2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
13 #define RSA_SECONDS 10
14 #define DSA_SECONDS 10
15 #define ECDSA_SECONDS 10
16 #define ECDH_SECONDS 10
17 #define EdDSA_SECONDS 10
25 #include <openssl/crypto.h>
26 #include <openssl/rand.h>
27 #include <openssl/err.h>
28 #include <openssl/evp.h>
29 #include <openssl/objects.h>
30 #include <openssl/async.h>
31 #if !defined(OPENSSL_SYS_MSDOS)
32 # include OPENSSL_UNISTD
39 #include <openssl/bn.h>
40 #ifndef OPENSSL_NO_DES
41 # include <openssl/des.h>
43 #include <openssl/aes.h>
44 #ifndef OPENSSL_NO_CAMELLIA
45 # include <openssl/camellia.h>
47 #ifndef OPENSSL_NO_MD2
48 # include <openssl/md2.h>
50 #ifndef OPENSSL_NO_MDC2
51 # include <openssl/mdc2.h>
53 #ifndef OPENSSL_NO_MD4
54 # include <openssl/md4.h>
56 #ifndef OPENSSL_NO_MD5
57 # include <openssl/md5.h>
59 #include <openssl/hmac.h>
60 #include <openssl/sha.h>
61 #ifndef OPENSSL_NO_RMD160
62 # include <openssl/ripemd.h>
64 #ifndef OPENSSL_NO_WHIRLPOOL
65 # include <openssl/whrlpool.h>
67 #ifndef OPENSSL_NO_RC4
68 # include <openssl/rc4.h>
70 #ifndef OPENSSL_NO_RC5
71 # include <openssl/rc5.h>
73 #ifndef OPENSSL_NO_RC2
74 # include <openssl/rc2.h>
76 #ifndef OPENSSL_NO_IDEA
77 # include <openssl/idea.h>
79 #ifndef OPENSSL_NO_SEED
80 # include <openssl/seed.h>
83 # include <openssl/blowfish.h>
85 #ifndef OPENSSL_NO_CAST
86 # include <openssl/cast.h>
88 #ifndef OPENSSL_NO_RSA
89 # include <openssl/rsa.h>
90 # include "./testrsa.h"
92 #include <openssl/x509.h>
93 #ifndef OPENSSL_NO_DSA
94 # include <openssl/dsa.h>
95 # include "./testdsa.h"
98 # include <openssl/ec.h>
100 #include <openssl/modes.h>
103 # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS)
116 #define MAX_MISALIGNMENT 63
117 #define MAX_ECDH_SIZE 256
120 typedef struct openssl_speed_sec_st {
127 } openssl_speed_sec_t;
129 static volatile int run = 0;
132 static int usertime = 1;
134 #ifndef OPENSSL_NO_MD2
135 static int EVP_Digest_MD2_loop(void *args);
138 #ifndef OPENSSL_NO_MDC2
139 static int EVP_Digest_MDC2_loop(void *args);
141 #ifndef OPENSSL_NO_MD4
142 static int EVP_Digest_MD4_loop(void *args);
144 #ifndef OPENSSL_NO_MD5
145 static int MD5_loop(void *args);
146 static int HMAC_loop(void *args);
148 static int SHA1_loop(void *args);
149 static int SHA256_loop(void *args);
150 static int SHA512_loop(void *args);
151 #ifndef OPENSSL_NO_WHIRLPOOL
152 static int WHIRLPOOL_loop(void *args);
154 #ifndef OPENSSL_NO_RMD160
155 static int EVP_Digest_RMD160_loop(void *args);
157 #ifndef OPENSSL_NO_RC4
158 static int RC4_loop(void *args);
160 #ifndef OPENSSL_NO_DES
161 static int DES_ncbc_encrypt_loop(void *args);
162 static int DES_ede3_cbc_encrypt_loop(void *args);
164 static int AES_cbc_128_encrypt_loop(void *args);
165 static int AES_cbc_192_encrypt_loop(void *args);
166 static int AES_ige_128_encrypt_loop(void *args);
167 static int AES_cbc_256_encrypt_loop(void *args);
168 static int AES_ige_192_encrypt_loop(void *args);
169 static int AES_ige_256_encrypt_loop(void *args);
170 static int CRYPTO_gcm128_aad_loop(void *args);
171 static int RAND_bytes_loop(void *args);
172 static int EVP_Update_loop(void *args);
173 static int EVP_Update_loop_ccm(void *args);
174 static int EVP_Update_loop_aead(void *args);
175 static int EVP_Digest_loop(void *args);
176 #ifndef OPENSSL_NO_RSA
177 static int RSA_sign_loop(void *args);
178 static int RSA_verify_loop(void *args);
180 #ifndef OPENSSL_NO_DSA
181 static int DSA_sign_loop(void *args);
182 static int DSA_verify_loop(void *args);
184 #ifndef OPENSSL_NO_EC
185 static int ECDSA_sign_loop(void *args);
186 static int ECDSA_verify_loop(void *args);
187 static int EdDSA_sign_loop(void *args);
188 static int EdDSA_verify_loop(void *args);
191 static double Time_F(int s);
192 static void print_message(const char *s, long num, int length, int tm);
193 static void pkey_print_message(const char *str, const char *str2,
194 long num, unsigned int bits, int sec);
195 static void print_result(int alg, int run_no, int count, double time_used);
197 static int do_multi(int multi, int size_num);
200 static const int lengths_list[] = {
201 16, 64, 256, 1024, 8 * 1024, 16 * 1024
203 static const int *lengths = lengths_list;
205 static const int aead_lengths_list[] = {
206 2, 31, 136, 1024, 8 * 1024, 16 * 1024
214 static void alarmed(int sig)
216 signal(SIGALRM, alarmed);
220 static double Time_F(int s)
222 double ret = app_tminterval(s, usertime);
228 #elif defined(_WIN32)
232 static unsigned int lapse;
233 static volatile unsigned int schlock;
234 static void alarm_win32(unsigned int secs)
239 # define alarm alarm_win32
241 static DWORD WINAPI sleepy(VOID * arg)
249 static double Time_F(int s)
256 thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
258 DWORD err = GetLastError();
259 BIO_printf(bio_err, "unable to CreateThread (%lu)", err);
263 Sleep(0); /* scheduler spinlock */
264 ret = app_tminterval(s, usertime);
266 ret = app_tminterval(s, usertime);
268 TerminateThread(thr, 0);
275 static double Time_F(int s)
277 return app_tminterval(s, usertime);
281 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
282 const openssl_speed_sec_t *seconds);
284 #define found(value, pairs, result)\
285 opt_found(value, result, pairs, OSSL_NELEM(pairs))
286 static int opt_found(const char *name, unsigned int *result,
287 const OPT_PAIR pairs[], unsigned int nbelem)
291 for (idx = 0; idx < nbelem; ++idx, pairs++)
292 if (strcmp(name, pairs->name) == 0) {
293 *result = pairs->retval;
299 typedef enum OPTION_choice {
300 OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
301 OPT_ELAPSED, OPT_EVP, OPT_HMAC, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
302 OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM,
303 OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD
306 const OPTIONS speed_options[] = {
307 {OPT_HELP_STR, 1, '-', "Usage: %s [options] ciphers...\n"},
308 {OPT_HELP_STR, 1, '-', "Valid options are:\n"},
309 {"help", OPT_HELP, '-', "Display this summary"},
310 {"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"},
311 {"hmac", OPT_HMAC, 's', "HMAC using EVP-named digest"},
312 {"decrypt", OPT_DECRYPT, '-',
313 "Time decryption instead of encryption (only EVP)"},
314 {"aead", OPT_AEAD, '-',
315 "Benchmark EVP-named AEAD cipher in TLS-like sequence"},
317 "Enable (tls1>=1) multi-block mode on EVP-named cipher"},
318 {"mr", OPT_MR, '-', "Produce machine readable output"},
320 {"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"},
322 #ifndef OPENSSL_NO_ASYNC
323 {"async_jobs", OPT_ASYNCJOBS, 'p',
324 "Enable async mode and start specified number of jobs"},
327 #ifndef OPENSSL_NO_ENGINE
328 {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
330 {"elapsed", OPT_ELAPSED, '-',
331 "Use wall-clock time instead of CPU user time as divisor"},
332 {"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"},
333 {"seconds", OPT_SECONDS, 'p',
334 "Run benchmarks for specified amount of seconds"},
335 {"bytes", OPT_BYTES, 'p',
336 "Run [non-PKI] benchmarks on custom-sized buffer"},
337 {"misalign", OPT_MISALIGN, 'p',
338 "Use specified offset to mis-align buffers"},
352 #define D_CBC_IDEA 10
353 #define D_CBC_SEED 11
357 #define D_CBC_CAST 15
358 #define D_CBC_128_AES 16
359 #define D_CBC_192_AES 17
360 #define D_CBC_256_AES 18
361 #define D_CBC_128_CML 19
362 #define D_CBC_192_CML 20
363 #define D_CBC_256_CML 21
367 #define D_WHIRLPOOL 25
368 #define D_IGE_128_AES 26
369 #define D_IGE_192_AES 27
370 #define D_IGE_256_AES 28
373 #define D_EVP_HMAC 31
375 /* name of algorithms to test */
376 static const char *names[] = {
377 "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
378 "des cbc", "des ede3", "idea cbc", "seed cbc",
379 "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
380 "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
381 "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
382 "evp", "sha256", "sha512", "whirlpool",
383 "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
386 #define ALGOR_NUM OSSL_NELEM(names)
388 /* list of configured algorithm (remaining) */
389 static const OPT_PAIR doit_choices[] = {
390 #ifndef OPENSSL_NO_MD2
393 #ifndef OPENSSL_NO_MDC2
396 #ifndef OPENSSL_NO_MD4
399 #ifndef OPENSSL_NO_MD5
404 {"sha256", D_SHA256},
405 {"sha512", D_SHA512},
406 #ifndef OPENSSL_NO_WHIRLPOOL
407 {"whirlpool", D_WHIRLPOOL},
409 #ifndef OPENSSL_NO_RMD160
410 {"ripemd", D_RMD160},
411 {"rmd160", D_RMD160},
412 {"ripemd160", D_RMD160},
414 #ifndef OPENSSL_NO_RC4
417 #ifndef OPENSSL_NO_DES
418 {"des-cbc", D_CBC_DES},
419 {"des-ede3", D_EDE3_DES},
421 {"aes-128-cbc", D_CBC_128_AES},
422 {"aes-192-cbc", D_CBC_192_AES},
423 {"aes-256-cbc", D_CBC_256_AES},
424 {"aes-128-ige", D_IGE_128_AES},
425 {"aes-192-ige", D_IGE_192_AES},
426 {"aes-256-ige", D_IGE_256_AES},
427 #ifndef OPENSSL_NO_RC2
428 {"rc2-cbc", D_CBC_RC2},
431 #ifndef OPENSSL_NO_RC5
432 {"rc5-cbc", D_CBC_RC5},
435 #ifndef OPENSSL_NO_IDEA
436 {"idea-cbc", D_CBC_IDEA},
437 {"idea", D_CBC_IDEA},
439 #ifndef OPENSSL_NO_SEED
440 {"seed-cbc", D_CBC_SEED},
441 {"seed", D_CBC_SEED},
443 #ifndef OPENSSL_NO_BF
444 {"bf-cbc", D_CBC_BF},
445 {"blowfish", D_CBC_BF},
448 #ifndef OPENSSL_NO_CAST
449 {"cast-cbc", D_CBC_CAST},
450 {"cast", D_CBC_CAST},
451 {"cast5", D_CBC_CAST},
457 static double results[ALGOR_NUM][OSSL_NELEM(lengths_list)];
459 #ifndef OPENSSL_NO_DSA
461 # define R_DSA_1024 1
462 # define R_DSA_2048 2
463 static const OPT_PAIR dsa_choices[] = {
464 {"dsa512", R_DSA_512},
465 {"dsa1024", R_DSA_1024},
466 {"dsa2048", R_DSA_2048}
468 # define DSA_NUM OSSL_NELEM(dsa_choices)
470 static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */
471 #endif /* OPENSSL_NO_DSA */
479 #define R_RSA_15360 6
480 #ifndef OPENSSL_NO_RSA
481 static const OPT_PAIR rsa_choices[] = {
482 {"rsa512", R_RSA_512},
483 {"rsa1024", R_RSA_1024},
484 {"rsa2048", R_RSA_2048},
485 {"rsa3072", R_RSA_3072},
486 {"rsa4096", R_RSA_4096},
487 {"rsa7680", R_RSA_7680},
488 {"rsa15360", R_RSA_15360}
490 # define RSA_NUM OSSL_NELEM(rsa_choices)
492 static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */
493 #endif /* OPENSSL_NO_RSA */
502 #ifndef OPENSSL_NO_EC2M
524 #ifndef OPENSSL_NO_EC
525 static OPT_PAIR ecdsa_choices[] = {
526 {"ecdsap160", R_EC_P160},
527 {"ecdsap192", R_EC_P192},
528 {"ecdsap224", R_EC_P224},
529 {"ecdsap256", R_EC_P256},
530 {"ecdsap384", R_EC_P384},
531 {"ecdsap521", R_EC_P521},
532 # ifndef OPENSSL_NO_EC2M
533 {"ecdsak163", R_EC_K163},
534 {"ecdsak233", R_EC_K233},
535 {"ecdsak283", R_EC_K283},
