2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
13 #define RSA_SECONDS 10
14 #define DSA_SECONDS 10
15 #define ECDSA_SECONDS 10
16 #define ECDH_SECONDS 10
17 #define EdDSA_SECONDS 10
18 #define SM2_SECONDS 10
20 /* We need to use some deprecated APIs */
21 #define OPENSSL_SUPPRESS_DEPRECATED
29 #include <openssl/crypto.h>
30 #include <openssl/rand.h>
31 #include <openssl/err.h>
32 #include <openssl/evp.h>
33 #include <openssl/objects.h>
34 #include <openssl/async.h>
35 #if !defined(OPENSSL_SYS_MSDOS)
43 #include <openssl/bn.h>
44 #ifndef OPENSSL_NO_DES
45 # include <openssl/des.h>
47 #include <openssl/aes.h>
48 #ifndef OPENSSL_NO_CAMELLIA
49 # include <openssl/camellia.h>
51 #ifndef OPENSSL_NO_MD2
52 # include <openssl/md2.h>
54 #ifndef OPENSSL_NO_MDC2
55 # include <openssl/mdc2.h>
57 #ifndef OPENSSL_NO_MD4
58 # include <openssl/md4.h>
60 #ifndef OPENSSL_NO_MD5
61 # include <openssl/md5.h>
63 #include <openssl/hmac.h>
64 #ifndef OPENSSL_NO_CMAC
65 #include <openssl/cmac.h>
67 #include <openssl/sha.h>
68 #ifndef OPENSSL_NO_RMD160
69 # include <openssl/ripemd.h>
71 #ifndef OPENSSL_NO_WHIRLPOOL
72 # include <openssl/whrlpool.h>
74 #ifndef OPENSSL_NO_RC4
75 # include <openssl/rc4.h>
77 #ifndef OPENSSL_NO_RC5
78 # include <openssl/rc5.h>
80 #ifndef OPENSSL_NO_RC2
81 # include <openssl/rc2.h>
83 #ifndef OPENSSL_NO_IDEA
84 # include <openssl/idea.h>
86 #ifndef OPENSSL_NO_SEED
87 # include <openssl/seed.h>
90 # include <openssl/blowfish.h>
92 #ifndef OPENSSL_NO_CAST
93 # include <openssl/cast.h>
95 #ifndef OPENSSL_NO_RSA
96 # include <openssl/rsa.h>
97 # include "./testrsa.h"
99 #include <openssl/x509.h>
100 #ifndef OPENSSL_NO_DSA
101 # include <openssl/dsa.h>
102 # include "./testdsa.h"
104 #ifndef OPENSSL_NO_EC
105 # include <openssl/ec.h>
107 #include <openssl/modes.h>
110 # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS)
123 #define MAX_MISALIGNMENT 63
124 #define MAX_ECDH_SIZE 256
127 typedef struct openssl_speed_sec_st {
135 } openssl_speed_sec_t;
137 static volatile int run = 0;
140 static int usertime = 1;
142 static double Time_F(int s);
143 static void print_message(const char *s, long num, int length, int tm);
144 static void pkey_print_message(const char *str, const char *str2,
145 long num, unsigned int bits, int sec);
146 static void print_result(int alg, int run_no, int count, double time_used);
148 static int do_multi(int multi, int size_num);
151 static const int lengths_list[] = {
152 16, 64, 256, 1024, 8 * 1024, 16 * 1024
154 static const int *lengths = lengths_list;
156 static const int aead_lengths_list[] = {
157 2, 31, 136, 1024, 8 * 1024, 16 * 1024
165 static void alarmed(int sig)
167 signal(SIGALRM, alarmed);
171 static double Time_F(int s)
173 double ret = app_tminterval(s, usertime);
179 #elif defined(_WIN32)
183 static unsigned int lapse;
184 static volatile unsigned int schlock;
185 static void alarm_win32(unsigned int secs)
190 # define alarm alarm_win32
192 static DWORD WINAPI sleepy(VOID * arg)
200 static double Time_F(int s)
207 thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
209 DWORD err = GetLastError();
210 BIO_printf(bio_err, "unable to CreateThread (%lu)", err);
214 Sleep(0); /* scheduler spinlock */
215 ret = app_tminterval(s, usertime);
217 ret = app_tminterval(s, usertime);
219 TerminateThread(thr, 0);
226 static double Time_F(int s)
228 return app_tminterval(s, usertime);
232 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
233 const openssl_speed_sec_t *seconds);
235 #define found(value, pairs, result)\
236 opt_found(value, result, pairs, OSSL_NELEM(pairs))
237 static int opt_found(const char *name, unsigned int *result,
238 const OPT_PAIR pairs[], unsigned int nbelem)
242 for (idx = 0; idx < nbelem; ++idx, pairs++)
243 if (strcmp(name, pairs->name) == 0) {
244 *result = pairs->retval;
250 typedef enum OPTION_choice {
251 OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
252 OPT_ELAPSED, OPT_EVP, OPT_HMAC, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
253 OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM,
254 OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD, OPT_CMAC
257 const OPTIONS speed_options[] = {
258 {OPT_HELP_STR, 1, '-', "Usage: %s [options] [algorithm...]\n"},
260 OPT_SECTION("General"),
261 {"help", OPT_HELP, '-', "Display this summary"},
263 "Enable (tls1>=1) multi-block mode on EVP-named cipher"},
264 {"mr", OPT_MR, '-', "Produce machine readable output"},
266 {"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"},
268 #ifndef OPENSSL_NO_ASYNC
269 {"async_jobs", OPT_ASYNCJOBS, 'p',
270 "Enable async mode and start specified number of jobs"},
272 #ifndef OPENSSL_NO_ENGINE
273 {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
275 {"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"},
277 OPT_SECTION("Selection"),
278 {"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"},
279 {"hmac", OPT_HMAC, 's', "HMAC using EVP-named digest"},
280 #ifndef OPENSSL_NO_CMAC
281 {"cmac", OPT_CMAC, 's', "CMAC using EVP-named cipher"},
283 {"decrypt", OPT_DECRYPT, '-',
284 "Time decryption instead of encryption (only EVP)"},
285 {"aead", OPT_AEAD, '-',
286 "Benchmark EVP-named AEAD cipher in TLS-like sequence"},
288 OPT_SECTION("Timing"),
289 {"elapsed", OPT_ELAPSED, '-',
290 "Use wall-clock time instead of CPU user time as divisor"},
291 {"seconds", OPT_SECONDS, 'p',
292 "Run benchmarks for specified amount of seconds"},
293 {"bytes", OPT_BYTES, 'p',
294 "Run [non-PKI] benchmarks on custom-sized buffer"},
295 {"misalign", OPT_MISALIGN, 'p',
296 "Use specified offset to mis-align buffers"},
301 {"algorithm", 0, 0, "Algorithm(s) to test (optional; otherwise tests all)"},
315 #define D_CBC_IDEA 10
316 #define D_CBC_SEED 11
320 #define D_CBC_CAST 15
321 #define D_CBC_128_AES 16
322 #define D_CBC_192_AES 17
323 #define D_CBC_256_AES 18
324 #define D_CBC_128_CML 19
325 #define D_CBC_192_CML 20
326 #define D_CBC_256_CML 21
330 #define D_WHIRLPOOL 25
331 #define D_IGE_128_AES 26
332 #define D_IGE_192_AES 27
333 #define D_IGE_256_AES 28
336 #define D_EVP_HMAC 31
337 #define D_EVP_CMAC 32
339 /* name of algorithms to test */
340 static const char *names[] = {
341 "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
342 "des cbc", "des ede3", "idea cbc", "seed cbc",
343 "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
344 "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
345 "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
346 "evp", "sha256", "sha512", "whirlpool",
347 "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
348 "rand", "hmac", "cmac"
350 #define ALGOR_NUM OSSL_NELEM(names)
352 /* list of configured algorithm (remaining) */
353 static const OPT_PAIR doit_choices[] = {
354 #ifndef OPENSSL_NO_MD2
357 #ifndef OPENSSL_NO_MDC2
360 #ifndef OPENSSL_NO_MD4
363 #ifndef OPENSSL_NO_MD5
368 {"sha256", D_SHA256},
369 {"sha512", D_SHA512},
370 #ifndef OPENSSL_NO_WHIRLPOOL
371 {"whirlpool", D_WHIRLPOOL},
373 #ifndef OPENSSL_NO_RMD160
374 {"ripemd", D_RMD160},
375 {"rmd160", D_RMD160},
376 {"ripemd160", D_RMD160},
378 #ifndef OPENSSL_NO_RC4
381 #ifndef OPENSSL_NO_DES
382 {"des-cbc", D_CBC_DES},
383 {"des-ede3", D_EDE3_DES},
385 {"aes-128-cbc", D_CBC_128_AES},
386 {"aes-192-cbc", D_CBC_192_AES},
387 {"aes-256-cbc", D_CBC_256_AES},
388 #ifndef OPENSSL_NO_DEPRECATED_3_0
389 {"aes-128-ige", D_IGE_128_AES},
390 {"aes-192-ige", D_IGE_192_AES},
391 {"aes-256-ige", D_IGE_256_AES},
393 #ifndef OPENSSL_NO_RC2
394 {"rc2-cbc", D_CBC_RC2},
397 #ifndef OPENSSL_NO_RC5
398 {"rc5-cbc", D_CBC_RC5},
401 #ifndef OPENSSL_NO_IDEA
402 {"idea-cbc", D_CBC_IDEA},
403 {"idea", D_CBC_IDEA},
405 #ifndef OPENSSL_NO_SEED
406 {"seed-cbc", D_CBC_SEED},
407 {"seed", D_CBC_SEED},
409 #ifndef OPENSSL_NO_BF
410 {"bf-cbc", D_CBC_BF},
411 {"blowfish", D_CBC_BF},
414 #ifndef OPENSSL_NO_CAST
415 {"cast-cbc", D_CBC_CAST},
416 {"cast", D_CBC_CAST},
417 {"cast5", D_CBC_CAST},
423 static double results[ALGOR_NUM][OSSL_NELEM(lengths_list)];
425 #ifndef OPENSSL_NO_DSA
427 # define R_DSA_1024 1
428 # define R_DSA_2048 2
429 static const OPT_PAIR dsa_choices[] = {
430 {"dsa512", R_DSA_512},
431 {"dsa1024", R_DSA_1024},
432 {"dsa2048", R_DSA_2048}
434 # define DSA_NUM OSSL_NELEM(dsa_choices)
436 static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */
437 #endif /* OPENSSL_NO_DSA */
445 #define R_RSA_15360 6
446 #ifndef OPENSSL_NO_RSA
447 static const OPT_PAIR rsa_choices[] = {
448 {"rsa512", R_RSA_512},
449 {"rsa1024", R_RSA_1024},
450 {"rsa2048", R_RSA_2048},
451 {"rsa3072", R_RSA_3072},
452 {"rsa4096", R_RSA_4096},
453 {"rsa7680", R_RSA_7680},
454 {"rsa15360", R_RSA_15360}
456 # define RSA_NUM OSSL_NELEM(rsa_choices)
458 static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */
459 #endif /* OPENSSL_NO_RSA */
468 #ifndef OPENSSL_NO_EC2M
490 #ifndef OPENSSL_NO_EC
491 static OPT_PAIR ecdsa_choices[] = {
492 {"ecdsap160", R_EC_P160},
493 {"ecdsap192", R_EC_P192},
494 {"ecdsap224", R_EC_P224},
495 {"ecdsap256", R_EC_P256},
496 {"ecdsap384", R_EC_P384},
497 {"ecdsap521", R_EC_P521},
498 # ifndef OPENSSL_NO_EC2M
499 {"ecdsak163", R_EC_K163},
500 {"ecdsak233", R_EC_K233},
501 {"ecdsak283", R_EC_K283},
502 {"ecdsak409", R_EC_K409},
503 {"ecdsak571", R_EC_K571},
504 {"ecdsab163", R_EC_B163},
505 {"ecdsab233", R_EC_B233},
506 {"ecdsab283", R_EC_B283},
507 {"ecdsab409", R_EC_B409},
508 {"ecdsab571", R_EC_B571},
510 {"ecdsabrp256r1", R_EC_BRP256R1},
511 {"ecdsabrp256t1", R_EC_BRP256T1},
512 {"ecdsabrp384r1", R_EC_BRP384R1},
513 {"ecdsabrp384t1", R_EC_BRP384T1},
514 {"ecdsabrp512r1", R_EC_BRP512R1},
515 {"ecdsabrp512t1", R_EC_BRP512T1}
517 # define ECDSA_NUM OSSL_NELEM(ecdsa_choices)
519 static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */
521 static const OPT_PAIR ecdh_choices[] = {
522 {"ecdhp160", R_EC_P160},
523 {"ecdhp192", R_EC_P192},
524 {"ecdhp224", R_EC_P224},
525 {"ecdhp256", R_EC_P256},
526 {"ecdhp384", R_EC_P384},
527 {"ecdhp521", R_EC_P521},
528 # ifndef OPENSSL_NO_EC2M
529 {"ecdhk163", R_EC_K163},
530 {"ecdhk233", R_EC_K233},
531 {"ecdhk283", R_EC_K283},
532 {"ecdhk409", R_EC_K409},
533 {"ecdhk571", R_EC_K571},
534 {"ecdhb163", R_EC_B163},
535 {"ecdhb233", R_EC_B233},
536 {"ecdhb283", R_EC_B283},
537 {"ecdhb409", R_EC_B409},
538 {"ecdhb571", R_EC_B571},
540 {"ecdhbrp256r1", R_EC_BRP256R1},
541 {"ecdhbrp256t1", R_EC_BRP256T1},
542 {"ecdhbrp384r1", R_EC_BRP384R1},
543 {"ecdhbrp384t1", R_EC_BRP384T1},
544 {"ecdhbrp512r1", R_EC_BRP512R1},
545 {"ecdhbrp512t1", R_EC_BRP512T1},
546 {"ecdhx25519", R_EC_X25519},
547 {"ecdhx448", R_EC_X448}
549 # define EC_NUM OSSL_NELEM(ecdh_choices)
