X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=apps%2Fspeed.c;h=5f16b1395400931b608f9e9a4ea23165877153d0;hp=bb8836d81b9054eaf949dfdfd2c4cfbbc81d89bd;hb=5d238a1032fee0e4759c2ed7fbd09cb9d7125a72;hpb=b1ceb439f234a998db84f27a3a245dab95d322ab diff --git a/apps/speed.c b/apps/speed.c index bb8836d81b..5f16b13954 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -57,6 +57,9 @@ # include #endif #include +#ifndef OPENSSL_NO_CMAC +#include +#endif #include #ifndef OPENSSL_NO_RMD160 # include @@ -100,7 +103,7 @@ #include #ifndef HAVE_FORK -# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) +# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS) # define HAVE_FORK 0 # else # define HAVE_FORK 1 @@ -163,10 +166,12 @@ static int DES_ede3_cbc_encrypt_loop(void *args); #endif static int AES_cbc_128_encrypt_loop(void *args); static int AES_cbc_192_encrypt_loop(void *args); -static int AES_ige_128_encrypt_loop(void *args); static int AES_cbc_256_encrypt_loop(void *args); +#if !OPENSSL_API_3 +static int AES_ige_128_encrypt_loop(void *args); static int AES_ige_192_encrypt_loop(void *args); static int AES_ige_256_encrypt_loop(void *args); +#endif static int CRYPTO_gcm128_aad_loop(void *args); static int RAND_bytes_loop(void *args); static int EVP_Update_loop(void *args); @@ -300,7 +305,7 @@ typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_ELAPSED, OPT_EVP, OPT_HMAC, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI, OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM, - OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD + OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD, OPT_CMAC } OPTION_CHOICE; const OPTIONS speed_options[] = { @@ -309,6 +314,9 @@ const OPTIONS speed_options[] = { {"help", OPT_HELP, '-', "Display this summary"}, {"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"}, {"hmac", OPT_HMAC, 's', "HMAC using EVP-named digest"}, +#ifndef OPENSSL_NO_CMAC + {"cmac", OPT_CMAC, 's', "CMAC using EVP-named cipher"}, +#endif {"decrypt", OPT_DECRYPT, '-', "Time decryption instead of encryption (only EVP)"}, {"aead", OPT_AEAD, '-', @@ -371,6 +379,7 @@ const OPTIONS speed_options[] = { #define D_GHASH 29 #define D_RAND 30 #define D_EVP_HMAC 31 +#define D_EVP_CMAC 32 /* name of algorithms to test */ static const char *names[] = { @@ -381,7 +390,7 @@ static const char *names[] = { "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc", "evp", "sha256", "sha512", "whirlpool", "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash", - "rand", "hmac" + "rand", "hmac", "cmac" }; #define ALGOR_NUM OSSL_NELEM(names) @@ -421,9 +430,11 @@ static const OPT_PAIR doit_choices[] = { {"aes-128-cbc", D_CBC_128_AES}, {"aes-192-cbc", D_CBC_192_AES}, {"aes-256-cbc", D_CBC_256_AES}, +#if !OPENSSL_API_3 {"aes-128-ige", D_IGE_128_AES}, {"aes-192-ige", D_IGE_192_AES}, {"aes-256-ige", D_IGE_256_AES}, +#endif #ifndef OPENSSL_NO_RC2 {"rc2-cbc", D_CBC_RC2}, {"rc2", D_CBC_RC2}, @@ -492,30 +503,35 @@ static const OPT_PAIR