* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
- * Licensed under the OpenSSL license (the "License"). You may not use
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
# include <openssl/md5.h>
#endif
#include <openssl/hmac.h>
+#ifndef OPENSSL_NO_CMAC
+#include <openssl/cmac.h>
+#endif
#include <openssl/sha.h>
#ifndef OPENSSL_NO_RMD160
# include <openssl/ripemd.h>
#include <openssl/modes.h>
#ifndef HAVE_FORK
-# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS)
+# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS)
# define HAVE_FORK 0
# else
# define HAVE_FORK 1
#endif
static int AES_cbc_128_encrypt_loop(void *args);
static int AES_cbc_192_encrypt_loop(void *args);
-static int AES_ige_128_encrypt_loop(void *args);
static int AES_cbc_256_encrypt_loop(void *args);
+#if !OPENSSL_API_3
+static int AES_ige_128_encrypt_loop(void *args);
static int AES_ige_192_encrypt_loop(void *args);
static int AES_ige_256_encrypt_loop(void *args);
+#endif
static int CRYPTO_gcm128_aad_loop(void *args);
static int RAND_bytes_loop(void *args);
static int EVP_Update_loop(void *args);
typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
- OPT_ELAPSED, OPT_EVP, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
+ OPT_ELAPSED, OPT_EVP, OPT_HMAC, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM,
- OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD
+ OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD, OPT_CMAC
} OPTION_CHOICE;
const OPTIONS speed_options[] = {
{OPT_HELP_STR, 1, '-', "Valid options are:\n"},
{"help", OPT_HELP, '-', "Display this summary"},
{"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"},
+ {"hmac", OPT_HMAC, 's', "HMAC using EVP-named digest"},
+#ifndef OPENSSL_NO_CMAC
+ {"cmac", OPT_CMAC, 's', "CMAC using EVP-named cipher"},
+#endif
{"decrypt", OPT_DECRYPT, '-',
"Time decryption instead of encryption (only EVP)"},
{"aead", OPT_AEAD, '-',
#define D_IGE_256_AES 28
#define D_GHASH 29
#define D_RAND 30
+#define D_EVP_HMAC 31
+#define D_EVP_CMAC 32
+
/* name of algorithms to test */
static const char *names[] = {
"md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
"camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
"evp", "sha256", "sha512", "whirlpool",
"aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
- "rand"
+ "rand", "hmac", "cmac"
};
#define ALGOR_NUM OSSL_NELEM(names)
{"aes-128-cbc", D_CBC_128_AES},
{"aes-192-cbc", D_CBC_192_AES},
{"aes-256-cbc", D_CBC_256_AES},
+#if !OPENSSL_API_3
{"aes-128-ige", D_IGE_128_AES},
{"aes-192-ige", D_IGE_192_AES},
{"aes-256-ige", D_IGE_256_AES},
+#endif
#ifndef OPENSSL_NO_RC2
{"rc2-cbc", D_CBC_RC2},
{"rc2", D_CBC_RC2},
static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */
#endif /* OPENSSL_NO_RSA */
-#define R_EC_P160 0
-#define R_EC_P192 1
-#define R_EC_P224 2
-#define R_EC_P256 3
-#define R_EC_P384 4
-#define R_EC_P521 5
-#define R_EC_K163 6
-#define R_EC_K233 7
-#define R_EC_K283 8