536 {"ecdsak409", R_EC_K409},
537 {"ecdsak571", R_EC_K571},
538 {"ecdsab163", R_EC_B163},
539 {"ecdsab233", R_EC_B233},
540 {"ecdsab283", R_EC_B283},
541 {"ecdsab409", R_EC_B409},
542 {"ecdsab571", R_EC_B571},
544 {"ecdsabrp256r1", R_EC_BRP256R1},
545 {"ecdsabrp256t1", R_EC_BRP256T1},
546 {"ecdsabrp384r1", R_EC_BRP384R1},
547 {"ecdsabrp384t1", R_EC_BRP384T1},
548 {"ecdsabrp512r1", R_EC_BRP512R1},
549 {"ecdsabrp512t1", R_EC_BRP512T1}
551 # define ECDSA_NUM OSSL_NELEM(ecdsa_choices)
553 static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */
555 static const OPT_PAIR ecdh_choices[] = {
556 {"ecdhp160", R_EC_P160},
557 {"ecdhp192", R_EC_P192},
558 {"ecdhp224", R_EC_P224},
559 {"ecdhp256", R_EC_P256},
560 {"ecdhp384", R_EC_P384},
561 {"ecdhp521", R_EC_P521},
562 # ifndef OPENSSL_NO_EC2M
563 {"ecdhk163", R_EC_K163},
564 {"ecdhk233", R_EC_K233},
565 {"ecdhk283", R_EC_K283},
566 {"ecdhk409", R_EC_K409},
567 {"ecdhk571", R_EC_K571},
568 {"ecdhb163", R_EC_B163},
569 {"ecdhb233", R_EC_B233},
570 {"ecdhb283", R_EC_B283},
571 {"ecdhb409", R_EC_B409},
572 {"ecdhb571", R_EC_B571},
574 {"ecdhbrp256r1", R_EC_BRP256R1},
575 {"ecdhbrp256t1", R_EC_BRP256T1},
576 {"ecdhbrp384r1", R_EC_BRP384R1},
577 {"ecdhbrp384t1", R_EC_BRP384T1},
578 {"ecdhbrp512r1", R_EC_BRP512R1},
579 {"ecdhbrp512t1", R_EC_BRP512T1},
580 {"ecdhx25519", R_EC_X25519},
581 {"ecdhx448", R_EC_X448}
583 # define EC_NUM OSSL_NELEM(ecdh_choices)
585 static double ecdh_results[EC_NUM][1]; /* 1 op: derivation */
587 #define R_EC_Ed25519 0
589 static OPT_PAIR eddsa_choices[] = {
590 {"ed25519", R_EC_Ed25519},
591 {"ed448", R_EC_Ed448}
593 # define EdDSA_NUM OSSL_NELEM(eddsa_choices)
595 static double eddsa_results[EdDSA_NUM][2]; /* 2 ops: sign then verify */
596 #endif /* OPENSSL_NO_EC */
599 # define COND(d) (count < (d))
600 # define COUNT(d) (d)
602 # define COND(unused_cond) (run && count<0x7fffffff)
603 # define COUNT(d) (count)
606 typedef struct loopargs_st {
607 ASYNC_JOB *inprogress_job;
608 ASYNC_WAIT_CTX *wait_ctx;
611 unsigned char *buf_malloc;
612 unsigned char *buf2_malloc;
616 #ifndef OPENSSL_NO_RSA
617 RSA *rsa_key[RSA_NUM];
619 #ifndef OPENSSL_NO_DSA
620 DSA *dsa_key[DSA_NUM];
622 #ifndef OPENSSL_NO_EC
623 EC_KEY *ecdsa[ECDSA_NUM];
624 EVP_PKEY_CTX *ecdh_ctx[EC_NUM];
625 EVP_MD_CTX *eddsa_ctx[EdDSA_NUM];
626 unsigned char *secret_a;
627 unsigned char *secret_b;
628 size_t outlen[EC_NUM];
632 GCM128_CONTEXT *gcm_ctx;
634 static int run_benchmark(int async_jobs, int (*loop_function) (void *),
635 loopargs_t * loopargs);
637 static unsigned int testnum;
639 /* Nb of iterations to do per algorithm and key-size */
640 static long c[ALGOR_NUM][OSSL_NELEM(lengths_list)];
642 #ifndef OPENSSL_NO_MD2
643 static int EVP_Digest_MD2_loop(void *args)
645 loopargs_t *tempargs = *(loopargs_t **) args;
646 unsigned char *buf = tempargs->buf;
647 unsigned char md2[MD2_DIGEST_LENGTH];
650 for (count = 0; COND(c[D_MD2][testnum]); count++) {
651 if (!EVP_Digest(buf, (size_t)lengths[testnum], md2, NULL, EVP_md2(),
659 #ifndef OPENSSL_NO_MDC2
660 static int EVP_Digest_MDC2_loop(void *args)
662 loopargs_t *tempargs = *(loopargs_t **) args;
663 unsigned char *buf = tempargs->buf;
664 unsigned char mdc2[MDC2_DIGEST_LENGTH];
667 for (count = 0; COND(c[D_MDC2][testnum]); count++) {
668 if (!EVP_Digest(buf, (size_t)lengths[testnum], mdc2, NULL, EVP_mdc2(),
676 #ifndef OPENSSL_NO_MD4
677 static int EVP_Digest_MD4_loop(void *args)
679 loopargs_t *tempargs = *(loopargs_t **) args;
680 unsigned char *buf = tempargs->buf;
681 unsigned char md4[MD4_DIGEST_LENGTH];
684 for (count = 0; COND(c[D_MD4][testnum]); count++) {
685 if (!EVP_Digest(buf, (size_t)lengths[testnum], md4, NULL, EVP_md4(),
693 #ifndef OPENSSL_NO_MD5
694 static int MD5_loop(void *args)
696 loopargs_t *tempargs = *(loopargs_t **) args;
697 unsigned char *buf = tempargs->buf;
698 unsigned char md5[MD5_DIGEST_LENGTH];
700 for (count = 0; COND(c[D_MD5][testnum]); count++)
701 MD5(buf, lengths[testnum], md5);
705 static int HMAC_loop(void *args)
707 loopargs_t *tempargs = *(loopargs_t **) args;
708 unsigned char *buf = tempargs->buf;
709 HMAC_CTX *hctx = tempargs->hctx;
710 unsigned char hmac[MD5_DIGEST_LENGTH];
713 for (count = 0; COND(c[D_HMAC][testnum]); count++) {
714 HMAC_Init_ex(hctx, NULL, 0, NULL, NULL);
715 HMAC_Update(hctx, buf, lengths[testnum]);
716 HMAC_Final(hctx, hmac, NULL);
722 static int SHA1_loop(void *args)
724 loopargs_t *tempargs = *(loopargs_t **) args;
725 unsigned char *buf = tempargs->buf;
726 unsigned char sha[SHA_DIGEST_LENGTH];
728 for (count = 0; COND(c[D_SHA1][testnum]); count++)
729 SHA1(buf, lengths[testnum], sha);
733 static int SHA256_loop(void *args)
735 loopargs_t *tempargs = *(loopargs_t **) args;
736 unsigned char *buf = tempargs->buf;
737 unsigned char sha256[SHA256_DIGEST_LENGTH];
739 for (count = 0; COND(c[D_SHA256][testnum]); count++)
740 SHA256(buf, lengths[testnum], sha256);
744 static int SHA512_loop(void *args)
746 loopargs_t *tempargs = *(loopargs_t **) args;
747 unsigned char *buf = tempargs->buf;
748 unsigned char sha512[SHA512_DIGEST_LENGTH];
750 for (count = 0; COND(c[D_SHA512][testnum]); count++)
751 SHA512(buf, lengths[testnum], sha512);
755 #ifndef OPENSSL_NO_WHIRLPOOL
756 static int WHIRLPOOL_loop(void *args)
758 loopargs_t *tempargs = *(loopargs_t **) args;
759 unsigned char *buf = tempargs->buf;
760 unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
762 for (count = 0; COND(c[D_WHIRLPOOL][testnum]); count++)
763 WHIRLPOOL(buf, lengths[testnum], whirlpool);
768 #ifndef OPENSSL_NO_RMD160
769 static int EVP_Digest_RMD160_loop(void *args)
771 loopargs_t *tempargs = *(loopargs_t **) args;
772 unsigned char *buf = tempargs->buf;
773 unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
775 for (count = 0; COND(c[D_RMD160][testnum]); count++) {
776 if (!EVP_Digest(buf, (size_t)lengths[testnum], &(rmd160[0]),
777 NULL, EVP_ripemd160(), NULL))
784 #ifndef OPENSSL_NO_RC4
785 static RC4_KEY rc4_ks;
786 static int RC4_loop(void *args)
788 loopargs_t *tempargs = *(loopargs_t **) args;
789 unsigned char *buf = tempargs->buf;
791 for (count = 0; COND(c[D_RC4][testnum]); count++)
792 RC4(&rc4_ks, (size_t)lengths[testnum], buf, buf);
797 #ifndef OPENSSL_NO_DES
798 static unsigned char DES_iv[8];
799 static DES_key_schedule sch;
800 static DES_key_schedule sch2;
801 static DES_key_schedule sch3;
802 static int DES_ncbc_encrypt_loop(void *args)
804 loopargs_t *tempargs = *(loopargs_t **) args;
805 unsigned char *buf = tempargs->buf;
807 for (count = 0; COND(c[D_CBC_DES][testnum]); count++)
808 DES_ncbc_encrypt(buf, buf, lengths[testnum], &sch,
809 &DES_iv, DES_ENCRYPT);
813 static int DES_ede3_cbc_encrypt_loop(void *args)
815 loopargs_t *tempargs = *(loopargs_t **) args;
816 unsigned char *buf = tempargs->buf;
818 for (count = 0; COND(c[D_EDE3_DES][testnum]); count++)
819 DES_ede3_cbc_encrypt(buf, buf, lengths[testnum],
820 &sch, &sch2, &sch3, &DES_iv, DES_ENCRYPT);
825 #define MAX_BLOCK_SIZE 128
827 static unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
828 static AES_KEY aes_ks1, aes_ks2, aes_ks3;
829 static int AES_cbc_128_encrypt_loop(void *args)
831 loopargs_t *tempargs = *(loopargs_t **) args;
832 unsigned char *buf = tempargs->buf;
834 for (count = 0; COND(c[D_CBC_128_AES][testnum]); count++)
835 AES_cbc_encrypt(buf, buf,
836 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
840 static int AES_cbc_192_encrypt_loop(void *args)
842 loopargs_t *tempargs = *(loopargs_t **) args;
843 unsigned char *buf = tempargs->buf;
845 for (count = 0; COND(c[D_CBC_192_AES][testnum]); count++)
846 AES_cbc_encrypt(buf, buf,
847 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
851 static int AES_cbc_256_encrypt_loop(void *args)
853 loopargs_t *tempargs = *(loopargs_t **) args;
854 unsigned char *buf = tempargs->buf;
856 for (count = 0; COND(c[D_CBC_256_AES][testnum]); count++)
857 AES_cbc_encrypt(buf, buf,
858 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
862 static int AES_ige_128_encrypt_loop(void *args)
864 loopargs_t *tempargs = *(loopargs_t **) args;
865 unsigned char *buf = tempargs->buf;
866 unsigned char *buf2 = tempargs->buf2;
868 for (count = 0; COND(c[D_IGE_128_AES][testnum]); count++)
869 AES_ige_encrypt(buf, buf2,
870 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
874 static int AES_ige_192_encrypt_loop(void *args)
876 loopargs_t *tempargs = *(loopargs_t **) args;
877 unsigned char *buf = tempargs->buf;
878 unsigned char *buf2 = tempargs->buf2;
880 for (count = 0; COND(c[D_IGE_192_AES][testnum]); count++)
881 AES_ige_encrypt(buf, buf2,
882 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
886 static int AES_ige_256_encrypt_loop(void *args)
888 loopargs_t *tempargs = *(loopargs_t **) args;
889 unsigned char *buf = tempargs->buf;
890 unsigned char *buf2 = tempargs->buf2;
892 for (count = 0; COND(c[D_IGE_256_AES][testnum]); count++)
893 AES_ige_encrypt(buf, buf2,
894 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
898 static int CRYPTO_gcm128_aad_loop(void *args)
900 loopargs_t *tempargs = *(loopargs_t **) args;
901 unsigned char *buf = tempargs->buf;
902 GCM128_CONTEXT *gcm_ctx = tempargs->gcm_ctx;
904 for (count = 0; COND(c[D_GHASH][testnum]); count++)
905 CRYPTO_gcm128_aad(gcm_ctx, buf, lengths[testnum]);
909 static int RAND_bytes_loop(void *args)
911 loopargs_t *tempargs = *(loopargs_t **) args;
912 unsigned char *buf = tempargs->buf;
915 for (count = 0; COND(c[D_RAND][testnum]); count++)
916 RAND_bytes(buf, lengths[testnum]);
920 static long save_count = 0;
921 static int decrypt = 0;
922 static int EVP_Update_loop(void *args)
924 loopargs_t *tempargs = *(loopargs_t **) args;
925 unsigned char *buf = tempargs->buf;
926 EVP_CIPHER_CTX *ctx = tempargs->ctx;
929 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
932 for (count = 0; COND(nb_iter); count++) {
933 rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
935 /* reset iv in case of counter overflow */
936 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
940 for (count = 0; COND(nb_iter); count++) {
941 rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
943 /* reset iv in case of counter overflow */
944 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
949 EVP_DecryptFinal_ex(ctx, buf, &outl);
951 EVP_EncryptFinal_ex(ctx, buf, &outl);
956 * CCM does not support streaming. For the purpose of performance measurement,
957 * each message is encrypted using the same (key,iv)-pair. Do not use this
958 * code in your application.
