X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=apps%2Fspeed.c;h=e5132631cf7416b082ced9f81e1e7accf6b37c7b;hp=80b26f4a3c108fea6eeb1fe291b016fc082e19eb;hb=6671c775e661b6bda139ec8154905bf566fb77c9;hpb=9bffdebc38495f051b6e77ae7f6beda0da7635cb diff --git a/apps/speed.c b/apps/speed.c index 80b26f4a3c..e5132631cf 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -1,5 +1,6 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,23 +8,8 @@ * https://www.openssl.org/source/license.html */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * - * Portions of the attached software ("Contribution") are developed by - * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. - * - * The Contribution is licensed pursuant to the OpenSSL open source - * license provided above. - * - * The ECDH and ECDSA speed test software is originally written by - * Sumit Gupta of Sun Microsystems Laboratories. - * - */ - #undef SECONDS #define SECONDS 3 -#define PRIME_SECONDS 10 #define RSA_SECONDS 10 #define DSA_SECONDS 10 #define ECDSA_SECONDS 10 @@ -34,6 +20,7 @@ #include #include #include "apps.h" +#include "progs.h" #include #include #include @@ -125,55 +112,23 @@ # define NO_FORK #endif -#undef BUFSIZE -#define BUFSIZE (1024*16+1) #define MAX_MISALIGNMENT 63 - -#define ALGOR_NUM 30 -#define SIZE_NUM 6 -#define PRIME_NUM 3 -#define RSA_NUM 7 -#define DSA_NUM 3 - -#define EC_NUM 17 #define MAX_ECDH_SIZE 256 #define MISALIGN 64 +typedef struct openssl_speed_sec_st { + int sym; + int rsa; + int dsa; + int ecdsa; + int ecdh; +} openssl_speed_sec_t; + static volatile int run = 0; static int mr = 0; static int usertime = 1; -typedef void *(*kdf_fn) (const void *in, size_t inlen, void *out, - size_t *xoutlen); - -typedef struct loopargs_st { - ASYNC_JOB *inprogress_job; - ASYNC_WAIT_CTX *wait_ctx; - unsigned char *buf; - unsigned char *buf2; - unsigned char *buf_malloc; - unsigned char *buf2_malloc; - unsigned int siglen; -#ifndef OPENSSL_NO_RSA - RSA *rsa_key[RSA_NUM]; -#endif -#ifndef OPENSSL_NO_DSA - DSA *dsa_key[DSA_NUM]; -#endif -#ifndef OPENSSL_NO_EC - EC_KEY *ecdsa[EC_NUM]; - EVP_PKEY_CTX *ecdh_ctx[EC_NUM]; - unsigned char *secret_a; - unsigned char *secret_b; - size_t outlen[EC_NUM]; - kdf_fn kdf; -#endif - EVP_CIPHER_CTX *ctx; - HMAC_CTX *hctx; - GCM128_CONTEXT *gcm_ctx; -} loopargs_t; - #ifndef OPENSSL_NO_MD2 static int EVP_Digest_MD2_loop(void *args); #endif @@ -211,7 +166,9 @@ static int AES_cbc_256_encrypt_loop(void *args); static int AES_ige_192_encrypt_loop(void *args); static int AES_ige_256_encrypt_loop(void *args); static int CRYPTO_gcm128_aad_loop(void *args); +static int RAND_bytes_loop(void *args); static int EVP_Update_loop(void *args); +static int EVP_Update_loop_ccm(void *args); static int EVP_Digest_loop(void *args); #ifndef OPENSSL_NO_RSA static int RSA_sign_loop(void *args); @@ -225,49 +182,20 @@ static int DSA_verify_loop(void *args); static int ECDSA_sign_loop(void *args); static int ECDSA_verify_loop(void *args); #endif -static int run_benchmark(int async_jobs, int (*loop_function) (void *), - loopargs_t * loopargs); static double Time_F(int s); -static void print_message(const char *s, long num, int length); +static void print_message(const char *s, long num, int length, int tm); static void pkey_print_message(const char *str, const char *str2, - long num, int bits, int sec); + long num, unsigned int bits, int sec); static void print_result(int alg, int run_no, int count, double time_used); #ifndef NO_FORK -static int do_multi(int multi); +static int do_multi(int multi, int size_num); #endif -static const char *names[ALGOR_NUM] = { - "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4", - "des cbc", "des ede3", "idea cbc", "seed cbc", - "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc", - "aes-128 cbc", "aes-192 cbc", "aes-256 cbc", - "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc", - "evp", "sha256", "sha512", "whirlpool", - "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash" -}; - -static double results[ALGOR_NUM][SIZE_NUM]; - -static const int lengths[SIZE_NUM] = { +static const int lengths_list[] = { 16, 64, 256, 1024, 8 * 1024, 16 * 1024 }; - -#ifndef OPENSSL_NO_RSA -static double rsa_results[RSA_NUM][2]; -#endif -#ifndef OPENSSL_NO_DSA -static double dsa_results[DSA_NUM][2]; -#endif -#ifndef OPENSSL_NO_EC -static double ecdsa_results[EC_NUM][2]; -static double ecdh_results[EC_NUM][1]; -#endif - -#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC) -static const char rnd_seed[] = - "string to make the random number generator think it has entropy"; -#endif +static const int *lengths = lengths_list; #ifdef SIGALRM # if defined(__STDC__) || defined(sgi) || defined(_AIX) @@ -292,7 +220,8 @@ static SIGRETTYPE sig_done(int sig) # if !defined(SIGALRM) # define SIGALRM # endif -static unsigned int lapse, schlock; +static unsigned int lapse; +static volatile unsigned int schlock; static void alarm_win32(unsigned int secs) { lapse = secs * 1000; @@ -344,11 +273,17 @@ static double Time_F(int s) } #endif -static void multiblock_speed(const EVP_CIPHER *evp_cipher); +static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single, + const openssl_speed_sec_t *seconds); -static int found(const char *name, const OPT_PAIR *pairs, int *result) +#define found(value, pairs, result)\ + opt_found(value, result, pairs, OSSL_NELEM(pairs)) +static int opt_found(const char *name, unsigned int *result, + const OPT_PAIR pairs[], unsigned int nbelem) { - for (; pairs->name; pairs++) + unsigned int idx; + + for (idx = 0; idx < nbelem; ++idx, pairs++) if (strcmp(name, pairs->name) == 0) { *result = pairs->retval; return 1; @@ -359,7 +294,8 @@ static int found(const char *name, const OPT_PAIR *pairs, int *result) typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_ELAPSED, OPT_EVP, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI, - OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS + OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM, + OPT_PRIMES, OPT_SECONDS, OPT_BYTES } OPTION_CHOICE; const OPTIONS speed_options[] = { @@ -382,10 +318,16 @@ const OPTIONS speed_options[] = { {"async_jobs", OPT_ASYNCJOBS, 'p', "Enable async mode and start pnum jobs"}, #endif + OPT_R_OPTIONS, #ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, #endif - {NULL}, + {"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"}, + {"seconds", OPT_SECONDS, 'p', + "Run benchmarks for pnum seconds"}, + {"bytes", OPT_BYTES, 'p', + "Run cipher, digest and rand benchmarks on pnum bytes"}, + {NULL} }; #define D_MD2 0 @@ -418,7 +360,22 @@ const OPTIONS speed_options[] = { #define D_IGE_192_AES 27 #define D_IGE_256_AES 28 #define D_GHASH 29 -static OPT_PAIR doit_choices[] = { +#define D_RAND 30 +/* name of algorithms to test */ +static const char *names[] = { + "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4", + "des cbc", "des ede3", "idea cbc", "seed cbc", + "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc", + "aes-128 cbc", "aes-192 cbc", "aes-256 cbc", + "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc", + "evp", "sha256", "sha512", "whirlpool", + "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash", + "rand" +}; +#define ALGOR_NUM