2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
13 #define RSA_SECONDS 10
14 #define DSA_SECONDS 10
15 #define ECDSA_SECONDS 10
16 #define ECDH_SECONDS 10
17 #define EdDSA_SECONDS 10
18 #define SM2_SECONDS 10
20 /* We need to use some deprecated APIs */
21 #define OPENSSL_SUPPRESS_DEPRECATED
29 #include <openssl/crypto.h>
30 #include <openssl/rand.h>
31 #include <openssl/err.h>
32 #include <openssl/evp.h>
33 #include <openssl/objects.h>
34 #include <openssl/async.h>
35 #if !defined(OPENSSL_SYS_MSDOS)
43 #include <openssl/bn.h>
44 #ifndef OPENSSL_NO_DES
45 # include <openssl/des.h>
47 #include <openssl/aes.h>
48 #ifndef OPENSSL_NO_CAMELLIA
49 # include <openssl/camellia.h>
51 #ifndef OPENSSL_NO_MD2
52 # include <openssl/md2.h>
54 #ifndef OPENSSL_NO_MDC2
55 # include <openssl/mdc2.h>
57 #ifndef OPENSSL_NO_MD4
58 # include <openssl/md4.h>
60 #ifndef OPENSSL_NO_MD5
61 # include <openssl/md5.h>
63 #include <openssl/hmac.h>
64 #ifndef OPENSSL_NO_CMAC
65 #include <openssl/cmac.h>
67 #include <openssl/sha.h>
68 #ifndef OPENSSL_NO_RMD160
69 # include <openssl/ripemd.h>
71 #ifndef OPENSSL_NO_WHIRLPOOL
72 # include <openssl/whrlpool.h>
74 #ifndef OPENSSL_NO_RC4
75 # include <openssl/rc4.h>
77 #ifndef OPENSSL_NO_RC5
78 # include <openssl/rc5.h>
80 #ifndef OPENSSL_NO_RC2
81 # include <openssl/rc2.h>
83 #ifndef OPENSSL_NO_IDEA
84 # include <openssl/idea.h>
86 #ifndef OPENSSL_NO_SEED
87 # include <openssl/seed.h>
90 # include <openssl/blowfish.h>
92 #ifndef OPENSSL_NO_CAST
93 # include <openssl/cast.h>
95 #ifndef OPENSSL_NO_RSA
96 # include <openssl/rsa.h>
97 # include "./testrsa.h"
99 #include <openssl/x509.h>
100 #ifndef OPENSSL_NO_DSA
101 # include <openssl/dsa.h>
102 # include "./testdsa.h"
104 #ifndef OPENSSL_NO_EC
105 # include <openssl/ec.h>
107 #include <openssl/modes.h>
110 # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS)
123 #define MAX_MISALIGNMENT 63
124 #define MAX_ECDH_SIZE 256
127 typedef struct openssl_speed_sec_st {
135 } openssl_speed_sec_t;
137 static volatile int run = 0;
139 static int mr = 0; /* machine-readeable output format to merge fork results */
140 static int usertime = 1;
142 static double Time_F(int s);
143 static void print_message(const char *s, long num, int length, int tm);
144 static void pkey_print_message(const char *str, const char *str2,
145 long num, unsigned int bits, int sec);
146 static void print_result(int alg, int run_no, int count, double time_used);
148 static int do_multi(int multi, int size_num);
151 static const int lengths_list[] = {
152 16, 64, 256, 1024, 8 * 1024, 16 * 1024
154 #define SIZE_NUM OSSL_NELEM(lengths_list)
155 static const int *lengths = lengths_list;
157 static const int aead_lengths_list[] = {
158 2, 31, 136, 1024, 8 * 1024, 16 * 1024
166 static void alarmed(int sig)
168 signal(SIGALRM, alarmed);
172 static double Time_F(int s)
174 double ret = app_tminterval(s, usertime);
180 #elif defined(_WIN32)
184 static unsigned int lapse;
185 static volatile unsigned int schlock;
186 static void alarm_win32(unsigned int secs)
191 # define alarm alarm_win32
193 static DWORD WINAPI sleepy(VOID * arg)
201 static double Time_F(int s)
208 thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
210 DWORD err = GetLastError();
211 BIO_printf(bio_err, "unable to CreateThread (%lu)", err);
215 Sleep(0); /* scheduler spinlock */
216 ret = app_tminterval(s, usertime);
218 ret = app_tminterval(s, usertime);
220 TerminateThread(thr, 0);
227 static double Time_F(int s)
229 return app_tminterval(s, usertime);
233 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
234 const openssl_speed_sec_t *seconds);
236 static int opt_found(const char *name, unsigned int *result,
237 const OPT_PAIR pairs[], unsigned int nbelem)
241 for (idx = 0; idx < nbelem; ++idx, pairs++)
242 if (strcmp(name, pairs->name) == 0) {
243 *result = pairs->retval;
248 #define opt_found(value, pairs, result)\
249 opt_found(value, result, pairs, OSSL_NELEM(pairs))
251 typedef enum OPTION_choice {
252 OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
253 OPT_ELAPSED, OPT_EVP, OPT_HMAC, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
254 OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM,
255 OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD, OPT_CMAC
258 const OPTIONS speed_options[] = {
259 {OPT_HELP_STR, 1, '-', "Usage: %s [options] [algorithm...]\n"},
261 OPT_SECTION("General"),
262 {"help", OPT_HELP, '-', "Display this summary"},
264 "Enable (tls1>=1) multi-block mode on EVP-named cipher"},
265 {"mr", OPT_MR, '-', "Produce machine readable output"},
267 {"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"},
269 #ifndef OPENSSL_NO_ASYNC
270 {"async_jobs", OPT_ASYNCJOBS, 'p',
271 "Enable async mode and start specified number of jobs"},
273 #ifndef OPENSSL_NO_ENGINE
274 {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
276 {"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"},
278 OPT_SECTION("Selection"),
279 {"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"},
280 {"hmac", OPT_HMAC, 's', "HMAC using EVP-named digest"},
281 #ifndef OPENSSL_NO_CMAC
282 {"cmac", OPT_CMAC, 's', "CMAC using EVP-named cipher"},
284 {"decrypt", OPT_DECRYPT, '-',
285 "Time decryption instead of encryption (only EVP)"},
286 {"aead", OPT_AEAD, '-',
287 "Benchmark EVP-named AEAD cipher in TLS-like sequence"},
289 OPT_SECTION("Timing"),
290 {"elapsed", OPT_ELAPSED, '-',
291 "Use wall-clock time instead of CPU user time as divisor"},
292 {"seconds", OPT_SECONDS, 'p',
293 "Run benchmarks for specified amount of seconds"},
294 {"bytes", OPT_BYTES, 'p',
295 "Run [non-PKI] benchmarks on custom-sized buffer"},
296 {"misalign", OPT_MISALIGN, 'p',
297 "Use specified offset to mis-align buffers"},
302 {"algorithm", 0, 0, "Algorithm(s) to test (optional; otherwise tests all)"},
307 D_MD2, D_MDC2, D_MD4, D_MD5 , D_HMAC, D_SHA1, D_RMD160, D_RC4,
308 D_CBC_DES, D_EDE3_DES, D_CBC_IDEA, D_CBC_SEED,
309 D_CBC_RC2, D_CBC_RC5, D_CBC_BF, D_CBC_CAST,
310 D_CBC_128_AES, D_CBC_192_AES, D_CBC_256_AES,
311 D_CBC_128_CML, D_CBC_192_CML, D_CBC_256_CML,
312 D_EVP, D_SHA256, D_SHA512, D_WHIRLPOOL,
313 D_IGE_128_AES, D_IGE_192_AES, D_IGE_256_AES,
314 D_GHASH, D_RAND, D_EVP_HMAC, D_EVP_CMAC, ALGOR_NUM
316 /* name of algorithms to test. MUST BE KEEP IN SYNC with above enum ! */
317 static const char *names[ALGOR_NUM] = {
318 "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
319 "des cbc", "des ede3", "idea cbc", "seed cbc",
320 "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
321 "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
322 "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
323 "evp", "sha256", "sha512", "whirlpool",
324 "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
325 "rand", "hmac", "cmac"
328 /* list of configured algorithm (remaining), with some few alias */
329 static const OPT_PAIR doit_choices[] = {
330 #ifndef OPENSSL_NO_MD2
333 #ifndef OPENSSL_NO_MDC2
336 #ifndef OPENSSL_NO_MD4
339 #ifndef OPENSSL_NO_MD5
344 {"sha256", D_SHA256},
345 {"sha512", D_SHA512},
346 #ifndef OPENSSL_NO_WHIRLPOOL
347 {"whirlpool", D_WHIRLPOOL},
349 #ifndef OPENSSL_NO_RMD160
350 {"ripemd", D_RMD160},
351 {"rmd160", D_RMD160},
352 {"ripemd160", D_RMD160},
354 #ifndef OPENSSL_NO_RC4
357 #ifndef OPENSSL_NO_DES
358 {"des-cbc", D_CBC_DES},
359 {"des-ede3", D_EDE3_DES},
361 {"aes-128-cbc", D_CBC_128_AES},
362 {"aes-192-cbc", D_CBC_192_AES},
363 {"aes-256-cbc", D_CBC_256_AES},
364 #ifndef OPENSSL_NO_DEPRECATED_3_0
365 {"aes-128-ige", D_IGE_128_AES},
366 {"aes-192-ige", D_IGE_192_AES},
367 {"aes-256-ige", D_IGE_256_AES},
369 #ifndef OPENSSL_NO_RC2
370 {"rc2-cbc", D_CBC_RC2},
373 #ifndef OPENSSL_NO_RC5
374 {"rc5-cbc", D_CBC_RC5},
377 #ifndef OPENSSL_NO_IDEA
378 {"idea-cbc", D_CBC_IDEA},
379 {"idea", D_CBC_IDEA},
381 #ifndef OPENSSL_NO_SEED
382 {"seed-cbc", D_CBC_SEED},
383 {"seed", D_CBC_SEED},
385 #ifndef OPENSSL_NO_BF
386 {"bf-cbc", D_CBC_BF},
387 {"blowfish", D_CBC_BF},
390 #ifndef OPENSSL_NO_CAST
391 {"cast-cbc", D_CBC_CAST},
392 {"cast", D_CBC_CAST},
393 {"cast5", D_CBC_CAST},
399 static double results[ALGOR_NUM][SIZE_NUM];
401 #ifndef OPENSSL_NO_DSA
402 enum { R_DSA_512, R_DSA_1024, R_DSA_2048, DSA_NUM };
403 static const OPT_PAIR dsa_choices[DSA_NUM] = {
404 {"dsa512", R_DSA_512},
405 {"dsa1024", R_DSA_1024},
406 {"dsa2048", R_DSA_2048}
408 static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */
409 #endif /* OPENSSL_NO_DSA */
411 #ifndef OPENSSL_NO_RSA
413 R_RSA_512, R_RSA_1024, R_RSA_2048, R_RSA_3072, R_RSA_4096, R_RSA_7680,
416 static const OPT_PAIR rsa_choices[RSA_NUM] = {
417 {"rsa512", R_RSA_512},
418 {"rsa1024", R_RSA_1024},
419 {"rsa2048", R_RSA_2048},
420 {"rsa3072", R_RSA_3072},
421 {"rsa4096", R_RSA_4096},
422 {"rsa7680", R_RSA_7680},
423 {"rsa15360", R_RSA_15360}
426 static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */
427 #endif /* OPENSSL_NO_RSA */
429 #ifndef OPENSSL_NO_EC
431 R_EC_P160, R_EC_P192, R_EC_P224, R_EC_P256, R_EC_P384, R_EC_P521,
432 # ifndef OPENSSL_NO_EC2M
433 R_EC_K163, R_EC_K233, R_EC_K283, R_EC_K409, R_EC_K571,
434 R_EC_B163, R_EC_B233, R_EC_B283, R_EC_B409, R_EC_B571,
436 R_EC_BRP256R1, R_EC_BRP256T1, R_EC_BRP384R1, R_EC_BRP384T1,
437 R_EC_BRP512R1, R_EC_BRP512T1, ECDSA_NUM
439 /* list of ecdsa curves */
440 static const OPT_PAIR ecdsa_choices[ECDSA_NUM] = {
441 {"ecdsap160", R_EC_P160},
442 {"ecdsap192", R_EC_P192},
443 {"ecdsap224", R_EC_P224},
444 {"ecdsap256", R_EC_P256},
445 {"ecdsap384", R_EC_P384},
446 {"ecdsap521", R_EC_P521},
447 # ifndef OPENSSL_NO_EC2M
448 {"ecdsak163", R_EC_K163},
449 {"ecdsak233", R_EC_K233},
450 {"ecdsak283", R_EC_K283},
451 {"ecdsak409", R_EC_K409},
452 {"ecdsak571", R_EC_K571},
453 {"ecdsab163", R_EC_B163},
454 {"ecdsab233", R_EC_B233},
455 {"ecdsab283", R_EC_B283},
456 {"ecdsab409", R_EC_B409},
457 {"ecdsab571", R_EC_B571},
459 {"ecdsabrp256r1", R_EC_BRP256R1},
460 {"ecdsabrp256t1", R_EC_BRP256T1},
461 {"ecdsabrp384r1", R_EC_BRP384R1},
462 {"ecdsabrp384t1", R_EC_BRP384T1},
463 {"ecdsabrp512r1", R_EC_BRP512R1},
464 {"ecdsabrp512t1", R_EC_BRP512T1}
466 enum { R_EC_X25519 = ECDSA_NUM, R_EC_X448, EC_NUM };
467 /* list of ecdh curves, extension of |ecdsa_choices| list above */
468 static const OPT_PAIR ecdh_choices[EC_NUM] = {
469 {"ecdhp160", R_EC_P160},
470 {"ecdhp192", R_EC_P192},
471 {"ecdhp224", R_EC_P224},
472 {"ecdhp256", R_EC_P256},
473 {"ecdhp384", R_EC_P384},
474 {"ecdhp521", R_EC_P521},
475 # ifndef OPENSSL_NO_EC2M
476 {"ecdhk163", R_EC_K163},
477 {"ecdhk233", R_EC_K233},
478 {"ecdhk283", R_EC_K283},
479 {"ecdhk409", R_EC_K409},
480 {"ecdhk571", R_EC_K571},
481 {"ecdhb163", R_EC_B163},
482 {"ecdhb233", R_EC_B233},
483 {"ecdhb283", R_EC_B283},
484 {"ecdhb409", R_EC_B409},
485 {"ecdhb571", R_EC_B571},
487 {"ecdhbrp256r1", R_EC_BRP256R1},
488 {"ecdhbrp256t1", R_EC_BRP256T1},
