size_num; testnum++) {
2824 print_message(names[D_EVP], c[D_EVP][testnum], lengths[testnum],
2827 count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs);
2829 print_result(D_EVP, testnum, count, d);
2834 if (doit[D_EVP_HMAC] && evp_hmac_md != NULL) {
2835 const char *md_name = OBJ_nid2ln(EVP_MD_type(evp_hmac_md));
2836 evp_hmac_name = app_malloc(sizeof("HMAC()") + strlen(md_name),
2838 sprintf(evp_hmac_name, "HMAC(%s)", md_name);
2839 names[D_EVP_HMAC] = evp_hmac_name;
2841 for (testnum = 0; testnum < size_num; testnum++) {
2842 print_message(names[D_EVP_HMAC], c[D_EVP_HMAC][testnum], lengths[testnum],
2845 count = run_benchmark(async_jobs, EVP_HMAC_loop, loopargs);
2847 print_result(D_EVP_HMAC, testnum, count, d);
2851 #ifndef OPENSSL_NO_CMAC
2852 if (doit[D_EVP_CMAC] && evp_cmac_cipher != NULL) {
2853 const char *cipher_name = OBJ_nid2ln(EVP_CIPHER_type(evp_cmac_cipher));
2855 evp_cmac_name = app_malloc(sizeof("CMAC()") + strlen(cipher_name),
2857 sprintf(evp_cmac_name, "CMAC(%s)", cipher_name);
2858 names[D_EVP_CMAC] = evp_cmac_name;
2860 for (i = 0; i < loopargs_len; i++) {
2861 loopargs[i].cmac_ctx = CMAC_CTX_new();
2862 if (loopargs[i].cmac_ctx == NULL) {
2863 BIO_printf(bio_err, "CMAC malloc failure, exiting...");
2867 for (testnum = 0; testnum < size_num; testnum++) {
2868 print_message(names[D_EVP_CMAC], c[D_EVP_CMAC][testnum], lengths[testnum],
2871 count = run_benchmark(async_jobs, EVP_CMAC_loop, loopargs);
2873 print_result(D_EVP_CMAC, testnum, count, d);
2875 for (i = 0; i < loopargs_len; i++)
2876 CMAC_CTX_free(loopargs[i].cmac_ctx);
2880 for (i = 0; i < loopargs_len; i++)
2881 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2884 #ifndef OPENSSL_NO_RSA
2885 for (testnum = 0; testnum < RSA_NUM; testnum++) {
2887 if (!rsa_doit[testnum])
2889 for (i = 0; i < loopargs_len; i++) {
2891 /* we haven't set keys yet, generate multi-prime RSA keys */
2892 BIGNUM *bn = BN_new();
2896 if (!BN_set_word(bn, RSA_F4)) {
2901 BIO_printf(bio_err, "Generate multi-prime RSA key for %s\n",
2902 rsa_choices[testnum].name);
2904 loopargs[i].rsa_key[testnum] = RSA_new();
2905 if (loopargs[i].rsa_key[testnum] == NULL) {
2910 if (!RSA_generate_multi_prime_key(loopargs[i].rsa_key[testnum],
2912 primes, bn, NULL)) {
2918 st = RSA_sign(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2919 &loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2925 "RSA sign failure. No RSA sign will be done.\n");
2926 ERR_print_errors(bio_err);
2929 pkey_print_message("private", "rsa",
2930 rsa_c[testnum][0], rsa_bits[testnum],
2932 /* RSA_blinding_on(rsa_key[testnum],NULL); */
2934 count = run_benchmark(async_jobs, RSA_sign_loop, loopargs);
2937 mr ? "+R1:%ld:%d:%.2f\n"
2938 : "%ld %u bits private RSA's in %.2fs\n",
2939 count, rsa_bits[testnum], d);
2940 rsa_results[testnum][0] = (double)count / d;
2944 for (i = 0; i < loopargs_len; i++) {
2945 st = RSA_verify(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2946 loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2952 "RSA verify failure. No RSA verify will be done.\n");
2953 ERR_print_errors(bio_err);
2954 rsa_doit[testnum] = 0;
2956 pkey_print_message("public", "rsa",
2957 rsa_c[testnum][1], rsa_bits[testnum],
2960 count = run_benchmark(async_jobs, RSA_verify_loop, loopargs);
2963 mr ? "+R2:%ld:%d:%.2f\n"
2964 : "%ld %u bits public RSA's in %.2fs\n",
2965 count, rsa_bits[testnum], d);
2966 rsa_results[testnum][1] = (double)count / d;
2969 if (rsa_count <= 1) {
2970 /* if longer than 10s, don't do any more */
2971 stop_it(rsa_doit, testnum);
2974 #endif /* OPENSSL_NO_RSA */
2976 for (i = 0; i < loopargs_len; i++)
2977 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2980 #ifndef OPENSSL_NO_DSA
2981 for (testnum = 0; testnum < DSA_NUM; testnum++) {
2983 if (!dsa_doit[testnum])
2986 /* DSA_generate_key(dsa_key[testnum]); */
2987 /* DSA_sign_setup(dsa_key[testnum],NULL); */
