2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
13 #define RSA_SECONDS 10
14 #define DSA_SECONDS 10
15 #define ECDSA_SECONDS 10
16 #define ECDH_SECONDS 10
17 #define EdDSA_SECONDS 10
25 #include <openssl/crypto.h>
26 #include <openssl/rand.h>
27 #include <openssl/err.h>
28 #include <openssl/evp.h>
29 #include <openssl/objects.h>
30 #include <openssl/async.h>
31 #if !defined(OPENSSL_SYS_MSDOS)
32 # include OPENSSL_UNISTD
39 #include <openssl/bn.h>
40 #ifndef OPENSSL_NO_DES
41 # include <openssl/des.h>
43 #include <openssl/aes.h>
44 #ifndef OPENSSL_NO_CAMELLIA
45 # include <openssl/camellia.h>
47 #ifndef OPENSSL_NO_MD2
48 # include <openssl/md2.h>
50 #ifndef OPENSSL_NO_MDC2
51 # include <openssl/mdc2.h>
53 #ifndef OPENSSL_NO_MD4
54 # include <openssl/md4.h>
56 #ifndef OPENSSL_NO_MD5
57 # include <openssl/md5.h>
59 #include <openssl/hmac.h>
60 #ifndef OPENSSL_NO_CMAC
61 #include <openssl/cmac.h>
63 #include <openssl/sha.h>
64 #ifndef OPENSSL_NO_RMD160
65 # include <openssl/ripemd.h>
67 #ifndef OPENSSL_NO_WHIRLPOOL
68 # include <openssl/whrlpool.h>
70 #ifndef OPENSSL_NO_RC4
71 # include <openssl/rc4.h>
73 #ifndef OPENSSL_NO_RC5
74 # include <openssl/rc5.h>
76 #ifndef OPENSSL_NO_RC2
77 # include <openssl/rc2.h>
79 #ifndef OPENSSL_NO_IDEA
80 # include <openssl/idea.h>
82 #ifndef OPENSSL_NO_SEED
83 # include <openssl/seed.h>
86 # include <openssl/blowfish.h>
88 #ifndef OPENSSL_NO_CAST
89 # include <openssl/cast.h>
91 #ifndef OPENSSL_NO_RSA
92 # include <openssl/rsa.h>
93 # include "./testrsa.h"
95 #include <openssl/x509.h>
96 #ifndef OPENSSL_NO_DSA
97 # include <openssl/dsa.h>
98 # include "./testdsa.h"
100 #ifndef OPENSSL_NO_EC
101 # include <openssl/ec.h>
103 #include <openssl/modes.h>
106 # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS)
119 #define MAX_MISALIGNMENT 63
120 #define MAX_ECDH_SIZE 256
123 typedef struct openssl_speed_sec_st {
130 } openssl_speed_sec_t;
132 static volatile int run = 0;
135 static int usertime = 1;
137 #ifndef OPENSSL_NO_MD2
138 static int EVP_Digest_MD2_loop(void *args);
141 #ifndef OPENSSL_NO_MDC2
142 static int EVP_Digest_MDC2_loop(void *args);
144 #ifndef OPENSSL_NO_MD4
145 static int EVP_Digest_MD4_loop(void *args);
147 #ifndef OPENSSL_NO_MD5
148 static int MD5_loop(void *args);
149 static int HMAC_loop(void *args);
151 static int SHA1_loop(void *args);
152 static int SHA256_loop(void *args);
153 static int SHA512_loop(void *args);
154 #ifndef OPENSSL_NO_WHIRLPOOL
155 static int WHIRLPOOL_loop(void *args);
157 #ifndef OPENSSL_NO_RMD160
158 static int EVP_Digest_RMD160_loop(void *args);
160 #ifndef OPENSSL_NO_RC4
161 static int RC4_loop(void *args);
163 #ifndef OPENSSL_NO_DES
164 static int DES_ncbc_encrypt_loop(void *args);
165 static int DES_ede3_cbc_encrypt_loop(void *args);
167 static int AES_cbc_128_encrypt_loop(void *args);
168 static int AES_cbc_192_encrypt_loop(void *args);
169 static int AES_cbc_256_encrypt_loop(void *args);
171 static int AES_ige_128_encrypt_loop(void *args);
172 static int AES_ige_192_encrypt_loop(void *args);
173 static int AES_ige_256_encrypt_loop(void *args);
175 static int CRYPTO_gcm128_aad_loop(void *args);
176 static int RAND_bytes_loop(void *args);
177 static int EVP_Update_loop(void *args);
178 static int EVP_Update_loop_ccm(void *args);
179 static int EVP_Update_loop_aead(void *args);
180 static int EVP_Digest_loop(void *args);
181 #ifndef OPENSSL_NO_RSA
182 static int RSA_sign_loop(void *args);
183 static int RSA_verify_loop(void *args);
185 #ifndef OPENSSL_NO_DSA
186 static int DSA_sign_loop(void *args);
187 static int DSA_verify_loop(void *args);
189 #ifndef OPENSSL_NO_EC
190 static int ECDSA_sign_loop(void *args);
191 static int ECDSA_verify_loop(void *args);
192 static int EdDSA_sign_loop(void *args);
193 static int EdDSA_verify_loop(void *args);
196 static double Time_F(int s);
197 static void print_message(const char *s, long num, int length, int tm);
198 static void pkey_print_message(const char *str, const char *str2,
199 long num, unsigned int bits, int sec);
200 static void print_result(int alg, int run_no, int count, double time_used);
202 static int do_multi(int multi, int size_num);
205 static const int lengths_list[] = {
206 16, 64, 256, 1024, 8 * 1024, 16 * 1024
208 static const int *lengths = lengths_list;
210 static const int aead_lengths_list[] = {
211 2, 31, 136, 1024, 8 * 1024, 16 * 1024
219 static void alarmed(int sig)
221 signal(SIGALRM, alarmed);
225 static double Time_F(int s)
227 double ret = app_tminterval(s, usertime);
233 #elif defined(_WIN32)
237 static unsigned int lapse;
238 static volatile unsigned int schlock;
239 static void alarm_win32(unsigned int secs)
244 # define alarm alarm_win32
246 static DWORD WINAPI sleepy(VOID * arg)
254 static double Time_F(int s)
261 thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
263 DWORD err = GetLastError();
264 BIO_printf(bio_err, "unable to CreateThread (%lu)", err);
268 Sleep(0); /* scheduler spinlock */
269 ret = app_tminterval(s, usertime);
271 ret = app_tminterval(s, usertime);
273 TerminateThread(thr, 0);
280 static double Time_F(int s)
282 return app_tminterval(s, usertime);
286 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
287 const openssl_speed_sec_t *seconds);
289 #define found(value, pairs, result)\
290 opt_found(value, result, pairs, OSSL_NELEM(pairs))
291 static int opt_found(const char *name, unsigned int *result,
292 const OPT_PAIR pairs[], unsigned int nbelem)
296 for (idx = 0; idx < nbelem; ++idx, pairs++)
297 if (strcmp(name, pairs->name) == 0) {
298 *result = pairs->retval;
304 typedef enum OPTION_choice {
305 OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
306 OPT_ELAPSED, OPT_EVP, OPT_HMAC, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
307 OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM,
308 OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD, OPT_CMAC
311 const OPTIONS speed_options[] = {
312 {OPT_HELP_STR, 1, '-', "Usage: %s [options] ciphers...\n"},
313 {OPT_HELP_STR, 1, '-', "Valid options are:\n"},
314 {"help", OPT_HELP, '-', "Display this summary"},
315 {"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"},
316 {"hmac", OPT_HMAC, 's', "HMAC using EVP-named digest"},
317 #ifndef OPENSSL_NO_CMAC
318 {"cmac", OPT_CMAC, 's', "CMAC using EVP-named cipher"},
320 {"decrypt", OPT_DECRYPT, '-',
321 "Time decryption instead of encryption (only EVP)"},
322 {"aead", OPT_AEAD, '-',
323 "Benchmark EVP-named AEAD cipher in TLS-like sequence"},
325 "Enable (tls1>=1) multi-block mode on EVP-named cipher"},
326 {"mr", OPT_MR, '-', "Produce machine readable output"},
328 {"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"},
330 #ifndef OPENSSL_NO_ASYNC
331 {"async_jobs", OPT_ASYNCJOBS, 'p',
332 "Enable async mode and start specified number of jobs"},
335 #ifndef OPENSSL_NO_ENGINE
336 {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
338 {"elapsed", OPT_ELAPSED, '-',
339 "Use wall-clock time instead of CPU user time as divisor"},
340 {"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"},
341 {"seconds", OPT_SECONDS, 'p',
342 "Run benchmarks for specified amount of seconds"},
343 {"bytes", OPT_BYTES, 'p',
344 "Run [non-PKI] benchmarks on custom-sized buffer"},
345 {"misalign", OPT_MISALIGN, 'p',
346 "Use specified offset to mis-align buffers"},
360 #define D_CBC_IDEA 10
361 #define D_CBC_SEED 11
365 #define D_CBC_CAST 15
366 #define D_CBC_128_AES 16
367 #define D_CBC_192_AES 17
368 #define D_CBC_256_AES 18
369 #define D_CBC_128_CML 19
370 #define D_CBC_192_CML 20
371 #define D_CBC_256_CML 21
375 #define D_WHIRLPOOL 25
376 #define D_IGE_128_AES 26
377 #define D_IGE_192_AES 27
378 #define D_IGE_256_AES 28
381 #define D_EVP_HMAC 31
382 #define D_EVP_CMAC 32
384 /* name of algorithms to test */
385 static const char *names[] = {
386 "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
387 "des cbc", "des ede3", "idea cbc", "seed cbc",
388 "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
389 "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
390 "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
391 "evp", "sha256", "sha512", "whirlpool",
392 "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
393 "rand", "hmac", "cmac"
395 #define ALGOR_NUM OSSL_NELEM(names)
397 /* list of configured algorithm (remaining) */
398 static const OPT_PAIR doit_choices[] = {
399 #ifndef OPENSSL_NO_MD2
402 #ifndef OPENSSL_NO_MDC2
405 #ifndef OPENSSL_NO_MD4
408 #ifndef OPENSSL_NO_MD5
413 {"sha256", D_SHA256},
414 {"sha512", D_SHA512},
415 #ifndef OPENSSL_NO_WHIRLPOOL
416 {"whirlpool", D_WHIRLPOOL},
418 #ifndef OPENSSL_NO_RMD160
419 {"ripemd", D_RMD160},
420 {"rmd160", D_RMD160},
421 {"ripemd160", D_RMD160},
423 #ifndef OPENSSL_NO_RC4
426 #ifndef OPENSSL_NO_DES
427 {"des-cbc", D_CBC_DES},
428 {"des-ede3", D_EDE3_DES},
430 {"aes-128-cbc", D_CBC_128_AES},
431 {"aes-192-cbc", D_CBC_192_AES},
432 {"aes-256-cbc", D_CBC_256_AES},
434 {"aes-128-ige", D_IGE_128_AES},
435 {"aes-192-ige", D_IGE_192_AES},
436 {"aes-256-ige", D_IGE_256_AES},
438 #ifndef OPENSSL_NO_RC2
439 {"rc2-cbc", D_CBC_RC2},
442 #ifndef OPENSSL_NO_RC5
443 {"rc5-cbc", D_CBC_RC5},
446 #ifndef OPENSSL_NO_IDEA
447 {"idea-cbc", D_CBC_IDEA},
448 {"idea", D_CBC_IDEA},
450 #ifndef OPENSSL_NO_SEED
451 {"seed-cbc", D_CBC_SEED},
452 {"seed", D_CBC_SEED},
454 #ifndef OPENSSL_NO_BF
455 {"bf-cbc", D_CBC_BF},
456 {"blowfish", D_CBC_BF},
459 #ifndef OPENSSL_NO_CAST
460 {"cast-cbc", D_CBC_CAST},
461 {"cast", D_CBC_CAST},
462 {"cast5", D_CBC_CAST},
468 static double results[ALGOR_NUM][OSSL_NELEM(lengths_list)];
470 #ifndef OPENSSL_NO_DSA
472 # define R_DSA_1024 1
473 # define R_DSA_2048 2
474 static const OPT_PAIR dsa_choices[] = {
475 {"dsa512", R_DSA_512},
476 {"dsa1024", R_DSA_1024},
477 {"dsa2048", R_DSA_2048}
479 # define DSA_NUM OSSL_NELEM(dsa_choices)
481 static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */
482 #endif /* OPENSSL_NO_DSA */
490 #define R_RSA_15360 6
491 #ifndef OPENSSL_NO_RSA
492 static const OPT_PAIR rsa_choices[] = {
493 {"rsa512", R_RSA_512},
494 {"rsa1024", R_RSA_1024},
495 {"rsa2048", R_RSA_2048},
496 {"rsa3072", R_RSA_3072},
497 {"rsa4096", R_RSA_4096},
498 {"rsa7680", R_RSA_7680},
499 {"rsa15360", R_RSA_15360}
501 # define RSA_NUM OSSL_NELEM(rsa_choices)
503 static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */
504 #endif /* OPENSSL_NO_RSA */
513 #ifndef OPENSSL_NO_EC2M
535 #ifndef OPENSSL_NO_EC
536 static OPT_PAIR ecdsa_choices[] = {
537 {"ecdsap160", R_EC_P160},
538 {"ecdsap192", R_EC_P192},
539 {"ecdsap224", R_EC_P224},
540 {"ecdsap256", R_EC_P256},
541 {"ecdsap384", R_EC_P384},
542 {"ecdsap521", R_EC_P521},
