2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
13 #define RSA_SECONDS 10
14 #define DSA_SECONDS 10
15 #define ECDSA_SECONDS 10
16 #define ECDH_SECONDS 10
17 #define EdDSA_SECONDS 10
18 #define SM2_SECONDS 10
20 /* We need to use some deprecated APIs */
21 #define OPENSSL_SUPPRESS_DEPRECATED
29 #include <openssl/crypto.h>
30 #include <openssl/rand.h>
31 #include <openssl/err.h>
32 #include <openssl/evp.h>
33 #include <openssl/objects.h>
34 #include <openssl/async.h>
35 #if !defined(OPENSSL_SYS_MSDOS)
43 #include <openssl/bn.h>
44 #ifndef OPENSSL_NO_DES
45 # include <openssl/des.h>
47 #ifndef OPENSSL_NO_DEPRECATED_3_0
48 #include <openssl/aes.h>
50 #ifndef OPENSSL_NO_CAMELLIA
51 # include <openssl/camellia.h>
53 #ifndef OPENSSL_NO_MD2
54 # include <openssl/md2.h>
56 #ifndef OPENSSL_NO_MDC2
57 # include <openssl/mdc2.h>
59 #ifndef OPENSSL_NO_MD4
60 # include <openssl/md4.h>
62 #ifndef OPENSSL_NO_MD5
63 # include <openssl/md5.h>
65 #include <openssl/hmac.h>
66 #ifndef OPENSSL_NO_CMAC
67 #include <openssl/cmac.h>
69 #include <openssl/sha.h>
70 #ifndef OPENSSL_NO_RMD160
71 # include <openssl/ripemd.h>
73 #ifndef OPENSSL_NO_WHIRLPOOL
74 # include <openssl/whrlpool.h>
76 #ifndef OPENSSL_NO_RC4
77 # include <openssl/rc4.h>
79 #ifndef OPENSSL_NO_RC5
80 # include <openssl/rc5.h>
82 #ifndef OPENSSL_NO_RC2
83 # include <openssl/rc2.h>
85 #ifndef OPENSSL_NO_IDEA
86 # include <openssl/idea.h>
88 #ifndef OPENSSL_NO_SEED
89 # include <openssl/seed.h>
92 # include <openssl/blowfish.h>
94 #ifndef OPENSSL_NO_CAST
95 # include <openssl/cast.h>
97 #ifndef OPENSSL_NO_RSA
98 # include <openssl/rsa.h>
99 # include "./testrsa.h"
101 #include <openssl/x509.h>
102 #ifndef OPENSSL_NO_DSA
103 # include <openssl/dsa.h>
104 # include "./testdsa.h"
106 #ifndef OPENSSL_NO_EC
107 # include <openssl/ec.h>
109 #include <openssl/modes.h>
112 # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS)
125 #define MAX_MISALIGNMENT 63
126 #define MAX_ECDH_SIZE 256
129 typedef struct openssl_speed_sec_st {
137 } openssl_speed_sec_t;
139 static volatile int run = 0;
141 static int mr = 0; /* machine-readeable output format to merge fork results */
142 static int usertime = 1;
144 static double Time_F(int s);
145 static void print_message(const char *s, long num, int length, int tm);
146 static void pkey_print_message(const char *str, const char *str2,
147 long num, unsigned int bits, int sec);
148 static void print_result(int alg, int run_no, int count, double time_used);
150 static int do_multi(int multi, int size_num);
153 static const int lengths_list[] = {
154 16, 64, 256, 1024, 8 * 1024, 16 * 1024
156 #define SIZE_NUM OSSL_NELEM(lengths_list)
157 static const int *lengths = lengths_list;
159 static const int aead_lengths_list[] = {
160 2, 31, 136, 1024, 8 * 1024, 16 * 1024
168 static void alarmed(int sig)
170 signal(SIGALRM, alarmed);
174 static double Time_F(int s)
176 double ret = app_tminterval(s, usertime);
182 #elif defined(_WIN32)
186 static unsigned int lapse;
187 static volatile unsigned int schlock;
188 static void alarm_win32(unsigned int secs)
193 # define alarm alarm_win32
195 static DWORD WINAPI sleepy(VOID * arg)
203 static double Time_F(int s)
210 thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
212 DWORD err = GetLastError();
213 BIO_printf(bio_err, "unable to CreateThread (%lu)", err);
217 Sleep(0); /* scheduler spinlock */
218 ret = app_tminterval(s, usertime);
220 ret = app_tminterval(s, usertime);
222 TerminateThread(thr, 0);
229 static double Time_F(int s)
231 return app_tminterval(s, usertime);
235 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
236 const openssl_speed_sec_t *seconds);
238 static int opt_found(const char *name, unsigned int *result,
239 const OPT_PAIR pairs[], unsigned int nbelem)
243 for (idx = 0; idx < nbelem; ++idx, pairs++)
244 if (strcmp(name, pairs->name) == 0) {
245 *result = pairs->retval;
250 #define opt_found(value, pairs, result)\
251 opt_found(value, result, pairs, OSSL_NELEM(pairs))
253 typedef enum OPTION_choice {
254 OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
255 OPT_ELAPSED, OPT_EVP, OPT_HMAC, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
256 OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM,
257 OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD, OPT_CMAC
260 const OPTIONS speed_options[] = {
261 {OPT_HELP_STR, 1, '-', "Usage: %s [options] [algorithm...]\n"},
263 OPT_SECTION("General"),
264 {"help", OPT_HELP, '-', "Display this summary"},
266 "Enable (tls1>=1) multi-block mode on EVP-named cipher"},
267 {"mr", OPT_MR, '-', "Produce machine readable output"},
269 {"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"},
271 #ifndef OPENSSL_NO_ASYNC
272 {"async_jobs", OPT_ASYNCJOBS, 'p',
273 "Enable async mode and start specified number of jobs"},
275 #ifndef OPENSSL_NO_ENGINE
276 {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
278 {"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"},
280 OPT_SECTION("Selection"),
281 {"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"},
282 #ifndef OPENSSL_NO_DEPRECATED_3_0
283 {"hmac", OPT_HMAC, 's', "HMAC using EVP-named digest"},
285 #if !defined(OPENSSL_NO_CMAC) && !defined(OPENSSL_NO_DEPRECATED_3_0)
286 {"cmac", OPT_CMAC, 's', "CMAC using EVP-named cipher"},
288 {"decrypt", OPT_DECRYPT, '-',
289 "Time decryption instead of encryption (only EVP)"},
290 {"aead", OPT_AEAD, '-',
291 "Benchmark EVP-named AEAD cipher in TLS-like sequence"},
293 OPT_SECTION("Timing"),
294 {"elapsed", OPT_ELAPSED, '-',
295 "Use wall-clock time instead of CPU user time as divisor"},
296 {"seconds", OPT_SECONDS, 'p',
297 "Run benchmarks for specified amount of seconds"},
298 {"bytes", OPT_BYTES, 'p',
299 "Run [non-PKI] benchmarks on custom-sized buffer"},
300 {"misalign", OPT_MISALIGN, 'p',
301 "Use specified offset to mis-align buffers"},
306 {"algorithm", 0, 0, "Algorithm(s) to test (optional; otherwise tests all)"},
311 D_MD2, D_MDC2, D_MD4, D_MD5 , D_HMAC, D_SHA1, D_RMD160, D_RC4,
312 D_CBC_DES, D_EDE3_DES, D_CBC_IDEA, D_CBC_SEED,
313 D_CBC_RC2, D_CBC_RC5, D_CBC_BF, D_CBC_CAST,
314 D_CBC_128_AES, D_CBC_192_AES, D_CBC_256_AES,
315 D_CBC_128_CML, D_CBC_192_CML, D_CBC_256_CML,
316 D_EVP, D_SHA256, D_SHA512, D_WHIRLPOOL,
317 D_IGE_128_AES, D_IGE_192_AES, D_IGE_256_AES,
318 D_GHASH, D_RAND, D_EVP_HMAC, D_EVP_CMAC, ALGOR_NUM
320 /* name of algorithms to test. MUST BE KEEP IN SYNC with above enum ! */
321 static const char *names[ALGOR_NUM] = {
322 "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
323 "des cbc", "des ede3", "idea cbc", "seed cbc",
324 "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
325 "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
326 "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
327 "evp", "sha256", "sha512", "whirlpool",
328 "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
329 "rand", "hmac", "cmac"
332 /* list of configured algorithm (remaining), with some few alias */
333 static const OPT_PAIR doit_choices[] = {
334 #if !defined(OPENSSL_NO_MD2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
337 #if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
340 #if !defined(OPENSSL_NO_MD4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
343 #if !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_DEPRECATED_3_0)
345 # ifndef OPENSSL_NO_DEPRECATED_3_0
349 #ifndef OPENSSL_NO_DEPRECATED_3_0
351 {"sha256", D_SHA256},
352 {"sha512", D_SHA512},
354 #if !defined(OPENSSL_NO_WHIRLPOOL) && !defined(OPENSSL_NO_DEPRECATED_3_0)
355 {"whirlpool", D_WHIRLPOOL},
357 #if !defined(OPENSSL_NO_RMD160) && !defined(OPENSSL_NO_DEPRECATED_3_0)
358 {"ripemd", D_RMD160},
359 {"rmd160", D_RMD160},
360 {"ripemd160", D_RMD160},
362 #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
365 #if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
366 {"des-cbc", D_CBC_DES},
367 {"des-ede3", D_EDE3_DES},
369 #ifndef OPENSSL_NO_DEPRECATED_3_0
370 {"aes-128-cbc", D_CBC_128_AES},
371 {"aes-192-cbc", D_CBC_192_AES},
372 {"aes-256-cbc", D_CBC_256_AES},
373 {"aes-128-ige", D_IGE_128_AES},
374 {"aes-192-ige", D_IGE_192_AES},
375 {"aes-256-ige", D_IGE_256_AES},
377 #if !defined(OPENSSL_NO_RC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
378 {"rc2-cbc", D_CBC_RC2},
381 #if !defined(OPENSSL_NO_RC5) && !defined(OPENSSL_NO_DEPRECATED_3_0)
382 {"rc5-cbc", D_CBC_RC5},
385 #if !defined(OPENSSL_NO_IDEA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
386 {"idea-cbc", D_CBC_IDEA},
387 {"idea", D_CBC_IDEA},
389 #if !defined(OPENSSL_NO_SEED) && !defined(OPENSSL_NO_DEPRECATED_3_0)
390 {"seed-cbc", D_CBC_SEED},
391 {"seed", D_CBC_SEED},
393 #if !defined(OPENSSL_NO_BF) && !defined(OPENSSL_NO_DEPRECATED_3_0)
394 {"bf-cbc", D_CBC_BF},
395 {"blowfish", D_CBC_BF},
398 #if !defined(OPENSSL_NO_CAST) && !defined(OPENSSL_NO_DEPRECATED_3_0)
399 {"cast-cbc", D_CBC_CAST},
400 {"cast", D_CBC_CAST},
401 {"cast5", D_CBC_CAST},
407 static double results[ALGOR_NUM][SIZE_NUM];
409 #ifndef OPENSSL_NO_DSA
410 enum { R_DSA_512, R_DSA_1024, R_DSA_2048, DSA_NUM };
411 static const OPT_PAIR dsa_choices[DSA_NUM] = {
412 {"dsa512", R_DSA_512},
413 {"dsa1024", R_DSA_1024},
414 {"dsa2048", R_DSA_2048}
416 static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */
417 #endif /* OPENSSL_NO_DSA */
419 #ifndef OPENSSL_NO_RSA
421 R_RSA_512, R_RSA_1024, R_RSA_2048, R_RSA_3072, R_RSA_4096, R_RSA_7680,
424 static const OPT_PAIR rsa_choices[RSA_NUM] = {
425 {"rsa512", R_RSA_512},
426 {"rsa1024", R_RSA_1024},
427 {"rsa2048", R_RSA_2048},
428 {"rsa3072", R_RSA_3072},
429 {"rsa4096", R_RSA_4096},
430 {"rsa7680", R_RSA_7680},
431 {"rsa15360", R_RSA_15360}
434 static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */
435 #endif /* OPENSSL_NO_RSA */
437 #ifndef OPENSSL_NO_EC
439 R_EC_P160, R_EC_P192, R_EC_P224, R_EC_P256, R_EC_P384, R_EC_P521,
440 # ifndef OPENSSL_NO_EC2M
441 R_EC_K163, R_EC_K233, R_EC_K283, R_EC_K409, R_EC_K571,
442 R_EC_B163, R_EC_B233, R_EC_B283, R_EC_B409, R_EC_B571,
444 R_EC_BRP256R1, R_EC_BRP256T1, R_EC_BRP384R1, R_EC_BRP384T1,
445 R_EC_BRP512R1, R_EC_BRP512T1, ECDSA_NUM
447 /* list of ecdsa curves */
448 static const OPT_PAIR ecdsa_choices[ECDSA_NUM] = {
449 {"ecdsap160", R_EC_P160},
450 {"ecdsap192", R_EC_P192},
451 {"ecdsap224", R_EC_P224},
452 {"ecdsap256", R_EC_P256},
453 {"ecdsap384", R_EC_P384},
454 {"ecdsap521", R_EC_P521},
455 # ifndef OPENSSL_NO_EC2M
456 {"ecdsak163", R_EC_K163},
457 {"ecdsak233", R_EC_K233},
458 {"ecdsak283", R_EC_K283},
459 {"ecdsak409", R_EC_K409},
460 {"ecdsak571", R_EC_K571},
461 {"ecdsab163", R_EC_B163},
462 {"ecdsab233", R_EC_B233},
463 {"ecdsab283", R_EC_B283},
464 {"ecdsab409", R_EC_B409},
465 {"ecdsab571", R_EC_B571},
467 {"ecdsabrp256r1", R_EC_BRP256R1},
468 {"ecdsabrp256t1", R_EC_BRP256T1},
469 {"ecdsabrp384r1", R_EC_BRP384R1},
470 {"ecdsabrp384t1", R_EC_BRP384T1},
471 {"ecdsabrp512r1", R_EC_BRP512R1},
472 {"ecdsabrp512t1", R_EC_BRP512T1}
474 enum { R_EC_X25519 = ECDSA_NUM, R_EC_X448, EC_NUM };
475 /* list of ecdh curves, extension of |ecdsa_choices| list above */
476 static const OPT_PAIR ecdh_choices[EC_NUM] = {
477 {"ecdhp160", R_EC_P160},
478 {"ecdhp192", R_EC_P192},
479 {"ecdhp224", R_EC_P224},
480 {"ecdhp256", R_EC_P256},
481 {"ecdhp384", R_EC_P384},
482 {"ecdhp521", R_EC_P521},
483 # ifndef OPENSSL_NO_EC2M
484 {"ecdhk163", R_EC_K163},
485 {"ecdhk233", R_EC_K233},
486 {"ecdhk283", R_EC_K283},
487 {"ecdhk409", R_EC_K409},
488 {"ecdhk571", R_EC_K571},
489 {"ecdhb163", R_EC_B163},
490 {"ecdhb233", R_EC_B233},
