New functions and option to use NEW in certificate requests.

[openssl.git] / apps / speed.c

diff --git a/apps/speed.c b/apps/speed.c
index a8371fb4246853301a0b8550e05be1c548aa0b32..b3130def8b928b0ea43d915eb39f8fe8ca58ae0c 100644 (file)
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -123,9 +123,11 @@
 #endif
 #ifndef NO_MD5
 #include <openssl/md5.h>
+#endif
+#ifndef NO_HMAC
 #include <openssl/hmac.h>
-#include <openssl/evp.h>
 #endif
+#include <openssl/evp.h>
 #ifndef NO_SHA
 #include <openssl/sha.h>
 #endif
@@ -236,16 +238,19 @@ static double Time_F(int s)
 #endif
        }
 
+int MAIN(int, char **);
+
 int MAIN(int argc, char **argv)
        {
        unsigned char *buf=NULL,*buf2=NULL;
-       int ret=1;
+       int mret=1;
 #define ALGOR_NUM      14
 #define SIZE_NUM       5
 #define RSA_NUM                4
 #define DSA_NUM                3
        long count,rsa_count;
-       int i,j,k,rsa_num,rsa_num2;
+       int i,j,k;
+       unsigned rsa_num,rsa_num2;
 #ifndef NO_MD2
        unsigned char md2[MD2_DIGEST_LENGTH];
 #endif
@@ -285,6 +290,7 @@ int MAIN(int argc, char **argv)
                 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
        unsigned char iv[8];
 #ifndef NO_DES
+       des_cblock *buf_as_des_cblock = NULL;
        static des_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
        static des_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
        static des_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
@@ -341,6 +347,7 @@ int MAIN(int argc, char **argv)
        int pr_header=0;
 
        apps_startup();
+       memset(results, 0, sizeof(results));
 #ifndef NO_DSA
        memset(dsa_key,0,sizeof(dsa_key));
 #endif
@@ -360,6 +367,9 @@ int MAIN(int argc, char **argv)
                BIO_printf(bio_err,"out of memory\n");
                goto end;
                }
+#ifndef NO_DES
+       buf_as_des_cblock = (des_cblock *)buf;
+#endif
        if ((buf2=(unsigned char *)Malloc((int)BUFSIZE)) == NULL)
                {
                BIO_printf(bio_err,"out of memory\n");
@@ -415,7 +425,7 @@ int MAIN(int argc, char **argv)
                        if (strcmp(*argv,"rc4") == 0) doit[D_RC4]=1;
                else 
 #endif
-#ifndef NO_DEF
+#ifndef NO_DES
                        if (strcmp(*argv,"des-cbc") == 0) doit[D_CBC_DES]=1;
                else    if (strcmp(*argv,"des-ede3") == 0) doit[D_EDE3_DES]=1;
                else
@@ -429,12 +439,14 @@ int MAIN(int argc, char **argv)
                        }
                else
 #endif
+#ifndef RSA_NULL
                        if (strcmp(*argv,"openssl") == 0) 
                        {
                        RSA_set_default_method(RSA_PKCS1_SSLeay());
                        j--;
                        }
                else
+#endif
 #endif /* !NO_RSA */
                     if (strcmp(*argv,"dsa512") == 0) dsa_doit[R_DSA_512]=2;
                else if (strcmp(*argv,"dsa1024") == 0) dsa_doit[R_DSA_1024]=2;
@@ -580,9 +592,9 @@ int MAIN(int argc, char **argv)
 #endif
 
 #ifndef NO_DES
-       des_set_key(&key,sch);
-       des_set_key(&key2,sch2);
-       des_set_key(&key3,sch3);
+       des_set_key_unchecked(&key,sch);
+       des_set_key_unchecked(&key2,sch2);
+       des_set_key_unchecked(&key3,sch3);
 #endif
 #ifndef NO_IDEA
        idea_set_encrypt_key(key16,&idea_ks);
@@ -606,6 +618,7 @@ int MAIN(int argc, char **argv)
        memset(rsa_c,0,sizeof(rsa_c));
 #endif
 #ifndef SIGALRM
+#ifndef NO_DES
        BIO_printf(bio_err,"First we calculate the approximate speed ...\n");
        count=10;
        do      {
@@ -613,7 +626,8 @@ int MAIN(int argc, char **argv)
                count*=2;
                Time_F(START);
                for (i=count; i; i--)
-                       des_ecb_encrypt(buf,buf, &(sch[0]),DES_ENCRYPT);
+                       des_ecb_encrypt(buf_as_des_cblock,buf_as_des_cblock,
+                               &(sch[0]),DES_ENCRYPT);
                d=Time_F(STOP);
                } while (d <3);
        c[D_MD2][0]=count/10;
@@ -696,10 +710,14 @@ int MAIN(int argc, char **argv)
 #define COND(d)        (count < (d))
 #define COUNT(d) (d)
 #else
+/* not worth fixing */
+# error "You cannot disable DES on systems without SIGALRM."
+#endif /* NO_DES */
+#else
 #define COND(c)        (run)
 #define COUNT(d) (count)
        signal(SIGALRM,sig_done);
-#endif
+#endif /* SIGALRM */
 
