2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
13 #define RSA_SECONDS 10
14 #define DSA_SECONDS 10
15 #define ECDSA_SECONDS 10
16 #define ECDH_SECONDS 10
17 #define EdDSA_SECONDS 10
18 #define SM2_SECONDS 10
20 /* We need to use some deprecated APIs */
21 #define OPENSSL_SUPPRESS_DEPRECATED
29 #include <openssl/crypto.h>
30 #include <openssl/rand.h>
31 #include <openssl/err.h>
32 #include <openssl/evp.h>
33 #include <openssl/objects.h>
34 #include <openssl/async.h>
35 #if !defined(OPENSSL_SYS_MSDOS)
43 #include <openssl/bn.h>
44 #ifndef OPENSSL_NO_DES
45 # include <openssl/des.h>
47 #include <openssl/aes.h>
48 #ifndef OPENSSL_NO_CAMELLIA
49 # include <openssl/camellia.h>
51 #ifndef OPENSSL_NO_MD2
52 # include <openssl/md2.h>
54 #ifndef OPENSSL_NO_MDC2
55 # include <openssl/mdc2.h>
57 #ifndef OPENSSL_NO_MD4
58 # include <openssl/md4.h>
60 #ifndef OPENSSL_NO_MD5
61 # include <openssl/md5.h>
63 #include <openssl/hmac.h>
64 #ifndef OPENSSL_NO_CMAC
65 #include <openssl/cmac.h>
67 #include <openssl/sha.h>
68 #ifndef OPENSSL_NO_RMD160
69 # include <openssl/ripemd.h>
71 #ifndef OPENSSL_NO_WHIRLPOOL
72 # include <openssl/whrlpool.h>
74 #ifndef OPENSSL_NO_RC4
75 # include <openssl/rc4.h>
77 #ifndef OPENSSL_NO_RC5
78 # include <openssl/rc5.h>
80 #ifndef OPENSSL_NO_RC2
81 # include <openssl/rc2.h>
83 #ifndef OPENSSL_NO_IDEA
84 # include <openssl/idea.h>
86 #ifndef OPENSSL_NO_SEED
87 # include <openssl/seed.h>
90 # include <openssl/blowfish.h>
92 #ifndef OPENSSL_NO_CAST
93 # include <openssl/cast.h>
95 #ifndef OPENSSL_NO_RSA
96 # include <openssl/rsa.h>
97 # include "./testrsa.h"
99 #include <openssl/x509.h>
100 #ifndef OPENSSL_NO_DSA
101 # include <openssl/dsa.h>
102 # include "./testdsa.h"
104 #ifndef OPENSSL_NO_EC
105 # include <openssl/ec.h>
107 #include <openssl/modes.h>
110 # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS)
123 #define MAX_MISALIGNMENT 63
124 #define MAX_ECDH_SIZE 256
127 typedef struct openssl_speed_sec_st {
135 } openssl_speed_sec_t;
137 static volatile int run = 0;
140 static int usertime = 1;
142 static double Time_F(int s);
143 static void print_message(const char *s, long num, int length, int tm);
144 static void pkey_print_message(const char *str, const char *str2,
145 long num, unsigned int bits, int sec);
146 static void print_result(int alg, int run_no, int count, double time_used);
148 static int do_multi(int multi, int size_num);
151 static const int lengths_list[] = {
152 16, 64, 256, 1024, 8 * 1024, 16 * 1024
154 static const int *lengths = lengths_list;
156 static const int aead_lengths_list[] = {
157 2, 31, 136, 1024, 8 * 1024, 16 * 1024
165 static void alarmed(int sig)
167 signal(SIGALRM, alarmed);
171 static double Time_F(int s)
173 double ret = app_tminterval(s, usertime);
179 #elif defined(_WIN32)
183 static unsigned int lapse;
184 static volatile unsigned int schlock;
185 static void alarm_win32(unsigned int secs)
190 # define alarm alarm_win32
192 static DWORD WINAPI sleepy(VOID * arg)
200 static double Time_F(int s)
207 thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
209 DWORD err = GetLastError();
210 BIO_printf(bio_err, "unable to CreateThread (%lu)", err);
214 Sleep(0); /* scheduler spinlock */
215 ret = app_tminterval(s, usertime);
217 ret = app_tminterval(s, usertime);
219 TerminateThread(thr, 0);
226 static double Time_F(int s)
228 return app_tminterval(s, usertime);
232 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
233 const openssl_speed_sec_t *seconds);
235 #define found(value, pairs, result)\
236 opt_found(value, result, pairs, OSSL_NELEM(pairs))
237 static int opt_found(const char *name, unsigned int *result,
238 const OPT_PAIR pairs[], unsigned int nbelem)
242 for (idx = 0; idx < nbelem; ++idx, pairs++)
243 if (strcmp(name, pairs->name) == 0) {
244 *result = pairs->retval;
250 typedef enum OPTION_choice {
251 OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
252 OPT_ELAPSED, OPT_EVP, OPT_HMAC, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
253 OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM,
254 OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD, OPT_CMAC
257 const OPTIONS speed_options[] = {
258 {OPT_HELP_STR, 1, '-', "Usage: %s [options] [algorithm...]\n"},
260 OPT_SECTION("General"),
261 {"help", OPT_HELP, '-', "Display this summary"},
263 "Enable (tls1>=1) multi-block mode on EVP-named cipher"},
264 {"mr", OPT_MR, '-', "Produce machine readable output"},
266 {"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"},
268 #ifndef OPENSSL_NO_ASYNC
269 {"async_jobs", OPT_ASYNCJOBS, 'p',
270 "Enable async mode and start specified number of jobs"},
272 #ifndef OPENSSL_NO_ENGINE
273 {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
275 {"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"},
277 OPT_SECTION("Selection"),
278 {"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"},
279 {"hmac", OPT_HMAC, 's', "HMAC using EVP-named digest"},
280 #ifndef OPENSSL_NO_CMAC
281 {"cmac", OPT_CMAC, 's', "CMAC using EVP-named cipher"},
283 {"decrypt", OPT_DECRYPT, '-',
284 "Time decryption instead of encryption (only EVP)"},
285 {"aead", OPT_AEAD, '-',
286 "Benchmark EVP-named AEAD cipher in TLS-like sequence"},
288 OPT_SECTION("Timing"),
289 {"elapsed", OPT_ELAPSED, '-',
290 "Use wall-clock time instead of CPU user time as divisor"},
291 {"seconds", OPT_SECONDS, 'p',
292 "Run benchmarks for specified amount of seconds"},
293 {"bytes", OPT_BYTES, 'p',
294 "Run [non-PKI] benchmarks on custom-sized buffer"},
295 {"misalign", OPT_MISALIGN, 'p',
296 "Use specified offset to mis-align buffers"},
301 {"algorithm", 0, 0, "Algorithm(s) to test (optional; otherwise tests all)"},
315 #define D_CBC_IDEA 10
316 #define D_CBC_SEED 11
320 #define D_CBC_CAST 15
321 #define D_CBC_128_AES 16
322 #define D_CBC_192_AES 17
323 #define D_CBC_256_AES 18
324 #define D_CBC_128_CML 19
325 #define D_CBC_192_CML 20
326 #define D_CBC_256_CML 21
330 #define D_WHIRLPOOL 25
331 #define D_IGE_128_AES 26
332 #define D_IGE_192_AES 27
333 #define D_IGE_256_AES 28
336 #define D_EVP_HMAC 31
337 #define D_EVP_CMAC 32
339 /* name of algorithms to test */
340 static const char *names[] = {
341 "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
342 "des cbc", "des ede3", "idea cbc", "seed cbc",
343 "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
344 "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
345 "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
346 "evp", "sha256", "sha512", "whirlpool",
347 "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
348 "rand", "hmac", "cmac"
350 #define ALGOR_NUM OSSL_NELEM(names)
352 /* list of configured algorithm (remaining) */
353 static const OPT_PAIR doit_choices[] = {
354 #ifndef OPENSSL_NO_MD2
357 #ifndef OPENSSL_NO_MDC2
360 #ifndef OPENSSL_NO_MD4
363 #ifndef OPENSSL_NO_MD5
368 {"sha256", D_SHA256},
369 {"sha512", D_SHA512},
370 #ifndef OPENSSL_NO_WHIRLPOOL
371 {"whirlpool", D_WHIRLPOOL},
373 #ifndef OPENSSL_NO_RMD160
374 {"ripemd", D_RMD160},
375 {"rmd160", D_RMD160},
376 {"ripemd160", D_RMD160},
378 #ifndef OPENSSL_NO_RC4
381 #ifndef OPENSSL_NO_DES
382 {"des-cbc", D_CBC_DES},
383 {"des-ede3", D_EDE3_DES},
385 {"aes-128-cbc", D_CBC_128_AES},
386 {"aes-192-cbc", D_CBC_192_AES},
387 {"aes-256-cbc", D_CBC_256_AES},
388 #ifndef OPENSSL_NO_DEPRECATED_3_0
389 {"aes-128-ige", D_IGE_128_AES},
390 {"aes-192-ige", D_IGE_192_AES},
391 {"aes-256-ige", D_IGE_256_AES},
393 #ifndef OPENSSL_NO_RC2
394 {"rc2-cbc", D_CBC_RC2},
397 #ifndef OPENSSL_NO_RC5
398 {"rc5-cbc", D_CBC_RC5},
401 #ifndef OPENSSL_NO_IDEA
402 {"idea-cbc", D_CBC_IDEA},
403 {"idea", D_CBC_IDEA},
405 #ifndef OPENSSL_NO_SEED
406 {"seed-cbc", D_CBC_SEED},
407 {"seed", D_CBC_SEED},
409 #ifndef OPENSSL_NO_BF
410 {"bf-cbc", D_CBC_BF},
411 {"blowfish", D_CBC_BF},
414 #ifndef OPENSSL_NO_CAST
415 {"cast-cbc", D_CBC_CAST},
416 {"cast", D_CBC_CAST},
417 {"cast5", D_CBC_CAST},
423 static double results[ALGOR_NUM][OSSL_NELEM(lengths_list)];
425 #ifndef OPENSSL_NO_DSA
427 # define R_DSA_1024 1
428 # define R_DSA_2048 2
429 static const OPT_PAIR dsa_choices[] = {
430 {"dsa512", R_DSA_512},
431 {"dsa1024", R_DSA_1024},
432 {"dsa2048", R_DSA_2048}
434 # define DSA_NUM OSSL_NELEM(dsa_choices)
436 static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */
437 #endif /* OPENSSL_NO_DSA */
445 #define R_RSA_15360 6
446 #ifndef OPENSSL_NO_RSA
447 static const OPT_PAIR rsa_choices[] = {
448 {"rsa512", R_RSA_512},
449 {"rsa1024", R_RSA_1024},
450 {"rsa2048", R_RSA_2048},
451 {"rsa3072", R_RSA_3072},
452 {"rsa4096", R_RSA_4096},
453 {"rsa7680", R_RSA_7680},
454 {"rsa15360", R_RSA_15360}
456 # define RSA_NUM OSSL_NELEM(rsa_choices)
458 static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */
459 #endif /* OPENSSL_NO_RSA */
468 #ifndef OPENSSL_NO_EC2M
490 #ifndef OPENSSL_NO_EC
491 static OPT_PAIR ecdsa_choices[] = {
492 {"ecdsap160", R_EC_P160},
493 {"ecdsap192", R_EC_P192},
494 {"ecdsap224", R_EC_P224},
495 {"ecdsap256", R_EC_P256},
496 {"ecdsap384", R_EC_P384},
497 {"ecdsap521", R_EC_P521},
498 # ifndef OPENSSL_NO_EC2M
499 {"ecdsak163", R_EC_K163},
500 {"ecdsak233", R_EC_K233},
501 {"ecdsak283", R_EC_K283},
502 {"ecdsak409", R_EC_K409},
503 {"ecdsak571", R_EC_K571},
504 {"ecdsab163", R_EC_B163},
505 {"ecdsab233", R_EC_B233},
506 {"ecdsab283", R_EC_B283},
507 {"ecdsab409", R_EC_B409},
508 {"ecdsab571", R_EC_B571},
510 {"ecdsabrp256r1", R_EC_BRP256R1},
511 {"ecdsabrp256t1", R_EC_BRP256T1},
512 {"ecdsabrp384r1", R_EC_BRP384R1},
513 {"ecdsabrp384t1", R_EC_BRP384T1},
514 {"ecdsabrp512r1", R_EC_BRP512R1},
515 {"ecdsabrp512t1", R_EC_BRP512T1}
517 # define ECDSA_NUM OSSL_NELEM(ecdsa_choices)
519 static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */
521 static const OPT_PAIR ecdh_choices[] = {
522 {"ecdhp160", R_EC_P160},
523 {"ecdhp192", R_EC_P192},
524 {"ecdhp224", R_EC_P224},
525 {"ecdhp256", R_EC_P256},
526 {"ecdhp384", R_EC_P384},
527 {"ecdhp521", R_EC_P521},
528 # ifndef OPENSSL_NO_EC2M
529 {"ecdhk163", R_EC_K163},
530 {"ecdhk233", R_EC_K233},
531 {"ecdhk283", R_EC_K283},
532 {"ecdhk409", R_EC_K409},
533 {"ecdhk571", R_EC_K571},
534 {"ecdhb163", R_EC_B163},
535 {"ecdhb233", R_EC_B233},
536 {"ecdhb283", R_EC_B283},
537 {"ecdhb409", R_EC_B409},
538 {"ecdhb571", R_EC_B571},
540 {"ecdhbrp256r1", R_EC_BRP256R1},
541 {"ecdhbrp256t1", R_EC_BRP256T1},
542 {"ecdhbrp384r1", R_EC_BRP384R1},
543 {"ecdhbrp384t1", R_EC_BRP384T1},
544 {"ecdhbrp512r1", R_EC_BRP512R1},
545 {"ecdhbrp512t1", R_EC_BRP512T1},
546 {"ecdhx25519", R_EC_X25519},
547 {"ecdhx448", R_EC_X448}
549 # define EC_NUM OSSL_NELEM(ecdh_choices)
551 static double ecdh_results[EC_NUM][1]; /* 1 op: derivation */