551 static double ecdh_results[EC_NUM][1]; /* 1 op: derivation */
553 #define R_EC_Ed25519 0
555 static OPT_PAIR eddsa_choices[] = {
556 {"ed25519", R_EC_Ed25519},
557 {"ed448", R_EC_Ed448}
559 # define EdDSA_NUM OSSL_NELEM(eddsa_choices)
561 static double eddsa_results[EdDSA_NUM][2]; /* 2 ops: sign then verify */
563 # ifndef OPENSSL_NO_SM2
564 # define R_EC_CURVESM2 0
565 static OPT_PAIR sm2_choices[] = {
566 {"curveSM2", R_EC_CURVESM2}
568 # define SM2_ID "TLSv1.3+GM+Cipher+Suite"
569 # define SM2_ID_LEN sizeof("TLSv1.3+GM+Cipher+Suite") - 1
570 # define SM2_NUM OSSL_NELEM(sm2_choices)
572 static double sm2_results[SM2_NUM][2]; /* 2 ops: sign then verify */
573 # endif /* OPENSSL_NO_SM2 */
574 #endif /* OPENSSL_NO_EC */
577 # define COND(d) (count < (d))
578 # define COUNT(d) (d)
580 # define COND(unused_cond) (run && count<0x7fffffff)
581 # define COUNT(d) (count)
584 typedef struct loopargs_st {
585 ASYNC_JOB *inprogress_job;
586 ASYNC_WAIT_CTX *wait_ctx;
589 unsigned char *buf_malloc;
590 unsigned char *buf2_malloc;
594 #ifndef OPENSSL_NO_RSA
595 RSA *rsa_key[RSA_NUM];
597 #ifndef OPENSSL_NO_DSA
598 DSA *dsa_key[DSA_NUM];
600 #ifndef OPENSSL_NO_EC
601 EC_KEY *ecdsa[ECDSA_NUM];
602 EVP_PKEY_CTX *ecdh_ctx[EC_NUM];
603 EVP_MD_CTX *eddsa_ctx[EdDSA_NUM];
604 # ifndef OPENSSL_NO_SM2
605 EVP_MD_CTX *sm2_ctx[SM2_NUM];
606 EVP_MD_CTX *sm2_vfy_ctx[SM2_NUM];
607 EVP_PKEY *sm2_pkey[SM2_NUM];
609 unsigned char *secret_a;
610 unsigned char *secret_b;
611 size_t outlen[EC_NUM];
615 #ifndef OPENSSL_NO_CMAC
618 GCM128_CONTEXT *gcm_ctx;
620 static int run_benchmark(int async_jobs, int (*loop_function) (void *),
621 loopargs_t * loopargs);
623 static unsigned int testnum;
625 /* Nb of iterations to do per algorithm and key-size */
626 static long c[ALGOR_NUM][OSSL_NELEM(lengths_list)];
628 #ifndef OPENSSL_NO_MD2
629 static int EVP_Digest_MD2_loop(void *args)
631 loopargs_t *tempargs = *(loopargs_t **) args;
632 unsigned char *buf = tempargs->buf;
633 unsigned char md2[MD2_DIGEST_LENGTH];
636 for (count = 0; COND(c[D_MD2][testnum]); count++) {
637 if (!EVP_Digest(buf, (size_t)lengths[testnum], md2, NULL, EVP_md2(),
645 #ifndef OPENSSL_NO_MDC2
646 static int EVP_Digest_MDC2_loop(void *args)
648 loopargs_t *tempargs = *(loopargs_t **) args;
649 unsigned char *buf = tempargs->buf;
650 unsigned char mdc2[MDC2_DIGEST_LENGTH];
653 for (count = 0; COND(c[D_MDC2][testnum]); count++) {
654 if (!EVP_Digest(buf, (size_t)lengths[testnum], mdc2, NULL, EVP_mdc2(),
662 #ifndef OPENSSL_NO_MD4
663 static int EVP_Digest_MD4_loop(void *args)
665 loopargs_t *tempargs = *(loopargs_t **) args;
666 unsigned char *buf = tempargs->buf;
667 unsigned char md4[MD4_DIGEST_LENGTH];
670 for (count = 0; COND(c[D_MD4][testnum]); count++) {
671 if (!EVP_Digest(buf, (size_t)lengths[testnum], md4, NULL, EVP_md4(),
679 #ifndef OPENSSL_NO_MD5
680 static int MD5_loop(void *args)
682 loopargs_t *tempargs = *(loopargs_t **) args;
683 unsigned char *buf = tempargs->buf;
684 unsigned char md5[MD5_DIGEST_LENGTH];
686 for (count = 0; COND(c[D_MD5][testnum]); count++)
687 MD5(buf, lengths[testnum], md5);
691 static int HMAC_loop(void *args)
693 loopargs_t *tempargs = *(loopargs_t **) args;
694 unsigned char *buf = tempargs->buf;
695 HMAC_CTX *hctx = tempargs->hctx;
696 unsigned char hmac[MD5_DIGEST_LENGTH];
699 for (count = 0; COND(c[D_HMAC][testnum]); count++) {
700 HMAC_Init_ex(hctx, NULL, 0, NULL, NULL);
701 HMAC_Update(hctx, buf, lengths[testnum]);
702 HMAC_Final(hctx, hmac, NULL);
708 static int SHA1_loop(void *args)
710 loopargs_t *tempargs = *(loopargs_t **) args;
711 unsigned char *buf = tempargs->buf;
712 unsigned char sha[SHA_DIGEST_LENGTH];
714 for (count = 0; COND(c[D_SHA1][testnum]); count++)
715 SHA1(buf, lengths[testnum], sha);
719 static int SHA256_loop(void *args)
721 loopargs_t *tempargs = *(loopargs_t **) args;
722 unsigned char *buf = tempargs->buf;
723 unsigned char sha256[SHA256_DIGEST_LENGTH];
725 for (count = 0; COND(c[D_SHA256][testnum]); count++)
726 SHA256(buf, lengths[testnum], sha256);
730 static int SHA512_loop(void *args)
732 loopargs_t *tempargs = *(loopargs_t **) args;
733 unsigned char *buf = tempargs->buf;
734 unsigned char sha512[SHA512_DIGEST_LENGTH];
736 for (count = 0; COND(c[D_SHA512][testnum]); count++)
737 SHA512(buf, lengths[testnum], sha512);
741 #ifndef OPENSSL_NO_WHIRLPOOL
742 static int WHIRLPOOL_loop(void *args)
744 loopargs_t *tempargs = *(loopargs_t **) args;
745 unsigned char *buf = tempargs->buf;
746 unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
748 for (count = 0; COND(c[D_WHIRLPOOL][testnum]); count++)
749 WHIRLPOOL(buf, lengths[testnum], whirlpool);
754 #ifndef OPENSSL_NO_RMD160
755 static int EVP_Digest_RMD160_loop(void *args)
757 loopargs_t *tempargs = *(loopargs_t **) args;
758 unsigned char *buf = tempargs->buf;
759 unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
761 for (count = 0; COND(c[D_RMD160][testnum]); count++) {
762 if (!EVP_Digest(buf, (size_t)lengths[testnum], &(rmd160[0]),
763 NULL, EVP_ripemd160(), NULL))
770 #ifndef OPENSSL_NO_RC4
771 static RC4_KEY rc4_ks;
772 static int RC4_loop(void *args)
774 loopargs_t *tempargs = *(loopargs_t **) args;
775 unsigned char *buf = tempargs->buf;
777 for (count = 0; COND(c[D_RC4][testnum]); count++)
778 RC4(&rc4_ks, (size_t)lengths[testnum], buf, buf);
783 #ifndef OPENSSL_NO_DES
784 static unsigned char DES_iv[8];
785 static DES_key_schedule sch[3];
786 static int DES_ncbc_encrypt_loop(void *args)
788 loopargs_t *tempargs = *(loopargs_t **) args;
789 unsigned char *buf = tempargs->buf;
791 for (count = 0; COND(c[D_CBC_DES][testnum]); count++)
792 DES_ncbc_encrypt(buf, buf, lengths[testnum], &sch[0],
793 &DES_iv, DES_ENCRYPT);
797 static int DES_ede3_cbc_encrypt_loop(void *args)
799 loopargs_t *tempargs = *(loopargs_t **) args;
800 unsigned char *buf = tempargs->buf;
802 for (count = 0; COND(c[D_EDE3_DES][testnum]); count++)
803 DES_ede3_cbc_encrypt(buf, buf, lengths[testnum],
804 &sch[0], &sch[1], &sch[2], &DES_iv, DES_ENCRYPT);
809 #define MAX_BLOCK_SIZE 128
811 static unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
812 static AES_KEY aes_ks1, aes_ks2, aes_ks3;
813 static int AES_cbc_128_encrypt_loop(void *args)
815 loopargs_t *tempargs = *(loopargs_t **) args;
816 unsigned char *buf = tempargs->buf;
818 for (count = 0; COND(c[D_CBC_128_AES][testnum]); count++)
819 AES_cbc_encrypt(buf, buf,
820 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
824 static int AES_cbc_192_encrypt_loop(void *args)
826 loopargs_t *tempargs = *(loopargs_t **) args;
827 unsigned char *buf = tempargs->buf;
829 for (count = 0; COND(c[D_CBC_192_AES][testnum]); count++)
830 AES_cbc_encrypt(buf, buf,
831 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
835 static int AES_cbc_256_encrypt_loop(void *args)
837 loopargs_t *tempargs = *(loopargs_t **) args;
838 unsigned char *buf = tempargs->buf;
840 for (count = 0; COND(c[D_CBC_256_AES][testnum]); count++)
841 AES_cbc_encrypt(buf, buf,
842 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
846 #ifndef OPENSSL_NO_DEPRECATED_3_0
847 static int AES_ige_128_encrypt_loop(void *args)
849 loopargs_t *tempargs = *(loopargs_t **) args;
850 unsigned char *buf = tempargs->buf;
851 unsigned char *buf2 = tempargs->buf2;
853 for (count = 0; COND(c[D_IGE_128_AES][testnum]); count++)
854 AES_ige_encrypt(buf, buf2,
855 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
859 static int AES_ige_192_encrypt_loop(void *args)
861 loopargs_t *tempargs = *(loopargs_t **) args;
862 unsigned char *buf = tempargs->buf;
863 unsigned char *buf2 = tempargs->buf2;
865 for (count = 0; COND(c[D_IGE_192_AES][testnum]); count++)
866 AES_ige_encrypt(buf, buf2,
867 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
871 static int AES_ige_256_encrypt_loop(void *args)
873 loopargs_t *tempargs = *(loopargs_t **) args;
874 unsigned char *buf = tempargs->buf;
875 unsigned char *buf2 = tempargs->buf2;
877 for (count = 0; COND(c[D_IGE_256_AES][testnum]); count++)
878 AES_ige_encrypt(buf, buf2,
879 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
884 static int CRYPTO_gcm128_aad_loop(void *args)
886 loopargs_t *tempargs = *(loopargs_t **) args;
887 unsigned char *buf = tempargs->buf;
888 GCM128_CONTEXT *gcm_ctx = tempargs->gcm_ctx;
890 for (count = 0; COND(c[D_GHASH][testnum]); count++)
891 CRYPTO_gcm128_aad(gcm_ctx, buf, lengths[testnum]);
895 static int RAND_bytes_loop(void *args)
897 loopargs_t *tempargs = *(loopargs_t **) args;
898 unsigned char *buf = tempargs->buf;
901 for (count = 0; COND(c[D_RAND][testnum]); count++)
902 RAND_bytes(buf, lengths[testnum]);
906 static int decrypt = 0;
907 static int EVP_Update_loop(void *args)
909 loopargs_t *tempargs = *(loopargs_t **) args;
910 unsigned char *buf = tempargs->buf;
911 EVP_CIPHER_CTX *ctx = tempargs->ctx;
915 for (count = 0; COND(c[D_EVP][testnum]); count++) {
916 rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
918 /* reset iv in case of counter overflow */
919 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
923 for (count = 0; COND(c[D_EVP][testnum]); count++) {
924 rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
926 /* reset iv in case of counter overflow */
927 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
932 EVP_DecryptFinal_ex(ctx, buf, &outl);
934 EVP_EncryptFinal_ex(ctx, buf, &outl);
939 * CCM does not support streaming. For the purpose of performance measurement,
940 * each message is encrypted using the same (key,iv)-pair. Do not use this
941 * code in your application.
943 static int EVP_Update_loop_ccm(void *args)
945 loopargs_t *tempargs = *(loopargs_t **) args;
946 unsigned char *buf = tempargs->buf;
947 EVP_CIPHER_CTX *ctx = tempargs->ctx;
949 unsigned char tag[12];
952 for (count = 0; COND(c[D_EVP][testnum]); count++) {
953 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), tag);
955 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
956 /* counter is reset on every update */
957 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
960 for (count = 0; COND(c[D_EVP][testnum]); count++) {
961 /* restore iv length field */
962 EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
963 /* counter is reset on every update */
964 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
968 EVP_DecryptFinal_ex(ctx, buf, &outl);
970 EVP_EncryptFinal_ex(ctx, buf, &outl);
975 * To make AEAD benchmarking more relevant perform TLS-like operations,
976 * 13-byte AAD followed by payload. But don't use TLS-formatted AAD, as
977 * payload length is not actually limited by 16KB...