491 {"ecdhb283", R_EC_B283},
492 {"ecdhb409", R_EC_B409},
493 {"ecdhb571", R_EC_B571},
495 {"ecdhbrp256r1", R_EC_BRP256R1},
496 {"ecdhbrp256t1", R_EC_BRP256T1},
497 {"ecdhbrp384r1", R_EC_BRP384R1},
498 {"ecdhbrp384t1", R_EC_BRP384T1},
499 {"ecdhbrp512r1", R_EC_BRP512R1},
500 {"ecdhbrp512t1", R_EC_BRP512T1},
501 {"ecdhx25519", R_EC_X25519},
502 {"ecdhx448", R_EC_X448}
505 static double ecdh_results[EC_NUM][1]; /* 1 op: derivation */
506 static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */
508 enum { R_EC_Ed25519, R_EC_Ed448, EdDSA_NUM };
509 static const OPT_PAIR eddsa_choices[EdDSA_NUM] = {
510 {"ed25519", R_EC_Ed25519},
511 {"ed448", R_EC_Ed448}
514 static double eddsa_results[EdDSA_NUM][2]; /* 2 ops: sign then verify */
516 # ifndef OPENSSL_NO_SM2
517 enum { R_EC_CURVESM2, SM2_NUM };
518 static const OPT_PAIR sm2_choices[SM2_NUM] = {
519 {"curveSM2", R_EC_CURVESM2}
521 # define SM2_ID "TLSv1.3+GM+Cipher+Suite"
522 # define SM2_ID_LEN sizeof("TLSv1.3+GM+Cipher+Suite") - 1
523 static double sm2_results[SM2_NUM][2]; /* 2 ops: sign then verify */
524 # endif /* OPENSSL_NO_SM2 */
525 #endif /* OPENSSL_NO_EC */
528 # define COND(d) (count < (d))
529 # define COUNT(d) (d)
531 # define COND(unused_cond) (run && count<0x7fffffff)
532 # define COUNT(d) (count)
535 typedef struct loopargs_st {
536 ASYNC_JOB *inprogress_job;
537 ASYNC_WAIT_CTX *wait_ctx;
540 unsigned char *buf_malloc;
541 unsigned char *buf2_malloc;
545 #ifndef OPENSSL_NO_RSA
546 RSA *rsa_key[RSA_NUM];
548 #ifndef OPENSSL_NO_DSA
549 DSA *dsa_key[DSA_NUM];
551 #ifndef OPENSSL_NO_EC
552 EC_KEY *ecdsa[ECDSA_NUM];
553 EVP_PKEY_CTX *ecdh_ctx[EC_NUM];
554 EVP_MD_CTX *eddsa_ctx[EdDSA_NUM];
555 # ifndef OPENSSL_NO_SM2
556 EVP_MD_CTX *sm2_ctx[SM2_NUM];
557 EVP_MD_CTX *sm2_vfy_ctx[SM2_NUM];
558 EVP_PKEY *sm2_pkey[SM2_NUM];
560 unsigned char *secret_a;
561 unsigned char *secret_b;
562 size_t outlen[EC_NUM];
565 #ifndef OPENSSL_NO_DEPRECATED_3_0
568 #if !defined(OPENSSL_NO_CMAC) && !defined(OPENSSL_NO_DEPRECATED_3_0)
571 GCM128_CONTEXT *gcm_ctx;
573 static int run_benchmark(int async_jobs, int (*loop_function) (void *),
574 loopargs_t * loopargs);
576 static unsigned int testnum;
578 /* Nb of iterations to do per algorithm and key-size */
579 static long c[ALGOR_NUM][SIZE_NUM];
581 #if !defined(OPENSSL_NO_MD2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
582 static int EVP_Digest_MD2_loop(void *args)
584 loopargs_t *tempargs = *(loopargs_t **) args;
585 unsigned char *buf = tempargs->buf;
586 unsigned char md2[MD2_DIGEST_LENGTH];
589 for (count = 0; COND(c[D_MD2][testnum]); count++) {
590 if (!EVP_Digest(buf, (size_t)lengths[testnum], md2, NULL, EVP_md2(),
598 #if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
599 static int EVP_Digest_MDC2_loop(void *args)
601 loopargs_t *tempargs = *(loopargs_t **) args;
602 unsigned char *buf = tempargs->buf;
603 unsigned char mdc2[MDC2_DIGEST_LENGTH];
606 for (count = 0; COND(c[D_MDC2][testnum]); count++) {
607 if (!EVP_Digest(buf, (size_t)lengths[testnum], mdc2, NULL, EVP_mdc2(),
615 #if !defined(OPENSSL_NO_MD4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
616 static int EVP_Digest_MD4_loop(void *args)
618 loopargs_t *tempargs = *(loopargs_t **) args;
619 unsigned char *buf = tempargs->buf;
620 unsigned char md4[MD4_DIGEST_LENGTH];
623 for (count = 0; COND(c[D_MD4][testnum]); count++) {
624 if (!EVP_Digest(buf, (size_t)lengths[testnum], md4, NULL, EVP_md4(),
632 #if !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_DEPRECATED_3_0)
633 static int MD5_loop(void *args)
635 loopargs_t *tempargs = *(loopargs_t **) args;
636 unsigned char *buf = tempargs->buf;
637 unsigned char md5[MD5_DIGEST_LENGTH];
639 for (count = 0; COND(c[D_MD5][testnum]); count++)
640 MD5(buf, lengths[testnum], md5);
644 # ifndef OPENSSL_NO_DEPRECATED_3_0
645 static int HMAC_loop(void *args)
647 loopargs_t *tempargs = *(loopargs_t **) args;
648 unsigned char *buf = tempargs->buf;
649 HMAC_CTX *hctx = tempargs->hctx;
650 unsigned char hmac[MD5_DIGEST_LENGTH];
653 for (count = 0; COND(c[D_HMAC][testnum]); count++) {
654 HMAC_Init_ex(hctx, NULL, 0, NULL, NULL);
655 HMAC_Update(hctx, buf, lengths[testnum]);
656 HMAC_Final(hctx, hmac, NULL);
663 #ifndef OPENSSL_NO_DEPRECATED_3_0
664 static int SHA1_loop(void *args)
666 loopargs_t *tempargs = *(loopargs_t **) args;
667 unsigned char *buf = tempargs->buf;
668 unsigned char sha[SHA_DIGEST_LENGTH];
670 for (count = 0; COND(c[D_SHA1][testnum]); count++)
671 SHA1(buf, lengths[testnum], sha);
675 static int SHA256_loop(void *args)
677 loopargs_t *tempargs = *(loopargs_t **) args;
678 unsigned char *buf = tempargs->buf;
679 unsigned char sha256[SHA256_DIGEST_LENGTH];
681 for (count = 0; COND(c[D_SHA256][testnum]); count++)
682 SHA256(buf, lengths[testnum], sha256);
686 static int SHA512_loop(void *args)
688 loopargs_t *tempargs = *(loopargs_t **) args;
689 unsigned char *buf = tempargs->buf;
690 unsigned char sha512[SHA512_DIGEST_LENGTH];
692 for (count = 0; COND(c[D_SHA512][testnum]); count++)
693 SHA512(buf, lengths[testnum], sha512);
698 #if !defined(OPENSSL_NO_WHIRLPOOL) && !defined(OPENSSL_NO_DEPRECATED_3_0)
699 static int WHIRLPOOL_loop(void *args)
701 loopargs_t *tempargs = *(loopargs_t **) args;
702 unsigned char *buf = tempargs->buf;
703 unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
705 for (count = 0; COND(c[D_WHIRLPOOL][testnum]); count++)
706 WHIRLPOOL(buf, lengths[testnum], whirlpool);
711 #if !defined(OPENSSL_NO_RMD160) && !defined(OPENSSL_NO_DEPRECATED_3_0)
712 static int EVP_Digest_RMD160_loop(void *args)
714 loopargs_t *tempargs = *(loopargs_t **) args;
715 unsigned char *buf = tempargs->buf;
716 unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
718 for (count = 0; COND(c[D_RMD160][testnum]); count++) {
719 if (!EVP_Digest(buf, (size_t)lengths[testnum], &(rmd160[0]),
720 NULL, EVP_ripemd160(), NULL))
727 #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
728 static RC4_KEY rc4_ks;
729 static int RC4_loop(void *args)
731 loopargs_t *tempargs = *(loopargs_t **) args;
732 unsigned char *buf = tempargs->buf;
734 for (count = 0; COND(c[D_RC4][testnum]); count++)
735 RC4(&rc4_ks, (size_t)lengths[testnum], buf, buf);
740 #if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
741 static unsigned char DES_iv[8];
742 static DES_key_schedule sch[3];
743 static int DES_ncbc_encrypt_loop(void *args)
745 loopargs_t *tempargs = *(loopargs_t **) args;
746 unsigned char *buf = tempargs->buf;
748 for (count = 0; COND(c[D_CBC_DES][testnum]); count++)
749 DES_ncbc_encrypt(buf, buf, lengths[testnum], &sch[0],
750 &DES_iv, DES_ENCRYPT);
754 static int DES_ede3_cbc_encrypt_loop(void *args)
756 loopargs_t *tempargs = *(loopargs_t **) args;
757 unsigned char *buf = tempargs->buf;
759 for (count = 0; COND(c[D_EDE3_DES][testnum]); count++)
760 DES_ede3_cbc_encrypt(buf, buf, lengths[testnum],
761 &sch[0], &sch[1], &sch[2], &DES_iv, DES_ENCRYPT);
766 #define MAX_BLOCK_SIZE 128
768 static unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
770 #ifndef OPENSSL_NO_DEPRECATED_3_0
771 static AES_KEY aes_ks1, aes_ks2, aes_ks3;
772 static int AES_cbc_128_encrypt_loop(void *args)
774 loopargs_t *tempargs = *(loopargs_t **) args;
775 unsigned char *buf = tempargs->buf;
777 for (count = 0; COND(c[D_CBC_128_AES][testnum]); count++)
778 AES_cbc_encrypt(buf, buf,
779 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
783 static int AES_cbc_192_encrypt_loop(void *args)
785 loopargs_t *tempargs = *(loopargs_t **) args;
786 unsigned char *buf = tempargs->buf;
788 for (count = 0; COND(c[D_CBC_192_AES][testnum]); count++)
789 AES_cbc_encrypt(buf, buf,
790 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
794 static int AES_cbc_256_encrypt_loop(void *args)
796 loopargs_t *tempargs = *(loopargs_t **) args;
797 unsigned char *buf = tempargs->buf;
799 for (count = 0; COND(c[D_CBC_256_AES][testnum]); count++)
800 AES_cbc_encrypt(buf, buf,
801 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
805 static int AES_ige_128_encrypt_loop(void *args)
807 loopargs_t *tempargs = *(loopargs_t **) args;
808 unsigned char *buf = tempargs->buf;
809 unsigned char *buf2 = tempargs->buf2;
811 for (count = 0; COND(c[D_IGE_128_AES][testnum]); count++)
812 AES_ige_encrypt(buf, buf2,
813 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
817 static int AES_ige_192_encrypt_loop(void *args)
819 loopargs_t *tempargs = *(loopargs_t **) args;
820 unsigned char *buf = tempargs->buf;
821 unsigned char *buf2 = tempargs->buf2;
823 for (count = 0; COND(c[D_IGE_192_AES][testnum]); count++)
824 AES_ige_encrypt(buf, buf2,
825 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
829 static int AES_ige_256_encrypt_loop(void *args)
831 loopargs_t *tempargs = *(loopargs_t **) args;
832 unsigned char *buf = tempargs->buf;
833 unsigned char *buf2 = tempargs->buf2;
835 for (count = 0; COND(c[D_IGE_256_AES][testnum]); count++)
836 AES_ige_encrypt(buf, buf2,
837 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
841 static int CRYPTO_gcm128_aad_loop(void *args)
843 loopargs_t *tempargs = *(loopargs_t **) args;
844 unsigned char *buf = tempargs->buf;
845 GCM128_CONTEXT *gcm_ctx = tempargs->gcm_ctx;
847 for (count = 0; COND(c[D_GHASH][testnum]); count++)
848 CRYPTO_gcm128_aad(gcm_ctx, buf, lengths[testnum]);
853 static int RAND_bytes_loop(void *args)
855 loopargs_t *tempargs = *(loopargs_t **) args;
856 unsigned char *buf = tempargs->buf;
859 for (count = 0; COND(c[D_RAND][testnum]); count++)
860 RAND_bytes(buf, lengths[testnum]);
864 static int decrypt = 0;
865 static int EVP_Update_loop(void *args)
867 loopargs_t *tempargs = *(loopargs_t **) args;
868 unsigned char *buf = tempargs->buf;
869 EVP_CIPHER_CTX *ctx = tempargs->ctx;
873 for (count = 0; COND(c[D_EVP][testnum]); count++) {
874 rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
876 /* reset iv in case of counter overflow */
877 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
881 for (count = 0; COND(c[D_EVP][testnum]); count++) {
882 rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
884 /* reset iv in case of counter overflow */
885 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
890 EVP_DecryptFinal_ex(ctx, buf, &outl);
892 EVP_EncryptFinal_ex(ctx, buf, &outl);
897 * CCM does not support streaming. For the purpose of performance measurement,
898 * each message is encrypted using the same (key,iv)-pair. Do not use this
899 * code in your application.
901 static int EVP_Update_loop_ccm(void *args)
903 loopargs_t *tempargs = *(loopargs_t **) args;
904 unsigned char *buf = tempargs->buf;
905 EVP_CIPHER_CTX *ctx = tempargs->ctx;
907 unsigned char tag[12];
910 for (count = 0; COND(c[D_EVP][testnum]); count++) {
911 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), tag);
913 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
914 /* counter is reset on every update */
915 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
918 for (count = 0; COND(c[D_EVP][testnum]); count++) {
919 /* restore iv length field */
920 EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
921 /* counter is reset on every update */
922 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
926 EVP_DecryptFinal_ex(ctx, buf, &outl);
928 EVP_EncryptFinal_ex(ctx, buf, &outl);
933 * To make AEAD benchmarking more relevant perform TLS-like operations,
934 * 13-byte AAD followed by payload. But don't use TLS-formatted AAD, as
935 * payload length is not actually limited by 16KB...