-#define R_EC_K409 9
-#define R_EC_K571 10
-#define R_EC_B163 11
-#define R_EC_B233 12
-#define R_EC_B283 13
-#define R_EC_B409 14
-#define R_EC_B571 15
-#define R_EC_BRP256R1 16
-#define R_EC_BRP256T1 17
-#define R_EC_BRP384R1 18
-#define R_EC_BRP384T1 19
-#define R_EC_BRP512R1 20
-#define R_EC_BRP512T1 21
-#define R_EC_X25519 22
-#define R_EC_X448 23
+enum {
+ R_EC_P160,
+ R_EC_P192,
+ R_EC_P224,
+ R_EC_P256,
+ R_EC_P384,
+ R_EC_P521,
+#ifndef OPENSSL_NO_EC2M
+ R_EC_K163,
+ R_EC_K233,
+ R_EC_K283,
+ R_EC_K409,
+ R_EC_K571,
+ R_EC_B163,
+ R_EC_B233,
+ R_EC_B283,
+ R_EC_B409,
+ R_EC_B571,
+#endif
+ R_EC_BRP256R1,
+ R_EC_BRP256T1,
+ R_EC_BRP384R1,
+ R_EC_BRP384T1,
+ R_EC_BRP512R1,
+ R_EC_BRP512T1,
+ R_EC_X25519,
+ R_EC_X448
+};
+
#ifndef OPENSSL_NO_EC
static OPT_PAIR ecdsa_choices[] = {
{"ecdsap160", R_EC_P160},
{"ecdsap256", R_EC_P256},
{"ecdsap384", R_EC_P384},
{"ecdsap521", R_EC_P521},
+# ifndef OPENSSL_NO_EC2M
{"ecdsak163", R_EC_K163},
{"ecdsak233", R_EC_K233},
{"ecdsak283", R_EC_K283},
{"ecdsab283", R_EC_B283},
{"ecdsab409", R_EC_B409},
{"ecdsab571", R_EC_B571},
+# endif
{"ecdsabrp256r1", R_EC_BRP256R1},
{"ecdsabrp256t1", R_EC_BRP256T1},
{"ecdsabrp384r1", R_EC_BRP384R1},
{"ecdhp256", R_EC_P256},
{"ecdhp384", R_EC_P384},
{"ecdhp521", R_EC_P521},
+# ifndef OPENSSL_NO_EC2M
{"ecdhk163", R_EC_K163},
{"ecdhk233", R_EC_K233},
{"ecdhk283", R_EC_K283},
{"ecdhb283", R_EC_B283},
{"ecdhb409", R_EC_B409},
{"ecdhb571", R_EC_B571},
+# endif
{"ecdhbrp256r1", R_EC_BRP256R1},
{"ecdhbrp256t1", R_EC_BRP256T1},
{"ecdhbrp384r1", R_EC_BRP384R1},
unsigned char *buf2_malloc;
unsigned char *key;
unsigned int siglen;
+ size_t sigsize;
#ifndef OPENSSL_NO_RSA
RSA *rsa_key[RSA_NUM];
#endif
#endif
EVP_CIPHER_CTX *ctx;
HMAC_CTX *hctx;
+#ifndef OPENSSL_NO_CMAC
+ CMAC_CTX *cmac_ctx;
+#endif
GCM128_CONTEXT *gcm_ctx;
} loopargs_t;
static int run_benchmark(int async_jobs, int (*loop_function) (void *),
return count;
}
+#if !OPENSSL_API_3
static int AES_ige_128_encrypt_loop(void *args)
{
loopargs_t *tempargs = *(loopargs_t **) args;
(size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
return count;
}
+#endif
static int CRYPTO_gcm128_aad_loop(void *args)
{
return count;
}
+static const EVP_MD *evp_hmac_md = NULL;
+static char *evp_hmac_name = NULL;
+static int EVP_HMAC_loop(void *args)
+{
+ loopargs_t *tempargs = *(loopargs_t **) args;
+ unsigned char *buf = tempargs->buf;
+ unsigned char no_key[32];
+ int count;
+#ifndef SIGALRM
+ int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
+#endif
+
+ for (count = 0; COND(nb_iter); count++) {
+ if (HMAC(evp_hmac_md, no_key, sizeof(no_key), buf, lengths[testnum],
+ NULL, NULL) == NULL)
+ return -1;
+ }
+ return count;
+}
+
+#ifndef OPENSSL_NO_CMAC
+static const EVP_CIPHER *evp_cmac_cipher = NULL;
+static char *evp_cmac_name = NULL;
+
+static int EVP_CMAC_loop(void *args)
+{
+ loopargs_t *tempargs = *(loopargs_t **) args;
+ unsigned char *buf = tempargs->buf;