2988 for (i = 0; i < loopargs_len; i++) {
2989 st = DSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
2990 &loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2996 "DSA sign failure. No DSA sign will be done.\n");
2997 ERR_print_errors(bio_err);
3000 pkey_print_message("sign", "dsa",
3001 dsa_c[testnum][0], dsa_bits[testnum],
3004 count = run_benchmark(async_jobs, DSA_sign_loop, loopargs);
3007 mr ? "+R3:%ld:%u:%.2f\n"
3008 : "%ld %u bits DSA signs in %.2fs\n",
3009 count, dsa_bits[testnum], d);
3010 dsa_results[testnum][0] = (double)count / d;
3014 for (i = 0; i < loopargs_len; i++) {
3015 st = DSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
3016 loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
3022 "DSA verify failure. No DSA verify will be done.\n");
3023 ERR_print_errors(bio_err);
3024 dsa_doit[testnum] = 0;
3026 pkey_print_message("verify", "dsa",
3027 dsa_c[testnum][1], dsa_bits[testnum],
3030 count = run_benchmark(async_jobs, DSA_verify_loop, loopargs);
3033 mr ? "+R4:%ld:%u:%.2f\n"
3034 : "%ld %u bits DSA verify in %.2fs\n",
3035 count, dsa_bits[testnum], d);
3036 dsa_results[testnum][1] = (double)count / d;
3039 if (rsa_count <= 1) {
3040 /* if longer than 10s, don't do any more */
3041 stop_it(dsa_doit, testnum);
3044 #endif /* OPENSSL_NO_DSA */
3046 #ifndef OPENSSL_NO_EC
3047 for (testnum = 0; testnum < ECDSA_NUM; testnum++) {
3050 if (!ecdsa_doit[testnum])
3051 continue; /* Ignore Curve */
3052 for (i = 0; i < loopargs_len; i++) {
3053 loopargs[i].ecdsa[testnum] =
3054 EC_KEY_new_by_curve_name(test_curves[testnum].nid);
3055 if (loopargs[i].ecdsa[testnum] == NULL) {
3061 BIO_printf(bio_err, "ECDSA failure.\n");
3062 ERR_print_errors(bio_err);
3065 for (i = 0; i < loopargs_len; i++) {
3066 EC_KEY_precompute_mult(loopargs[i].ecdsa[testnum], NULL);
3067 /* Perform ECDSA signature test */
3068 EC_KEY_generate_key(loopargs[i].ecdsa[testnum]);
3069 st = ECDSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
3070 &loopargs[i].siglen,
3071 loopargs[i].ecdsa[testnum]);
3077 "ECDSA sign failure. No ECDSA sign will be done.\n");
3078 ERR_print_errors(bio_err);
3081 pkey_print_message("sign", "ecdsa",
3082 ecdsa_c[testnum][0],
3083 test_curves[testnum].bits, seconds.ecdsa);
3085 count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs);
3089 mr ? "+R5:%ld:%u:%.2f\n" :
3090 "%ld %u bits ECDSA signs in %.2fs \n",
3091 count, test_curves[testnum].bits, d);
3092 ecdsa_results[testnum][0] = (double)count / d;
3096 /* Perform ECDSA verification test */
3097 for (i = 0; i < loopargs_len; i++) {
3098 st = ECDSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
3100 loopargs[i].ecdsa[testnum]);
3106 "ECDSA verify failure. No ECDSA verify will be done.\n");
3107 ERR_print_errors(bio_err);
3108 ecdsa_doit[testnum] = 0;
3110 pkey_print_message("verify", "ecdsa",
3111 ecdsa_c[testnum][1],
3112 test_curves[testnum].bits, seconds.ecdsa);
3114 count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs);
3117 mr ? "+R6:%ld:%u:%.2f\n"
3118 : "%ld %u bits ECDSA verify in %.2fs\n",
3119 count, test_curves[testnum].bits, d);
3120 ecdsa_results[testnum][1] = (double)count / d;
3123 if (rsa_count <= 1) {
3124 /* if longer than 10s, don't do any more */
3125 stop_it(ecdsa_doit, testnum);
3130 for (testnum = 0; testnum < EC_NUM; testnum++) {
3131 int ecdh_checks = 1;
3133 if (!ecdh_doit[testnum])
3136 for (i = 0; i < loopargs_len; i++) {
3137 EVP_PKEY_CTX *kctx = NULL;
3138 EVP_PKEY_CTX *test_ctx = NULL;
3139 EVP_PKEY_CTX *ctx = NULL;
3140 EVP_PKEY *key_A = NULL;
3141 EVP_PKEY *key_B = NULL;
3145 /* Ensure that the error queue is empty */
3146 if (ERR_peek_error()) {
3148 "WARNING: the error queue contains previous unhandled errors.\n");
3149 ERR_print_errors(bio_err);
3152 /* Let's try to create a ctx directly from the NID: this works for
3153 * curves like Curve25519 that are not implemented through the low
3154 * level EC interface.
