2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
13 #define RSA_SECONDS 10
14 #define DSA_SECONDS 10
15 #define ECDSA_SECONDS 10
16 #define ECDH_SECONDS 10
17 #define EdDSA_SECONDS 10
18 #define SM2_SECONDS 10
20 /* We need to use some deprecated APIs */
21 #define OPENSSL_SUPPRESS_DEPRECATED
29 #include <openssl/crypto.h>
30 #include <openssl/rand.h>
31 #include <openssl/err.h>
32 #include <openssl/evp.h>
33 #include <openssl/objects.h>
34 #include <openssl/async.h>
35 #if !defined(OPENSSL_SYS_MSDOS)
43 #include <openssl/bn.h>
44 #ifndef OPENSSL_NO_DES
45 # include <openssl/des.h>
47 #ifndef OPENSSL_NO_DEPRECATED_3_0
48 #include <openssl/aes.h>
50 #ifndef OPENSSL_NO_CAMELLIA
51 # include <openssl/camellia.h>
53 #ifndef OPENSSL_NO_MD2
54 # include <openssl/md2.h>
56 #ifndef OPENSSL_NO_MDC2
57 # include <openssl/mdc2.h>
59 #ifndef OPENSSL_NO_MD4
60 # include <openssl/md4.h>
62 #ifndef OPENSSL_NO_MD5
63 # include <openssl/md5.h>
65 #include <openssl/hmac.h>
66 #ifndef OPENSSL_NO_CMAC
67 #include <openssl/cmac.h>
69 #include <openssl/sha.h>
70 #ifndef OPENSSL_NO_RMD160
71 # include <openssl/ripemd.h>
73 #ifndef OPENSSL_NO_WHIRLPOOL
74 # include <openssl/whrlpool.h>
76 #ifndef OPENSSL_NO_RC4
77 # include <openssl/rc4.h>
79 #ifndef OPENSSL_NO_RC5
80 # include <openssl/rc5.h>
82 #ifndef OPENSSL_NO_RC2
83 # include <openssl/rc2.h>
85 #ifndef OPENSSL_NO_IDEA
86 # include <openssl/idea.h>
88 #ifndef OPENSSL_NO_SEED
89 # include <openssl/seed.h>
92 # include <openssl/blowfish.h>
94 #ifndef OPENSSL_NO_CAST
95 # include <openssl/cast.h>
97 #ifndef OPENSSL_NO_RSA
98 # include <openssl/rsa.h>
99 # include "./testrsa.h"
101 #include <openssl/x509.h>
102 #ifndef OPENSSL_NO_DSA
103 # include <openssl/dsa.h>
104 # include "./testdsa.h"
106 #ifndef OPENSSL_NO_EC
107 # include <openssl/ec.h>
109 #include <openssl/modes.h>
112 # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS)
125 #define MAX_MISALIGNMENT 63
126 #define MAX_ECDH_SIZE 256
129 typedef struct openssl_speed_sec_st {
137 } openssl_speed_sec_t;
139 static volatile int run = 0;
141 static int mr = 0; /* machine-readeable output format to merge fork results */
142 static int usertime = 1;
144 static double Time_F(int s);
145 static void print_message(const char *s, long num, int length, int tm);
146 static void pkey_print_message(const char *str, const char *str2,
147 long num, unsigned int bits, int sec);
148 static void print_result(int alg, int run_no, int count, double time_used);
150 static int do_multi(int multi, int size_num);
153 static const int lengths_list[] = {
154 16, 64, 256, 1024, 8 * 1024, 16 * 1024
156 #define SIZE_NUM OSSL_NELEM(lengths_list)
157 static const int *lengths = lengths_list;
159 static const int aead_lengths_list[] = {
160 2, 31, 136, 1024, 8 * 1024, 16 * 1024
168 static void alarmed(int sig)
170 signal(SIGALRM, alarmed);
174 static double Time_F(int s)
176 double ret = app_tminterval(s, usertime);
182 #elif defined(_WIN32)
186 static unsigned int lapse;
187 static volatile unsigned int schlock;
188 static void alarm_win32(unsigned int secs)
193 # define alarm alarm_win32
195 static DWORD WINAPI sleepy(VOID * arg)
203 static double Time_F(int s)
210 thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
212 DWORD err = GetLastError();
213 BIO_printf(bio_err, "unable to CreateThread (%lu)", err);
217 Sleep(0); /* scheduler spinlock */
218 ret = app_tminterval(s, usertime);
220 ret = app_tminterval(s, usertime);
222 TerminateThread(thr, 0);
229 static double Time_F(int s)
231 return app_tminterval(s, usertime);
235 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
236 const openssl_speed_sec_t *seconds);
238 static int opt_found(const char *name, unsigned int *result,
239 const OPT_PAIR pairs[], unsigned int nbelem)
243 for (idx = 0; idx < nbelem; ++idx, pairs++)
244 if (strcmp(name, pairs->name) == 0) {
245 *result = pairs->retval;
250 #define opt_found(value, pairs, result)\
251 opt_found(value, result, pairs, OSSL_NELEM(pairs))
253 typedef enum OPTION_choice {
254 OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
255 OPT_ELAPSED, OPT_EVP, OPT_HMAC, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
256 OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM,
257 OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD, OPT_CMAC
260 const OPTIONS speed_options[] = {
261 {OPT_HELP_STR, 1, '-', "Usage: %s [options] [algorithm...]\n"},
263 OPT_SECTION("General"),
264 {"help", OPT_HELP, '-', "Display this summary"},
266 "Enable (tls1>=1) multi-block mode on EVP-named cipher"},
267 {"mr", OPT_MR, '-', "Produce machine readable output"},
269 {"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"},
271 #ifndef OPENSSL_NO_ASYNC
272 {"async_jobs", OPT_ASYNCJOBS, 'p',
273 "Enable async mode and start specified number of jobs"},
275 #ifndef OPENSSL_NO_ENGINE
276 {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
278 {"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"},
280 OPT_SECTION("Selection"),
281 {"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"},
282 #ifndef OPENSSL_NO_DEPRECATED_3_0
283 {"hmac", OPT_HMAC, 's', "HMAC using EVP-named digest"},
285 #if !defined(OPENSSL_NO_CMAC) && !defined(OPENSSL_NO_DEPRECATED_3_0)
286 {"cmac", OPT_CMAC, 's', "CMAC using EVP-named cipher"},
288 {"decrypt", OPT_DECRYPT, '-',
289 "Time decryption instead of encryption (only EVP)"},
290 {"aead", OPT_AEAD, '-',
291 "Benchmark EVP-named AEAD cipher in TLS-like sequence"},
293 OPT_SECTION("Timing"),
294 {"elapsed", OPT_ELAPSED, '-',
295 "Use wall-clock time instead of CPU user time as divisor"},
296 {"seconds", OPT_SECONDS, 'p',
297 "Run benchmarks for specified amount of seconds"},
298 {"bytes", OPT_BYTES, 'p',
299 "Run [non-PKI] benchmarks on custom-sized buffer"},
300 {"misalign", OPT_MISALIGN, 'p',
301 "Use specified offset to mis-align buffers"},
306 {"algorithm", 0, 0, "Algorithm(s) to test (optional; otherwise tests all)"},
311 D_MD2, D_MDC2, D_MD4, D_MD5 , D_HMAC, D_SHA1, D_RMD160, D_RC4,
312 D_CBC_DES, D_EDE3_DES, D_CBC_IDEA, D_CBC_SEED,
313 D_CBC_RC2, D_CBC_RC5, D_CBC_BF, D_CBC_CAST,
314 D_CBC_128_AES, D_CBC_192_AES, D_CBC_256_AES,
315 D_CBC_128_CML, D_CBC_192_CML, D_CBC_256_CML,
316 D_EVP, D_SHA256, D_SHA512, D_WHIRLPOOL,
317 D_IGE_128_AES, D_IGE_192_AES, D_IGE_256_AES,
318 D_GHASH, D_RAND, D_EVP_HMAC, D_EVP_CMAC, ALGOR_NUM
320 /* name of algorithms to test. MUST BE KEEP IN SYNC with above enum ! */
321 static const char *names[ALGOR_NUM] = {
322 "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
323 "des cbc", "des ede3", "idea cbc", "seed cbc",
324 "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
325 "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
326 "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
327 "evp", "sha256", "sha512", "whirlpool",
328 "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
329 "rand", "hmac", "cmac"
332 /* list of configured algorithm (remaining), with some few alias */
333 static const OPT_PAIR doit_choices[] = {
334 #if !defined(OPENSSL_NO_MD2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
337 #if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
340 #if !defined(OPENSSL_NO_MD4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
343 #if !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_DEPRECATED_3_0)
345 # ifndef OPENSSL_NO_DEPRECATED_3_0
349 #ifndef OPENSSL_NO_DEPRECATED_3_0
351 {"sha256", D_SHA256},
352 {"sha512", D_SHA512},
354 #if !defined(OPENSSL_NO_WHIRLPOOL) && !defined(OPENSSL_NO_DEPRECATED_3_0)
355 {"whirlpool", D_WHIRLPOOL},
357 #if !defined(OPENSSL_NO_RMD160) && !defined(OPENSSL_NO_DEPRECATED_3_0)
358 {"ripemd", D_RMD160},
359 {"rmd160", D_RMD160},
360 {"ripemd160", D_RMD160},
362 #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
365 #if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
366 {"des-cbc", D_CBC_DES},
367 {"des-ede3", D_EDE3_DES},
369 #ifndef OPENSSL_NO_DEPRECATED_3_0
370 {"aes-128-cbc", D_CBC_128_AES},
371 {"aes-192-cbc", D_CBC_192_AES},
372 {"aes-256-cbc", D_CBC_256_AES},
373 {"aes-128-ige", D_IGE_128_AES},
374 {"aes-192-ige", D_IGE_192_AES},
375 {"aes-256-ige", D_IGE_256_AES},
377 #if !defined(OPENSSL_NO_RC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
378 {"rc2-cbc", D_CBC_RC2},
381 #if !defined(OPENSSL_NO_RC5) && !defined(OPENSSL_NO_DEPRECATED_3_0)
382 {"rc5-cbc", D_CBC_RC5},
385 #if !defined(OPENSSL_NO_IDEA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
386 {"idea-cbc", D_CBC_IDEA},
387 {"idea", D_CBC_IDEA},
389 #if !defined(OPENSSL_NO_SEED) && !defined(OPENSSL_NO_DEPRECATED_3_0)
390 {"seed-cbc", D_CBC_SEED},
391 {"seed", D_CBC_SEED},
393 #if !defined(OPENSSL_NO_BF) && !defined(OPENSSL_NO_DEPRECATED_3_0)
394 {"bf-cbc", D_CBC_BF},
395 {"blowfish", D_CBC_BF},
398 #if !defined(OPENSSL_NO_CAST) && !defined(OPENSSL_NO_DEPRECATED_3_0)
399 {"cast-cbc", D_CBC_CAST},
400 {"cast", D_CBC_CAST},
401 {"cast5", D_CBC_CAST},
407 static double results[ALGOR_NUM][SIZE_NUM];
409 #ifndef OPENSSL_NO_DSA
410 enum { R_DSA_512, R_DSA_1024, R_DSA_2048, DSA_NUM };
411 static const OPT_PAIR dsa_choices[DSA_NUM] = {
412 {"dsa512", R_DSA_512},
413 {"dsa1024", R_DSA_1024},
414 {"dsa2048", R_DSA_2048}
416 static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */
417 #endif /* OPENSSL_NO_DSA */
419 #ifndef OPENSSL_NO_RSA
421 R_RSA_512, R_RSA_1024, R_RSA_2048, R_RSA_3072, R_RSA_4096, R_RSA_7680,
424 static const OPT_PAIR rsa_choices[RSA_NUM] = {
425 {"rsa512", R_RSA_512},
426 {"rsa1024", R_RSA_1024},
427 {"rsa2048", R_RSA_2048},
428 {"rsa3072", R_RSA_3072},
429 {"rsa4096", R_RSA_4096},
430 {"rsa7680", R_RSA_7680},
431 {"rsa15360", R_RSA_15360}
434 static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */
435 #endif /* OPENSSL_NO_RSA */
437 #ifndef OPENSSL_NO_EC
439 R_EC_P160, R_EC_P192, R_EC_P224, R_EC_P256, R_EC_P384, R_EC_P521,
440 # ifndef OPENSSL_NO_EC2M
441 R_EC_K163, R_EC_K233, R_EC_K283, R_EC_K409, R_EC_K571,
442 R_EC_B163, R_EC_B233, R_EC_B283, R_EC_B409, R_EC_B571,
444 R_EC_BRP256R1, R_EC_BRP256T1, R_EC_BRP384R1, R_EC_BRP384T1,
445 R_EC_BRP512R1, R_EC_BRP512T1, ECDSA_NUM
447 /* list of ecdsa curves */
448 static const OPT_PAIR ecdsa_choices[ECDSA_NUM] = {
449 {"ecdsap160", R_EC_P160},
450 {"ecdsap192", R_EC_P192},
451 {"ecdsap224", R_EC_P224},
452 {"ecdsap256", R_EC_P256},
453 {"ecdsap384", R_EC_P384},
454 {"ecdsap521", R_EC_P521},
455 # ifndef OPENSSL_NO_EC2M
456 {"ecdsak163", R_EC_K163},
457 {"ecdsak233", R_EC_K233},
458 {"ecdsak283", R_EC_K283},
459 {"ecdsak409", R_EC_K409},
460 {"ecdsak571", R_EC_K571},
461 {"ecdsab163", R_EC_B163},
462 {"ecdsab233", R_EC_B233},
463 {"ecdsab283", R_EC_B283},
464 {"ecdsab409", R_EC_B409},
465 {"ecdsab571", R_EC_B571},
467 {"ecdsabrp256r1", R_EC_BRP256R1},
468 {"ecdsabrp256t1", R_EC_BRP256T1},
469 {"ecdsabrp384r1", R_EC_BRP384R1},
470 {"ecdsabrp384t1", R_EC_BRP384T1},
471 {"ecdsabrp512r1", R_EC_BRP512R1},
472 {"ecdsabrp512t1", R_EC_BRP512T1}
474 enum { R_EC_X25519 = ECDSA_NUM, R_EC_X448, EC_NUM };
475 /* list of ecdh curves, extension of |ecdsa_choices| list above */
476 static const OPT_PAIR ecdh_choices[EC_NUM] = {
477 {"ecdhp160", R_EC_P160},
478 {"ecdhp192", R_EC_P192},
479 {"ecdhp224", R_EC_P224},
480 {"ecdhp256", R_EC_P256},
481 {"ecdhp384", R_EC_P384},
482 {"ecdhp521", R_EC_P521},
483 # ifndef OPENSSL_NO_EC2M
484 {"ecdhk163", R_EC_K163},
485 {"ecdhk233", R_EC_K233},
486 {"ecdhk283", R_EC_K283},
487 {"ecdhk409", R_EC_K409},
488 {"ecdhk571", R_EC_K571},
489 {"ecdhb163", R_EC_B163},
490 {"ecdhb233", R_EC_B233},