960 static int EVP_Update_loop_ccm(void *args)
962 loopargs_t *tempargs = *(loopargs_t **) args;
963 unsigned char *buf = tempargs->buf;
964 EVP_CIPHER_CTX *ctx = tempargs->ctx;
966 unsigned char tag[12];
968 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
971 for (count = 0; COND(nb_iter); count++) {
972 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), tag);
974 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
975 /* counter is reset on every update */
976 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
979 for (count = 0; COND(nb_iter); count++) {
980 /* restore iv length field */
981 EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
982 /* counter is reset on every update */
983 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
987 EVP_DecryptFinal_ex(ctx, buf, &outl);
989 EVP_EncryptFinal_ex(ctx, buf, &outl);
994 * To make AEAD benchmarking more relevant perform TLS-like operations,
995 * 13-byte AAD followed by payload. But don't use TLS-formatted AAD, as
996 * payload length is not actually limited by 16KB...
998 static int EVP_Update_loop_aead(void *args)
1000 loopargs_t *tempargs = *(loopargs_t **) args;
1001 unsigned char *buf = tempargs->buf;
1002 EVP_CIPHER_CTX *ctx = tempargs->ctx;
1004 unsigned char aad[13] = { 0xcc };
1005 unsigned char faketag[16] = { 0xcc };
1007 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1010 for (count = 0; COND(nb_iter); count++) {
1011 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
1012 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
1013 sizeof(faketag), faketag);
1014 EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1015 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1016 EVP_DecryptFinal_ex(ctx, buf + outl, &outl);
1019 for (count = 0; COND(nb_iter); count++) {
1020 EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv);
1021 EVP_EncryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1022 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1023 EVP_EncryptFinal_ex(ctx, buf + outl, &outl);
1029 static const EVP_MD *evp_md = NULL;
1030 static int EVP_Digest_loop(void *args)
1032 loopargs_t *tempargs = *(loopargs_t **) args;
1033 unsigned char *buf = tempargs->buf;
1034 unsigned char md[EVP_MAX_MD_SIZE];
1037 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1040 for (count = 0; COND(nb_iter); count++) {
1041 if (!EVP_Digest(buf, lengths[testnum], md, NULL, evp_md, NULL))
1047 static const EVP_MD *evp_hmac_md = NULL;
1048 static char *evp_hmac_name = NULL;
1049 static int EVP_HMAC_loop(void *args)
1051 loopargs_t *tempargs = *(loopargs_t **) args;
1052 unsigned char *buf = tempargs->buf;
1053 unsigned char no_key[32];
1056 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1059 for (count = 0; COND(nb_iter); count++) {
1060 if (HMAC(evp_hmac_md, no_key, sizeof(no_key), buf, lengths[testnum],
1061 NULL, NULL) == NULL)
1067 #ifndef OPENSSL_NO_RSA
1068 static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */
1070 static int RSA_sign_loop(void *args)
1072 loopargs_t *tempargs = *(loopargs_t **) args;
1073 unsigned char *buf = tempargs->buf;
1074 unsigned char *buf2 = tempargs->buf2;
1075 unsigned int *rsa_num = &tempargs->siglen;
1076 RSA **rsa_key = tempargs->rsa_key;
1078 for (count = 0; COND(rsa_c[testnum][0]); count++) {
1079 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1081 BIO_printf(bio_err, "RSA sign failure\n");
1082 ERR_print_errors(bio_err);
1090 static int RSA_verify_loop(void *args)
1092 loopargs_t *tempargs = *(loopargs_t **) args;
1093 unsigned char *buf = tempargs->buf;
1094 unsigned char *buf2 = tempargs->buf2;
1095 unsigned int rsa_num = tempargs->siglen;
1096 RSA **rsa_key = tempargs->rsa_key;
1098 for (count = 0; COND(rsa_c[testnum][1]); count++) {
1100 RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1102 BIO_printf(bio_err, "RSA verify failure\n");
1103 ERR_print_errors(bio_err);
1112 #ifndef OPENSSL_NO_DSA
1113 static long dsa_c[DSA_NUM][2];
1114 static int DSA_sign_loop(void *args)
1116 loopargs_t *tempargs = *(loopargs_t **) args;
1117 unsigned char *buf = tempargs->buf;
1118 unsigned char *buf2 = tempargs->buf2;
1119 DSA **dsa_key = tempargs->dsa_key;
1120 unsigned int *siglen = &tempargs->siglen;
1122 for (count = 0; COND(dsa_c[testnum][0]); count++) {
1123 ret = DSA_sign(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1125 BIO_printf(bio_err, "DSA sign failure\n");
1126 ERR_print_errors(bio_err);
1134 static int DSA_verify_loop(void *args)
1136 loopargs_t *tempargs = *(loopargs_t **) args;
1137 unsigned char *buf = tempargs->buf;
1138 unsigned char *buf2 = tempargs->buf2;
1139 DSA **dsa_key = tempargs->dsa_key;
1140 unsigned int siglen = tempargs->siglen;
1142 for (count = 0; COND(dsa_c[testnum][1]); count++) {
1143 ret = DSA_verify(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1145 BIO_printf(bio_err, "DSA verify failure\n");
1146 ERR_print_errors(bio_err);
1155 #ifndef OPENSSL_NO_EC
1156 static long ecdsa_c[ECDSA_NUM][2];
1157 static int ECDSA_sign_loop(void *args)
1159 loopargs_t *tempargs = *(loopargs_t **) args;
1160 unsigned char *buf = tempargs->buf;
1161 EC_KEY **ecdsa = tempargs->ecdsa;
1162 unsigned char *ecdsasig = tempargs->buf2;
1163 unsigned int *ecdsasiglen = &tempargs->siglen;
1165 for (count = 0; COND(ecdsa_c[testnum][0]); count++) {
1166 ret = ECDSA_sign(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1168 BIO_printf(bio_err, "ECDSA sign failure\n");
1169 ERR_print_errors(bio_err);
1177 static int ECDSA_verify_loop(void *args)
1179 loopargs_t *tempargs = *(loopargs_t **) args;
1180 unsigned char *buf = tempargs->buf;
1181 EC_KEY **ecdsa = tempargs->ecdsa;
1182 unsigned char *ecdsasig = tempargs->buf2;
1183 unsigned int ecdsasiglen = tempargs->siglen;
1185 for (count = 0; COND(ecdsa_c[testnum][1]); count++) {
1186 ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1188 BIO_printf(bio_err, "ECDSA verify failure\n");
1189 ERR_print_errors(bio_err);
1197 /* ******************************************************************** */
1198 static long ecdh_c[EC_NUM][1];
1200 static int ECDH_EVP_derive_key_loop(void *args)
1202 loopargs_t *tempargs = *(loopargs_t **) args;
1203 EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum];
1204 unsigned char *derived_secret = tempargs->secret_a;
1206 size_t *outlen = &(tempargs->outlen[testnum]);
1208 for (count = 0; COND(ecdh_c[testnum][0]); count++)
1209 EVP_PKEY_derive(ctx, derived_secret, outlen);
1214 static long eddsa_c[EdDSA_NUM][2];
1215 static int EdDSA_sign_loop(void *args)
1217 loopargs_t *tempargs = *(loopargs_t **) args;
1218 unsigned char *buf = tempargs->buf;
1219 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1220 unsigned char *eddsasig = tempargs->buf2;
1221 size_t *eddsasigsize = &tempargs->sigsize;
1224 for (count = 0; COND(eddsa_c[testnum][0]); count++) {
1225 ret = EVP_DigestSign(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1227 BIO_printf(bio_err, "EdDSA sign failure\n");
1228 ERR_print_errors(bio_err);
1236 static int EdDSA_verify_loop(void *args)
1238 loopargs_t *tempargs = *(loopargs_t **) args;
1239 unsigned char *buf = tempargs->buf;
1240 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1241 unsigned char *eddsasig = tempargs->buf2;
1242 size_t eddsasigsize = tempargs->sigsize;
1245 for (count = 0; COND(eddsa_c[testnum][1]); count++) {
1246 ret = EVP_DigestVerify(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1248 BIO_printf(bio_err, "EdDSA verify failure\n");
1249 ERR_print_errors(bio_err);
1256 #endif /* OPENSSL_NO_EC */
1258 static int run_benchmark(int async_jobs,
1259 int (*loop_function) (void *), loopargs_t * loopargs)
1261 int job_op_count = 0;
1262 int total_op_count = 0;
1263 int num_inprogress = 0;
1264 int error = 0, i = 0, ret = 0;
1265 OSSL_ASYNC_FD job_fd = 0;
1266 size_t num_job_fds = 0;
1270 if (async_jobs == 0) {
1271 return loop_function((void *)&loopargs);
1274 for (i = 0; i < async_jobs && !error; i++) {
1275 loopargs_t *looparg_item = loopargs + i;
1277 /* Copy pointer content (looparg_t item address) into async context */
1278 ret = ASYNC_start_job(&loopargs[i].inprogress_job, loopargs[i].wait_ctx,
1279 &job_op_count, loop_function,
1280 (void *)&looparg_item, sizeof(looparg_item));
1286 if (job_op_count == -1) {
1289 total_op_count += job_op_count;
1294 BIO_printf(bio_err, "Failure in the job\n");
1295 ERR_print_errors(bio_err);
1301 while (num_inprogress > 0) {
1302 #if defined(OPENSSL_SYS_WINDOWS)
1304 #elif defined(OPENSSL_SYS_UNIX)
1305 int select_result = 0;
1306 OSSL_ASYNC_FD max_fd = 0;
1309 FD_ZERO(&waitfdset);
1311 for (i = 0; i < async_jobs && num_inprogress > 0; i++) {
1312 if (loopargs[i].inprogress_job == NULL)
1315 if (!ASYNC_WAIT_CTX_get_all_fds
1316 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1317 || num_job_fds > 1) {
1318 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1319 ERR_print_errors(bio_err);
1323 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1325 FD_SET(job_fd, &waitfdset);
1326 if (job_fd > max_fd)
1330 if (max_fd >= (OSSL_ASYNC_FD)FD_SETSIZE) {
1332 "Error: max_fd (%d) must be smaller than FD_SETSIZE (%d). "
1333 "Decrease the value of async_jobs\n",
1334 max_fd, FD_SETSIZE);
1335 ERR_print_errors(bio_err);
1340 select_result = select(max_fd + 1, &waitfdset, NULL, NULL, NULL);
1341 if (select_result == -1 && errno == EINTR)
1344 if (select_result == -1) {
1345 BIO_printf(bio_err, "Failure in the select\n");
1346 ERR_print_errors(bio_err);
1351 if (select_result == 0)
1355 for (i = 0; i < async_jobs; i++) {
1356 if (loopargs[i].inprogress_job == NULL)
1359 if (!ASYNC_WAIT_CTX_get_all_fds
1360 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1361 || num_job_fds > 1) {
1362 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1363 ERR_print_errors(bio_err);
1367 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1370 #if defined(OPENSSL_SYS_UNIX)
1371 if (num_job_fds == 1 && !FD_ISSET(job_fd, &waitfdset))
1373 #elif defined(OPENSSL_SYS_WINDOWS)
1374 if (num_job_fds == 1
1375 && !PeekNamedPipe(job_fd, NULL, 0, NULL, &avail, NULL)
1380 ret = ASYNC_start_job(&loopargs[i].inprogress_job,
1381 loopargs[i].wait_ctx, &job_op_count,
1382 loop_function, (void *)(loopargs + i),
1383 sizeof(loopargs_t));
1388 if (job_op_count == -1) {
1391 total_op_count += job_op_count;
1394 loopargs[i].inprogress_job = NULL;
1399 loopargs[i].inprogress_job = NULL;
1400 BIO_printf(bio_err, "Failure in the job\n");
1401 ERR_print_errors(bio_err);
1408 return error ? -1 : total_op_count;
1411 int speed_main(int argc, char **argv)
1414 loopargs_t *loopargs = NULL;
1416 const char *engine_id = NULL;
1417 const EVP_CIPHER *evp_cipher = NULL;
1420 int async_init = 0, multiblock = 0, pr_header = 0;
1421 int doit[ALGOR_NUM] = { 0 };
1422 int ret = 1, misalign = 0, lengths_single = 0, aead = 0;
1424 unsigned int size_num = OSSL_NELEM(lengths_list);
1425 unsigned int i, k, loop, loopargs_len = 0, async_jobs = 0;
1431 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) \
1432 || !defined(OPENSSL_NO_EC)
1435 openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS,
1436 ECDSA_SECONDS, ECDH_SECONDS,
1439 /* What follows are the buffers and key material. */
1440 #ifndef OPENSSL_NO_RC5
1443 #ifndef OPENSSL_NO_RC2
1446 #ifndef OPENSSL_NO_IDEA
1447 IDEA_KEY_SCHEDULE idea_ks;
1449 #ifndef OPENSSL_NO_SEED
1450 SEED_KEY_SCHEDULE seed_ks;
1452 #ifndef OPENSSL_NO_BF
1455 #ifndef OPENSSL_NO_CAST
1458 static const unsigned char key16[16] = {
1459 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1460 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1462 static const unsigned char key24[24] = {
1463 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1464 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1465 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1467 static const unsigned char key32[32] = {
1468 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1469 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1470 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1471 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1473 #ifndef OPENSSL_NO_CAMELLIA
1474 static const unsigned char ckey24[24] = {
1475 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1476 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1477 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1479 static const unsigned char ckey32[32] = {
1480 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1481 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1482 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1483 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1485 CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3;
1487 #ifndef OPENSSL_NO_DES
1488 static DES_cblock key = {
1489 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0
1491 static DES_cblock key2 = {
1492 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1494 static DES_cblock key3 = {
1495 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1498 #ifndef OPENSSL_NO_RSA
1499 static const unsigned int rsa_bits[RSA_NUM] = {
1500 512, 1024, 2048, 3072, 4096, 7680, 15360
1502 static const unsigned char *rsa_data[RSA_NUM] = {
1503 test512, test1024, test2048, test3072, test4096, test7680, test15360
1505 static const int rsa_data_length[RSA_NUM] = {
1506 sizeof(test512), sizeof(test1024),
1507 sizeof(test2048), sizeof(test3072),
1508 sizeof(test4096), sizeof(test7680),
1511 int rsa_doit[RSA_NUM] = { 0 };
1512 int primes = RSA_DEFAULT_PRIME_NUM;
1514 #ifndef OPENSSL_NO_DSA
1515 static const unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 };
1516 int dsa_doit[DSA_NUM] = { 0 };
1518 #ifndef OPENSSL_NO_EC
1520 * We only test over the following curves as they are representative, To
1521 * add tests over more curves, simply add the curve NID and curve name to
1522 * the following arrays and increase the |ecdh_choices| list accordingly.