489 {"ecdhbrp384r1", R_EC_BRP384R1},
490 {"ecdhbrp384t1", R_EC_BRP384T1},
491 {"ecdhbrp512r1", R_EC_BRP512R1},
492 {"ecdhbrp512t1", R_EC_BRP512T1},
493 {"ecdhx25519", R_EC_X25519},
494 {"ecdhx448", R_EC_X448}
497 static double ecdh_results[EC_NUM][1]; /* 1 op: derivation */
498 static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */
500 enum { R_EC_Ed25519, R_EC_Ed448, EdDSA_NUM };
501 static const OPT_PAIR eddsa_choices[EdDSA_NUM] = {
502 {"ed25519", R_EC_Ed25519},
503 {"ed448", R_EC_Ed448}
506 static double eddsa_results[EdDSA_NUM][2]; /* 2 ops: sign then verify */
508 # ifndef OPENSSL_NO_SM2
509 enum { R_EC_CURVESM2, SM2_NUM };
510 static const OPT_PAIR sm2_choices[SM2_NUM] = {
511 {"curveSM2", R_EC_CURVESM2}
513 # define SM2_ID "TLSv1.3+GM+Cipher+Suite"
514 # define SM2_ID_LEN sizeof("TLSv1.3+GM+Cipher+Suite") - 1
515 static double sm2_results[SM2_NUM][2]; /* 2 ops: sign then verify */
516 # endif /* OPENSSL_NO_SM2 */
517 #endif /* OPENSSL_NO_EC */
520 # define COND(d) (count < (d))
521 # define COUNT(d) (d)
523 # define COND(unused_cond) (run && count<0x7fffffff)
524 # define COUNT(d) (count)
527 typedef struct loopargs_st {
528 ASYNC_JOB *inprogress_job;
529 ASYNC_WAIT_CTX *wait_ctx;
532 unsigned char *buf_malloc;
533 unsigned char *buf2_malloc;
537 #ifndef OPENSSL_NO_RSA
538 RSA *rsa_key[RSA_NUM];
540 #ifndef OPENSSL_NO_DSA
541 DSA *dsa_key[DSA_NUM];
543 #ifndef OPENSSL_NO_EC
544 EC_KEY *ecdsa[ECDSA_NUM];
545 EVP_PKEY_CTX *ecdh_ctx[EC_NUM];
546 EVP_MD_CTX *eddsa_ctx[EdDSA_NUM];
547 # ifndef OPENSSL_NO_SM2
548 EVP_MD_CTX *sm2_ctx[SM2_NUM];
549 EVP_MD_CTX *sm2_vfy_ctx[SM2_NUM];
550 EVP_PKEY *sm2_pkey[SM2_NUM];
552 unsigned char *secret_a;
553 unsigned char *secret_b;
554 size_t outlen[EC_NUM];
558 #ifndef OPENSSL_NO_CMAC
561 GCM128_CONTEXT *gcm_ctx;
563 static int run_benchmark(int async_jobs, int (*loop_function) (void *),
564 loopargs_t * loopargs);
566 static unsigned int testnum;
568 /* Nb of iterations to do per algorithm and key-size */
569 static long c[ALGOR_NUM][SIZE_NUM];
571 #ifndef OPENSSL_NO_MD2
572 static int EVP_Digest_MD2_loop(void *args)
574 loopargs_t *tempargs = *(loopargs_t **) args;
575 unsigned char *buf = tempargs->buf;
576 unsigned char md2[MD2_DIGEST_LENGTH];
579 for (count = 0; COND(c[D_MD2][testnum]); count++) {
580 if (!EVP_Digest(buf, (size_t)lengths[testnum], md2, NULL, EVP_md2(),
588 #ifndef OPENSSL_NO_MDC2
589 static int EVP_Digest_MDC2_loop(void *args)
591 loopargs_t *tempargs = *(loopargs_t **) args;
592 unsigned char *buf = tempargs->buf;
593 unsigned char mdc2[MDC2_DIGEST_LENGTH];
596 for (count = 0; COND(c[D_MDC2][testnum]); count++) {
597 if (!EVP_Digest(buf, (size_t)lengths[testnum], mdc2, NULL, EVP_mdc2(),
605 #ifndef OPENSSL_NO_MD4
606 static int EVP_Digest_MD4_loop(void *args)
608 loopargs_t *tempargs = *(loopargs_t **) args;
609 unsigned char *buf = tempargs->buf;
610 unsigned char md4[MD4_DIGEST_LENGTH];
613 for (count = 0; COND(c[D_MD4][testnum]); count++) {
614 if (!EVP_Digest(buf, (size_t)lengths[testnum], md4, NULL, EVP_md4(),
622 #ifndef OPENSSL_NO_MD5
623 static int MD5_loop(void *args)
625 loopargs_t *tempargs = *(loopargs_t **) args;
626 unsigned char *buf = tempargs->buf;
627 unsigned char md5[MD5_DIGEST_LENGTH];
629 for (count = 0; COND(c[D_MD5][testnum]); count++)
630 MD5(buf, lengths[testnum], md5);
634 static int HMAC_loop(void *args)
636 loopargs_t *tempargs = *(loopargs_t **) args;
637 unsigned char *buf = tempargs->buf;
638 HMAC_CTX *hctx = tempargs->hctx;
639 unsigned char hmac[MD5_DIGEST_LENGTH];
642 for (count = 0; COND(c[D_HMAC][testnum]); count++) {
643 HMAC_Init_ex(hctx, NULL, 0, NULL, NULL);
644 HMAC_Update(hctx, buf, lengths[testnum]);
645 HMAC_Final(hctx, hmac, NULL);
651 static int SHA1_loop(void *args)
653 loopargs_t *tempargs = *(loopargs_t **) args;
654 unsigned char *buf = tempargs->buf;
655 unsigned char sha[SHA_DIGEST_LENGTH];
657 for (count = 0; COND(c[D_SHA1][testnum]); count++)
658 SHA1(buf, lengths[testnum], sha);
662 static int SHA256_loop(void *args)
664 loopargs_t *tempargs = *(loopargs_t **) args;
665 unsigned char *buf = tempargs->buf;
666 unsigned char sha256[SHA256_DIGEST_LENGTH];
668 for (count = 0; COND(c[D_SHA256][testnum]); count++)
669 SHA256(buf, lengths[testnum], sha256);
673 static int SHA512_loop(void *args)
675 loopargs_t *tempargs = *(loopargs_t **) args;
676 unsigned char *buf = tempargs->buf;
677 unsigned char sha512[SHA512_DIGEST_LENGTH];
679 for (count = 0; COND(c[D_SHA512][testnum]); count++)
680 SHA512(buf, lengths[testnum], sha512);
684 #ifndef OPENSSL_NO_WHIRLPOOL
685 static int WHIRLPOOL_loop(void *args)
687 loopargs_t *tempargs = *(loopargs_t **) args;
688 unsigned char *buf = tempargs->buf;
689 unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
691 for (count = 0; COND(c[D_WHIRLPOOL][testnum]); count++)
692 WHIRLPOOL(buf, lengths[testnum], whirlpool);
697 #ifndef OPENSSL_NO_RMD160
698 static int EVP_Digest_RMD160_loop(void *args)
700 loopargs_t *tempargs = *(loopargs_t **) args;
701 unsigned char *buf = tempargs->buf;
702 unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
704 for (count = 0; COND(c[D_RMD160][testnum]); count++) {
705 if (!EVP_Digest(buf, (size_t)lengths[testnum], &(rmd160[0]),
706 NULL, EVP_ripemd160(), NULL))
713 #ifndef OPENSSL_NO_RC4
714 static RC4_KEY rc4_ks;
715 static int RC4_loop(void *args)
717 loopargs_t *tempargs = *(loopargs_t **) args;
718 unsigned char *buf = tempargs->buf;
720 for (count = 0; COND(c[D_RC4][testnum]); count++)
721 RC4(&rc4_ks, (size_t)lengths[testnum], buf, buf);
726 #ifndef OPENSSL_NO_DES
727 static unsigned char DES_iv[8];
728 static DES_key_schedule sch[3];
729 static int DES_ncbc_encrypt_loop(void *args)
731 loopargs_t *tempargs = *(loopargs_t **) args;
732 unsigned char *buf = tempargs->buf;
734 for (count = 0; COND(c[D_CBC_DES][testnum]); count++)
735 DES_ncbc_encrypt(buf, buf, lengths[testnum], &sch[0],
736 &DES_iv, DES_ENCRYPT);
740 static int DES_ede3_cbc_encrypt_loop(void *args)
742 loopargs_t *tempargs = *(loopargs_t **) args;
743 unsigned char *buf = tempargs->buf;
745 for (count = 0; COND(c[D_EDE3_DES][testnum]); count++)
746 DES_ede3_cbc_encrypt(buf, buf, lengths[testnum],
747 &sch[0], &sch[1], &sch[2], &DES_iv, DES_ENCRYPT);
752 #define MAX_BLOCK_SIZE 128
754 static unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
755 static AES_KEY aes_ks1, aes_ks2, aes_ks3;
756 static int AES_cbc_128_encrypt_loop(void *args)
758 loopargs_t *tempargs = *(loopargs_t **) args;
759 unsigned char *buf = tempargs->buf;
761 for (count = 0; COND(c[D_CBC_128_AES][testnum]); count++)
762 AES_cbc_encrypt(buf, buf,
763 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
767 static int AES_cbc_192_encrypt_loop(void *args)
769 loopargs_t *tempargs = *(loopargs_t **) args;
770 unsigned char *buf = tempargs->buf;
772 for (count = 0; COND(c[D_CBC_192_AES][testnum]); count++)
773 AES_cbc_encrypt(buf, buf,
774 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
778 static int AES_cbc_256_encrypt_loop(void *args)
780 loopargs_t *tempargs = *(loopargs_t **) args;
781 unsigned char *buf = tempargs->buf;
783 for (count = 0; COND(c[D_CBC_256_AES][testnum]); count++)
784 AES_cbc_encrypt(buf, buf,
785 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
789 #ifndef OPENSSL_NO_DEPRECATED_3_0
790 static int AES_ige_128_encrypt_loop(void *args)
792 loopargs_t *tempargs = *(loopargs_t **) args;
793 unsigned char *buf = tempargs->buf;
794 unsigned char *buf2 = tempargs->buf2;
796 for (count = 0; COND(c[D_IGE_128_AES][testnum]); count++)
797 AES_ige_encrypt(buf, buf2,
798 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
802 static int AES_ige_192_encrypt_loop(void *args)
804 loopargs_t *tempargs = *(loopargs_t **) args;
805 unsigned char *buf = tempargs->buf;
806 unsigned char *buf2 = tempargs->buf2;
808 for (count = 0; COND(c[D_IGE_192_AES][testnum]); count++)
809 AES_ige_encrypt(buf, buf2,
810 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
814 static int AES_ige_256_encrypt_loop(void *args)
816 loopargs_t *tempargs = *(loopargs_t **) args;
817 unsigned char *buf = tempargs->buf;
818 unsigned char *buf2 = tempargs->buf2;
820 for (count = 0; COND(c[D_IGE_256_AES][testnum]); count++)
821 AES_ige_encrypt(buf, buf2,
822 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
827 static int CRYPTO_gcm128_aad_loop(void *args)
829 loopargs_t *tempargs = *(loopargs_t **) args;
830 unsigned char *buf = tempargs->buf;
831 GCM128_CONTEXT *gcm_ctx = tempargs->gcm_ctx;
833 for (count = 0; COND(c[D_GHASH][testnum]); count++)
834 CRYPTO_gcm128_aad(gcm_ctx, buf, lengths[testnum]);
838 static int RAND_bytes_loop(void *args)
840 loopargs_t *tempargs = *(loopargs_t **) args;
841 unsigned char *buf = tempargs->buf;
844 for (count = 0; COND(c[D_RAND][testnum]); count++)
845 RAND_bytes(buf, lengths[testnum]);
849 static int decrypt = 0;
850 static int EVP_Update_loop(void *args)
852 loopargs_t *tempargs = *(loopargs_t **) args;
853 unsigned char *buf = tempargs->buf;
854 EVP_CIPHER_CTX *ctx = tempargs->ctx;
858 for (count = 0; COND(c[D_EVP][testnum]); count++) {
859 rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
861 /* reset iv in case of counter overflow */
862 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
866 for (count = 0; COND(c[D_EVP][testnum]); count++) {
867 rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
869 /* reset iv in case of counter overflow */
870 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
875 EVP_DecryptFinal_ex(ctx, buf, &outl);
877 EVP_EncryptFinal_ex(ctx, buf, &outl);
882 * CCM does not support streaming. For the purpose of performance measurement,
883 * each message is encrypted using the same (key,iv)-pair. Do not use this
884 * code in your application.
886 static int EVP_Update_loop_ccm(void *args)
888 loopargs_t *tempargs = *(loopargs_t **) args;
889 unsigned char *buf = tempargs->buf;
890 EVP_CIPHER_CTX *ctx = tempargs->ctx;
892 unsigned char tag[12];
895 for (count = 0; COND(c[D_EVP][testnum]); count++) {
896 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), tag);
898 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
899 /* counter is reset on every update */
900 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
903 for (count = 0; COND(c[D_EVP][testnum]); count++) {
904 /* restore iv length field */
905 EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
906 /* counter is reset on every update */
907 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
911 EVP_DecryptFinal_ex(ctx, buf, &outl);
913 EVP_EncryptFinal_ex(ctx, buf, &outl);
918 * To make AEAD benchmarking more relevant perform TLS-like operations,
919 * 13-byte AAD followed by payload. But don't use TLS-formatted AAD, as
920 * payload length is not actually limited by 16KB...