491 {"ecdhb283", R_EC_B283},
492 {"ecdhb409", R_EC_B409},
493 {"ecdhb571", R_EC_B571},
495 {"ecdhbrp256r1", R_EC_BRP256R1},
496 {"ecdhbrp256t1", R_EC_BRP256T1},
497 {"ecdhbrp384r1", R_EC_BRP384R1},
498 {"ecdhbrp384t1", R_EC_BRP384T1},
499 {"ecdhbrp512r1", R_EC_BRP512R1},
500 {"ecdhbrp512t1", R_EC_BRP512T1},
501 {"ecdhx25519", R_EC_X25519},
502 {"ecdhx448", R_EC_X448}
505 static double ecdh_results[EC_NUM][1]; /* 1 op: derivation */
506 static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */
508 enum { R_EC_Ed25519, R_EC_Ed448, EdDSA_NUM };
509 static const OPT_PAIR eddsa_choices[EdDSA_NUM] = {
510 {"ed25519", R_EC_Ed25519},
511 {"ed448", R_EC_Ed448}
514 static double eddsa_results[EdDSA_NUM][2]; /* 2 ops: sign then verify */
516 # ifndef OPENSSL_NO_SM2
517 enum { R_EC_CURVESM2, SM2_NUM };
518 static const OPT_PAIR sm2_choices[SM2_NUM] = {
519 {"curveSM2", R_EC_CURVESM2}
521 # define SM2_ID "TLSv1.3+GM+Cipher+Suite"
522 # define SM2_ID_LEN sizeof("TLSv1.3+GM+Cipher+Suite") - 1
523 static double sm2_results[SM2_NUM][2]; /* 2 ops: sign then verify */
524 # endif /* OPENSSL_NO_SM2 */
525 #endif /* OPENSSL_NO_EC */
528 # define COND(d) (count < (d))
529 # define COUNT(d) (d)
531 # define COND(unused_cond) (run && count<0x7fffffff)
532 # define COUNT(d) (count)
535 typedef struct loopargs_st {
536 ASYNC_JOB *inprogress_job;
537 ASYNC_WAIT_CTX *wait_ctx;
540 unsigned char *buf_malloc;
541 unsigned char *buf2_malloc;
545 #ifndef OPENSSL_NO_RSA
546 RSA *rsa_key[RSA_NUM];
548 #ifndef OPENSSL_NO_DSA
549 DSA *dsa_key[DSA_NUM];
551 #ifndef OPENSSL_NO_EC
552 EC_KEY *ecdsa[ECDSA_NUM];
553 EVP_PKEY_CTX *ecdh_ctx[EC_NUM];
554 EVP_MD_CTX *eddsa_ctx[EdDSA_NUM];
555 # ifndef OPENSSL_NO_SM2
556 EVP_MD_CTX *sm2_ctx[SM2_NUM];
557 EVP_MD_CTX *sm2_vfy_ctx[SM2_NUM];
558 EVP_PKEY *sm2_pkey[SM2_NUM];
560 unsigned char *secret_a;
561 unsigned char *secret_b;
562 size_t outlen[EC_NUM];
565 #ifndef OPENSSL_NO_DEPRECATED_3_0
568 #if !defined(OPENSSL_NO_CMAC) && !defined(OPENSSL_NO_DEPRECATED_3_0)
571 GCM128_CONTEXT *gcm_ctx;
573 static int run_benchmark(int async_jobs, int (*loop_function) (void *),
574 loopargs_t * loopargs);
576 static unsigned int testnum;
578 /* Nb of iterations to do per algorithm and key-size */
579 static long c[ALGOR_NUM][SIZE_NUM];
581 #if !defined(OPENSSL_NO_MD2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
582 static int EVP_Digest_MD2_loop(void *args)
584 loopargs_t *tempargs = *(loopargs_t **) args;
585 unsigned char *buf = tempargs->buf;
586 unsigned char md2[MD2_DIGEST_LENGTH];
589 for (count = 0; COND(c[D_MD2][testnum]); count++) {
590 if (!EVP_Digest(buf, (size_t)lengths[testnum], md2, NULL, EVP_md2(),
598 #if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
599 static int EVP_Digest_MDC2_loop(void *args)
601 loopargs_t *tempargs = *(loopargs_t **) args;
602 unsigned char *buf = tempargs->buf;
603 unsigned char mdc2[MDC2_DIGEST_LENGTH];
606 for (count = 0; COND(c[D_MDC2][testnum]); count++) {
607 if (!EVP_Digest(buf, (size_t)lengths[testnum], mdc2, NULL, EVP_mdc2(),
615 #if !defined(OPENSSL_NO_MD4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
616 static int EVP_Digest_MD4_loop(void *args)
618 loopargs_t *tempargs = *(loopargs_t **) args;
619 unsigned char *buf = tempargs->buf;
620 unsigned char md4[MD4_DIGEST_LENGTH];
623 for (count = 0; COND(c[D_MD4][testnum]); count++) {
624 if (!EVP_Digest(buf, (size_t)lengths[testnum], md4, NULL, EVP_md4(),
632 #if !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_DEPRECATED_3_0)
633 static int MD5_loop(void *args)
635 loopargs_t *tempargs = *(loopargs_t **) args;
636 unsigned char *buf = tempargs->buf;
637 unsigned char md5[MD5_DIGEST_LENGTH];
639 for (count = 0; COND(c[D_MD5][testnum]); count++)
640 MD5(buf, lengths[testnum], md5);
644 # ifndef OPENSSL_NO_DEPRECATED_3_0
645 static int HMAC_loop(void *args)
647 loopargs_t *tempargs = *(loopargs_t **) args;
648 unsigned char *buf = tempargs->buf;
649 HMAC_CTX *hctx = tempargs->hctx;
650 unsigned char hmac[MD5_DIGEST_LENGTH];
653 for (count = 0; COND(c[D_HMAC][testnum]); count++) {
654 HMAC_Init_ex(hctx, NULL, 0, NULL, NULL);
655 HMAC_Update(hctx, buf, lengths[testnum]);
656 HMAC_Final(hctx, hmac, NULL);
663 #ifndef OPENSSL_NO_DEPRECATED_3_0
664 static int SHA1_loop(void *args)
666 loopargs_t *tempargs = *(loopargs_t **) args;
667 unsigned char *buf = tempargs->buf;
668 unsigned char sha[SHA_DIGEST_LENGTH];
670 for (count = 0; COND(c[D_SHA1][testnum]); count++)
671 SHA1(buf, lengths[testnum], sha);
675 static int SHA256_loop(void *args)
677 loopargs_t *tempargs = *(loopargs_t **) args;
678 unsigned char *buf = tempargs->buf;
679 unsigned char sha256[SHA256_DIGEST_LENGTH];
681 for (count = 0; COND(c[D_SHA256][testnum]); count++)
682 SHA256(buf, lengths[testnum], sha256);
686 static int SHA512_loop(void *args)
688 loopargs_t *tempargs = *(loopargs_t **) args;
689 unsigned char *buf = tempargs->buf;
690 unsigned char sha512[SHA512_DIGEST_LENGTH];
692 for (count = 0; COND(c[D_SHA512][testnum]); count++)
693 SHA512(buf, lengths[testnum], sha512);
698 #if !defined(OPENSSL_NO_WHIRLPOOL) && !defined(OPENSSL_NO_DEPRECATED_3_0)
699 static int WHIRLPOOL_loop(void *args)
701 loopargs_t *tempargs = *(loopargs_t **) args;
702 unsigned char *buf = tempargs->buf;
703 unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
705 for (count = 0; COND(c[D_WHIRLPOOL][testnum]); count++)
706 WHIRLPOOL(buf, lengths[testnum], whirlpool);
711 #if !defined(OPENSSL_NO_RMD160) && !defined(OPENSSL_NO_DEPRECATED_3_0)
712 static int EVP_Digest_RMD160_loop(void *args)
714 loopargs_t *tempargs = *(loopargs_t **) args;
715 unsigned char *buf = tempargs->buf;
716 unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
718 for (count = 0; COND(c[D_RMD160][testnum]); count++) {
719 if (!EVP_Digest(buf, (size_t)lengths[testnum], &(rmd160[0]),
720 NULL, EVP_ripemd160(), NULL))
727 #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
728 static RC4_KEY rc4_ks;
729 static int RC4_loop(void *args)
731 loopargs_t *tempargs = *(loopargs_t **) args;
732 unsigned char *buf = tempargs->buf;
734 for (count = 0; COND(c[D_RC4][testnum]); count++)
735 RC4(&rc4_ks, (size_t)lengths[testnum], buf, buf);
740 #if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
741 static unsigned char DES_iv[8];
742 static DES_key_schedule sch[3];
743 static int DES_ncbc_encrypt_loop(void *args)
745 loopargs_t *tempargs = *(loopargs_t **) args;
746 unsigned char *buf = tempargs->buf;
748 for (count = 0; COND(c[D_CBC_DES][testnum]); count++)
749 DES_ncbc_encrypt(buf, buf, lengths[testnum], &sch[0],
750 &DES_iv, DES_ENCRYPT);
754 static int DES_ede3_cbc_encrypt_loop(void *args)
756 loopargs_t *tempargs = *(loopargs_t **) args;
757 unsigned char *buf = tempargs->buf;
759 for (count = 0; COND(c[D_EDE3_DES][testnum]); count++)
760 DES_ede3_cbc_encrypt(buf, buf, lengths[testnum],
761 &sch[0], &sch[1], &sch[2], &DES_iv, DES_ENCRYPT);
766 #define MAX_BLOCK_SIZE 128
768 static unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
770 #ifndef OPENSSL_NO_DEPRECATED_3_0
771 static AES_KEY aes_ks1, aes_ks2, aes_ks3;
772 static int AES_cbc_128_encrypt_loop(void *args)
774 loopargs_t *tempargs = *(loopargs_t **) args;
775 unsigned char *buf = tempargs->buf;
777 for (count = 0; COND(c[D_CBC_128_AES][testnum]); count++)
778 AES_cbc_encrypt(buf, buf,
779 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
783 static int AES_cbc_192_encrypt_loop(void *args)
785 loopargs_t *tempargs = *(loopargs_t **) args;
786 unsigned char *buf = tempargs->buf;
788 for (count = 0; COND(c[D_CBC_192_AES][testnum]); count++)
789 AES_cbc_encrypt(buf, buf,
790 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
794 static int AES_cbc_256_encrypt_loop(void *args)
796 loopargs_t *tempargs = *(loopargs_t **) args;
797 unsigned char *buf = tempargs->buf;
799 for (count = 0; COND(c[D_CBC_256_AES][testnum]); count++)
800 AES_cbc_encrypt(buf, buf,
801 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
805 static int AES_ige_128_encrypt_loop(void *args)
807 loopargs_t *tempargs = *(loopargs_t **) args;
808 unsigned char *buf = tempargs->buf;
809 unsigned char *buf2 = tempargs->buf2;
811 for (count = 0; COND(c[D_IGE_128_AES][testnum]); count++)
812 AES_ige_encrypt(buf, buf2,
813 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
817 static int AES_ige_192_encrypt_loop(void *args)
819 loopargs_t *tempargs = *(loopargs_t **) args;
820 unsigned char *buf = tempargs->buf;
821 unsigned char *buf2 = tempargs->buf2;
823 for (count = 0; COND(c[D_IGE_192_AES][testnum]); count++)
824 AES_ige_encrypt(buf, buf2,
825 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
829 static int AES_ige_256_encrypt_loop(void *args)
831 loopargs_t *tempargs = *(loopargs_t **) args;
832 unsigned char *buf = tempargs->buf;
833 unsigned char *buf2 = tempargs->buf2;
835 for (count = 0; COND(c[D_IGE_256_AES][testnum]); count++)
836 AES_ige_encrypt(buf, buf2,
837 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
841 static int CRYPTO_gcm128_aad_loop(void *args)
843 loopargs_t *tempargs = *(loopargs_t **) args;
844 unsigned char *buf = tempargs->buf;
845 GCM128_CONTEXT *gcm_ctx = tempargs->gcm_ctx;
847 for (count = 0; COND(c[D_GHASH][testnum]); count++)
848 CRYPTO_gcm128_aad(gcm_ctx, buf, lengths[testnum]);
853 static int RAND_bytes_loop(void *args)
855 loopargs_t *tempargs = *(loopargs_t **) args;
856 unsigned char *buf = tempargs->buf;
859 for (count = 0; COND(c[D_RAND][testnum]); count++)
860 RAND_bytes(buf, lengths[testnum]);
864 static int decrypt = 0;
865 static int EVP_Update_loop(void *args)
867 loopargs_t *tempargs = *(loopargs_t **) args;
868 unsigned char *buf = tempargs->buf;
869 EVP_CIPHER_CTX *ctx = tempargs->ctx;
873 for (count = 0; COND(c[D_EVP][testnum]); count++) {
874 rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
876 /* reset iv in case of counter overflow */
877 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
881 for (count = 0; COND(c[D_EVP][testnum]); count++) {
882 rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
884 /* reset iv in case of counter overflow */
885 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
890 EVP_DecryptFinal_ex(ctx, buf, &outl);
892 EVP_EncryptFinal_ex(ctx, buf, &outl);
897 * CCM does not support streaming. For the purpose of performance measurement,
898 * each message is encrypted using the same (key,iv)-pair. Do not use this
899 * code in your application.
901 static int EVP_Update_loop_ccm(void *args)
903 loopargs_t *tempargs = *(loopargs_t **) args;
904 unsigned char *buf = tempargs->buf;
905 EVP_CIPHER_CTX *ctx = tempargs->ctx;
907 unsigned char tag[12];
910 for (count = 0; COND(c[D_EVP][testnum]); count++) {
911 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), tag);
913 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
914 /* counter is reset on every update */
915 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
918 for (count = 0; COND(c[D_EVP][testnum]); count++) {
919 /* restore iv length field */
920 EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
921 /* counter is reset on every update */
922 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
926 EVP_DecryptFinal_ex(ctx, buf, &outl);
928 EVP_EncryptFinal_ex(ctx, buf, &outl);
933 * To make AEAD benchmarking more relevant perform TLS-like operations,
934 * 13-byte AAD followed by payload. But don't use TLS-formatted AAD, as
935 * payload length is not actually limited by 16KB...
