X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=apps%2Fspeed.c;h=d15b06e241e739f842a883824a156bb25a54df21;hp=b96733346bc080f4b840f179a547e23c1e1f91e7;hb=4d8743f490a5f96fa26d41985ee12cb6b9815a4c;hpb=63da21c01ba1b4fa4bd5adb8b3b36567025b8e15 diff --git a/apps/speed.c b/apps/speed.c index b96733346b..d15b06e241 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -1,4 +1,4 @@ -/* apps/speed.c */ +/* apps/speed.c -*- mode:C; c-file-style: "eay" -*- */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -55,13 +55,30 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ +/* ==================================================================== + * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. + * + * Portions of the attached software ("Contribution") are developed by + * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. + * + * The Contribution is licensed pursuant to the OpenSSL open source + * license provided above. + * + * The ECDH and ECDSA speed test software is originally written by + * Sumit Gupta of Sun Microsystems Laboratories. + * + */ /* most of this code has been pilfered from my libdes speed.c program */ +#ifndef OPENSSL_NO_SPEED + #undef SECONDS #define SECONDS 3 #define RSA_SECONDS 10 #define DSA_SECONDS 10 +#define ECDSA_SECONDS 10 +#define ECDH_SECONDS 10 /* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */ /* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */ @@ -71,116 +88,205 @@ #include #include -#include + #include #include #include "apps.h" -#ifdef NO_STDIO +#ifdef OPENSSL_NO_STDIO #define APPS_WIN16 #endif #include #include #include +#include +#include +#if !defined(OPENSSL_SYS_MSDOS) +#include OPENSSL_UNISTD +#endif -#if !defined(MSDOS) && (!defined(VMS) || defined(__DECC)) -#define TIMES +#ifndef OPENSSL_SYS_NETWARE +#include #endif -#ifndef _IRIX +#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) || defined(OPENSSL_SYS_MACOSX) +# define USE_TOD +#elif !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VXWORKS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) +# define TIMES +#endif +#if !defined(_UNICOS) && !defined(__OpenBSD__) && !defined(sgi) && !defined(__FreeBSD__) && !(defined(__bsdi) || defined(__bsdi__)) && !defined(_AIX) && !defined(OPENSSL_SYS_MPE) && !defined(__NetBSD__) && !defined(OPENSSL_SYS_VXWORKS) /* FIXME */ +# define TIMEB +#endif + +#if defined(OPENSSL_SYS_NETWARE) +#undef TIMES +#undef TIMEB #include #endif + +#ifndef _IRIX +# include +#endif #ifdef TIMES -#include -#include +# include +# include +#endif +#ifdef USE_TOD +# include +# include #endif /* Depending on the VMS version, the tms structure is perhaps defined. The __TMS macro will show if it was. If it wasn't defined, we should undefine TIMES, since that tells the rest of the program how things should be handled. -- Richard Levitte */ -#if defined(VMS) && defined(__DECC) && !defined(__TMS) +#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS) #undef TIMES #endif -#ifndef TIMES +#ifdef TIMEB #include #endif +#if !defined(TIMES) && !defined(TIMEB) && !defined(USE_TOD) && !defined(OPENSSL_SYS_VXWORKS) && !defined(OPENSSL_SYS_NETWARE) +#error "It seems neither struct tms nor struct timeb is supported in this platform!" +#endif + #if defined(sun) || defined(__ultrix) #define _POSIX_SOURCE #include #include #endif -#ifndef NO_DES +#ifndef OPENSSL_NO_DES #include #endif -#ifndef NO_MD2 +#ifndef OPENSSL_NO_AES +#include +#endif +#ifndef OPENSSL_NO_MD2 #include #endif -#ifndef NO_MDC2 +#ifndef OPENSSL_NO_MDC2 #include #endif -#ifndef NO_MD5 +#ifndef OPENSSL_NO_MD4 +#include +#endif +#ifndef OPENSSL_NO_MD5 #include #endif -#ifndef NO_HMAC +#ifndef OPENSSL_NO_HMAC #include #endif #include -#ifndef NO_SHA +#ifndef OPENSSL_NO_SHA #include #endif -#ifndef NO_RIPEMD +#ifndef OPENSSL_NO_RIPEMD #include #endif -#ifndef NO_RC4 +#ifndef OPENSSL_NO_RC4 #include #endif -#ifndef NO_RC5 +#ifndef OPENSSL_NO_RC5 #include #endif -#ifndef NO_RC2 +#ifndef OPENSSL_NO_RC2 #include #endif -#ifndef NO_IDEA +#ifndef OPENSSL_NO_IDEA #include #endif -#ifndef NO_BF +#ifndef OPENSSL_NO_BF #include #endif -#ifndef NO_CAST +#ifndef OPENSSL_NO_CAST #include #endif -#ifndef NO_RSA +#ifndef OPENSSL_NO_RSA #include #include "./testrsa.h" #endif #include -#ifndef NO_DSA +#ifndef OPENSSL_NO_DSA #include "./testdsa.h" #endif +#ifndef OPENSSL_NO_ECDSA +#include +#endif +#ifndef OPENSSL_NO_ECDH +#include +#endif + +/* + * The following "HZ" timing stuff should be sync'd up with the code in + * crypto/tmdiff.