2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
13 #define RSA_SECONDS 10
14 #define DSA_SECONDS 10
15 #define ECDSA_SECONDS 10
16 #define ECDH_SECONDS 10
17 #define EdDSA_SECONDS 10
18 #define SM2_SECONDS 10
26 #include <openssl/crypto.h>
27 #include <openssl/rand.h>
28 #include <openssl/err.h>
29 #include <openssl/evp.h>
30 #include <openssl/objects.h>
31 #include <openssl/async.h>
32 #if !defined(OPENSSL_SYS_MSDOS)
40 #include <openssl/bn.h>
41 #ifndef OPENSSL_NO_DES
42 # include <openssl/des.h>
44 #include <openssl/aes.h>
45 #ifndef OPENSSL_NO_CAMELLIA
46 # include <openssl/camellia.h>
48 #ifndef OPENSSL_NO_MD2
49 # include <openssl/md2.h>
51 #ifndef OPENSSL_NO_MDC2
52 # include <openssl/mdc2.h>
54 #ifndef OPENSSL_NO_MD4
55 # include <openssl/md4.h>
57 #ifndef OPENSSL_NO_MD5
58 # include <openssl/md5.h>
60 #include <openssl/hmac.h>
61 #ifndef OPENSSL_NO_CMAC
62 #include <openssl/cmac.h>
64 #include <openssl/sha.h>
65 #ifndef OPENSSL_NO_RMD160
66 # include <openssl/ripemd.h>
68 #ifndef OPENSSL_NO_WHIRLPOOL
69 # include <openssl/whrlpool.h>
71 #ifndef OPENSSL_NO_RC4
72 # include <openssl/rc4.h>
74 #ifndef OPENSSL_NO_RC5
75 # include <openssl/rc5.h>
77 #ifndef OPENSSL_NO_RC2
78 # include <openssl/rc2.h>
80 #ifndef OPENSSL_NO_IDEA
81 # include <openssl/idea.h>
83 #ifndef OPENSSL_NO_SEED
84 # include <openssl/seed.h>
87 # include <openssl/blowfish.h>
89 #ifndef OPENSSL_NO_CAST
90 # include <openssl/cast.h>
92 #ifndef OPENSSL_NO_RSA
93 # include <openssl/rsa.h>
94 # include "./testrsa.h"
96 #include <openssl/x509.h>
97 #ifndef OPENSSL_NO_DSA
98 # include <openssl/dsa.h>
99 # include "./testdsa.h"
101 #ifndef OPENSSL_NO_EC
102 # include <openssl/ec.h>
104 #include <openssl/modes.h>
107 # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS)
120 #define MAX_MISALIGNMENT 63
121 #define MAX_ECDH_SIZE 256
124 typedef struct openssl_speed_sec_st {
132 } openssl_speed_sec_t;
134 static volatile int run = 0;
137 static int usertime = 1;
139 #ifndef OPENSSL_NO_MD2
140 static int EVP_Digest_MD2_loop(void *args);
143 #ifndef OPENSSL_NO_MDC2
144 static int EVP_Digest_MDC2_loop(void *args);
146 #ifndef OPENSSL_NO_MD4
147 static int EVP_Digest_MD4_loop(void *args);
149 #ifndef OPENSSL_NO_MD5
150 static int MD5_loop(void *args);
151 static int HMAC_loop(void *args);
153 static int SHA1_loop(void *args);
154 static int SHA256_loop(void *args);
155 static int SHA512_loop(void *args);
156 #ifndef OPENSSL_NO_WHIRLPOOL
157 static int WHIRLPOOL_loop(void *args);
159 #ifndef OPENSSL_NO_RMD160
160 static int EVP_Digest_RMD160_loop(void *args);
162 #ifndef OPENSSL_NO_RC4
163 static int RC4_loop(void *args);
165 #ifndef OPENSSL_NO_DES
166 static int DES_ncbc_encrypt_loop(void *args);
167 static int DES_ede3_cbc_encrypt_loop(void *args);
169 static int AES_cbc_128_encrypt_loop(void *args);
170 static int AES_cbc_192_encrypt_loop(void *args);
171 static int AES_cbc_256_encrypt_loop(void *args);
173 static int AES_ige_128_encrypt_loop(void *args);
174 static int AES_ige_192_encrypt_loop(void *args);
175 static int AES_ige_256_encrypt_loop(void *args);
177 static int CRYPTO_gcm128_aad_loop(void *args);
178 static int RAND_bytes_loop(void *args);
179 static int EVP_Update_loop(void *args);
180 static int EVP_Update_loop_ccm(void *args);
181 static int EVP_Update_loop_aead(void *args);
182 static int EVP_Digest_loop(void *args);
183 #ifndef OPENSSL_NO_RSA
184 static int RSA_sign_loop(void *args);
185 static int RSA_verify_loop(void *args);
187 #ifndef OPENSSL_NO_DSA
188 static int DSA_sign_loop(void *args);
189 static int DSA_verify_loop(void *args);
191 #ifndef OPENSSL_NO_EC
192 static int ECDSA_sign_loop(void *args);
193 static int ECDSA_verify_loop(void *args);
194 static int EdDSA_sign_loop(void *args);
195 static int EdDSA_verify_loop(void *args);
196 # ifndef OPENSSL_NO_SM2
197 static int SM2_sign_loop(void *args);
198 static int SM2_verify_loop(void *args);
202 static double Time_F(int s);
203 static void print_message(const char *s, long num, int length, int tm);
204 static void pkey_print_message(const char *str, const char *str2,
205 long num, unsigned int bits, int sec);
206 static void print_result(int alg, int run_no, int count, double time_used);
208 static int do_multi(int multi, int size_num);
211 static const int lengths_list[] = {
212 16, 64, 256, 1024, 8 * 1024, 16 * 1024
214 static const int *lengths = lengths_list;
216 static const int aead_lengths_list[] = {
217 2, 31, 136, 1024, 8 * 1024, 16 * 1024
225 static void alarmed(int sig)
227 signal(SIGALRM, alarmed);
231 static double Time_F(int s)
233 double ret = app_tminterval(s, usertime);
239 #elif defined(_WIN32)
243 static unsigned int lapse;
244 static volatile unsigned int schlock;
245 static void alarm_win32(unsigned int secs)
250 # define alarm alarm_win32
252 static DWORD WINAPI sleepy(VOID * arg)
260 static double Time_F(int s)
267 thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
269 DWORD err = GetLastError();
270 BIO_printf(bio_err, "unable to CreateThread (%lu)", err);
274 Sleep(0); /* scheduler spinlock */
275 ret = app_tminterval(s, usertime);
277 ret = app_tminterval(s, usertime);
279 TerminateThread(thr, 0);
286 static double Time_F(int s)
288 return app_tminterval(s, usertime);
292 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
293 const openssl_speed_sec_t *seconds);
295 #define found(value, pairs, result)\
296 opt_found(value, result, pairs, OSSL_NELEM(pairs))
297 static int opt_found(const char *name, unsigned int *result,
298 const OPT_PAIR pairs[], unsigned int nbelem)
302 for (idx = 0; idx < nbelem; ++idx, pairs++)
303 if (strcmp(name, pairs->name) == 0) {
304 *result = pairs->retval;
310 typedef enum OPTION_choice {
311 OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
312 OPT_ELAPSED, OPT_EVP, OPT_HMAC, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
313 OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM,
314 OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD, OPT_CMAC
317 const OPTIONS speed_options[] = {
318 {OPT_HELP_STR, 1, '-', "Usage: %s [options] ciphers...\n"},
319 {OPT_HELP_STR, 1, '-', "Valid options are:\n"},
320 {"help", OPT_HELP, '-', "Display this summary"},
321 {"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"},
322 {"hmac", OPT_HMAC, 's', "HMAC using EVP-named digest"},
323 #ifndef OPENSSL_NO_CMAC
324 {"cmac", OPT_CMAC, 's', "CMAC using EVP-named cipher"},
326 {"decrypt", OPT_DECRYPT, '-',
327 "Time decryption instead of encryption (only EVP)"},
328 {"aead", OPT_AEAD, '-',
329 "Benchmark EVP-named AEAD cipher in TLS-like sequence"},
331 "Enable (tls1>=1) multi-block mode on EVP-named cipher"},
332 {"mr", OPT_MR, '-', "Produce machine readable output"},
334 {"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"},
336 #ifndef OPENSSL_NO_ASYNC
337 {"async_jobs", OPT_ASYNCJOBS, 'p',
338 "Enable async mode and start specified number of jobs"},
341 #ifndef OPENSSL_NO_ENGINE
342 {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
344 {"elapsed", OPT_ELAPSED, '-',
345 "Use wall-clock time instead of CPU user time as divisor"},
346 {"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"},
347 {"seconds", OPT_SECONDS, 'p',
348 "Run benchmarks for specified amount of seconds"},
349 {"bytes", OPT_BYTES, 'p',
350 "Run [non-PKI] benchmarks on custom-sized buffer"},
351 {"misalign", OPT_MISALIGN, 'p',
352 "Use specified offset to mis-align buffers"},
366 #define D_CBC_IDEA 10
367 #define D_CBC_SEED 11
371 #define D_CBC_CAST 15
372 #define D_CBC_128_AES 16
373 #define D_CBC_192_AES 17
374 #define D_CBC_256_AES 18
375 #define D_CBC_128_CML 19
376 #define D_CBC_192_CML 20
377 #define D_CBC_256_CML 21
381 #define D_WHIRLPOOL 25
382 #define D_IGE_128_AES 26
383 #define D_IGE_192_AES 27
384 #define D_IGE_256_AES 28
387 #define D_EVP_HMAC 31
388 #define D_EVP_CMAC 32
390 /* name of algorithms to test */
391 static const char *names[] = {
392 "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
393 "des cbc", "des ede3", "idea cbc", "seed cbc",
394 "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
395 "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
396 "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
397 "evp", "sha256", "sha512", "whirlpool",
398 "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
399 "rand", "hmac", "cmac"
401 #define ALGOR_NUM OSSL_NELEM(names)
403 /* list of configured algorithm (remaining) */
404 static const OPT_PAIR doit_choices[] = {
405 #ifndef OPENSSL_NO_MD2
408 #ifndef OPENSSL_NO_MDC2
411 #ifndef OPENSSL_NO_MD4
414 #ifndef OPENSSL_NO_MD5
419 {"sha256", D_SHA256},
420 {"sha512", D_SHA512},
421 #ifndef OPENSSL_NO_WHIRLPOOL
422 {"whirlpool", D_WHIRLPOOL},
424 #ifndef OPENSSL_NO_RMD160
425 {"ripemd", D_RMD160},
426 {"rmd160", D_RMD160},
427 {"ripemd160", D_RMD160},
429 #ifndef OPENSSL_NO_RC4
432 #ifndef OPENSSL_NO_DES
433 {"des-cbc", D_CBC_DES},
434 {"des-ede3", D_EDE3_DES},
436 {"aes-128-cbc", D_CBC_128_AES},
437 {"aes-192-cbc", D_CBC_192_AES},
438 {"aes-256-cbc", D_CBC_256_AES},
440 {"aes-128-ige", D_IGE_128_AES},
441 {"aes-192-ige", D_IGE_192_AES},
442 {"aes-256-ige", D_IGE_256_AES},
444 #ifndef OPENSSL_NO_RC2
445 {"rc2-cbc", D_CBC_RC2},
448 #ifndef OPENSSL_NO_RC5
449 {"rc5-cbc", D_CBC_RC5},
452 #ifndef OPENSSL_NO_IDEA
453 {"idea-cbc", D_CBC_IDEA},
454 {"idea", D_CBC_IDEA},
456 #ifndef OPENSSL_NO_SEED
457 {"seed-cbc", D_CBC_SEED},
458 {"seed", D_CBC_SEED},
460 #ifndef OPENSSL_NO_BF
461 {"bf-cbc", D_CBC_BF},
462 {"blowfish", D_CBC_BF},
465 #ifndef OPENSSL_NO_CAST
466 {"cast-cbc", D_CBC_CAST},
467 {"cast", D_CBC_CAST},
468 {"cast5", D_CBC_CAST},
474 static double results[ALGOR_NUM][OSSL_NELEM(lengths_list)];
476 #ifndef OPENSSL_NO_DSA
478 # define R_DSA_1024 1
479 # define R_DSA_2048 2
480 static const OPT_PAIR dsa_choices[] = {
481 {"dsa512", R_DSA_512},
482 {"dsa1024", R_DSA_1024},
483 {"dsa2048", R_DSA_2048}
485 # define DSA_NUM OSSL_NELEM(dsa_choices)
487 static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */
488 #endif /* OPENSSL_NO_DSA */
496 #define R_RSA_15360 6
497 #ifndef OPENSSL_NO_RSA
498 static const OPT_PAIR rsa_choices[] = {
499 {"rsa512", R_RSA_512},
500 {"rsa1024", R_RSA_1024},
501 {"rsa2048", R_RSA_2048},
502 {"rsa3072", R_RSA_3072},
503 {"rsa4096", R_RSA_4096},
504 {"rsa7680", R_RSA_7680},
505 {"rsa15360", R_RSA_15360}
507 # define RSA_NUM OSSL_NELEM(rsa_choices)
509 static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */
510 #endif /* OPENSSL_NO_RSA */
519 #ifndef OPENSSL_NO_EC2M
541 #ifndef OPENSSL_NO_EC
542 static OPT_PAIR ecdsa_choices[] = {
543 {"ecdsap160", R_EC_P160},
544 {"ecdsap192", R_EC_P192},
545 {"ecdsap224", R_EC_P224},
546 {"ecdsap256", R_EC_P256},
547 {"ecdsap384", R_EC_P384},
548 {"ecdsap521", R_EC_P521},
549 # ifndef OPENSSL_NO_EC2M
550 {"ecdsak163", R_EC_K163},
551 {"ecdsak233", R_EC_K233},
552 {"ecdsak283", R_EC_K283},
553 {"ecdsak409", R_EC_K409},
554 {"ecdsak571", R_EC_K571},
555 {"ecdsab163", R_EC_B163},
556 {"ecdsab233", R_EC_B233},
557 {"ecdsab283", R_EC_B283},
558 {"ecdsab409", R_EC_B409},
559 {"ecdsab571", R_EC_B571},
561 {"ecdsabrp256r1", R_EC_BRP256R1},
562 {"ecdsabrp256t1", R_EC_BRP256T1},
563 {"ecdsabrp384r1", R_EC_BRP384R1},
564 {"ecdsabrp384t1", R_EC_BRP384T1},
565 {"ecdsabrp512r1", R_EC_BRP512R1},
566 {"ecdsabrp512t1", R_EC_BRP512T1}
568 # define ECDSA_NUM OSSL_NELEM(ecdsa_choices)
570 static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */
572 static const OPT_PAIR ecdh_choices[] = {
573 {"ecdhp160", R_EC_P160},
