2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
13 #define RSA_SECONDS 10
14 #define DSA_SECONDS 10
15 #define ECDSA_SECONDS 10
16 #define ECDH_SECONDS 10
17 #define EdDSA_SECONDS 10
18 #define SM2_SECONDS 10
20 /* We need to use some deprecated APIs */
21 #define OPENSSL_SUPPRESS_DEPRECATED
29 #include <openssl/crypto.h>
30 #include <openssl/rand.h>
31 #include <openssl/err.h>
32 #include <openssl/evp.h>
33 #include <openssl/objects.h>
34 #include <openssl/async.h>
35 #if !defined(OPENSSL_SYS_MSDOS)
43 #include <openssl/bn.h>
44 #ifndef OPENSSL_NO_DES
45 # include <openssl/des.h>
47 #include <openssl/aes.h>
48 #ifndef OPENSSL_NO_CAMELLIA
49 # include <openssl/camellia.h>
51 #ifndef OPENSSL_NO_MD2
52 # include <openssl/md2.h>
54 #ifndef OPENSSL_NO_MDC2
55 # include <openssl/mdc2.h>
57 #ifndef OPENSSL_NO_MD4
58 # include <openssl/md4.h>
60 #ifndef OPENSSL_NO_MD5
61 # include <openssl/md5.h>
63 #include <openssl/hmac.h>
64 #ifndef OPENSSL_NO_CMAC
65 #include <openssl/cmac.h>
67 #include <openssl/sha.h>
68 #ifndef OPENSSL_NO_RMD160
69 # include <openssl/ripemd.h>
71 #ifndef OPENSSL_NO_WHIRLPOOL
72 # include <openssl/whrlpool.h>
74 #ifndef OPENSSL_NO_RC4
75 # include <openssl/rc4.h>
77 #ifndef OPENSSL_NO_RC5
78 # include <openssl/rc5.h>
80 #ifndef OPENSSL_NO_RC2
81 # include <openssl/rc2.h>
83 #ifndef OPENSSL_NO_IDEA
84 # include <openssl/idea.h>
86 #ifndef OPENSSL_NO_SEED
87 # include <openssl/seed.h>
90 # include <openssl/blowfish.h>
92 #ifndef OPENSSL_NO_CAST
93 # include <openssl/cast.h>
95 #ifndef OPENSSL_NO_RSA
96 # include <openssl/rsa.h>
97 # include "./testrsa.h"
99 #include <openssl/x509.h>
100 #ifndef OPENSSL_NO_DSA
101 # include <openssl/dsa.h>
102 # include "./testdsa.h"
104 #ifndef OPENSSL_NO_EC
105 # include <openssl/ec.h>
107 #include <openssl/modes.h>
110 # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS)
123 #define MAX_MISALIGNMENT 63
124 #define MAX_ECDH_SIZE 256
127 typedef struct openssl_speed_sec_st {
135 } openssl_speed_sec_t;
137 static volatile int run = 0;
139 static int mr = 0; /* machine-readeable output format to merge fork results */
140 static int usertime = 1;
142 static double Time_F(int s);
143 static void print_message(const char *s, long num, int length, int tm);
144 static void pkey_print_message(const char *str, const char *str2,
145 long num, unsigned int bits, int sec);
146 static void print_result(int alg, int run_no, int count, double time_used);
148 static int do_multi(int multi, int size_num);
151 static const int lengths_list[] = {
152 16, 64, 256, 1024, 8 * 1024, 16 * 1024
154 #define SIZE_NUM OSSL_NELEM(lengths_list)
155 static const int *lengths = lengths_list;
157 static const int aead_lengths_list[] = {
158 2, 31, 136, 1024, 8 * 1024, 16 * 1024
166 static void alarmed(int sig)
168 signal(SIGALRM, alarmed);
172 static double Time_F(int s)
174 double ret = app_tminterval(s, usertime);
180 #elif defined(_WIN32)
184 static unsigned int lapse;
185 static volatile unsigned int schlock;
186 static void alarm_win32(unsigned int secs)
191 # define alarm alarm_win32
193 static DWORD WINAPI sleepy(VOID * arg)
201 static double Time_F(int s)
208 thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
210 DWORD err = GetLastError();
211 BIO_printf(bio_err, "unable to CreateThread (%lu)", err);
215 Sleep(0); /* scheduler spinlock */
216 ret = app_tminterval(s, usertime);
218 ret = app_tminterval(s, usertime);
220 TerminateThread(thr, 0);
227 static double Time_F(int s)
229 return app_tminterval(s, usertime);
233 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
234 const openssl_speed_sec_t *seconds);
236 static int opt_found(const char *name, unsigned int *result,
237 const OPT_PAIR pairs[], unsigned int nbelem)
241 for (idx = 0; idx < nbelem; ++idx, pairs++)
242 if (strcmp(name, pairs->name) == 0) {
243 *result = pairs->retval;
248 #define opt_found(value, pairs, result)\
249 opt_found(value, result, pairs, OSSL_NELEM(pairs))
251 typedef enum OPTION_choice {
252 OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
253 OPT_ELAPSED, OPT_EVP, OPT_HMAC, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
254 OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM,
255 OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD, OPT_CMAC
258 const OPTIONS speed_options[] = {
259 {OPT_HELP_STR, 1, '-', "Usage: %s [options] [algorithm...]\n"},
261 OPT_SECTION("General"),
262 {"help", OPT_HELP, '-', "Display this summary"},
264 "Enable (tls1>=1) multi-block mode on EVP-named cipher"},
265 {"mr", OPT_MR, '-', "Produce machine readable output"},
267 {"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"},
269 #ifndef OPENSSL_NO_ASYNC
270 {"async_jobs", OPT_ASYNCJOBS, 'p',
271 "Enable async mode and start specified number of jobs"},
273 #ifndef OPENSSL_NO_ENGINE
274 {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
276 {"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"},
278 OPT_SECTION("Selection"),
279 {"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"},
280 {"hmac", OPT_HMAC, 's', "HMAC using EVP-named digest"},
281 #ifndef OPENSSL_NO_CMAC
282 {"cmac", OPT_CMAC, 's', "CMAC using EVP-named cipher"},
284 {"decrypt", OPT_DECRYPT, '-',
285 "Time decryption instead of encryption (only EVP)"},
286 {"aead", OPT_AEAD, '-',
287 "Benchmark EVP-named AEAD cipher in TLS-like sequence"},
289 OPT_SECTION("Timing"),
290 {"elapsed", OPT_ELAPSED, '-',
291 "Use wall-clock time instead of CPU user time as divisor"},
292 {"seconds", OPT_SECONDS, 'p',
293 "Run benchmarks for specified amount of seconds"},
294 {"bytes", OPT_BYTES, 'p',
295 "Run [non-PKI] benchmarks on custom-sized buffer"},
296 {"misalign", OPT_MISALIGN, 'p',
297 "Use specified offset to mis-align buffers"},
302 {"algorithm", 0, 0, "Algorithm(s) to test (optional; otherwise tests all)"},
307 D_MD2, D_MDC2, D_MD4, D_MD5 , D_HMAC, D_SHA1, D_RMD160, D_RC4,
308 D_CBC_DES, D_EDE3_DES, D_CBC_IDEA, D_CBC_SEED,
309 D_CBC_RC2, D_CBC_RC5, D_CBC_BF, D_CBC_CAST,
310 D_CBC_128_AES, D_CBC_192_AES, D_CBC_256_AES,
311 D_CBC_128_CML, D_CBC_192_CML, D_CBC_256_CML,
312 D_EVP, D_SHA256, D_SHA512, D_WHIRLPOOL,
313 D_IGE_128_AES, D_IGE_192_AES, D_IGE_256_AES,
314 D_GHASH, D_RAND, D_EVP_HMAC, D_EVP_CMAC, ALGOR_NUM
316 /* name of algorithms to test. MUST BE KEEP IN SYNC with above enum ! */
317 static const char *names[ALGOR_NUM] = {
318 "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
319 "des cbc", "des ede3", "idea cbc", "seed cbc",
320 "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
321 "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
322 "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
323 "evp", "sha256", "sha512", "whirlpool",
324 "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
325 "rand", "hmac", "cmac"
328 /* list of configured algorithm (remaining), with some few alias */
329 static const OPT_PAIR doit_choices[] = {
330 #ifndef OPENSSL_NO_MD2
333 #ifndef OPENSSL_NO_MDC2
336 #ifndef OPENSSL_NO_MD4
339 #ifndef OPENSSL_NO_MD5
344 {"sha256", D_SHA256},
345 {"sha512", D_SHA512},
346 #ifndef OPENSSL_NO_WHIRLPOOL
347 {"whirlpool", D_WHIRLPOOL},
349 #ifndef OPENSSL_NO_RMD160
350 {"ripemd", D_RMD160},
351 {"rmd160", D_RMD160},
352 {"ripemd160", D_RMD160},
354 #ifndef OPENSSL_NO_RC4
357 #ifndef OPENSSL_NO_DES
358 {"des-cbc", D_CBC_DES},
359 {"des-ede3", D_EDE3_DES},
361 {"aes-128-cbc", D_CBC_128_AES},
362 {"aes-192-cbc", D_CBC_192_AES},
363 {"aes-256-cbc", D_CBC_256_AES},
364 #ifndef OPENSSL_NO_DEPRECATED_3_0
365 {"aes-128-ige", D_IGE_128_AES},
366 {"aes-192-ige", D_IGE_192_AES},
367 {"aes-256-ige", D_IGE_256_AES},
369 #ifndef OPENSSL_NO_RC2
370 {"rc2-cbc", D_CBC_RC2},
373 #ifndef OPENSSL_NO_RC5
374 {"rc5-cbc", D_CBC_RC5},
377 #ifndef OPENSSL_NO_IDEA
378 {"idea-cbc", D_CBC_IDEA},
379 {"idea", D_CBC_IDEA},
381 #ifndef OPENSSL_NO_SEED
382 {"seed-cbc", D_CBC_SEED},
383 {"seed", D_CBC_SEED},
385 #ifndef OPENSSL_NO_BF
386 {"bf-cbc", D_CBC_BF},
387 {"blowfish", D_CBC_BF},
390 #ifndef OPENSSL_NO_CAST
391 {"cast-cbc", D_CBC_CAST},
392 {"cast", D_CBC_CAST},
393 {"cast5", D_CBC_CAST},
399 static double results[ALGOR_NUM][SIZE_NUM];
401 #ifndef OPENSSL_NO_DSA
402 enum { R_DSA_512, R_DSA_1024, R_DSA_2048, DSA_NUM };
403 static const OPT_PAIR dsa_choices[DSA_NUM] = {
404 {"dsa512", R_DSA_512},
405 {"dsa1024", R_DSA_1024},
406 {"dsa2048", R_DSA_2048}
408 static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */
409 #endif /* OPENSSL_NO_DSA */
411 #ifndef OPENSSL_NO_RSA
413 R_RSA_512, R_RSA_1024, R_RSA_2048, R_RSA_3072, R_RSA_4096, R_RSA_7680,
416 static const OPT_PAIR rsa_choices[RSA_NUM] = {
417 {"rsa512", R_RSA_512},
418 {"rsa1024", R_RSA_1024},
419 {"rsa2048", R_RSA_2048},
420 {"rsa3072", R_RSA_3072},
421 {"rsa4096", R_RSA_4096},
422 {"rsa7680", R_RSA_7680},
423 {"rsa15360", R_RSA_15360}
426 static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */
427 #endif /* OPENSSL_NO_RSA */
429 #ifndef OPENSSL_NO_EC
431 R_EC_P160, R_EC_P192, R_EC_P224, R_EC_P256, R_EC_P384, R_EC_P521,
432 # ifndef OPENSSL_NO_EC2M
433 R_EC_K163, R_EC_K233, R_EC_K283, R_EC_K409, R_EC_K571,
434 R_EC_B163, R_EC_B233, R_EC_B283, R_EC_B409, R_EC_B571,
436 R_EC_BRP256R1, R_EC_BRP256T1, R_EC_BRP384R1, R_EC_BRP384T1,
437 R_EC_BRP512R1, R_EC_BRP512T1, ECDSA_NUM
439 /* list of ecdsa curves */
440 static const OPT_PAIR ecdsa_choices[ECDSA_NUM] = {
441 {"ecdsap160", R_EC_P160},
442 {"ecdsap192", R_EC_P192},
443 {"ecdsap224", R_EC_P224},
444 {"ecdsap256", R_EC_P256},
445 {"ecdsap384", R_EC_P384},
446 {"ecdsap521", R_EC_P521},
447 # ifndef OPENSSL_NO_EC2M
448 {"ecdsak163", R_EC_K163},
449 {"ecdsak233", R_EC_K233},
450 {"ecdsak283", R_EC_K283},
451 {"ecdsak409", R_EC_K409},
452 {"ecdsak571", R_EC_K571},
453 {"ecdsab163", R_EC_B163},
454 {"ecdsab233", R_EC_B233},
455 {"ecdsab283", R_EC_B283},
456 {"ecdsab409", R_EC_B409},
457 {"ecdsab571", R_EC_B571},
459 {"ecdsabrp256r1", R_EC_BRP256R1},
460 {"ecdsabrp256t1", R_EC_BRP256T1},
461 {"ecdsabrp384r1", R_EC_BRP384R1},
462 {"ecdsabrp384t1", R_EC_BRP384T1},
463 {"ecdsabrp512r1", R_EC_BRP512R1},
464 {"ecdsabrp512t1", R_EC_BRP512T1}
466 enum { R_EC_X25519 = ECDSA_NUM, R_EC_X448, EC_NUM };
467 /* list of ecdh curves, extension of |ecdsa_choices| list above */
468 static const OPT_PAIR ecdh_choices[EC_NUM] = {
469 {"ecdhp160", R_EC_P160},
470 {"ecdhp192", R_EC_P192},
471 {"ecdhp224", R_EC_P224},
472 {"ecdhp256", R_EC_P256},
473 {"ecdhp384", R_EC_P384},
474 {"ecdhp521", R_EC_P521},
475 # ifndef OPENSSL_NO_EC2M
476 {"ecdhk163", R_EC_K163},
477 {"ecdhk233", R_EC_K233},
478 {"ecdhk283", R_EC_K283},
479 {"ecdhk409", R_EC_K409},
480 {"ecdhk571", R_EC_K571},
481 {"ecdhb163", R_EC_B163},
482 {"ecdhb233", R_EC_B233},
483 {"ecdhb283", R_EC_B283},
484 {"ecdhb409", R_EC_B409},
485 {"ecdhb571", R_EC_B571},
487 {"ecdhbrp256r1", R_EC_BRP256R1},
488 {"ecdhbrp256t1", R_EC_BRP256T1},
