X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=apps%2Fspeed.c;h=ac643bd98689ebf1aacfa04efac3af7f8f4ed8a1;hp=de35c47e47d81adc482f9d3d764af2a0d1707bdb;hb=5c6bf03117a26942327f43d02e9113e9870f7aba;hpb=0e211563335b58e6d16079acc347395dbcc81f91 diff --git a/apps/speed.c b/apps/speed.c index de35c47e47..ac643bd986 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -55,6 +55,32 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * + * Portions of the attached software ("Contribution") are developed by + * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. + * + * The Contribution is licensed pursuant to the OpenSSL open source + * license provided above. + * + * In addition, Sun covenants to all licensees who provide a reciprocal + * covenant with respect to their own patents if any, not to sue under + * current and future patent claims necessarily infringed by the making, + * using, practicing, selling, offering for sale and/or otherwise + * disposing of the Contribution as delivered hereunder + * (or portions thereof), provided that such covenant shall not apply: + * 1) for code that a licensee deletes from the Contribution; + * 2) separates from the Contribution; or + * 3) for infringements caused by: + * i) the modification of the Contribution or + * ii) the combination of the Contribution with other software or + * devices where such combination causes the infringement. + * + * The ECDH and ECDSA speed test software is originally written by + * Sumit Gupta of Sun Microsystems Laboratories. + * + */ /* most of this code has been pilfered from my libdes speed.c program */ @@ -62,6 +88,8 @@ #define SECONDS 3 #define RSA_SECONDS 10 #define DSA_SECONDS 10 +#define ECDSA_SECONDS 10 +#define ECDH_SECONDS 10 /* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */ /* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */ @@ -83,14 +111,16 @@ #include #include #include +#if !defined(OPENSSL_SYS_MSDOS) #include OPENSSL_UNISTD +#endif #if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) || defined(OPENSSL_SYS_MACOSX) # define USE_TOD -#elif !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) +#elif !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VXWORKS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) # define TIMES #endif -#if !defined(_UNICOS) && !defined(__OpenBSD__) && !defined(sgi) && !defined(__FreeBSD__) && !(defined(__bsdi) || defined(__bsdi__)) && !defined(_AIX) && !defined(OPENSSL_SYS_MPE) && !defined(__NetBSD__) /* FIXME */ +#if !defined(_UNICOS) && !defined(__OpenBSD__) && !defined(sgi) && !defined(__FreeBSD__) && !(defined(__bsdi) || defined(__bsdi__)) && !defined(_AIX) && !defined(OPENSSL_SYS_MPE) && !defined(__NetBSD__) && !defined(OPENSSL_SYS_VXWORKS) /* FIXME */ # define TIMEB #endif @@ -118,7 +148,7 @@ #include #endif -#if !defined(TIMES) && !defined(TIMEB) && !defined(USE_TOD) +#if !defined(TIMES) && !defined(TIMEB) && !defined(USE_TOD) && !defined(OPENSSL_SYS_VXWORKS) #error "It seems neither struct tms nor struct timeb is supported in this platform!" #endif @@ -129,7 +159,10 @@ #endif #ifndef OPENSSL_NO_DES -#include +#include +#endif +#ifndef OPENSSL_NO_AES +#include #endif #ifndef OPENSSL_NO_MD2 #include @@ -179,6 +212,12 @@ #ifndef OPENSSL_NO_DSA #include "./testdsa.h" #endif +#ifndef OPENSSL_NO_ECDSA +#include +#endif +#ifndef OPENSSL_NO_ECDH +#include +#endif /* The following if from times(3) man page. It may need to be changed */ #ifndef HZ @@ -197,6 +236,10 @@ # endif #endif +#if !