574 {"ecdhp192", R_EC_P192},
575 {"ecdhp224", R_EC_P224},
576 {"ecdhp256", R_EC_P256},
577 {"ecdhp384", R_EC_P384},
578 {"ecdhp521", R_EC_P521},
579 # ifndef OPENSSL_NO_EC2M
580 {"ecdhk163", R_EC_K163},
581 {"ecdhk233", R_EC_K233},
582 {"ecdhk283", R_EC_K283},
583 {"ecdhk409", R_EC_K409},
584 {"ecdhk571", R_EC_K571},
585 {"ecdhb163", R_EC_B163},
586 {"ecdhb233", R_EC_B233},
587 {"ecdhb283", R_EC_B283},
588 {"ecdhb409", R_EC_B409},
589 {"ecdhb571", R_EC_B571},
591 {"ecdhbrp256r1", R_EC_BRP256R1},
592 {"ecdhbrp256t1", R_EC_BRP256T1},
593 {"ecdhbrp384r1", R_EC_BRP384R1},
594 {"ecdhbrp384t1", R_EC_BRP384T1},
595 {"ecdhbrp512r1", R_EC_BRP512R1},
596 {"ecdhbrp512t1", R_EC_BRP512T1},
597 {"ecdhx25519", R_EC_X25519},
598 {"ecdhx448", R_EC_X448}
600 # define EC_NUM OSSL_NELEM(ecdh_choices)
602 static double ecdh_results[EC_NUM][1]; /* 1 op: derivation */
604 #define R_EC_Ed25519 0
606 static OPT_PAIR eddsa_choices[] = {
607 {"ed25519", R_EC_Ed25519},
608 {"ed448", R_EC_Ed448}
610 # define EdDSA_NUM OSSL_NELEM(eddsa_choices)
612 static double eddsa_results[EdDSA_NUM][2]; /* 2 ops: sign then verify */
614 # ifndef OPENSSL_NO_SM2
615 # define R_EC_CURVESM2 0
616 static OPT_PAIR sm2_choices[] = {
617 {"curveSM2", R_EC_CURVESM2}
619 # define SM2_ID "TLSv1.3+GM+Cipher+Suite"
620 # define SM2_ID_LEN sizeof("TLSv1.3+GM+Cipher+Suite") - 1
621 # define SM2_NUM OSSL_NELEM(sm2_choices)
623 static double sm2_results[SM2_NUM][2]; /* 2 ops: sign then verify */
624 # endif /* OPENSSL_NO_SM2 */
625 #endif /* OPENSSL_NO_EC */
628 # define COND(d) (count < (d))
629 # define COUNT(d) (d)
631 # define COND(unused_cond) (run && count<0x7fffffff)
632 # define COUNT(d) (count)
635 typedef struct loopargs_st {
636 ASYNC_JOB *inprogress_job;
637 ASYNC_WAIT_CTX *wait_ctx;
640 unsigned char *buf_malloc;
641 unsigned char *buf2_malloc;
645 #ifndef OPENSSL_NO_RSA
646 RSA *rsa_key[RSA_NUM];
648 #ifndef OPENSSL_NO_DSA
649 DSA *dsa_key[DSA_NUM];
651 #ifndef OPENSSL_NO_EC
652 EC_KEY *ecdsa[ECDSA_NUM];
653 EVP_PKEY_CTX *ecdh_ctx[EC_NUM];
654 EVP_MD_CTX *eddsa_ctx[EdDSA_NUM];
655 # ifndef OPENSSL_NO_SM2
656 EVP_MD_CTX *sm2_ctx[SM2_NUM];
657 EVP_MD_CTX *sm2_vfy_ctx[SM2_NUM];
658 EVP_PKEY *sm2_pkey[SM2_NUM];
660 unsigned char *secret_a;
661 unsigned char *secret_b;
662 size_t outlen[EC_NUM];
666 #ifndef OPENSSL_NO_CMAC
669 GCM128_CONTEXT *gcm_ctx;
671 static int run_benchmark(int async_jobs, int (*loop_function) (void *),
672 loopargs_t * loopargs);
674 static unsigned int testnum;
676 /* Nb of iterations to do per algorithm and key-size */
677 static long c[ALGOR_NUM][OSSL_NELEM(lengths_list)];
679 #ifndef OPENSSL_NO_MD2
680 static int EVP_Digest_MD2_loop(void *args)
682 loopargs_t *tempargs = *(loopargs_t **) args;
683 unsigned char *buf = tempargs->buf;
684 unsigned char md2[MD2_DIGEST_LENGTH];
687 for (count = 0; COND(c[D_MD2][testnum]); count++) {
688 if (!EVP_Digest(buf, (size_t)lengths[testnum], md2, NULL, EVP_md2(),
696 #ifndef OPENSSL_NO_MDC2
697 static int EVP_Digest_MDC2_loop(void *args)
699 loopargs_t *tempargs = *(loopargs_t **) args;
700 unsigned char *buf = tempargs->buf;
701 unsigned char mdc2[MDC2_DIGEST_LENGTH];
704 for (count = 0; COND(c[D_MDC2][testnum]); count++) {
705 if (!EVP_Digest(buf, (size_t)lengths[testnum], mdc2, NULL, EVP_mdc2(),
713 #ifndef OPENSSL_NO_MD4
714 static int EVP_Digest_MD4_loop(void *args)
716 loopargs_t *tempargs = *(loopargs_t **) args;
717 unsigned char *buf = tempargs->buf;
718 unsigned char md4[MD4_DIGEST_LENGTH];
721 for (count = 0; COND(c[D_MD4][testnum]); count++) {
722 if (!EVP_Digest(buf, (size_t)lengths[testnum], md4, NULL, EVP_md4(),
730 #ifndef OPENSSL_NO_MD5
731 static int MD5_loop(void *args)
733 loopargs_t *tempargs = *(loopargs_t **) args;
734 unsigned char *buf = tempargs->buf;
735 unsigned char md5[MD5_DIGEST_LENGTH];
737 for (count = 0; COND(c[D_MD5][testnum]); count++)
738 MD5(buf, lengths[testnum], md5);
742 static int HMAC_loop(void *args)
744 loopargs_t *tempargs = *(loopargs_t **) args;
745 unsigned char *buf = tempargs->buf;
746 HMAC_CTX *hctx = tempargs->hctx;
747 unsigned char hmac[MD5_DIGEST_LENGTH];
750 for (count = 0; COND(c[D_HMAC][testnum]); count++) {
751 HMAC_Init_ex(hctx, NULL, 0, NULL, NULL);
752 HMAC_Update(hctx, buf, lengths[testnum]);
753 HMAC_Final(hctx, hmac, NULL);
759 static int SHA1_loop(void *args)
761 loopargs_t *tempargs = *(loopargs_t **) args;
762 unsigned char *buf = tempargs->buf;
763 unsigned char sha[SHA_DIGEST_LENGTH];
765 for (count = 0; COND(c[D_SHA1][testnum]); count++)
766 SHA1(buf, lengths[testnum], sha);
770 static int SHA256_loop(void *args)
772 loopargs_t *tempargs = *(loopargs_t **) args;
773 unsigned char *buf = tempargs->buf;
774 unsigned char sha256[SHA256_DIGEST_LENGTH];
776 for (count = 0; COND(c[D_SHA256][testnum]); count++)
777 SHA256(buf, lengths[testnum], sha256);
781 static int SHA512_loop(void *args)
783 loopargs_t *tempargs = *(loopargs_t **) args;
784 unsigned char *buf = tempargs->buf;
785 unsigned char sha512[SHA512_DIGEST_LENGTH];
787 for (count = 0; COND(c[D_SHA512][testnum]); count++)
788 SHA512(buf, lengths[testnum], sha512);
792 #ifndef OPENSSL_NO_WHIRLPOOL
793 static int WHIRLPOOL_loop(void *args)
795 loopargs_t *tempargs = *(loopargs_t **) args;
796 unsigned char *buf = tempargs->buf;
797 unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
799 for (count = 0; COND(c[D_WHIRLPOOL][testnum]); count++)
800 WHIRLPOOL(buf, lengths[testnum], whirlpool);
805 #ifndef OPENSSL_NO_RMD160
806 static int EVP_Digest_RMD160_loop(void *args)
808 loopargs_t *tempargs = *(loopargs_t **) args;
809 unsigned char *buf = tempargs->buf;
810 unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
812 for (count = 0; COND(c[D_RMD160][testnum]); count++) {
813 if (!EVP_Digest(buf, (size_t)lengths[testnum], &(rmd160[0]),
814 NULL, EVP_ripemd160(), NULL))
821 #ifndef OPENSSL_NO_RC4
822 static RC4_KEY rc4_ks;
823 static int RC4_loop(void *args)
825 loopargs_t *tempargs = *(loopargs_t **) args;
826 unsigned char *buf = tempargs->buf;
828 for (count = 0; COND(c[D_RC4][testnum]); count++)
829 RC4(&rc4_ks, (size_t)lengths[testnum], buf, buf);
834 #ifndef OPENSSL_NO_DES
835 static unsigned char DES_iv[8];
836 static DES_key_schedule sch;
837 static DES_key_schedule sch2;
838 static DES_key_schedule sch3;
839 static int DES_ncbc_encrypt_loop(void *args)
841 loopargs_t *tempargs = *(loopargs_t **) args;
842 unsigned char *buf = tempargs->buf;
844 for (count = 0; COND(c[D_CBC_DES][testnum]); count++)
845 DES_ncbc_encrypt(buf, buf, lengths[testnum], &sch,
846 &DES_iv, DES_ENCRYPT);
850 static int DES_ede3_cbc_encrypt_loop(void *args)
852 loopargs_t *tempargs = *(loopargs_t **) args;
853 unsigned char *buf = tempargs->buf;
855 for (count = 0; COND(c[D_EDE3_DES][testnum]); count++)
856 DES_ede3_cbc_encrypt(buf, buf, lengths[testnum],
857 &sch, &sch2, &sch3, &DES_iv, DES_ENCRYPT);
862 #define MAX_BLOCK_SIZE 128
864 static unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
865 static AES_KEY aes_ks1, aes_ks2, aes_ks3;
866 static int AES_cbc_128_encrypt_loop(void *args)
868 loopargs_t *tempargs = *(loopargs_t **) args;
869 unsigned char *buf = tempargs->buf;
871 for (count = 0; COND(c[D_CBC_128_AES][testnum]); count++)
872 AES_cbc_encrypt(buf, buf,
873 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
877 static int AES_cbc_192_encrypt_loop(void *args)
879 loopargs_t *tempargs = *(loopargs_t **) args;
880 unsigned char *buf = tempargs->buf;
882 for (count = 0; COND(c[D_CBC_192_AES][testnum]); count++)
883 AES_cbc_encrypt(buf, buf,
884 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
888 static int AES_cbc_256_encrypt_loop(void *args)
890 loopargs_t *tempargs = *(loopargs_t **) args;
891 unsigned char *buf = tempargs->buf;
893 for (count = 0; COND(c[D_CBC_256_AES][testnum]); count++)
894 AES_cbc_encrypt(buf, buf,
895 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
900 static int AES_ige_128_encrypt_loop(void *args)
902 loopargs_t *tempargs = *(loopargs_t **) args;
903 unsigned char *buf = tempargs->buf;
904 unsigned char *buf2 = tempargs->buf2;
906 for (count = 0; COND(c[D_IGE_128_AES][testnum]); count++)
907 AES_ige_encrypt(buf, buf2,
908 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
912 static int AES_ige_192_encrypt_loop(void *args)
914 loopargs_t *tempargs = *(loopargs_t **) args;
915 unsigned char *buf = tempargs->buf;
916 unsigned char *buf2 = tempargs->buf2;
918 for (count = 0; COND(c[D_IGE_192_AES][testnum]); count++)
919 AES_ige_encrypt(buf, buf2,
920 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
924 static int AES_ige_256_encrypt_loop(void *args)
926 loopargs_t *tempargs = *(loopargs_t **) args;
927 unsigned char *buf = tempargs->buf;
928 unsigned char *buf2 = tempargs->buf2;
930 for (count = 0; COND(c[D_IGE_256_AES][testnum]); count++)
931 AES_ige_encrypt(buf, buf2,
932 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
937 static int CRYPTO_gcm128_aad_loop(void *args)
939 loopargs_t *tempargs = *(loopargs_t **) args;
940 unsigned char *buf = tempargs->buf;
941 GCM128_CONTEXT *gcm_ctx = tempargs->gcm_ctx;
943 for (count = 0; COND(c[D_GHASH][testnum]); count++)
944 CRYPTO_gcm128_aad(gcm_ctx, buf, lengths[testnum]);
948 static int RAND_bytes_loop(void *args)
950 loopargs_t *tempargs = *(loopargs_t **) args;
951 unsigned char *buf = tempargs->buf;
954 for (count = 0; COND(c[D_RAND][testnum]); count++)
955 RAND_bytes(buf, lengths[testnum]);
959 static long save_count = 0;
960 static int decrypt = 0;
961 static int EVP_Update_loop(void *args)
963 loopargs_t *tempargs = *(loopargs_t **) args;
964 unsigned char *buf = tempargs->buf;
965 EVP_CIPHER_CTX *ctx = tempargs->ctx;
968 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
971 for (count = 0; COND(nb_iter); count++) {
972 rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
974 /* reset iv in case of counter overflow */
975 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
979 for (count = 0; COND(nb_iter); count++) {
980 rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
982 /* reset iv in case of counter overflow */
983 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
988 EVP_DecryptFinal_ex(ctx, buf, &outl);
990 EVP_EncryptFinal_ex(ctx, buf, &outl);
995 * CCM does not support streaming. For the purpose of performance measurement,
996 * each message is encrypted using the same (key,iv)-pair. Do not use this
997 * code in your application.
999 static int EVP_Update_loop_ccm(void *args)
1001 loopargs_t *tempargs = *(loopargs_t **) args;
1002 unsigned char *buf = tempargs->buf;
1003 EVP_CIPHER_CTX *ctx = tempargs->ctx;
1005 unsigned char tag[12];
1007 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1010 for (count = 0; COND(nb_iter); count++) {
1011 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), tag);
1013 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
1014 /* counter is reset on every update */
1015 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1018 for (count = 0; COND(nb_iter); count++) {
1019 /* restore iv length field */
1020 EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
1021 /* counter is reset on every update */
1022 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1026 EVP_DecryptFinal_ex(ctx, buf, &outl);
1028 EVP_EncryptFinal_ex(ctx, buf, &outl);
1033 * To make AEAD benchmarking more relevant perform TLS-like operations,
1034 * 13-byte AAD followed by payload. But don't use TLS-formatted AAD, as
1035 * payload length is not actually limited by 16KB...