922 static int EVP_Update_loop_aead(void *args)
924 loopargs_t *tempargs = *(loopargs_t **) args;
925 unsigned char *buf = tempargs->buf;
926 EVP_CIPHER_CTX *ctx = tempargs->ctx;
928 unsigned char aad[13] = { 0xcc };
929 unsigned char faketag[16] = { 0xcc };
932 for (count = 0; COND(c[D_EVP][testnum]); count++) {
933 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
934 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
935 sizeof(faketag), faketag);
936 EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
937 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
938 EVP_DecryptFinal_ex(ctx, buf + outl, &outl);
941 for (count = 0; COND(c[D_EVP][testnum]); count++) {
942 EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv);
943 EVP_EncryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
944 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
945 EVP_EncryptFinal_ex(ctx, buf + outl, &outl);
951 static const EVP_MD *evp_md = NULL;
952 static int EVP_Digest_loop(void *args)
954 loopargs_t *tempargs = *(loopargs_t **) args;
955 unsigned char *buf = tempargs->buf;
956 unsigned char md[EVP_MAX_MD_SIZE];
959 for (count = 0; COND(c[D_EVP][testnum]); count++) {
960 if (!EVP_Digest(buf, lengths[testnum], md, NULL, evp_md, NULL))
966 static const EVP_MD *evp_hmac_md = NULL;
967 static char *evp_hmac_name = NULL;
968 static int EVP_HMAC_loop(void *args)
970 loopargs_t *tempargs = *(loopargs_t **) args;
971 unsigned char *buf = tempargs->buf;
972 unsigned char no_key[32];
975 for (count = 0; COND(c[D_EVP_HMAC][testnum]); count++) {
976 if (HMAC(evp_hmac_md, no_key, sizeof(no_key), buf, lengths[testnum],
983 #ifndef OPENSSL_NO_CMAC
984 static const EVP_CIPHER *evp_cmac_cipher = NULL;
985 static char *evp_cmac_name = NULL;
987 static int EVP_CMAC_loop(void *args)
989 loopargs_t *tempargs = *(loopargs_t **) args;
990 unsigned char *buf = tempargs->buf;
991 CMAC_CTX *cmac_ctx = tempargs->cmac_ctx;
992 static const char key[16] = "This is a key...";
993 unsigned char mac[16];
994 size_t len = sizeof(mac);
997 for (count = 0; COND(c[D_EVP_CMAC][testnum]); count++) {
998 if (!CMAC_Init(cmac_ctx, key, sizeof(key), evp_cmac_cipher, NULL)
999 || !CMAC_Update(cmac_ctx, buf, lengths[testnum])
1000 || !CMAC_Final(cmac_ctx, mac, &len))
1007 #ifndef OPENSSL_NO_RSA
1008 static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */
1010 static int RSA_sign_loop(void *args)
1012 loopargs_t *tempargs = *(loopargs_t **) args;
1013 unsigned char *buf = tempargs->buf;
1014 unsigned char *buf2 = tempargs->buf2;
1015 unsigned int *rsa_num = &tempargs->siglen;
1016 RSA **rsa_key = tempargs->rsa_key;
1018 for (count = 0; COND(rsa_c[testnum][0]); count++) {
1019 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1021 BIO_printf(bio_err, "RSA sign failure\n");
1022 ERR_print_errors(bio_err);
1030 static int RSA_verify_loop(void *args)
1032 loopargs_t *tempargs = *(loopargs_t **) args;
1033 unsigned char *buf = tempargs->buf;
1034 unsigned char *buf2 = tempargs->buf2;
1035 unsigned int rsa_num = tempargs->siglen;
1036 RSA **rsa_key = tempargs->rsa_key;
1038 for (count = 0; COND(rsa_c[testnum][1]); count++) {
1040 RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1042 BIO_printf(bio_err, "RSA verify failure\n");
1043 ERR_print_errors(bio_err);
1052 #ifndef OPENSSL_NO_DSA
1053 static long dsa_c[DSA_NUM][2];
1054 static int DSA_sign_loop(void *args)
1056 loopargs_t *tempargs = *(loopargs_t **) args;
1057 unsigned char *buf = tempargs->buf;
1058 unsigned char *buf2 = tempargs->buf2;
1059 DSA **dsa_key = tempargs->dsa_key;
1060 unsigned int *siglen = &tempargs->siglen;
1062 for (count = 0; COND(dsa_c[testnum][0]); count++) {
1063 ret = DSA_sign(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1065 BIO_printf(bio_err, "DSA sign failure\n");
1066 ERR_print_errors(bio_err);
1074 static int DSA_verify_loop(void *args)
1076 loopargs_t *tempargs = *(loopargs_t **) args;
1077 unsigned char *buf = tempargs->buf;
1078 unsigned char *buf2 = tempargs->buf2;
1079 DSA **dsa_key = tempargs->dsa_key;
1080 unsigned int siglen = tempargs->siglen;
1082 for (count = 0; COND(dsa_c[testnum][1]); count++) {
1083 ret = DSA_verify(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1085 BIO_printf(bio_err, "DSA verify failure\n");
1086 ERR_print_errors(bio_err);
1095 #ifndef OPENSSL_NO_EC
1096 static long ecdsa_c[ECDSA_NUM][2];
1097 static int ECDSA_sign_loop(void *args)
1099 loopargs_t *tempargs = *(loopargs_t **) args;
1100 unsigned char *buf = tempargs->buf;
1101 EC_KEY **ecdsa = tempargs->ecdsa;
1102 unsigned char *ecdsasig = tempargs->buf2;
1103 unsigned int *ecdsasiglen = &tempargs->siglen;
1105 for (count = 0; COND(ecdsa_c[testnum][0]); count++) {
1106 ret = ECDSA_sign(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1108 BIO_printf(bio_err, "ECDSA sign failure\n");
1109 ERR_print_errors(bio_err);
1117 static int ECDSA_verify_loop(void *args)
1119 loopargs_t *tempargs = *(loopargs_t **) args;
1120 unsigned char *buf = tempargs->buf;
1121 EC_KEY **ecdsa = tempargs->ecdsa;
1122 unsigned char *ecdsasig = tempargs->buf2;
1123 unsigned int ecdsasiglen = tempargs->siglen;
1125 for (count = 0; COND(ecdsa_c[testnum][1]); count++) {
1126 ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1128 BIO_printf(bio_err, "ECDSA verify failure\n");
1129 ERR_print_errors(bio_err);
1137 /* ******************************************************************** */
1138 static long ecdh_c[EC_NUM][1];
1140 static int ECDH_EVP_derive_key_loop(void *args)
1142 loopargs_t *tempargs = *(loopargs_t **) args;
1143 EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum];
1144 unsigned char *derived_secret = tempargs->secret_a;
1146 size_t *outlen = &(tempargs->outlen[testnum]);
1148 for (count = 0; COND(ecdh_c[testnum][0]); count++)
1149 EVP_PKEY_derive(ctx, derived_secret, outlen);
1154 static long eddsa_c[EdDSA_NUM][2];
1155 static int EdDSA_sign_loop(void *args)
1157 loopargs_t *tempargs = *(loopargs_t **) args;
1158 unsigned char *buf = tempargs->buf;
1159 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1160 unsigned char *eddsasig = tempargs->buf2;
1161 size_t *eddsasigsize = &tempargs->sigsize;
1164 for (count = 0; COND(eddsa_c[testnum][0]); count++) {
1165 ret = EVP_DigestSign(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1167 BIO_printf(bio_err, "EdDSA sign failure\n");
1168 ERR_print_errors(bio_err);
1176 static int EdDSA_verify_loop(void *args)
1178 loopargs_t *tempargs = *(loopargs_t **) args;
1179 unsigned char *buf = tempargs->buf;
1180 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1181 unsigned char *eddsasig = tempargs->buf2;
1182 size_t eddsasigsize = tempargs->sigsize;
1185 for (count = 0; COND(eddsa_c[testnum][1]); count++) {
1186 ret = EVP_DigestVerify(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1188 BIO_printf(bio_err, "EdDSA verify failure\n");
1189 ERR_print_errors(bio_err);
1197 # ifndef OPENSSL_NO_SM2
1198 static long sm2_c[SM2_NUM][2];
1199 static int SM2_sign_loop(void *args)
1201 loopargs_t *tempargs = *(loopargs_t **) args;
1202 unsigned char *buf = tempargs->buf;
1203 EVP_MD_CTX **sm2ctx = tempargs->sm2_ctx;
1204 unsigned char *sm2sig = tempargs->buf2;
1205 size_t sm2sigsize = tempargs->sigsize;
1206 const size_t max_size = tempargs->sigsize;
1208 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1210 for (count = 0; COND(sm2_c[testnum][0]); count++) {
1211 if (!EVP_DigestSignInit(sm2ctx[testnum], NULL, EVP_sm3(),
1212 NULL, sm2_pkey[testnum])) {
1213 BIO_printf(bio_err, "SM2 init sign failure\n");
1214 ERR_print_errors(bio_err);
1218 ret = EVP_DigestSign(sm2ctx[testnum], sm2sig, &sm2sigsize,
1221 BIO_printf(bio_err, "SM2 sign failure\n");
1222 ERR_print_errors(bio_err);
1226 /* update the latest returned size and always use the fixed buffer size */
1227 tempargs->sigsize = sm2sigsize;
1228 sm2sigsize = max_size;
1234 static int SM2_verify_loop(void *args)
1236 loopargs_t *tempargs = *(loopargs_t **) args;
1237 unsigned char *buf = tempargs->buf;
1238 EVP_MD_CTX **sm2ctx = tempargs->sm2_vfy_ctx;
1239 unsigned char *sm2sig = tempargs->buf2;
1240 size_t sm2sigsize = tempargs->sigsize;
1242 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1244 for (count = 0; COND(sm2_c[testnum][1]); count++) {
1245 if (!EVP_DigestVerifyInit(sm2ctx[testnum], NULL, EVP_sm3(),
1246 NULL, sm2_pkey[testnum])) {
1247 BIO_printf(bio_err, "SM2 verify init failure\n");
1248 ERR_print_errors(bio_err);
1252 ret = EVP_DigestVerify(sm2ctx[testnum], sm2sig, sm2sigsize,
1255 BIO_printf(bio_err, "SM2 verify failure\n");
1256 ERR_print_errors(bio_err);
1263 # endif /* OPENSSL_NO_SM2 */
1264 #endif /* OPENSSL_NO_EC */
1266 static int run_benchmark(int async_jobs,
1267 int (*loop_function) (void *), loopargs_t * loopargs)
1269 int job_op_count = 0;
1270 int total_op_count = 0;
1271 int num_inprogress = 0;
1272 int error = 0, i = 0, ret = 0;
1273 OSSL_ASYNC_FD job_fd = 0;
1274 size_t num_job_fds = 0;
1276 if (async_jobs == 0) {
1277 return loop_function((void *)&loopargs);
1280 for (i = 0; i < async_jobs && !error; i++) {
1281 loopargs_t *looparg_item = loopargs + i;
1283 /* Copy pointer content (looparg_t item address) into async context */
1284 ret = ASYNC_start_job(&loopargs[i].inprogress_job, loopargs[i].wait_ctx,
1285 &job_op_count, loop_function,
1286 (void *)&looparg_item, sizeof(looparg_item));
1292 if (job_op_count == -1) {
1295 total_op_count += job_op_count;
1300 BIO_printf(bio_err, "Failure in the job\n");
1301 ERR_print_errors(bio_err);
1307 while (num_inprogress > 0) {
1308 #if defined(OPENSSL_SYS_WINDOWS)
1310 #elif defined(OPENSSL_SYS_UNIX)
1311 int select_result = 0;
1312 OSSL_ASYNC_FD max_fd = 0;
1315 FD_ZERO(&waitfdset);
1317 for (i = 0; i < async_jobs && num_inprogress > 0; i++) {
1318 if (loopargs[i].inprogress_job == NULL)
1321 if (!ASYNC_WAIT_CTX_get_all_fds
1322 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1323 || num_job_fds > 1) {
1324 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1325 ERR_print_errors(bio_err);
1329 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1331 FD_SET(job_fd, &waitfdset);
1332 if (job_fd > max_fd)
1336 if (max_fd >= (OSSL_ASYNC_FD)FD_SETSIZE) {
1338 "Error: max_fd (%d) must be smaller than FD_SETSIZE (%d). "
1339 "Decrease the value of async_jobs\n",
1340 max_fd, FD_SETSIZE);
1341 ERR_print_errors(bio_err);
1346 select_result = select(max_fd + 1, &waitfdset, NULL, NULL, NULL);
1347 if (select_result == -1 && errno == EINTR)
1350 if (select_result == -1) {
1351 BIO_printf(bio_err, "Failure in the select\n");
1352 ERR_print_errors(bio_err);
1357 if (select_result == 0)
1361 for (i = 0; i < async_jobs; i++) {
1362 if (loopargs[i].inprogress_job == NULL)
1365 if (!ASYNC_WAIT_CTX_get_all_fds
1366 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1367 || num_job_fds > 1) {
1368 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1369 ERR_print_errors(bio_err);
1373 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1376 #if defined(OPENSSL_SYS_UNIX)
1377 if (num_job_fds == 1 && !FD_ISSET(job_fd, &waitfdset))
1379 #elif defined(OPENSSL_SYS_WINDOWS)
1380 if (num_job_fds == 1
1381 && !PeekNamedPipe(job_fd, NULL, 0, NULL, &avail, NULL)
1386 ret = ASYNC_start_job(&loopargs[i].inprogress_job,
1387 loopargs[i].wait_ctx, &job_op_count,
1388 loop_function, (void *)(loopargs + i),
1389 sizeof(loopargs_t));
1394 if (job_op_count == -1) {
1397 total_op_count += job_op_count;
1400 loopargs[i].inprogress_job = NULL;
1405 loopargs[i].inprogress_job = NULL;
1406 BIO_printf(bio_err, "Failure in the job\n");
1407 ERR_print_errors(bio_err);
1414 return error ? -1 : total_op_count;
1417 #define stop_it(do_it, test_num)\
1418 memset(do_it + test_num, 0, OSSL_NELEM(do_it) - test_num);
1420 int speed_main(int argc, char **argv)
1423 loopargs_t *loopargs = NULL;
1425 const char *engine_id = NULL;
1426 const EVP_CIPHER *evp_cipher = NULL;
1429 int async_init = 0, multiblock = 0, pr_header = 0;
1430 uint8_t doit[ALGOR_NUM] = { 0 };
1431 int ret = 1, misalign = 0, lengths_single = 0, aead = 0;
1433 unsigned int size_num = SIZE_NUM;
1434 unsigned int i, k, loopargs_len = 0, async_jobs = 0;
1440 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) \
1441 || !defined(OPENSSL_NO_EC)
1444 openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS,
1445 ECDSA_SECONDS, ECDH_SECONDS,
1446 EdDSA_SECONDS, SM2_SECONDS };
1448 /* What follows are the buffers and key material. */
1449 #ifndef OPENSSL_NO_RC5
1452 #ifndef OPENSSL_NO_RC2
1455 #ifndef OPENSSL_NO_IDEA
1456 IDEA_KEY_SCHEDULE idea_ks;
1458 #ifndef OPENSSL_NO_SEED
1459 SEED_KEY_SCHEDULE seed_ks;
1461 #ifndef OPENSSL_NO_BF
1464 #ifndef OPENSSL_NO_CAST
1467 static const unsigned char key16[16] = {
1468 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1469 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1471 static const unsigned char key24[24] = {
1472 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1473 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1474 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1476 static const unsigned char key32[32] = {
1477 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1478 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1479 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1480 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1482 #ifndef OPENSSL_NO_CAMELLIA
1483 CAMELLIA_KEY camellia_ks[3];
1485 #ifndef OPENSSL_NO_RSA
1486 static const struct {
1487 const unsigned char *data;
1488 unsigned int length;
1491 { test512, sizeof(test512), 512 },
1492 { test1024, sizeof(test1024), 1024 },
1493 { test2048, sizeof(test2048), 2048 },
1494 { test3072, sizeof(test3072), 3072 },
1495 { test4096, sizeof(test4096), 4092 },
1496 { test7680, sizeof(test7680), 7680 },
1497 { test15360, sizeof(test15360), 15360 }
1499 uint8_t rsa_doit[RSA_NUM] = { 0 };
1500 int primes = RSA_DEFAULT_PRIME_NUM;
1502 #ifndef OPENSSL_NO_DSA
1503 static const unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 };
1504 uint8_t dsa_doit[DSA_NUM] = { 0 };
1506 #ifndef OPENSSL_NO_EC
1507 typedef struct ec_curve_st {
1511 size_t sigsize; /* only used for EdDSA curves */
1514 * We only test over the following curves as they are representative, To
1515 * add tests over more curves, simply add the curve NID and curve name to
1516 * the following arrays and increase the |ecdh_choices| and |ecdsa_choices|
1517 * lists accordingly.