489 {"ecdhbrp384r1", R_EC_BRP384R1},
490 {"ecdhbrp384t1", R_EC_BRP384T1},
491 {"ecdhbrp512r1", R_EC_BRP512R1},
492 {"ecdhbrp512t1", R_EC_BRP512T1},
493 {"ecdhx25519", R_EC_X25519},
494 {"ecdhx448", R_EC_X448}
497 static double ecdh_results[EC_NUM][1]; /* 1 op: derivation */
498 static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */
500 enum { R_EC_Ed25519, R_EC_Ed448, EdDSA_NUM };
501 static const OPT_PAIR eddsa_choices[EdDSA_NUM] = {
502 {"ed25519", R_EC_Ed25519},
503 {"ed448", R_EC_Ed448}
506 static double eddsa_results[EdDSA_NUM][2]; /* 2 ops: sign then verify */
508 # ifndef OPENSSL_NO_SM2
509 enum { R_EC_CURVESM2, SM2_NUM };
510 static const OPT_PAIR sm2_choices[SM2_NUM] = {
511 {"curveSM2", R_EC_CURVESM2}
513 # define SM2_ID "TLSv1.3+GM+Cipher+Suite"
514 # define SM2_ID_LEN sizeof("TLSv1.3+GM+Cipher+Suite") - 1
515 static double sm2_results[SM2_NUM][2]; /* 2 ops: sign then verify */
516 # endif /* OPENSSL_NO_SM2 */
517 #endif /* OPENSSL_NO_EC */
520 # define COND(d) (count < (d))
521 # define COUNT(d) (d)
523 # define COND(unused_cond) (run && count<0x7fffffff)
524 # define COUNT(d) (count)
527 typedef struct loopargs_st {
528 ASYNC_JOB *inprogress_job;
529 ASYNC_WAIT_CTX *wait_ctx;
532 unsigned char *buf_malloc;
533 unsigned char *buf2_malloc;
537 #ifndef OPENSSL_NO_RSA
538 RSA *rsa_key[RSA_NUM];
540 #ifndef OPENSSL_NO_DSA
541 DSA *dsa_key[DSA_NUM];
543 #ifndef OPENSSL_NO_EC
544 EC_KEY *ecdsa[ECDSA_NUM];
545 EVP_PKEY_CTX *ecdh_ctx[EC_NUM];
546 EVP_MD_CTX *eddsa_ctx[EdDSA_NUM];
547 # ifndef OPENSSL_NO_SM2
548 EVP_MD_CTX *sm2_ctx[SM2_NUM];
549 EVP_MD_CTX *sm2_vfy_ctx[SM2_NUM];
550 EVP_PKEY *sm2_pkey[SM2_NUM];
552 unsigned char *secret_a;
553 unsigned char *secret_b;
554 size_t outlen[EC_NUM];
558 #ifndef OPENSSL_NO_CMAC
561 GCM128_CONTEXT *gcm_ctx;
563 static int run_benchmark(int async_jobs, int (*loop_function) (void *),
564 loopargs_t * loopargs);
566 static unsigned int testnum;
568 /* Nb of iterations to do per algorithm and key-size */
569 static long c[ALGOR_NUM][SIZE_NUM];
571 #ifndef OPENSSL_NO_MD2
572 static int EVP_Digest_MD2_loop(void *args)
574 loopargs_t *tempargs = *(loopargs_t **) args;
575 unsigned char *buf = tempargs->buf;
576 unsigned char md2[MD2_DIGEST_LENGTH];
579 for (count = 0; COND(c[D_MD2][testnum]); count++) {
580 if (!EVP_Digest(buf, (size_t)lengths[testnum], md2, NULL, EVP_md2(),
588 #ifndef OPENSSL_NO_MDC2
589 static int EVP_Digest_MDC2_loop(void *args)
591 loopargs_t *tempargs = *(loopargs_t **) args;
592 unsigned char *buf = tempargs->buf;
593 unsigned char mdc2[MDC2_DIGEST_LENGTH];
596 for (count = 0; COND(c[D_MDC2][testnum]); count++) {
597 if (!EVP_Digest(buf, (size_t)lengths[testnum], mdc2, NULL, EVP_mdc2(),
605 #ifndef OPENSSL_NO_MD4
606 static int EVP_Digest_MD4_loop(void *args)
608 loopargs_t *tempargs = *(loopargs_t **) args;
609 unsigned char *buf = tempargs->buf;
610 unsigned char md4[MD4_DIGEST_LENGTH];
613 for (count = 0; COND(c[D_MD4][testnum]); count++) {
614 if (!EVP_Digest(buf, (size_t)lengths[testnum], md4, NULL, EVP_md4(),
622 #ifndef OPENSSL_NO_MD5
623 static int MD5_loop(void *args)
625 loopargs_t *tempargs = *(loopargs_t **) args;
626 unsigned char *buf = tempargs->buf;
627 unsigned char md5[MD5_DIGEST_LENGTH];
629 for (count = 0; COND(c[D_MD5][testnum]); count++)
630 MD5(buf, lengths[testnum], md5);
634 static int HMAC_loop(void *args)
636 loopargs_t *tempargs = *(loopargs_t **) args;
637 unsigned char *buf = tempargs->buf;
638 HMAC_CTX *hctx = tempargs->hctx;
639 unsigned char hmac[MD5_DIGEST_LENGTH];
642 for (count = 0; COND(c[D_HMAC][testnum]); count++) {
643 HMAC_Init_ex(hctx, NULL, 0, NULL, NULL);
644 HMAC_Update(hctx, buf, lengths[testnum]);
645 HMAC_Final(hctx, hmac, NULL);
651 static int SHA1_loop(void *args)
653 loopargs_t *tempargs = *(loopargs_t **) args;
654 unsigned char *buf = tempargs->buf;
655 unsigned char sha[SHA_DIGEST_LENGTH];
657 for (count = 0; COND(c[D_SHA1][testnum]); count++)
658 SHA1(buf, lengths[testnum], sha);
662 static int SHA256_loop(void *args)
664 loopargs_t *tempargs = *(loopargs_t **) args;
665 unsigned char *buf = tempargs->buf;
666 unsigned char sha256[SHA256_DIGEST_LENGTH];
668 for (count = 0; COND(c[D_SHA256][testnum]); count++)
669 SHA256(buf, lengths[testnum], sha256);
673 static int SHA512_loop(void *args)
675 loopargs_t *tempargs = *(loopargs_t **) args;
676 unsigned char *buf = tempargs->buf;
677 unsigned char sha512[SHA512_DIGEST_LENGTH];
679 for (count = 0; COND(c[D_SHA512][testnum]); count++)
680 SHA512(buf, lengths[testnum], sha512);
684 #ifndef OPENSSL_NO_WHIRLPOOL
685 static int WHIRLPOOL_loop(void *args)
687 loopargs_t *tempargs = *(loopargs_t **) args;
688 unsigned char *buf = tempargs->buf;
689 unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
691 for (count = 0; COND(c[D_WHIRLPOOL][testnum]); count++)
692 WHIRLPOOL(buf, lengths[testnum], whirlpool);
697 #ifndef OPENSSL_NO_RMD160
698 static int EVP_Digest_RMD160_loop(void *args)
700 loopargs_t *tempargs = *(loopargs_t **) args;
701 unsigned char *buf = tempargs->buf;
702 unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
704 for (count = 0; COND(c[D_RMD160][testnum]); count++) {
705 if (!EVP_Digest(buf, (size_t)lengths[testnum], &(rmd160[0]),
706 NULL, EVP_ripemd160(), NULL))
713 #ifndef OPENSSL_NO_RC4
714 static RC4_KEY rc4_ks;
715 static int RC4_loop(void *args)
717 loopargs_t *tempargs = *(loopargs_t **) args;
718 unsigned char *buf = tempargs->buf;
720 for (count = 0; COND(c[D_RC4][testnum]); count++)
721 RC4(&rc4_ks, (size_t)lengths[testnum], buf, buf);
726 #ifndef OPENSSL_NO_DES
727 static unsigned char DES_iv[8];
728 static DES_key_schedule sch[3];
729 static int DES_ncbc_encrypt_loop(void *args)
731 loopargs_t *tempargs = *(loopargs_t **) args;
732 unsigned char *buf = tempargs->buf;
734 for (count = 0; COND(c[D_CBC_DES][testnum]); count++)
735 DES_ncbc_encrypt(buf, buf, lengths[testnum], &sch[0],
736 &DES_iv, DES_ENCRYPT);
740 static int DES_ede3_cbc_encrypt_loop(void *args)
742 loopargs_t *tempargs = *(loopargs_t **) args;
743 unsigned char *buf = tempargs->buf;
745 for (count = 0; COND(c[D_EDE3_DES][testnum]); count++)
746 DES_ede3_cbc_encrypt(buf, buf, lengths[testnum],
747 &sch[0], &sch[1], &sch[2], &DES_iv, DES_ENCRYPT);
752 #define MAX_BLOCK_SIZE 128
754 static unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
755 static AES_KEY aes_ks1, aes_ks2, aes_ks3;
756 static int AES_cbc_128_encrypt_loop(void *args)
758 loopargs_t *tempargs = *(loopargs_t **) args;
759 unsigned char *buf = tempargs->buf;
761 for (count = 0; COND(c[D_CBC_128_AES][testnum]); count++)
762 AES_cbc_encrypt(buf, buf,
763 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
767 static int AES_cbc_192_encrypt_loop(void *args)
769 loopargs_t *tempargs = *(loopargs_t **) args;
770 unsigned char *buf = tempargs->buf;
772 for (count = 0; COND(c[D_CBC_192_AES][testnum]); count++)
773 AES_cbc_encrypt(buf, buf,
774 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
778 static int AES_cbc_256_encrypt_loop(void *args)
780 loopargs_t *tempargs = *(loopargs_t **) args;
781 unsigned char *buf = tempargs->buf;
783 for (count = 0; COND(c[D_CBC_256_AES][testnum]); count++)
784 AES_cbc_encrypt(buf, buf,
785 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
789 #ifndef OPENSSL_NO_DEPRECATED_3_0
790 static int AES_ige_128_encrypt_loop(void *args)
792 loopargs_t *tempargs = *(loopargs_t **) args;
793 unsigned char *buf = tempargs->buf;
794 unsigned char *buf2 = tempargs->buf2;
796 for (count = 0; COND(c[D_IGE_128_AES][testnum]); count++)
797 AES_ige_encrypt(buf, buf2,
798 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
802 static int AES_ige_192_encrypt_loop(void *args)
804 loopargs_t *tempargs = *(loopargs_t **) args;
805 unsigned char *buf = tempargs->buf;
806 unsigned char *buf2 = tempargs->buf2;
808 for (count = 0; COND(c[D_IGE_192_AES][testnum]); count++)
809 AES_ige_encrypt(buf, buf2,
810 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
814 static int AES_ige_256_encrypt_loop(void *args)
816 loopargs_t *tempargs = *(loopargs_t **) args;
817 unsigned char *buf = tempargs->buf;
818 unsigned char *buf2 = tempargs->buf2;
820 for (count = 0; COND(c[D_IGE_256_AES][testnum]); count++)
821 AES_ige_encrypt(buf, buf2,
822 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
827 static int CRYPTO_gcm128_aad_loop(void *args)
829 loopargs_t *tempargs = *(loopargs_t **) args;
830 unsigned char *buf = tempargs->buf;
831 GCM128_CONTEXT *gcm_ctx = tempargs->gcm_ctx;
833 for (count = 0; COND(c[D_GHASH][testnum]); count++)
834 CRYPTO_gcm128_aad(gcm_ctx, buf, lengths[testnum]);
838 static int RAND_bytes_loop(void *args)
840 loopargs_t *tempargs = *(loopargs_t **) args;
841 unsigned char *buf = tempargs->buf;
844 for (count = 0; COND(c[D_RAND][testnum]); count++)
845 RAND_bytes(buf, lengths[testnum]);
849 static int decrypt = 0;
850 static int EVP_Update_loop(void *args)
852 loopargs_t *tempargs = *(loopargs_t **) args;
853 unsigned char *buf = tempargs->buf;
854 EVP_CIPHER_CTX *ctx = tempargs->ctx;
858 for (count = 0; COND(c[D_EVP][testnum]); count++) {
859 rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
861 /* reset iv in case of counter overflow */
862 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
866 for (count = 0; COND(c[D_EVP][testnum]); count++) {
867 rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
869 /* reset iv in case of counter overflow */
870 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
875 EVP_DecryptFinal_ex(ctx, buf, &outl);
877 EVP_EncryptFinal_ex(ctx, buf, &outl);
882 * CCM does not support streaming. For the purpose of performance measurement,
883 * each message is encrypted using the same (key,iv)-pair. Do not use this
884 * code in your application.
886 static int EVP_Update_loop_ccm(void *args)
888 loopargs_t *tempargs = *(loopargs_t **) args;
889 unsigned char *buf = tempargs->buf;
890 EVP_CIPHER_CTX *ctx = tempargs->ctx;
892 unsigned char tag[12];
895 for (count = 0; COND(c[D_EVP][testnum]); count++) {
896 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), tag);
898 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
899 /* counter is reset on every update */
900 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
903 for (count = 0; COND(c[D_EVP][testnum]); count++) {
904 /* restore iv length field */
905 EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
906 /* counter is reset on every update */
907 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
911 EVP_DecryptFinal_ex(ctx, buf, &outl);
913 EVP_EncryptFinal_ex(ctx, buf, &outl);
918 * To make AEAD benchmarking more relevant perform TLS-like operations,
919 * 13-byte AAD followed by payload. But don't use TLS-formatted AAD, as
920 * payload length is not actually limited by 16KB...