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MACINTOSH_CLASSIC) && !defined(OPENSSL_SYS_OS2) +# define HAVE_FORK 1 +#endif + #undef BUFSIZE #define BUFSIZE ((long)1024*8+1) int run=0; @@ -209,26 +252,37 @@ static double Time_F(int s); static void print_message(const char *s,long num,int length); static void pkey_print_message(char *str,char *str2,long num,int bits,int sec); static void print_result(int alg,int run_no,int count,double time_used); +#ifdef HAVE_FORK static int do_multi(int multi); -#ifdef SIGALRM -#if defined(__STDC__) || defined(sgi) || defined(_AIX) -#define SIGRETTYPE void -#else -#define SIGRETTYPE int -#endif +#endif -#define ALGOR_NUM 16 +#define ALGOR_NUM 19 #define SIZE_NUM 5 #define RSA_NUM 4 #define DSA_NUM 3 + +#define EC_NUM 16 +#define MAX_ECDH_SIZE 256 + static const char *names[ALGOR_NUM]={ "md2","mdc2","md4","md5","hmac(md5)","sha1","rmd160","rc4", "des cbc","des ede3","idea cbc", - "rc2 cbc","rc5-32/12 cbc","blowfish cbc","cast cbc"}; + "rc2 cbc","rc5-32/12 cbc","blowfish cbc","cast cbc", + "aes-128 cbc","aes-192 cbc","aes-256 cbc"}; static double results[ALGOR_NUM][SIZE_NUM]; -static int lengths[SIZE_NUM]={8,64,256,1024,8*1024}; +static int lengths[SIZE_NUM]={16,64,256,1024,8*1024}; static double rsa_results[RSA_NUM][2]; static double dsa_results[DSA_NUM][2]; +static double ecdsa_results[EC_NUM][2]; +static double ecdh_results[EC_NUM][1]; + + +#ifdef SIGALRM +#if defined(__STDC__) || defined(sgi) || defined(_AIX) +#define SIGRETTYPE void +#else +#define SIGRETTYPE int +#endif static SIGRETTYPE sig_done(int sig); static SIGRETTYPE sig_done(int sig) @@ -313,7 +367,23 @@ static double Time_F(int s) # if defined(TIMES) && defined(TIMEB) else # endif -# ifdef TIMEB +# ifdef OPENSSL_SYS_VXWORKS + { + static unsigned long tick_start, tick_end; + + if( s == START ) + { + tick_start = tickGet(); + return 0; + } + else + { + tick_end = tickGet(); + ret = (double)(tick_end - tick_start) / (double)sysClkRateGet(); + return((ret < 0.001)?0.001:ret); + } + } +# elif defined(TIMEB) { static struct timeb tstart,tend; long i; @@ -340,14 +410,18 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { - ENGINE *e; + ENGINE *e = NULL; unsigned char *buf=NULL,*buf2=NULL; int mret=1; - long count,rsa_count,save_count=0; + long count=0,save_count=0; int i,j,k; +#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) + long rsa_count; +#endif #ifndef OPENSSL_NO_RSA unsigned rsa_num; #endif + unsigned char md[EVP_MAX_MD_SIZE]; #ifndef OPENSSL_NO_MD2 unsigned char md2[MD2_DIGEST_LENGTH]; #endif @@ -385,19 +459,37 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_CAST CAST_KEY cast_ks; #endif - static unsigned char key16[16]= + static const unsigned char key16[16]= {0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0, 