* The Contribution is licensed pursuant to the OpenSSL open source
* license provided above.
*
- * In addition, Sun covenants to all licensees who provide a reciprocal
- * covenant with respect to their own patents if any, not to sue under
- * current and future patent claims necessarily infringed by the making,
- * using, practicing, selling, offering for sale and/or otherwise
- * disposing of the Contribution as delivered hereunder
- * (or portions thereof), provided that such covenant shall not apply:
- * 1) for code that a licensee deletes from the Contribution;
- * 2) separates from the Contribution; or
- * 3) for infringements caused by:
- * i) the modification of the Contribution or
- * ii) the combination of the Contribution with other software or
- * devices where such combination causes the infringement.
- *
* The ECDH and ECDSA speed test software is originally written by
* Sumit Gupta of Sun Microsystems Laboratories.
*
/* most of this code has been pilfered from my libdes speed.c program */
+#ifndef OPENSSL_NO_SPEED
+
#undef SECONDS
#define SECONDS 3
#define RSA_SECONDS 10
/* The following if from times(3) man page. It may need to be changed */
#ifndef HZ
-# ifdef _SC_CLK_TCK
+# if defined(_SC_CLK_TCK) \
+ && (!defined(OPENSSL_SYS_VMS) || __CTRL_VER >= 70000000)
# define HZ ((double)sysconf(_SC_CLK_TCK))
# else
# ifndef CLK_TCK
#define RSA_NUM 4
#define DSA_NUM 3
-#define EC_NUM 15
+#define EC_NUM 16
#define MAX_ECDH_SIZE 256
static const char *names[ALGOR_NUM]={
#endif
}
+
+static const int KDF1_SHA1_len = 20;
+static void *KDF1_SHA1(void *in, size_t inlen, void *out, size_t outlen)
+ {
+#ifndef OPENSSL_NO_SHA
+ if (outlen != SHA_DIGEST_LENGTH)
+ return NULL;
+ return SHA1(in, inlen, out);
+#else
+ return NULL;
+#endif
+ }
+
+
int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
+#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
+#endif
unsigned char *buf=NULL,*buf2=NULL;
int mret=1;
long count=0,save_count=0;
#define R_RSA_4096 3
#define R_EC_P160 0
-#define R_EC_P224 1
-#define R_EC_P256 2
-#define R_EC_P384 3
-#define R_EC_P521 4
-#define R_EC_K163 5
-#define R_EC_K233 6
-#define R_EC_K283 7
-#define R_EC_K409 8
-#define R_EC_K571 9
-#define R_EC_B163 10
-#define R_EC_B233 11
-#define R_EC_B283 12
-#define R_EC_B409 13
-#define R_EC_B571 14
+#define R_EC_P192 1
+#define R_EC_P224 2
+#define R_EC_P256 3
+#define R_EC_P384 4
+#define R_EC_P521 5
+#define R_EC_K163 6
+#define R_EC_K233 7
+#define R_EC_K283 8
+#define R_EC_K409 9
+#define R_EC_K571 10
+#define R_EC_B163 11
+#define R_EC_B233 12
+#define R_EC_B283 13
+#define R_EC_B409 14
+#define R_EC_B571 15
#ifndef OPENSSL_NO_RSA
RSA *rsa_key[RSA_NUM];
static unsigned int test_curves[EC_NUM] =
{
/* Prime Curves */
- EC_GROUP_SECG_PRIME_160R1,
- EC_GROUP_NIST_PRIME_224,
- EC_GROUP_NIST_PRIME_256,
- EC_GROUP_NIST_PRIME_384,
- EC_GROUP_NIST_PRIME_521,
+ NID_secp160r1,
+ NID_X9_62_prime192v1,
+ NID_secp224r1,
+ NID_X9_62_prime256v1,
+ NID_secp384r1,
+ NID_secp521r1,
/* Binary Curves */
- EC_GROUP_NIST_CHAR2_K163,
- EC_GROUP_NIST_CHAR2_K233,
- EC_GROUP_NIST_CHAR2_K283,
- EC_GROUP_NIST_CHAR2_K409,
- EC_GROUP_NIST_CHAR2_K571,
- EC_GROUP_NIST_CHAR2_B163,
- EC_GROUP_NIST_CHAR2_B233,
- EC_GROUP_NIST_CHAR2_B283,
- EC_GROUP_NIST_CHAR2_B409,
- EC_GROUP_NIST_CHAR2_B571
+ NID_sect163k1,
+ NID_sect233k1,
+ NID_sect283k1,
+ NID_sect409k1,
+ NID_sect571k1,
+ NID_sect163r2,
+ NID_sect233r1,
+ NID_sect283r1,
+ NID_sect409r1,
+ NID_sect571r1
};
static char * test_curves_names[EC_NUM] =
{
/* Prime Curves */
"secp160r1",
+ "nistp192",
"nistp224",
"nistp256",
"nistp384",
};
static int test_curves_bits[EC_NUM] =
{
- 160, 224, 256, 384, 521,
+ 160, 192, 224, 256, 384, 521,
163, 233, 283, 409, 571,
163, 233, 283, 409, 571