543 # ifndef OPENSSL_NO_EC2M
544 {"ecdsak163", R_EC_K163},
545 {"ecdsak233", R_EC_K233},
546 {"ecdsak283", R_EC_K283},
547 {"ecdsak409", R_EC_K409},
548 {"ecdsak571", R_EC_K571},
549 {"ecdsab163", R_EC_B163},
550 {"ecdsab233", R_EC_B233},
551 {"ecdsab283", R_EC_B283},
552 {"ecdsab409", R_EC_B409},
553 {"ecdsab571", R_EC_B571},
555 {"ecdsabrp256r1", R_EC_BRP256R1},
556 {"ecdsabrp256t1", R_EC_BRP256T1},
557 {"ecdsabrp384r1", R_EC_BRP384R1},
558 {"ecdsabrp384t1", R_EC_BRP384T1},
559 {"ecdsabrp512r1", R_EC_BRP512R1},
560 {"ecdsabrp512t1", R_EC_BRP512T1}
562 # define ECDSA_NUM OSSL_NELEM(ecdsa_choices)
564 static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */
566 static const OPT_PAIR ecdh_choices[] = {
567 {"ecdhp160", R_EC_P160},
568 {"ecdhp192", R_EC_P192},
569 {"ecdhp224", R_EC_P224},
570 {"ecdhp256", R_EC_P256},
571 {"ecdhp384", R_EC_P384},
572 {"ecdhp521", R_EC_P521},
573 # ifndef OPENSSL_NO_EC2M
574 {"ecdhk163", R_EC_K163},
575 {"ecdhk233", R_EC_K233},
576 {"ecdhk283", R_EC_K283},
577 {"ecdhk409", R_EC_K409},
578 {"ecdhk571", R_EC_K571},
579 {"ecdhb163", R_EC_B163},
580 {"ecdhb233", R_EC_B233},
581 {"ecdhb283", R_EC_B283},
582 {"ecdhb409", R_EC_B409},
583 {"ecdhb571", R_EC_B571},
585 {"ecdhbrp256r1", R_EC_BRP256R1},
586 {"ecdhbrp256t1", R_EC_BRP256T1},
587 {"ecdhbrp384r1", R_EC_BRP384R1},
588 {"ecdhbrp384t1", R_EC_BRP384T1},
589 {"ecdhbrp512r1", R_EC_BRP512R1},
590 {"ecdhbrp512t1", R_EC_BRP512T1},
591 {"ecdhx25519", R_EC_X25519},
592 {"ecdhx448", R_EC_X448}
594 # define EC_NUM OSSL_NELEM(ecdh_choices)
596 static double ecdh_results[EC_NUM][1]; /* 1 op: derivation */
598 #define R_EC_Ed25519 0
600 static OPT_PAIR eddsa_choices[] = {
601 {"ed25519", R_EC_Ed25519},
602 {"ed448", R_EC_Ed448}
604 # define EdDSA_NUM OSSL_NELEM(eddsa_choices)
606 static double eddsa_results[EdDSA_NUM][2]; /* 2 ops: sign then verify */
607 #endif /* OPENSSL_NO_EC */
610 # define COND(d) (count < (d))
611 # define COUNT(d) (d)
613 # define COND(unused_cond) (run && count<0x7fffffff)
614 # define COUNT(d) (count)
617 typedef struct loopargs_st {
618 ASYNC_JOB *inprogress_job;
619 ASYNC_WAIT_CTX *wait_ctx;
622 unsigned char *buf_malloc;
623 unsigned char *buf2_malloc;
627 #ifndef OPENSSL_NO_RSA
628 RSA *rsa_key[RSA_NUM];
630 #ifndef OPENSSL_NO_DSA
631 DSA *dsa_key[DSA_NUM];
633 #ifndef OPENSSL_NO_EC
634 EC_KEY *ecdsa[ECDSA_NUM];
635 EVP_PKEY_CTX *ecdh_ctx[EC_NUM];
636 EVP_MD_CTX *eddsa_ctx[EdDSA_NUM];
637 unsigned char *secret_a;
638 unsigned char *secret_b;
639 size_t outlen[EC_NUM];
643 #ifndef OPENSSL_NO_CMAC
646 GCM128_CONTEXT *gcm_ctx;
648 static int run_benchmark(int async_jobs, int (*loop_function) (void *),
649 loopargs_t * loopargs);
651 static unsigned int testnum;
653 /* Nb of iterations to do per algorithm and key-size */
654 static long c[ALGOR_NUM][OSSL_NELEM(lengths_list)];
656 #ifndef OPENSSL_NO_MD2
657 static int EVP_Digest_MD2_loop(void *args)
659 loopargs_t *tempargs = *(loopargs_t **) args;
660 unsigned char *buf = tempargs->buf;
661 unsigned char md2[MD2_DIGEST_LENGTH];
664 for (count = 0; COND(c[D_MD2][testnum]); count++) {
665 if (!EVP_Digest(buf, (size_t)lengths[testnum], md2, NULL, EVP_md2(),
673 #ifndef OPENSSL_NO_MDC2
674 static int EVP_Digest_MDC2_loop(void *args)
676 loopargs_t *tempargs = *(loopargs_t **) args;
677 unsigned char *buf = tempargs->buf;
678 unsigned char mdc2[MDC2_DIGEST_LENGTH];
681 for (count = 0; COND(c[D_MDC2][testnum]); count++) {
682 if (!EVP_Digest(buf, (size_t)lengths[testnum], mdc2, NULL, EVP_mdc2(),
690 #ifndef OPENSSL_NO_MD4
691 static int EVP_Digest_MD4_loop(void *args)
693 loopargs_t *tempargs = *(loopargs_t **) args;
694 unsigned char *buf = tempargs->buf;
695 unsigned char md4[MD4_DIGEST_LENGTH];
698 for (count = 0; COND(c[D_MD4][testnum]); count++) {
699 if (!EVP_Digest(buf, (size_t)lengths[testnum], md4, NULL, EVP_md4(),
707 #ifndef OPENSSL_NO_MD5
708 static int MD5_loop(void *args)
710 loopargs_t *tempargs = *(loopargs_t **) args;
711 unsigned char *buf = tempargs->buf;
712 unsigned char md5[MD5_DIGEST_LENGTH];
714 for (count = 0; COND(c[D_MD5][testnum]); count++)
715 MD5(buf, lengths[testnum], md5);
719 static int HMAC_loop(void *args)
721 loopargs_t *tempargs = *(loopargs_t **) args;
722 unsigned char *buf = tempargs->buf;
723 HMAC_CTX *hctx = tempargs->hctx;
724 unsigned char hmac[MD5_DIGEST_LENGTH];
727 for (count = 0; COND(c[D_HMAC][testnum]); count++) {
728 HMAC_Init_ex(hctx, NULL, 0, NULL, NULL);
729 HMAC_Update(hctx, buf, lengths[testnum]);
730 HMAC_Final(hctx, hmac, NULL);
736 static int SHA1_loop(void *args)
738 loopargs_t *tempargs = *(loopargs_t **) args;
739 unsigned char *buf = tempargs->buf;
740 unsigned char sha[SHA_DIGEST_LENGTH];
742 for (count = 0; COND(c[D_SHA1][testnum]); count++)
743 SHA1(buf, lengths[testnum], sha);
747 static int SHA256_loop(void *args)
749 loopargs_t *tempargs = *(loopargs_t **) args;
750 unsigned char *buf = tempargs->buf;
751 unsigned char sha256[SHA256_DIGEST_LENGTH];
753 for (count = 0; COND(c[D_SHA256][testnum]); count++)
754 SHA256(buf, lengths[testnum], sha256);
758 static int SHA512_loop(void *args)
760 loopargs_t *tempargs = *(loopargs_t **) args;
761 unsigned char *buf = tempargs->buf;
762 unsigned char sha512[SHA512_DIGEST_LENGTH];
764 for (count = 0; COND(c[D_SHA512][testnum]); count++)
765 SHA512(buf, lengths[testnum], sha512);
769 #ifndef OPENSSL_NO_WHIRLPOOL
770 static int WHIRLPOOL_loop(void *args)
772 loopargs_t *tempargs = *(loopargs_t **) args;
773 unsigned char *buf = tempargs->buf;
774 unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
776 for (count = 0; COND(c[D_WHIRLPOOL][testnum]); count++)
777 WHIRLPOOL(buf, lengths[testnum], whirlpool);
782 #ifndef OPENSSL_NO_RMD160
783 static int EVP_Digest_RMD160_loop(void *args)
785 loopargs_t *tempargs = *(loopargs_t **) args;
786 unsigned char *buf = tempargs->buf;
787 unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
789 for (count = 0; COND(c[D_RMD160][testnum]); count++) {
790 if (!EVP_Digest(buf, (size_t)lengths[testnum], &(rmd160[0]),
791 NULL, EVP_ripemd160(), NULL))
798 #ifndef OPENSSL_NO_RC4
799 static RC4_KEY rc4_ks;
800 static int RC4_loop(void *args)
802 loopargs_t *tempargs = *(loopargs_t **) args;
803 unsigned char *buf = tempargs->buf;
805 for (count = 0; COND(c[D_RC4][testnum]); count++)
806 RC4(&rc4_ks, (size_t)lengths[testnum], buf, buf);
811 #ifndef OPENSSL_NO_DES
812 static unsigned char DES_iv[8];
813 static DES_key_schedule sch;
814 static DES_key_schedule sch2;
815 static DES_key_schedule sch3;
816 static int DES_ncbc_encrypt_loop(void *args)
818 loopargs_t *tempargs = *(loopargs_t **) args;
819 unsigned char *buf = tempargs->buf;
821 for (count = 0; COND(c[D_CBC_DES][testnum]); count++)
822 DES_ncbc_encrypt(buf, buf, lengths[testnum], &sch,
823 &DES_iv, DES_ENCRYPT);
827 static int DES_ede3_cbc_encrypt_loop(void *args)
829 loopargs_t *tempargs = *(loopargs_t **) args;
830 unsigned char *buf = tempargs->buf;
832 for (count = 0; COND(c[D_EDE3_DES][testnum]); count++)
833 DES_ede3_cbc_encrypt(buf, buf, lengths[testnum],
834 &sch, &sch2, &sch3, &DES_iv, DES_ENCRYPT);
839 #define MAX_BLOCK_SIZE 128
841 static unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
842 static AES_KEY aes_ks1, aes_ks2, aes_ks3;
843 static int AES_cbc_128_encrypt_loop(void *args)
845 loopargs_t *tempargs = *(loopargs_t **) args;
846 unsigned char *buf = tempargs->buf;
848 for (count = 0; COND(c[D_CBC_128_AES][testnum]); count++)
849 AES_cbc_encrypt(buf, buf,
850 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
854 static int AES_cbc_192_encrypt_loop(void *args)
856 loopargs_t *tempargs = *(loopargs_t **) args;
857 unsigned char *buf = tempargs->buf;
859 for (count = 0; COND(c[D_CBC_192_AES][testnum]); count++)
860 AES_cbc_encrypt(buf, buf,
861 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
865 static int AES_cbc_256_encrypt_loop(void *args)
867 loopargs_t *tempargs = *(loopargs_t **) args;
868 unsigned char *buf = tempargs->buf;
870 for (count = 0; COND(c[D_CBC_256_AES][testnum]); count++)
871 AES_cbc_encrypt(buf, buf,
872 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
877 static int AES_ige_128_encrypt_loop(void *args)
879 loopargs_t *tempargs = *(loopargs_t **) args;
880 unsigned char *buf = tempargs->buf;
881 unsigned char *buf2 = tempargs->buf2;
883 for (count = 0; COND(c[D_IGE_128_AES][testnum]); count++)
884 AES_ige_encrypt(buf, buf2,
885 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
889 static int AES_ige_192_encrypt_loop(void *args)
891 loopargs_t *tempargs = *(loopargs_t **) args;
892 unsigned char *buf = tempargs->buf;
893 unsigned char *buf2 = tempargs->buf2;
895 for (count = 0; COND(c[D_IGE_192_AES][testnum]); count++)
896 AES_ige_encrypt(buf, buf2,
897 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
901 static int AES_ige_256_encrypt_loop(void *args)
903 loopargs_t *tempargs = *(loopargs_t **) args;
904 unsigned char *buf = tempargs->buf;
905 unsigned char *buf2 = tempargs->buf2;
907 for (count = 0; COND(c[D_IGE_256_AES][testnum]); count++)
908 AES_ige_encrypt(buf, buf2,
909 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
914 static int CRYPTO_gcm128_aad_loop(void *args)
916 loopargs_t *tempargs = *(loopargs_t **) args;
917 unsigned char *buf = tempargs->buf;
918 GCM128_CONTEXT *gcm_ctx = tempargs->gcm_ctx;
920 for (count = 0; COND(c[D_GHASH][testnum]); count++)
921 CRYPTO_gcm128_aad(gcm_ctx, buf, lengths[testnum]);
925 static int RAND_bytes_loop(void *args)
927 loopargs_t *tempargs = *(loopargs_t **) args;
928 unsigned char *buf = tempargs->buf;
931 for (count = 0; COND(c[D_RAND][testnum]); count++)
932 RAND_bytes(buf, lengths[testnum]);
936 static long save_count = 0;
937 static int decrypt = 0;
938 static int EVP_Update_loop(void *args)
940 loopargs_t *tempargs = *(loopargs_t **) args;
941 unsigned char *buf = tempargs->buf;
942 EVP_CIPHER_CTX *ctx = tempargs->ctx;
945 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
948 for (count = 0; COND(nb_iter); count++) {
949 rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
951 /* reset iv in case of counter overflow */
952 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
956 for (count = 0; COND(nb_iter); count++) {
957 rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
959 /* reset iv in case of counter overflow */
960 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
965 EVP_DecryptFinal_ex(ctx, buf, &outl);
967 EVP_EncryptFinal_ex(ctx, buf, &outl);
972 * CCM does not support streaming. For the purpose of performance measurement,
973 * each message is encrypted using the same (key,iv)-pair. Do not use this
974 * code in your application.