OSSL_NELEM(names) + +/* list of configured algorithm (remaining) */ +static const OPT_PAIR doit_choices[] = { #ifndef OPENSSL_NO_MD2 {"md2", D_MD2}, #endif @@ -483,20 +440,24 @@ static OPT_PAIR doit_choices[] = { {"cast5", D_CBC_CAST}, #endif {"ghash", D_GHASH}, - {NULL} + {"rand", D_RAND} }; +static double results[ALGOR_NUM][OSSL_NELEM(lengths_list)]; + #ifndef OPENSSL_NO_DSA # define R_DSA_512 0 # define R_DSA_1024 1 # define R_DSA_2048 2 -static OPT_PAIR dsa_choices[] = { +static const OPT_PAIR dsa_choices[] = { {"dsa512", R_DSA_512}, {"dsa1024", R_DSA_1024}, - {"dsa2048", R_DSA_2048}, - {NULL}, + {"dsa2048", R_DSA_2048} }; -#endif +# define DSA_NUM OSSL_NELEM(dsa_choices) + +static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */ +#endif /* OPENSSL_NO_DSA */ #define R_RSA_512 0 #define R_RSA_1024 1 @@ -505,16 +466,20 @@ static OPT_PAIR dsa_choices[] = { #define R_RSA_4096 4 #define R_RSA_7680 5 #define R_RSA_15360 6 -static OPT_PAIR rsa_choices[] = { +#ifndef OPENSSL_NO_RSA +static const OPT_PAIR rsa_choices[] = { {"rsa512", R_RSA_512}, {"rsa1024", R_RSA_1024}, {"rsa2048", R_RSA_2048}, {"rsa3072", R_RSA_3072}, {"rsa4096", R_RSA_4096}, {"rsa7680", R_RSA_7680}, - {"rsa15360", R_RSA_15360}, - {NULL} + {"rsa15360", R_RSA_15360} }; +# define RSA_NUM OSSL_NELEM(rsa_choices) + +static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */ +#endif /* OPENSSL_NO_RSA */ #define R_EC_P160 0 #define R_EC_P192 1 @@ -532,7 +497,14 @@ static OPT_PAIR rsa_choices[] = { #define R_EC_B283 13 #define R_EC_B409 14 #define R_EC_B571 15 -#define R_EC_X25519 16 +#define R_EC_BRP256R1 16 +#define R_EC_BRP256T1 17 +#define R_EC_BRP384R1 18 +#define R_EC_BRP384T1 19 +#define R_EC_BRP512R1 20 +#define R_EC_BRP512T1 21 +#define R_EC_X25519 22 +#define R_EC_X448 23 #ifndef OPENSSL_NO_EC static OPT_PAIR ecdsa_choices[] = { {"ecdsap160", R_EC_P160}, @@ -551,10 +523,18 @@ static OPT_PAIR ecdsa_choices[] = { {"ecdsab283", R_EC_B283}, {"ecdsab409", R_EC_B409}, {"ecdsab571", R_EC_B571}, - {NULL} + {"ecdsabrp256r1", R_EC_BRP256R1}, + {"ecdsabrp256t1", R_EC_BRP256T1}, + {"ecdsabrp384r1", R_EC_BRP384R1}, + {"ecdsabrp384t1", R_EC_BRP384T1}, + {"ecdsabrp512r1", R_EC_BRP512R1}, + {"ecdsabrp512t1", R_EC_BRP512T1} }; +# define ECDSA_NUM OSSL_NELEM(ecdsa_choices) + +static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */ -static OPT_PAIR ecdh_choices[] = { +static const OPT_PAIR ecdh_choices[] = { {"ecdhp160", R_EC_P160}, {"ecdhp192", R_EC_P192}, {"ecdhp224", R_EC_P224}, @@ -571,10 +551,19 @@ static OPT_PAIR ecdh_choices[] = { {"ecdhb283", R_EC_B283}, {"ecdhb409", R_EC_B409}, {"ecdhb571", R_EC_B571}, + {"ecdhbrp256r1", R_EC_BRP256R1}, + {"ecdhbrp256t1", R_EC_BRP256T1}, + {"ecdhbrp384r1", R_EC_BRP384R1}, + {"ecdhbrp384t1", R_EC_BRP384T1}, + {"ecdhbrp512r1", R_EC_BRP512R1}, + {"ecdhbrp512t1", R_EC_BRP512T1}, {"ecdhx25519", R_EC_X25519}, - {NULL} + {"ecdhx448", R_EC_X448} }; -#endif +# define EC_NUM OSSL_NELEM(ecdh_choices) + +static double ecdh_results[EC_NUM][1]; /* 1 op: derivation */ +#endif /* OPENSSL_NO_EC */ #ifndef SIGALRM # define COND(d) (count < (d)) @@ -584,10 +573,39 @@ static OPT_PAIR ecdh_choices[] = { # define COUNT(d) (count) #endif /* SIGALRM */ -static int testnum; +typedef struct loopargs_st { + ASYNC_JOB *inprogress_job; + ASYNC_WAIT_CTX *wait_ctx; + unsigned char *buf; + unsigned char *buf2; + unsigned char *buf_malloc; + unsigned char *buf2_malloc; + unsigned char *key; + unsigned int siglen; +#ifndef OPENSSL_NO_RSA + RSA *rsa_key[RSA_NUM]; +#endif +#ifndef OPENSSL_NO_DSA + DSA *dsa_key[DSA_NUM]; +#endif +#ifndef OPENSSL_NO_EC + EC_KEY *ecdsa[ECDSA_NUM]; + EVP_PKEY_CTX *ecdh_ctx[EC_NUM]; + unsigned char *secret_a; + unsigned char *secret_b; + size_t outlen[EC_NUM]; +#endif + EVP_CIPHER_CTX *ctx; + HMAC_CTX *hctx; + GCM128_CONTEXT *gcm_ctx; +} loopargs_t; +static int run_benchmark(int async_jobs, int (*loop_function) (void *), + loopargs_t * loopargs); + +static unsigned int testnum; /* Nb of iterations to do per algorithm and key-size */ -static long c[ALGOR_NUM][SIZE_NUM]; +static long c[ALGOR_NUM][OSSL_NELEM(lengths_list)]; #ifndef OPENSSL_NO_MD2 static int EVP_Digest_MD2_loop(void *args) @@ -856,6 +874,17 @@ static int CRYPTO_gcm128_aad_loop(void *args) return count; } +static int RAND_bytes_loop(void *args) +{ + loopargs_t *tempargs = *(loopargs_t **) args; + unsigned char *buf = tempargs->buf; + int count; + + for (count = 0; COND(c[D_RAND][testnum]); count++) + RAND_bytes(buf, lengths[testnum]); + return count; +} + static long save_count = 0; static int decrypt = 0; static int EVP_Update_loop(void *args) @@ -863,22 +892,62 @@ static int EVP_Update_loop(void *args) loopargs_t *tempargs = *(loopargs_t **) args; unsigned char *buf = tempargs->buf; EVP_CIPHER_CTX *ctx = tempargs->ctx; - int outl, count; + int outl, count, rc; #ifndef SIGALRM int nb_iter = save_count * 4 * lengths[0] / lengths[testnum]; #endif - if (decrypt) - for (count = 0; COND(nb_iter); count++) - EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]); - else - for (count = 0; COND(nb_iter); count++) - EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]); + if (decrypt) { + for (count = 0; COND(nb_iter); count++) { + rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]); + if (rc != 1) + EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1); + } + } else { + for (count = 0; COND(nb_iter); count++) { + rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]); + if (rc != 1) + EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1); + } + } if (decrypt) EVP_DecryptFinal_ex(ctx, buf, &outl); else EVP_EncryptFinal_ex(ctx, buf, &outl); return count; } +/* + * CCM does not support streaming. For the purpose of performance measurement, + * each message is encrypted using the same (key,iv)-pair. Do not use this + * code in your application. + */ +static int EVP_Update_loop_ccm(void *args) +{ + loopargs_t *tempargs = *(loopargs_t **) args; + unsigned char *buf = tempargs->buf; + EVP_CIPHER_CTX *ctx = tempargs->ctx; + int outl, count; + unsigned char tag[12]; +#ifndef SIGALRM + int nb_iter = save_count * 4 * lengths[0] / lengths[testnum]; +#endif + if (decrypt) { + for (count = 0; COND(nb_iter); count++) { + EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), tag); + EVP_DecryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]); + EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]); + EVP_DecryptFinal_ex(ctx, buf, &outl); + } + } else { + for (count = 0; COND(nb_iter); count++) { + EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv); + EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]); + EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]); + EVP_EncryptFinal_ex(ctx, buf, &outl); + } + } + return count; +} static const EVP_MD *evp_md = NULL; static int EVP_Digest_loop(void *args) @@ -987,7 +1056,7 @@ static int DSA_verify_loop(void *args) #endif #ifndef OPENSSL_NO_EC -static long ecdsa_c[EC_NUM][2]; +static long ecdsa_c[ECDSA_NUM][2]; static int ECDSA_sign_loop(void *args) { loopargs_t *tempargs = *(loopargs_t **) args; @@ -1203,26 +1272,30 @@ static int run_benchmark(int async_jobs, int speed_main(int argc, char **argv) { ENGINE *e = NULL; + int (*loopfunc)(void *args); loopargs_t *loopargs = NULL; - int async_init = 0; - int loopargs_len = 0; - char *prog; + const char *prog; const char *engine_id = NULL; const EVP_CIPHER *evp_cipher = NULL; double d = 0.0; OPTION_CHOICE o; - int multiblock = 0, pr_header = 0; + int async_init = 0, multiblock = 0, pr_header = 0; int doit[ALGOR_NUM] = { 0 }; - int ret = 1, i, k, misalign = 0; + int ret = 1, misalign = 0, lengths_single = 0; long count = 0; + unsigned int size_num = OSSL_NELEM(lengths_list); + unsigned int i, k, loop, loopargs_len = 0, async_jobs = 0; + int keylen; + int buflen; #ifndef NO_FORK int multi = 0; #endif - int async_jobs = 0; #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) \ || !defined(OPENSSL_NO_EC) long rsa_count = 1; #endif + openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS, + ECDSA_SECONDS, ECDH_SECONDS }; /* What follows are the buffers and key material. */ #ifndef OPENSSL_NO_RC5 @@ -1297,6 +1370,7 @@ int speed_main(int argc, char **argv) sizeof(test15360) }; int rsa_doit[RSA_NUM] = { 0 }; + int primes = RSA_DEFAULT_PRIME_NUM; #endif #ifndef OPENSSL_NO_DSA static const unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 }; @@ -1306,43 +1380,44 @@ int speed_main(int argc, char **argv) /* * We only test over the following curves as they are representative, To * add tests over more curves, simply add the curve NID and curve name to - * the following arrays and increase the EC_NUM value accordingly. + * the following arrays and increase the |ecdh_choices| list accordingly. */ - static const unsigned int test_curves[EC_NUM] = { - /* Prime Curves */ - NID_secp160r1, NID_X9_62_prime192v1, NID_secp224r1, - NID_X9_62_prime256v1, NID_secp384r1, NID_secp521r1, - /* Binary Curves */ - NID_sect163k1, NID_sect233k1, NID_sect283k1, - NID_sect409k1, NID_sect571k1, NID_sect163r2, - NID_sect233r1, NID_sect283r1, NID_sect409r1, - NID_sect571r1, - /* Other */ - NID_X25519 - }; - static const char *test_curves_names[EC_NUM] = { + static const struct { + const char *name; + unsigned int nid; + unsigned int bits; + } test_curves[] = { /* Prime Curves */ - "secp160r1", "nistp192", "nistp224", - "nistp256", "nistp384", "nistp521", + {"secp160r1", NID_secp160r1, 160}, + {"nistp192", NID_X9_62_prime192v1, 192}, + {"nistp224", NID_secp224r1, 224}, + {"nistp256", NID_X9_62_prime256v1, 256}, + {"nistp384", NID_secp384r1, 384}, + {"nistp521", NID_secp521r1, 521}, /* Binary Curves */ - "nistk163", "nistk233", "nistk283", - "nistk409", "nistk571", "nistb163", - "nistb233", "nistb283", "nistb409", - "nistb571", - /* Other */ - "X25519" - }; - static const int test_curves_bits[EC_NUM] = { - 160, 192, 224, - 256, 384, 521, - 163, 233, 283, - 409, 571, 163, - 233, 283, 409, - 571, 253 /* X25519 */ + {"nistk163", NID_sect163k1, 163}, + {"nistk233", NID_sect233k1, 233}, + {"nistk283", NID_sect283k1, 283}, + {"nistk409", NID_sect409k1, 409}, + {"nistk571", NID_sect571k1, 571}, + {"nistb163", NID_sect163r2, 163}, + {"nistb233", NID_sect233r1, 233}, + {"nistb283", NID_sect283r1, 283}, + {"nistb409", NID_sect409r1, 409}, + {"nistb571", NID_sect571r1, 571}, + {"brainpoolP256r1", NID_brainpoolP256r1, 256}, + {"brainpoolP256t1", NID_brainpoolP256t1, 256}, + {"brainpoolP384r1", NID_brainpoolP384r1, 384}, + {"brainpoolP384t1", NID_brainpoolP384t1, 384}, + {"brainpoolP512r1", NID_brainpoolP512r1, 512}, + {"brainpoolP512t1", NID_brainpoolP512t1, 512}, + /* Other and ECDH only ones */ + {"X25519", NID_X25519, 253}, + {"X448", NID_X448, 448} }; - - int ecdsa_doit[EC_NUM] = { 0 }; + int ecdsa_doit[ECDSA_NUM] = { 0 }; int ecdh_doit[EC_NUM] = { 0 }; + OPENSSL_assert(OSSL_NELEM(test_curves) >= EC_NUM); #endif /* ndef OPENSSL_NO_EC */ prog = opt_init(argc, argv, speed_options); @@ -1361,6 +1436,7 @@ int speed_main(int argc, char **argv) usertime = 0; break; case OPT_EVP: + evp_md = NULL; evp_cipher = EVP_get_cipherbyname(opt_arg()); if (evp_cipher == NULL) evp_md = EVP_get_digestbyname(opt_arg()); @@ -1397,6 +1473,10 @@ int speed_main(int argc, char **argv) prog); goto opterr; } + if (async_jobs > 99999) { + BIO_printf(bio_err, "%s: too many async_jobs\n", prog); + goto opterr; + } #endif break; case OPT_MISALIGN: @@ -1420,6 +1500,23 @@ int speed_main(int argc, char **argv) goto end; #endif break; + case OPT_R_CASES: + if (!opt_rand(o)) + goto end; + break; + case OPT_PRIMES: + if (!opt_int(opt_arg(), &primes)) + goto end; + break; + case OPT_SECONDS: + seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa + = seconds.ecdh = atoi(opt_arg()); + break; + case OPT_BYTES: + lengths_single = atoi(opt_arg()); + lengths = &lengths_single; + size_num = 1; + break; } } argc = opt_num_rest(); @@ -1442,17 +1539,11 @@ int speed_main(int argc, char **argv) continue; } #ifndef OPENSSL_NO_RSA -# ifndef RSA_NULL - if (strcmp(*argv, "openssl") == 0) { - RSA_set_default_method(RSA_PKCS1_OpenSSL()); + if (strcmp(*argv, "openssl") == 0) continue; - } -# endif if (strcmp(*argv, "rsa") == 0) { - rsa_doit[R_RSA_512] = rsa_doit[R_RSA_1024] = - rsa_doit[R_RSA_2048] = rsa_doit[R_RSA_3072] = - rsa_doit[R_RSA_4096] = rsa_doit[R_RSA_7680] = - rsa_doit[R_RSA_15360] = 1; + for (loop = 0; loop < OSSL_NELEM(rsa_doit); loop++) + rsa_doit[loop] = 1; continue; } if (found(*argv, rsa_choices, &i)) { @@ -1483,8 +1574,8 @@ int speed_main(int argc, char **argv) #endif #ifndef OPENSSL_NO_EC if (strcmp(*argv, "ecdsa") == 0) { - for (i = 0; i < EC_NUM; i++) - ecdsa_doit[i] = 1; + for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++) + ecdsa_doit[loop] = 1; continue; } if (found(*argv, ecdsa_choices, &i)) { @@ -1492,8 +1583,8 @@ int speed_main(int argc, char **argv) continue; } if (strcmp(*argv, "ecdh") == 0) { - for (i = 0; i < EC_NUM; i++) - ecdh_doit[i] = 1; + for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++) + ecdh_doit[loop] = 1; continue; } if (found(*argv, ecdh_choices, &i)) { @@ -1528,10 +1619,12 @@ int speed_main(int argc, char **argv) } } - loopargs[i].buf_malloc = - app_malloc((int)BUFSIZE + MAX_MISALIGNMENT + 1, "input buffer"); - loopargs[i].buf2_malloc = - app_malloc((int)BUFSIZE + MAX_MISALIGNMENT + 1, "input buffer"); + buflen = lengths[size_num - 1] + MAX_MISALIGNMENT + 1; + loopargs[i].buf_malloc = app_malloc(buflen, "input buffer"); + loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer"); + memset(loopargs[i].buf_malloc, 0, buflen); + memset(loopargs[i].buf2_malloc, 0, buflen); + /* Align the start of buffers on a 64 byte boundary */ loopargs[i].buf = loopargs[i].buf_malloc + misalign; loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign; @@ -1542,7 +1635,7 @@ int speed_main(int argc, char **argv) } #ifndef NO_FORK - if (multi && do_multi(multi)) + if (multi && do_multi(multi, size_num)) goto show_res; #endif @@ -1563,10 +1656,10 @@ int speed_main(int argc, char **argv) dsa_doit[i] = 1; #endif #ifndef OPENSSL_NO_EC - for (i = 0; i < EC_NUM; i++) - ecdsa_doit[i] = 1; - for (i = 0; i < EC_NUM; i++) - ecdh_doit[i] = 1; + for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++) + ecdsa_doit[loop] = 1; + for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++) + ecdh_doit[loop] = 1; #endif } for (i = 0; i < ALGOR_NUM; i++) @@ -1580,6 +1673,10 @@ int speed_main(int argc, char **argv) #ifndef OPENSSL_NO_RSA for (i = 0; i < loopargs_len; i++) { + if (primes > RSA_DEFAULT_PRIME_NUM) { + /* for multi-prime RSA, skip this */ + break; + } for (k = 0; k < RSA_NUM; k++) { const unsigned char *p; @@ -1596,9 +1693,9 @@ int speed_main(int argc, char **argv) #endif #ifndef OPENSSL_NO_DSA for (i = 0; i < loopargs_len; i++) { - loopargs[i].dsa_key[0] = get_dsa512(); - loopargs[i].dsa_key[1] = get_dsa1024(); - loopargs[i].dsa_key[2] = get_dsa2048(); + loopargs[i].dsa_key[0] = get_dsa(512); + loopargs[i].dsa_key[1] = get_dsa(1024); + loopargs[i].dsa_key[2] = get_dsa(2048); } #endif #ifndef OPENSSL_NO_DES @@ -1678,8 +1775,9 @@ int speed_main(int argc, char **argv) c[D_IGE_192_AES][0] = count; c[D_IGE_256_AES][0] = count; c[D_GHASH][0] = count; + c[D_RAND][0] = count; - for (i = 1; i < SIZE_NUM; i++) { + for (i = 1; i < size_num; i++) { long l0, l1; l0 = (long)lengths[0]; @@ -1696,6 +1794,7 @@ int speed_main(int argc, char **argv) c[D_SHA512][i] = c[D_SHA512][0] * 4 * l0 / l1; c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * l0 / l1; c[D_GHASH][i] = c[D_GHASH][0] * 4 * l0 / l1; + c[D_RAND][i] = c[D_RAND][0] * 4 * l0 / l1; l0 = (long)lengths[i - 1]; @@ -1830,6 +1929,32 @@ int speed_main(int argc, char **argv) } } } + /* repeated code good to factorize */ + ecdh_c[R_EC_BRP256R1][0] = count / 1000; + for (i = R_EC_BRP384R1; i <= R_EC_BRP512R1; i += 2) { + ecdh_c[i][0] = ecdh_c[i - 2][0] / 2; + if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0) + ecdh_doit[i] = 0; + else { + if (ecdh_c[i][0] == 0) { + ecdh_c[i][0] = 1; + } + } + } + ecdh_c[R_EC_BRP256T1][0] = count / 1000; + for (i = R_EC_BRP384T1; i <= R_EC_BRP512T1; i += 2) { + ecdh_c[i][0] = ecdh_c[i - 2][0] / 2; + if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0) + ecdh_doit[i] = 0; + else { + if (ecdh_c[i][0] == 0) { + ecdh_c[i][0] = 1; + } + } + } + /* default iteration count for the last two EC Curves */ + ecdh_c[R_EC_X25519][0] = count / 1800; + ecdh_c[R_EC_X448][0] = count / 7200; # endif # else @@ -1844,8 +1969,9 @@ int speed_main(int argc, char **argv) #ifndef OPENSSL_NO_MD2 if (doit[D_MD2]) { - for (testnum = 0; testnum < SIZE_NUM; testnum++) { - print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum]); + for (testnum = 0; testnum < size_num; testnum++) { + print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum], + seconds.sym); Time_F(START); count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs); d = Time_F(STOP); @@ -1855,8 +1981,9 @@ int speed_main(int argc, char **argv) #endif #ifndef OPENSSL_NO_MDC2 if (doit[D_MDC2]) { - for (testnum = 0; testnum < SIZE_NUM; testnum++) { - print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum]); + for (testnum = 0; testnum < size_num; testnum++) { + print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum], + seconds.sym); Time_F(START); count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs); d = Time_F(STOP); @@ -1867,8 +1994,9 @@ int speed_main(int argc, char **argv) #ifndef OPENSSL_NO_MD4 if (doit[D_MD4]) { - for (testnum = 0; testnum < SIZE_NUM; testnum++) { - print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum]); + for (testnum = 0; testnum < size_num; testnum++) { + print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum], + seconds.sym); Time_F(START); count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs); d = Time_F(STOP); @@ -1879,8 +2007,9 @@ int speed_main(int argc, char **argv) #ifndef OPENSSL_NO_MD5 if (doit[D_MD5]) { - for (testnum = 0; testnum < SIZE_NUM; testnum++) { - print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum]); + for (testnum = 0; testnum < size_num; testnum++) { + print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum], + seconds.sym); Time_F(START); count = run_benchmark(async_jobs, MD5_loop, loopargs); d = Time_F(STOP); @@ -1901,8 +2030,9 @@ int speed_main(int argc, char **argv) HMAC_Init_ex(loopargs[i].hctx, hmac_key, len, EVP_md5(), NULL); } - for (testnum = 0; testnum < SIZE_NUM; testnum++) { - print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum]); + for (testnum = 0; testnum < size_num; testnum++) { + print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum], + seconds.sym); Time_F(START); count = run_benchmark(async_jobs, HMAC_loop, loopargs); d = Time_F(STOP); @@ -1914,8 +2044,9 @@ int speed_main(int argc, char **argv) } #endif if (doit[D_SHA1]) { - for (testnum = 0; testnum < SIZE_NUM; testnum++) { - print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum]); + for (testnum = 0; testnum < size_num; testnum++) { + print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum], + seconds.sym); Time_F(START); count = run_benchmark(async_jobs, SHA1_loop, loopargs); d = Time_F(STOP); @@ -1923,9 +2054,9 @@ int speed_main(int argc, char **argv) } } if (doit[D_SHA256]) { - for (testnum = 0; testnum < SIZE_NUM; testnum++) { + for (testnum = 0; testnum < size_num; testnum++) { print_message(names[D_SHA256], c[D_SHA256][testnum], - lengths[testnum]); + lengths[testnum], seconds.sym); Time_F(START); count = run_benchmark(async_jobs, SHA256_loop, loopargs); d = Time_F(STOP); @@ -1933,9 +2064,9 @@ int speed_main(int argc, char **argv) } } if (doit[D_SHA512]) { - for (testnum = 0; testnum < SIZE_NUM; testnum++) { + for (testnum = 0; testnum < size_num; testnum++) { print_message(names[D_SHA512], c[D_SHA512][testnum], - lengths[testnum]); + lengths[testnum], seconds.sym); Time_F(START); count = run_benchmark(async_jobs, SHA512_loop, loopargs); d = Time_F(STOP); @@ -1944,9 +2075,9 @@ int speed_main(int argc, char **argv) } #ifndef OPENSSL_NO_WHIRLPOOL if (doit[D_WHIRLPOOL]) { - for (testnum = 0; testnum < SIZE_NUM; testnum++) { + for (testnum = 0; testnum < size_num; testnum++) { print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][testnum], - lengths[testnum]); + lengths[testnum], seconds.sym); Time_F(START); count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs); d = Time_F(STOP); @@ -1957,9 +2088,9 @@ int speed_main(int argc, char **argv) #ifndef OPENSSL_NO_RMD160 if (doit[D_RMD160]) { - for (testnum = 0; testnum < SIZE_NUM; testnum++) { + for (testnum = 0; testnum < size_num; testnum++) { print_message(names[D_RMD160], c[D_RMD160][testnum], - lengths[testnum]); + lengths[testnum], seconds.sym); Time_F(START); count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs); d = Time_F(STOP); @@ -1969,8 +2100,9 @@ int speed_main(int argc, char **argv) #endif #ifndef OPENSSL_NO_RC4 if (doit[D_RC4]) { - for (testnum = 0; testnum < SIZE_NUM; testnum++) { - print_message(names[D_RC4], c[D_RC4][testnum], lengths[testnum]); + for (testnum = 0; testnum < size_num; testnum++) { + print_message(names[D_RC4], c[D_RC4][testnum], lengths[testnum], + seconds.sym); Time_F(START); count = run_benchmark(async_jobs, RC4_loop, loopargs); d = Time_F(STOP); @@ -1980,9 +2112,9 @@ int speed_main(int argc, char **argv) #endif #ifndef OPENSSL_NO_DES if (doit[D_CBC_DES]) { - for (testnum = 0; testnum < SIZE_NUM; testnum++) { + for (testnum = 0; testnum < size_num; testnum++) { print_message(names[D_CBC_DES], c[D_CBC_DES][testnum], - lengths[testnum]); + lengths[testnum], seconds.sym); Time_F(START); count = run_benchmark(async_jobs, DES_ncbc_encrypt_loop, loopargs); d = Time_F(STOP); @@ -1991,9 +2123,9 @@ int speed_main(int argc, char **argv) } if (doit[D_EDE3_DES]) { - for (testnum = 0; testnum < SIZE_NUM; testnum++) { + for (testnum = 0; testnum < size_num; testnum++) { print_message(names[D_EDE3_DES], c[D_EDE3_DES][testnum], - lengths[testnum]); + lengths[testnum], seconds.sym); Time_F(START); count = run_benchmark(async_jobs, DES_ede3_cbc_encrypt_loop, loopargs); @@ -2004,9 +2136,9 @@ int speed_main(int argc, char **argv) #endif if (doit[D_CBC_128_AES]) { - for (testnum = 0; testnum < SIZE_NUM; testnum++) { + for (testnum = 0; testnum < size_num; testnum++) { print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][testnum], - lengths[testnum]); + lengths[testnum], seconds.sym); Time_F(START); count = run_benchmark(async_jobs, AES_cbc_128_encrypt_loop, loopargs); @@ -2015,9 +2147,9 @@ int speed_main(int argc, char **argv) } } if (doit[D_CBC_192_AES]) { - for (testnum = 0; testnum < SIZE_NUM; testnum++) { + for (testnum = 0; testnum < size_num; testnum++) { print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][testnum], - lengths[testnum]); + lengths[testnum], seconds.sym); Time_F(START); count = run_benchmark(async_jobs, AES_cbc_192_encrypt_loop, loopargs); @@ -2026,9 +2158,9 @@ int speed_main(int argc, char **argv) } } if (doit[D_CBC_256_AES]) { - for (testnum = 0; testnum < SIZE_NUM; testnum++) { + for (testnum = 0; testnum < size_num; testnum++) { print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][testnum], - lengths[testnum]); + lengths[testnum], seconds.sym); Time_F(START); count = run_benchmark(async_jobs, AES_cbc_256_encrypt_loop, loopargs); @@ -2038,9 +2170,9 @@ int speed_main(int argc, char **argv) } if (doit[D_IGE_128_AES]) { - for (testnum = 0; testnum < SIZE_NUM; testnum++) { + for (testnum = 0; testnum < size_num; testnum++) { print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][testnum], - lengths[testnum]); + lengths[testnum], seconds.sym); Time_F(START); count = run_benchmark(async_jobs, AES_ige_128_encrypt_loop, loopargs); @@ -2049,9 +2181,9 @@ int speed_main(int argc, char **argv) } } if (doit[D_IGE_192_AES]) { - for (testnum = 0; testnum < SIZE_NUM; testnum++) { + for (testnum = 0; testnum < size_num; testnum++) { print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][testnum], - lengths[testnum]); + lengths[testnum], seconds.sym); Time_F(START); count = run_benchmark(async_jobs, AES_ige_192_encrypt_loop, loopargs); @@ -2060,9 +2192,9 @@ int speed_main(int argc, char **argv) } } if (doit[D_IGE_256_AES]) { - for (testnum = 0; testnum < SIZE_NUM; testnum++) { + for (testnum = 0; testnum < size_num; testnum++) { print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][testnum], - lengths[testnum]); + lengths[testnum], seconds.sym); Time_F(START); count = run_benchmark(async_jobs, AES_ige_256_encrypt_loop, loopargs); @@ -2078,9 +2210,9 @@ int speed_main(int argc, char **argv) (unsigned char *)"0123456789ab", 12); } - for (testnum = 0; testnum < SIZE_NUM; testnum++) { + for (testnum = 0; testnum < size_num; testnum++) { print_message(names[D_GHASH], c[D_GHASH][testnum], - lengths[testnum]); + lengths[testnum], seconds.sym); Time_F(START); count = run_benchmark(async_jobs, CRYPTO_gcm128_aad_loop, loopargs); d = Time_F(STOP); @@ -2096,9 +2228,9 @@ int speed_main(int argc, char **argv) names[D_CBC_128_CML]); doit[D_CBC_128_CML] = 0; } - for (testnum = 0; testnum < SIZE_NUM && async_init == 0; testnum++) { + for (testnum = 0; testnum < size_num && async_init == 0; testnum++) { print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][testnum], - lengths[testnum]); + lengths[testnum], seconds.sym); Time_F(START); for (count = 0, run = 1; COND(c[D_CBC_128_CML][testnum]); count++) Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf, @@ -2114,9 +2246,9 @@ int speed_main(int argc, char **argv) names[D_CBC_192_CML]); doit[D_CBC_192_CML] = 0; } - for (testnum = 0; testnum < SIZE_NUM && async_init == 0; testnum++) { + for (testnum = 0; testnum < size_num && async_init == 0; testnum++) { print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][testnum], - lengths[testnum]); + lengths[testnum], seconds.sym); if (async_jobs > 0) { BIO_printf(bio_err, "Async mode is not supported, exiting..."); exit(1); @@ -2136,9 +2268,9 @@ int speed_main(int argc, char **argv) names[D_CBC_256_CML]); doit[D_CBC_256_CML] = 0; } - for (testnum = 0; testnum < SIZE_NUM && async_init == 0; testnum++) { + for (testnum = 0; testnum < size_num && async_init == 0; testnum++) { print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][testnum], - lengths[testnum]); + lengths[testnum], seconds.sym); Time_F(START); for (count = 0, run = 1; COND(c[D_CBC_256_CML][testnum]); count++) Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf, @@ -2156,9 +2288,9 @@ int speed_main(int argc, char **argv) names[D_CBC_IDEA]); doit[D_CBC_IDEA] = 0; } - for (testnum = 0; testnum < SIZE_NUM && async_init == 0; testnum++) { + for (testnum = 0; testnum < size_num && async_init == 0; testnum++) { print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][testnum], - lengths[testnum]); + lengths[testnum], seconds.sym); Time_F(START); for (count = 0, run = 1; COND(c[D_CBC_IDEA][testnum]); count++) IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf, @@ -2176,9 +2308,9 @@ int speed_main(int argc, char **argv) names[D_CBC_SEED]); doit[D_CBC_SEED] = 0; } - for (testnum = 0; testnum < SIZE_NUM && async_init == 0; testnum++) { + for (testnum = 0; testnum < size_num && async_init == 0; testnum++) { print_message(names[D_CBC_SEED], c[D_CBC_SEED][testnum], - lengths[testnum]); + lengths[testnum], seconds.sym); Time_F(START); for (count = 0, run = 1; COND(c[D_CBC_SEED][testnum]); count++) SEED_cbc_encrypt(loopargs[0].buf, loopargs[0].buf, @@ -2195,9 +2327,9 @@ int speed_main(int argc, char **argv) names[D_CBC_RC2]); doit[D_CBC_RC2] = 0; } - for (testnum = 0; testnum < SIZE_NUM && async_init == 0; testnum++) { + for (testnum = 0; testnum < size_num && async_init == 0; testnum++) { print_message(names[D_CBC_RC2], c[D_CBC_RC2][testnum], - lengths[testnum]); + lengths[testnum], seconds.sym); if (async_jobs > 0) { BIO_printf(bio_err, "Async mode is not supported, exiting..."); exit(1); @@ -2219,9 +2351,9 @@ int speed_main(int argc, char **argv) names[D_CBC_RC5]); doit[D_CBC_RC5] = 0; } - for (testnum = 0; testnum < SIZE_NUM && async_init == 0; testnum++) { + for (testnum = 0; testnum < size_num && async_init == 0; testnum++) { print_message(names[D_CBC_RC5], c[D_CBC_RC5][testnum], - lengths[testnum]); + lengths[testnum], seconds.sym); if (async_jobs > 0) { BIO_printf(bio_err, "Async mode is not supported, exiting..."); exit(1); @@ -2243,9 +2375,9 @@ int speed_main(int argc, char **argv) names[D_CBC_BF]); doit[D_CBC_BF] = 0; } - for (testnum = 0; testnum < SIZE_NUM && async_init == 0; testnum++) { + for (testnum = 0; testnum < size_num && async_init == 0; testnum++) { print_message(names[D_CBC_BF], c[D_CBC_BF][testnum], - lengths[testnum]); + lengths[testnum], seconds.sym); Time_F(START); for (count = 0, run = 1; COND(c[D_CBC_BF][testnum]); count++) BF_cbc_encrypt(loopargs[0].buf, loopargs[0].buf, @@ -2263,9 +2395,9 @@ int speed_main(int argc, char **argv) names[D_CBC_CAST]); doit[D_CBC_CAST] = 0; } - for (testnum = 0; testnum < SIZE_NUM && async_init == 0; testnum++) { + for (testnum = 0; testnum < size_num && async_init == 0; testnum++) { print_message(names[D_CBC_CAST], c[D_CBC_CAST][testnum], - lengths[testnum]); + lengths[testnum], seconds.sym); Time_F(START); for (count = 0, run = 1; COND(c[D_CBC_CAST][testnum]); count++) CAST_cbc_encrypt(loopargs[0].buf, loopargs[0].buf, @@ -2276,9 +2408,18 @@ int speed_main(int argc, char **argv) } } #endif + if (doit[D_RAND]) { + for (testnum = 0; testnum < size_num; testnum++) { + print_message(names[D_RAND], c[D_RAND][testnum], lengths[testnum], + seconds.sym); + Time_F(START); + count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs); + d = Time_F(STOP); + print_result(D_RAND, testnum, count, d); + } + } if (doit[D_EVP]) { -#ifdef EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK if (multiblock && evp_cipher) { if (! (EVP_CIPHER_flags(evp_cipher) & @@ -2291,12 +2432,11 @@ int speed_main(int argc, char **argv) BIO_printf(bio_err, "Async mode is not supported, exiting..."); exit(1); } - multiblock_speed(evp_cipher); + multiblock_speed(evp_cipher, lengths_single, &seconds); ret = 0; goto end; } -#endif - for (testnum = 0; testnum < SIZE_NUM; testnum++) { + for (testnum = 0; testnum < size_num; testnum++) { if (evp_cipher) { names[D_EVP] = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)); @@ -2304,21 +2444,33 @@ int speed_main(int argc, char **argv) * -O3 -fschedule-insns messes up an optimization here! * names[D_EVP] somehow becomes NULL */ - print_message(names[D_EVP], save_count, lengths[testnum]); + print_message(names[D_EVP], save_count, lengths[testnum], + seconds.sym); for (k = 0; k < loopargs_len; k++) { loopargs[k].ctx = EVP_CIPHER_CTX_new(); - if (decrypt) - EVP_DecryptInit_ex(loopargs[k].ctx, evp_cipher, NULL, - key16, iv); - else - EVP_EncryptInit_ex(loopargs[k].ctx, evp_cipher, NULL, - key16, iv); + EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL, NULL, + iv, decrypt ? 0 : 1); + EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0); + + keylen = EVP_CIPHER_CTX_key_length(loopargs[k].ctx); + loopargs[k].key = app_malloc(keylen, "evp_cipher key"); + EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key); + EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL, + loopargs[k].key, NULL, -1); + OPENSSL_clear_free(loopargs[k].key, keylen); + } + switch (EVP_CIPHER_mode(evp_cipher)) { + case EVP_CIPH_CCM_MODE: + loopfunc = EVP_Update_loop_ccm; + break; + default: + loopfunc = EVP_Update_loop; } Time_F(START); - count = run_benchmark(async_jobs, EVP_Update_loop, loopargs); + count = run_benchmark(async_jobs, loopfunc, loopargs); d = Time_F(STOP); for (k = 0; k < loopargs_len; k++) { EVP_CIPHER_CTX_free(loopargs[k].ctx); @@ -2326,7 +2478,8 @@ int speed_main(int argc, char **argv) } if (evp_md) { names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md)); - print_message(names[D_EVP], save_count, lengths[testnum]); + print_message(names[D_EVP], save_count, lengths[testnum], + seconds.sym); Time_F(START); count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs); d = Time_F(STOP); @@ -2344,6 +2497,34 @@ int speed_main(int argc, char **argv) if (!rsa_doit[testnum]) continue; for (i = 0; i < loopargs_len; i++) { + if (primes > 2) { + /* we haven't set keys yet, generate multi-prime RSA keys */ + BIGNUM *bn = BN_new(); + + if (bn == NULL) + goto end; + if (!BN_set_word(bn, RSA_F4)) { + BN_free(bn); + goto end; + } + + BIO_printf(bio_err, "Generate multi-prime RSA key for %s\n", + rsa_choices[testnum].name); + + loopargs[i].rsa_key[testnum] = RSA_new(); + if (loopargs[i].rsa_key[testnum] == NULL) { + BN_free(bn); + goto end; + } + + if (!RSA_generate_multi_prime_key(loopargs[i].rsa_key[testnum], + rsa_bits[testnum], + primes, bn, NULL)) { + BN_free(bn); + goto end; + } + BN_free(bn); + } st = RSA_sign(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2, &loopargs[i].siglen, loopargs[i].rsa_key[testnum]); if (st == 0) @@ -2357,16 +2538,16 @@ int speed_main(int argc, char **argv) } else { pkey_print_message("private", "rsa", rsa_c[testnum][0], rsa_bits[testnum], - RSA_SECONDS); + seconds.rsa); /* RSA_blinding_on(rsa_key[testnum],NULL); */ Time_F(START); count = run_benchmark(async_jobs, RSA_sign_loop, loopargs); d = Time_F(STOP); BIO_printf(bio_err, mr ? "+R1:%ld:%d:%.2f\n" - : "%ld %d bit private RSA's in %.2fs\n", + : "%ld %u bits private RSA's in %.2fs\n", count, rsa_bits[testnum], d); - rsa_results[testnum][0] = d / (double)count; + rsa_results[testnum][0] = (double)count / d; rsa_count = count; } @@ -2384,15 +2565,15 @@ int speed_main(int argc, char **argv) } else { pkey_print_message("public", "rsa", rsa_c[testnum][1], rsa_bits[testnum], - RSA_SECONDS); + seconds.rsa); Time_F(START); count = run_benchmark(async_jobs, RSA_verify_loop, loopargs); d = Time_F(STOP); BIO_printf(bio_err, mr ? "+R2:%ld:%d:%.2f\n" - : "%ld %d bit public RSA's in %.2fs\n", + : "%ld %u bits public RSA's in %.2fs\n", count, rsa_bits[testnum], d); - rsa_results[testnum][1] = d / (double)count; + rsa_results[testnum][1] = (double)count / d; } if (rsa_count <= 1) { @@ -2407,9 +2588,6 @@ int speed_main(int argc, char **argv) RAND_bytes(loopargs[i].buf, 36); #ifndef OPENSSL_NO_DSA - if (RAND_status() != 1) { - RAND_seed(rnd_seed, sizeof rnd_seed); - } for (testnum = 0; testnum < DSA_NUM; testnum++) { int st = 0; if (!dsa_doit[testnum]) @@ -2431,15 +2609,15 @@ int speed_main(int argc, char **argv) } else { pkey_print_message("sign", "dsa", dsa_c[testnum][0], dsa_bits[testnum], - DSA_SECONDS); + seconds.dsa); Time_F(START); count = run_benchmark(async_jobs, DSA_sign_loop, loopargs); d = Time_F(STOP); BIO_printf(bio_err, - mr ? "+R3:%ld:%d:%.2f\n" - : "%ld %d bit DSA signs in %.2fs\n", + mr ? "+R3:%ld:%u:%.2f\n" + : "%ld %u bits DSA signs in %.2fs\n", count, dsa_bits[testnum], d); - dsa_results[testnum][0] = d / (double)count; + dsa_results[testnum][0] = (double)count / d; rsa_count = count; } @@ -2457,15 +2635,15 @@ int speed_main(int argc, char **argv) } else { pkey_print_message("verify", "dsa", dsa_c[testnum][1], dsa_bits[testnum], - DSA_SECONDS); + seconds.dsa); Time_F(START); count = run_benchmark(async_jobs, DSA_verify_loop, loopargs); d = Time_F(STOP); BIO_printf(bio_err, - mr ? "+R4:%ld:%d:%.2f\n" - : "%ld %d bit DSA verify in %.2fs\n", + mr ? "+R4:%ld:%u:%.2f\n" + : "%ld %u bits DSA verify in %.2fs\n", count, dsa_bits[testnum], d); - dsa_results[testnum][1] = d / (double)count; + dsa_results[testnum][1] = (double)count / d; } if (rsa_count <= 1) { @@ -2477,17 +2655,14 @@ int speed_main(int argc, char **argv) #endif /* OPENSSL_NO_DSA */ #ifndef OPENSSL_NO_EC - if (RAND_status() != 1) { - RAND_seed(rnd_seed, sizeof rnd_seed); - } - for (testnum = 0; testnum < EC_NUM; testnum++) { + for (testnum = 0; testnum < ECDSA_NUM; testnum++) { int st = 1; if (!ecdsa_doit[testnum]) continue; /* Ignore Curve */ for (i = 0; i < loopargs_len; i++) { loopargs[i].ecdsa[testnum] = - EC_KEY_new_by_curve_name(test_curves[testnum]); + EC_KEY_new_by_curve_name(test_curves[testnum].nid); if (loopargs[i].ecdsa[testnum] == NULL) { st = 0; break; @@ -2516,16 +2691,16 @@ int speed_main(int argc, char **argv) } else { pkey_print_message("sign", "ecdsa", ecdsa_c[testnum][0], - test_curves_bits[testnum], ECDSA_SECONDS); + test_curves[testnum].bits, seconds.ecdsa); Time_F(START); count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs); d = Time_F(STOP); BIO_printf(bio_err, - mr ? "+R5:%ld:%d:%.2f\n" : - "%ld %d bit ECDSA signs in %.2fs \n", - count, test_curves_bits[testnum], d); - ecdsa_results[testnum][0] = d / (double)count; + mr ? "+R5:%ld:%u:%.2f\n" : + "%ld %u bits ECDSA signs in %.2fs \n", + count, test_curves[testnum].bits, d); + ecdsa_results[testnum][0] = (double)count / d; rsa_count = count; } @@ -2545,15 +2720,15 @@ int speed_main(int argc, char **argv) } else { pkey_print_message("verify", "ecdsa", ecdsa_c[testnum][1], - test_curves_bits[testnum], ECDSA_SECONDS); + test_curves[testnum].bits, seconds.ecdsa); Time_F(START); count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs); d = Time_F(STOP); BIO_printf(bio_err, - mr ? "+R6:%ld:%d:%.2f\n" - : "%ld %d bit ECDSA verify in %.2fs\n", - count, test_curves_bits[testnum], d); - ecdsa_results[testnum][1] = d / (double)count; + mr ? "+R6:%ld:%u:%.2f\n" + : "%ld %u bits ECDSA verify in %.2fs\n", + count, test_curves[testnum].bits, d); + ecdsa_results[testnum][1] = (double)count / d; } if (rsa_count <= 1) { @@ -2564,9 +2739,6 @@ int speed_main(int argc, char **argv) } } - if (RAND_status() != 1) { - RAND_seed(rnd_seed, sizeof rnd_seed); - } for (testnum = 0; testnum < EC_NUM; testnum++) { int ecdh_checks = 1; @@ -2582,12 +2754,43 @@ int speed_main(int argc, char **argv) size_t outlen; size_t test_outlen; - if (testnum == R_EC_X25519) { - kctx = EVP_PKEY_CTX_new_id(test_curves[testnum], NULL); /* keygen ctx from NID */ - } else { + /* Ensure that the error queue is empty */ + if (ERR_peek_error()) { + BIO_printf(bio_err, + "WARNING: the error queue contains previous unhandled errors.\n"); + ERR_print_errors(bio_err); + } + + /* Let's try to create a ctx directly from the NID: this works for + * curves like Curve25519 that are not implemented through the low + * level EC interface. + * If this fails we try creating a EVP_PKEY_EC generic param ctx, + * then we set the curve by NID before deriving the actual keygen + * ctx for that specific curve. */ + kctx = EVP_PKEY_CTX_new_id(test_curves[testnum].nid, NULL); /* keygen ctx from NID */ + if (!kctx) { EVP_PKEY_CTX *pctx = NULL; EVP_PKEY *params = NULL; + /* If we reach this code EVP_PKEY_CTX_new_id() failed and a + * "int_ctx_new:unsupported algorithm" error was added to the + * error queue. + * We remove it from the error queue as we are handling it. */ + unsigned long error = ERR_peek_error(); /* peek the latest error in the queue */ + if (error == ERR_peek_last_error() && /* oldest and latest errors match */ + /* check that the error origin matches */ + ERR_GET_LIB(error) == ERR_LIB_EVP && + ERR_GET_FUNC(error) == EVP_F_INT_CTX_NEW && + ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM) + ERR_get_error(); /* pop error from queue */ + if (ERR_peek_error()) { + BIO_printf(bio_err, + "Unhandled error in the error queue during ECDH init.\n"); + ERR_print_errors(bio_err); + rsa_count = 1; + break; + } + if ( /* Create the context for parameter generation */ !(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) || /* Initialise the parameter generation */ @@ -2595,11 +2798,11 @@ int speed_main(int argc, char **argv) /* Set the curve by NID */ !EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, test_curves - [testnum]) || + [testnum].nid) || /* Create the parameter object params */ !EVP_PKEY_paramgen(pctx, ¶ms)) { ecdh_checks = 0; - BIO_printf(bio_err, "ECDH init failure.\n"); + BIO_printf(bio_err, "ECDH EC params init failure.\n"); ERR_print_errors(bio_err); rsa_count = 1; break; @@ -2612,7 +2815,7 @@ int speed_main(int argc, char **argv) EVP_PKEY_CTX_free(pctx); pctx = NULL; } - if (!kctx || /* keygen ctx is not null */ + if (kctx == NULL || /* keygen ctx is not null */ !EVP_PKEY_keygen_init(kctx) /* init keygen ctx */ ) { ecdh_checks = 0; BIO_printf(bio_err, "ECDH keygen failure.\n"); @@ -2667,6 +2870,8 @@ int speed_main(int argc, char **argv) loopargs[i].ecdh_ctx[testnum] = ctx; loopargs[i].outlen[testnum] = outlen; + EVP_PKEY_free(key_A); + EVP_PKEY_free(key_B); EVP_PKEY_CTX_free(kctx); kctx = NULL; EVP_PKEY_CTX_free(test_ctx); @@ -2675,22 +2880,22 @@ int speed_main(int argc, char **argv) if (ecdh_checks != 0) { pkey_print_message("", "ecdh", ecdh_c[testnum][0], - test_curves_bits[testnum], ECDH_SECONDS); + test_curves[testnum].bits, seconds.ecdh); Time_F(START); count = run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs); d = Time_F(STOP); BIO_printf(bio_err, mr ? "+R7:%ld:%d:%.2f\n" : - "%ld %d-bit ECDH ops in %.2fs\n", count, - test_curves_bits[testnum], d); - ecdh_results[testnum][0] = d / (double)count; + "%ld %u-bits ECDH ops in %.2fs\n", count, + test_curves[testnum].bits, d); + ecdh_results[testnum][0] = (double)count / d; rsa_count = count; } if (rsa_count <= 1) { /* if longer than 10s, don't do any more */ - for (testnum++; testnum < EC_NUM; testnum++) + for (testnum++; testnum < OSSL_NELEM(ecdh_doit); testnum++) ecdh_doit[testnum] = 0; } } @@ -2730,7 +2935,7 @@ int speed_main(int argc, char **argv) ("The 'numbers' are in 1000s of bytes per second processed.\n"); printf("type "); } - for (testnum = 0; testnum < SIZE_NUM; testnum++) + for (testnum = 0; testnum < size_num; testnum++) printf(mr ? ":%d" : "%7d bytes", lengths[testnum]); printf("\n"); } @@ -2739,10 +2944,10 @@ int speed_main(int argc, char **argv) if (!doit[k]) continue; if (mr) - printf("+F:%d:%s", k, names[k]); + printf("+F:%u:%s", k, names[k]); else printf("%-13s", names[k]); - for (testnum = 0; testnum < SIZE_NUM; testnum++) { + for (testnum = 0; testnum < size_num; testnum++) { if (results[k][testnum] > 10000 && !mr) printf(" %11.2fk", results[k][testnum] / 1e3); else @@ -2764,8 +2969,8 @@ int speed_main(int argc, char **argv) k, rsa_bits[k], rsa_results[k][0], rsa_results[k][1]); else printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n", - rsa_bits[k], rsa_results[k][0], rsa_results[k][1], - 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1]); + rsa_bits[k], 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1], + rsa_results[k][0], rsa_results[k][1]); } #endif #ifndef OPENSSL_NO_DSA @@ -2782,13 +2987,13 @@ int speed_main(int argc, char **argv) k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]); else printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n", - dsa_bits[k], dsa_results[k][0], dsa_results[k][1], - 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1]); + dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1], + dsa_results[k][0], dsa_results[k][1]); } #endif #ifndef OPENSSL_NO_EC testnum = 1; - for (k = 0; k < EC_NUM; k++) { + for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) { if (!ecdsa_doit[k]) continue; if (testnum && !mr) { @@ -2798,14 +3003,13 @@ int speed_main(int argc, char **argv) if (mr) printf("+F4:%u:%u:%f:%f\n", - k, test_curves_bits[k], + k, test_curves[k].bits, ecdsa_results[k][0], ecdsa_results[k][1]); else - printf("%4u bit ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n", - test_curves_bits[k], - test_curves_names[k], - ecdsa_results[k][0], ecdsa_results[k][1], - 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1]); + printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n", + test_curves[k].bits, test_curves[k].name, + 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1], + ecdsa_results[k][0], ecdsa_results[k][1]); } testnum = 1; @@ -2818,14 +3022,13 @@ int speed_main(int argc, char **argv) } if (mr) printf("+F5:%u:%u:%f:%f\n", - k, test_curves_bits[k], + k, test_curves[k].bits, ecdh_results[k][0], 1.0 / ecdh_results[k][0]); else - printf("%4u bit ecdh (%s) %8.4fs %8.1f\n", - test_curves_bits[k], - test_curves_names[k], - ecdh_results[k][0], 1.0 / ecdh_results[k][0]); + printf("%4u bits ecdh (%s) %8.4fs %8.1f\n", + test_curves[k].bits, test_curves[k].name, + 1.0 / ecdh_results[k][0], ecdh_results[k][0]); } #endif @@ -2846,10 +3049,10 @@ int speed_main(int argc, char **argv) DSA_free(loopargs[i].dsa_key[k]); #endif #ifndef OPENSSL_NO_EC - for (k = 0; k < EC_NUM; k++) { + for (k = 0; k < ECDSA_NUM; k++) EC_KEY_free(loopargs[i].ecdsa[k]); + for (k = 0; k < EC_NUM; k++) EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]); - } OPENSSL_free(loopargs[i].secret_a); OPENSSL_free(loopargs[i].secret_b); #endif @@ -2865,17 +3068,17 @@ int speed_main(int argc, char **argv) } OPENSSL_free(loopargs); release_engine(e); - return (ret); + return ret; } -static void print_message(const char *s, long num, int length) +static void print_message(const char *s, long num, int length, int tm) { #ifdef SIGALRM BIO_printf(bio_err, mr ? "+DT:%s:%d:%d\n" - : "Doing %s for %ds on %d size blocks: ", s, SECONDS, length); + : "Doing %s for %ds on %d size blocks: ", s, tm, length); (void)BIO_flush(bio_err); - alarm(SECONDS); + alarm(tm); #else BIO_printf(bio_err, mr ? "+DN:%s:%ld:%d\n" @@ -2885,18 +3088,18 @@ static void print_message(const char *s, long num, int length) } static void pkey_print_message(const char *str, const char *str2, long num, - int bits, int tm) + unsigned int bits, int tm) { #ifdef SIGALRM BIO_printf(bio_err, mr ? "+DTP:%d:%s:%s:%d\n" - : "Doing %d bit %s %s's for %ds: ", bits, str, str2, tm); + : "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm); (void)BIO_flush(bio_err); alarm(tm); #else BIO_printf(bio_err, mr ? "+DNP:%ld:%d:%s:%s\n" - : "Doing %ld %d bit %s %s's: ", num, bits, str, str2); + : "Doing %ld %u bits %s %s's: ", num, bits, str, str2); (void)BIO_flush(bio_err); #endif } @@ -2922,7 +3125,7 @@ static char *sstrsep(char **string, const char *delim) if (**string == 0) return NULL; - memset(isdelim, 0, sizeof isdelim); + memset(isdelim, 0, sizeof(isdelim)); isdelim[0] = 1; while (*delim) { @@ -2942,14 +3145,14 @@ static char *sstrsep(char **string, const char *delim) return token; } -static int do_multi(int multi) +static int do_multi(int multi, int size_num) { int n; int fd[2]; int *fds; static char sep[] = ":"; - fds = malloc(sizeof(*fds) * multi); + fds = app_malloc(sizeof(*fds) * multi, "fd buffer for do_multi"); for (n = 0; n < multi; ++n) { if (pipe(fd) == -1) { BIO_printf(bio_err, "pipe failure\n"); @@ -2983,7 +3186,7 @@ static int do_multi(int multi) char *p; f = fdopen(fds[n], "r"); - while (fgets(buf, sizeof buf, f)) { + while (fgets(buf, sizeof(buf), f)) { p = strchr(buf, '\n'); if (p) *p = '\0'; @@ -3001,7 +3204,7 @@ static int do_multi(int multi) p = buf + 3; alg = atoi(sstrsep(&p, sep)); sstrsep(&p, sep); - for (j = 0; j < SIZE_NUM; ++j) + for (j = 0; j < size_num; ++j) results[alg][j] += atof(sstrsep(&p, sep)); } else if (strncmp(buf, "+F2:", 4) == 0) { int k; @@ -3012,16 +3215,10 @@ static int do_multi(int multi) sstrsep(&p, sep); d = atof(sstrsep(&p, sep)); - if (n) - rsa_results[k][0] = 1 / (1 / rsa_results[k][0] + 1 / d); - else - rsa_results[k][0] = d; + rsa_results[k][0] += d; d = atof(sstrsep(&p, sep)); - if (n) - rsa_results[k][1] = 1 / (1 / rsa_results[k][1] + 1 / d); - else - rsa_results[k][1] = d; + rsa_results[k][1] += d; } # ifndef OPENSSL_NO_DSA else if (strncmp(buf, "+F3:", 4) == 0) { @@ -3033,16 +3230,10 @@ static int do_multi(int multi) sstrsep(&p, sep); d = atof(sstrsep(&p, sep)); - if (n) - dsa_results[k][0] = 1 / (1 / dsa_results[k][0] + 1 / d); - else - dsa_results[k][0] = d; + dsa_results[k][0] += d; d = atof(sstrsep(&p, sep)); - if (n) - dsa_results[k][1] = 1 / (1 / dsa_results[k][1] + 1 / d); - else - dsa_results[k][1] = d; + dsa_results[k][1] += d; } # endif # ifndef OPENSSL_NO_EC @@ -3055,16 +3246,10 @@ static int do_multi(int multi) sstrsep(&p, sep); d = atof(sstrsep(&p, sep)); - if (n) - ecdsa_results[k][0] = 1 / (1 / ecdsa_results[k][0] + 1 / d); - else - ecdsa_results[k][0] = d; + ecdsa_results[k][0] += d; d = atof(sstrsep(&p, sep)); - if (n) - ecdsa_results[k][1] = 1 / (1 / ecdsa_results[k][1] + 1 / d); - else - ecdsa_results[k][1] = d; + ecdsa_results[k][1] += d; } else if (strncmp(buf, "+F5:", 4) == 0) { int k; double d; @@ -3074,11 +3259,7 @@ static int do_multi(int multi) sstrsep(&p, sep); d = atof(sstrsep(&p, sep)); - if (n) - ecdh_results[k][0] = 1 / (1 / ecdh_results[k][0] + 1 / d); - else - ecdh_results[k][0] = d; - + ecdh_results[k][0] += d; } # endif @@ -3096,25 +3277,39 @@ static int do_multi(int multi) } #endif -static void multiblock_speed(const EVP_CIPHER *evp_cipher) +static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single, + const openssl_speed_sec_t *seconds) { - static int mblengths[] = + static const int mblengths_list[] = { 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 }; - int j, count, num = OSSL_NELEM(mblengths); + const int *mblengths = mblengths_list; + int j, count, keylen, num = OSSL_NELEM(mblengths_list); const char *alg_name; - unsigned char *inp, *out, no_key[32], no_iv[16]; + unsigned char *inp, *out, *key, no_key[32], no_iv[16]; EVP_CIPHER_CTX *ctx; double d = 0.0; + if (lengths_single) { + mblengths = &lengths_single; + num = 1; + } + inp = app_malloc(mblengths[num - 1], "multiblock input buffer"); out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer"); ctx = EVP_CIPHER_CTX_new(); - EVP_EncryptInit_ex(ctx, evp_cipher, NULL, no_key, no_iv); + EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv); + + keylen = EVP_CIPHER_CTX_key_length(ctx); + key = app_malloc(keylen, "evp_cipher key"); + EVP_CIPHER_CTX_rand_key(ctx, key); + EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL); + OPENSSL_clear_free(key, keylen); + EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key), no_key); alg_name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)); for (j = 0; j < num; j++) { - print_message(alg_name, 0, mblengths[j]); + print_message(alg_name, 0, mblengths[j], seconds->sym); Time_F(START); for (count = 0, run = 1; run && count < 0x7fffffff; count++) { unsigned char aad[EVP_AEAD_TLS1_AAD_LEN]; @@ -3147,8 +3342,8 @@ static void multiblock_speed(const EVP_CIPHER *evp_cipher) RAND_bytes(out, 16); len += 16; - aad[11] = len >> 8; - aad[12] = len; + aad[11] = (unsigned char)(len >> 8); + aad[12] = (unsigned char)(len); pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD, EVP_AEAD_TLS1_AAD_LEN, aad); EVP_Cipher(ctx, out, inp, len + pad);