553 #define R_EC_Ed25519 0
555 static OPT_PAIR eddsa_choices[] = {
556 {"ed25519", R_EC_Ed25519},
557 {"ed448", R_EC_Ed448}
559 # define EdDSA_NUM OSSL_NELEM(eddsa_choices)
561 static double eddsa_results[EdDSA_NUM][2]; /* 2 ops: sign then verify */
563 # ifndef OPENSSL_NO_SM2
564 # define R_EC_CURVESM2 0
565 static OPT_PAIR sm2_choices[] = {
566 {"curveSM2", R_EC_CURVESM2}
568 # define SM2_ID "TLSv1.3+GM+Cipher+Suite"
569 # define SM2_ID_LEN sizeof("TLSv1.3+GM+Cipher+Suite") - 1
570 # define SM2_NUM OSSL_NELEM(sm2_choices)
572 static double sm2_results[SM2_NUM][2]; /* 2 ops: sign then verify */
573 # endif /* OPENSSL_NO_SM2 */
574 #endif /* OPENSSL_NO_EC */
577 # define COND(d) (count < (d))
578 # define COUNT(d) (d)
580 # define COND(unused_cond) (run && count<0x7fffffff)
581 # define COUNT(d) (count)
584 typedef struct loopargs_st {
585 ASYNC_JOB *inprogress_job;
586 ASYNC_WAIT_CTX *wait_ctx;
589 unsigned char *buf_malloc;
590 unsigned char *buf2_malloc;
594 #ifndef OPENSSL_NO_RSA
595 RSA *rsa_key[RSA_NUM];
597 #ifndef OPENSSL_NO_DSA
598 DSA *dsa_key[DSA_NUM];
600 #ifndef OPENSSL_NO_EC
601 EC_KEY *ecdsa[ECDSA_NUM];
602 EVP_PKEY_CTX *ecdh_ctx[EC_NUM];
603 EVP_MD_CTX *eddsa_ctx[EdDSA_NUM];
604 # ifndef OPENSSL_NO_SM2
605 EVP_MD_CTX *sm2_ctx[SM2_NUM];
606 EVP_MD_CTX *sm2_vfy_ctx[SM2_NUM];
607 EVP_PKEY *sm2_pkey[SM2_NUM];
609 unsigned char *secret_a;
610 unsigned char *secret_b;
611 size_t outlen[EC_NUM];
615 #ifndef OPENSSL_NO_CMAC
618 GCM128_CONTEXT *gcm_ctx;
620 static int run_benchmark(int async_jobs, int (*loop_function) (void *),
621 loopargs_t * loopargs);
623 static unsigned int testnum;
625 /* Nb of iterations to do per algorithm and key-size */
626 static long c[ALGOR_NUM][OSSL_NELEM(lengths_list)];
628 #ifndef OPENSSL_NO_MD2
629 static int EVP_Digest_MD2_loop(void *args)
631 loopargs_t *tempargs = *(loopargs_t **) args;
632 unsigned char *buf = tempargs->buf;
633 unsigned char md2[MD2_DIGEST_LENGTH];
636 for (count = 0; COND(c[D_MD2][testnum]); count++) {
637 if (!EVP_Digest(buf, (size_t)lengths[testnum], md2, NULL, EVP_md2(),
645 #ifndef OPENSSL_NO_MDC2
646 static int EVP_Digest_MDC2_loop(void *args)
648 loopargs_t *tempargs = *(loopargs_t **) args;
649 unsigned char *buf = tempargs->buf;
650 unsigned char mdc2[MDC2_DIGEST_LENGTH];
653 for (count = 0; COND(c[D_MDC2][testnum]); count++) {
654 if (!EVP_Digest(buf, (size_t)lengths[testnum], mdc2, NULL, EVP_mdc2(),
662 #ifndef OPENSSL_NO_MD4
663 static int EVP_Digest_MD4_loop(void *args)
665 loopargs_t *tempargs = *(loopargs_t **) args;
666 unsigned char *buf = tempargs->buf;
667 unsigned char md4[MD4_DIGEST_LENGTH];
670 for (count = 0; COND(c[D_MD4][testnum]); count++) {
671 if (!EVP_Digest(buf, (size_t)lengths[testnum], md4, NULL, EVP_md4(),
679 #ifndef OPENSSL_NO_MD5
680 static int MD5_loop(void *args)
682 loopargs_t *tempargs = *(loopargs_t **) args;
683 unsigned char *buf = tempargs->buf;
684 unsigned char md5[MD5_DIGEST_LENGTH];
686 for (count = 0; COND(c[D_MD5][testnum]); count++)
687 MD5(buf, lengths[testnum], md5);
691 static int HMAC_loop(void *args)
693 loopargs_t *tempargs = *(loopargs_t **) args;
694 unsigned char *buf = tempargs->buf;
695 HMAC_CTX *hctx = tempargs->hctx;
696 unsigned char hmac[MD5_DIGEST_LENGTH];
699 for (count = 0; COND(c[D_HMAC][testnum]); count++) {
700 HMAC_Init_ex(hctx, NULL, 0, NULL, NULL);
701 HMAC_Update(hctx, buf, lengths[testnum]);
702 HMAC_Final(hctx, hmac, NULL);
708 static int SHA1_loop(void *args)
710 loopargs_t *tempargs = *(loopargs_t **) args;
711 unsigned char *buf = tempargs->buf;
712 unsigned char sha[SHA_DIGEST_LENGTH];
714 for (count = 0; COND(c[D_SHA1][testnum]); count++)
715 SHA1(buf, lengths[testnum], sha);
719 static int SHA256_loop(void *args)
721 loopargs_t *tempargs = *(loopargs_t **) args;
722 unsigned char *buf = tempargs->buf;
723 unsigned char sha256[SHA256_DIGEST_LENGTH];
725 for (count = 0; COND(c[D_SHA256][testnum]); count++)
726 SHA256(buf, lengths[testnum], sha256);
730 static int SHA512_loop(void *args)
732 loopargs_t *tempargs = *(loopargs_t **) args;
733 unsigned char *buf = tempargs->buf;
734 unsigned char sha512[SHA512_DIGEST_LENGTH];
736 for (count = 0; COND(c[D_SHA512][testnum]); count++)
737 SHA512(buf, lengths[testnum], sha512);
741 #ifndef OPENSSL_NO_WHIRLPOOL
742 static int WHIRLPOOL_loop(void *args)
744 loopargs_t *tempargs = *(loopargs_t **) args;
745 unsigned char *buf = tempargs->buf;
746 unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
748 for (count = 0; COND(c[D_WHIRLPOOL][testnum]); count++)
749 WHIRLPOOL(buf, lengths[testnum], whirlpool);
754 #ifndef OPENSSL_NO_RMD160
755 static int EVP_Digest_RMD160_loop(void *args)
757 loopargs_t *tempargs = *(loopargs_t **) args;
758 unsigned char *buf = tempargs->buf;
759 unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
761 for (count = 0; COND(c[D_RMD160][testnum]); count++) {
762 if (!EVP_Digest(buf, (size_t)lengths[testnum], &(rmd160[0]),
763 NULL, EVP_ripemd160(), NULL))
770 #ifndef OPENSSL_NO_RC4
771 static RC4_KEY rc4_ks;
772 static int RC4_loop(void *args)
774 loopargs_t *tempargs = *(loopargs_t **) args;
775 unsigned char *buf = tempargs->buf;
777 for (count = 0; COND(c[D_RC4][testnum]); count++)
778 RC4(&rc4_ks, (size_t)lengths[testnum], buf, buf);
783 #ifndef OPENSSL_NO_DES
784 static unsigned char DES_iv[8];
785 static DES_key_schedule sch;
786 static DES_key_schedule sch2;
787 static DES_key_schedule sch3;
788 static int DES_ncbc_encrypt_loop(void *args)
790 loopargs_t *tempargs = *(loopargs_t **) args;
791 unsigned char *buf = tempargs->buf;
793 for (count = 0; COND(c[D_CBC_DES][testnum]); count++)
794 DES_ncbc_encrypt(buf, buf, lengths[testnum], &sch,
795 &DES_iv, DES_ENCRYPT);
799 static int DES_ede3_cbc_encrypt_loop(void *args)
801 loopargs_t *tempargs = *(loopargs_t **) args;
802 unsigned char *buf = tempargs->buf;
804 for (count = 0; COND(c[D_EDE3_DES][testnum]); count++)
805 DES_ede3_cbc_encrypt(buf, buf, lengths[testnum],
806 &sch, &sch2, &sch3, &DES_iv, DES_ENCRYPT);
811 #define MAX_BLOCK_SIZE 128
813 static unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
814 static AES_KEY aes_ks1, aes_ks2, aes_ks3;
815 static int AES_cbc_128_encrypt_loop(void *args)
817 loopargs_t *tempargs = *(loopargs_t **) args;
818 unsigned char *buf = tempargs->buf;
820 for (count = 0; COND(c[D_CBC_128_AES][testnum]); count++)
821 AES_cbc_encrypt(buf, buf,
822 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
826 static int AES_cbc_192_encrypt_loop(void *args)
828 loopargs_t *tempargs = *(loopargs_t **) args;
829 unsigned char *buf = tempargs->buf;
831 for (count = 0; COND(c[D_CBC_192_AES][testnum]); count++)
832 AES_cbc_encrypt(buf, buf,
833 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
837 static int AES_cbc_256_encrypt_loop(void *args)
839 loopargs_t *tempargs = *(loopargs_t **) args;
840 unsigned char *buf = tempargs->buf;
842 for (count = 0; COND(c[D_CBC_256_AES][testnum]); count++)
843 AES_cbc_encrypt(buf, buf,
844 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
848 #ifndef OPENSSL_NO_DEPRECATED_3_0
849 static int AES_ige_128_encrypt_loop(void *args)
851 loopargs_t *tempargs = *(loopargs_t **) args;
852 unsigned char *buf = tempargs->buf;
853 unsigned char *buf2 = tempargs->buf2;
855 for (count = 0; COND(c[D_IGE_128_AES][testnum]); count++)
856 AES_ige_encrypt(buf, buf2,
857 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
861 static int AES_ige_192_encrypt_loop(void *args)
863 loopargs_t *tempargs = *(loopargs_t **) args;
864 unsigned char *buf = tempargs->buf;
865 unsigned char *buf2 = tempargs->buf2;
867 for (count = 0; COND(c[D_IGE_192_AES][testnum]); count++)
868 AES_ige_encrypt(buf, buf2,
869 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
873 static int AES_ige_256_encrypt_loop(void *args)
875 loopargs_t *tempargs = *(loopargs_t **) args;
876 unsigned char *buf = tempargs->buf;
877 unsigned char *buf2 = tempargs->buf2;
879 for (count = 0; COND(c[D_IGE_256_AES][testnum]); count++)
880 AES_ige_encrypt(buf, buf2,
881 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
886 static int CRYPTO_gcm128_aad_loop(void *args)
888 loopargs_t *tempargs = *(loopargs_t **) args;
889 unsigned char *buf = tempargs->buf;
890 GCM128_CONTEXT *gcm_ctx = tempargs->gcm_ctx;
892 for (count = 0; COND(c[D_GHASH][testnum]); count++)
893 CRYPTO_gcm128_aad(gcm_ctx, buf, lengths[testnum]);
897 static int RAND_bytes_loop(void *args)
899 loopargs_t *tempargs = *(loopargs_t **) args;
900 unsigned char *buf = tempargs->buf;
903 for (count = 0; COND(c[D_RAND][testnum]); count++)
904 RAND_bytes(buf, lengths[testnum]);
908 static long save_count = 0;
909 static int decrypt = 0;
910 static int EVP_Update_loop(void *args)
912 loopargs_t *tempargs = *(loopargs_t **) args;
913 unsigned char *buf = tempargs->buf;
914 EVP_CIPHER_CTX *ctx = tempargs->ctx;
917 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
920 for (count = 0; COND(nb_iter); count++) {
921 rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
923 /* reset iv in case of counter overflow */
924 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
928 for (count = 0; COND(nb_iter); count++) {
929 rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
931 /* reset iv in case of counter overflow */
932 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
937 EVP_DecryptFinal_ex(ctx, buf, &outl);
939 EVP_EncryptFinal_ex(ctx, buf, &outl);
944 * CCM does not support streaming. For the purpose of performance measurement,
945 * each message is encrypted using the same (key,iv)-pair. Do not use this
946 * code in your application.
948 static int EVP_Update_loop_ccm(void *args)
950 loopargs_t *tempargs = *(loopargs_t **) args;
951 unsigned char *buf = tempargs->buf;
952 EVP_CIPHER_CTX *ctx = tempargs->ctx;
954 unsigned char tag[12];
956 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
959 for (count = 0; COND(nb_iter); count++) {
960 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), tag);
962 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
963 /* counter is reset on every update */
964 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
967 for (count = 0; COND(nb_iter); count++) {
968 /* restore iv length field */
969 EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
970 /* counter is reset on every update */
971 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
975 EVP_DecryptFinal_ex(ctx, buf, &outl);
977 EVP_EncryptFinal_ex(ctx, buf, &outl);
982 * To make AEAD benchmarking more relevant perform TLS-like operations,
983 * 13-byte AAD followed by payload. But don't use TLS-formatted AAD, as
984 * payload length is not actually limited by 16KB...