1037 static int EVP_Update_loop_aead(void *args)
1039 loopargs_t *tempargs = *(loopargs_t **) args;
1040 unsigned char *buf = tempargs->buf;
1041 EVP_CIPHER_CTX *ctx = tempargs->ctx;
1043 unsigned char aad[13] = { 0xcc };
1044 unsigned char faketag[16] = { 0xcc };
1046 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1049 for (count = 0; COND(nb_iter); count++) {
1050 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
1051 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
1052 sizeof(faketag), faketag);
1053 EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1054 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1055 EVP_DecryptFinal_ex(ctx, buf + outl, &outl);
1058 for (count = 0; COND(nb_iter); count++) {
1059 EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv);
1060 EVP_EncryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1061 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1062 EVP_EncryptFinal_ex(ctx, buf + outl, &outl);
1068 static const EVP_MD *evp_md = NULL;
1069 static int EVP_Digest_loop(void *args)
1071 loopargs_t *tempargs = *(loopargs_t **) args;
1072 unsigned char *buf = tempargs->buf;
1073 unsigned char md[EVP_MAX_MD_SIZE];
1076 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1079 for (count = 0; COND(nb_iter); count++) {
1080 if (!EVP_Digest(buf, lengths[testnum], md, NULL, evp_md, NULL))
1086 static const EVP_MD *evp_hmac_md = NULL;
1087 static char *evp_hmac_name = NULL;
1088 static int EVP_HMAC_loop(void *args)
1090 loopargs_t *tempargs = *(loopargs_t **) args;
1091 unsigned char *buf = tempargs->buf;
1092 unsigned char no_key[32];
1095 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1098 for (count = 0; COND(nb_iter); count++) {
1099 if (HMAC(evp_hmac_md, no_key, sizeof(no_key), buf, lengths[testnum],
1100 NULL, NULL) == NULL)
1106 #ifndef OPENSSL_NO_CMAC
1107 static const EVP_CIPHER *evp_cmac_cipher = NULL;
1108 static char *evp_cmac_name = NULL;
1110 static int EVP_CMAC_loop(void *args)
1112 loopargs_t *tempargs = *(loopargs_t **) args;
1113 unsigned char *buf = tempargs->buf;
1114 CMAC_CTX *cmac_ctx = tempargs->cmac_ctx;
1115 static const char key[16] = "This is a key...";
1116 unsigned char mac[16];
1117 size_t len = sizeof(mac);
1120 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1123 for (count = 0; COND(nb_iter); count++) {
1124 if (!CMAC_Init(cmac_ctx, key, sizeof(key), evp_cmac_cipher, NULL)
1125 || !CMAC_Update(cmac_ctx, buf, lengths[testnum])
1126 || !CMAC_Final(cmac_ctx, mac, &len))
1133 #ifndef OPENSSL_NO_RSA
1134 static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */
1136 static int RSA_sign_loop(void *args)
1138 loopargs_t *tempargs = *(loopargs_t **) args;
1139 unsigned char *buf = tempargs->buf;
1140 unsigned char *buf2 = tempargs->buf2;
1141 unsigned int *rsa_num = &tempargs->siglen;
1142 RSA **rsa_key = tempargs->rsa_key;
1144 for (count = 0; COND(rsa_c[testnum][0]); count++) {
1145 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1147 BIO_printf(bio_err, "RSA sign failure\n");
1148 ERR_print_errors(bio_err);
1156 static int RSA_verify_loop(void *args)
1158 loopargs_t *tempargs = *(loopargs_t **) args;
1159 unsigned char *buf = tempargs->buf;
1160 unsigned char *buf2 = tempargs->buf2;
1161 unsigned int rsa_num = tempargs->siglen;
1162 RSA **rsa_key = tempargs->rsa_key;
1164 for (count = 0; COND(rsa_c[testnum][1]); count++) {
1166 RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1168 BIO_printf(bio_err, "RSA verify failure\n");
1169 ERR_print_errors(bio_err);
1178 #ifndef OPENSSL_NO_DSA
1179 static long dsa_c[DSA_NUM][2];
1180 static int DSA_sign_loop(void *args)
1182 loopargs_t *tempargs = *(loopargs_t **) args;
1183 unsigned char *buf = tempargs->buf;
1184 unsigned char *buf2 = tempargs->buf2;
1185 DSA **dsa_key = tempargs->dsa_key;
1186 unsigned int *siglen = &tempargs->siglen;
1188 for (count = 0; COND(dsa_c[testnum][0]); count++) {
1189 ret = DSA_sign(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1191 BIO_printf(bio_err, "DSA sign failure\n");
1192 ERR_print_errors(bio_err);
1200 static int DSA_verify_loop(void *args)
1202 loopargs_t *tempargs = *(loopargs_t **) args;
1203 unsigned char *buf = tempargs->buf;
1204 unsigned char *buf2 = tempargs->buf2;
1205 DSA **dsa_key = tempargs->dsa_key;
1206 unsigned int siglen = tempargs->siglen;
1208 for (count = 0; COND(dsa_c[testnum][1]); count++) {
1209 ret = DSA_verify(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1211 BIO_printf(bio_err, "DSA verify failure\n");
1212 ERR_print_errors(bio_err);
1221 #ifndef OPENSSL_NO_EC
1222 static long ecdsa_c[ECDSA_NUM][2];
1223 static int ECDSA_sign_loop(void *args)
1225 loopargs_t *tempargs = *(loopargs_t **) args;
1226 unsigned char *buf = tempargs->buf;
1227 EC_KEY **ecdsa = tempargs->ecdsa;
1228 unsigned char *ecdsasig = tempargs->buf2;
1229 unsigned int *ecdsasiglen = &tempargs->siglen;
1231 for (count = 0; COND(ecdsa_c[testnum][0]); count++) {
1232 ret = ECDSA_sign(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1234 BIO_printf(bio_err, "ECDSA sign failure\n");
1235 ERR_print_errors(bio_err);
1243 static int ECDSA_verify_loop(void *args)
1245 loopargs_t *tempargs = *(loopargs_t **) args;
1246 unsigned char *buf = tempargs->buf;
1247 EC_KEY **ecdsa = tempargs->ecdsa;
1248 unsigned char *ecdsasig = tempargs->buf2;
1249 unsigned int ecdsasiglen = tempargs->siglen;
1251 for (count = 0; COND(ecdsa_c[testnum][1]); count++) {
1252 ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1254 BIO_printf(bio_err, "ECDSA verify failure\n");
1255 ERR_print_errors(bio_err);
1263 /* ******************************************************************** */
1264 static long ecdh_c[EC_NUM][1];
1266 static int ECDH_EVP_derive_key_loop(void *args)
1268 loopargs_t *tempargs = *(loopargs_t **) args;
1269 EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum];
1270 unsigned char *derived_secret = tempargs->secret_a;
1272 size_t *outlen = &(tempargs->outlen[testnum]);
1274 for (count = 0; COND(ecdh_c[testnum][0]); count++)
1275 EVP_PKEY_derive(ctx, derived_secret, outlen);
1280 static long eddsa_c[EdDSA_NUM][2];
1281 static int EdDSA_sign_loop(void *args)
1283 loopargs_t *tempargs = *(loopargs_t **) args;
1284 unsigned char *buf = tempargs->buf;
1285 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1286 unsigned char *eddsasig = tempargs->buf2;
1287 size_t *eddsasigsize = &tempargs->sigsize;
1290 for (count = 0; COND(eddsa_c[testnum][0]); count++) {
1291 ret = EVP_DigestSign(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1293 BIO_printf(bio_err, "EdDSA sign failure\n");
1294 ERR_print_errors(bio_err);
1302 static int EdDSA_verify_loop(void *args)
1304 loopargs_t *tempargs = *(loopargs_t **) args;
1305 unsigned char *buf = tempargs->buf;
1306 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1307 unsigned char *eddsasig = tempargs->buf2;
1308 size_t eddsasigsize = tempargs->sigsize;
1311 for (count = 0; COND(eddsa_c[testnum][1]); count++) {
1312 ret = EVP_DigestVerify(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1314 BIO_printf(bio_err, "EdDSA verify failure\n");
1315 ERR_print_errors(bio_err);
1323 # ifndef OPENSSL_NO_SM2
1324 static long sm2_c[SM2_NUM][2];
1325 static int SM2_sign_loop(void *args)
1327 loopargs_t *tempargs = *(loopargs_t **) args;
1328 unsigned char *buf = tempargs->buf;
1329 EVP_MD_CTX **sm2ctx = tempargs->sm2_ctx;
1330 unsigned char *sm2sig = tempargs->buf2;
1331 size_t sm2sigsize = tempargs->sigsize;
1332 const size_t max_size = tempargs->sigsize;
1334 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1336 for (count = 0; COND(sm2_c[testnum][0]); count++) {
1337 if (!EVP_DigestSignInit(sm2ctx[testnum], NULL, EVP_sm3(),
1338 NULL, sm2_pkey[testnum])) {
1339 BIO_printf(bio_err, "SM2 init sign failure\n");
1340 ERR_print_errors(bio_err);
1344 ret = EVP_DigestSign(sm2ctx[testnum], sm2sig, &sm2sigsize,
1347 BIO_printf(bio_err, "SM2 sign failure\n");
1348 ERR_print_errors(bio_err);
1352 /* update the latest returned size and always use the fixed buffer size */
1353 tempargs->sigsize = sm2sigsize;
1354 sm2sigsize = max_size;
1360 static int SM2_verify_loop(void *args)
1362 loopargs_t *tempargs = *(loopargs_t **) args;
1363 unsigned char *buf = tempargs->buf;
1364 EVP_MD_CTX **sm2ctx = tempargs->sm2_vfy_ctx;
1365 unsigned char *sm2sig = tempargs->buf2;
1366 size_t sm2sigsize = tempargs->sigsize;
1368 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1370 for (count = 0; COND(sm2_c[testnum][1]); count++) {
1371 if (!EVP_DigestVerifyInit(sm2ctx[testnum], NULL, EVP_sm3(),
1372 NULL, sm2_pkey[testnum])) {
1373 BIO_printf(bio_err, "SM2 verify init failure\n");
1374 ERR_print_errors(bio_err);
1378 ret = EVP_DigestVerify(sm2ctx[testnum], sm2sig, sm2sigsize,
1381 BIO_printf(bio_err, "SM2 verify failure\n");
1382 ERR_print_errors(bio_err);
1389 # endif /* OPENSSL_NO_SM2 */
1390 #endif /* OPENSSL_NO_EC */
1392 static int run_benchmark(int async_jobs,
1393 int (*loop_function) (void *), loopargs_t * loopargs)
1395 int job_op_count = 0;
1396 int total_op_count = 0;
1397 int num_inprogress = 0;
1398 int error = 0, i = 0, ret = 0;
1399 OSSL_ASYNC_FD job_fd = 0;
1400 size_t num_job_fds = 0;
1404 if (async_jobs == 0) {
1405 return loop_function((void *)&loopargs);
1408 for (i = 0; i < async_jobs && !error; i++) {
1409 loopargs_t *looparg_item = loopargs + i;
1411 /* Copy pointer content (looparg_t item address) into async context */
1412 ret = ASYNC_start_job(&loopargs[i].inprogress_job, loopargs[i].wait_ctx,
1413 &job_op_count, loop_function,
1414 (void *)&looparg_item, sizeof(looparg_item));
1420 if (job_op_count == -1) {
1423 total_op_count += job_op_count;
1428 BIO_printf(bio_err, "Failure in the job\n");
1429 ERR_print_errors(bio_err);
1435 while (num_inprogress > 0) {
1436 #if defined(OPENSSL_SYS_WINDOWS)
1438 #elif defined(OPENSSL_SYS_UNIX)
1439 int select_result = 0;
1440 OSSL_ASYNC_FD max_fd = 0;
1443 FD_ZERO(&waitfdset);
1445 for (i = 0; i < async_jobs && num_inprogress > 0; i++) {
1446 if (loopargs[i].inprogress_job == NULL)
1449 if (!ASYNC_WAIT_CTX_get_all_fds
1450 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1451 || num_job_fds > 1) {
1452 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1453 ERR_print_errors(bio_err);
1457 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1459 FD_SET(job_fd, &waitfdset);
1460 if (job_fd > max_fd)
1464 if (max_fd >= (OSSL_ASYNC_FD)FD_SETSIZE) {
1466 "Error: max_fd (%d) must be smaller than FD_SETSIZE (%d). "
1467 "Decrease the value of async_jobs\n",
1468 max_fd, FD_SETSIZE);
1469 ERR_print_errors(bio_err);
1474 select_result = select(max_fd + 1, &waitfdset, NULL, NULL, NULL);
1475 if (select_result == -1 && errno == EINTR)
1478 if (select_result == -1) {
1479 BIO_printf(bio_err, "Failure in the select\n");
1480 ERR_print_errors(bio_err);
1485 if (select_result == 0)
1489 for (i = 0; i < async_jobs; i++) {
1490 if (loopargs[i].inprogress_job == NULL)
1493 if (!ASYNC_WAIT_CTX_get_all_fds
1494 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1495 || num_job_fds > 1) {
1496 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1497 ERR_print_errors(bio_err);
1501 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1504 #if defined(OPENSSL_SYS_UNIX)
1505 if (num_job_fds == 1 && !FD_ISSET(job_fd, &waitfdset))
1507 #elif defined(OPENSSL_SYS_WINDOWS)
1508 if (num_job_fds == 1
1509 && !PeekNamedPipe(job_fd, NULL, 0, NULL, &avail, NULL)
1514 ret = ASYNC_start_job(&loopargs[i].inprogress_job,
1515 loopargs[i].wait_ctx, &job_op_count,
1516 loop_function, (void *)(loopargs + i),
1517 sizeof(loopargs_t));
1522 if (job_op_count == -1) {
1525 total_op_count += job_op_count;
1528 loopargs[i].inprogress_job = NULL;
1533 loopargs[i].inprogress_job = NULL;
1534 BIO_printf(bio_err, "Failure in the job\n");
1535 ERR_print_errors(bio_err);
1542 return error ? -1 : total_op_count;
1545 int speed_main(int argc, char **argv)
1548 loopargs_t *loopargs = NULL;
1550 const char *engine_id = NULL;
1551 const EVP_CIPHER *evp_cipher = NULL;
1554 int async_init = 0, multiblock = 0, pr_header = 0;
1555 int doit[ALGOR_NUM] = { 0 };
1556 int ret = 1, misalign = 0, lengths_single = 0, aead = 0;
1558 unsigned int size_num = OSSL_NELEM(lengths_list);
1559 unsigned int i, k, loop, loopargs_len = 0, async_jobs = 0;
1565 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) \
1566 || !defined(OPENSSL_NO_EC)
1569 openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS,
1570 ECDSA_SECONDS, ECDH_SECONDS,
1571 EdDSA_SECONDS, SM2_SECONDS };
1573 /* What follows are the buffers and key material. */
1574 #ifndef OPENSSL_NO_RC5
1577 #ifndef OPENSSL_NO_RC2
1580 #ifndef OPENSSL_NO_IDEA
1581 IDEA_KEY_SCHEDULE idea_ks;
1583 #ifndef OPENSSL_NO_SEED
1584 SEED_KEY_SCHEDULE seed_ks;
1586 #ifndef OPENSSL_NO_BF
1589 #ifndef OPENSSL_NO_CAST
1592 static const unsigned char key16[16] = {
1593 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1594 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1596 static const unsigned char key24[24] = {
1597 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1598 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1599 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1601 static const unsigned char key32[32] = {
1602 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1603 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1604 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1605 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1607 #ifndef OPENSSL_NO_CAMELLIA
1608 static const unsigned char ckey24[24] = {
1609 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1610 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1611 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1613 static const unsigned char ckey32[32] = {
1614 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1615 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1616 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1617 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1619 CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3;
1621 #ifndef OPENSSL_NO_DES
1622 static DES_cblock key = {
1623 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0
1625 static DES_cblock key2 = {
1626 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1628 static DES_cblock key3 = {
1629 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1632 #ifndef OPENSSL_NO_RSA
1633 static const unsigned int rsa_bits[RSA_NUM] = {
1634 512, 1024, 2048, 3072, 4096, 7680, 15360
1636 static const unsigned char *rsa_data[RSA_NUM] = {
1637 test512, test1024, test2048, test3072, test4096, test7680, test15360
1639 static const int rsa_data_length[RSA_NUM] = {
1640 sizeof(test512), sizeof(test1024),
1641 sizeof(test2048), sizeof(test3072),
1642 sizeof(test4096), sizeof(test7680),
1645 int rsa_doit[RSA_NUM] = { 0 };
1646 int primes = RSA_DEFAULT_PRIME_NUM;
1648 #ifndef OPENSSL_NO_DSA
1649 static const unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 };
1650 int dsa_doit[DSA_NUM] = { 0 };
1652 #ifndef OPENSSL_NO_EC
1654 * We only test over the following curves as they are representative, To
1655 * add tests over more curves, simply add the curve NID and curve name to
1656 * the following arrays and increase the |ecdh_choices| list accordingly.
