chacha20poly1305

[openssl.git] / apps / speed.c

diff --git a/apps/speed.c b/apps/speed.c
index 0cb7f24cc427948c8d4e0008aa73b960a039d7df..d9e59faafa0170f185b347e5d4f476d52bffe8e7 100644 (file)
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -108,8 +108,14 @@
 #include <signal.h>
 #endif
 
-#ifdef _WIN32
+#if defined(_WIN32) || defined(__CYGWIN__)
 #include <windows.h>
+# if defined(__CYGWIN__) && !defined(_WIN32)
+  /* <windows.h> should define _WIN32, which normally is mutually
+   * exclusive with __CYGWIN__, but if it didn't... */
+#  define _WIN32
+  /* this is done because Cygwin alarm() fails sometimes. */
+# endif
 #endif
 
 #include <openssl/bn.h>
@@ -183,6 +189,25 @@
 #ifndef OPENSSL_NO_ECDH
 #include <openssl/ecdh.h>
 #endif
+#include <openssl/modes.h>
+
+#ifdef OPENSSL_FIPS
+#ifdef OPENSSL_DOING_MAKEDEPEND
+#undef AES_set_encrypt_key
+#undef AES_set_decrypt_key
+#undef DES_set_key_unchecked
+#endif
+#define BF_set_key     private_BF_set_key
+#define CAST_set_key   private_CAST_set_key
+#define idea_set_encrypt_key   private_idea_set_encrypt_key
+#define SEED_set_key   private_SEED_set_key
+#define RC2_set_key    private_RC2_set_key
+#define RC4_set_key    private_RC4_set_key
+#define DES_set_key_unchecked  private_DES_set_key_unchecked
+#define AES_set_encrypt_key    private_AES_set_encrypt_key
+#define AES_set_decrypt_key    private_AES_set_decrypt_key
+#define Camellia_set_key       private_Camellia_set_key
+#endif
 
 #ifndef HAVE_FORK
 # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_NETWARE)
@@ -199,7 +224,7 @@
 #endif
 
 #undef BUFSIZE
-#define BUFSIZE        ((long)1024*8+1)
+#define BUFSIZE        ((long)1024*8+64)
 int run=0;
 
 static int mr=0;
@@ -214,7 +239,7 @@ static void print_result(int alg,int run_no,int count,double time_used);
 static int do_multi(int multi);
 #endif
 
-#define ALGOR_NUM      29
+#define ALGOR_NUM      33
 #define SIZE_NUM       5
 #define RSA_NUM                4
 #define DSA_NUM                3
@@ -229,7 +254,9 @@ static const char *names[ALGOR_NUM]={
   "aes-128 cbc","aes-192 cbc","aes-256 cbc",
   "camellia-128 cbc","camellia-192 cbc","camellia-256 cbc",
   "evp","sha256","sha512","whirlpool",
-  "aes-128 ige","aes-192 ige","aes-256 ige"};
+  "aes-128 ige","aes-192 ige","aes-256 ige","ghash",
+  "aes-128 gcm", "aes-256 gcm", "chacha20 poly1305",
+};
 static double results[ALGOR_NUM][SIZE_NUM];
 static int lengths[SIZE_NUM]={16,64,256,1024,8*1024};
 #ifndef OPENSSL_NO_RSA
@@ -273,9 +300,12 @@ static SIGRETTYPE sig_done(int sig)
 
 #if defined(_WIN32)
 
-#define SIGALRM
+#if !defined(SIGALRM)
+# define SIGALRM
+#endif
 static unsigned int lapse,schlock;
-static void alarm(unsigned int secs) { lapse = secs*1000; }
+static void alarm_win32(unsigned int secs) { lapse = secs*1000; }
+#define alarm alarm_win32
 