};
j--; /* Otherwise, -elapsed gets confused with
an algorithm. */
}
+#ifndef OPENSSL_NO_ENGINE
else if ((argc > 0) && (strcmp(*argv,"-engine") == 0))
{
argc--;
means all of them should be run) */
j--;
}
+#endif
#ifdef HAVE_FORK
else if ((argc > 0) && (strcmp(*argv,"-multi") == 0))
{
BIO_printf(bio_err,"\n");
BIO_printf(bio_err,"Available options:\n");
-#ifdef TIMES
+#if defined(TIMES) || defined(USE_TOD)
BIO_printf(bio_err,"-elapsed measure time in real time instead of CPU user time.\n");
#endif
+#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err,"-engine e use engine e, possibly a hardware device.\n");
+#endif
BIO_printf(bio_err,"-evp e use EVP e.\n");
BIO_printf(bio_err,"-decrypt time decryption instead of encryption (only EVP).\n");
BIO_printf(bio_err,"-mr produce machine readable output.\n");
else
EVP_EncryptFinal_ex(&ctx,buf,&outl);
d=Time_F(STOP);
+ EVP_CIPHER_CTX_cleanup(&ctx);
}
if (evp_md)
{
}
else
{
+#if 1
+ EC_GROUP_precompute_mult(ecdsa[j]->group, NULL);
+#endif
/* Perform ECDSA signature test */
EC_KEY_generate_key(ecdsa[j]);
- ret = ECDSA_sign(EVP_PKEY_ECDSA, buf, 20, ecdsasig,
+ ret = ECDSA_sign(0, buf, 20, ecdsasig,
&ecdsasiglen, ecdsa[j]);
if (ret == 0)
{
ECDSA_SECONDS);
Time_F(START);
- for (count=0,run=1; COND(ecdsa_c[j][0]); count++)
+ for (count=0,run=1; COND(ecdsa_c[j][0]);
+ count++)
{
- ret=ECDSA_sign(EVP_PKEY_ECDSA, buf, 20, ecdsasig, &ecdsasiglen, ecdsa[j]);
+ ret=ECDSA_sign(0, buf, 20,
+ ecdsasig, &ecdsasiglen,
+ ecdsa[j]);
if (ret == 0)
{
BIO_printf(bio_err, "ECDSA sign failure\n");
}
/* Perform ECDSA verification test */
- ret=ECDSA_verify(EVP_PKEY_ECDSA, buf, 20, ecdsasig, ecdsasiglen, ecdsa[j]);
+ ret=ECDSA_verify(0, buf, 20, ecdsasig,
+ ecdsasiglen, ecdsa[j]);
if (ret != 1)
{
BIO_printf(bio_err,"ECDSA verify failure. No ECDSA verify will be done.\n");
}
else
{
- ecdh_b[j]->group = ecdh_a[j]->group;
+ ecdh_b[j]->group = EC_GROUP_dup(ecdh_a[j]->group);
/* generate two ECDH key pairs */
if (!EC_KEY_generate_key(ecdh_a[j]) ||
}
else
{
- secret_size_a = ECDH_compute_key(secret_a,
+ /* If field size is not more than 24 octets, then use SHA-1 hash of result;
+ * otherwise, use result (see section 4.8 of draft-ietf-tls-ecc-03.txt).
+ */
+ int field_size, outlen;
+ void *(*kdf)(void *in, size_t inlen, void *out, size_t xoutlen);
+ field_size = EC_GROUP_get_degree(ecdh_a[j]->group);
+ if (field_size <= 24 * 8)
+ {
+ outlen = KDF1_SHA1_len;
+ kdf = KDF1_SHA1;
+ }
+ else
+ {
+ outlen = (field_size+7)/8;
+ kdf = NULL;
+ }
+ secret_size_a = ECDH_compute_key(secret_a, outlen,
ecdh_b[j]->pub_key,
- ecdh_a[j]);
- secret_size_b = ECDH_compute_key(secret_b,
+ ecdh_a[j], kdf);
+ secret_size_b = ECDH_compute_key(secret_b, outlen,
ecdh_a[j]->pub_key,
- ecdh_b[j]);
+ ecdh_b[j], kdf);
if (secret_size_a != secret_size_b)
ecdh_checks = 0;
else
Time_F(START);
for (count=0,run=1; COND(ecdh_c[j][0]); count++)
{
- ECDH_compute_key(secret_a,
+ ECDH_compute_key(secret_a, outlen,
ecdh_b[j]->pub_key,
- ecdh_a[j]);
+ ecdh_a[j], kdf);
}
d=Time_F(STOP);
BIO_printf(bio_err, mr ? "+R7:%ld:%d:%.2f\n" :"%ld %d-bit ECDH ops in %.2fs\n",
#endif
apps_shutdown();
- EXIT(mret);
+ OPENSSL_EXIT(mret);
}
static void print_message(const char *s, long num, int length)
static void print_result(int alg,int run_no,int count,double time_used)
{
- BIO_printf(bio_err,mr ? "+R:%ld:%s:%f\n"
- : "%ld %s's in %.2fs\n",count,names[alg],time_used);
+ BIO_printf(bio_err,mr ? "+R:%d:%s:%f\n"
+ : "%d %s's in %.2fs\n",count,names[alg],time_used);
results[alg][run_no]=((double)count)/time_used*lengths[run_no];
}
if (**string == 0)
return NULL;
- memset(isdelim, 0, 256);
+ memset(isdelim, 0, sizeof isdelim);
isdelim[0] = 1;
while (*delim)
return 1;
}
#endif
+#endif
projects / openssl.git / blobdiff