979 static int EVP_Update_loop_aead(void *args)
981 loopargs_t *tempargs = *(loopargs_t **) args;
982 unsigned char *buf = tempargs->buf;
983 EVP_CIPHER_CTX *ctx = tempargs->ctx;
985 unsigned char aad[13] = { 0xcc };
986 unsigned char faketag[16] = { 0xcc };
989 for (count = 0; COND(c[D_EVP][testnum]); count++) {
990 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
991 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
992 sizeof(faketag), faketag);
993 EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
994 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
995 EVP_DecryptFinal_ex(ctx, buf + outl, &outl);
998 for (count = 0; COND(c[D_EVP][testnum]); count++) {
999 EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv);
1000 EVP_EncryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1001 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1002 EVP_EncryptFinal_ex(ctx, buf + outl, &outl);
1008 static const EVP_MD *evp_md = NULL;
1009 static int EVP_Digest_loop(void *args)
1011 loopargs_t *tempargs = *(loopargs_t **) args;
1012 unsigned char *buf = tempargs->buf;
1013 unsigned char md[EVP_MAX_MD_SIZE];
1016 for (count = 0; COND(c[D_EVP][testnum]); count++) {
1017 if (!EVP_Digest(buf, lengths[testnum], md, NULL, evp_md, NULL))
1023 static const EVP_MD *evp_hmac_md = NULL;
1024 static char *evp_hmac_name = NULL;
1025 static int EVP_HMAC_loop(void *args)
1027 loopargs_t *tempargs = *(loopargs_t **) args;
1028 unsigned char *buf = tempargs->buf;
1029 unsigned char no_key[32];
1032 for (count = 0; COND(c[D_EVP_HMAC][testnum]); count++) {
1033 if (HMAC(evp_hmac_md, no_key, sizeof(no_key), buf, lengths[testnum],
1034 NULL, NULL) == NULL)
1040 #ifndef OPENSSL_NO_CMAC
1041 static const EVP_CIPHER *evp_cmac_cipher = NULL;
1042 static char *evp_cmac_name = NULL;
1044 static int EVP_CMAC_loop(void *args)
1046 loopargs_t *tempargs = *(loopargs_t **) args;
1047 unsigned char *buf = tempargs->buf;
1048 CMAC_CTX *cmac_ctx = tempargs->cmac_ctx;
1049 static const char key[16] = "This is a key...";
1050 unsigned char mac[16];
1051 size_t len = sizeof(mac);
1054 for (count = 0; COND(c[D_EVP_CMAC][testnum]); count++) {
1055 if (!CMAC_Init(cmac_ctx, key, sizeof(key), evp_cmac_cipher, NULL)
1056 || !CMAC_Update(cmac_ctx, buf, lengths[testnum])
1057 || !CMAC_Final(cmac_ctx, mac, &len))
1064 #ifndef OPENSSL_NO_RSA
1065 static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */
1067 static int RSA_sign_loop(void *args)
1069 loopargs_t *tempargs = *(loopargs_t **) args;
1070 unsigned char *buf = tempargs->buf;
1071 unsigned char *buf2 = tempargs->buf2;
1072 unsigned int *rsa_num = &tempargs->siglen;
1073 RSA **rsa_key = tempargs->rsa_key;
1075 for (count = 0; COND(rsa_c[testnum][0]); count++) {
1076 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1078 BIO_printf(bio_err, "RSA sign failure\n");
1079 ERR_print_errors(bio_err);
1087 static int RSA_verify_loop(void *args)
1089 loopargs_t *tempargs = *(loopargs_t **) args;
1090 unsigned char *buf = tempargs->buf;
1091 unsigned char *buf2 = tempargs->buf2;
1092 unsigned int rsa_num = tempargs->siglen;
1093 RSA **rsa_key = tempargs->rsa_key;
1095 for (count = 0; COND(rsa_c[testnum][1]); count++) {
1097 RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1099 BIO_printf(bio_err, "RSA verify failure\n");
1100 ERR_print_errors(bio_err);
1109 #ifndef OPENSSL_NO_DSA
1110 static long dsa_c[DSA_NUM][2];
1111 static int DSA_sign_loop(void *args)
1113 loopargs_t *tempargs = *(loopargs_t **) args;
1114 unsigned char *buf = tempargs->buf;
1115 unsigned char *buf2 = tempargs->buf2;
1116 DSA **dsa_key = tempargs->dsa_key;
1117 unsigned int *siglen = &tempargs->siglen;
1119 for (count = 0; COND(dsa_c[testnum][0]); count++) {
1120 ret = DSA_sign(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1122 BIO_printf(bio_err, "DSA sign failure\n");
1123 ERR_print_errors(bio_err);
1131 static int DSA_verify_loop(void *args)
1133 loopargs_t *tempargs = *(loopargs_t **) args;
1134 unsigned char *buf = tempargs->buf;
1135 unsigned char *buf2 = tempargs->buf2;
1136 DSA **dsa_key = tempargs->dsa_key;
1137 unsigned int siglen = tempargs->siglen;
1139 for (count = 0; COND(dsa_c[testnum][1]); count++) {
1140 ret = DSA_verify(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1142 BIO_printf(bio_err, "DSA verify failure\n");
1143 ERR_print_errors(bio_err);
1152 #ifndef OPENSSL_NO_EC
1153 static long ecdsa_c[ECDSA_NUM][2];
1154 static int ECDSA_sign_loop(void *args)
1156 loopargs_t *tempargs = *(loopargs_t **) args;
1157 unsigned char *buf = tempargs->buf;
1158 EC_KEY **ecdsa = tempargs->ecdsa;
1159 unsigned char *ecdsasig = tempargs->buf2;
1160 unsigned int *ecdsasiglen = &tempargs->siglen;
1162 for (count = 0; COND(ecdsa_c[testnum][0]); count++) {
1163 ret = ECDSA_sign(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1165 BIO_printf(bio_err, "ECDSA sign failure\n");
1166 ERR_print_errors(bio_err);
1174 static int ECDSA_verify_loop(void *args)
1176 loopargs_t *tempargs = *(loopargs_t **) args;
1177 unsigned char *buf = tempargs->buf;
1178 EC_KEY **ecdsa = tempargs->ecdsa;
1179 unsigned char *ecdsasig = tempargs->buf2;
1180 unsigned int ecdsasiglen = tempargs->siglen;
1182 for (count = 0; COND(ecdsa_c[testnum][1]); count++) {
1183 ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1185 BIO_printf(bio_err, "ECDSA verify failure\n");
1186 ERR_print_errors(bio_err);
1194 /* ******************************************************************** */
1195 static long ecdh_c[EC_NUM][1];
1197 static int ECDH_EVP_derive_key_loop(void *args)
1199 loopargs_t *tempargs = *(loopargs_t **) args;
1200 EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum];
1201 unsigned char *derived_secret = tempargs->secret_a;
1203 size_t *outlen = &(tempargs->outlen[testnum]);
1205 for (count = 0; COND(ecdh_c[testnum][0]); count++)
1206 EVP_PKEY_derive(ctx, derived_secret, outlen);
1211 static long eddsa_c[EdDSA_NUM][2];
1212 static int EdDSA_sign_loop(void *args)
1214 loopargs_t *tempargs = *(loopargs_t **) args;
1215 unsigned char *buf = tempargs->buf;
1216 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1217 unsigned char *eddsasig = tempargs->buf2;
1218 size_t *eddsasigsize = &tempargs->sigsize;
1221 for (count = 0; COND(eddsa_c[testnum][0]); count++) {
1222 ret = EVP_DigestSign(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1224 BIO_printf(bio_err, "EdDSA sign failure\n");
1225 ERR_print_errors(bio_err);
1233 static int EdDSA_verify_loop(void *args)
1235 loopargs_t *tempargs = *(loopargs_t **) args;
1236 unsigned char *buf = tempargs->buf;
1237 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1238 unsigned char *eddsasig = tempargs->buf2;
1239 size_t eddsasigsize = tempargs->sigsize;
1242 for (count = 0; COND(eddsa_c[testnum][1]); count++) {
1243 ret = EVP_DigestVerify(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1245 BIO_printf(bio_err, "EdDSA verify failure\n");
1246 ERR_print_errors(bio_err);
1254 # ifndef OPENSSL_NO_SM2
1255 static long sm2_c[SM2_NUM][2];
1256 static int SM2_sign_loop(void *args)
1258 loopargs_t *tempargs = *(loopargs_t **) args;
1259 unsigned char *buf = tempargs->buf;
1260 EVP_MD_CTX **sm2ctx = tempargs->sm2_ctx;
1261 unsigned char *sm2sig = tempargs->buf2;
1262 size_t sm2sigsize = tempargs->sigsize;
1263 const size_t max_size = tempargs->sigsize;
1265 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1267 for (count = 0; COND(sm2_c[testnum][0]); count++) {
1268 if (!EVP_DigestSignInit(sm2ctx[testnum], NULL, EVP_sm3(),
1269 NULL, sm2_pkey[testnum])) {
1270 BIO_printf(bio_err, "SM2 init sign failure\n");
1271 ERR_print_errors(bio_err);
1275 ret = EVP_DigestSign(sm2ctx[testnum], sm2sig, &sm2sigsize,
1278 BIO_printf(bio_err, "SM2 sign failure\n");
1279 ERR_print_errors(bio_err);
1283 /* update the latest returned size and always use the fixed buffer size */
1284 tempargs->sigsize = sm2sigsize;
1285 sm2sigsize = max_size;
1291 static int SM2_verify_loop(void *args)
1293 loopargs_t *tempargs = *(loopargs_t **) args;
1294 unsigned char *buf = tempargs->buf;
1295 EVP_MD_CTX **sm2ctx = tempargs->sm2_vfy_ctx;
1296 unsigned char *sm2sig = tempargs->buf2;
1297 size_t sm2sigsize = tempargs->sigsize;
1299 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1301 for (count = 0; COND(sm2_c[testnum][1]); count++) {
1302 if (!EVP_DigestVerifyInit(sm2ctx[testnum], NULL, EVP_sm3(),
1303 NULL, sm2_pkey[testnum])) {
1304 BIO_printf(bio_err, "SM2 verify init failure\n");
1305 ERR_print_errors(bio_err);
1309 ret = EVP_DigestVerify(sm2ctx[testnum], sm2sig, sm2sigsize,
1312 BIO_printf(bio_err, "SM2 verify failure\n");
1313 ERR_print_errors(bio_err);
1320 # endif /* OPENSSL_NO_SM2 */
1321 #endif /* OPENSSL_NO_EC */
1323 static int run_benchmark(int async_jobs,
1324 int (*loop_function) (void *), loopargs_t * loopargs)
1326 int job_op_count = 0;
1327 int total_op_count = 0;
1328 int num_inprogress = 0;
1329 int error = 0, i = 0, ret = 0;
1330 OSSL_ASYNC_FD job_fd = 0;
1331 size_t num_job_fds = 0;
1335 if (async_jobs == 0) {
1336 return loop_function((void *)&loopargs);
1339 for (i = 0; i < async_jobs && !error; i++) {
1340 loopargs_t *looparg_item = loopargs + i;
1342 /* Copy pointer content (looparg_t item address) into async context */
1343 ret = ASYNC_start_job(&loopargs[i].inprogress_job, loopargs[i].wait_ctx,
1344 &job_op_count, loop_function,
1345 (void *)&looparg_item, sizeof(looparg_item));
1351 if (job_op_count == -1) {
1354 total_op_count += job_op_count;
1359 BIO_printf(bio_err, "Failure in the job\n");
1360 ERR_print_errors(bio_err);
1366 while (num_inprogress > 0) {
1367 #if defined(OPENSSL_SYS_WINDOWS)
1369 #elif defined(OPENSSL_SYS_UNIX)
1370 int select_result = 0;
1371 OSSL_ASYNC_FD max_fd = 0;
1374 FD_ZERO(&waitfdset);
1376 for (i = 0; i < async_jobs && num_inprogress > 0; i++) {
1377 if (loopargs[i].inprogress_job == NULL)
1380 if (!ASYNC_WAIT_CTX_get_all_fds
1381 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1382 || num_job_fds > 1) {
1383 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1384 ERR_print_errors(bio_err);
1388 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1390 FD_SET(job_fd, &waitfdset);
1391 if (job_fd > max_fd)
1395 if (max_fd >= (OSSL_ASYNC_FD)FD_SETSIZE) {
1397 "Error: max_fd (%d) must be smaller than FD_SETSIZE (%d). "
1398 "Decrease the value of async_jobs\n",
1399 max_fd, FD_SETSIZE);
1400 ERR_print_errors(bio_err);
1405 select_result = select(max_fd + 1, &waitfdset, NULL, NULL, NULL);
1406 if (select_result == -1 && errno == EINTR)
1409 if (select_result == -1) {
1410 BIO_printf(bio_err, "Failure in the select\n");
1411 ERR_print_errors(bio_err);
1416 if (select_result == 0)
1420 for (i = 0; i < async_jobs; i++) {
1421 if (loopargs[i].inprogress_job == NULL)
1424 if (!ASYNC_WAIT_CTX_get_all_fds
1425 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1426 || num_job_fds > 1) {
1427 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1428 ERR_print_errors(bio_err);
1432 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1435 #if defined(OPENSSL_SYS_UNIX)
1436 if (num_job_fds == 1 && !FD_ISSET(job_fd, &waitfdset))
1438 #elif defined(OPENSSL_SYS_WINDOWS)
1439 if (num_job_fds == 1
1440 && !PeekNamedPipe(job_fd, NULL, 0, NULL, &avail, NULL)
1445 ret = ASYNC_start_job(&loopargs[i].inprogress_job,
1446 loopargs[i].wait_ctx, &job_op_count,
1447 loop_function, (void *)(loopargs + i),
1448 sizeof(loopargs_t));
1453 if (job_op_count == -1) {
1456 total_op_count += job_op_count;
1459 loopargs[i].inprogress_job = NULL;
1464 loopargs[i].inprogress_job = NULL;
1465 BIO_printf(bio_err, "Failure in the job\n");
1466 ERR_print_errors(bio_err);
1473 return error ? -1 : total_op_count;
1476 #define stop_it(do_it, test_num)\
1477 memset(do_it + test_num, 0, OSSL_NELEM(do_it) - test_num);
1479 int speed_main(int argc, char **argv)
1482 loopargs_t *loopargs = NULL;
1484 const char *engine_id = NULL;
1485 const EVP_CIPHER *evp_cipher = NULL;
1488 int async_init = 0, multiblock = 0, pr_header = 0;
1489 uint8_t doit[ALGOR_NUM] = { 0 };
1490 int ret = 1, misalign = 0, lengths_single = 0, aead = 0;
1492 unsigned int size_num = OSSL_NELEM(lengths_list);
1493 unsigned int i, k, loopargs_len = 0, async_jobs = 0;
1499 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) \
1500 || !defined(OPENSSL_NO_EC)
1503 openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS,
1504 ECDSA_SECONDS, ECDH_SECONDS,
1505 EdDSA_SECONDS, SM2_SECONDS };
1507 /* What follows are the buffers and key material. */
1508 #ifndef OPENSSL_NO_RC5
1511 #ifndef OPENSSL_NO_RC2
1514 #ifndef OPENSSL_NO_IDEA
1515 IDEA_KEY_SCHEDULE idea_ks;
1517 #ifndef OPENSSL_NO_SEED
1518 SEED_KEY_SCHEDULE seed_ks;
1520 #ifndef OPENSSL_NO_BF
1523 #ifndef OPENSSL_NO_CAST
1526 static const unsigned char key16[16] = {
1527 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1528 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1530 static const unsigned char key24[24] = {
1531 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1532 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1533 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1535 static const unsigned char key32[32] = {
1536 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1537 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1538 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1539 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1541 #ifndef OPENSSL_NO_CAMELLIA
1542 CAMELLIA_KEY camellia_ks[3];
1544 #ifndef OPENSSL_NO_RSA
1545 static const struct {
1546 const unsigned char *data;
1547 unsigned int length;
1550 { test512, sizeof(test512), 512 },
1551 { test1024, sizeof(test1024), 1024 },
1552 { test2048, sizeof(test2048), 2048 },
1553 { test3072, sizeof(test3072), 3072 },
1554 { test4096, sizeof(test4096), 4092 },
1555 { test7680, sizeof(test7680), 7680 },
1556 { test15360, sizeof(test15360), 15360 }
1558 uint8_t rsa_doit[RSA_NUM] = { 0 };
1559 int primes = RSA_DEFAULT_PRIME_NUM;
1561 #ifndef OPENSSL_NO_DSA
1562 static const unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 };
1563 uint8_t dsa_doit[DSA_NUM] = { 0 };
1565 #ifndef OPENSSL_NO_EC
1566 typedef struct ec_curve_st {
1570 size_t sigsize; /* only used for EdDSA curves */
1573 * We only test over the following curves as they are representative, To
1574 * add tests over more curves, simply add the curve NID and curve name to
1575 * the following arrays and increase the |ecdh_choices| list accordingly.