 static DWORD WINAPI sleepy(VOID *arg)
        {
@@ -469,6 +499,10 @@ int MAIN(int argc, char **argv)
 #define D_IGE_128_AES   26
 #define D_IGE_192_AES   27
 #define D_IGE_256_AES   28
+#define D_GHASH                29
+#define D_AES_128_GCM  30
+#define D_AES_256_GCM  31
+#define D_CHACHA20_POLY1305    32
        double d=0.0;
        long c[ALGOR_NUM][SIZE_NUM];
 #define        R_DSA_512       0
@@ -894,6 +928,18 @@ int MAIN(int argc, char **argv)
                        doit[D_CBC_192_AES]=1;
                        doit[D_CBC_256_AES]=1;
                        }
+               else if (strcmp(*argv,"ghash") == 0)
+                       {
+                       doit[D_GHASH]=1;
+                       }
+               else if (strcmp(*argv,"aes-128-gcm") == 0)
+                       {
+                       doit[D_AES_128_GCM]=1;
+                       }
+               else if (strcmp(*argv,"aes-256-gcm") == 0)
+                       {
+                       doit[D_AES_256_GCM]=1;
+                       }
                else
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
@@ -905,6 +951,13 @@ int MAIN(int argc, char **argv)
                        }
                else
 #endif
+#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
+                       if (strcmp(*argv,"chacha20-poly1305") == 0)
+                       {
+                       doit[D_CHACHA20_POLY1305]=1;
+                       }
+               else
+#endif
 #ifndef OPENSSL_NO_RSA
                        if (strcmp(*argv,"rsa") == 0)
                        {
@@ -1037,7 +1090,8 @@ int MAIN(int argc, char **argv)
 #endif
 #ifndef OPENSSL_NO_AES
                        BIO_printf(bio_err,"aes-128-cbc aes-192-cbc aes-256-cbc ");
-                       BIO_printf(bio_err,"aes-128-ige aes-192-ige aes-256-ige ");
+                       BIO_printf(bio_err,"aes-128-ige aes-192-ige aes-256-ige\n");
+                       BIO_printf(bio_err,"aes-128-gcm aes-256-gcm ");
 #endif
 #ifndef OPENSSL_NO_CAMELLIA
                        BIO_printf(bio_err,"\n");
@@ -1045,6 +1099,9 @@ int MAIN(int argc, char **argv)
 #endif
 #ifndef OPENSSL_NO_RC4
                        BIO_printf(bio_err,"rc4");
+#endif
+#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
+                       BIO_printf(bio_err," chacha20-poly1305");
 #endif
                        BIO_printf(bio_err,"\n");
 
@@ -1264,6 +1321,9 @@ int MAIN(int argc, char **argv)
        c[D_IGE_128_AES][0]=count;
        c[D_IGE_192_AES][0]=count;
        c[D_IGE_256_AES][0]=count;
+       c[D_GHASH][0]=count;
+       c[D_AES_128_GCM][0]=count;
+       c[D_CHACHA20_POLY1305][0]=count;
 
        for (i=1; i<SIZE_NUM; i++)
                {
@@ -1458,7 +1518,7 @@ int MAIN(int argc, char **argv)
 # error "You cannot disable DES on systems without SIGALRM."
 #endif /* OPENSSL_NO_DES */
 #else
-#define COND(c)        (run)
+#define COND(c)        (run && count<0x7fffffff)
 #define COUNT(d) (count)
 #ifndef _WIN32
        signal(SIGALRM,sig_done);
@@ -1754,9 +1814,92 @@ int MAIN(int argc, char **argv)
                        print_result(D_IGE_256_AES,j,count,d);
                        }
                }
+       if (doit[D_GHASH])
+               {
+               GCM128_CONTEXT *ctx = CRYPTO_gcm128_new(&aes_ks1,(block128_f)AES_encrypt);
+               CRYPTO_gcm128_setiv (ctx,(unsigned char *)"0123456789ab",12);
+
+               for (j=0; j<SIZE_NUM; j++)
+                       {
+                       print_message(names[D_GHASH],c[D_GHASH][j],lengths[j]);
+                       Time_F(START);
+                       for (count=0,run=1; COND(c[D_GHASH][j]); count++)
+                               CRYPTO_gcm128_aad(ctx,buf,lengths[j]);
+                       d=Time_F(STOP);
+                       print_result(D_GHASH,j,count,d);
+                       }
+               CRYPTO_gcm128_release(ctx);
+               }
+
+       if (doit[D_AES_128_GCM])
+               {
+               const EVP_AEAD *aead = EVP_aead_aes_128_gcm();
+               static const unsigned char nonce[32] = {0};
+               size_t nonce_len;
+               EVP_AEAD_CTX ctx;
+
+               EVP_AEAD_CTX_init(&ctx, aead, key32, EVP_AEAD_key_length(aead), EVP_AEAD_DEFAULT_TAG_LENGTH, NULL);
+               nonce_len = EVP_AEAD_nonce_length(aead);
+
+               for (j=0; j<SIZE_NUM; j++)
+                       {
+                       print_message(names[D_AES_128_GCM],c[D_AES_128_GCM][j],lengths[j]);
+                       Time_F(START);
+                       for (count=0,run=1; COND(c[D_AES_128_GCM][j]); count++)
+                               EVP_AEAD_CTX_seal(&ctx,buf, BUFSIZE, nonce, nonce_len, buf, lengths[j], NULL, 0);
+                       d=Time_F(STOP);
+                       print_result(D_AES_128_GCM,j,count,d);
+                       }
+               EVP_AEAD_CTX_cleanup(&ctx);
+               }
+
+       if (doit[D_AES_256_GCM])
+               {
+               const EVP_AEAD *aead = EVP_aead_aes_256_gcm();
+               static const unsigned char nonce[32] = {0};
+               size_t nonce_len;
+               EVP_AEAD_CTX ctx;
+
+               EVP_AEAD_CTX_init(&ctx, aead, key32, EVP_AEAD_key_length(aead), EVP_AEAD_DEFAULT_TAG_LENGTH, NULL);
+               nonce_len = EVP_AEAD_nonce_length(aead);
+
+               for (j=0; j<SIZE_NUM; j++)
+                       {
+                       print_message(names[D_AES_256_GCM],c[D_AES_256_GCM][j],lengths[j]);
+                       Time_F(START);
+                       for (count=0,run=1; COND(c[D_AES_256_GCM][j]); count++)
+                               EVP_AEAD_CTX_seal(&ctx,buf, BUFSIZE, nonce, nonce_len, buf, lengths[j], NULL, 0);
+                       d=Time_F(STOP);
+                       print_result(D_AES_256_GCM,j,count,d);
+                       }
+               EVP_AEAD_CTX_cleanup(&ctx);
+               }
+#endif
 