1524 static const struct {
1530 {"secp160r1", NID_secp160r1, 160},
1531 {"nistp192", NID_X9_62_prime192v1, 192},
1532 {"nistp224", NID_secp224r1, 224},
1533 {"nistp256", NID_X9_62_prime256v1, 256},
1534 {"nistp384", NID_secp384r1, 384},
1535 {"nistp521", NID_secp521r1, 521},
1536 # ifndef OPENSSL_NO_EC2M
1538 {"nistk163", NID_sect163k1, 163},
1539 {"nistk233", NID_sect233k1, 233},
1540 {"nistk283", NID_sect283k1, 283},
1541 {"nistk409", NID_sect409k1, 409},
1542 {"nistk571", NID_sect571k1, 571},
1543 {"nistb163", NID_sect163r2, 163},
1544 {"nistb233", NID_sect233r1, 233},
1545 {"nistb283", NID_sect283r1, 283},
1546 {"nistb409", NID_sect409r1, 409},
1547 {"nistb571", NID_sect571r1, 571},
1549 {"brainpoolP256r1", NID_brainpoolP256r1, 256},
1550 {"brainpoolP256t1", NID_brainpoolP256t1, 256},
1551 {"brainpoolP384r1", NID_brainpoolP384r1, 384},
1552 {"brainpoolP384t1", NID_brainpoolP384t1, 384},
1553 {"brainpoolP512r1", NID_brainpoolP512r1, 512},
1554 {"brainpoolP512t1", NID_brainpoolP512t1, 512},
1555 /* Other and ECDH only ones */
1556 {"X25519", NID_X25519, 253},
1557 {"X448", NID_X448, 448}
1559 static const struct {
1564 } test_ed_curves[] = {
1566 {"Ed25519", NID_ED25519, 253, 64},
1567 {"Ed448", NID_ED448, 456, 114}
1569 int ecdsa_doit[ECDSA_NUM] = { 0 };
1570 int ecdh_doit[EC_NUM] = { 0 };
1571 int eddsa_doit[EdDSA_NUM] = { 0 };
1572 OPENSSL_assert(OSSL_NELEM(test_curves) >= EC_NUM);
1573 OPENSSL_assert(OSSL_NELEM(test_ed_curves) >= EdDSA_NUM);
1574 #endif /* ndef OPENSSL_NO_EC */
1576 prog = opt_init(argc, argv, speed_options);
1577 while ((o = opt_next()) != OPT_EOF) {
1582 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
1585 opt_help(speed_options);
1593 evp_cipher = EVP_get_cipherbyname(opt_arg());
1594 if (evp_cipher == NULL)
1595 evp_md = EVP_get_digestbyname(opt_arg());
1596 if (evp_cipher == NULL && evp_md == NULL) {
1598 "%s: %s is an unknown cipher or digest\n",
1605 evp_hmac_md = EVP_get_digestbyname(opt_arg());
1606 if (evp_hmac_md == NULL) {
1607 BIO_printf(bio_err, "%s: %s is an unknown digest\n",
1611 doit[D_EVP_HMAC] = 1;
1618 * In a forked execution, an engine might need to be
1619 * initialised by each child process, not by the parent.
1620 * So store the name here and run setup_engine() later on.
1622 engine_id = opt_arg();
1626 multi = atoi(opt_arg());
1630 #ifndef OPENSSL_NO_ASYNC
1631 async_jobs = atoi(opt_arg());
1632 if (!ASYNC_is_capable()) {
1634 "%s: async_jobs specified but async not supported\n",
1638 if (async_jobs > 99999) {
1639 BIO_printf(bio_err, "%s: too many async_jobs\n", prog);
1645 if (!opt_int(opt_arg(), &misalign))
1647 if (misalign > MISALIGN) {
1649 "%s: Maximum offset is %d\n", prog, MISALIGN);
1658 #ifdef OPENSSL_NO_MULTIBLOCK
1660 "%s: -mb specified but multi-block support is disabled\n",
1670 if (!opt_int(opt_arg(), &primes))
1674 seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa
1675 = seconds.ecdh = seconds.eddsa = atoi(opt_arg());
1678 lengths_single = atoi(opt_arg());
1679 lengths = &lengths_single;
1687 argc = opt_num_rest();
1690 /* Remaining arguments are algorithms. */
1691 for (; *argv; argv++) {
1692 if (found(*argv, doit_choices, &i)) {
1696 #ifndef OPENSSL_NO_DES
1697 if (strcmp(*argv, "des") == 0) {
1698 doit[D_CBC_DES] = doit[D_EDE3_DES] = 1;
1702 if (strcmp(*argv, "sha") == 0) {
1703 doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1;
1706 #ifndef OPENSSL_NO_RSA
1707 if (strcmp(*argv, "openssl") == 0)
1709 if (strcmp(*argv, "rsa") == 0) {
1710 for (loop = 0; loop < OSSL_NELEM(rsa_doit); loop++)
1714 if (found(*argv, rsa_choices, &i)) {
1719 #ifndef OPENSSL_NO_DSA
1720 if (strcmp(*argv, "dsa") == 0) {
1721 dsa_doit[R_DSA_512] = dsa_doit[R_DSA_1024] =
1722 dsa_doit[R_DSA_2048] = 1;
1725 if (found(*argv, dsa_choices, &i)) {
1730 if (strcmp(*argv, "aes") == 0) {
1731 doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1;
1734 #ifndef OPENSSL_NO_CAMELLIA
1735 if (strcmp(*argv, "camellia") == 0) {
1736 doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1;
1740 #ifndef OPENSSL_NO_EC
1741 if (strcmp(*argv, "ecdsa") == 0) {
1742 for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
1743 ecdsa_doit[loop] = 1;
1746 if (found(*argv, ecdsa_choices, &i)) {
1750 if (strcmp(*argv, "ecdh") == 0) {
1751 for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
1752 ecdh_doit[loop] = 1;
1755 if (found(*argv, ecdh_choices, &i)) {
1759 if (strcmp(*argv, "eddsa") == 0) {
1760 for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
1761 eddsa_doit[loop] = 1;
1764 if (found(*argv, eddsa_choices, &i)) {
1769 BIO_printf(bio_err, "%s: Unknown algorithm %s\n", prog, *argv);
1775 if (evp_cipher == NULL) {
1776 BIO_printf(bio_err, "-aead can be used only with an AEAD cipher\n");
1778 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1779 EVP_CIPH_FLAG_AEAD_CIPHER)) {
1780 BIO_printf(bio_err, "%s is not an AEAD cipher\n",
1781 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1786 if (evp_cipher == NULL) {
1787 BIO_printf(bio_err,"-mb can be used only with a multi-block"
1788 " capable cipher\n");
1790 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1791 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
1792 BIO_printf(bio_err, "%s is not a multi-block capable\n",
1793 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1795 } else if (async_jobs > 0) {
1796 BIO_printf(bio_err, "Async mode is not supported with -mb");
1801 /* Initialize the job pool if async mode is enabled */
1802 if (async_jobs > 0) {
1803 async_init = ASYNC_init_thread(async_jobs, async_jobs);
1805 BIO_printf(bio_err, "Error creating the ASYNC job pool\n");
1810 loopargs_len = (async_jobs == 0 ? 1 : async_jobs);
1812 app_malloc(loopargs_len * sizeof(loopargs_t), "array of loopargs");
1813 memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));
1815 for (i = 0; i < loopargs_len; i++) {
1816 if (async_jobs > 0) {
1817 loopargs[i].wait_ctx = ASYNC_WAIT_CTX_new();
1818 if (loopargs[i].wait_ctx == NULL) {
1819 BIO_printf(bio_err, "Error creating the ASYNC_WAIT_CTX\n");
1824 buflen = lengths[size_num - 1];
1825 if (buflen < 36) /* size of random vector in RSA bencmark */
1827 buflen += MAX_MISALIGNMENT + 1;
1828 loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
1829 loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");
1830 memset(loopargs[i].buf_malloc, 0, buflen);
1831 memset(loopargs[i].buf2_malloc, 0, buflen);
1833 /* Align the start of buffers on a 64 byte boundary */
1834 loopargs[i].buf = loopargs[i].buf_malloc + misalign;
1835 loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;
1836 #ifndef OPENSSL_NO_EC
1837 loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a");
1838 loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b");
1843 if (multi && do_multi(multi, size_num))
1847 /* Initialize the engine after the fork */
1848 e = setup_engine(engine_id, 0);
1850 /* No parameters; turn on everything. */
1851 if (argc == 0 && !doit[D_EVP] && !doit[D_EVP_HMAC]) {
1852 for (i = 0; i < ALGOR_NUM; i++)
1853 if (i != D_EVP && i != D_EVP_HMAC)
1855 #ifndef OPENSSL_NO_RSA
1856 for (i = 0; i < RSA_NUM; i++)
1859 #ifndef OPENSSL_NO_DSA
1860 for (i = 0; i < DSA_NUM; i++)
1863 #ifndef OPENSSL_NO_EC
1864 for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
1865 ecdsa_doit[loop] = 1;
1866 for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
1867 ecdh_doit[loop] = 1;
1868 for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
1869 eddsa_doit[loop] = 1;
1872 for (i = 0; i < ALGOR_NUM; i++)
1876 if (usertime == 0 && !mr)
1878 "You have chosen to measure elapsed time "
1879 "instead of user CPU time.\n");
1881 #ifndef OPENSSL_NO_RSA
1882 for (i = 0; i < loopargs_len; i++) {
1883 if (primes > RSA_DEFAULT_PRIME_NUM) {
1884 /* for multi-prime RSA, skip this */
1887 for (k = 0; k < RSA_NUM; k++) {