1577 static const EC_CURVE ec_curves[EC_NUM] = {
1579 {"secp160r1", NID_secp160r1, 160},
1580 {"nistp192", NID_X9_62_prime192v1, 192},
1581 {"nistp224", NID_secp224r1, 224},
1582 {"nistp256", NID_X9_62_prime256v1, 256},
1583 {"nistp384", NID_secp384r1, 384},
1584 {"nistp521", NID_secp521r1, 521},
1585 # ifndef OPENSSL_NO_EC2M
1587 {"nistk163", NID_sect163k1, 163},
1588 {"nistk233", NID_sect233k1, 233},
1589 {"nistk283", NID_sect283k1, 283},
1590 {"nistk409", NID_sect409k1, 409},
1591 {"nistk571", NID_sect571k1, 571},
1592 {"nistb163", NID_sect163r2, 163},
1593 {"nistb233", NID_sect233r1, 233},
1594 {"nistb283", NID_sect283r1, 283},
1595 {"nistb409", NID_sect409r1, 409},
1596 {"nistb571", NID_sect571r1, 571},
1598 {"brainpoolP256r1", NID_brainpoolP256r1, 256},
1599 {"brainpoolP256t1", NID_brainpoolP256t1, 256},
1600 {"brainpoolP384r1", NID_brainpoolP384r1, 384},
1601 {"brainpoolP384t1", NID_brainpoolP384t1, 384},
1602 {"brainpoolP512r1", NID_brainpoolP512r1, 512},
1603 {"brainpoolP512t1", NID_brainpoolP512t1, 512},
1604 /* Other and ECDH only ones */
1605 {"X25519", NID_X25519, 253},
1606 {"X448", NID_X448, 448}
1608 static const EC_CURVE ed_curves[EdDSA_NUM] = {
1610 {"Ed25519", NID_ED25519, 253, 64},
1611 {"Ed448", NID_ED448, 456, 114}
1613 # ifndef OPENSSL_NO_SM2
1614 static const EC_CURVE sm2_curves[SM2_NUM] = {
1616 {"CurveSM2", NID_sm2, 256}
1618 uint8_t sm2_doit[SM2_NUM] = { 0 };
1620 uint8_t ecdsa_doit[ECDSA_NUM] = { 0 };
1621 uint8_t ecdh_doit[EC_NUM] = { 0 };
1622 uint8_t eddsa_doit[EdDSA_NUM] = { 0 };
1623 OPENSSL_assert(OSSL_NELEM(ec_curves) >= EC_NUM);
1624 OPENSSL_assert(OSSL_NELEM(ed_curves) >= EdDSA_NUM);
1625 # ifndef OPENSSL_NO_SM2
1626 OPENSSL_assert(OSSL_NELEM(sm2_curves) >= SM2_NUM);
1628 #endif /* ndef OPENSSL_NO_EC */
1630 prog = opt_init(argc, argv, speed_options);
1631 while ((o = opt_next()) != OPT_EOF) {
1636 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
1639 opt_help(speed_options);
1647 evp_cipher = EVP_get_cipherbyname(opt_arg());
1648 if (evp_cipher == NULL)
1649 evp_md = EVP_get_digestbyname(opt_arg());
1650 if (evp_cipher == NULL && evp_md == NULL) {
1652 "%s: %s is an unknown cipher or digest\n",
1659 evp_hmac_md = EVP_get_digestbyname(opt_arg());
1660 if (evp_hmac_md == NULL) {
1661 BIO_printf(bio_err, "%s: %s is an unknown digest\n",
1665 doit[D_EVP_HMAC] = 1;
1668 #ifndef OPENSSL_NO_CMAC
1669 evp_cmac_cipher = EVP_get_cipherbyname(opt_arg());
1670 if (evp_cmac_cipher == NULL) {
1671 BIO_printf(bio_err, "%s: %s is an unknown cipher\n",
1675 doit[D_EVP_CMAC] = 1;
1683 * In a forked execution, an engine might need to be
1684 * initialised by each child process, not by the parent.
1685 * So store the name here and run setup_engine() later on.
1687 engine_id = opt_arg();
1691 multi = atoi(opt_arg());
1695 #ifndef OPENSSL_NO_ASYNC
1696 async_jobs = atoi(opt_arg());
1697 if (!ASYNC_is_capable()) {
1699 "%s: async_jobs specified but async not supported\n",
1703 if (async_jobs > 99999) {
1704 BIO_printf(bio_err, "%s: too many async_jobs\n", prog);
1710 if (!opt_int(opt_arg(), &misalign))
1712 if (misalign > MISALIGN) {
1714 "%s: Maximum offset is %d\n", prog, MISALIGN);
1723 #ifdef OPENSSL_NO_MULTIBLOCK
1725 "%s: -mb specified but multi-block support is disabled\n",
1735 if (!opt_int(opt_arg(), &primes))
1739 seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa
1740 = seconds.ecdh = seconds.eddsa
1741 = seconds.sm2 = atoi(opt_arg());
1744 lengths_single = atoi(opt_arg());
1745 lengths = &lengths_single;
1753 argc = opt_num_rest();
1756 /* Remaining arguments are algorithms. */
1757 for (; *argv; argv++) {
1758 const char *algo = *argv;
1760 if (found(algo, doit_choices, &i)) {
1764 #ifndef OPENSSL_NO_DES
1765 if (strcmp(algo, "des") == 0) {
1766 doit[D_CBC_DES] = doit[D_EDE3_DES] = 1;
1770 if (strcmp(algo, "sha") == 0) {
1771 doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1;
1774 #ifndef OPENSSL_NO_RSA
1775 if (strcmp(algo, "openssl") == 0) /* just for compatibility */
1777 if (strncmp(algo, "rsa", 3) == 0) {
1778 if (algo[3] == '\0') {
1779 memset(rsa_doit, 1, sizeof(rsa_doit));
1782 if (found(algo, rsa_choices, &i)) {
1788 #ifndef OPENSSL_NO_DSA
1789 if (strncmp(algo, "dsa", 3) == 0) {
1790 if (algo[3] == '\0') {
1791 memset(dsa_doit, 1, sizeof(dsa_doit));
1794 if (found(algo, dsa_choices, &i)) {
1800 if (strcmp(algo, "aes") == 0) {
1801 doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1;
1804 #ifndef OPENSSL_NO_CAMELLIA
1805 if (strcmp(algo, "camellia") == 0) {
1806 doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1;
1810 #ifndef OPENSSL_NO_EC
1811 if (strncmp(algo, "ecdsa", 5) == 0) {
1812 if (algo[5] == '\0') {
1813 memset(ecdsa_doit, 1, sizeof(ecdsa_doit));
1816 if (found(algo, ecdsa_choices, &i)) {
1821 if (strncmp(algo, "ecdh", 4) == 0) {
1822 if (algo[4] == '\0') {
1823 memset(ecdh_doit, 1, sizeof(ecdh_doit));
1826 if (found(algo, ecdh_choices, &i)) {
1831 if (strncmp(algo, "ed", 2) == 0) {
1832 if (strcmp(algo, "eddsa") == 0) {
1833 memset(eddsa_doit, 1, sizeof(eddsa_doit));
1836 if (found(algo, eddsa_choices, &i)) {
1841 # ifndef OPENSSL_NO_SM2
1842 if (strcmp(algo, "sm2") == 0) {
1843 memset(sm2_doit, 1, sizeof(sm2_doit));
1846 if (found(algo, sm2_choices, &i)) {
1852 BIO_printf(bio_err, "%s: Unknown algorithm %s\n", prog, algo);
1858 if (evp_cipher == NULL) {
1859 BIO_printf(bio_err, "-aead can be used only with an AEAD cipher\n");
1861 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1862 EVP_CIPH_FLAG_AEAD_CIPHER)) {
1863 BIO_printf(bio_err, "%s is not an AEAD cipher\n",
1864 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1869 if (evp_cipher == NULL) {
1870 BIO_printf(bio_err,"-mb can be used only with a multi-block"
1871 " capable cipher\n");
1873 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1874 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
1875 BIO_printf(bio_err, "%s is not a multi-block capable\n",
1876 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1878 } else if (async_jobs > 0) {
1879 BIO_printf(bio_err, "Async mode is not supported with -mb");
1884 /* Initialize the job pool if async mode is enabled */
1885 if (async_jobs > 0) {
1886 async_init = ASYNC_init_thread(async_jobs, async_jobs);
1888 BIO_printf(bio_err, "Error creating the ASYNC job pool\n");
1893 loopargs_len = (async_jobs == 0 ? 1 : async_jobs);
1895 app_malloc(loopargs_len * sizeof(loopargs_t), "array of loopargs");
1896 memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));
1898 for (i = 0; i < loopargs_len; i++) {
1899 if (async_jobs > 0) {
1900 loopargs[i].wait_ctx = ASYNC_WAIT_CTX_new();
1901 if (loopargs[i].wait_ctx == NULL) {
1902 BIO_printf(bio_err, "Error creating the ASYNC_WAIT_CTX\n");
1907 buflen = lengths[size_num - 1];
1908 if (buflen < 36) /* size of random vector in RSA benchmark */
1910 buflen += MAX_MISALIGNMENT + 1;
1911 loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
1912 loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");
1913 memset(loopargs[i].buf_malloc, 0, buflen);
1914 memset(loopargs[i].buf2_malloc, 0, buflen);
1916 /* Align the start of buffers on a 64 byte boundary */
1917 loopargs[i].buf = loopargs[i].buf_malloc + misalign;
1918 loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;
1919 #ifndef OPENSSL_NO_EC
1920 loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a");
1921 loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b");
1926 if (multi && do_multi(multi, size_num))
1930 /* Initialize the engine after the fork */
1931 e = setup_engine(engine_id, 0);
1933 /* No parameters; turn on everything. */
1934 if (argc == 0 && !doit[D_EVP] && !doit[D_EVP_HMAC] && !doit[D_EVP_CMAC]) {
1935 memset(doit, 1, sizeof(doit));
1936 doit[D_EVP] = doit[D_EVP_HMAC] = doit[D_EVP_CMAC] = 0;
1937 #ifndef OPENSSL_NO_RSA
1938 memset(rsa_doit, 1, sizeof(rsa_doit));
1940 #ifndef OPENSSL_NO_DSA
1941 memset(dsa_doit, 1, sizeof(dsa_doit));
1943 #ifndef OPENSSL_NO_EC
1944 memset(ecdsa_doit, 1, sizeof(ecdsa_doit));
1945 memset(ecdh_doit, 1, sizeof(ecdh_doit));
1946 memset(eddsa_doit, 1, sizeof(eddsa_doit));
1947 # ifndef OPENSSL_NO_SM2
1948 memset(sm2_doit, 1, sizeof(sm2_doit));
1952 for (i = 0; i < ALGOR_NUM; i++)
1956 if (usertime == 0 && !mr)
1958 "You have chosen to measure elapsed time "
1959 "instead of user CPU time.\n");
1961 #ifndef OPENSSL_NO_RSA
1962 for (i = 0; i < loopargs_len; i++) {
1963 if (primes > RSA_DEFAULT_PRIME_NUM) {
1964 /* for multi-prime RSA, skip this */
1967 for (k = 0; k < RSA_NUM; k++) {
1968 const unsigned char *p = rsa_keys[k].data;
1970 loopargs[i].rsa_key[k] =
1971 d2i_RSAPrivateKey(NULL, &p, rsa_keys[k].length);
1972 if (loopargs[i].rsa_key[k] == NULL) {
1974 "internal error loading RSA key number %d\n", k);
1980 #ifndef OPENSSL_NO_DSA
1981 for (i = 0; i < loopargs_len; i++) {
1982 loopargs[i].dsa_key[0] = get_dsa(512);
1983 loopargs[i].dsa_key[1] = get_dsa(1024);
1984 loopargs[i].dsa_key[2] = get_dsa(2048);
1987 #ifndef OPENSSL_NO_DES
1988 if (doit[D_CBC_DES] || doit[D_EDE3_DES]) {
1989 static DES_cblock keys[] = {
1990 { 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0 }, /* keys[0] */
1991 { 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12 }, /* keys[1] */
1992 { 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34 } /* keys[3] */
1994 DES_set_key_unchecked(&keys[0], &sch[0]);
1995 DES_set_key_unchecked(&keys[1], &sch[1]);
1996 DES_set_key_unchecked(&keys[2], &sch[2]);
1999 AES_set_encrypt_key(key16, 128, &aes_ks1);
2000 AES_set_encrypt_key(key24, 192, &aes_ks2);
2001 AES_set_encrypt_key(key32, 256, &aes_ks3);
2002 #ifndef OPENSSL_NO_CAMELLIA
2003 if (doit[D_CBC_128_CML] || doit[D_CBC_192_CML] || doit[D_CBC_256_CML]) {
2004 Camellia_set_key(key16, 128, &camellia_ks[0]);
2005 Camellia_set_key(key24, 192, &camellia_ks[1]);
2006 Camellia_set_key(key32, 256, &camellia_ks[2]);
2009 #ifndef OPENSSL_NO_IDEA
2010 if (doit[D_CBC_IDEA])
2011 IDEA_set_encrypt_key(key16, &idea_ks);
2013 #ifndef OPENSSL_NO_SEED
2014 if (doit[D_CBC_SEED])
2015 SEED_set_key(key16, &seed_ks);
2017 #ifndef OPENSSL_NO_RC4
2019 RC4_set_key(&rc4_ks, 16, key16);
2021 #ifndef OPENSSL_NO_RC2
2022 if (doit[D_CBC_RC2])
2023 RC2_set_key(&rc2_ks, 16, key16, 128);
2025 #ifndef OPENSSL_NO_RC5
2026 if (doit[D_CBC_RC5])
2027 if (!RC5_32_set_key(&rc5_ks, 16, key16, 12)) {
2028 BIO_printf(bio_err, "Failed setting RC5 key\n");
2032 #ifndef OPENSSL_NO_BF
2034 BF_set_key(&bf_ks, 16, key16);
2036 #ifndef OPENSSL_NO_CAST
2037 if (doit[D_CBC_CAST])
2038 CAST_set_key(&cast_ks, 16, key16);
2041 # ifndef OPENSSL_NO_DES
2042 BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
2048 for (it = count; it; it--)
2049 DES_ecb_encrypt((DES_cblock *)loopargs[0].buf,
2050 (DES_cblock *)loopargs[0].buf, &sch, DES_ENCRYPT);
2053 c[D_MD2][0] = count / 10;
2054 c[D_MDC2][0] = count / 10;
2055 c[D_MD4][0] = count;
2056 c[D_MD5][0] = count;
2057 c[D_HMAC][0] = count;
2058 c[D_SHA1][0] = count;
2059 c[D_RMD160][0] = count;
2060 c[D_RC4][0] = count * 5;
2061 c[D_CBC_DES][0] = count;
2062 c[D_EDE3_DES][0] = count / 3;
2063 c[D_CBC_IDEA][0] = count;
2064 c[D_CBC_SEED][0] = count;
2065 c[D_CBC_RC2][0] = count;
2066 c[D_CBC_RC5][0] = count;
2067 c[D_CBC_BF][0] = count;
2068 c[D_CBC_CAST][0] = count;
2069 c[D_CBC_128_AES][0] = count;
2070 c[D_CBC_192_AES][0] = count;
2071 c[D_CBC_256_AES][0] = count;
2072 c[D_CBC_128_CML][0] = count;
2073 c[D_CBC_192_CML][0] = count;
2074 c[D_CBC_256_CML][0] = count;
2075 c[D_EVP][0] = count;
2076 c[D_SHA256][0] = count;
2077 c[D_SHA512][0] = count;
2078 c[D_WHIRLPOOL][0] = count;
2079 c[D_IGE_128_AES][0] = count;
2080 c[D_IGE_192_AES][0] = count;
2081 c[D_IGE_256_AES][0] = count;
2082 c[D_GHASH][0] = count;
2083 c[D_RAND][0] = count;
2084 c[D_EVP_HMAC][0] = count;
2085 c[D_EVP_CMAC][0] = count;
2087 for (i = 1; i < size_num; i++) {
2088 long l0 = (long)lengths[0];
2089 long l1 = (long)lengths[i];
2091 c[D_MD2][i] = c[D_MD2][0] * 4 * l0 / l1;
2092 c[D_MDC2][i] = c[D_MDC2][0] * 4 * l0 / l1;
2093 c[D_MD4][i] = c[D_MD4][0] * 4 * l0 / l1;
2094 c[D_MD5][i] = c[D_MD5][0] * 4 * l0 / l1;
2095 c[D_HMAC][i] = c[D_HMAC][0] * 4 * l0 / l1;
2096 c[D_SHA1][i] = c[D_SHA1][0] * 4 * l0 / l1;
2097 c[D_RMD160][i] = c[D_RMD160][0] * 4 * l0 / l1;
2098 c[D_EVP][i] = = c[D_EVP][0] * 4 * l0 / l1;
2099 c[D_SHA256][i] = c[D_SHA256][0] * 4 * l0 / l1;
2100 c[D_SHA512][i] = c[D_SHA512][0] * 4 * l0 / l1;
2101 c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * l0 / l1;
2102 c[D_GHASH][i] = c[D_GHASH][0] * 4 * l0 / l1;
2103 c[D_RAND][i] = c[D_RAND][0] * 4 * l0 / l1;
2104 c[D_EVP_HMAC][i] = = c[D_EVP_HMAC][0] * 4 * l0 / l1;
2105 c[D_EVP_CMAC][i] = = c[D_EVP_CMAC][0] * 4 * l0 / l1;
2107 l0 = (long)lengths[i - 1];
2109 c[D_RC4][i] = c[D_RC4][i - 1] * l0 / l1;
2110 c[D_CBC_DES][i] = c[D_CBC_DES][i - 1] * l0 / l1;
2111 c[D_EDE3_DES][i] = c[D_EDE3_DES][i - 1] * l0 / l1;
2112 c[D_CBC_IDEA][i] = c[D_CBC_IDEA][i - 1] * l0 / l1;
2113 c[D_CBC_SEED][i] = c[D_CBC_SEED][i - 1] * l0 / l1;
2114 c[D_CBC_RC2][i] = c[D_CBC_RC2][i - 1] * l0 / l1;
2115 c[D_CBC_RC5][i] = c[D_CBC_RC5][i - 1] * l0 / l1;
2116 c[D_CBC_BF][i] = c[D_CBC_BF][i - 1] * l0 / l1;
2117 c[D_CBC_CAST][i] = c[D_CBC_CAST][i - 1] * l0 / l1;
2118 c[D_CBC_128_AES][i] = c[D_CBC_128_AES][i - 1] * l0 / l1;
