2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
13 #define RSA_SECONDS 10
14 #define DSA_SECONDS 10
15 #define ECDSA_SECONDS 10
16 #define ECDH_SECONDS 10
17 #define EdDSA_SECONDS 10
18 #define SM2_SECONDS 10
26 #include <openssl/crypto.h>
27 #include <openssl/rand.h>
28 #include <openssl/err.h>
29 #include <openssl/evp.h>
30 #include <openssl/objects.h>
31 #include <openssl/async.h>
32 #if !defined(OPENSSL_SYS_MSDOS)
40 #include <openssl/bn.h>
41 #ifndef OPENSSL_NO_DES
42 # include <openssl/des.h>
44 #include <openssl/aes.h>
45 #ifndef OPENSSL_NO_CAMELLIA
46 # include <openssl/camellia.h>
48 #ifndef OPENSSL_NO_MD2
49 # include <openssl/md2.h>
51 #ifndef OPENSSL_NO_MDC2
52 # include <openssl/mdc2.h>
54 #ifndef OPENSSL_NO_MD4
55 # include <openssl/md4.h>
57 #ifndef OPENSSL_NO_MD5
58 # include <openssl/md5.h>
60 #include <openssl/hmac.h>
61 #ifndef OPENSSL_NO_CMAC
62 #include <openssl/cmac.h>
64 #include <openssl/sha.h>
65 #ifndef OPENSSL_NO_RMD160
66 # include <openssl/ripemd.h>
68 #ifndef OPENSSL_NO_WHIRLPOOL
69 # include <openssl/whrlpool.h>
71 #ifndef OPENSSL_NO_RC4
72 # include <openssl/rc4.h>
74 #ifndef OPENSSL_NO_RC5
75 # include <openssl/rc5.h>
77 #ifndef OPENSSL_NO_RC2
78 # include <openssl/rc2.h>
80 #ifndef OPENSSL_NO_IDEA
81 # include <openssl/idea.h>
83 #ifndef OPENSSL_NO_SEED
84 # include <openssl/seed.h>
87 # include <openssl/blowfish.h>
89 #ifndef OPENSSL_NO_CAST
90 # include <openssl/cast.h>
92 #ifndef OPENSSL_NO_RSA
93 # include <openssl/rsa.h>
94 # include "./testrsa.h"
96 #include <openssl/x509.h>
97 #ifndef OPENSSL_NO_DSA
98 # include <openssl/dsa.h>
99 # include "./testdsa.h"
101 #ifndef OPENSSL_NO_EC
102 # include <openssl/ec.h>
104 #include <openssl/modes.h>
107 # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS)
120 #define MAX_MISALIGNMENT 63
121 #define MAX_ECDH_SIZE 256
124 typedef struct openssl_speed_sec_st {
132 } openssl_speed_sec_t;
134 static volatile int run = 0;
137 static int usertime = 1;
139 #ifndef OPENSSL_NO_MD2
140 static int EVP_Digest_MD2_loop(void *args);
143 #ifndef OPENSSL_NO_MDC2
144 static int EVP_Digest_MDC2_loop(void *args);
146 #ifndef OPENSSL_NO_MD4
147 static int EVP_Digest_MD4_loop(void *args);
149 #ifndef OPENSSL_NO_MD5
150 static int MD5_loop(void *args);
151 static int HMAC_loop(void *args);
153 static int SHA1_loop(void *args);
154 static int SHA256_loop(void *args);
155 static int SHA512_loop(void *args);
156 #ifndef OPENSSL_NO_WHIRLPOOL
157 static int WHIRLPOOL_loop(void *args);
159 #ifndef OPENSSL_NO_RMD160
160 static int EVP_Digest_RMD160_loop(void *args);
162 #ifndef OPENSSL_NO_RC4
163 static int RC4_loop(void *args);
165 #ifndef OPENSSL_NO_DES
166 static int DES_ncbc_encrypt_loop(void *args);
167 static int DES_ede3_cbc_encrypt_loop(void *args);
169 static int AES_cbc_128_encrypt_loop(void *args);
170 static int AES_cbc_192_encrypt_loop(void *args);
171 static int AES_cbc_256_encrypt_loop(void *args);
172 #ifndef OPENSSL_NO_DEPRECATED_3_0
173 static int AES_ige_128_encrypt_loop(void *args);
174 static int AES_ige_192_encrypt_loop(void *args);
175 static int AES_ige_256_encrypt_loop(void *args);
177 static int CRYPTO_gcm128_aad_loop(void *args);
178 static int RAND_bytes_loop(void *args);
179 static int EVP_Update_loop(void *args);
180 static int EVP_Update_loop_ccm(void *args);
181 static int EVP_Update_loop_aead(void *args);
182 static int EVP_Digest_loop(void *args);
183 #ifndef OPENSSL_NO_RSA
184 static int RSA_sign_loop(void *args);
185 static int RSA_verify_loop(void *args);
187 #ifndef OPENSSL_NO_DSA
188 static int DSA_sign_loop(void *args);
189 static int DSA_verify_loop(void *args);
191 #ifndef OPENSSL_NO_EC
192 static int ECDSA_sign_loop(void *args);
193 static int ECDSA_verify_loop(void *args);
194 static int EdDSA_sign_loop(void *args);
195 static int EdDSA_verify_loop(void *args);
196 # ifndef OPENSSL_NO_SM2