1888 const unsigned char *p;
1891 loopargs[i].rsa_key[k] =
1892 d2i_RSAPrivateKey(NULL, &p, rsa_data_length[k]);
1893 if (loopargs[i].rsa_key[k] == NULL) {
1895 "internal error loading RSA key number %d\n", k);
1901 #ifndef OPENSSL_NO_DSA
1902 for (i = 0; i < loopargs_len; i++) {
1903 loopargs[i].dsa_key[0] = get_dsa(512);
1904 loopargs[i].dsa_key[1] = get_dsa(1024);
1905 loopargs[i].dsa_key[2] = get_dsa(2048);
1908 #ifndef OPENSSL_NO_DES
1909 DES_set_key_unchecked(&key, &sch);
1910 DES_set_key_unchecked(&key2, &sch2);
1911 DES_set_key_unchecked(&key3, &sch3);
1913 AES_set_encrypt_key(key16, 128, &aes_ks1);
1914 AES_set_encrypt_key(key24, 192, &aes_ks2);
1915 AES_set_encrypt_key(key32, 256, &aes_ks3);
1916 #ifndef OPENSSL_NO_CAMELLIA
1917 Camellia_set_key(key16, 128, &camellia_ks1);
1918 Camellia_set_key(ckey24, 192, &camellia_ks2);
1919 Camellia_set_key(ckey32, 256, &camellia_ks3);
1921 #ifndef OPENSSL_NO_IDEA
1922 IDEA_set_encrypt_key(key16, &idea_ks);
1924 #ifndef OPENSSL_NO_SEED
1925 SEED_set_key(key16, &seed_ks);
1927 #ifndef OPENSSL_NO_RC4
1928 RC4_set_key(&rc4_ks, 16, key16);
1930 #ifndef OPENSSL_NO_RC2
1931 RC2_set_key(&rc2_ks, 16, key16, 128);
1933 #ifndef OPENSSL_NO_RC5
1934 RC5_32_set_key(&rc5_ks, 16, key16, 12);
1936 #ifndef OPENSSL_NO_BF
1937 BF_set_key(&bf_ks, 16, key16);
1939 #ifndef OPENSSL_NO_CAST
1940 CAST_set_key(&cast_ks, 16, key16);
1943 # ifndef OPENSSL_NO_DES
1944 BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
1950 for (it = count; it; it--)
1951 DES_ecb_encrypt((DES_cblock *)loopargs[0].buf,
1952 (DES_cblock *)loopargs[0].buf, &sch, DES_ENCRYPT);
1956 c[D_MD2][0] = count / 10;
1957 c[D_MDC2][0] = count / 10;
1958 c[D_MD4][0] = count;
1959 c[D_MD5][0] = count;
1960 c[D_HMAC][0] = count;
1961 c[D_SHA1][0] = count;
1962 c[D_RMD160][0] = count;
1963 c[D_RC4][0] = count * 5;
1964 c[D_CBC_DES][0] = count;
1965 c[D_EDE3_DES][0] = count / 3;
1966 c[D_CBC_IDEA][0] = count;
1967 c[D_CBC_SEED][0] = count;
1968 c[D_CBC_RC2][0] = count;
1969 c[D_CBC_RC5][0] = count;
1970 c[D_CBC_BF][0] = count;
1971 c[D_CBC_CAST][0] = count;
1972 c[D_CBC_128_AES][0] = count;
1973 c[D_CBC_192_AES][0] = count;
1974 c[D_CBC_256_AES][0] = count;
1975 c[D_CBC_128_CML][0] = count;
1976 c[D_CBC_192_CML][0] = count;
1977 c[D_CBC_256_CML][0] = count;
1978 c[D_SHA256][0] = count;
1979 c[D_SHA512][0] = count;
1980 c[D_WHIRLPOOL][0] = count;
1981 c[D_IGE_128_AES][0] = count;
1982 c[D_IGE_192_AES][0] = count;
1983 c[D_IGE_256_AES][0] = count;
1984 c[D_GHASH][0] = count;
1985 c[D_RAND][0] = count;
1987 for (i = 1; i < size_num; i++) {
1990 l0 = (long)lengths[0];
1991 l1 = (long)lengths[i];
1993 c[D_MD2][i] = c[D_MD2][0] * 4 * l0 / l1;
1994 c[D_MDC2][i] = c[D_MDC2][0] * 4 * l0 / l1;
1995 c[D_MD4][i] = c[D_MD4][0] * 4 * l0 / l1;
1996 c[D_MD5][i] = c[D_MD5][0] * 4 * l0 / l1;
1997 c[D_HMAC][i] = c[D_HMAC][0] * 4 * l0 / l1;
1998 c[D_SHA1][i] = c[D_SHA1][0] * 4 * l0 / l1;
1999 c[D_RMD160][i] = c[D_RMD160][0] * 4 * l0 / l1;
2000 c[D_SHA256][i] = c[D_SHA256][0] * 4 * l0 / l1;
2001 c[D_SHA512][i] = c[D_SHA512][0] * 4 * l0 / l1;
2002 c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * l0 / l1;
2003 c[D_GHASH][i] = c[D_GHASH][0] * 4 * l0 / l1;
2004 c[D_RAND][i] = c[D_RAND][0] * 4 * l0 / l1;
2006 l0 = (long)lengths[i - 1];
2008 c[D_RC4][i] = c[D_RC4][i - 1] * l0 / l1;
2009 c[D_CBC_DES][i] = c[D_CBC_DES][i - 1] * l0 / l1;
2010 c[D_EDE3_DES][i] = c[D_EDE3_DES][i - 1] * l0 / l1;
2011 c[D_CBC_IDEA][i] = c[D_CBC_IDEA][i - 1] * l0 / l1;
2012 c[D_CBC_SEED][i] = c[D_CBC_SEED][i - 1] * l0 / l1;
2013 c[D_CBC_RC2][i] = c[D_CBC_RC2][i - 1] * l0 / l1;
2014 c[D_CBC_RC5][i] = c[D_CBC_RC5][i - 1] * l0 / l1;
2015 c[D_CBC_BF][i] = c[D_CBC_BF][i - 1] * l0 / l1;
2016 c[D_CBC_CAST][i] = c[D_CBC_CAST][i - 1] * l0 / l1;
2017 c[D_CBC_128_AES][i] = c[D_CBC_128_AES][i - 1] * l0 / l1;
2018 c[D_CBC_192_AES][i] = c[D_CBC_192_AES][i - 1] * l0 / l1;
2019 c[D_CBC_256_AES][i] = c[D_CBC_256_AES][i - 1] * l0 / l1;
2020 c[D_CBC_128_CML][i] = c[D_CBC_128_CML][i - 1] * l0 / l1;
2021 c[D_CBC_192_CML][i] = c[D_CBC_192_CML][i - 1] * l0 / l1;
2022 c[D_CBC_256_CML][i] = c[D_CBC_256_CML][i - 1] * l0 / l1;
2023 c[D_IGE_128_AES][i] = c[D_IGE_128_AES][i - 1] * l0 / l1;
2024 c[D_IGE_192_AES][i] = c[D_IGE_192_AES][i - 1] * l0 / l1;
2025 c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
2028 # ifndef OPENSSL_NO_RSA
2029 rsa_c[R_RSA_512][0] = count / 2000;
2030 rsa_c[R_RSA_512][1] = count / 400;
2031 for (i = 1; i < RSA_NUM; i++) {
2032 rsa_c[i][0] = rsa_c[i - 1][0] / 8;
2033 rsa_c[i][1] = rsa_c[i - 1][1] / 4;
2034 if (rsa_doit[i] <= 1 && rsa_c[i][0] == 0)
2037 if (rsa_c[i][0] == 0) {
2038 rsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2045 # ifndef OPENSSL_NO_DSA
2046 dsa_c[R_DSA_512][0] = count / 1000;
2047 dsa_c[R_DSA_512][1] = count / 1000 / 2;
2048 for (i = 1; i < DSA_NUM; i++) {
2049 dsa_c[i][0] = dsa_c[i - 1][0] / 4;
2050 dsa_c[i][1] = dsa_c[i - 1][1] / 4;
2051 if (dsa_doit[i] <= 1 && dsa_c[i][0] == 0)
2054 if (dsa_c[i][0] == 0) {
2055 dsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2062 # ifndef OPENSSL_NO_EC
2063 ecdsa_c[R_EC_P160][0] = count / 1000;
2064 ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
2065 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2066 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2067 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2068 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2071 if (ecdsa_c[i][0] == 0) {
2077 # ifndef OPENSSL_NO_EC2M
2078 ecdsa_c[R_EC_K163][0] = count / 1000;
2079 ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
2080 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2081 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2082 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2083 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2086 if (ecdsa_c[i][0] == 0) {
2092 ecdsa_c[R_EC_B163][0] = count / 1000;
2093 ecdsa_c[R_EC_B163][1] = count / 1000 / 2;
2094 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2095 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2096 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2097 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2100 if (ecdsa_c[i][0] == 0) {
2108 ecdh_c[R_EC_P160][0] = count / 1000;
2109 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2110 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2111 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2114 if (ecdh_c[i][0] == 0) {
2119 # ifndef OPENSSL_NO_EC2M
2120 ecdh_c[R_EC_K163][0] = count / 1000;
2121 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2122 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2123 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2126 if (ecdh_c[i][0] == 0) {
2131 ecdh_c[R_EC_B163][0] = count / 1000;
2132 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2133 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2134 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2137 if (ecdh_c[i][0] == 0) {
2143 /* repeated code good to factorize */
2144 ecdh_c[R_EC_BRP256R1][0] = count / 1000;
2145 for (i = R_EC_BRP384R1; i <= R_EC_BRP512R1; i += 2) {
2146 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2147 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2150 if (ecdh_c[i][0] == 0) {
2155 ecdh_c[R_EC_BRP256T1][0] = count / 1000;
2156 for (i = R_EC_BRP384T1; i <= R_EC_BRP512T1; i += 2) {
2157 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2158 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2161 if (ecdh_c[i][0] == 0) {
2166 /* default iteration count for the last two EC Curves */
2167 ecdh_c[R_EC_X25519][0] = count / 1800;
2168 ecdh_c[R_EC_X448][0] = count / 7200;
2170 eddsa_c[R_EC_Ed25519][0] = count / 1800;
2171 eddsa_c[R_EC_Ed448][0] = count / 7200;
2175 /* not worth fixing */
2176 # error "You cannot disable DES on systems without SIGALRM."