922 static int EVP_Update_loop_aead(void *args)
924 loopargs_t *tempargs = *(loopargs_t **) args;
925 unsigned char *buf = tempargs->buf;
926 EVP_CIPHER_CTX *ctx = tempargs->ctx;
928 unsigned char aad[13] = { 0xcc };
929 unsigned char faketag[16] = { 0xcc };
932 for (count = 0; COND(c[D_EVP][testnum]); count++) {
933 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
934 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
935 sizeof(faketag), faketag);
936 EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
937 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
938 EVP_DecryptFinal_ex(ctx, buf + outl, &outl);
941 for (count = 0; COND(c[D_EVP][testnum]); count++) {
942 EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv);
943 EVP_EncryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
944 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
945 EVP_EncryptFinal_ex(ctx, buf + outl, &outl);
951 static const EVP_MD *evp_md = NULL;
952 static int EVP_Digest_loop(void *args)
954 loopargs_t *tempargs = *(loopargs_t **) args;
955 unsigned char *buf = tempargs->buf;
956 unsigned char md[EVP_MAX_MD_SIZE];
959 for (count = 0; COND(c[D_EVP][testnum]); count++) {
960 if (!EVP_Digest(buf, lengths[testnum], md, NULL, evp_md, NULL))
966 static const EVP_MD *evp_hmac_md = NULL;
967 static char *evp_hmac_name = NULL;
968 static int EVP_HMAC_loop(void *args)
970 loopargs_t *tempargs = *(loopargs_t **) args;
971 unsigned char *buf = tempargs->buf;
972 unsigned char no_key[32];
975 for (count = 0; COND(c[D_EVP_HMAC][testnum]); count++) {
976 if (HMAC(evp_hmac_md, no_key, sizeof(no_key), buf, lengths[testnum],
983 #ifndef OPENSSL_NO_CMAC
984 static const EVP_CIPHER *evp_cmac_cipher = NULL;
985 static char *evp_cmac_name = NULL;
987 static int EVP_CMAC_loop(void *args)
989 loopargs_t *tempargs = *(loopargs_t **) args;
990 unsigned char *buf = tempargs->buf;
991 CMAC_CTX *cmac_ctx = tempargs->cmac_ctx;
992 static const char key[16] = "This is a key...";
993 unsigned char mac[16];
994 size_t len = sizeof(mac);
997 for (count = 0; COND(c[D_EVP_CMAC][testnum]); count++) {
998 if (!CMAC_Init(cmac_ctx, key, sizeof(key), evp_cmac_cipher, NULL)
999 || !CMAC_Update(cmac_ctx, buf, lengths[testnum])
1000 || !CMAC_Final(cmac_ctx, mac, &len))
1007 #ifndef OPENSSL_NO_RSA
1008 static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */
1010 static int RSA_sign_loop(void *args)
1012 loopargs_t *tempargs = *(loopargs_t **) args;
1013 unsigned char *buf = tempargs->buf;
1014 unsigned char *buf2 = tempargs->buf2;
1015 unsigned int *rsa_num = &tempargs->siglen;
1016 RSA **rsa_key = tempargs->rsa_key;
1018 for (count = 0; COND(rsa_c[testnum][0]); count++) {
1019 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1021 BIO_printf(bio_err, "RSA sign failure\n");
1022 ERR_print_errors(bio_err);
1030 static int RSA_verify_loop(void *args)
1032 loopargs_t *tempargs = *(loopargs_t **) args;
1033 unsigned char *buf = tempargs->buf;
1034 unsigned char *buf2 = tempargs->buf2;
1035 unsigned int rsa_num = tempargs->siglen;
1036 RSA **rsa_key = tempargs->rsa_key;
1038 for (count = 0; COND(rsa_c[testnum][1]); count++) {
1040 RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1042 BIO_printf(bio_err, "RSA verify failure\n");
1043 ERR_print_errors(bio_err);
1052 #ifndef OPENSSL_NO_DSA
1053 static long dsa_c[DSA_NUM][2];
1054 static int DSA_sign_loop(void *args)
1056 loopargs_t *tempargs = *(loopargs_t **) args;
1057 unsigned char *buf = tempargs->buf;
1058 unsigned char *buf2 = tempargs->buf2;
1059 DSA **dsa_key = tempargs->dsa_key;
1060 unsigned int *siglen = &tempargs->siglen;
1062 for (count = 0; COND(dsa_c[testnum][0]); count++) {
1063 ret = DSA_sign(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1065 BIO_printf(bio_err, "DSA sign failure\n");
1066 ERR_print_errors(bio_err);
1074 static int DSA_verify_loop(void *args)
1076 loopargs_t *tempargs = *(loopargs_t **) args;
1077 unsigned char *buf = tempargs->buf;
1078 unsigned char *buf2 = tempargs->buf2;
1079 DSA **dsa_key = tempargs->dsa_key;
1080 unsigned int siglen = tempargs->siglen;
1082 for (count = 0; COND(dsa_c[testnum][1]); count++) {
1083 ret = DSA_verify(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1085 BIO_printf(bio_err, "DSA verify failure\n");
1086 ERR_print_errors(bio_err);
1095 #ifndef OPENSSL_NO_EC
1096 static long ecdsa_c[ECDSA_NUM][2];
1097 static int ECDSA_sign_loop(void *args)
1099 loopargs_t *tempargs = *(loopargs_t **) args;
1100 unsigned char *buf = tempargs->buf;
1101 EC_KEY **ecdsa = tempargs->ecdsa;
1102 unsigned char *ecdsasig = tempargs->buf2;
1103 unsigned int *ecdsasiglen = &tempargs->siglen;
1105 for (count = 0; COND(ecdsa_c[testnum][0]); count++) {
1106 ret = ECDSA_sign(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1108 BIO_printf(bio_err, "ECDSA sign failure\n");
1109 ERR_print_errors(bio_err);
1117 static int ECDSA_verify_loop(void *args)
1119 loopargs_t *tempargs = *(loopargs_t **) args;
1120 unsigned char *buf = tempargs->buf;
1121 EC_KEY **ecdsa = tempargs->ecdsa;
1122 unsigned char *ecdsasig = tempargs->buf2;
1123 unsigned int ecdsasiglen = tempargs->siglen;
1125 for (count = 0; COND(ecdsa_c[testnum][1]); count++) {
1126 ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1128 BIO_printf(bio_err, "ECDSA verify failure\n");
1129 ERR_print_errors(bio_err);
1137 /* ******************************************************************** */
1138 static long ecdh_c[EC_NUM][1];
1140 static int ECDH_EVP_derive_key_loop(void *args)
1142 loopargs_t *tempargs = *(loopargs_t **) args;
1143 EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum];
1144 unsigned char *derived_secret = tempargs->secret_a;
1146 size_t *outlen = &(tempargs->outlen[testnum]);
1148 for (count = 0; COND(ecdh_c[testnum][0]); count++)
1149 EVP_PKEY_derive(ctx, derived_secret, outlen);
1154 static long eddsa_c[EdDSA_NUM][2];
1155 static int EdDSA_sign_loop(void *args)
1157 loopargs_t *tempargs = *(loopargs_t **) args;
1158 unsigned char *buf = tempargs->buf;
1159 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1160 unsigned char *eddsasig = tempargs->buf2;
1161 size_t *eddsasigsize = &tempargs->sigsize;
1164 for (count = 0; COND(eddsa_c[testnum][0]); count++) {
1165 ret = EVP_DigestSign(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1167 BIO_printf(bio_err, "EdDSA sign failure\n");
1168 ERR_print_errors(bio_err);
1176 static int EdDSA_verify_loop(void *args)
1178 loopargs_t *tempargs = *(loopargs_t **) args;
1179 unsigned char *buf = tempargs->buf;
1180 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1181 unsigned char *eddsasig = tempargs->buf2;
1182 size_t eddsasigsize = tempargs->sigsize;
1185 for (count = 0; COND(eddsa_c[testnum][1]); count++) {
1186 ret = EVP_DigestVerify(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1188 BIO_printf(bio_err, "EdDSA verify failure\n");
1189 ERR_print_errors(bio_err);
1197 # ifndef OPENSSL_NO_SM2
1198 static long sm2_c[SM2_NUM][2];
1199 static int SM2_sign_loop(void *args)
1201 loopargs_t *tempargs = *(loopargs_t **) args;
1202 unsigned char *buf = tempargs->buf;
1203 EVP_MD_CTX **sm2ctx = tempargs->sm2_ctx;
1204 unsigned char *sm2sig = tempargs->buf2;
1205 size_t sm2sigsize = tempargs->sigsize;
1206 const size_t max_size = tempargs->sigsize;
1208 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1210 for (count = 0; COND(sm2_c[testnum][0]); count++) {
1211 if (!EVP_DigestSignInit(sm2ctx[testnum], NULL, EVP_sm3(),
1212 NULL, sm2_pkey[testnum])) {
1213 BIO_printf(bio_err, "SM2 init sign failure\n");
1214 ERR_print_errors(bio_err);
1218 ret = EVP_DigestSign(sm2ctx[testnum], sm2sig, &sm2sigsize,
1221 BIO_printf(bio_err, "SM2 sign failure\n");
1222 ERR_print_errors(bio_err);
1226 /* update the latest returned size and always use the fixed buffer size */
1227 tempargs->sigsize = sm2sigsize;
1228 sm2sigsize = max_size;
1234 static int SM2_verify_loop(void *args)
1236 loopargs_t *tempargs = *(loopargs_t **) args;
1237 unsigned char *buf = tempargs->buf;
1238 EVP_MD_CTX **sm2ctx = tempargs->sm2_vfy_ctx;
1239 unsigned char *sm2sig = tempargs->buf2;
1240 size_t sm2sigsize = tempargs->sigsize;
1242 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1244 for (count = 0; COND(sm2_c[testnum][1]); count++) {
1245 if (!EVP_DigestVerifyInit(sm2ctx[testnum], NULL, EVP_sm3(),
1246 NULL, sm2_pkey[testnum])) {
1247 BIO_printf(bio_err, "SM2 verify init failure\n");
1248 ERR_print_errors(bio_err);
1252 ret = EVP_DigestVerify(sm2ctx[testnum], sm2sig, sm2sigsize,
1255 BIO_printf(bio_err, "SM2 verify failure\n");
1256 ERR_print_errors(bio_err);
1263 # endif /* OPENSSL_NO_SM2 */
1264 #endif /* OPENSSL_NO_EC */
1266 static int run_benchmark(int async_jobs,
1267 int (*loop_function) (void *), loopargs_t * loopargs)
1269 int job_op_count = 0;
1270 int total_op_count = 0;
1271 int num_inprogress = 0;
1272 int error = 0, i = 0, ret = 0;
1273 OSSL_ASYNC_FD job_fd = 0;
1274 size_t num_job_fds = 0;
1278 if (async_jobs == 0) {
1279 return loop_function((void *)&loopargs);
1282 for (i = 0; i < async_jobs && !error; i++) {
1283 loopargs_t *looparg_item = loopargs + i;
1285 /* Copy pointer content (looparg_t item address) into async context */
1286 ret = ASYNC_start_job(&loopargs[i].inprogress_job, loopargs[i].wait_ctx,
1287 &job_op_count, loop_function,
1288 (void *)&looparg_item, sizeof(looparg_item));
1294 if (job_op_count == -1) {
1297 total_op_count += job_op_count;
1302 BIO_printf(bio_err, "Failure in the job\n");
1303 ERR_print_errors(bio_err);
1309 while (num_inprogress > 0) {
1310 #if defined(OPENSSL_SYS_WINDOWS)
1312 #elif defined(OPENSSL_SYS_UNIX)
1313 int select_result = 0;
1314 OSSL_ASYNC_FD max_fd = 0;
1317 FD_ZERO(&waitfdset);
1319 for (i = 0; i < async_jobs && num_inprogress > 0; i++) {
1320 if (loopargs[i].inprogress_job == NULL)
1323 if (!ASYNC_WAIT_CTX_get_all_fds
1324 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1325 || num_job_fds > 1) {
1326 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1327 ERR_print_errors(bio_err);
1331 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1333 FD_SET(job_fd, &waitfdset);
1334 if (job_fd > max_fd)
1338 if (max_fd >= (OSSL_ASYNC_FD)FD_SETSIZE) {
1340 "Error: max_fd (%d) must be smaller than FD_SETSIZE (%d). "
1341 "Decrease the value of async_jobs\n",
1342 max_fd, FD_SETSIZE);
1343 ERR_print_errors(bio_err);
1348 select_result = select(max_fd + 1, &waitfdset, NULL, NULL, NULL);
1349 if (select_result == -1 && errno == EINTR)
1352 if (select_result == -1) {
1353 BIO_printf(bio_err, "Failure in the select\n");
1354 ERR_print_errors(bio_err);
1359 if (select_result == 0)
1363 for (i = 0; i < async_jobs; i++) {
1364 if (loopargs[i].inprogress_job == NULL)
1367 if (!ASYNC_WAIT_CTX_get_all_fds
1368 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1369 || num_job_fds > 1) {
1370 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1371 ERR_print_errors(bio_err);
1375 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1378 #if defined(OPENSSL_SYS_UNIX)
1379 if (num_job_fds == 1 && !FD_ISSET(job_fd, &waitfdset))
1381 #elif defined(OPENSSL_SYS_WINDOWS)
1382 if (num_job_fds == 1
1383 && !PeekNamedPipe(job_fd, NULL, 0, NULL, &avail, NULL)
1388 ret = ASYNC_start_job(&loopargs[i].inprogress_job,
1389 loopargs[i].wait_ctx, &job_op_count,
1390 loop_function, (void *)(loopargs + i),
1391 sizeof(loopargs_t));
1396 if (job_op_count == -1) {
1399 total_op_count += job_op_count;
1402 loopargs[i].inprogress_job = NULL;
1407 loopargs[i].inprogress_job = NULL;
1408 BIO_printf(bio_err, "Failure in the job\n");
1409 ERR_print_errors(bio_err);
1416 return error ? -1 : total_op_count;
1419 #define stop_it(do_it, test_num)\
1420 memset(do_it + test_num, 0, OSSL_NELEM(do_it) - test_num);
1422 int speed_main(int argc, char **argv)
1425 loopargs_t *loopargs = NULL;
1427 const char *engine_id = NULL;
1428 const EVP_CIPHER *evp_cipher = NULL;
1431 int async_init = 0, multiblock = 0, pr_header = 0;
1432 uint8_t doit[ALGOR_NUM] = { 0 };
1433 int ret = 1, misalign = 0, lengths_single = 0, aead = 0;
1435 unsigned int size_num = SIZE_NUM;
1436 unsigned int i, k, loopargs_len = 0, async_jobs = 0;
1442 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) \
1443 || !defined(OPENSSL_NO_EC)
1446 openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS,
1447 ECDSA_SECONDS, ECDH_SECONDS,
1448 EdDSA_SECONDS, SM2_SECONDS };
1450 /* What follows are the buffers and key material. */
1451 #ifndef OPENSSL_NO_RC5
1454 #ifndef OPENSSL_NO_RC2
1457 #ifndef OPENSSL_NO_IDEA
1458 IDEA_KEY_SCHEDULE idea_ks;
1460 #ifndef OPENSSL_NO_SEED
1461 SEED_KEY_SCHEDULE seed_ks;
1463 #ifndef OPENSSL_NO_BF
1466 #ifndef OPENSSL_NO_CAST
1469 static const unsigned char key16[16] = {
1470 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1471 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1473 static const unsigned char key24[24] = {
1474 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1475 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1476 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1478 static const unsigned char key32[32] = {
1479 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1480 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1481 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1482 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1484 #ifndef OPENSSL_NO_CAMELLIA
1485 CAMELLIA_KEY camellia_ks[3];
1487 #ifndef OPENSSL_NO_RSA
1488 static const struct {
1489 const unsigned char *data;
1490 unsigned int length;
1493 { test512, sizeof(test512), 512 },
1494 { test1024, sizeof(test1024), 1024 },
1495 { test2048, sizeof(test2048), 2048 },
1496 { test3072, sizeof(test3072), 3072 },
1497 { test4096, sizeof(test4096), 4092 },
1498 { test7680, sizeof(test7680), 7680 },
1499 { test15360, sizeof(test15360), 15360 }
1501 uint8_t rsa_doit[RSA_NUM] = { 0 };
1502 int primes = RSA_DEFAULT_PRIME_NUM;
1504 #ifndef OPENSSL_NO_DSA
1505 static const unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 };
1506 uint8_t dsa_doit[DSA_NUM] = { 0 };
1508 #ifndef OPENSSL_NO_EC
1509 typedef struct ec_curve_st {
1513 size_t sigsize; /* only used for EdDSA curves */
1516 * We only test over the following curves as they are representative, To
1517 * add tests over more curves, simply add the curve NID and curve name to
1518 * the following arrays and increase the |ecdh_choices| and |ecdsa_choices|
1519 * lists accordingly.