[ch]. That appears to try to do the same job, though I think + * this code is more up to date than libcrypto's so there may be features to + * migrate over first. This is used in two places further down AFAICS. + * The point is that nothing in openssl actually *uses* that tmdiff stuff, so + * either speed.c should be using it or it should go because it's obviously not + * useful enough. Anyone want to do a janitorial job on this? + */ /* The following if from times(3) man page. It may need to be changed */ #ifndef HZ -# ifndef CLK_TCK -# ifndef _BSD_CLK_TCK_ /* FreeBSD hack */ -# define HZ 100.0 -# else /* _BSD_CLK_TCK_ */ -# define HZ ((double)_BSD_CLK_TCK_) +# if defined(_SC_CLK_TCK) \ + && (!defined(OPENSSL_SYS_VMS) || __CTRL_VER >= 70000000) +# define HZ sysconf(_SC_CLK_TCK) +# else +# ifndef CLK_TCK +# ifndef _BSD_CLK_TCK_ /* FreeBSD hack */ +# define HZ 100.0 +# else /* _BSD_CLK_TCK_ */ +# define HZ ((double)_BSD_CLK_TCK_) +# endif +# else /* CLK_TCK */ +# define HZ ((double)CLK_TCK) # endif -# else /* CLK_TCK */ -# define HZ ((double)CLK_TCK) # endif #endif +#if !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MACINTOSH_CLASSIC) && !defined(OPENSSL_SYS_OS2) && !defined(OPENSSL_SYS_NETWARE) +# define HAVE_FORK 1 +#endif + #undef BUFSIZE #define BUFSIZE ((long)1024*8+1) int run=0; +static char ftime_used = 0, times_used = 0, gettimeofday_used = 0, getrusage_used = 0; +static int mr=0; +static int usertime=1; + static double Time_F(int s); -static void print_message(char *s,long num,int length); +static void print_message(const char *s,long num,int length); static void pkey_print_message(char *str,char *str2,long num,int bits,int sec); +static void print_result(int alg,int run_no,int count,double time_used); +#ifdef HAVE_FORK +static int do_multi(int multi); +#endif + +#define ALGOR_NUM 19 +#define SIZE_NUM 5 +#define RSA_NUM 4 +#define DSA_NUM 3 + +#define EC_NUM 16 +#define MAX_ECDH_SIZE 256 + +static const char *names[ALGOR_NUM]={ + "md2","mdc2","md4","md5","hmac(md5)","sha1","rmd160","rc4", + "des cbc","des ede3","idea cbc", + "rc2 cbc","rc5-32/12 cbc","blowfish cbc","cast cbc", + "aes-128 cbc","aes-192 cbc","aes-256 cbc"}; +static double results[ALGOR_NUM][SIZE_NUM]; +static int lengths[SIZE_NUM]={16,64,256,1024,8*1024}; +static double rsa_results[RSA_NUM][2]; +static double dsa_results[DSA_NUM][2]; +static double ecdsa_results[EC_NUM][2]; +static double ecdh_results[EC_NUM][1]; + + #ifdef SIGALRM #if defined(__STDC__) || defined(sgi) || defined(_AIX) #define SIGRETTYPE void @@ -202,119 +308,263 @@ static SIGRETTYPE sig_done(int sig) #define START 0 #define STOP 1 +#if defined(OPENSSL_SYS_NETWARE) + + /* for NetWare the best we can do is use clock() which returns the + * time, in hundredths of a second, since the NLM began executing + */ static double Time_F(int s) { double ret; -#ifdef TIMES - static struct tms tstart,tend; - if (s == START) + static clock_t tstart,tend; + + if (s == START) + { + tstart=clock(); + return(0); + } + else + { + tend=clock(); + ret=(double)((double)(tend)-(double)(tstart)); + return((ret < 0.001)?0.001:ret); + } + } + +#else + +static double Time_F(int s) + { + double ret; + +#ifdef USE_TOD + if(usertime) { - times(&tstart); - return(0); + static struct rusage tstart,tend; + + getrusage_used = 1; + if (s == START) + { + getrusage(RUSAGE_SELF,&tstart); + return(0); + } + else + { + long i; + + getrusage(RUSAGE_SELF,&tend); + i=(long)tend.ru_utime.tv_usec-(long)tstart.ru_utime.tv_usec; + ret=((double)(tend.ru_utime.tv_sec-tstart.ru_utime.tv_sec)) + +((double)i)/1000000.0; + return((ret < 0.001)?0.001:ret); + } } else { - times(&tend); - ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ; - return((ret < 1e-3)?1e-3:ret); - } -#else /* !times() */ - static struct timeb tstart,tend; - long i; + static struct timeval tstart,tend; + long i; - if (s == START) + gettimeofday_used = 1; + if (s == START) + { + gettimeofday(&tstart,NULL); + return(0); + } + else + { + gettimeofday(&tend,NULL); + i=(long)tend.tv_usec-(long)tstart.tv_usec; + ret=((double)(tend.tv_sec-tstart.tv_sec))+((double)i)/1000000.0; + return((ret < 0.001)?0.001:ret); + } + } +#else /* ndef USE_TOD */ + +# ifdef TIMES + if (usertime) { - ftime(&tstart); - return(0); + static struct tms tstart,tend; + + times_used = 1; + if (s == START) + { + times(&tstart); + return(0); + } + else + { + times(&tend); + ret = HZ; + ret=(double)(tend.tms_utime-tstart.tms_utime) / ret; + return((ret < 1e-3)?1e-3:ret); + } } +# endif /* times() */ +# if defined(TIMES) && defined(TIMEB) else +# endif +# ifdef OPENSSL_SYS_VXWORKS + { + static unsigned long tick_start, tick_end; + + if( s == START ) + { + tick_start = tickGet(); + return 0; + } + else + { + tick_end = tickGet(); + ret = (double)(tick_end - tick_start) / (double)sysClkRateGet(); + return((ret < 0.001)?0.001:ret); + } + } +# elif defined(TIMEB) { - ftime(&tend); - i=(long)tend.millitm-(long)tstart.millitm; - ret=((double)(tend.time-tstart.time))+((double)i)/1000.0; - return((ret < 0.001)?0.001:ret); + static struct timeb tstart,tend; + long i; + + ftime_used = 1; + if (s == START) + { + ftime(&tstart); + return(0); + } + else + { + ftime(&tend); + i=(long)tend.millitm-(long)tstart.millitm; + ret=((double)(tend.time-tstart.time))+((double)i)/1000.0; + return((ret < 0.001)?0.001:ret); + } } +# endif #endif } +#endif /* if defined(OPENSSL_SYS_NETWARE) */ + + +static const int KDF1_SHA1_len = 20; +static void *KDF1_SHA1(void *in, size_t inlen, void *out, size_t outlen) + { +#ifndef OPENSSL_NO_SHA + if (outlen != SHA_DIGEST_LENGTH) + return NULL; + return SHA1(in, inlen, out); +#else + return NULL; +#endif + } + + +int MAIN(int, char **); int MAIN(int argc, char **argv) { +#ifndef OPENSSL_NO_ENGINE + ENGINE *e = NULL; +#endif unsigned char *buf=NULL,*buf2=NULL; int mret=1; -#define ALGOR_NUM 14 -#define SIZE_NUM 5 -#define RSA_NUM 4 -#define DSA_NUM 3 - long count,rsa_count; + long count=0,save_count=0; int i,j,k; - unsigned rsa_num,rsa_num2; -#ifndef NO_MD2 +#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) + long rsa_count; +#endif +#ifndef OPENSSL_NO_RSA + unsigned rsa_num; +#endif + unsigned char md[EVP_MAX_MD_SIZE]; +#ifndef OPENSSL_NO_MD2 unsigned char md2[MD2_DIGEST_LENGTH]; #endif -#ifndef NO_MDC2 +#ifndef OPENSSL_NO_MDC2 unsigned char mdc2[MDC2_DIGEST_LENGTH]; #endif -#ifndef NO_MD5 +#ifndef OPENSSL_NO_MD4 + unsigned char md4[MD4_DIGEST_LENGTH]; +#endif +#ifndef OPENSSL_NO_MD5 unsigned char md5[MD5_DIGEST_LENGTH]; unsigned char hmac[MD5_DIGEST_LENGTH]; #endif -#ifndef NO_SHA +#ifndef OPENSSL_NO_SHA unsigned char sha[SHA_DIGEST_LENGTH]; #endif -#ifndef NO_RIPEMD +#ifndef OPENSSL_NO_RIPEMD unsigned char rmd160[RIPEMD160_DIGEST_LENGTH]; #endif -#ifndef NO_RC4 +#ifndef OPENSSL_NO_RC4 RC4_KEY rc4_ks; #endif -#ifndef NO_RC5 +#ifndef OPENSSL_NO_RC5 RC5_32_KEY rc5_ks; #endif -#ifndef NO_RC2 +#ifndef OPENSSL_NO_RC2 RC2_KEY rc2_ks; #endif -#ifndef NO_IDEA +#ifndef OPENSSL_NO_IDEA IDEA_KEY_SCHEDULE idea_ks; #endif -#ifndef NO_BF +#ifndef OPENSSL_NO_BF BF_KEY bf_ks; #endif -#ifndef NO_CAST +#ifndef OPENSSL_NO_CAST CAST_KEY cast_ks; #endif - static unsigned char key16[16]= + static const unsigned char key16[16]= {0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0, 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12}; - unsigned char iv[8]; -#ifndef NO_DES - des_cblock *buf_as_des_cblock = NULL; - static des_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0}; - static des_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12}; - static des_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34}; - des_key_schedule sch,sch2,sch3; + static const unsigned char key24[24]= + {0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0, + 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12, + 0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34}; + static const unsigned char key32[32]= + {0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0, + 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12, + 0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34, + 0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34,0x56}; +#ifndef OPENSSL_NO_AES +#define MAX_BLOCK_SIZE 128 +#else +#define MAX_BLOCK_SIZE 64 +#endif + unsigned char DES_iv[8]; + unsigned char iv[MAX_BLOCK_SIZE/8]; +#ifndef OPENSSL_NO_DES + DES_cblock *buf_as_des_cblock = NULL; + static DES_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0}; + static DES_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12}; + static DES_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34}; + DES_key_schedule sch; + DES_key_schedule sch2; + DES_key_schedule sch3; +#endif +#ifndef OPENSSL_NO_AES + AES_KEY aes_ks1, aes_ks2, aes_ks3; #endif #define D_MD2 0 #define D_MDC2 1 -#define D_MD5 2 -#define D_HMAC 3 -#define D_SHA1 4 -#define D_RMD160 5 -#define D_RC4 6 -#define D_CBC_DES 7 -#define D_EDE3_DES 8 -#define D_CBC_IDEA 9 -#define D_CBC_RC2 10 -#define D_CBC_RC5 11 -#define D_CBC_BF 12 -#define D_CBC_CAST 13 - double d,results[ALGOR_NUM][SIZE_NUM]; - static int lengths[SIZE_NUM]={8,64,256,1024,8*1024}; +#define D_MD4 2 +#define D_MD5 3 +#define D_HMAC 4 +#define D_SHA1 5 +#define D_RMD160 6 +#define D_RC4 7 +#define D_CBC_DES 8 +#define D_EDE3_DES 9 +#define D_CBC_IDEA 10 +#define D_CBC_RC2 11 +#define D_CBC_RC5 12 +#define D_CBC_BF 13 +#define D_CBC_CAST 14 +#define D_CBC_128_AES 15 +#define D_CBC_192_AES 16 +#define