986 static int EVP_Update_loop_aead(void *args)
988 loopargs_t *tempargs = *(loopargs_t **) args;
989 unsigned char *buf = tempargs->buf;
990 EVP_CIPHER_CTX *ctx = tempargs->ctx;
992 unsigned char aad[13] = { 0xcc };
993 unsigned char faketag[16] = { 0xcc };
995 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
998 for (count = 0; COND(nb_iter); count++) {
999 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
1000 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
1001 sizeof(faketag), faketag);
1002 EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1003 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1004 EVP_DecryptFinal_ex(ctx, buf + outl, &outl);
1007 for (count = 0; COND(nb_iter); count++) {
1008 EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv);
1009 EVP_EncryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1010 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1011 EVP_EncryptFinal_ex(ctx, buf + outl, &outl);
1017 static const EVP_MD *evp_md = NULL;
1018 static int EVP_Digest_loop(void *args)
1020 loopargs_t *tempargs = *(loopargs_t **) args;
1021 unsigned char *buf = tempargs->buf;
1022 unsigned char md[EVP_MAX_MD_SIZE];
1025 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1028 for (count = 0; COND(nb_iter); count++) {
1029 if (!EVP_Digest(buf, lengths[testnum], md, NULL, evp_md, NULL))
1035 static const EVP_MD *evp_hmac_md = NULL;
1036 static char *evp_hmac_name = NULL;
1037 static int EVP_HMAC_loop(void *args)
1039 loopargs_t *tempargs = *(loopargs_t **) args;
1040 unsigned char *buf = tempargs->buf;
1041 unsigned char no_key[32];
1044 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1047 for (count = 0; COND(nb_iter); count++) {
1048 if (HMAC(evp_hmac_md, no_key, sizeof(no_key), buf, lengths[testnum],
1049 NULL, NULL) == NULL)
1055 #ifndef OPENSSL_NO_CMAC
1056 static const EVP_CIPHER *evp_cmac_cipher = NULL;
1057 static char *evp_cmac_name = NULL;
1059 static int EVP_CMAC_loop(void *args)
1061 loopargs_t *tempargs = *(loopargs_t **) args;
1062 unsigned char *buf = tempargs->buf;
1063 CMAC_CTX *cmac_ctx = tempargs->cmac_ctx;
1064 static const char key[16] = "This is a key...";
1065 unsigned char mac[16];
1066 size_t len = sizeof(mac);
1069 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1072 for (count = 0; COND(nb_iter); count++) {
1073 if (!CMAC_Init(cmac_ctx, key, sizeof(key), evp_cmac_cipher, NULL)
1074 || !CMAC_Update(cmac_ctx, buf, lengths[testnum])
1075 || !CMAC_Final(cmac_ctx, mac, &len))
1082 #ifndef OPENSSL_NO_RSA
1083 static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */
1085 static int RSA_sign_loop(void *args)
1087 loopargs_t *tempargs = *(loopargs_t **) args;
1088 unsigned char *buf = tempargs->buf;
1089 unsigned char *buf2 = tempargs->buf2;
1090 unsigned int *rsa_num = &tempargs->siglen;
1091 RSA **rsa_key = tempargs->rsa_key;
1093 for (count = 0; COND(rsa_c[testnum][0]); count++) {
1094 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1096 BIO_printf(bio_err, "RSA sign failure\n");
1097 ERR_print_errors(bio_err);
1105 static int RSA_verify_loop(void *args)
1107 loopargs_t *tempargs = *(loopargs_t **) args;
1108 unsigned char *buf = tempargs->buf;
1109 unsigned char *buf2 = tempargs->buf2;
1110 unsigned int rsa_num = tempargs->siglen;
1111 RSA **rsa_key = tempargs->rsa_key;
1113 for (count = 0; COND(rsa_c[testnum][1]); count++) {
1115 RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1117 BIO_printf(bio_err, "RSA verify failure\n");
1118 ERR_print_errors(bio_err);
1127 #ifndef OPENSSL_NO_DSA
1128 static long dsa_c[DSA_NUM][2];
1129 static int DSA_sign_loop(void *args)
1131 loopargs_t *tempargs = *(loopargs_t **) args;
1132 unsigned char *buf = tempargs->buf;
1133 unsigned char *buf2 = tempargs->buf2;
1134 DSA **dsa_key = tempargs->dsa_key;
1135 unsigned int *siglen = &tempargs->siglen;
1137 for (count = 0; COND(dsa_c[testnum][0]); count++) {
1138 ret = DSA_sign(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1140 BIO_printf(bio_err, "DSA sign failure\n");
1141 ERR_print_errors(bio_err);
1149 static int DSA_verify_loop(void *args)
1151 loopargs_t *tempargs = *(loopargs_t **) args;
1152 unsigned char *buf = tempargs->buf;
1153 unsigned char *buf2 = tempargs->buf2;
1154 DSA **dsa_key = tempargs->dsa_key;
1155 unsigned int siglen = tempargs->siglen;
1157 for (count = 0; COND(dsa_c[testnum][1]); count++) {
1158 ret = DSA_verify(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1160 BIO_printf(bio_err, "DSA verify failure\n");
1161 ERR_print_errors(bio_err);
1170 #ifndef OPENSSL_NO_EC
1171 static long ecdsa_c[ECDSA_NUM][2];
1172 static int ECDSA_sign_loop(void *args)
1174 loopargs_t *tempargs = *(loopargs_t **) args;
1175 unsigned char *buf = tempargs->buf;
1176 EC_KEY **ecdsa = tempargs->ecdsa;
1177 unsigned char *ecdsasig = tempargs->buf2;
1178 unsigned int *ecdsasiglen = &tempargs->siglen;
1180 for (count = 0; COND(ecdsa_c[testnum][0]); count++) {
1181 ret = ECDSA_sign(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1183 BIO_printf(bio_err, "ECDSA sign failure\n");
1184 ERR_print_errors(bio_err);
1192 static int ECDSA_verify_loop(void *args)
1194 loopargs_t *tempargs = *(loopargs_t **) args;
1195 unsigned char *buf = tempargs->buf;
1196 EC_KEY **ecdsa = tempargs->ecdsa;
1197 unsigned char *ecdsasig = tempargs->buf2;
1198 unsigned int ecdsasiglen = tempargs->siglen;
1200 for (count = 0; COND(ecdsa_c[testnum][1]); count++) {
1201 ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1203 BIO_printf(bio_err, "ECDSA verify failure\n");
1204 ERR_print_errors(bio_err);
1212 /* ******************************************************************** */
1213 static long ecdh_c[EC_NUM][1];
1215 static int ECDH_EVP_derive_key_loop(void *args)
1217 loopargs_t *tempargs = *(loopargs_t **) args;
1218 EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum];
1219 unsigned char *derived_secret = tempargs->secret_a;
1221 size_t *outlen = &(tempargs->outlen[testnum]);
1223 for (count = 0; COND(ecdh_c[testnum][0]); count++)
1224 EVP_PKEY_derive(ctx, derived_secret, outlen);
1229 static long eddsa_c[EdDSA_NUM][2];
1230 static int EdDSA_sign_loop(void *args)
1232 loopargs_t *tempargs = *(loopargs_t **) args;
1233 unsigned char *buf = tempargs->buf;
1234 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1235 unsigned char *eddsasig = tempargs->buf2;
1236 size_t *eddsasigsize = &tempargs->sigsize;
1239 for (count = 0; COND(eddsa_c[testnum][0]); count++) {
1240 ret = EVP_DigestSign(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1242 BIO_printf(bio_err, "EdDSA sign failure\n");
1243 ERR_print_errors(bio_err);
1251 static int EdDSA_verify_loop(void *args)
1253 loopargs_t *tempargs = *(loopargs_t **) args;
1254 unsigned char *buf = tempargs->buf;
1255 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1256 unsigned char *eddsasig = tempargs->buf2;
1257 size_t eddsasigsize = tempargs->sigsize;
1260 for (count = 0; COND(eddsa_c[testnum][1]); count++) {
1261 ret = EVP_DigestVerify(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1263 BIO_printf(bio_err, "EdDSA verify failure\n");
1264 ERR_print_errors(bio_err);
1272 # ifndef OPENSSL_NO_SM2
1273 static long sm2_c[SM2_NUM][2];
1274 static int SM2_sign_loop(void *args)
1276 loopargs_t *tempargs = *(loopargs_t **) args;
1277 unsigned char *buf = tempargs->buf;
1278 EVP_MD_CTX **sm2ctx = tempargs->sm2_ctx;
1279 unsigned char *sm2sig = tempargs->buf2;
1280 size_t sm2sigsize = tempargs->sigsize;
1281 const size_t max_size = tempargs->sigsize;
1283 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1285 for (count = 0; COND(sm2_c[testnum][0]); count++) {
1286 if (!EVP_DigestSignInit(sm2ctx[testnum], NULL, EVP_sm3(),
1287 NULL, sm2_pkey[testnum])) {
1288 BIO_printf(bio_err, "SM2 init sign failure\n");
1289 ERR_print_errors(bio_err);
1293 ret = EVP_DigestSign(sm2ctx[testnum], sm2sig, &sm2sigsize,
1296 BIO_printf(bio_err, "SM2 sign failure\n");
1297 ERR_print_errors(bio_err);
1301 /* update the latest returned size and always use the fixed buffer size */
1302 tempargs->sigsize = sm2sigsize;
1303 sm2sigsize = max_size;
1309 static int SM2_verify_loop(void *args)
1311 loopargs_t *tempargs = *(loopargs_t **) args;
1312 unsigned char *buf = tempargs->buf;
1313 EVP_MD_CTX **sm2ctx = tempargs->sm2_vfy_ctx;
1314 unsigned char *sm2sig = tempargs->buf2;
1315 size_t sm2sigsize = tempargs->sigsize;
1317 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1319 for (count = 0; COND(sm2_c[testnum][1]); count++) {
1320 if (!EVP_DigestVerifyInit(sm2ctx[testnum], NULL, EVP_sm3(),
1321 NULL, sm2_pkey[testnum])) {
1322 BIO_printf(bio_err, "SM2 verify init failure\n");
1323 ERR_print_errors(bio_err);
1327 ret = EVP_DigestVerify(sm2ctx[testnum], sm2sig, sm2sigsize,
1330 BIO_printf(bio_err, "SM2 verify failure\n");
1331 ERR_print_errors(bio_err);
1338 # endif /* OPENSSL_NO_SM2 */
1339 #endif /* OPENSSL_NO_EC */
1341 static int run_benchmark(int async_jobs,
1342 int (*loop_function) (void *), loopargs_t * loopargs)
1344 int job_op_count = 0;
1345 int total_op_count = 0;
1346 int num_inprogress = 0;
1347 int error = 0, i = 0, ret = 0;
1348 OSSL_ASYNC_FD job_fd = 0;
1349 size_t num_job_fds = 0;
1353 if (async_jobs == 0) {
1354 return loop_function((void *)&loopargs);
1357 for (i = 0; i < async_jobs && !error; i++) {
1358 loopargs_t *looparg_item = loopargs + i;
1360 /* Copy pointer content (looparg_t item address) into async context */
1361 ret = ASYNC_start_job(&loopargs[i].inprogress_job, loopargs[i].wait_ctx,
1362 &job_op_count, loop_function,
1363 (void *)&looparg_item, sizeof(looparg_item));
1369 if (job_op_count == -1) {
1372 total_op_count += job_op_count;
1377 BIO_printf(bio_err, "Failure in the job\n");
1378 ERR_print_errors(bio_err);
1384 while (num_inprogress > 0) {
1385 #if defined(OPENSSL_SYS_WINDOWS)
1387 #elif defined(OPENSSL_SYS_UNIX)
1388 int select_result = 0;
1389 OSSL_ASYNC_FD max_fd = 0;
1392 FD_ZERO(&waitfdset);
1394 for (i = 0; i < async_jobs && num_inprogress > 0; i++) {
1395 if (loopargs[i].inprogress_job == NULL)
1398 if (!ASYNC_WAIT_CTX_get_all_fds
1399 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1400 || num_job_fds > 1) {
1401 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1402 ERR_print_errors(bio_err);
1406 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1408 FD_SET(job_fd, &waitfdset);
1409 if (job_fd > max_fd)
1413 if (max_fd >= (OSSL_ASYNC_FD)FD_SETSIZE) {
1415 "Error: max_fd (%d) must be smaller than FD_SETSIZE (%d). "
1416 "Decrease the value of async_jobs\n",
1417 max_fd, FD_SETSIZE);
1418 ERR_print_errors(bio_err);
1423 select_result = select(max_fd + 1, &waitfdset, NULL, NULL, NULL);
1424 if (select_result == -1 && errno == EINTR)
1427 if (select_result == -1) {
1428 BIO_printf(bio_err, "Failure in the select\n");
1429 ERR_print_errors(bio_err);
1434 if (select_result == 0)
1438 for (i = 0; i < async_jobs; i++) {
1439 if (loopargs[i].inprogress_job == NULL)
1442 if (!ASYNC_WAIT_CTX_get_all_fds
1443 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1444 || num_job_fds > 1) {
1445 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1446 ERR_print_errors(bio_err);
1450 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1453 #if defined(OPENSSL_SYS_UNIX)
1454 if (num_job_fds == 1 && !FD_ISSET(job_fd, &waitfdset))
1456 #elif defined(OPENSSL_SYS_WINDOWS)
1457 if (num_job_fds == 1
1458 && !PeekNamedPipe(job_fd, NULL, 0, NULL, &avail, NULL)
1463 ret = ASYNC_start_job(&loopargs[i].inprogress_job,
1464 loopargs[i].wait_ctx, &job_op_count,
1465 loop_function, (void *)(loopargs + i),
1466 sizeof(loopargs_t));
1471 if (job_op_count == -1) {
1474 total_op_count += job_op_count;
1477 loopargs[i].inprogress_job = NULL;
1482 loopargs[i].inprogress_job = NULL;
1483 BIO_printf(bio_err, "Failure in the job\n");
1484 ERR_print_errors(bio_err);
1491 return error ? -1 : total_op_count;
1494 int speed_main(int argc, char **argv)
1497 loopargs_t *loopargs = NULL;
1499 const char *engine_id = NULL;
1500 const EVP_CIPHER *evp_cipher = NULL;
1503 int async_init = 0, multiblock = 0, pr_header = 0;
1504 int doit[ALGOR_NUM] = { 0 };
1505 int ret = 1, misalign = 0, lengths_single = 0, aead = 0;
1507 unsigned int size_num = OSSL_NELEM(lengths_list);
1508 unsigned int i, k, loop, loopargs_len = 0, async_jobs = 0;
1514 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) \
1515 || !defined(OPENSSL_NO_EC)
1518 openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS,
1519 ECDSA_SECONDS, ECDH_SECONDS,
1520 EdDSA_SECONDS, SM2_SECONDS };
1522 /* What follows are the buffers and key material. */
1523 #ifndef OPENSSL_NO_RC5
1526 #ifndef OPENSSL_NO_RC2
1529 #ifndef OPENSSL_NO_IDEA
1530 IDEA_KEY_SCHEDULE idea_ks;
1532 #ifndef OPENSSL_NO_SEED
1533 SEED_KEY_SCHEDULE seed_ks;
1535 #ifndef OPENSSL_NO_BF
1538 #ifndef OPENSSL_NO_CAST
1541 static const unsigned char key16[16] = {
1542 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1543 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1545 static const unsigned char key24[24] = {
1546 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1547 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1548 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1550 static const unsigned char key32[32] = {
1551 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1552 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1553 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1554 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1556 #ifndef OPENSSL_NO_CAMELLIA
1557 static const unsigned char ckey24[24] = {
1558 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1559 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1560 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1562 static const unsigned char ckey32[32] = {
1563 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1564 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1565 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1566 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1568 CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3;
1570 #ifndef OPENSSL_NO_DES
1571 static DES_cblock key = {
1572 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0
1574 static DES_cblock key2 = {
1575 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1577 static DES_cblock key3 = {
1578 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1581 #ifndef OPENSSL_NO_RSA
1582 static const unsigned int rsa_bits[RSA_NUM] = {
1583 512, 1024, 2048, 3072, 4096, 7680, 15360
1585 static const unsigned char *rsa_data[RSA_NUM] = {
1586 test512, test1024, test2048, test3072, test4096, test7680, test15360
1588 static const int rsa_data_length[RSA_NUM] = {
1589 sizeof(test512), sizeof(test1024),
1590 sizeof(test2048), sizeof(test3072),
1591 sizeof(test4096), sizeof(test7680),
1594 int rsa_doit[RSA_NUM] = { 0 };
1595 int primes = RSA_DEFAULT_PRIME_NUM;
1597 #ifndef OPENSSL_NO_DSA
1598 static const unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 };
1599 int dsa_doit[DSA_NUM] = { 0 };
1601 #ifndef OPENSSL_NO_EC
1603 * We only test over the following curves as they are representative, To
1604 * add tests over more curves, simply add the curve NID and curve name to
1605 * the following arrays and increase the |ecdh_choices| list accordingly.