1521 static const EC_CURVE ec_curves[EC_NUM] = {
1523 {"secp160r1", NID_secp160r1, 160},
1524 {"nistp192", NID_X9_62_prime192v1, 192},
1525 {"nistp224", NID_secp224r1, 224},
1526 {"nistp256", NID_X9_62_prime256v1, 256},
1527 {"nistp384", NID_secp384r1, 384},
1528 {"nistp521", NID_secp521r1, 521},
1529 # ifndef OPENSSL_NO_EC2M
1531 {"nistk163", NID_sect163k1, 163},
1532 {"nistk233", NID_sect233k1, 233},
1533 {"nistk283", NID_sect283k1, 283},
1534 {"nistk409", NID_sect409k1, 409},
1535 {"nistk571", NID_sect571k1, 571},
1536 {"nistb163", NID_sect163r2, 163},
1537 {"nistb233", NID_sect233r1, 233},
1538 {"nistb283", NID_sect283r1, 283},
1539 {"nistb409", NID_sect409r1, 409},
1540 {"nistb571", NID_sect571r1, 571},
1542 {"brainpoolP256r1", NID_brainpoolP256r1, 256},
1543 {"brainpoolP256t1", NID_brainpoolP256t1, 256},
1544 {"brainpoolP384r1", NID_brainpoolP384r1, 384},
1545 {"brainpoolP384t1", NID_brainpoolP384t1, 384},
1546 {"brainpoolP512r1", NID_brainpoolP512r1, 512},
1547 {"brainpoolP512t1", NID_brainpoolP512t1, 512},
1548 /* Other and ECDH only ones */
1549 {"X25519", NID_X25519, 253},
1550 {"X448", NID_X448, 448}
1552 static const EC_CURVE ed_curves[EdDSA_NUM] = {
1554 {"Ed25519", NID_ED25519, 253, 64},
1555 {"Ed448", NID_ED448, 456, 114}
1557 # ifndef OPENSSL_NO_SM2
1558 static const EC_CURVE sm2_curves[SM2_NUM] = {
1560 {"CurveSM2", NID_sm2, 256}
1562 uint8_t sm2_doit[SM2_NUM] = { 0 };
1564 uint8_t ecdsa_doit[ECDSA_NUM] = { 0 };
1565 uint8_t ecdh_doit[EC_NUM] = { 0 };
1566 uint8_t eddsa_doit[EdDSA_NUM] = { 0 };
1568 /* checks declarated curves against choices list. */
1569 OPENSSL_assert(ed_curves[EdDSA_NUM - 1].nid == NID_ED448);
1570 OPENSSL_assert(strcmp(eddsa_choices[EdDSA_NUM - 1].name, "ed448") == 0);
1572 OPENSSL_assert(ec_curves[EC_NUM - 1].nid == NID_X448);
1573 OPENSSL_assert(strcmp(ecdh_choices[EC_NUM - 1].name, "ecdhx448") == 0);
1575 OPENSSL_assert(ec_curves[ECDSA_NUM - 1].nid == NID_brainpoolP512t1);
1576 OPENSSL_assert(strcmp(ecdsa_choices[ECDSA_NUM - 1].name, "ecdsabrp512t1") == 0);
1578 # ifndef OPENSSL_NO_SM2
1579 OPENSSL_assert(sm2_curves[SM2_NUM - 1].nid == NID_sm2);
1580 OPENSSL_assert(strcmp(sm2_choices[SM2_NUM - 1].name, "curveSM2") == 0);
1582 #endif /* ndef OPENSSL_NO_EC */
1584 prog = opt_init(argc, argv, speed_options);
1585 while ((o = opt_next()) != OPT_EOF) {
1590 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
1593 opt_help(speed_options);
1601 evp_cipher = EVP_get_cipherbyname(opt_arg());
1602 if (evp_cipher == NULL)
1603 evp_md = EVP_get_digestbyname(opt_arg());
1604 if (evp_cipher == NULL && evp_md == NULL) {
1606 "%s: %s is an unknown cipher or digest\n",
1613 evp_hmac_md = EVP_get_digestbyname(opt_arg());
1614 if (evp_hmac_md == NULL) {
1615 BIO_printf(bio_err, "%s: %s is an unknown digest\n",
1619 doit[D_EVP_HMAC] = 1;
1622 #ifndef OPENSSL_NO_CMAC
1623 evp_cmac_cipher = EVP_get_cipherbyname(opt_arg());
1624 if (evp_cmac_cipher == NULL) {
1625 BIO_printf(bio_err, "%s: %s is an unknown cipher\n",
1629 doit[D_EVP_CMAC] = 1;
1637 * In a forked execution, an engine might need to be
1638 * initialised by each child process, not by the parent.
1639 * So store the name here and run setup_engine() later on.
1641 engine_id = opt_arg();
1645 multi = atoi(opt_arg());
1649 #ifndef OPENSSL_NO_ASYNC
1650 async_jobs = atoi(opt_arg());
1651 if (!ASYNC_is_capable()) {
1653 "%s: async_jobs specified but async not supported\n",
1657 if (async_jobs > 99999) {
1658 BIO_printf(bio_err, "%s: too many async_jobs\n", prog);
1664 if (!opt_int(opt_arg(), &misalign))
1666 if (misalign > MISALIGN) {
1668 "%s: Maximum offset is %d\n", prog, MISALIGN);
1677 #ifdef OPENSSL_NO_MULTIBLOCK
1679 "%s: -mb specified but multi-block support is disabled\n",
1689 if (!opt_int(opt_arg(), &primes))
1693 seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa
1694 = seconds.ecdh = seconds.eddsa
1695 = seconds.sm2 = atoi(opt_arg());
1698 lengths_single = atoi(opt_arg());
1699 lengths = &lengths_single;
1707 argc = opt_num_rest();
1710 /* Remaining arguments are algorithms. */
1711 for (; *argv; argv++) {
1712 const char *algo = *argv;
1714 if (opt_found(algo, doit_choices, &i)) {
1718 #ifndef OPENSSL_NO_DES
1719 if (strcmp(algo, "des") == 0) {
1720 doit[D_CBC_DES] = doit[D_EDE3_DES] = 1;
1724 if (strcmp(algo, "sha") == 0) {
1725 doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1;
1728 #ifndef OPENSSL_NO_RSA
1729 if (strcmp(algo, "openssl") == 0) /* just for compatibility */
1731 if (strncmp(algo, "rsa", 3) == 0) {
1732 if (algo[3] == '\0') {
1733 memset(rsa_doit, 1, sizeof(rsa_doit));
1736 if (opt_found(algo, rsa_choices, &i)) {
1742 #ifndef OPENSSL_NO_DSA
1743 if (strncmp(algo, "dsa", 3) == 0) {
1744 if (algo[3] == '\0') {
1745 memset(dsa_doit, 1, sizeof(dsa_doit));
1748 if (opt_found(algo, dsa_choices, &i)) {
1754 if (strcmp(algo, "aes") == 0) {
1755 doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1;
1758 #ifndef OPENSSL_NO_CAMELLIA
1759 if (strcmp(algo, "camellia") == 0) {
1760 doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1;
1764 #ifndef OPENSSL_NO_EC
1765 if (strncmp(algo, "ecdsa", 5) == 0) {
1766 if (algo[5] == '\0') {
1767 memset(ecdsa_doit, 1, sizeof(ecdsa_doit));
1770 if (opt_found(algo, ecdsa_choices, &i)) {
1775 if (strncmp(algo, "ecdh", 4) == 0) {
1776 if (algo[4] == '\0') {
1777 memset(ecdh_doit, 1, sizeof(ecdh_doit));
1780 if (opt_found(algo, ecdh_choices, &i)) {
1785 if (strcmp(algo, "eddsa") == 0) {
1786 memset(eddsa_doit, 1, sizeof(eddsa_doit));
1789 if (opt_found(algo, eddsa_choices, &i)) {
1793 # ifndef OPENSSL_NO_SM2
1794 if (strcmp(algo, "sm2") == 0) {
1795 memset(sm2_doit, 1, sizeof(sm2_doit));
1798 if (opt_found(algo, sm2_choices, &i)) {
1803 #endif /* OPENSSL_NO_EC */
1804 BIO_printf(bio_err, "%s: Unknown algorithm %s\n", prog, algo);
1810 if (evp_cipher == NULL) {
1811 BIO_printf(bio_err, "-aead can be used only with an AEAD cipher\n");
1813 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1814 EVP_CIPH_FLAG_AEAD_CIPHER)) {
1815 BIO_printf(bio_err, "%s is not an AEAD cipher\n",
1816 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1821 if (evp_cipher == NULL) {
1822 BIO_printf(bio_err,"-mb can be used only with a multi-block"
1823 " capable cipher\n");
1825 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1826 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
1827 BIO_printf(bio_err, "%s is not a multi-block capable\n",
1828 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1830 } else if (async_jobs > 0) {
1831 BIO_printf(bio_err, "Async mode is not supported with -mb");
1836 /* Initialize the job pool if async mode is enabled */
1837 if (async_jobs > 0) {
1838 async_init = ASYNC_init_thread(async_jobs, async_jobs);
1840 BIO_printf(bio_err, "Error creating the ASYNC job pool\n");
1845 loopargs_len = (async_jobs == 0 ? 1 : async_jobs);
1847 app_malloc(loopargs_len * sizeof(loopargs_t), "array of loopargs");
1848 memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));
1850 for (i = 0; i < loopargs_len; i++) {
1851 if (async_jobs > 0) {
1852 loopargs[i].wait_ctx = ASYNC_WAIT_CTX_new();
1853 if (loopargs[i].wait_ctx == NULL) {
1854 BIO_printf(bio_err, "Error creating the ASYNC_WAIT_CTX\n");
1859 buflen = lengths[size_num - 1];
1860 if (buflen < 36) /* size of random vector in RSA benchmark */
1862 buflen += MAX_MISALIGNMENT + 1;
1863 loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
1864 loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");
1865 memset(loopargs[i].buf_malloc, 0, buflen);
1866 memset(loopargs[i].buf2_malloc, 0, buflen);
1868 /* Align the start of buffers on a 64 byte boundary */
1869 loopargs[i].buf = loopargs[i].buf_malloc + misalign;
1870 loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;
1871 #ifndef OPENSSL_NO_EC
1872 loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a");
1873 loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b");
1878 if (multi && do_multi(multi, size_num))
1882 /* Initialize the engine after the fork */
1883 e = setup_engine(engine_id, 0);
1885 /* No parameters; turn on everything. */
1886 if (argc == 0 && !doit[D_EVP] && !doit[D_EVP_HMAC] && !doit[D_EVP_CMAC]) {
1887 memset(doit, 1, sizeof(doit));
1888 doit[D_EVP] = doit[D_EVP_HMAC] = doit[D_EVP_CMAC] = 0;
1889 #ifndef OPENSSL_NO_RSA
1890 memset(rsa_doit, 1, sizeof(rsa_doit));
1892 #ifndef OPENSSL_NO_DSA
1893 memset(dsa_doit, 1, sizeof(dsa_doit));
1895 #ifndef OPENSSL_NO_EC
1896 memset(ecdsa_doit, 1, sizeof(ecdsa_doit));
1897 memset(ecdh_doit, 1, sizeof(ecdh_doit));
1898 memset(eddsa_doit, 1, sizeof(eddsa_doit));
1899 # ifndef OPENSSL_NO_SM2
1900 memset(sm2_doit, 1, sizeof(sm2_doit));
1904 for (i = 0; i < ALGOR_NUM; i++)
1908 if (usertime == 0 && !mr)
1910 "You have chosen to measure elapsed time "
1911 "instead of user CPU time.\n");
1913 #ifndef OPENSSL_NO_RSA
1914 for (i = 0; i < loopargs_len; i++) {
1915 if (primes > RSA_DEFAULT_PRIME_NUM) {
1916 /* for multi-prime RSA, skip this */
1919 for (k = 0; k < RSA_NUM; k++) {
1920 const unsigned char *p = rsa_keys[k].data;
1922 loopargs[i].rsa_key[k] =
1923 d2i_RSAPrivateKey(NULL, &p, rsa_keys[k].length);
1924 if (loopargs[i].rsa_key[k] == NULL) {
1926 "internal error loading RSA key number %d\n", k);
1932 #ifndef OPENSSL_NO_DSA
1933 for (i = 0; i < loopargs_len; i++) {
1934 loopargs[i].dsa_key[0] = get_dsa(512);
1935 loopargs[i].dsa_key[1] = get_dsa(1024);
1936 loopargs[i].dsa_key[2] = get_dsa(2048);
1939 #ifndef OPENSSL_NO_DES
1940 if (doit[D_CBC_DES] || doit[D_EDE3_DES]) {
1941 static DES_cblock keys[] = {
1942 { 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0 }, /* keys[0] */
1943 { 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12 }, /* keys[1] */
1944 { 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34 } /* keys[3] */
1946 DES_set_key_unchecked(&keys[0], &sch[0]);
1947 DES_set_key_unchecked(&keys[1], &sch[1]);
1948 DES_set_key_unchecked(&keys[2], &sch[2]);
1951 AES_set_encrypt_key(key16, 128, &aes_ks1);
1952 AES_set_encrypt_key(key24, 192, &aes_ks2);
1953 AES_set_encrypt_key(key32, 256, &aes_ks3);
1954 #ifndef OPENSSL_NO_CAMELLIA
1955 if (doit[D_CBC_128_CML] || doit[D_CBC_192_CML] || doit[D_CBC_256_CML]) {
1956 Camellia_set_key(key16, 128, &camellia_ks[0]);
1957 Camellia_set_key(key24, 192, &camellia_ks[1]);
1958 Camellia_set_key(key32, 256, &camellia_ks[2]);
1961 #ifndef OPENSSL_NO_IDEA
1962 if (doit[D_CBC_IDEA])
1963 IDEA_set_encrypt_key(key16, &idea_ks);
1965 #ifndef OPENSSL_NO_SEED
1966 if (doit[D_CBC_SEED])
1967 SEED_set_key(key16, &seed_ks);
1969 #ifndef OPENSSL_NO_RC4
1971 RC4_set_key(&rc4_ks, 16, key16);
1973 #ifndef OPENSSL_NO_RC2
1974 if (doit[D_CBC_RC2])
1975 RC2_set_key(&rc2_ks, 16, key16, 128);
1977 #ifndef OPENSSL_NO_RC5
1978 if (doit[D_CBC_RC5])
1979 if (!RC5_32_set_key(&rc5_ks, 16, key16, 12)) {
1980 BIO_printf(bio_err, "Failed setting RC5 key\n");
1984 #ifndef OPENSSL_NO_BF
1986 BF_set_key(&bf_ks, 16, key16);
1988 #ifndef OPENSSL_NO_CAST
1989 if (doit[D_CBC_CAST])
1990 CAST_set_key(&cast_ks, 16, key16);
1993 # ifndef OPENSSL_NO_DES
1994 BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
2000 for (it = count; it; it--)
2001 DES_ecb_encrypt((DES_cblock *)loopargs[0].buf,
2002 (DES_cblock *)loopargs[0].buf, &sch, DES_ENCRYPT);
2005 c[D_MD2][0] = count / 10;
2006 c[D_MDC2][0] = count / 10;
2007 c[D_MD4][0] = count;
2008 c[D_MD5][0] = count;
2009 c[D_HMAC][0] = count;
2010 c[D_SHA1][0] = count;
2011 c[D_RMD160][0] = count;
2012 c[D_RC4][0] = count * 5;
2013 c[D_CBC_DES][0] = count;
2014 c[D_EDE3_DES][0] = count / 3;
2015 c[D_CBC_IDEA][0] = count;
2016 c[D_CBC_SEED][0] = count;
2017 c[D_CBC_RC2][0] = count;
2018 c[D_CBC_RC5][0] = count;
2019 c[D_CBC_BF][0] = count;
2020 c[D_CBC_CAST][0] = count;
2021 c[D_CBC_128_AES][0] = count;
2022 c[D_CBC_192_AES][0] = count;
2023 c[D_CBC_256_AES][0] = count;
2024 c[D_CBC_128_CML][0] = count;
2025 c[D_CBC_192_CML][0] = count;
2026 c[D_CBC_256_CML][0] = count;
2027 c[D_EVP][0] = count;
2028 c[D_SHA256][0] = count;
2029 c[D_SHA512][0] = count;
2030 c[D_WHIRLPOOL][0] = count;
2031 c[D_IGE_128_AES][0] = count;
2032 c[D_IGE_192_AES][0] = count;
2033 c[D_IGE_256_AES][0] = count;
2034 c[D_GHASH][0] = count;
2035 c[D_RAND][0] = count;
2036 c[D_EVP_HMAC][0] = count;
2037 c[D_EVP_CMAC][0] = count;
2039 for (i = 1; i < size_num; i++) {
2040 long l0 = (long)lengths[0];
2041 long l1 = (long)lengths[i];
2043 c[D_MD2][i] = c[D_MD2][0] * 4 * l0 / l1;
2044 c[D_MDC2][i] = c[D_MDC2][0] * 4 * l0 / l1;
2045 c[D_MD4][i] = c[D_MD4][0] * 4 * l0 / l1;
2046 c[D_MD5][i] = c[D_MD5][0] * 4 * l0 / l1;
2047 c[D_HMAC][i] = c[D_HMAC][0] * 4 * l0 / l1;
2048 c[D_SHA1][i] = c[D_SHA1][0] * 4 * l0 / l1;
2049 c[D_RMD160][i] = c[D_RMD160][0] * 4 * l0 / l1;
2050 c[D_EVP][i] = = c[D_EVP][0] * 4 * l0 / l1;
2051 c[D_SHA256][i] = c[D_SHA256][0] * 4 * l0 / l1;
2052 c[D_SHA512][i] = c[D_SHA512][0] * 4 * l0 / l1;
2053 c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * l0 / l1;
2054 c[D_GHASH][i] = c[D_GHASH][0] * 4 * l0 / l1;
2055 c[D_RAND][i] = c[D_RAND][0] * 4 * l0 / l1;
2056 c[D_EVP_HMAC][i] = = c[D_EVP_HMAC][0] * 4 * l0 / l1;
2057 c[D_EVP_CMAC][i] = = c[D_EVP_CMAC][0] * 4 * l0 / l1;
2059 l0 = (long)lengths[i - 1];
2061 c[D_RC4][i] = c[D_RC4][i - 1] * l0 / l1;
2062 c[D_CBC_DES][i] = c[D_CBC_DES][i - 1] * l0 / l1;
2063 c[D_EDE3_DES][i] = c[D_EDE3_DES][i - 1] * l0 / l1;
2064 c[D_CBC_IDEA][i] = c[D_CBC_IDEA][i - 1] * l0 / l1;
2065 c[D_CBC_SEED][i] = c[D_CBC_SEED][i - 1] * l0 / l1;