rsa_choices[] = { static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */ #endif /* OPENSSL_NO_RSA */ -#define R_EC_P160 0 -#define R_EC_P192 1 -#define R_EC_P224 2 -#define R_EC_P256 3 -#define R_EC_P384 4 -#define R_EC_P521 5 -#define R_EC_K163 6 -#define R_EC_K233 7 -#define R_EC_K283 8 -#define R_EC_K409 9 -#define R_EC_K571 10 -#define R_EC_B163 11 -#define R_EC_B233 12 -#define R_EC_B283 13 -#define R_EC_B409 14 -#define R_EC_B571 15 -#define R_EC_BRP256R1 16 -#define R_EC_BRP256T1 17 -#define R_EC_BRP384R1 18 -#define R_EC_BRP384T1 19 -#define R_EC_BRP512R1 20 -#define R_EC_BRP512T1 21 -#define R_EC_X25519 22 -#define R_EC_X448 23 +enum { + R_EC_P160, + R_EC_P192, + R_EC_P224, + R_EC_P256, + R_EC_P384, + R_EC_P521, +#ifndef OPENSSL_NO_EC2M + R_EC_K163, + R_EC_K233, + R_EC_K283, + R_EC_K409, + R_EC_K571, + R_EC_B163, + R_EC_B233, + R_EC_B283, + R_EC_B409, + R_EC_B571, +#endif + R_EC_BRP256R1, + R_EC_BRP256T1, + R_EC_BRP384R1, + R_EC_BRP384T1, + R_EC_BRP512R1, + R_EC_BRP512T1, + R_EC_X25519, + R_EC_X448 +}; + #ifndef OPENSSL_NO_EC static OPT_PAIR ecdsa_choices[] = { {"ecdsap160", R_EC_P160}, @@ -524,6 +540,7 @@ static OPT_PAIR ecdsa_choices[] = { {"ecdsap256", R_EC_P256}, {"ecdsap384", R_EC_P384}, {"ecdsap521", R_EC_P521}, +# ifndef OPENSSL_NO_EC2M {"ecdsak163", R_EC_K163}, {"ecdsak233", R_EC_K233}, {"ecdsak283", R_EC_K283}, @@ -534,6 +551,7 @@ static OPT_PAIR ecdsa_choices[] = { {"ecdsab283", R_EC_B283}, {"ecdsab409", R_EC_B409}, {"ecdsab571", R_EC_B571}, +# endif {"ecdsabrp256r1", R_EC_BRP256R1}, {"ecdsabrp256t1", R_EC_BRP256T1}, {"ecdsabrp384r1", R_EC_BRP384R1}, @@ -552,6 +570,7 @@ static const OPT_PAIR ecdh_choices[] = { {"ecdhp256", R_EC_P256}, {"ecdhp384", R_EC_P384}, {"ecdhp521", R_EC_P521}, +# ifndef OPENSSL_NO_EC2M {"ecdhk163", R_EC_K163}, {"ecdhk233", R_EC_K233}, {"ecdhk283", R_EC_K283}, @@ -562,6 +581,7 @@ static const OPT_PAIR ecdh_choices[] = { {"ecdhb283", R_EC_B283}, {"ecdhb409", R_EC_B409}, {"ecdhb571", R_EC_B571}, +# endif {"ecdhbrp256r1", R_EC_BRP256R1}, {"ecdhbrp256t1", R_EC_BRP256T1}, {"ecdhbrp384r1", R_EC_BRP384R1}, @@ -620,6 +640,9 @@ typedef struct loopargs_st { #endif EVP_CIPHER_CTX *ctx; HMAC_CTX *hctx; +#ifndef OPENSSL_NO_CMAC + CMAC_CTX *cmac_ctx; +#endif GCM128_CONTEXT *gcm_ctx; } loopargs_t; static int run_benchmark(int async_jobs, int (*loop_function) (void *), @@ -850,6 +873,7 @@ static int AES_cbc_256_encrypt_loop(void *args) return count; } +#if !OPENSSL_API_3 static int AES_ige_128_encrypt_loop(void *args) { loopargs_t *tempargs = *(loopargs_t **) args; @@ -885,6 +909,7 @@ static int AES_ige_256_encrypt_loop(void *args) (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT); return count; } +#endif static int CRYPTO_gcm128_aad_loop(void *args) { @@ -1055,6 +1080,33 @@ static int EVP_HMAC_loop(void *args) return count; } +#ifndef OPENSSL_NO_CMAC +static const EVP_CIPHER *evp_cmac_cipher = NULL; +static char *evp_cmac_name = NULL; + +static int EVP_CMAC_loop(void *args) +{ + loopargs_t *tempargs = *(loopargs_t **) args; + unsigned char *buf = tempargs->buf; + CMAC_CTX *cmac_ctx = tempargs->cmac_ctx; + static const char key[16] = "This is a key..."; + unsigned char mac[16]; + size_t len = sizeof(mac); + int count; +#ifndef SIGALRM + int nb_iter = save_count * 4 * lengths[0] / lengths[testnum]; +#endif + + for (count = 0; COND(nb_iter); count++) { + if (!CMAC_Init(cmac_ctx, key, sizeof(key), evp_cmac_cipher, NULL) + || !CMAC_Update(cmac_ctx, buf, lengths[testnum]) + || !CMAC_Final(cmac_ctx, mac, &len)) + return -1; + } + return count; +} +#endif + #ifndef OPENSSL_NO_RSA static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */ @@ -1522,11 +1574,12 @@ int speed_main(int argc, char **argv) {"nistp192", NID_X9_62_prime192v1, 192}, {"nistp224", NID_secp224r1, 224}, {"nistp256", NID_X9_62_prime256v1, 256}, - {"nistp384", NID_secp384r1, 384}, + {"nistp384", NID_secp384r1, 384}, {"nistp521", NID_secp521r1, 521}, +# ifndef OPENSSL_NO_EC2M /* Binary Curves */ {"nistk163", NID_sect163k1, 163}, - {"nistk233", NID_sect233k1, 233}, + {"nistk233", NID_sect233k1, 233}, {"nistk283", NID_sect283k1, 283}, {"nistk409", NID_sect409k1, 409}, {"nistk571", NID_sect571k1, 571}, @@ -1535,6 +1588,7 @@ int speed_main(int argc, char **argv) {"nistb283", NID_sect283r1, 283}, {"nistb409", NID_sect409r1, 409}, {"nistb571", NID_sect571r1, 571}, +# endif {"brainpoolP256r1", NID_brainpoolP256r1, 256}, {"brainpoolP256t1", NID_brainpoolP256t1, 256}, {"brainpoolP384r1", NID_brainpoolP384r1, 384}, @@ -1599,6 +1653,17 @@ int speed_main(int argc, char **argv) } doit[D_EVP_HMAC] = 1; break; + case OPT_CMAC: +#ifndef OPENSSL_NO_CMAC + evp_cmac_cipher = EVP_get_cipherbyname(opt_arg()); + if (evp_cmac_cipher == NULL) { + BIO_printf(bio_err, "%s: %s is an unknown cipher\n", + prog, opt_arg()); + goto end; + } + doit[D_EVP_CMAC] = 1; +#endif + break; case OPT_DECRYPT: decrypt = 1; break; @@ -1837,9 +1902,9 @@ int speed_main(int argc, char **argv) e = setup_engine(engine_id, 0); /* No parameters; turn on everything. */ - if (argc == 0 && !doit[D_EVP] && !doit[D_EVP_HMAC]) { + if (argc == 0 && !doit[D_EVP] && !doit[D_EVP_HMAC] && !doit[D_EVP_CMAC]) { for (i = 0; i < ALGOR_NUM; i++) - if (i != D_EVP && i != D_EVP_HMAC) + if (i != D_EVP && i != D_EVP_HMAC && i != D_EVP_CMAC) doit[i] = 1; #ifndef OPENSSL_NO_RSA for (i = 0; i < RSA_NUM; i++) @@ -2063,6 +2128,7 @@ int speed_main(int argc, char **argv) } } } +# ifndef OPENSSL_NO_EC2M ecdsa_c[R_EC_K163][0] = count / 1000; ecdsa_c[R_EC_K163][1] = count / 1000 / 2; for (i = R_EC_K233; i <= R_EC_K571; i++) { @@ -2091,6 +2157,7 @@ int speed_main(int argc, char **argv) } } } +# endif ecdh_c[R_EC_P160][0] = count / 1000; for (i = R_EC_P192; i <= R_EC_P521; i++) { @@ -2103,6 +2170,7 @@ int speed_main(int argc, char **argv) } } } +# ifndef OPENSSL_NO_EC2M ecdh_c[R_EC_K163][0] = count / 1000; for (i = R_EC_K233; i <= R_EC_K571; i++) { ecdh_c[i][0] = ecdh_c[i - 1][0] / 2; @@ -2125,6 +2193,7 @@ int speed_main(int argc, char **argv) } } } +# endif /* repeated code good to factorize */ ecdh_c[R_EC_BRP256R1][0] = count / 1000; for (i = R_EC_BRP384R1; i <= R_EC_BRP512R1; i += 2) { @@ -2366,6 +2435,7 @@ int speed_main(int argc, char **argv) } } +#if !OPENSSL_API_3 if (doit[D_IGE_128_AES]) { for (testnum = 0; testnum < size_num; testnum++) { print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][testnum], @@ -2399,6 +2469,7 @@ int speed_main(int argc, char **argv) print_result(D_IGE_256_AES, testnum, count, d); } } +#endif if (doit[D_GHASH]) { for (i = 0; i < loopargs_len; i++) { loopargs[i].gcm_ctx = @@ -2646,16 +2717,28 @@ int speed_main(int argc, char **argv) for (k = 0; k < loopargs_len; k++) { loopargs[k].ctx = EVP_CIPHER_CTX_new(); - EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL, NULL, - iv, decrypt ? 0 : 1); + if (loopargs[k].ctx == NULL) { + BIO_printf(bio_err, "\nEVP_CIPHER_CTX_new failure\n"); + exit(1); + } + if (!EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL, + NULL, iv, decrypt ? 0 : 1)) { + BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n"); + ERR_print_errors(bio_err); + exit(1); + } EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0); keylen = EVP_CIPHER_CTX_key_length(loopargs[k].ctx); loopargs[k].key = app_malloc(keylen, "evp_cipher key"); EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key); - EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL, - loopargs[k].key, NULL, -1); + if (!EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL, + loopargs[k].key, NULL, -1)) { + BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n"); + ERR_print_errors(bio_err); + exit(1); + } OPENSSL_clear_free(loopargs[k].key, keylen); /* SIV mode only allows for a single Update operation */ @@ -2704,6 +2787,36 @@ int speed_main(int argc, char **argv) } } +#ifndef OPENSSL_NO_CMAC + if (doit[D_EVP_CMAC]) { + if (evp_cmac_cipher != NULL) { + const char *cipher_name = OBJ_nid2ln(EVP_CIPHER_type(evp_cmac_cipher)); + evp_cmac_name = app_malloc(sizeof("CMAC()") + strlen(cipher_name), + "CMAC name"); + sprintf(evp_cmac_name, "CMAC(%s)", cipher_name); + names[D_EVP_CMAC] = evp_cmac_name; + + for (i = 0; i < loopargs_len; i++) { + loopargs[i].cmac_ctx = CMAC_CTX_new(); + if (loopargs[i].cmac_ctx == NULL) { + BIO_printf(bio_err, "CMAC malloc failure, exiting..."); + exit(1); + } + } + for (testnum = 0; testnum < size_num; testnum++) { + print_message(names[D_EVP_CMAC], save_count, lengths[testnum], + seconds.sym); + Time_F(START); + count = run_benchmark(async_jobs, EVP_CMAC_loop, loopargs); + d = Time_F(STOP); + print_result(D_EVP_CMAC, testnum, count, d); + } + for (i = 0; i < loopargs_len; i++) + CMAC_CTX_free(loopargs[i].cmac_ctx); + } + } +#endif + for (i = 0; i < loopargs_len; i++) if (RAND_bytes(loopargs[i].buf, 36) <= 0) goto end; @@ -3403,6 +3516,9 @@ int speed_main(int argc, char **argv) #endif } OPENSSL_free(evp_hmac_name); +#ifndef OPENSSL_NO_CMAC + OPENSSL_free(evp_cmac_name); +#endif if (async_jobs > 0) { for (i = 0; i < loopargs_len; i++)