937 static int EVP_Update_loop_aead(void *args)
939 loopargs_t *tempargs = *(loopargs_t **) args;
940 unsigned char *buf = tempargs->buf;
941 EVP_CIPHER_CTX *ctx = tempargs->ctx;
943 unsigned char aad[13] = { 0xcc };
944 unsigned char faketag[16] = { 0xcc };
947 for (count = 0; COND(c[D_EVP][testnum]); count++) {
948 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
949 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
950 sizeof(faketag), faketag);
951 EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
952 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
953 EVP_DecryptFinal_ex(ctx, buf + outl, &outl);
956 for (count = 0; COND(c[D_EVP][testnum]); count++) {
957 EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv);
958 EVP_EncryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
959 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
960 EVP_EncryptFinal_ex(ctx, buf + outl, &outl);
966 static const EVP_MD *evp_md = NULL;
967 static int EVP_Digest_loop(void *args)
969 loopargs_t *tempargs = *(loopargs_t **) args;
970 unsigned char *buf = tempargs->buf;
971 unsigned char md[EVP_MAX_MD_SIZE];
974 for (count = 0; COND(c[D_EVP][testnum]); count++) {
975 if (!EVP_Digest(buf, lengths[testnum], md, NULL, evp_md, NULL))
981 #ifndef OPENSSL_NO_DEPRECATED_3_0
982 static const EVP_MD *evp_hmac_md = NULL;
983 static char *evp_hmac_name = NULL;
984 static int EVP_HMAC_loop(void *args)
986 loopargs_t *tempargs = *(loopargs_t **) args;
987 unsigned char *buf = tempargs->buf;
988 unsigned char no_key[32];
991 for (count = 0; COND(c[D_EVP_HMAC][testnum]); count++) {
992 if (HMAC(evp_hmac_md, no_key, sizeof(no_key), buf, lengths[testnum],
1000 #if !defined(OPENSSL_NO_CMAC) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1001 static const EVP_CIPHER *evp_cmac_cipher = NULL;
1002 static char *evp_cmac_name = NULL;
1004 static int EVP_CMAC_loop(void *args)
1006 loopargs_t *tempargs = *(loopargs_t **) args;
1007 unsigned char *buf = tempargs->buf;
1008 CMAC_CTX *cmac_ctx = tempargs->cmac_ctx;
1009 static const char key[16] = "This is a key...";
1010 unsigned char mac[16];
1011 size_t len = sizeof(mac);
1014 for (count = 0; COND(c[D_EVP_CMAC][testnum]); count++) {
1015 if (!CMAC_Init(cmac_ctx, key, sizeof(key), evp_cmac_cipher, NULL)
1016 || !CMAC_Update(cmac_ctx, buf, lengths[testnum])
1017 || !CMAC_Final(cmac_ctx, mac, &len))
1024 #ifndef OPENSSL_NO_RSA
1025 static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */
1027 static int RSA_sign_loop(void *args)
1029 loopargs_t *tempargs = *(loopargs_t **) args;
1030 unsigned char *buf = tempargs->buf;
1031 unsigned char *buf2 = tempargs->buf2;
1032 unsigned int *rsa_num = &tempargs->siglen;
1033 RSA **rsa_key = tempargs->rsa_key;
1035 for (count = 0; COND(rsa_c[testnum][0]); count++) {
1036 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1038 BIO_printf(bio_err, "RSA sign failure\n");
1039 ERR_print_errors(bio_err);
1047 static int RSA_verify_loop(void *args)
1049 loopargs_t *tempargs = *(loopargs_t **) args;
1050 unsigned char *buf = tempargs->buf;
1051 unsigned char *buf2 = tempargs->buf2;
1052 unsigned int rsa_num = tempargs->siglen;
1053 RSA **rsa_key = tempargs->rsa_key;
1055 for (count = 0; COND(rsa_c[testnum][1]); count++) {
1057 RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1059 BIO_printf(bio_err, "RSA verify failure\n");
1060 ERR_print_errors(bio_err);
1069 #ifndef OPENSSL_NO_DSA
1070 static long dsa_c[DSA_NUM][2];
1071 static int DSA_sign_loop(void *args)
1073 loopargs_t *tempargs = *(loopargs_t **) args;
1074 unsigned char *buf = tempargs->buf;
1075 unsigned char *buf2 = tempargs->buf2;
1076 DSA **dsa_key = tempargs->dsa_key;
1077 unsigned int *siglen = &tempargs->siglen;
1079 for (count = 0; COND(dsa_c[testnum][0]); count++) {
1080 ret = DSA_sign(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1082 BIO_printf(bio_err, "DSA sign failure\n");
1083 ERR_print_errors(bio_err);
1091 static int DSA_verify_loop(void *args)
1093 loopargs_t *tempargs = *(loopargs_t **) args;
1094 unsigned char *buf = tempargs->buf;
1095 unsigned char *buf2 = tempargs->buf2;
1096 DSA **dsa_key = tempargs->dsa_key;
1097 unsigned int siglen = tempargs->siglen;
1099 for (count = 0; COND(dsa_c[testnum][1]); count++) {
1100 ret = DSA_verify(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1102 BIO_printf(bio_err, "DSA verify failure\n");
1103 ERR_print_errors(bio_err);
1112 #ifndef OPENSSL_NO_EC
1113 # ifndef OPENSSL_NO_DEPRECATED_3_0
1114 static long ecdsa_c[ECDSA_NUM][2];
1115 static int ECDSA_sign_loop(void *args)
1117 loopargs_t *tempargs = *(loopargs_t **) args;
1118 unsigned char *buf = tempargs->buf;
1119 EC_KEY **ecdsa = tempargs->ecdsa;
1120 unsigned char *ecdsasig = tempargs->buf2;
1121 unsigned int *ecdsasiglen = &tempargs->siglen;
1123 for (count = 0; COND(ecdsa_c[testnum][0]); count++) {
1124 ret = ECDSA_sign(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1126 BIO_printf(bio_err, "ECDSA sign failure\n");
1127 ERR_print_errors(bio_err);
1135 static int ECDSA_verify_loop(void *args)
1137 loopargs_t *tempargs = *(loopargs_t **) args;
1138 unsigned char *buf = tempargs->buf;
1139 EC_KEY **ecdsa = tempargs->ecdsa;
1140 unsigned char *ecdsasig = tempargs->buf2;
1141 unsigned int ecdsasiglen = tempargs->siglen;
1143 for (count = 0; COND(ecdsa_c[testnum][1]); count++) {
1144 ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1146 BIO_printf(bio_err, "ECDSA verify failure\n");
1147 ERR_print_errors(bio_err);
1156 /* ******************************************************************** */
1157 static long ecdh_c[EC_NUM][1];
1159 static int ECDH_EVP_derive_key_loop(void *args)
1161 loopargs_t *tempargs = *(loopargs_t **) args;
1162 EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum];
1163 unsigned char *derived_secret = tempargs->secret_a;
1165 size_t *outlen = &(tempargs->outlen[testnum]);
1167 for (count = 0; COND(ecdh_c[testnum][0]); count++)
1168 EVP_PKEY_derive(ctx, derived_secret, outlen);
1173 static long eddsa_c[EdDSA_NUM][2];
1174 static int EdDSA_sign_loop(void *args)
1176 loopargs_t *tempargs = *(loopargs_t **) args;
1177 unsigned char *buf = tempargs->buf;
1178 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1179 unsigned char *eddsasig = tempargs->buf2;
1180 size_t *eddsasigsize = &tempargs->sigsize;
1183 for (count = 0; COND(eddsa_c[testnum][0]); count++) {
1184 ret = EVP_DigestSign(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1186 BIO_printf(bio_err, "EdDSA sign failure\n");
1187 ERR_print_errors(bio_err);
1195 static int EdDSA_verify_loop(void *args)
1197 loopargs_t *tempargs = *(loopargs_t **) args;
1198 unsigned char *buf = tempargs->buf;
1199 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1200 unsigned char *eddsasig = tempargs->buf2;
1201 size_t eddsasigsize = tempargs->sigsize;
1204 for (count = 0; COND(eddsa_c[testnum][1]); count++) {
1205 ret = EVP_DigestVerify(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1207 BIO_printf(bio_err, "EdDSA verify failure\n");
1208 ERR_print_errors(bio_err);
1216 # ifndef OPENSSL_NO_SM2
1217 static long sm2_c[SM2_NUM][2];
1218 static int SM2_sign_loop(void *args)
1220 loopargs_t *tempargs = *(loopargs_t **) args;
1221 unsigned char *buf = tempargs->buf;
1222 EVP_MD_CTX **sm2ctx = tempargs->sm2_ctx;
1223 unsigned char *sm2sig = tempargs->buf2;
1224 size_t sm2sigsize = tempargs->sigsize;
1225 const size_t max_size = tempargs->sigsize;
1227 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1229 for (count = 0; COND(sm2_c[testnum][0]); count++) {
1230 if (!EVP_DigestSignInit(sm2ctx[testnum], NULL, EVP_sm3(),
1231 NULL, sm2_pkey[testnum])) {
1232 BIO_printf(bio_err, "SM2 init sign failure\n");
1233 ERR_print_errors(bio_err);
1237 ret = EVP_DigestSign(sm2ctx[testnum], sm2sig, &sm2sigsize,
1240 BIO_printf(bio_err, "SM2 sign failure\n");
1241 ERR_print_errors(bio_err);
1245 /* update the latest returned size and always use the fixed buffer size */
1246 tempargs->sigsize = sm2sigsize;
1247 sm2sigsize = max_size;
1253 static int SM2_verify_loop(void *args)
1255 loopargs_t *tempargs = *(loopargs_t **) args;
1256 unsigned char *buf = tempargs->buf;
1257 EVP_MD_CTX **sm2ctx = tempargs->sm2_vfy_ctx;
1258 unsigned char *sm2sig = tempargs->buf2;
1259 size_t sm2sigsize = tempargs->sigsize;
1261 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1263 for (count = 0; COND(sm2_c[testnum][1]); count++) {
1264 if (!EVP_DigestVerifyInit(sm2ctx[testnum], NULL, EVP_sm3(),
1265 NULL, sm2_pkey[testnum])) {
1266 BIO_printf(bio_err, "SM2 verify init failure\n");
1267 ERR_print_errors(bio_err);
1271 ret = EVP_DigestVerify(sm2ctx[testnum], sm2sig, sm2sigsize,
1274 BIO_printf(bio_err, "SM2 verify failure\n");
1275 ERR_print_errors(bio_err);
1282 # endif /* OPENSSL_NO_SM2 */
1283 #endif /* OPENSSL_NO_EC */
1285 static int run_benchmark(int async_jobs,
1286 int (*loop_function) (void *), loopargs_t * loopargs)
1288 int job_op_count = 0;
1289 int total_op_count = 0;
1290 int num_inprogress = 0;
1291 int error = 0, i = 0, ret = 0;
1292 OSSL_ASYNC_FD job_fd = 0;
1293 size_t num_job_fds = 0;
1295 if (async_jobs == 0) {
1296 return loop_function((void *)&loopargs);
1299 for (i = 0; i < async_jobs && !error; i++) {
1300 loopargs_t *looparg_item = loopargs + i;
1302 /* Copy pointer content (looparg_t item address) into async context */
1303 ret = ASYNC_start_job(&loopargs[i].inprogress_job, loopargs[i].wait_ctx,
1304 &job_op_count, loop_function,
1305 (void *)&looparg_item, sizeof(looparg_item));
1311 if (job_op_count == -1) {
1314 total_op_count += job_op_count;
1319 BIO_printf(bio_err, "Failure in the job\n");
1320 ERR_print_errors(bio_err);
1326 while (num_inprogress > 0) {
1327 #if defined(OPENSSL_SYS_WINDOWS)
1329 #elif defined(OPENSSL_SYS_UNIX)
1330 int select_result = 0;
1331 OSSL_ASYNC_FD max_fd = 0;
1334 FD_ZERO(&waitfdset);
1336 for (i = 0; i < async_jobs && num_inprogress > 0; i++) {
1337 if (loopargs[i].inprogress_job == NULL)
1340 if (!ASYNC_WAIT_CTX_get_all_fds
1341 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1342 || num_job_fds > 1) {
1343 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1344 ERR_print_errors(bio_err);
1348 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1350 FD_SET(job_fd, &waitfdset);
1351 if (job_fd > max_fd)
1355 if (max_fd >= (OSSL_ASYNC_FD)FD_SETSIZE) {
1357 "Error: max_fd (%d) must be smaller than FD_SETSIZE (%d). "
1358 "Decrease the value of async_jobs\n",
1359 max_fd, FD_SETSIZE);
1360 ERR_print_errors(bio_err);
1365 select_result = select(max_fd + 1, &waitfdset, NULL, NULL, NULL);
1366 if (select_result == -1 && errno == EINTR)
1369 if (select_result == -1) {
1370 BIO_printf(bio_err, "Failure in the select\n");
1371 ERR_print_errors(bio_err);
1376 if (select_result == 0)
1380 for (i = 0; i < async_jobs; i++) {
1381 if (loopargs[i].inprogress_job == NULL)
1384 if (!ASYNC_WAIT_CTX_get_all_fds
1385 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1386 || num_job_fds > 1) {
1387 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1388 ERR_print_errors(bio_err);
1392 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1395 #if defined(OPENSSL_SYS_UNIX)
1396 if (num_job_fds == 1 && !FD_ISSET(job_fd, &waitfdset))
1398 #elif defined(OPENSSL_SYS_WINDOWS)
1399 if (num_job_fds == 1
1400 && !PeekNamedPipe(job_fd, NULL, 0, NULL, &avail, NULL)
1405 ret = ASYNC_start_job(&loopargs[i].inprogress_job,
1406 loopargs[i].wait_ctx, &job_op_count,
1407 loop_function, (void *)(loopargs + i),
1408 sizeof(loopargs_t));
1413 if (job_op_count == -1) {
1416 total_op_count += job_op_count;
1419 loopargs[i].inprogress_job = NULL;
1424 loopargs[i].inprogress_job = NULL;
1425 BIO_printf(bio_err, "Failure in the job\n");
1426 ERR_print_errors(bio_err);
1433 return error ? -1 : total_op_count;
1436 #define stop_it(do_it, test_num)\
1437 memset(do_it + test_num, 0, OSSL_NELEM(do_it) - test_num);
1439 int speed_main(int argc, char **argv)
1442 loopargs_t *loopargs = NULL;
1444 const char *engine_id = NULL;
1445 const EVP_CIPHER *evp_cipher = NULL;
1448 int async_init = 0, multiblock = 0, pr_header = 0;
1449 uint8_t doit[ALGOR_NUM] = { 0 };
1450 int ret = 1, misalign = 0, lengths_single = 0, aead = 0;
1452 unsigned int size_num = SIZE_NUM;
1453 unsigned int i, k, loopargs_len = 0, async_jobs = 0;
1459 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) \
1460 || !defined(OPENSSL_NO_EC)
1463 openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS,
1464 ECDSA_SECONDS, ECDH_SECONDS,
1465 EdDSA_SECONDS, SM2_SECONDS };
1467 /* What follows are the buffers and key material. */
1468 #if !defined(OPENSSL_NO_RC5) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1471 #if !defined(OPENSSL_NO_RC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1474 #if !defined(OPENSSL_NO_IDEA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1475 IDEA_KEY_SCHEDULE idea_ks;
1477 #if !defined(OPENSSL_NO_SEED) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1478 SEED_KEY_SCHEDULE seed_ks;
1480 #if !defined(OPENSSL_NO_BF) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1483 #if !defined(OPENSSL_NO_CAST) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1486 #ifndef OPENSSL_NO_DEPRECATED_3_0
1487 static const unsigned char key16[16] = {
1488 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1489 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1491 static const unsigned char key24[24] = {
1492 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1493 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1494 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1496 static const unsigned char key32[32] = {
1497 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1498 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1499 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1500 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1503 #if !defined(OPENSSL_NO_CAMELLIA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1504 CAMELLIA_KEY camellia_ks[3];
1506 #ifndef OPENSSL_NO_RSA
1507 static const struct {
1508 const unsigned char *data;
1509 unsigned int length;
1512 { test512, sizeof(test512), 512 },
1513 { test1024, sizeof(test1024), 1024 },
1514 { test2048, sizeof(test2048), 2048 },
1515 { test3072, sizeof(test3072), 3072 },
1516 { test4096, sizeof(test4096), 4092 },
1517 { test7680, sizeof(test7680), 7680 },
1518 { test15360, sizeof(test15360), 15360 }
1520 uint8_t rsa_doit[RSA_NUM] = { 0 };
1521 int primes = RSA_DEFAULT_PRIME_NUM;
1523 #ifndef OPENSSL_NO_DSA
1524 static const unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 };
1525 uint8_t dsa_doit[DSA_NUM] = { 0 };
1527 #ifndef OPENSSL_NO_EC
1528 typedef struct ec_curve_st {
1532 size_t sigsize; /* only used for EdDSA curves */
1535 * We only test over the following curves as they are representative, To
1536 * add tests over more curves, simply add the curve NID and curve name to
1537 * the following arrays and increase the |ecdh_choices| and |ecdsa_choices|
1538 * lists accordingly.