D_CBC_256_AES 17 +#define D_EVP 18 + double d=0.0; long c[ALGOR_NUM][SIZE_NUM]; - static char *names[ALGOR_NUM]={ - "md2","mdc2","md5","hmac(md5)","sha1","rmd160","rc4", - "des cbc","des ede3","idea cbc", - "rc2 cbc","rc5-32/12 cbc","blowfish cbc","cast cbc"}; #define R_DSA_512 0 #define R_DSA_1024 1 #define R_DSA_2048 2 @@ -322,10 +572,27 @@ int MAIN(int argc, char **argv) #define R_RSA_1024 1 #define R_RSA_2048 2 #define R_RSA_4096 3 -#ifndef NO_RSA + +#define R_EC_P160 0 +#define R_EC_P192 1 +#define R_EC_P224 2 +#define R_EC_P256 3 +#define R_EC_P384 4 +#define R_EC_P521 5 +#define R_EC_K163 6 +#define R_EC_K233 7 +#define R_EC_K283 8 +#define R_EC_K409 9 +#define R_EC_K571 10 +#define R_EC_B163 11 +#define R_EC_B233 12 +#define R_EC_B283 13 +#define R_EC_B409 14 +#define R_EC_B571 15 + +#ifndef OPENSSL_NO_RSA RSA *rsa_key[RSA_NUM]; long rsa_c[RSA_NUM][2]; - double rsa_results[RSA_NUM][2]; static unsigned int rsa_bits[RSA_NUM]={512,1024,2048,4096}; static unsigned char *rsa_data[RSA_NUM]= {test512,test1024,test2048,test4096}; @@ -333,48 +600,147 @@ int MAIN(int argc, char **argv) sizeof(test512),sizeof(test1024), sizeof(test2048),sizeof(test4096)}; #endif -#ifndef NO_DSA +#ifndef OPENSSL_NO_DSA DSA *dsa_key[DSA_NUM]; long dsa_c[DSA_NUM][2]; - double dsa_results[DSA_NUM][2]; static unsigned int dsa_bits[DSA_NUM]={512,1024,2048}; #endif +#ifndef OPENSSL_NO_EC + /* We only test over the following curves as they are representative, + * To add tests over more curves, simply add the curve NID + * and curve name to the following arrays and increase the + * EC_NUM value accordingly. + */ + static unsigned int test_curves[EC_NUM] = + { + /* Prime Curves */ + NID_secp160r1, + NID_X9_62_prime192v1, + NID_secp224r1, + NID_X9_62_prime256v1, + NID_secp384r1, + NID_secp521r1, + /* Binary Curves */ + NID_sect163k1, + NID_sect233k1, + NID_sect283k1, + NID_sect409k1, + NID_sect571k1, + NID_sect163r2, + NID_sect233r1, + NID_sect283r1, + NID_sect409r1, + NID_sect571r1 + }; + static char * test_curves_names[EC_NUM] = + { + /* Prime Curves */ + "secp160r1", + "nistp192", + "nistp224", + "nistp256", + "nistp384", + "nistp521", + /* Binary Curves */ + "nistk163", + "nistk233", + "nistk283", + "nistk409", + "nistk571", + "nistb163", + "nistb233", + "nistb283", + "nistb409", + "nistb571" + }; + static int test_curves_bits[EC_NUM] = + { + 160, 192, 224, 256, 384, 521, + 163, 233, 283, 409, 571, + 163, 233, 283, 409, 571 + }; + +#endif + +#ifndef OPENSSL_NO_ECDSA + unsigned char ecdsasig[256]; + unsigned int ecdsasiglen; + EC_KEY *ecdsa[EC_NUM]; + long ecdsa_c[EC_NUM][2]; +#endif + +#ifndef OPENSSL_NO_ECDH + EC_KEY *ecdh_a[EC_NUM], *ecdh_b[EC_NUM]; + unsigned char secret_a[MAX_ECDH_SIZE], secret_b[MAX_ECDH_SIZE]; + int secret_size_a, secret_size_b; + int ecdh_checks = 0; + int secret_idx = 0; + long ecdh_c[EC_NUM][2]; +#endif + int rsa_doit[RSA_NUM]; int dsa_doit[DSA_NUM]; + int ecdsa_doit[EC_NUM]; + int ecdh_doit[EC_NUM]; int doit[ALGOR_NUM]; int pr_header=0; + const EVP_CIPHER *evp_cipher=NULL; + const EVP_MD *evp_md=NULL; + int decrypt=0; +#ifdef HAVE_FORK + int multi=0; +#endif + +#ifndef TIMES + usertime=-1; +#endif apps_startup(); memset(results, 0, sizeof(results)); -#ifndef NO_DSA +#ifndef OPENSSL_NO_DSA memset(dsa_key,0,sizeof(dsa_key)); #endif +#ifndef OPENSSL_NO_ECDSA + for (i=0; i 0) && (strcmp(*argv,"-elapsed") == 0)) + { + usertime = 0; + j--; /* Otherwise, -elapsed gets confused with + an algorithm. */ + } + else if ((argc > 0) && (strcmp(*argv,"-evp") == 0)) + { + argc--; + argv++; + if(argc == 0) + { + BIO_printf(bio_err,"no EVP given\n"); + goto end; + } + evp_cipher=EVP_get_cipherbyname(*argv); + if(!evp_cipher) + { + evp_md=EVP_get_digestbyname(*argv); + } + if(!evp_cipher && !evp_md) + { + BIO_printf(bio_err,"%s is an unknown cipher or digest\n",*argv); + goto end; + } + doit[D_EVP]=1; + } + else if (argc > 0 && !strcmp(*argv,"-decrypt")) + { + decrypt=1; + j--; /* Otherwise, -elapsed gets confused with + an algorithm. */ + } +#ifndef OPENSSL_NO_ENGINE + else if ((argc > 0) && (strcmp(*argv,"-engine") == 0)) + { + argc--; + argv++; + if(argc == 0) + { + BIO_printf(bio_err,"no engine given\n"); + goto end; + } + e = setup_engine(bio_err, *argv, 0); + /* j will be increased again further down. We just + don't want speed to confuse an engine with an + algorithm, especially when none is given (which + means all of them should be run) */ + j--; + } +#endif +#ifdef HAVE_FORK + else if ((argc > 0) && (strcmp(*argv,"-multi") == 0)) + { + argc--; + argv++; + if(argc == 0) + { + BIO_printf(bio_err,"no multi count given\n"); + goto end; + } + multi=atoi(argv[0]); + if(multi <= 0) + { + BIO_printf(bio_err,"bad multi count\n"); + goto end; + } + j--; /* Otherwise, -mr gets confused with + an algorithm. */ + } +#endif + else if (argc > 0 && !strcmp(*argv,"-mr")) + { + mr=1; + j--; /* Otherwise, -mr gets confused with + an algorithm. */ + } + else +#ifndef OPENSSL_NO_MD2 if (strcmp(*argv,"md2") == 0) doit[D_MD2]=1; else #endif -#ifndef NO_MDC2 +#ifndef OPENSSL_NO_MDC2 if (strcmp(*argv,"mdc2") == 0) doit[D_MDC2]=1; else #endif -#ifndef NO_MD5 +#ifndef OPENSSL_NO_MD4 + if (strcmp(*argv,"md4") == 0) doit[D_MD4]=1; + else +#endif +#ifndef OPENSSL_NO_MD5 if (strcmp(*argv,"md5") == 0) doit[D_MD5]=1; else #endif -#ifndef NO_MD5 +#ifndef OPENSSL_NO_MD5 if (strcmp(*argv,"hmac") == 0) doit[D_HMAC]=1; else #endif -#ifndef NO_SHA +#ifndef OPENSSL_NO_SHA if (strcmp(*argv,"sha1") == 0) doit[D_SHA1]=1; else if (strcmp(*argv,"sha") == 0) doit[D_SHA1]=1; else #endif -#ifndef NO_RIPEMD +#ifndef OPENSSL_NO_RIPEMD if (strcmp(*argv,"ripemd") == 0) doit[D_RMD160]=1; else if (strcmp(*argv,"rmd160") == 0) doit[D_RMD160]=1; @@ -419,20 +876,26 @@ int MAIN(int argc, char **argv) if (strcmp(*argv,"ripemd160") == 0) doit[D_RMD160]=1; else #endif -#ifndef NO_RC4 +#ifndef OPENSSL_NO_RC4 if (strcmp(*argv,"rc4") == 0) doit[D_RC4]=1; else #endif -#ifndef NO_DES +#ifndef OPENSSL_NO_DES if (strcmp(*argv,"des-cbc") == 0) doit[D_CBC_DES]=1; else if (strcmp(*argv,"des-ede3") == 0) doit[D_EDE3_DES]=1; else #endif -#ifndef NO_RSA -#ifdef RSAref +#ifndef OPENSSL_NO_AES + if (strcmp(*argv,"aes-128-cbc") == 0) doit[D_CBC_128_AES]=1; + else if (strcmp(*argv,"aes-192-cbc") == 0) doit[D_CBC_192_AES]=1; + else if (strcmp(*argv,"aes-256-cbc") == 0) doit[D_CBC_256_AES]=1; + else +#endif +#ifndef OPENSSL_NO_RSA +#if 0 /* was: #ifdef RSAref */ if (strcmp(*argv,"rsaref") == 0) { - RSA_set_default_method(RSA_PKCS1_RSAref()); + RSA_set_default_openssl_method(RSA_PKCS1_RSAref()); j--; } else @@ -445,7 +908,7 @@ int MAIN(int argc, char **argv) } else #endif -#endif /* !NO_RSA */ +#endif /* !OPENSSL_NO_RSA */ if (strcmp(*argv,"dsa512") == 0) dsa_doit[R_DSA_512]=2; else if (strcmp(*argv,"dsa1024") == 0) dsa_doit[R_DSA_1024]=2; else if (strcmp(*argv,"dsa2048") == 0) dsa_doit[R_DSA_2048]=2; @@ -454,34 +917,34 @@ int MAIN(int argc, char **argv) else if (strcmp(*argv,"rsa2048") == 0) rsa_doit[R_RSA_2048]=2; else if (strcmp(*argv,"rsa4096") == 0) rsa_doit[R_RSA_4096]=2; else -#ifndef NO_RC2 +#ifndef OPENSSL_NO_RC2 if (strcmp(*argv,"rc2-cbc") == 0) doit[D_CBC_RC2]=1; else if (strcmp(*argv,"rc2") == 0) doit[D_CBC_RC2]=1; else #endif -#ifndef NO_RC5 +#ifndef OPENSSL_NO_RC5 if (strcmp(*argv,"rc5-cbc") == 0) doit[D_CBC_RC5]=1; else if (strcmp(*argv,"rc5") == 0) doit[D_CBC_RC5]=1; else #endif -#ifndef NO_IDEA +#ifndef OPENSSL_NO_IDEA if (strcmp(*argv,"idea-cbc") == 0) doit[D_CBC_IDEA]=1; else if (strcmp(*argv,"idea") == 0) doit[D_CBC_IDEA]=1; else #endif -#ifndef NO_BF +#ifndef OPENSSL_NO_BF if (strcmp(*argv,"bf-cbc") == 0) doit[D_CBC_BF]=1; else if (strcmp(*argv,"blowfish") == 0) doit[D_CBC_BF]=1; else if (strcmp(*argv,"bf") == 0) doit[D_CBC_BF]=1; else #endif -#ifndef NO_CAST +#ifndef OPENSSL_NO_CAST if (strcmp(*argv,"cast-cbc") == 0) doit[D_CBC_CAST]=1; else if (strcmp(*argv,"cast") == 0) doit[D_CBC_CAST]=1; else if (strcmp(*argv,"cast5") == 0) doit[D_CBC_CAST]=1; else #endif -#ifndef NO_DES +#ifndef OPENSSL_NO_DES if (strcmp(*argv,"des") == 0) { doit[D_CBC_DES]=1; @@ -489,7 +952,16 @@ int MAIN(int argc, char **argv) } else #endif -#ifndef NO_RSA +#ifndef OPENSSL_NO_AES + if (strcmp(*argv,"aes") == 0) + { + doit[D_CBC_128_AES]=1; + doit[D_CBC_192_AES]=1; + doit[D_CBC_256_AES]=1; + } + else +#endif +#ifndef OPENSSL_NO_RSA if (strcmp(*argv,"rsa") == 0) { rsa_doit[R_RSA_512]=1; @@ -499,43 +971,176 @@ int MAIN(int argc, char **argv) } else #endif -#ifndef NO_DSA +#ifndef OPENSSL_NO_DSA if (strcmp(*argv,"dsa") == 0) { dsa_doit[R_DSA_512]=1; dsa_doit[R_DSA_1024]=1; } else +#endif +#ifndef OPENSSL_NO_ECDSA + if (strcmp(*argv,"ecdsap160") == 0) ecdsa_doit[R_EC_P160]=2; + else if (strcmp(*argv,"ecdsap224") == 0) ecdsa_doit[R_EC_P224]=2; + else if (strcmp(*argv,"ecdsap256") == 0) ecdsa_doit[R_EC_P256]=2; + else if (strcmp(*argv,"ecdsap384") == 0) ecdsa_doit[R_EC_P384]=2; + else if (strcmp(*argv,"ecdsap521") == 0) ecdsa_doit[R_EC_P521]=2; + else if (strcmp(*argv,"ecdsak163") == 0) ecdsa_doit[R_EC_K163]=2; + else if (strcmp(*argv,"ecdsak233") == 0) ecdsa_doit[R_EC_K233]=2; + else if (strcmp(*argv,"ecdsak283") == 0) ecdsa_doit[R_EC_K283]=2; + else if (strcmp(*argv,"ecdsak409") == 0) ecdsa_doit[R_EC_K409]=2; + else if (strcmp(*argv,"ecdsak571") == 0) ecdsa_doit[R_EC_K571]=2; + else if (strcmp(*argv,"ecdsab163") == 0) ecdsa_doit[R_EC_B163]=2; + else if (strcmp(*argv,"ecdsab233") == 0) ecdsa_doit[R_EC_B233]=2; + else if (strcmp(*argv,"ecdsab283") == 0) ecdsa_doit[R_EC_B283]=2; + else if (strcmp(*argv,"ecdsab409") == 0) ecdsa_doit[R_EC_B409]=2; + else if (strcmp(*argv,"ecdsab571") == 0) ecdsa_doit[R_EC_B571]=2; + else if (strcmp(*argv,"ecdsa") == 0) + { + for (i=0; i < EC_NUM; i++) + ecdsa_doit[i]=1; + } + else +#endif +#ifndef OPENSSL_NO_ECDH + if (strcmp(*argv,"ecdhp160") == 0) ecdh_doit[R_EC_P160]=2; + else if (strcmp(*argv,"ecdhp224") == 0) ecdh_doit[R_EC_P224]=2; + else if (strcmp(*argv,"ecdhp256") == 0) ecdh_doit[R_EC_P256]=2; + else if (strcmp(*argv,"ecdhp384") == 0) ecdh_doit[R_EC_P384]=2; + else if (strcmp(*argv,"ecdhp521") == 0) ecdh_doit[R_EC_P521]=2; + else if (strcmp(*argv,"ecdhk163") == 0) ecdh_doit[R_EC_K163]=2; + else if (strcmp(*argv,"ecdhk233") == 0) ecdh_doit[R_EC_K233]=2; + else if (strcmp(*argv,"ecdhk283") == 0) ecdh_doit[R_EC_K283]=2; + else if (strcmp(*argv,"ecdhk409") == 0) ecdh_doit[R_EC_K409]=2; + else if (strcmp(*argv,"ecdhk571") == 0) ecdh_doit[R_EC_K571]=2; + else if (strcmp(*argv,"ecdhb163") == 0) ecdh_doit[R_EC_B163]=2; + else if (strcmp(*argv,"ecdhb233") == 0) ecdh_doit[R_EC_B233]=2; + else if (strcmp(*argv,"ecdhb283") == 0) ecdh_doit[R_EC_B283]=2; + else if (strcmp(*argv,"ecdhb409") == 0) ecdh_doit[R_EC_B409]=2; + else if (strcmp(*argv,"ecdhb571") == 0) ecdh_doit[R_EC_B571]=2; + else if (strcmp(*argv,"ecdh") == 0) + { + for (i=0; i < EC_NUM; i++) + ecdh_doit[i]=1; + } + else #endif { - BIO_printf(bio_err,"bad value, pick one of\n"); - BIO_printf(bio_err,"md2 mdc2 md5 hmac sha1 rmd160\n"); -#ifndef NO_IDEA + BIO_printf(bio_err,"Error: bad option or value\n"); + BIO_printf(bio_err,"\n"); + BIO_printf(bio_err,"Available values:\n"); +#ifndef OPENSSL_NO_MD2 + BIO_printf(bio_err,"md2 "); +#endif +#ifndef OPENSSL_NO_MDC2 + BIO_printf(bio_err,"mdc2 "); +#endif +#ifndef OPENSSL_NO_MD4 + BIO_printf(bio_err,"md4 "); +#endif +#ifndef OPENSSL_NO_MD5 + BIO_printf(bio_err,"md5 "); +#ifndef OPENSSL_NO_HMAC + BIO_printf(bio_err,"hmac "); +#endif +#endif +#ifndef OPENSSL_NO_SHA1 + BIO_printf(bio_err,"sha1 "); +#endif +#ifndef OPENSSL_NO_RIPEMD160 + BIO_printf(bio_err,"rmd160"); +#endif +#if !defined(OPENSSL_NO_MD2) || !defined(OPENSSL_NO_MDC2) || \ + !defined(OPENSSL_NO_MD4) || !defined(OPENSSL_NO_MD5) || \ + !defined(OPENSSL_NO_SHA1) || !defined(OPENSSL_NO_RIPEMD160) + BIO_printf(bio_err,"\n"); +#endif + +#ifndef OPENSSL_NO_IDEA BIO_printf(bio_err,"idea-cbc "); #endif -#ifndef NO_RC2 +#ifndef OPENSSL_NO_RC2 BIO_printf(bio_err,"rc2-cbc "); #endif -#ifndef NO_RC5 +#ifndef OPENSSL_NO_RC5 BIO_printf(bio_err,"rc5-cbc "); #endif -#ifndef NO_BF +#ifndef OPENSSL_NO_BF BIO_printf(bio_err,"bf-cbc"); #endif -#if !defined(NO_IDEA) && !defined(NO_RC2) && !defined(NO_BF) && !defined(NO_RC5) +#if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_RC2) || \ + !defined(OPENSSL_NO_BF) || !defined(OPENSSL_NO_RC5) BIO_printf(bio_err,"\n"); #endif +#ifndef OPENSSL_NO_DES BIO_printf(bio_err,"des-cbc des-ede3 "); -#ifndef NO_RC4 +#endif +#ifndef OPENSSL_NO_AES + BIO_printf(bio_err,"aes-128-cbc aes-192-cbc aes-256-cbc "); +#endif +#ifndef OPENSSL_NO_RC4 BIO_printf(bio_err,"rc4"); #endif -#ifndef NO_RSA - BIO_printf(bio_err,"\nrsa512 rsa1024 rsa2048 rsa4096\n"); + BIO_printf(bio_err,"\n"); + +#ifndef OPENSSL_NO_RSA + BIO_printf(bio_err,"rsa512 rsa1024 rsa2048 rsa4096\n"); +#endif + +#ifndef OPENSSL_NO_DSA + BIO_printf(bio_err,"dsa512 dsa1024 dsa2048\n"); +#endif +#ifndef OPENSSL_NO_ECDSA + BIO_printf(bio_err,"ecdsap160 ecdsap224 ecdsap256 ecdsap384 ecdsap521\n"); + BIO_printf(bio_err,"ecdsak163 ecdsak233 ecdsak283 ecdsak409 ecdsak571\n"); + BIO_printf(bio_err,"ecdsab163 ecdsab233 ecdsab283 ecdsab409 ecdsab571\n"); + BIO_printf(bio_err,"ecdsa\n"); +#endif +#ifndef OPENSSL_NO_ECDH + BIO_printf(bio_err,"ecdhp160 ecdhp224 ecdhp256 ecdhp384 ecdhp521\n"); + BIO_printf(bio_err,"ecdhk163 ecdhk233 ecdhk283 ecdhk409 ecdhk571\n"); + BIO_printf(bio_err,"ecdhb163 ecdhb233 ecdhb283 ecdhb409 ecdhb571\n"); + BIO_printf(bio_err,"ecdh\n"); +#endif + +#ifndef OPENSSL_NO_IDEA + BIO_printf(bio_err,"idea "); +#endif +#ifndef OPENSSL_NO_RC2 + BIO_printf(bio_err,"rc2 "); +#endif +#ifndef OPENSSL_NO_DES + BIO_printf(bio_err,"des "); +#endif +#ifndef OPENSSL_NO_AES + BIO_printf(bio_err,"aes "); +#endif +#ifndef OPENSSL_NO_RSA + BIO_printf(bio_err,"rsa "); +#endif +#ifndef OPENSSL_NO_BF + BIO_printf(bio_err,"blowfish"); +#endif +#if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_RC2) || \ + !defined(OPENSSL_NO_DES) || !defined(OPENSSL_NO_RSA) || \ + !defined(OPENSSL_NO_BF) || !defined(OPENSSL_NO_AES) + BIO_printf(bio_err,"\n"); +#endif + + BIO_printf(bio_err,"\n"); + BIO_printf(bio_err,"Available options:\n"); +#if defined(TIMES) || defined(USE_TOD) + BIO_printf(bio_err,"-elapsed measure time in real time instead of CPU user time.