2119 c[D_CBC_192_AES][i] = c[D_CBC_192_AES][i - 1] * l0 / l1;
2120 c[D_CBC_256_AES][i] = c[D_CBC_256_AES][i - 1] * l0 / l1;
2121 c[D_CBC_128_CML][i] = c[D_CBC_128_CML][i - 1] * l0 / l1;
2122 c[D_CBC_192_CML][i] = c[D_CBC_192_CML][i - 1] * l0 / l1;
2123 c[D_CBC_256_CML][i] = c[D_CBC_256_CML][i - 1] * l0 / l1;
2124 c[D_IGE_128_AES][i] = c[D_IGE_128_AES][i - 1] * l0 / l1;
2125 c[D_IGE_192_AES][i] = c[D_IGE_192_AES][i - 1] * l0 / l1;
2126 c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
2129 # ifndef OPENSSL_NO_RSA
2130 rsa_c[R_RSA_512][0] = count / 2000;
2131 rsa_c[R_RSA_512][1] = count / 400;
2132 for (i = 1; i < RSA_NUM; i++) {
2133 rsa_c[i][0] = rsa_c[i - 1][0] / 8;
2134 rsa_c[i][1] = rsa_c[i - 1][1] / 4;
2135 if (rsa_doit[i] <= 1 && rsa_c[i][0] == 0)
2138 if (rsa_c[i][0] == 0) {
2139 rsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2146 # ifndef OPENSSL_NO_DSA
2147 dsa_c[R_DSA_512][0] = count / 1000;
2148 dsa_c[R_DSA_512][1] = count / 1000 / 2;
2149 for (i = 1; i < DSA_NUM; i++) {
2150 dsa_c[i][0] = dsa_c[i - 1][0] / 4;
2151 dsa_c[i][1] = dsa_c[i - 1][1] / 4;
2152 if (dsa_doit[i] <= 1 && dsa_c[i][0] == 0)
2155 if (dsa_c[i][0] == 0) {
2156 dsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2163 # ifndef OPENSSL_NO_EC
2164 ecdsa_c[R_EC_P160][0] = count / 1000;
2165 ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
2166 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2167 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2168 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2169 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2172 if (ecdsa_c[i][0] == 0) {
2178 # ifndef OPENSSL_NO_EC2M
2179 ecdsa_c[R_EC_K163][0] = count / 1000;
2180 ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
2181 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2182 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2183 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2184 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2187 if (ecdsa_c[i][0] == 0) {
2193 ecdsa_c[R_EC_B163][0] = count / 1000;
2194 ecdsa_c[R_EC_B163][1] = count / 1000 / 2;
2195 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2196 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2197 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2198 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2201 if (ecdsa_c[i][0] == 0) {
2209 ecdh_c[R_EC_P160][0] = count / 1000;
2210 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2211 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2212 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2215 if (ecdh_c[i][0] == 0) {
2220 # ifndef OPENSSL_NO_EC2M
2221 ecdh_c[R_EC_K163][0] = count / 1000;
2222 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2223 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2224 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2227 if (ecdh_c[i][0] == 0) {
2232 ecdh_c[R_EC_B163][0] = count / 1000;
2233 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2234 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2235 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2238 if (ecdh_c[i][0] == 0) {
2244 /* repeated code good to factorize */
2245 ecdh_c[R_EC_BRP256R1][0] = count / 1000;
2246 for (i = R_EC_BRP384R1; i <= R_EC_BRP512R1; i += 2) {
2247 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2248 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2251 if (ecdh_c[i][0] == 0) {
2256 ecdh_c[R_EC_BRP256T1][0] = count / 1000;
2257 for (i = R_EC_BRP384T1; i <= R_EC_BRP512T1; i += 2) {
2258 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2259 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2262 if (ecdh_c[i][0] == 0) {
2267 /* default iteration count for the last two EC Curves */
2268 ecdh_c[R_EC_X25519][0] = count / 1800;
2269 ecdh_c[R_EC_X448][0] = count / 7200;
2271 eddsa_c[R_EC_Ed25519][0] = count / 1800;
2272 eddsa_c[R_EC_Ed448][0] = count / 7200;
2274 # ifndef OPENSSL_NO_SM2
2275 sm2_c[R_EC_SM2P256][0] = count / 1800;
2280 /* not worth fixing */
2281 # error "You cannot disable DES on systems without SIGALRM."
2282 # endif /* OPENSSL_NO_DES */
2284 signal(SIGALRM, alarmed);
2285 #endif /* SIGALRM */
2287 #ifndef OPENSSL_NO_MD2
2289 for (testnum = 0; testnum < size_num; testnum++) {
2290 print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum],
2293 count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs);
2295 print_result(D_MD2, testnum, count, d);
2299 #ifndef OPENSSL_NO_MDC2
2301 for (testnum = 0; testnum < size_num; testnum++) {
2302 print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum],
2305 count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs);
2307 print_result(D_MDC2, testnum, count, d);
2314 #ifndef OPENSSL_NO_MD4
2316 for (testnum = 0; testnum < size_num; testnum++) {
2317 print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum],
2320 count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs);
2322 print_result(D_MD4, testnum, count, d);
2329 #ifndef OPENSSL_NO_MD5
2331 for (testnum = 0; testnum < size_num; testnum++) {
2332 print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum],
2335 count = run_benchmark(async_jobs, MD5_loop, loopargs);
2337 print_result(D_MD5, testnum, count, d);
2342 static const char hmac_key[] = "This is a key...";
2343 int len = strlen(hmac_key);
2345 for (i = 0; i < loopargs_len; i++) {
2346 loopargs[i].hctx = HMAC_CTX_new();
2347 if (loopargs[i].hctx == NULL) {
2348 BIO_printf(bio_err, "HMAC malloc failure, exiting...");
2352 HMAC_Init_ex(loopargs[i].hctx, hmac_key, len, EVP_md5(), NULL);
2354 for (testnum = 0; testnum < size_num; testnum++) {
2355 print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum],
2358 count = run_benchmark(async_jobs, HMAC_loop, loopargs);
2360 print_result(D_HMAC, testnum, count, d);
2362 for (i = 0; i < loopargs_len; i++)
2363 HMAC_CTX_free(loopargs[i].hctx);
2367 for (testnum = 0; testnum < size_num; testnum++) {
2368 print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum],
2371 count = run_benchmark(async_jobs, SHA1_loop, loopargs);
2373 print_result(D_SHA1, testnum, count, d);
2376 if (doit[D_SHA256]) {
2377 for (testnum = 0; testnum < size_num; testnum++) {
2378 print_message(names[D_SHA256], c[D_SHA256][testnum],
2379 lengths[testnum], seconds.sym);
2381 count = run_benchmark(async_jobs, SHA256_loop, loopargs);
2383 print_result(D_SHA256, testnum, count, d);
2386 if (doit[D_SHA512]) {
2387 for (testnum = 0; testnum < size_num; testnum++) {
2388 print_message(names[D_SHA512], c[D_SHA512][testnum],
2389 lengths[testnum], seconds.sym);
2391 count = run_benchmark(async_jobs, SHA512_loop, loopargs);
2393 print_result(D_SHA512, testnum, count, d);
2396 #ifndef OPENSSL_NO_WHIRLPOOL
2397 if (doit[D_WHIRLPOOL]) {
2398 for (testnum = 0; testnum < size_num; testnum++) {
2399 print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][testnum],
2400 lengths[testnum], seconds.sym);
2402 count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs);
2404 print_result(D_WHIRLPOOL, testnum, count, d);
2409 #ifndef OPENSSL_NO_RMD160
2410 if (doit[D_RMD160]) {
2411 for (testnum = 0; testnum < size_num; testnum++) {
2412 print_message(names[D_RMD160], c[D_RMD160][testnum],
2413 lengths[testnum], seconds.sym);
2415 count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs);
2417 print_result(D_RMD160, testnum, count, d);
2423 #ifndef OPENSSL_NO_RC4
2425 for (testnum = 0; testnum < size_num; testnum++) {
2426 print_message(names[D_RC4], c[D_RC4][testnum], lengths[testnum],
2429 count = run_benchmark(async_jobs, RC4_loop, loopargs);
2431 print_result(D_RC4, testnum, count, d);
2435 #ifndef OPENSSL_NO_DES
2436 if (doit[D_CBC_DES]) {
2437 for (testnum = 0; testnum < size_num; testnum++) {
2438 print_message(names[D_CBC_DES], c[D_CBC_DES][testnum],
2439 lengths[testnum], seconds.sym);
2441 count = run_benchmark(async_jobs, DES_ncbc_encrypt_loop, loopargs);
2443 print_result(D_CBC_DES, testnum, count, d);
2447 if (doit[D_EDE3_DES]) {
2448 for (testnum = 0; testnum < size_num; testnum++) {
2449 print_message(names[D_EDE3_DES], c[D_EDE3_DES][testnum],
2450 lengths[testnum], seconds.sym);
2453 run_benchmark(async_jobs, DES_ede3_cbc_encrypt_loop, loopargs);
2455 print_result(D_EDE3_DES, testnum, count, d);
2460 if (doit[D_CBC_128_AES]) {
2461 for (testnum = 0; testnum < size_num; testnum++) {
2462 print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][testnum],
2463 lengths[testnum], seconds.sym);
2466 run_benchmark(async_jobs, AES_cbc_128_encrypt_loop, loopargs);
2468 print_result(D_CBC_128_AES, testnum, count, d);
2471 if (doit[D_CBC_192_AES]) {
2472 for (testnum = 0; testnum < size_num; testnum++) {
2473 print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][testnum],
2474 lengths[testnum], seconds.sym);
2477 run_benchmark(async_jobs, AES_cbc_192_encrypt_loop, loopargs);
2479 print_result(D_CBC_192_AES, testnum, count, d);
2482 if (doit[D_CBC_256_AES]) {
2483 for (testnum = 0; testnum < size_num; testnum++) {
2484 print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][testnum],
2485 lengths[testnum], seconds.sym);
2488 run_benchmark(async_jobs, AES_cbc_256_encrypt_loop, loopargs);
2490 print_result(D_CBC_256_AES, testnum, count, d);
2494 #ifndef OPENSSL_NO_DEPRECATED_3_0
2495 if (doit[D_IGE_128_AES]) {
2496 for (testnum = 0; testnum < size_num; testnum++) {
2497 print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][testnum],
2498 lengths[testnum], seconds.sym);
2501 run_benchmark(async_jobs, AES_ige_128_encrypt_loop, loopargs);
2503 print_result(D_IGE_128_AES, testnum, count, d);
2506 if (doit[D_IGE_192_AES]) {
2507 for (testnum = 0; testnum < size_num; testnum++) {
2508 print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][testnum],
2509 lengths[testnum], seconds.sym);
2512 run_benchmark(async_jobs, AES_ige_192_encrypt_loop, loopargs);
2514 print_result(D_IGE_192_AES, testnum, count, d);
2517 if (doit[D_IGE_256_AES]) {
2518 for (testnum = 0; testnum < size_num; testnum++) {
2519 print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][testnum],
2520 lengths[testnum], seconds.sym);
2523 run_benchmark(async_jobs, AES_ige_256_encrypt_loop, loopargs);
2525 print_result(D_IGE_256_AES, testnum, count, d);
2529 if (doit[D_GHASH]) {
2530 for (i = 0; i < loopargs_len; i++) {
2531 loopargs[i].gcm_ctx =
2532 CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
2533 CRYPTO_gcm128_setiv(loopargs[i].gcm_ctx,
2534 (unsigned char *)"0123456789ab", 12);
2537 for (testnum = 0; testnum < size_num; testnum++) {
2538 print_message(names[D_GHASH], c[D_GHASH][testnum],
2539 lengths[testnum], seconds.sym);
2541 count = run_benchmark(async_jobs, CRYPTO_gcm128_aad_loop, loopargs);
2543 print_result(D_GHASH, testnum, count, d);
2545 for (i = 0; i < loopargs_len; i++)
2546 CRYPTO_gcm128_release(loopargs[i].gcm_ctx);
2548 #ifndef OPENSSL_NO_CAMELLIA
2549 if (doit[D_CBC_128_CML]) {
2550 if (async_jobs > 0) {
2551 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2552 names[D_CBC_128_CML]);
2553 doit[D_CBC_128_CML] = 0;
2555 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2556 print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][testnum],
2557 lengths[testnum], seconds.sym);
2559 for (count = 0, run = 1; COND(c[D_CBC_128_CML][testnum]); count++)
2560 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2561 (size_t)lengths[testnum], &camellia_ks[0],
2562 iv, CAMELLIA_ENCRYPT);
2564 print_result(D_CBC_128_CML, testnum, count, d);
2567 if (doit[D_CBC_192_CML]) {
2568 if (async_jobs > 0) {
2569 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2570 names[D_CBC_192_CML]);
2571 doit[D_CBC_192_CML] = 0;
2573 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2574 print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][testnum],
2575 lengths[testnum], seconds.sym);
2576 if (async_jobs > 0) {
2577 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2581 for (count = 0, run = 1; COND(c[D_CBC_192_CML][testnum]); count++)
2582 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2583 (size_t)lengths[testnum], &camellia_ks[1],
2584 iv, CAMELLIA_ENCRYPT);
2586 print_result(D_CBC_192_CML, testnum, count, d);
2589 if (doit[D_CBC_256_CML]) {
2590 if (async_jobs > 0) {
2591 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2592 names[D_CBC_256_CML]);
2593 doit[D_CBC_256_CML] = 0;
2595 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2596 print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][testnum],
2597 lengths[testnum], seconds.sym);
2599 for (count = 0, run = 1; COND(c[D_CBC_256_CML][testnum]); count++)
2600 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2601 (size_t)lengths[testnum], &camellia_ks[2],
2602 iv, CAMELLIA_ENCRYPT);
2604 print_result(D_CBC_256_CML, testnum, count, d);
2608 #ifndef OPENSSL_NO_IDEA
2609 if (doit[D_CBC_IDEA]) {
2610 if (async_jobs > 0) {
2611 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2613 doit[D_CBC_IDEA] = 0;
2615 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2616 print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][testnum],
2617 lengths[testnum], seconds.sym);
2619 for (count = 0, run = 1; COND(c[D_CBC_IDEA][testnum]); count++)
2620 IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2621 (size_t)lengths[testnum], &idea_ks,