1607 static const struct {
1613 {"secp160r1", NID_secp160r1, 160},
1614 {"nistp192", NID_X9_62_prime192v1, 192},
1615 {"nistp224", NID_secp224r1, 224},
1616 {"nistp256", NID_X9_62_prime256v1, 256},
1617 {"nistp384", NID_secp384r1, 384},
1618 {"nistp521", NID_secp521r1, 521},
1619 # ifndef OPENSSL_NO_EC2M
1621 {"nistk163", NID_sect163k1, 163},
1622 {"nistk233", NID_sect233k1, 233},
1623 {"nistk283", NID_sect283k1, 283},
1624 {"nistk409", NID_sect409k1, 409},
1625 {"nistk571", NID_sect571k1, 571},
1626 {"nistb163", NID_sect163r2, 163},
1627 {"nistb233", NID_sect233r1, 233},
1628 {"nistb283", NID_sect283r1, 283},
1629 {"nistb409", NID_sect409r1, 409},
1630 {"nistb571", NID_sect571r1, 571},
1632 {"brainpoolP256r1", NID_brainpoolP256r1, 256},
1633 {"brainpoolP256t1", NID_brainpoolP256t1, 256},
1634 {"brainpoolP384r1", NID_brainpoolP384r1, 384},
1635 {"brainpoolP384t1", NID_brainpoolP384t1, 384},
1636 {"brainpoolP512r1", NID_brainpoolP512r1, 512},
1637 {"brainpoolP512t1", NID_brainpoolP512t1, 512},
1638 /* Other and ECDH only ones */
1639 {"X25519", NID_X25519, 253},
1640 {"X448", NID_X448, 448}
1642 static const struct {
1647 } test_ed_curves[] = {
1649 {"Ed25519", NID_ED25519, 253, 64},
1650 {"Ed448", NID_ED448, 456, 114}
1652 # ifndef OPENSSL_NO_SM2
1653 static const struct {
1657 } test_sm2_curves[] = {
1659 {"CurveSM2", NID_sm2, 256}
1662 int ecdsa_doit[ECDSA_NUM] = { 0 };
1663 int ecdh_doit[EC_NUM] = { 0 };
1664 int eddsa_doit[EdDSA_NUM] = { 0 };
1665 # ifndef OPENSSL_NO_SM2
1666 int sm2_doit[SM2_NUM] = { 0 };
1668 OPENSSL_assert(OSSL_NELEM(test_curves) >= EC_NUM);
1669 OPENSSL_assert(OSSL_NELEM(test_ed_curves) >= EdDSA_NUM);
1670 # ifndef OPENSSL_NO_SM2
1671 OPENSSL_assert(OSSL_NELEM(test_sm2_curves) >= SM2_NUM);
1673 #endif /* ndef OPENSSL_NO_EC */
1675 prog = opt_init(argc, argv, speed_options);
1676 while ((o = opt_next()) != OPT_EOF) {
1681 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
1684 opt_help(speed_options);
1692 evp_cipher = EVP_get_cipherbyname(opt_arg());
1693 if (evp_cipher == NULL)
1694 evp_md = EVP_get_digestbyname(opt_arg());
1695 if (evp_cipher == NULL && evp_md == NULL) {
1697 "%s: %s is an unknown cipher or digest\n",
1704 evp_hmac_md = EVP_get_digestbyname(opt_arg());
1705 if (evp_hmac_md == NULL) {
1706 BIO_printf(bio_err, "%s: %s is an unknown digest\n",
1710 doit[D_EVP_HMAC] = 1;
1713 #ifndef OPENSSL_NO_CMAC
1714 evp_cmac_cipher = EVP_get_cipherbyname(opt_arg());
1715 if (evp_cmac_cipher == NULL) {
1716 BIO_printf(bio_err, "%s: %s is an unknown cipher\n",
1720 doit[D_EVP_CMAC] = 1;
1728 * In a forked execution, an engine might need to be
1729 * initialised by each child process, not by the parent.
1730 * So store the name here and run setup_engine() later on.
1732 engine_id = opt_arg();
1736 multi = atoi(opt_arg());
1740 #ifndef OPENSSL_NO_ASYNC
1741 async_jobs = atoi(opt_arg());
1742 if (!ASYNC_is_capable()) {
1744 "%s: async_jobs specified but async not supported\n",
1748 if (async_jobs > 99999) {
1749 BIO_printf(bio_err, "%s: too many async_jobs\n", prog);
1755 if (!opt_int(opt_arg(), &misalign))
1757 if (misalign > MISALIGN) {
1759 "%s: Maximum offset is %d\n", prog, MISALIGN);
1768 #ifdef OPENSSL_NO_MULTIBLOCK
1770 "%s: -mb specified but multi-block support is disabled\n",
1780 if (!opt_int(opt_arg(), &primes))
1784 seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa
1785 = seconds.ecdh = seconds.eddsa
1786 = seconds.sm2 = atoi(opt_arg());
1789 lengths_single = atoi(opt_arg());
1790 lengths = &lengths_single;
1798 argc = opt_num_rest();
1801 /* Remaining arguments are algorithms. */
1802 for (; *argv; argv++) {
1803 if (found(*argv, doit_choices, &i)) {
1807 #ifndef OPENSSL_NO_DES
1808 if (strcmp(*argv, "des") == 0) {
1809 doit[D_CBC_DES] = doit[D_EDE3_DES] = 1;
1813 if (strcmp(*argv, "sha") == 0) {
1814 doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1;
1817 #ifndef OPENSSL_NO_RSA
1818 if (strcmp(*argv, "openssl") == 0)
1820 if (strcmp(*argv, "rsa") == 0) {
1821 for (loop = 0; loop < OSSL_NELEM(rsa_doit); loop++)
1825 if (found(*argv, rsa_choices, &i)) {
1830 #ifndef OPENSSL_NO_DSA
1831 if (strcmp(*argv, "dsa") == 0) {
1832 dsa_doit[R_DSA_512] = dsa_doit[R_DSA_1024] =
1833 dsa_doit[R_DSA_2048] = 1;
1836 if (found(*argv, dsa_choices, &i)) {
1841 if (strcmp(*argv, "aes") == 0) {
1842 doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1;
1845 #ifndef OPENSSL_NO_CAMELLIA
1846 if (strcmp(*argv, "camellia") == 0) {
1847 doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1;
1851 #ifndef OPENSSL_NO_EC
1852 if (strcmp(*argv, "ecdsa") == 0) {
1853 for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
1854 ecdsa_doit[loop] = 1;
1857 if (found(*argv, ecdsa_choices, &i)) {
1861 if (strcmp(*argv, "ecdh") == 0) {
1862 for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
1863 ecdh_doit[loop] = 1;
1866 if (found(*argv, ecdh_choices, &i)) {
1870 if (strcmp(*argv, "eddsa") == 0) {
1871 for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
1872 eddsa_doit[loop] = 1;
1875 if (found(*argv, eddsa_choices, &i)) {
1879 # ifndef OPENSSL_NO_SM2
1880 if (strcmp(*argv, "sm2") == 0) {
1881 for (loop = 0; loop < OSSL_NELEM(sm2_doit); loop++)
1885 if (found(*argv, sm2_choices, &i)) {
1891 BIO_printf(bio_err, "%s: Unknown algorithm %s\n", prog, *argv);
1897 if (evp_cipher == NULL) {
1898 BIO_printf(bio_err, "-aead can be used only with an AEAD cipher\n");
1900 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1901 EVP_CIPH_FLAG_AEAD_CIPHER)) {
1902 BIO_printf(bio_err, "%s is not an AEAD cipher\n",
1903 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1908 if (evp_cipher == NULL) {
1909 BIO_printf(bio_err,"-mb can be used only with a multi-block"
1910 " capable cipher\n");
1912 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1913 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
1914 BIO_printf(bio_err, "%s is not a multi-block capable\n",
1915 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1917 } else if (async_jobs > 0) {
1918 BIO_printf(bio_err, "Async mode is not supported with -mb");
1923 /* Initialize the job pool if async mode is enabled */
1924 if (async_jobs > 0) {
1925 async_init = ASYNC_init_thread(async_jobs, async_jobs);
1927 BIO_printf(bio_err, "Error creating the ASYNC job pool\n");
1932 loopargs_len = (async_jobs == 0 ? 1 : async_jobs);
1934 app_malloc(loopargs_len * sizeof(loopargs_t), "array of loopargs");
1935 memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));
1937 for (i = 0; i < loopargs_len; i++) {
1938 if (async_jobs > 0) {
1939 loopargs[i].wait_ctx = ASYNC_WAIT_CTX_new();
1940 if (loopargs[i].wait_ctx == NULL) {
1941 BIO_printf(bio_err, "Error creating the ASYNC_WAIT_CTX\n");
1946 buflen = lengths[size_num - 1];
1947 if (buflen < 36) /* size of random vector in RSA benchmark */
1949 buflen += MAX_MISALIGNMENT + 1;
1950 loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
1951 loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");
1952 memset(loopargs[i].buf_malloc, 0, buflen);
1953 memset(loopargs[i].buf2_malloc, 0, buflen);
1955 /* Align the start of buffers on a 64 byte boundary */
1956 loopargs[i].buf = loopargs[i].buf_malloc + misalign;
1957 loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;
1958 #ifndef OPENSSL_NO_EC
1959 loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a");
1960 loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b");
1965 if (multi && do_multi(multi, size_num))
1969 /* Initialize the engine after the fork */
1970 e = setup_engine(engine_id, 0);
1972 /* No parameters; turn on everything. */
1973 if (argc == 0 && !doit[D_EVP] && !doit[D_EVP_HMAC] && !doit[D_EVP_CMAC]) {
1974 for (i = 0; i < ALGOR_NUM; i++)
1975 if (i != D_EVP && i != D_EVP_HMAC && i != D_EVP_CMAC)
1977 #ifndef OPENSSL_NO_RSA
1978 for (i = 0; i < RSA_NUM; i++)
1981 #ifndef OPENSSL_NO_DSA
1982 for (i = 0; i < DSA_NUM; i++)
1985 #ifndef OPENSSL_NO_EC
1986 for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
1987 ecdsa_doit[loop] = 1;
1988 for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
1989 ecdh_doit[loop] = 1;
1990 for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
1991 eddsa_doit[loop] = 1;
1992 # ifndef OPENSSL_NO_SM2
1993 for (loop = 0; loop < OSSL_NELEM(sm2_doit); loop++)
1998 for (i = 0; i < ALGOR_NUM; i++)
2002 if (usertime == 0 && !mr)
2004 "You have chosen to measure elapsed time "
2005 "instead of user CPU time.\n");
2007 #ifndef OPENSSL_NO_RSA
2008 for (i = 0; i < loopargs_len; i++) {
2009 if (primes > RSA_DEFAULT_PRIME_NUM) {
2010 /* for multi-prime RSA, skip this */
2013 for (k = 0; k < RSA_NUM; k++) {
2014 const unsigned char *p;
2017 loopargs[i].rsa_key[k] =
2018 d2i_RSAPrivateKey(NULL, &p, rsa_data_length[k]);
2019 if (loopargs[i].rsa_key[k] == NULL) {
2021 "internal error loading RSA key number %d\n", k);
2027 #ifndef OPENSSL_NO_DSA
2028 for (i = 0; i < loopargs_len; i++) {
2029 loopargs[i].dsa_key[0] = get_dsa(512);
2030 loopargs[i].dsa_key[1] = get_dsa(1024);
2031 loopargs[i].dsa_key[2] = get_dsa(2048);
2034 #ifndef OPENSSL_NO_DES
2035 DES_set_key_unchecked(&key, &sch);
2036 DES_set_key_unchecked(&key2, &sch2);
2037 DES_set_key_unchecked(&key3, &sch3);
2039 AES_set_encrypt_key(key16, 128, &aes_ks1);
2040 AES_set_encrypt_key(key24, 192, &aes_ks2);
2041 AES_set_encrypt_key(key32, 256, &aes_ks3);
2042 #ifndef OPENSSL_NO_CAMELLIA
2043 Camellia_set_key(key16, 128, &camellia_ks1);
2044 Camellia_set_key(ckey24, 192, &camellia_ks2);
2045 Camellia_set_key(ckey32, 256, &camellia_ks3);
2047 #ifndef OPENSSL_NO_IDEA
2048 IDEA_set_encrypt_key(key16, &idea_ks);
2050 #ifndef OPENSSL_NO_SEED
2051 SEED_set_key(key16, &seed_ks);
2053 #ifndef OPENSSL_NO_RC4
2054 RC4_set_key(&rc4_ks, 16, key16);
2056 #ifndef OPENSSL_NO_RC2
2057 RC2_set_key(&rc2_ks, 16, key16, 128);
2059 #ifndef OPENSSL_NO_RC5
2060 if (!RC5_32_set_key(&rc5_ks, 16, key16, 12)) {
2061 BIO_printf(bio_err, "Failed setting RC5 key\n");
2065 #ifndef OPENSSL_NO_BF
2066 BF_set_key(&bf_ks, 16, key16);
2068 #ifndef OPENSSL_NO_CAST
2069 CAST_set_key(&cast_ks, 16, key16);
2072 # ifndef OPENSSL_NO_DES
2073 BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
2079 for (it = count; it; it--)
2080 DES_ecb_encrypt((DES_cblock *)loopargs[0].buf,
2081 (DES_cblock *)loopargs[0].buf, &sch, DES_ENCRYPT);
2085 c[D_MD2][0] = count / 10;
2086 c[D_MDC2][0] = count / 10;
2087 c[D_MD4][0] = count;
2088 c[D_MD5][0] = count;
2089 c[D_HMAC][0] = count;
2090 c[D_SHA1][0] = count;
2091 c[D_RMD160][0] = count;
2092 c[D_RC4][0] = count * 5;
2093 c[D_CBC_DES][0] = count;
2094 c[D_EDE3_DES][0] = count / 3;
2095 c[D_CBC_IDEA][0] = count;
2096 c[D_CBC_SEED][0] = count;
2097 c[D_CBC_RC2][0] = count;
2098 c[D_CBC_RC5][0] = count;
2099 c[D_CBC_BF][0] = count;
2100 c[D_CBC_CAST][0] = count;
2101 c[D_CBC_128_AES][0] = count;
2102 c[D_CBC_192_AES][0] = count;
2103 c[D_CBC_256_AES][0] = count;
2104 c[D_CBC_128_CML][0] = count;
2105 c[D_CBC_192_CML][0] = count;
2106 c[D_CBC_256_CML][0] = count;
2107 c[D_SHA256][0] = count;
2108 c[D_SHA512][0] = count;
2109 c[D_WHIRLPOOL][0] = count;
2110 c[D_IGE_128_AES][0] = count;
2111 c[D_IGE_192_AES][0] = count;
2112 c[D_IGE_256_AES][0] = count;
2113 c[D_GHASH][0] = count;
2114 c[D_RAND][0] = count;
2116 for (i = 1; i < size_num; i++) {
2119 l0 = (long)lengths[0];
2120 l1 = (long)lengths[i];
2122 c[D_MD2][i] = c[D_MD2][0] * 4 * l0 / l1;
2123 c[D_MDC2][i] = c[D_MDC2][0] * 4 * l0 / l1;
2124 c[D_MD4][i] = c[D_MD4][0] * 4 * l0 / l1;
2125 c[D_MD5][i] = c[D_MD5][0] * 4 * l0 / l1;
2126 c[D_HMAC][i] = c[D_HMAC][0] * 4 * l0 / l1;
2127 c[D_SHA1][i] = c[D_SHA1][0] * 4 * l0 / l1;
2128 c[D_RMD160][i] = c[D_RMD160][0] * 4 * l0 / l1;
2129 c[D_SHA256][i] = c[D_SHA256][0] * 4 * l0 / l1;
2130 c[D_SHA512][i] = c[D_SHA512][0] * 4 * l0 / l1;
2131 c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * l0 / l1;
2132 c[D_GHASH][i] = c[D_GHASH][0] * 4 * l0 / l1;
2133 c[D_RAND][i] = c[D_RAND][0] * 4 * l0 / l1;
2135 l0 = (long)lengths[i - 1];
2137 c[D_RC4][i] = c[D_RC4][i - 1] * l0 / l1;
2138 c[D_CBC_DES][i] = c[D_CBC_DES][i - 1] * l0 / l1;
2139 c[D_EDE3_DES][i] = c[D_EDE3_DES][i - 1] * l0 / l1;
2140 c[D_CBC_IDEA][i] = c[D_CBC_IDEA][i - 1] * l0 / l1;
2141 c[D_CBC_SEED][i] = c[D_CBC_SEED][i - 1] * l0 / l1;
2142 c[D_CBC_RC2][i] = c[D_CBC_RC2][i - 1] * l0 / l1;
2143 c[D_CBC_RC5][i] = c[D_CBC_RC5][i - 1] * l0 / l1;
2144 c[D_CBC_BF][i] = c[D_CBC_BF][i - 1] * l0 / l1;
2145 c[D_CBC_CAST][i] = c[D_CBC_CAST][i - 1] * l0 / l1;
2146 c[D_CBC_128_AES][i] = c[D_CBC_128_AES][i - 1] * l0 / l1;
2147 c[D_CBC_192_AES][i] = c[D_CBC_192_AES][i - 1] * l0 / l1;
2148 c[D_CBC_256_AES][i] = c[D_CBC_256_AES][i - 1] * l0 / l1;
2149 c[D_CBC_128_CML][i] = c[D_CBC_128_CML][i - 1] * l0 / l1;
2150 c[D_CBC_192_CML][i] = c[D_CBC_192_CML][i - 1] * l0 / l1;
2151 c[D_CBC_256_CML][i] = c[D_CBC_256_CML][i - 1] * l0 / l1;
2152 c[D_IGE_128_AES][i] = c[D_IGE_128_AES][i - 1] * l0 / l1;
2153 c[D_IGE_192_AES][i] = c[D_IGE_192_AES][i - 1] * l0 / l1;
2154 c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
2157 # ifndef OPENSSL_NO_RSA