3155 * If this fails we try creating a EVP_PKEY_EC generic param ctx,
3156 * then we set the curve by NID before deriving the actual keygen
3157 * ctx for that specific curve. */
3158 kctx = EVP_PKEY_CTX_new_id(test_curves[testnum].nid, NULL); /* keygen ctx from NID */
3160 EVP_PKEY_CTX *pctx = NULL;
3161 EVP_PKEY *params = NULL;
3163 /* If we reach this code EVP_PKEY_CTX_new_id() failed and a
3164 * "int_ctx_new:unsupported algorithm" error was added to the
3166 * We remove it from the error queue as we are handling it. */
3167 unsigned long error = ERR_peek_error(); /* peek the latest error in the queue */
3168 if (error == ERR_peek_last_error() && /* oldest and latest errors match */
3169 /* check that the error origin matches */
3170 ERR_GET_LIB(error) == ERR_LIB_EVP &&
3171 ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM)
3172 ERR_get_error(); /* pop error from queue */
3173 if (ERR_peek_error()) {
3175 "Unhandled error in the error queue during ECDH init.\n");
3176 ERR_print_errors(bio_err);
3181 if ( /* Create the context for parameter generation */
3182 !(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) ||
3183 /* Initialise the parameter generation */
3184 !EVP_PKEY_paramgen_init(pctx) ||
3185 /* Set the curve by NID */
3186 !EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3189 /* Create the parameter object params */
3190 !EVP_PKEY_paramgen(pctx, ¶ms)) {
3192 BIO_printf(bio_err, "ECDH EC params init failure.\n");
3193 ERR_print_errors(bio_err);
3197 /* Create the context for the key generation */
3198 kctx = EVP_PKEY_CTX_new(params, NULL);
3200 EVP_PKEY_free(params);
3202 EVP_PKEY_CTX_free(pctx);
3205 if (kctx == NULL || /* keygen ctx is not null */
3206 EVP_PKEY_keygen_init(kctx) <= 0/* init keygen ctx */ ) {
3208 BIO_printf(bio_err, "ECDH keygen failure.\n");
3209 ERR_print_errors(bio_err);
3214 if (EVP_PKEY_keygen(kctx, &key_A) <= 0 || /* generate secret key A */
3215 EVP_PKEY_keygen(kctx, &key_B) <= 0 || /* generate secret key B */
3216 !(ctx = EVP_PKEY_CTX_new(key_A, NULL)) || /* derivation ctx from skeyA */
3217 EVP_PKEY_derive_init(ctx) <= 0 || /* init derivation ctx */
3218 EVP_PKEY_derive_set_peer(ctx, key_B) <= 0 || /* set peer pubkey in ctx */
3219 EVP_PKEY_derive(ctx, NULL, &outlen) <= 0 || /* determine max length */
3220 outlen == 0 || /* ensure outlen is a valid size */
3221 outlen > MAX_ECDH_SIZE /* avoid buffer overflow */ ) {
3223 BIO_printf(bio_err, "ECDH key generation failure.\n");
3224 ERR_print_errors(bio_err);
3229 /* Here we perform a test run, comparing the output of a*B and b*A;
3230 * we try this here and assume that further EVP_PKEY_derive calls
3231 * never fail, so we can skip checks in the actually benchmarked
3232 * code, for maximum performance. */
3233 if (!(test_ctx = EVP_PKEY_CTX_new(key_B, NULL)) || /* test ctx from skeyB */
3234 !EVP_PKEY_derive_init(test_ctx) || /* init derivation test_ctx */
3235 !EVP_PKEY_derive_set_peer(test_ctx, key_A) || /* set peer pubkey in test_ctx */
3236 !EVP_PKEY_derive(test_ctx, NULL, &test_outlen) || /* determine max length */
3237 !EVP_PKEY_derive(ctx, loopargs[i].secret_a, &outlen) || /* compute a*B */
3238 !EVP_PKEY_derive(test_ctx, loopargs[i].secret_b, &test_outlen) || /* compute b*A */
3239 test_outlen != outlen /* compare output length */ ) {
3241 BIO_printf(bio_err, "ECDH computation failure.\n");
3242 ERR_print_errors(bio_err);
3247 /* Compare the computation results: CRYPTO_memcmp() returns 0 if equal */
3248 if (CRYPTO_memcmp(loopargs[i].secret_a,
3249 loopargs[i].secret_b, outlen)) {
3251 BIO_printf(bio_err, "ECDH computations don't match.\n");
3252 ERR_print_errors(bio_err);
3257 loopargs[i].ecdh_ctx[testnum] = ctx;
3258 loopargs[i].outlen[testnum] = outlen;
3260 EVP_PKEY_free(key_A);
3261 EVP_PKEY_free(key_B);
3262 EVP_PKEY_CTX_free(kctx);
3264 EVP_PKEY_CTX_free(test_ctx);
3267 if (ecdh_checks != 0) {
3268 pkey_print_message("", "ecdh",
3270 test_curves[testnum].bits, seconds.ecdh);
3273 run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs);
3276 mr ? "+R7:%ld:%d:%.2f\n" :
3277 "%ld %u-bits ECDH ops in %.2fs\n", count,
3278 test_curves[testnum].bits, d);
3279 ecdh_results[testnum][0] = (double)count / d;
3283 if (rsa_count <= 1) {
3284 /* if longer than 10s, don't do any more */