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12}; - unsigned char iv[8]; + static const unsigned char key24[24]= + {0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0, + 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12, + 0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34}; + static const unsigned char key32[32]= + {0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0, + 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12, + 0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34, + 0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34,0x56}; +#ifndef OPENSSL_NO_AES +#define MAX_BLOCK_SIZE 128 +#else +#define MAX_BLOCK_SIZE 64 +#endif + unsigned char DES_iv[8]; + unsigned char iv[MAX_BLOCK_SIZE/8]; #ifndef OPENSSL_NO_DES DES_cblock *buf_as_des_cblock = NULL; - static des_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0}; - static des_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12}; - static des_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34}; + static DES_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0}; + static DES_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12}; + static DES_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34}; DES_key_schedule sch; DES_key_schedule sch2; DES_key_schedule sch3; #endif +#ifndef OPENSSL_NO_AES + AES_KEY aes_ks1, aes_ks2, aes_ks3; +#endif #define D_MD2 0 #define D_MDC2 1 #define D_MD4 2 @@ -413,8 +505,11 @@ int MAIN(int argc, char **argv) #define D_CBC_RC5 12 #define D_CBC_BF 13 #define D_CBC_CAST 14 -#define D_EVP 15 - double d; +#define D_CBC_128_AES 15 +#define D_CBC_192_AES 16 +#define D_CBC_256_AES 17 +#define D_EVP 18 + double d=0.0; long c[ALGOR_NUM][SIZE_NUM]; #define R_DSA_512 0 #define R_DSA_1024 1 @@ -423,6 +518,24 @@ int MAIN(int argc, char **argv) #define R_RSA_1024 1 #define R_RSA_2048 2 #define R_RSA_4096 3 + +#define R_EC_P160 0 +#define R_EC_P192 1 +#define R_EC_P224 2 +#define R_EC_P256 3 +#define R_EC_P384 4 +#define R_EC_P521 5 +#define R_EC_K163 6 +#define R_EC_K233 7 +#define R_EC_K283 8 +#define R_EC_K409 9 +#define R_EC_K571 10 +#define R_EC_B163 11 +#define R_EC_B233 12 +#define R_EC_B283 13 +#define R_EC_B409 14 +#define R_EC_B571 15 + #ifndef OPENSSL_NO_RSA RSA *rsa_key[RSA_NUM]; long rsa_c[RSA_NUM][2]; @@ -438,13 +551,91 @@ int MAIN(int argc, char **argv) long dsa_c[DSA_NUM][2]; static unsigned int dsa_bits[DSA_NUM]={512,1024,2048}; #endif +#ifndef OPENSSL_NO_EC + /* We only test over the following curves as they are representative, + * To add tests over more curves, simply add the curve NID + * and curve name to the following arrays and increase the + * EC_NUM value accordingly. + */ + static unsigned int test_curves[EC_NUM] = + { + /* Prime Curves */ + NID_secp160r1, + NID_X9_62_prime192v1, + NID_secp224r1, + NID_X9_62_prime256v1, + NID_secp384r1, + NID_secp521r1, + /* Binary Curves */ + NID_sect163k1, + NID_sect233k1, + NID_sect283k1, + NID_sect409k1, + NID_sect571k1, + NID_sect163r2, + NID_sect233r1, + NID_sect283r1, + NID_sect409r1, + NID_sect571r1 + }; + static char * test_curves_names[EC_NUM] = + { + /* Prime