1519 static const EC_CURVE ec_curves[EC_NUM] = {
1521 {"secp160r1", NID_secp160r1, 160},
1522 {"nistp192", NID_X9_62_prime192v1, 192},
1523 {"nistp224", NID_secp224r1, 224},
1524 {"nistp256", NID_X9_62_prime256v1, 256},
1525 {"nistp384", NID_secp384r1, 384},
1526 {"nistp521", NID_secp521r1, 521},
1527 # ifndef OPENSSL_NO_EC2M
1529 {"nistk163", NID_sect163k1, 163},
1530 {"nistk233", NID_sect233k1, 233},
1531 {"nistk283", NID_sect283k1, 283},
1532 {"nistk409", NID_sect409k1, 409},
1533 {"nistk571", NID_sect571k1, 571},
1534 {"nistb163", NID_sect163r2, 163},
1535 {"nistb233", NID_sect233r1, 233},
1536 {"nistb283", NID_sect283r1, 283},
1537 {"nistb409", NID_sect409r1, 409},
1538 {"nistb571", NID_sect571r1, 571},
1540 {"brainpoolP256r1", NID_brainpoolP256r1, 256},
1541 {"brainpoolP256t1", NID_brainpoolP256t1, 256},
1542 {"brainpoolP384r1", NID_brainpoolP384r1, 384},
1543 {"brainpoolP384t1", NID_brainpoolP384t1, 384},
1544 {"brainpoolP512r1", NID_brainpoolP512r1, 512},
1545 {"brainpoolP512t1", NID_brainpoolP512t1, 512},
1546 /* Other and ECDH only ones */
1547 {"X25519", NID_X25519, 253},
1548 {"X448", NID_X448, 448}
1550 static const EC_CURVE ed_curves[EdDSA_NUM] = {
1552 {"Ed25519", NID_ED25519, 253, 64},
1553 {"Ed448", NID_ED448, 456, 114}
1555 # ifndef OPENSSL_NO_SM2
1556 static const EC_CURVE sm2_curves[SM2_NUM] = {
1558 {"CurveSM2", NID_sm2, 256}
1560 uint8_t sm2_doit[SM2_NUM] = { 0 };
1562 uint8_t ecdsa_doit[ECDSA_NUM] = { 0 };
1563 uint8_t ecdh_doit[EC_NUM] = { 0 };
1564 uint8_t eddsa_doit[EdDSA_NUM] = { 0 };
1566 /* checks declarated curves against choices list. */
1567 OPENSSL_assert(ed_curves[EdDSA_NUM - 1].nid == NID_ED448);
1568 OPENSSL_assert(strcmp(eddsa_choices[EdDSA_NUM - 1].name, "ed448") == 0);
1570 OPENSSL_assert(ec_curves[EC_NUM - 1].nid == NID_X448);
1571 OPENSSL_assert(strcmp(ecdh_choices[EC_NUM - 1].name, "ecdhx448") == 0);
1573 OPENSSL_assert(ec_curves[ECDSA_NUM - 1].nid == NID_brainpoolP512t1);
1574 OPENSSL_assert(strcmp(ecdsa_choices[ECDSA_NUM - 1].name, "ecdsabrp512t1") == 0);
1576 # ifndef OPENSSL_NO_SM2
1577 OPENSSL_assert(sm2_curves[SM2_NUM - 1].nid == NID_sm2);
1578 OPENSSL_assert(strcmp(sm2_choices[SM2_NUM - 1].name, "curveSM2") == 0);
1580 #endif /* ndef OPENSSL_NO_EC */
1582 prog = opt_init(argc, argv, speed_options);
1583 while ((o = opt_next()) != OPT_EOF) {
1588 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
1591 opt_help(speed_options);
1599 evp_cipher = EVP_get_cipherbyname(opt_arg());
1600 if (evp_cipher == NULL)
1601 evp_md = EVP_get_digestbyname(opt_arg());
1602 if (evp_cipher == NULL && evp_md == NULL) {
1604 "%s: %s is an unknown cipher or digest\n",
1611 evp_hmac_md = EVP_get_digestbyname(opt_arg());
1612 if (evp_hmac_md == NULL) {
1613 BIO_printf(bio_err, "%s: %s is an unknown digest\n",
1617 doit[D_EVP_HMAC] = 1;
1620 #ifndef OPENSSL_NO_CMAC
1621 evp_cmac_cipher = EVP_get_cipherbyname(opt_arg());
1622 if (evp_cmac_cipher == NULL) {
1623 BIO_printf(bio_err, "%s: %s is an unknown cipher\n",
1627 doit[D_EVP_CMAC] = 1;
1635 * In a forked execution, an engine might need to be
1636 * initialised by each child process, not by the parent.
1637 * So store the name here and run setup_engine() later on.
1639 engine_id = opt_arg();
1643 multi = atoi(opt_arg());
1647 #ifndef OPENSSL_NO_ASYNC
1648 async_jobs = atoi(opt_arg());
1649 if (!ASYNC_is_capable()) {
1651 "%s: async_jobs specified but async not supported\n",
1655 if (async_jobs > 99999) {
1656 BIO_printf(bio_err, "%s: too many async_jobs\n", prog);
1662 if (!opt_int(opt_arg(), &misalign))
1664 if (misalign > MISALIGN) {
1666 "%s: Maximum offset is %d\n", prog, MISALIGN);
1675 #ifdef OPENSSL_NO_MULTIBLOCK
1677 "%s: -mb specified but multi-block support is disabled\n",
1687 if (!opt_int(opt_arg(), &primes))
1691 seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa
1692 = seconds.ecdh = seconds.eddsa
1693 = seconds.sm2 = atoi(opt_arg());
1696 lengths_single = atoi(opt_arg());
1697 lengths = &lengths_single;
1705 argc = opt_num_rest();
1708 /* Remaining arguments are algorithms. */
1709 for (; *argv; argv++) {
1710 const char *algo = *argv;
1712 if (opt_found(algo, doit_choices, &i)) {
1716 #ifndef OPENSSL_NO_DES
1717 if (strcmp(algo, "des") == 0) {
1718 doit[D_CBC_DES] = doit[D_EDE3_DES] = 1;
1722 if (strcmp(algo, "sha") == 0) {
1723 doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1;
1726 #ifndef OPENSSL_NO_RSA
1727 if (strcmp(algo, "openssl") == 0) /* just for compatibility */
1729 if (strncmp(algo, "rsa", 3) == 0) {
1730 if (algo[3] == '\0') {
1731 memset(rsa_doit, 1, sizeof(rsa_doit));
1734 if (opt_found(algo, rsa_choices, &i)) {
1740 #ifndef OPENSSL_NO_DSA
1741 if (strncmp(algo, "dsa", 3) == 0) {
1742 if (algo[3] == '\0') {
1743 memset(dsa_doit, 1, sizeof(dsa_doit));
1746 if (opt_found(algo, dsa_choices, &i)) {
1752 if (strcmp(algo, "aes") == 0) {
1753 doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1;
1756 #ifndef OPENSSL_NO_CAMELLIA
1757 if (strcmp(algo, "camellia") == 0) {
1758 doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1;
1762 #ifndef OPENSSL_NO_EC
1763 if (strncmp(algo, "ecdsa", 5) == 0) {
1764 if (algo[5] == '\0') {
1765 memset(ecdsa_doit, 1, sizeof(ecdsa_doit));
1768 if (opt_found(algo, ecdsa_choices, &i)) {
1773 if (strncmp(algo, "ecdh", 4) == 0) {
1774 if (algo[4] == '\0') {
1775 memset(ecdh_doit, 1, sizeof(ecdh_doit));
1778 if (opt_found(algo, ecdh_choices, &i)) {
1783 if (strcmp(algo, "eddsa") == 0) {
1784 memset(eddsa_doit, 1, sizeof(eddsa_doit));
1787 if (opt_found(algo, eddsa_choices, &i)) {
1791 # ifndef OPENSSL_NO_SM2
1792 if (strcmp(algo, "sm2") == 0) {
1793 memset(sm2_doit, 1, sizeof(sm2_doit));
1796 if (opt_found(algo, sm2_choices, &i)) {
1801 #endif /* OPENSSL_NO_EC */
1802 BIO_printf(bio_err, "%s: Unknown algorithm %s\n", prog, algo);
1808 if (evp_cipher == NULL) {
1809 BIO_printf(bio_err, "-aead can be used only with an AEAD cipher\n");
1811 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1812 EVP_CIPH_FLAG_AEAD_CIPHER)) {
1813 BIO_printf(bio_err, "%s is not an AEAD cipher\n",
1814 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1819 if (evp_cipher == NULL) {
1820 BIO_printf(bio_err,"-mb can be used only with a multi-block"
1821 " capable cipher\n");
1823 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1824 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
1825 BIO_printf(bio_err, "%s is not a multi-block capable\n",
1826 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1828 } else if (async_jobs > 0) {
1829 BIO_printf(bio_err, "Async mode is not supported with -mb");
1834 /* Initialize the job pool if async mode is enabled */
1835 if (async_jobs > 0) {
1836 async_init = ASYNC_init_thread(async_jobs, async_jobs);
1838 BIO_printf(bio_err, "Error creating the ASYNC job pool\n");
1843 loopargs_len = (async_jobs == 0 ? 1 : async_jobs);
1845 app_malloc(loopargs_len * sizeof(loopargs_t), "array of loopargs");
1846 memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));
1848 for (i = 0; i < loopargs_len; i++) {
1849 if (async_jobs > 0) {
1850 loopargs[i].wait_ctx = ASYNC_WAIT_CTX_new();
1851 if (loopargs[i].wait_ctx == NULL) {
1852 BIO_printf(bio_err, "Error creating the ASYNC_WAIT_CTX\n");
1857 buflen = lengths[size_num - 1];
1858 if (buflen < 36) /* size of random vector in RSA benchmark */
1860 buflen += MAX_MISALIGNMENT + 1;
1861 loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
1862 loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");
1863 memset(loopargs[i].buf_malloc, 0, buflen);
1864 memset(loopargs[i].buf2_malloc, 0, buflen);
1866 /* Align the start of buffers on a 64 byte boundary */
1867 loopargs[i].buf = loopargs[i].buf_malloc + misalign;
1868 loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;
1869 #ifndef OPENSSL_NO_EC
1870 loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a");
1871 loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b");
1876 if (multi && do_multi(multi, size_num))
1880 /* Initialize the engine after the fork */
1881 e = setup_engine(engine_id, 0);
1883 /* No parameters; turn on everything. */
1884 if (argc == 0 && !doit[D_EVP] && !doit[D_EVP_HMAC] && !doit[D_EVP_CMAC]) {
1885 memset(doit, 1, sizeof(doit));
1886 doit[D_EVP] = doit[D_EVP_HMAC] = doit[D_EVP_CMAC] = 0;
1887 #ifndef OPENSSL_NO_RSA
1888 memset(rsa_doit, 1, sizeof(rsa_doit));
1890 #ifndef OPENSSL_NO_DSA
1891 memset(dsa_doit, 1, sizeof(dsa_doit));
1893 #ifndef OPENSSL_NO_EC
1894 memset(ecdsa_doit, 1, sizeof(ecdsa_doit));
1895 memset(ecdh_doit, 1, sizeof(ecdh_doit));
1896 memset(eddsa_doit, 1, sizeof(eddsa_doit));
1897 # ifndef OPENSSL_NO_SM2
1898 memset(sm2_doit, 1, sizeof(sm2_doit));
1902 for (i = 0; i < ALGOR_NUM; i++)
1906 if (usertime == 0 && !mr)
1908 "You have chosen to measure elapsed time "
1909 "instead of user CPU time.\n");
1911 #ifndef OPENSSL_NO_RSA
1912 for (i = 0; i < loopargs_len; i++) {
1913 if (primes > RSA_DEFAULT_PRIME_NUM) {
1914 /* for multi-prime RSA, skip this */
1917 for (k = 0; k < RSA_NUM; k++) {
1918 const unsigned char *p = rsa_keys[k].data;
1920 loopargs[i].rsa_key[k] =
1921 d2i_RSAPrivateKey(NULL, &p, rsa_keys[k].length);
1922 if (loopargs[i].rsa_key[k] == NULL) {
1924 "internal error loading RSA key number %d\n", k);
1930 #ifndef OPENSSL_NO_DSA
1931 for (i = 0; i < loopargs_len; i++) {
1932 loopargs[i].dsa_key[0] = get_dsa(512);
1933 loopargs[i].dsa_key[1] = get_dsa(1024);
1934 loopargs[i].dsa_key[2] = get_dsa(2048);
1937 #ifndef OPENSSL_NO_DES
1938 if (doit[D_CBC_DES] || doit[D_EDE3_DES]) {
1939 static DES_cblock keys[] = {
1940 { 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0 }, /* keys[0] */
1941 { 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12 }, /* keys[1] */
1942 { 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34 } /* keys[3] */
1944 DES_set_key_unchecked(&keys[0], &sch[0]);
1945 DES_set_key_unchecked(&keys[1], &sch[1]);
1946 DES_set_key_unchecked(&keys[2], &sch[2]);
1949 AES_set_encrypt_key(key16, 128, &aes_ks1);
1950 AES_set_encrypt_key(key24, 192, &aes_ks2);
1951 AES_set_encrypt_key(key32, 256, &aes_ks3);
1952 #ifndef OPENSSL_NO_CAMELLIA
1953 if (doit[D_CBC_128_CML] || doit[D_CBC_192_CML] || doit[D_CBC_256_CML]) {
1954 Camellia_set_key(key16, 128, &camellia_ks[0]);
1955 Camellia_set_key(key24, 192, &camellia_ks[1]);
1956 Camellia_set_key(key32, 256, &camellia_ks[2]);
1959 #ifndef OPENSSL_NO_IDEA
1960 if (doit[D_CBC_IDEA])
1961 IDEA_set_encrypt_key(key16, &idea_ks);
1963 #ifndef OPENSSL_NO_SEED
1964 if (doit[D_CBC_SEED])
1965 SEED_set_key(key16, &seed_ks);
1967 #ifndef OPENSSL_NO_RC4
1969 RC4_set_key(&rc4_ks, 16, key16);
1971 #ifndef OPENSSL_NO_RC2
1972 if (doit[D_CBC_RC2])
1973 RC2_set_key(&rc2_ks, 16, key16, 128);
1975 #ifndef OPENSSL_NO_RC5
1976 if (doit[D_CBC_RC5])
1977 if (!RC5_32_set_key(&rc5_ks, 16, key16, 12)) {
1978 BIO_printf(bio_err, "Failed setting RC5 key\n");
1982 #ifndef OPENSSL_NO_BF
1984 BF_set_key(&bf_ks, 16, key16);
1986 #ifndef OPENSSL_NO_CAST
1987 if (doit[D_CBC_CAST])
1988 CAST_set_key(&cast_ks, 16, key16);
1991 # ifndef OPENSSL_NO_DES
1992 BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
1998 for (it = count; it; it--)
1999 DES_ecb_encrypt((DES_cblock *)loopargs[0].buf,
2000 (DES_cblock *)loopargs[0].buf, &sch, DES_ENCRYPT);
2003 c[D_MD2][0] = count / 10;
2004 c[D_MDC2][0] = count / 10;
2005 c[D_MD4][0] = count;
2006 c[D_MD5][0] = count;
2007 c[D_HMAC][0] = count;
2008 c[D_SHA1][0] = count;
2009 c[D_RMD160][0] = count;
2010 c[D_RC4][0] = count * 5;
2011 c[D_CBC_DES][0] = count;
2012 c[D_EDE3_DES][0] = count / 3;
2013 c[D_CBC_IDEA][0] = count;
2014 c[D_CBC_SEED][0] = count;
2015 c[D_CBC_RC2][0] = count;
2016 c[D_CBC_RC5][0] = count;
2017 c[D_CBC_BF][0] = count;
2018 c[D_CBC_CAST][0] = count;
2019 c[D_CBC_128_AES][0] = count;
2020 c[D_CBC_192_AES][0] = count;
2021 c[D_CBC_256_AES][0] = count;
2022 c[D_CBC_128_CML][0] = count;
2023 c[D_CBC_192_CML][0] = count;
2024 c[D_CBC_256_CML][0] = count;
2025 c[D_EVP][0] = count;
2026 c[D_SHA256][0] = count;
2027 c[D_SHA512][0] = count;
2028 c[D_WHIRLPOOL][0] = count;
2029 c[D_IGE_128_AES][0] = count;
2030 c[D_IGE_192_AES][0] = count;
2031 c[D_IGE_256_AES][0] = count;
2032 c[D_GHASH][0] = count;
2033 c[D_RAND][0] = count;
2034 c[D_EVP_HMAC][0] = count;
2035 c[D_EVP_CMAC][0] = count;
2037 for (i = 1; i < size_num; i++) {
2038 long l0 = (long)lengths[0];
2039 long l1 = (long)lengths[i];
2041 c[D_MD2][i] = c[D_MD2][0] * 4 * l0 / l1;
2042 c[D_MDC2][i] = c[D_MDC2][0] * 4 * l0 / l1;
2043 c[D_MD4][i] = c[D_MD4][0] * 4 * l0 / l1;
2044 c[D_MD5][i] = c[D_MD5][0] * 4 * l0 / l1;
2045 c[D_HMAC][i] = c[D_HMAC][0] * 4 * l0 / l1;
2046 c[D_SHA1][i] = c[D_SHA1][0] * 4 * l0 / l1;
2047 c[D_RMD160][i] = c[D_RMD160][0] * 4 * l0 / l1;
2048 c[D_EVP][i] = = c[D_EVP][0] * 4 * l0 / l1;
2049 c[D_SHA256][i] = c[D_SHA256][0] * 4 * l0 / l1;
2050 c[D_SHA512][i] = c[D_SHA512][0] * 4 * l0 / l1;
2051 c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * l0 / l1;
2052 c[D_GHASH][i] = c[D_GHASH][0] * 4 * l0 / l1;
2053 c[D_RAND][i] = c[D_RAND][0] * 4 * l0 / l1;
2054 c[D_EVP_HMAC][i] = = c[D_EVP_HMAC][0] * 4 * l0 / l1;
2055 c[D_EVP_CMAC][i] = = c[D_EVP_CMAC][0] * 4 * l0 / l1;
2057 l0 = (long)lengths[i - 1];
2059 c[D_RC4][i] = c[D_RC4][i - 1] * l0 / l1;
2060 c[D_CBC_DES][i] = c[D_CBC_DES][i - 1] * l0 / l1;
2061 c[D_EDE3_DES][i] = c[D_EDE3_DES][i - 1] * l0 / l1;
2062 c[D_CBC_IDEA][i] = c[D_CBC_IDEA][i - 1] * l0 / l1;
2063 c[D_CBC_SEED][i] = c[D_CBC_SEED][i - 1] * l0 / l1;