2624 print_result(D_CBC_IDEA, testnum, count, d);
2628 #ifndef OPENSSL_NO_SEED
2629 if (doit[D_CBC_SEED]) {
2630 if (async_jobs > 0) {
2631 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2633 doit[D_CBC_SEED] = 0;
2635 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2636 print_message(names[D_CBC_SEED], c[D_CBC_SEED][testnum],
2637 lengths[testnum], seconds.sym);
2639 for (count = 0, run = 1; COND(c[D_CBC_SEED][testnum]); count++)
2640 SEED_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2641 (size_t)lengths[testnum], &seed_ks, iv, 1);
2643 print_result(D_CBC_SEED, testnum, count, d);
2647 #ifndef OPENSSL_NO_RC2
2648 if (doit[D_CBC_RC2]) {
2649 if (async_jobs > 0) {
2650 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2652 doit[D_CBC_RC2] = 0;
2654 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2655 print_message(names[D_CBC_RC2], c[D_CBC_RC2][testnum],
2656 lengths[testnum], seconds.sym);
2657 if (async_jobs > 0) {
2658 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2662 for (count = 0, run = 1; COND(c[D_CBC_RC2][testnum]); count++)
2663 RC2_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2664 (size_t)lengths[testnum], &rc2_ks,
2667 print_result(D_CBC_RC2, testnum, count, d);
2671 #ifndef OPENSSL_NO_RC5
2672 if (doit[D_CBC_RC5]) {
2673 if (async_jobs > 0) {
2674 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2676 doit[D_CBC_RC5] = 0;
2678 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2679 print_message(names[D_CBC_RC5], c[D_CBC_RC5][testnum],
2680 lengths[testnum], seconds.sym);
2681 if (async_jobs > 0) {
2682 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2686 for (count = 0, run = 1; COND(c[D_CBC_RC5][testnum]); count++)
2687 RC5_32_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2688 (size_t)lengths[testnum], &rc5_ks,
2691 print_result(D_CBC_RC5, testnum, count, d);
2695 #ifndef OPENSSL_NO_BF
2696 if (doit[D_CBC_BF]) {
2697 if (async_jobs > 0) {
2698 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2702 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2703 print_message(names[D_CBC_BF], c[D_CBC_BF][testnum],
2704 lengths[testnum], seconds.sym);
2706 for (count = 0, run = 1; COND(c[D_CBC_BF][testnum]); count++)
2707 BF_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2708 (size_t)lengths[testnum], &bf_ks,
2711 print_result(D_CBC_BF, testnum, count, d);
2715 #ifndef OPENSSL_NO_CAST
2716 if (doit[D_CBC_CAST]) {
2717 if (async_jobs > 0) {
2718 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2720 doit[D_CBC_CAST] = 0;
2722 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2723 print_message(names[D_CBC_CAST], c[D_CBC_CAST][testnum],
2724 lengths[testnum], seconds.sym);
2726 for (count = 0, run = 1; COND(c[D_CBC_CAST][testnum]); count++)
2727 CAST_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2728 (size_t)lengths[testnum], &cast_ks,
2731 print_result(D_CBC_CAST, testnum, count, d);
2736 for (testnum = 0; testnum < size_num; testnum++) {
2737 print_message(names[D_RAND], c[D_RAND][testnum], lengths[testnum],
2740 count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs);
2742 print_result(D_RAND, testnum, count, d);
2747 if (evp_cipher != NULL) {
2748 int (*loopfunc) (void *) = EVP_Update_loop;
2750 if (multiblock && (EVP_CIPHER_flags(evp_cipher) &
2751 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
2752 multiblock_speed(evp_cipher, lengths_single, &seconds);
2757 names[D_EVP] = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
2759 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_CCM_MODE) {
2760 loopfunc = EVP_Update_loop_ccm;
2761 } else if (aead && (EVP_CIPHER_flags(evp_cipher) &
2762 EVP_CIPH_FLAG_AEAD_CIPHER)) {
2763 loopfunc = EVP_Update_loop_aead;
2764 if (lengths == lengths_list) {
2765 lengths = aead_lengths_list;
2766 size_num = OSSL_NELEM(aead_lengths_list);
2770 for (testnum = 0; testnum < size_num; testnum++) {
2771 print_message(names[D_EVP], c[D_EVP][testnum], lengths[testnum],
2774 for (k = 0; k < loopargs_len; k++) {
2775 loopargs[k].ctx = EVP_CIPHER_CTX_new();
2776 if (loopargs[k].ctx == NULL) {
2777 BIO_printf(bio_err, "\nEVP_CIPHER_CTX_new failure\n");
2780 if (!EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL,
2781 NULL, iv, decrypt ? 0 : 1)) {
2782 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2783 ERR_print_errors(bio_err);
2787 EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
2789 keylen = EVP_CIPHER_CTX_key_length(loopargs[k].ctx);
2790 loopargs[k].key = app_malloc(keylen, "evp_cipher key");
2791 EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key);
2792 if (!EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
2793 loopargs[k].key, NULL, -1)) {
2794 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2795 ERR_print_errors(bio_err);
2798 OPENSSL_clear_free(loopargs[k].key, keylen);
2800 /* SIV mode only allows for a single Update operation */
2801 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_SIV_MODE)
2802 EVP_CIPHER_CTX_ctrl(loopargs[k].ctx, EVP_CTRL_SET_SPEED, 1, NULL);
2806 count = run_benchmark(async_jobs, loopfunc, loopargs);
2808 for (k = 0; k < loopargs_len; k++) {
2809 EVP_CIPHER_CTX_free(loopargs[k].ctx);
2811 print_result(D_EVP, testnum, count, d);
2813 } else if (evp_md != NULL) {
2814 names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md));
2816 for (testnum = 0; testnum < size_num; testnum++) {
2817 print_message(names[D_EVP], c[D_EVP][testnum], lengths[testnum],
2820 count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs);
2822 print_result(D_EVP, testnum, count, d);
2827 if (doit[D_EVP_HMAC] && evp_hmac_md != NULL) {
2828 const char *md_name = OBJ_nid2ln(EVP_MD_type(evp_hmac_md));
2829 evp_hmac_name = app_malloc(sizeof("HMAC()") + strlen(md_name),
2831 sprintf(evp_hmac_name, "HMAC(%s)", md_name);
2832 names[D_EVP_HMAC] = evp_hmac_name;
2834 for (testnum = 0; testnum < size_num; testnum++) {
2835 print_message(names[D_EVP_HMAC], c[D_EVP_HMAC][testnum], lengths[testnum],
2838 count = run_benchmark(async_jobs, EVP_HMAC_loop, loopargs);
2840 print_result(D_EVP_HMAC, testnum, count, d);
2844 #ifndef OPENSSL_NO_CMAC
2845 if (doit[D_EVP_CMAC] && evp_cmac_cipher != NULL) {
2846 const char *cipher_name = OBJ_nid2ln(EVP_CIPHER_type(evp_cmac_cipher));
2848 evp_cmac_name = app_malloc(sizeof("CMAC()") + strlen(cipher_name),
2850 sprintf(evp_cmac_name, "CMAC(%s)", cipher_name);
2851 names[D_EVP_CMAC] = evp_cmac_name;
2853 for (i = 0; i < loopargs_len; i++) {
2854 loopargs[i].cmac_ctx = CMAC_CTX_new();
2855 if (loopargs[i].cmac_ctx == NULL) {
2856 BIO_printf(bio_err, "CMAC malloc failure, exiting...");
2860 for (testnum = 0; testnum < size_num; testnum++) {
2861 print_message(names[D_EVP_CMAC], c[D_EVP_CMAC][testnum], lengths[testnum],
2864 count = run_benchmark(async_jobs, EVP_CMAC_loop, loopargs);
2866 print_result(D_EVP_CMAC, testnum, count, d);
2868 for (i = 0; i < loopargs_len; i++)
2869 CMAC_CTX_free(loopargs[i].cmac_ctx);
2873 for (i = 0; i < loopargs_len; i++)
2874 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2877 #ifndef OPENSSL_NO_RSA
2878 for (testnum = 0; testnum < RSA_NUM; testnum++) {
2880 if (!rsa_doit[testnum])
2882 for (i = 0; i < loopargs_len; i++) {
2884 /* we haven't set keys yet, generate multi-prime RSA keys */
2885 BIGNUM *bn = BN_new();
2889 if (!BN_set_word(bn, RSA_F4)) {
2894 BIO_printf(bio_err, "Generate multi-prime RSA key for %s\n",
2895 rsa_choices[testnum].name);
2897 loopargs[i].rsa_key[testnum] = RSA_new();
2898 if (loopargs[i].rsa_key[testnum] == NULL) {
2903 if (!RSA_generate_multi_prime_key(loopargs[i].rsa_key[testnum],
2904 rsa_keys[testnum].bits,
2905 primes, bn, NULL)) {
2911 st = RSA_sign(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2912 &loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2918 "RSA sign failure. No RSA sign will be done.\n");
2919 ERR_print_errors(bio_err);
2922 pkey_print_message("private", "rsa",
2923 rsa_c[testnum][0], rsa_keys[testnum].bits,
2925 /* RSA_blinding_on(rsa_key[testnum],NULL); */
2927 count = run_benchmark(async_jobs, RSA_sign_loop, loopargs);
2930 mr ? "+R1:%ld:%d:%.2f\n"
2931 : "%ld %u bits private RSA's in %.2fs\n",
2932 count, rsa_keys[testnum].bits, d);
2933 rsa_results[testnum][0] = (double)count / d;
2937 for (i = 0; i < loopargs_len; i++) {
2938 st = RSA_verify(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2939 loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2945 "RSA verify failure. No RSA verify will be done.\n");
2946 ERR_print_errors(bio_err);
2947 rsa_doit[testnum] = 0;
2949 pkey_print_message("public", "rsa",
2950 rsa_c[testnum][1], rsa_keys[testnum].bits,
2953 count = run_benchmark(async_jobs, RSA_verify_loop, loopargs);
2956 mr ? "+R2:%ld:%d:%.2f\n"
2957 : "%ld %u bits public RSA's in %.2fs\n",
2958 count, rsa_keys[testnum].bits, d);
2959 rsa_results[testnum][1] = (double)count / d;
2962 if (rsa_count <= 1) {
2963 /* if longer than 10s, don't do any more */
2964 stop_it(rsa_doit, testnum);
2967 #endif /* OPENSSL_NO_RSA */
2969 for (i = 0; i < loopargs_len; i++)
2970 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2973 #ifndef OPENSSL_NO_DSA
2974 for (testnum = 0; testnum < DSA_NUM; testnum++) {
2976 if (!dsa_doit[testnum])
2979 /* DSA_generate_key(dsa_key[testnum]); */
2980 /* DSA_sign_setup(dsa_key[testnum],NULL); */
2981 for (i = 0; i < loopargs_len; i++) {
2982 st = DSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
2983 &loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2989 "DSA sign failure. No DSA sign will be done.\n");
2990 ERR_print_errors(bio_err);
2993 pkey_print_message("sign", "dsa",
2994 dsa_c[testnum][0], dsa_bits[testnum],
2997 count = run_benchmark(async_jobs, DSA_sign_loop, loopargs);
3000 mr ? "+R3:%ld:%u:%.2f\n"
3001 : "%ld %u bits DSA signs in %.2fs\n",
3002 count, dsa_bits[testnum], d);
3003 dsa_results[testnum][0] = (double)count / d;
3007 for (i = 0; i < loopargs_len; i++) {
3008 st = DSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
3009 loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
3015 "DSA verify failure. No DSA verify will be done.\n");
3016 ERR_print_errors(bio_err);
3017 dsa_doit[testnum] = 0;
3019 pkey_print_message("verify", "dsa",
3020 dsa_c[testnum][1], dsa_bits[testnum],
3023 count = run_benchmark(async_jobs, DSA_verify_loop, loopargs);
3026 mr ? "+R4:%ld:%u:%.2f\n"
3027 : "%ld %u bits DSA verify in %.2fs\n",
3028 count, dsa_bits[testnum], d);
3029 dsa_results[testnum][1] = (double)count / d;
3032 if (rsa_count <= 1) {
3033 /* if longer than 10s, don't do any more */
3034 stop_it(dsa_doit, testnum);
3037 #endif /* OPENSSL_NO_DSA */
3039 #ifndef OPENSSL_NO_EC
3040 for (testnum = 0; testnum < ECDSA_NUM; testnum++) {
3043 if (!ecdsa_doit[testnum])
3044 continue; /* Ignore Curve */
3045 for (i = 0; i < loopargs_len; i++) {
3046 loopargs[i].ecdsa[testnum] =
3047 EC_KEY_new_by_curve_name(ec_curves[testnum].nid);
3048 if (loopargs[i].ecdsa[testnum] == NULL) {
3054 BIO_printf(bio_err, "ECDSA failure.\n");
3055 ERR_print_errors(bio_err);
3058 for (i = 0; i < loopargs_len; i++) {
3059 EC_KEY_precompute_mult(loopargs[i].ecdsa[testnum], NULL);
3060 /* Perform ECDSA signature test */
3061 EC_KEY_generate_key(loopargs[i].ecdsa[testnum]);
3062 st = ECDSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
3063 &loopargs[i].siglen,
3064 loopargs[i].ecdsa[testnum]);
3070 "ECDSA sign failure. No ECDSA sign will be done.\n");
3071 ERR_print_errors(bio_err);
3074 pkey_print_message("sign", "ecdsa",
3075 ecdsa_c[testnum][0],
3076 ec_curves[testnum].bits, seconds.ecdsa);
3078 count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs);
3082 mr ? "+R5:%ld:%u:%.2f\n" :
3083 "%ld %u bits ECDSA signs in %.2fs \n",
3084 count, ec_curves[testnum].bits, d);
3085 ecdsa_results[testnum][0] = (double)count / d;
3089 /* Perform ECDSA verification test */
3090 for (i = 0; i < loopargs_len; i++) {
3091 st = ECDSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
3093 loopargs[i].ecdsa[testnum]);
3099 "ECDSA verify failure. No ECDSA verify will be done.\n");
3100 ERR_print_errors(bio_err);
3101 ecdsa_doit[testnum] = 0;
3103 pkey_print_message("verify", "ecdsa",
3104 ecdsa_c[testnum][1],
3105 ec_curves[testnum].bits, seconds.ecdsa);
3107 count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs);
3110 mr ? "+R6:%ld:%u:%.2f\n"
3111 : "%ld %u bits ECDSA verify in %.2fs\n",
3112 count, ec_curves[testnum].bits, d);
3113 ecdsa_results[testnum][1] = (double)count / d;
3116 if (rsa_count <= 1) {
3117 /* if longer than 10s, don't do any more */
3118 stop_it(ecdsa_doit, testnum);
3123 for (testnum = 0; testnum < EC_NUM; testnum++) {
3124 int ecdh_checks = 1;
3126 if (!ecdh_doit[testnum])
3129 for (i = 0; i < loopargs_len; i++) {
3130 EVP_PKEY_CTX *kctx = NULL;
3131 EVP_PKEY_CTX *test_ctx = NULL;
3132 EVP_PKEY_CTX *ctx = NULL;
3133 EVP_PKEY *key_A = NULL;
3134 EVP_PKEY *key_B = NULL;
3138 /* Ensure that the error queue is empty */
3139 if (ERR_peek_error()) {
3141 "WARNING: the error queue contains previous unhandled errors.\n");
3142 ERR_print_errors(bio_err);
3145 /* Let's try to create a ctx directly from the NID: this works for
3146 * curves like Curve25519 that are not implemented through the low
3147 * level EC interface.