2177 # endif /* OPENSSL_NO_DES */
2179 signal(SIGALRM, alarmed);
2180 #endif /* SIGALRM */
2182 #ifndef OPENSSL_NO_MD2
2184 for (testnum = 0; testnum < size_num; testnum++) {
2185 print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum],
2188 count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs);
2190 print_result(D_MD2, testnum, count, d);
2194 #ifndef OPENSSL_NO_MDC2
2196 for (testnum = 0; testnum < size_num; testnum++) {
2197 print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum],
2200 count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs);
2202 print_result(D_MDC2, testnum, count, d);
2207 #ifndef OPENSSL_NO_MD4
2209 for (testnum = 0; testnum < size_num; testnum++) {
2210 print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum],
2213 count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs);
2215 print_result(D_MD4, testnum, count, d);
2220 #ifndef OPENSSL_NO_MD5
2222 for (testnum = 0; testnum < size_num; testnum++) {
2223 print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum],
2226 count = run_benchmark(async_jobs, MD5_loop, loopargs);
2228 print_result(D_MD5, testnum, count, d);
2233 static const char hmac_key[] = "This is a key...";
2234 int len = strlen(hmac_key);
2236 for (i = 0; i < loopargs_len; i++) {
2237 loopargs[i].hctx = HMAC_CTX_new();
2238 if (loopargs[i].hctx == NULL) {
2239 BIO_printf(bio_err, "HMAC malloc failure, exiting...");
2243 HMAC_Init_ex(loopargs[i].hctx, hmac_key, len, EVP_md5(), NULL);
2245 for (testnum = 0; testnum < size_num; testnum++) {
2246 print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum],
2249 count = run_benchmark(async_jobs, HMAC_loop, loopargs);
2251 print_result(D_HMAC, testnum, count, d);
2253 for (i = 0; i < loopargs_len; i++) {
2254 HMAC_CTX_free(loopargs[i].hctx);
2259 for (testnum = 0; testnum < size_num; testnum++) {
2260 print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum],
2263 count = run_benchmark(async_jobs, SHA1_loop, loopargs);
2265 print_result(D_SHA1, testnum, count, d);
2268 if (doit[D_SHA256]) {
2269 for (testnum = 0; testnum < size_num; testnum++) {
2270 print_message(names[D_SHA256], c[D_SHA256][testnum],
2271 lengths[testnum], seconds.sym);
2273 count = run_benchmark(async_jobs, SHA256_loop, loopargs);
2275 print_result(D_SHA256, testnum, count, d);
2278 if (doit[D_SHA512]) {
2279 for (testnum = 0; testnum < size_num; testnum++) {
2280 print_message(names[D_SHA512], c[D_SHA512][testnum],
2281 lengths[testnum], seconds.sym);
2283 count = run_benchmark(async_jobs, SHA512_loop, loopargs);
2285 print_result(D_SHA512, testnum, count, d);
2288 #ifndef OPENSSL_NO_WHIRLPOOL
2289 if (doit[D_WHIRLPOOL]) {
2290 for (testnum = 0; testnum < size_num; testnum++) {
2291 print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][testnum],
2292 lengths[testnum], seconds.sym);
2294 count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs);
2296 print_result(D_WHIRLPOOL, testnum, count, d);
2301 #ifndef OPENSSL_NO_RMD160
2302 if (doit[D_RMD160]) {
2303 for (testnum = 0; testnum < size_num; testnum++) {
2304 print_message(names[D_RMD160], c[D_RMD160][testnum],
2305 lengths[testnum], seconds.sym);
2307 count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs);
2309 print_result(D_RMD160, testnum, count, d);
2313 #ifndef OPENSSL_NO_RC4
2315 for (testnum = 0; testnum < size_num; testnum++) {
2316 print_message(names[D_RC4], c[D_RC4][testnum], lengths[testnum],
2319 count = run_benchmark(async_jobs, RC4_loop, loopargs);
2321 print_result(D_RC4, testnum, count, d);
2325 #ifndef OPENSSL_NO_DES
2326 if (doit[D_CBC_DES]) {
2327 for (testnum = 0; testnum < size_num; testnum++) {
2328 print_message(names[D_CBC_DES], c[D_CBC_DES][testnum],
2329 lengths[testnum], seconds.sym);
2331 count = run_benchmark(async_jobs, DES_ncbc_encrypt_loop, loopargs);
2333 print_result(D_CBC_DES, testnum, count, d);
2337 if (doit[D_EDE3_DES]) {
2338 for (testnum = 0; testnum < size_num; testnum++) {
2339 print_message(names[D_EDE3_DES], c[D_EDE3_DES][testnum],
2340 lengths[testnum], seconds.sym);
2343 run_benchmark(async_jobs, DES_ede3_cbc_encrypt_loop, loopargs);
2345 print_result(D_EDE3_DES, testnum, count, d);
2350 if (doit[D_CBC_128_AES]) {
2351 for (testnum = 0; testnum < size_num; testnum++) {
2352 print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][testnum],
2353 lengths[testnum], seconds.sym);
2356 run_benchmark(async_jobs, AES_cbc_128_encrypt_loop, loopargs);
2358 print_result(D_CBC_128_AES, testnum, count, d);
2361 if (doit[D_CBC_192_AES]) {
2362 for (testnum = 0; testnum < size_num; testnum++) {
2363 print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][testnum],
2364 lengths[testnum], seconds.sym);
2367 run_benchmark(async_jobs, AES_cbc_192_encrypt_loop, loopargs);
2369 print_result(D_CBC_192_AES, testnum, count, d);
2372 if (doit[D_CBC_256_AES]) {
2373 for (testnum = 0; testnum < size_num; testnum++) {
2374 print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][testnum],
2375 lengths[testnum], seconds.sym);
2378 run_benchmark(async_jobs, AES_cbc_256_encrypt_loop, loopargs);
2380 print_result(D_CBC_256_AES, testnum, count, d);
2384 if (doit[D_IGE_128_AES]) {
2385 for (testnum = 0; testnum < size_num; testnum++) {
2386 print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][testnum],
2387 lengths[testnum], seconds.sym);
2390 run_benchmark(async_jobs, AES_ige_128_encrypt_loop, loopargs);
2392 print_result(D_IGE_128_AES, testnum, count, d);
2395 if (doit[D_IGE_192_AES]) {
2396 for (testnum = 0; testnum < size_num; testnum++) {
2397 print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][testnum],
2398 lengths[testnum], seconds.sym);
2401 run_benchmark(async_jobs, AES_ige_192_encrypt_loop, loopargs);
2403 print_result(D_IGE_192_AES, testnum, count, d);
2406 if (doit[D_IGE_256_AES]) {
2407 for (testnum = 0; testnum < size_num; testnum++) {
2408 print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][testnum],
2409 lengths[testnum], seconds.sym);
2412 run_benchmark(async_jobs, AES_ige_256_encrypt_loop, loopargs);
2414 print_result(D_IGE_256_AES, testnum, count, d);
2417 if (doit[D_GHASH]) {
2418 for (i = 0; i < loopargs_len; i++) {
2419 loopargs[i].gcm_ctx =
2420 CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
2421 CRYPTO_gcm128_setiv(loopargs[i].gcm_ctx,
2422 (unsigned char *)"0123456789ab", 12);
2425 for (testnum = 0; testnum < size_num; testnum++) {
2426 print_message(names[D_GHASH], c[D_GHASH][testnum],
2427 lengths[testnum], seconds.sym);
2429 count = run_benchmark(async_jobs, CRYPTO_gcm128_aad_loop, loopargs);
2431 print_result(D_GHASH, testnum, count, d);
2433 for (i = 0; i < loopargs_len; i++)
2434 CRYPTO_gcm128_release(loopargs[i].gcm_ctx);
2436 #ifndef OPENSSL_NO_CAMELLIA
2437 if (doit[D_CBC_128_CML]) {
2438 if (async_jobs > 0) {
2439 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2440 names[D_CBC_128_CML]);
2441 doit[D_CBC_128_CML] = 0;
2443 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2444 print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][testnum],
2445 lengths[testnum], seconds.sym);
2447 for (count = 0, run = 1; COND(c[D_CBC_128_CML][testnum]); count++)
2448 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2449 (size_t)lengths[testnum], &camellia_ks1,
2450 iv, CAMELLIA_ENCRYPT);
2452 print_result(D_CBC_128_CML, testnum, count, d);
2455 if (doit[D_CBC_192_CML]) {
2456 if (async_jobs > 0) {
2457 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2458 names[D_CBC_192_CML]);
2459 doit[D_CBC_192_CML] = 0;
2461 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2462 print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][testnum],
2463 lengths[testnum], seconds.sym);
2464 if (async_jobs > 0) {
2465 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2469 for (count = 0, run = 1; COND(c[D_CBC_192_CML][testnum]); count++)
2470 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2471 (size_t)lengths[testnum], &camellia_ks2,
2472 iv, CAMELLIA_ENCRYPT);
2474 print_result(D_CBC_192_CML, testnum, count, d);
2477 if (doit[D_CBC_256_CML]) {
2478 if (async_jobs > 0) {
2479 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2480 names[D_CBC_256_CML]);
2481 doit[D_CBC_256_CML] = 0;
2483 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2484 print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][testnum],
2485 lengths[testnum], seconds.sym);
2487 for (count = 0, run = 1; COND(c[D_CBC_256_CML][testnum]); count++)
2488 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2489 (size_t)lengths[testnum], &camellia_ks3,
2490 iv, CAMELLIA_ENCRYPT);
2492 print_result(D_CBC_256_CML, testnum, count, d);
2496 #ifndef OPENSSL_NO_IDEA
2497 if (doit[D_CBC_IDEA]) {
2498 if (async_jobs > 0) {
2499 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2501 doit[D_CBC_IDEA] = 0;
2503 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2504 print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][testnum],
2505 lengths[testnum], seconds.sym);
2507 for (count = 0, run = 1; COND(c[D_CBC_IDEA][testnum]); count++)
2508 IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2509 (size_t)lengths[testnum], &idea_ks,
2512 print_result(D_CBC_IDEA, testnum, count, d);
2516 #ifndef OPENSSL_NO_SEED
2517 if (doit[D_CBC_SEED]) {
2518 if (async_jobs > 0) {
2519 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2521 doit[D_CBC_SEED] = 0;
2523 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2524 print_message(names[D_CBC_SEED], c[D_CBC_SEED][testnum],
2525 lengths[testnum], seconds.sym);
2527 for (count = 0, run = 1; COND(c[D_CBC_SEED][testnum]); count++)
2528 SEED_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2529 (size_t)lengths[testnum], &seed_ks, iv, 1);
2531 print_result(D_CBC_SEED, testnum, count, d);
2535 #ifndef OPENSSL_NO_RC2
2536 if (doit[D_CBC_RC2]) {
2537 if (async_jobs > 0) {
2538 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2540 doit[D_CBC_RC2] = 0;
2542 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2543 print_message(names[D_CBC_RC2], c[D_CBC_RC2][testnum],
2544 lengths[testnum], seconds.sym);
2545 if (async_jobs > 0) {
2546 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2550 for (count = 0, run = 1; COND(c[D_CBC_RC2][testnum]); count++)
2551 RC2_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2552 (size_t)lengths[testnum], &rc2_ks,
2555 print_result(D_CBC_RC2, testnum, count, d);
2559 #ifndef OPENSSL_NO_RC5
2560 if (doit[D_CBC_RC5]) {
2561 if (async_jobs > 0) {
2562 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2564 doit[D_CBC_RC5] = 0;
2566 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2567 print_message(names[D_CBC_RC5], c[D_CBC_RC5][testnum],
2568 lengths[testnum], seconds.sym);
2569 if (async_jobs > 0) {
2570 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2574 for (count = 0, run = 1; COND(c[D_CBC_RC5][testnum]); count++)
2575 RC5_32_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2576 (size_t)lengths[testnum], &rc5_ks,
2579 print_result(D_CBC_RC5, testnum, count, d);
2583 #ifndef OPENSSL_NO_BF
2584 if (doit[D_CBC_BF]) {
2585 if (async_jobs > 0) {
2586 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2590 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2591 print_message(names[D_CBC_BF], c[D_CBC_BF][testnum],
2592 lengths[testnum], seconds.sym);
2594 for (count = 0, run = 1; COND(c[D_CBC_BF][testnum]); count++)
2595 BF_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2596 (size_t)lengths[testnum], &bf_ks,
2599 print_result(D_CBC_BF, testnum, count, d);
2603 #ifndef OPENSSL_NO_CAST
2604 if (doit[D_CBC_CAST]) {
2605 if (async_jobs > 0) {