2064 c[D_CBC_RC2][i] = c[D_CBC_RC2][i - 1] * l0 / l1;
2065 c[D_CBC_RC5][i] = c[D_CBC_RC5][i - 1] * l0 / l1;
2066 c[D_CBC_BF][i] = c[D_CBC_BF][i - 1] * l0 / l1;
2067 c[D_CBC_CAST][i] = c[D_CBC_CAST][i - 1] * l0 / l1;
2068 c[D_CBC_128_AES][i] = c[D_CBC_128_AES][i - 1] * l0 / l1;
2069 c[D_CBC_192_AES][i] = c[D_CBC_192_AES][i - 1] * l0 / l1;
2070 c[D_CBC_256_AES][i] = c[D_CBC_256_AES][i - 1] * l0 / l1;
2071 c[D_CBC_128_CML][i] = c[D_CBC_128_CML][i - 1] * l0 / l1;
2072 c[D_CBC_192_CML][i] = c[D_CBC_192_CML][i - 1] * l0 / l1;
2073 c[D_CBC_256_CML][i] = c[D_CBC_256_CML][i - 1] * l0 / l1;
2074 c[D_IGE_128_AES][i] = c[D_IGE_128_AES][i - 1] * l0 / l1;
2075 c[D_IGE_192_AES][i] = c[D_IGE_192_AES][i - 1] * l0 / l1;
2076 c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
2079 # ifndef OPENSSL_NO_RSA
2080 rsa_c[R_RSA_512][0] = count / 2000;
2081 rsa_c[R_RSA_512][1] = count / 400;
2082 for (i = 1; i < RSA_NUM; i++) {
2083 rsa_c[i][0] = rsa_c[i - 1][0] / 8;
2084 rsa_c[i][1] = rsa_c[i - 1][1] / 4;
2085 if (rsa_doit[i] <= 1 && rsa_c[i][0] == 0)
2088 if (rsa_c[i][0] == 0) {
2089 rsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2096 # ifndef OPENSSL_NO_DSA
2097 dsa_c[R_DSA_512][0] = count / 1000;
2098 dsa_c[R_DSA_512][1] = count / 1000 / 2;
2099 for (i = 1; i < DSA_NUM; i++) {
2100 dsa_c[i][0] = dsa_c[i - 1][0] / 4;
2101 dsa_c[i][1] = dsa_c[i - 1][1] / 4;
2102 if (dsa_doit[i] <= 1 && dsa_c[i][0] == 0)
2105 if (dsa_c[i][0] == 0) {
2106 dsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2113 # ifndef OPENSSL_NO_EC
2114 ecdsa_c[R_EC_P160][0] = count / 1000;
2115 ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
2116 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2117 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2118 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2119 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2122 if (ecdsa_c[i][0] == 0) {
2128 # ifndef OPENSSL_NO_EC2M
2129 ecdsa_c[R_EC_K163][0] = count / 1000;
2130 ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
2131 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2132 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2133 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2134 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2137 if (ecdsa_c[i][0] == 0) {
2143 ecdsa_c[R_EC_B163][0] = count / 1000;
2144 ecdsa_c[R_EC_B163][1] = count / 1000 / 2;
2145 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2146 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2147 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2148 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2151 if (ecdsa_c[i][0] == 0) {
2159 ecdh_c[R_EC_P160][0] = count / 1000;
2160 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2161 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2162 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2165 if (ecdh_c[i][0] == 0) {
2170 # ifndef OPENSSL_NO_EC2M
2171 ecdh_c[R_EC_K163][0] = count / 1000;
2172 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2173 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2174 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2177 if (ecdh_c[i][0] == 0) {
2182 ecdh_c[R_EC_B163][0] = count / 1000;
2183 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2184 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2185 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2188 if (ecdh_c[i][0] == 0) {
2194 /* repeated code good to factorize */
2195 ecdh_c[R_EC_BRP256R1][0] = count / 1000;
2196 for (i = R_EC_BRP384R1; i <= R_EC_BRP512R1; i += 2) {
2197 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2198 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2201 if (ecdh_c[i][0] == 0) {
2206 ecdh_c[R_EC_BRP256T1][0] = count / 1000;
2207 for (i = R_EC_BRP384T1; i <= R_EC_BRP512T1; i += 2) {
2208 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2209 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2212 if (ecdh_c[i][0] == 0) {
2217 /* default iteration count for the last two EC Curves */
2218 ecdh_c[R_EC_X25519][0] = count / 1800;
2219 ecdh_c[R_EC_X448][0] = count / 7200;
2221 eddsa_c[R_EC_Ed25519][0] = count / 1800;
2222 eddsa_c[R_EC_Ed448][0] = count / 7200;
2224 # ifndef OPENSSL_NO_SM2
2225 sm2_c[R_EC_SM2P256][0] = count / 1800;
2227 # endif /* OPENSSL_NO_EC */
2230 /* not worth fixing */
2231 # error "You cannot disable DES on systems without SIGALRM."
2232 # endif /* OPENSSL_NO_DES */
2234 signal(SIGALRM, alarmed);
2235 #endif /* SIGALRM */
2237 #ifndef OPENSSL_NO_MD2
2239 for (testnum = 0; testnum < size_num; testnum++) {
2240 print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum],
2243 count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs);
2245 print_result(D_MD2, testnum, count, d);
2249 #ifndef OPENSSL_NO_MDC2
2251 for (testnum = 0; testnum < size_num; testnum++) {
2252 print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum],
2255 count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs);
2257 print_result(D_MDC2, testnum, count, d);
2264 #ifndef OPENSSL_NO_MD4
2266 for (testnum = 0; testnum < size_num; testnum++) {
2267 print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum],
2270 count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs);
2272 print_result(D_MD4, testnum, count, d);
2279 #ifndef OPENSSL_NO_MD5
2281 for (testnum = 0; testnum < size_num; testnum++) {
2282 print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum],
2285 count = run_benchmark(async_jobs, MD5_loop, loopargs);
2287 print_result(D_MD5, testnum, count, d);
2292 static const char hmac_key[] = "This is a key...";
2293 int len = strlen(hmac_key);
2295 for (i = 0; i < loopargs_len; i++) {
2296 loopargs[i].hctx = HMAC_CTX_new();
2297 if (loopargs[i].hctx == NULL) {
2298 BIO_printf(bio_err, "HMAC malloc failure, exiting...");
2302 HMAC_Init_ex(loopargs[i].hctx, hmac_key, len, EVP_md5(), NULL);
2304 for (testnum = 0; testnum < size_num; testnum++) {
2305 print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum],
2308 count = run_benchmark(async_jobs, HMAC_loop, loopargs);
2310 print_result(D_HMAC, testnum, count, d);
2312 for (i = 0; i < loopargs_len; i++)
2313 HMAC_CTX_free(loopargs[i].hctx);
2317 for (testnum = 0; testnum < size_num; testnum++) {
2318 print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum],
2321 count = run_benchmark(async_jobs, SHA1_loop, loopargs);
2323 print_result(D_SHA1, testnum, count, d);
2326 if (doit[D_SHA256]) {
2327 for (testnum = 0; testnum < size_num; testnum++) {
2328 print_message(names[D_SHA256], c[D_SHA256][testnum],
2329 lengths[testnum], seconds.sym);
2331 count = run_benchmark(async_jobs, SHA256_loop, loopargs);
2333 print_result(D_SHA256, testnum, count, d);
2336 if (doit[D_SHA512]) {
2337 for (testnum = 0; testnum < size_num; testnum++) {
2338 print_message(names[D_SHA512], c[D_SHA512][testnum],
2339 lengths[testnum], seconds.sym);
2341 count = run_benchmark(async_jobs, SHA512_loop, loopargs);
2343 print_result(D_SHA512, testnum, count, d);
2346 #ifndef OPENSSL_NO_WHIRLPOOL
2347 if (doit[D_WHIRLPOOL]) {
2348 for (testnum = 0; testnum < size_num; testnum++) {
2349 print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][testnum],
2350 lengths[testnum], seconds.sym);
2352 count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs);
2354 print_result(D_WHIRLPOOL, testnum, count, d);
2359 #ifndef OPENSSL_NO_RMD160
2360 if (doit[D_RMD160]) {
2361 for (testnum = 0; testnum < size_num; testnum++) {
2362 print_message(names[D_RMD160], c[D_RMD160][testnum],
2363 lengths[testnum], seconds.sym);
2365 count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs);
2367 print_result(D_RMD160, testnum, count, d);
2373 #ifndef OPENSSL_NO_RC4
2375 for (testnum = 0; testnum < size_num; testnum++) {
2376 print_message(names[D_RC4], c[D_RC4][testnum], lengths[testnum],
2379 count = run_benchmark(async_jobs, RC4_loop, loopargs);
2381 print_result(D_RC4, testnum, count, d);
2385 #ifndef OPENSSL_NO_DES
2386 if (doit[D_CBC_DES]) {
2387 for (testnum = 0; testnum < size_num; testnum++) {
2388 print_message(names[D_CBC_DES], c[D_CBC_DES][testnum],
2389 lengths[testnum], seconds.sym);
2391 count = run_benchmark(async_jobs, DES_ncbc_encrypt_loop, loopargs);
2393 print_result(D_CBC_DES, testnum, count, d);
2397 if (doit[D_EDE3_DES]) {
2398 for (testnum = 0; testnum < size_num; testnum++) {
2399 print_message(names[D_EDE3_DES], c[D_EDE3_DES][testnum],
2400 lengths[testnum], seconds.sym);
2403 run_benchmark(async_jobs, DES_ede3_cbc_encrypt_loop, loopargs);
2405 print_result(D_EDE3_DES, testnum, count, d);
2410 if (doit[D_CBC_128_AES]) {
2411 for (testnum = 0; testnum < size_num; testnum++) {
2412 print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][testnum],
2413 lengths[testnum], seconds.sym);
2416 run_benchmark(async_jobs, AES_cbc_128_encrypt_loop, loopargs);
2418 print_result(D_CBC_128_AES, testnum, count, d);
2421 if (doit[D_CBC_192_AES]) {
2422 for (testnum = 0; testnum < size_num; testnum++) {
2423 print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][testnum],
2424 lengths[testnum], seconds.sym);
2427 run_benchmark(async_jobs, AES_cbc_192_encrypt_loop, loopargs);
2429 print_result(D_CBC_192_AES, testnum, count, d);
2432 if (doit[D_CBC_256_AES]) {
2433 for (testnum = 0; testnum < size_num; testnum++) {
2434 print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][testnum],
2435 lengths[testnum], seconds.sym);
2438 run_benchmark(async_jobs, AES_cbc_256_encrypt_loop, loopargs);
2440 print_result(D_CBC_256_AES, testnum, count, d);
2444 #ifndef OPENSSL_NO_DEPRECATED_3_0
2445 if (doit[D_IGE_128_AES]) {
2446 for (testnum = 0; testnum < size_num; testnum++) {
2447 print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][testnum],
2448 lengths[testnum], seconds.sym);
2451 run_benchmark(async_jobs, AES_ige_128_encrypt_loop, loopargs);
2453 print_result(D_IGE_128_AES, testnum, count, d);
2456 if (doit[D_IGE_192_AES]) {
2457 for (testnum = 0; testnum < size_num; testnum++) {
2458 print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][testnum],
2459 lengths[testnum], seconds.sym);
2462 run_benchmark(async_jobs, AES_ige_192_encrypt_loop, loopargs);
2464 print_result(D_IGE_192_AES, testnum, count, d);
2467 if (doit[D_IGE_256_AES]) {
2468 for (testnum = 0; testnum < size_num; testnum++) {
2469 print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][testnum],
2470 lengths[testnum], seconds.sym);
2473 run_benchmark(async_jobs, AES_ige_256_encrypt_loop, loopargs);
2475 print_result(D_IGE_256_AES, testnum, count, d);
2479 if (doit[D_GHASH]) {
2480 for (i = 0; i < loopargs_len; i++) {
2481 loopargs[i].gcm_ctx =
2482 CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
2483 CRYPTO_gcm128_setiv(loopargs[i].gcm_ctx,
2484 (unsigned char *)"0123456789ab", 12);
2487 for (testnum = 0; testnum < size_num; testnum++) {
2488 print_message(names[D_GHASH], c[D_GHASH][testnum],
2489 lengths[testnum], seconds.sym);
2491 count = run_benchmark(async_jobs, CRYPTO_gcm128_aad_loop, loopargs);
2493 print_result(D_GHASH, testnum, count, d);
2495 for (i = 0; i < loopargs_len; i++)
2496 CRYPTO_gcm128_release(loopargs[i].gcm_ctx);
2498 #ifndef OPENSSL_NO_CAMELLIA
2499 if (doit[D_CBC_128_CML]) {
2500 if (async_jobs > 0) {
2501 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2502 names[D_CBC_128_CML]);
2503 doit[D_CBC_128_CML] = 0;
2505 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2506 print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][testnum],
2507 lengths[testnum], seconds.sym);
2509 for (count = 0; COND(c[D_CBC_128_CML][testnum]); count++)
2510 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2511 (size_t)lengths[testnum], &camellia_ks[0],
2512 iv, CAMELLIA_ENCRYPT);
2514 print_result(D_CBC_128_CML, testnum, count, d);
2517 if (doit[D_CBC_192_CML]) {
2518 if (async_jobs > 0) {
2519 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2520 names[D_CBC_192_CML]);
2521 doit[D_CBC_192_CML] = 0;
2523 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2524 print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][testnum],
2525 lengths[testnum], seconds.sym);
2526 if (async_jobs > 0) {
2527 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2531 for (count = 0; COND(c[D_CBC_192_CML][testnum]); count++)
2532 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2533 (size_t)lengths[testnum], &camellia_ks[1],
2534 iv, CAMELLIA_ENCRYPT);
2536 print_result(D_CBC_192_CML, testnum, count, d);
2539 if (doit[D_CBC_256_CML]) {
2540 if (async_jobs > 0) {
2541 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2542 names[D_CBC_256_CML]);
2543 doit[D_CBC_256_CML] = 0;
2545 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2546 print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][testnum],
2547 lengths[testnum], seconds.sym);
2549 for (count = 0; COND(c[D_CBC_256_CML][testnum]); count++)
2550 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2551 (size_t)lengths[testnum], &camellia_ks[2],
2552 iv, CAMELLIA_ENCRYPT);
2554 print_result(D_CBC_256_CML, testnum, count, d);
2558 #ifndef OPENSSL_NO_IDEA
2559 if (doit[D_CBC_IDEA]) {
2560 if (async_jobs > 0) {
2561 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2563 doit[D_CBC_IDEA] = 0;
2565 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2566 print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][testnum],
2567 lengths[testnum], seconds.sym);