3148 * If this fails we try creating a EVP_PKEY_EC generic param ctx,
3149 * then we set the curve by NID before deriving the actual keygen
3150 * ctx for that specific curve. */
3151 kctx = EVP_PKEY_CTX_new_id(ec_curves[testnum].nid, NULL); /* keygen ctx from NID */
3153 EVP_PKEY_CTX *pctx = NULL;
3154 EVP_PKEY *params = NULL;
3156 /* If we reach this code EVP_PKEY_CTX_new_id() failed and a
3157 * "int_ctx_new:unsupported algorithm" error was added to the
3159 * We remove it from the error queue as we are handling it. */
3160 unsigned long error = ERR_peek_error(); /* peek the latest error in the queue */
3161 if (error == ERR_peek_last_error() && /* oldest and latest errors match */
3162 /* check that the error origin matches */
3163 ERR_GET_LIB(error) == ERR_LIB_EVP &&
3164 ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM)
3165 ERR_get_error(); /* pop error from queue */
3166 if (ERR_peek_error()) {
3168 "Unhandled error in the error queue during ECDH init.\n");
3169 ERR_print_errors(bio_err);
3174 /* Create the context for parameter generation */
3175 if (!(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) ||
3176 /* Initialise the parameter generation */
3177 !EVP_PKEY_paramgen_init(pctx) ||
3178 /* Set the curve by NID */
3179 !EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3182 /* Create the parameter object params */
3183 !EVP_PKEY_paramgen(pctx, ¶ms)) {
3185 BIO_printf(bio_err, "ECDH EC params init failure.\n");
3186 ERR_print_errors(bio_err);
3190 /* Create the context for the key generation */
3191 kctx = EVP_PKEY_CTX_new(params, NULL);
3193 EVP_PKEY_free(params);
3195 EVP_PKEY_CTX_free(pctx);
3198 if (kctx == NULL || /* keygen ctx is not null */
3199 EVP_PKEY_keygen_init(kctx) <= 0/* init keygen ctx */ ) {
3201 BIO_printf(bio_err, "ECDH keygen failure.\n");
3202 ERR_print_errors(bio_err);
3207 if (EVP_PKEY_keygen(kctx, &key_A) <= 0 || /* generate secret key A */
3208 EVP_PKEY_keygen(kctx, &key_B) <= 0 || /* generate secret key B */
3209 !(ctx = EVP_PKEY_CTX_new(key_A, NULL)) || /* derivation ctx from skeyA */
3210 EVP_PKEY_derive_init(ctx) <= 0 || /* init derivation ctx */
3211 EVP_PKEY_derive_set_peer(ctx, key_B) <= 0 || /* set peer pubkey in ctx */
3212 EVP_PKEY_derive(ctx, NULL, &outlen) <= 0 || /* determine max length */
3213 outlen == 0 || /* ensure outlen is a valid size */
3214 outlen > MAX_ECDH_SIZE /* avoid buffer overflow */ ) {
3216 BIO_printf(bio_err, "ECDH key generation failure.\n");
3217 ERR_print_errors(bio_err);
3222 /* Here we perform a test run, comparing the output of a*B and b*A;
3223 * we try this here and assume that further EVP_PKEY_derive calls
3224 * never fail, so we can skip checks in the actually benchmarked
3225 * code, for maximum performance. */
3226 if (!(test_ctx = EVP_PKEY_CTX_new(key_B, NULL)) || /* test ctx from skeyB */
3227 !EVP_PKEY_derive_init(test_ctx) || /* init derivation test_ctx */
3228 !EVP_PKEY_derive_set_peer(test_ctx, key_A) || /* set peer pubkey in test_ctx */
3229 !EVP_PKEY_derive(test_ctx, NULL, &test_outlen) || /* determine max length */
3230 !EVP_PKEY_derive(ctx, loopargs[i].secret_a, &outlen) || /* compute a*B */
3231 !EVP_PKEY_derive(test_ctx, loopargs[i].secret_b, &test_outlen) || /* compute b*A */
3232 test_outlen != outlen /* compare output length */ ) {
3234 BIO_printf(bio_err, "ECDH computation failure.\n");
3235 ERR_print_errors(bio_err);
3240 /* Compare the computation results: CRYPTO_memcmp() returns 0 if equal */
3241 if (CRYPTO_memcmp(loopargs[i].secret_a,
3242 loopargs[i].secret_b, outlen)) {
3244 BIO_printf(bio_err, "ECDH computations don't match.\n");
3245 ERR_print_errors(bio_err);
3250 loopargs[i].ecdh_ctx[testnum] = ctx;
3251 loopargs[i].outlen[testnum] = outlen;
3253 EVP_PKEY_free(key_A);
3254 EVP_PKEY_free(key_B);
3255 EVP_PKEY_CTX_free(kctx);
3257 EVP_PKEY_CTX_free(test_ctx);
3260 if (ecdh_checks != 0) {
3261 pkey_print_message("", "ecdh",
3263 ec_curves[testnum].bits, seconds.ecdh);
3266 run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs);
3269 mr ? "+R7:%ld:%d:%.2f\n" :
3270 "%ld %u-bits ECDH ops in %.2fs\n", count,
3271 ec_curves[testnum].bits, d);
3272 ecdh_results[testnum][0] = (double)count / d;
3276 if (rsa_count <= 1) {
3277 /* if longer than 10s, don't do any more */
3278 stop_it(ecdh_doit, testnum);
3282 for (testnum = 0; testnum < EdDSA_NUM; testnum++) {
3284 EVP_PKEY *ed_pkey = NULL;
3285 EVP_PKEY_CTX *ed_pctx = NULL;
3287 if (!eddsa_doit[testnum])
3288 continue; /* Ignore Curve */
3289 for (i = 0; i < loopargs_len; i++) {
3290 loopargs[i].eddsa_ctx[testnum] = EVP_MD_CTX_new();
3291 if (loopargs[i].eddsa_ctx[testnum] == NULL) {
3296 if ((ed_pctx = EVP_PKEY_CTX_new_id(ed_curves[testnum].nid, NULL))
3298 || EVP_PKEY_keygen_init(ed_pctx) <= 0
3299 || EVP_PKEY_keygen(ed_pctx, &ed_pkey) <= 0) {
3301 EVP_PKEY_CTX_free(ed_pctx);
3304 EVP_PKEY_CTX_free(ed_pctx);
3306 if (!EVP_DigestSignInit(loopargs[i].eddsa_ctx[testnum], NULL, NULL,
3309 EVP_PKEY_free(ed_pkey);
3312 EVP_PKEY_free(ed_pkey);
3315 BIO_printf(bio_err, "EdDSA failure.\n");
3316 ERR_print_errors(bio_err);
3319 for (i = 0; i < loopargs_len; i++) {
3320 /* Perform EdDSA signature test */
3321 loopargs[i].sigsize = ed_curves[testnum].sigsize;
3322 st = EVP_DigestSign(loopargs[i].eddsa_ctx[testnum],
3323 loopargs[i].buf2, &loopargs[i].sigsize,
3324 loopargs[i].buf, 20);
3330 "EdDSA sign failure. No EdDSA sign will be done.\n");
3331 ERR_print_errors(bio_err);
3334 pkey_print_message("sign", ed_curves[testnum].name,
3335 eddsa_c[testnum][0],
3336 ed_curves[testnum].bits, seconds.eddsa);
3338 count = run_benchmark(async_jobs, EdDSA_sign_loop, loopargs);
3342 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3343 "%ld %u bits %s signs in %.2fs \n",
3344 count, ed_curves[testnum].bits,
3345 ed_curves[testnum].name, d);
3346 eddsa_results[testnum][0] = (double)count / d;
3350 /* Perform EdDSA verification test */
3351 for (i = 0; i < loopargs_len; i++) {
3352 st = EVP_DigestVerify(loopargs[i].eddsa_ctx[testnum],
3353 loopargs[i].buf2, loopargs[i].sigsize,
3354 loopargs[i].buf, 20);
3360 "EdDSA verify failure. No EdDSA verify will be done.\n");
3361 ERR_print_errors(bio_err);
3362 eddsa_doit[testnum] = 0;
3364 pkey_print_message("verify", ed_curves[testnum].name,
3365 eddsa_c[testnum][1],
3366 ed_curves[testnum].bits, seconds.eddsa);
3368 count = run_benchmark(async_jobs, EdDSA_verify_loop, loopargs);
3371 mr ? "+R9:%ld:%u:%s:%.2f\n"
3372 : "%ld %u bits %s verify in %.2fs\n",
3373 count, ed_curves[testnum].bits,
3374 ed_curves[testnum].name, d);
3375 eddsa_results[testnum][1] = (double)count / d;
3378 if (rsa_count <= 1) {
3379 /* if longer than 10s, don't do any more */
3380 stop_it(eddsa_doit, testnum);
3385 # ifndef OPENSSL_NO_SM2
3386 for (testnum = 0; testnum < SM2_NUM; testnum++) {
3388 EVP_PKEY *sm2_pkey = NULL;
3390 if (!sm2_doit[testnum])
3391 continue; /* Ignore Curve */
3392 /* Init signing and verification */
3393 for (i = 0; i < loopargs_len; i++) {
3394 EVP_PKEY_CTX *sm2_pctx = NULL;
3395 EVP_PKEY_CTX *sm2_vfy_pctx = NULL;
3396 EVP_PKEY_CTX *pctx = NULL;
3399 loopargs[i].sm2_ctx[testnum] = EVP_MD_CTX_new();
3400 loopargs[i].sm2_vfy_ctx[testnum] = EVP_MD_CTX_new();
3401 if (loopargs[i].sm2_ctx[testnum] == NULL
3402 || loopargs[i].sm2_vfy_ctx[testnum] == NULL)
3405 /* SM2 keys are generated as normal EC keys with a special curve */
3406 st = !((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) == NULL
3407 || EVP_PKEY_keygen_init(pctx) <= 0
3408 || EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3409 sm2_curves[testnum].nid) <= 0
3410 || EVP_PKEY_keygen(pctx, &sm2_pkey) <= 0);
3411 EVP_PKEY_CTX_free(pctx);
3415 st = 0; /* set back to zero */
3416 /* attach it sooner to rely on main final cleanup */
3417 loopargs[i].sm2_pkey[testnum] = sm2_pkey;
3418 loopargs[i].sigsize = ECDSA_size(EVP_PKEY_get0_EC_KEY(sm2_pkey));
3419 if (!EVP_PKEY_set_alias_type(sm2_pkey, EVP_PKEY_SM2))
3422 sm2_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3423 sm2_vfy_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3424 if (sm2_pctx == NULL || sm2_vfy_pctx == NULL) {
3425 EVP_PKEY_CTX_free(sm2_vfy_pctx);
3428 /* attach them directly to respective ctx */
3429 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_ctx[testnum], sm2_pctx);
3430 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_vfy_ctx[testnum], sm2_vfy_pctx);
3433 * No need to allow user to set an explicit ID here, just use
3434 * the one defined in the 'draft-yang-tls-tl13-sm-suites' I-D.