976 static int EVP_Update_loop_ccm(void *args)
978 loopargs_t *tempargs = *(loopargs_t **) args;
979 unsigned char *buf = tempargs->buf;
980 EVP_CIPHER_CTX *ctx = tempargs->ctx;
982 unsigned char tag[12];
984 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
987 for (count = 0; COND(nb_iter); count++) {
988 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), tag);
990 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
991 /* counter is reset on every update */
992 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
995 for (count = 0; COND(nb_iter); count++) {
996 /* restore iv length field */
997 EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
998 /* counter is reset on every update */
999 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1003 EVP_DecryptFinal_ex(ctx, buf, &outl);
1005 EVP_EncryptFinal_ex(ctx, buf, &outl);
1010 * To make AEAD benchmarking more relevant perform TLS-like operations,
1011 * 13-byte AAD followed by payload. But don't use TLS-formatted AAD, as
1012 * payload length is not actually limited by 16KB...
1014 static int EVP_Update_loop_aead(void *args)
1016 loopargs_t *tempargs = *(loopargs_t **) args;
1017 unsigned char *buf = tempargs->buf;
1018 EVP_CIPHER_CTX *ctx = tempargs->ctx;
1020 unsigned char aad[13] = { 0xcc };
1021 unsigned char faketag[16] = { 0xcc };
1023 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1026 for (count = 0; COND(nb_iter); count++) {
1027 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
1028 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
1029 sizeof(faketag), faketag);
1030 EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1031 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1032 EVP_DecryptFinal_ex(ctx, buf + outl, &outl);
1035 for (count = 0; COND(nb_iter); count++) {
1036 EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv);
1037 EVP_EncryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1038 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1039 EVP_EncryptFinal_ex(ctx, buf + outl, &outl);
1045 static const EVP_MD *evp_md = NULL;
1046 static int EVP_Digest_loop(void *args)
1048 loopargs_t *tempargs = *(loopargs_t **) args;
1049 unsigned char *buf = tempargs->buf;
1050 unsigned char md[EVP_MAX_MD_SIZE];
1053 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1056 for (count = 0; COND(nb_iter); count++) {
1057 if (!EVP_Digest(buf, lengths[testnum], md, NULL, evp_md, NULL))
1063 static const EVP_MD *evp_hmac_md = NULL;
1064 static char *evp_hmac_name = NULL;
1065 static int EVP_HMAC_loop(void *args)
1067 loopargs_t *tempargs = *(loopargs_t **) args;
1068 unsigned char *buf = tempargs->buf;
1069 unsigned char no_key[32];
1072 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1075 for (count = 0; COND(nb_iter); count++) {
1076 if (HMAC(evp_hmac_md, no_key, sizeof(no_key), buf, lengths[testnum],
1077 NULL, NULL) == NULL)
1083 #ifndef OPENSSL_NO_CMAC
1084 static const EVP_CIPHER *evp_cmac_cipher = NULL;
1085 static char *evp_cmac_name = NULL;
1087 static int EVP_CMAC_loop(void *args)
1089 loopargs_t *tempargs = *(loopargs_t **) args;
1090 unsigned char *buf = tempargs->buf;
1091 CMAC_CTX *cmac_ctx = tempargs->cmac_ctx;
1092 static const char key[16] = "This is a key...";
1093 unsigned char mac[16];
1094 size_t len = sizeof(mac);
1097 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1100 for (count = 0; COND(nb_iter); count++) {
1101 if (!CMAC_Init(cmac_ctx, key, sizeof(key), evp_cmac_cipher, NULL)
1102 || !CMAC_Update(cmac_ctx, buf, lengths[testnum])
1103 || !CMAC_Final(cmac_ctx, mac, &len))
1110 #ifndef OPENSSL_NO_RSA
1111 static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */
1113 static int RSA_sign_loop(void *args)
1115 loopargs_t *tempargs = *(loopargs_t **) args;
1116 unsigned char *buf = tempargs->buf;
1117 unsigned char *buf2 = tempargs->buf2;
1118 unsigned int *rsa_num = &tempargs->siglen;
1119 RSA **rsa_key = tempargs->rsa_key;
1121 for (count = 0; COND(rsa_c[testnum][0]); count++) {
1122 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1124 BIO_printf(bio_err, "RSA sign failure\n");
1125 ERR_print_errors(bio_err);
1133 static int RSA_verify_loop(void *args)
1135 loopargs_t *tempargs = *(loopargs_t **) args;
1136 unsigned char *buf = tempargs->buf;
1137 unsigned char *buf2 = tempargs->buf2;
1138 unsigned int rsa_num = tempargs->siglen;
1139 RSA **rsa_key = tempargs->rsa_key;
1141 for (count = 0; COND(rsa_c[testnum][1]); count++) {
1143 RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1145 BIO_printf(bio_err, "RSA verify failure\n");
1146 ERR_print_errors(bio_err);
1155 #ifndef OPENSSL_NO_DSA
1156 static long dsa_c[DSA_NUM][2];
1157 static int DSA_sign_loop(void *args)
1159 loopargs_t *tempargs = *(loopargs_t **) args;
1160 unsigned char *buf = tempargs->buf;
1161 unsigned char *buf2 = tempargs->buf2;
1162 DSA **dsa_key = tempargs->dsa_key;
1163 unsigned int *siglen = &tempargs->siglen;
1165 for (count = 0; COND(dsa_c[testnum][0]); count++) {
1166 ret = DSA_sign(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1168 BIO_printf(bio_err, "DSA sign failure\n");
1169 ERR_print_errors(bio_err);
1177 static int DSA_verify_loop(void *args)
1179 loopargs_t *tempargs = *(loopargs_t **) args;
1180 unsigned char *buf = tempargs->buf;
1181 unsigned char *buf2 = tempargs->buf2;
1182 DSA **dsa_key = tempargs->dsa_key;
1183 unsigned int siglen = tempargs->siglen;
1185 for (count = 0; COND(dsa_c[testnum][1]); count++) {
1186 ret = DSA_verify(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1188 BIO_printf(bio_err, "DSA verify failure\n");
1189 ERR_print_errors(bio_err);
1198 #ifndef OPENSSL_NO_EC
1199 static long ecdsa_c[ECDSA_NUM][2];
1200 static int ECDSA_sign_loop(void *args)
1202 loopargs_t *tempargs = *(loopargs_t **) args;
1203 unsigned char *buf = tempargs->buf;
1204 EC_KEY **ecdsa = tempargs->ecdsa;
1205 unsigned char *ecdsasig = tempargs->buf2;
1206 unsigned int *ecdsasiglen = &tempargs->siglen;
1208 for (count = 0; COND(ecdsa_c[testnum][0]); count++) {
1209 ret = ECDSA_sign(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1211 BIO_printf(bio_err, "ECDSA sign failure\n");
1212 ERR_print_errors(bio_err);
1220 static int ECDSA_verify_loop(void *args)
1222 loopargs_t *tempargs = *(loopargs_t **) args;
1223 unsigned char *buf = tempargs->buf;
1224 EC_KEY **ecdsa = tempargs->ecdsa;
1225 unsigned char *ecdsasig = tempargs->buf2;
1226 unsigned int ecdsasiglen = tempargs->siglen;
1228 for (count = 0; COND(ecdsa_c[testnum][1]); count++) {
1229 ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1231 BIO_printf(bio_err, "ECDSA verify failure\n");
1232 ERR_print_errors(bio_err);
1240 /* ******************************************************************** */
1241 static long ecdh_c[EC_NUM][1];
1243 static int ECDH_EVP_derive_key_loop(void *args)
1245 loopargs_t *tempargs = *(loopargs_t **) args;
1246 EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum];
1247 unsigned char *derived_secret = tempargs->secret_a;
1249 size_t *outlen = &(tempargs->outlen[testnum]);
1251 for (count = 0; COND(ecdh_c[testnum][0]); count++)
1252 EVP_PKEY_derive(ctx, derived_secret, outlen);
1257 static long eddsa_c[EdDSA_NUM][2];
1258 static int EdDSA_sign_loop(void *args)
1260 loopargs_t *tempargs = *(loopargs_t **) args;
1261 unsigned char *buf = tempargs->buf;
1262 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1263 unsigned char *eddsasig = tempargs->buf2;
1264 size_t *eddsasigsize = &tempargs->sigsize;
1267 for (count = 0; COND(eddsa_c[testnum][0]); count++) {
1268 ret = EVP_DigestSign(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1270 BIO_printf(bio_err, "EdDSA sign failure\n");
1271 ERR_print_errors(bio_err);
1279 static int EdDSA_verify_loop(void *args)
1281 loopargs_t *tempargs = *(loopargs_t **) args;
1282 unsigned char *buf = tempargs->buf;
1283 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1284 unsigned char *eddsasig = tempargs->buf2;
1285 size_t eddsasigsize = tempargs->sigsize;
1288 for (count = 0; COND(eddsa_c[testnum][1]); count++) {
1289 ret = EVP_DigestVerify(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1291 BIO_printf(bio_err, "EdDSA verify failure\n");
1292 ERR_print_errors(bio_err);
1299 #endif /* OPENSSL_NO_EC */
1301 static int run_benchmark(int async_jobs,
1302 int (*loop_function) (void *), loopargs_t * loopargs)
1304 int job_op_count = 0;
1305 int total_op_count = 0;
1306 int num_inprogress = 0;
1307 int error = 0, i = 0, ret = 0;
1308 OSSL_ASYNC_FD job_fd = 0;
1309 size_t num_job_fds = 0;
1313 if (async_jobs == 0) {
1314 return loop_function((void *)&loopargs);
1317 for (i = 0; i < async_jobs && !error; i++) {
1318 loopargs_t *looparg_item = loopargs + i;
1320 /* Copy pointer content (looparg_t item address) into async context */
1321 ret = ASYNC_start_job(&loopargs[i].inprogress_job, loopargs[i].wait_ctx,
1322 &job_op_count, loop_function,
1323 (void *)&looparg_item, sizeof(looparg_item));
1329 if (job_op_count == -1) {
1332 total_op_count += job_op_count;
1337 BIO_printf(bio_err, "Failure in the job\n");
1338 ERR_print_errors(bio_err);
1344 while (num_inprogress > 0) {
1345 #if defined(OPENSSL_SYS_WINDOWS)
1347 #elif defined(OPENSSL_SYS_UNIX)
1348 int select_result = 0;
1349 OSSL_ASYNC_FD max_fd = 0;
1352 FD_ZERO(&waitfdset);
1354 for (i = 0; i < async_jobs && num_inprogress > 0; i++) {
1355 if (loopargs[i].inprogress_job == NULL)
1358 if (!ASYNC_WAIT_CTX_get_all_fds
1359 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1360 || num_job_fds > 1) {
1361 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1362 ERR_print_errors(bio_err);
1366 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1368 FD_SET(job_fd, &waitfdset);
1369 if (job_fd > max_fd)
1373 if (max_fd >= (OSSL_ASYNC_FD)FD_SETSIZE) {
1375 "Error: max_fd (%d) must be smaller than FD_SETSIZE (%d). "
1376 "Decrease the value of async_jobs\n",
1377 max_fd, FD_SETSIZE);
1378 ERR_print_errors(bio_err);
1383 select_result = select(max_fd + 1, &waitfdset, NULL, NULL, NULL);
1384 if (select_result == -1 && errno == EINTR)
1387 if (select_result == -1) {
1388 BIO_printf(bio_err, "Failure in the select\n");
1389 ERR_print_errors(bio_err);
1394 if (select_result == 0)
1398 for (i = 0; i < async_jobs; i++) {
1399 if (loopargs[i].inprogress_job == NULL)
1402 if (!ASYNC_WAIT_CTX_get_all_fds
1403 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1404 || num_job_fds > 1) {
1405 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1406 ERR_print_errors(bio_err);
1410 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1413 #if defined(OPENSSL_SYS_UNIX)
1414 if (num_job_fds == 1 && !FD_ISSET(job_fd, &waitfdset))
1416 #elif defined(OPENSSL_SYS_WINDOWS)
1417 if (num_job_fds == 1
1418 && !PeekNamedPipe(job_fd, NULL, 0, NULL, &avail, NULL)
1423 ret = ASYNC_start_job(&loopargs[i].inprogress_job,
1424 loopargs[i].wait_ctx, &job_op_count,
1425 loop_function, (void *)(loopargs + i),
1426 sizeof(loopargs_t));
1431 if (job_op_count == -1) {
1434 total_op_count += job_op_count;
1437 loopargs[i].inprogress_job = NULL;
1442 loopargs[i].inprogress_job = NULL;
1443 BIO_printf(bio_err, "Failure in the job\n");
1444 ERR_print_errors(bio_err);
1451 return error ? -1 : total_op_count;
1454 int speed_main(int argc, char **argv)
1457 loopargs_t *loopargs = NULL;
1459 const char *engine_id = NULL;
1460 const EVP_CIPHER *evp_cipher = NULL;
1463 int async_init = 0, multiblock = 0, pr_header = 0;
1464 int doit[ALGOR_NUM] = { 0 };
1465 int ret = 1, misalign = 0, lengths_single = 0, aead = 0;
1467 unsigned int size_num = OSSL_NELEM(lengths_list);
1468 unsigned int i, k, loop, loopargs_len = 0, async_jobs = 0;
1474 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) \
1475 || !defined(OPENSSL_NO_EC)
1478 openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS,
1479 ECDSA_SECONDS, ECDH_SECONDS,
1482 /* What follows are the buffers and key material. */
1483 #ifndef OPENSSL_NO_RC5
1486 #ifndef OPENSSL_NO_RC2
1489 #ifndef OPENSSL_NO_IDEA
1490 IDEA_KEY_SCHEDULE idea_ks;
1492 #ifndef OPENSSL_NO_SEED
1493 SEED_KEY_SCHEDULE seed_ks;
1495 #ifndef OPENSSL_NO_BF
1498 #ifndef OPENSSL_NO_CAST
1501 static const unsigned char key16[16] = {
1502 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1503 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1505 static const unsigned char key24[24] = {
1506 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1507 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1508 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1510 static const unsigned char key32[32] = {
1511 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1512 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1513 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1514 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1516 #ifndef OPENSSL_NO_CAMELLIA
1517 static const unsigned char ckey24[24] = {
1518 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1519 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1520 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1522 static const unsigned char ckey32[32] = {
1523 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1524 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1525 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1526 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1528 CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3;
1530 #ifndef OPENSSL_NO_DES
1531 static DES_cblock key = {
1532 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0
1534 static DES_cblock key2 = {
1535 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1537 static DES_cblock key3 = {
1538 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1541 #ifndef OPENSSL_NO_RSA
1542 static const unsigned int rsa_bits[RSA_NUM] = {
1543 512, 1024, 2048, 3072, 4096, 7680, 15360
1545 static const unsigned char *rsa_data[RSA_NUM] = {
1546 test512, test1024, test2048, test3072, test4096, test7680, test15360
1548 static const int rsa_data_length[RSA_NUM] = {
1549 sizeof(test512), sizeof(test1024),
1550 sizeof(test2048), sizeof(test3072),
1551 sizeof(test4096), sizeof(test7680),
1554 int rsa_doit[RSA_NUM] = { 0 };
1555 int primes = RSA_DEFAULT_PRIME_NUM;
1557 #ifndef OPENSSL_NO_DSA
1558 static const unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 };
1559 int dsa_doit[DSA_NUM] = { 0 };
1561 #ifndef OPENSSL_NO_EC
1563 * We only test over the following curves as they are representative, To
1564 * add tests over more curves, simply add the curve NID and curve name to
1565 * the following arrays and increase the |ecdh_choices| list accordingly.