1540 static const EC_CURVE ec_curves[EC_NUM] = {
1542 {"secp160r1", NID_secp160r1, 160},
1543 {"nistp192", NID_X9_62_prime192v1, 192},
1544 {"nistp224", NID_secp224r1, 224},
1545 {"nistp256", NID_X9_62_prime256v1, 256},
1546 {"nistp384", NID_secp384r1, 384},
1547 {"nistp521", NID_secp521r1, 521},
1548 # ifndef OPENSSL_NO_EC2M
1550 {"nistk163", NID_sect163k1, 163},
1551 {"nistk233", NID_sect233k1, 233},
1552 {"nistk283", NID_sect283k1, 283},
1553 {"nistk409", NID_sect409k1, 409},
1554 {"nistk571", NID_sect571k1, 571},
1555 {"nistb163", NID_sect163r2, 163},
1556 {"nistb233", NID_sect233r1, 233},
1557 {"nistb283", NID_sect283r1, 283},
1558 {"nistb409", NID_sect409r1, 409},
1559 {"nistb571", NID_sect571r1, 571},
1561 {"brainpoolP256r1", NID_brainpoolP256r1, 256},
1562 {"brainpoolP256t1", NID_brainpoolP256t1, 256},
1563 {"brainpoolP384r1", NID_brainpoolP384r1, 384},
1564 {"brainpoolP384t1", NID_brainpoolP384t1, 384},
1565 {"brainpoolP512r1", NID_brainpoolP512r1, 512},
1566 {"brainpoolP512t1", NID_brainpoolP512t1, 512},
1567 /* Other and ECDH only ones */
1568 {"X25519", NID_X25519, 253},
1569 {"X448", NID_X448, 448}
1571 static const EC_CURVE ed_curves[EdDSA_NUM] = {
1573 {"Ed25519", NID_ED25519, 253, 64},
1574 {"Ed448", NID_ED448, 456, 114}
1576 # ifndef OPENSSL_NO_SM2
1577 static const EC_CURVE sm2_curves[SM2_NUM] = {
1579 {"CurveSM2", NID_sm2, 256}
1581 uint8_t sm2_doit[SM2_NUM] = { 0 };
1583 uint8_t ecdsa_doit[ECDSA_NUM] = { 0 };
1584 uint8_t ecdh_doit[EC_NUM] = { 0 };
1585 uint8_t eddsa_doit[EdDSA_NUM] = { 0 };
1587 /* checks declarated curves against choices list. */
1588 OPENSSL_assert(ed_curves[EdDSA_NUM - 1].nid == NID_ED448);
1589 OPENSSL_assert(strcmp(eddsa_choices[EdDSA_NUM - 1].name, "ed448") == 0);
1591 OPENSSL_assert(ec_curves[EC_NUM - 1].nid == NID_X448);
1592 OPENSSL_assert(strcmp(ecdh_choices[EC_NUM - 1].name, "ecdhx448") == 0);
1594 OPENSSL_assert(ec_curves[ECDSA_NUM - 1].nid == NID_brainpoolP512t1);
1595 OPENSSL_assert(strcmp(ecdsa_choices[ECDSA_NUM - 1].name, "ecdsabrp512t1") == 0);
1597 # ifndef OPENSSL_NO_SM2
1598 OPENSSL_assert(sm2_curves[SM2_NUM - 1].nid == NID_sm2);
1599 OPENSSL_assert(strcmp(sm2_choices[SM2_NUM - 1].name, "curveSM2") == 0);
1601 #endif /* ndef OPENSSL_NO_EC */
1603 prog = opt_init(argc, argv, speed_options);
1604 while ((o = opt_next()) != OPT_EOF) {
1609 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
1612 opt_help(speed_options);
1620 evp_cipher = EVP_get_cipherbyname(opt_arg());
1621 if (evp_cipher == NULL)
1622 evp_md = EVP_get_digestbyname(opt_arg());
1623 if (evp_cipher == NULL && evp_md == NULL) {
1625 "%s: %s is an unknown cipher or digest\n",
1632 #ifndef OPENSSL_NO_DEPRECATED_3_0
1633 evp_hmac_md = EVP_get_digestbyname(opt_arg());
1634 if (evp_hmac_md == NULL) {
1635 BIO_printf(bio_err, "%s: %s is an unknown digest\n",
1639 doit[D_EVP_HMAC] = 1;
1643 #if !defined(OPENSSL_NO_CMAC) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1644 evp_cmac_cipher = EVP_get_cipherbyname(opt_arg());
1645 if (evp_cmac_cipher == NULL) {
1646 BIO_printf(bio_err, "%s: %s is an unknown cipher\n",
1650 doit[D_EVP_CMAC] = 1;
1658 * In a forked execution, an engine might need to be
1659 * initialised by each child process, not by the parent.
1660 * So store the name here and run setup_engine() later on.
1662 engine_id = opt_arg();
1666 multi = atoi(opt_arg());
1670 #ifndef OPENSSL_NO_ASYNC
1671 async_jobs = atoi(opt_arg());
1672 if (!ASYNC_is_capable()) {
1674 "%s: async_jobs specified but async not supported\n",
1678 if (async_jobs > 99999) {
1679 BIO_printf(bio_err, "%s: too many async_jobs\n", prog);
1685 if (!opt_int(opt_arg(), &misalign))
1687 if (misalign > MISALIGN) {
1689 "%s: Maximum offset is %d\n", prog, MISALIGN);
1698 #ifdef OPENSSL_NO_MULTIBLOCK
1700 "%s: -mb specified but multi-block support is disabled\n",
1710 if (!opt_int(opt_arg(), &primes))
1714 seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa
1715 = seconds.ecdh = seconds.eddsa
1716 = seconds.sm2 = atoi(opt_arg());
1719 lengths_single = atoi(opt_arg());
1720 lengths = &lengths_single;
1728 argc = opt_num_rest();
1731 /* Remaining arguments are algorithms. */
1732 for (; *argv; argv++) {
1733 const char *algo = *argv;
1735 if (opt_found(algo, doit_choices, &i)) {
1739 #if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1740 if (strcmp(algo, "des") == 0) {
1741 doit[D_CBC_DES] = doit[D_EDE3_DES] = 1;
1745 if (strcmp(algo, "sha") == 0) {
1746 doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1;
1749 #ifndef OPENSSL_NO_RSA
1750 if (strcmp(algo, "openssl") == 0) /* just for compatibility */
1752 if (strncmp(algo, "rsa", 3) == 0) {
1753 if (algo[3] == '\0') {
1754 memset(rsa_doit, 1, sizeof(rsa_doit));
1757 if (opt_found(algo, rsa_choices, &i)) {
1763 #ifndef OPENSSL_NO_DSA
1764 if (strncmp(algo, "dsa", 3) == 0) {
1765 if (algo[3] == '\0') {
1766 memset(dsa_doit, 1, sizeof(dsa_doit));
1769 if (opt_found(algo, dsa_choices, &i)) {
1775 #ifndef OPENSSL_NO_DEPRECATED_3_0
1776 if (strcmp(algo, "aes") == 0) {
1777 doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1;
1781 #if !defined(OPENSSL_NO_CAMELLIA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1782 if (strcmp(algo, "camellia") == 0) {
1783 doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1;
1787 #ifndef OPENSSL_NO_EC
1788 if (strncmp(algo, "ecdsa", 5) == 0) {
1789 if (algo[5] == '\0') {
1790 memset(ecdsa_doit, 1, sizeof(ecdsa_doit));
1793 if (opt_found(algo, ecdsa_choices, &i)) {
1798 if (strncmp(algo, "ecdh", 4) == 0) {
1799 if (algo[4] == '\0') {
1800 memset(ecdh_doit, 1, sizeof(ecdh_doit));
1803 if (opt_found(algo, ecdh_choices, &i)) {
1808 if (strcmp(algo, "eddsa") == 0) {
1809 memset(eddsa_doit, 1, sizeof(eddsa_doit));
1812 if (opt_found(algo, eddsa_choices, &i)) {
1816 # ifndef OPENSSL_NO_SM2
1817 if (strcmp(algo, "sm2") == 0) {
1818 memset(sm2_doit, 1, sizeof(sm2_doit));
1821 if (opt_found(algo, sm2_choices, &i)) {
1826 #endif /* OPENSSL_NO_EC */
1827 BIO_printf(bio_err, "%s: Unknown algorithm %s\n", prog, algo);
1833 if (evp_cipher == NULL) {
1834 BIO_printf(bio_err, "-aead can be used only with an AEAD cipher\n");
1836 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1837 EVP_CIPH_FLAG_AEAD_CIPHER)) {
1838 BIO_printf(bio_err, "%s is not an AEAD cipher\n",
1839 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1844 if (evp_cipher == NULL) {
1845 BIO_printf(bio_err,"-mb can be used only with a multi-block"
1846 " capable cipher\n");
1848 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1849 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
1850 BIO_printf(bio_err, "%s is not a multi-block capable\n",
1851 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1853 } else if (async_jobs > 0) {
1854 BIO_printf(bio_err, "Async mode is not supported with -mb");
1859 /* Initialize the job pool if async mode is enabled */
1860 if (async_jobs > 0) {
1861 async_init = ASYNC_init_thread(async_jobs, async_jobs);
1863 BIO_printf(bio_err, "Error creating the ASYNC job pool\n");
1868 loopargs_len = (async_jobs == 0 ? 1 : async_jobs);
1870 app_malloc(loopargs_len * sizeof(loopargs_t), "array of loopargs");
1871 memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));
1873 for (i = 0; i < loopargs_len; i++) {
1874 if (async_jobs > 0) {
1875 loopargs[i].wait_ctx = ASYNC_WAIT_CTX_new();
1876 if (loopargs[i].wait_ctx == NULL) {
1877 BIO_printf(bio_err, "Error creating the ASYNC_WAIT_CTX\n");
1882 buflen = lengths[size_num - 1];
1883 if (buflen < 36) /* size of random vector in RSA benchmark */
1885 buflen += MAX_MISALIGNMENT + 1;
1886 loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
1887 loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");
1888 memset(loopargs[i].buf_malloc, 0, buflen);
1889 memset(loopargs[i].buf2_malloc, 0, buflen);
1891 /* Align the start of buffers on a 64 byte boundary */
1892 loopargs[i].buf = loopargs[i].buf_malloc + misalign;
1893 loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;
1894 #ifndef OPENSSL_NO_EC
1895 loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a");
1896 loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b");
1901 if (multi && do_multi(multi, size_num))
1905 /* Initialize the engine after the fork */
1906 e = setup_engine(engine_id, 0);
1908 /* No parameters; turn on everything. */
1909 if (argc == 0 && !doit[D_EVP] && !doit[D_EVP_HMAC] && !doit[D_EVP_CMAC]) {
1910 memset(doit, 1, sizeof(doit));
1911 doit[D_EVP] = doit[D_EVP_HMAC] = doit[D_EVP_CMAC] = 0;
1912 #ifndef OPENSSL_NO_RSA
1913 memset(rsa_doit, 1, sizeof(rsa_doit));
1915 #ifndef OPENSSL_NO_DSA
1916 memset(dsa_doit, 1, sizeof(dsa_doit));
1918 #ifndef OPENSSL_NO_EC
1919 memset(ecdsa_doit, 1, sizeof(ecdsa_doit));
1920 memset(ecdh_doit, 1, sizeof(ecdh_doit));
1921 memset(eddsa_doit, 1, sizeof(eddsa_doit));
1922 # ifndef OPENSSL_NO_SM2
1923 memset(sm2_doit, 1, sizeof(sm2_doit));
1927 for (i = 0; i < ALGOR_NUM; i++)
1931 if (usertime == 0 && !mr)
1933 "You have chosen to measure elapsed time "
1934 "instead of user CPU time.\n");
1936 #ifndef OPENSSL_NO_RSA
1937 for (i = 0; i < loopargs_len; i++) {
1938 if (primes > RSA_DEFAULT_PRIME_NUM) {
1939 /* for multi-prime RSA, skip this */
1942 for (k = 0; k < RSA_NUM; k++) {
1943 const unsigned char *p = rsa_keys[k].data;
1945 loopargs[i].rsa_key[k] =
1946 d2i_RSAPrivateKey(NULL, &p, rsa_keys[k].length);
1947 if (loopargs[i].rsa_key[k] == NULL) {
1949 "internal error loading RSA key number %d\n", k);
1955 #ifndef OPENSSL_NO_DSA
1956 for (i = 0; i < loopargs_len; i++) {
1957 loopargs[i].dsa_key[0] = get_dsa(512);
1958 loopargs[i].dsa_key[1] = get_dsa(1024);
1959 loopargs[i].dsa_key[2] = get_dsa(2048);
1962 #if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1963 if (doit[D_CBC_DES] || doit[D_EDE3_DES]) {
1964 static DES_cblock keys[] = {
1965 { 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0 }, /* keys[0] */
1966 { 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12 }, /* keys[1] */
1967 { 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34 } /* keys[3] */
1969 DES_set_key_unchecked(&keys[0], &sch[0]);
1970 DES_set_key_unchecked(&keys[1], &sch[1]);
1971 DES_set_key_unchecked(&keys[2], &sch[2]);
1974 #ifndef OPENSSL_NO_DEPRECATED_3_0
1975 AES_set_encrypt_key(key16, 128, &aes_ks1);
1976 AES_set_encrypt_key(key24, 192, &aes_ks2);
1977 AES_set_encrypt_key(key32, 256, &aes_ks3);
1979 #if !defined(OPENSSL_NO_CAMELLIA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1980 if (doit[D_CBC_128_CML] || doit[D_CBC_192_CML] || doit[D_CBC_256_CML]) {
1981 Camellia_set_key(key16, 128, &camellia_ks[0]);
1982 Camellia_set_key(key24, 192, &camellia_ks[1]);
1983 Camellia_set_key(key32, 256, &camellia_ks[2]);
1986 #if !defined(OPENSSL_NO_IDEA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1987 if (doit[D_CBC_IDEA])
1988 IDEA_set_encrypt_key(key16, &idea_ks);
1990 #if !defined(OPENSSL_NO_SEED) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1991 if (doit[D_CBC_SEED])
1992 SEED_set_key(key16, &seed_ks);
1994 #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1996 RC4_set_key(&rc4_ks, 16, key16);
1998 #if !defined(OPENSSL_NO_RC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1999 if (doit[D_CBC_RC2])
2000 RC2_set_key(&rc2_ks, 16, key16, 128);
2002 #if !defined(OPENSSL_NO_RC5) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2003 if (doit[D_CBC_RC5])
2004 if (!RC5_32_set_key(&rc5_ks, 16, key16, 12)) {
2005 BIO_printf(bio_err, "Failed setting RC5 key\n");
2009 #if !defined(OPENSSL_NO_BF) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2011 BF_set_key(&bf_ks, 16, key16);
2013 #if !defined(OPENSSL_NO_CAST) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2014 if (doit[D_CBC_CAST])
2015 CAST_set_key(&cast_ks, 16, key16);
2018 #if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2019 BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
2025 for (it = count; it; it--)
2026 DES_ecb_encrypt((DES_cblock *)loopargs[0].buf,
2027 (DES_cblock *)loopargs[0].buf, &sch, DES_ENCRYPT);
2030 c[D_MD2][0] = count / 10;
2031 c[D_MDC2][0] = count / 10;
2032 c[D_MD4][0] = count;
2033 c[D_MD5][0] = count;
2034 c[D_HMAC][0] = count;
2035 c[D_SHA1][0] = count;
2036 c[D_RMD160][0] = count;
2037 c[D_RC4][0] = count * 5;
2038 c[D_CBC_DES][0] = count;
2039 c[D_EDE3_DES][0] = count / 3;
2040 c[D_CBC_IDEA][0] = count;
2041 c[D_CBC_SEED][0] = count;
2042 c[D_CBC_RC2][0] = count;
2043 c[D_CBC_RC5][0] = count;
2044 c[D_CBC_BF][0] = count;
2045 c[D_CBC_CAST][0] = count;
2046 c[D_CBC_128_AES][0] = count;
2047 c[D_CBC_192_AES][0] = count;
2048 c[D_CBC_256_AES][0] = count;
2049 c[D_CBC_128_CML][0] = count;
2050 c[D_CBC_192_CML][0] = count;
2051 c[D_CBC_256_CML][0] = count;
2052 c[D_EVP][0] = count;
2053 c[D_SHA256][0] = count;
2054 c[D_SHA512][0] = count;
2055 c[D_WHIRLPOOL][0] = count;
2056 c[D_IGE_128_AES][0] = count;
2057 c[D_IGE_192_AES][0] = count;
2058 c[D_IGE_256_AES][0] = count;
2059 c[D_GHASH][0] = count;
2060 c[D_RAND][0] = count;
2061 c[D_EVP_HMAC][0] = count;
2062 c[D_EVP_CMAC][0] = count;
2064 for (i = 1; i < size_num; i++) {
2065 long l0 = (long)lengths[0];
2066 long l1 = (long)lengths[i];
2068 c[D_MD2][i] = c[D_MD2][0] * 4 * l0 / l1;
2069 c[D_MDC2][i] = c[D_MDC2][0] * 4 * l0 / l1;
2070 c[D_MD4][i] = c[D_MD4][0] * 4 * l0 / l1;
2071 c[D_MD5][i] = c[D_MD5][0] * 4 * l0 / l1;
2072 c[D_HMAC][i] = c[D_HMAC][0] * 4 * l0 / l1;
2073 c[D_SHA1][i] = c[D_SHA1][0] * 4 * l0 / l1;
2074 c[D_RMD160][i] = c[D_RMD160][0] * 4 * l0 / l1;
2075 c[D_EVP][i] = = c[D_EVP][0] * 4 * l0 / l1;
2076 c[D_SHA256][i] = c[D_SHA256][0] * 4 * l0 / l1;
2077 c[D_SHA512][i] = c[D_SHA512][0] * 4 * l0 / l1;
2078 c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * l0 / l1;
2079 c[D_GHASH][i] = c[D_GHASH][0] * 4 * l0 / l1;
2080 c[D_RAND][i] = c[D_RAND][0] * 4 * l0 / l1;
2081 c[D_EVP_HMAC][i] = = c[D_EVP_HMAC][0] * 4 * l0 / l1;
2082 c[D_EVP_CMAC][i] = = c[D_EVP_CMAC][0] * 4 * l0 / l1;
2084 l0 = (long)lengths[i - 1];
2086 c[D_RC4][i] = c[D_RC4][i - 1] * l0 / l1;
2087 c[D_CBC_DES][i] = c[D_CBC_DES][i - 1] * l0 / l1;