Curves */ + "secp160r1", + "nistp192", + "nistp224", + "nistp256", + "nistp384", + "nistp521", + /* Binary Curves */ + "nistk163", + "nistk233", + "nistk283", + "nistk409", + "nistk571", + "nistb163", + "nistb233", + "nistb283", + "nistb409", + "nistb571" + }; + static int test_curves_bits[EC_NUM] = + { + 160, 192, 224, 256, 384, 521, + 163, 233, 283, 409, 571, + 163, 233, 283, 409, 571 + }; + +#endif + +#ifndef OPENSSL_NO_ECDSA + unsigned char ecdsasig[256]; + unsigned int ecdsasiglen; + EC_KEY *ecdsa[EC_NUM]; + long ecdsa_c[EC_NUM][2]; +#endif + +#ifndef OPENSSL_NO_ECDH + EC_KEY *ecdh_a[EC_NUM], *ecdh_b[EC_NUM]; + unsigned char secret_a[MAX_ECDH_SIZE], secret_b[MAX_ECDH_SIZE]; + int secret_size_a, secret_size_b; + int ecdh_checks = 0; + int secret_idx = 0; + long ecdh_c[EC_NUM][2]; +#endif + int rsa_doit[RSA_NUM]; int dsa_doit[DSA_NUM]; + int ecdsa_doit[EC_NUM]; + int ecdh_doit[EC_NUM]; int doit[ALGOR_NUM]; int pr_header=0; - const EVP_CIPHER *evp=NULL; + const EVP_CIPHER *evp_cipher=NULL; + const EVP_MD *evp_md=NULL; int decrypt=0; +#ifdef HAVE_FORK int multi=0; +#endif #ifndef TIMES usertime=-1; @@ -455,11 +646,25 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_DSA memset(dsa_key,0,sizeof(dsa_key)); #endif +#ifndef OPENSSL_NO_ECDSA + for (i=0; i 0) && (strcmp(*argv,"-multi") == 0)) { argc--; @@ -555,7 +775,10 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err,"bad multi count\n"); goto end; } + j--; /* Otherwise, -mr gets confused with + an algorithm. */ } +#endif else if (argc > 0 && !strcmp(*argv,"-mr")) { mr=1; @@ -606,6 +829,12 @@ int MAIN(int argc, char **argv) else if (strcmp(*argv,"des-ede3") == 0) doit[D_EDE3_DES]=1; else #endif +#ifndef OPENSSL_NO_AES + if (strcmp(*argv,"aes-128-cbc") == 0) doit[D_CBC_128_AES]=1; + else if (strcmp(*argv,"aes-192-cbc") == 0) doit[D_CBC_192_AES]=1; + else if (strcmp(*argv,"aes-256-cbc") == 0) doit[D_CBC_256_AES]=1; + else +#endif #ifndef OPENSSL_NO_RSA #if 0 /* was: #ifdef RSAref */ if (strcmp(*argv,"rsaref") == 0) @@ -667,6 +896,15 @@ int MAIN(int argc, char **argv) } else #endif +#ifndef OPENSSL_NO_AES + if (strcmp(*argv,"aes") == 0) + { + doit[D_CBC_128_AES]=1; + doit[D_CBC_192_AES]=1; + doit[D_CBC_256_AES]=1; + } + else +#endif #ifndef OPENSSL_NO_RSA if (strcmp(*argv,"rsa") == 0) { @@ -684,6 +922,52 @@ int MAIN(int argc, char **argv) dsa_doit[R_DSA_1024]=1; } else +#endif +#ifndef OPENSSL_NO_ECDSA + if (strcmp(*argv,"ecdsap160") == 0) ecdsa_doit[R_EC_P160]=2; + else if (strcmp(*argv,"ecdsap224") == 0) ecdsa_doit[R_EC_P224]=2; + else if (strcmp(*argv,"ecdsap256") == 0) ecdsa_doit[R_EC_P256]=2; + else if (strcmp(*argv,"ecdsap384") == 0) ecdsa_doit[R_EC_P384]=2; + else if (strcmp(*argv,"ecdsap521") == 0) ecdsa_doit[R_EC_P521]=2; + else if (strcmp(*argv,"ecdsak163") == 0) ecdsa_doit[R_EC_K163]=2; + else if (strcmp(*argv,"ecdsak233") == 0) ecdsa_doit[R_EC_K233]=2; + else if (strcmp(*argv,"ecdsak283") == 0) ecdsa_doit[R_EC_K283]=2; + else if (strcmp(*argv,"ecdsak409") == 0) ecdsa_doit[R_EC_K409]=2; + else if (strcmp(*argv,"ecdsak571") == 0) ecdsa_doit[R_EC_K571]=2; + else if (strcmp(*argv,"ecdsab163") == 