1567 static const struct {
1573 {"secp160r1", NID_secp160r1, 160},
1574 {"nistp192", NID_X9_62_prime192v1, 192},
1575 {"nistp224", NID_secp224r1, 224},
1576 {"nistp256", NID_X9_62_prime256v1, 256},
1577 {"nistp384", NID_secp384r1, 384},
1578 {"nistp521", NID_secp521r1, 521},
1579 # ifndef OPENSSL_NO_EC2M
1581 {"nistk163", NID_sect163k1, 163},
1582 {"nistk233", NID_sect233k1, 233},
1583 {"nistk283", NID_sect283k1, 283},
1584 {"nistk409", NID_sect409k1, 409},
1585 {"nistk571", NID_sect571k1, 571},
1586 {"nistb163", NID_sect163r2, 163},
1587 {"nistb233", NID_sect233r1, 233},
1588 {"nistb283", NID_sect283r1, 283},
1589 {"nistb409", NID_sect409r1, 409},
1590 {"nistb571", NID_sect571r1, 571},
1592 {"brainpoolP256r1", NID_brainpoolP256r1, 256},
1593 {"brainpoolP256t1", NID_brainpoolP256t1, 256},
1594 {"brainpoolP384r1", NID_brainpoolP384r1, 384},
1595 {"brainpoolP384t1", NID_brainpoolP384t1, 384},
1596 {"brainpoolP512r1", NID_brainpoolP512r1, 512},
1597 {"brainpoolP512t1", NID_brainpoolP512t1, 512},
1598 /* Other and ECDH only ones */
1599 {"X25519", NID_X25519, 253},
1600 {"X448", NID_X448, 448}
1602 static const struct {
1607 } test_ed_curves[] = {
1609 {"Ed25519", NID_ED25519, 253, 64},
1610 {"Ed448", NID_ED448, 456, 114}
1612 int ecdsa_doit[ECDSA_NUM] = { 0 };
1613 int ecdh_doit[EC_NUM] = { 0 };
1614 int eddsa_doit[EdDSA_NUM] = { 0 };
1615 OPENSSL_assert(OSSL_NELEM(test_curves) >= EC_NUM);
1616 OPENSSL_assert(OSSL_NELEM(test_ed_curves) >= EdDSA_NUM);
1617 #endif /* ndef OPENSSL_NO_EC */
1619 prog = opt_init(argc, argv, speed_options);
1620 while ((o = opt_next()) != OPT_EOF) {
1625 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
1628 opt_help(speed_options);
1636 evp_cipher = EVP_get_cipherbyname(opt_arg());
1637 if (evp_cipher == NULL)
1638 evp_md = EVP_get_digestbyname(opt_arg());
1639 if (evp_cipher == NULL && evp_md == NULL) {
1641 "%s: %s is an unknown cipher or digest\n",
1648 evp_hmac_md = EVP_get_digestbyname(opt_arg());
1649 if (evp_hmac_md == NULL) {
1650 BIO_printf(bio_err, "%s: %s is an unknown digest\n",
1654 doit[D_EVP_HMAC] = 1;
1657 #ifndef OPENSSL_NO_CMAC
1658 evp_cmac_cipher = EVP_get_cipherbyname(opt_arg());
1659 if (evp_cmac_cipher == NULL) {
1660 BIO_printf(bio_err, "%s: %s is an unknown cipher\n",
1664 doit[D_EVP_CMAC] = 1;
1672 * In a forked execution, an engine might need to be
1673 * initialised by each child process, not by the parent.
1674 * So store the name here and run setup_engine() later on.
1676 engine_id = opt_arg();
1680 multi = atoi(opt_arg());
1684 #ifndef OPENSSL_NO_ASYNC
1685 async_jobs = atoi(opt_arg());
1686 if (!ASYNC_is_capable()) {
1688 "%s: async_jobs specified but async not supported\n",
1692 if (async_jobs > 99999) {
1693 BIO_printf(bio_err, "%s: too many async_jobs\n", prog);
1699 if (!opt_int(opt_arg(), &misalign))
1701 if (misalign > MISALIGN) {
1703 "%s: Maximum offset is %d\n", prog, MISALIGN);
1712 #ifdef OPENSSL_NO_MULTIBLOCK
1714 "%s: -mb specified but multi-block support is disabled\n",
1724 if (!opt_int(opt_arg(), &primes))
1728 seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa
1729 = seconds.ecdh = seconds.eddsa = atoi(opt_arg());
1732 lengths_single = atoi(opt_arg());
1733 lengths = &lengths_single;
1741 argc = opt_num_rest();
1744 /* Remaining arguments are algorithms. */
1745 for (; *argv; argv++) {
1746 if (found(*argv, doit_choices, &i)) {
1750 #ifndef OPENSSL_NO_DES
1751 if (strcmp(*argv, "des") == 0) {
1752 doit[D_CBC_DES] = doit[D_EDE3_DES] = 1;
1756 if (strcmp(*argv, "sha") == 0) {
1757 doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1;
1760 #ifndef OPENSSL_NO_RSA
1761 if (strcmp(*argv, "openssl") == 0)
1763 if (strcmp(*argv, "rsa") == 0) {
1764 for (loop = 0; loop < OSSL_NELEM(rsa_doit); loop++)
1768 if (found(*argv, rsa_choices, &i)) {
1773 #ifndef OPENSSL_NO_DSA
1774 if (strcmp(*argv, "dsa") == 0) {
1775 dsa_doit[R_DSA_512] = dsa_doit[R_DSA_1024] =
1776 dsa_doit[R_DSA_2048] = 1;
1779 if (found(*argv, dsa_choices, &i)) {
1784 if (strcmp(*argv, "aes") == 0) {
1785 doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1;
1788 #ifndef OPENSSL_NO_CAMELLIA
1789 if (strcmp(*argv, "camellia") == 0) {
1790 doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1;
1794 #ifndef OPENSSL_NO_EC
1795 if (strcmp(*argv, "ecdsa") == 0) {
1796 for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
1797 ecdsa_doit[loop] = 1;
1800 if (found(*argv, ecdsa_choices, &i)) {
1804 if (strcmp(*argv, "ecdh") == 0) {
1805 for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
1806 ecdh_doit[loop] = 1;
1809 if (found(*argv, ecdh_choices, &i)) {
1813 if (strcmp(*argv, "eddsa") == 0) {
1814 for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
1815 eddsa_doit[loop] = 1;
1818 if (found(*argv, eddsa_choices, &i)) {
1823 BIO_printf(bio_err, "%s: Unknown algorithm %s\n", prog, *argv);
1829 if (evp_cipher == NULL) {
1830 BIO_printf(bio_err, "-aead can be used only with an AEAD cipher\n");
1832 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1833 EVP_CIPH_FLAG_AEAD_CIPHER)) {
1834 BIO_printf(bio_err, "%s is not an AEAD cipher\n",
1835 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1840 if (evp_cipher == NULL) {
1841 BIO_printf(bio_err,"-mb can be used only with a multi-block"
1842 " capable cipher\n");
1844 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1845 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
1846 BIO_printf(bio_err, "%s is not a multi-block capable\n",
1847 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1849 } else if (async_jobs > 0) {
1850 BIO_printf(bio_err, "Async mode is not supported with -mb");
1855 /* Initialize the job pool if async mode is enabled */
1856 if (async_jobs > 0) {
1857 async_init = ASYNC_init_thread(async_jobs, async_jobs);
1859 BIO_printf(bio_err, "Error creating the ASYNC job pool\n");
1864 loopargs_len = (async_jobs == 0 ? 1 : async_jobs);
1866 app_malloc(loopargs_len * sizeof(loopargs_t), "array of loopargs");
1867 memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));
1869 for (i = 0; i < loopargs_len; i++) {
1870 if (async_jobs > 0) {
1871 loopargs[i].wait_ctx = ASYNC_WAIT_CTX_new();
1872 if (loopargs[i].wait_ctx == NULL) {
1873 BIO_printf(bio_err, "Error creating the ASYNC_WAIT_CTX\n");
1878 buflen = lengths[size_num - 1];
1879 if (buflen < 36) /* size of random vector in RSA bencmark */
1881 buflen += MAX_MISALIGNMENT + 1;
1882 loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
1883 loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");
1884 memset(loopargs[i].buf_malloc, 0, buflen);
1885 memset(loopargs[i].buf2_malloc, 0, buflen);
1887 /* Align the start of buffers on a 64 byte boundary */
1888 loopargs[i].buf = loopargs[i].buf_malloc + misalign;
1889 loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;
1890 #ifndef OPENSSL_NO_EC
1891 loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a");
1892 loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b");
1897 if (multi && do_multi(multi, size_num))
1901 /* Initialize the engine after the fork */
1902 e = setup_engine(engine_id, 0);
1904 /* No parameters; turn on everything. */
1905 if (argc == 0 && !doit[D_EVP] && !doit[D_EVP_HMAC] && !doit[D_EVP_CMAC]) {
1906 for (i = 0; i < ALGOR_NUM; i++)
1907 if (i != D_EVP && i != D_EVP_HMAC && i != D_EVP_CMAC)
1909 #ifndef OPENSSL_NO_RSA
1910 for (i = 0; i < RSA_NUM; i++)
1913 #ifndef OPENSSL_NO_DSA
1914 for (i = 0; i < DSA_NUM; i++)
1917 #ifndef OPENSSL_NO_EC
1918 for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
1919 ecdsa_doit[loop] = 1;
1920 for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
1921 ecdh_doit[loop] = 1;
1922 for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
1923 eddsa_doit[loop] = 1;
1926 for (i = 0; i < ALGOR_NUM; i++)
1930 if (usertime == 0 && !mr)
1932 "You have chosen to measure elapsed time "
1933 "instead of user CPU time.\n");
1935 #ifndef OPENSSL_NO_RSA
1936 for (i = 0; i < loopargs_len; i++) {
1937 if (primes > RSA_DEFAULT_PRIME_NUM) {
1938 /* for multi-prime RSA, skip this */
1941 for (k = 0; k < RSA_NUM; k++) {
1942 const unsigned char *p;
1945 loopargs[i].rsa_key[k] =
1946 d2i_RSAPrivateKey(NULL, &p, rsa_data_length[k]);
1947 if (loopargs[i].rsa_key[k] == NULL) {
1949 "internal error loading RSA key number %d\n", k);
1955 #ifndef OPENSSL_NO_DSA
1956 for (i = 0; i < loopargs_len; i++) {
1957 loopargs[i].dsa_key[0] = get_dsa(512);
1958 loopargs[i].dsa_key[1] = get_dsa(1024);
1959 loopargs[i].dsa_key[2] = get_dsa(2048);
1962 #ifndef OPENSSL_NO_DES
1963 DES_set_key_unchecked(&key, &sch);
1964 DES_set_key_unchecked(&key2, &sch2);
1965 DES_set_key_unchecked(&key3, &sch3);
1967 AES_set_encrypt_key(key16, 128, &aes_ks1);
1968 AES_set_encrypt_key(key24, 192, &aes_ks2);
1969 AES_set_encrypt_key(key32, 256, &aes_ks3);
1970 #ifndef OPENSSL_NO_CAMELLIA
1971 Camellia_set_key(key16, 128, &camellia_ks1);
1972 Camellia_set_key(ckey24, 192, &camellia_ks2);
1973 Camellia_set_key(ckey32, 256, &camellia_ks3);
1975 #ifndef OPENSSL_NO_IDEA
1976 IDEA_set_encrypt_key(key16, &idea_ks);
1978 #ifndef OPENSSL_NO_SEED
1979 SEED_set_key(key16, &seed_ks);
1981 #ifndef OPENSSL_NO_RC4
1982 RC4_set_key(&rc4_ks, 16, key16);
1984 #ifndef OPENSSL_NO_RC2
1985 RC2_set_key(&rc2_ks, 16, key16, 128);
1987 #ifndef OPENSSL_NO_RC5
1988 RC5_32_set_key(&rc5_ks, 16, key16, 12);
1990 #ifndef OPENSSL_NO_BF
1991 BF_set_key(&bf_ks, 16, key16);
1993 #ifndef OPENSSL_NO_CAST
1994 CAST_set_key(&cast_ks, 16, key16);
1997 # ifndef OPENSSL_NO_DES
1998 BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
2004 for (it = count; it; it--)
2005 DES_ecb_encrypt((DES_cblock *)loopargs[0].buf,
2006 (DES_cblock *)loopargs[0].buf, &sch, DES_ENCRYPT);
2010 c[D_MD2][0] = count / 10;
2011 c[D_MDC2][0] = count / 10;
2012 c[D_MD4][0] = count;
2013 c[D_MD5][0] = count;
2014 c[D_HMAC][0] = count;
2015 c[D_SHA1][0] = count;
2016 c[D_RMD160][0] = count;
2017 c[D_RC4][0] = count * 5;
2018 c[D_CBC_DES][0] = count;
2019 c[D_EDE3_DES][0] = count / 3;
2020 c[D_CBC_IDEA][0] = count;
2021 c[D_CBC_SEED][0] = count;
2022 c[D_CBC_RC2][0] = count;
2023 c[D_CBC_RC5][0] = count;
2024 c[D_CBC_BF][0] = count;
2025 c[D_CBC_CAST][0] = count;
2026 c[D_CBC_128_AES][0] = count;
2027 c[D_CBC_192_AES][0] = count;
2028 c[D_CBC_256_AES][0] = count;
2029 c[D_CBC_128_CML][0] = count;
2030 c[D_CBC_192_CML][0] = count;
2031 c[D_CBC_256_CML][0] = count;
2032 c[D_SHA256][0] = count;
2033 c[D_SHA512][0] = count;
2034 c[D_WHIRLPOOL][0] = count;
2035 c[D_IGE_128_AES][0] = count;
2036 c[D_IGE_192_AES][0] = count;
2037 c[D_IGE_256_AES][0] = count;
2038 c[D_GHASH][0] = count;
2039 c[D_RAND][0] = count;
2041 for (i = 1; i < size_num; i++) {
2044 l0 = (long)lengths[0];
2045 l1 = (long)lengths[i];
2047 c[D_MD2][i] = c[D_MD2][0] * 4 * l0 / l1;
2048 c[D_MDC2][i] = c[D_MDC2][0] * 4 * l0 / l1;
2049 c[D_MD4][i] = c[D_MD4][0] * 4 * l0 / l1;
2050 c[D_MD5][i] = c[D_MD5][0] * 4 * l0 / l1;
2051 c[D_HMAC][i] = c[D_HMAC][0] * 4 * l0 / l1;
2052 c[D_SHA1][i] = c[D_SHA1][0] * 4 * l0 / l1;
2053 c[D_RMD160][i] = c[D_RMD160][0] * 4 * l0 / l1;
2054 c[D_SHA256][i] = c[D_SHA256][0] * 4 * l0 / l1;
2055 c[D_SHA512][i] = c[D_SHA512][0] * 4 * l0 / l1;