2088 c[D_EDE3_DES][i] = c[D_EDE3_DES][i - 1] * l0 / l1;
2089 c[D_CBC_IDEA][i] = c[D_CBC_IDEA][i - 1] * l0 / l1;
2090 c[D_CBC_SEED][i] = c[D_CBC_SEED][i - 1] * l0 / l1;
2091 c[D_CBC_RC2][i] = c[D_CBC_RC2][i - 1] * l0 / l1;
2092 c[D_CBC_RC5][i] = c[D_CBC_RC5][i - 1] * l0 / l1;
2093 c[D_CBC_BF][i] = c[D_CBC_BF][i - 1] * l0 / l1;
2094 c[D_CBC_CAST][i] = c[D_CBC_CAST][i - 1] * l0 / l1;
2095 c[D_CBC_128_AES][i] = c[D_CBC_128_AES][i - 1] * l0 / l1;
2096 c[D_CBC_192_AES][i] = c[D_CBC_192_AES][i - 1] * l0 / l1;
2097 c[D_CBC_256_AES][i] = c[D_CBC_256_AES][i - 1] * l0 / l1;
2098 c[D_CBC_128_CML][i] = c[D_CBC_128_CML][i - 1] * l0 / l1;
2099 c[D_CBC_192_CML][i] = c[D_CBC_192_CML][i - 1] * l0 / l1;
2100 c[D_CBC_256_CML][i] = c[D_CBC_256_CML][i - 1] * l0 / l1;
2101 c[D_IGE_128_AES][i] = c[D_IGE_128_AES][i - 1] * l0 / l1;
2102 c[D_IGE_192_AES][i] = c[D_IGE_192_AES][i - 1] * l0 / l1;
2103 c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
2106 # ifndef OPENSSL_NO_RSA
2107 rsa_c[R_RSA_512][0] = count / 2000;
2108 rsa_c[R_RSA_512][1] = count / 400;
2109 for (i = 1; i < RSA_NUM; i++) {
2110 rsa_c[i][0] = rsa_c[i - 1][0] / 8;
2111 rsa_c[i][1] = rsa_c[i - 1][1] / 4;
2112 if (rsa_doit[i] <= 1 && rsa_c[i][0] == 0)
2115 if (rsa_c[i][0] == 0) {
2116 rsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2123 # ifndef OPENSSL_NO_DSA
2124 dsa_c[R_DSA_512][0] = count / 1000;
2125 dsa_c[R_DSA_512][1] = count / 1000 / 2;
2126 for (i = 1; i < DSA_NUM; i++) {
2127 dsa_c[i][0] = dsa_c[i - 1][0] / 4;
2128 dsa_c[i][1] = dsa_c[i - 1][1] / 4;
2129 if (dsa_doit[i] <= 1 && dsa_c[i][0] == 0)
2132 if (dsa_c[i][0] == 0) {
2133 dsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2140 # ifndef OPENSSL_NO_EC
2141 ecdsa_c[R_EC_P160][0] = count / 1000;
2142 ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
2143 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2144 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2145 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2146 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2149 if (ecdsa_c[i][0] == 0) {
2155 # ifndef OPENSSL_NO_EC2M
2156 ecdsa_c[R_EC_K163][0] = count / 1000;
2157 ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
2158 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2159 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2160 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2161 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2164 if (ecdsa_c[i][0] == 0) {
2170 ecdsa_c[R_EC_B163][0] = count / 1000;
2171 ecdsa_c[R_EC_B163][1] = count / 1000 / 2;
2172 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2173 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2174 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2175 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2178 if (ecdsa_c[i][0] == 0) {
2186 ecdh_c[R_EC_P160][0] = count / 1000;
2187 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2188 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2189 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2192 if (ecdh_c[i][0] == 0) {
2197 # ifndef OPENSSL_NO_EC2M
2198 ecdh_c[R_EC_K163][0] = count / 1000;
2199 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2200 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2201 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2204 if (ecdh_c[i][0] == 0) {
2209 ecdh_c[R_EC_B163][0] = count / 1000;
2210 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2211 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2212 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2215 if (ecdh_c[i][0] == 0) {
2221 /* repeated code good to factorize */
2222 ecdh_c[R_EC_BRP256R1][0] = count / 1000;
2223 for (i = R_EC_BRP384R1; i <= R_EC_BRP512R1; i += 2) {
2224 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2225 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2228 if (ecdh_c[i][0] == 0) {
2233 ecdh_c[R_EC_BRP256T1][0] = count / 1000;
2234 for (i = R_EC_BRP384T1; i <= R_EC_BRP512T1; i += 2) {
2235 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2236 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2239 if (ecdh_c[i][0] == 0) {
2244 /* default iteration count for the last two EC Curves */
2245 ecdh_c[R_EC_X25519][0] = count / 1800;
2246 ecdh_c[R_EC_X448][0] = count / 7200;
2248 eddsa_c[R_EC_Ed25519][0] = count / 1800;
2249 eddsa_c[R_EC_Ed448][0] = count / 7200;
2251 # ifndef OPENSSL_NO_SM2
2252 sm2_c[R_EC_SM2P256][0] = count / 1800;
2254 # endif /* OPENSSL_NO_EC */
2257 /* not worth fixing */
2258 # error "You cannot disable DES on systems without SIGALRM."
2259 # endif /* OPENSSL_NO_DES */
2261 signal(SIGALRM, alarmed);
2262 #endif /* SIGALRM */
2264 #if !defined(OPENSSL_NO_MD2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2266 for (testnum = 0; testnum < size_num; testnum++) {
2267 print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum],
2270 count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs);
2272 print_result(D_MD2, testnum, count, d);
2276 #if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2278 for (testnum = 0; testnum < size_num; testnum++) {
2279 print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum],
2282 count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs);
2284 print_result(D_MDC2, testnum, count, d);
2291 #if !defined(OPENSSL_NO_MD4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2293 for (testnum = 0; testnum < size_num; testnum++) {
2294 print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum],
2297 count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs);
2299 print_result(D_MD4, testnum, count, d);
2306 #if !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2308 for (testnum = 0; testnum < size_num; testnum++) {
2309 print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum],
2312 count = run_benchmark(async_jobs, MD5_loop, loopargs);
2314 print_result(D_MD5, testnum, count, d);
2318 # ifndef OPENSSL_NO_DEPRECATED_3_0
2320 static const char hmac_key[] = "This is a key...";
2321 int len = strlen(hmac_key);
2323 for (i = 0; i < loopargs_len; i++) {
2324 loopargs[i].hctx = HMAC_CTX_new();
2325 if (loopargs[i].hctx == NULL) {
2326 BIO_printf(bio_err, "HMAC malloc failure, exiting...");
2330 HMAC_Init_ex(loopargs[i].hctx, hmac_key, len, EVP_md5(), NULL);
2332 for (testnum = 0; testnum < size_num; testnum++) {
2333 print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum],
2336 count = run_benchmark(async_jobs, HMAC_loop, loopargs);
2338 print_result(D_HMAC, testnum, count, d);
2340 for (i = 0; i < loopargs_len; i++)
2341 HMAC_CTX_free(loopargs[i].hctx);
2345 #ifndef OPENSSL_NO_DEPRECATED_3_0
2347 for (testnum = 0; testnum < size_num; testnum++) {
2348 print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum],
2351 count = run_benchmark(async_jobs, SHA1_loop, loopargs);
2353 print_result(D_SHA1, testnum, count, d);
2356 if (doit[D_SHA256]) {
2357 for (testnum = 0; testnum < size_num; testnum++) {
2358 print_message(names[D_SHA256], c[D_SHA256][testnum],
2359 lengths[testnum], seconds.sym);
2361 count = run_benchmark(async_jobs, SHA256_loop, loopargs);
2363 print_result(D_SHA256, testnum, count, d);
2366 if (doit[D_SHA512]) {
2367 for (testnum = 0; testnum < size_num; testnum++) {
2368 print_message(names[D_SHA512], c[D_SHA512][testnum],
2369 lengths[testnum], seconds.sym);
2371 count = run_benchmark(async_jobs, SHA512_loop, loopargs);
2373 print_result(D_SHA512, testnum, count, d);
2377 #if !defined(OPENSSL_NO_WHIRLPOOL) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2378 if (doit[D_WHIRLPOOL]) {
2379 for (testnum = 0; testnum < size_num; testnum++) {
2380 print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][testnum],
2381 lengths[testnum], seconds.sym);
2383 count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs);
2385 print_result(D_WHIRLPOOL, testnum, count, d);
2390 #if !defined(OPENSSL_NO_RMD160) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2391 if (doit[D_RMD160]) {
2392 for (testnum = 0; testnum < size_num; testnum++) {
2393 print_message(names[D_RMD160], c[D_RMD160][testnum],
2394 lengths[testnum], seconds.sym);
2396 count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs);
2398 print_result(D_RMD160, testnum, count, d);
2404 #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2406 for (testnum = 0; testnum < size_num; testnum++) {
2407 print_message(names[D_RC4], c[D_RC4][testnum], lengths[testnum],
2410 count = run_benchmark(async_jobs, RC4_loop, loopargs);
2412 print_result(D_RC4, testnum, count, d);
2416 #if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2417 if (doit[D_CBC_DES]) {
2418 for (testnum = 0; testnum < size_num; testnum++) {
2419 print_message(names[D_CBC_DES], c[D_CBC_DES][testnum],
2420 lengths[testnum], seconds.sym);
2422 count = run_benchmark(async_jobs, DES_ncbc_encrypt_loop, loopargs);
2424 print_result(D_CBC_DES, testnum, count, d);
2428 if (doit[D_EDE3_DES]) {
2429 for (testnum = 0; testnum < size_num; testnum++) {
2430 print_message(names[D_EDE3_DES], c[D_EDE3_DES][testnum],
2431 lengths[testnum], seconds.sym);
2434 run_benchmark(async_jobs, DES_ede3_cbc_encrypt_loop, loopargs);
2436 print_result(D_EDE3_DES, testnum, count, d);
2441 #ifndef OPENSSL_NO_DEPRECATED_3_0
2442 if (doit[D_CBC_128_AES]) {
2443 for (testnum = 0; testnum < size_num; testnum++) {
2444 print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][testnum],
2445 lengths[testnum], seconds.sym);
2448 run_benchmark(async_jobs, AES_cbc_128_encrypt_loop, loopargs);
2450 print_result(D_CBC_128_AES, testnum, count, d);
2453 if (doit[D_CBC_192_AES]) {
2454 for (testnum = 0; testnum < size_num; testnum++) {
2455 print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][testnum],
2456 lengths[testnum], seconds.sym);
2459 run_benchmark(async_jobs, AES_cbc_192_encrypt_loop, loopargs);
2461 print_result(D_CBC_192_AES, testnum, count, d);
2464 if (doit[D_CBC_256_AES]) {
2465 for (testnum = 0; testnum < size_num; testnum++) {
2466 print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][testnum],
2467 lengths[testnum], seconds.sym);
2470 run_benchmark(async_jobs, AES_cbc_256_encrypt_loop, loopargs);
2472 print_result(D_CBC_256_AES, testnum, count, d);
2477 if (doit[D_IGE_128_AES]) {
2478 for (testnum = 0; testnum < size_num; testnum++) {
2479 print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][testnum],
2480 lengths[testnum], seconds.sym);
2483 run_benchmark(async_jobs, AES_ige_128_encrypt_loop, loopargs);
2485 print_result(D_IGE_128_AES, testnum, count, d);
2488 if (doit[D_IGE_192_AES]) {
2489 for (testnum = 0; testnum < size_num; testnum++) {
2490 print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][testnum],
2491 lengths[testnum], seconds.sym);
2494 run_benchmark(async_jobs, AES_ige_192_encrypt_loop, loopargs);
2496 print_result(D_IGE_192_AES, testnum, count, d);
2499 if (doit[D_IGE_256_AES]) {
2500 for (testnum = 0; testnum < size_num; testnum++) {
2501 print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][testnum],
2502 lengths[testnum], seconds.sym);
2505 run_benchmark(async_jobs, AES_ige_256_encrypt_loop, loopargs);
2507 print_result(D_IGE_256_AES, testnum, count, d);
2510 if (doit[D_GHASH]) {
2511 for (i = 0; i < loopargs_len; i++) {
2512 loopargs[i].gcm_ctx =
2513 CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
2514 CRYPTO_gcm128_setiv(loopargs[i].gcm_ctx,
2515 (unsigned char *)"0123456789ab", 12);
2518 for (testnum = 0; testnum < size_num; testnum++) {
2519 print_message(names[D_GHASH], c[D_GHASH][testnum],
2520 lengths[testnum], seconds.sym);
2522 count = run_benchmark(async_jobs, CRYPTO_gcm128_aad_loop, loopargs);
2524 print_result(D_GHASH, testnum, count, d);
2526 for (i = 0; i < loopargs_len; i++)
2527 CRYPTO_gcm128_release(loopargs[i].gcm_ctx);
2529 #endif /* OPENSSL_NO_DEPRECATED_3_0 */
2530 #if !defined(OPENSSL_NO_CAMELLIA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2531 if (doit[D_CBC_128_CML]) {
2532 if (async_jobs > 0) {
2533 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2534 names[D_CBC_128_CML]);
2535 doit[D_CBC_128_CML] = 0;
2537 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2538 print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][testnum],
2539 lengths[testnum], seconds.sym);
2541 for (count = 0; COND(c[D_CBC_128_CML][testnum]); count++)
2542 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2543 (size_t)lengths[testnum], &camellia_ks[0],
2544 iv, CAMELLIA_ENCRYPT);
2546 print_result(D_CBC_128_CML, testnum, count, d);
2549 if (doit[D_CBC_192_CML]) {
2550 if (async_jobs > 0) {
2551 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2552 names[D_CBC_192_CML]);
2553 doit[D_CBC_192_CML] = 0;
2555 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2556 print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][testnum],
2557 lengths[testnum], seconds.sym);
2558 if (async_jobs > 0) {
2559 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2563 for (count = 0; COND(c[D_CBC_192_CML][testnum]); count++)
2564 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2565 (size_t)lengths[testnum], &camellia_ks[1],
2566 iv, CAMELLIA_ENCRYPT);
2568 print_result(D_CBC_192_CML, testnum, count, d);
2571 if (doit[D_CBC_256_CML]) {
2572 if (async_jobs > 0) {
2573 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2574 names[D_CBC_256_CML]);
2575 doit[D_CBC_256_CML] = 0;
2577 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2578 print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][testnum],
2579 lengths[testnum], seconds.sym);
2581 for (count = 0; COND(c[D_CBC_256_CML][testnum]); count++)
2582 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2583 (size_t)lengths[testnum], &camellia_ks[2],
2584 iv, CAMELLIA_ENCRYPT);
2586 print_result(D_CBC_256_CML, testnum, count, d);
2590 #if !defined(OPENSSL_NO_IDEA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2591 if (doit[D_CBC_IDEA]) {
2592 if (async_jobs > 0) {
2593 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2595 doit[D_CBC_IDEA] = 0;