1658 static const struct {
1664 {"secp160r1", NID_secp160r1, 160},
1665 {"nistp192", NID_X9_62_prime192v1, 192},
1666 {"nistp224", NID_secp224r1, 224},
1667 {"nistp256", NID_X9_62_prime256v1, 256},
1668 {"nistp384", NID_secp384r1, 384},
1669 {"nistp521", NID_secp521r1, 521},
1670 # ifndef OPENSSL_NO_EC2M
1672 {"nistk163", NID_sect163k1, 163},
1673 {"nistk233", NID_sect233k1, 233},
1674 {"nistk283", NID_sect283k1, 283},
1675 {"nistk409", NID_sect409k1, 409},
1676 {"nistk571", NID_sect571k1, 571},
1677 {"nistb163", NID_sect163r2, 163},
1678 {"nistb233", NID_sect233r1, 233},
1679 {"nistb283", NID_sect283r1, 283},
1680 {"nistb409", NID_sect409r1, 409},
1681 {"nistb571", NID_sect571r1, 571},
1683 {"brainpoolP256r1", NID_brainpoolP256r1, 256},
1684 {"brainpoolP256t1", NID_brainpoolP256t1, 256},
1685 {"brainpoolP384r1", NID_brainpoolP384r1, 384},
1686 {"brainpoolP384t1", NID_brainpoolP384t1, 384},
1687 {"brainpoolP512r1", NID_brainpoolP512r1, 512},
1688 {"brainpoolP512t1", NID_brainpoolP512t1, 512},
1689 /* Other and ECDH only ones */
1690 {"X25519", NID_X25519, 253},
1691 {"X448", NID_X448, 448}
1693 static const struct {
1698 } test_ed_curves[] = {
1700 {"Ed25519", NID_ED25519, 253, 64},
1701 {"Ed448", NID_ED448, 456, 114}
1703 # ifndef OPENSSL_NO_SM2
1704 static const struct {
1708 } test_sm2_curves[] = {
1710 {"CurveSM2", NID_sm2, 256}
1713 int ecdsa_doit[ECDSA_NUM] = { 0 };
1714 int ecdh_doit[EC_NUM] = { 0 };
1715 int eddsa_doit[EdDSA_NUM] = { 0 };
1716 int sm2_doit[SM2_NUM] = { 0 };
1717 OPENSSL_assert(OSSL_NELEM(test_curves) >= EC_NUM);
1718 OPENSSL_assert(OSSL_NELEM(test_ed_curves) >= EdDSA_NUM);
1719 OPENSSL_assert(OSSL_NELEM(test_sm2_curves) >= SM2_NUM);
1720 #endif /* ndef OPENSSL_NO_EC */
1722 prog = opt_init(argc, argv, speed_options);
1723 while ((o = opt_next()) != OPT_EOF) {
1728 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
1731 opt_help(speed_options);
1739 evp_cipher = EVP_get_cipherbyname(opt_arg());
1740 if (evp_cipher == NULL)
1741 evp_md = EVP_get_digestbyname(opt_arg());
1742 if (evp_cipher == NULL && evp_md == NULL) {
1744 "%s: %s is an unknown cipher or digest\n",
1751 evp_hmac_md = EVP_get_digestbyname(opt_arg());
1752 if (evp_hmac_md == NULL) {
1753 BIO_printf(bio_err, "%s: %s is an unknown digest\n",
1757 doit[D_EVP_HMAC] = 1;
1760 #ifndef OPENSSL_NO_CMAC
1761 evp_cmac_cipher = EVP_get_cipherbyname(opt_arg());
1762 if (evp_cmac_cipher == NULL) {
1763 BIO_printf(bio_err, "%s: %s is an unknown cipher\n",
1767 doit[D_EVP_CMAC] = 1;
1775 * In a forked execution, an engine might need to be
1776 * initialised by each child process, not by the parent.
1777 * So store the name here and run setup_engine() later on.
1779 engine_id = opt_arg();
1783 multi = atoi(opt_arg());
1787 #ifndef OPENSSL_NO_ASYNC
1788 async_jobs = atoi(opt_arg());
1789 if (!ASYNC_is_capable()) {
1791 "%s: async_jobs specified but async not supported\n",
1795 if (async_jobs > 99999) {
1796 BIO_printf(bio_err, "%s: too many async_jobs\n", prog);
1802 if (!opt_int(opt_arg(), &misalign))
1804 if (misalign > MISALIGN) {
1806 "%s: Maximum offset is %d\n", prog, MISALIGN);
1815 #ifdef OPENSSL_NO_MULTIBLOCK
1817 "%s: -mb specified but multi-block support is disabled\n",
1827 if (!opt_int(opt_arg(), &primes))
1831 seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa
1832 = seconds.ecdh = seconds.eddsa
1833 = seconds.sm2 = atoi(opt_arg());
1836 lengths_single = atoi(opt_arg());
1837 lengths = &lengths_single;
1845 argc = opt_num_rest();
1848 /* Remaining arguments are algorithms. */
1849 for (; *argv; argv++) {
1850 if (found(*argv, doit_choices, &i)) {
1854 #ifndef OPENSSL_NO_DES
1855 if (strcmp(*argv, "des") == 0) {
1856 doit[D_CBC_DES] = doit[D_EDE3_DES] = 1;
1860 if (strcmp(*argv, "sha") == 0) {
1861 doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1;
1864 #ifndef OPENSSL_NO_RSA
1865 if (strcmp(*argv, "openssl") == 0)
1867 if (strcmp(*argv, "rsa") == 0) {
1868 for (loop = 0; loop < OSSL_NELEM(rsa_doit); loop++)
1872 if (found(*argv, rsa_choices, &i)) {
1877 #ifndef OPENSSL_NO_DSA
1878 if (strcmp(*argv, "dsa") == 0) {
1879 dsa_doit[R_DSA_512] = dsa_doit[R_DSA_1024] =
1880 dsa_doit[R_DSA_2048] = 1;
1883 if (found(*argv, dsa_choices, &i)) {
1888 if (strcmp(*argv, "aes") == 0) {
1889 doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1;
1892 #ifndef OPENSSL_NO_CAMELLIA
1893 if (strcmp(*argv, "camellia") == 0) {
1894 doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1;
1898 #ifndef OPENSSL_NO_EC
1899 if (strcmp(*argv, "ecdsa") == 0) {
1900 for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
1901 ecdsa_doit[loop] = 1;
1904 if (found(*argv, ecdsa_choices, &i)) {
1908 if (strcmp(*argv, "ecdh") == 0) {
1909 for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
1910 ecdh_doit[loop] = 1;
1913 if (found(*argv, ecdh_choices, &i)) {
1917 if (strcmp(*argv, "eddsa") == 0) {
1918 for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
1919 eddsa_doit[loop] = 1;
1922 if (found(*argv, eddsa_choices, &i)) {
1926 # ifndef OPENSSL_NO_SM2
1927 if (strcmp(*argv, "sm2") == 0) {
1928 for (loop = 0; loop < OSSL_NELEM(sm2_doit); loop++)
1932 if (found(*argv, sm2_choices, &i)) {
1938 BIO_printf(bio_err, "%s: Unknown algorithm %s\n", prog, *argv);
1944 if (evp_cipher == NULL) {
1945 BIO_printf(bio_err, "-aead can be used only with an AEAD cipher\n");
1947 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1948 EVP_CIPH_FLAG_AEAD_CIPHER)) {
1949 BIO_printf(bio_err, "%s is not an AEAD cipher\n",
1950 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1955 if (evp_cipher == NULL) {
1956 BIO_printf(bio_err,"-mb can be used only with a multi-block"
1957 " capable cipher\n");
1959 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1960 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
1961 BIO_printf(bio_err, "%s is not a multi-block capable\n",
1962 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1964 } else if (async_jobs > 0) {
1965 BIO_printf(bio_err, "Async mode is not supported with -mb");
1970 /* Initialize the job pool if async mode is enabled */
1971 if (async_jobs > 0) {
1972 async_init = ASYNC_init_thread(async_jobs, async_jobs);
1974 BIO_printf(bio_err, "Error creating the ASYNC job pool\n");
1979 loopargs_len = (async_jobs == 0 ? 1 : async_jobs);
1981 app_malloc(loopargs_len * sizeof(loopargs_t), "array of loopargs");
1982 memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));
1984 for (i = 0; i < loopargs_len; i++) {
1985 if (async_jobs > 0) {
1986 loopargs[i].wait_ctx = ASYNC_WAIT_CTX_new();
1987 if (loopargs[i].wait_ctx == NULL) {
1988 BIO_printf(bio_err, "Error creating the ASYNC_WAIT_CTX\n");
1993 buflen = lengths[size_num - 1];
1994 if (buflen < 36) /* size of random vector in RSA benchmark */
1996 buflen += MAX_MISALIGNMENT + 1;
1997 loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
1998 loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");
1999 memset(loopargs[i].buf_malloc, 0, buflen);
2000 memset(loopargs[i].buf2_malloc, 0, buflen);
2002 /* Align the start of buffers on a 64 byte boundary */
2003 loopargs[i].buf = loopargs[i].buf_malloc + misalign;
2004 loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;
2005 #ifndef OPENSSL_NO_EC
2006 loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a");
2007 loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b");
2012 if (multi && do_multi(multi, size_num))
2016 /* Initialize the engine after the fork */
2017 e = setup_engine(engine_id, 0);
2019 /* No parameters; turn on everything. */
2020 if (argc == 0 && !doit[D_EVP] && !doit[D_EVP_HMAC] && !doit[D_EVP_CMAC]) {
2021 for (i = 0; i < ALGOR_NUM; i++)
2022 if (i != D_EVP && i != D_EVP_HMAC && i != D_EVP_CMAC)
2024 #ifndef OPENSSL_NO_RSA
2025 for (i = 0; i < RSA_NUM; i++)
2028 #ifndef OPENSSL_NO_DSA
2029 for (i = 0; i < DSA_NUM; i++)
2032 #ifndef OPENSSL_NO_EC
2033 for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
2034 ecdsa_doit[loop] = 1;
2035 for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
2036 ecdh_doit[loop] = 1;
2037 for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
2038 eddsa_doit[loop] = 1;
2039 # ifndef OPENSSL_NO_SM2
2040 for (loop = 0; loop < OSSL_NELEM(sm2_doit); loop++)
2045 for (i = 0; i < ALGOR_NUM; i++)
2049 if (usertime == 0 && !mr)
2051 "You have chosen to measure elapsed time "
2052 "instead of user CPU time.\n");
2054 #ifndef OPENSSL_NO_RSA
2055 for (i = 0; i < loopargs_len; i++) {
2056 if (primes > RSA_DEFAULT_PRIME_NUM) {
2057 /* for multi-prime RSA, skip this */
2060 for (k = 0; k < RSA_NUM; k++) {
2061 const unsigned char *p;
2064 loopargs[i].rsa_key[k] =
2065 d2i_RSAPrivateKey(NULL, &p, rsa_data_length[k]);
2066 if (loopargs[i].rsa_key[k] == NULL) {
2068 "internal error loading RSA key number %d\n", k);
2074 #ifndef OPENSSL_NO_DSA
2075 for (i = 0; i < loopargs_len; i++) {
2076 loopargs[i].dsa_key[0] = get_dsa(512);
2077 loopargs[i].dsa_key[1] = get_dsa(1024);
2078 loopargs[i].dsa_key[2] = get_dsa(2048);
2081 #ifndef OPENSSL_NO_DES
2082 DES_set_key_unchecked(&key, &sch);
2083 DES_set_key_unchecked(&key2, &sch2);
2084 DES_set_key_unchecked(&key3, &sch3);
2086 AES_set_encrypt_key(key16, 128, &aes_ks1);
2087 AES_set_encrypt_key(key24, 192, &aes_ks2);
2088 AES_set_encrypt_key(key32, 256, &aes_ks3);
2089 #ifndef OPENSSL_NO_CAMELLIA
2090 Camellia_set_key(key16, 128, &camellia_ks1);
2091 Camellia_set_key(ckey24, 192, &camellia_ks2);
2092 Camellia_set_key(ckey32, 256, &camellia_ks3);
2094 #ifndef OPENSSL_NO_IDEA
2095 IDEA_set_encrypt_key(key16, &idea_ks);
2097 #ifndef OPENSSL_NO_SEED
2098 SEED_set_key(key16, &seed_ks);
2100 #ifndef OPENSSL_NO_RC4
2101 RC4_set_key(&rc4_ks, 16, key16);
2103 #ifndef OPENSSL_NO_RC2
2104 RC2_set_key(&rc2_ks, 16, key16, 128);
2106 #ifndef OPENSSL_NO_RC5
2107 if (!RC5_32_set_key(&rc5_ks, 16, key16, 12)) {
2108 BIO_printf(bio_err, "Failed setting RC5 key\n");
2112 #ifndef OPENSSL_NO_BF
2113 BF_set_key(&bf_ks, 16, key16);
2115 #ifndef OPENSSL_NO_CAST
2116 CAST_set_key(&cast_ks, 16, key16);
2119 # ifndef OPENSSL_NO_DES
2120 BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
2126 for (it = count; it; it--)
2127 DES_ecb_encrypt((DES_cblock *)loopargs[0].buf,
2128 (DES_cblock *)loopargs[0].buf, &sch, DES_ENCRYPT);
2132 c[D_MD2][0] = count / 10;
2133 c[D_MDC2][0] = count / 10;
2134 c[D_MD4][0] = count;
2135 c[D_MD5][0] = count;
2136 c[D_HMAC][0] = count;
2137 c[D_SHA1][0] = count;
2138 c[D_RMD160][0] = count;
2139 c[D_RC4][0] = count * 5;
2140 c[D_CBC_DES][0] = count;
2141 c[D_EDE3_DES][0] = count / 3;
2142 c[D_CBC_IDEA][0] = count;
2143 c[D_CBC_SEED][0] = count;
2144 c[D_CBC_RC2][0] = count;
2145 c[D_CBC_RC5][0] = count;
2146 c[D_CBC_BF][0] = count;
2147 c[D_CBC_CAST][0] = count;
2148 c[D_CBC_128_AES][0] = count;
2149 c[D_CBC_192_AES][0] = count;
2150 c[D_CBC_256_AES][0] = count;
2151 c[D_CBC_128_CML][0] = count;
2152 c[D_CBC_192_CML][0] = count;
2153 c[D_CBC_256_CML][0] = count;
2154 c[D_SHA256][0] = count;
2155 c[D_SHA512][0] = count;
2156 c[D_WHIRLPOOL][0] = count;
2157 c[D_IGE_128_AES][0] = count;
2158 c[D_IGE_192_AES][0] = count;
2159 c[D_IGE_256_AES][0] = count;
2160 c[D_GHASH][0] = count;
2161 c[D_RAND][0] = count;
2163 for (i = 1; i < size_num; i++) {
2166 l0 = (long)lengths[0];
2167 l1 = (long)lengths[i];
2169 c[D_MD2][i] = c[D_MD2][0] * 4 * l0 / l1;
2170 c[D_MDC2][i] = c[D_MDC2][0] * 4 * l0 / l1;
2171 c[D_MD4][i] = c[D_MD4][0] * 4 * l0 / l1;
2172 c[D_MD5][i] = c[D_MD5][0] * 4 * l0 / l1;
2173 c[D_HMAC][i] = c[D_HMAC][0] * 4 * l0 / l1;
2174 c[D_SHA1][i] = c[D_SHA1][0] * 4 * l0 / l1;
2175 c[D_RMD160][i] = c[D_RMD160][0] * 4 * l0 / l1;
2176 c[D_SHA256][i] = c[D_SHA256][0] * 4 * l0 / l1;
2177 c[D_SHA512][i] = c[D_SHA512][0] * 4 * l0 / l1;
2178 c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * l0 / l1;
2179 c[D_GHASH][i] = c[D_GHASH][0] * 4 * l0 / l1;
2180 c[D_RAND][i] = c[D_RAND][0] * 4 * l0 / l1;
2182 l0 = (long)lengths[i - 1];
2184 c[D_RC4][i] = c[D_RC4][i - 1] * l0 / l1;
2185 c[D_CBC_DES][i] = c[D_CBC_DES][i - 1] * l0 / l1;
2186 c[D_EDE3_DES][i] = c[D_EDE3_DES][i - 1] * l0 / l1;
2187 c[D_CBC_IDEA][i] = c[D_CBC_IDEA][i - 1] * l0 / l1;
2188 c[D_CBC_SEED][i] = c[D_CBC_SEED][i - 1] * l0 / l1;
2189 c[D_CBC_RC2][i] = c[D_CBC_RC2][i - 1] * l0 / l1;
2190 c[D_CBC_RC5][i] = c[D_CBC_RC5][i - 1] * l0 / l1;
2191 c[D_CBC_BF][i] = c[D_CBC_BF][i - 1] * l0 / l1;
2192 c[D_CBC_CAST][i] = c[D_CBC_CAST][i - 1] * l0 / l1;
2193 c[D_CBC_128_AES][i] = c[D_CBC_128_AES][i - 1] * l0 / l1;
2194 c[D_CBC_192_AES][i] = c[D_CBC_192_AES][i - 1] * l0 / l1;
2195 c[D_CBC_256_AES][i] = c[D_CBC_256_AES][i - 1] * l0 / l1;
2196 c[D_CBC_128_CML][i] = c[D_CBC_128_CML][i - 1] * l0 / l1;
2197 c[D_CBC_192_CML][i] = c[D_CBC_192_CML][i - 1] * l0 / l1;
2198 c[D_CBC_256_CML][i] = c[D_CBC_256_CML][i - 1] * l0 / l1;
2199 c[D_IGE_128_AES][i] = c[D_IGE_128_AES][i - 1] * l0 / l1;
2200 c[D_IGE_192_AES][i] = c[D_IGE_192_AES][i - 1] * l0 / l1;
2201 c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
2204 # ifndef OPENSSL_NO_RSA
2205 rsa_c[R_RSA_512][0] = count / 2000;