2066 c[D_CBC_RC2][i] = c[D_CBC_RC2][i - 1] * l0 / l1;
2067 c[D_CBC_RC5][i] = c[D_CBC_RC5][i - 1] * l0 / l1;
2068 c[D_CBC_BF][i] = c[D_CBC_BF][i - 1] * l0 / l1;
2069 c[D_CBC_CAST][i] = c[D_CBC_CAST][i - 1] * l0 / l1;
2070 c[D_CBC_128_AES][i] = c[D_CBC_128_AES][i - 1] * l0 / l1;
2071 c[D_CBC_192_AES][i] = c[D_CBC_192_AES][i - 1] * l0 / l1;
2072 c[D_CBC_256_AES][i] = c[D_CBC_256_AES][i - 1] * l0 / l1;
2073 c[D_CBC_128_CML][i] = c[D_CBC_128_CML][i - 1] * l0 / l1;
2074 c[D_CBC_192_CML][i] = c[D_CBC_192_CML][i - 1] * l0 / l1;
2075 c[D_CBC_256_CML][i] = c[D_CBC_256_CML][i - 1] * l0 / l1;
2076 c[D_IGE_128_AES][i] = c[D_IGE_128_AES][i - 1] * l0 / l1;
2077 c[D_IGE_192_AES][i] = c[D_IGE_192_AES][i - 1] * l0 / l1;
2078 c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
2081 # ifndef OPENSSL_NO_RSA
2082 rsa_c[R_RSA_512][0] = count / 2000;
2083 rsa_c[R_RSA_512][1] = count / 400;
2084 for (i = 1; i < RSA_NUM; i++) {
2085 rsa_c[i][0] = rsa_c[i - 1][0] / 8;
2086 rsa_c[i][1] = rsa_c[i - 1][1] / 4;
2087 if (rsa_doit[i] <= 1 && rsa_c[i][0] == 0)
2090 if (rsa_c[i][0] == 0) {
2091 rsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2098 # ifndef OPENSSL_NO_DSA
2099 dsa_c[R_DSA_512][0] = count / 1000;
2100 dsa_c[R_DSA_512][1] = count / 1000 / 2;
2101 for (i = 1; i < DSA_NUM; i++) {
2102 dsa_c[i][0] = dsa_c[i - 1][0] / 4;
2103 dsa_c[i][1] = dsa_c[i - 1][1] / 4;
2104 if (dsa_doit[i] <= 1 && dsa_c[i][0] == 0)
2107 if (dsa_c[i][0] == 0) {
2108 dsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2115 # ifndef OPENSSL_NO_EC
2116 ecdsa_c[R_EC_P160][0] = count / 1000;
2117 ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
2118 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2119 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2120 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2121 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2124 if (ecdsa_c[i][0] == 0) {
2130 # ifndef OPENSSL_NO_EC2M
2131 ecdsa_c[R_EC_K163][0] = count / 1000;
2132 ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
2133 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2134 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2135 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2136 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2139 if (ecdsa_c[i][0] == 0) {
2145 ecdsa_c[R_EC_B163][0] = count / 1000;
2146 ecdsa_c[R_EC_B163][1] = count / 1000 / 2;
2147 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2148 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2149 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2150 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2153 if (ecdsa_c[i][0] == 0) {
2161 ecdh_c[R_EC_P160][0] = count / 1000;
2162 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2163 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2164 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2167 if (ecdh_c[i][0] == 0) {
2172 # ifndef OPENSSL_NO_EC2M
2173 ecdh_c[R_EC_K163][0] = count / 1000;
2174 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2175 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2176 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2179 if (ecdh_c[i][0] == 0) {
2184 ecdh_c[R_EC_B163][0] = count / 1000;
2185 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2186 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2187 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2190 if (ecdh_c[i][0] == 0) {
2196 /* repeated code good to factorize */
2197 ecdh_c[R_EC_BRP256R1][0] = count / 1000;
2198 for (i = R_EC_BRP384R1; i <= R_EC_BRP512R1; i += 2) {
2199 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2200 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2203 if (ecdh_c[i][0] == 0) {
2208 ecdh_c[R_EC_BRP256T1][0] = count / 1000;
2209 for (i = R_EC_BRP384T1; i <= R_EC_BRP512T1; i += 2) {
2210 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2211 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2214 if (ecdh_c[i][0] == 0) {
2219 /* default iteration count for the last two EC Curves */
2220 ecdh_c[R_EC_X25519][0] = count / 1800;
2221 ecdh_c[R_EC_X448][0] = count / 7200;
2223 eddsa_c[R_EC_Ed25519][0] = count / 1800;
2224 eddsa_c[R_EC_Ed448][0] = count / 7200;
2226 # ifndef OPENSSL_NO_SM2
2227 sm2_c[R_EC_SM2P256][0] = count / 1800;
2229 # endif /* OPENSSL_NO_EC */
2232 /* not worth fixing */
2233 # error "You cannot disable DES on systems without SIGALRM."
2234 # endif /* OPENSSL_NO_DES */
2236 signal(SIGALRM, alarmed);
2237 #endif /* SIGALRM */
2239 #ifndef OPENSSL_NO_MD2
2241 for (testnum = 0; testnum < size_num; testnum++) {
2242 print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum],
2245 count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs);
2247 print_result(D_MD2, testnum, count, d);
2251 #ifndef OPENSSL_NO_MDC2
2253 for (testnum = 0; testnum < size_num; testnum++) {
2254 print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum],
2257 count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs);
2259 print_result(D_MDC2, testnum, count, d);
2266 #ifndef OPENSSL_NO_MD4
2268 for (testnum = 0; testnum < size_num; testnum++) {
2269 print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum],
2272 count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs);
2274 print_result(D_MD4, testnum, count, d);
2281 #ifndef OPENSSL_NO_MD5
2283 for (testnum = 0; testnum < size_num; testnum++) {
2284 print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum],
2287 count = run_benchmark(async_jobs, MD5_loop, loopargs);
2289 print_result(D_MD5, testnum, count, d);
2294 static const char hmac_key[] = "This is a key...";
2295 int len = strlen(hmac_key);
2297 for (i = 0; i < loopargs_len; i++) {
2298 loopargs[i].hctx = HMAC_CTX_new();
2299 if (loopargs[i].hctx == NULL) {
2300 BIO_printf(bio_err, "HMAC malloc failure, exiting...");
2304 HMAC_Init_ex(loopargs[i].hctx, hmac_key, len, EVP_md5(), NULL);
2306 for (testnum = 0; testnum < size_num; testnum++) {
2307 print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum],
2310 count = run_benchmark(async_jobs, HMAC_loop, loopargs);
2312 print_result(D_HMAC, testnum, count, d);
2314 for (i = 0; i < loopargs_len; i++)
2315 HMAC_CTX_free(loopargs[i].hctx);
2319 for (testnum = 0; testnum < size_num; testnum++) {
2320 print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum],
2323 count = run_benchmark(async_jobs, SHA1_loop, loopargs);
2325 print_result(D_SHA1, testnum, count, d);
2328 if (doit[D_SHA256]) {
2329 for (testnum = 0; testnum < size_num; testnum++) {
2330 print_message(names[D_SHA256], c[D_SHA256][testnum],
2331 lengths[testnum], seconds.sym);
2333 count = run_benchmark(async_jobs, SHA256_loop, loopargs);
2335 print_result(D_SHA256, testnum, count, d);
2338 if (doit[D_SHA512]) {
2339 for (testnum = 0; testnum < size_num; testnum++) {
2340 print_message(names[D_SHA512], c[D_SHA512][testnum],
2341 lengths[testnum], seconds.sym);
2343 count = run_benchmark(async_jobs, SHA512_loop, loopargs);
2345 print_result(D_SHA512, testnum, count, d);
2348 #ifndef OPENSSL_NO_WHIRLPOOL
2349 if (doit[D_WHIRLPOOL]) {
2350 for (testnum = 0; testnum < size_num; testnum++) {
2351 print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][testnum],
2352 lengths[testnum], seconds.sym);
2354 count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs);
2356 print_result(D_WHIRLPOOL, testnum, count, d);
2361 #ifndef OPENSSL_NO_RMD160
2362 if (doit[D_RMD160]) {
2363 for (testnum = 0; testnum < size_num; testnum++) {
2364 print_message(names[D_RMD160], c[D_RMD160][testnum],
2365 lengths[testnum], seconds.sym);
2367 count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs);
2369 print_result(D_RMD160, testnum, count, d);
2375 #ifndef OPENSSL_NO_RC4
2377 for (testnum = 0; testnum < size_num; testnum++) {
2378 print_message(names[D_RC4], c[D_RC4][testnum], lengths[testnum],
2381 count = run_benchmark(async_jobs, RC4_loop, loopargs);
2383 print_result(D_RC4, testnum, count, d);
2387 #ifndef OPENSSL_NO_DES
2388 if (doit[D_CBC_DES]) {
2389 for (testnum = 0; testnum < size_num; testnum++) {
2390 print_message(names[D_CBC_DES], c[D_CBC_DES][testnum],
2391 lengths[testnum], seconds.sym);
2393 count = run_benchmark(async_jobs, DES_ncbc_encrypt_loop, loopargs);
2395 print_result(D_CBC_DES, testnum, count, d);
2399 if (doit[D_EDE3_DES]) {
2400 for (testnum = 0; testnum < size_num; testnum++) {
2401 print_message(names[D_EDE3_DES], c[D_EDE3_DES][testnum],
2402 lengths[testnum], seconds.sym);
2405 run_benchmark(async_jobs, DES_ede3_cbc_encrypt_loop, loopargs);
2407 print_result(D_EDE3_DES, testnum, count, d);
2412 if (doit[D_CBC_128_AES]) {
2413 for (testnum = 0; testnum < size_num; testnum++) {
2414 print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][testnum],
2415 lengths[testnum], seconds.sym);
2418 run_benchmark(async_jobs, AES_cbc_128_encrypt_loop, loopargs);
2420 print_result(D_CBC_128_AES, testnum, count, d);
2423 if (doit[D_CBC_192_AES]) {
2424 for (testnum = 0; testnum < size_num; testnum++) {
2425 print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][testnum],
2426 lengths[testnum], seconds.sym);
2429 run_benchmark(async_jobs, AES_cbc_192_encrypt_loop, loopargs);
2431 print_result(D_CBC_192_AES, testnum, count, d);
2434 if (doit[D_CBC_256_AES]) {
2435 for (testnum = 0; testnum < size_num; testnum++) {
2436 print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][testnum],
2437 lengths[testnum], seconds.sym);
2440 run_benchmark(async_jobs, AES_cbc_256_encrypt_loop, loopargs);
2442 print_result(D_CBC_256_AES, testnum, count, d);
2446 #ifndef OPENSSL_NO_DEPRECATED_3_0
2447 if (doit[D_IGE_128_AES]) {
2448 for (testnum = 0; testnum < size_num; testnum++) {
2449 print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][testnum],
2450 lengths[testnum], seconds.sym);
2453 run_benchmark(async_jobs, AES_ige_128_encrypt_loop, loopargs);
2455 print_result(D_IGE_128_AES, testnum, count, d);
2458 if (doit[D_IGE_192_AES]) {
2459 for (testnum = 0; testnum < size_num; testnum++) {
2460 print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][testnum],
2461 lengths[testnum], seconds.sym);
2464 run_benchmark(async_jobs, AES_ige_192_encrypt_loop, loopargs);
2466 print_result(D_IGE_192_AES, testnum, count, d);
2469 if (doit[D_IGE_256_AES]) {
2470 for (testnum = 0; testnum < size_num; testnum++) {
2471 print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][testnum],
2472 lengths[testnum], seconds.sym);
2475 run_benchmark(async_jobs, AES_ige_256_encrypt_loop, loopargs);
2477 print_result(D_IGE_256_AES, testnum, count, d);
2481 if (doit[D_GHASH]) {
2482 for (i = 0; i < loopargs_len; i++) {
2483 loopargs[i].gcm_ctx =
2484 CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
2485 CRYPTO_gcm128_setiv(loopargs[i].gcm_ctx,
2486 (unsigned char *)"0123456789ab", 12);
2489 for (testnum = 0; testnum < size_num; testnum++) {
2490 print_message(names[D_GHASH], c[D_GHASH][testnum],
2491 lengths[testnum], seconds.sym);
2493 count = run_benchmark(async_jobs, CRYPTO_gcm128_aad_loop, loopargs);
2495 print_result(D_GHASH, testnum, count, d);
2497 for (i = 0; i < loopargs_len; i++)
2498 CRYPTO_gcm128_release(loopargs[i].gcm_ctx);
2500 #ifndef OPENSSL_NO_CAMELLIA
2501 if (doit[D_CBC_128_CML]) {
2502 if (async_jobs > 0) {
2503 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2504 names[D_CBC_128_CML]);
2505 doit[D_CBC_128_CML] = 0;
2507 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2508 print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][testnum],
2509 lengths[testnum], seconds.sym);
2511 for (count = 0, run = 1; COND(c[D_CBC_128_CML][testnum]); count++)
2512 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2513 (size_t)lengths[testnum], &camellia_ks[0],
2514 iv, CAMELLIA_ENCRYPT);
2516 print_result(D_CBC_128_CML, testnum, count, d);
2519 if (doit[D_CBC_192_CML]) {
2520 if (async_jobs > 0) {
2521 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2522 names[D_CBC_192_CML]);
2523 doit[D_CBC_192_CML] = 0;
2525 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2526 print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][testnum],
2527 lengths[testnum], seconds.sym);
2528 if (async_jobs > 0) {
2529 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2533 for (count = 0, run = 1; COND(c[D_CBC_192_CML][testnum]); count++)
2534 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2535 (size_t)lengths[testnum], &camellia_ks[1],
2536 iv, CAMELLIA_ENCRYPT);
2538 print_result(D_CBC_192_CML, testnum, count, d);
2541 if (doit[D_CBC_256_CML]) {
2542 if (async_jobs > 0) {
2543 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2544 names[D_CBC_256_CML]);
2545 doit[D_CBC_256_CML] = 0;
2547 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2548 print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][testnum],
2549 lengths[testnum], seconds.sym);
2551 for (count = 0, run = 1; COND(c[D_CBC_256_CML][testnum]); count++)
2552 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2553 (size_t)lengths[testnum], &camellia_ks[2],
2554 iv, CAMELLIA_ENCRYPT);
2556 print_result(D_CBC_256_CML, testnum, count, d);
2560 #ifndef OPENSSL_NO_IDEA
2561 if (doit[D_CBC_IDEA]) {
2562 if (async_jobs > 0) {
2563 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2565 doit[D_CBC_IDEA] = 0;
2567 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2568 print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][testnum],
2569 lengths[testnum], seconds.sym);