3285 stop_it(ecdh_doit, testnum);
3289 for (testnum = 0; testnum < EdDSA_NUM; testnum++) {
3291 EVP_PKEY *ed_pkey = NULL;
3292 EVP_PKEY_CTX *ed_pctx = NULL;
3294 if (!eddsa_doit[testnum])
3295 continue; /* Ignore Curve */
3296 for (i = 0; i < loopargs_len; i++) {
3297 loopargs[i].eddsa_ctx[testnum] = EVP_MD_CTX_new();
3298 if (loopargs[i].eddsa_ctx[testnum] == NULL) {
3303 if ((ed_pctx = EVP_PKEY_CTX_new_id(test_ed_curves[testnum].nid, NULL))
3305 || EVP_PKEY_keygen_init(ed_pctx) <= 0
3306 || EVP_PKEY_keygen(ed_pctx, &ed_pkey) <= 0) {
3308 EVP_PKEY_CTX_free(ed_pctx);
3311 EVP_PKEY_CTX_free(ed_pctx);
3313 if (!EVP_DigestSignInit(loopargs[i].eddsa_ctx[testnum], NULL, NULL,
3316 EVP_PKEY_free(ed_pkey);
3319 EVP_PKEY_free(ed_pkey);
3322 BIO_printf(bio_err, "EdDSA failure.\n");
3323 ERR_print_errors(bio_err);
3326 for (i = 0; i < loopargs_len; i++) {
3327 /* Perform EdDSA signature test */
3328 loopargs[i].sigsize = test_ed_curves[testnum].sigsize;
3329 st = EVP_DigestSign(loopargs[i].eddsa_ctx[testnum],
3330 loopargs[i].buf2, &loopargs[i].sigsize,
3331 loopargs[i].buf, 20);
3337 "EdDSA sign failure. No EdDSA sign will be done.\n");
3338 ERR_print_errors(bio_err);
3341 pkey_print_message("sign", test_ed_curves[testnum].name,
3342 eddsa_c[testnum][0],
3343 test_ed_curves[testnum].bits, seconds.eddsa);
3345 count = run_benchmark(async_jobs, EdDSA_sign_loop, loopargs);
3349 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3350 "%ld %u bits %s signs in %.2fs \n",
3351 count, test_ed_curves[testnum].bits,
3352 test_ed_curves[testnum].name, d);
3353 eddsa_results[testnum][0] = (double)count / d;
3357 /* Perform EdDSA verification test */
3358 for (i = 0; i < loopargs_len; i++) {
3359 st = EVP_DigestVerify(loopargs[i].eddsa_ctx[testnum],
3360 loopargs[i].buf2, loopargs[i].sigsize,
3361 loopargs[i].buf, 20);
3367 "EdDSA verify failure. No EdDSA verify will be done.\n");
3368 ERR_print_errors(bio_err);
3369 eddsa_doit[testnum] = 0;
3371 pkey_print_message("verify", test_ed_curves[testnum].name,
3372 eddsa_c[testnum][1],
3373 test_ed_curves[testnum].bits, seconds.eddsa);
3375 count = run_benchmark(async_jobs, EdDSA_verify_loop, loopargs);
3378 mr ? "+R9:%ld:%u:%s:%.2f\n"
3379 : "%ld %u bits %s verify in %.2fs\n",
3380 count, test_ed_curves[testnum].bits,
3381 test_ed_curves[testnum].name, d);
3382 eddsa_results[testnum][1] = (double)count / d;
3385 if (rsa_count <= 1) {
3386 /* if longer than 10s, don't do any more */
3387 stop_it(eddsa_doit, testnum);
3392 # ifndef OPENSSL_NO_SM2
3393 for (testnum = 0; testnum < SM2_NUM; testnum++) {
3395 EVP_PKEY *sm2_pkey = NULL;
3397 if (!sm2_doit[testnum])
3398 continue; /* Ignore Curve */
3399 /* Init signing and verification */
3400 for (i = 0; i < loopargs_len; i++) {
3401 EVP_PKEY_CTX *sm2_pctx = NULL;
3402 EVP_PKEY_CTX *sm2_vfy_pctx = NULL;
3403 EVP_PKEY_CTX *pctx = NULL;
3406 loopargs[i].sm2_ctx[testnum] = EVP_MD_CTX_new();
3407 loopargs[i].sm2_vfy_ctx[testnum] = EVP_MD_CTX_new();
3408 if (loopargs[i].sm2_ctx[testnum] == NULL
3409 || loopargs[i].sm2_vfy_ctx[testnum] == NULL)
3412 /* SM2 keys are generated as normal EC keys with a special curve */
3413 st = !((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) == NULL
3414 || EVP_PKEY_keygen_init(pctx) <= 0
3415 || EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3416 test_sm2_curves[testnum].nid) <= 0
3417 || EVP_PKEY_keygen(pctx, &sm2_pkey) <= 0);
3418 EVP_PKEY_CTX_free(pctx);
3422 st = 0; /* set back to zero */
3423 /* attach it sooner to rely on main final cleanup */
3424 loopargs[i].sm2_pkey[testnum] = sm2_pkey;
3425 loopargs[i].sigsize = ECDSA_size(EVP_PKEY_get0_EC_KEY(sm2_pkey));
3426 if (!EVP_PKEY_set_alias_type(sm2_pkey, EVP_PKEY_SM2))
3429 sm2_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3430 sm2_vfy_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3431 if (sm2_pctx == NULL || sm2_vfy_pctx == NULL) {
3432 EVP_PKEY_CTX_free(sm2_vfy_pctx);
3435 /* attach them directly to respective ctx */
3436 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_ctx[testnum], sm2_pctx);
3437 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_vfy_ctx[testnum], sm2_vfy_pctx);
3440 * No need to allow user to set an explicit ID here, just use
3441 * the one defined in the 'draft-yang-tls-tl13-sm-suites' I-D.