2158 rsa_c[R_RSA_512][0] = count / 2000;
2159 rsa_c[R_RSA_512][1] = count / 400;
2160 for (i = 1; i < RSA_NUM; i++) {
2161 rsa_c[i][0] = rsa_c[i - 1][0] / 8;
2162 rsa_c[i][1] = rsa_c[i - 1][1] / 4;
2163 if (rsa_doit[i] <= 1 && rsa_c[i][0] == 0)
2166 if (rsa_c[i][0] == 0) {
2167 rsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2174 # ifndef OPENSSL_NO_DSA
2175 dsa_c[R_DSA_512][0] = count / 1000;
2176 dsa_c[R_DSA_512][1] = count / 1000 / 2;
2177 for (i = 1; i < DSA_NUM; i++) {
2178 dsa_c[i][0] = dsa_c[i - 1][0] / 4;
2179 dsa_c[i][1] = dsa_c[i - 1][1] / 4;
2180 if (dsa_doit[i] <= 1 && dsa_c[i][0] == 0)
2183 if (dsa_c[i][0] == 0) {
2184 dsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2191 # ifndef OPENSSL_NO_EC
2192 ecdsa_c[R_EC_P160][0] = count / 1000;
2193 ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
2194 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2195 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2196 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2197 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2200 if (ecdsa_c[i][0] == 0) {
2206 # ifndef OPENSSL_NO_EC2M
2207 ecdsa_c[R_EC_K163][0] = count / 1000;
2208 ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
2209 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2210 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2211 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2212 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2215 if (ecdsa_c[i][0] == 0) {
2221 ecdsa_c[R_EC_B163][0] = count / 1000;
2222 ecdsa_c[R_EC_B163][1] = count / 1000 / 2;
2223 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2224 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2225 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2226 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2229 if (ecdsa_c[i][0] == 0) {
2237 ecdh_c[R_EC_P160][0] = count / 1000;
2238 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2239 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2240 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2243 if (ecdh_c[i][0] == 0) {
2248 # ifndef OPENSSL_NO_EC2M
2249 ecdh_c[R_EC_K163][0] = count / 1000;
2250 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2251 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2252 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2255 if (ecdh_c[i][0] == 0) {
2260 ecdh_c[R_EC_B163][0] = count / 1000;
2261 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2262 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2263 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2266 if (ecdh_c[i][0] == 0) {
2272 /* repeated code good to factorize */
2273 ecdh_c[R_EC_BRP256R1][0] = count / 1000;
2274 for (i = R_EC_BRP384R1; i <= R_EC_BRP512R1; i += 2) {
2275 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2276 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2279 if (ecdh_c[i][0] == 0) {
2284 ecdh_c[R_EC_BRP256T1][0] = count / 1000;
2285 for (i = R_EC_BRP384T1; i <= R_EC_BRP512T1; i += 2) {
2286 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2287 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2290 if (ecdh_c[i][0] == 0) {
2295 /* default iteration count for the last two EC Curves */
2296 ecdh_c[R_EC_X25519][0] = count / 1800;
2297 ecdh_c[R_EC_X448][0] = count / 7200;
2299 eddsa_c[R_EC_Ed25519][0] = count / 1800;
2300 eddsa_c[R_EC_Ed448][0] = count / 7200;
2302 # ifndef OPENSSL_NO_SM2
2303 sm2_c[R_EC_SM2P256][0] = count / 1800;
2308 /* not worth fixing */
2309 # error "You cannot disable DES on systems without SIGALRM."
2310 # endif /* OPENSSL_NO_DES */
2312 signal(SIGALRM, alarmed);
2313 #endif /* SIGALRM */
2315 #ifndef OPENSSL_NO_MD2
2317 for (testnum = 0; testnum < size_num; testnum++) {
2318 print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum],
2321 count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs);
2323 print_result(D_MD2, testnum, count, d);
2327 #ifndef OPENSSL_NO_MDC2
2329 for (testnum = 0; testnum < size_num; testnum++) {
2330 print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum],
2333 count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs);
2335 print_result(D_MDC2, testnum, count, d);
2342 #ifndef OPENSSL_NO_MD4
2344 for (testnum = 0; testnum < size_num; testnum++) {
2345 print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum],
2348 count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs);
2350 print_result(D_MD4, testnum, count, d);
2357 #ifndef OPENSSL_NO_MD5
2359 for (testnum = 0; testnum < size_num; testnum++) {
2360 print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum],
2363 count = run_benchmark(async_jobs, MD5_loop, loopargs);
2365 print_result(D_MD5, testnum, count, d);
2370 static const char hmac_key[] = "This is a key...";
2371 int len = strlen(hmac_key);
2373 for (i = 0; i < loopargs_len; i++) {
2374 loopargs[i].hctx = HMAC_CTX_new();
2375 if (loopargs[i].hctx == NULL) {
2376 BIO_printf(bio_err, "HMAC malloc failure, exiting...");
2380 HMAC_Init_ex(loopargs[i].hctx, hmac_key, len, EVP_md5(), NULL);
2382 for (testnum = 0; testnum < size_num; testnum++) {
2383 print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum],
2386 count = run_benchmark(async_jobs, HMAC_loop, loopargs);
2388 print_result(D_HMAC, testnum, count, d);
2390 for (i = 0; i < loopargs_len; i++) {
2391 HMAC_CTX_free(loopargs[i].hctx);
2396 for (testnum = 0; testnum < size_num; testnum++) {
2397 print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum],
2400 count = run_benchmark(async_jobs, SHA1_loop, loopargs);
2402 print_result(D_SHA1, testnum, count, d);
2405 if (doit[D_SHA256]) {
2406 for (testnum = 0; testnum < size_num; testnum++) {
2407 print_message(names[D_SHA256], c[D_SHA256][testnum],
2408 lengths[testnum], seconds.sym);
2410 count = run_benchmark(async_jobs, SHA256_loop, loopargs);
2412 print_result(D_SHA256, testnum, count, d);
2415 if (doit[D_SHA512]) {
2416 for (testnum = 0; testnum < size_num; testnum++) {
2417 print_message(names[D_SHA512], c[D_SHA512][testnum],
2418 lengths[testnum], seconds.sym);
2420 count = run_benchmark(async_jobs, SHA512_loop, loopargs);
2422 print_result(D_SHA512, testnum, count, d);
2425 #ifndef OPENSSL_NO_WHIRLPOOL
2426 if (doit[D_WHIRLPOOL]) {
2427 for (testnum = 0; testnum < size_num; testnum++) {
2428 print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][testnum],
2429 lengths[testnum], seconds.sym);
2431 count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs);
2433 print_result(D_WHIRLPOOL, testnum, count, d);
2438 #ifndef OPENSSL_NO_RMD160
2439 if (doit[D_RMD160]) {
2440 for (testnum = 0; testnum < size_num; testnum++) {
2441 print_message(names[D_RMD160], c[D_RMD160][testnum],
2442 lengths[testnum], seconds.sym);
2444 count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs);
2446 print_result(D_RMD160, testnum, count, d);
2452 #ifndef OPENSSL_NO_RC4
2454 for (testnum = 0; testnum < size_num; testnum++) {
2455 print_message(names[D_RC4], c[D_RC4][testnum], lengths[testnum],
2458 count = run_benchmark(async_jobs, RC4_loop, loopargs);
2460 print_result(D_RC4, testnum, count, d);
2464 #ifndef OPENSSL_NO_DES
2465 if (doit[D_CBC_DES]) {
2466 for (testnum = 0; testnum < size_num; testnum++) {
2467 print_message(names[D_CBC_DES], c[D_CBC_DES][testnum],
2468 lengths[testnum], seconds.sym);
2470 count = run_benchmark(async_jobs, DES_ncbc_encrypt_loop, loopargs);
2472 print_result(D_CBC_DES, testnum, count, d);
2476 if (doit[D_EDE3_DES]) {
2477 for (testnum = 0; testnum < size_num; testnum++) {
2478 print_message(names[D_EDE3_DES], c[D_EDE3_DES][testnum],
2479 lengths[testnum], seconds.sym);
2482 run_benchmark(async_jobs, DES_ede3_cbc_encrypt_loop, loopargs);
2484 print_result(D_EDE3_DES, testnum, count, d);
2489 if (doit[D_CBC_128_AES]) {
2490 for (testnum = 0; testnum < size_num; testnum++) {
2491 print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][testnum],
2492 lengths[testnum], seconds.sym);
2495 run_benchmark(async_jobs, AES_cbc_128_encrypt_loop, loopargs);
2497 print_result(D_CBC_128_AES, testnum, count, d);
2500 if (doit[D_CBC_192_AES]) {
2501 for (testnum = 0; testnum < size_num; testnum++) {
2502 print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][testnum],
2503 lengths[testnum], seconds.sym);
2506 run_benchmark(async_jobs, AES_cbc_192_encrypt_loop, loopargs);
2508 print_result(D_CBC_192_AES, testnum, count, d);
2511 if (doit[D_CBC_256_AES]) {
2512 for (testnum = 0; testnum < size_num; testnum++) {
2513 print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][testnum],
2514 lengths[testnum], seconds.sym);
2517 run_benchmark(async_jobs, AES_cbc_256_encrypt_loop, loopargs);
2519 print_result(D_CBC_256_AES, testnum, count, d);
2523 #ifndef OPENSSL_NO_DEPRECATED_3_0
2524 if (doit[D_IGE_128_AES]) {
2525 for (testnum = 0; testnum < size_num; testnum++) {
2526 print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][testnum],
2527 lengths[testnum], seconds.sym);
2530 run_benchmark(async_jobs, AES_ige_128_encrypt_loop, loopargs);
2532 print_result(D_IGE_128_AES, testnum, count, d);
2535 if (doit[D_IGE_192_AES]) {
2536 for (testnum = 0; testnum < size_num; testnum++) {
2537 print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][testnum],
2538 lengths[testnum], seconds.sym);
2541 run_benchmark(async_jobs, AES_ige_192_encrypt_loop, loopargs);
2543 print_result(D_IGE_192_AES, testnum, count, d);
2546 if (doit[D_IGE_256_AES]) {
2547 for (testnum = 0; testnum < size_num; testnum++) {
2548 print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][testnum],
2549 lengths[testnum], seconds.sym);
2552 run_benchmark(async_jobs, AES_ige_256_encrypt_loop, loopargs);
2554 print_result(D_IGE_256_AES, testnum, count, d);
2558 if (doit[D_GHASH]) {
2559 for (i = 0; i < loopargs_len; i++) {
2560 loopargs[i].gcm_ctx =
2561 CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
2562 CRYPTO_gcm128_setiv(loopargs[i].gcm_ctx,
2563 (unsigned char *)"0123456789ab", 12);
2566 for (testnum = 0; testnum < size_num; testnum++) {
2567 print_message(names[D_GHASH], c[D_GHASH][testnum],
2568 lengths[testnum], seconds.sym);
2570 count = run_benchmark(async_jobs, CRYPTO_gcm128_aad_loop, loopargs);
2572 print_result(D_GHASH, testnum, count, d);
2574 for (i = 0; i < loopargs_len; i++)
2575 CRYPTO_gcm128_release(loopargs[i].gcm_ctx);
2577 #ifndef OPENSSL_NO_CAMELLIA
2578 if (doit[D_CBC_128_CML]) {
2579 if (async_jobs > 0) {
2580 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2581 names[D_CBC_128_CML]);
2582 doit[D_CBC_128_CML] = 0;
2584 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2585 print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][testnum],
2586 lengths[testnum], seconds.sym);
2588 for (count = 0, run = 1; COND(c[D_CBC_128_CML][testnum]); count++)
2589 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2590 (size_t)lengths[testnum], &camellia_ks1,
2591 iv, CAMELLIA_ENCRYPT);
2593 print_result(D_CBC_128_CML, testnum, count, d);
2596 if (doit[D_CBC_192_CML]) {
2597 if (async_jobs > 0) {
2598 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2599 names[D_CBC_192_CML]);
2600 doit[D_CBC_192_CML] = 0;
2602 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2603 print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][testnum],
2604 lengths[testnum], seconds.sym);
2605 if (async_jobs > 0) {
2606 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2610 for (count = 0, run = 1; COND(c[D_CBC_192_CML][testnum]); count++)
2611 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2612 (size_t)lengths[testnum], &camellia_ks2,
2613 iv, CAMELLIA_ENCRYPT);
2615 print_result(D_CBC_192_CML, testnum, count, d);
2618 if (doit[D_CBC_256_CML]) {
2619 if (async_jobs > 0) {
2620 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2621 names[D_CBC_256_CML]);
2622 doit[D_CBC_256_CML] = 0;
2624 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2625 print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][testnum],
2626 lengths[testnum], seconds.sym);
2628 for (count = 0, run = 1; COND(c[D_CBC_256_CML][testnum]); count++)
2629 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2630 (size_t)lengths[testnum], &camellia_ks3,
2631 iv, CAMELLIA_ENCRYPT);
2633 print_result(D_CBC_256_CML, testnum, count, d);
2637 #ifndef OPENSSL_NO_IDEA
2638 if (doit[D_CBC_IDEA]) {
2639 if (async_jobs > 0) {
2640 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2642 doit[D_CBC_IDEA] = 0;
2644 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2645 print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][testnum],
2646 lengths[testnum], seconds.sym);
2648 for (count = 0, run = 1; COND(c[D_CBC_IDEA][testnum]); count++)
2649 IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2650 (size_t)lengths[testnum], &idea_ks,
2653 print_result(D_CBC_IDEA, testnum, count, d);
2657 #ifndef OPENSSL_NO_SEED
2658 if (doit[D_CBC_SEED]) {
2659 if (async_jobs > 0) {
2660 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2662 doit[D_CBC_SEED] = 0;
2664 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2665 print_message(names[D_CBC_SEED], c[D_CBC_SEED][testnum],