937 static int EVP_Update_loop_aead(void *args)
939 loopargs_t *tempargs = *(loopargs_t **) args;
940 unsigned char *buf = tempargs->buf;
941 EVP_CIPHER_CTX *ctx = tempargs->ctx;
943 unsigned char aad[13] = { 0xcc };
944 unsigned char faketag[16] = { 0xcc };
947 for (count = 0; COND(c[D_EVP][testnum]); count++) {
948 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
949 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
950 sizeof(faketag), faketag);
951 EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
952 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
953 EVP_DecryptFinal_ex(ctx, buf + outl, &outl);
956 for (count = 0; COND(c[D_EVP][testnum]); count++) {
957 EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv);
958 EVP_EncryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
959 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
960 EVP_EncryptFinal_ex(ctx, buf + outl, &outl);
966 static const EVP_MD *evp_md = NULL;
967 static int EVP_Digest_loop(void *args)
969 loopargs_t *tempargs = *(loopargs_t **) args;
970 unsigned char *buf = tempargs->buf;
971 unsigned char md[EVP_MAX_MD_SIZE];
974 for (count = 0; COND(c[D_EVP][testnum]); count++) {
975 if (!EVP_Digest(buf, lengths[testnum], md, NULL, evp_md, NULL))
981 #ifndef OPENSSL_NO_DEPRECATED_3_0
982 static const EVP_MD *evp_hmac_md = NULL;
983 static char *evp_hmac_name = NULL;
984 static int EVP_HMAC_loop(void *args)
986 loopargs_t *tempargs = *(loopargs_t **) args;
987 unsigned char *buf = tempargs->buf;
988 unsigned char no_key[32];
991 for (count = 0; COND(c[D_EVP_HMAC][testnum]); count++) {
992 if (HMAC(evp_hmac_md, no_key, sizeof(no_key), buf, lengths[testnum],
1000 #if !defined(OPENSSL_NO_CMAC) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1001 static const EVP_CIPHER *evp_cmac_cipher = NULL;
1002 static char *evp_cmac_name = NULL;
1004 static int EVP_CMAC_loop(void *args)
1006 loopargs_t *tempargs = *(loopargs_t **) args;
1007 unsigned char *buf = tempargs->buf;
1008 CMAC_CTX *cmac_ctx = tempargs->cmac_ctx;
1009 static const char key[16] = "This is a key...";
1010 unsigned char mac[16];
1011 size_t len = sizeof(mac);
1014 for (count = 0; COND(c[D_EVP_CMAC][testnum]); count++) {
1015 if (!CMAC_Init(cmac_ctx, key, sizeof(key), evp_cmac_cipher, NULL)
1016 || !CMAC_Update(cmac_ctx, buf, lengths[testnum])
1017 || !CMAC_Final(cmac_ctx, mac, &len))
1024 #ifndef OPENSSL_NO_RSA
1025 static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */
1027 static int RSA_sign_loop(void *args)
1029 loopargs_t *tempargs = *(loopargs_t **) args;
1030 unsigned char *buf = tempargs->buf;
1031 unsigned char *buf2 = tempargs->buf2;
1032 unsigned int *rsa_num = &tempargs->siglen;
1033 RSA **rsa_key = tempargs->rsa_key;
1035 for (count = 0; COND(rsa_c[testnum][0]); count++) {
1036 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1038 BIO_printf(bio_err, "RSA sign failure\n");
1039 ERR_print_errors(bio_err);
1047 static int RSA_verify_loop(void *args)
1049 loopargs_t *tempargs = *(loopargs_t **) args;
1050 unsigned char *buf = tempargs->buf;
1051 unsigned char *buf2 = tempargs->buf2;
1052 unsigned int rsa_num = tempargs->siglen;
1053 RSA **rsa_key = tempargs->rsa_key;
1055 for (count = 0; COND(rsa_c[testnum][1]); count++) {
1057 RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1059 BIO_printf(bio_err, "RSA verify failure\n");
1060 ERR_print_errors(bio_err);
1069 #ifndef OPENSSL_NO_DSA
1070 static long dsa_c[DSA_NUM][2];
1071 static int DSA_sign_loop(void *args)
1073 loopargs_t *tempargs = *(loopargs_t **) args;
1074 unsigned char *buf = tempargs->buf;
1075 unsigned char *buf2 = tempargs->buf2;
1076 DSA **dsa_key = tempargs->dsa_key;
1077 unsigned int *siglen = &tempargs->siglen;
1079 for (count = 0; COND(dsa_c[testnum][0]); count++) {
1080 ret = DSA_sign(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1082 BIO_printf(bio_err, "DSA sign failure\n");
1083 ERR_print_errors(bio_err);
1091 static int DSA_verify_loop(void *args)
1093 loopargs_t *tempargs = *(loopargs_t **) args;
1094 unsigned char *buf = tempargs->buf;
1095 unsigned char *buf2 = tempargs->buf2;
1096 DSA **dsa_key = tempargs->dsa_key;
1097 unsigned int siglen = tempargs->siglen;
1099 for (count = 0; COND(dsa_c[testnum][1]); count++) {
1100 ret = DSA_verify(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1102 BIO_printf(bio_err, "DSA verify failure\n");
1103 ERR_print_errors(bio_err);
1112 #ifndef OPENSSL_NO_EC
1113 static long ecdsa_c[ECDSA_NUM][2];
1114 static int ECDSA_sign_loop(void *args)
1116 loopargs_t *tempargs = *(loopargs_t **) args;
1117 unsigned char *buf = tempargs->buf;
1118 EC_KEY **ecdsa = tempargs->ecdsa;
1119 unsigned char *ecdsasig = tempargs->buf2;
1120 unsigned int *ecdsasiglen = &tempargs->siglen;
1122 for (count = 0; COND(ecdsa_c[testnum][0]); count++) {
1123 ret = ECDSA_sign(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1125 BIO_printf(bio_err, "ECDSA sign failure\n");
1126 ERR_print_errors(bio_err);
1134 static int ECDSA_verify_loop(void *args)
1136 loopargs_t *tempargs = *(loopargs_t **) args;
1137 unsigned char *buf = tempargs->buf;
1138 EC_KEY **ecdsa = tempargs->ecdsa;
1139 unsigned char *ecdsasig = tempargs->buf2;
1140 unsigned int ecdsasiglen = tempargs->siglen;
1142 for (count = 0; COND(ecdsa_c[testnum][1]); count++) {
1143 ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1145 BIO_printf(bio_err, "ECDSA verify failure\n");
1146 ERR_print_errors(bio_err);
1154 /* ******************************************************************** */
1155 static long ecdh_c[EC_NUM][1];
1157 static int ECDH_EVP_derive_key_loop(void *args)
1159 loopargs_t *tempargs = *(loopargs_t **) args;
1160 EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum];
1161 unsigned char *derived_secret = tempargs->secret_a;
1163 size_t *outlen = &(tempargs->outlen[testnum]);
1165 for (count = 0; COND(ecdh_c[testnum][0]); count++)
1166 EVP_PKEY_derive(ctx, derived_secret, outlen);
1171 static long eddsa_c[EdDSA_NUM][2];
1172 static int EdDSA_sign_loop(void *args)
1174 loopargs_t *tempargs = *(loopargs_t **) args;
1175 unsigned char *buf = tempargs->buf;
1176 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1177 unsigned char *eddsasig = tempargs->buf2;
1178 size_t *eddsasigsize = &tempargs->sigsize;
1181 for (count = 0; COND(eddsa_c[testnum][0]); count++) {
1182 ret = EVP_DigestSign(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1184 BIO_printf(bio_err, "EdDSA sign failure\n");
1185 ERR_print_errors(bio_err);
1193 static int EdDSA_verify_loop(void *args)
1195 loopargs_t *tempargs = *(loopargs_t **) args;
1196 unsigned char *buf = tempargs->buf;
1197 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1198 unsigned char *eddsasig = tempargs->buf2;
1199 size_t eddsasigsize = tempargs->sigsize;
1202 for (count = 0; COND(eddsa_c[testnum][1]); count++) {
1203 ret = EVP_DigestVerify(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1205 BIO_printf(bio_err, "EdDSA verify failure\n");
1206 ERR_print_errors(bio_err);
1214 # ifndef OPENSSL_NO_SM2
1215 static long sm2_c[SM2_NUM][2];
1216 static int SM2_sign_loop(void *args)
1218 loopargs_t *tempargs = *(loopargs_t **) args;
1219 unsigned char *buf = tempargs->buf;
1220 EVP_MD_CTX **sm2ctx = tempargs->sm2_ctx;
1221 unsigned char *sm2sig = tempargs->buf2;
1222 size_t sm2sigsize = tempargs->sigsize;
1223 const size_t max_size = tempargs->sigsize;
1225 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1227 for (count = 0; COND(sm2_c[testnum][0]); count++) {
1228 if (!EVP_DigestSignInit(sm2ctx[testnum], NULL, EVP_sm3(),
1229 NULL, sm2_pkey[testnum])) {
1230 BIO_printf(bio_err, "SM2 init sign failure\n");
1231 ERR_print_errors(bio_err);
1235 ret = EVP_DigestSign(sm2ctx[testnum], sm2sig, &sm2sigsize,
1238 BIO_printf(bio_err, "SM2 sign failure\n");
1239 ERR_print_errors(bio_err);
1243 /* update the latest returned size and always use the fixed buffer size */
1244 tempargs->sigsize = sm2sigsize;
1245 sm2sigsize = max_size;
1251 static int SM2_verify_loop(void *args)
1253 loopargs_t *tempargs = *(loopargs_t **) args;
1254 unsigned char *buf = tempargs->buf;
1255 EVP_MD_CTX **sm2ctx = tempargs->sm2_vfy_ctx;
1256 unsigned char *sm2sig = tempargs->buf2;
1257 size_t sm2sigsize = tempargs->sigsize;
1259 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1261 for (count = 0; COND(sm2_c[testnum][1]); count++) {
1262 if (!EVP_DigestVerifyInit(sm2ctx[testnum], NULL, EVP_sm3(),
1263 NULL, sm2_pkey[testnum])) {
1264 BIO_printf(bio_err, "SM2 verify init failure\n");
1265 ERR_print_errors(bio_err);
1269 ret = EVP_DigestVerify(sm2ctx[testnum], sm2sig, sm2sigsize,
1272 BIO_printf(bio_err, "SM2 verify failure\n");
1273 ERR_print_errors(bio_err);
1280 # endif /* OPENSSL_NO_SM2 */
1281 #endif /* OPENSSL_NO_EC */
1283 static int run_benchmark(int async_jobs,
1284 int (*loop_function) (void *), loopargs_t * loopargs)
1286 int job_op_count = 0;
1287 int total_op_count = 0;
1288 int num_inprogress = 0;
1289 int error = 0, i = 0, ret = 0;
1290 OSSL_ASYNC_FD job_fd = 0;
1291 size_t num_job_fds = 0;
1293 if (async_jobs == 0) {
1294 return loop_function((void *)&loopargs);
1297 for (i = 0; i < async_jobs && !error; i++) {
1298 loopargs_t *looparg_item = loopargs + i;
1300 /* Copy pointer content (looparg_t item address) into async context */
1301 ret = ASYNC_start_job(&loopargs[i].inprogress_job, loopargs[i].wait_ctx,
1302 &job_op_count, loop_function,
1303 (void *)&looparg_item, sizeof(looparg_item));
1309 if (job_op_count == -1) {
1312 total_op_count += job_op_count;
1317 BIO_printf(bio_err, "Failure in the job\n");
1318 ERR_print_errors(bio_err);
1324 while (num_inprogress > 0) {
1325 #if defined(OPENSSL_SYS_WINDOWS)
1327 #elif defined(OPENSSL_SYS_UNIX)
1328 int select_result = 0;
1329 OSSL_ASYNC_FD max_fd = 0;
1332 FD_ZERO(&waitfdset);
1334 for (i = 0; i < async_jobs && num_inprogress > 0; i++) {
1335 if (loopargs[i].inprogress_job == NULL)
1338 if (!ASYNC_WAIT_CTX_get_all_fds
1339 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1340 || num_job_fds > 1) {
1341 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1342 ERR_print_errors(bio_err);
1346 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1348 FD_SET(job_fd, &waitfdset);
1349 if (job_fd > max_fd)
1353 if (max_fd >= (OSSL_ASYNC_FD)FD_SETSIZE) {
1355 "Error: max_fd (%d) must be smaller than FD_SETSIZE (%d). "
1356 "Decrease the value of async_jobs\n",
1357 max_fd, FD_SETSIZE);
1358 ERR_print_errors(bio_err);
1363 select_result = select(max_fd + 1, &waitfdset, NULL, NULL, NULL);
1364 if (select_result == -1 && errno == EINTR)
1367 if (select_result == -1) {
1368 BIO_printf(bio_err, "Failure in the select\n");
1369 ERR_print_errors(bio_err);
1374 if (select_result == 0)
1378 for (i = 0; i < async_jobs; i++) {
1379 if (loopargs[i].inprogress_job == NULL)
1382 if (!ASYNC_WAIT_CTX_get_all_fds
1383 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1384 || num_job_fds > 1) {
1385 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1386 ERR_print_errors(bio_err);
1390 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1393 #if defined(OPENSSL_SYS_UNIX)
1394 if (num_job_fds == 1 && !FD_ISSET(job_fd, &waitfdset))
1396 #elif defined(OPENSSL_SYS_WINDOWS)
1397 if (num_job_fds == 1
1398 && !PeekNamedPipe(job_fd, NULL, 0, NULL, &avail, NULL)
1403 ret = ASYNC_start_job(&loopargs[i].inprogress_job,
1404 loopargs[i].wait_ctx, &job_op_count,
1405 loop_function, (void *)(loopargs + i),
1406 sizeof(loopargs_t));
1411 if (job_op_count == -1) {
1414 total_op_count += job_op_count;
1417 loopargs[i].inprogress_job = NULL;
1422 loopargs[i].inprogress_job = NULL;
1423 BIO_printf(bio_err, "Failure in the job\n");
1424 ERR_print_errors(bio_err);
1431 return error ? -1 : total_op_count;
1434 #define stop_it(do_it, test_num)\
1435 memset(do_it + test_num, 0, OSSL_NELEM(do_it) - test_num);
1437 int speed_main(int argc, char **argv)
1440 loopargs_t *loopargs = NULL;
1442 const char *engine_id = NULL;
1443 const EVP_CIPHER *evp_cipher = NULL;
1446 int async_init = 0, multiblock = 0, pr_header = 0;
1447 uint8_t doit[ALGOR_NUM] = { 0 };
1448 int ret = 1, misalign = 0, lengths_single = 0, aead = 0;
1450 unsigned int size_num = SIZE_NUM;
1451 unsigned int i, k, loopargs_len = 0, async_jobs = 0;
1457 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) \
1458 || !defined(OPENSSL_NO_EC)
1461 openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS,
1462 ECDSA_SECONDS, ECDH_SECONDS,
1463 EdDSA_SECONDS, SM2_SECONDS };
1465 /* What follows are the buffers and key material. */
1466 #if !defined(OPENSSL_NO_RC5) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1469 #if !defined(OPENSSL_NO_RC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1472 #if !defined(OPENSSL_NO_IDEA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1473 IDEA_KEY_SCHEDULE idea_ks;
1475 #if !defined(OPENSSL_NO_SEED) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1476 SEED_KEY_SCHEDULE seed_ks;
1478 #if !defined(OPENSSL_NO_BF) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1481 #if !defined(OPENSSL_NO_CAST) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1484 #ifndef OPENSSL_NO_DEPRECATED_3_0
1485 static const unsigned char key16[16] = {
1486 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1487 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1489 static const unsigned char key24[24] = {
1490 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1491 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1492 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1494 static const unsigned char key32[32] = {
1495 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1496 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1497 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1498 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1501 #if !defined(OPENSSL_NO_CAMELLIA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1502 CAMELLIA_KEY camellia_ks[3];
1504 #ifndef OPENSSL_NO_RSA
1505 static const struct {
1506 const unsigned char *data;
1507 unsigned int length;
1510 { test512, sizeof(test512), 512 },
1511 { test1024, sizeof(test1024), 1024 },
1512 { test2048, sizeof(test2048), 2048 },
1513 { test3072, sizeof(test3072), 3072 },
1514 { test4096, sizeof(test4096), 4092 },
1515 { test7680, sizeof(test7680), 7680 },
1516 { test15360, sizeof(test15360), 15360 }
1518 uint8_t rsa_doit[RSA_NUM] = { 0 };
1519 int primes = RSA_DEFAULT_PRIME_NUM;
1521 #ifndef OPENSSL_NO_DSA
1522 static const unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 };
1523 uint8_t dsa_doit[DSA_NUM] = { 0 };
1525 #ifndef OPENSSL_NO_EC
1526 typedef struct ec_curve_st {
1530 size_t sigsize; /* only used for EdDSA curves */
1533 * We only test over the following curves as they are representative, To
1534 * add tests over more curves, simply add the curve NID and curve name to
1535 * the following arrays and increase the |ecdh_choices| and |ecdsa_choices|
1536 * lists accordingly.