2597 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2598 print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][testnum],
2599 lengths[testnum], seconds.sym);
2601 for (count = 0; COND(c[D_CBC_IDEA][testnum]); count++)
2602 IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2603 (size_t)lengths[testnum], &idea_ks,
2606 print_result(D_CBC_IDEA, testnum, count, d);
2610 #if !defined(OPENSSL_NO_SEED) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2611 if (doit[D_CBC_SEED]) {
2612 if (async_jobs > 0) {
2613 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2615 doit[D_CBC_SEED] = 0;
2617 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2618 print_message(names[D_CBC_SEED], c[D_CBC_SEED][testnum],
2619 lengths[testnum], seconds.sym);
2621 for (count = 0; COND(c[D_CBC_SEED][testnum]); count++)
2622 SEED_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2623 (size_t)lengths[testnum], &seed_ks, iv, 1);
2625 print_result(D_CBC_SEED, testnum, count, d);
2629 #if !defined(OPENSSL_NO_RC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2630 if (doit[D_CBC_RC2]) {
2631 if (async_jobs > 0) {
2632 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2634 doit[D_CBC_RC2] = 0;
2636 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2637 print_message(names[D_CBC_RC2], c[D_CBC_RC2][testnum],
2638 lengths[testnum], seconds.sym);
2639 if (async_jobs > 0) {
2640 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2644 for (count = 0; COND(c[D_CBC_RC2][testnum]); count++)
2645 RC2_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2646 (size_t)lengths[testnum], &rc2_ks,
2649 print_result(D_CBC_RC2, testnum, count, d);
2653 #if !defined(OPENSSL_NO_RC5) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2654 if (doit[D_CBC_RC5]) {
2655 if (async_jobs > 0) {
2656 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2658 doit[D_CBC_RC5] = 0;
2660 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2661 print_message(names[D_CBC_RC5], c[D_CBC_RC5][testnum],
2662 lengths[testnum], seconds.sym);
2663 if (async_jobs > 0) {
2664 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2668 for (count = 0; COND(c[D_CBC_RC5][testnum]); count++)
2669 RC5_32_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2670 (size_t)lengths[testnum], &rc5_ks,
2673 print_result(D_CBC_RC5, testnum, count, d);
2677 #if !defined(OPENSSL_NO_BF) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2678 if (doit[D_CBC_BF]) {
2679 if (async_jobs > 0) {
2680 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2684 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2685 print_message(names[D_CBC_BF], c[D_CBC_BF][testnum],
2686 lengths[testnum], seconds.sym);
2688 for (count = 0; COND(c[D_CBC_BF][testnum]); count++)
2689 BF_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2690 (size_t)lengths[testnum], &bf_ks,
2693 print_result(D_CBC_BF, testnum, count, d);
2697 #if !defined(OPENSSL_NO_CAST) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2698 if (doit[D_CBC_CAST]) {
2699 if (async_jobs > 0) {
2700 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2702 doit[D_CBC_CAST] = 0;
2704 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2705 print_message(names[D_CBC_CAST], c[D_CBC_CAST][testnum],
2706 lengths[testnum], seconds.sym);
2708 for (count = 0; COND(c[D_CBC_CAST][testnum]); count++)
2709 CAST_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2710 (size_t)lengths[testnum], &cast_ks,
2713 print_result(D_CBC_CAST, testnum, count, d);
2718 for (testnum = 0; testnum < size_num; testnum++) {
2719 print_message(names[D_RAND], c[D_RAND][testnum], lengths[testnum],
2722 count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs);
2724 print_result(D_RAND, testnum, count, d);
2729 if (evp_cipher != NULL) {
2730 int (*loopfunc) (void *) = EVP_Update_loop;
2732 if (multiblock && (EVP_CIPHER_flags(evp_cipher) &
2733 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
2734 multiblock_speed(evp_cipher, lengths_single, &seconds);
2739 names[D_EVP] = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
2741 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_CCM_MODE) {
2742 loopfunc = EVP_Update_loop_ccm;
2743 } else if (aead && (EVP_CIPHER_flags(evp_cipher) &
2744 EVP_CIPH_FLAG_AEAD_CIPHER)) {
2745 loopfunc = EVP_Update_loop_aead;
2746 if (lengths == lengths_list) {
2747 lengths = aead_lengths_list;
2748 size_num = OSSL_NELEM(aead_lengths_list);
2752 for (testnum = 0; testnum < size_num; testnum++) {
2753 print_message(names[D_EVP], c[D_EVP][testnum], lengths[testnum],
2756 for (k = 0; k < loopargs_len; k++) {
2757 loopargs[k].ctx = EVP_CIPHER_CTX_new();
2758 if (loopargs[k].ctx == NULL) {
2759 BIO_printf(bio_err, "\nEVP_CIPHER_CTX_new failure\n");
2762 if (!EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL,
2763 NULL, iv, decrypt ? 0 : 1)) {
2764 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2765 ERR_print_errors(bio_err);
2769 EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
2771 keylen = EVP_CIPHER_CTX_key_length(loopargs[k].ctx);
2772 loopargs[k].key = app_malloc(keylen, "evp_cipher key");
2773 EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key);
2774 if (!EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
2775 loopargs[k].key, NULL, -1)) {
2776 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2777 ERR_print_errors(bio_err);
2780 OPENSSL_clear_free(loopargs[k].key, keylen);
2782 /* SIV mode only allows for a single Update operation */
2783 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_SIV_MODE)
2784 EVP_CIPHER_CTX_ctrl(loopargs[k].ctx, EVP_CTRL_SET_SPEED, 1, NULL);
2788 count = run_benchmark(async_jobs, loopfunc, loopargs);
2790 for (k = 0; k < loopargs_len; k++) {
2791 EVP_CIPHER_CTX_free(loopargs[k].ctx);
2793 print_result(D_EVP, testnum, count, d);
2795 } else if (evp_md != NULL) {
2796 names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md));
2798 for (testnum = 0; testnum < size_num; testnum++) {
2799 print_message(names[D_EVP], c[D_EVP][testnum], lengths[testnum],
2802 count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs);
2804 print_result(D_EVP, testnum, count, d);
2809 #ifndef OPENSSL_NO_DEPRECATED_3_0
2810 if (doit[D_EVP_HMAC] && evp_hmac_md != NULL) {
2811 const char *md_name = OBJ_nid2ln(EVP_MD_type(evp_hmac_md));
2813 evp_hmac_name = app_malloc(sizeof("HMAC()") + strlen(md_name),
2815 sprintf(evp_hmac_name, "HMAC(%s)", md_name);
2816 names[D_EVP_HMAC] = evp_hmac_name;
2818 for (testnum = 0; testnum < size_num; testnum++) {
2819 print_message(names[D_EVP_HMAC], c[D_EVP_HMAC][testnum], lengths[testnum],
2822 count = run_benchmark(async_jobs, EVP_HMAC_loop, loopargs);
2824 print_result(D_EVP_HMAC, testnum, count, d);
2829 #if !defined(OPENSSL_NO_CMAC) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2830 if (doit[D_EVP_CMAC] && evp_cmac_cipher != NULL) {
2831 const char *cipher_name = OBJ_nid2ln(EVP_CIPHER_type(evp_cmac_cipher));
2833 evp_cmac_name = app_malloc(sizeof("CMAC()") + strlen(cipher_name),
2835 sprintf(evp_cmac_name, "CMAC(%s)", cipher_name);
2836 names[D_EVP_CMAC] = evp_cmac_name;
2838 for (i = 0; i < loopargs_len; i++) {
2839 loopargs[i].cmac_ctx = CMAC_CTX_new();
2840 if (loopargs[i].cmac_ctx == NULL) {
2841 BIO_printf(bio_err, "CMAC malloc failure, exiting...");
2845 for (testnum = 0; testnum < size_num; testnum++) {
2846 print_message(names[D_EVP_CMAC], c[D_EVP_CMAC][testnum], lengths[testnum],
2849 count = run_benchmark(async_jobs, EVP_CMAC_loop, loopargs);
2851 print_result(D_EVP_CMAC, testnum, count, d);
2853 for (i = 0; i < loopargs_len; i++)
2854 CMAC_CTX_free(loopargs[i].cmac_ctx);
2858 for (i = 0; i < loopargs_len; i++)
2859 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2862 #ifndef OPENSSL_NO_RSA
2863 for (testnum = 0; testnum < RSA_NUM; testnum++) {
2865 if (!rsa_doit[testnum])
2867 for (i = 0; i < loopargs_len; i++) {
2868 if (primes > RSA_DEFAULT_PRIME_NUM) {
2869 /* we haven't set keys yet, generate multi-prime RSA keys */
2870 BIGNUM *bn = BN_new();
2874 if (!BN_set_word(bn, RSA_F4)) {
2879 BIO_printf(bio_err, "Generate multi-prime RSA key for %s\n",
2880 rsa_choices[testnum].name);
2882 loopargs[i].rsa_key[testnum] = RSA_new();
2883 if (loopargs[i].rsa_key[testnum] == NULL) {
2888 if (!RSA_generate_multi_prime_key(loopargs[i].rsa_key[testnum],
2889 rsa_keys[testnum].bits,
2890 primes, bn, NULL)) {
2896 st = RSA_sign(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2897 &loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2903 "RSA sign failure. No RSA sign will be done.\n");
2904 ERR_print_errors(bio_err);
2907 pkey_print_message("private", "rsa",
2908 rsa_c[testnum][0], rsa_keys[testnum].bits,
2910 /* RSA_blinding_on(rsa_key[testnum],NULL); */
2912 count = run_benchmark(async_jobs, RSA_sign_loop, loopargs);
2915 mr ? "+R1:%ld:%d:%.2f\n"
2916 : "%ld %u bits private RSA's in %.2fs\n",
2917 count, rsa_keys[testnum].bits, d);
2918 rsa_results[testnum][0] = (double)count / d;
2922 for (i = 0; i < loopargs_len; i++) {
2923 st = RSA_verify(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2924 loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2930 "RSA verify failure. No RSA verify will be done.\n");
2931 ERR_print_errors(bio_err);
2932 rsa_doit[testnum] = 0;
2934 pkey_print_message("public", "rsa",
2935 rsa_c[testnum][1], rsa_keys[testnum].bits,
2938 count = run_benchmark(async_jobs, RSA_verify_loop, loopargs);
2941 mr ? "+R2:%ld:%d:%.2f\n"
2942 : "%ld %u bits public RSA's in %.2fs\n",
2943 count, rsa_keys[testnum].bits, d);
2944 rsa_results[testnum][1] = (double)count / d;
2947 if (rsa_count <= 1) {
2948 /* if longer than 10s, don't do any more */
2949 stop_it(rsa_doit, testnum);
2952 #endif /* OPENSSL_NO_RSA */
2954 for (i = 0; i < loopargs_len; i++)
2955 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2958 #ifndef OPENSSL_NO_DSA
2959 for (testnum = 0; testnum < DSA_NUM; testnum++) {
2961 if (!dsa_doit[testnum])
2964 /* DSA_generate_key(dsa_key[testnum]); */
2965 /* DSA_sign_setup(dsa_key[testnum],NULL); */
2966 for (i = 0; i < loopargs_len; i++) {
2967 st = DSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
2968 &loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2974 "DSA sign failure. No DSA sign will be done.\n");
2975 ERR_print_errors(bio_err);
2978 pkey_print_message("sign", "dsa",
2979 dsa_c[testnum][0], dsa_bits[testnum],
2982 count = run_benchmark(async_jobs, DSA_sign_loop, loopargs);
2985 mr ? "+R3:%ld:%u:%.2f\n"
2986 : "%ld %u bits DSA signs in %.2fs\n",
2987 count, dsa_bits[testnum], d);
2988 dsa_results[testnum][0] = (double)count / d;
2992 for (i = 0; i < loopargs_len; i++) {
2993 st = DSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
2994 loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
3000 "DSA verify failure. No DSA verify will be done.\n");
3001 ERR_print_errors(bio_err);
3002 dsa_doit[testnum] = 0;
3004 pkey_print_message("verify", "dsa",
3005 dsa_c[testnum][1], dsa_bits[testnum],
3008 count = run_benchmark(async_jobs, DSA_verify_loop, loopargs);
3011 mr ? "+R4:%ld:%u:%.2f\n"
3012 : "%ld %u bits DSA verify in %.2fs\n",
3013 count, dsa_bits[testnum], d);
3014 dsa_results[testnum][1] = (double)count / d;
3017 if (rsa_count <= 1) {
3018 /* if longer than 10s, don't do any more */
3019 stop_it(dsa_doit, testnum);
3022 #endif /* OPENSSL_NO_DSA */
3024 #ifndef OPENSSL_NO_EC
3025 # ifndef OPENSSL_NO_DEPRECATED_3_0
3026 for (testnum = 0; testnum < ECDSA_NUM; testnum++) {
3029 if (!ecdsa_doit[testnum])
3030 continue; /* Ignore Curve */
3031 for (i = 0; i < loopargs_len; i++) {
3032 loopargs[i].ecdsa[testnum] =
3033 EC_KEY_new_by_curve_name(ec_curves[testnum].nid);
3034 if (loopargs[i].ecdsa[testnum] == NULL) {
3040 BIO_printf(bio_err, "ECDSA failure.\n");
3041 ERR_print_errors(bio_err);
3044 for (i = 0; i < loopargs_len; i++) {
3045 EC_KEY_precompute_mult(loopargs[i].ecdsa[testnum], NULL);
3046 /* Perform ECDSA signature test */
3047 EC_KEY_generate_key(loopargs[i].ecdsa[testnum]);
3048 st = ECDSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
3049 &loopargs[i].siglen,
3050 loopargs[i].ecdsa[testnum]);
3056 "ECDSA sign failure. No ECDSA sign will be done.\n");
3057 ERR_print_errors(bio_err);
3060 pkey_print_message("sign", "ecdsa",
3061 ecdsa_c[testnum][0],
3062 ec_curves[testnum].bits, seconds.ecdsa);
3064 count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs);
3068 mr ? "+R5:%ld:%u:%.2f\n" :
3069 "%ld %u bits ECDSA signs in %.2fs \n",
3070 count, ec_curves[testnum].bits, d);
3071 ecdsa_results[testnum][0] = (double)count / d;
3075 /* Perform ECDSA verification test */
3076 for (i = 0; i < loopargs_len; i++) {
3077 st = ECDSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
3079 loopargs[i].ecdsa[testnum]);
3085 "ECDSA verify failure. No ECDSA verify will be done.\n");
3086 ERR_print_errors(bio_err);
3087 ecdsa_doit[testnum] = 0;
3089 pkey_print_message("verify", "ecdsa",
3090 ecdsa_c[testnum][1],
3091 ec_curves[testnum].bits, seconds.ecdsa);
3093 count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs);
3096 mr ? "+R6:%ld:%u:%.2f\n"
3097 : "%ld %u bits ECDSA verify in %.2fs\n",
3098 count, ec_curves[testnum].bits, d);
3099 ecdsa_results[testnum][1] = (double)count / d;
3102 if (rsa_count <= 1) {
3103 /* if longer than 10s, don't do any more */
3104 stop_it(ecdsa_doit, testnum);
3110 for (testnum = 0; testnum < EC_NUM; testnum++) {
3111 int ecdh_checks = 1;
3113 if (!ecdh_doit[testnum])
3116 for (i = 0; i < loopargs_len; i++) {
3117 EVP_PKEY_CTX *kctx = NULL;
3118 EVP_PKEY_CTX *test_ctx = NULL;
3119 EVP_PKEY_CTX *ctx = NULL;
3120 EVP_PKEY *key_A = NULL;
3121 EVP_PKEY *key_B = NULL;
3125 /* Ensure that the error queue is empty */
3126 if (ERR_peek_error()) {
3128 "WARNING: the error queue contains previous unhandled errors.\n");
3129 ERR_print_errors(bio_err);
3132 /* Let's try to create a ctx directly from the NID: this works for
3133 * curves like Curve25519 that are not implemented through the low
3134 * level EC interface.