2056 c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * l0 / l1;
2057 c[D_GHASH][i] = c[D_GHASH][0] * 4 * l0 / l1;
2058 c[D_RAND][i] = c[D_RAND][0] * 4 * l0 / l1;
2060 l0 = (long)lengths[i - 1];
2062 c[D_RC4][i] = c[D_RC4][i - 1] * l0 / l1;
2063 c[D_CBC_DES][i] = c[D_CBC_DES][i - 1] * l0 / l1;
2064 c[D_EDE3_DES][i] = c[D_EDE3_DES][i - 1] * l0 / l1;
2065 c[D_CBC_IDEA][i] = c[D_CBC_IDEA][i - 1] * l0 / l1;
2066 c[D_CBC_SEED][i] = c[D_CBC_SEED][i - 1] * l0 / l1;
2067 c[D_CBC_RC2][i] = c[D_CBC_RC2][i - 1] * l0 / l1;
2068 c[D_CBC_RC5][i] = c[D_CBC_RC5][i - 1] * l0 / l1;
2069 c[D_CBC_BF][i] = c[D_CBC_BF][i - 1] * l0 / l1;
2070 c[D_CBC_CAST][i] = c[D_CBC_CAST][i - 1] * l0 / l1;
2071 c[D_CBC_128_AES][i] = c[D_CBC_128_AES][i - 1] * l0 / l1;
2072 c[D_CBC_192_AES][i] = c[D_CBC_192_AES][i - 1] * l0 / l1;
2073 c[D_CBC_256_AES][i] = c[D_CBC_256_AES][i - 1] * l0 / l1;
2074 c[D_CBC_128_CML][i] = c[D_CBC_128_CML][i - 1] * l0 / l1;
2075 c[D_CBC_192_CML][i] = c[D_CBC_192_CML][i - 1] * l0 / l1;
2076 c[D_CBC_256_CML][i] = c[D_CBC_256_CML][i - 1] * l0 / l1;
2077 c[D_IGE_128_AES][i] = c[D_IGE_128_AES][i - 1] * l0 / l1;
2078 c[D_IGE_192_AES][i] = c[D_IGE_192_AES][i - 1] * l0 / l1;
2079 c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
2082 # ifndef OPENSSL_NO_RSA
2083 rsa_c[R_RSA_512][0] = count / 2000;
2084 rsa_c[R_RSA_512][1] = count / 400;
2085 for (i = 1; i < RSA_NUM; i++) {
2086 rsa_c[i][0] = rsa_c[i - 1][0] / 8;
2087 rsa_c[i][1] = rsa_c[i - 1][1] / 4;
2088 if (rsa_doit[i] <= 1 && rsa_c[i][0] == 0)
2091 if (rsa_c[i][0] == 0) {
2092 rsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2099 # ifndef OPENSSL_NO_DSA
2100 dsa_c[R_DSA_512][0] = count / 1000;
2101 dsa_c[R_DSA_512][1] = count / 1000 / 2;
2102 for (i = 1; i < DSA_NUM; i++) {
2103 dsa_c[i][0] = dsa_c[i - 1][0] / 4;
2104 dsa_c[i][1] = dsa_c[i - 1][1] / 4;
2105 if (dsa_doit[i] <= 1 && dsa_c[i][0] == 0)
2108 if (dsa_c[i][0] == 0) {
2109 dsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2116 # ifndef OPENSSL_NO_EC
2117 ecdsa_c[R_EC_P160][0] = count / 1000;
2118 ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
2119 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2120 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2121 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2122 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2125 if (ecdsa_c[i][0] == 0) {
2131 # ifndef OPENSSL_NO_EC2M
2132 ecdsa_c[R_EC_K163][0] = count / 1000;
2133 ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
2134 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2135 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2136 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2137 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2140 if (ecdsa_c[i][0] == 0) {
2146 ecdsa_c[R_EC_B163][0] = count / 1000;
2147 ecdsa_c[R_EC_B163][1] = count / 1000 / 2;
2148 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2149 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2150 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2151 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2154 if (ecdsa_c[i][0] == 0) {
2162 ecdh_c[R_EC_P160][0] = count / 1000;
2163 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2164 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2165 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2168 if (ecdh_c[i][0] == 0) {
2173 # ifndef OPENSSL_NO_EC2M
2174 ecdh_c[R_EC_K163][0] = count / 1000;
2175 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2176 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2177 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2180 if (ecdh_c[i][0] == 0) {
2185 ecdh_c[R_EC_B163][0] = count / 1000;
2186 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2187 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2188 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2191 if (ecdh_c[i][0] == 0) {
2197 /* repeated code good to factorize */
2198 ecdh_c[R_EC_BRP256R1][0] = count / 1000;
2199 for (i = R_EC_BRP384R1; i <= R_EC_BRP512R1; i += 2) {
2200 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2201 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2204 if (ecdh_c[i][0] == 0) {
2209 ecdh_c[R_EC_BRP256T1][0] = count / 1000;
2210 for (i = R_EC_BRP384T1; i <= R_EC_BRP512T1; i += 2) {
2211 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2212 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2215 if (ecdh_c[i][0] == 0) {
2220 /* default iteration count for the last two EC Curves */
2221 ecdh_c[R_EC_X25519][0] = count / 1800;
2222 ecdh_c[R_EC_X448][0] = count / 7200;
2224 eddsa_c[R_EC_Ed25519][0] = count / 1800;
2225 eddsa_c[R_EC_Ed448][0] = count / 7200;
2229 /* not worth fixing */
2230 # error "You cannot disable DES on systems without SIGALRM."
2231 # endif /* OPENSSL_NO_DES */
2233 signal(SIGALRM, alarmed);
2234 #endif /* SIGALRM */
2236 #ifndef OPENSSL_NO_MD2
2238 for (testnum = 0; testnum < size_num; testnum++) {
2239 print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum],
2242 count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs);
2244 print_result(D_MD2, testnum, count, d);
2248 #ifndef OPENSSL_NO_MDC2
2250 for (testnum = 0; testnum < size_num; testnum++) {
2251 print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum],
2254 count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs);
2256 print_result(D_MDC2, testnum, count, d);
2261 #ifndef OPENSSL_NO_MD4
2263 for (testnum = 0; testnum < size_num; testnum++) {
2264 print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum],
2267 count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs);
2269 print_result(D_MD4, testnum, count, d);
2274 #ifndef OPENSSL_NO_MD5
2276 for (testnum = 0; testnum < size_num; testnum++) {
2277 print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum],
2280 count = run_benchmark(async_jobs, MD5_loop, loopargs);
2282 print_result(D_MD5, testnum, count, d);
2287 static const char hmac_key[] = "This is a key...";
2288 int len = strlen(hmac_key);
2290 for (i = 0; i < loopargs_len; i++) {
2291 loopargs[i].hctx = HMAC_CTX_new();
2292 if (loopargs[i].hctx == NULL) {
2293 BIO_printf(bio_err, "HMAC malloc failure, exiting...");
2297 HMAC_Init_ex(loopargs[i].hctx, hmac_key, len, EVP_md5(), NULL);
2299 for (testnum = 0; testnum < size_num; testnum++) {
2300 print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum],
2303 count = run_benchmark(async_jobs, HMAC_loop, loopargs);
2305 print_result(D_HMAC, testnum, count, d);
2307 for (i = 0; i < loopargs_len; i++) {
2308 HMAC_CTX_free(loopargs[i].hctx);
2313 for (testnum = 0; testnum < size_num; testnum++) {
2314 print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum],
2317 count = run_benchmark(async_jobs, SHA1_loop, loopargs);
2319 print_result(D_SHA1, testnum, count, d);
2322 if (doit[D_SHA256]) {
2323 for (testnum = 0; testnum < size_num; testnum++) {
2324 print_message(names[D_SHA256], c[D_SHA256][testnum],
2325 lengths[testnum], seconds.sym);
2327 count = run_benchmark(async_jobs, SHA256_loop, loopargs);
2329 print_result(D_SHA256, testnum, count, d);
2332 if (doit[D_SHA512]) {
2333 for (testnum = 0; testnum < size_num; testnum++) {
2334 print_message(names[D_SHA512], c[D_SHA512][testnum],
2335 lengths[testnum], seconds.sym);
2337 count = run_benchmark(async_jobs, SHA512_loop, loopargs);
2339 print_result(D_SHA512, testnum, count, d);
2342 #ifndef OPENSSL_NO_WHIRLPOOL
2343 if (doit[D_WHIRLPOOL]) {
2344 for (testnum = 0; testnum < size_num; testnum++) {
2345 print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][testnum],
2346 lengths[testnum], seconds.sym);
2348 count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs);
2350 print_result(D_WHIRLPOOL, testnum, count, d);
2355 #ifndef OPENSSL_NO_RMD160
2356 if (doit[D_RMD160]) {
2357 for (testnum = 0; testnum < size_num; testnum++) {
2358 print_message(names[D_RMD160], c[D_RMD160][testnum],
2359 lengths[testnum], seconds.sym);
2361 count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs);
2363 print_result(D_RMD160, testnum, count, d);
2367 #ifndef OPENSSL_NO_RC4
2369 for (testnum = 0; testnum < size_num; testnum++) {
2370 print_message(names[D_RC4], c[D_RC4][testnum], lengths[testnum],
2373 count = run_benchmark(async_jobs, RC4_loop, loopargs);
2375 print_result(D_RC4, testnum, count, d);
2379 #ifndef OPENSSL_NO_DES
2380 if (doit[D_CBC_DES]) {
2381 for (testnum = 0; testnum < size_num; testnum++) {
2382 print_message(names[D_CBC_DES], c[D_CBC_DES][testnum],
2383 lengths[testnum], seconds.sym);
2385 count = run_benchmark(async_jobs, DES_ncbc_encrypt_loop, loopargs);
2387 print_result(D_CBC_DES, testnum, count, d);
2391 if (doit[D_EDE3_DES]) {
2392 for (testnum = 0; testnum < size_num; testnum++) {
2393 print_message(names[D_EDE3_DES], c[D_EDE3_DES][testnum],
2394 lengths[testnum], seconds.sym);
2397 run_benchmark(async_jobs, DES_ede3_cbc_encrypt_loop, loopargs);
2399 print_result(D_EDE3_DES, testnum, count, d);
2404 if (doit[D_CBC_128_AES]) {
2405 for (testnum = 0; testnum < size_num; testnum++) {
2406 print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][testnum],
2407 lengths[testnum], seconds.sym);
2410 run_benchmark(async_jobs, AES_cbc_128_encrypt_loop, loopargs);
2412 print_result(D_CBC_128_AES, testnum, count, d);
2415 if (doit[D_CBC_192_AES]) {
2416 for (testnum = 0; testnum < size_num; testnum++) {
2417 print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][testnum],
2418 lengths[testnum], seconds.sym);
2421 run_benchmark(async_jobs, AES_cbc_192_encrypt_loop, loopargs);
2423 print_result(D_CBC_192_AES, testnum, count, d);
2426 if (doit[D_CBC_256_AES]) {
2427 for (testnum = 0; testnum < size_num; testnum++) {
2428 print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][testnum],
2429 lengths[testnum], seconds.sym);
2432 run_benchmark(async_jobs, AES_cbc_256_encrypt_loop, loopargs);
2434 print_result(D_CBC_256_AES, testnum, count, d);
2439 if (doit[D_IGE_128_AES]) {
2440 for (testnum = 0; testnum < size_num; testnum++) {
2441 print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][testnum],
2442 lengths[testnum], seconds.sym);
2445 run_benchmark(async_jobs, AES_ige_128_encrypt_loop, loopargs);
2447 print_result(D_IGE_128_AES, testnum, count, d);
2450 if (doit[D_IGE_192_AES]) {
2451 for (testnum = 0; testnum < size_num; testnum++) {
2452 print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][testnum],
2453 lengths[testnum], seconds.sym);
2456 run_benchmark(async_jobs, AES_ige_192_encrypt_loop, loopargs);
2458 print_result(D_IGE_192_AES, testnum, count, d);
2461 if (doit[D_IGE_256_AES]) {
2462 for (testnum = 0; testnum < size_num; testnum++) {
2463 print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][testnum],
2464 lengths[testnum], seconds.sym);
2467 run_benchmark(async_jobs, AES_ige_256_encrypt_loop, loopargs);
2469 print_result(D_IGE_256_AES, testnum, count, d);
2473 if (doit[D_GHASH]) {
2474 for (i = 0; i < loopargs_len; i++) {
2475 loopargs[i].gcm_ctx =
2476 CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
2477 CRYPTO_gcm128_setiv(loopargs[i].gcm_ctx,