2606 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2608 doit[D_CBC_CAST] = 0;
2610 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2611 print_message(names[D_CBC_CAST], c[D_CBC_CAST][testnum],
2612 lengths[testnum], seconds.sym);
2614 for (count = 0, run = 1; COND(c[D_CBC_CAST][testnum]); count++)
2615 CAST_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2616 (size_t)lengths[testnum], &cast_ks,
2619 print_result(D_CBC_CAST, testnum, count, d);
2624 for (testnum = 0; testnum < size_num; testnum++) {
2625 print_message(names[D_RAND], c[D_RAND][testnum], lengths[testnum],
2628 count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs);
2630 print_result(D_RAND, testnum, count, d);
2635 if (evp_cipher != NULL) {
2636 int (*loopfunc)(void *args) = EVP_Update_loop;
2638 if (multiblock && (EVP_CIPHER_flags(evp_cipher) &
2639 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
2640 multiblock_speed(evp_cipher, lengths_single, &seconds);
2645 names[D_EVP] = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
2647 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_CCM_MODE) {
2648 loopfunc = EVP_Update_loop_ccm;
2649 } else if (aead && (EVP_CIPHER_flags(evp_cipher) &
2650 EVP_CIPH_FLAG_AEAD_CIPHER)) {
2651 loopfunc = EVP_Update_loop_aead;
2652 if (lengths == lengths_list) {
2653 lengths = aead_lengths_list;
2654 size_num = OSSL_NELEM(aead_lengths_list);
2658 for (testnum = 0; testnum < size_num; testnum++) {
2659 print_message(names[D_EVP], save_count, lengths[testnum],
2662 for (k = 0; k < loopargs_len; k++) {
2663 loopargs[k].ctx = EVP_CIPHER_CTX_new();
2664 EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL, NULL,
2665 iv, decrypt ? 0 : 1);
2667 EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
2669 keylen = EVP_CIPHER_CTX_key_length(loopargs[k].ctx);
2670 loopargs[k].key = app_malloc(keylen, "evp_cipher key");
2671 EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key);
2672 EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
2673 loopargs[k].key, NULL, -1);
2674 OPENSSL_clear_free(loopargs[k].key, keylen);
2676 /* SIV mode only allows for a single Update operation */
2677 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_SIV_MODE)
2678 EVP_CIPHER_CTX_ctrl(loopargs[k].ctx, EVP_CTRL_SET_SPEED, 1, NULL);
2682 count = run_benchmark(async_jobs, loopfunc, loopargs);
2684 for (k = 0; k < loopargs_len; k++) {
2685 EVP_CIPHER_CTX_free(loopargs[k].ctx);
2687 print_result(D_EVP, testnum, count, d);
2689 } else if (evp_md != NULL) {
2690 names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md));
2692 for (testnum = 0; testnum < size_num; testnum++) {
2693 print_message(names[D_EVP], save_count, lengths[testnum],
2696 count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs);
2698 print_result(D_EVP, testnum, count, d);
2703 if (doit[D_EVP_HMAC]) {
2704 if (evp_hmac_md != NULL) {
2705 const char *md_name = OBJ_nid2ln(EVP_MD_type(evp_hmac_md));
2706 evp_hmac_name = app_malloc(sizeof("HMAC()") + strlen(md_name),
2708 sprintf(evp_hmac_name, "HMAC(%s)", md_name);
2709 names[D_EVP_HMAC] = evp_hmac_name;
2711 for (testnum = 0; testnum < size_num; testnum++) {
2712 print_message(names[D_EVP_HMAC], save_count, lengths[testnum],
2715 count = run_benchmark(async_jobs, EVP_HMAC_loop, loopargs);
2717 print_result(D_EVP_HMAC, testnum, count, d);
2722 for (i = 0; i < loopargs_len; i++)
2723 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2726 #ifndef OPENSSL_NO_RSA
2727 for (testnum = 0; testnum < RSA_NUM; testnum++) {
2729 if (!rsa_doit[testnum])
2731 for (i = 0; i < loopargs_len; i++) {
2733 /* we haven't set keys yet, generate multi-prime RSA keys */
2734 BIGNUM *bn = BN_new();
2738 if (!BN_set_word(bn, RSA_F4)) {
2743 BIO_printf(bio_err, "Generate multi-prime RSA key for %s\n",
2744 rsa_choices[testnum].name);
2746 loopargs[i].rsa_key[testnum] = RSA_new();
2747 if (loopargs[i].rsa_key[testnum] == NULL) {
2752 if (!RSA_generate_multi_prime_key(loopargs[i].rsa_key[testnum],
2754 primes, bn, NULL)) {
2760 st = RSA_sign(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2761 &loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2767 "RSA sign failure. No RSA sign will be done.\n");
2768 ERR_print_errors(bio_err);
2771 pkey_print_message("private", "rsa",
2772 rsa_c[testnum][0], rsa_bits[testnum],
2774 /* RSA_blinding_on(rsa_key[testnum],NULL); */
2776 count = run_benchmark(async_jobs, RSA_sign_loop, loopargs);
2779 mr ? "+R1:%ld:%d:%.2f\n"
2780 : "%ld %u bits private RSA's in %.2fs\n",
2781 count, rsa_bits[testnum], d);
2782 rsa_results[testnum][0] = (double)count / d;
2786 for (i = 0; i < loopargs_len; i++) {
2787 st = RSA_verify(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2788 loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2794 "RSA verify failure. No RSA verify will be done.\n");
2795 ERR_print_errors(bio_err);
2796 rsa_doit[testnum] = 0;
2798 pkey_print_message("public", "rsa",
2799 rsa_c[testnum][1], rsa_bits[testnum],
2802 count = run_benchmark(async_jobs, RSA_verify_loop, loopargs);
2805 mr ? "+R2:%ld:%d:%.2f\n"
2806 : "%ld %u bits public RSA's in %.2fs\n",
2807 count, rsa_bits[testnum], d);
2808 rsa_results[testnum][1] = (double)count / d;
2811 if (rsa_count <= 1) {
2812 /* if longer than 10s, don't do any more */
2813 for (testnum++; testnum < RSA_NUM; testnum++)
2814 rsa_doit[testnum] = 0;
2817 #endif /* OPENSSL_NO_RSA */
2819 for (i = 0; i < loopargs_len; i++)
2820 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2823 #ifndef OPENSSL_NO_DSA
2824 for (testnum = 0; testnum < DSA_NUM; testnum++) {
2826 if (!dsa_doit[testnum])
2829 /* DSA_generate_key(dsa_key[testnum]); */
2830 /* DSA_sign_setup(dsa_key[testnum],NULL); */
2831 for (i = 0; i < loopargs_len; i++) {
2832 st = DSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
2833 &loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2839 "DSA sign failure. No DSA sign will be done.\n");
2840 ERR_print_errors(bio_err);
2843 pkey_print_message("sign", "dsa",
2844 dsa_c[testnum][0], dsa_bits[testnum],
2847 count = run_benchmark(async_jobs, DSA_sign_loop, loopargs);
2850 mr ? "+R3:%ld:%u:%.2f\n"
2851 : "%ld %u bits DSA signs in %.2fs\n",
2852 count, dsa_bits[testnum], d);
2853 dsa_results[testnum][0] = (double)count / d;
2857 for (i = 0; i < loopargs_len; i++) {
2858 st = DSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
2859 loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2865 "DSA verify failure. No DSA verify will be done.\n");
2866 ERR_print_errors(bio_err);
2867 dsa_doit[testnum] = 0;
2869 pkey_print_message("verify", "dsa",
2870 dsa_c[testnum][1], dsa_bits[testnum],
2873 count = run_benchmark(async_jobs, DSA_verify_loop, loopargs);
2876 mr ? "+R4:%ld:%u:%.2f\n"
2877 : "%ld %u bits DSA verify in %.2fs\n",
2878 count, dsa_bits[testnum], d);
2879 dsa_results[testnum][1] = (double)count / d;
2882 if (rsa_count <= 1) {
2883 /* if longer than 10s, don't do any more */
2884 for (testnum++; testnum < DSA_NUM; testnum++)
2885 dsa_doit[testnum] = 0;
2888 #endif /* OPENSSL_NO_DSA */
2890 #ifndef OPENSSL_NO_EC
2891 for (testnum = 0; testnum < ECDSA_NUM; testnum++) {
2894 if (!ecdsa_doit[testnum])
2895 continue; /* Ignore Curve */
2896 for (i = 0; i < loopargs_len; i++) {
2897 loopargs[i].ecdsa[testnum] =
2898 EC_KEY_new_by_curve_name(test_curves[testnum].nid);
2899 if (loopargs[i].ecdsa[testnum] == NULL) {
2905 BIO_printf(bio_err, "ECDSA failure.\n");
2906 ERR_print_errors(bio_err);
2909 for (i = 0; i < loopargs_len; i++) {
2910 EC_KEY_precompute_mult(loopargs[i].ecdsa[testnum], NULL);
2911 /* Perform ECDSA signature test */
2912 EC_KEY_generate_key(loopargs[i].ecdsa[testnum]);
2913 st = ECDSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
2914 &loopargs[i].siglen,
2915 loopargs[i].ecdsa[testnum]);
2921 "ECDSA sign failure. No ECDSA sign will be done.\n");
2922 ERR_print_errors(bio_err);
2925 pkey_print_message("sign", "ecdsa",
2926 ecdsa_c[testnum][0],
2927 test_curves[testnum].bits, seconds.ecdsa);
2929 count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs);
2933 mr ? "+R5:%ld:%u:%.2f\n" :
2934 "%ld %u bits ECDSA signs in %.2fs \n",
2935 count, test_curves[testnum].bits, d);
2936 ecdsa_results[testnum][0] = (double)count / d;
2940 /* Perform ECDSA verification test */
2941 for (i = 0; i < loopargs_len; i++) {
2942 st = ECDSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
2944 loopargs[i].ecdsa[testnum]);
2950 "ECDSA verify failure. No ECDSA verify will be done.\n");
2951 ERR_print_errors(bio_err);
2952 ecdsa_doit[testnum] = 0;
2954 pkey_print_message("verify", "ecdsa",
2955 ecdsa_c[testnum][1],
2956 test_curves[testnum].bits, seconds.ecdsa);
2958 count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs);
2961 mr ? "+R6:%ld:%u:%.2f\n"
2962 : "%ld %u bits ECDSA verify in %.2fs\n",
2963 count, test_curves[testnum].bits, d);
2964 ecdsa_results[testnum][1] = (double)count / d;
2967 if (rsa_count <= 1) {
2968 /* if longer than 10s, don't do any more */
2969 for (testnum++; testnum < ECDSA_NUM; testnum++)
2970 ecdsa_doit[testnum] = 0;
2975 for (testnum = 0; testnum < EC_NUM; testnum++) {
2976 int ecdh_checks = 1;
2978 if (!ecdh_doit[testnum])
2981 for (i = 0; i < loopargs_len; i++) {
2982 EVP_PKEY_CTX *kctx = NULL;
2983 EVP_PKEY_CTX *test_ctx = NULL;
2984 EVP_PKEY_CTX *ctx = NULL;
2985 EVP_PKEY *key_A = NULL;
2986 EVP_PKEY *key_B = NULL;
2990 /* Ensure that the error queue is empty */
2991 if (ERR_peek_error()) {
2993 "WARNING: the error queue contains previous unhandled errors.\n");
2994 ERR_print_errors(bio_err);
2997 /* Let's try to create a ctx directly from the NID: this works for
2998 * curves like Curve25519 that are not implemented through the low
2999 * level EC interface.
3000 * If this fails we try creating a EVP_PKEY_EC generic param ctx,
3001 * then we set the curve by NID before deriving the actual keygen
3002 * ctx for that specific curve. */
3003 kctx = EVP_PKEY_CTX_new_id(test_curves[testnum].nid, NULL); /* keygen ctx from NID */
3005 EVP_PKEY_CTX *pctx = NULL;
3006 EVP_PKEY *params = NULL;
3008 /* If we reach this code EVP_PKEY_CTX_new_id() failed and a
3009 * "int_ctx_new:unsupported algorithm" error was added to the
3011 * We remove it from the error queue as we are handling it. */
3012 unsigned long error = ERR_peek_error(); /* peek the latest error in the queue */
3013 if (error == ERR_peek_last_error() && /* oldest and latest errors match */
3014 /* check that the error origin matches */
3015 ERR_GET_LIB(error) == ERR_LIB_EVP &&
3016 ERR_GET_FUNC(error) == EVP_F_INT_CTX_NEW &&
3017 ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM)
3018 ERR_get_error(); /* pop error from queue */
3019 if (ERR_peek_error()) {
3021 "Unhandled error in the error queue during ECDH init.\n");
3022 ERR_print_errors(bio_err);
3027 if ( /* Create the context for parameter generation */
3028 !(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) ||
3029 /* Initialise the parameter generation */
3030 !EVP_PKEY_paramgen_init(pctx) ||
3031 /* Set the curve by NID */
3032 !EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3035 /* Create the parameter object params */
3036 !EVP_PKEY_paramgen(pctx, ¶ms)) {
3038 BIO_printf(bio_err, "ECDH EC params init failure.\n");
3039 ERR_print_errors(bio_err);
3043 /* Create the context for the key generation */
3044 kctx = EVP_PKEY_CTX_new(params, NULL);
3046 EVP_PKEY_free(params);
3048 EVP_PKEY_CTX_free(pctx);
3051 if (kctx == NULL || /* keygen ctx is not null */
3052 !EVP_PKEY_keygen_init(kctx) /* init keygen ctx */ ) {
3054 BIO_printf(bio_err, "ECDH keygen failure.\n");
3055 ERR_print_errors(bio_err);
3060 if (!EVP_PKEY_keygen(kctx, &key_A) || /* generate secret key A */