\n"); +#endif +#ifndef OPENSSL_NO_ENGINE + BIO_printf(bio_err,"-engine e use engine e, possibly a hardware device.\n"); #endif -#ifndef NO_DSA - BIO_printf(bio_err,"\ndsa512 dsa1024 dsa2048\n"); + BIO_printf(bio_err,"-evp e use EVP e.\n"); + BIO_printf(bio_err,"-decrypt time decryption instead of encryption (only EVP).\n"); + BIO_printf(bio_err,"-mr produce machine readable output.\n"); +#ifdef HAVE_FORK + BIO_printf(bio_err,"-multi n run n benchmarks in parallel.\n"); #endif - BIO_printf(bio_err,"idea rc2 des rsa blowfish\n"); goto end; } argc--; @@ -543,10 +1148,18 @@ int MAIN(int argc, char **argv) j++; } +#ifdef HAVE_FORK + if(multi && do_multi(multi)) + goto show_res; +#endif + if (j == 0) { for (i=0; in)); + BIO_printf(bio_err,mr ? "+RK:%d:" + : "Loaded RSA key, %d bit modulus and e= 0x", + BN_num_bits(rsa_key[i]->n)); BN_print(bio_err,rsa_key[i]->e); BIO_printf(bio_err,"\n"); } @@ -583,40 +1201,45 @@ int MAIN(int argc, char **argv) } #endif -#ifndef NO_DSA +#ifndef OPENSSL_NO_DSA dsa_key[0]=get_dsa512(); dsa_key[1]=get_dsa1024(); dsa_key[2]=get_dsa2048(); #endif -#ifndef NO_DES - des_set_key_unchecked(&key,sch); - des_set_key_unchecked(&key2,sch2); - des_set_key_unchecked(&key3,sch3); +#ifndef OPENSSL_NO_DES + DES_set_key_unchecked(&key,&sch); + DES_set_key_unchecked(&key2,&sch2); + DES_set_key_unchecked(&key3,&sch3); #endif -#ifndef NO_IDEA +#ifndef OPENSSL_NO_AES + AES_set_encrypt_key(key16,128,&aes_ks1); + AES_set_encrypt_key(key24,192,&aes_ks2); + AES_set_encrypt_key(key32,256,&aes_ks3); +#endif +#ifndef OPENSSL_NO_IDEA idea_set_encrypt_key(key16,&idea_ks); #endif -#ifndef NO_RC4 +#ifndef OPENSSL_NO_RC4 RC4_set_key(&rc4_ks,16,key16); #endif -#ifndef NO_RC2 +#ifndef OPENSSL_NO_RC2 RC2_set_key(&rc2_ks,16,key16,128); #endif -#ifndef NO_RC5 +#ifndef OPENSSL_NO_RC5 RC5_32_set_key(&rc5_ks,16,key16,12); #endif -#ifndef NO_BF +#ifndef OPENSSL_NO_BF BF_set_key(&bf_ks,16,key16); #endif -#ifndef NO_CAST +#ifndef OPENSSL_NO_CAST CAST_set_key(&cast_ks,16,key16); #endif -#ifndef NO_RSA +#ifndef OPENSSL_NO_RSA memset(rsa_c,0,sizeof(rsa_c)); #endif #ifndef SIGALRM -#ifndef NO_DES +#ifndef OPENSSL_NO_DES BIO_printf(bio_err,"First we calculate the approximate speed ...\n"); count=10; do { @@ -624,12 +1247,14 @@ int MAIN(int argc, char **argv) count*=2; Time_F(START); for (i=count; i; i--) - des_ecb_encrypt(buf_as_des_cblock,buf_as_des_cblock, - &(sch[0]),DES_ENCRYPT); + DES_ecb_encrypt(buf_as_des_cblock,buf_as_des_cblock, + &sch,DES_ENCRYPT); d=Time_F(STOP); } while (d <3); + save_count=count; c[D_MD2][0]=count/10; c[D_MDC2][0]=count/10; + c[D_MD4][0]=count; c[D_MD5][0]=count; c[D_HMAC][0]=count; c[D_SHA1][0]=count; @@ -642,11 +1267,15 @@ int MAIN(int argc, char **argv) c[D_CBC_RC5][0]=count; c[D_CBC_BF][0]=count; c[D_CBC_CAST][0]=count; + c[D_CBC_128_AES][0]=count; + c[D_CBC_192_AES][0]=count; + c[D_CBC_256_AES][0]=count; for (i=1; inid); + /* -O3 -fschedule-insns messes up an + * optimization here! names[D_EVP] + * somehow becomes NULL */ + print_message(names[D_EVP],save_count, + lengths[j]); + + EVP_CIPHER_CTX_init(&ctx); + if(decrypt) + EVP_DecryptInit_ex(&ctx,evp_cipher,NULL,key16,iv); + else + EVP_EncryptInit_ex(&ctx,evp_cipher,NULL,key16,iv); + + Time_F(START); + if(decrypt) + for (count=0,run=1; COND(save_count*4*lengths[0]/lengths[j]); count++) + EVP_DecryptUpdate(&ctx,buf,&outl,buf,lengths[j]); + else + for (count=0,run=1; COND(save_count*4*lengths[0]/lengths[j]); count++) + EVP_EncryptUpdate(&ctx,buf,&outl,buf,lengths[j]); + if(decrypt) + EVP_DecryptFinal_ex(&ctx,buf,&outl); + else + EVP_EncryptFinal_ex(&ctx,buf,&outl); + d=Time_F(STOP); + EVP_CIPHER_CTX_cleanup(&ctx); + } + if (evp_md) + { + names[D_EVP]=OBJ_nid2ln(evp_md->type); + print_message(names[D_EVP],save_count, + lengths[j]); + + Time_F(START); + for (count=0,run=1; COND(save_count*4*lengths[0]/lengths[j]); count++) + EVP_Digest(buf,lengths[j],&(md[0]),NULL,evp_md,NULL); + + d=Time_F(STOP); + } + print_result(D_EVP,j,count,d); + } + } + + RAND_pseudo_bytes(buf,36); +#ifndef OPENSSL_NO_RSA for (j=0; jgroup = EC_GROUP_new_by_nid(test_curves[j]); + /* Could not obtain group information */ + if (ecdsa[j]->group == NULL) + { + BIO_printf(bio_err,"ECDSA failure.Could not obtain group information\n"); + ERR_print_errors(bio_err); + rsa_count=1; + } + else + { +#if 1 + EC_GROUP_precompute_mult(ecdsa[j]->group, NULL); +#endif + /* Perform ECDSA signature test */ + EC_KEY_generate_key(ecdsa[j]); + ret = ECDSA_sign(0, buf, 20, ecdsasig, + &ecdsasiglen, ecdsa[j]); + if (ret == 0) + { + BIO_printf(bio_err,"ECDSA sign failure. No ECDSA sign will be done.