1538 static const EC_CURVE ec_curves[EC_NUM] = {
1540 {"secp160r1", NID_secp160r1, 160},
1541 {"nistp192", NID_X9_62_prime192v1, 192},
1542 {"nistp224", NID_secp224r1, 224},
1543 {"nistp256", NID_X9_62_prime256v1, 256},
1544 {"nistp384", NID_secp384r1, 384},
1545 {"nistp521", NID_secp521r1, 521},
1546 # ifndef OPENSSL_NO_EC2M
1548 {"nistk163", NID_sect163k1, 163},
1549 {"nistk233", NID_sect233k1, 233},
1550 {"nistk283", NID_sect283k1, 283},
1551 {"nistk409", NID_sect409k1, 409},
1552 {"nistk571", NID_sect571k1, 571},
1553 {"nistb163", NID_sect163r2, 163},
1554 {"nistb233", NID_sect233r1, 233},
1555 {"nistb283", NID_sect283r1, 283},
1556 {"nistb409", NID_sect409r1, 409},
1557 {"nistb571", NID_sect571r1, 571},
1559 {"brainpoolP256r1", NID_brainpoolP256r1, 256},
1560 {"brainpoolP256t1", NID_brainpoolP256t1, 256},
1561 {"brainpoolP384r1", NID_brainpoolP384r1, 384},
1562 {"brainpoolP384t1", NID_brainpoolP384t1, 384},
1563 {"brainpoolP512r1", NID_brainpoolP512r1, 512},
1564 {"brainpoolP512t1", NID_brainpoolP512t1, 512},
1565 /* Other and ECDH only ones */
1566 {"X25519", NID_X25519, 253},
1567 {"X448", NID_X448, 448}
1569 static const EC_CURVE ed_curves[EdDSA_NUM] = {
1571 {"Ed25519", NID_ED25519, 253, 64},
1572 {"Ed448", NID_ED448, 456, 114}
1574 # ifndef OPENSSL_NO_SM2
1575 static const EC_CURVE sm2_curves[SM2_NUM] = {
1577 {"CurveSM2", NID_sm2, 256}
1579 uint8_t sm2_doit[SM2_NUM] = { 0 };
1581 uint8_t ecdsa_doit[ECDSA_NUM] = { 0 };
1582 uint8_t ecdh_doit[EC_NUM] = { 0 };
1583 uint8_t eddsa_doit[EdDSA_NUM] = { 0 };
1585 /* checks declarated curves against choices list. */
1586 OPENSSL_assert(ed_curves[EdDSA_NUM - 1].nid == NID_ED448);
1587 OPENSSL_assert(strcmp(eddsa_choices[EdDSA_NUM - 1].name, "ed448") == 0);
1589 OPENSSL_assert(ec_curves[EC_NUM - 1].nid == NID_X448);
1590 OPENSSL_assert(strcmp(ecdh_choices[EC_NUM - 1].name, "ecdhx448") == 0);
1592 OPENSSL_assert(ec_curves[ECDSA_NUM - 1].nid == NID_brainpoolP512t1);
1593 OPENSSL_assert(strcmp(ecdsa_choices[ECDSA_NUM - 1].name, "ecdsabrp512t1") == 0);
1595 # ifndef OPENSSL_NO_SM2
1596 OPENSSL_assert(sm2_curves[SM2_NUM - 1].nid == NID_sm2);
1597 OPENSSL_assert(strcmp(sm2_choices[SM2_NUM - 1].name, "curveSM2") == 0);
1599 #endif /* ndef OPENSSL_NO_EC */
1601 prog = opt_init(argc, argv, speed_options);
1602 while ((o = opt_next()) != OPT_EOF) {
1607 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
1610 opt_help(speed_options);
1618 evp_cipher = EVP_get_cipherbyname(opt_arg());
1619 if (evp_cipher == NULL)
1620 evp_md = EVP_get_digestbyname(opt_arg());
1621 if (evp_cipher == NULL && evp_md == NULL) {
1623 "%s: %s is an unknown cipher or digest\n",
1630 #ifndef OPENSSL_NO_DEPRECATED_3_0
1631 evp_hmac_md = EVP_get_digestbyname(opt_arg());
1632 if (evp_hmac_md == NULL) {
1633 BIO_printf(bio_err, "%s: %s is an unknown digest\n",
1637 doit[D_EVP_HMAC] = 1;
1641 #if !defined(OPENSSL_NO_CMAC) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1642 evp_cmac_cipher = EVP_get_cipherbyname(opt_arg());
1643 if (evp_cmac_cipher == NULL) {
1644 BIO_printf(bio_err, "%s: %s is an unknown cipher\n",
1648 doit[D_EVP_CMAC] = 1;
1656 * In a forked execution, an engine might need to be
1657 * initialised by each child process, not by the parent.
1658 * So store the name here and run setup_engine() later on.
1660 engine_id = opt_arg();
1664 multi = atoi(opt_arg());
1668 #ifndef OPENSSL_NO_ASYNC
1669 async_jobs = atoi(opt_arg());
1670 if (!ASYNC_is_capable()) {
1672 "%s: async_jobs specified but async not supported\n",
1676 if (async_jobs > 99999) {
1677 BIO_printf(bio_err, "%s: too many async_jobs\n", prog);
1683 if (!opt_int(opt_arg(), &misalign))
1685 if (misalign > MISALIGN) {
1687 "%s: Maximum offset is %d\n", prog, MISALIGN);
1696 #ifdef OPENSSL_NO_MULTIBLOCK
1698 "%s: -mb specified but multi-block support is disabled\n",
1708 if (!opt_int(opt_arg(), &primes))
1712 seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa
1713 = seconds.ecdh = seconds.eddsa
1714 = seconds.sm2 = atoi(opt_arg());
1717 lengths_single = atoi(opt_arg());
1718 lengths = &lengths_single;
1726 argc = opt_num_rest();
1729 /* Remaining arguments are algorithms. */
1730 for (; *argv; argv++) {
1731 const char *algo = *argv;
1733 if (opt_found(algo, doit_choices, &i)) {
1737 #if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1738 if (strcmp(algo, "des") == 0) {
1739 doit[D_CBC_DES] = doit[D_EDE3_DES] = 1;
1743 if (strcmp(algo, "sha") == 0) {
1744 doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1;
1747 #ifndef OPENSSL_NO_RSA
1748 if (strcmp(algo, "openssl") == 0) /* just for compatibility */
1750 if (strncmp(algo, "rsa", 3) == 0) {
1751 if (algo[3] == '\0') {
1752 memset(rsa_doit, 1, sizeof(rsa_doit));
1755 if (opt_found(algo, rsa_choices, &i)) {
1761 #ifndef OPENSSL_NO_DSA
1762 if (strncmp(algo, "dsa", 3) == 0) {
1763 if (algo[3] == '\0') {
1764 memset(dsa_doit, 1, sizeof(dsa_doit));
1767 if (opt_found(algo, dsa_choices, &i)) {
1773 #ifndef OPENSSL_NO_DEPRECATED_3_0
1774 if (strcmp(algo, "aes") == 0) {
1775 doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1;
1779 #if !defined(OPENSSL_NO_CAMELLIA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1780 if (strcmp(algo, "camellia") == 0) {
1781 doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1;
1785 #ifndef OPENSSL_NO_EC
1786 if (strncmp(algo, "ecdsa", 5) == 0) {
1787 if (algo[5] == '\0') {
1788 memset(ecdsa_doit, 1, sizeof(ecdsa_doit));
1791 if (opt_found(algo, ecdsa_choices, &i)) {
1796 if (strncmp(algo, "ecdh", 4) == 0) {
1797 if (algo[4] == '\0') {
1798 memset(ecdh_doit, 1, sizeof(ecdh_doit));
1801 if (opt_found(algo, ecdh_choices, &i)) {
1806 if (strcmp(algo, "eddsa") == 0) {
1807 memset(eddsa_doit, 1, sizeof(eddsa_doit));
1810 if (opt_found(algo, eddsa_choices, &i)) {
1814 # ifndef OPENSSL_NO_SM2
1815 if (strcmp(algo, "sm2") == 0) {
1816 memset(sm2_doit, 1, sizeof(sm2_doit));
1819 if (opt_found(algo, sm2_choices, &i)) {
1824 #endif /* OPENSSL_NO_EC */
1825 BIO_printf(bio_err, "%s: Unknown algorithm %s\n", prog, algo);
1831 if (evp_cipher == NULL) {
1832 BIO_printf(bio_err, "-aead can be used only with an AEAD cipher\n");
1834 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1835 EVP_CIPH_FLAG_AEAD_CIPHER)) {
1836 BIO_printf(bio_err, "%s is not an AEAD cipher\n",
1837 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1842 if (evp_cipher == NULL) {
1843 BIO_printf(bio_err,"-mb can be used only with a multi-block"
1844 " capable cipher\n");
1846 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1847 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
1848 BIO_printf(bio_err, "%s is not a multi-block capable\n",
1849 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1851 } else if (async_jobs > 0) {
1852 BIO_printf(bio_err, "Async mode is not supported with -mb");
1857 /* Initialize the job pool if async mode is enabled */
1858 if (async_jobs > 0) {
1859 async_init = ASYNC_init_thread(async_jobs, async_jobs);
1861 BIO_printf(bio_err, "Error creating the ASYNC job pool\n");
1866 loopargs_len = (async_jobs == 0 ? 1 : async_jobs);
1868 app_malloc(loopargs_len * sizeof(loopargs_t), "array of loopargs");
1869 memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));
1871 for (i = 0; i < loopargs_len; i++) {
1872 if (async_jobs > 0) {
1873 loopargs[i].wait_ctx = ASYNC_WAIT_CTX_new();
1874 if (loopargs[i].wait_ctx == NULL) {
1875 BIO_printf(bio_err, "Error creating the ASYNC_WAIT_CTX\n");
1880 buflen = lengths[size_num - 1];
1881 if (buflen < 36) /* size of random vector in RSA benchmark */
1883 buflen += MAX_MISALIGNMENT + 1;
1884 loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
1885 loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");
1886 memset(loopargs[i].buf_malloc, 0, buflen);
1887 memset(loopargs[i].buf2_malloc, 0, buflen);
1889 /* Align the start of buffers on a 64 byte boundary */
1890 loopargs[i].buf = loopargs[i].buf_malloc + misalign;
1891 loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;
1892 #ifndef OPENSSL_NO_EC
1893 loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a");
1894 loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b");
1899 if (multi && do_multi(multi, size_num))
1903 /* Initialize the engine after the fork */
1904 e = setup_engine(engine_id, 0);
1906 /* No parameters; turn on everything. */
1907 if (argc == 0 && !doit[D_EVP] && !doit[D_EVP_HMAC] && !doit[D_EVP_CMAC]) {
1908 memset(doit, 1, sizeof(doit));
1909 doit[D_EVP] = doit[D_EVP_HMAC] = doit[D_EVP_CMAC] = 0;
1910 #ifndef OPENSSL_NO_RSA
1911 memset(rsa_doit, 1, sizeof(rsa_doit));
1913 #ifndef OPENSSL_NO_DSA
1914 memset(dsa_doit, 1, sizeof(dsa_doit));
1916 #ifndef OPENSSL_NO_EC
1917 memset(ecdsa_doit, 1, sizeof(ecdsa_doit));
1918 memset(ecdh_doit, 1, sizeof(ecdh_doit));
1919 memset(eddsa_doit, 1, sizeof(eddsa_doit));
1920 # ifndef OPENSSL_NO_SM2
1921 memset(sm2_doit, 1, sizeof(sm2_doit));
1925 for (i = 0; i < ALGOR_NUM; i++)
1929 if (usertime == 0 && !mr)
1931 "You have chosen to measure elapsed time "
1932 "instead of user CPU time.\n");
1934 #ifndef OPENSSL_NO_RSA
1935 for (i = 0; i < loopargs_len; i++) {
1936 if (primes > RSA_DEFAULT_PRIME_NUM) {
1937 /* for multi-prime RSA, skip this */
1940 for (k = 0; k < RSA_NUM; k++) {
1941 const unsigned char *p = rsa_keys[k].data;
1943 loopargs[i].rsa_key[k] =
1944 d2i_RSAPrivateKey(NULL, &p, rsa_keys[k].length);
1945 if (loopargs[i].rsa_key[k] == NULL) {
1947 "internal error loading RSA key number %d\n", k);
1953 #ifndef OPENSSL_NO_DSA
1954 for (i = 0; i < loopargs_len; i++) {
1955 loopargs[i].dsa_key[0] = get_dsa(512);
1956 loopargs[i].dsa_key[1] = get_dsa(1024);
1957 loopargs[i].dsa_key[2] = get_dsa(2048);
1960 #if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1961 if (doit[D_CBC_DES] || doit[D_EDE3_DES]) {
1962 static DES_cblock keys[] = {
1963 { 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0 }, /* keys[0] */
1964 { 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12 }, /* keys[1] */
1965 { 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34 } /* keys[3] */
1967 DES_set_key_unchecked(&keys[0], &sch[0]);
1968 DES_set_key_unchecked(&keys[1], &sch[1]);
1969 DES_set_key_unchecked(&keys[2], &sch[2]);
1972 #ifndef OPENSSL_NO_DEPRECATED_3_0
1973 AES_set_encrypt_key(key16, 128, &aes_ks1);
1974 AES_set_encrypt_key(key24, 192, &aes_ks2);
1975 AES_set_encrypt_key(key32, 256, &aes_ks3);
1977 #if !defined(OPENSSL_NO_CAMELLIA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1978 if (doit[D_CBC_128_CML] || doit[D_CBC_192_CML] || doit[D_CBC_256_CML]) {
1979 Camellia_set_key(key16, 128, &camellia_ks[0]);
1980 Camellia_set_key(key24, 192, &camellia_ks[1]);
1981 Camellia_set_key(key32, 256, &camellia_ks[2]);
1984 #if !defined(OPENSSL_NO_IDEA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1985 if (doit[D_CBC_IDEA])
1986 IDEA_set_encrypt_key(key16, &idea_ks);
1988 #if !defined(OPENSSL_NO_SEED) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1989 if (doit[D_CBC_SEED])
1990 SEED_set_key(key16, &seed_ks);
1992 #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1994 RC4_set_key(&rc4_ks, 16, key16);
1996 #if !defined(OPENSSL_NO_RC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1997 if (doit[D_CBC_RC2])
1998 RC2_set_key(&rc2_ks, 16, key16, 128);
2000 #if !defined(OPENSSL_NO_RC5) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2001 if (doit[D_CBC_RC5])
2002 if (!RC5_32_set_key(&rc5_ks, 16, key16, 12)) {
2003 BIO_printf(bio_err, "Failed setting RC5 key\n");
2007 #if !defined(OPENSSL_NO_BF) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2009 BF_set_key(&bf_ks, 16, key16);
2011 #if !defined(OPENSSL_NO_CAST) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2012 if (doit[D_CBC_CAST])
2013 CAST_set_key(&cast_ks, 16, key16);
2016 #if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2017 BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
2023 for (it = count; it; it--)
2024 DES_ecb_encrypt((DES_cblock *)loopargs[0].buf,
2025 (DES_cblock *)loopargs[0].buf, &sch, DES_ENCRYPT);
2028 c[D_MD2][0] = count / 10;
2029 c[D_MDC2][0] = count / 10;
2030 c[D_MD4][0] = count;
2031 c[D_MD5][0] = count;
2032 c[D_HMAC][0] = count;
2033 c[D_SHA1][0] = count;
2034 c[D_RMD160][0] = count;
2035 c[D_RC4][0] = count * 5;
2036 c[D_CBC_DES][0] = count;
2037 c[D_EDE3_DES][0] = count / 3;
2038 c[D_CBC_IDEA][0] = count;
2039 c[D_CBC_SEED][0] = count;
2040 c[D_CBC_RC2][0] = count;
2041 c[D_CBC_RC5][0] = count;
2042 c[D_CBC_BF][0] = count;
2043 c[D_CBC_CAST][0] = count;
2044 c[D_CBC_128_AES][0] = count;
2045 c[D_CBC_192_AES][0] = count;
2046 c[D_CBC_256_AES][0] = count;
2047 c[D_CBC_128_CML][0] = count;
2048 c[D_CBC_192_CML][0] = count;
2049 c[D_CBC_256_CML][0] = count;
2050 c[D_EVP][0] = count;
2051 c[D_SHA256][0] = count;
2052 c[D_SHA512][0] = count;
2053 c[D_WHIRLPOOL][0] = count;
2054 c[D_IGE_128_AES][0] = count;
2055 c[D_IGE_192_AES][0] = count;
2056 c[D_IGE_256_AES][0] = count;
2057 c[D_GHASH][0] = count;
2058 c[D_RAND][0] = count;
2059 c[D_EVP_HMAC][0] = count;
2060 c[D_EVP_CMAC][0] = count;
2062 for (i = 1; i < size_num; i++) {
2063 long l0 = (long)lengths[0];
2064 long l1 = (long)lengths[i];
2066 c[D_MD2][i] = c[D_MD2][0] * 4 * l0 / l1;
2067 c[D_MDC2][i] = c[D_MDC2][0] * 4 * l0 / l1;
2068 c[D_MD4][i] = c[D_MD4][0] * 4 * l0 / l1;
2069 c[D_MD5][i] = c[D_MD5][0] * 4 * l0 / l1;
2070 c[D_HMAC][i] = c[D_HMAC][0] * 4 * l0 / l1;
2071 c[D_SHA1][i] = c[D_SHA1][0] * 4 * l0 / l1;
2072 c[D_RMD160][i] = c[D_RMD160][0] * 4 * l0 / l1;
2073 c[D_EVP][i] = = c[D_EVP][0] * 4 * l0 / l1;
2074 c[D_SHA256][i] = c[D_SHA256][0] * 4 * l0 / l1;
2075 c[D_SHA512][i] = c[D_SHA512][0] * 4 * l0 / l1;
2076 c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * l0 / l1;
2077 c[D_GHASH][i] = c[D_GHASH][0] * 4 * l0 / l1;
2078 c[D_RAND][i] = c[D_RAND][0] * 4 * l0 / l1;
2079 c[D_EVP_HMAC][i] = = c[D_EVP_HMAC][0] * 4 * l0 / l1;
2080 c[D_EVP_CMAC][i] = = c[D_EVP_CMAC][0] * 4 * l0 / l1;
2082 l0 = (long)lengths[i - 1];
2084 c[D_RC4][i] = c[D_RC4][i - 1] * l0 / l1;