+ CMAC_CTX *cmac_ctx = tempargs->cmac_ctx;
+ static const char key[16] = "This is a key...";
+ unsigned char mac[16];
+ size_t len = sizeof(mac);
+ int count;
+#ifndef SIGALRM
+ int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
+#endif
+
+ for (count = 0; COND(nb_iter); count++) {
+ if (!CMAC_Init(cmac_ctx, key, sizeof(key), evp_cmac_cipher, NULL)
+ || !CMAC_Update(cmac_ctx, buf, lengths[testnum])
+ || !CMAC_Final(cmac_ctx, mac, &len))
+ return -1;
+ }
+ return count;
+}
+#endif
+
#ifndef OPENSSL_NO_RSA
static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */
unsigned char *buf = tempargs->buf;
EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
unsigned char *eddsasig = tempargs->buf2;
- unsigned int *eddsasiglen = &tempargs->siglen;
+ size_t *eddsasigsize = &tempargs->sigsize;
int ret, count;
for (count = 0; COND(eddsa_c[testnum][0]); count++) {
- ret = EVP_DigestSign(edctx[testnum], eddsasig, (size_t *)eddsasiglen, buf, 20);
+ ret = EVP_DigestSign(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
if (ret == 0) {
BIO_printf(bio_err, "EdDSA sign failure\n");
ERR_print_errors(bio_err);
unsigned char *buf = tempargs->buf;
EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
unsigned char *eddsasig = tempargs->buf2;
- unsigned int eddsasiglen = tempargs->siglen;
+ size_t eddsasigsize = tempargs->sigsize;
int ret, count;
for (count = 0; COND(eddsa_c[testnum][1]); count++) {
- ret = EVP_DigestVerify(edctx[testnum], eddsasig, eddsasiglen, buf, 20);
+ ret = EVP_DigestVerify(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
if (ret != 1) {
BIO_printf(bio_err, "EdDSA verify failure\n");
ERR_print_errors(bio_err);
{"nistp192", NID_X9_62_prime192v1, 192},
{"nistp224", NID_secp224r1, 224},
{"nistp256", NID_X9_62_prime256v1, 256},
- {"nistp384", NID_secp384r1, 384},
+ {"nistp384", NID_secp384r1, 384},
{"nistp521", NID_secp521r1, 521},
+# ifndef OPENSSL_NO_EC2M
/* Binary Curves */
{"nistk163", NID_sect163k1, 163},
- {"nistk233", NID_sect233k1, 233},
+ {"nistk233", NID_sect233k1, 233},
{"nistk283", NID_sect283k1, 283},
{"nistk409", NID_sect409k1, 409},
{"nistk571", NID_sect571k1, 571},
{"nistb283", NID_sect283r1, 283},
{"nistb409", NID_sect409r1, 409},
{"nistb571", NID_sect571r1, 571},
+# endif
{"brainpoolP256r1", NID_brainpoolP256r1, 256},
{"brainpoolP256t1", NID_brainpoolP256t1, 256},
{"brainpoolP384r1", NID_brainpoolP384r1, 384},
const char *name;
unsigned int nid;
unsigned int bits;
- unsigned int siglen;
+ size_t sigsize;
} test_ed_curves[] = {
/* EdDSA */
{"Ed25519", NID_ED25519, 253, 64},
}
doit[D_EVP] = 1;
break;
+ case OPT_HMAC:
+ evp_hmac_md = EVP_get_digestbyname(opt_arg());
+ if (evp_hmac_md == NULL) {
+ BIO_printf(bio_err, "%s: %s is an unknown digest\n",
+ prog, opt_arg());
+ goto end;
+ }
+ doit[D_EVP_HMAC] = 1;
+ break;
+ case OPT_CMAC:
+#ifndef OPENSSL_NO_CMAC
+ evp_cmac_cipher = EVP_get_cipherbyname(opt_arg());
+ if (evp_cmac_cipher == NULL) {