2206 rsa_c[R_RSA_512][1] = count / 400;
2207 for (i = 1; i < RSA_NUM; i++) {
2208 rsa_c[i][0] = rsa_c[i - 1][0] / 8;
2209 rsa_c[i][1] = rsa_c[i - 1][1] / 4;
2210 if (rsa_doit[i] <= 1 && rsa_c[i][0] == 0)
2213 if (rsa_c[i][0] == 0) {
2214 rsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2221 # ifndef OPENSSL_NO_DSA
2222 dsa_c[R_DSA_512][0] = count / 1000;
2223 dsa_c[R_DSA_512][1] = count / 1000 / 2;
2224 for (i = 1; i < DSA_NUM; i++) {
2225 dsa_c[i][0] = dsa_c[i - 1][0] / 4;
2226 dsa_c[i][1] = dsa_c[i - 1][1] / 4;
2227 if (dsa_doit[i] <= 1 && dsa_c[i][0] == 0)
2230 if (dsa_c[i][0] == 0) {
2231 dsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2238 # ifndef OPENSSL_NO_EC
2239 ecdsa_c[R_EC_P160][0] = count / 1000;
2240 ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
2241 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2242 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2243 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2244 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2247 if (ecdsa_c[i][0] == 0) {
2253 # ifndef OPENSSL_NO_EC2M
2254 ecdsa_c[R_EC_K163][0] = count / 1000;
2255 ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
2256 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2257 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2258 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2259 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2262 if (ecdsa_c[i][0] == 0) {
2268 ecdsa_c[R_EC_B163][0] = count / 1000;
2269 ecdsa_c[R_EC_B163][1] = count / 1000 / 2;
2270 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2271 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2272 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2273 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2276 if (ecdsa_c[i][0] == 0) {
2284 ecdh_c[R_EC_P160][0] = count / 1000;
2285 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2286 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2287 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2290 if (ecdh_c[i][0] == 0) {
2295 # ifndef OPENSSL_NO_EC2M
2296 ecdh_c[R_EC_K163][0] = count / 1000;
2297 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2298 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2299 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2302 if (ecdh_c[i][0] == 0) {
2307 ecdh_c[R_EC_B163][0] = count / 1000;
2308 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2309 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2310 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2313 if (ecdh_c[i][0] == 0) {
2319 /* repeated code good to factorize */
2320 ecdh_c[R_EC_BRP256R1][0] = count / 1000;
2321 for (i = R_EC_BRP384R1; i <= R_EC_BRP512R1; i += 2) {
2322 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2323 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2326 if (ecdh_c[i][0] == 0) {
2331 ecdh_c[R_EC_BRP256T1][0] = count / 1000;
2332 for (i = R_EC_BRP384T1; i <= R_EC_BRP512T1; i += 2) {
2333 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2334 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2337 if (ecdh_c[i][0] == 0) {
2342 /* default iteration count for the last two EC Curves */
2343 ecdh_c[R_EC_X25519][0] = count / 1800;
2344 ecdh_c[R_EC_X448][0] = count / 7200;
2346 eddsa_c[R_EC_Ed25519][0] = count / 1800;
2347 eddsa_c[R_EC_Ed448][0] = count / 7200;
2349 # ifndef OPENSSL_NO_SM2
2350 sm2_c[R_EC_SM2P256][0] = count / 1800;
2355 /* not worth fixing */
2356 # error "You cannot disable DES on systems without SIGALRM."
2357 # endif /* OPENSSL_NO_DES */
2359 signal(SIGALRM, alarmed);
2360 #endif /* SIGALRM */
2362 #ifndef OPENSSL_NO_MD2
2364 for (testnum = 0; testnum < size_num; testnum++) {
2365 print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum],
2368 count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs);
2370 print_result(D_MD2, testnum, count, d);
2374 #ifndef OPENSSL_NO_MDC2
2376 for (testnum = 0; testnum < size_num; testnum++) {
2377 print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum],
2380 count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs);
2382 print_result(D_MDC2, testnum, count, d);
2387 #ifndef OPENSSL_NO_MD4
2389 for (testnum = 0; testnum < size_num; testnum++) {
2390 print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum],
2393 count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs);
2395 print_result(D_MD4, testnum, count, d);
2400 #ifndef OPENSSL_NO_MD5
2402 for (testnum = 0; testnum < size_num; testnum++) {
2403 print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum],
2406 count = run_benchmark(async_jobs, MD5_loop, loopargs);
2408 print_result(D_MD5, testnum, count, d);
2413 static const char hmac_key[] = "This is a key...";
2414 int len = strlen(hmac_key);
2416 for (i = 0; i < loopargs_len; i++) {
2417 loopargs[i].hctx = HMAC_CTX_new();
2418 if (loopargs[i].hctx == NULL) {
2419 BIO_printf(bio_err, "HMAC malloc failure, exiting...");
2423 HMAC_Init_ex(loopargs[i].hctx, hmac_key, len, EVP_md5(), NULL);
2425 for (testnum = 0; testnum < size_num; testnum++) {
2426 print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum],
2429 count = run_benchmark(async_jobs, HMAC_loop, loopargs);
2431 print_result(D_HMAC, testnum, count, d);
2433 for (i = 0; i < loopargs_len; i++) {
2434 HMAC_CTX_free(loopargs[i].hctx);
2439 for (testnum = 0; testnum < size_num; testnum++) {
2440 print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum],
2443 count = run_benchmark(async_jobs, SHA1_loop, loopargs);
2445 print_result(D_SHA1, testnum, count, d);
2448 if (doit[D_SHA256]) {
2449 for (testnum = 0; testnum < size_num; testnum++) {
2450 print_message(names[D_SHA256], c[D_SHA256][testnum],
2451 lengths[testnum], seconds.sym);
2453 count = run_benchmark(async_jobs, SHA256_loop, loopargs);
2455 print_result(D_SHA256, testnum, count, d);
2458 if (doit[D_SHA512]) {
2459 for (testnum = 0; testnum < size_num; testnum++) {
2460 print_message(names[D_SHA512], c[D_SHA512][testnum],
2461 lengths[testnum], seconds.sym);
2463 count = run_benchmark(async_jobs, SHA512_loop, loopargs);
2465 print_result(D_SHA512, testnum, count, d);
2468 #ifndef OPENSSL_NO_WHIRLPOOL
2469 if (doit[D_WHIRLPOOL]) {
2470 for (testnum = 0; testnum < size_num; testnum++) {
2471 print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][testnum],
2472 lengths[testnum], seconds.sym);
2474 count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs);
2476 print_result(D_WHIRLPOOL, testnum, count, d);
2481 #ifndef OPENSSL_NO_RMD160
2482 if (doit[D_RMD160]) {
2483 for (testnum = 0; testnum < size_num; testnum++) {
2484 print_message(names[D_RMD160], c[D_RMD160][testnum],
2485 lengths[testnum], seconds.sym);
2487 count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs);
2489 print_result(D_RMD160, testnum, count, d);
2493 #ifndef OPENSSL_NO_RC4
2495 for (testnum = 0; testnum < size_num; testnum++) {
2496 print_message(names[D_RC4], c[D_RC4][testnum], lengths[testnum],
2499 count = run_benchmark(async_jobs, RC4_loop, loopargs);
2501 print_result(D_RC4, testnum, count, d);
2505 #ifndef OPENSSL_NO_DES
2506 if (doit[D_CBC_DES]) {
2507 for (testnum = 0; testnum < size_num; testnum++) {
2508 print_message(names[D_CBC_DES], c[D_CBC_DES][testnum],
2509 lengths[testnum], seconds.sym);
2511 count = run_benchmark(async_jobs, DES_ncbc_encrypt_loop, loopargs);
2513 print_result(D_CBC_DES, testnum, count, d);
2517 if (doit[D_EDE3_DES]) {
2518 for (testnum = 0; testnum < size_num; testnum++) {
2519 print_message(names[D_EDE3_DES], c[D_EDE3_DES][testnum],
2520 lengths[testnum], seconds.sym);
2523 run_benchmark(async_jobs, DES_ede3_cbc_encrypt_loop, loopargs);
2525 print_result(D_EDE3_DES, testnum, count, d);
2530 if (doit[D_CBC_128_AES]) {
2531 for (testnum = 0; testnum < size_num; testnum++) {
2532 print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][testnum],
2533 lengths[testnum], seconds.sym);
2536 run_benchmark(async_jobs, AES_cbc_128_encrypt_loop, loopargs);
2538 print_result(D_CBC_128_AES, testnum, count, d);
2541 if (doit[D_CBC_192_AES]) {
2542 for (testnum = 0; testnum < size_num; testnum++) {
2543 print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][testnum],
2544 lengths[testnum], seconds.sym);
2547 run_benchmark(async_jobs, AES_cbc_192_encrypt_loop, loopargs);
2549 print_result(D_CBC_192_AES, testnum, count, d);
2552 if (doit[D_CBC_256_AES]) {
2553 for (testnum = 0; testnum < size_num; testnum++) {
2554 print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][testnum],
2555 lengths[testnum], seconds.sym);
2558 run_benchmark(async_jobs, AES_cbc_256_encrypt_loop, loopargs);
2560 print_result(D_CBC_256_AES, testnum, count, d);
2565 if (doit[D_IGE_128_AES]) {
2566 for (testnum = 0; testnum < size_num; testnum++) {
2567 print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][testnum],
2568 lengths[testnum], seconds.sym);
2571 run_benchmark(async_jobs, AES_ige_128_encrypt_loop, loopargs);
2573 print_result(D_IGE_128_AES, testnum, count, d);
2576 if (doit[D_IGE_192_AES]) {
2577 for (testnum = 0; testnum < size_num; testnum++) {
2578 print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][testnum],
2579 lengths[testnum], seconds.sym);
2582 run_benchmark(async_jobs, AES_ige_192_encrypt_loop, loopargs);
2584 print_result(D_IGE_192_AES, testnum, count, d);
2587 if (doit[D_IGE_256_AES]) {
2588 for (testnum = 0; testnum < size_num; testnum++) {
2589 print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][testnum],
2590 lengths[testnum], seconds.sym);
2593 run_benchmark(async_jobs, AES_ige_256_encrypt_loop, loopargs);
2595 print_result(D_IGE_256_AES, testnum, count, d);
2599 if (doit[D_GHASH]) {
2600 for (i = 0; i < loopargs_len; i++) {
2601 loopargs[i].gcm_ctx =
2602 CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
2603 CRYPTO_gcm128_setiv(loopargs[i].gcm_ctx,
2604 (unsigned char *)"0123456789ab", 12);
2607 for (testnum = 0; testnum < size_num; testnum++) {
2608 print_message(names[D_GHASH], c[D_GHASH][testnum],
2609 lengths[testnum], seconds.sym);
2611 count = run_benchmark(async_jobs, CRYPTO_gcm128_aad_loop, loopargs);
2613 print_result(D_GHASH, testnum, count, d);
2615 for (i = 0; i < loopargs_len; i++)
2616 CRYPTO_gcm128_release(loopargs[i].gcm_ctx);
2618 #ifndef OPENSSL_NO_CAMELLIA
2619 if (doit[D_CBC_128_CML]) {
2620 if (async_jobs > 0) {
2621 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2622 names[D_CBC_128_CML]);
2623 doit[D_CBC_128_CML] = 0;
2625 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2626 print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][testnum],
2627 lengths[testnum], seconds.sym);
2629 for (count = 0, run = 1; COND(c[D_CBC_128_CML][testnum]); count++)
2630 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2631 (size_t)lengths[testnum], &camellia_ks1,
2632 iv, CAMELLIA_ENCRYPT);
2634 print_result(D_CBC_128_CML, testnum, count, d);
2637 if (doit[D_CBC_192_CML]) {
2638 if (async_jobs > 0) {
2639 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2640 names[D_CBC_192_CML]);
2641 doit[D_CBC_192_CML] = 0;
2643 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2644 print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][testnum],
2645 lengths[testnum], seconds.sym);
2646 if (async_jobs > 0) {
2647 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2651 for (count = 0, run = 1; COND(c[D_CBC_192_CML][testnum]); count++)
2652 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2653 (size_t)lengths[testnum], &camellia_ks2,
2654 iv, CAMELLIA_ENCRYPT);
2656 print_result(D_CBC_192_CML, testnum, count, d);
2659 if (doit[D_CBC_256_CML]) {
2660 if (async_jobs > 0) {
2661 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2662 names[D_CBC_256_CML]);
2663 doit[D_CBC_256_CML] = 0;
2665 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2666 print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][testnum],
2667 lengths[testnum], seconds.sym);
2669 for (count = 0, run = 1; COND(c[D_CBC_256_CML][testnum]); count++)
2670 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2671 (size_t)lengths[testnum], &camellia_ks3,
2672 iv, CAMELLIA_ENCRYPT);
2674 print_result(D_CBC_256_CML, testnum, count, d);
2678 #ifndef OPENSSL_NO_IDEA
2679 if (doit[D_CBC_IDEA]) {
2680 if (async_jobs > 0) {
2681 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2683 doit[D_CBC_IDEA] = 0;
2685 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2686 print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][testnum],
2687 lengths[testnum], seconds.sym);
2689 for (count = 0, run = 1; COND(c[D_CBC_IDEA][testnum]); count++)
2690 IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2691 (size_t)lengths[testnum], &idea_ks,
2694 print_result(D_CBC_IDEA, testnum, count, d);
2698 #ifndef OPENSSL_NO_SEED
2699 if (doit[D_CBC_SEED]) {
2700 if (async_jobs > 0) {
2701 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2703 doit[D_CBC_SEED] = 0;
2705 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2706 print_message(names[D_CBC_SEED], c[D_CBC_SEED][testnum],