3135 * If this fails we try creating a EVP_PKEY_EC generic param ctx,
3136 * then we set the curve by NID before deriving the actual keygen
3137 * ctx for that specific curve. */
3138 kctx = EVP_PKEY_CTX_new_id(ec_curves[testnum].nid, NULL); /* keygen ctx from NID */
3140 EVP_PKEY_CTX *pctx = NULL;
3141 EVP_PKEY *params = NULL;
3143 /* If we reach this code EVP_PKEY_CTX_new_id() failed and a
3144 * "int_ctx_new:unsupported algorithm" error was added to the
3146 * We remove it from the error queue as we are handling it. */
3147 unsigned long error = ERR_peek_error(); /* peek the latest error in the queue */
3148 if (error == ERR_peek_last_error() && /* oldest and latest errors match */
3149 /* check that the error origin matches */
3150 ERR_GET_LIB(error) == ERR_LIB_EVP &&
3151 ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM)
3152 ERR_get_error(); /* pop error from queue */
3153 if (ERR_peek_error()) {
3155 "Unhandled error in the error queue during ECDH init.\n");
3156 ERR_print_errors(bio_err);
3161 /* Create the context for parameter generation */
3162 if (!(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) ||
3163 /* Initialise the parameter generation */
3164 !EVP_PKEY_paramgen_init(pctx) ||
3165 /* Set the curve by NID */
3166 !EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3169 /* Create the parameter object params */
3170 !EVP_PKEY_paramgen(pctx, ¶ms)) {
3172 BIO_printf(bio_err, "ECDH EC params init failure.\n");
3173 ERR_print_errors(bio_err);
3177 /* Create the context for the key generation */
3178 kctx = EVP_PKEY_CTX_new(params, NULL);
3180 EVP_PKEY_free(params);
3182 EVP_PKEY_CTX_free(pctx);
3185 if (kctx == NULL || /* keygen ctx is not null */
3186 EVP_PKEY_keygen_init(kctx) <= 0/* init keygen ctx */ ) {
3188 BIO_printf(bio_err, "ECDH keygen failure.\n");
3189 ERR_print_errors(bio_err);
3194 if (EVP_PKEY_keygen(kctx, &key_A) <= 0 || /* generate secret key A */
3195 EVP_PKEY_keygen(kctx, &key_B) <= 0 || /* generate secret key B */
3196 !(ctx = EVP_PKEY_CTX_new(key_A, NULL)) || /* derivation ctx from skeyA */
3197 EVP_PKEY_derive_init(ctx) <= 0 || /* init derivation ctx */
3198 EVP_PKEY_derive_set_peer(ctx, key_B) <= 0 || /* set peer pubkey in ctx */
3199 EVP_PKEY_derive(ctx, NULL, &outlen) <= 0 || /* determine max length */
3200 outlen == 0 || /* ensure outlen is a valid size */
3201 outlen > MAX_ECDH_SIZE /* avoid buffer overflow */ ) {
3203 BIO_printf(bio_err, "ECDH key generation failure.\n");
3204 ERR_print_errors(bio_err);
3209 /* Here we perform a test run, comparing the output of a*B and b*A;
3210 * we try this here and assume that further EVP_PKEY_derive calls
3211 * never fail, so we can skip checks in the actually benchmarked
3212 * code, for maximum performance. */
3213 if (!(test_ctx = EVP_PKEY_CTX_new(key_B, NULL)) || /* test ctx from skeyB */
3214 !EVP_PKEY_derive_init(test_ctx) || /* init derivation test_ctx */
3215 !EVP_PKEY_derive_set_peer(test_ctx, key_A) || /* set peer pubkey in test_ctx */
3216 !EVP_PKEY_derive(test_ctx, NULL, &test_outlen) || /* determine max length */
3217 !EVP_PKEY_derive(ctx, loopargs[i].secret_a, &outlen) || /* compute a*B */
3218 !EVP_PKEY_derive(test_ctx, loopargs[i].secret_b, &test_outlen) || /* compute b*A */
3219 test_outlen != outlen /* compare output length */ ) {
3221 BIO_printf(bio_err, "ECDH computation failure.\n");
3222 ERR_print_errors(bio_err);
3227 /* Compare the computation results: CRYPTO_memcmp() returns 0 if equal */
3228 if (CRYPTO_memcmp(loopargs[i].secret_a,
3229 loopargs[i].secret_b, outlen)) {
3231 BIO_printf(bio_err, "ECDH computations don't match.\n");
3232 ERR_print_errors(bio_err);
3237 loopargs[i].ecdh_ctx[testnum] = ctx;
3238 loopargs[i].outlen[testnum] = outlen;
3240 EVP_PKEY_free(key_A);
3241 EVP_PKEY_free(key_B);
3242 EVP_PKEY_CTX_free(kctx);
3244 EVP_PKEY_CTX_free(test_ctx);
3247 if (ecdh_checks != 0) {
3248 pkey_print_message("", "ecdh",
3250 ec_curves[testnum].bits, seconds.ecdh);
3253 run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs);
3256 mr ? "+R7:%ld:%d:%.2f\n" :
3257 "%ld %u-bits ECDH ops in %.2fs\n", count,
3258 ec_curves[testnum].bits, d);
3259 ecdh_results[testnum][0] = (double)count / d;
3263 if (rsa_count <= 1) {
3264 /* if longer than 10s, don't do any more */
3265 stop_it(ecdh_doit, testnum);
3269 for (testnum = 0; testnum < EdDSA_NUM; testnum++) {
3271 EVP_PKEY *ed_pkey = NULL;
3272 EVP_PKEY_CTX *ed_pctx = NULL;
3274 if (!eddsa_doit[testnum])
3275 continue; /* Ignore Curve */
3276 for (i = 0; i < loopargs_len; i++) {
3277 loopargs[i].eddsa_ctx[testnum] = EVP_MD_CTX_new();
3278 if (loopargs[i].eddsa_ctx[testnum] == NULL) {
3283 if ((ed_pctx = EVP_PKEY_CTX_new_id(ed_curves[testnum].nid, NULL))
3285 || EVP_PKEY_keygen_init(ed_pctx) <= 0
3286 || EVP_PKEY_keygen(ed_pctx, &ed_pkey) <= 0) {
3288 EVP_PKEY_CTX_free(ed_pctx);
3291 EVP_PKEY_CTX_free(ed_pctx);
3293 if (!EVP_DigestSignInit(loopargs[i].eddsa_ctx[testnum], NULL, NULL,
3296 EVP_PKEY_free(ed_pkey);
3299 EVP_PKEY_free(ed_pkey);
3302 BIO_printf(bio_err, "EdDSA failure.\n");
3303 ERR_print_errors(bio_err);
3306 for (i = 0; i < loopargs_len; i++) {
3307 /* Perform EdDSA signature test */
3308 loopargs[i].sigsize = ed_curves[testnum].sigsize;
3309 st = EVP_DigestSign(loopargs[i].eddsa_ctx[testnum],
3310 loopargs[i].buf2, &loopargs[i].sigsize,
3311 loopargs[i].buf, 20);
3317 "EdDSA sign failure. No EdDSA sign will be done.\n");
3318 ERR_print_errors(bio_err);
3321 pkey_print_message("sign", ed_curves[testnum].name,
3322 eddsa_c[testnum][0],
3323 ed_curves[testnum].bits, seconds.eddsa);
3325 count = run_benchmark(async_jobs, EdDSA_sign_loop, loopargs);
3329 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3330 "%ld %u bits %s signs in %.2fs \n",
3331 count, ed_curves[testnum].bits,
3332 ed_curves[testnum].name, d);
3333 eddsa_results[testnum][0] = (double)count / d;
3337 /* Perform EdDSA verification test */
3338 for (i = 0; i < loopargs_len; i++) {
3339 st = EVP_DigestVerify(loopargs[i].eddsa_ctx[testnum],
3340 loopargs[i].buf2, loopargs[i].sigsize,
3341 loopargs[i].buf, 20);
3347 "EdDSA verify failure. No EdDSA verify will be done.\n");
3348 ERR_print_errors(bio_err);
3349 eddsa_doit[testnum] = 0;
3351 pkey_print_message("verify", ed_curves[testnum].name,
3352 eddsa_c[testnum][1],
3353 ed_curves[testnum].bits, seconds.eddsa);
3355 count = run_benchmark(async_jobs, EdDSA_verify_loop, loopargs);
3358 mr ? "+R9:%ld:%u:%s:%.2f\n"
3359 : "%ld %u bits %s verify in %.2fs\n",
3360 count, ed_curves[testnum].bits,
3361 ed_curves[testnum].name, d);
3362 eddsa_results[testnum][1] = (double)count / d;
3365 if (rsa_count <= 1) {
3366 /* if longer than 10s, don't do any more */
3367 stop_it(eddsa_doit, testnum);
3372 # ifndef OPENSSL_NO_SM2
3373 for (testnum = 0; testnum < SM2_NUM; testnum++) {
3375 EVP_PKEY *sm2_pkey = NULL;
3377 if (!sm2_doit[testnum])
3378 continue; /* Ignore Curve */
3379 /* Init signing and verification */
3380 for (i = 0; i < loopargs_len; i++) {
3381 EVP_PKEY_CTX *sm2_pctx = NULL;
3382 EVP_PKEY_CTX *sm2_vfy_pctx = NULL;
3383 EVP_PKEY_CTX *pctx = NULL;
3386 loopargs[i].sm2_ctx[testnum] = EVP_MD_CTX_new();
3387 loopargs[i].sm2_vfy_ctx[testnum] = EVP_MD_CTX_new();
3388 if (loopargs[i].sm2_ctx[testnum] == NULL
3389 || loopargs[i].sm2_vfy_ctx[testnum] == NULL)
3392 /* SM2 keys are generated as normal EC keys with a special curve */
3393 st = !((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) == NULL
3394 || EVP_PKEY_keygen_init(pctx) <= 0
3395 || EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3396 sm2_curves[testnum].nid) <= 0
3397 || EVP_PKEY_keygen(pctx, &sm2_pkey) <= 0);
3398 EVP_PKEY_CTX_free(pctx);
3402 st = 0; /* set back to zero */
3403 /* attach it sooner to rely on main final cleanup */
3404 loopargs[i].sm2_pkey[testnum] = sm2_pkey;
3405 loopargs[i].sigsize = EVP_PKEY_size(sm2_pkey);
3407 sm2_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3408 sm2_vfy_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3409 if (sm2_pctx == NULL || sm2_vfy_pctx == NULL) {
3410 EVP_PKEY_CTX_free(sm2_vfy_pctx);
3414 /* attach them directly to respective ctx */
3415 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_ctx[testnum], sm2_pctx);
3416 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_vfy_ctx[testnum], sm2_vfy_pctx);
3419 * No need to allow user to set an explicit ID here, just use
3420 * the one defined in the 'draft-yang-tls-tl13-sm-suites' I-D.