2569 for (count = 0; COND(c[D_CBC_IDEA][testnum]); count++)
2570 IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2571 (size_t)lengths[testnum], &idea_ks,
2574 print_result(D_CBC_IDEA, testnum, count, d);
2578 #ifndef OPENSSL_NO_SEED
2579 if (doit[D_CBC_SEED]) {
2580 if (async_jobs > 0) {
2581 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2583 doit[D_CBC_SEED] = 0;
2585 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2586 print_message(names[D_CBC_SEED], c[D_CBC_SEED][testnum],
2587 lengths[testnum], seconds.sym);
2589 for (count = 0; COND(c[D_CBC_SEED][testnum]); count++)
2590 SEED_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2591 (size_t)lengths[testnum], &seed_ks, iv, 1);
2593 print_result(D_CBC_SEED, testnum, count, d);
2597 #ifndef OPENSSL_NO_RC2
2598 if (doit[D_CBC_RC2]) {
2599 if (async_jobs > 0) {
2600 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2602 doit[D_CBC_RC2] = 0;
2604 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2605 print_message(names[D_CBC_RC2], c[D_CBC_RC2][testnum],
2606 lengths[testnum], seconds.sym);
2607 if (async_jobs > 0) {
2608 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2612 for (count = 0; COND(c[D_CBC_RC2][testnum]); count++)
2613 RC2_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2614 (size_t)lengths[testnum], &rc2_ks,
2617 print_result(D_CBC_RC2, testnum, count, d);
2621 #ifndef OPENSSL_NO_RC5
2622 if (doit[D_CBC_RC5]) {
2623 if (async_jobs > 0) {
2624 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2626 doit[D_CBC_RC5] = 0;
2628 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2629 print_message(names[D_CBC_RC5], c[D_CBC_RC5][testnum],
2630 lengths[testnum], seconds.sym);
2631 if (async_jobs > 0) {
2632 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2636 for (count = 0; COND(c[D_CBC_RC5][testnum]); count++)
2637 RC5_32_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2638 (size_t)lengths[testnum], &rc5_ks,
2641 print_result(D_CBC_RC5, testnum, count, d);
2645 #ifndef OPENSSL_NO_BF
2646 if (doit[D_CBC_BF]) {
2647 if (async_jobs > 0) {
2648 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2652 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2653 print_message(names[D_CBC_BF], c[D_CBC_BF][testnum],
2654 lengths[testnum], seconds.sym);
2656 for (count = 0; COND(c[D_CBC_BF][testnum]); count++)
2657 BF_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2658 (size_t)lengths[testnum], &bf_ks,
2661 print_result(D_CBC_BF, testnum, count, d);
2665 #ifndef OPENSSL_NO_CAST
2666 if (doit[D_CBC_CAST]) {
2667 if (async_jobs > 0) {
2668 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2670 doit[D_CBC_CAST] = 0;
2672 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2673 print_message(names[D_CBC_CAST], c[D_CBC_CAST][testnum],
2674 lengths[testnum], seconds.sym);
2676 for (count = 0; COND(c[D_CBC_CAST][testnum]); count++)
2677 CAST_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2678 (size_t)lengths[testnum], &cast_ks,
2681 print_result(D_CBC_CAST, testnum, count, d);
2686 for (testnum = 0; testnum < size_num; testnum++) {
2687 print_message(names[D_RAND], c[D_RAND][testnum], lengths[testnum],
2690 count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs);
2692 print_result(D_RAND, testnum, count, d);
2697 if (evp_cipher != NULL) {
2698 int (*loopfunc) (void *) = EVP_Update_loop;
2700 if (multiblock && (EVP_CIPHER_flags(evp_cipher) &
2701 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
2702 multiblock_speed(evp_cipher, lengths_single, &seconds);
2707 names[D_EVP] = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
2709 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_CCM_MODE) {
2710 loopfunc = EVP_Update_loop_ccm;
2711 } else if (aead && (EVP_CIPHER_flags(evp_cipher) &
2712 EVP_CIPH_FLAG_AEAD_CIPHER)) {
2713 loopfunc = EVP_Update_loop_aead;
2714 if (lengths == lengths_list) {
2715 lengths = aead_lengths_list;
2716 size_num = OSSL_NELEM(aead_lengths_list);
2720 for (testnum = 0; testnum < size_num; testnum++) {
2721 print_message(names[D_EVP], c[D_EVP][testnum], lengths[testnum],
2724 for (k = 0; k < loopargs_len; k++) {
2725 loopargs[k].ctx = EVP_CIPHER_CTX_new();
2726 if (loopargs[k].ctx == NULL) {
2727 BIO_printf(bio_err, "\nEVP_CIPHER_CTX_new failure\n");
2730 if (!EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL,
2731 NULL, iv, decrypt ? 0 : 1)) {
2732 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2733 ERR_print_errors(bio_err);
2737 EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
2739 keylen = EVP_CIPHER_CTX_key_length(loopargs[k].ctx);
2740 loopargs[k].key = app_malloc(keylen, "evp_cipher key");
2741 EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key);
2742 if (!EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
2743 loopargs[k].key, NULL, -1)) {
2744 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2745 ERR_print_errors(bio_err);
2748 OPENSSL_clear_free(loopargs[k].key, keylen);
2750 /* SIV mode only allows for a single Update operation */
2751 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_SIV_MODE)
2752 EVP_CIPHER_CTX_ctrl(loopargs[k].ctx, EVP_CTRL_SET_SPEED, 1, NULL);
2756 count = run_benchmark(async_jobs, loopfunc, loopargs);
2758 for (k = 0; k < loopargs_len; k++) {
2759 EVP_CIPHER_CTX_free(loopargs[k].ctx);
2761 print_result(D_EVP, testnum, count, d);
2763 } else if (evp_md != NULL) {
2764 names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md));
2766 for (testnum = 0; testnum < size_num; testnum++) {
2767 print_message(names[D_EVP], c[D_EVP][testnum], lengths[testnum],
2770 count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs);
2772 print_result(D_EVP, testnum, count, d);
2777 if (doit[D_EVP_HMAC] && evp_hmac_md != NULL) {
2778 const char *md_name = OBJ_nid2ln(EVP_MD_type(evp_hmac_md));
2780 evp_hmac_name = app_malloc(sizeof("HMAC()") + strlen(md_name),
2782 sprintf(evp_hmac_name, "HMAC(%s)", md_name);
2783 names[D_EVP_HMAC] = evp_hmac_name;
2785 for (testnum = 0; testnum < size_num; testnum++) {
2786 print_message(names[D_EVP_HMAC], c[D_EVP_HMAC][testnum], lengths[testnum],
2789 count = run_benchmark(async_jobs, EVP_HMAC_loop, loopargs);
2791 print_result(D_EVP_HMAC, testnum, count, d);
2795 #ifndef OPENSSL_NO_CMAC
2796 if (doit[D_EVP_CMAC] && evp_cmac_cipher != NULL) {
2797 const char *cipher_name = OBJ_nid2ln(EVP_CIPHER_type(evp_cmac_cipher));
2799 evp_cmac_name = app_malloc(sizeof("CMAC()") + strlen(cipher_name),
2801 sprintf(evp_cmac_name, "CMAC(%s)", cipher_name);
2802 names[D_EVP_CMAC] = evp_cmac_name;
2804 for (i = 0; i < loopargs_len; i++) {
2805 loopargs[i].cmac_ctx = CMAC_CTX_new();
2806 if (loopargs[i].cmac_ctx == NULL) {
2807 BIO_printf(bio_err, "CMAC malloc failure, exiting...");
2811 for (testnum = 0; testnum < size_num; testnum++) {
2812 print_message(names[D_EVP_CMAC], c[D_EVP_CMAC][testnum], lengths[testnum],
2815 count = run_benchmark(async_jobs, EVP_CMAC_loop, loopargs);
2817 print_result(D_EVP_CMAC, testnum, count, d);
2819 for (i = 0; i < loopargs_len; i++)
2820 CMAC_CTX_free(loopargs[i].cmac_ctx);
2824 for (i = 0; i < loopargs_len; i++)
2825 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2828 #ifndef OPENSSL_NO_RSA
2829 for (testnum = 0; testnum < RSA_NUM; testnum++) {
2831 if (!rsa_doit[testnum])
2833 for (i = 0; i < loopargs_len; i++) {
2834 if (primes > RSA_DEFAULT_PRIME_NUM) {
2835 /* we haven't set keys yet, generate multi-prime RSA keys */
2836 BIGNUM *bn = BN_new();
2840 if (!BN_set_word(bn, RSA_F4)) {
2845 BIO_printf(bio_err, "Generate multi-prime RSA key for %s\n",
2846 rsa_choices[testnum].name);
2848 loopargs[i].rsa_key[testnum] = RSA_new();
2849 if (loopargs[i].rsa_key[testnum] == NULL) {
2854 if (!RSA_generate_multi_prime_key(loopargs[i].rsa_key[testnum],
2855 rsa_keys[testnum].bits,
2856 primes, bn, NULL)) {
2862 st = RSA_sign(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2863 &loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2869 "RSA sign failure. No RSA sign will be done.\n");
2870 ERR_print_errors(bio_err);
2873 pkey_print_message("private", "rsa",
2874 rsa_c[testnum][0], rsa_keys[testnum].bits,
2876 /* RSA_blinding_on(rsa_key[testnum],NULL); */
2878 count = run_benchmark(async_jobs, RSA_sign_loop, loopargs);
2881 mr ? "+R1:%ld:%d:%.2f\n"
2882 : "%ld %u bits private RSA's in %.2fs\n",
2883 count, rsa_keys[testnum].bits, d);
2884 rsa_results[testnum][0] = (double)count / d;
2888 for (i = 0; i < loopargs_len; i++) {
2889 st = RSA_verify(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2890 loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2896 "RSA verify failure. No RSA verify will be done.\n");
2897 ERR_print_errors(bio_err);
2898 rsa_doit[testnum] = 0;
2900 pkey_print_message("public", "rsa",
2901 rsa_c[testnum][1], rsa_keys[testnum].bits,
2904 count = run_benchmark(async_jobs, RSA_verify_loop, loopargs);
2907 mr ? "+R2:%ld:%d:%.2f\n"
2908 : "%ld %u bits public RSA's in %.2fs\n",
2909 count, rsa_keys[testnum].bits, d);
2910 rsa_results[testnum][1] = (double)count / d;
2913 if (rsa_count <= 1) {
2914 /* if longer than 10s, don't do any more */
2915 stop_it(rsa_doit, testnum);
2918 #endif /* OPENSSL_NO_RSA */
2920 for (i = 0; i < loopargs_len; i++)
2921 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2924 #ifndef OPENSSL_NO_DSA
2925 for (testnum = 0; testnum < DSA_NUM; testnum++) {
2927 if (!dsa_doit[testnum])
2930 /* DSA_generate_key(dsa_key[testnum]); */
2931 /* DSA_sign_setup(dsa_key[testnum],NULL); */
2932 for (i = 0; i < loopargs_len; i++) {
2933 st = DSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
2934 &loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2940 "DSA sign failure. No DSA sign will be done.\n");
2941 ERR_print_errors(bio_err);
2944 pkey_print_message("sign", "dsa",
2945 dsa_c[testnum][0], dsa_bits[testnum],
2948 count = run_benchmark(async_jobs, DSA_sign_loop, loopargs);
2951 mr ? "+R3:%ld:%u:%.2f\n"
2952 : "%ld %u bits DSA signs in %.2fs\n",
2953 count, dsa_bits[testnum], d);
2954 dsa_results[testnum][0] = (double)count / d;
2958 for (i = 0; i < loopargs_len; i++) {
2959 st = DSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
2960 loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2966 "DSA verify failure. No DSA verify will be done.\n");
2967 ERR_print_errors(bio_err);
2968 dsa_doit[testnum] = 0;
2970 pkey_print_message("verify", "dsa",
2971 dsa_c[testnum][1], dsa_bits[testnum],
2974 count = run_benchmark(async_jobs, DSA_verify_loop, loopargs);
2977 mr ? "+R4:%ld:%u:%.2f\n"
2978 : "%ld %u bits DSA verify in %.2fs\n",
2979 count, dsa_bits[testnum], d);
2980 dsa_results[testnum][1] = (double)count / d;
2983 if (rsa_count <= 1) {
2984 /* if longer than 10s, don't do any more */
2985 stop_it(dsa_doit, testnum);
2988 #endif /* OPENSSL_NO_DSA */
2990 #ifndef OPENSSL_NO_EC
2991 for (testnum = 0; testnum < ECDSA_NUM; testnum++) {
2994 if (!ecdsa_doit[testnum])
2995 continue; /* Ignore Curve */
2996 for (i = 0; i < loopargs_len; i++) {
2997 loopargs[i].ecdsa[testnum] =
2998 EC_KEY_new_by_curve_name(ec_curves[testnum].nid);
2999 if (loopargs[i].ecdsa[testnum] == NULL) {
3005 BIO_printf(bio_err, "ECDSA failure.\n");
3006 ERR_print_errors(bio_err);
3009 for (i = 0; i < loopargs_len; i++) {
3010 EC_KEY_precompute_mult(loopargs[i].ecdsa[testnum], NULL);
3011 /* Perform ECDSA signature test */
3012 EC_KEY_generate_key(loopargs[i].ecdsa[testnum]);
3013 st = ECDSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
3014 &loopargs[i].siglen,
3015 loopargs[i].ecdsa[testnum]);
3021 "ECDSA sign failure. No ECDSA sign will be done.\n");
3022 ERR_print_errors(bio_err);
3025 pkey_print_message("sign", "ecdsa",
3026 ecdsa_c[testnum][0],
3027 ec_curves[testnum].bits, seconds.ecdsa);
3029 count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs);
3033 mr ? "+R5:%ld:%u:%.2f\n" :
3034 "%ld %u bits ECDSA signs in %.2fs \n",
3035 count, ec_curves[testnum].bits, d);
3036 ecdsa_results[testnum][0] = (double)count / d;
3040 /* Perform ECDSA verification test */
3041 for (i = 0; i < loopargs_len; i++) {
3042 st = ECDSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
3044 loopargs[i].ecdsa[testnum]);
3050 "ECDSA verify failure. No ECDSA verify will be done.\n");
3051 ERR_print_errors(bio_err);
3052 ecdsa_doit[testnum] = 0;
3054 pkey_print_message("verify", "ecdsa",
3055 ecdsa_c[testnum][1],
3056 ec_curves[testnum].bits, seconds.ecdsa);
3058 count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs);
3061 mr ? "+R6:%ld:%u:%.2f\n"
3062 : "%ld %u bits ECDSA verify in %.2fs\n",
3063 count, ec_curves[testnum].bits, d);
3064 ecdsa_results[testnum][1] = (double)count / d;
3067 if (rsa_count <= 1) {
3068 /* if longer than 10s, don't do any more */
3069 stop_it(ecdsa_doit, testnum);
3074 for (testnum = 0; testnum < EC_NUM; testnum++) {
3075 int ecdh_checks = 1;
3077 if (!ecdh_doit[testnum])
3080 for (i = 0; i < loopargs_len; i++) {
3081 EVP_PKEY_CTX *kctx = NULL;
3082 EVP_PKEY_CTX *test_ctx = NULL;
3083 EVP_PKEY_CTX *ctx = NULL;
3084 EVP_PKEY *key_A = NULL;
3085 EVP_PKEY *key_B = NULL;
3089 /* Ensure that the error queue is empty */
3090 if (ERR_peek_error()) {
3092 "WARNING: the error queue contains previous unhandled errors.\n");
3093 ERR_print_errors(bio_err);
3096 /* Let's try to create a ctx directly from the NID: this works for
3097 * curves like Curve25519 that are not implemented through the low
3098 * level EC interface.