3443 if (EVP_PKEY_CTX_set1_id(sm2_pctx, SM2_ID, SM2_ID_LEN) != 1
3444 || EVP_PKEY_CTX_set1_id(sm2_vfy_pctx, SM2_ID, SM2_ID_LEN) != 1)
3447 if (!EVP_DigestSignInit(loopargs[i].sm2_ctx[testnum], NULL,
3448 EVP_sm3(), NULL, sm2_pkey))
3450 if (!EVP_DigestVerifyInit(loopargs[i].sm2_vfy_ctx[testnum], NULL,
3451 EVP_sm3(), NULL, sm2_pkey))
3453 st = 1; /* mark loop as succeeded */
3456 BIO_printf(bio_err, "SM2 init failure.\n");
3457 ERR_print_errors(bio_err);
3460 for (i = 0; i < loopargs_len; i++) {
3461 size_t sm2_sigsize = loopargs[i].sigsize;
3463 /* Perform SM2 signature test */
3464 st = EVP_DigestSign(loopargs[i].sm2_ctx[testnum],
3465 loopargs[i].buf2, &sm2_sigsize,
3466 loopargs[i].buf, 20);
3472 "SM2 sign failure. No SM2 sign will be done.\n");
3473 ERR_print_errors(bio_err);
3476 pkey_print_message("sign", test_sm2_curves[testnum].name,
3478 test_sm2_curves[testnum].bits, seconds.sm2);
3480 count = run_benchmark(async_jobs, SM2_sign_loop, loopargs);
3484 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3485 "%ld %u bits %s signs in %.2fs \n",
3486 count, test_sm2_curves[testnum].bits,
3487 test_sm2_curves[testnum].name, d);
3488 sm2_results[testnum][0] = (double)count / d;
3492 /* Perform SM2 verification test */
3493 for (i = 0; i < loopargs_len; i++) {
3494 st = EVP_DigestVerify(loopargs[i].sm2_vfy_ctx[testnum],
3495 loopargs[i].buf2, loopargs[i].sigsize,
3496 loopargs[i].buf, 20);
3502 "SM2 verify failure. No SM2 verify will be done.\n");
3503 ERR_print_errors(bio_err);
3504 sm2_doit[testnum] = 0;
3506 pkey_print_message("verify", test_sm2_curves[testnum].name,
3508 test_sm2_curves[testnum].bits, seconds.sm2);
3510 count = run_benchmark(async_jobs, SM2_verify_loop, loopargs);
3513 mr ? "+R9:%ld:%u:%s:%.2f\n"
3514 : "%ld %u bits %s verify in %.2fs\n",
3515 count, test_sm2_curves[testnum].bits,
3516 test_sm2_curves[testnum].name, d);
3517 sm2_results[testnum][1] = (double)count / d;
3520 if (rsa_count <= 1) {
3521 /* if longer than 10s, don't do any more */
3522 for (testnum++; testnum < SM2_NUM; testnum++)
3523 sm2_doit[testnum] = 0;
3527 # endif /* OPENSSL_NO_SM2 */
3529 #endif /* OPENSSL_NO_EC */
3534 printf("version: %s\n", OpenSSL_version(OPENSSL_FULL_VERSION_STRING));
3535 printf("built on: %s\n", OpenSSL_version(OPENSSL_BUILT_ON));
3537 printf("%s ", BN_options());
3538 #ifndef OPENSSL_NO_MD2
3539 printf("%s ", MD2_options());
3541 #ifndef OPENSSL_NO_RC4
3542 printf("%s ", RC4_options());
3544 #ifndef OPENSSL_NO_DES
3545 printf("%s ", DES_options());
3547 printf("%s ", AES_options());
3548 #ifndef OPENSSL_NO_IDEA
3549 printf("%s ", IDEA_options());
3551 #ifndef OPENSSL_NO_BF
3552 printf("%s ", BF_options());
3554 printf("\n%s\n", OpenSSL_version(OPENSSL_CFLAGS));
3555 printf("%s\n", OpenSSL_version(OPENSSL_CPU_INFO));
3563 ("The 'numbers' are in 1000s of bytes per second processed.\n");
3566 for (testnum = 0; testnum < size_num; testnum++)
3567 printf(mr ? ":%d" : "%7d bytes", lengths[testnum]);
3571 for (k = 0; k < ALGOR_NUM; k++) {
3575 printf("+F:%u:%s", k, names[k]);
3577 printf("%-13s", names[k]);
3578 for (testnum = 0; testnum < size_num; testnum++) {
3579 if (results[k][testnum] > 10000 && !mr)
3580 printf(" %11.2fk", results[k][testnum] / 1e3);
3582 printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]);
3586 #ifndef OPENSSL_NO_RSA
3588 for (k = 0; k < RSA_NUM; k++) {
3591 if (testnum && !mr) {
3592 printf("%18ssign verify sign/s verify/s\n", " ");
3596 printf("+F2:%u:%u:%f:%f\n",
3597 k, rsa_bits[k], rsa_results[k][0], rsa_results[k][1]);