197 static int SM2_sign_loop(void *args);
198 static int SM2_verify_loop(void *args);
202 static double Time_F(int s);
203 static void print_message(const char *s, long num, int length, int tm);
204 static void pkey_print_message(const char *str, const char *str2,
205 long num, unsigned int bits, int sec);
206 static void print_result(int alg, int run_no, int count, double time_used);
208 static int do_multi(int multi, int size_num);
211 static const int lengths_list[] = {
212 16, 64, 256, 1024, 8 * 1024, 16 * 1024
214 static const int *lengths = lengths_list;
216 static const int aead_lengths_list[] = {
217 2, 31, 136, 1024, 8 * 1024, 16 * 1024
225 static void alarmed(int sig)
227 signal(SIGALRM, alarmed);
231 static double Time_F(int s)
233 double ret = app_tminterval(s, usertime);
239 #elif defined(_WIN32)
243 static unsigned int lapse;
244 static volatile unsigned int schlock;
245 static void alarm_win32(unsigned int secs)
250 # define alarm alarm_win32
252 static DWORD WINAPI sleepy(VOID * arg)
260 static double Time_F(int s)
267 thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
269 DWORD err = GetLastError();
270 BIO_printf(bio_err, "unable to CreateThread (%lu)", err);
274 Sleep(0); /* scheduler spinlock */
275 ret = app_tminterval(s, usertime);
277 ret = app_tminterval(s, usertime);
279 TerminateThread(thr, 0);
286 static double Time_F(int s)
288 return app_tminterval(s, usertime);
292 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
293 const openssl_speed_sec_t *seconds);
295 #define found(value, pairs, result)\
296 opt_found(value, result, pairs, OSSL_NELEM(pairs))
297 static int opt_found(const char *name, unsigned int *result,
298 const OPT_PAIR pairs[], unsigned int nbelem)
302 for (idx = 0; idx < nbelem; ++idx, pairs++)
303 if (strcmp(name, pairs->name) == 0) {
304 *result = pairs->retval;
310 typedef enum OPTION_choice {
311 OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
312 OPT_ELAPSED, OPT_EVP, OPT_HMAC, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
313 OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM,
314 OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD, OPT_CMAC
317 const OPTIONS speed_options[] = {
318 {OPT_HELP_STR, 1, '-', "Usage: %s [options] ciphers...\n"},
320 OPT_SECTION("General"),
321 {"help", OPT_HELP, '-', "Display this summary"},
323 "Enable (tls1>=1) multi-block mode on EVP-named cipher"},
324 {"mr", OPT_MR, '-', "Produce machine readable output"},
326 {"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"},
328 #ifndef OPENSSL_NO_ASYNC
329 {"async_jobs", OPT_ASYNCJOBS, 'p',
330 "Enable async mode and start specified number of jobs"},
332 #ifndef OPENSSL_NO_ENGINE
333 {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
335 {"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"},
337 OPT_SECTION("Selection"),
338 {"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"},
339 {"hmac", OPT_HMAC, 's', "HMAC using EVP-named digest"},
340 #ifndef OPENSSL_NO_CMAC
341 {"cmac", OPT_CMAC, 's', "CMAC using EVP-named cipher"},
343 {"decrypt", OPT_DECRYPT, '-',
344 "Time decryption instead of encryption (only EVP)"},
345 {"aead", OPT_AEAD, '-',
346 "Benchmark EVP-named AEAD cipher in TLS-like sequence"},
348 OPT_SECTION("Timing"),
349 {"elapsed", OPT_ELAPSED, '-',
350 "Use wall-clock time instead of CPU user time as divisor"},
351 {"seconds", OPT_SECONDS, 'p',
352 "Run benchmarks for specified amount of seconds"},
353 {"bytes", OPT_BYTES, 'p',
354 "Run [non-PKI] benchmarks on custom-sized buffer"},
355 {"misalign", OPT_MISALIGN, 'p',
356 "Use specified offset to mis-align buffers"},
372 #define D_CBC_IDEA 10
373 #define D_CBC_SEED 11
377 #define D_CBC_CAST 15
378 #define D_CBC_128_AES 16
379 #define D_CBC_192_AES 17
380 #define D_CBC_256_AES 18
381 #define D_CBC_128_CML 19
382 #define D_CBC_192_CML 20