+ BIO_printf(bio_err, "%s: %s is an unknown cipher\n",
+ prog, opt_arg());
+ goto end;
+ }
+ doit[D_EVP_CMAC] = 1;
+#endif
+ break;
case OPT_DECRYPT:
decrypt = 1;
break;
e = setup_engine(engine_id, 0);
/* No parameters; turn on everything. */
- if ((argc == 0) && !doit[D_EVP]) {
+ if (argc == 0 && !doit[D_EVP] && !doit[D_EVP_HMAC] && !doit[D_EVP_CMAC]) {
for (i = 0; i < ALGOR_NUM; i++)
- if (i != D_EVP)
+ if (i != D_EVP && i != D_EVP_HMAC && i != D_EVP_CMAC)
doit[i] = 1;
#ifndef OPENSSL_NO_RSA
for (i = 0; i < RSA_NUM; i++)
RC2_set_key(&rc2_ks, 16, key16, 128);
#endif
#ifndef OPENSSL_NO_RC5
- RC5_32_set_key(&rc5_ks, 16, key16, 12);
+ if (!RC5_32_set_key(&rc5_ks, 16, key16, 12)) {
+ BIO_printf(bio_err, "Failed setting RC5 key\n");
+ goto end;
+ }
#endif
#ifndef OPENSSL_NO_BF
BF_set_key(&bf_ks, 16, key16);
}
}
}
+# ifndef OPENSSL_NO_EC2M
ecdsa_c[R_EC_K163][0] = count / 1000;
ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
for (i = R_EC_K233; i <= R_EC_K571; i++) {
}
}
}
+# endif
ecdh_c[R_EC_P160][0] = count / 1000;
for (i = R_EC_P192; i <= R_EC_P521; i++) {
}
}
}
+# ifndef OPENSSL_NO_EC2M
ecdh_c[R_EC_K163][0] = count / 1000;
for (i = R_EC_K233; i <= R_EC_K571; i++) {
ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
}
}
}
+# endif
/* repeated code good to factorize */
ecdh_c[R_EC_BRP256R1][0] = count / 1000;
for (i = R_EC_BRP384R1; i <= R_EC_BRP512R1; i += 2) {
}
}
+#if !OPENSSL_API_3
if (doit[D_IGE_128_AES]) {
for (testnum = 0; testnum < size_num; testnum++) {
print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][testnum],
print_result(D_IGE_256_AES, testnum, count, d);
}
}
+#endif
if (doit[D_GHASH]) {
for (i = 0; i < loopargs_len; i++) {
loopargs[i].gcm_ctx =
for (k = 0; k < loopargs_len; k++) {
loopargs[k].ctx = EVP_CIPHER_CTX_new();
- EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL, NULL,
- iv, decrypt ? 0 : 1);
+ if (loopargs[k].ctx == NULL) {
+ BIO_printf(bio_err, "\nEVP_CIPHER_CTX_new failure\n");
+ exit(1);
+ }
+ if (!EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL,
+ NULL, iv, decrypt ? 0 : 1)) {
+ BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
+ ERR_print_errors(bio_err);
+ exit(1);
+ }
EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
keylen = EVP_CIPHER_CTX_key_length(loopargs[k].ctx);
loopargs[k].key = app_malloc(keylen, "evp_cipher key");
EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key);
- EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
- loopargs[k].key, NULL, -1);
+ if (!EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
+ loopargs[k].key, NULL, -1)) {
+ BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
+ ERR_print_errors(bio_err);
+ exit(1);
+ }
OPENSSL_clear_free(loopargs[k].key, keylen);
+
+ /* SIV mode only allows for a single Update operation */
+ if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_SIV_MODE)
+ EVP_CIPHER_CTX_ctrl(loopargs[k].ctx, EVP_CTRL_SET_SPEED, 1, NULL);
}
Time_F(START);
}
}