3099 * If this fails we try creating a EVP_PKEY_EC generic param ctx,
3100 * then we set the curve by NID before deriving the actual keygen
3101 * ctx for that specific curve. */
3102 kctx = EVP_PKEY_CTX_new_id(ec_curves[testnum].nid, NULL); /* keygen ctx from NID */
3104 EVP_PKEY_CTX *pctx = NULL;
3105 EVP_PKEY *params = NULL;
3107 /* If we reach this code EVP_PKEY_CTX_new_id() failed and a
3108 * "int_ctx_new:unsupported algorithm" error was added to the
3110 * We remove it from the error queue as we are handling it. */
3111 unsigned long error = ERR_peek_error(); /* peek the latest error in the queue */
3112 if (error == ERR_peek_last_error() && /* oldest and latest errors match */
3113 /* check that the error origin matches */
3114 ERR_GET_LIB(error) == ERR_LIB_EVP &&
3115 ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM)
3116 ERR_get_error(); /* pop error from queue */
3117 if (ERR_peek_error()) {
3119 "Unhandled error in the error queue during ECDH init.\n");
3120 ERR_print_errors(bio_err);
3125 /* Create the context for parameter generation */
3126 if (!(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) ||
3127 /* Initialise the parameter generation */
3128 !EVP_PKEY_paramgen_init(pctx) ||
3129 /* Set the curve by NID */
3130 !EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3133 /* Create the parameter object params */
3134 !EVP_PKEY_paramgen(pctx, ¶ms)) {
3136 BIO_printf(bio_err, "ECDH EC params init failure.\n");
3137 ERR_print_errors(bio_err);
3141 /* Create the context for the key generation */
3142 kctx = EVP_PKEY_CTX_new(params, NULL);
3144 EVP_PKEY_free(params);
3146 EVP_PKEY_CTX_free(pctx);
3149 if (kctx == NULL || /* keygen ctx is not null */
3150 EVP_PKEY_keygen_init(kctx) <= 0/* init keygen ctx */ ) {
3152 BIO_printf(bio_err, "ECDH keygen failure.\n");
3153 ERR_print_errors(bio_err);
3158 if (EVP_PKEY_keygen(kctx, &key_A) <= 0 || /* generate secret key A */
3159 EVP_PKEY_keygen(kctx, &key_B) <= 0 || /* generate secret key B */
3160 !(ctx = EVP_PKEY_CTX_new(key_A, NULL)) || /* derivation ctx from skeyA */
3161 EVP_PKEY_derive_init(ctx) <= 0 || /* init derivation ctx */
3162 EVP_PKEY_derive_set_peer(ctx, key_B) <= 0 || /* set peer pubkey in ctx */
3163 EVP_PKEY_derive(ctx, NULL, &outlen) <= 0 || /* determine max length */
3164 outlen == 0 || /* ensure outlen is a valid size */
3165 outlen > MAX_ECDH_SIZE /* avoid buffer overflow */ ) {
3167 BIO_printf(bio_err, "ECDH key generation failure.\n");
3168 ERR_print_errors(bio_err);
3173 /* Here we perform a test run, comparing the output of a*B and b*A;
3174 * we try this here and assume that further EVP_PKEY_derive calls
3175 * never fail, so we can skip checks in the actually benchmarked
3176 * code, for maximum performance. */
3177 if (!(test_ctx = EVP_PKEY_CTX_new(key_B, NULL)) || /* test ctx from skeyB */
3178 !EVP_PKEY_derive_init(test_ctx) || /* init derivation test_ctx */
3179 !EVP_PKEY_derive_set_peer(test_ctx, key_A) || /* set peer pubkey in test_ctx */
3180 !EVP_PKEY_derive(test_ctx, NULL, &test_outlen) || /* determine max length */
3181 !EVP_PKEY_derive(ctx, loopargs[i].secret_a, &outlen) || /* compute a*B */
3182 !EVP_PKEY_derive(test_ctx, loopargs[i].secret_b, &test_outlen) || /* compute b*A */
3183 test_outlen != outlen /* compare output length */ ) {
3185 BIO_printf(bio_err, "ECDH computation failure.\n");
3186 ERR_print_errors(bio_err);
3191 /* Compare the computation results: CRYPTO_memcmp() returns 0 if equal */
3192 if (CRYPTO_memcmp(loopargs[i].secret_a,
3193 loopargs[i].secret_b, outlen)) {
3195 BIO_printf(bio_err, "ECDH computations don't match.\n");
3196 ERR_print_errors(bio_err);
3201 loopargs[i].ecdh_ctx[testnum] = ctx;
3202 loopargs[i].outlen[testnum] = outlen;
3204 EVP_PKEY_free(key_A);
3205 EVP_PKEY_free(key_B);
3206 EVP_PKEY_CTX_free(kctx);
3208 EVP_PKEY_CTX_free(test_ctx);
3211 if (ecdh_checks != 0) {
3212 pkey_print_message("", "ecdh",
3214 ec_curves[testnum].bits, seconds.ecdh);
3217 run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs);
3220 mr ? "+R7:%ld:%d:%.2f\n" :
3221 "%ld %u-bits ECDH ops in %.2fs\n", count,
3222 ec_curves[testnum].bits, d);
3223 ecdh_results[testnum][0] = (double)count / d;
3227 if (rsa_count <= 1) {
3228 /* if longer than 10s, don't do any more */
3229 stop_it(ecdh_doit, testnum);
3233 for (testnum = 0; testnum < EdDSA_NUM; testnum++) {
3235 EVP_PKEY *ed_pkey = NULL;
3236 EVP_PKEY_CTX *ed_pctx = NULL;
3238 if (!eddsa_doit[testnum])
3239 continue; /* Ignore Curve */
3240 for (i = 0; i < loopargs_len; i++) {
3241 loopargs[i].eddsa_ctx[testnum] = EVP_MD_CTX_new();
3242 if (loopargs[i].eddsa_ctx[testnum] == NULL) {
3247 if ((ed_pctx = EVP_PKEY_CTX_new_id(ed_curves[testnum].nid, NULL))
3249 || EVP_PKEY_keygen_init(ed_pctx) <= 0
3250 || EVP_PKEY_keygen(ed_pctx, &ed_pkey) <= 0) {
3252 EVP_PKEY_CTX_free(ed_pctx);
3255 EVP_PKEY_CTX_free(ed_pctx);
3257 if (!EVP_DigestSignInit(loopargs[i].eddsa_ctx[testnum], NULL, NULL,
3260 EVP_PKEY_free(ed_pkey);
3263 EVP_PKEY_free(ed_pkey);
3266 BIO_printf(bio_err, "EdDSA failure.\n");
3267 ERR_print_errors(bio_err);
3270 for (i = 0; i < loopargs_len; i++) {
3271 /* Perform EdDSA signature test */
3272 loopargs[i].sigsize = ed_curves[testnum].sigsize;
3273 st = EVP_DigestSign(loopargs[i].eddsa_ctx[testnum],
3274 loopargs[i].buf2, &loopargs[i].sigsize,
3275 loopargs[i].buf, 20);
3281 "EdDSA sign failure. No EdDSA sign will be done.\n");
3282 ERR_print_errors(bio_err);
3285 pkey_print_message("sign", ed_curves[testnum].name,
3286 eddsa_c[testnum][0],
3287 ed_curves[testnum].bits, seconds.eddsa);
3289 count = run_benchmark(async_jobs, EdDSA_sign_loop, loopargs);
3293 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3294 "%ld %u bits %s signs in %.2fs \n",
3295 count, ed_curves[testnum].bits,
3296 ed_curves[testnum].name, d);
3297 eddsa_results[testnum][0] = (double)count / d;
3301 /* Perform EdDSA verification test */
3302 for (i = 0; i < loopargs_len; i++) {
3303 st = EVP_DigestVerify(loopargs[i].eddsa_ctx[testnum],
3304 loopargs[i].buf2, loopargs[i].sigsize,
3305 loopargs[i].buf, 20);
3311 "EdDSA verify failure. No EdDSA verify will be done.\n");
3312 ERR_print_errors(bio_err);
3313 eddsa_doit[testnum] = 0;
3315 pkey_print_message("verify", ed_curves[testnum].name,
3316 eddsa_c[testnum][1],
3317 ed_curves[testnum].bits, seconds.eddsa);
3319 count = run_benchmark(async_jobs, EdDSA_verify_loop, loopargs);
3322 mr ? "+R9:%ld:%u:%s:%.2f\n"
3323 : "%ld %u bits %s verify in %.2fs\n",
3324 count, ed_curves[testnum].bits,
3325 ed_curves[testnum].name, d);
3326 eddsa_results[testnum][1] = (double)count / d;
3329 if (rsa_count <= 1) {
3330 /* if longer than 10s, don't do any more */
3331 stop_it(eddsa_doit, testnum);
3336 # ifndef OPENSSL_NO_SM2
3337 for (testnum = 0; testnum < SM2_NUM; testnum++) {
3339 EVP_PKEY *sm2_pkey = NULL;
3341 if (!sm2_doit[testnum])
3342 continue; /* Ignore Curve */
3343 /* Init signing and verification */
3344 for (i = 0; i < loopargs_len; i++) {
3345 EVP_PKEY_CTX *sm2_pctx = NULL;
3346 EVP_PKEY_CTX *sm2_vfy_pctx = NULL;
3347 EVP_PKEY_CTX *pctx = NULL;
3350 loopargs[i].sm2_ctx[testnum] = EVP_MD_CTX_new();
3351 loopargs[i].sm2_vfy_ctx[testnum] = EVP_MD_CTX_new();
3352 if (loopargs[i].sm2_ctx[testnum] == NULL
3353 || loopargs[i].sm2_vfy_ctx[testnum] == NULL)
3356 /* SM2 keys are generated as normal EC keys with a special curve */
3357 st = !((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) == NULL
3358 || EVP_PKEY_keygen_init(pctx) <= 0
3359 || EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3360 sm2_curves[testnum].nid) <= 0
3361 || EVP_PKEY_keygen(pctx, &sm2_pkey) <= 0);
3362 EVP_PKEY_CTX_free(pctx);
3366 st = 0; /* set back to zero */
3367 /* attach it sooner to rely on main final cleanup */
3368 loopargs[i].sm2_pkey[testnum] = sm2_pkey;
3369 loopargs[i].sigsize = ECDSA_size(EVP_PKEY_get0_EC_KEY(sm2_pkey));
3370 if (!EVP_PKEY_set_alias_type(sm2_pkey, EVP_PKEY_SM2))
3373 sm2_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3374 sm2_vfy_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3375 if (sm2_pctx == NULL || sm2_vfy_pctx == NULL) {
3376 EVP_PKEY_CTX_free(sm2_vfy_pctx);
3379 /* attach them directly to respective ctx */
3380 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_ctx[testnum], sm2_pctx);
3381 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_vfy_ctx[testnum], sm2_vfy_pctx);
3384 * No need to allow user to set an explicit ID here, just use
3385 * the one defined in the 'draft-yang-tls-tl13-sm-suites' I-D.