2478 (unsigned char *)"0123456789ab", 12);
2481 for (testnum = 0; testnum < size_num; testnum++) {
2482 print_message(names[D_GHASH], c[D_GHASH][testnum],
2483 lengths[testnum], seconds.sym);
2485 count = run_benchmark(async_jobs, CRYPTO_gcm128_aad_loop, loopargs);
2487 print_result(D_GHASH, testnum, count, d);
2489 for (i = 0; i < loopargs_len; i++)
2490 CRYPTO_gcm128_release(loopargs[i].gcm_ctx);
2492 #ifndef OPENSSL_NO_CAMELLIA
2493 if (doit[D_CBC_128_CML]) {
2494 if (async_jobs > 0) {
2495 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2496 names[D_CBC_128_CML]);
2497 doit[D_CBC_128_CML] = 0;
2499 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2500 print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][testnum],
2501 lengths[testnum], seconds.sym);
2503 for (count = 0, run = 1; COND(c[D_CBC_128_CML][testnum]); count++)
2504 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2505 (size_t)lengths[testnum], &camellia_ks1,
2506 iv, CAMELLIA_ENCRYPT);
2508 print_result(D_CBC_128_CML, testnum, count, d);
2511 if (doit[D_CBC_192_CML]) {
2512 if (async_jobs > 0) {
2513 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2514 names[D_CBC_192_CML]);
2515 doit[D_CBC_192_CML] = 0;
2517 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2518 print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][testnum],
2519 lengths[testnum], seconds.sym);
2520 if (async_jobs > 0) {
2521 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2525 for (count = 0, run = 1; COND(c[D_CBC_192_CML][testnum]); count++)
2526 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2527 (size_t)lengths[testnum], &camellia_ks2,
2528 iv, CAMELLIA_ENCRYPT);
2530 print_result(D_CBC_192_CML, testnum, count, d);
2533 if (doit[D_CBC_256_CML]) {
2534 if (async_jobs > 0) {
2535 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2536 names[D_CBC_256_CML]);
2537 doit[D_CBC_256_CML] = 0;
2539 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2540 print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][testnum],
2541 lengths[testnum], seconds.sym);
2543 for (count = 0, run = 1; COND(c[D_CBC_256_CML][testnum]); count++)
2544 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2545 (size_t)lengths[testnum], &camellia_ks3,
2546 iv, CAMELLIA_ENCRYPT);
2548 print_result(D_CBC_256_CML, testnum, count, d);
2552 #ifndef OPENSSL_NO_IDEA
2553 if (doit[D_CBC_IDEA]) {
2554 if (async_jobs > 0) {
2555 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2557 doit[D_CBC_IDEA] = 0;
2559 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2560 print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][testnum],
2561 lengths[testnum], seconds.sym);
2563 for (count = 0, run = 1; COND(c[D_CBC_IDEA][testnum]); count++)
2564 IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2565 (size_t)lengths[testnum], &idea_ks,
2568 print_result(D_CBC_IDEA, testnum, count, d);
2572 #ifndef OPENSSL_NO_SEED
2573 if (doit[D_CBC_SEED]) {
2574 if (async_jobs > 0) {
2575 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2577 doit[D_CBC_SEED] = 0;
2579 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2580 print_message(names[D_CBC_SEED], c[D_CBC_SEED][testnum],
2581 lengths[testnum], seconds.sym);
2583 for (count = 0, run = 1; COND(c[D_CBC_SEED][testnum]); count++)
2584 SEED_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2585 (size_t)lengths[testnum], &seed_ks, iv, 1);
2587 print_result(D_CBC_SEED, testnum, count, d);
2591 #ifndef OPENSSL_NO_RC2
2592 if (doit[D_CBC_RC2]) {
2593 if (async_jobs > 0) {
2594 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2596 doit[D_CBC_RC2] = 0;
2598 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2599 print_message(names[D_CBC_RC2], c[D_CBC_RC2][testnum],
2600 lengths[testnum], seconds.sym);
2601 if (async_jobs > 0) {
2602 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2606 for (count = 0, run = 1; COND(c[D_CBC_RC2][testnum]); count++)
2607 RC2_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2608 (size_t)lengths[testnum], &rc2_ks,
2611 print_result(D_CBC_RC2, testnum, count, d);
2615 #ifndef OPENSSL_NO_RC5
2616 if (doit[D_CBC_RC5]) {
2617 if (async_jobs > 0) {
2618 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2620 doit[D_CBC_RC5] = 0;
2622 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2623 print_message(names[D_CBC_RC5], c[D_CBC_RC5][testnum],
2624 lengths[testnum], seconds.sym);
2625 if (async_jobs > 0) {
2626 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2630 for (count = 0, run = 1; COND(c[D_CBC_RC5][testnum]); count++)
2631 RC5_32_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2632 (size_t)lengths[testnum], &rc5_ks,
2635 print_result(D_CBC_RC5, testnum, count, d);
2639 #ifndef OPENSSL_NO_BF
2640 if (doit[D_CBC_BF]) {
2641 if (async_jobs > 0) {
2642 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2646 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2647 print_message(names[D_CBC_BF], c[D_CBC_BF][testnum],
2648 lengths[testnum], seconds.sym);
2650 for (count = 0, run = 1; COND(c[D_CBC_BF][testnum]); count++)
2651 BF_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2652 (size_t)lengths[testnum], &bf_ks,
2655 print_result(D_CBC_BF, testnum, count, d);
2659 #ifndef OPENSSL_NO_CAST
2660 if (doit[D_CBC_CAST]) {
2661 if (async_jobs > 0) {
2662 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2664 doit[D_CBC_CAST] = 0;
2666 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2667 print_message(names[D_CBC_CAST], c[D_CBC_CAST][testnum],
2668 lengths[testnum], seconds.sym);
2670 for (count = 0, run = 1; COND(c[D_CBC_CAST][testnum]); count++)
2671 CAST_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2672 (size_t)lengths[testnum], &cast_ks,
2675 print_result(D_CBC_CAST, testnum, count, d);
2680 for (testnum = 0; testnum < size_num; testnum++) {
2681 print_message(names[D_RAND], c[D_RAND][testnum], lengths[testnum],
2684 count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs);
2686 print_result(D_RAND, testnum, count, d);
2691 if (evp_cipher != NULL) {
2692 int (*loopfunc)(void *args) = EVP_Update_loop;
2694 if (multiblock && (EVP_CIPHER_flags(evp_cipher) &
2695 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
2696 multiblock_speed(evp_cipher, lengths_single, &seconds);
2701 names[D_EVP] = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
2703 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_CCM_MODE) {
2704 loopfunc = EVP_Update_loop_ccm;
2705 } else if (aead && (EVP_CIPHER_flags(evp_cipher) &
2706 EVP_CIPH_FLAG_AEAD_CIPHER)) {
2707 loopfunc = EVP_Update_loop_aead;
2708 if (lengths == lengths_list) {
2709 lengths = aead_lengths_list;
2710 size_num = OSSL_NELEM(aead_lengths_list);
2714 for (testnum = 0; testnum < size_num; testnum++) {
2715 print_message(names[D_EVP], save_count, lengths[testnum],
2718 for (k = 0; k < loopargs_len; k++) {
2719 loopargs[k].ctx = EVP_CIPHER_CTX_new();
2720 EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL, NULL,
2721 iv, decrypt ? 0 : 1);
2723 EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
2725 keylen = EVP_CIPHER_CTX_key_length(loopargs[k].ctx);
2726 loopargs[k].key = app_malloc(keylen, "evp_cipher key");
2727 EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key);
2728 EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
2729 loopargs[k].key, NULL, -1);
2730 OPENSSL_clear_free(loopargs[k].key, keylen);
2732 /* SIV mode only allows for a single Update operation */
2733 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_SIV_MODE)
2734 EVP_CIPHER_CTX_ctrl(loopargs[k].ctx, EVP_CTRL_SET_SPEED, 1, NULL);
2738 count = run_benchmark(async_jobs, loopfunc, loopargs);
2740 for (k = 0; k < loopargs_len; k++) {
2741 EVP_CIPHER_CTX_free(loopargs[k].ctx);
2743 print_result(D_EVP, testnum, count, d);
2745 } else if (evp_md != NULL) {
2746 names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md));
2748 for (testnum = 0; testnum < size_num; testnum++) {
2749 print_message(names[D_EVP], save_count, lengths[testnum],
2752 count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs);
2754 print_result(D_EVP, testnum, count, d);
2759 if (doit[D_EVP_HMAC]) {
2760 if (evp_hmac_md != NULL) {
2761 const char *md_name = OBJ_nid2ln(EVP_MD_type(evp_hmac_md));
2762 evp_hmac_name = app_malloc(sizeof("HMAC()") + strlen(md_name),
2764 sprintf(evp_hmac_name, "HMAC(%s)", md_name);
2765 names[D_EVP_HMAC] = evp_hmac_name;
2767 for (testnum = 0; testnum < size_num; testnum++) {
2768 print_message(names[D_EVP_HMAC], save_count, lengths[testnum],
2771 count = run_benchmark(async_jobs, EVP_HMAC_loop, loopargs);
2773 print_result(D_EVP_HMAC, testnum, count, d);
2778 #ifndef OPENSSL_NO_CMAC
2779 if (doit[D_EVP_CMAC]) {
2780 if (evp_cmac_cipher != NULL) {
2781 const char *cipher_name = OBJ_nid2ln(EVP_CIPHER_type(evp_cmac_cipher));
2782 evp_cmac_name = app_malloc(sizeof("CMAC()") + strlen(cipher_name),
2784 sprintf(evp_cmac_name, "CMAC(%s)", cipher_name);
2785 names[D_EVP_CMAC] = evp_cmac_name;
2787 for (i = 0; i < loopargs_len; i++) {
2788 loopargs[i].cmac_ctx = CMAC_CTX_new();
2789 if (loopargs[i].cmac_ctx == NULL) {
2790 BIO_printf(bio_err, "CMAC malloc failure, exiting...");
2794 for (testnum = 0; testnum < size_num; testnum++) {
2795 print_message(names[D_EVP_CMAC], save_count, lengths[testnum],
2798 count = run_benchmark(async_jobs, EVP_CMAC_loop, loopargs);
2800 print_result(D_EVP_CMAC, testnum, count, d);
2802 for (i = 0; i < loopargs_len; i++)
2803 CMAC_CTX_free(loopargs[i].cmac_ctx);
2808 for (i = 0; i < loopargs_len; i++)
2809 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2812 #ifndef OPENSSL_NO_RSA
2813 for (testnum = 0; testnum < RSA_NUM; testnum++) {
2815 if (!rsa_doit[testnum])
2817 for (i = 0; i < loopargs_len; i++) {
2819 /* we haven't set keys yet, generate multi-prime RSA keys */
2820 BIGNUM *bn = BN_new();
2824 if (!BN_set_word(bn, RSA_F4)) {
2829 BIO_printf(bio_err, "Generate multi-prime RSA key for %s\n",
2830 rsa_choices[testnum].name);
2832 loopargs[i].rsa_key[testnum] = RSA_new();
2833 if (loopargs[i].rsa_key[testnum] == NULL) {
2838 if (!RSA_generate_multi_prime_key(loopargs[i].rsa_key[testnum],
2840 primes, bn, NULL)) {
2846 st = RSA_sign(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2847 &loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2853 "RSA sign failure. No RSA sign will be done.\n");
2854 ERR_print_errors(bio_err);
2857 pkey_print_message("private", "rsa",
2858 rsa_c[testnum][0], rsa_bits[testnum],
2860 /* RSA_blinding_on(rsa_key[testnum],NULL); */
2862 count = run_benchmark(async_jobs, RSA_sign_loop, loopargs);
2865 mr ? "+R1:%ld:%d:%.2f\n"
2866 : "%ld %u bits private RSA's in %.2fs\n",
2867 count, rsa_bits[testnum], d);
2868 rsa_results[testnum][0] = (double)count / d;
2872 for (i = 0; i < loopargs_len; i++) {
2873 st = RSA_verify(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2874 loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2880 "RSA verify failure. No RSA verify will be done.\n");
2881 ERR_print_errors(bio_err);
2882 rsa_doit[testnum] = 0;
2884 pkey_print_message("public", "rsa",
2885 rsa_c[testnum][1], rsa_bits[testnum],