+ if (doit[D_EVP_HMAC]) {
+ if (evp_hmac_md != NULL) {
+ const char *md_name = OBJ_nid2ln(EVP_MD_type(evp_hmac_md));
+ evp_hmac_name = app_malloc(sizeof("HMAC()") + strlen(md_name),
+ "HMAC name");
+ sprintf(evp_hmac_name, "HMAC(%s)", md_name);
+ names[D_EVP_HMAC] = evp_hmac_name;
+
+ for (testnum = 0; testnum < size_num; testnum++) {
+ print_message(names[D_EVP_HMAC], save_count, lengths[testnum],
+ seconds.sym);
+ Time_F(START);
+ count = run_benchmark(async_jobs, EVP_HMAC_loop, loopargs);
+ d = Time_F(STOP);
+ print_result(D_EVP_HMAC, testnum, count, d);
+ }
+ }
+ }
+
+#ifndef OPENSSL_NO_CMAC
+ if (doit[D_EVP_CMAC]) {
+ if (evp_cmac_cipher != NULL) {
+ const char *cipher_name = OBJ_nid2ln(EVP_CIPHER_type(evp_cmac_cipher));
+ evp_cmac_name = app_malloc(sizeof("CMAC()") + strlen(cipher_name),
+ "CMAC name");
+ sprintf(evp_cmac_name, "CMAC(%s)", cipher_name);
+ names[D_EVP_CMAC] = evp_cmac_name;
+
+ for (i = 0; i < loopargs_len; i++) {
+ loopargs[i].cmac_ctx = CMAC_CTX_new();
+ if (loopargs[i].cmac_ctx == NULL) {
+ BIO_printf(bio_err, "CMAC malloc failure, exiting...");
+ exit(1);
+ }
+ }
+ for (testnum = 0; testnum < size_num; testnum++) {
+ print_message(names[D_EVP_CMAC], save_count, lengths[testnum],
+ seconds.sym);
+ Time_F(START);
+ count = run_benchmark(async_jobs, EVP_CMAC_loop, loopargs);
+ d = Time_F(STOP);
+ print_result(D_EVP_CMAC, testnum, count, d);
+ }
+ for (i = 0; i < loopargs_len; i++)
+ CMAC_CTX_free(loopargs[i].cmac_ctx);
+ }
+ }
+#endif
+
for (i = 0; i < loopargs_len; i++)
if (RAND_bytes(loopargs[i].buf, 36) <= 0)
goto end;
if (rsa_count <= 1) {
/* if longer than 10s, don't do any more */
- for (testnum++; testnum < EC_NUM; testnum++)
+ for (testnum++; testnum < ECDSA_NUM; testnum++)
ecdsa_doit[testnum] = 0;
}
}
} else {
for (i = 0; i < loopargs_len; i++) {
/* Perform EdDSA signature test */
- loopargs[i].siglen = test_ed_curves[testnum].siglen;
+ loopargs[i].sigsize = test_ed_curves[testnum].sigsize;
st = EVP_DigestSign(loopargs[i].eddsa_ctx[testnum],
- loopargs[i].buf2, (size_t *)&loopargs[i].siglen,
+ loopargs[i].buf2, &loopargs[i].sigsize,
loopargs[i].buf, 20);
if (st == 0)
break;
/* Perform EdDSA verification test */
for (i = 0; i < loopargs_len; i++) {
st = EVP_DigestVerify(loopargs[i].eddsa_ctx[testnum],
- loopargs[i].buf2, loopargs[i].siglen,
+ loopargs[i].buf2, loopargs[i].sigsize,
loopargs[i].buf, 20);
if (st != 1)
break;
show_res:
#endif
if (!mr) {
- printf("%s\n", OpenSSL_version(OPENSSL_VERSION));
- printf("%s\n", OpenSSL_version(OPENSSL_BUILT_ON));
+ printf("version: %s\n", OpenSSL_version(OPENSSL_FULL_VERSION_STRING));
+ printf("built on: %s\n", OpenSSL_version(OPENSSL_BUILT_ON));
printf("options:");
printf("%s ", BN_options());
#ifndef OPENSSL_NO_MD2
OPENSSL_free(loopargs[i].secret_b);
#endif
}
+ OPENSSL_free(evp_hmac_name);
+#ifndef OPENSSL_NO_CMAC
+ OPENSSL_free(evp_cmac_name);
+#endif
if (async_jobs > 0) {
for (i = 0; i < loopargs_len; i++)