3422 if (EVP_PKEY_CTX_set1_id(sm2_pctx, SM2_ID, SM2_ID_LEN) != 1
3423 || EVP_PKEY_CTX_set1_id(sm2_vfy_pctx, SM2_ID, SM2_ID_LEN) != 1)
3426 if (!EVP_DigestSignInit(loopargs[i].sm2_ctx[testnum], NULL,
3427 EVP_sm3(), NULL, sm2_pkey))
3429 if (!EVP_DigestVerifyInit(loopargs[i].sm2_vfy_ctx[testnum], NULL,
3430 EVP_sm3(), NULL, sm2_pkey))
3432 st = 1; /* mark loop as succeeded */
3435 BIO_printf(bio_err, "SM2 init failure.\n");
3436 ERR_print_errors(bio_err);
3439 for (i = 0; i < loopargs_len; i++) {
3440 size_t sm2_sigsize = loopargs[i].sigsize;
3442 /* Perform SM2 signature test */
3443 st = EVP_DigestSign(loopargs[i].sm2_ctx[testnum],
3444 loopargs[i].buf2, &sm2_sigsize,
3445 loopargs[i].buf, 20);
3451 "SM2 sign failure. No SM2 sign will be done.\n");
3452 ERR_print_errors(bio_err);
3455 pkey_print_message("sign", sm2_curves[testnum].name,
3457 sm2_curves[testnum].bits, seconds.sm2);
3459 count = run_benchmark(async_jobs, SM2_sign_loop, loopargs);
3463 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3464 "%ld %u bits %s signs in %.2fs \n",
3465 count, sm2_curves[testnum].bits,
3466 sm2_curves[testnum].name, d);
3467 sm2_results[testnum][0] = (double)count / d;
3471 /* Perform SM2 verification test */
3472 for (i = 0; i < loopargs_len; i++) {
3473 st = EVP_DigestVerify(loopargs[i].sm2_vfy_ctx[testnum],
3474 loopargs[i].buf2, loopargs[i].sigsize,
3475 loopargs[i].buf, 20);
3481 "SM2 verify failure. No SM2 verify will be done.\n");
3482 ERR_print_errors(bio_err);
3483 sm2_doit[testnum] = 0;
3485 pkey_print_message("verify", sm2_curves[testnum].name,
3487 sm2_curves[testnum].bits, seconds.sm2);
3489 count = run_benchmark(async_jobs, SM2_verify_loop, loopargs);
3492 mr ? "+R9:%ld:%u:%s:%.2f\n"
3493 : "%ld %u bits %s verify in %.2fs\n",
3494 count, sm2_curves[testnum].bits,
3495 sm2_curves[testnum].name, d);
3496 sm2_results[testnum][1] = (double)count / d;
3499 if (rsa_count <= 1) {
3500 /* if longer than 10s, don't do any more */
3501 for (testnum++; testnum < SM2_NUM; testnum++)
3502 sm2_doit[testnum] = 0;
3506 # endif /* OPENSSL_NO_SM2 */
3508 #endif /* OPENSSL_NO_EC */
3513 printf("version: %s\n", OpenSSL_version(OPENSSL_FULL_VERSION_STRING));
3514 printf("built on: %s\n", OpenSSL_version(OPENSSL_BUILT_ON));
3516 printf("%s ", BN_options());
3517 #if !defined(OPENSSL_NO_MD2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
3518 printf("%s ", MD2_options());
3520 #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
3521 printf("%s ", RC4_options());
3523 #if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
3524 printf("%s ", DES_options());
3526 #ifndef OPENSSL_NO_DEPRECATED_3_0
3527 printf("%s ", AES_options());
3529 #if !defined(OPENSSL_NO_IDEA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
3530 printf("%s ", IDEA_options());
3532 #if !defined(OPENSSL_NO_BF) && !defined(OPENSSL_NO_DEPRECATED_3_0)
3533 printf("%s ", BF_options());
3535 printf("\n%s\n", OpenSSL_version(OPENSSL_CFLAGS));
3536 printf("%s\n", OpenSSL_version(OPENSSL_CPU_INFO));
3544 ("The 'numbers' are in 1000s of bytes per second processed.\n");
3547 for (testnum = 0; testnum < size_num; testnum++)
3548 printf(mr ? ":%d" : "%7d bytes", lengths[testnum]);
3552 for (k = 0; k < ALGOR_NUM; k++) {
3556 printf("+F:%u:%s", k, names[k]);
3558 printf("%-13s", names[k]);
3559 for (testnum = 0; testnum < size_num; testnum++) {
3560 if (results[k][testnum] > 10000 && !mr)
3561 printf(" %11.2fk", results[k][testnum] / 1e3);
3563 printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]);
3567 #ifndef OPENSSL_NO_RSA
3569 for (k = 0; k < RSA_NUM; k++) {
3572 if (testnum && !mr) {
3573 printf("%18ssign verify sign/s verify/s\n", " ");
3577 printf("+F2:%u:%u:%f:%f\n",
3578 k, rsa_keys[k].bits, rsa_results[k][0], rsa_results[k][1]);
3580 printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3581 rsa_keys[k].bits, 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1],
3582 rsa_results[k][0], rsa_results[k][1]);
3585 #ifndef OPENSSL_NO_DSA
3587 for (k = 0; k < DSA_NUM; k++) {
3590 if (testnum && !mr) {
3591 printf("%18ssign verify sign/s verify/s\n", " ");
3595 printf("+F3:%u:%u:%f:%f\n",
3596 k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
3598 printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3599 dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1],
3600 dsa_results[k][0], dsa_results[k][1]);
3603 #ifndef OPENSSL_NO_EC
3605 for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) {
3608 if (testnum && !mr) {
3609 printf("%30ssign verify sign/s verify/s\n", " ");
3614 printf("+F4:%u:%u:%f:%f\n",
3615 k, ec_curves[k].bits,
3616 ecdsa_results[k][0], ecdsa_results[k][1]);
3618 printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3619 ec_curves[k].bits, ec_curves[k].name,
3620 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1],
3621 ecdsa_results[k][0], ecdsa_results[k][1]);
3625 for (k = 0; k < EC_NUM; k++) {
3628 if (testnum && !mr) {
3629 printf("%30sop op/s\n", " ");
3633 printf("+F5:%u:%u:%f:%f\n",
3634 k, ec_curves[k].bits,
3635 ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
3638 printf("%4u bits ecdh (%s) %8.4fs %8.1f\n",
3639 ec_curves[k].bits, ec_curves[k].name,
3640 1.0 / ecdh_results[k][0], ecdh_results[k][0]);
3644 for (k = 0; k < OSSL_NELEM(eddsa_doit); k++) {
3647 if (testnum && !mr) {
3648 printf("%30ssign verify sign/s verify/s\n", " ");
3653 printf("+F6:%u:%u:%s:%f:%f\n",
3654 k, ed_curves[k].bits, ed_curves[k].name,
3655 eddsa_results[k][0], eddsa_results[k][1]);
3657 printf("%4u bits EdDSA (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3658 ed_curves[k].bits, ed_curves[k].name,
3659 1.0 / eddsa_results[k][0], 1.0 / eddsa_results[k][1],
3660 eddsa_results[k][0], eddsa_results[k][1]);
3663 # ifndef OPENSSL_NO_SM2
3665 for (k = 0; k < OSSL_NELEM(sm2_doit); k++) {
3668 if (testnum && !mr) {
3669 printf("%30ssign verify sign/s verify/s\n", " ");
3674 printf("+F6:%u:%u:%s:%f:%f\n",
3675 k, sm2_curves[k].bits, sm2_curves[k].name,
3676 sm2_results[k][0], sm2_results[k][1]);
3678 printf("%4u bits SM2 (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3679 sm2_curves[k].bits, sm2_curves[k].name,
3680 1.0 / sm2_results[k][0], 1.0 / sm2_results[k][1],
3681 sm2_results[k][0], sm2_results[k][1]);
3684 #endif /* OPENSSL_NO_EC */
3689 ERR_print_errors(bio_err);
3690 for (i = 0; i < loopargs_len; i++) {
3691 OPENSSL_free(loopargs[i].buf_malloc);
3692 OPENSSL_free(loopargs[i].buf2_malloc);
3694 #ifndef OPENSSL_NO_RSA
3695 for (k = 0; k < RSA_NUM; k++)
3696 RSA_free(loopargs[i].rsa_key[k]);
3698 #ifndef OPENSSL_NO_DSA
3699 for (k = 0; k < DSA_NUM; k++)
3700 DSA_free(loopargs[i].dsa_key[k]);
3702 #ifndef OPENSSL_NO_EC
3703 for (k = 0; k < ECDSA_NUM; k++)
3704 EC_KEY_free(loopargs[i].ecdsa[k]);
3705 for (k = 0; k < EC_NUM; k++)
3706 EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]);
3707 for (k = 0; k < EdDSA_NUM; k++)
3708 EVP_MD_CTX_free(loopargs[i].eddsa_ctx[k]);
3709 # ifndef OPENSSL_NO_SM2
3710 for (k = 0; k < SM2_NUM; k++) {
3711 EVP_PKEY_CTX *pctx = NULL;
3713 /* free signing ctx */
3714 if (loopargs[i].sm2_ctx[k] != NULL
3715 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_ctx[k])) != NULL)
3716 EVP_PKEY_CTX_free(pctx);
3717 EVP_MD_CTX_free(loopargs[i].sm2_ctx[k]);
3718 /* free verification ctx */
3719 if (loopargs[i].sm2_vfy_ctx[k] != NULL
3720 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_vfy_ctx[k])) != NULL)
3721 EVP_PKEY_CTX_free(pctx);
3722 EVP_MD_CTX_free(loopargs[i].sm2_vfy_ctx[k]);
3724 EVP_PKEY_free(loopargs[i].sm2_pkey[k]);
3727 OPENSSL_free(loopargs[i].secret_a);
3728 OPENSSL_free(loopargs[i].secret_b);
3731 #ifndef OPENSSL_NO_DEPRECATED_3_0
3732 OPENSSL_free(evp_hmac_name);
3734 #if !defined(OPENSSL_NO_CMAC) && !defined(OPENSSL_NO_DEPRECATED_3_0)
3735 OPENSSL_free(evp_cmac_name);
3738 if (async_jobs > 0) {
3739 for (i = 0; i < loopargs_len; i++)
3740 ASYNC_WAIT_CTX_free(loopargs[i].wait_ctx);
3744 ASYNC_cleanup_thread();
3746 OPENSSL_free(loopargs);
3751 static void print_message(const char *s, long num, int length, int tm)
3755 mr ? "+DT:%s:%d:%d\n"
3756 : "Doing %s for %ds on %d size blocks: ", s, tm, length);
3757 (void)BIO_flush(bio_err);
3762 mr ? "+DN:%s:%ld:%d\n"
3763 : "Doing %s %ld times on %d size blocks: ", s, num, length);
3764 (void)BIO_flush(bio_err);
3768 static void pkey_print_message(const char *str, const char *str2, long num,
3769 unsigned int bits, int tm)
3773 mr ? "+DTP:%d:%s:%s:%d\n"
3774 : "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm);
3775 (void)BIO_flush(bio_err);
3780 mr ? "+DNP:%ld:%d:%s:%s\n"
3781 : "Doing %ld %u bits %s %s's: ", num, bits, str, str2);
3782 (void)BIO_flush(bio_err);
3786 static void print_result(int alg, int run_no, int count, double time_used)
3789 BIO_printf(bio_err, "%s error!\n", names[alg]);
3790 ERR_print_errors(bio_err);
3791 /* exit(1); disable exit until default provider enabled */
3795 mr ? "+R:%d:%s:%f\n"
3796 : "%d %s's in %.2fs\n", count, names[alg], time_used);
3797 results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
3801 static char *sstrsep(char **string, const char *delim)
3804 char *token = *string;
3809 memset(isdelim, 0, sizeof(isdelim));
3813 isdelim[(unsigned char)(*delim)] = 1;
3817 while (!isdelim[(unsigned char)(**string)]) {
3829 static int do_multi(int multi, int size_num)
3834 static char sep[] = ":";
3836 fds = app_malloc(sizeof(*fds) * multi, "fd buffer for do_multi");
3837 for (n = 0; n < multi; ++n) {
3838 if (pipe(fd) == -1) {
3839 BIO_printf(bio_err, "pipe failure\n");
3843 (void)BIO_flush(bio_err);
3850 if (dup(fd[1]) == -1) {
3851 BIO_printf(bio_err, "dup failed\n");
3860 printf("Forked child %d\n", n);
3863 /* for now, assume the pipe is long enough to take all the output */
3864 for (n = 0; n < multi; ++n) {
3869 f = fdopen(fds[n], "r");
3870 while (fgets(buf, sizeof(buf), f)) {
3871 p = strchr(buf, '\n');
3874 if (buf[0] != '+') {
3876 "Don't understand line '%s' from child %d\n", buf,
3880 printf("Got: %s from %d\n", buf, n);
3881 if (strncmp(buf, "+F:", 3) == 0) {
3886 alg = atoi(sstrsep(&p, sep));
3888 for (j = 0; j < size_num; ++j)
3889 results[alg][j] += atof(sstrsep(&p, sep));
3890 } else if (strncmp(buf, "+F2:", 4) == 0) {
3895 k = atoi(sstrsep(&p, sep));
3898 d = atof(sstrsep(&p, sep));
3899 rsa_results[k][0] += d;
3901 d = atof(sstrsep(&p, sep));
3902 rsa_results[k][1] += d;
3904 # ifndef OPENSSL_NO_DSA
3905 else if (strncmp(buf, "+F3:", 4) == 0) {
3910 k = atoi(sstrsep(&p, sep));
3913 d = atof(sstrsep(&p, sep));
3914 dsa_results[k][0] += d;
3916 d = atof(sstrsep(&p, sep));
3917 dsa_results[k][1] += d;
3920 # ifndef OPENSSL_NO_EC
3921 else if (strncmp(buf, "+F4:", 4) == 0) {
3926 k = atoi(sstrsep(&p, sep));
3929 d = atof(sstrsep(&p, sep));
3930 ecdsa_results[k][0] += d;
3932 d = atof(sstrsep(&p, sep));
3933 ecdsa_results[k][1] += d;
3934 } else if (strncmp(buf, "+F5:", 4) == 0) {
3939 k = atoi(sstrsep(&p, sep));
3942 d = atof(sstrsep(&p, sep));
3943 ecdh_results[k][0] += d;
3944 } else if (strncmp(buf, "+F6:", 4) == 0) {
3949 k = atoi(sstrsep(&p, sep));
3953 d = atof(sstrsep(&p, sep));
3954 eddsa_results[k][0] += d;
3956 d = atof(sstrsep(&p, sep));
3957 eddsa_results[k][1] += d;
3959 # ifndef OPENSSL_NO_SM2
3960 else if (strncmp(buf, "+F7:", 4) == 0) {
3965 k = atoi(sstrsep(&p, sep));
3968 d = atof(sstrsep(&p, sep));
3969 sm2_results[k][0] += d;
3971 d = atof(sstrsep(&p, sep));
3972 sm2_results[k][1] += d;
3974 # endif /* OPENSSL_NO_SM2 */
3977 else if (strncmp(buf, "+H:", 3) == 0) {
3980 BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf,
3991 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
3992 const openssl_speed_sec_t *seconds)
3994 static const int mblengths_list[] =
3995 { 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 };
3996 const int *mblengths = mblengths_list;
3997 int j, count, keylen, num = OSSL_NELEM(mblengths_list);
3998 const char *alg_name;
3999 unsigned char *inp, *out, *key, no_key[32], no_iv[16];
4000 EVP_CIPHER_CTX *ctx;
4003 if (lengths_single) {
4004 mblengths = &lengths_single;
4008 inp = app_malloc(mblengths[num - 1], "multiblock input buffer");
4009 out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer");
4010 ctx = EVP_CIPHER_CTX_new();
4011 EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv);
4013 keylen = EVP_CIPHER_CTX_key_length(ctx);
4014 key = app_malloc(keylen, "evp_cipher key");
4015 EVP_CIPHER_CTX_rand_key(ctx, key);
4016 EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
4017 OPENSSL_clear_free(key, keylen);
4019 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key), no_key);
4020 alg_name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
4022 for (j = 0; j < num; j++) {
4023 print_message(alg_name, 0, mblengths[j], seconds->sym);
4025 for (count = 0; run && count < 0x7fffffff; count++) {
4026 unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
4027 EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
4028 size_t len = mblengths[j];
4031 memset(aad, 0, 8); /* avoid uninitialized values */
4032 aad[8] = 23; /* SSL3_RT_APPLICATION_DATA */
4033 aad[9] = 3; /* version */
4035 aad[11] = 0; /* length */
4037 mb_param.out = NULL;
4040 mb_param.interleave = 8;
4042 packlen = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
4043 sizeof(mb_param), &mb_param);
4049 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
4050 sizeof(mb_param), &mb_param);
4054 RAND_bytes(out, 16);
4056 aad[11] = (unsigned char)(len >> 8);
4057 aad[12] = (unsigned char)(len);
4058 pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD,
4059 EVP_AEAD_TLS1_AAD_LEN, aad);
4060 EVP_Cipher(ctx, out, inp, len + pad);
4064 BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n"
4065 : "%d %s's in %.2fs\n", count, "evp", d);
4066 results[D_EVP][j] = ((double)count) / d * mblengths[j];
4070 fprintf(stdout, "+H");
4071 for (j = 0; j < num; j++)
4072 fprintf(stdout, ":%d", mblengths[j]);
4073 fprintf(stdout, "\n");
4074 fprintf(stdout, "+F:%d:%s", D_EVP, alg_name);
4075 for (j = 0; j < num; j++)
4076 fprintf(stdout, ":%.2f", results[D_EVP][j]);
4077 fprintf(stdout, "\n");
4080 "The 'numbers' are in 1000s of bytes per second processed.\n");
4081 fprintf(stdout, "type ");
4082 for (j = 0; j < num; j++)
4083 fprintf(stdout, "%7d bytes", mblengths[j]);
4084 fprintf(stdout, "\n");
4085 fprintf(stdout, "%-24s", alg_name);
4087 for (j = 0; j < num; j++) {
4088 if (results[D_EVP][j] > 10000)
4089 fprintf(stdout, " %11.2fk", results[D_EVP][j] / 1e3);
4091 fprintf(stdout, " %11.2f ", results[D_EVP][j]);
4093 fprintf(stdout, "\n");
4098 EVP_CIPHER_CTX_free(ctx);