2707 lengths[testnum], seconds.sym);
2709 for (count = 0, run = 1; COND(c[D_CBC_SEED][testnum]); count++)
2710 SEED_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2711 (size_t)lengths[testnum], &seed_ks, iv, 1);
2713 print_result(D_CBC_SEED, testnum, count, d);
2717 #ifndef OPENSSL_NO_RC2
2718 if (doit[D_CBC_RC2]) {
2719 if (async_jobs > 0) {
2720 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2722 doit[D_CBC_RC2] = 0;
2724 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2725 print_message(names[D_CBC_RC2], c[D_CBC_RC2][testnum],
2726 lengths[testnum], seconds.sym);
2727 if (async_jobs > 0) {
2728 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2732 for (count = 0, run = 1; COND(c[D_CBC_RC2][testnum]); count++)
2733 RC2_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2734 (size_t)lengths[testnum], &rc2_ks,
2737 print_result(D_CBC_RC2, testnum, count, d);
2741 #ifndef OPENSSL_NO_RC5
2742 if (doit[D_CBC_RC5]) {
2743 if (async_jobs > 0) {
2744 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2746 doit[D_CBC_RC5] = 0;
2748 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2749 print_message(names[D_CBC_RC5], c[D_CBC_RC5][testnum],
2750 lengths[testnum], seconds.sym);
2751 if (async_jobs > 0) {
2752 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2756 for (count = 0, run = 1; COND(c[D_CBC_RC5][testnum]); count++)
2757 RC5_32_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2758 (size_t)lengths[testnum], &rc5_ks,
2761 print_result(D_CBC_RC5, testnum, count, d);
2765 #ifndef OPENSSL_NO_BF
2766 if (doit[D_CBC_BF]) {
2767 if (async_jobs > 0) {
2768 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2772 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2773 print_message(names[D_CBC_BF], c[D_CBC_BF][testnum],
2774 lengths[testnum], seconds.sym);
2776 for (count = 0, run = 1; COND(c[D_CBC_BF][testnum]); count++)
2777 BF_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2778 (size_t)lengths[testnum], &bf_ks,
2781 print_result(D_CBC_BF, testnum, count, d);
2785 #ifndef OPENSSL_NO_CAST
2786 if (doit[D_CBC_CAST]) {
2787 if (async_jobs > 0) {
2788 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2790 doit[D_CBC_CAST] = 0;
2792 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2793 print_message(names[D_CBC_CAST], c[D_CBC_CAST][testnum],
2794 lengths[testnum], seconds.sym);
2796 for (count = 0, run = 1; COND(c[D_CBC_CAST][testnum]); count++)
2797 CAST_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2798 (size_t)lengths[testnum], &cast_ks,
2801 print_result(D_CBC_CAST, testnum, count, d);
2806 for (testnum = 0; testnum < size_num; testnum++) {
2807 print_message(names[D_RAND], c[D_RAND][testnum], lengths[testnum],
2810 count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs);
2812 print_result(D_RAND, testnum, count, d);
2817 if (evp_cipher != NULL) {
2818 int (*loopfunc)(void *args) = EVP_Update_loop;
2820 if (multiblock && (EVP_CIPHER_flags(evp_cipher) &
2821 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
2822 multiblock_speed(evp_cipher, lengths_single, &seconds);
2827 names[D_EVP] = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
2829 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_CCM_MODE) {
2830 loopfunc = EVP_Update_loop_ccm;
2831 } else if (aead && (EVP_CIPHER_flags(evp_cipher) &
2832 EVP_CIPH_FLAG_AEAD_CIPHER)) {
2833 loopfunc = EVP_Update_loop_aead;
2834 if (lengths == lengths_list) {
2835 lengths = aead_lengths_list;
2836 size_num = OSSL_NELEM(aead_lengths_list);
2840 for (testnum = 0; testnum < size_num; testnum++) {
2841 print_message(names[D_EVP], save_count, lengths[testnum],
2844 for (k = 0; k < loopargs_len; k++) {
2845 loopargs[k].ctx = EVP_CIPHER_CTX_new();
2846 if (loopargs[k].ctx == NULL) {
2847 BIO_printf(bio_err, "\nEVP_CIPHER_CTX_new failure\n");
2850 if (!EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL,
2851 NULL, iv, decrypt ? 0 : 1)) {
2852 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2853 ERR_print_errors(bio_err);
2857 EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
2859 keylen = EVP_CIPHER_CTX_key_length(loopargs[k].ctx);
2860 loopargs[k].key = app_malloc(keylen, "evp_cipher key");
2861 EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key);
2862 if (!EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
2863 loopargs[k].key, NULL, -1)) {
2864 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2865 ERR_print_errors(bio_err);
2868 OPENSSL_clear_free(loopargs[k].key, keylen);
2870 /* SIV mode only allows for a single Update operation */
2871 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_SIV_MODE)
2872 EVP_CIPHER_CTX_ctrl(loopargs[k].ctx, EVP_CTRL_SET_SPEED, 1, NULL);
2876 count = run_benchmark(async_jobs, loopfunc, loopargs);
2878 for (k = 0; k < loopargs_len; k++) {
2879 EVP_CIPHER_CTX_free(loopargs[k].ctx);
2881 print_result(D_EVP, testnum, count, d);
2883 } else if (evp_md != NULL) {
2884 names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md));
2886 for (testnum = 0; testnum < size_num; testnum++) {
2887 print_message(names[D_EVP], save_count, lengths[testnum],
2890 count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs);
2892 print_result(D_EVP, testnum, count, d);
2897 if (doit[D_EVP_HMAC]) {
2898 if (evp_hmac_md != NULL) {
2899 const char *md_name = OBJ_nid2ln(EVP_MD_type(evp_hmac_md));
2900 evp_hmac_name = app_malloc(sizeof("HMAC()") + strlen(md_name),
2902 sprintf(evp_hmac_name, "HMAC(%s)", md_name);
2903 names[D_EVP_HMAC] = evp_hmac_name;
2905 for (testnum = 0; testnum < size_num; testnum++) {
2906 print_message(names[D_EVP_HMAC], save_count, lengths[testnum],
2909 count = run_benchmark(async_jobs, EVP_HMAC_loop, loopargs);
2911 print_result(D_EVP_HMAC, testnum, count, d);
2916 #ifndef OPENSSL_NO_CMAC
2917 if (doit[D_EVP_CMAC]) {
2918 if (evp_cmac_cipher != NULL) {
2919 const char *cipher_name = OBJ_nid2ln(EVP_CIPHER_type(evp_cmac_cipher));
2920 evp_cmac_name = app_malloc(sizeof("CMAC()") + strlen(cipher_name),
2922 sprintf(evp_cmac_name, "CMAC(%s)", cipher_name);
2923 names[D_EVP_CMAC] = evp_cmac_name;
2925 for (i = 0; i < loopargs_len; i++) {
2926 loopargs[i].cmac_ctx = CMAC_CTX_new();
2927 if (loopargs[i].cmac_ctx == NULL) {
2928 BIO_printf(bio_err, "CMAC malloc failure, exiting...");
2932 for (testnum = 0; testnum < size_num; testnum++) {
2933 print_message(names[D_EVP_CMAC], save_count, lengths[testnum],
2936 count = run_benchmark(async_jobs, EVP_CMAC_loop, loopargs);
2938 print_result(D_EVP_CMAC, testnum, count, d);
2940 for (i = 0; i < loopargs_len; i++)
2941 CMAC_CTX_free(loopargs[i].cmac_ctx);
2946 for (i = 0; i < loopargs_len; i++)
2947 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2950 #ifndef OPENSSL_NO_RSA
2951 for (testnum = 0; testnum < RSA_NUM; testnum++) {
2953 if (!rsa_doit[testnum])
2955 for (i = 0; i < loopargs_len; i++) {
2957 /* we haven't set keys yet, generate multi-prime RSA keys */
2958 BIGNUM *bn = BN_new();
2962 if (!BN_set_word(bn, RSA_F4)) {
2967 BIO_printf(bio_err, "Generate multi-prime RSA key for %s\n",
2968 rsa_choices[testnum].name);
2970 loopargs[i].rsa_key[testnum] = RSA_new();
2971 if (loopargs[i].rsa_key[testnum] == NULL) {
2976 if (!RSA_generate_multi_prime_key(loopargs[i].rsa_key[testnum],
2978 primes, bn, NULL)) {
2984 st = RSA_sign(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2985 &loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2991 "RSA sign failure. No RSA sign will be done.\n");
2992 ERR_print_errors(bio_err);
2995 pkey_print_message("private", "rsa",
2996 rsa_c[testnum][0], rsa_bits[testnum],
2998 /* RSA_blinding_on(rsa_key[testnum],NULL); */
3000 count = run_benchmark(async_jobs, RSA_sign_loop, loopargs);
3003 mr ? "+R1:%ld:%d:%.2f\n"
3004 : "%ld %u bits private RSA's in %.2fs\n",
3005 count, rsa_bits[testnum], d);
3006 rsa_results[testnum][0] = (double)count / d;
3010 for (i = 0; i < loopargs_len; i++) {
3011 st = RSA_verify(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
3012 loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
3018 "RSA verify failure. No RSA verify will be done.\n");
3019 ERR_print_errors(bio_err);
3020 rsa_doit[testnum] = 0;
3022 pkey_print_message("public", "rsa",
3023 rsa_c[testnum][1], rsa_bits[testnum],
3026 count = run_benchmark(async_jobs, RSA_verify_loop, loopargs);
3029 mr ? "+R2:%ld:%d:%.2f\n"
3030 : "%ld %u bits public RSA's in %.2fs\n",
3031 count, rsa_bits[testnum], d);
3032 rsa_results[testnum][1] = (double)count / d;
3035 if (rsa_count <= 1) {
3036 /* if longer than 10s, don't do any more */
3037 for (testnum++; testnum < RSA_NUM; testnum++)
3038 rsa_doit[testnum] = 0;
3041 #endif /* OPENSSL_NO_RSA */
3043 for (i = 0; i < loopargs_len; i++)
3044 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
3047 #ifndef OPENSSL_NO_DSA
3048 for (testnum = 0; testnum < DSA_NUM; testnum++) {
3050 if (!dsa_doit[testnum])
3053 /* DSA_generate_key(dsa_key[testnum]); */
3054 /* DSA_sign_setup(dsa_key[testnum],NULL); */
3055 for (i = 0; i < loopargs_len; i++) {
3056 st = DSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
3057 &loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
3063 "DSA sign failure. No DSA sign will be done.\n");
3064 ERR_print_errors(bio_err);
3067 pkey_print_message("sign", "dsa",
3068 dsa_c[testnum][0], dsa_bits[testnum],
3071 count = run_benchmark(async_jobs, DSA_sign_loop, loopargs);
3074 mr ? "+R3:%ld:%u:%.2f\n"
3075 : "%ld %u bits DSA signs in %.2fs\n",
3076 count, dsa_bits[testnum], d);
3077 dsa_results[testnum][0] = (double)count / d;
3081 for (i = 0; i < loopargs_len; i++) {
3082 st = DSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
3083 loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
3089 "DSA verify failure. No DSA verify will be done.\n");
3090 ERR_print_errors(bio_err);
3091 dsa_doit[testnum] = 0;
3093 pkey_print_message("verify", "dsa",
3094 dsa_c[testnum][1], dsa_bits[testnum],
3097 count = run_benchmark(async_jobs, DSA_verify_loop, loopargs);
3100 mr ? "+R4:%ld:%u:%.2f\n"
3101 : "%ld %u bits DSA verify in %.2fs\n",
3102 count, dsa_bits[testnum], d);
3103 dsa_results[testnum][1] = (double)count / d;
3106 if (rsa_count <= 1) {
3107 /* if longer than 10s, don't do any more */
3108 for (testnum++; testnum < DSA_NUM; testnum++)
3109 dsa_doit[testnum] = 0;
3112 #endif /* OPENSSL_NO_DSA */
3114 #ifndef OPENSSL_NO_EC
3115 for (testnum = 0; testnum < ECDSA_NUM; testnum++) {
3118 if (!ecdsa_doit[testnum])
3119 continue; /* Ignore Curve */
3120 for (i = 0; i < loopargs_len; i++) {
3121 loopargs[i].ecdsa[testnum] =
3122 EC_KEY_new_by_curve_name(test_curves[testnum].nid);
3123 if (loopargs[i].ecdsa[testnum] == NULL) {
3129 BIO_printf(bio_err, "ECDSA failure.\n");
3130 ERR_print_errors(bio_err);
3133 for (i = 0; i < loopargs_len; i++) {
3134 EC_KEY_precompute_mult(loopargs[i].ecdsa[testnum], NULL);
3135 /* Perform ECDSA signature test */
3136 EC_KEY_generate_key(loopargs[i].ecdsa[testnum]);
3137 st = ECDSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
3138 &loopargs[i].siglen,
3139 loopargs[i].ecdsa[testnum]);
3145 "ECDSA sign failure. No ECDSA sign will be done.\n");
3146 ERR_print_errors(bio_err);
3149 pkey_print_message("sign", "ecdsa",
3150 ecdsa_c[testnum][0],
3151 test_curves[testnum].bits, seconds.ecdsa);
3153 count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs);
3157 mr ? "+R5:%ld:%u:%.2f\n" :
3158 "%ld %u bits ECDSA signs in %.2fs \n",
3159 count, test_curves[testnum].bits, d);
3160 ecdsa_results[testnum][0] = (double)count / d;
3164 /* Perform ECDSA verification test */
3165 for (i = 0; i < loopargs_len; i++) {
3166 st = ECDSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
3168 loopargs[i].ecdsa[testnum]);
3174 "ECDSA verify failure. No ECDSA verify will be done.\n");
3175 ERR_print_errors(bio_err);
3176 ecdsa_doit[testnum] = 0;
3178 pkey_print_message("verify", "ecdsa",
3179 ecdsa_c[testnum][1],
3180 test_curves[testnum].bits, seconds.ecdsa);
3182 count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs);
3185 mr ? "+R6:%ld:%u:%.2f\n"
3186 : "%ld %u bits ECDSA verify in %.2fs\n",
3187 count, test_curves[testnum].bits, d);
3188 ecdsa_results[testnum][1] = (double)count / d;
3191 if (rsa_count <= 1) {
3192 /* if longer than 10s, don't do any more */
3193 for (testnum++; testnum < ECDSA_NUM; testnum++)
3194 ecdsa_doit[testnum] = 0;
3199 for (testnum = 0; testnum < EC_NUM; testnum++) {
3200 int ecdh_checks = 1;
3202 if (!ecdh_doit[testnum])
3205 for (i = 0; i < loopargs_len; i++) {
3206 EVP_PKEY_CTX *kctx = NULL;
3207 EVP_PKEY_CTX *test_ctx = NULL;
3208 EVP_PKEY_CTX *ctx = NULL;
3209 EVP_PKEY *key_A = NULL;
3210 EVP_PKEY *key_B = NULL;
3214 /* Ensure that the error queue is empty */
3215 if (ERR_peek_error()) {
3217 "WARNING: the error queue contains previous unhandled errors.\n");
3218 ERR_print_errors(bio_err);
3221 /* Let's try to create a ctx directly from the NID: this works for
3222 * curves like Curve25519 that are not implemented through the low
3223 * level EC interface.