2666 lengths[testnum], seconds.sym);
2668 for (count = 0, run = 1; COND(c[D_CBC_SEED][testnum]); count++)
2669 SEED_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2670 (size_t)lengths[testnum], &seed_ks, iv, 1);
2672 print_result(D_CBC_SEED, testnum, count, d);
2676 #ifndef OPENSSL_NO_RC2
2677 if (doit[D_CBC_RC2]) {
2678 if (async_jobs > 0) {
2679 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2681 doit[D_CBC_RC2] = 0;
2683 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2684 print_message(names[D_CBC_RC2], c[D_CBC_RC2][testnum],
2685 lengths[testnum], seconds.sym);
2686 if (async_jobs > 0) {
2687 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2691 for (count = 0, run = 1; COND(c[D_CBC_RC2][testnum]); count++)
2692 RC2_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2693 (size_t)lengths[testnum], &rc2_ks,
2696 print_result(D_CBC_RC2, testnum, count, d);
2700 #ifndef OPENSSL_NO_RC5
2701 if (doit[D_CBC_RC5]) {
2702 if (async_jobs > 0) {
2703 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2705 doit[D_CBC_RC5] = 0;
2707 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2708 print_message(names[D_CBC_RC5], c[D_CBC_RC5][testnum],
2709 lengths[testnum], seconds.sym);
2710 if (async_jobs > 0) {
2711 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2715 for (count = 0, run = 1; COND(c[D_CBC_RC5][testnum]); count++)
2716 RC5_32_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2717 (size_t)lengths[testnum], &rc5_ks,
2720 print_result(D_CBC_RC5, testnum, count, d);
2724 #ifndef OPENSSL_NO_BF
2725 if (doit[D_CBC_BF]) {
2726 if (async_jobs > 0) {
2727 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2731 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2732 print_message(names[D_CBC_BF], c[D_CBC_BF][testnum],
2733 lengths[testnum], seconds.sym);
2735 for (count = 0, run = 1; COND(c[D_CBC_BF][testnum]); count++)
2736 BF_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2737 (size_t)lengths[testnum], &bf_ks,
2740 print_result(D_CBC_BF, testnum, count, d);
2744 #ifndef OPENSSL_NO_CAST
2745 if (doit[D_CBC_CAST]) {
2746 if (async_jobs > 0) {
2747 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2749 doit[D_CBC_CAST] = 0;
2751 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2752 print_message(names[D_CBC_CAST], c[D_CBC_CAST][testnum],
2753 lengths[testnum], seconds.sym);
2755 for (count = 0, run = 1; COND(c[D_CBC_CAST][testnum]); count++)
2756 CAST_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2757 (size_t)lengths[testnum], &cast_ks,
2760 print_result(D_CBC_CAST, testnum, count, d);
2765 for (testnum = 0; testnum < size_num; testnum++) {
2766 print_message(names[D_RAND], c[D_RAND][testnum], lengths[testnum],
2769 count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs);
2771 print_result(D_RAND, testnum, count, d);
2776 if (evp_cipher != NULL) {
2777 int (*loopfunc)(void *args) = EVP_Update_loop;
2779 if (multiblock && (EVP_CIPHER_flags(evp_cipher) &
2780 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
2781 multiblock_speed(evp_cipher, lengths_single, &seconds);
2786 names[D_EVP] = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
2788 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_CCM_MODE) {
2789 loopfunc = EVP_Update_loop_ccm;
2790 } else if (aead && (EVP_CIPHER_flags(evp_cipher) &
2791 EVP_CIPH_FLAG_AEAD_CIPHER)) {
2792 loopfunc = EVP_Update_loop_aead;
2793 if (lengths == lengths_list) {
2794 lengths = aead_lengths_list;
2795 size_num = OSSL_NELEM(aead_lengths_list);
2799 for (testnum = 0; testnum < size_num; testnum++) {
2800 print_message(names[D_EVP], save_count, lengths[testnum],
2803 for (k = 0; k < loopargs_len; k++) {
2804 loopargs[k].ctx = EVP_CIPHER_CTX_new();
2805 if (loopargs[k].ctx == NULL) {
2806 BIO_printf(bio_err, "\nEVP_CIPHER_CTX_new failure\n");
2809 if (!EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL,
2810 NULL, iv, decrypt ? 0 : 1)) {
2811 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2812 ERR_print_errors(bio_err);
2816 EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
2818 keylen = EVP_CIPHER_CTX_key_length(loopargs[k].ctx);
2819 loopargs[k].key = app_malloc(keylen, "evp_cipher key");
2820 EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key);
2821 if (!EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
2822 loopargs[k].key, NULL, -1)) {
2823 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2824 ERR_print_errors(bio_err);
2827 OPENSSL_clear_free(loopargs[k].key, keylen);
2829 /* SIV mode only allows for a single Update operation */
2830 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_SIV_MODE)
2831 EVP_CIPHER_CTX_ctrl(loopargs[k].ctx, EVP_CTRL_SET_SPEED, 1, NULL);
2835 count = run_benchmark(async_jobs, loopfunc, loopargs);
2837 for (k = 0; k < loopargs_len; k++) {
2838 EVP_CIPHER_CTX_free(loopargs[k].ctx);
2840 print_result(D_EVP, testnum, count, d);
2842 } else if (evp_md != NULL) {
2843 names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md));
2845 for (testnum = 0; testnum < size_num; testnum++) {
2846 print_message(names[D_EVP], save_count, lengths[testnum],
2849 count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs);
2851 print_result(D_EVP, testnum, count, d);
2856 if (doit[D_EVP_HMAC]) {
2857 if (evp_hmac_md != NULL) {
2858 const char *md_name = OBJ_nid2ln(EVP_MD_type(evp_hmac_md));
2859 evp_hmac_name = app_malloc(sizeof("HMAC()") + strlen(md_name),
2861 sprintf(evp_hmac_name, "HMAC(%s)", md_name);
2862 names[D_EVP_HMAC] = evp_hmac_name;
2864 for (testnum = 0; testnum < size_num; testnum++) {
2865 print_message(names[D_EVP_HMAC], save_count, lengths[testnum],
2868 count = run_benchmark(async_jobs, EVP_HMAC_loop, loopargs);
2870 print_result(D_EVP_HMAC, testnum, count, d);
2875 #ifndef OPENSSL_NO_CMAC
2876 if (doit[D_EVP_CMAC]) {
2877 if (evp_cmac_cipher != NULL) {
2878 const char *cipher_name = OBJ_nid2ln(EVP_CIPHER_type(evp_cmac_cipher));
2879 evp_cmac_name = app_malloc(sizeof("CMAC()") + strlen(cipher_name),
2881 sprintf(evp_cmac_name, "CMAC(%s)", cipher_name);
2882 names[D_EVP_CMAC] = evp_cmac_name;
2884 for (i = 0; i < loopargs_len; i++) {
2885 loopargs[i].cmac_ctx = CMAC_CTX_new();
2886 if (loopargs[i].cmac_ctx == NULL) {
2887 BIO_printf(bio_err, "CMAC malloc failure, exiting...");
2891 for (testnum = 0; testnum < size_num; testnum++) {
2892 print_message(names[D_EVP_CMAC], save_count, lengths[testnum],
2895 count = run_benchmark(async_jobs, EVP_CMAC_loop, loopargs);
2897 print_result(D_EVP_CMAC, testnum, count, d);
2899 for (i = 0; i < loopargs_len; i++)
2900 CMAC_CTX_free(loopargs[i].cmac_ctx);
2905 for (i = 0; i < loopargs_len; i++)
2906 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2909 #ifndef OPENSSL_NO_RSA
2910 for (testnum = 0; testnum < RSA_NUM; testnum++) {
2912 if (!rsa_doit[testnum])
2914 for (i = 0; i < loopargs_len; i++) {
2916 /* we haven't set keys yet, generate multi-prime RSA keys */
2917 BIGNUM *bn = BN_new();
2921 if (!BN_set_word(bn, RSA_F4)) {
2926 BIO_printf(bio_err, "Generate multi-prime RSA key for %s\n",
2927 rsa_choices[testnum].name);
2929 loopargs[i].rsa_key[testnum] = RSA_new();
2930 if (loopargs[i].rsa_key[testnum] == NULL) {
2935 if (!RSA_generate_multi_prime_key(loopargs[i].rsa_key[testnum],
2937 primes, bn, NULL)) {
2943 st = RSA_sign(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2944 &loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2950 "RSA sign failure. No RSA sign will be done.\n");
2951 ERR_print_errors(bio_err);
2954 pkey_print_message("private", "rsa",
2955 rsa_c[testnum][0], rsa_bits[testnum],
2957 /* RSA_blinding_on(rsa_key[testnum],NULL); */
2959 count = run_benchmark(async_jobs, RSA_sign_loop, loopargs);
2962 mr ? "+R1:%ld:%d:%.2f\n"
2963 : "%ld %u bits private RSA's in %.2fs\n",
2964 count, rsa_bits[testnum], d);
2965 rsa_results[testnum][0] = (double)count / d;
2969 for (i = 0; i < loopargs_len; i++) {
2970 st = RSA_verify(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2971 loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2977 "RSA verify failure. No RSA verify will be done.\n");
2978 ERR_print_errors(bio_err);
2979 rsa_doit[testnum] = 0;
2981 pkey_print_message("public", "rsa",
2982 rsa_c[testnum][1], rsa_bits[testnum],
2985 count = run_benchmark(async_jobs, RSA_verify_loop, loopargs);
2988 mr ? "+R2:%ld:%d:%.2f\n"
2989 : "%ld %u bits public RSA's in %.2fs\n",
2990 count, rsa_bits[testnum], d);
2991 rsa_results[testnum][1] = (double)count / d;
2994 if (rsa_count <= 1) {
2995 /* if longer than 10s, don't do any more */
2996 for (testnum++; testnum < RSA_NUM; testnum++)
2997 rsa_doit[testnum] = 0;
3000 #endif /* OPENSSL_NO_RSA */
3002 for (i = 0; i < loopargs_len; i++)
3003 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
3006 #ifndef OPENSSL_NO_DSA
3007 for (testnum = 0; testnum < DSA_NUM; testnum++) {
3009 if (!dsa_doit[testnum])
3012 /* DSA_generate_key(dsa_key[testnum]); */
3013 /* DSA_sign_setup(dsa_key[testnum],NULL); */
3014 for (i = 0; i < loopargs_len; i++) {
3015 st = DSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
3016 &loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
3022 "DSA sign failure. No DSA sign will be done.\n");
3023 ERR_print_errors(bio_err);
3026 pkey_print_message("sign", "dsa",
3027 dsa_c[testnum][0], dsa_bits[testnum],
3030 count = run_benchmark(async_jobs, DSA_sign_loop, loopargs);
3033 mr ? "+R3:%ld:%u:%.2f\n"
3034 : "%ld %u bits DSA signs in %.2fs\n",
3035 count, dsa_bits[testnum], d);
3036 dsa_results[testnum][0] = (double)count / d;
3040 for (i = 0; i < loopargs_len; i++) {
3041 st = DSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
3042 loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
3048 "DSA verify failure. No DSA verify will be done.\n");
3049 ERR_print_errors(bio_err);
3050 dsa_doit[testnum] = 0;
3052 pkey_print_message("verify", "dsa",
3053 dsa_c[testnum][1], dsa_bits[testnum],
3056 count = run_benchmark(async_jobs, DSA_verify_loop, loopargs);
3059 mr ? "+R4:%ld:%u:%.2f\n"
3060 : "%ld %u bits DSA verify in %.2fs\n",
3061 count, dsa_bits[testnum], d);
3062 dsa_results[testnum][1] = (double)count / d;
3065 if (rsa_count <= 1) {
3066 /* if longer than 10s, don't do any more */
3067 for (testnum++; testnum < DSA_NUM; testnum++)
3068 dsa_doit[testnum] = 0;
3071 #endif /* OPENSSL_NO_DSA */
3073 #ifndef OPENSSL_NO_EC
3074 for (testnum = 0; testnum < ECDSA_NUM; testnum++) {
3077 if (!ecdsa_doit[testnum])
3078 continue; /* Ignore Curve */
3079 for (i = 0; i < loopargs_len; i++) {
3080 loopargs[i].ecdsa[testnum] =
3081 EC_KEY_new_by_curve_name(test_curves[testnum].nid);
3082 if (loopargs[i].ecdsa[testnum] == NULL) {
3088 BIO_printf(bio_err, "ECDSA failure.\n");
3089 ERR_print_errors(bio_err);
3092 for (i = 0; i < loopargs_len; i++) {
3093 EC_KEY_precompute_mult(loopargs[i].ecdsa[testnum], NULL);
3094 /* Perform ECDSA signature test */
3095 EC_KEY_generate_key(loopargs[i].ecdsa[testnum]);
3096 st = ECDSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
3097 &loopargs[i].siglen,
3098 loopargs[i].ecdsa[testnum]);
3104 "ECDSA sign failure. No ECDSA sign will be done.\n");
3105 ERR_print_errors(bio_err);
3108 pkey_print_message("sign", "ecdsa",
3109 ecdsa_c[testnum][0],
3110 test_curves[testnum].bits, seconds.ecdsa);
3112 count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs);
3116 mr ? "+R5:%ld:%u:%.2f\n" :
3117 "%ld %u bits ECDSA signs in %.2fs \n",
3118 count, test_curves[testnum].bits, d);
3119 ecdsa_results[testnum][0] = (double)count / d;
3123 /* Perform ECDSA verification test */
3124 for (i = 0; i < loopargs_len; i++) {
3125 st = ECDSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
3127 loopargs[i].ecdsa[testnum]);
3133 "ECDSA verify failure. No ECDSA verify will be done.\n");
3134 ERR_print_errors(bio_err);
3135 ecdsa_doit[testnum] = 0;
3137 pkey_print_message("verify", "ecdsa",
3138 ecdsa_c[testnum][1],
3139 test_curves[testnum].bits, seconds.ecdsa);
3141 count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs);
3144 mr ? "+R6:%ld:%u:%.2f\n"
3145 : "%ld %u bits ECDSA verify in %.2fs\n",
3146 count, test_curves[testnum].bits, d);
3147 ecdsa_results[testnum][1] = (double)count / d;
3150 if (rsa_count <= 1) {
3151 /* if longer than 10s, don't do any more */
3152 for (testnum++; testnum < ECDSA_NUM; testnum++)
3153 ecdsa_doit[testnum] = 0;
3158 for (testnum = 0; testnum < EC_NUM; testnum++) {
3159 int ecdh_checks = 1;
3161 if (!ecdh_doit[testnum])
3164 for (i = 0; i < loopargs_len; i++) {
3165 EVP_PKEY_CTX *kctx = NULL;
3166 EVP_PKEY_CTX *test_ctx = NULL;
3167 EVP_PKEY_CTX *ctx = NULL;
3168 EVP_PKEY *key_A = NULL;
3169 EVP_PKEY *key_B = NULL;
3173 /* Ensure that the error queue is empty */
3174 if (ERR_peek_error()) {
3176 "WARNING: the error queue contains previous unhandled errors.\n");
3177 ERR_print_errors(bio_err);
3180 /* Let's try to create a ctx directly from the NID: this works for
3181 * curves like Curve25519 that are not implemented through the low
3182 * level EC interface.