2085 c[D_CBC_DES][i] = c[D_CBC_DES][i - 1] * l0 / l1;
2086 c[D_EDE3_DES][i] = c[D_EDE3_DES][i - 1] * l0 / l1;
2087 c[D_CBC_IDEA][i] = c[D_CBC_IDEA][i - 1] * l0 / l1;
2088 c[D_CBC_SEED][i] = c[D_CBC_SEED][i - 1] * l0 / l1;
2089 c[D_CBC_RC2][i] = c[D_CBC_RC2][i - 1] * l0 / l1;
2090 c[D_CBC_RC5][i] = c[D_CBC_RC5][i - 1] * l0 / l1;
2091 c[D_CBC_BF][i] = c[D_CBC_BF][i - 1] * l0 / l1;
2092 c[D_CBC_CAST][i] = c[D_CBC_CAST][i - 1] * l0 / l1;
2093 c[D_CBC_128_AES][i] = c[D_CBC_128_AES][i - 1] * l0 / l1;
2094 c[D_CBC_192_AES][i] = c[D_CBC_192_AES][i - 1] * l0 / l1;
2095 c[D_CBC_256_AES][i] = c[D_CBC_256_AES][i - 1] * l0 / l1;
2096 c[D_CBC_128_CML][i] = c[D_CBC_128_CML][i - 1] * l0 / l1;
2097 c[D_CBC_192_CML][i] = c[D_CBC_192_CML][i - 1] * l0 / l1;
2098 c[D_CBC_256_CML][i] = c[D_CBC_256_CML][i - 1] * l0 / l1;
2099 c[D_IGE_128_AES][i] = c[D_IGE_128_AES][i - 1] * l0 / l1;
2100 c[D_IGE_192_AES][i] = c[D_IGE_192_AES][i - 1] * l0 / l1;
2101 c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
2104 # ifndef OPENSSL_NO_RSA
2105 rsa_c[R_RSA_512][0] = count / 2000;
2106 rsa_c[R_RSA_512][1] = count / 400;
2107 for (i = 1; i < RSA_NUM; i++) {
2108 rsa_c[i][0] = rsa_c[i - 1][0] / 8;
2109 rsa_c[i][1] = rsa_c[i - 1][1] / 4;
2110 if (rsa_doit[i] <= 1 && rsa_c[i][0] == 0)
2113 if (rsa_c[i][0] == 0) {
2114 rsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2121 # ifndef OPENSSL_NO_DSA
2122 dsa_c[R_DSA_512][0] = count / 1000;
2123 dsa_c[R_DSA_512][1] = count / 1000 / 2;
2124 for (i = 1; i < DSA_NUM; i++) {
2125 dsa_c[i][0] = dsa_c[i - 1][0] / 4;
2126 dsa_c[i][1] = dsa_c[i - 1][1] / 4;
2127 if (dsa_doit[i] <= 1 && dsa_c[i][0] == 0)
2130 if (dsa_c[i][0] == 0) {
2131 dsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2138 # ifndef OPENSSL_NO_EC
2139 ecdsa_c[R_EC_P160][0] = count / 1000;
2140 ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
2141 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2142 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2143 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2144 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2147 if (ecdsa_c[i][0] == 0) {
2153 # ifndef OPENSSL_NO_EC2M
2154 ecdsa_c[R_EC_K163][0] = count / 1000;
2155 ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
2156 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2157 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2158 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2159 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2162 if (ecdsa_c[i][0] == 0) {
2168 ecdsa_c[R_EC_B163][0] = count / 1000;
2169 ecdsa_c[R_EC_B163][1] = count / 1000 / 2;
2170 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2171 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2172 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2173 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2176 if (ecdsa_c[i][0] == 0) {
2184 ecdh_c[R_EC_P160][0] = count / 1000;
2185 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2186 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2187 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2190 if (ecdh_c[i][0] == 0) {
2195 # ifndef OPENSSL_NO_EC2M
2196 ecdh_c[R_EC_K163][0] = count / 1000;
2197 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2198 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2199 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2202 if (ecdh_c[i][0] == 0) {
2207 ecdh_c[R_EC_B163][0] = count / 1000;
2208 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2209 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2210 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2213 if (ecdh_c[i][0] == 0) {
2219 /* repeated code good to factorize */
2220 ecdh_c[R_EC_BRP256R1][0] = count / 1000;
2221 for (i = R_EC_BRP384R1; i <= R_EC_BRP512R1; i += 2) {
2222 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2223 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2226 if (ecdh_c[i][0] == 0) {
2231 ecdh_c[R_EC_BRP256T1][0] = count / 1000;
2232 for (i = R_EC_BRP384T1; i <= R_EC_BRP512T1; i += 2) {
2233 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2234 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2237 if (ecdh_c[i][0] == 0) {
2242 /* default iteration count for the last two EC Curves */
2243 ecdh_c[R_EC_X25519][0] = count / 1800;
2244 ecdh_c[R_EC_X448][0] = count / 7200;
2246 eddsa_c[R_EC_Ed25519][0] = count / 1800;
2247 eddsa_c[R_EC_Ed448][0] = count / 7200;
2249 # ifndef OPENSSL_NO_SM2
2250 sm2_c[R_EC_SM2P256][0] = count / 1800;
2252 # endif /* OPENSSL_NO_EC */
2255 /* not worth fixing */
2256 # error "You cannot disable DES on systems without SIGALRM."
2257 # endif /* OPENSSL_NO_DES */
2259 signal(SIGALRM, alarmed);
2260 #endif /* SIGALRM */
2262 #if !defined(OPENSSL_NO_MD2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2264 for (testnum = 0; testnum < size_num; testnum++) {
2265 print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum],
2268 count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs);
2270 print_result(D_MD2, testnum, count, d);
2274 #if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2276 for (testnum = 0; testnum < size_num; testnum++) {
2277 print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum],
2280 count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs);
2282 print_result(D_MDC2, testnum, count, d);
2289 #if !defined(OPENSSL_NO_MD4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2291 for (testnum = 0; testnum < size_num; testnum++) {
2292 print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum],
2295 count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs);
2297 print_result(D_MD4, testnum, count, d);
2304 #if !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2306 for (testnum = 0; testnum < size_num; testnum++) {
2307 print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum],
2310 count = run_benchmark(async_jobs, MD5_loop, loopargs);
2312 print_result(D_MD5, testnum, count, d);
2316 # ifndef OPENSSL_NO_DEPRECATED_3_0
2318 static const char hmac_key[] = "This is a key...";
2319 int len = strlen(hmac_key);
2321 for (i = 0; i < loopargs_len; i++) {
2322 loopargs[i].hctx = HMAC_CTX_new();
2323 if (loopargs[i].hctx == NULL) {
2324 BIO_printf(bio_err, "HMAC malloc failure, exiting...");
2328 HMAC_Init_ex(loopargs[i].hctx, hmac_key, len, EVP_md5(), NULL);
2330 for (testnum = 0; testnum < size_num; testnum++) {
2331 print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum],
2334 count = run_benchmark(async_jobs, HMAC_loop, loopargs);
2336 print_result(D_HMAC, testnum, count, d);
2338 for (i = 0; i < loopargs_len; i++)
2339 HMAC_CTX_free(loopargs[i].hctx);
2343 #ifndef OPENSSL_NO_DEPRECATED_3_0
2345 for (testnum = 0; testnum < size_num; testnum++) {
2346 print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum],
2349 count = run_benchmark(async_jobs, SHA1_loop, loopargs);
2351 print_result(D_SHA1, testnum, count, d);
2354 if (doit[D_SHA256]) {
2355 for (testnum = 0; testnum < size_num; testnum++) {
2356 print_message(names[D_SHA256], c[D_SHA256][testnum],
2357 lengths[testnum], seconds.sym);
2359 count = run_benchmark(async_jobs, SHA256_loop, loopargs);
2361 print_result(D_SHA256, testnum, count, d);
2364 if (doit[D_SHA512]) {
2365 for (testnum = 0; testnum < size_num; testnum++) {
2366 print_message(names[D_SHA512], c[D_SHA512][testnum],
2367 lengths[testnum], seconds.sym);
2369 count = run_benchmark(async_jobs, SHA512_loop, loopargs);
2371 print_result(D_SHA512, testnum, count, d);
2375 #if !defined(OPENSSL_NO_WHIRLPOOL) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2376 if (doit[D_WHIRLPOOL]) {
2377 for (testnum = 0; testnum < size_num; testnum++) {
2378 print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][testnum],
2379 lengths[testnum], seconds.sym);
2381 count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs);
2383 print_result(D_WHIRLPOOL, testnum, count, d);
2388 #if !defined(OPENSSL_NO_RMD160) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2389 if (doit[D_RMD160]) {
2390 for (testnum = 0; testnum < size_num; testnum++) {
2391 print_message(names[D_RMD160], c[D_RMD160][testnum],
2392 lengths[testnum], seconds.sym);
2394 count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs);
2396 print_result(D_RMD160, testnum, count, d);
2402 #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2404 for (testnum = 0; testnum < size_num; testnum++) {
2405 print_message(names[D_RC4], c[D_RC4][testnum], lengths[testnum],
2408 count = run_benchmark(async_jobs, RC4_loop, loopargs);
2410 print_result(D_RC4, testnum, count, d);
2414 #if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2415 if (doit[D_CBC_DES]) {
2416 for (testnum = 0; testnum < size_num; testnum++) {
2417 print_message(names[D_CBC_DES], c[D_CBC_DES][testnum],
2418 lengths[testnum], seconds.sym);
2420 count = run_benchmark(async_jobs, DES_ncbc_encrypt_loop, loopargs);
2422 print_result(D_CBC_DES, testnum, count, d);
2426 if (doit[D_EDE3_DES]) {
2427 for (testnum = 0; testnum < size_num; testnum++) {
2428 print_message(names[D_EDE3_DES], c[D_EDE3_DES][testnum],
2429 lengths[testnum], seconds.sym);
2432 run_benchmark(async_jobs, DES_ede3_cbc_encrypt_loop, loopargs);
2434 print_result(D_EDE3_DES, testnum, count, d);
2439 #ifndef OPENSSL_NO_DEPRECATED_3_0
2440 if (doit[D_CBC_128_AES]) {
2441 for (testnum = 0; testnum < size_num; testnum++) {
2442 print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][testnum],
2443 lengths[testnum], seconds.sym);
2446 run_benchmark(async_jobs, AES_cbc_128_encrypt_loop, loopargs);
2448 print_result(D_CBC_128_AES, testnum, count, d);
2451 if (doit[D_CBC_192_AES]) {
2452 for (testnum = 0; testnum < size_num; testnum++) {
2453 print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][testnum],
2454 lengths[testnum], seconds.sym);
2457 run_benchmark(async_jobs, AES_cbc_192_encrypt_loop, loopargs);
2459 print_result(D_CBC_192_AES, testnum, count, d);
2462 if (doit[D_CBC_256_AES]) {
2463 for (testnum = 0; testnum < size_num; testnum++) {
2464 print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][testnum],
2465 lengths[testnum], seconds.sym);
2468 run_benchmark(async_jobs, AES_cbc_256_encrypt_loop, loopargs);
2470 print_result(D_CBC_256_AES, testnum, count, d);
2475 if (doit[D_IGE_128_AES]) {
2476 for (testnum = 0; testnum < size_num; testnum++) {
2477 print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][testnum],
2478 lengths[testnum], seconds.sym);
2481 run_benchmark(async_jobs, AES_ige_128_encrypt_loop, loopargs);
2483 print_result(D_IGE_128_AES, testnum, count, d);
2486 if (doit[D_IGE_192_AES]) {
2487 for (testnum = 0; testnum < size_num; testnum++) {
2488 print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][testnum],
2489 lengths[testnum], seconds.sym);
2492 run_benchmark(async_jobs, AES_ige_192_encrypt_loop, loopargs);
2494 print_result(D_IGE_192_AES, testnum, count, d);
2497 if (doit[D_IGE_256_AES]) {
2498 for (testnum = 0; testnum < size_num; testnum++) {
2499 print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][testnum],
2500 lengths[testnum], seconds.sym);
2503 run_benchmark(async_jobs, AES_ige_256_encrypt_loop, loopargs);
2505 print_result(D_IGE_256_AES, testnum, count, d);
2508 if (doit[D_GHASH]) {
2509 for (i = 0; i < loopargs_len; i++) {
2510 loopargs[i].gcm_ctx =
2511 CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
2512 CRYPTO_gcm128_setiv(loopargs[i].gcm_ctx,
2513 (unsigned char *)"0123456789ab", 12);
2516 for (testnum = 0; testnum < size_num; testnum++) {
2517 print_message(names[D_GHASH], c[D_GHASH][testnum],
2518 lengths[testnum], seconds.sym);
2520 count = run_benchmark(async_jobs, CRYPTO_gcm128_aad_loop, loopargs);
2522 print_result(D_GHASH, testnum, count, d);
2524 for (i = 0; i < loopargs_len; i++)
2525 CRYPTO_gcm128_release(loopargs[i].gcm_ctx);
2527 #endif /* OPENSSL_NO_DEPRECATED_3_0 */
2528 #if !defined(OPENSSL_NO_CAMELLIA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2529 if (doit[D_CBC_128_CML]) {
2530 if (async_jobs > 0) {
2531 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2532 names[D_CBC_128_CML]);
2533 doit[D_CBC_128_CML] = 0;
2535 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2536 print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][testnum],
2537 lengths[testnum], seconds.sym);
2539 for (count = 0; COND(c[D_CBC_128_CML][testnum]); count++)
2540 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2541 (size_t)lengths[testnum], &camellia_ks[0],
2542 iv, CAMELLIA_ENCRYPT);
2544 print_result(D_CBC_128_CML, testnum, count, d);
2547 if (doit[D_CBC_192_CML]) {
2548 if (async_jobs > 0) {
2549 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2550 names[D_CBC_192_CML]);
2551 doit[D_CBC_192_CML] = 0;
2553 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2554 print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][testnum],
2555 lengths[testnum], seconds.sym);
2556 if (async_jobs > 0) {
2557 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2561 for (count = 0; COND(c[D_CBC_192_CML][testnum]); count++)
2562 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2563 (size_t)lengths[testnum], &camellia_ks[1],
2564 iv, CAMELLIA_ENCRYPT);
2566 print_result(D_CBC_192_CML, testnum, count, d);
2569 if (doit[D_CBC_256_CML]) {
2570 if (async_jobs > 0) {
2571 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2572 names[D_CBC_256_CML]);
2573 doit[D_CBC_256_CML] = 0;
2575 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2576 print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][testnum],
2577 lengths[testnum], seconds.sym);
2579 for (count = 0; COND(c[D_CBC_256_CML][testnum]); count++)
2580 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2581 (size_t)lengths[testnum], &camellia_ks[2],
2582 iv, CAMELLIA_ENCRYPT);
2584 print_result(D_CBC_256_CML, testnum, count, d);
2588 #if !defined(OPENSSL_NO_IDEA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2589 if (doit[D_CBC_IDEA]) {
2590 if (async_jobs > 0) {
2591 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2593 doit[D_CBC_IDEA] = 0;