3224 * If this fails we try creating a EVP_PKEY_EC generic param ctx,
3225 * then we set the curve by NID before deriving the actual keygen
3226 * ctx for that specific curve. */
3227 kctx = EVP_PKEY_CTX_new_id(test_curves[testnum].nid, NULL); /* keygen ctx from NID */
3229 EVP_PKEY_CTX *pctx = NULL;
3230 EVP_PKEY *params = NULL;
3232 /* If we reach this code EVP_PKEY_CTX_new_id() failed and a
3233 * "int_ctx_new:unsupported algorithm" error was added to the
3235 * We remove it from the error queue as we are handling it. */
3236 unsigned long error = ERR_peek_error(); /* peek the latest error in the queue */
3237 if (error == ERR_peek_last_error() && /* oldest and latest errors match */
3238 /* check that the error origin matches */
3239 ERR_GET_LIB(error) == ERR_LIB_EVP &&
3240 ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM)
3241 ERR_get_error(); /* pop error from queue */
3242 if (ERR_peek_error()) {
3244 "Unhandled error in the error queue during ECDH init.\n");
3245 ERR_print_errors(bio_err);
3250 if ( /* Create the context for parameter generation */
3251 !(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) ||
3252 /* Initialise the parameter generation */
3253 !EVP_PKEY_paramgen_init(pctx) ||
3254 /* Set the curve by NID */
3255 !EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3258 /* Create the parameter object params */
3259 !EVP_PKEY_paramgen(pctx, ¶ms)) {
3261 BIO_printf(bio_err, "ECDH EC params init failure.\n");
3262 ERR_print_errors(bio_err);
3266 /* Create the context for the key generation */
3267 kctx = EVP_PKEY_CTX_new(params, NULL);
3269 EVP_PKEY_free(params);
3271 EVP_PKEY_CTX_free(pctx);
3274 if (kctx == NULL || /* keygen ctx is not null */
3275 EVP_PKEY_keygen_init(kctx) <= 0/* init keygen ctx */ ) {
3277 BIO_printf(bio_err, "ECDH keygen failure.\n");
3278 ERR_print_errors(bio_err);
3283 if (EVP_PKEY_keygen(kctx, &key_A) <= 0 || /* generate secret key A */
3284 EVP_PKEY_keygen(kctx, &key_B) <= 0 || /* generate secret key B */
3285 !(ctx = EVP_PKEY_CTX_new(key_A, NULL)) || /* derivation ctx from skeyA */
3286 EVP_PKEY_derive_init(ctx) <= 0 || /* init derivation ctx */
3287 EVP_PKEY_derive_set_peer(ctx, key_B) <= 0 || /* set peer pubkey in ctx */
3288 EVP_PKEY_derive(ctx, NULL, &outlen) <= 0 || /* determine max length */
3289 outlen == 0 || /* ensure outlen is a valid size */
3290 outlen > MAX_ECDH_SIZE /* avoid buffer overflow */ ) {
3292 BIO_printf(bio_err, "ECDH key generation failure.\n");
3293 ERR_print_errors(bio_err);
3298 /* Here we perform a test run, comparing the output of a*B and b*A;
3299 * we try this here and assume that further EVP_PKEY_derive calls
3300 * never fail, so we can skip checks in the actually benchmarked
3301 * code, for maximum performance. */
3302 if (!(test_ctx = EVP_PKEY_CTX_new(key_B, NULL)) || /* test ctx from skeyB */
3303 !EVP_PKEY_derive_init(test_ctx) || /* init derivation test_ctx */
3304 !EVP_PKEY_derive_set_peer(test_ctx, key_A) || /* set peer pubkey in test_ctx */
3305 !EVP_PKEY_derive(test_ctx, NULL, &test_outlen) || /* determine max length */
3306 !EVP_PKEY_derive(ctx, loopargs[i].secret_a, &outlen) || /* compute a*B */
3307 !EVP_PKEY_derive(test_ctx, loopargs[i].secret_b, &test_outlen) || /* compute b*A */
3308 test_outlen != outlen /* compare output length */ ) {
3310 BIO_printf(bio_err, "ECDH computation failure.\n");
3311 ERR_print_errors(bio_err);
3316 /* Compare the computation results: CRYPTO_memcmp() returns 0 if equal */
3317 if (CRYPTO_memcmp(loopargs[i].secret_a,
3318 loopargs[i].secret_b, outlen)) {
3320 BIO_printf(bio_err, "ECDH computations don't match.\n");
3321 ERR_print_errors(bio_err);
3326 loopargs[i].ecdh_ctx[testnum] = ctx;
3327 loopargs[i].outlen[testnum] = outlen;
3329 EVP_PKEY_free(key_A);
3330 EVP_PKEY_free(key_B);
3331 EVP_PKEY_CTX_free(kctx);
3333 EVP_PKEY_CTX_free(test_ctx);
3336 if (ecdh_checks != 0) {
3337 pkey_print_message("", "ecdh",
3339 test_curves[testnum].bits, seconds.ecdh);
3342 run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs);
3345 mr ? "+R7:%ld:%d:%.2f\n" :
3346 "%ld %u-bits ECDH ops in %.2fs\n", count,
3347 test_curves[testnum].bits, d);
3348 ecdh_results[testnum][0] = (double)count / d;
3352 if (rsa_count <= 1) {
3353 /* if longer than 10s, don't do any more */
3354 for (testnum++; testnum < OSSL_NELEM(ecdh_doit); testnum++)
3355 ecdh_doit[testnum] = 0;
3359 for (testnum = 0; testnum < EdDSA_NUM; testnum++) {
3361 EVP_PKEY *ed_pkey = NULL;
3362 EVP_PKEY_CTX *ed_pctx = NULL;
3364 if (!eddsa_doit[testnum])
3365 continue; /* Ignore Curve */
3366 for (i = 0; i < loopargs_len; i++) {
3367 loopargs[i].eddsa_ctx[testnum] = EVP_MD_CTX_new();
3368 if (loopargs[i].eddsa_ctx[testnum] == NULL) {
3373 if ((ed_pctx = EVP_PKEY_CTX_new_id(test_ed_curves[testnum].nid, NULL))
3375 || EVP_PKEY_keygen_init(ed_pctx) <= 0
3376 || EVP_PKEY_keygen(ed_pctx, &ed_pkey) <= 0) {
3378 EVP_PKEY_CTX_free(ed_pctx);
3381 EVP_PKEY_CTX_free(ed_pctx);
3383 if (!EVP_DigestSignInit(loopargs[i].eddsa_ctx[testnum], NULL, NULL,
3386 EVP_PKEY_free(ed_pkey);
3389 EVP_PKEY_free(ed_pkey);
3392 BIO_printf(bio_err, "EdDSA failure.\n");
3393 ERR_print_errors(bio_err);
3396 for (i = 0; i < loopargs_len; i++) {
3397 /* Perform EdDSA signature test */
3398 loopargs[i].sigsize = test_ed_curves[testnum].sigsize;
3399 st = EVP_DigestSign(loopargs[i].eddsa_ctx[testnum],
3400 loopargs[i].buf2, &loopargs[i].sigsize,
3401 loopargs[i].buf, 20);
3407 "EdDSA sign failure. No EdDSA sign will be done.\n");
3408 ERR_print_errors(bio_err);
3411 pkey_print_message("sign", test_ed_curves[testnum].name,
3412 eddsa_c[testnum][0],
3413 test_ed_curves[testnum].bits, seconds.eddsa);
3415 count = run_benchmark(async_jobs, EdDSA_sign_loop, loopargs);
3419 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3420 "%ld %u bits %s signs in %.2fs \n",
3421 count, test_ed_curves[testnum].bits,
3422 test_ed_curves[testnum].name, d);
3423 eddsa_results[testnum][0] = (double)count / d;
3427 /* Perform EdDSA verification test */
3428 for (i = 0; i < loopargs_len; i++) {
3429 st = EVP_DigestVerify(loopargs[i].eddsa_ctx[testnum],
3430 loopargs[i].buf2, loopargs[i].sigsize,
3431 loopargs[i].buf, 20);
3437 "EdDSA verify failure. No EdDSA verify will be done.\n");
3438 ERR_print_errors(bio_err);
3439 eddsa_doit[testnum] = 0;
3441 pkey_print_message("verify", test_ed_curves[testnum].name,
3442 eddsa_c[testnum][1],
3443 test_ed_curves[testnum].bits, seconds.eddsa);
3445 count = run_benchmark(async_jobs, EdDSA_verify_loop, loopargs);
3448 mr ? "+R9:%ld:%u:%s:%.2f\n"
3449 : "%ld %u bits %s verify in %.2fs\n",
3450 count, test_ed_curves[testnum].bits,
3451 test_ed_curves[testnum].name, d);
3452 eddsa_results[testnum][1] = (double)count / d;
3455 if (rsa_count <= 1) {
3456 /* if longer than 10s, don't do any more */
3457 for (testnum++; testnum < EdDSA_NUM; testnum++)
3458 eddsa_doit[testnum] = 0;
3463 # ifndef OPENSSL_NO_SM2
3464 for (testnum = 0; testnum < SM2_NUM; testnum++) {
3466 EVP_PKEY *sm2_pkey = NULL;
3467 EVP_PKEY_CTX *pctx = NULL;
3468 EVP_PKEY_CTX *sm2_pctx = NULL;
3469 EVP_PKEY_CTX *sm2_vfy_pctx = NULL;
3470 size_t sm2_sigsize = 0;
3472 if (!sm2_doit[testnum])
3473 continue; /* Ignore Curve */
3474 /* Init signing and verification */
3475 for (i = 0; i < loopargs_len; i++) {
3476 loopargs[i].sm2_ctx[testnum] = EVP_MD_CTX_new();
3477 if (loopargs[i].sm2_ctx[testnum] == NULL) {
3481 loopargs[i].sm2_vfy_ctx[testnum] = EVP_MD_CTX_new();
3482 if (loopargs[i].sm2_vfy_ctx[testnum] == NULL) {
3487 /* SM2 keys are generated as normal EC keys with a special curve */
3488 if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) == NULL
3489 || EVP_PKEY_keygen_init(pctx) <= 0
3490 || EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3491 test_sm2_curves[testnum].nid) <= 0
3492 || EVP_PKEY_keygen(pctx, &sm2_pkey) <= 0) {
3494 EVP_PKEY_CTX_free(pctx);
3497 /* free previous one and alloc a new one */
3498 EVP_PKEY_CTX_free(pctx);
3500 loopargs[i].sigsize = sm2_sigsize
3501 = ECDSA_size(EVP_PKEY_get0_EC_KEY(sm2_pkey));
3503 if (!EVP_PKEY_set_alias_type(sm2_pkey, EVP_PKEY_SM2)) {
3505 EVP_PKEY_free(sm2_pkey);
3509 sm2_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3510 if (sm2_pctx == NULL) {
3512 EVP_PKEY_free(sm2_pkey);
3515 sm2_vfy_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3516 if (sm2_vfy_pctx == NULL) {
3518 EVP_PKEY_CTX_free(sm2_pctx);
3519 EVP_PKEY_free(sm2_pkey);
3523 * No need to allow user to set an explicit ID here, just use
3524 * the one defined in the 'draft-yang-tls-tl13-sm-suites' I-D.