 #ifndef NO_MD2
        if (doit[D_MD2])
@@ -751,7 +769,7 @@ int MAIN(int argc, char **argv)
                }
 #endif
 
-#ifndef NO_MD5
+#if !defined(NO_MD5) && !defined(NO_HMAC)
        if (doit[D_HMAC])
                {
                HMAC_CTX hctx;
@@ -868,7 +886,7 @@ int MAIN(int argc, char **argv)
                        for (count=0,run=1; COND(c[D_CBC_IDEA][j]); count++)
                                idea_cbc_encrypt(buf,buf,
                                        (unsigned long)lengths[j],&idea_ks,
-                                       (unsigned char *)&(iv[0]),IDEA_ENCRYPT);
+                                       iv,IDEA_ENCRYPT);
                        d=Time_F(STOP);
                        BIO_printf(bio_err,"%ld %s's in %.2fs\n",
                                count,names[D_CBC_IDEA],d);
@@ -886,7 +904,7 @@ int MAIN(int argc, char **argv)
                        for (count=0,run=1; COND(c[D_CBC_RC2][j]); count++)
                                RC2_cbc_encrypt(buf,buf,
                                        (unsigned long)lengths[j],&rc2_ks,
-                                       (unsigned char *)&(iv[0]),RC2_ENCRYPT);
+                                       iv,RC2_ENCRYPT);
                        d=Time_F(STOP);
                        BIO_printf(bio_err,"%ld %s's in %.2fs\n",
                                count,names[D_CBC_RC2],d);
@@ -904,7 +922,7 @@ int MAIN(int argc, char **argv)
                        for (count=0,run=1; COND(c[D_CBC_RC5][j]); count++)
                                RC5_32_cbc_encrypt(buf,buf,
                                        (unsigned long)lengths[j],&rc5_ks,
-                                       (unsigned char *)&(iv[0]),RC5_ENCRYPT);
+                                       iv,RC5_ENCRYPT);
                        d=Time_F(STOP);
                        BIO_printf(bio_err,"%ld %s's in %.2fs\n",
                                count,names[D_CBC_RC5],d);
@@ -922,7 +940,7 @@ int MAIN(int argc, char **argv)
                        for (count=0,run=1; COND(c[D_CBC_BF][j]); count++)
                                BF_cbc_encrypt(buf,buf,
                                        (unsigned long)lengths[j],&bf_ks,
-                                       (unsigned char *)&(iv[0]),BF_ENCRYPT);
+                                       iv,BF_ENCRYPT);
                        d=Time_F(STOP);
                        BIO_printf(bio_err,"%ld %s's in %.2fs\n",
                                count,names[D_CBC_BF],d);
@@ -940,7 +958,7 @@ int MAIN(int argc, char **argv)
                        for (count=0,run=1; COND(c[D_CBC_CAST][j]); count++)
                                CAST_cbc_encrypt(buf,buf,
                                        (unsigned long)lengths[j],&cast_ks,
-                                       (unsigned char *)&(iv[0]),CAST_ENCRYPT);
+                                       iv,CAST_ENCRYPT);
                        d=Time_F(STOP);
                        BIO_printf(bio_err,"%ld %s's in %.2fs\n",
                                count,names[D_CBC_CAST],d);
@@ -949,22 +967,22 @@ int MAIN(int argc, char **argv)
                }
 #endif
 
-       RAND_bytes(buf,30);
+       RAND_pseudo_bytes(buf,36);
 #ifndef NO_RSA
        for (j=0; j<RSA_NUM; j++)
                {
+               int ret;
                if (!rsa_doit[j]) continue;
-               rsa_num=RSA_private_encrypt(30,buf,buf2,rsa_key[j],
-                       RSA_PKCS1_PADDING);
+               ret=RSA_sign(NID_md5_sha1, buf,36, buf2, &rsa_num, rsa_key[j]);
                pkey_print_message("private","rsa",rsa_c[j][0],rsa_bits[j],
                        RSA_SECONDS);
 /*             RSA_blinding_on(rsa_key[j],NULL); */
                Time_F(START);
                for (count=0,run=1; COND(rsa_c[j][0]); count++)
                        {
-                       rsa_num=RSA_private_encrypt(30,buf,buf2,rsa_key[j],
-                               RSA_PKCS1_PADDING);
-                       if (rsa_num <= 0)
+                       ret=RSA_sign(NID_md5_sha1, buf,36, buf2, &rsa_num,
+                                                                rsa_key[j]);
+                       if (ret <= 0)
                                {
                                BIO_printf(bio_err,"RSA private encrypt failure\n");
                                ERR_print_errors(bio_err);
@@ -979,18 +997,17 @@ int MAIN(int argc, char **argv)
                rsa_count=count;
 