2595 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2596 print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][testnum],
2597 lengths[testnum], seconds.sym);
2599 for (count = 0; COND(c[D_CBC_IDEA][testnum]); count++)
2600 IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2601 (size_t)lengths[testnum], &idea_ks,
2604 print_result(D_CBC_IDEA, testnum, count, d);
2608 #if !defined(OPENSSL_NO_SEED) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2609 if (doit[D_CBC_SEED]) {
2610 if (async_jobs > 0) {
2611 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2613 doit[D_CBC_SEED] = 0;
2615 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2616 print_message(names[D_CBC_SEED], c[D_CBC_SEED][testnum],
2617 lengths[testnum], seconds.sym);
2619 for (count = 0; COND(c[D_CBC_SEED][testnum]); count++)
2620 SEED_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2621 (size_t)lengths[testnum], &seed_ks, iv, 1);
2623 print_result(D_CBC_SEED, testnum, count, d);
2627 #if !defined(OPENSSL_NO_RC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2628 if (doit[D_CBC_RC2]) {
2629 if (async_jobs > 0) {
2630 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2632 doit[D_CBC_RC2] = 0;
2634 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2635 print_message(names[D_CBC_RC2], c[D_CBC_RC2][testnum],
2636 lengths[testnum], seconds.sym);
2637 if (async_jobs > 0) {
2638 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2642 for (count = 0; COND(c[D_CBC_RC2][testnum]); count++)
2643 RC2_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2644 (size_t)lengths[testnum], &rc2_ks,
2647 print_result(D_CBC_RC2, testnum, count, d);
2651 #if !defined(OPENSSL_NO_RC5) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2652 if (doit[D_CBC_RC5]) {
2653 if (async_jobs > 0) {
2654 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2656 doit[D_CBC_RC5] = 0;
2658 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2659 print_message(names[D_CBC_RC5], c[D_CBC_RC5][testnum],
2660 lengths[testnum], seconds.sym);
2661 if (async_jobs > 0) {
2662 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2666 for (count = 0; COND(c[D_CBC_RC5][testnum]); count++)
2667 RC5_32_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2668 (size_t)lengths[testnum], &rc5_ks,
2671 print_result(D_CBC_RC5, testnum, count, d);
2675 #if !defined(OPENSSL_NO_BF) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2676 if (doit[D_CBC_BF]) {
2677 if (async_jobs > 0) {
2678 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2682 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2683 print_message(names[D_CBC_BF], c[D_CBC_BF][testnum],
2684 lengths[testnum], seconds.sym);
2686 for (count = 0; COND(c[D_CBC_BF][testnum]); count++)
2687 BF_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2688 (size_t)lengths[testnum], &bf_ks,
2691 print_result(D_CBC_BF, testnum, count, d);
2695 #if !defined(OPENSSL_NO_CAST) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2696 if (doit[D_CBC_CAST]) {
2697 if (async_jobs > 0) {
2698 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2700 doit[D_CBC_CAST] = 0;
2702 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2703 print_message(names[D_CBC_CAST], c[D_CBC_CAST][testnum],
2704 lengths[testnum], seconds.sym);
2706 for (count = 0; COND(c[D_CBC_CAST][testnum]); count++)
2707 CAST_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2708 (size_t)lengths[testnum], &cast_ks,
2711 print_result(D_CBC_CAST, testnum, count, d);
2716 for (testnum = 0; testnum < size_num; testnum++) {
2717 print_message(names[D_RAND], c[D_RAND][testnum], lengths[testnum],
2720 count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs);
2722 print_result(D_RAND, testnum, count, d);
2727 if (evp_cipher != NULL) {
2728 int (*loopfunc) (void *) = EVP_Update_loop;
2730 if (multiblock && (EVP_CIPHER_flags(evp_cipher) &
2731 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
2732 multiblock_speed(evp_cipher, lengths_single, &seconds);
2737 names[D_EVP] = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
2739 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_CCM_MODE) {
2740 loopfunc = EVP_Update_loop_ccm;
2741 } else if (aead && (EVP_CIPHER_flags(evp_cipher) &
2742 EVP_CIPH_FLAG_AEAD_CIPHER)) {
2743 loopfunc = EVP_Update_loop_aead;
2744 if (lengths == lengths_list) {
2745 lengths = aead_lengths_list;
2746 size_num = OSSL_NELEM(aead_lengths_list);
2750 for (testnum = 0; testnum < size_num; testnum++) {
2751 print_message(names[D_EVP], c[D_EVP][testnum], lengths[testnum],
2754 for (k = 0; k < loopargs_len; k++) {
2755 loopargs[k].ctx = EVP_CIPHER_CTX_new();
2756 if (loopargs[k].ctx == NULL) {
2757 BIO_printf(bio_err, "\nEVP_CIPHER_CTX_new failure\n");
2760 if (!EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL,
2761 NULL, iv, decrypt ? 0 : 1)) {
2762 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2763 ERR_print_errors(bio_err);
2767 EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
2769 keylen = EVP_CIPHER_CTX_key_length(loopargs[k].ctx);
2770 loopargs[k].key = app_malloc(keylen, "evp_cipher key");
2771 EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key);
2772 if (!EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
2773 loopargs[k].key, NULL, -1)) {
2774 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2775 ERR_print_errors(bio_err);
2778 OPENSSL_clear_free(loopargs[k].key, keylen);
2780 /* SIV mode only allows for a single Update operation */
2781 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_SIV_MODE)
2782 EVP_CIPHER_CTX_ctrl(loopargs[k].ctx, EVP_CTRL_SET_SPEED, 1, NULL);
2786 count = run_benchmark(async_jobs, loopfunc, loopargs);
2788 for (k = 0; k < loopargs_len; k++) {
2789 EVP_CIPHER_CTX_free(loopargs[k].ctx);
2791 print_result(D_EVP, testnum, count, d);
2793 } else if (evp_md != NULL) {
2794 names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md));
2796 for (testnum = 0; testnum < size_num; testnum++) {
2797 print_message(names[D_EVP], c[D_EVP][testnum], lengths[testnum],
2800 count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs);
2802 print_result(D_EVP, testnum, count, d);
2807 #ifndef OPENSSL_NO_DEPRECATED_3_0
2808 if (doit[D_EVP_HMAC] && evp_hmac_md != NULL) {
2809 const char *md_name = OBJ_nid2ln(EVP_MD_type(evp_hmac_md));
2811 evp_hmac_name = app_malloc(sizeof("HMAC()") + strlen(md_name),
2813 sprintf(evp_hmac_name, "HMAC(%s)", md_name);
2814 names[D_EVP_HMAC] = evp_hmac_name;
2816 for (testnum = 0; testnum < size_num; testnum++) {
2817 print_message(names[D_EVP_HMAC], c[D_EVP_HMAC][testnum], lengths[testnum],
2820 count = run_benchmark(async_jobs, EVP_HMAC_loop, loopargs);
2822 print_result(D_EVP_HMAC, testnum, count, d);
2827 #if !defined(OPENSSL_NO_CMAC) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2828 if (doit[D_EVP_CMAC] && evp_cmac_cipher != NULL) {
2829 const char *cipher_name = OBJ_nid2ln(EVP_CIPHER_type(evp_cmac_cipher));
2831 evp_cmac_name = app_malloc(sizeof("CMAC()") + strlen(cipher_name),
2833 sprintf(evp_cmac_name, "CMAC(%s)", cipher_name);
2834 names[D_EVP_CMAC] = evp_cmac_name;
2836 for (i = 0; i < loopargs_len; i++) {
2837 loopargs[i].cmac_ctx = CMAC_CTX_new();
2838 if (loopargs[i].cmac_ctx == NULL) {
2839 BIO_printf(bio_err, "CMAC malloc failure, exiting...");
2843 for (testnum = 0; testnum < size_num; testnum++) {
2844 print_message(names[D_EVP_CMAC], c[D_EVP_CMAC][testnum], lengths[testnum],
2847 count = run_benchmark(async_jobs, EVP_CMAC_loop, loopargs);
2849 print_result(D_EVP_CMAC, testnum, count, d);
2851 for (i = 0; i < loopargs_len; i++)
2852 CMAC_CTX_free(loopargs[i].cmac_ctx);
2856 for (i = 0; i < loopargs_len; i++)
2857 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2860 #ifndef OPENSSL_NO_RSA
2861 for (testnum = 0; testnum < RSA_NUM; testnum++) {
2863 if (!rsa_doit[testnum])
2865 for (i = 0; i < loopargs_len; i++) {
2866 if (primes > RSA_DEFAULT_PRIME_NUM) {
2867 /* we haven't set keys yet, generate multi-prime RSA keys */
2868 BIGNUM *bn = BN_new();
2872 if (!BN_set_word(bn, RSA_F4)) {
2877 BIO_printf(bio_err, "Generate multi-prime RSA key for %s\n",
2878 rsa_choices[testnum].name);
2880 loopargs[i].rsa_key[testnum] = RSA_new();
2881 if (loopargs[i].rsa_key[testnum] == NULL) {
2886 if (!RSA_generate_multi_prime_key(loopargs[i].rsa_key[testnum],
2887 rsa_keys[testnum].bits,
2888 primes, bn, NULL)) {
2894 st = RSA_sign(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2895 &loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2901 "RSA sign failure. No RSA sign will be done.\n");
2902 ERR_print_errors(bio_err);
2905 pkey_print_message("private", "rsa",
2906 rsa_c[testnum][0], rsa_keys[testnum].bits,
2908 /* RSA_blinding_on(rsa_key[testnum],NULL); */
2910 count = run_benchmark(async_jobs, RSA_sign_loop, loopargs);
2913 mr ? "+R1:%ld:%d:%.2f\n"
2914 : "%ld %u bits private RSA's in %.2fs\n",
2915 count, rsa_keys[testnum].bits, d);
2916 rsa_results[testnum][0] = (double)count / d;
2920 for (i = 0; i < loopargs_len; i++) {
2921 st = RSA_verify(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2922 loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2928 "RSA verify failure. No RSA verify will be done.\n");
2929 ERR_print_errors(bio_err);
2930 rsa_doit[testnum] = 0;
2932 pkey_print_message("public", "rsa",
2933 rsa_c[testnum][1], rsa_keys[testnum].bits,
2936 count = run_benchmark(async_jobs, RSA_verify_loop, loopargs);
2939 mr ? "+R2:%ld:%d:%.2f\n"
2940 : "%ld %u bits public RSA's in %.2fs\n",
2941 count, rsa_keys[testnum].bits, d);
2942 rsa_results[testnum][1] = (double)count / d;
2945 if (rsa_count <= 1) {
2946 /* if longer than 10s, don't do any more */
2947 stop_it(rsa_doit, testnum);
2950 #endif /* OPENSSL_NO_RSA */
2952 for (i = 0; i < loopargs_len; i++)
2953 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2956 #ifndef OPENSSL_NO_DSA
2957 for (testnum = 0; testnum < DSA_NUM; testnum++) {
2959 if (!dsa_doit[testnum])
2962 /* DSA_generate_key(dsa_key[testnum]); */
2963 /* DSA_sign_setup(dsa_key[testnum],NULL); */
2964 for (i = 0; i < loopargs_len; i++) {
2965 st = DSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
2966 &loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2972 "DSA sign failure. No DSA sign will be done.\n");
2973 ERR_print_errors(bio_err);
2976 pkey_print_message("sign", "dsa",
2977 dsa_c[testnum][0], dsa_bits[testnum],
2980 count = run_benchmark(async_jobs, DSA_sign_loop, loopargs);
2983 mr ? "+R3:%ld:%u:%.2f\n"
2984 : "%ld %u bits DSA signs in %.2fs\n",
2985 count, dsa_bits[testnum], d);
2986 dsa_results[testnum][0] = (double)count / d;
2990 for (i = 0; i < loopargs_len; i++) {
2991 st = DSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
2992 loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2998 "DSA verify failure. No DSA verify will be done.\n");
2999 ERR_print_errors(bio_err);
3000 dsa_doit[testnum] = 0;
3002 pkey_print_message("verify", "dsa",
3003 dsa_c[testnum][1], dsa_bits[testnum],
3006 count = run_benchmark(async_jobs, DSA_verify_loop, loopargs);
3009 mr ? "+R4:%ld:%u:%.2f\n"
3010 : "%ld %u bits DSA verify in %.2fs\n",
3011 count, dsa_bits[testnum], d);
3012 dsa_results[testnum][1] = (double)count / d;
3015 if (rsa_count <= 1) {
3016 /* if longer than 10s, don't do any more */
3017 stop_it(dsa_doit, testnum);
3020 #endif /* OPENSSL_NO_DSA */
3022 #ifndef OPENSSL_NO_EC
3023 for (testnum = 0; testnum < ECDSA_NUM; testnum++) {
3026 if (!ecdsa_doit[testnum])
3027 continue; /* Ignore Curve */
3028 for (i = 0; i < loopargs_len; i++) {
3029 loopargs[i].ecdsa[testnum] =
3030 EC_KEY_new_by_curve_name(ec_curves[testnum].nid);
3031 if (loopargs[i].ecdsa[testnum] == NULL) {
3037 BIO_printf(bio_err, "ECDSA failure.\n");
3038 ERR_print_errors(bio_err);
3041 for (i = 0; i < loopargs_len; i++) {
3042 EC_KEY_precompute_mult(loopargs[i].ecdsa[testnum], NULL);
3043 /* Perform ECDSA signature test */
3044 EC_KEY_generate_key(loopargs[i].ecdsa[testnum]);
3045 st = ECDSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
3046 &loopargs[i].siglen,
3047 loopargs[i].ecdsa[testnum]);
3053 "ECDSA sign failure. No ECDSA sign will be done.\n");
3054 ERR_print_errors(bio_err);
3057 pkey_print_message("sign", "ecdsa",
3058 ecdsa_c[testnum][0],
3059 ec_curves[testnum].bits, seconds.ecdsa);
3061 count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs);
3065 mr ? "+R5:%ld:%u:%.2f\n" :
3066 "%ld %u bits ECDSA signs in %.2fs \n",
3067 count, ec_curves[testnum].bits, d);
3068 ecdsa_results[testnum][0] = (double)count / d;
3072 /* Perform ECDSA verification test */
3073 for (i = 0; i < loopargs_len; i++) {
3074 st = ECDSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
3076 loopargs[i].ecdsa[testnum]);
3082 "ECDSA verify failure. No ECDSA verify will be done.\n");
3083 ERR_print_errors(bio_err);
3084 ecdsa_doit[testnum] = 0;
3086 pkey_print_message("verify", "ecdsa",
3087 ecdsa_c[testnum][1],
3088 ec_curves[testnum].bits, seconds.ecdsa);
3090 count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs);
3093 mr ? "+R6:%ld:%u:%.2f\n"
3094 : "%ld %u bits ECDSA verify in %.2fs\n",
3095 count, ec_curves[testnum].bits, d);
3096 ecdsa_results[testnum][1] = (double)count / d;
3099 if (rsa_count <= 1) {
3100 /* if longer than 10s, don't do any more */
3101 stop_it(ecdsa_doit, testnum);
3106 for (testnum = 0; testnum < EC_NUM; testnum++) {
3107 int ecdh_checks = 1;
3109 if (!ecdh_doit[testnum])
3112 for (i = 0; i < loopargs_len; i++) {
3113 EVP_PKEY_CTX *kctx = NULL;
3114 EVP_PKEY_CTX *test_ctx = NULL;
3115 EVP_PKEY_CTX *ctx = NULL;
3116 EVP_PKEY *key_A = NULL;
3117 EVP_PKEY *key_B = NULL;
3121 /* Ensure that the error queue is empty */
3122 if (ERR_peek_error()) {
3124 "WARNING: the error queue contains previous unhandled errors.\n");
3125 ERR_print_errors(bio_err);
3128 /* Let's try to create a ctx directly from the NID: this works for
3129 * curves like Curve25519 that are not implemented through the low
3130 * level EC interface.