3183 * If this fails we try creating a EVP_PKEY_EC generic param ctx,
3184 * then we set the curve by NID before deriving the actual keygen
3185 * ctx for that specific curve. */
3186 kctx = EVP_PKEY_CTX_new_id(test_curves[testnum].nid, NULL); /* keygen ctx from NID */
3188 EVP_PKEY_CTX *pctx = NULL;
3189 EVP_PKEY *params = NULL;
3191 /* If we reach this code EVP_PKEY_CTX_new_id() failed and a
3192 * "int_ctx_new:unsupported algorithm" error was added to the
3194 * We remove it from the error queue as we are handling it. */
3195 unsigned long error = ERR_peek_error(); /* peek the latest error in the queue */
3196 if (error == ERR_peek_last_error() && /* oldest and latest errors match */
3197 /* check that the error origin matches */
3198 ERR_GET_LIB(error) == ERR_LIB_EVP &&
3199 ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM)
3200 ERR_get_error(); /* pop error from queue */
3201 if (ERR_peek_error()) {
3203 "Unhandled error in the error queue during ECDH init.\n");
3204 ERR_print_errors(bio_err);
3209 if ( /* Create the context for parameter generation */
3210 !(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) ||
3211 /* Initialise the parameter generation */
3212 !EVP_PKEY_paramgen_init(pctx) ||
3213 /* Set the curve by NID */
3214 !EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3217 /* Create the parameter object params */
3218 !EVP_PKEY_paramgen(pctx, ¶ms)) {
3220 BIO_printf(bio_err, "ECDH EC params init failure.\n");
3221 ERR_print_errors(bio_err);
3225 /* Create the context for the key generation */
3226 kctx = EVP_PKEY_CTX_new(params, NULL);
3228 EVP_PKEY_free(params);
3230 EVP_PKEY_CTX_free(pctx);
3233 if (kctx == NULL || /* keygen ctx is not null */
3234 EVP_PKEY_keygen_init(kctx) <= 0/* init keygen ctx */ ) {
3236 BIO_printf(bio_err, "ECDH keygen failure.\n");
3237 ERR_print_errors(bio_err);
3242 if (EVP_PKEY_keygen(kctx, &key_A) <= 0 || /* generate secret key A */
3243 EVP_PKEY_keygen(kctx, &key_B) <= 0 || /* generate secret key B */
3244 !(ctx = EVP_PKEY_CTX_new(key_A, NULL)) || /* derivation ctx from skeyA */
3245 EVP_PKEY_derive_init(ctx) <= 0 || /* init derivation ctx */
3246 EVP_PKEY_derive_set_peer(ctx, key_B) <= 0 || /* set peer pubkey in ctx */
3247 EVP_PKEY_derive(ctx, NULL, &outlen) <= 0 || /* determine max length */
3248 outlen == 0 || /* ensure outlen is a valid size */
3249 outlen > MAX_ECDH_SIZE /* avoid buffer overflow */ ) {
3251 BIO_printf(bio_err, "ECDH key generation failure.\n");
3252 ERR_print_errors(bio_err);
3257 /* Here we perform a test run, comparing the output of a*B and b*A;
3258 * we try this here and assume that further EVP_PKEY_derive calls
3259 * never fail, so we can skip checks in the actually benchmarked
3260 * code, for maximum performance. */
3261 if (!(test_ctx = EVP_PKEY_CTX_new(key_B, NULL)) || /* test ctx from skeyB */
3262 !EVP_PKEY_derive_init(test_ctx) || /* init derivation test_ctx */
3263 !EVP_PKEY_derive_set_peer(test_ctx, key_A) || /* set peer pubkey in test_ctx */
3264 !EVP_PKEY_derive(test_ctx, NULL, &test_outlen) || /* determine max length */
3265 !EVP_PKEY_derive(ctx, loopargs[i].secret_a, &outlen) || /* compute a*B */
3266 !EVP_PKEY_derive(test_ctx, loopargs[i].secret_b, &test_outlen) || /* compute b*A */
3267 test_outlen != outlen /* compare output length */ ) {
3269 BIO_printf(bio_err, "ECDH computation failure.\n");
3270 ERR_print_errors(bio_err);
3275 /* Compare the computation results: CRYPTO_memcmp() returns 0 if equal */
3276 if (CRYPTO_memcmp(loopargs[i].secret_a,
3277 loopargs[i].secret_b, outlen)) {
3279 BIO_printf(bio_err, "ECDH computations don't match.\n");
3280 ERR_print_errors(bio_err);
3285 loopargs[i].ecdh_ctx[testnum] = ctx;
3286 loopargs[i].outlen[testnum] = outlen;
3288 EVP_PKEY_free(key_A);
3289 EVP_PKEY_free(key_B);
3290 EVP_PKEY_CTX_free(kctx);
3292 EVP_PKEY_CTX_free(test_ctx);
3295 if (ecdh_checks != 0) {
3296 pkey_print_message("", "ecdh",
3298 test_curves[testnum].bits, seconds.ecdh);
3301 run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs);
3304 mr ? "+R7:%ld:%d:%.2f\n" :
3305 "%ld %u-bits ECDH ops in %.2fs\n", count,
3306 test_curves[testnum].bits, d);
3307 ecdh_results[testnum][0] = (double)count / d;
3311 if (rsa_count <= 1) {
3312 /* if longer than 10s, don't do any more */
3313 for (testnum++; testnum < OSSL_NELEM(ecdh_doit); testnum++)
3314 ecdh_doit[testnum] = 0;
3318 for (testnum = 0; testnum < EdDSA_NUM; testnum++) {
3320 EVP_PKEY *ed_pkey = NULL;
3321 EVP_PKEY_CTX *ed_pctx = NULL;
3323 if (!eddsa_doit[testnum])
3324 continue; /* Ignore Curve */
3325 for (i = 0; i < loopargs_len; i++) {
3326 loopargs[i].eddsa_ctx[testnum] = EVP_MD_CTX_new();
3327 if (loopargs[i].eddsa_ctx[testnum] == NULL) {
3332 if ((ed_pctx = EVP_PKEY_CTX_new_id(test_ed_curves[testnum].nid, NULL))
3334 || EVP_PKEY_keygen_init(ed_pctx) <= 0
3335 || EVP_PKEY_keygen(ed_pctx, &ed_pkey) <= 0) {
3337 EVP_PKEY_CTX_free(ed_pctx);
3340 EVP_PKEY_CTX_free(ed_pctx);
3342 if (!EVP_DigestSignInit(loopargs[i].eddsa_ctx[testnum], NULL, NULL,
3345 EVP_PKEY_free(ed_pkey);
3348 EVP_PKEY_free(ed_pkey);
3351 BIO_printf(bio_err, "EdDSA failure.\n");
3352 ERR_print_errors(bio_err);
3355 for (i = 0; i < loopargs_len; i++) {
3356 /* Perform EdDSA signature test */
3357 loopargs[i].sigsize = test_ed_curves[testnum].sigsize;
3358 st = EVP_DigestSign(loopargs[i].eddsa_ctx[testnum],
3359 loopargs[i].buf2, &loopargs[i].sigsize,
3360 loopargs[i].buf, 20);
3366 "EdDSA sign failure. No EdDSA sign will be done.\n");
3367 ERR_print_errors(bio_err);
3370 pkey_print_message("sign", test_ed_curves[testnum].name,
3371 eddsa_c[testnum][0],
3372 test_ed_curves[testnum].bits, seconds.eddsa);
3374 count = run_benchmark(async_jobs, EdDSA_sign_loop, loopargs);
3378 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3379 "%ld %u bits %s signs in %.2fs \n",
3380 count, test_ed_curves[testnum].bits,
3381 test_ed_curves[testnum].name, d);
3382 eddsa_results[testnum][0] = (double)count / d;
3386 /* Perform EdDSA verification test */
3387 for (i = 0; i < loopargs_len; i++) {
3388 st = EVP_DigestVerify(loopargs[i].eddsa_ctx[testnum],
3389 loopargs[i].buf2, loopargs[i].sigsize,
3390 loopargs[i].buf, 20);
3396 "EdDSA verify failure. No EdDSA verify will be done.\n");
3397 ERR_print_errors(bio_err);
3398 eddsa_doit[testnum] = 0;
3400 pkey_print_message("verify", test_ed_curves[testnum].name,
3401 eddsa_c[testnum][1],
3402 test_ed_curves[testnum].bits, seconds.eddsa);
3404 count = run_benchmark(async_jobs, EdDSA_verify_loop, loopargs);
3407 mr ? "+R9:%ld:%u:%s:%.2f\n"
3408 : "%ld %u bits %s verify in %.2fs\n",
3409 count, test_ed_curves[testnum].bits,
3410 test_ed_curves[testnum].name, d);
3411 eddsa_results[testnum][1] = (double)count / d;
3414 if (rsa_count <= 1) {
3415 /* if longer than 10s, don't do any more */
3416 for (testnum++; testnum < EdDSA_NUM; testnum++)
3417 eddsa_doit[testnum] = 0;
3422 # ifndef OPENSSL_NO_SM2
3423 for (testnum = 0; testnum < SM2_NUM; testnum++) {
3425 EVP_PKEY *sm2_pkey = NULL;
3426 EVP_PKEY_CTX *pctx = NULL;
3427 EVP_PKEY_CTX *sm2_pctx = NULL;
3428 EVP_PKEY_CTX *sm2_vfy_pctx = NULL;
3429 size_t sm2_sigsize = 0;
3431 if (!sm2_doit[testnum])
3432 continue; /* Ignore Curve */
3433 /* Init signing and verification */
3434 for (i = 0; i < loopargs_len; i++) {
3435 loopargs[i].sm2_ctx[testnum] = EVP_MD_CTX_new();
3436 if (loopargs[i].sm2_ctx[testnum] == NULL) {
3440 loopargs[i].sm2_vfy_ctx[testnum] = EVP_MD_CTX_new();
3441 if (loopargs[i].sm2_vfy_ctx[testnum] == NULL) {
3446 /* SM2 keys are generated as normal EC keys with a special curve */
3447 if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) == NULL
3448 || EVP_PKEY_keygen_init(pctx) <= 0
3449 || EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3450 test_sm2_curves[testnum].nid) <= 0
3451 || EVP_PKEY_keygen(pctx, &sm2_pkey) <= 0) {
3453 EVP_PKEY_CTX_free(pctx);
3456 /* free previous one and alloc a new one */
3457 EVP_PKEY_CTX_free(pctx);
3459 loopargs[i].sigsize = sm2_sigsize
3460 = ECDSA_size(EVP_PKEY_get0_EC_KEY(sm2_pkey));
3462 if (!EVP_PKEY_set_alias_type(sm2_pkey, EVP_PKEY_SM2)) {
3464 EVP_PKEY_free(sm2_pkey);
3468 sm2_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3469 if (sm2_pctx == NULL) {
3471 EVP_PKEY_free(sm2_pkey);
3474 sm2_vfy_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3475 if (sm2_vfy_pctx == NULL) {
3477 EVP_PKEY_CTX_free(sm2_pctx);
3478 EVP_PKEY_free(sm2_pkey);
3482 * No need to allow user to set an explicit ID here, just use
3483 * the one defined in the 'draft-yang-tls-tl13-sm-suites' I-D.