0) ecdsa_doit[R_EC_B163]=2; + else if (strcmp(*argv,"ecdsab233") == 0) ecdsa_doit[R_EC_B233]=2; + else if (strcmp(*argv,"ecdsab283") == 0) ecdsa_doit[R_EC_B283]=2; + else if (strcmp(*argv,"ecdsab409") == 0) ecdsa_doit[R_EC_B409]=2; + else if (strcmp(*argv,"ecdsab571") == 0) ecdsa_doit[R_EC_B571]=2; + else if (strcmp(*argv,"ecdsa") == 0) + { + for (i=0; i < EC_NUM; i++) + ecdsa_doit[i]=1; + } + else +#endif +#ifndef OPENSSL_NO_ECDH + if (strcmp(*argv,"ecdhp160") == 0) ecdh_doit[R_EC_P160]=2; + else if (strcmp(*argv,"ecdhp224") == 0) ecdh_doit[R_EC_P224]=2; + else if (strcmp(*argv,"ecdhp256") == 0) ecdh_doit[R_EC_P256]=2; + else if (strcmp(*argv,"ecdhp384") == 0) ecdh_doit[R_EC_P384]=2; + else if (strcmp(*argv,"ecdhp521") == 0) ecdh_doit[R_EC_P521]=2; + else if (strcmp(*argv,"ecdhk163") == 0) ecdh_doit[R_EC_K163]=2; + else if (strcmp(*argv,"ecdhk233") == 0) ecdh_doit[R_EC_K233]=2; + else if (strcmp(*argv,"ecdhk283") == 0) ecdh_doit[R_EC_K283]=2; + else if (strcmp(*argv,"ecdhk409") == 0) ecdh_doit[R_EC_K409]=2; + else if (strcmp(*argv,"ecdhk571") == 0) ecdh_doit[R_EC_K571]=2; + else if (strcmp(*argv,"ecdhb163") == 0) ecdh_doit[R_EC_B163]=2; + else if (strcmp(*argv,"ecdhb233") == 0) ecdh_doit[R_EC_B233]=2; + else if (strcmp(*argv,"ecdhb283") == 0) ecdh_doit[R_EC_B283]=2; + else if (strcmp(*argv,"ecdhb409") == 0) ecdh_doit[R_EC_B409]=2; + else if (strcmp(*argv,"ecdhb571") == 0) ecdh_doit[R_EC_B571]=2; + else if (strcmp(*argv,"ecdh") == 0) + { + for (i=0; i < EC_NUM; i++) + ecdh_doit[i]=1; + } + else #endif { BIO_printf(bio_err,"Error: bad option or value\n"); @@ -732,8 +1016,12 @@ int MAIN(int argc, char **argv) !defined(OPENSSL_NO_BF) || !defined(OPENSSL_NO_RC5) BIO_printf(bio_err,"\n"); #endif - +#ifndef OPENSSL_NO_DES BIO_printf(bio_err,"des-cbc des-ede3 "); +#endif +#ifndef OPENSSL_NO_AES + BIO_printf(bio_err,"aes-128-cbc aes-192-cbc aes-256-cbc "); +#endif #ifndef OPENSSL_NO_RC4 BIO_printf(bio_err,"rc4"); #endif @@ -746,6 +1034,18 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_DSA BIO_printf(bio_err,"dsa512 dsa1024 dsa2048\n"); #endif +#ifndef OPENSSL_NO_ECDSA + BIO_printf(bio_err,"ecdsap160 ecdsap224 ecdsap256 ecdsap384 ecdsap521\n"); + BIO_printf(bio_err,"ecdsak163 ecdsak233 ecdsak283 ecdsak409 ecdsak571\n"); + BIO_printf(bio_err,"ecdsab163 ecdsab233 ecdsab283 ecdsab409 ecdsab571\n"); + BIO_printf(bio_err,"ecdsa\n"); +#endif +#ifndef OPENSSL_NO_ECDH + BIO_printf(bio_err,"ecdhp160 ecdhp224 ecdhp256 ecdhp384 ecdhp521\n"); + BIO_printf(bio_err,"ecdhk163 ecdhk233 ecdhk283 ecdhk409 ecdhk571\n"); + BIO_printf(bio_err,"ecdhb163 ecdhb233 ecdhb283 ecdhb409 ecdhb571\n"); + BIO_printf(bio_err,"ecdh\n"); +#endif #ifndef OPENSSL_NO_IDEA BIO_printf(bio_err,"idea "); @@ -756,6 +1056,9 @@ int MAIN(int argc, char **argv) #ifndef OPENSSL_NO_DES BIO_printf(bio_err,"des "); #endif +#ifndef OPENSSL_NO_AES + BIO_printf(bio_err,"aes "); +#endif #ifndef OPENSSL_NO_RSA BIO_printf(bio_err,"rsa "); #endif @@ -764,20 +1067,22 @@ int MAIN(int argc, char **argv) #endif #if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_RC2) || \ !defined(OPENSSL_NO_DES) || !defined(OPENSSL_NO_RSA) || \ - !defined(OPENSSL_NO_BF) + !defined(OPENSSL_NO_BF) || !defined(OPENSSL_NO_AES) BIO_printf(bio_err,"\n"); #endif BIO_printf(bio_err,"\n"); BIO_printf(bio_err,"Available options:\n"); -#ifdef TIMES +#if defined(TIMES) || defined(USE_TOD) BIO_printf(bio_err,"-elapsed measure time in real time instead of CPU user time.