+#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
+       if (doit[D_CHACHA20_POLY1305])
+               {
+               const EVP_AEAD *aead = EVP_aead_chacha20_poly1305();
+               static const unsigned char nonce[32] = {0};
+               size_t nonce_len;
+               EVP_AEAD_CTX ctx;
+
+               EVP_AEAD_CTX_init(&ctx, aead, key32, EVP_AEAD_key_length(aead), EVP_AEAD_DEFAULT_TAG_LENGTH, NULL);
+               nonce_len = EVP_AEAD_nonce_length(aead);
 
+               for (j=0; j<SIZE_NUM; j++)
+                       {
+                       print_message(names[D_CHACHA20_POLY1305],c[D_CHACHA20_POLY1305][j],lengths[j]);
+                       Time_F(START);
+                       for (count=0,run=1; COND(c[D_CHACHA20_POLY1305][j]); count++)
+                               EVP_AEAD_CTX_seal(&ctx,buf, BUFSIZE, nonce, nonce_len, buf, lengths[j], NULL, 0);
+                       d=Time_F(STOP);
+                       print_result(D_CHACHA20_POLY1305,j,count,d);
+                       }
+               EVP_AEAD_CTX_cleanup(&ctx);
+               }
 #endif
+
 #ifndef OPENSSL_NO_CAMELLIA
        if (doit[D_CBC_128_CML])
                {
@@ -2548,7 +2691,7 @@ static void pkey_print_message(const char *str, const char *str2, long num,
        BIO_printf(bio_err,mr ? "+DTP:%d:%s:%s:%d\n"
                           : "Doing %d bit %s %s's for %ds: ",bits,str,str2,tm);
        (void)BIO_flush(bio_err);
-       alarm(RSA_SECONDS);
+       alarm(tm);
 #else
        BIO_printf(bio_err,mr ? "+DNP:%ld:%d:%s:%s\n"
                           : "Doing %ld %d bit %s %s's: ",num,bits,str,str2);
@@ -2608,7 +2751,11 @@ static int do_multi(int multi)
        fds=malloc(multi*sizeof *fds);
        for(n=0 ; n < multi ; ++n)
                {
-               pipe(fd);
+               if (pipe(fd) == -1)
+                       {
+                       fprintf(stderr, "pipe failure\n");
+                       exit(1);
+                       }
                fflush(stdout);
                fflush(stderr);
                if(fork())
@@ -2620,7 +2767,11 @@ static int do_multi(int multi)
                        {
                        close(fd[0]);
                        close(1);
-                       dup(fd[1]);
+                       if (dup(fd[1]) == -1)
+                               {
+                               fprintf(stderr, "dup failed\n");
+                               exit(1);
+                               }
                        close(fd[1]);
                        mr=1;
                        usertime=0;
@@ -2703,6 +2854,7 @@ static int do_multi(int multi)
                                else
                                        rsa_results[k][1]=d;
                                }
+#ifndef OPENSSL_NO_DSA
                        else if(!strncmp(buf,"+F3:",4))
                                {
                                int k;
@@ -2724,6 +2876,7 @@ static int do_multi(int multi)
                                else
                                        dsa_results[k][1]=d;
                                }
+#endif
 #ifndef OPENSSL_NO_ECDSA
                        else if(!strncmp(buf,"+F4:",4))
                                {