3485 if (EVP_PKEY_CTX_set1_id(sm2_pctx, SM2_ID, SM2_ID_LEN) != 1) {
3487 EVP_PKEY_CTX_free(sm2_pctx);
3488 EVP_PKEY_CTX_free(sm2_vfy_pctx);
3489 EVP_PKEY_free(sm2_pkey);
3493 if (EVP_PKEY_CTX_set1_id(sm2_vfy_pctx, SM2_ID, SM2_ID_LEN) != 1) {
3495 EVP_PKEY_CTX_free(sm2_pctx);
3496 EVP_PKEY_CTX_free(sm2_vfy_pctx);
3497 EVP_PKEY_free(sm2_pkey);
3501 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_ctx[testnum], sm2_pctx);
3502 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_vfy_ctx[testnum], sm2_vfy_pctx);
3504 if (!EVP_DigestSignInit(loopargs[i].sm2_ctx[testnum], NULL,
3505 EVP_sm3(), NULL, sm2_pkey)) {
3507 EVP_PKEY_free(sm2_pkey);
3510 if (!EVP_DigestVerifyInit(loopargs[i].sm2_vfy_ctx[testnum], NULL,
3511 EVP_sm3(), NULL, sm2_pkey)) {
3513 EVP_PKEY_free(sm2_pkey);
3516 loopargs[i].sm2_pkey[testnum] = sm2_pkey;
3519 BIO_printf(bio_err, "SM2 failure.\n");
3520 ERR_print_errors(bio_err);
3523 for (i = 0; i < loopargs_len; i++) {
3524 sm2_sigsize = loopargs[i].sigsize;
3525 /* Perform SM2 signature test */
3526 st = EVP_DigestSign(loopargs[i].sm2_ctx[testnum],
3527 loopargs[i].buf2, &sm2_sigsize,
3528 loopargs[i].buf, 20);
3534 "SM2 sign failure. No SM2 sign will be done.\n");
3535 ERR_print_errors(bio_err);
3538 pkey_print_message("sign", test_sm2_curves[testnum].name,
3540 test_sm2_curves[testnum].bits, seconds.sm2);
3542 count = run_benchmark(async_jobs, SM2_sign_loop, loopargs);
3546 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3547 "%ld %u bits %s signs in %.2fs \n",
3548 count, test_sm2_curves[testnum].bits,
3549 test_sm2_curves[testnum].name, d);
3550 sm2_results[testnum][0] = (double)count / d;
3554 /* Perform SM2 verification test */
3555 for (i = 0; i < loopargs_len; i++) {
3556 st = EVP_DigestVerify(loopargs[i].sm2_vfy_ctx[testnum],
3557 loopargs[i].buf2, loopargs[i].sigsize,
3558 loopargs[i].buf, 20);
3564 "SM2 verify failure. No SM2 verify will be done.\n");
3565 ERR_print_errors(bio_err);
3566 sm2_doit[testnum] = 0;
3568 pkey_print_message("verify", test_sm2_curves[testnum].name,
3570 test_sm2_curves[testnum].bits, seconds.sm2);
3572 count = run_benchmark(async_jobs, SM2_verify_loop, loopargs);
3575 mr ? "+R9:%ld:%u:%s:%.2f\n"
3576 : "%ld %u bits %s verify in %.2fs\n",
3577 count, test_sm2_curves[testnum].bits,
3578 test_sm2_curves[testnum].name, d);
3579 sm2_results[testnum][1] = (double)count / d;
3582 if (rsa_count <= 1) {
3583 /* if longer than 10s, don't do any more */
3584 for (testnum++; testnum < SM2_NUM; testnum++)
3585 sm2_doit[testnum] = 0;
3589 # endif /* OPENSSL_NO_SM2 */
3591 #endif /* OPENSSL_NO_EC */
3596 printf("version: %s\n", OpenSSL_version(OPENSSL_FULL_VERSION_STRING));
3597 printf("built on: %s\n", OpenSSL_version(OPENSSL_BUILT_ON));
3599 printf("%s ", BN_options());
3600 #ifndef OPENSSL_NO_MD2
3601 printf("%s ", MD2_options());
3603 #ifndef OPENSSL_NO_RC4
3604 printf("%s ", RC4_options());
3606 #ifndef OPENSSL_NO_DES
3607 printf("%s ", DES_options());
3609 printf("%s ", AES_options());
3610 #ifndef OPENSSL_NO_IDEA
3611 printf("%s ", IDEA_options());
3613 #ifndef OPENSSL_NO_BF
3614 printf("%s ", BF_options());
3616 printf("\n%s\n", OpenSSL_version(OPENSSL_CFLAGS));
3617 printf("%s\n", OpenSSL_version(OPENSSL_CPU_INFO));
3625 ("The 'numbers' are in 1000s of bytes per second processed.\n");
3628 for (testnum = 0; testnum < size_num; testnum++)
3629 printf(mr ? ":%d" : "%7d bytes", lengths[testnum]);
3633 for (k = 0; k < ALGOR_NUM; k++) {
3637 printf("+F:%u:%s", k, names[k]);
3639 printf("%-13s", names[k]);
3640 for (testnum = 0; testnum < size_num; testnum++) {
3641 if (results[k][testnum] > 10000 && !mr)
3642 printf(" %11.2fk", results[k][testnum] / 1e3);
3644 printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]);
3648 #ifndef OPENSSL_NO_RSA
3650 for (k = 0; k < RSA_NUM; k++) {
3653 if (testnum && !mr) {
3654 printf("%18ssign verify sign/s verify/s\n", " ");
3658 printf("+F2:%u:%u:%f:%f\n",
3659 k, rsa_bits[k], rsa_results[k][0], rsa_results[k][1]);
3661 printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3662 rsa_bits[k], 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1],
3663 rsa_results[k][0], rsa_results[k][1]);
3666 #ifndef OPENSSL_NO_DSA
3668 for (k = 0; k < DSA_NUM; k++) {
3671 if (testnum && !mr) {
3672 printf("%18ssign verify sign/s verify/s\n", " ");
3676 printf("+F3:%u:%u:%f:%f\n",
3677 k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
3679 printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3680 dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1],
3681 dsa_results[k][0], dsa_results[k][1]);
3684 #ifndef OPENSSL_NO_EC
3686 for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) {
3689 if (testnum && !mr) {
3690 printf("%30ssign verify sign/s verify/s\n", " ");
3695 printf("+F4:%u:%u:%f:%f\n",
3696 k, test_curves[k].bits,
3697 ecdsa_results[k][0], ecdsa_results[k][1]);
3699 printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3700 test_curves[k].bits, test_curves[k].name,
3701 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1],
3702 ecdsa_results[k][0], ecdsa_results[k][1]);
3706 for (k = 0; k < EC_NUM; k++) {
3709 if (testnum && !mr) {
3710 printf("%30sop op/s\n", " ");
3714 printf("+F5:%u:%u:%f:%f\n",
3715 k, test_curves[k].bits,
3716 ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
3719 printf("%4u bits ecdh (%s) %8.4fs %8.1f\n",
3720 test_curves[k].bits, test_curves[k].name,
3721 1.0 / ecdh_results[k][0], ecdh_results[k][0]);
3725 for (k = 0; k < OSSL_NELEM(eddsa_doit); k++) {
3728 if (testnum && !mr) {
3729 printf("%30ssign verify sign/s verify/s\n", " ");
3734 printf("+F6:%u:%u:%s:%f:%f\n",
3735 k, test_ed_curves[k].bits, test_ed_curves[k].name,
3736 eddsa_results[k][0], eddsa_results[k][1]);
3738 printf("%4u bits EdDSA (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3739 test_ed_curves[k].bits, test_ed_curves[k].name,
3740 1.0 / eddsa_results[k][0], 1.0 / eddsa_results[k][1],
3741 eddsa_results[k][0], eddsa_results[k][1]);
3744 # ifndef OPENSSL_NO_SM2
3746 for (k = 0; k < OSSL_NELEM(sm2_doit); k++) {
3749 if (testnum && !mr) {
3750 printf("%30ssign verify sign/s verify/s\n", " ");
3755 printf("+F6:%u:%u:%s:%f:%f\n",
3756 k, test_sm2_curves[k].bits, test_sm2_curves[k].name,
3757 sm2_results[k][0], sm2_results[k][1]);
3759 printf("%4u bits SM2 (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3760 test_sm2_curves[k].bits, test_sm2_curves[k].name,
3761 1.0 / sm2_results[k][0], 1.0 / sm2_results[k][1],
3762 sm2_results[k][0], sm2_results[k][1]);
3770 ERR_print_errors(bio_err);
3771 for (i = 0; i < loopargs_len; i++) {
3772 OPENSSL_free(loopargs[i].buf_malloc);
3773 OPENSSL_free(loopargs[i].buf2_malloc);
3775 #ifndef OPENSSL_NO_RSA
3776 for (k = 0; k < RSA_NUM; k++)
3777 RSA_free(loopargs[i].rsa_key[k]);
3779 #ifndef OPENSSL_NO_DSA
3780 for (k = 0; k < DSA_NUM; k++)
3781 DSA_free(loopargs[i].dsa_key[k]);
3783 #ifndef OPENSSL_NO_EC
3784 for (k = 0; k < ECDSA_NUM; k++)
3785 EC_KEY_free(loopargs[i].ecdsa[k]);
3786 for (k = 0; k < EC_NUM; k++)
3787 EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]);
3788 for (k = 0; k < EdDSA_NUM; k++)
3789 EVP_MD_CTX_free(loopargs[i].eddsa_ctx[k]);
3790 # ifndef OPENSSL_NO_SM2
3791 for (k = 0; k < SM2_NUM; k++) {
3792 EVP_PKEY_CTX *pctx = NULL;
3794 /* free signing ctx */
3795 if (loopargs[i].sm2_ctx[k] != NULL
3796 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_ctx[k])) != NULL)
3797 EVP_PKEY_CTX_free(pctx);
3798 EVP_MD_CTX_free(loopargs[i].sm2_ctx[k]);
3799 /* free verification ctx */
3800 if (loopargs[i].sm2_vfy_ctx[k] != NULL
3801 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_vfy_ctx[k])) != NULL)
3802 EVP_PKEY_CTX_free(pctx);
3803 EVP_MD_CTX_free(loopargs[i].sm2_vfy_ctx[k]);
3805 EVP_PKEY_free(loopargs[i].sm2_pkey[k]);
3808 OPENSSL_free(loopargs[i].secret_a);
3809 OPENSSL_free(loopargs[i].secret_b);
3812 OPENSSL_free(evp_hmac_name);
3813 #ifndef OPENSSL_NO_CMAC
3814 OPENSSL_free(evp_cmac_name);
3817 if (async_jobs > 0) {
3818 for (i = 0; i < loopargs_len; i++)
3819 ASYNC_WAIT_CTX_free(loopargs[i].wait_ctx);
3823 ASYNC_cleanup_thread();
3825 OPENSSL_free(loopargs);
3830 static void print_message(const char *s, long num, int length, int tm)
3834 mr ? "+DT:%s:%d:%d\n"
3835 : "Doing %s for %ds on %d size blocks: ", s, tm, length);
3836 (void)BIO_flush(bio_err);
3840 mr ? "+DN:%s:%ld:%d\n"
3841 : "Doing %s %ld times on %d size blocks: ", s, num, length);
3842 (void)BIO_flush(bio_err);
3846 static void pkey_print_message(const char *str, const char *str2, long num,
3847 unsigned int bits, int tm)
3851 mr ? "+DTP:%d:%s:%s:%d\n"
3852 : "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm);
3853 (void)BIO_flush(bio_err);
3857 mr ? "+DNP:%ld:%d:%s:%s\n"
3858 : "Doing %ld %u bits %s %s's: ", num, bits, str, str2);
3859 (void)BIO_flush(bio_err);
3863 static void print_result(int alg, int run_no, int count, double time_used)
3866 BIO_printf(bio_err, "%s error!\n", names[alg]);
3867 ERR_print_errors(bio_err);
3868 /* exit(1); disable exit until default provider enabled */
3872 mr ? "+R:%d:%s:%f\n"
3873 : "%d %s's in %.2fs\n", count, names[alg], time_used);
3874 results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
3878 static char *sstrsep(char **string, const char *delim)
3881 char *token = *string;
3886 memset(isdelim, 0, sizeof(isdelim));
3890 isdelim[(unsigned char)(*delim)] = 1;
3894 while (!isdelim[(unsigned char)(**string)]) {
3906 static int do_multi(int multi, int size_num)
3911 static char sep[] = ":";
3913 fds = app_malloc(sizeof(*fds) * multi, "fd buffer for do_multi");
3914 for (n = 0; n < multi; ++n) {
3915 if (pipe(fd) == -1) {
3916 BIO_printf(bio_err, "pipe failure\n");
3920 (void)BIO_flush(bio_err);
3927 if (dup(fd[1]) == -1) {
3928 BIO_printf(bio_err, "dup failed\n");
3937 printf("Forked child %d\n", n);
3940 /* for now, assume the pipe is long enough to take all the output */
3941 for (n = 0; n < multi; ++n) {
3946 f = fdopen(fds[n], "r");
3947 while (fgets(buf, sizeof(buf), f)) {
3948 p = strchr(buf, '\n');
3951 if (buf[0] != '+') {
3953 "Don't understand line '%s' from child %d\n", buf,
3957 printf("Got: %s from %d\n", buf, n);
3958 if (strncmp(buf, "+F:", 3) == 0) {
3963 alg = atoi(sstrsep(&p, sep));
3965 for (j = 0; j < size_num; ++j)
3966 results[alg][j] += atof(sstrsep(&p, sep));
3967 } else if (strncmp(buf, "+F2:", 4) == 0) {
3972 k = atoi(sstrsep(&p, sep));
3975 d = atof(sstrsep(&p, sep));
3976 rsa_results[k][0] += d;
3978 d = atof(sstrsep(&p, sep));
3979 rsa_results[k][1] += d;
3981 # ifndef OPENSSL_NO_DSA
3982 else if (strncmp(buf, "+F3:", 4) == 0) {
3987 k = atoi(sstrsep(&p, sep));
3990 d = atof(sstrsep(&p, sep));
3991 dsa_results[k][0] += d;
3993 d = atof(sstrsep(&p, sep));
3994 dsa_results[k][1] += d;
3997 # ifndef OPENSSL_NO_EC
3998 else if (strncmp(buf, "+F4:", 4) == 0) {
4003 k = atoi(sstrsep(&p, sep));
4006 d = atof(sstrsep(&p, sep));
4007 ecdsa_results[k][0] += d;
4009 d = atof(sstrsep(&p, sep));
4010 ecdsa_results[k][1] += d;
4011 } else if (strncmp(buf, "+F5:", 4) == 0) {
4016 k = atoi(sstrsep(&p, sep));
4019 d = atof(sstrsep(&p, sep));
4020 ecdh_results[k][0] += d;
4021 } else if (strncmp(buf, "+F6:", 4) == 0) {
4026 k = atoi(sstrsep(&p, sep));
4029 d = atof(sstrsep(&p, sep));
4030 eddsa_results[k][0] += d;
4032 d = atof(sstrsep(&p, sep));
4033 eddsa_results[k][1] += d;
4035 # ifndef OPENSSL_NO_SM2
4036 else if (strncmp(buf, "+F7:", 4) == 0) {
4041 k = atoi(sstrsep(&p, sep));
4044 d = atof(sstrsep(&p, sep));
4045 sm2_results[k][0] += d;
4047 d = atof(sstrsep(&p, sep));
4048 sm2_results[k][1] += d;
4050 # endif /* OPENSSL_NO_SM2 */
4053 else if (strncmp(buf, "+H:", 3) == 0) {
4056 BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf,
4067 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
4068 const openssl_speed_sec_t *seconds)
4070 static const int mblengths_list[] =
4071 { 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 };
4072 const int *mblengths = mblengths_list;
4073 int j, count, keylen, num = OSSL_NELEM(mblengths_list);
4074 const char *alg_name;
4075 unsigned char *inp, *out, *key, no_key[32], no_iv[16];
4076 EVP_CIPHER_CTX *ctx;
4079 if (lengths_single) {
4080 mblengths = &lengths_single;
4084 inp = app_malloc(mblengths[num - 1], "multiblock input buffer");
4085 out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer");
4086 ctx = EVP_CIPHER_CTX_new();
4087 EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv);
4089 keylen = EVP_CIPHER_CTX_key_length(ctx);
4090 key = app_malloc(keylen, "evp_cipher key");
4091 EVP_CIPHER_CTX_rand_key(ctx, key);
4092 EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
4093 OPENSSL_clear_free(key, keylen);
4095 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key), no_key);
4096 alg_name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
4098 for (j = 0; j < num; j++) {
4099 print_message(alg_name, 0, mblengths[j], seconds->sym);
4101 for (count = 0, run = 1; run && count < 0x7fffffff; count++) {
4102 unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
4103 EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
4104 size_t len = mblengths[j];
4107 memset(aad, 0, 8); /* avoid uninitialized values */
4108 aad[8] = 23; /* SSL3_RT_APPLICATION_DATA */
4109 aad[9] = 3; /* version */
4111 aad[11] = 0; /* length */
4113 mb_param.out = NULL;
4116 mb_param.interleave = 8;
4118 packlen = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
4119 sizeof(mb_param), &mb_param);
4125 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
4126 sizeof(mb_param), &mb_param);
4130 RAND_bytes(out, 16);
4132 aad[11] = (unsigned char)(len >> 8);
4133 aad[12] = (unsigned char)(len);
4134 pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD,
4135 EVP_AEAD_TLS1_AAD_LEN, aad);
4136 EVP_Cipher(ctx, out, inp, len + pad);
4140 BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n"
4141 : "%d %s's in %.2fs\n", count, "evp", d);
4142 results[D_EVP][j] = ((double)count) / d * mblengths[j];
4146 fprintf(stdout, "+H");
4147 for (j = 0; j < num; j++)
4148 fprintf(stdout, ":%d", mblengths[j]);
4149 fprintf(stdout, "\n");
4150 fprintf(stdout, "+F:%d:%s", D_EVP, alg_name);
4151 for (j = 0; j < num; j++)
4152 fprintf(stdout, ":%.2f", results[D_EVP][j]);
4153 fprintf(stdout, "\n");
4156 "The 'numbers' are in 1000s of bytes per second processed.\n");
4157 fprintf(stdout, "type ");
4158 for (j = 0; j < num; j++)
4159 fprintf(stdout, "%7d bytes", mblengths[j]);
4160 fprintf(stdout, "\n");
4161 fprintf(stdout, "%-24s", alg_name);
4163 for (j = 0; j < num; j++) {
4164 if (results[D_EVP][j] > 10000)
4165 fprintf(stdout, " %11.2fk", results[D_EVP][j] / 1e3);
4167 fprintf(stdout, " %11.2f ", results[D_EVP][j]);
4169 fprintf(stdout, "\n");
4174 EVP_CIPHER_CTX_free(ctx);