2888 count = run_benchmark(async_jobs, RSA_verify_loop, loopargs);
2891 mr ? "+R2:%ld:%d:%.2f\n"
2892 : "%ld %u bits public RSA's in %.2fs\n",
2893 count, rsa_bits[testnum], d);
2894 rsa_results[testnum][1] = (double)count / d;
2897 if (rsa_count <= 1) {
2898 /* if longer than 10s, don't do any more */
2899 for (testnum++; testnum < RSA_NUM; testnum++)
2900 rsa_doit[testnum] = 0;
2903 #endif /* OPENSSL_NO_RSA */
2905 for (i = 0; i < loopargs_len; i++)
2906 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2909 #ifndef OPENSSL_NO_DSA
2910 for (testnum = 0; testnum < DSA_NUM; testnum++) {
2912 if (!dsa_doit[testnum])
2915 /* DSA_generate_key(dsa_key[testnum]); */
2916 /* DSA_sign_setup(dsa_key[testnum],NULL); */
2917 for (i = 0; i < loopargs_len; i++) {
2918 st = DSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
2919 &loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2925 "DSA sign failure. No DSA sign will be done.\n");
2926 ERR_print_errors(bio_err);
2929 pkey_print_message("sign", "dsa",
2930 dsa_c[testnum][0], dsa_bits[testnum],
2933 count = run_benchmark(async_jobs, DSA_sign_loop, loopargs);
2936 mr ? "+R3:%ld:%u:%.2f\n"
2937 : "%ld %u bits DSA signs in %.2fs\n",
2938 count, dsa_bits[testnum], d);
2939 dsa_results[testnum][0] = (double)count / d;
2943 for (i = 0; i < loopargs_len; i++) {
2944 st = DSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
2945 loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2951 "DSA verify failure. No DSA verify will be done.\n");
2952 ERR_print_errors(bio_err);
2953 dsa_doit[testnum] = 0;
2955 pkey_print_message("verify", "dsa",
2956 dsa_c[testnum][1], dsa_bits[testnum],
2959 count = run_benchmark(async_jobs, DSA_verify_loop, loopargs);
2962 mr ? "+R4:%ld:%u:%.2f\n"
2963 : "%ld %u bits DSA verify in %.2fs\n",
2964 count, dsa_bits[testnum], d);
2965 dsa_results[testnum][1] = (double)count / d;
2968 if (rsa_count <= 1) {
2969 /* if longer than 10s, don't do any more */
2970 for (testnum++; testnum < DSA_NUM; testnum++)
2971 dsa_doit[testnum] = 0;
2974 #endif /* OPENSSL_NO_DSA */
2976 #ifndef OPENSSL_NO_EC
2977 for (testnum = 0; testnum < ECDSA_NUM; testnum++) {
2980 if (!ecdsa_doit[testnum])
2981 continue; /* Ignore Curve */
2982 for (i = 0; i < loopargs_len; i++) {
2983 loopargs[i].ecdsa[testnum] =
2984 EC_KEY_new_by_curve_name(test_curves[testnum].nid);
2985 if (loopargs[i].ecdsa[testnum] == NULL) {
2991 BIO_printf(bio_err, "ECDSA failure.\n");
2992 ERR_print_errors(bio_err);
2995 for (i = 0; i < loopargs_len; i++) {
2996 EC_KEY_precompute_mult(loopargs[i].ecdsa[testnum], NULL);
2997 /* Perform ECDSA signature test */
2998 EC_KEY_generate_key(loopargs[i].ecdsa[testnum]);
2999 st = ECDSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
3000 &loopargs[i].siglen,
3001 loopargs[i].ecdsa[testnum]);
3007 "ECDSA sign failure. No ECDSA sign will be done.\n");
3008 ERR_print_errors(bio_err);
3011 pkey_print_message("sign", "ecdsa",
3012 ecdsa_c[testnum][0],
3013 test_curves[testnum].bits, seconds.ecdsa);
3015 count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs);
3019 mr ? "+R5:%ld:%u:%.2f\n" :
3020 "%ld %u bits ECDSA signs in %.2fs \n",
3021 count, test_curves[testnum].bits, d);
3022 ecdsa_results[testnum][0] = (double)count / d;
3026 /* Perform ECDSA verification test */
3027 for (i = 0; i < loopargs_len; i++) {
3028 st = ECDSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
3030 loopargs[i].ecdsa[testnum]);
3036 "ECDSA verify failure. No ECDSA verify will be done.\n");
3037 ERR_print_errors(bio_err);
3038 ecdsa_doit[testnum] = 0;
3040 pkey_print_message("verify", "ecdsa",
3041 ecdsa_c[testnum][1],
3042 test_curves[testnum].bits, seconds.ecdsa);
3044 count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs);
3047 mr ? "+R6:%ld:%u:%.2f\n"
3048 : "%ld %u bits ECDSA verify in %.2fs\n",
3049 count, test_curves[testnum].bits, d);
3050 ecdsa_results[testnum][1] = (double)count / d;
3053 if (rsa_count <= 1) {
3054 /* if longer than 10s, don't do any more */
3055 for (testnum++; testnum < ECDSA_NUM; testnum++)
3056 ecdsa_doit[testnum] = 0;
3061 for (testnum = 0; testnum < EC_NUM; testnum++) {
3062 int ecdh_checks = 1;
3064 if (!ecdh_doit[testnum])
3067 for (i = 0; i < loopargs_len; i++) {
3068 EVP_PKEY_CTX *kctx = NULL;
3069 EVP_PKEY_CTX *test_ctx = NULL;
3070 EVP_PKEY_CTX *ctx = NULL;
3071 EVP_PKEY *key_A = NULL;
3072 EVP_PKEY *key_B = NULL;
3076 /* Ensure that the error queue is empty */
3077 if (ERR_peek_error()) {
3079 "WARNING: the error queue contains previous unhandled errors.\n");
3080 ERR_print_errors(bio_err);
3083 /* Let's try to create a ctx directly from the NID: this works for
3084 * curves like Curve25519 that are not implemented through the low
3085 * level EC interface.
3086 * If this fails we try creating a EVP_PKEY_EC generic param ctx,
3087 * then we set the curve by NID before deriving the actual keygen
3088 * ctx for that specific curve. */
3089 kctx = EVP_PKEY_CTX_new_id(test_curves[testnum].nid, NULL); /* keygen ctx from NID */
3091 EVP_PKEY_CTX *pctx = NULL;
3092 EVP_PKEY *params = NULL;
3094 /* If we reach this code EVP_PKEY_CTX_new_id() failed and a
3095 * "int_ctx_new:unsupported algorithm" error was added to the
3097 * We remove it from the error queue as we are handling it. */
3098 unsigned long error = ERR_peek_error(); /* peek the latest error in the queue */
3099 if (error == ERR_peek_last_error() && /* oldest and latest errors match */
3100 /* check that the error origin matches */
3101 ERR_GET_LIB(error) == ERR_LIB_EVP &&
3102 ERR_GET_FUNC(error) == EVP_F_INT_CTX_NEW &&
3103 ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM)
3104 ERR_get_error(); /* pop error from queue */
3105 if (ERR_peek_error()) {
3107 "Unhandled error in the error queue during ECDH init.\n");
3108 ERR_print_errors(bio_err);
3113 if ( /* Create the context for parameter generation */
3114 !(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) ||
3115 /* Initialise the parameter generation */
3116 !EVP_PKEY_paramgen_init(pctx) ||
3117 /* Set the curve by NID */
3118 !EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3121 /* Create the parameter object params */
3122 !EVP_PKEY_paramgen(pctx, ¶ms)) {
3124 BIO_printf(bio_err, "ECDH EC params init failure.\n");
3125 ERR_print_errors(bio_err);
3129 /* Create the context for the key generation */
3130 kctx = EVP_PKEY_CTX_new(params, NULL);
3132 EVP_PKEY_free(params);
3134 EVP_PKEY_CTX_free(pctx);
3137 if (kctx == NULL || /* keygen ctx is not null */
3138 !EVP_PKEY_keygen_init(kctx) /* init keygen ctx */ ) {
3140 BIO_printf(bio_err, "ECDH keygen failure.\n");
3141 ERR_print_errors(bio_err);
3146 if (!EVP_PKEY_keygen(kctx, &key_A) || /* generate secret key A */
3147 !EVP_PKEY_keygen(kctx, &key_B) || /* generate secret key B */
3148 !(ctx = EVP_PKEY_CTX_new(key_A, NULL)) || /* derivation ctx from skeyA */
3149 !EVP_PKEY_derive_init(ctx) || /* init derivation ctx */
3150 !EVP_PKEY_derive_set_peer(ctx, key_B) || /* set peer pubkey in ctx */
3151 !EVP_PKEY_derive(ctx, NULL, &outlen) || /* determine max length */
3152 outlen == 0 || /* ensure outlen is a valid size */
3153 outlen > MAX_ECDH_SIZE /* avoid buffer overflow */ ) {
3155 BIO_printf(bio_err, "ECDH key generation failure.\n");
3156 ERR_print_errors(bio_err);
3161 /* Here we perform a test run, comparing the output of a*B and b*A;
3162 * we try this here and assume that further EVP_PKEY_derive calls
3163 * never fail, so we can skip checks in the actually benchmarked
3164 * code, for maximum performance. */
3165 if (!(test_ctx = EVP_PKEY_CTX_new(key_B, NULL)) || /* test ctx from skeyB */
3166 !EVP_PKEY_derive_init(test_ctx) || /* init derivation test_ctx */
3167 !EVP_PKEY_derive_set_peer(test_ctx, key_A) || /* set peer pubkey in test_ctx */
3168 !EVP_PKEY_derive(test_ctx, NULL, &test_outlen) || /* determine max length */
3169 !EVP_PKEY_derive(ctx, loopargs[i].secret_a, &outlen) || /* compute a*B */
3170 !EVP_PKEY_derive(test_ctx, loopargs[i].secret_b, &test_outlen) || /* compute b*A */
3171 test_outlen != outlen /* compare output length */ ) {
3173 BIO_printf(bio_err, "ECDH computation failure.\n");
3174 ERR_print_errors(bio_err);
3179 /* Compare the computation results: CRYPTO_memcmp() returns 0 if equal */
3180 if (CRYPTO_memcmp(loopargs[i].secret_a,
3181 loopargs[i].secret_b, outlen)) {
3183 BIO_printf(bio_err, "ECDH computations don't match.\n");
3184 ERR_print_errors(bio_err);
3189 loopargs[i].ecdh_ctx[testnum] = ctx;
3190 loopargs[i].outlen[testnum] = outlen;
3192 EVP_PKEY_free(key_A);
3193 EVP_PKEY_free(key_B);
3194 EVP_PKEY_CTX_free(kctx);
3196 EVP_PKEY_CTX_free(test_ctx);
3199 if (ecdh_checks != 0) {
3200 pkey_print_message("", "ecdh",
3202 test_curves[testnum].bits, seconds.ecdh);
3205 run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs);
3208 mr ? "+R7:%ld:%d:%.2f\n" :
3209 "%ld %u-bits ECDH ops in %.2fs\n", count,
3210 test_curves[testnum].bits, d);
3211 ecdh_results[testnum][0] = (double)count / d;
3215 if (rsa_count <= 1) {
3216 /* if longer than 10s, don't do any more */
3217 for (testnum++; testnum < OSSL_NELEM(ecdh_doit); testnum++)
3218 ecdh_doit[testnum] = 0;
3222 for (testnum = 0; testnum < EdDSA_NUM; testnum++) {
3224 EVP_PKEY *ed_pkey = NULL;
3225 EVP_PKEY_CTX *ed_pctx = NULL;
3227 if (!eddsa_doit[testnum])
3228 continue; /* Ignore Curve */
3229 for (i = 0; i < loopargs_len; i++) {
3230 loopargs[i].eddsa_ctx[testnum] = EVP_MD_CTX_new();
3231 if (loopargs[i].eddsa_ctx[testnum] == NULL) {
3236 if ((ed_pctx = EVP_PKEY_CTX_new_id(test_ed_curves[testnum].nid, NULL))
3238 || !EVP_PKEY_keygen_init(ed_pctx)
3239 || !EVP_PKEY_keygen(ed_pctx, &ed_pkey)) {
3241 EVP_PKEY_CTX_free(ed_pctx);
3244 EVP_PKEY_CTX_free(ed_pctx);
3246 if (!EVP_DigestSignInit(loopargs[i].eddsa_ctx[testnum], NULL, NULL,
3249 EVP_PKEY_free(ed_pkey);
3252 EVP_PKEY_free(ed_pkey);
3255 BIO_printf(bio_err, "EdDSA failure.\n");
3256 ERR_print_errors(bio_err);
3259 for (i = 0; i < loopargs_len; i++) {
3260 /* Perform EdDSA signature test */
3261 loopargs[i].sigsize = test_ed_curves[testnum].sigsize;
3262 st = EVP_DigestSign(loopargs[i].eddsa_ctx[testnum],
3263 loopargs[i].buf2, &loopargs[i].sigsize,
3264 loopargs[i].buf, 20);
3270 "EdDSA sign failure. No EdDSA sign will be done.\n");
3271 ERR_print_errors(bio_err);
3274 pkey_print_message("sign", test_ed_curves[testnum].name,
3275 eddsa_c[testnum][0],
3276 test_ed_curves[testnum].bits, seconds.eddsa);
3278 count = run_benchmark(async_jobs, EdDSA_sign_loop, loopargs);
3282 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3283 "%ld %u bits %s signs in %.2fs \n",
3284 count, test_ed_curves[testnum].bits,
3285 test_ed_curves[testnum].name, d);
3286 eddsa_results[testnum][0] = (double)count / d;
3290 /* Perform EdDSA verification test */
3291 for (i = 0; i < loopargs_len; i++) {
3292 st = EVP_DigestVerify(loopargs[i].eddsa_ctx[testnum],
3293 loopargs[i].buf2, loopargs[i].sigsize,
3294 loopargs[i].buf, 20);
3300 "EdDSA verify failure. No EdDSA verify will be done.\n");
3301 ERR_print_errors(bio_err);
3302 eddsa_doit[testnum] = 0;
3304 pkey_print_message("verify", test_ed_curves[testnum].name,