3526 if (EVP_PKEY_CTX_set1_id(sm2_pctx, SM2_ID, SM2_ID_LEN) != 1) {
3528 EVP_PKEY_CTX_free(sm2_pctx);
3529 EVP_PKEY_CTX_free(sm2_vfy_pctx);
3530 EVP_PKEY_free(sm2_pkey);
3534 if (EVP_PKEY_CTX_set1_id(sm2_vfy_pctx, SM2_ID, SM2_ID_LEN) != 1) {
3536 EVP_PKEY_CTX_free(sm2_pctx);
3537 EVP_PKEY_CTX_free(sm2_vfy_pctx);
3538 EVP_PKEY_free(sm2_pkey);
3542 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_ctx[testnum], sm2_pctx);
3543 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_vfy_ctx[testnum], sm2_vfy_pctx);
3545 if (!EVP_DigestSignInit(loopargs[i].sm2_ctx[testnum], NULL,
3546 EVP_sm3(), NULL, sm2_pkey)) {
3548 EVP_PKEY_free(sm2_pkey);
3551 if (!EVP_DigestVerifyInit(loopargs[i].sm2_vfy_ctx[testnum], NULL,
3552 EVP_sm3(), NULL, sm2_pkey)) {
3554 EVP_PKEY_free(sm2_pkey);
3557 loopargs[i].sm2_pkey[testnum] = sm2_pkey;
3560 BIO_printf(bio_err, "SM2 failure.\n");
3561 ERR_print_errors(bio_err);
3564 for (i = 0; i < loopargs_len; i++) {
3565 sm2_sigsize = loopargs[i].sigsize;
3566 /* Perform SM2 signature test */
3567 st = EVP_DigestSign(loopargs[i].sm2_ctx[testnum],
3568 loopargs[i].buf2, &sm2_sigsize,
3569 loopargs[i].buf, 20);
3575 "SM2 sign failure. No SM2 sign will be done.\n");
3576 ERR_print_errors(bio_err);
3579 pkey_print_message("sign", test_sm2_curves[testnum].name,
3581 test_sm2_curves[testnum].bits, seconds.sm2);
3583 count = run_benchmark(async_jobs, SM2_sign_loop, loopargs);
3587 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3588 "%ld %u bits %s signs in %.2fs \n",
3589 count, test_sm2_curves[testnum].bits,
3590 test_sm2_curves[testnum].name, d);
3591 sm2_results[testnum][0] = (double)count / d;
3595 /* Perform SM2 verification test */
3596 for (i = 0; i < loopargs_len; i++) {
3597 st = EVP_DigestVerify(loopargs[i].sm2_vfy_ctx[testnum],
3598 loopargs[i].buf2, loopargs[i].sigsize,
3599 loopargs[i].buf, 20);
3605 "SM2 verify failure. No SM2 verify will be done.\n");
3606 ERR_print_errors(bio_err);
3607 sm2_doit[testnum] = 0;
3609 pkey_print_message("verify", test_sm2_curves[testnum].name,
3611 test_sm2_curves[testnum].bits, seconds.sm2);
3613 count = run_benchmark(async_jobs, SM2_verify_loop, loopargs);
3616 mr ? "+R9:%ld:%u:%s:%.2f\n"
3617 : "%ld %u bits %s verify in %.2fs\n",
3618 count, test_sm2_curves[testnum].bits,
3619 test_sm2_curves[testnum].name, d);
3620 sm2_results[testnum][1] = (double)count / d;
3623 if (rsa_count <= 1) {
3624 /* if longer than 10s, don't do any more */
3625 for (testnum++; testnum < SM2_NUM; testnum++)
3626 sm2_doit[testnum] = 0;
3630 # endif /* OPENSSL_NO_SM2 */
3632 #endif /* OPENSSL_NO_EC */
3637 printf("version: %s\n", OpenSSL_version(OPENSSL_FULL_VERSION_STRING));
3638 printf("built on: %s\n", OpenSSL_version(OPENSSL_BUILT_ON));
3640 printf("%s ", BN_options());
3641 #ifndef OPENSSL_NO_MD2
3642 printf("%s ", MD2_options());
3644 #ifndef OPENSSL_NO_RC4
3645 printf("%s ", RC4_options());
3647 #ifndef OPENSSL_NO_DES
3648 printf("%s ", DES_options());
3650 printf("%s ", AES_options());
3651 #ifndef OPENSSL_NO_IDEA
3652 printf("%s ", IDEA_options());
3654 #ifndef OPENSSL_NO_BF
3655 printf("%s ", BF_options());
3657 printf("\n%s\n", OpenSSL_version(OPENSSL_CFLAGS));
3658 printf("%s\n", OpenSSL_version(OPENSSL_CPU_INFO));
3666 ("The 'numbers' are in 1000s of bytes per second processed.\n");
3669 for (testnum = 0; testnum < size_num; testnum++)
3670 printf(mr ? ":%d" : "%7d bytes", lengths[testnum]);
3674 for (k = 0; k < ALGOR_NUM; k++) {
3678 printf("+F:%u:%s", k, names[k]);
3680 printf("%-13s", names[k]);
3681 for (testnum = 0; testnum < size_num; testnum++) {
3682 if (results[k][testnum] > 10000 && !mr)
3683 printf(" %11.2fk", results[k][testnum] / 1e3);
3685 printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]);
3689 #ifndef OPENSSL_NO_RSA
3691 for (k = 0; k < RSA_NUM; k++) {
3694 if (testnum && !mr) {
3695 printf("%18ssign verify sign/s verify/s\n", " ");
3699 printf("+F2:%u:%u:%f:%f\n",
3700 k, rsa_bits[k], rsa_results[k][0], rsa_results[k][1]);
3702 printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3703 rsa_bits[k], 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1],
3704 rsa_results[k][0], rsa_results[k][1]);
3707 #ifndef OPENSSL_NO_DSA
3709 for (k = 0; k < DSA_NUM; k++) {
3712 if (testnum && !mr) {
3713 printf("%18ssign verify sign/s verify/s\n", " ");
3717 printf("+F3:%u:%u:%f:%f\n",
3718 k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
3720 printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3721 dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1],
3722 dsa_results[k][0], dsa_results[k][1]);
3725 #ifndef OPENSSL_NO_EC
3727 for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) {
3730 if (testnum && !mr) {
3731 printf("%30ssign verify sign/s verify/s\n", " ");
3736 printf("+F4:%u:%u:%f:%f\n",
3737 k, test_curves[k].bits,
3738 ecdsa_results[k][0], ecdsa_results[k][1]);
3740 printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3741 test_curves[k].bits, test_curves[k].name,
3742 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1],
3743 ecdsa_results[k][0], ecdsa_results[k][1]);
3747 for (k = 0; k < EC_NUM; k++) {
3750 if (testnum && !mr) {
3751 printf("%30sop op/s\n", " ");
3755 printf("+F5:%u:%u:%f:%f\n",
3756 k, test_curves[k].bits,
3757 ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
3760 printf("%4u bits ecdh (%s) %8.4fs %8.1f\n",
3761 test_curves[k].bits, test_curves[k].name,
3762 1.0 / ecdh_results[k][0], ecdh_results[k][0]);
3766 for (k = 0; k < OSSL_NELEM(eddsa_doit); k++) {
3769 if (testnum && !mr) {
3770 printf("%30ssign verify sign/s verify/s\n", " ");
3775 printf("+F6:%u:%u:%s:%f:%f\n",
3776 k, test_ed_curves[k].bits, test_ed_curves[k].name,
3777 eddsa_results[k][0], eddsa_results[k][1]);
3779 printf("%4u bits EdDSA (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3780 test_ed_curves[k].bits, test_ed_curves[k].name,
3781 1.0 / eddsa_results[k][0], 1.0 / eddsa_results[k][1],
3782 eddsa_results[k][0], eddsa_results[k][1]);
3785 # ifndef OPENSSL_NO_SM2
3787 for (k = 0; k < OSSL_NELEM(sm2_doit); k++) {
3790 if (testnum && !mr) {
3791 printf("%30ssign verify sign/s verify/s\n", " ");
3796 printf("+F6:%u:%u:%s:%f:%f\n",
3797 k, test_sm2_curves[k].bits, test_sm2_curves[k].name,
3798 sm2_results[k][0], sm2_results[k][1]);
3800 printf("%4u bits SM2 (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3801 test_sm2_curves[k].bits, test_sm2_curves[k].name,
3802 1.0 / sm2_results[k][0], 1.0 / sm2_results[k][1],
3803 sm2_results[k][0], sm2_results[k][1]);
3811 ERR_print_errors(bio_err);
3812 for (i = 0; i < loopargs_len; i++) {
3813 OPENSSL_free(loopargs[i].buf_malloc);
3814 OPENSSL_free(loopargs[i].buf2_malloc);
3816 #ifndef OPENSSL_NO_RSA
3817 for (k = 0; k < RSA_NUM; k++)
3818 RSA_free(loopargs[i].rsa_key[k]);
3820 #ifndef OPENSSL_NO_DSA
3821 for (k = 0; k < DSA_NUM; k++)
3822 DSA_free(loopargs[i].dsa_key[k]);
3824 #ifndef OPENSSL_NO_EC
3825 for (k = 0; k < ECDSA_NUM; k++)
3826 EC_KEY_free(loopargs[i].ecdsa[k]);
3827 for (k = 0; k < EC_NUM; k++)
3828 EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]);
3829 for (k = 0; k < EdDSA_NUM; k++)
3830 EVP_MD_CTX_free(loopargs[i].eddsa_ctx[k]);
3831 # ifndef OPENSSL_NO_SM2
3832 for (k = 0; k < SM2_NUM; k++) {
3833 EVP_PKEY_CTX *pctx = NULL;
3835 /* free signing ctx */
3836 if (loopargs[i].sm2_ctx[k] != NULL
3837 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_ctx[k])) != NULL)
3838 EVP_PKEY_CTX_free(pctx);
3839 EVP_MD_CTX_free(loopargs[i].sm2_ctx[k]);
3840 /* free verification ctx */
3841 if (loopargs[i].sm2_vfy_ctx[k] != NULL
3842 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_vfy_ctx[k])) != NULL)
3843 EVP_PKEY_CTX_free(pctx);
3844 EVP_MD_CTX_free(loopargs[i].sm2_vfy_ctx[k]);
3846 EVP_PKEY_free(loopargs[i].sm2_pkey[k]);
3849 OPENSSL_free(loopargs[i].secret_a);
3850 OPENSSL_free(loopargs[i].secret_b);
3853 OPENSSL_free(evp_hmac_name);
3854 #ifndef OPENSSL_NO_CMAC
3855 OPENSSL_free(evp_cmac_name);
3858 if (async_jobs > 0) {
3859 for (i = 0; i < loopargs_len; i++)
3860 ASYNC_WAIT_CTX_free(loopargs[i].wait_ctx);
3864 ASYNC_cleanup_thread();
3866 OPENSSL_free(loopargs);
3871 static void print_message(const char *s, long num, int length, int tm)
3875 mr ? "+DT:%s:%d:%d\n"
3876 : "Doing %s for %ds on %d size blocks: ", s, tm, length);
3877 (void)BIO_flush(bio_err);
3881 mr ? "+DN:%s:%ld:%d\n"
3882 : "Doing %s %ld times on %d size blocks: ", s, num, length);
3883 (void)BIO_flush(bio_err);
3887 static void pkey_print_message(const char *str, const char *str2, long num,
3888 unsigned int bits, int tm)
3892 mr ? "+DTP:%d:%s:%s:%d\n"
3893 : "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm);
3894 (void)BIO_flush(bio_err);
3898 mr ? "+DNP:%ld:%d:%s:%s\n"
3899 : "Doing %ld %u bits %s %s's: ", num, bits, str, str2);
3900 (void)BIO_flush(bio_err);
3904 static void print_result(int alg, int run_no, int count, double time_used)
3907 BIO_puts(bio_err, "EVP error!\n");
3911 mr ? "+R:%d:%s:%f\n"
3912 : "%d %s's in %.2fs\n", count, names[alg], time_used);
3913 results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
3917 static char *sstrsep(char **string, const char *delim)
3920 char *token = *string;
3925 memset(isdelim, 0, sizeof(isdelim));
3929 isdelim[(unsigned char)(*delim)] = 1;
3933 while (!isdelim[(unsigned char)(**string)]) {
3945 static int do_multi(int multi, int size_num)
3950 static char sep[] = ":";
3952 fds = app_malloc(sizeof(*fds) * multi, "fd buffer for do_multi");
3953 for (n = 0; n < multi; ++n) {
3954 if (pipe(fd) == -1) {
3955 BIO_printf(bio_err, "pipe failure\n");
3959 (void)BIO_flush(bio_err);
3966 if (dup(fd[1]) == -1) {
3967 BIO_printf(bio_err, "dup failed\n");
3976 printf("Forked child %d\n", n);
3979 /* for now, assume the pipe is long enough to take all the output */
3980 for (n = 0; n < multi; ++n) {
3985 f = fdopen(fds[n], "r");
3986 while (fgets(buf, sizeof(buf), f)) {
3987 p = strchr(buf, '\n');
3990 if (buf[0] != '+') {
3992 "Don't understand line '%s' from child %d\n", buf,
3996 printf("Got: %s from %d\n", buf, n);
3997 if (strncmp(buf, "+F:", 3) == 0) {
4002 alg = atoi(sstrsep(&p, sep));
4004 for (j = 0; j < size_num; ++j)
4005 results[alg][j] += atof(sstrsep(&p, sep));
4006 } else if (strncmp(buf, "+F2:", 4) == 0) {
4011 k = atoi(sstrsep(&p, sep));
4014 d = atof(sstrsep(&p, sep));
4015 rsa_results[k][0] += d;
4017 d = atof(sstrsep(&p, sep));
4018 rsa_results[k][1] += d;
4020 # ifndef OPENSSL_NO_DSA
4021 else if (strncmp(buf, "+F3:", 4) == 0) {
4026 k = atoi(sstrsep(&p, sep));
4029 d = atof(sstrsep(&p, sep));
4030 dsa_results[k][0] += d;
4032 d = atof(sstrsep(&p, sep));
4033 dsa_results[k][1] += d;
4036 # ifndef OPENSSL_NO_EC
4037 else if (strncmp(buf, "+F4:", 4) == 0) {
4042 k = atoi(sstrsep(&p, sep));
4045 d = atof(sstrsep(&p, sep));
4046 ecdsa_results[k][0] += d;
4048 d = atof(sstrsep(&p, sep));
4049 ecdsa_results[k][1] += d;
4050 } else if (strncmp(buf, "+F5:", 4) == 0) {
4055 k = atoi(sstrsep(&p, sep));
4058 d = atof(sstrsep(&p, sep));
4059 ecdh_results[k][0] += d;
4060 } else if (strncmp(buf, "+F6:", 4) == 0) {
4065 k = atoi(sstrsep(&p, sep));
4068 d = atof(sstrsep(&p, sep));
4069 eddsa_results[k][0] += d;
4071 d = atof(sstrsep(&p, sep));
4072 eddsa_results[k][1] += d;
4074 # ifndef OPENSSL_NO_SM2
4075 else if (strncmp(buf, "+F7:", 4) == 0) {
4080 k = atoi(sstrsep(&p, sep));
4083 d = atof(sstrsep(&p, sep));
4084 sm2_results[k][0] += d;
4086 d = atof(sstrsep(&p, sep));
4087 sm2_results[k][1] += d;
4089 # endif /* OPENSSL_NO_SM2 */
4092 else if (strncmp(buf, "+H:", 3) == 0) {
4095 BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf,
4106 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
4107 const openssl_speed_sec_t *seconds)
4109 static const int mblengths_list[] =
4110 { 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 };
4111 const int *mblengths = mblengths_list;
4112 int j, count, keylen, num = OSSL_NELEM(mblengths_list);
4113 const char *alg_name;
4114 unsigned char *inp, *out, *key, no_key[32], no_iv[16];
4115 EVP_CIPHER_CTX *ctx;
4118 if (lengths_single) {
4119 mblengths = &lengths_single;
4123 inp = app_malloc(mblengths[num - 1], "multiblock input buffer");
4124 out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer");
4125 ctx = EVP_CIPHER_CTX_new();
4126 EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv);
4128 keylen = EVP_CIPHER_CTX_key_length(ctx);
4129 key = app_malloc(keylen, "evp_cipher key");
4130 EVP_CIPHER_CTX_rand_key(ctx, key);
4131 EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
4132 OPENSSL_clear_free(key, keylen);
4134 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key), no_key);
4135 alg_name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
4137 for (j = 0; j < num; j++) {
4138 print_message(alg_name, 0, mblengths[j], seconds->sym);
4140 for (count = 0, run = 1; run && count < 0x7fffffff; count++) {
4141 unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
4142 EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
4143 size_t len = mblengths[j];
4146 memset(aad, 0, 8); /* avoid uninitialized values */
4147 aad[8] = 23; /* SSL3_RT_APPLICATION_DATA */
4148 aad[9] = 3; /* version */
4150 aad[11] = 0; /* length */
4152 mb_param.out = NULL;
4155 mb_param.interleave = 8;
4157 packlen = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
4158 sizeof(mb_param), &mb_param);
4164 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
4165 sizeof(mb_param), &mb_param);
4169 RAND_bytes(out, 16);
4171 aad[11] = (unsigned char)(len >> 8);
4172 aad[12] = (unsigned char)(len);
4173 pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD,
4174 EVP_AEAD_TLS1_AAD_LEN, aad);
4175 EVP_Cipher(ctx, out, inp, len + pad);
4179 BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n"
4180 : "%d %s's in %.2fs\n", count, "evp", d);
4181 results[D_EVP][j] = ((double)count) / d * mblengths[j];
4185 fprintf(stdout, "+H");
4186 for (j = 0; j < num; j++)
4187 fprintf(stdout, ":%d", mblengths[j]);
4188 fprintf(stdout, "\n");
4189 fprintf(stdout, "+F:%d:%s", D_EVP, alg_name);
4190 for (j = 0; j < num; j++)
4191 fprintf(stdout, ":%.2f", results[D_EVP][j]);
4192 fprintf(stdout, "\n");
4195 "The 'numbers' are in 1000s of bytes per second processed.\n");
4196 fprintf(stdout, "type ");
4197 for (j = 0; j < num; j++)
4198 fprintf(stdout, "%7d bytes", mblengths[j]);
4199 fprintf(stdout, "\n");
4200 fprintf(stdout, "%-24s", alg_name);
4202 for (j = 0; j < num; j++) {
4203 if (results[D_EVP][j] > 10000)
4204 fprintf(stdout, " %11.2fk", results[D_EVP][j] / 1e3);
4206 fprintf(stdout, " %11.2f ", results[D_EVP][j]);
4208 fprintf(stdout, "\n");
4213 EVP_CIPHER_CTX_free(ctx);