3599 printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3600 rsa_bits[k], 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1],
3601 rsa_results[k][0], rsa_results[k][1]);
3604 #ifndef OPENSSL_NO_DSA
3606 for (k = 0; k < DSA_NUM; k++) {
3609 if (testnum && !mr) {
3610 printf("%18ssign verify sign/s verify/s\n", " ");
3614 printf("+F3:%u:%u:%f:%f\n",
3615 k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
3617 printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3618 dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1],
3619 dsa_results[k][0], dsa_results[k][1]);
3622 #ifndef OPENSSL_NO_EC
3624 for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) {
3627 if (testnum && !mr) {
3628 printf("%30ssign verify sign/s verify/s\n", " ");
3633 printf("+F4:%u:%u:%f:%f\n",
3634 k, test_curves[k].bits,
3635 ecdsa_results[k][0], ecdsa_results[k][1]);
3637 printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3638 test_curves[k].bits, test_curves[k].name,
3639 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1],
3640 ecdsa_results[k][0], ecdsa_results[k][1]);
3644 for (k = 0; k < EC_NUM; k++) {
3647 if (testnum && !mr) {
3648 printf("%30sop op/s\n", " ");
3652 printf("+F5:%u:%u:%f:%f\n",
3653 k, test_curves[k].bits,
3654 ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
3657 printf("%4u bits ecdh (%s) %8.4fs %8.1f\n",
3658 test_curves[k].bits, test_curves[k].name,
3659 1.0 / ecdh_results[k][0], ecdh_results[k][0]);
3663 for (k = 0; k < OSSL_NELEM(eddsa_doit); k++) {
3666 if (testnum && !mr) {
3667 printf("%30ssign verify sign/s verify/s\n", " ");
3672 printf("+F6:%u:%u:%s:%f:%f\n",
3673 k, test_ed_curves[k].bits, test_ed_curves[k].name,
3674 eddsa_results[k][0], eddsa_results[k][1]);
3676 printf("%4u bits EdDSA (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3677 test_ed_curves[k].bits, test_ed_curves[k].name,
3678 1.0 / eddsa_results[k][0], 1.0 / eddsa_results[k][1],
3679 eddsa_results[k][0], eddsa_results[k][1]);
3682 # ifndef OPENSSL_NO_SM2
3684 for (k = 0; k < OSSL_NELEM(sm2_doit); k++) {
3687 if (testnum && !mr) {
3688 printf("%30ssign verify sign/s verify/s\n", " ");
3693 printf("+F6:%u:%u:%s:%f:%f\n",
3694 k, test_sm2_curves[k].bits, test_sm2_curves[k].name,
3695 sm2_results[k][0], sm2_results[k][1]);
3697 printf("%4u bits SM2 (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3698 test_sm2_curves[k].bits, test_sm2_curves[k].name,
3699 1.0 / sm2_results[k][0], 1.0 / sm2_results[k][1],
3700 sm2_results[k][0], sm2_results[k][1]);
3708 ERR_print_errors(bio_err);
3709 for (i = 0; i < loopargs_len; i++) {
3710 OPENSSL_free(loopargs[i].buf_malloc);
3711 OPENSSL_free(loopargs[i].buf2_malloc);
3713 #ifndef OPENSSL_NO_RSA
3714 for (k = 0; k < RSA_NUM; k++)
3715 RSA_free(loopargs[i].rsa_key[k]);
3717 #ifndef OPENSSL_NO_DSA
3718 for (k = 0; k < DSA_NUM; k++)
3719 DSA_free(loopargs[i].dsa_key[k]);
3721 #ifndef OPENSSL_NO_EC
3722 for (k = 0; k < ECDSA_NUM; k++)
3723 EC_KEY_free(loopargs[i].ecdsa[k]);
3724 for (k = 0; k < EC_NUM; k++)
3725 EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]);
3726 for (k = 0; k < EdDSA_NUM; k++)
3727 EVP_MD_CTX_free(loopargs[i].eddsa_ctx[k]);
3728 # ifndef OPENSSL_NO_SM2
3729 for (k = 0; k < SM2_NUM; k++) {
3730 EVP_PKEY_CTX *pctx = NULL;
3732 /* free signing ctx */
3733 if (loopargs[i].sm2_ctx[k] != NULL
3734 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_ctx[k])) != NULL)
3735 EVP_PKEY_CTX_free(pctx);
3736 EVP_MD_CTX_free(loopargs[i].sm2_ctx[k]);
3737 /* free verification ctx */
3738 if (loopargs[i].sm2_vfy_ctx[k] != NULL