\n"); #endif BIO_printf(bio_err,"-engine e use engine e, possibly a hardware device.\n"); BIO_printf(bio_err,"-evp e use EVP e.\n"); BIO_printf(bio_err,"-decrypt time decryption instead of encryption (only EVP).\n"); BIO_printf(bio_err,"-mr produce machine readable output.\n"); +#ifdef HAVE_FORK BIO_printf(bio_err,"-multi n run n benchmarks in parallel.\n"); +#endif goto end; } argc--; @@ -785,8 +1090,10 @@ int MAIN(int argc, char **argv) j++; } +#ifdef HAVE_FORK if(multi && do_multi(multi)) goto show_res; +#endif if (j == 0) { @@ -847,6 +1154,11 @@ int MAIN(int argc, char **argv) DES_set_key_unchecked(&key2,&sch2); DES_set_key_unchecked(&key3,&sch3); #endif +#ifndef OPENSSL_NO_AES + AES_set_encrypt_key(key16,128,&aes_ks1); + AES_set_encrypt_key(key24,192,&aes_ks2); + AES_set_encrypt_key(key32,256,&aes_ks3); +#endif #ifndef OPENSSL_NO_IDEA idea_set_encrypt_key(key16,&idea_ks); #endif @@ -875,9 +1187,9 @@ int MAIN(int argc, char **argv) do { long i; count*=2; - Time_F(START,usertime); + Time_F(START); for (i=count; i; i--) - des_ecb_encrypt(buf_as_des_cblock,buf_as_des_cblock, + DES_ecb_encrypt(buf_as_des_cblock,buf_as_des_cblock, &sch,DES_ENCRYPT); d=Time_F(STOP); } while (d <3); @@ -963,6 +1275,114 @@ int MAIN(int argc, char **argv) } #endif +#ifndef OPENSSL_NO_ECDSA + ecdsa_c[R_EC_P160][0]=count/1000; + ecdsa_c[R_EC_P160][1]=count/1000/2; + for (i=R_EC_P224; i<=R_EC_P521; i++) + { + ecdsa_c[i][0]=ecdsa_c[i-1][0]/2; + ecdsa_c[i][1]=ecdsa_c[i-1][1]/2; + if ((ecdsa_doit[i] <= 1) && (ecdsa_c[i][0] == 0)) + ecdsa_doit[i]=0; + else + { + if (ecdsa_c[i] == 0) + { + ecdsa_c[i][0]=1; + ecdsa_c[i][1]=1; + } + } + } + ecdsa_c[R_EC_K163][0]=count/1000; + ecdsa_c[R_EC_K163][1]=count/1000/2; + for (i=R_EC_K233; i<=R_EC_K571; i++) + { + ecdsa_c[i][0]=ecdsa_c[i-1][0]/2; + ecdsa_c[i][1]=ecdsa_c[i-1][1]/2; + if ((ecdsa_doit[i] <= 1) && (ecdsa_c[i][0] == 0)) + ecdsa_doit[i]=0; + else + { + if (ecdsa_c[i] == 0) + { + ecdsa_c[i][0]=1; + ecdsa_c[i][1]=1; + } + } + } + ecdsa_c[R_EC_B163][0]=count/1000; + ecdsa_c[R_EC_B163][1]=count/1000/2; + for (i=R_EC_B233; i<=R_EC_B571; i++) + { + ecdsa_c[i][0]=ecdsa_c[i-1][0]/2; + ecdsa_c[i][1]=ecdsa_c[i-1][1]/2; + if ((ecdsa_doit[i] <= 1) && (ecdsa_c[i][0] == 0)) + ecdsa_doit[i]=0; + else + { + if (ecdsa_c[i] == 0) + { + ecdsa_c[i][0]=1; + ecdsa_c[i][1]=1; + } + } + } +#endif + +#ifndef OPENSSL_NO_ECDH + ecdh_c[R_EC_P160][0]=count/1000; + ecdh_c[R_EC_P160][1]=count/1000; + for (i=R_EC_P224; i<=R_EC_P521; i++) + { + ecdh_c[i][0]=ecdh_c[i-1][0]/2; + ecdh_c[i][1]=ecdh_c[i-1][1]/2; + if ((ecdh_doit[i] <= 1) && (ecdh_c[i][0] == 0)) + ecdh_doit[i]=0; + else + { + if (ecdh_c[i] == 0) + { + ecdh_c[i][0]=1; + ecdh_c[i][1]=1; + } + } + } + ecdh_c[R_EC_K163][0]=count/1000; + ecdh_c[R_EC_K163][1]=count/1000; + for (i=R_EC_K233; i<=R_EC_K571; i++) + { + ecdh_c[i][0]=ecdh_c[i-1][0]/2; + ecdh_c[i][1]=ecdh_c[i-1][1]/2; + if ((ecdh_doit[i] <= 1) && (ecdh_c[i][0] == 0)) + ecdh_doit[i]=0; + else + { + if (ecdh_c[i] == 0) + { + ecdh_c[i][0]=1; + ecdh_c[i][1]=1; + } + } + } + ecdh_c[R_EC_B163][0]=count/1000; + ecdh_c[R_EC_B163][1]=count/1000; + for (i=R_EC_B233; i<=R_EC_B571; i++) + { + ecdh_c[i][0]=ecdh_c[i-1][0]/2; + ecdh_c[i][1]=ecdh_c[i-1][1]/2; + if ((ecdh_doit[i] <= 1) && (ecdh_c[i][0] == 0)) + ecdh_doit[i]=0; + else + { + if (ecdh_c[i] == 0) + { + ecdh_c[i][0]=1; + ecdh_c[i][1]=1; + } + } + } +#endif + #define COND(d) (count < (d)) #define COUNT(d) (d) #else @@ -1040,8 +1460,8 @@ int MAIN(int argc, char **argv) HMAC_CTX hctx; HMAC_CTX_init(&hctx); - HMAC_Init(&hctx,(unsigned char *)"This is a key...", - 16,EVP_md5()); + HMAC_Init_ex(&hctx,(unsigned char *)"This is a key...", + 16,EVP_md5(), NULL); for (j=0; jnid); + /* -O3 -fschedule-insns messes up an + * optimization here! names[D_EVP] + * somehow becomes NULL */ + print_message(names[D_EVP],save_count, + lengths[j]); + + EVP_CIPHER_CTX_init(&ctx); + if(decrypt) + EVP_DecryptInit_ex(&ctx,evp_cipher,NULL,key16,iv); + else + EVP_EncryptInit_ex(&ctx,evp_cipher,NULL,key16,iv); - names[D_EVP]=OBJ_nid2ln(evp->nid); - print_message(names[D_EVP],save_count, - lengths[j]); - EVP_CIPHER_CTX_init(&ctx); - if(decrypt) - EVP_DecryptInit_ex(&ctx,evp,NULL,key16,iv); - else - EVP_EncryptInit_ex(&ctx,evp,NULL,key16,iv); - - Time_F(START); - if(decrypt) - for (count=0,run=1; COND(save_count*4*lengths[0]/lengths[j]); count++) - EVP_DecryptUpdate(&ctx,buf,&outl,buf,lengths[j]); - else + Time_F(START); + if(decrypt) + for (count=0,run=1; COND(save_count*4*lengths[0]/lengths[j]); count++) + EVP_DecryptUpdate(&ctx,buf,&outl,buf,lengths[j]); + else + for (count=0,run=1; COND(save_count*4*lengths[0]/lengths[j]); count++) + EVP_EncryptUpdate(&ctx,buf,&outl,buf,lengths[j]); + if(decrypt) + EVP_DecryptFinal_ex(&ctx,buf,&outl); + else + EVP_EncryptFinal_ex(&ctx,buf,&outl); + d=Time_F(STOP); + } + if (evp_md) + { + names[D_EVP]=OBJ_nid2ln(evp_md->type); + print_message(names[D_EVP],save_count, + lengths[j]); + + Time_F(START); for (count=0,run=1; COND(save_count*4*lengths[0]/lengths[j]); count++) - EVP_EncryptUpdate(&ctx,buf,&outl,buf,lengths[j]); - if(decrypt) - EVP_DecryptFinal_ex(&ctx,buf,&outl); - else - EVP_EncryptFinal_ex(&ctx,buf,&outl); - d=Time_F(STOP); + EVP_Digest(buf,lengths[j],&(md[0]),NULL,evp_md,NULL); + + d=Time_F(STOP); + } print_result(D_EVP,j,count,d); } } @@ -1423,7 +1907,223 @@ int MAIN(int argc, char **argv) } if (rnd_fake) RAND_cleanup(); #endif + +#ifndef OPENSSL_NO_ECDSA + if (RAND_status() != 1) + { + RAND_seed(rnd_seed, sizeof rnd_seed); + rnd_fake = 1; + } + for (j=0; jgroup = EC_GROUP_new_by_nid(test_curves[j]); + /* Could not obtain group information */ + if (ecdsa[j]->group == NULL) + { + BIO_printf(bio_err,"ECDSA failure.Could not obtain group information\n"); + ERR_print_errors(bio_err); + rsa_count=1; + } + else + { + /* Perform ECDSA signature test */ + EC_KEY_generate_key(ecdsa[j]); + ret = ECDSA_sign(0, buf, 20, ecdsasig, + &ecdsasiglen, ecdsa[j]); + if (ret == 0) + { + BIO_printf(bio_err,"ECDSA sign failure. No ECDSA sign will be done.