3131 * If this fails we try creating a EVP_PKEY_EC generic param ctx,
3132 * then we set the curve by NID before deriving the actual keygen
3133 * ctx for that specific curve. */
3134 kctx = EVP_PKEY_CTX_new_id(ec_curves[testnum].nid, NULL); /* keygen ctx from NID */
3136 EVP_PKEY_CTX *pctx = NULL;
3137 EVP_PKEY *params = NULL;
3139 /* If we reach this code EVP_PKEY_CTX_new_id() failed and a
3140 * "int_ctx_new:unsupported algorithm" error was added to the
3142 * We remove it from the error queue as we are handling it. */
3143 unsigned long error = ERR_peek_error(); /* peek the latest error in the queue */
3144 if (error == ERR_peek_last_error() && /* oldest and latest errors match */
3145 /* check that the error origin matches */
3146 ERR_GET_LIB(error) == ERR_LIB_EVP &&
3147 ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM)
3148 ERR_get_error(); /* pop error from queue */
3149 if (ERR_peek_error()) {
3151 "Unhandled error in the error queue during ECDH init.\n");
3152 ERR_print_errors(bio_err);
3157 /* Create the context for parameter generation */
3158 if (!(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) ||
3159 /* Initialise the parameter generation */
3160 !EVP_PKEY_paramgen_init(pctx) ||
3161 /* Set the curve by NID */
3162 !EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3165 /* Create the parameter object params */
3166 !EVP_PKEY_paramgen(pctx, ¶ms)) {
3168 BIO_printf(bio_err, "ECDH EC params init failure.\n");
3169 ERR_print_errors(bio_err);
3173 /* Create the context for the key generation */
3174 kctx = EVP_PKEY_CTX_new(params, NULL);
3176 EVP_PKEY_free(params);
3178 EVP_PKEY_CTX_free(pctx);
3181 if (kctx == NULL || /* keygen ctx is not null */
3182 EVP_PKEY_keygen_init(kctx) <= 0/* init keygen ctx */ ) {
3184 BIO_printf(bio_err, "ECDH keygen failure.\n");
3185 ERR_print_errors(bio_err);
3190 if (EVP_PKEY_keygen(kctx, &key_A) <= 0 || /* generate secret key A */
3191 EVP_PKEY_keygen(kctx, &key_B) <= 0 || /* generate secret key B */
3192 !(ctx = EVP_PKEY_CTX_new(key_A, NULL)) || /* derivation ctx from skeyA */
3193 EVP_PKEY_derive_init(ctx) <= 0 || /* init derivation ctx */
3194 EVP_PKEY_derive_set_peer(ctx, key_B) <= 0 || /* set peer pubkey in ctx */
3195 EVP_PKEY_derive(ctx, NULL, &outlen) <= 0 || /* determine max length */
3196 outlen == 0 || /* ensure outlen is a valid size */
3197 outlen > MAX_ECDH_SIZE /* avoid buffer overflow */ ) {
3199 BIO_printf(bio_err, "ECDH key generation failure.\n");
3200 ERR_print_errors(bio_err);
3205 /* Here we perform a test run, comparing the output of a*B and b*A;
3206 * we try this here and assume that further EVP_PKEY_derive calls
3207 * never fail, so we can skip checks in the actually benchmarked
3208 * code, for maximum performance. */
3209 if (!(test_ctx = EVP_PKEY_CTX_new(key_B, NULL)) || /* test ctx from skeyB */
3210 !EVP_PKEY_derive_init(test_ctx) || /* init derivation test_ctx */
3211 !EVP_PKEY_derive_set_peer(test_ctx, key_A) || /* set peer pubkey in test_ctx */
3212 !EVP_PKEY_derive(test_ctx, NULL, &test_outlen) || /* determine max length */
3213 !EVP_PKEY_derive(ctx, loopargs[i].secret_a, &outlen) || /* compute a*B */
3214 !EVP_PKEY_derive(test_ctx, loopargs[i].secret_b, &test_outlen) || /* compute b*A */
3215 test_outlen != outlen /* compare output length */ ) {
3217 BIO_printf(bio_err, "ECDH computation failure.\n");
3218 ERR_print_errors(bio_err);
3223 /* Compare the computation results: CRYPTO_memcmp() returns 0 if equal */
3224 if (CRYPTO_memcmp(loopargs[i].secret_a,
3225 loopargs[i].secret_b, outlen)) {
3227 BIO_printf(bio_err, "ECDH computations don't match.\n");
3228 ERR_print_errors(bio_err);
3233 loopargs[i].ecdh_ctx[testnum] = ctx;
3234 loopargs[i].outlen[testnum] = outlen;
3236 EVP_PKEY_free(key_A);
3237 EVP_PKEY_free(key_B);
3238 EVP_PKEY_CTX_free(kctx);
3240 EVP_PKEY_CTX_free(test_ctx);
3243 if (ecdh_checks != 0) {
3244 pkey_print_message("", "ecdh",
3246 ec_curves[testnum].bits, seconds.ecdh);
3249 run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs);
3252 mr ? "+R7:%ld:%d:%.2f\n" :
3253 "%ld %u-bits ECDH ops in %.2fs\n", count,
3254 ec_curves[testnum].bits, d);
3255 ecdh_results[testnum][0] = (double)count / d;
3259 if (rsa_count <= 1) {
3260 /* if longer than 10s, don't do any more */
3261 stop_it(ecdh_doit, testnum);
3265 for (testnum = 0; testnum < EdDSA_NUM; testnum++) {
3267 EVP_PKEY *ed_pkey = NULL;
3268 EVP_PKEY_CTX *ed_pctx = NULL;
3270 if (!eddsa_doit[testnum])
3271 continue; /* Ignore Curve */
3272 for (i = 0; i < loopargs_len; i++) {
3273 loopargs[i].eddsa_ctx[testnum] = EVP_MD_CTX_new();
3274 if (loopargs[i].eddsa_ctx[testnum] == NULL) {
3279 if ((ed_pctx = EVP_PKEY_CTX_new_id(ed_curves[testnum].nid, NULL))
3281 || EVP_PKEY_keygen_init(ed_pctx) <= 0
3282 || EVP_PKEY_keygen(ed_pctx, &ed_pkey) <= 0) {
3284 EVP_PKEY_CTX_free(ed_pctx);
3287 EVP_PKEY_CTX_free(ed_pctx);
3289 if (!EVP_DigestSignInit(loopargs[i].eddsa_ctx[testnum], NULL, NULL,
3292 EVP_PKEY_free(ed_pkey);
3295 EVP_PKEY_free(ed_pkey);
3298 BIO_printf(bio_err, "EdDSA failure.\n");
3299 ERR_print_errors(bio_err);
3302 for (i = 0; i < loopargs_len; i++) {
3303 /* Perform EdDSA signature test */
3304 loopargs[i].sigsize = ed_curves[testnum].sigsize;
3305 st = EVP_DigestSign(loopargs[i].eddsa_ctx[testnum],
3306 loopargs[i].buf2, &loopargs[i].sigsize,
3307 loopargs[i].buf, 20);
3313 "EdDSA sign failure. No EdDSA sign will be done.\n");
3314 ERR_print_errors(bio_err);
3317 pkey_print_message("sign", ed_curves[testnum].name,
3318 eddsa_c[testnum][0],
3319 ed_curves[testnum].bits, seconds.eddsa);
3321 count = run_benchmark(async_jobs, EdDSA_sign_loop, loopargs);
3325 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3326 "%ld %u bits %s signs in %.2fs \n",
3327 count, ed_curves[testnum].bits,
3328 ed_curves[testnum].name, d);
3329 eddsa_results[testnum][0] = (double)count / d;
3333 /* Perform EdDSA verification test */
3334 for (i = 0; i < loopargs_len; i++) {
3335 st = EVP_DigestVerify(loopargs[i].eddsa_ctx[testnum],
3336 loopargs[i].buf2, loopargs[i].sigsize,
3337 loopargs[i].buf, 20);
3343 "EdDSA verify failure. No EdDSA verify will be done.\n");
3344 ERR_print_errors(bio_err);
3345 eddsa_doit[testnum] = 0;
3347 pkey_print_message("verify", ed_curves[testnum].name,
3348 eddsa_c[testnum][1],
3349 ed_curves[testnum].bits, seconds.eddsa);
3351 count = run_benchmark(async_jobs, EdDSA_verify_loop, loopargs);
3354 mr ? "+R9:%ld:%u:%s:%.2f\n"
3355 : "%ld %u bits %s verify in %.2fs\n",
3356 count, ed_curves[testnum].bits,
3357 ed_curves[testnum].name, d);
3358 eddsa_results[testnum][1] = (double)count / d;
3361 if (rsa_count <= 1) {
3362 /* if longer than 10s, don't do any more */
3363 stop_it(eddsa_doit, testnum);
3368 # ifndef OPENSSL_NO_SM2
3369 for (testnum = 0; testnum < SM2_NUM; testnum++) {
3371 EVP_PKEY *sm2_pkey = NULL;
3373 if (!sm2_doit[testnum])
3374 continue; /* Ignore Curve */
3375 /* Init signing and verification */
3376 for (i = 0; i < loopargs_len; i++) {
3377 EVP_PKEY_CTX *sm2_pctx = NULL;
3378 EVP_PKEY_CTX *sm2_vfy_pctx = NULL;
3379 EVP_PKEY_CTX *pctx = NULL;
3382 loopargs[i].sm2_ctx[testnum] = EVP_MD_CTX_new();
3383 loopargs[i].sm2_vfy_ctx[testnum] = EVP_MD_CTX_new();
3384 if (loopargs[i].sm2_ctx[testnum] == NULL
3385 || loopargs[i].sm2_vfy_ctx[testnum] == NULL)
3388 /* SM2 keys are generated as normal EC keys with a special curve */
3389 st = !((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) == NULL
3390 || EVP_PKEY_keygen_init(pctx) <= 0
3391 || EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3392 sm2_curves[testnum].nid) <= 0
3393 || EVP_PKEY_keygen(pctx, &sm2_pkey) <= 0);
3394 EVP_PKEY_CTX_free(pctx);
3398 st = 0; /* set back to zero */
3399 /* attach it sooner to rely on main final cleanup */
3400 loopargs[i].sm2_pkey[testnum] = sm2_pkey;
3401 loopargs[i].sigsize = ECDSA_size(EVP_PKEY_get0_EC_KEY(sm2_pkey));
3402 if (!EVP_PKEY_set_alias_type(sm2_pkey, EVP_PKEY_SM2))
3405 sm2_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3406 sm2_vfy_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3407 if (sm2_pctx == NULL || sm2_vfy_pctx == NULL) {
3408 EVP_PKEY_CTX_free(sm2_vfy_pctx);
3411 /* attach them directly to respective ctx */
3412 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_ctx[testnum], sm2_pctx);
3413 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_vfy_ctx[testnum], sm2_vfy_pctx);
3416 * No need to allow user to set an explicit ID here, just use
3417 * the one defined in the 'draft-yang-tls-tl13-sm-suites' I-D.