2571 for (count = 0, run = 1; COND(c[D_CBC_IDEA][testnum]); count++)
2572 IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2573 (size_t)lengths[testnum], &idea_ks,
2576 print_result(D_CBC_IDEA, testnum, count, d);
2580 #ifndef OPENSSL_NO_SEED
2581 if (doit[D_CBC_SEED]) {
2582 if (async_jobs > 0) {
2583 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2585 doit[D_CBC_SEED] = 0;
2587 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2588 print_message(names[D_CBC_SEED], c[D_CBC_SEED][testnum],
2589 lengths[testnum], seconds.sym);
2591 for (count = 0, run = 1; COND(c[D_CBC_SEED][testnum]); count++)
2592 SEED_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2593 (size_t)lengths[testnum], &seed_ks, iv, 1);
2595 print_result(D_CBC_SEED, testnum, count, d);
2599 #ifndef OPENSSL_NO_RC2
2600 if (doit[D_CBC_RC2]) {
2601 if (async_jobs > 0) {
2602 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2604 doit[D_CBC_RC2] = 0;
2606 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2607 print_message(names[D_CBC_RC2], c[D_CBC_RC2][testnum],
2608 lengths[testnum], seconds.sym);
2609 if (async_jobs > 0) {
2610 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2614 for (count = 0, run = 1; COND(c[D_CBC_RC2][testnum]); count++)
2615 RC2_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2616 (size_t)lengths[testnum], &rc2_ks,
2619 print_result(D_CBC_RC2, testnum, count, d);
2623 #ifndef OPENSSL_NO_RC5
2624 if (doit[D_CBC_RC5]) {
2625 if (async_jobs > 0) {
2626 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2628 doit[D_CBC_RC5] = 0;
2630 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2631 print_message(names[D_CBC_RC5], c[D_CBC_RC5][testnum],
2632 lengths[testnum], seconds.sym);
2633 if (async_jobs > 0) {
2634 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2638 for (count = 0, run = 1; COND(c[D_CBC_RC5][testnum]); count++)
2639 RC5_32_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2640 (size_t)lengths[testnum], &rc5_ks,
2643 print_result(D_CBC_RC5, testnum, count, d);
2647 #ifndef OPENSSL_NO_BF
2648 if (doit[D_CBC_BF]) {
2649 if (async_jobs > 0) {
2650 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2654 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2655 print_message(names[D_CBC_BF], c[D_CBC_BF][testnum],
2656 lengths[testnum], seconds.sym);
2658 for (count = 0, run = 1; COND(c[D_CBC_BF][testnum]); count++)
2659 BF_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2660 (size_t)lengths[testnum], &bf_ks,
2663 print_result(D_CBC_BF, testnum, count, d);
2667 #ifndef OPENSSL_NO_CAST
2668 if (doit[D_CBC_CAST]) {
2669 if (async_jobs > 0) {
2670 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2672 doit[D_CBC_CAST] = 0;
2674 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2675 print_message(names[D_CBC_CAST], c[D_CBC_CAST][testnum],
2676 lengths[testnum], seconds.sym);
2678 for (count = 0, run = 1; COND(c[D_CBC_CAST][testnum]); count++)
2679 CAST_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2680 (size_t)lengths[testnum], &cast_ks,
2683 print_result(D_CBC_CAST, testnum, count, d);
2688 for (testnum = 0; testnum < size_num; testnum++) {
2689 print_message(names[D_RAND], c[D_RAND][testnum], lengths[testnum],
2692 count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs);
2694 print_result(D_RAND, testnum, count, d);
2699 if (evp_cipher != NULL) {
2700 int (*loopfunc) (void *) = EVP_Update_loop;
2702 if (multiblock && (EVP_CIPHER_flags(evp_cipher) &
2703 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
2704 multiblock_speed(evp_cipher, lengths_single, &seconds);
2709 names[D_EVP] = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
2711 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_CCM_MODE) {
2712 loopfunc = EVP_Update_loop_ccm;
2713 } else if (aead && (EVP_CIPHER_flags(evp_cipher) &
2714 EVP_CIPH_FLAG_AEAD_CIPHER)) {
2715 loopfunc = EVP_Update_loop_aead;
2716 if (lengths == lengths_list) {
2717 lengths = aead_lengths_list;
2718 size_num = OSSL_NELEM(aead_lengths_list);
2722 for (testnum = 0; testnum < size_num; testnum++) {
2723 print_message(names[D_EVP], c[D_EVP][testnum], lengths[testnum],
2726 for (k = 0; k < loopargs_len; k++) {
2727 loopargs[k].ctx = EVP_CIPHER_CTX_new();
2728 if (loopargs[k].ctx == NULL) {
2729 BIO_printf(bio_err, "\nEVP_CIPHER_CTX_new failure\n");
2732 if (!EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL,
2733 NULL, iv, decrypt ? 0 : 1)) {
2734 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2735 ERR_print_errors(bio_err);
2739 EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
2741 keylen = EVP_CIPHER_CTX_key_length(loopargs[k].ctx);
2742 loopargs[k].key = app_malloc(keylen, "evp_cipher key");
2743 EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key);
2744 if (!EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
2745 loopargs[k].key, NULL, -1)) {
2746 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2747 ERR_print_errors(bio_err);
2750 OPENSSL_clear_free(loopargs[k].key, keylen);
2752 /* SIV mode only allows for a single Update operation */
2753 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_SIV_MODE)
2754 EVP_CIPHER_CTX_ctrl(loopargs[k].ctx, EVP_CTRL_SET_SPEED, 1, NULL);
2758 count = run_benchmark(async_jobs, loopfunc, loopargs);
2760 for (k = 0; k < loopargs_len; k++) {
2761 EVP_CIPHER_CTX_free(loopargs[k].ctx);
2763 print_result(D_EVP, testnum, count, d);
2765 } else if (evp_md != NULL) {
2766 names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md));
2768 for (testnum = 0; testnum < size_num; testnum++) {
2769 print_message(names[D_EVP], c[D_EVP][testnum], lengths[testnum],
2772 count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs);
2774 print_result(D_EVP, testnum, count, d);
2779 if (doit[D_EVP_HMAC] && evp_hmac_md != NULL) {
2780 const char *md_name = OBJ_nid2ln(EVP_MD_type(evp_hmac_md));
2782 evp_hmac_name = app_malloc(sizeof("HMAC()") + strlen(md_name),
2784 sprintf(evp_hmac_name, "HMAC(%s)", md_name);
2785 names[D_EVP_HMAC] = evp_hmac_name;
2787 for (testnum = 0; testnum < size_num; testnum++) {
2788 print_message(names[D_EVP_HMAC], c[D_EVP_HMAC][testnum], lengths[testnum],
2791 count = run_benchmark(async_jobs, EVP_HMAC_loop, loopargs);
2793 print_result(D_EVP_HMAC, testnum, count, d);
2797 #ifndef OPENSSL_NO_CMAC
2798 if (doit[D_EVP_CMAC] && evp_cmac_cipher != NULL) {
2799 const char *cipher_name = OBJ_nid2ln(EVP_CIPHER_type(evp_cmac_cipher));
2801 evp_cmac_name = app_malloc(sizeof("CMAC()") + strlen(cipher_name),
2803 sprintf(evp_cmac_name, "CMAC(%s)", cipher_name);
2804 names[D_EVP_CMAC] = evp_cmac_name;
2806 for (i = 0; i < loopargs_len; i++) {
2807 loopargs[i].cmac_ctx = CMAC_CTX_new();
2808 if (loopargs[i].cmac_ctx == NULL) {
2809 BIO_printf(bio_err, "CMAC malloc failure, exiting...");
2813 for (testnum = 0; testnum < size_num; testnum++) {
2814 print_message(names[D_EVP_CMAC], c[D_EVP_CMAC][testnum], lengths[testnum],
2817 count = run_benchmark(async_jobs, EVP_CMAC_loop, loopargs);
2819 print_result(D_EVP_CMAC, testnum, count, d);
2821 for (i = 0; i < loopargs_len; i++)
2822 CMAC_CTX_free(loopargs[i].cmac_ctx);
2826 for (i = 0; i < loopargs_len; i++)
2827 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2830 #ifndef OPENSSL_NO_RSA
2831 for (testnum = 0; testnum < RSA_NUM; testnum++) {
2833 if (!rsa_doit[testnum])
2835 for (i = 0; i < loopargs_len; i++) {
2836 if (primes > RSA_DEFAULT_PRIME_NUM) {
2837 /* we haven't set keys yet, generate multi-prime RSA keys */
2838 BIGNUM *bn = BN_new();
2842 if (!BN_set_word(bn, RSA_F4)) {
2847 BIO_printf(bio_err, "Generate multi-prime RSA key for %s\n",
2848 rsa_choices[testnum].name);
2850 loopargs[i].rsa_key[testnum] = RSA_new();
2851 if (loopargs[i].rsa_key[testnum] == NULL) {
2856 if (!RSA_generate_multi_prime_key(loopargs[i].rsa_key[testnum],
2857 rsa_keys[testnum].bits,
2858 primes, bn, NULL)) {
2864 st = RSA_sign(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2865 &loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2871 "RSA sign failure. No RSA sign will be done.\n");
2872 ERR_print_errors(bio_err);
2875 pkey_print_message("private", "rsa",
2876 rsa_c[testnum][0], rsa_keys[testnum].bits,
2878 /* RSA_blinding_on(rsa_key[testnum],NULL); */
2880 count = run_benchmark(async_jobs, RSA_sign_loop, loopargs);
2883 mr ? "+R1:%ld:%d:%.2f\n"
2884 : "%ld %u bits private RSA's in %.2fs\n",
2885 count, rsa_keys[testnum].bits, d);
2886 rsa_results[testnum][0] = (double)count / d;
2890 for (i = 0; i < loopargs_len; i++) {
2891 st = RSA_verify(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2892 loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2898 "RSA verify failure. No RSA verify will be done.\n");
2899 ERR_print_errors(bio_err);
2900 rsa_doit[testnum] = 0;
2902 pkey_print_message("public", "rsa",
2903 rsa_c[testnum][1], rsa_keys[testnum].bits,
2906 count = run_benchmark(async_jobs, RSA_verify_loop, loopargs);
2909 mr ? "+R2:%ld:%d:%.2f\n"
2910 : "%ld %u bits public RSA's in %.2fs\n",
2911 count, rsa_keys[testnum].bits, d);
2912 rsa_results[testnum][1] = (double)count / d;
2915 if (rsa_count <= 1) {
2916 /* if longer than 10s, don't do any more */
2917 stop_it(rsa_doit, testnum);
2920 #endif /* OPENSSL_NO_RSA */
2922 for (i = 0; i < loopargs_len; i++)
2923 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2926 #ifndef OPENSSL_NO_DSA
2927 for (testnum = 0; testnum < DSA_NUM; testnum++) {
2929 if (!dsa_doit[testnum])
2932 /* DSA_generate_key(dsa_key[testnum]); */
2933 /* DSA_sign_setup(dsa_key[testnum],NULL); */
2934 for (i = 0; i < loopargs_len; i++) {
2935 st = DSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
2936 &loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2942 "DSA sign failure. No DSA sign will be done.\n");
2943 ERR_print_errors(bio_err);
2946 pkey_print_message("sign", "dsa",
2947 dsa_c[testnum][0], dsa_bits[testnum],
2950 count = run_benchmark(async_jobs, DSA_sign_loop, loopargs);
2953 mr ? "+R3:%ld:%u:%.2f\n"
2954 : "%ld %u bits DSA signs in %.2fs\n",
2955 count, dsa_bits[testnum], d);
2956 dsa_results[testnum][0] = (double)count / d;
2960 for (i = 0; i < loopargs_len; i++) {
2961 st = DSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
2962 loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2968 "DSA verify failure. No DSA verify will be done.\n");
2969 ERR_print_errors(bio_err);
2970 dsa_doit[testnum] = 0;
2972 pkey_print_message("verify", "dsa",
2973 dsa_c[testnum][1], dsa_bits[testnum],
2976 count = run_benchmark(async_jobs, DSA_verify_loop, loopargs);
2979 mr ? "+R4:%ld:%u:%.2f\n"
2980 : "%ld %u bits DSA verify in %.2fs\n",
2981 count, dsa_bits[testnum], d);
2982 dsa_results[testnum][1] = (double)count / d;
2985 if (rsa_count <= 1) {
2986 /* if longer than 10s, don't do any more */
2987 stop_it(dsa_doit, testnum);
2990 #endif /* OPENSSL_NO_DSA */
2992 #ifndef OPENSSL_NO_EC
2993 for (testnum = 0; testnum < ECDSA_NUM; testnum++) {
2996 if (!ecdsa_doit[testnum])
2997 continue; /* Ignore Curve */
2998 for (i = 0; i < loopargs_len; i++) {
2999 loopargs[i].ecdsa[testnum] =
3000 EC_KEY_new_by_curve_name(ec_curves[testnum].nid);
3001 if (loopargs[i].ecdsa[testnum] == NULL) {
3007 BIO_printf(bio_err, "ECDSA failure.\n");
3008 ERR_print_errors(bio_err);
3011 for (i = 0; i < loopargs_len; i++) {
3012 EC_KEY_precompute_mult(loopargs[i].ecdsa[testnum], NULL);
3013 /* Perform ECDSA signature test */
3014 EC_KEY_generate_key(loopargs[i].ecdsa[testnum]);
3015 st = ECDSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
3016 &loopargs[i].siglen,
3017 loopargs[i].ecdsa[testnum]);
3023 "ECDSA sign failure. No ECDSA sign will be done.\n");
3024 ERR_print_errors(bio_err);
3027 pkey_print_message("sign", "ecdsa",
3028 ecdsa_c[testnum][0],
3029 ec_curves[testnum].bits, seconds.ecdsa);
3031 count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs);
3035 mr ? "+R5:%ld:%u:%.2f\n" :
3036 "%ld %u bits ECDSA signs in %.2fs \n",
3037 count, ec_curves[testnum].bits, d);
3038 ecdsa_results[testnum][0] = (double)count / d;
3042 /* Perform ECDSA verification test */
3043 for (i = 0; i < loopargs_len; i++) {
3044 st = ECDSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
3046 loopargs[i].ecdsa[testnum]);
3052 "ECDSA verify failure. No ECDSA verify will be done.\n");
3053 ERR_print_errors(bio_err);
3054 ecdsa_doit[testnum] = 0;
3056 pkey_print_message("verify", "ecdsa",
3057 ecdsa_c[testnum][1],
3058 ec_curves[testnum].bits, seconds.ecdsa);
3060 count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs);
3063 mr ? "+R6:%ld:%u:%.2f\n"
3064 : "%ld %u bits ECDSA verify in %.2fs\n",
3065 count, ec_curves[testnum].bits, d);
3066 ecdsa_results[testnum][1] = (double)count / d;
3069 if (rsa_count <= 1) {
3070 /* if longer than 10s, don't do any more */
3071 stop_it(ecdsa_doit, testnum);
3076 for (testnum = 0; testnum < EC_NUM; testnum++) {
3077 int ecdh_checks = 1;
3079 if (!ecdh_doit[testnum])
3082 for (i = 0; i < loopargs_len; i++) {
3083 EVP_PKEY_CTX *kctx = NULL;
3084 EVP_PKEY_CTX *test_ctx = NULL;
3085 EVP_PKEY_CTX *ctx = NULL;
3086 EVP_PKEY *key_A = NULL;
3087 EVP_PKEY *key_B = NULL;
3091 /* Ensure that the error queue is empty */
3092 if (ERR_peek_error()) {
3094 "WARNING: the error queue contains previous unhandled errors.\n");
3095 ERR_print_errors(bio_err);
3098 /* Let's try to create a ctx directly from the NID: this works for
3099 * curves like Curve25519 that are not implemented through the low
3100 * level EC interface.