\n"); + ERR_print_errors(bio_err); + rsa_count=1; + } + else + { + pkey_print_message("sign","ecdsa", + ecdsa_c[j][0], + test_curves_bits[j], + ECDSA_SECONDS); + + Time_F(START); + for (count=0,run=1; COND(ecdsa_c[j][0]); + count++) + { + ret=ECDSA_sign(0, buf, 20, + ecdsasig, &ecdsasiglen, + ecdsa[j]); + if (ret == 0) + { + BIO_printf(bio_err, "ECDSA sign failure\n"); + ERR_print_errors(bio_err); + count=1; + break; + } + } + d=Time_F(STOP); + + BIO_printf(bio_err, mr ? "+R5:%ld:%d:%.2f\n" : + "%ld %d bit ECDSA signs in %.2fs \n", + count, test_curves_bits[j], d); + ecdsa_results[j][0]=d/(double)count; + rsa_count=count; + } + + /* Perform ECDSA verification test */ + ret=ECDSA_verify(0, buf, 20, ecdsasig, + ecdsasiglen, ecdsa[j]); + if (ret != 1) + { + BIO_printf(bio_err,"ECDSA verify failure. No ECDSA verify will be done.\n"); + ERR_print_errors(bio_err); + ecdsa_doit[j] = 0; + } + else + { + pkey_print_message("verify","ecdsa", + ecdsa_c[j][1], + test_curves_bits[j], + ECDSA_SECONDS); + Time_F(START); + for (count=0,run=1; COND(ecdsa_c[j][1]); count++) + { + ret=ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[j]); + if (ret != 1) + { + BIO_printf(bio_err, "ECDSA verify failure\n"); + ERR_print_errors(bio_err); + count=1; + break; + } + } + d=Time_F(STOP); + BIO_printf(bio_err, mr? "+R6:%ld:%d:%.2f\n" + : "%ld %d bit ECDSA verify in %.2fs\n", + count, test_curves_bits[j], d); + ecdsa_results[j][1]=d/(double)count; + } + + if (rsa_count <= 1) + { + /* if longer than 10s, don't do any more */ + for (j++; jgroup = EC_GROUP_new_by_nid(test_curves[j]); + if (ecdh_a[j]->group == NULL) + { + BIO_printf(bio_err,"ECDH failure.\n"); + ERR_print_errors(bio_err); + rsa_count=1; + } + else + { + ecdh_b[j]->group = ecdh_a[j]->group; + + /* generate two ECDH key pairs */ + if (!EC_KEY_generate_key(ecdh_a[j]) || + !EC_KEY_generate_key(ecdh_b[j])) + { + BIO_printf(bio_err,"ECDH key generation failure.\n"); + ERR_print_errors(bio_err); + rsa_count=1; + } + else + { + secret_size_a = ECDH_compute_key(secret_a, + ecdh_b[j]->pub_key, + ecdh_a[j]); + secret_size_b = ECDH_compute_key(secret_b, + ecdh_a[j]->pub_key, + ecdh_b[j]); + if (secret_size_a != secret_size_b) + ecdh_checks = 0; + else + ecdh_checks = 1; + + for (secret_idx = 0; + (secret_idx < secret_size_a) + && (ecdh_checks == 1); + secret_idx++) + { + if (secret_a[secret_idx] != secret_b[secret_idx]) + ecdh_checks = 0; + } + + if (ecdh_checks == 0) + { + BIO_printf(bio_err,"ECDH computations don't match.\n"); + ERR_print_errors(bio_err); + rsa_count=1; + } + + pkey_print_message("","ecdh", + ecdh_c[j][0], + test_curves_bits[j], + ECDH_SECONDS); + Time_F(START); + for (count=0,run=1; COND(ecdh_c[j][0]); count++) + { + ECDH_compute_key(secret_a, + ecdh_b[j]->pub_key, + ecdh_a[j]); + } + d=Time_F(STOP); + BIO_printf(bio_err, mr ? "+R7:%ld:%d:%.2f\n" :"%ld %d-bit ECDH ops in %.2fs\n", + count, test_curves_bits[j], d); + ecdh_results[j][0]=d/(double)count; + rsa_count=count; + } + } + } + + if (rsa_count <= 1) + { + /* if longer than 10s, don't do any more */ + for (j++; j