3387 if (EVP_PKEY_CTX_set1_id(sm2_pctx, SM2_ID, SM2_ID_LEN) != 1
3388 || EVP_PKEY_CTX_set1_id(sm2_vfy_pctx, SM2_ID, SM2_ID_LEN) != 1)
3391 if (!EVP_DigestSignInit(loopargs[i].sm2_ctx[testnum], NULL,
3392 EVP_sm3(), NULL, sm2_pkey))
3394 if (!EVP_DigestVerifyInit(loopargs[i].sm2_vfy_ctx[testnum], NULL,
3395 EVP_sm3(), NULL, sm2_pkey))
3397 st = 1; /* mark loop as succeeded */
3400 BIO_printf(bio_err, "SM2 init failure.\n");
3401 ERR_print_errors(bio_err);
3404 for (i = 0; i < loopargs_len; i++) {
3405 size_t sm2_sigsize = loopargs[i].sigsize;
3407 /* Perform SM2 signature test */
3408 st = EVP_DigestSign(loopargs[i].sm2_ctx[testnum],
3409 loopargs[i].buf2, &sm2_sigsize,
3410 loopargs[i].buf, 20);
3416 "SM2 sign failure. No SM2 sign will be done.\n");
3417 ERR_print_errors(bio_err);
3420 pkey_print_message("sign", sm2_curves[testnum].name,
3422 sm2_curves[testnum].bits, seconds.sm2);
3424 count = run_benchmark(async_jobs, SM2_sign_loop, loopargs);
3428 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3429 "%ld %u bits %s signs in %.2fs \n",
3430 count, sm2_curves[testnum].bits,
3431 sm2_curves[testnum].name, d);
3432 sm2_results[testnum][0] = (double)count / d;
3436 /* Perform SM2 verification test */
3437 for (i = 0; i < loopargs_len; i++) {
3438 st = EVP_DigestVerify(loopargs[i].sm2_vfy_ctx[testnum],
3439 loopargs[i].buf2, loopargs[i].sigsize,
3440 loopargs[i].buf, 20);
3446 "SM2 verify failure. No SM2 verify will be done.\n");
3447 ERR_print_errors(bio_err);
3448 sm2_doit[testnum] = 0;
3450 pkey_print_message("verify", sm2_curves[testnum].name,
3452 sm2_curves[testnum].bits, seconds.sm2);
3454 count = run_benchmark(async_jobs, SM2_verify_loop, loopargs);
3457 mr ? "+R9:%ld:%u:%s:%.2f\n"
3458 : "%ld %u bits %s verify in %.2fs\n",
3459 count, sm2_curves[testnum].bits,
3460 sm2_curves[testnum].name, d);
3461 sm2_results[testnum][1] = (double)count / d;
3464 if (rsa_count <= 1) {
3465 /* if longer than 10s, don't do any more */
3466 for (testnum++; testnum < SM2_NUM; testnum++)
3467 sm2_doit[testnum] = 0;
3471 # endif /* OPENSSL_NO_SM2 */
3473 #endif /* OPENSSL_NO_EC */
3478 printf("version: %s\n", OpenSSL_version(OPENSSL_FULL_VERSION_STRING));
3479 printf("built on: %s\n", OpenSSL_version(OPENSSL_BUILT_ON));
3481 printf("%s ", BN_options());
3482 #ifndef OPENSSL_NO_MD2
3483 printf("%s ", MD2_options());
3485 #ifndef OPENSSL_NO_RC4
3486 printf("%s ", RC4_options());
3488 #ifndef OPENSSL_NO_DES
3489 printf("%s ", DES_options());
3491 printf("%s ", AES_options());
3492 #ifndef OPENSSL_NO_IDEA
3493 printf("%s ", IDEA_options());
3495 #ifndef OPENSSL_NO_BF
3496 printf("%s ", BF_options());
3498 printf("\n%s\n", OpenSSL_version(OPENSSL_CFLAGS));
3499 printf("%s\n", OpenSSL_version(OPENSSL_CPU_INFO));
3507 ("The 'numbers' are in 1000s of bytes per second processed.\n");
3510 for (testnum = 0; testnum < size_num; testnum++)
3511 printf(mr ? ":%d" : "%7d bytes", lengths[testnum]);
3515 for (k = 0; k < ALGOR_NUM; k++) {
3519 printf("+F:%u:%s", k, names[k]);
3521 printf("%-13s", names[k]);
3522 for (testnum = 0; testnum < size_num; testnum++) {
3523 if (results[k][testnum] > 10000 && !mr)
3524 printf(" %11.2fk", results[k][testnum] / 1e3);
3526 printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]);
3530 #ifndef OPENSSL_NO_RSA
3532 for (k = 0; k < RSA_NUM; k++) {
3535 if (testnum && !mr) {
3536 printf("%18ssign verify sign/s verify/s\n", " ");
3540 printf("+F2:%u:%u:%f:%f\n",
3541 k, rsa_keys[k].bits, rsa_results[k][0], rsa_results[k][1]);
3543 printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3544 rsa_keys[k].bits, 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1],
3545 rsa_results[k][0], rsa_results[k][1]);
3548 #ifndef OPENSSL_NO_DSA
3550 for (k = 0; k < DSA_NUM; k++) {
3553 if (testnum && !mr) {
3554 printf("%18ssign verify sign/s verify/s\n", " ");
3558 printf("+F3:%u:%u:%f:%f\n",
3559 k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
3561 printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3562 dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1],
3563 dsa_results[k][0], dsa_results[k][1]);
3566 #ifndef OPENSSL_NO_EC
3568 for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) {
3571 if (testnum && !mr) {
3572 printf("%30ssign verify sign/s verify/s\n", " ");
3577 printf("+F4:%u:%u:%f:%f\n",
3578 k, ec_curves[k].bits,
3579 ecdsa_results[k][0], ecdsa_results[k][1]);
3581 printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3582 ec_curves[k].bits, ec_curves[k].name,
3583 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1],
3584 ecdsa_results[k][0], ecdsa_results[k][1]);
3588 for (k = 0; k < EC_NUM; k++) {
3591 if (testnum && !mr) {
3592 printf("%30sop op/s\n", " ");
3596 printf("+F5:%u:%u:%f:%f\n",
3597 k, ec_curves[k].bits,
3598 ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
3601 printf("%4u bits ecdh (%s) %8.4fs %8.1f\n",
3602 ec_curves[k].bits, ec_curves[k].name,
3603 1.0 / ecdh_results[k][0], ecdh_results[k][0]);
3607 for (k = 0; k < OSSL_NELEM(eddsa_doit); k++) {
3610 if (testnum && !mr) {
3611 printf("%30ssign verify sign/s verify/s\n", " ");
3616 printf("+F6:%u:%u:%s:%f:%f\n",
3617 k, ed_curves[k].bits, ed_curves[k].name,
3618 eddsa_results[k][0], eddsa_results[k][1]);
3620 printf("%4u bits EdDSA (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3621 ed_curves[k].bits, ed_curves[k].name,
3622 1.0 / eddsa_results[k][0], 1.0 / eddsa_results[k][1],
3623 eddsa_results[k][0], eddsa_results[k][1]);
3626 # ifndef OPENSSL_NO_SM2
3628 for (k = 0; k < OSSL_NELEM(sm2_doit); k++) {
3631 if (testnum && !mr) {
3632 printf("%30ssign verify sign/s verify/s\n", " ");
3637 printf("+F6:%u:%u:%s:%f:%f\n",
3638 k, sm2_curves[k].bits, sm2_curves[k].name,
3639 sm2_results[k][0], sm2_results[k][1]);
3641 printf("%4u bits SM2 (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3642 sm2_curves[k].bits, sm2_curves[k].name,
3643 1.0 / sm2_results[k][0], 1.0 / sm2_results[k][1],
3644 sm2_results[k][0], sm2_results[k][1]);
3647 #endif /* OPENSSL_NO_EC */
3652 ERR_print_errors(bio_err);
3653 for (i = 0; i < loopargs_len; i++) {
3654 OPENSSL_free(loopargs[i].buf_malloc);
3655 OPENSSL_free(loopargs[i].buf2_malloc);
3657 #ifndef OPENSSL_NO_RSA
3658 for (k = 0; k < RSA_NUM; k++)
3659 RSA_free(loopargs[i].rsa_key[k]);
3661 #ifndef OPENSSL_NO_DSA
3662 for (k = 0; k < DSA_NUM; k++)
3663 DSA_free(loopargs[i].dsa_key[k]);
3665 #ifndef OPENSSL_NO_EC
3666 for (k = 0; k < ECDSA_NUM; k++)
3667 EC_KEY_free(loopargs[i].ecdsa[k]);
3668 for (k = 0; k < EC_NUM; k++)
3669 EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]);
3670 for (k = 0; k < EdDSA_NUM; k++)
3671 EVP_MD_CTX_free(loopargs[i].eddsa_ctx[k]);
3672 # ifndef OPENSSL_NO_SM2
3673 for (k = 0; k < SM2_NUM; k++) {
3674 EVP_PKEY_CTX *pctx = NULL;
3676 /* free signing ctx */
3677 if (loopargs[i].sm2_ctx[k] != NULL
3678 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_ctx[k])) != NULL)
3679 EVP_PKEY_CTX_free(pctx);
3680 EVP_MD_CTX_free(loopargs[i].sm2_ctx[k]);
3681 /* free verification ctx */
3682 if (loopargs[i].sm2_vfy_ctx[k] != NULL
3683 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_vfy_ctx[k])) != NULL)
3684 EVP_PKEY_CTX_free(pctx);
3685 EVP_MD_CTX_free(loopargs[i].sm2_vfy_ctx[k]);
3687 EVP_PKEY_free(loopargs[i].sm2_pkey[k]);
3690 OPENSSL_free(loopargs[i].secret_a);
3691 OPENSSL_free(loopargs[i].secret_b);
3694 OPENSSL_free(evp_hmac_name);
3695 #ifndef OPENSSL_NO_CMAC
3696 OPENSSL_free(evp_cmac_name);
3699 if (async_jobs > 0) {
3700 for (i = 0; i < loopargs_len; i++)
3701 ASYNC_WAIT_CTX_free(loopargs[i].wait_ctx);
3705 ASYNC_cleanup_thread();
3707 OPENSSL_free(loopargs);
3712 static void print_message(const char *s, long num, int length, int tm)
3716 mr ? "+DT:%s:%d:%d\n"
3717 : "Doing %s for %ds on %d size blocks: ", s, tm, length);
3718 (void)BIO_flush(bio_err);
3723 mr ? "+DN:%s:%ld:%d\n"
3724 : "Doing %s %ld times on %d size blocks: ", s, num, length);
3725 (void)BIO_flush(bio_err);
3729 static void pkey_print_message(const char *str, const char *str2, long num,
3730 unsigned int bits, int tm)
3734 mr ? "+DTP:%d:%s:%s:%d\n"
3735 : "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm);
3736 (void)BIO_flush(bio_err);
3741 mr ? "+DNP:%ld:%d:%s:%s\n"
3742 : "Doing %ld %u bits %s %s's: ", num, bits, str, str2);
3743 (void)BIO_flush(bio_err);
3747 static void print_result(int alg, int run_no, int count, double time_used)
3750 BIO_printf(bio_err, "%s error!\n", names[alg]);
3751 ERR_print_errors(bio_err);
3752 /* exit(1); disable exit until default provider enabled */
3756 mr ? "+R:%d:%s:%f\n"
3757 : "%d %s's in %.2fs\n", count, names[alg], time_used);
3758 results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
3762 static char *sstrsep(char **string, const char *delim)
3765 char *token = *string;
3770 memset(isdelim, 0, sizeof(isdelim));
3774 isdelim[(unsigned char)(*delim)] = 1;
3778 while (!isdelim[(unsigned char)(**string)]) {
3790 static int do_multi(int multi, int size_num)
3795 static char sep[] = ":";
3797 fds = app_malloc(sizeof(*fds) * multi, "fd buffer for do_multi");
3798 for (n = 0; n < multi; ++n) {
3799 if (pipe(fd) == -1) {
3800 BIO_printf(bio_err, "pipe failure\n");
3804 (void)BIO_flush(bio_err);
3811 if (dup(fd[1]) == -1) {
3812 BIO_printf(bio_err, "dup failed\n");
3821 printf("Forked child %d\n", n);
3824 /* for now, assume the pipe is long enough to take all the output */
3825 for (n = 0; n < multi; ++n) {
3830 f = fdopen(fds[n], "r");
3831 while (fgets(buf, sizeof(buf), f)) {
3832 p = strchr(buf, '\n');
3835 if (buf[0] != '+') {
3837 "Don't understand line '%s' from child %d\n", buf,
3841 printf("Got: %s from %d\n", buf, n);
3842 if (strncmp(buf, "+F:", 3) == 0) {
3847 alg = atoi(sstrsep(&p, sep));
3849 for (j = 0; j < size_num; ++j)
3850 results[alg][j] += atof(sstrsep(&p, sep));
3851 } else if (strncmp(buf, "+F2:", 4) == 0) {
3856 k = atoi(sstrsep(&p, sep));
3859 d = atof(sstrsep(&p, sep));
3860 rsa_results[k][0] += d;
3862 d = atof(sstrsep(&p, sep));
3863 rsa_results[k][1] += d;
3865 # ifndef OPENSSL_NO_DSA
3866 else if (strncmp(buf, "+F3:", 4) == 0) {
3871 k = atoi(sstrsep(&p, sep));
3874 d = atof(sstrsep(&p, sep));
3875 dsa_results[k][0] += d;
3877 d = atof(sstrsep(&p, sep));
3878 dsa_results[k][1] += d;
3881 # ifndef OPENSSL_NO_EC
3882 else if (strncmp(buf, "+F4:", 4) == 0) {
3887 k = atoi(sstrsep(&p, sep));
3890 d = atof(sstrsep(&p, sep));
3891 ecdsa_results[k][0] += d;
3893 d = atof(sstrsep(&p, sep));
3894 ecdsa_results[k][1] += d;
3895 } else if (strncmp(buf, "+F5:", 4) == 0) {
3900 k = atoi(sstrsep(&p, sep));
3903 d = atof(sstrsep(&p, sep));
3904 ecdh_results[k][0] += d;
3905 } else if (strncmp(buf, "+F6:", 4) == 0) {
3910 k = atoi(sstrsep(&p, sep));
3914 d = atof(sstrsep(&p, sep));
3915 eddsa_results[k][0] += d;
3917 d = atof(sstrsep(&p, sep));
3918 eddsa_results[k][1] += d;
3920 # ifndef OPENSSL_NO_SM2
3921 else if (strncmp(buf, "+F7:", 4) == 0) {
3926 k = atoi(sstrsep(&p, sep));
3929 d = atof(sstrsep(&p, sep));
3930 sm2_results[k][0] += d;
3932 d = atof(sstrsep(&p, sep));
3933 sm2_results[k][1] += d;
3935 # endif /* OPENSSL_NO_SM2 */
3938 else if (strncmp(buf, "+H:", 3) == 0) {
3941 BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf,
3952 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
3953 const openssl_speed_sec_t *seconds)
3955 static const int mblengths_list[] =
3956 { 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 };
3957 const int *mblengths = mblengths_list;
3958 int j, count, keylen, num = OSSL_NELEM(mblengths_list);
3959 const char *alg_name;
3960 unsigned char *inp, *out, *key, no_key[32], no_iv[16];
3961 EVP_CIPHER_CTX *ctx;
3964 if (lengths_single) {
3965 mblengths = &lengths_single;
3969 inp = app_malloc(mblengths[num - 1], "multiblock input buffer");
3970 out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer");
3971 ctx = EVP_CIPHER_CTX_new();
3972 EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv);
3974 keylen = EVP_CIPHER_CTX_key_length(ctx);
3975 key = app_malloc(keylen, "evp_cipher key");
3976 EVP_CIPHER_CTX_rand_key(ctx, key);
3977 EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
3978 OPENSSL_clear_free(key, keylen);
3980 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key), no_key);
3981 alg_name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
3983 for (j = 0; j < num; j++) {
3984 print_message(alg_name, 0, mblengths[j], seconds->sym);
3986 for (count = 0; run && count < 0x7fffffff; count++) {
3987 unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
3988 EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
3989 size_t len = mblengths[j];
3992 memset(aad, 0, 8); /* avoid uninitialized values */
3993 aad[8] = 23; /* SSL3_RT_APPLICATION_DATA */
3994 aad[9] = 3; /* version */
3996 aad[11] = 0; /* length */
3998 mb_param.out = NULL;
4001 mb_param.interleave = 8;
4003 packlen = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
4004 sizeof(mb_param), &mb_param);
4010 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
4011 sizeof(mb_param), &mb_param);
4015 RAND_bytes(out, 16);
4017 aad[11] = (unsigned char)(len >> 8);
4018 aad[12] = (unsigned char)(len);
4019 pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD,
4020 EVP_AEAD_TLS1_AAD_LEN, aad);
4021 EVP_Cipher(ctx, out, inp, len + pad);
4025 BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n"
4026 : "%d %s's in %.2fs\n", count, "evp", d);
4027 results[D_EVP][j] = ((double)count) / d * mblengths[j];
4031 fprintf(stdout, "+H");
4032 for (j = 0; j < num; j++)
4033 fprintf(stdout, ":%d", mblengths[j]);
4034 fprintf(stdout, "\n");
4035 fprintf(stdout, "+F:%d:%s", D_EVP, alg_name);
4036 for (j = 0; j < num; j++)
4037 fprintf(stdout, ":%.2f", results[D_EVP][j]);
4038 fprintf(stdout, "\n");
4041 "The 'numbers' are in 1000s of bytes per second processed.\n");
4042 fprintf(stdout, "type ");
4043 for (j = 0; j < num; j++)
4044 fprintf(stdout, "%7d bytes", mblengths[j]);
4045 fprintf(stdout, "\n");
4046 fprintf(stdout, "%-24s", alg_name);
4048 for (j = 0; j < num; j++) {
4049 if (results[D_EVP][j] > 10000)
4050 fprintf(stdout, " %11.2fk", results[D_EVP][j] / 1e3);
4052 fprintf(stdout, " %11.2f ", results[D_EVP][j]);
4054 fprintf(stdout, "\n");
4059 EVP_CIPHER_CTX_free(ctx);