3061 !EVP_PKEY_keygen(kctx, &key_B) || /* generate secret key B */
3062 !(ctx = EVP_PKEY_CTX_new(key_A, NULL)) || /* derivation ctx from skeyA */
3063 !EVP_PKEY_derive_init(ctx) || /* init derivation ctx */
3064 !EVP_PKEY_derive_set_peer(ctx, key_B) || /* set peer pubkey in ctx */
3065 !EVP_PKEY_derive(ctx, NULL, &outlen) || /* determine max length */
3066 outlen == 0 || /* ensure outlen is a valid size */
3067 outlen > MAX_ECDH_SIZE /* avoid buffer overflow */ ) {
3069 BIO_printf(bio_err, "ECDH key generation failure.\n");
3070 ERR_print_errors(bio_err);
3075 /* Here we perform a test run, comparing the output of a*B and b*A;
3076 * we try this here and assume that further EVP_PKEY_derive calls
3077 * never fail, so we can skip checks in the actually benchmarked
3078 * code, for maximum performance. */
3079 if (!(test_ctx = EVP_PKEY_CTX_new(key_B, NULL)) || /* test ctx from skeyB */
3080 !EVP_PKEY_derive_init(test_ctx) || /* init derivation test_ctx */
3081 !EVP_PKEY_derive_set_peer(test_ctx, key_A) || /* set peer pubkey in test_ctx */
3082 !EVP_PKEY_derive(test_ctx, NULL, &test_outlen) || /* determine max length */
3083 !EVP_PKEY_derive(ctx, loopargs[i].secret_a, &outlen) || /* compute a*B */
3084 !EVP_PKEY_derive(test_ctx, loopargs[i].secret_b, &test_outlen) || /* compute b*A */
3085 test_outlen != outlen /* compare output length */ ) {
3087 BIO_printf(bio_err, "ECDH computation failure.\n");
3088 ERR_print_errors(bio_err);
3093 /* Compare the computation results: CRYPTO_memcmp() returns 0 if equal */
3094 if (CRYPTO_memcmp(loopargs[i].secret_a,
3095 loopargs[i].secret_b, outlen)) {
3097 BIO_printf(bio_err, "ECDH computations don't match.\n");
3098 ERR_print_errors(bio_err);
3103 loopargs[i].ecdh_ctx[testnum] = ctx;
3104 loopargs[i].outlen[testnum] = outlen;
3106 EVP_PKEY_free(key_A);
3107 EVP_PKEY_free(key_B);
3108 EVP_PKEY_CTX_free(kctx);
3110 EVP_PKEY_CTX_free(test_ctx);
3113 if (ecdh_checks != 0) {
3114 pkey_print_message("", "ecdh",
3116 test_curves[testnum].bits, seconds.ecdh);
3119 run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs);
3122 mr ? "+R7:%ld:%d:%.2f\n" :
3123 "%ld %u-bits ECDH ops in %.2fs\n", count,
3124 test_curves[testnum].bits, d);
3125 ecdh_results[testnum][0] = (double)count / d;
3129 if (rsa_count <= 1) {
3130 /* if longer than 10s, don't do any more */
3131 for (testnum++; testnum < OSSL_NELEM(ecdh_doit); testnum++)
3132 ecdh_doit[testnum] = 0;
3136 for (testnum = 0; testnum < EdDSA_NUM; testnum++) {
3138 EVP_PKEY *ed_pkey = NULL;
3139 EVP_PKEY_CTX *ed_pctx = NULL;
3141 if (!eddsa_doit[testnum])
3142 continue; /* Ignore Curve */
3143 for (i = 0; i < loopargs_len; i++) {
3144 loopargs[i].eddsa_ctx[testnum] = EVP_MD_CTX_new();
3145 if (loopargs[i].eddsa_ctx[testnum] == NULL) {
3150 if ((ed_pctx = EVP_PKEY_CTX_new_id(test_ed_curves[testnum].nid, NULL))
3152 || !EVP_PKEY_keygen_init(ed_pctx)
3153 || !EVP_PKEY_keygen(ed_pctx, &ed_pkey)) {
3155 EVP_PKEY_CTX_free(ed_pctx);
3158 EVP_PKEY_CTX_free(ed_pctx);
3160 if (!EVP_DigestSignInit(loopargs[i].eddsa_ctx[testnum], NULL, NULL,
3163 EVP_PKEY_free(ed_pkey);
3166 EVP_PKEY_free(ed_pkey);
3169 BIO_printf(bio_err, "EdDSA failure.\n");
3170 ERR_print_errors(bio_err);
3173 for (i = 0; i < loopargs_len; i++) {
3174 /* Perform EdDSA signature test */
3175 loopargs[i].sigsize = test_ed_curves[testnum].sigsize;
3176 st = EVP_DigestSign(loopargs[i].eddsa_ctx[testnum],
3177 loopargs[i].buf2, &loopargs[i].sigsize,
3178 loopargs[i].buf, 20);
3184 "EdDSA sign failure. No EdDSA sign will be done.\n");
3185 ERR_print_errors(bio_err);
3188 pkey_print_message("sign", test_ed_curves[testnum].name,
3189 eddsa_c[testnum][0],
3190 test_ed_curves[testnum].bits, seconds.eddsa);
3192 count = run_benchmark(async_jobs, EdDSA_sign_loop, loopargs);
3196 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3197 "%ld %u bits %s signs in %.2fs \n",
3198 count, test_ed_curves[testnum].bits,
3199 test_ed_curves[testnum].name, d);
3200 eddsa_results[testnum][0] = (double)count / d;
3204 /* Perform EdDSA verification test */
3205 for (i = 0; i < loopargs_len; i++) {
3206 st = EVP_DigestVerify(loopargs[i].eddsa_ctx[testnum],
3207 loopargs[i].buf2, loopargs[i].sigsize,
3208 loopargs[i].buf, 20);
3214 "EdDSA verify failure. No EdDSA verify will be done.\n");
3215 ERR_print_errors(bio_err);
3216 eddsa_doit[testnum] = 0;
3218 pkey_print_message("verify", test_ed_curves[testnum].name,
3219 eddsa_c[testnum][1],
3220 test_ed_curves[testnum].bits, seconds.eddsa);
3222 count = run_benchmark(async_jobs, EdDSA_verify_loop, loopargs);
3225 mr ? "+R9:%ld:%u:%s:%.2f\n"
3226 : "%ld %u bits %s verify in %.2fs\n",
3227 count, test_ed_curves[testnum].bits,
3228 test_ed_curves[testnum].name, d);
3229 eddsa_results[testnum][1] = (double)count / d;
3232 if (rsa_count <= 1) {
3233 /* if longer than 10s, don't do any more */
3234 for (testnum++; testnum < EdDSA_NUM; testnum++)
3235 eddsa_doit[testnum] = 0;
3240 #endif /* OPENSSL_NO_EC */
3245 printf("version: %s\n", OpenSSL_version(OPENSSL_FULL_VERSION_STRING));
3246 printf("built on: %s\n", OpenSSL_version(OPENSSL_BUILT_ON));
3248 printf("%s ", BN_options());
3249 #ifndef OPENSSL_NO_MD2
3250 printf("%s ", MD2_options());
3252 #ifndef OPENSSL_NO_RC4
3253 printf("%s ", RC4_options());
3255 #ifndef OPENSSL_NO_DES
3256 printf("%s ", DES_options());
3258 printf("%s ", AES_options());
3259 #ifndef OPENSSL_NO_IDEA
3260 printf("%s ", IDEA_options());
3262 #ifndef OPENSSL_NO_BF
3263 printf("%s ", BF_options());
3265 printf("\n%s\n", OpenSSL_version(OPENSSL_CFLAGS));
3273 ("The 'numbers' are in 1000s of bytes per second processed.\n");
3276 for (testnum = 0; testnum < size_num; testnum++)
3277 printf(mr ? ":%d" : "%7d bytes", lengths[testnum]);
3281 for (k = 0; k < ALGOR_NUM; k++) {
3285 printf("+F:%u:%s", k, names[k]);
3287 printf("%-13s", names[k]);
3288 for (testnum = 0; testnum < size_num; testnum++) {
3289 if (results[k][testnum] > 10000 && !mr)
3290 printf(" %11.2fk", results[k][testnum] / 1e3);
3292 printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]);
3296 #ifndef OPENSSL_NO_RSA
3298 for (k = 0; k < RSA_NUM; k++) {
3301 if (testnum && !mr) {
3302 printf("%18ssign verify sign/s verify/s\n", " ");
3306 printf("+F2:%u:%u:%f:%f\n",
3307 k, rsa_bits[k], rsa_results[k][0], rsa_results[k][1]);
3309 printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3310 rsa_bits[k], 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1],
3311 rsa_results[k][0], rsa_results[k][1]);
3314 #ifndef OPENSSL_NO_DSA
3316 for (k = 0; k < DSA_NUM; k++) {
3319 if (testnum && !mr) {
3320 printf("%18ssign verify sign/s verify/s\n", " ");
3324 printf("+F3:%u:%u:%f:%f\n",
3325 k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
3327 printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3328 dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1],
3329 dsa_results[k][0], dsa_results[k][1]);
3332 #ifndef OPENSSL_NO_EC
3334 for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) {
3337 if (testnum && !mr) {
3338 printf("%30ssign verify sign/s verify/s\n", " ");
3343 printf("+F4:%u:%u:%f:%f\n",
3344 k, test_curves[k].bits,
3345 ecdsa_results[k][0], ecdsa_results[k][1]);
3347 printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3348 test_curves[k].bits, test_curves[k].name,
3349 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1],
3350 ecdsa_results[k][0], ecdsa_results[k][1]);
3354 for (k = 0; k < EC_NUM; k++) {
3357 if (testnum && !mr) {
3358 printf("%30sop op/s\n", " ");
3362 printf("+F5:%u:%u:%f:%f\n",
3363 k, test_curves[k].bits,
3364 ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
3367 printf("%4u bits ecdh (%s) %8.4fs %8.1f\n",
3368 test_curves[k].bits, test_curves[k].name,
3369 1.0 / ecdh_results[k][0], ecdh_results[k][0]);
3373 for (k = 0; k < OSSL_NELEM(eddsa_doit); k++) {
3376 if (testnum && !mr) {
3377 printf("%30ssign verify sign/s verify/s\n", " ");
3382 printf("+F6:%u:%u:%s:%f:%f\n",
3383 k, test_ed_curves[k].bits, test_ed_curves[k].name,
3384 eddsa_results[k][0], eddsa_results[k][1]);
3386 printf("%4u bits EdDSA (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3387 test_ed_curves[k].bits, test_ed_curves[k].name,
3388 1.0 / eddsa_results[k][0], 1.0 / eddsa_results[k][1],
3389 eddsa_results[k][0], eddsa_results[k][1]);
3396 ERR_print_errors(bio_err);
3397 for (i = 0; i < loopargs_len; i++) {
3398 OPENSSL_free(loopargs[i].buf_malloc);
3399 OPENSSL_free(loopargs[i].buf2_malloc);
3401 #ifndef OPENSSL_NO_RSA
3402 for (k = 0; k < RSA_NUM; k++)
3403 RSA_free(loopargs[i].rsa_key[k]);
3405 #ifndef OPENSSL_NO_DSA
3406 for (k = 0; k < DSA_NUM; k++)
3407 DSA_free(loopargs[i].dsa_key[k]);
3409 #ifndef OPENSSL_NO_EC
3410 for (k = 0; k < ECDSA_NUM; k++)
3411 EC_KEY_free(loopargs[i].ecdsa[k]);
3412 for (k = 0; k < EC_NUM; k++)
3413 EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]);
3414 for (k = 0; k < EdDSA_NUM; k++)
3415 EVP_MD_CTX_free(loopargs[i].eddsa_ctx[k]);
3416 OPENSSL_free(loopargs[i].secret_a);
3417 OPENSSL_free(loopargs[i].secret_b);
3420 OPENSSL_free(evp_hmac_name);
3422 if (async_jobs > 0) {
3423 for (i = 0; i < loopargs_len; i++)
3424 ASYNC_WAIT_CTX_free(loopargs[i].wait_ctx);
3428 ASYNC_cleanup_thread();
3430 OPENSSL_free(loopargs);
3435 static void print_message(const char *s, long num, int length, int tm)
3439 mr ? "+DT:%s:%d:%d\n"
3440 : "Doing %s for %ds on %d size blocks: ", s, tm, length);
3441 (void)BIO_flush(bio_err);
3445 mr ? "+DN:%s:%ld:%d\n"
3446 : "Doing %s %ld times on %d size blocks: ", s, num, length);
3447 (void)BIO_flush(bio_err);
3451 static void pkey_print_message(const char *str, const char *str2, long num,
3452 unsigned int bits, int tm)
3456 mr ? "+DTP:%d:%s:%s:%d\n"
3457 : "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm);
3458 (void)BIO_flush(bio_err);
3462 mr ? "+DNP:%ld:%d:%s:%s\n"
3463 : "Doing %ld %u bits %s %s's: ", num, bits, str, str2);
3464 (void)BIO_flush(bio_err);
3468 static void print_result(int alg, int run_no, int count, double time_used)
3471 BIO_puts(bio_err, "EVP error!\n");
3475 mr ? "+R:%d:%s:%f\n"
3476 : "%d %s's in %.2fs\n", count, names[alg], time_used);
3477 results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
3481 static char *sstrsep(char **string, const char *delim)
3484 char *token = *string;
3489 memset(isdelim, 0, sizeof(isdelim));
3493 isdelim[(unsigned char)(*delim)] = 1;
3497 while (!isdelim[(unsigned char)(**string)]) {
3509 static int do_multi(int multi, int size_num)
3514 static char sep[] = ":";
3516 fds = app_malloc(sizeof(*fds) * multi, "fd buffer for do_multi");
3517 for (n = 0; n < multi; ++n) {
3518 if (pipe(fd) == -1) {
3519 BIO_printf(bio_err, "pipe failure\n");
3523 (void)BIO_flush(bio_err);
3530 if (dup(fd[1]) == -1) {
3531 BIO_printf(bio_err, "dup failed\n");
3540 printf("Forked child %d\n", n);
3543 /* for now, assume the pipe is long enough to take all the output */
3544 for (n = 0; n < multi; ++n) {
3549 f = fdopen(fds[n], "r");
3550 while (fgets(buf, sizeof(buf), f)) {
3551 p = strchr(buf, '\n');
3554 if (buf[0] != '+') {
3556 "Don't understand line '%s' from child %d\n", buf,
3560 printf("Got: %s from %d\n", buf, n);
3561 if (strncmp(buf, "+F:", 3) == 0) {
3566 alg = atoi(sstrsep(&p, sep));
3568 for (j = 0; j < size_num; ++j)
3569 results[alg][j] += atof(sstrsep(&p, sep));
3570 } else if (strncmp(buf, "+F2:", 4) == 0) {
3575 k = atoi(sstrsep(&p, sep));
3578 d = atof(sstrsep(&p, sep));
3579 rsa_results[k][0] += d;
3581 d = atof(sstrsep(&p, sep));
3582 rsa_results[k][1] += d;
3584 # ifndef OPENSSL_NO_DSA
3585 else if (strncmp(buf, "+F3:", 4) == 0) {
projects / openssl.git / blob