3739 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_vfy_ctx[k])) != NULL)
3740 EVP_PKEY_CTX_free(pctx);
3741 EVP_MD_CTX_free(loopargs[i].sm2_vfy_ctx[k]);
3743 EVP_PKEY_free(loopargs[i].sm2_pkey[k]);
3746 OPENSSL_free(loopargs[i].secret_a);
3747 OPENSSL_free(loopargs[i].secret_b);
3750 OPENSSL_free(evp_hmac_name);
3751 #ifndef OPENSSL_NO_CMAC
3752 OPENSSL_free(evp_cmac_name);
3755 if (async_jobs > 0) {
3756 for (i = 0; i < loopargs_len; i++)
3757 ASYNC_WAIT_CTX_free(loopargs[i].wait_ctx);
3761 ASYNC_cleanup_thread();
3763 OPENSSL_free(loopargs);
3768 static void print_message(const char *s, long num, int length, int tm)
3772 mr ? "+DT:%s:%d:%d\n"
3773 : "Doing %s for %ds on %d size blocks: ", s, tm, length);
3774 (void)BIO_flush(bio_err);
3778 mr ? "+DN:%s:%ld:%d\n"
3779 : "Doing %s %ld times on %d size blocks: ", s, num, length);
3780 (void)BIO_flush(bio_err);
3784 static void pkey_print_message(const char *str, const char *str2, long num,
3785 unsigned int bits, int tm)
3789 mr ? "+DTP:%d:%s:%s:%d\n"
3790 : "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm);
3791 (void)BIO_flush(bio_err);
3795 mr ? "+DNP:%ld:%d:%s:%s\n"
3796 : "Doing %ld %u bits %s %s's: ", num, bits, str, str2);
3797 (void)BIO_flush(bio_err);
3801 static void print_result(int alg, int run_no, int count, double time_used)
3804 BIO_printf(bio_err, "%s error!\n", names[alg]);
3805 ERR_print_errors(bio_err);
3806 /* exit(1); disable exit until default provider enabled */
3810 mr ? "+R:%d:%s:%f\n"
3811 : "%d %s's in %.2fs\n", count, names[alg], time_used);
3812 results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
3816 static char *sstrsep(char **string, const char *delim)
3819 char *token = *string;
3824 memset(isdelim, 0, sizeof(isdelim));
3828 isdelim[(unsigned char)(*delim)] = 1;
3832 while (!isdelim[(unsigned char)(**string)]) {
3844 static int do_multi(int multi, int size_num)
3849 static char sep[] = ":";
3851 fds = app_malloc(sizeof(*fds) * multi, "fd buffer for do_multi");
3852 for (n = 0; n < multi; ++n) {
3853 if (pipe(fd) == -1) {
3854 BIO_printf(bio_err, "pipe failure\n");
3858 (void)BIO_flush(bio_err);
3865 if (dup(fd[1]) == -1) {
3866 BIO_printf(bio_err, "dup failed\n");
3875 printf("Forked child %d\n", n);
3878 /* for now, assume the pipe is long enough to take all the output */
3879 for (n = 0; n < multi; ++n) {
3884 f = fdopen(fds[n], "r");
3885 while (fgets(buf, sizeof(buf), f)) {
3886 p = strchr(buf, '\n');
3889 if (buf[0] != '+') {
3891 "Don't understand line '%s' from child %d\n", buf,
3895 printf("Got: %s from %d\n", buf, n);
3896 if (strncmp(buf, "+F:", 3) == 0) {
3901 alg = atoi(sstrsep(&p, sep));
3903 for (j = 0; j < size_num; ++j)
3904 results[alg][j] += atof(sstrsep(&p, sep));
3905 } else if (strncmp(buf, "+F2:", 4) == 0) {
3910 k = atoi(sstrsep(&p, sep));
3913 d = atof(sstrsep(&p, sep));
3914 rsa_results[k][0] += d;
3916 d = atof(sstrsep(&p, sep));
3917 rsa_results[k][1] += d;
3919 # ifndef OPENSSL_NO_DSA
3920 else if (strncmp(buf, "+F3:", 4) == 0) {
3925 k = atoi(sstrsep(&p, sep));
3928 d = atof(sstrsep(&p, sep));
3929 dsa_results[k][0] += d;
3931 d = atof(sstrsep(&p, sep));
3932 dsa_results[k][1] += d;
3935 # ifndef OPENSSL_NO_EC
3936 else if (strncmp(buf, "+F4:", 4) == 0) {
3941 k = atoi(sstrsep(&p, sep));
3944 d = atof(sstrsep(&p, sep));
3945 ecdsa_results[k][0] += d;
3947 d = atof(sstrsep(&p, sep));
3948 ecdsa_results[k][1] += d;
3949 } else if (strncmp(buf, "+F5:", 4) == 0) {
3954 k = atoi(sstrsep(&p, sep));
3957 d = atof(sstrsep(&p, sep));
3958 ecdh_results[k][0] += d;
3959 } else if (strncmp(buf, "+F6:", 4) == 0) {