3101 * If this fails we try creating a EVP_PKEY_EC generic param ctx,
3102 * then we set the curve by NID before deriving the actual keygen
3103 * ctx for that specific curve. */
3104 kctx = EVP_PKEY_CTX_new_id(ec_curves[testnum].nid, NULL); /* keygen ctx from NID */
3106 EVP_PKEY_CTX *pctx = NULL;
3107 EVP_PKEY *params = NULL;
3109 /* If we reach this code EVP_PKEY_CTX_new_id() failed and a
3110 * "int_ctx_new:unsupported algorithm" error was added to the
3112 * We remove it from the error queue as we are handling it. */
3113 unsigned long error = ERR_peek_error(); /* peek the latest error in the queue */
3114 if (error == ERR_peek_last_error() && /* oldest and latest errors match */
3115 /* check that the error origin matches */
3116 ERR_GET_LIB(error) == ERR_LIB_EVP &&
3117 ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM)
3118 ERR_get_error(); /* pop error from queue */
3119 if (ERR_peek_error()) {
3121 "Unhandled error in the error queue during ECDH init.\n");
3122 ERR_print_errors(bio_err);
3127 /* Create the context for parameter generation */
3128 if (!(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) ||
3129 /* Initialise the parameter generation */
3130 !EVP_PKEY_paramgen_init(pctx) ||
3131 /* Set the curve by NID */
3132 !EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3135 /* Create the parameter object params */
3136 !EVP_PKEY_paramgen(pctx, ¶ms)) {
3138 BIO_printf(bio_err, "ECDH EC params init failure.\n");
3139 ERR_print_errors(bio_err);
3143 /* Create the context for the key generation */
3144 kctx = EVP_PKEY_CTX_new(params, NULL);
3146 EVP_PKEY_free(params);
3148 EVP_PKEY_CTX_free(pctx);
3151 if (kctx == NULL || /* keygen ctx is not null */
3152 EVP_PKEY_keygen_init(kctx) <= 0/* init keygen ctx */ ) {
3154 BIO_printf(bio_err, "ECDH keygen failure.\n");
3155 ERR_print_errors(bio_err);
3160 if (EVP_PKEY_keygen(kctx, &key_A) <= 0 || /* generate secret key A */
3161 EVP_PKEY_keygen(kctx, &key_B) <= 0 || /* generate secret key B */
3162 !(ctx = EVP_PKEY_CTX_new(key_A, NULL)) || /* derivation ctx from skeyA */
3163 EVP_PKEY_derive_init(ctx) <= 0 || /* init derivation ctx */
3164 EVP_PKEY_derive_set_peer(ctx, key_B) <= 0 || /* set peer pubkey in ctx */
3165 EVP_PKEY_derive(ctx, NULL, &outlen) <= 0 || /* determine max length */
3166 outlen == 0 || /* ensure outlen is a valid size */
3167 outlen > MAX_ECDH_SIZE /* avoid buffer overflow */ ) {
3169 BIO_printf(bio_err, "ECDH key generation failure.\n");
3170 ERR_print_errors(bio_err);
3175 /* Here we perform a test run, comparing the output of a*B and b*A;
3176 * we try this here and assume that further EVP_PKEY_derive calls
3177 * never fail, so we can skip checks in the actually benchmarked
3178 * code, for maximum performance. */
3179 if (!(test_ctx = EVP_PKEY_CTX_new(key_B, NULL)) || /* test ctx from skeyB */
3180 !EVP_PKEY_derive_init(test_ctx) || /* init derivation test_ctx */
3181 !EVP_PKEY_derive_set_peer(test_ctx, key_A) || /* set peer pubkey in test_ctx */
3182 !EVP_PKEY_derive(test_ctx, NULL, &test_outlen) || /* determine max length */
3183 !EVP_PKEY_derive(ctx, loopargs[i].secret_a, &outlen) || /* compute a*B */
3184 !EVP_PKEY_derive(test_ctx, loopargs[i].secret_b, &test_outlen) || /* compute b*A */
3185 test_outlen != outlen /* compare output length */ ) {
3187 BIO_printf(bio_err, "ECDH computation failure.\n");
3188 ERR_print_errors(bio_err);
3193 /* Compare the computation results: CRYPTO_memcmp() returns 0 if equal */
3194 if (CRYPTO_memcmp(loopargs[i].secret_a,
3195 loopargs[i].secret_b, outlen)) {
3197 BIO_printf(bio_err, "ECDH computations don't match.\n");
3198 ERR_print_errors(bio_err);
3203 loopargs[i].ecdh_ctx[testnum] = ctx;
3204 loopargs[i].outlen[testnum] = outlen;
3206 EVP_PKEY_free(key_A);
3207 EVP_PKEY_free(key_B);
3208 EVP_PKEY_CTX_free(kctx);
3210 EVP_PKEY_CTX_free(test_ctx);
3213 if (ecdh_checks != 0) {
3214 pkey_print_message("", "ecdh",
3216 ec_curves[testnum].bits, seconds.ecdh);
3219 run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs);
3222 mr ? "+R7:%ld:%d:%.2f\n" :
3223 "%ld %u-bits ECDH ops in %.2fs\n", count,
3224 ec_curves[testnum].bits, d);
3225 ecdh_results[testnum][0] = (double)count / d;
3229 if (rsa_count <= 1) {
3230 /* if longer than 10s, don't do any more */
3231 stop_it(ecdh_doit, testnum);
3235 for (testnum = 0; testnum < EdDSA_NUM; testnum++) {
3237 EVP_PKEY *ed_pkey = NULL;
3238 EVP_PKEY_CTX *ed_pctx = NULL;
3240 if (!eddsa_doit[testnum])
3241 continue; /* Ignore Curve */
3242 for (i = 0; i < loopargs_len; i++) {
3243 loopargs[i].eddsa_ctx[testnum] = EVP_MD_CTX_new();
3244 if (loopargs[i].eddsa_ctx[testnum] == NULL) {
3249 if ((ed_pctx = EVP_PKEY_CTX_new_id(ed_curves[testnum].nid, NULL))
3251 || EVP_PKEY_keygen_init(ed_pctx) <= 0
3252 || EVP_PKEY_keygen(ed_pctx, &ed_pkey) <= 0) {
3254 EVP_PKEY_CTX_free(ed_pctx);
3257 EVP_PKEY_CTX_free(ed_pctx);
3259 if (!EVP_DigestSignInit(loopargs[i].eddsa_ctx[testnum], NULL, NULL,
3262 EVP_PKEY_free(ed_pkey);
3265 EVP_PKEY_free(ed_pkey);
3268 BIO_printf(bio_err, "EdDSA failure.\n");
3269 ERR_print_errors(bio_err);
3272 for (i = 0; i < loopargs_len; i++) {
3273 /* Perform EdDSA signature test */
3274 loopargs[i].sigsize = ed_curves[testnum].sigsize;
3275 st = EVP_DigestSign(loopargs[i].eddsa_ctx[testnum],
3276 loopargs[i].buf2, &loopargs[i].sigsize,
3277 loopargs[i].buf, 20);
3283 "EdDSA sign failure. No EdDSA sign will be done.\n");
3284 ERR_print_errors(bio_err);
3287 pkey_print_message("sign", ed_curves[testnum].name,
3288 eddsa_c[testnum][0],
3289 ed_curves[testnum].bits, seconds.eddsa);
3291 count = run_benchmark(async_jobs, EdDSA_sign_loop, loopargs);
3295 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3296 "%ld %u bits %s signs in %.2fs \n",
3297 count, ed_curves[testnum].bits,
3298 ed_curves[testnum].name, d);
3299 eddsa_results[testnum][0] = (double)count / d;
3303 /* Perform EdDSA verification test */
3304 for (i = 0; i < loopargs_len; i++) {
3305 st = EVP_DigestVerify(loopargs[i].eddsa_ctx[testnum],
3306 loopargs[i].buf2, loopargs[i].sigsize,
3307 loopargs[i].buf, 20);
3313 "EdDSA verify failure. No EdDSA verify will be done.\n");
3314 ERR_print_errors(bio_err);
3315 eddsa_doit[testnum] = 0;
3317 pkey_print_message("verify", ed_curves[testnum].name,
3318 eddsa_c[testnum][1],
3319 ed_curves[testnum].bits, seconds.eddsa);
3321 count = run_benchmark(async_jobs, EdDSA_verify_loop, loopargs);
3324 mr ? "+R9:%ld:%u:%s:%.2f\n"
3325 : "%ld %u bits %s verify in %.2fs\n",
3326 count, ed_curves[testnum].bits,
3327 ed_curves[testnum].name, d);
3328 eddsa_results[testnum][1] = (double)count / d;
3331 if (rsa_count <= 1) {
3332 /* if longer than 10s, don't do any more */
3333 stop_it(eddsa_doit, testnum);
3338 # ifndef OPENSSL_NO_SM2
3339 for (testnum = 0; testnum < SM2_NUM; testnum++) {
3341 EVP_PKEY *sm2_pkey = NULL;
3343 if (!sm2_doit[testnum])
3344 continue; /* Ignore Curve */
3345 /* Init signing and verification */
3346 for (i = 0; i < loopargs_len; i++) {
3347 EVP_PKEY_CTX *sm2_pctx = NULL;
3348 EVP_PKEY_CTX *sm2_vfy_pctx = NULL;
3349 EVP_PKEY_CTX *pctx = NULL;
3352 loopargs[i].sm2_ctx[testnum] = EVP_MD_CTX_new();
3353 loopargs[i].sm2_vfy_ctx[testnum] = EVP_MD_CTX_new();
3354 if (loopargs[i].sm2_ctx[testnum] == NULL
3355 || loopargs[i].sm2_vfy_ctx[testnum] == NULL)
3358 /* SM2 keys are generated as normal EC keys with a special curve */
3359 st = !((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) == NULL
3360 || EVP_PKEY_keygen_init(pctx) <= 0
3361 || EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3362 sm2_curves[testnum].nid) <= 0
3363 || EVP_PKEY_keygen(pctx, &sm2_pkey) <= 0);
3364 EVP_PKEY_CTX_free(pctx);
3368 st = 0; /* set back to zero */
3369 /* attach it sooner to rely on main final cleanup */
3370 loopargs[i].sm2_pkey[testnum] = sm2_pkey;
3371 loopargs[i].sigsize = ECDSA_size(EVP_PKEY_get0_EC_KEY(sm2_pkey));
3372 if (!EVP_PKEY_set_alias_type(sm2_pkey, EVP_PKEY_SM2))
3375 sm2_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3376 sm2_vfy_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3377 if (sm2_pctx == NULL || sm2_vfy_pctx == NULL) {
3378 EVP_PKEY_CTX_free(sm2_vfy_pctx);
3381 /* attach them directly to respective ctx */
3382 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_ctx[testnum], sm2_pctx);
3383 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_vfy_ctx[testnum], sm2_vfy_pctx);
3386 * No need to allow user to set an explicit ID here, just use
3387 * the one defined in the 'draft-yang-tls-tl13-sm-suites' I-D.