3436 if (EVP_PKEY_CTX_set1_id(sm2_pctx, SM2_ID, SM2_ID_LEN) != 1
3437 || EVP_PKEY_CTX_set1_id(sm2_vfy_pctx, SM2_ID, SM2_ID_LEN) != 1)
3440 if (!EVP_DigestSignInit(loopargs[i].sm2_ctx[testnum], NULL,
3441 EVP_sm3(), NULL, sm2_pkey))
3443 if (!EVP_DigestVerifyInit(loopargs[i].sm2_vfy_ctx[testnum], NULL,
3444 EVP_sm3(), NULL, sm2_pkey))
3446 st = 1; /* mark loop as succeeded */
3449 BIO_printf(bio_err, "SM2 init failure.\n");
3450 ERR_print_errors(bio_err);
3453 for (i = 0; i < loopargs_len; i++) {
3454 size_t sm2_sigsize = loopargs[i].sigsize;
3456 /* Perform SM2 signature test */
3457 st = EVP_DigestSign(loopargs[i].sm2_ctx[testnum],
3458 loopargs[i].buf2, &sm2_sigsize,
3459 loopargs[i].buf, 20);
3465 "SM2 sign failure. No SM2 sign will be done.\n");
3466 ERR_print_errors(bio_err);
3469 pkey_print_message("sign", sm2_curves[testnum].name,
3471 sm2_curves[testnum].bits, seconds.sm2);
3473 count = run_benchmark(async_jobs, SM2_sign_loop, loopargs);
3477 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3478 "%ld %u bits %s signs in %.2fs \n",
3479 count, sm2_curves[testnum].bits,
3480 sm2_curves[testnum].name, d);
3481 sm2_results[testnum][0] = (double)count / d;
3485 /* Perform SM2 verification test */
3486 for (i = 0; i < loopargs_len; i++) {
3487 st = EVP_DigestVerify(loopargs[i].sm2_vfy_ctx[testnum],
3488 loopargs[i].buf2, loopargs[i].sigsize,
3489 loopargs[i].buf, 20);
3495 "SM2 verify failure. No SM2 verify will be done.\n");
3496 ERR_print_errors(bio_err);
3497 sm2_doit[testnum] = 0;
3499 pkey_print_message("verify", sm2_curves[testnum].name,
3501 sm2_curves[testnum].bits, seconds.sm2);
3503 count = run_benchmark(async_jobs, SM2_verify_loop, loopargs);
3506 mr ? "+R9:%ld:%u:%s:%.2f\n"
3507 : "%ld %u bits %s verify in %.2fs\n",
3508 count, sm2_curves[testnum].bits,
3509 sm2_curves[testnum].name, d);
3510 sm2_results[testnum][1] = (double)count / d;
3513 if (rsa_count <= 1) {
3514 /* if longer than 10s, don't do any more */
3515 for (testnum++; testnum < SM2_NUM; testnum++)
3516 sm2_doit[testnum] = 0;
3520 # endif /* OPENSSL_NO_SM2 */
3522 #endif /* OPENSSL_NO_EC */
3527 printf("version: %s\n", OpenSSL_version(OPENSSL_FULL_VERSION_STRING));
3528 printf("built on: %s\n", OpenSSL_version(OPENSSL_BUILT_ON));
3530 printf("%s ", BN_options());
3531 #ifndef OPENSSL_NO_MD2
3532 printf("%s ", MD2_options());
3534 #ifndef OPENSSL_NO_RC4
3535 printf("%s ", RC4_options());
3537 #ifndef OPENSSL_NO_DES
3538 printf("%s ", DES_options());
3540 printf("%s ", AES_options());
3541 #ifndef OPENSSL_NO_IDEA
3542 printf("%s ", IDEA_options());
3544 #ifndef OPENSSL_NO_BF
3545 printf("%s ", BF_options());
3547 printf("\n%s\n", OpenSSL_version(OPENSSL_CFLAGS));
3548 printf("%s\n", OpenSSL_version(OPENSSL_CPU_INFO));
3556 ("The 'numbers' are in 1000s of bytes per second processed.\n");
3559 for (testnum = 0; testnum < size_num; testnum++)
3560 printf(mr ? ":%d" : "%7d bytes", lengths[testnum]);
3564 for (k = 0; k < ALGOR_NUM; k++) {
3568 printf("+F:%u:%s", k, names[k]);
3570 printf("%-13s", names[k]);
3571 for (testnum = 0; testnum < size_num; testnum++) {
3572 if (results[k][testnum] > 10000 && !mr)
3573 printf(" %11.2fk", results[k][testnum] / 1e3);
3575 printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]);
3579 #ifndef OPENSSL_NO_RSA
3581 for (k = 0; k < RSA_NUM; k++) {
3584 if (testnum && !mr) {
3585 printf("%18ssign verify sign/s verify/s\n", " ");
3589 printf("+F2:%u:%u:%f:%f\n",
3590 k, rsa_keys[k].bits, rsa_results[k][0], rsa_results[k][1]);
3592 printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3593 rsa_keys[k].bits, 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1],
3594 rsa_results[k][0], rsa_results[k][1]);
3597 #ifndef OPENSSL_NO_DSA
3599 for (k = 0; k < DSA_NUM; k++) {
3602 if (testnum && !mr) {
3603 printf("%18ssign verify sign/s verify/s\n", " ");
3607 printf("+F3:%u:%u:%f:%f\n",
3608 k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
3610 printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3611 dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1],
3612 dsa_results[k][0], dsa_results[k][1]);
3615 #ifndef OPENSSL_NO_EC
3617 for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) {
3620 if (testnum && !mr) {
3621 printf("%30ssign verify sign/s verify/s\n", " ");
3626 printf("+F4:%u:%u:%f:%f\n",
3627 k, ec_curves[k].bits,
3628 ecdsa_results[k][0], ecdsa_results[k][1]);
3630 printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3631 ec_curves[k].bits, ec_curves[k].name,
3632 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1],
3633 ecdsa_results[k][0], ecdsa_results[k][1]);
3637 for (k = 0; k < EC_NUM; k++) {
3640 if (testnum && !mr) {
3641 printf("%30sop op/s\n", " ");
3645 printf("+F5:%u:%u:%f:%f\n",
3646 k, ec_curves[k].bits,
3647 ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
3650 printf("%4u bits ecdh (%s) %8.4fs %8.1f\n",
3651 ec_curves[k].bits, ec_curves[k].name,
3652 1.0 / ecdh_results[k][0], ecdh_results[k][0]);
3656 for (k = 0; k < OSSL_NELEM(eddsa_doit); k++) {
3659 if (testnum && !mr) {
3660 printf("%30ssign verify sign/s verify/s\n", " ");
3665 printf("+F6:%u:%u:%s:%f:%f\n",
3666 k, ed_curves[k].bits, ed_curves[k].name,
3667 eddsa_results[k][0], eddsa_results[k][1]);
3669 printf("%4u bits EdDSA (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3670 ed_curves[k].bits, ed_curves[k].name,
3671 1.0 / eddsa_results[k][0], 1.0 / eddsa_results[k][1],
3672 eddsa_results[k][0], eddsa_results[k][1]);
3675 # ifndef OPENSSL_NO_SM2
3677 for (k = 0; k < OSSL_NELEM(sm2_doit); k++) {
3680 if (testnum && !mr) {
3681 printf("%30ssign verify sign/s verify/s\n", " ");
3686 printf("+F6:%u:%u:%s:%f:%f\n",
3687 k, sm2_curves[k].bits, sm2_curves[k].name,
3688 sm2_results[k][0], sm2_results[k][1]);
3690 printf("%4u bits SM2 (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3691 sm2_curves[k].bits, sm2_curves[k].name,
3692 1.0 / sm2_results[k][0], 1.0 / sm2_results[k][1],
3693 sm2_results[k][0], sm2_results[k][1]);
3701 ERR_print_errors(bio_err);
3702 for (i = 0; i < loopargs_len; i++) {
3703 OPENSSL_free(loopargs[i].buf_malloc);
3704 OPENSSL_free(loopargs[i].buf2_malloc);
3706 #ifndef OPENSSL_NO_RSA
3707 for (k = 0; k < RSA_NUM; k++)
3708 RSA_free(loopargs[i].rsa_key[k]);
3710 #ifndef OPENSSL_NO_DSA
3711 for (k = 0; k < DSA_NUM; k++)
3712 DSA_free(loopargs[i].dsa_key[k]);
3714 #ifndef OPENSSL_NO_EC
3715 for (k = 0; k < ECDSA_NUM; k++)
3716 EC_KEY_free(loopargs[i].ecdsa[k]);
3717 for (k = 0; k < EC_NUM; k++)
3718 EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]);
3719 for (k = 0; k < EdDSA_NUM; k++)
3720 EVP_MD_CTX_free(loopargs[i].eddsa_ctx[k]);
3721 # ifndef OPENSSL_NO_SM2
3722 for (k = 0; k < SM2_NUM; k++) {
3723 EVP_PKEY_CTX *pctx = NULL;
3725 /* free signing ctx */
3726 if (loopargs[i].sm2_ctx[k] != NULL
3727 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_ctx[k])) != NULL)
3728 EVP_PKEY_CTX_free(pctx);
3729 EVP_MD_CTX_free(loopargs[i].sm2_ctx[k]);
3730 /* free verification ctx */
3731 if (loopargs[i].sm2_vfy_ctx[k] != NULL
3732 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_vfy_ctx[k])) != NULL)
3733 EVP_PKEY_CTX_free(pctx);
3734 EVP_MD_CTX_free(loopargs[i].sm2_vfy_ctx[k]);
3736 EVP_PKEY_free(loopargs[i].sm2_pkey[k]);
3739 OPENSSL_free(loopargs[i].secret_a);
3740 OPENSSL_free(loopargs[i].secret_b);
3743 OPENSSL_free(evp_hmac_name);
3744 #ifndef OPENSSL_NO_CMAC
3745 OPENSSL_free(evp_cmac_name);
3748 if (async_jobs > 0) {
3749 for (i = 0; i < loopargs_len; i++)
3750 ASYNC_WAIT_CTX_free(loopargs[i].wait_ctx);
3754 ASYNC_cleanup_thread();
3756 OPENSSL_free(loopargs);
3761 static void print_message(const char *s, long num, int length, int tm)
3765 mr ? "+DT:%s:%d:%d\n"
3766 : "Doing %s for %ds on %d size blocks: ", s, tm, length);
3767 (void)BIO_flush(bio_err);
3771 mr ? "+DN:%s:%ld:%d\n"
3772 : "Doing %s %ld times on %d size blocks: ", s, num, length);
3773 (void)BIO_flush(bio_err);
3777 static void pkey_print_message(const char *str, const char *str2, long num,
3778 unsigned int bits, int tm)
3782 mr ? "+DTP:%d:%s:%s:%d\n"
3783 : "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm);
3784 (void)BIO_flush(bio_err);
3788 mr ? "+DNP:%ld:%d:%s:%s\n"
3789 : "Doing %ld %u bits %s %s's: ", num, bits, str, str2);
3790 (void)BIO_flush(bio_err);
3794 static void print_result(int alg, int run_no, int count, double time_used)
3797 BIO_printf(bio_err, "%s error!\n", names[alg]);
3798 ERR_print_errors(bio_err);
3799 /* exit(1); disable exit until default provider enabled */
3803 mr ? "+R:%d:%s:%f\n"
3804 : "%d %s's in %.2fs\n", count, names[alg], time_used);
3805 results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
3809 static char *sstrsep(char **string, const char *delim)
3812 char *token = *string;
3817 memset(isdelim, 0, sizeof(isdelim));
3821 isdelim[(unsigned char)(*delim)] = 1;
3825 while (!isdelim[(unsigned char)(**string)]) {
3837 static int do_multi(int multi, int size_num)
3842 static char sep[] = ":";
3844 fds = app_malloc(sizeof(*fds) * multi, "fd buffer for do_multi");
3845 for (n = 0; n < multi; ++n) {
3846 if (pipe(fd) == -1) {
3847 BIO_printf(bio_err, "pipe failure\n");
3851 (void)BIO_flush(bio_err);
3858 if (dup(fd[1]) == -1) {
3859 BIO_printf(bio_err, "dup failed\n");
3868 printf("Forked child %d\n", n);
3871 /* for now, assume the pipe is long enough to take all the output */
3872 for (n = 0; n < multi; ++n) {
3877 f = fdopen(fds[n], "r");
3878 while (fgets(buf, sizeof(buf), f)) {
3879 p = strchr(buf, '\n');
3882 if (buf[0] != '+') {
3884 "Don't understand line '%s' from child %d\n", buf,
3888 printf("Got: %s from %d\n", buf, n);
3889 if (strncmp(buf, "+F:", 3) == 0) {
3894 alg = atoi(sstrsep(&p, sep));
3896 for (j = 0; j < size_num; ++j)
3897 results[alg][j] += atof(sstrsep(&p, sep));
3898 } else if (strncmp(buf, "+F2:", 4) == 0) {
3903 k = atoi(sstrsep(&p, sep));
3906 d = atof(sstrsep(&p, sep));
3907 rsa_results[k][0] += d;
3909 d = atof(sstrsep(&p, sep));
3910 rsa_results[k][1] += d;
3912 # ifndef OPENSSL_NO_DSA
3913 else if (strncmp(buf, "+F3:", 4) == 0) {
3918 k = atoi(sstrsep(&p, sep));
3921 d = atof(sstrsep(&p, sep));
3922 dsa_results[k][0] += d;
3924 d = atof(sstrsep(&p, sep));
3925 dsa_results[k][1] += d;
3928 # ifndef OPENSSL_NO_EC
3929 else if (strncmp(buf, "+F4:", 4) == 0) {
3934 k = atoi(sstrsep(&p, sep));
3937 d = atof(sstrsep(&p, sep));
3938 ecdsa_results[k][0] += d;
3940 d = atof(sstrsep(&p, sep));
3941 ecdsa_results[k][1] += d;
3942 } else if (strncmp(buf, "+F5:", 4) == 0) {
3947 k = atoi(sstrsep(&p, sep));
3950 d = atof(sstrsep(&p, sep));
3951 ecdh_results[k][0] += d;
3952 } else if (strncmp(buf, "+F6:", 4) == 0) {
3957 k = atoi(sstrsep(&p, sep));
3960 d = atof(sstrsep(&p, sep));
3961 eddsa_results[k][0] += d;
3963 d = atof(sstrsep(&p, sep));
3964 eddsa_results[k][1] += d;
3966 # ifndef OPENSSL_NO_SM2
3967 else if (strncmp(buf, "+F7:", 4) == 0) {
3972 k = atoi(sstrsep(&p, sep));
3975 d = atof(sstrsep(&p, sep));
3976 sm2_results[k][0] += d;
3978 d = atof(sstrsep(&p, sep));
3979 sm2_results[k][1] += d;
3981 # endif /* OPENSSL_NO_SM2 */
3984 else if (strncmp(buf, "+H:", 3) == 0) {
3987 BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf,
3998 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
3999 const openssl_speed_sec_t *seconds)
4001 static const int mblengths_list[] =
4002 { 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 };
4003 const int *mblengths = mblengths_list;
4004 int j, count, keylen, num = OSSL_NELEM(mblengths_list);
4005 const char *alg_name;
4006 unsigned char *inp, *out, *key, no_key[32], no_iv[16];
4007 EVP_CIPHER_CTX *ctx;
4010 if (lengths_single) {
4011 mblengths = &lengths_single;
4015 inp = app_malloc(mblengths[num - 1], "multiblock input buffer");
4016 out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer");
4017 ctx = EVP_CIPHER_CTX_new();
4018 EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv);
4020 keylen = EVP_CIPHER_CTX_key_length(ctx);
4021 key = app_malloc(keylen, "evp_cipher key");
4022 EVP_CIPHER_CTX_rand_key(ctx, key);
4023 EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
4024 OPENSSL_clear_free(key, keylen);
4026 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key), no_key);
4027 alg_name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
4029 for (j = 0; j < num; j++) {
4030 print_message(alg_name, 0, mblengths[j], seconds->sym);
4032 for (count = 0, run = 1; run && count < 0x7fffffff; count++) {
4033 unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
4034 EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
4035 size_t len = mblengths[j];
4038 memset(aad, 0, 8); /* avoid uninitialized values */
4039 aad[8] = 23; /* SSL3_RT_APPLICATION_DATA */
4040 aad[9] = 3; /* version */
4042 aad[11] = 0; /* length */
4044 mb_param.out = NULL;
4047 mb_param.interleave = 8;
4049 packlen = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
4050 sizeof(mb_param), &mb_param);
4056 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
4057 sizeof(mb_param), &mb_param);
4061 RAND_bytes(out, 16);
4063 aad[11] = (unsigned char)(len >> 8);
4064 aad[12] = (unsigned char)(len);
4065 pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD,
4066 EVP_AEAD_TLS1_AAD_LEN, aad);
4067 EVP_Cipher(ctx, out, inp, len + pad);
4071 BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n"
4072 : "%d %s's in %.2fs\n", count, "evp", d);
4073 results[D_EVP][j] = ((double)count) / d * mblengths[j];
4077 fprintf(stdout, "+H");
4078 for (j = 0; j < num; j++)
4079 fprintf(stdout, ":%d", mblengths[j]);
4080 fprintf(stdout, "\n");
4081 fprintf(stdout, "+F:%d:%s", D_EVP, alg_name);
4082 for (j = 0; j < num; j++)
4083 fprintf(stdout, ":%.2f", results[D_EVP][j]);
4084 fprintf(stdout, "\n");
4087 "The 'numbers' are in 1000s of bytes per second processed.\n");
4088 fprintf(stdout, "type ");
4089 for (j = 0; j < num; j++)
4090 fprintf(stdout, "%7d bytes", mblengths[j]);
4091 fprintf(stdout, "\n");
4092 fprintf(stdout, "%-24s", alg_name);
4094 for (j = 0; j < num; j++) {
4095 if (results[D_EVP][j] > 10000)
4096 fprintf(stdout, " %11.2fk", results[D_EVP][j] / 1e3);
4098 fprintf(stdout, " %11.2f ", results[D_EVP][j]);
4100 fprintf(stdout, "\n");
4105 EVP_CIPHER_CTX_free(ctx);