3419 if (EVP_PKEY_CTX_set1_id(sm2_pctx, SM2_ID, SM2_ID_LEN) != 1
3420 || EVP_PKEY_CTX_set1_id(sm2_vfy_pctx, SM2_ID, SM2_ID_LEN) != 1)
3423 if (!EVP_DigestSignInit(loopargs[i].sm2_ctx[testnum], NULL,
3424 EVP_sm3(), NULL, sm2_pkey))
3426 if (!EVP_DigestVerifyInit(loopargs[i].sm2_vfy_ctx[testnum], NULL,
3427 EVP_sm3(), NULL, sm2_pkey))
3429 st = 1; /* mark loop as succeeded */
3432 BIO_printf(bio_err, "SM2 init failure.\n");
3433 ERR_print_errors(bio_err);
3436 for (i = 0; i < loopargs_len; i++) {
3437 size_t sm2_sigsize = loopargs[i].sigsize;
3439 /* Perform SM2 signature test */
3440 st = EVP_DigestSign(loopargs[i].sm2_ctx[testnum],
3441 loopargs[i].buf2, &sm2_sigsize,
3442 loopargs[i].buf, 20);
3448 "SM2 sign failure. No SM2 sign will be done.\n");
3449 ERR_print_errors(bio_err);
3452 pkey_print_message("sign", sm2_curves[testnum].name,
3454 sm2_curves[testnum].bits, seconds.sm2);
3456 count = run_benchmark(async_jobs, SM2_sign_loop, loopargs);
3460 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3461 "%ld %u bits %s signs in %.2fs \n",
3462 count, sm2_curves[testnum].bits,
3463 sm2_curves[testnum].name, d);
3464 sm2_results[testnum][0] = (double)count / d;
3468 /* Perform SM2 verification test */
3469 for (i = 0; i < loopargs_len; i++) {
3470 st = EVP_DigestVerify(loopargs[i].sm2_vfy_ctx[testnum],
3471 loopargs[i].buf2, loopargs[i].sigsize,
3472 loopargs[i].buf, 20);
3478 "SM2 verify failure. No SM2 verify will be done.\n");
3479 ERR_print_errors(bio_err);
3480 sm2_doit[testnum] = 0;
3482 pkey_print_message("verify", sm2_curves[testnum].name,
3484 sm2_curves[testnum].bits, seconds.sm2);
3486 count = run_benchmark(async_jobs, SM2_verify_loop, loopargs);
3489 mr ? "+R9:%ld:%u:%s:%.2f\n"
3490 : "%ld %u bits %s verify in %.2fs\n",
3491 count, sm2_curves[testnum].bits,
3492 sm2_curves[testnum].name, d);
3493 sm2_results[testnum][1] = (double)count / d;
3496 if (rsa_count <= 1) {
3497 /* if longer than 10s, don't do any more */
3498 for (testnum++; testnum < SM2_NUM; testnum++)
3499 sm2_doit[testnum] = 0;
3503 # endif /* OPENSSL_NO_SM2 */
3505 #endif /* OPENSSL_NO_EC */
3510 printf("version: %s\n", OpenSSL_version(OPENSSL_FULL_VERSION_STRING));
3511 printf("built on: %s\n", OpenSSL_version(OPENSSL_BUILT_ON));
3513 printf("%s ", BN_options());
3514 #if !defined(OPENSSL_NO_MD2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
3515 printf("%s ", MD2_options());
3517 #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
3518 printf("%s ", RC4_options());
3520 #if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
3521 printf("%s ", DES_options());
3523 #ifndef OPENSSL_NO_DEPRECATED_3_0
3524 printf("%s ", AES_options());
3526 #if !defined(OPENSSL_NO_IDEA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
3527 printf("%s ", IDEA_options());
3529 #if !defined(OPENSSL_NO_BF) && !defined(OPENSSL_NO_DEPRECATED_3_0)
3530 printf("%s ", BF_options());
3532 printf("\n%s\n", OpenSSL_version(OPENSSL_CFLAGS));
3533 printf("%s\n", OpenSSL_version(OPENSSL_CPU_INFO));
3541 ("The 'numbers' are in 1000s of bytes per second processed.\n");
3544 for (testnum = 0; testnum < size_num; testnum++)
3545 printf(mr ? ":%d" : "%7d bytes", lengths[testnum]);
3549 for (k = 0; k < ALGOR_NUM; k++) {
3553 printf("+F:%u:%s", k, names[k]);
3555 printf("%-13s", names[k]);
3556 for (testnum = 0; testnum < size_num; testnum++) {
3557 if (results[k][testnum] > 10000 && !mr)
3558 printf(" %11.2fk", results[k][testnum] / 1e3);
3560 printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]);
3564 #ifndef OPENSSL_NO_RSA
3566 for (k = 0; k < RSA_NUM; k++) {
3569 if (testnum && !mr) {
3570 printf("%18ssign verify sign/s verify/s\n", " ");
3574 printf("+F2:%u:%u:%f:%f\n",
3575 k, rsa_keys[k].bits, rsa_results[k][0], rsa_results[k][1]);
3577 printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3578 rsa_keys[k].bits, 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1],
3579 rsa_results[k][0], rsa_results[k][1]);
3582 #ifndef OPENSSL_NO_DSA
3584 for (k = 0; k < DSA_NUM; k++) {
3587 if (testnum && !mr) {
3588 printf("%18ssign verify sign/s verify/s\n", " ");
3592 printf("+F3:%u:%u:%f:%f\n",
3593 k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
3595 printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3596 dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1],
3597 dsa_results[k][0], dsa_results[k][1]);
3600 #ifndef OPENSSL_NO_EC
3602 for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) {
3605 if (testnum && !mr) {
3606 printf("%30ssign verify sign/s verify/s\n", " ");
3611 printf("+F4:%u:%u:%f:%f\n",
3612 k, ec_curves[k].bits,
3613 ecdsa_results[k][0], ecdsa_results[k][1]);
3615 printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3616 ec_curves[k].bits, ec_curves[k].name,
3617 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1],
3618 ecdsa_results[k][0], ecdsa_results[k][1]);
3622 for (k = 0; k < EC_NUM; k++) {
3625 if (testnum && !mr) {
3626 printf("%30sop op/s\n", " ");
3630 printf("+F5:%u:%u:%f:%f\n",
3631 k, ec_curves[k].bits,
3632 ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
3635 printf("%4u bits ecdh (%s) %8.4fs %8.1f\n",
3636 ec_curves[k].bits, ec_curves[k].name,
3637 1.0 / ecdh_results[k][0], ecdh_results[k][0]);
3641 for (k = 0; k < OSSL_NELEM(eddsa_doit); k++) {
3644 if (testnum && !mr) {
3645 printf("%30ssign verify sign/s verify/s\n", " ");
3650 printf("+F6:%u:%u:%s:%f:%f\n",
3651 k, ed_curves[k].bits, ed_curves[k].name,
3652 eddsa_results[k][0], eddsa_results[k][1]);
3654 printf("%4u bits EdDSA (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3655 ed_curves[k].bits, ed_curves[k].name,
3656 1.0 / eddsa_results[k][0], 1.0 / eddsa_results[k][1],
3657 eddsa_results[k][0], eddsa_results[k][1]);
3660 # ifndef OPENSSL_NO_SM2
3662 for (k = 0; k < OSSL_NELEM(sm2_doit); k++) {
3665 if (testnum && !mr) {
3666 printf("%30ssign verify sign/s verify/s\n", " ");
3671 printf("+F6:%u:%u:%s:%f:%f\n",
3672 k, sm2_curves[k].bits, sm2_curves[k].name,
3673 sm2_results[k][0], sm2_results[k][1]);
3675 printf("%4u bits SM2 (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3676 sm2_curves[k].bits, sm2_curves[k].name,
3677 1.0 / sm2_results[k][0], 1.0 / sm2_results[k][1],
3678 sm2_results[k][0], sm2_results[k][1]);
3681 #endif /* OPENSSL_NO_EC */
3686 ERR_print_errors(bio_err);
3687 for (i = 0; i < loopargs_len; i++) {
3688 OPENSSL_free(loopargs[i].buf_malloc);
3689 OPENSSL_free(loopargs[i].buf2_malloc);
3691 #ifndef OPENSSL_NO_RSA
3692 for (k = 0; k < RSA_NUM; k++)
3693 RSA_free(loopargs[i].rsa_key[k]);
3695 #ifndef OPENSSL_NO_DSA
3696 for (k = 0; k < DSA_NUM; k++)
3697 DSA_free(loopargs[i].dsa_key[k]);
3699 #ifndef OPENSSL_NO_EC
3700 for (k = 0; k < ECDSA_NUM; k++)
3701 EC_KEY_free(loopargs[i].ecdsa[k]);
3702 for (k = 0; k < EC_NUM; k++)
3703 EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]);
3704 for (k = 0; k < EdDSA_NUM; k++)
3705 EVP_MD_CTX_free(loopargs[i].eddsa_ctx[k]);
3706 # ifndef OPENSSL_NO_SM2
3707 for (k = 0; k < SM2_NUM; k++) {
3708 EVP_PKEY_CTX *pctx = NULL;
3710 /* free signing ctx */
3711 if (loopargs[i].sm2_ctx[k] != NULL
3712 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_ctx[k])) != NULL)
3713 EVP_PKEY_CTX_free(pctx);
3714 EVP_MD_CTX_free(loopargs[i].sm2_ctx[k]);
3715 /* free verification ctx */
3716 if (loopargs[i].sm2_vfy_ctx[k] != NULL
3717 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_vfy_ctx[k])) != NULL)
3718 EVP_PKEY_CTX_free(pctx);
3719 EVP_MD_CTX_free(loopargs[i].sm2_vfy_ctx[k]);
3721 EVP_PKEY_free(loopargs[i].sm2_pkey[k]);
3724 OPENSSL_free(loopargs[i].secret_a);
3725 OPENSSL_free(loopargs[i].secret_b);
3728 #ifndef OPENSSL_NO_DEPRECATED_3_0
3729 OPENSSL_free(evp_hmac_name);
3731 #if !defined(OPENSSL_NO_CMAC) && !defined(OPENSSL_NO_DEPRECATED_3_0)
3732 OPENSSL_free(evp_cmac_name);
3735 if (async_jobs > 0) {
3736 for (i = 0; i < loopargs_len; i++)
3737 ASYNC_WAIT_CTX_free(loopargs[i].wait_ctx);
3741 ASYNC_cleanup_thread();
3743 OPENSSL_free(loopargs);
3748 static void print_message(const char *s, long num, int length, int tm)
3752 mr ? "+DT:%s:%d:%d\n"
3753 : "Doing %s for %ds on %d size blocks: ", s, tm, length);
3754 (void)BIO_flush(bio_err);
3759 mr ? "+DN:%s:%ld:%d\n"
3760 : "Doing %s %ld times on %d size blocks: ", s, num, length);
3761 (void)BIO_flush(bio_err);
3765 static void pkey_print_message(const char *str, const char *str2, long num,
3766 unsigned int bits, int tm)
3770 mr ? "+DTP:%d:%s:%s:%d\n"
3771 : "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm);
3772 (void)BIO_flush(bio_err);
3777 mr ? "+DNP:%ld:%d:%s:%s\n"
3778 : "Doing %ld %u bits %s %s's: ", num, bits, str, str2);
3779 (void)BIO_flush(bio_err);
3783 static void print_result(int alg, int run_no, int count, double time_used)
3786 BIO_printf(bio_err, "%s error!\n", names[alg]);
3787 ERR_print_errors(bio_err);
3788 /* exit(1); disable exit until default provider enabled */
3792 mr ? "+R:%d:%s:%f\n"
3793 : "%d %s's in %.2fs\n", count, names[alg], time_used);
3794 results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
3798 static char *sstrsep(char **string, const char *delim)
3801 char *token = *string;
3806 memset(isdelim, 0, sizeof(isdelim));
3810 isdelim[(unsigned char)(*delim)] = 1;
3814 while (!isdelim[(unsigned char)(**string)]) {
3826 static int do_multi(int multi, int size_num)
3831 static char sep[] = ":";
3833 fds = app_malloc(sizeof(*fds) * multi, "fd buffer for do_multi");
3834 for (n = 0; n < multi; ++n) {
3835 if (pipe(fd) == -1) {
3836 BIO_printf(bio_err, "pipe failure\n");
3840 (void)BIO_flush(bio_err);
3847 if (dup(fd[1]) == -1) {
3848 BIO_printf(bio_err, "dup failed\n");
3857 printf("Forked child %d\n", n);
3860 /* for now, assume the pipe is long enough to take all the output */
3861 for (n = 0; n < multi; ++n) {
3866 f = fdopen(fds[n], "r");
3867 while (fgets(buf, sizeof(buf), f)) {
3868 p = strchr(buf, '\n');
3871 if (buf[0] != '+') {
3873 "Don't understand line '%s' from child %d\n", buf,
3877 printf("Got: %s from %d\n", buf, n);
3878 if (strncmp(buf, "+F:", 3) == 0) {
3883 alg = atoi(sstrsep(&p, sep));
3885 for (j = 0; j < size_num; ++j)
3886 results[alg][j] += atof(sstrsep(&p, sep));
3887 } else if (strncmp(buf, "+F2:", 4) == 0) {
3892 k = atoi(sstrsep(&p, sep));
3895 d = atof(sstrsep(&p, sep));
3896 rsa_results[k][0] += d;
3898 d = atof(sstrsep(&p, sep));
3899 rsa_results[k][1] += d;
3901 # ifndef OPENSSL_NO_DSA
3902 else if (strncmp(buf, "+F3:", 4) == 0) {
3907 k = atoi(sstrsep(&p, sep));
3910 d = atof(sstrsep(&p, sep));
3911 dsa_results[k][0] += d;
3913 d = atof(sstrsep(&p, sep));
3914 dsa_results[k][1] += d;
3917 # ifndef OPENSSL_NO_EC
3918 else if (strncmp(buf, "+F4:", 4) == 0) {
3923 k = atoi(sstrsep(&p, sep));
3926 d = atof(sstrsep(&p, sep));
3927 ecdsa_results[k][0] += d;
3929 d = atof(sstrsep(&p, sep));
3930 ecdsa_results[k][1] += d;
3931 } else if (strncmp(buf, "+F5:", 4) == 0) {
3936 k = atoi(sstrsep(&p, sep));
3939 d = atof(sstrsep(&p, sep));
3940 ecdh_results[k][0] += d;
3941 } else if (strncmp(buf, "+F6:", 4) == 0) {
3946 k = atoi(sstrsep(&p, sep));
3950 d = atof(sstrsep(&p, sep));
3951 eddsa_results[k][0] += d;
3953 d = atof(sstrsep(&p, sep));
3954 eddsa_results[k][1] += d;
3956 # ifndef OPENSSL_NO_SM2
3957 else if (strncmp(buf, "+F7:", 4) == 0) {
3962 k = atoi(sstrsep(&p, sep));
3965 d = atof(sstrsep(&p, sep));
3966 sm2_results[k][0] += d;
3968 d = atof(sstrsep(&p, sep));
3969 sm2_results[k][1] += d;
3971 # endif /* OPENSSL_NO_SM2 */
3974 else if (strncmp(buf, "+H:", 3) == 0) {
3977 BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf,
3988 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
3989 const openssl_speed_sec_t *seconds)
3991 static const int mblengths_list[] =
3992 { 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 };
3993 const int *mblengths = mblengths_list;
3994 int j, count, keylen, num = OSSL_NELEM(mblengths_list);
3995 const char *alg_name;
3996 unsigned char *inp, *out, *key, no_key[32], no_iv[16];
3997 EVP_CIPHER_CTX *ctx;
4000 if (lengths_single) {
4001 mblengths = &lengths_single;
4005 inp = app_malloc(mblengths[num - 1], "multiblock input buffer");
4006 out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer");
4007 ctx = EVP_CIPHER_CTX_new();
4008 EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv);
4010 keylen = EVP_CIPHER_CTX_key_length(ctx);
4011 key = app_malloc(keylen, "evp_cipher key");
4012 EVP_CIPHER_CTX_rand_key(ctx, key);
4013 EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
4014 OPENSSL_clear_free(key, keylen);
4016 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key), no_key);
4017 alg_name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
4019 for (j = 0; j < num; j++) {
4020 print_message(alg_name, 0, mblengths[j], seconds->sym);
4022 for (count = 0; run && count < 0x7fffffff; count++) {
4023 unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
4024 EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
4025 size_t len = mblengths[j];
4028 memset(aad, 0, 8); /* avoid uninitialized values */
4029 aad[8] = 23; /* SSL3_RT_APPLICATION_DATA */
4030 aad[9] = 3; /* version */
4032 aad[11] = 0; /* length */
4034 mb_param.out = NULL;
4037 mb_param.interleave = 8;
4039 packlen = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
4040 sizeof(mb_param), &mb_param);
4046 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
4047 sizeof(mb_param), &mb_param);
4051 RAND_bytes(out, 16);
4053 aad[11] = (unsigned char)(len >> 8);
4054 aad[12] = (unsigned char)(len);
4055 pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD,
4056 EVP_AEAD_TLS1_AAD_LEN, aad);
4057 EVP_Cipher(ctx, out, inp, len + pad);
4061 BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n"
4062 : "%d %s's in %.2fs\n", count, "evp", d);
4063 results[D_EVP][j] = ((double)count) / d * mblengths[j];
4067 fprintf(stdout, "+H");
4068 for (j = 0; j < num; j++)
4069 fprintf(stdout, ":%d", mblengths[j]);
4070 fprintf(stdout, "\n");
4071 fprintf(stdout, "+F:%d:%s", D_EVP, alg_name);
4072 for (j = 0; j < num; j++)
4073 fprintf(stdout, ":%.2f", results[D_EVP][j]);
4074 fprintf(stdout, "\n");
4077 "The 'numbers' are in 1000s of bytes per second processed.\n");
4078 fprintf(stdout, "type ");
4079 for (j = 0; j < num; j++)
4080 fprintf(stdout, "%7d bytes", mblengths[j]);
4081 fprintf(stdout, "\n");
4082 fprintf(stdout, "%-24s", alg_name);
4084 for (j = 0; j < num; j++) {
4085 if (results[D_EVP][j] > 10000)
4086 fprintf(stdout, " %11.2fk", results[D_EVP][j] / 1e3);
4088 fprintf(stdout, " %11.2f ", results[D_EVP][j]);
4090 fprintf(stdout, "\n");
4095 EVP_CIPHER_CTX_free(ctx);