 #if 1
-               rsa_num2=RSA_public_decrypt(rsa_num,buf2,buf,rsa_key[j],
-                       RSA_PKCS1_PADDING);
+               ret=RSA_verify(NID_md5_sha1, buf,36, buf2, rsa_num, rsa_key[j]);
                pkey_print_message("public","rsa",rsa_c[j][1],rsa_bits[j],
                        RSA_SECONDS);
                Time_F(START);
                for (count=0,run=1; COND(rsa_c[j][1]); count++)
                        {
-                       rsa_num2=RSA_public_decrypt(rsa_num,buf2,buf,rsa_key[j],
-                               RSA_PKCS1_PADDING);
-                       if (rsa_num2 <= 0)
+                       ret=RSA_verify(NID_md5_sha1, buf,36, buf2, rsa_num,
+                                                               rsa_key[j]);
+                       if (ret <= 0)
                                {
-                               BIO_printf(bio_err,"RSA public encrypt failure\n");
+                               BIO_printf(bio_err,"RSA verify failure\n");
                                ERR_print_errors(bio_err);
                                count=1;
                                break;
@@ -1011,7 +1028,7 @@ int MAIN(int argc, char **argv)
                }
 #endif
 
-       RAND_bytes(buf,20);
+       RAND_pseudo_bytes(buf,20);
 #ifndef NO_DSA
        for (j=0; j<DSA_NUM; j++)
                {
@@ -1029,7 +1046,7 @@ int MAIN(int argc, char **argv)
                        {
                        rsa_num=DSA_sign(EVP_PKEY_DSA,buf,20,buf2,
                                &kk,dsa_key[j]);
-                       if (rsa_num <= 0)
+                       if (rsa_num == 0)
                                {
                                BIO_printf(bio_err,"DSA sign failure\n");
                                ERR_print_errors(bio_err);
@@ -1052,7 +1069,7 @@ int MAIN(int argc, char **argv)
                        {
                        rsa_num2=DSA_verify(EVP_PKEY_DSA,buf,20,buf2,
                                kk,dsa_key[j]);
-                       if (rsa_num2 <= 0)
+                       if (rsa_num2 == 0)
                                {
                                BIO_printf(bio_err,"DSA verify failure\n");
                                ERR_print_errors(bio_err);
@@ -1127,7 +1144,7 @@ int MAIN(int argc, char **argv)
                        printf("%18ssign    verify    sign/s verify/s\n"," ");
                        j=0;
                        }
-               fprintf(stdout,"rsa %4d bits %8.4fs %8.4fs %8.1f %8.1f",
+               fprintf(stdout,"rsa %4u bits %8.4fs %8.4fs %8.1f %8.1f",
                        rsa_bits[k],rsa_results[k][0],rsa_results[k][1],
                        1.0/rsa_results[k][0],1.0/rsa_results[k][1]);
                fprintf(stdout,"\n");
@@ -1142,13 +1159,13 @@ int MAIN(int argc, char **argv)
                        printf("%18ssign    verify    sign/s verify/s\n"," ");
                        j=0;
                        }
-               fprintf(stdout,"dsa %4d bits %8.4fs %8.4fs %8.1f %8.1f",
+               fprintf(stdout,"dsa %4u bits %8.4fs %8.4fs %8.1f %8.1f",
                        dsa_bits[k],dsa_results[k][0],dsa_results[k][1],
                        1.0/dsa_results[k][0],1.0/dsa_results[k][1]);
                fprintf(stdout,"\n");
                }
 #endif
-       ret=0;
+       mret=0;
 end:
        if (buf != NULL) Free(buf);
        if (buf2 != NULL) Free(buf2);
@@ -1162,18 +1179,18 @@ end:
                if (dsa_key[i] != NULL)
                        DSA_free(dsa_key[i]);
 #endif
-       EXIT(ret);
+       EXIT(mret);
        }
 
 static void print_message(char *s, long num, int length)
        {
 #ifdef SIGALRM
        BIO_printf(bio_err,"Doing %s for %ds on %d size blocks: ",s,SECONDS,length);
-       BIO_flush(bio_err);
+       (void)BIO_flush(bio_err);
        alarm(SECONDS);
 #else
        BIO_printf(bio_err,"Doing %s %ld times on %d size blocks: ",s,num,length);
-       BIO_flush(bio_err);
+       (void)BIO_flush(bio_err);
 #endif
 #ifdef LINT
        num=num;
@@ -1185,11 +1202,11 @@ static void pkey_print_message(char *str, char *str2, long num, int bits,
        {
 #ifdef SIGALRM
        BIO_printf(bio_err,"Doing %d bit %s %s's for %ds: ",bits,str,str2,tm);
-       BIO_flush(bio_err);
+       (void)BIO_flush(bio_err);
        alarm(RSA_SECONDS);
 #else
        BIO_printf(bio_err,"Doing %ld %d bit %s %s's: ",num,bits,str,str2);
-       BIO_flush(bio_err);
+       (void)BIO_flush(bio_err);
 #endif
 #ifdef LINT
        num=num;