3389 if (EVP_PKEY_CTX_set1_id(sm2_pctx, SM2_ID, SM2_ID_LEN) != 1
3390 || EVP_PKEY_CTX_set1_id(sm2_vfy_pctx, SM2_ID, SM2_ID_LEN) != 1)
3393 if (!EVP_DigestSignInit(loopargs[i].sm2_ctx[testnum], NULL,
3394 EVP_sm3(), NULL, sm2_pkey))
3396 if (!EVP_DigestVerifyInit(loopargs[i].sm2_vfy_ctx[testnum], NULL,
3397 EVP_sm3(), NULL, sm2_pkey))
3399 st = 1; /* mark loop as succeeded */
3402 BIO_printf(bio_err, "SM2 init failure.\n");
3403 ERR_print_errors(bio_err);
3406 for (i = 0; i < loopargs_len; i++) {
3407 size_t sm2_sigsize = loopargs[i].sigsize;
3409 /* Perform SM2 signature test */
3410 st = EVP_DigestSign(loopargs[i].sm2_ctx[testnum],
3411 loopargs[i].buf2, &sm2_sigsize,
3412 loopargs[i].buf, 20);
3418 "SM2 sign failure. No SM2 sign will be done.\n");
3419 ERR_print_errors(bio_err);
3422 pkey_print_message("sign", sm2_curves[testnum].name,
3424 sm2_curves[testnum].bits, seconds.sm2);
3426 count = run_benchmark(async_jobs, SM2_sign_loop, loopargs);
3430 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3431 "%ld %u bits %s signs in %.2fs \n",
3432 count, sm2_curves[testnum].bits,
3433 sm2_curves[testnum].name, d);
3434 sm2_results[testnum][0] = (double)count / d;
3438 /* Perform SM2 verification test */
3439 for (i = 0; i < loopargs_len; i++) {
3440 st = EVP_DigestVerify(loopargs[i].sm2_vfy_ctx[testnum],
3441 loopargs[i].buf2, loopargs[i].sigsize,
3442 loopargs[i].buf, 20);
3448 "SM2 verify failure. No SM2 verify will be done.\n");
3449 ERR_print_errors(bio_err);
3450 sm2_doit[testnum] = 0;
3452 pkey_print_message("verify", sm2_curves[testnum].name,
3454 sm2_curves[testnum].bits, seconds.sm2);
3456 count = run_benchmark(async_jobs, SM2_verify_loop, loopargs);
3459 mr ? "+R9:%ld:%u:%s:%.2f\n"
3460 : "%ld %u bits %s verify in %.2fs\n",
3461 count, sm2_curves[testnum].bits,
3462 sm2_curves[testnum].name, d);
3463 sm2_results[testnum][1] = (double)count / d;
3466 if (rsa_count <= 1) {
3467 /* if longer than 10s, don't do any more */
3468 for (testnum++; testnum < SM2_NUM; testnum++)
3469 sm2_doit[testnum] = 0;
3473 # endif /* OPENSSL_NO_SM2 */
3475 #endif /* OPENSSL_NO_EC */
3480 printf("version: %s\n", OpenSSL_version(OPENSSL_FULL_VERSION_STRING));
3481 printf("built on: %s\n", OpenSSL_version(OPENSSL_BUILT_ON));
3483 printf("%s ", BN_options());
3484 #ifndef OPENSSL_NO_MD2
3485 printf("%s ", MD2_options());
3487 #ifndef OPENSSL_NO_RC4
3488 printf("%s ", RC4_options());
3490 #ifndef OPENSSL_NO_DES
3491 printf("%s ", DES_options());
3493 printf("%s ", AES_options());
3494 #ifndef OPENSSL_NO_IDEA
3495 printf("%s ", IDEA_options());
3497 #ifndef OPENSSL_NO_BF
3498 printf("%s ", BF_options());
3500 printf("\n%s\n", OpenSSL_version(OPENSSL_CFLAGS));
3501 printf("%s\n", OpenSSL_version(OPENSSL_CPU_INFO));
3509 ("The 'numbers' are in 1000s of bytes per second processed.\n");
3512 for (testnum = 0; testnum < size_num; testnum++)
3513 printf(mr ? ":%d" : "%7d bytes", lengths[testnum]);
3517 for (k = 0; k < ALGOR_NUM; k++) {
3521 printf("+F:%u:%s", k, names[k]);
3523 printf("%-13s", names[k]);
3524 for (testnum = 0; testnum < size_num; testnum++) {
3525 if (results[k][testnum] > 10000 && !mr)
3526 printf(" %11.2fk", results[k][testnum] / 1e3);
3528 printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]);
3532 #ifndef OPENSSL_NO_RSA
3534 for (k = 0; k < RSA_NUM; k++) {
3537 if (testnum && !mr) {
3538 printf("%18ssign verify sign/s verify/s\n", " ");
3542 printf("+F2:%u:%u:%f:%f\n",
3543 k, rsa_keys[k].bits, rsa_results[k][0], rsa_results[k][1]);
3545 printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3546 rsa_keys[k].bits, 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1],
3547 rsa_results[k][0], rsa_results[k][1]);
3550 #ifndef OPENSSL_NO_DSA
3552 for (k = 0; k < DSA_NUM; k++) {
3555 if (testnum && !mr) {
3556 printf("%18ssign verify sign/s verify/s\n", " ");
3560 printf("+F3:%u:%u:%f:%f\n",
3561 k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
3563 printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3564 dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1],
3565 dsa_results[k][0], dsa_results[k][1]);
3568 #ifndef OPENSSL_NO_EC
3570 for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) {
3573 if (testnum && !mr) {
3574 printf("%30ssign verify sign/s verify/s\n", " ");
3579 printf("+F4:%u:%u:%f:%f\n",
3580 k, ec_curves[k].bits,
3581 ecdsa_results[k][0], ecdsa_results[k][1]);
3583 printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3584 ec_curves[k].bits, ec_curves[k].name,
3585 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1],
3586 ecdsa_results[k][0], ecdsa_results[k][1]);
3590 for (k = 0; k < EC_NUM; k++) {
3593 if (testnum && !mr) {
3594 printf("%30sop op/s\n", " ");
3598 printf("+F5:%u:%u:%f:%f\n",
3599 k, ec_curves[k].bits,
3600 ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
3603 printf("%4u bits ecdh (%s) %8.4fs %8.1f\n",
3604 ec_curves[k].bits, ec_curves[k].name,
3605 1.0 / ecdh_results[k][0], ecdh_results[k][0]);
3609 for (k = 0; k < OSSL_NELEM(eddsa_doit); k++) {
3612 if (testnum && !mr) {
3613 printf("%30ssign verify sign/s verify/s\n", " ");
3618 printf("+F6:%u:%u:%s:%f:%f\n",
3619 k, ed_curves[k].bits, ed_curves[k].name,
3620 eddsa_results[k][0], eddsa_results[k][1]);
3622 printf("%4u bits EdDSA (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3623 ed_curves[k].bits, ed_curves[k].name,
3624 1.0 / eddsa_results[k][0], 1.0 / eddsa_results[k][1],
3625 eddsa_results[k][0], eddsa_results[k][1]);
3628 # ifndef OPENSSL_NO_SM2
3630 for (k = 0; k < OSSL_NELEM(sm2_doit); k++) {
3633 if (testnum && !mr) {
3634 printf("%30ssign verify sign/s verify/s\n", " ");
3639 printf("+F6:%u:%u:%s:%f:%f\n",
3640 k, sm2_curves[k].bits, sm2_curves[k].name,
3641 sm2_results[k][0], sm2_results[k][1]);
3643 printf("%4u bits SM2 (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3644 sm2_curves[k].bits, sm2_curves[k].name,
3645 1.0 / sm2_results[k][0], 1.0 / sm2_results[k][1],
3646 sm2_results[k][0], sm2_results[k][1]);
3649 #endif /* OPENSSL_NO_EC */
3654 ERR_print_errors(bio_err);
3655 for (i = 0; i < loopargs_len; i++) {
3656 OPENSSL_free(loopargs[i].buf_malloc);
3657 OPENSSL_free(loopargs[i].buf2_malloc);
3659 #ifndef OPENSSL_NO_RSA
3660 for (k = 0; k < RSA_NUM; k++)
3661 RSA_free(loopargs[i].rsa_key[k]);
3663 #ifndef OPENSSL_NO_DSA
3664 for (k = 0; k < DSA_NUM; k++)
3665 DSA_free(loopargs[i].dsa_key[k]);
3667 #ifndef OPENSSL_NO_EC
3668 for (k = 0; k < ECDSA_NUM; k++)
3669 EC_KEY_free(loopargs[i].ecdsa[k]);
3670 for (k = 0; k < EC_NUM; k++)
3671 EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]);
3672 for (k = 0; k < EdDSA_NUM; k++)
3673 EVP_MD_CTX_free(loopargs[i].eddsa_ctx[k]);
3674 # ifndef OPENSSL_NO_SM2
3675 for (k = 0; k < SM2_NUM; k++) {
3676 EVP_PKEY_CTX *pctx = NULL;
3678 /* free signing ctx */
3679 if (loopargs[i].sm2_ctx[k] != NULL
3680 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_ctx[k])) != NULL)
3681 EVP_PKEY_CTX_free(pctx);
3682 EVP_MD_CTX_free(loopargs[i].sm2_ctx[k]);
3683 /* free verification ctx */
3684 if (loopargs[i].sm2_vfy_ctx[k] != NULL
3685 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_vfy_ctx[k])) != NULL)
3686 EVP_PKEY_CTX_free(pctx);
3687 EVP_MD_CTX_free(loopargs[i].sm2_vfy_ctx[k]);
3689 EVP_PKEY_free(loopargs[i].sm2_pkey[k]);
3692 OPENSSL_free(loopargs[i].secret_a);
3693 OPENSSL_free(loopargs[i].secret_b);
3696 OPENSSL_free(evp_hmac_name);
3697 #ifndef OPENSSL_NO_CMAC
3698 OPENSSL_free(evp_cmac_name);
3701 if (async_jobs > 0) {
3702 for (i = 0; i < loopargs_len; i++)
3703 ASYNC_WAIT_CTX_free(loopargs[i].wait_ctx);
3707 ASYNC_cleanup_thread();
3709 OPENSSL_free(loopargs);
3714 static void print_message(const char *s, long num, int length, int tm)
3718 mr ? "+DT:%s:%d:%d\n"
3719 : "Doing %s for %ds on %d size blocks: ", s, tm, length);
3720 (void)BIO_flush(bio_err);
3724 mr ? "+DN:%s:%ld:%d\n"
3725 : "Doing %s %ld times on %d size blocks: ", s, num, length);
3726 (void)BIO_flush(bio_err);
3730 static void pkey_print_message(const char *str, const char *str2, long num,
3731 unsigned int bits, int tm)
3735 mr ? "+DTP:%d:%s:%s:%d\n"
3736 : "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm);
3737 (void)BIO_flush(bio_err);
3741 mr ? "+DNP:%ld:%d:%s:%s\n"
3742 : "Doing %ld %u bits %s %s's: ", num, bits, str, str2);
3743 (void)BIO_flush(bio_err);
3747 static void print_result(int alg, int run_no, int count, double time_used)
3750 BIO_printf(bio_err, "%s error!\n", names[alg]);
3751 ERR_print_errors(bio_err);
3752 /* exit(1); disable exit until default provider enabled */
3756 mr ? "+R:%d:%s:%f\n"
3757 : "%d %s's in %.2fs\n", count, names[alg], time_used);
3758 results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
3762 static char *sstrsep(char **string, const char *delim)
3765 char *token = *string;
3770 memset(isdelim, 0, sizeof(isdelim));
3774 isdelim[(unsigned char)(*delim)] = 1;
3778 while (!isdelim[(unsigned char)(**string)]) {
3790 static int do_multi(int multi, int size_num)
3795 static char sep[] = ":";
3797 fds = app_malloc(sizeof(*fds) * multi, "fd buffer for do_multi");
3798 for (n = 0; n < multi; ++n) {
3799 if (pipe(fd) == -1) {
3800 BIO_printf(bio_err, "pipe failure\n");
3804 (void)BIO_flush(bio_err);
3811 if (dup(fd[1]) == -1) {
3812 BIO_printf(bio_err, "dup failed\n");
3821 printf("Forked child %d\n", n);
3824 /* for now, assume the pipe is long enough to take all the output */
3825 for (n = 0; n < multi; ++n) {
3830 f = fdopen(fds[n], "r");
3831 while (fgets(buf, sizeof(buf), f)) {
3832 p = strchr(buf, '\n');
3835 if (buf[0] != '+') {
3837 "Don't understand line '%s' from child %d\n", buf,
3841 printf("Got: %s from %d\n", buf, n);
3842 if (strncmp(buf, "+F:", 3) == 0) {
3847 alg = atoi(sstrsep(&p, sep));
3849 for (j = 0; j < size_num; ++j)
3850 results[alg][j] += atof(sstrsep(&p, sep));
3851 } else if (strncmp(buf, "+F2:", 4) == 0) {
3856 k = atoi(sstrsep(&p, sep));
3859 d = atof(sstrsep(&p, sep));
3860 rsa_results[k][0] += d;
3862 d = atof(sstrsep(&p, sep));
3863 rsa_results[k][1] += d;
3865 # ifndef OPENSSL_NO_DSA
3866 else if (strncmp(buf, "+F3:", 4) == 0) {
3871 k = atoi(sstrsep(&p, sep));
3874 d = atof(sstrsep(&p, sep));
3875 dsa_results[k][0] += d;
3877 d = atof(sstrsep(&p, sep));
3878 dsa_results[k][1] += d;
3881 # ifndef OPENSSL_NO_EC
3882 else if (strncmp(buf, "+F4:", 4) == 0) {
3887 k = atoi(sstrsep(&p, sep));
3890 d = atof(sstrsep(&p, sep));
3891 ecdsa_results[k][0] += d;
3893 d = atof(sstrsep(&p, sep));
3894 ecdsa_results[k][1] += d;
3895 } else if (strncmp(buf, "+F5:", 4) == 0) {
3900 k = atoi(sstrsep(&p, sep));
3903 d = atof(sstrsep(&p, sep));
3904 ecdh_results[k][0] += d;
3905 } else if (strncmp(buf, "+F6:", 4) == 0) {
3910 k = atoi(sstrsep(&p, sep));
3914 d = atof(sstrsep(&p, sep));
3915 eddsa_results[k][0] += d;
3917 d = atof(sstrsep(&p, sep));
3918 eddsa_results[k][1] += d;
3920 # ifndef OPENSSL_NO_SM2
3921 else if (strncmp(buf, "+F7:", 4) == 0) {
3926 k = atoi(sstrsep(&p, sep));
3929 d = atof(sstrsep(&p, sep));
3930 sm2_results[k][0] += d;
3932 d = atof(sstrsep(&p, sep));
3933 sm2_results[k][1] += d;
3935 # endif /* OPENSSL_NO_SM2 */
3938 else if (strncmp(buf, "+H:", 3) == 0) {
3941 BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf,
3952 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
3953 const openssl_speed_sec_t *seconds)
3955 static const int mblengths_list[] =
3956 { 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 };
3957 const int *mblengths = mblengths_list;
3958 int j, count, keylen, num = OSSL_NELEM(mblengths_list);
3959 const char *alg_name;
3960 unsigned char *inp, *out, *key, no_key[32], no_iv[16];
3961 EVP_CIPHER_CTX *ctx;
3964 if (lengths_single) {
3965 mblengths = &lengths_single;
3969 inp = app_malloc(mblengths[num - 1], "multiblock input buffer");
3970 out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer");
3971 ctx = EVP_CIPHER_CTX_new();
3972 EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv);
3974 keylen = EVP_CIPHER_CTX_key_length(ctx);
3975 key = app_malloc(keylen, "evp_cipher key");
3976 EVP_CIPHER_CTX_rand_key(ctx, key);
3977 EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
3978 OPENSSL_clear_free(key, keylen);
3980 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key), no_key);
3981 alg_name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
3983 for (j = 0; j < num; j++) {
3984 print_message(alg_name, 0, mblengths[j], seconds->sym);
3986 for (count = 0, run = 1; run && count < 0x7fffffff; count++) {
3987 unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
3988 EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
3989 size_t len = mblengths[j];
3992 memset(aad, 0, 8); /* avoid uninitialized values */
3993 aad[8] = 23; /* SSL3_RT_APPLICATION_DATA */
3994 aad[9] = 3; /* version */
3996 aad[11] = 0; /* length */
3998 mb_param.out = NULL;
4001 mb_param.interleave = 8;
4003 packlen = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
4004 sizeof(mb_param), &mb_param);
4010 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
4011 sizeof(mb_param), &mb_param);
4015 RAND_bytes(out, 16);
4017 aad[11] = (unsigned char)(len >> 8);
4018 aad[12] = (unsigned char)(len);
4019 pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD,
4020 EVP_AEAD_TLS1_AAD_LEN, aad);
4021 EVP_Cipher(ctx, out, inp, len + pad);
4025 BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n"
4026 : "%d %s's in %.2fs\n", count, "evp", d);
4027 results[D_EVP][j] = ((double)count) / d * mblengths[j];
4031 fprintf(stdout, "+H");
4032 for (j = 0; j < num; j++)
4033 fprintf(stdout, ":%d", mblengths[j]);
4034 fprintf(stdout, "\n");
4035 fprintf(stdout, "+F:%d:%s", D_EVP, alg_name);
4036 for (j = 0; j < num; j++)
4037 fprintf(stdout, ":%.2f", results[D_EVP][j]);
4038 fprintf(stdout, "\n");
4041 "The 'numbers' are in 1000s of bytes per second processed.\n");
4042 fprintf(stdout, "type ");
4043 for (j = 0; j < num; j++)
4044 fprintf(stdout, "%7d bytes", mblengths[j]);
4045 fprintf(stdout, "\n");
4046 fprintf(stdout, "%-24s", alg_name);
4048 for (j = 0; j < num; j++) {
4049 if (results[D_EVP][j] > 10000)
4050 fprintf(stdout, " %11.2fk", results[D_EVP][j] / 1e3);
4052 fprintf(stdout, " %11.2f ", results[D_EVP][j]);
4054 fprintf(stdout, "\n");
4059 EVP_CIPHER_CTX_free(ctx);