\n"); + ERR_print_errors(bio_err); + rsa_count=1; + } + else + { + pkey_print_message("sign","ecdsa", + ecdsa_c[j][0], + test_curves_bits[j], + ECDSA_SECONDS); + + Time_F(START); + for (count=0,run=1; COND(ecdsa_c[j][0]); + count++) + { + ret=ECDSA_sign(0, buf, 20, + ecdsasig, &ecdsasiglen, + ecdsa[j]); + if (ret == 0) + { + BIO_printf(bio_err, "ECDSA sign failure\n"); + ERR_print_errors(bio_err); + count=1; + break; + } + } + d=Time_F(STOP); + + BIO_printf(bio_err, mr ? "+R5:%ld:%d:%.2f\n" : + "%ld %d bit ECDSA signs in %.2fs \n", + count, test_curves_bits[j], d); + ecdsa_results[j][0]=d/(double)count; + rsa_count=count; + } + + /* Perform ECDSA verification test */ + ret=ECDSA_verify(0, buf, 20, ecdsasig, + ecdsasiglen, ecdsa[j]); + if (ret != 1) + { + BIO_printf(bio_err,"ECDSA verify failure. No ECDSA verify will be done.\n"); + ERR_print_errors(bio_err); + ecdsa_doit[j] = 0; + } + else + { + pkey_print_message("verify","ecdsa", + ecdsa_c[j][1], + test_curves_bits[j], + ECDSA_SECONDS); + Time_F(START); + for (count=0,run=1; COND(ecdsa_c[j][1]); count++) + { + ret=ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[j]); + if (ret != 1) + { + BIO_printf(bio_err, "ECDSA verify failure\n"); + ERR_print_errors(bio_err); + count=1; + break; + } + } + d=Time_F(STOP); + BIO_printf(bio_err, mr? "+R6:%ld:%d:%.2f\n" + : "%ld %d bit ECDSA verify in %.2fs\n", + count, test_curves_bits[j], d); + ecdsa_results[j][1]=d/(double)count; + } + + if (rsa_count <= 1) + { + /* if longer than 10s, don't do any more */ + for (j++; jgroup = EC_GROUP_new_by_nid(test_curves[j]); + if (ecdh_a[j]->group == NULL) + { + BIO_printf(bio_err,"ECDH failure.\n"); + ERR_print_errors(bio_err); + rsa_count=1; + } + else + { + ecdh_b[j]->group = EC_GROUP_dup(ecdh_a[j]->group); + + /* generate two ECDH key pairs */ + if (!EC_KEY_generate_key(ecdh_a[j]) || + !EC_KEY_generate_key(ecdh_b[j])) + { + BIO_printf(bio_err,"ECDH key generation failure.\n"); + ERR_print_errors(bio_err); + rsa_count=1; + } + else + { + /* If field size is not more than 24 octets, then use SHA-1 hash of result; + * otherwise, use result (see section 4.8 of draft-ietf-tls-ecc-03.txt). + */ + int field_size, outlen; + void *(*kdf)(void *in, size_t inlen, void *out, size_t xoutlen); + field_size = EC_GROUP_get_degree(ecdh_a[j]->group); + if (field_size <= 24 * 8) + { + outlen = KDF1_SHA1_len; + kdf = KDF1_SHA1; + } + else + { + outlen = (field_size+7)/8; + kdf = NULL; + } + secret_size_a = ECDH_compute_key(secret_a, outlen, + ecdh_b[j]->pub_key, + ecdh_a[j], kdf); + secret_size_b = ECDH_compute_key(secret_b, outlen, + ecdh_a[j]->pub_key, + ecdh_b[j], kdf); + if (secret_size_a != secret_size_b) + ecdh_checks = 0; + else + ecdh_checks = 1; + + for (secret_idx = 0; + (secret_idx < secret_size_a) + && (ecdh_checks == 1); + secret_idx++) + { + if (secret_a[secret_idx] != secret_b[secret_idx]) + ecdh_checks = 0; + } + + if (ecdh_checks == 0) + { + BIO_printf(bio_err,"ECDH computations don't match.\n"); + ERR_print_errors(bio_err); + rsa_count=1; + } + + pkey_print_message("","ecdh", + ecdh_c[j][0], + test_curves_bits[j], + ECDH_SECONDS); + Time_F(START); + for (count=0,run=1; COND(ecdh_c[j][0]); count++) + { + ECDH_compute_key(secret_a, outlen, + ecdh_b[j]->pub_key, + ecdh_a[j], kdf); + } + d=Time_F(STOP); + BIO_printf(bio_err, mr ? "+R7:%ld:%d:%.2f\n" :"%ld %d-bit ECDH ops in %.2fs\n", + count, test_curves_bits[j], d); + ecdh_results[j][0]=d/(double)count; + rsa_count=count; + } + } + } + + if (rsa_count <= 1) + { + /* if longer than 10s, don't do any more */ + for (j++; j 1 ? "," : ""), + (times_used ? "times" : ""), + (ftime_used + times_used + gettimeofday_used > 1 ? "," : ""), + (gettimeofday_used ? "gettimeofday" : ""), + (ftime_used + times_used + gettimeofday_used + getrusage_used > 1 ? "," : ""), + (getrusage_used ? "getrusage" : "")); + } if (pr_header) { - fprintf(stdout,"The 'numbers' are in 1000s of bytes per second processed.\n"); - fprintf(stdout,"type "); + if(mr) + fprintf(stdout,"+H"); + else + { + fprintf(stdout,"The 'numbers' are in 1000s of bytes per second processed.\n"); + fprintf(stdout,"type "); + } for (j=0; j 10000) + if (results[k][j] > 10000 && !mr) fprintf(stdout," %11.2fk",results[k][j]/1e3); else - fprintf(stdout," %11.2f ",results[k][j]); + fprintf(stdout,mr ? ":%.2f" : " %11.2f ",results[k][j]); } fprintf(stdout,"\n"); } -#ifndef NO_RSA +#ifndef OPENSSL_NO_RSA j=1; for (k=0; k