3305 eddsa_c[testnum][1],
3306 test_ed_curves[testnum].bits, seconds.eddsa);
3308 count = run_benchmark(async_jobs, EdDSA_verify_loop, loopargs);
3311 mr ? "+R9:%ld:%u:%s:%.2f\n"
3312 : "%ld %u bits %s verify in %.2fs\n",
3313 count, test_ed_curves[testnum].bits,
3314 test_ed_curves[testnum].name, d);
3315 eddsa_results[testnum][1] = (double)count / d;
3318 if (rsa_count <= 1) {
3319 /* if longer than 10s, don't do any more */
3320 for (testnum++; testnum < EdDSA_NUM; testnum++)
3321 eddsa_doit[testnum] = 0;
3326 #endif /* OPENSSL_NO_EC */
3331 printf("version: %s\n", OpenSSL_version(OPENSSL_FULL_VERSION_STRING));
3332 printf("built on: %s\n", OpenSSL_version(OPENSSL_BUILT_ON));
3334 printf("%s ", BN_options());
3335 #ifndef OPENSSL_NO_MD2
3336 printf("%s ", MD2_options());
3338 #ifndef OPENSSL_NO_RC4
3339 printf("%s ", RC4_options());
3341 #ifndef OPENSSL_NO_DES
3342 printf("%s ", DES_options());
3344 printf("%s ", AES_options());
3345 #ifndef OPENSSL_NO_IDEA
3346 printf("%s ", IDEA_options());
3348 #ifndef OPENSSL_NO_BF
3349 printf("%s ", BF_options());
3351 printf("\n%s\n", OpenSSL_version(OPENSSL_CFLAGS));
3359 ("The 'numbers' are in 1000s of bytes per second processed.\n");
3362 for (testnum = 0; testnum < size_num; testnum++)
3363 printf(mr ? ":%d" : "%7d bytes", lengths[testnum]);
3367 for (k = 0; k < ALGOR_NUM; k++) {
3371 printf("+F:%u:%s", k, names[k]);
3373 printf("%-13s", names[k]);
3374 for (testnum = 0; testnum < size_num; testnum++) {
3375 if (results[k][testnum] > 10000 && !mr)
3376 printf(" %11.2fk", results[k][testnum] / 1e3);
3378 printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]);
3382 #ifndef OPENSSL_NO_RSA
3384 for (k = 0; k < RSA_NUM; k++) {
3387 if (testnum && !mr) {
3388 printf("%18ssign verify sign/s verify/s\n", " ");
3392 printf("+F2:%u:%u:%f:%f\n",
3393 k, rsa_bits[k], rsa_results[k][0], rsa_results[k][1]);
3395 printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3396 rsa_bits[k], 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1],
3397 rsa_results[k][0], rsa_results[k][1]);
3400 #ifndef OPENSSL_NO_DSA
3402 for (k = 0; k < DSA_NUM; k++) {
3405 if (testnum && !mr) {
3406 printf("%18ssign verify sign/s verify/s\n", " ");
3410 printf("+F3:%u:%u:%f:%f\n",
3411 k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
3413 printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3414 dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1],
3415 dsa_results[k][0], dsa_results[k][1]);
3418 #ifndef OPENSSL_NO_EC
3420 for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) {
3423 if (testnum && !mr) {
3424 printf("%30ssign verify sign/s verify/s\n", " ");
3429 printf("+F4:%u:%u:%f:%f\n",
3430 k, test_curves[k].bits,
3431 ecdsa_results[k][0], ecdsa_results[k][1]);
3433 printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3434 test_curves[k].bits, test_curves[k].name,
3435 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1],
3436 ecdsa_results[k][0], ecdsa_results[k][1]);
3440 for (k = 0; k < EC_NUM; k++) {
3443 if (testnum && !mr) {
3444 printf("%30sop op/s\n", " ");
3448 printf("+F5:%u:%u:%f:%f\n",
3449 k, test_curves[k].bits,
3450 ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
3453 printf("%4u bits ecdh (%s) %8.4fs %8.1f\n",
3454 test_curves[k].bits, test_curves[k].name,
3455 1.0 / ecdh_results[k][0], ecdh_results[k][0]);
3459 for (k = 0; k < OSSL_NELEM(eddsa_doit); k++) {
3462 if (testnum && !mr) {
3463 printf("%30ssign verify sign/s verify/s\n", " ");
3468 printf("+F6:%u:%u:%s:%f:%f\n",
3469 k, test_ed_curves[k].bits, test_ed_curves[k].name,
3470 eddsa_results[k][0], eddsa_results[k][1]);
3472 printf("%4u bits EdDSA (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3473 test_ed_curves[k].bits, test_ed_curves[k].name,
3474 1.0 / eddsa_results[k][0], 1.0 / eddsa_results[k][1],
3475 eddsa_results[k][0], eddsa_results[k][1]);
3482 ERR_print_errors(bio_err);
3483 for (i = 0; i < loopargs_len; i++) {
3484 OPENSSL_free(loopargs[i].buf_malloc);
3485 OPENSSL_free(loopargs[i].buf2_malloc);
3487 #ifndef OPENSSL_NO_RSA
3488 for (k = 0; k < RSA_NUM; k++)
3489 RSA_free(loopargs[i].rsa_key[k]);
3491 #ifndef OPENSSL_NO_DSA
3492 for (k = 0; k < DSA_NUM; k++)
3493 DSA_free(loopargs[i].dsa_key[k]);
3495 #ifndef OPENSSL_NO_EC
3496 for (k = 0; k < ECDSA_NUM; k++)
3497 EC_KEY_free(loopargs[i].ecdsa[k]);
3498 for (k = 0; k < EC_NUM; k++)
3499 EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]);
3500 for (k = 0; k < EdDSA_NUM; k++)
3501 EVP_MD_CTX_free(loopargs[i].eddsa_ctx[k]);
3502 OPENSSL_free(loopargs[i].secret_a);
3503 OPENSSL_free(loopargs[i].secret_b);
3506 OPENSSL_free(evp_hmac_name);
3507 #ifndef OPENSSL_NO_CMAC
3508 OPENSSL_free(evp_cmac_name);
3511 if (async_jobs > 0) {
3512 for (i = 0; i < loopargs_len; i++)
3513 ASYNC_WAIT_CTX_free(loopargs[i].wait_ctx);
3517 ASYNC_cleanup_thread();
3519 OPENSSL_free(loopargs);
3524 static void print_message(const char *s, long num, int length, int tm)
3528 mr ? "+DT:%s:%d:%d\n"
3529 : "Doing %s for %ds on %d size blocks: ", s, tm, length);
3530 (void)BIO_flush(bio_err);
3534 mr ? "+DN:%s:%ld:%d\n"
3535 : "Doing %s %ld times on %d size blocks: ", s, num, length);
3536 (void)BIO_flush(bio_err);
3540 static void pkey_print_message(const char *str, const char *str2, long num,
3541 unsigned int bits, int tm)
3545 mr ? "+DTP:%d:%s:%s:%d\n"
3546 : "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm);
3547 (void)BIO_flush(bio_err);
3551 mr ? "+DNP:%ld:%d:%s:%s\n"
3552 : "Doing %ld %u bits %s %s's: ", num, bits, str, str2);
3553 (void)BIO_flush(bio_err);
3557 static void print_result(int alg, int run_no, int count, double time_used)
3560 BIO_puts(bio_err, "EVP error!\n");
3564 mr ? "+R:%d:%s:%f\n"
3565 : "%d %s's in %.2fs\n", count, names[alg], time_used);
3566 results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
3570 static char *sstrsep(char **string, const char *delim)
3573 char *token = *string;
3578 memset(isdelim, 0, sizeof(isdelim));
3582 isdelim[(unsigned char)(*delim)] = 1;
3586 while (!isdelim[(unsigned char)(**string)]) {
3598 static int do_multi(int multi, int size_num)
3603 static char sep[] = ":";
3605 fds = app_malloc(sizeof(*fds) * multi, "fd buffer for do_multi");
3606 for (n = 0; n < multi; ++n) {
3607 if (pipe(fd) == -1) {
3608 BIO_printf(bio_err, "pipe failure\n");
3612 (void)BIO_flush(bio_err);
3619 if (dup(fd[1]) == -1) {
3620 BIO_printf(bio_err, "dup failed\n");
3629 printf("Forked child %d\n", n);
3632 /* for now, assume the pipe is long enough to take all the output */
3633 for (n = 0; n < multi; ++n) {
3638 f = fdopen(fds[n], "r");
3639 while (fgets(buf, sizeof(buf), f)) {
3640 p = strchr(buf, '\n');
3643 if (buf[0] != '+') {
3645 "Don't understand line '%s' from child %d\n", buf,
3649 printf("Got: %s from %d\n", buf, n);
3650 if (strncmp(buf, "+F:", 3) == 0) {
3655 alg = atoi(sstrsep(&p, sep));
3657 for (j = 0; j < size_num; ++j)
3658 results[alg][j] += atof(sstrsep(&p, sep));
3659 } else if (strncmp(buf, "+F2:", 4) == 0) {
3664 k = atoi(sstrsep(&p, sep));
3667 d = atof(sstrsep(&p, sep));
3668 rsa_results[k][0] += d;
3670 d = atof(sstrsep(&p, sep));
3671 rsa_results[k][1] += d;
3673 # ifndef OPENSSL_NO_DSA
3674 else if (strncmp(buf, "+F3:", 4) == 0) {
3679 k = atoi(sstrsep(&p, sep));
3682 d = atof(sstrsep(&p, sep));
3683 dsa_results[k][0] += d;
3685 d = atof(sstrsep(&p, sep));
3686 dsa_results[k][1] += d;
3689 # ifndef OPENSSL_NO_EC
3690 else if (strncmp(buf, "+F4:", 4) == 0) {
3695 k = atoi(sstrsep(&p, sep));
3698 d = atof(sstrsep(&p, sep));
3699 ecdsa_results[k][0] += d;
3701 d = atof(sstrsep(&p, sep));
3702 ecdsa_results[k][1] += d;
3703 } else if (strncmp(buf, "+F5:", 4) == 0) {
3708 k = atoi(sstrsep(&p, sep));
3711 d = atof(sstrsep(&p, sep));
3712 ecdh_results[k][0] += d;
3713 } else if (strncmp(buf, "+F6:", 4) == 0) {
3718 k = atoi(sstrsep(&p, sep));
3721 d = atof(sstrsep(&p, sep));
3722 eddsa_results[k][0] += d;
3724 d = atof(sstrsep(&p, sep));
3725 eddsa_results[k][1] += d;
3729 else if (strncmp(buf, "+H:", 3) == 0) {
3732 BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf,
3743 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
3744 const openssl_speed_sec_t *seconds)
3746 static const int mblengths_list[] =
3747 { 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 };
3748 const int *mblengths = mblengths_list;
3749 int j, count, keylen, num = OSSL_NELEM(mblengths_list);
3750 const char *alg_name;
3751 unsigned char *inp, *out, *key, no_key[32], no_iv[16];
3752 EVP_CIPHER_CTX *ctx;
3755 if (lengths_single) {
3756 mblengths = &lengths_single;
3760 inp = app_malloc(mblengths[num - 1], "multiblock input buffer");
3761 out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer");
3762 ctx = EVP_CIPHER_CTX_new();
3763 EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv);
3765 keylen = EVP_CIPHER_CTX_key_length(ctx);
3766 key = app_malloc(keylen, "evp_cipher key");
3767 EVP_CIPHER_CTX_rand_key(ctx, key);
3768 EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
3769 OPENSSL_clear_free(key, keylen);
3771 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key), no_key);
3772 alg_name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
3774 for (j = 0; j < num; j++) {
3775 print_message(alg_name, 0, mblengths[j], seconds->sym);
3777 for (count = 0, run = 1; run && count < 0x7fffffff; count++) {
3778 unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
3779 EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
3780 size_t len = mblengths[j];
3783 memset(aad, 0, 8); /* avoid uninitialized values */
3784 aad[8] = 23; /* SSL3_RT_APPLICATION_DATA */
3785 aad[9] = 3; /* version */
3787 aad[11] = 0; /* length */
3789 mb_param.out = NULL;
3792 mb_param.interleave = 8;
3794 packlen = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
3795 sizeof(mb_param), &mb_param);
3801 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
3802 sizeof(mb_param), &mb_param);
3806 RAND_bytes(out, 16);
3808 aad[11] = (unsigned char)(len >> 8);
3809 aad[12] = (unsigned char)(len);
3810 pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD,
3811 EVP_AEAD_TLS1_AAD_LEN, aad);
3812 EVP_Cipher(ctx, out, inp, len + pad);
3816 BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n"
3817 : "%d %s's in %.2fs\n", count, "evp", d);
3818 results[D_EVP][j] = ((double)count) / d * mblengths[j];
3822 fprintf(stdout, "+H");
3823 for (j = 0; j < num; j++)
3824 fprintf(stdout, ":%d", mblengths[j]);
3825 fprintf(stdout, "\n");
3826 fprintf(stdout, "+F:%d:%s", D_EVP, alg_name);
3827 for (j = 0; j < num; j++)
3828 fprintf(stdout, ":%.2f", results[D_EVP][j]);
3829 fprintf(stdout, "\n");
3832 "The 'numbers' are in 1000s of bytes per second processed.\n");
3833 fprintf(stdout, "type ");
3834 for (j = 0; j < num; j++)
3835 fprintf(stdout, "%7d bytes", mblengths[j]);
3836 fprintf(stdout, "\n");
3837 fprintf(stdout, "%-24s", alg_name);
3839 for (j = 0; j < num; j++) {
3840 if (results[D_EVP][j] > 10000)
3841 fprintf(stdout, " %11.2fk", results[D_EVP][j] / 1e3);
3843 fprintf(stdout, " %11.2f ", results[D_EVP][j]);
3845 fprintf(stdout, "\n");
3850 EVP_CIPHER_CTX_free(ctx);