3964 k = atoi(sstrsep(&p, sep));
3967 d = atof(sstrsep(&p, sep));
3968 eddsa_results[k][0] += d;
3970 d = atof(sstrsep(&p, sep));
3971 eddsa_results[k][1] += d;
3973 # ifndef OPENSSL_NO_SM2
3974 else if (strncmp(buf, "+F7:", 4) == 0) {
3979 k = atoi(sstrsep(&p, sep));
3982 d = atof(sstrsep(&p, sep));
3983 sm2_results[k][0] += d;
3985 d = atof(sstrsep(&p, sep));
3986 sm2_results[k][1] += d;
3988 # endif /* OPENSSL_NO_SM2 */
3991 else if (strncmp(buf, "+H:", 3) == 0) {
3994 BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf,
4005 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
4006 const openssl_speed_sec_t *seconds)
4008 static const int mblengths_list[] =
4009 { 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 };
4010 const int *mblengths = mblengths_list;
4011 int j, count, keylen, num = OSSL_NELEM(mblengths_list);
4012 const char *alg_name;
4013 unsigned char *inp, *out, *key, no_key[32], no_iv[16];
4014 EVP_CIPHER_CTX *ctx;
4017 if (lengths_single) {
4018 mblengths = &lengths_single;
4022 inp = app_malloc(mblengths[num - 1], "multiblock input buffer");
4023 out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer");
4024 ctx = EVP_CIPHER_CTX_new();
4025 EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv);
4027 keylen = EVP_CIPHER_CTX_key_length(ctx);
4028 key = app_malloc(keylen, "evp_cipher key");
4029 EVP_CIPHER_CTX_rand_key(ctx, key);
4030 EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
4031 OPENSSL_clear_free(key, keylen);
4033 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key), no_key);
4034 alg_name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
4036 for (j = 0; j < num; j++) {
4037 print_message(alg_name, 0, mblengths[j], seconds->sym);
4039 for (count = 0, run = 1; run && count < 0x7fffffff; count++) {
4040 unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
4041 EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
4042 size_t len = mblengths[j];
4045 memset(aad, 0, 8); /* avoid uninitialized values */
4046 aad[8] = 23; /* SSL3_RT_APPLICATION_DATA */
4047 aad[9] = 3; /* version */
4049 aad[11] = 0; /* length */
4051 mb_param.out = NULL;
4054 mb_param.interleave = 8;
4056 packlen = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
4057 sizeof(mb_param), &mb_param);
4063 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
4064 sizeof(mb_param), &mb_param);
4068 RAND_bytes(out, 16);
4070 aad[11] = (unsigned char)(len >> 8);
4071 aad[12] = (unsigned char)(len);
4072 pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD,
4073 EVP_AEAD_TLS1_AAD_LEN, aad);
4074 EVP_Cipher(ctx, out, inp, len + pad);
4078 BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n"
4079 : "%d %s's in %.2fs\n", count, "evp", d);
4080 results[D_EVP][j] = ((double)count) / d * mblengths[j];
4084 fprintf(stdout, "+H");
4085 for (j = 0; j < num; j++)
4086 fprintf(stdout, ":%d", mblengths[j]);
4087 fprintf(stdout, "\n");
4088 fprintf(stdout, "+F:%d:%s", D_EVP, alg_name);
4089 for (j = 0; j < num; j++)
4090 fprintf(stdout, ":%.2f", results[D_EVP][j]);
4091 fprintf(stdout, "\n");
4094 "The 'numbers' are in 1000s of bytes per second processed.\n");
4095 fprintf(stdout, "type ");
4096 for (j = 0; j < num; j++)
4097 fprintf(stdout, "%7d bytes", mblengths[j]);
4098 fprintf(stdout, "\n");
4099 fprintf(stdout, "%-24s", alg_name);
4101 for (j = 0; j < num; j++) {
4102 if (results[D_EVP][j] > 10000)
4103 fprintf(stdout, " %11.2fk", results[D_EVP][j] / 1e3);
4105 fprintf(stdout, " %11.2f ", results[D_EVP][j]);
4107 fprintf(stdout, "\n");
4112 EVP_CIPHER_CTX_free(ctx);