383 #define D_CBC_256_CML 21
387 #define D_WHIRLPOOL 25
388 #define D_IGE_128_AES 26
389 #define D_IGE_192_AES 27
390 #define D_IGE_256_AES 28
393 #define D_EVP_HMAC 31
394 #define D_EVP_CMAC 32
396 /* name of algorithms to test */
397 static const char *names[] = {
398 "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
399 "des cbc", "des ede3", "idea cbc", "seed cbc",
400 "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
401 "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
402 "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
403 "evp", "sha256", "sha512", "whirlpool",
404 "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
405 "rand", "hmac", "cmac"
407 #define ALGOR_NUM OSSL_NELEM(names)
409 /* list of configured algorithm (remaining) */
410 static const OPT_PAIR doit_choices[] = {
411 #ifndef OPENSSL_NO_MD2
414 #ifndef OPENSSL_NO_MDC2
417 #ifndef OPENSSL_NO_MD4
420 #ifndef OPENSSL_NO_MD5
425 {"sha256", D_SHA256},
426 {"sha512", D_SHA512},
427 #ifndef OPENSSL_NO_WHIRLPOOL
428 {"whirlpool", D_WHIRLPOOL},
430 #ifndef OPENSSL_NO_RMD160
431 {"ripemd", D_RMD160},
432 {"rmd160", D_RMD160},
433 {"ripemd160", D_RMD160},
435 #ifndef OPENSSL_NO_RC4
438 #ifndef OPENSSL_NO_DES
439 {"des-cbc", D_CBC_DES},
440 {"des-ede3", D_EDE3_DES},
442 {"aes-128-cbc", D_CBC_128_AES},
443 {"aes-192-cbc", D_CBC_192_AES},
444 {"aes-256-cbc", D_CBC_256_AES},
445 #ifndef OPENSSL_NO_DEPRECATED_3_0
446 {"aes-128-ige", D_IGE_128_AES},
447 {"aes-192-ige", D_IGE_192_AES},
448 {"aes-256-ige", D_IGE_256_AES},
450 #ifndef OPENSSL_NO_RC2
451 {"rc2-cbc", D_CBC_RC2},
454 #ifndef OPENSSL_NO_RC5
455 {"rc5-cbc", D_CBC_RC5},
458 #ifndef OPENSSL_NO_IDEA
459 {"idea-cbc", D_CBC_IDEA},
460 {"idea", D_CBC_IDEA},
462 #ifndef OPENSSL_NO_SEED
463 {"seed-cbc", D_CBC_SEED},
464 {"seed", D_CBC_SEED},
466 #ifndef OPENSSL_NO_BF
467 {"bf-cbc", D_CBC_BF},
468 {"blowfish", D_CBC_BF},
471 #ifndef OPENSSL_NO_CAST
472 {"cast-cbc", D_CBC_CAST},
473 {"cast", D_CBC_CAST},
474 {"cast5", D_CBC_CAST},
480 static double results[ALGOR_NUM][OSSL_NELEM(lengths_list)];
482 #ifndef OPENSSL_NO_DSA
484 # define R_DSA_1024 1
485 # define R_DSA_2048 2
486 static const OPT_PAIR dsa_choices[] = {
487 {"dsa512", R_DSA_512},
488 {"dsa1024", R_DSA_1024},
489 {"dsa2048", R_DSA_2048}
491 # define DSA_NUM OSSL_NELEM(dsa_choices)
493 static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */
494 #endif /* OPENSSL_NO_DSA */
502 #define R_RSA_15360 6
503 #ifndef OPENSSL_NO_RSA
504 static const OPT_PAIR rsa_choices[] = {
505 {"rsa512", R_RSA_512},
506 {"rsa1024", R_RSA_1024},
507 {"rsa2048", R_RSA_2048},
508 {"rsa3072", R_RSA_3072},
509 {"rsa4096", R_RSA_4096},
510 {"rsa7680", R_RSA_7680},
511 {"rsa15360", R_RSA_15360}
513 # define RSA_NUM OSSL_NELEM(rsa_choices)
515 static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */
516 #endif /* OPENSSL_NO_RSA */
525 #ifndef OPENSSL_NO_EC2M
547 #ifndef OPENSSL_NO_EC
548 static OPT_PAIR ecdsa_choices[] = {
549 {"ecdsap160", R_EC_P160},
550 {"ecdsap192", R_EC_P192},
551 {"ecdsap224", R_EC_P224},
552 {"ecdsap256", R_EC_P256},
553 {"ecdsap384", R_EC_P384},
554 {"ecdsap521", R_EC_P521},
555 # ifndef OPENSSL_NO_EC2M
556 {"ecdsak163", R_EC_K163},
557 {"ecdsak233", R_EC_K233},
558 {"ecdsak283", R_EC_K283},
559 {"ecdsak409", R_EC_K409},
560 {"ecdsak571", R_EC_K571},
561 {"ecdsab163", R_EC_B163},
562 {"ecdsab233", R_EC_B233},
563 {"ecdsab283", R_EC_B283},
564 {"ecdsab409", R_EC_B409},
565 {"ecdsab571", R_EC_B571},
567 {"ecdsabrp256r1", R_EC_BRP256R1},
568 {"ecdsabrp256t1", R_EC_BRP256T1},
569 {"ecdsabrp384r1", R_EC_BRP384R1},
570 {"ecdsabrp384t1", R_EC_BRP384T1},
571 {"ecdsabrp512r1", R_EC_BRP512R1},
572 {"ecdsabrp512t1", R_EC_BRP512T1}
574 # define ECDSA_NUM OSSL_NELEM(ecdsa_choices)
576 static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */
578 static const OPT_PAIR ecdh_choices[] = {
579 {"ecdhp160", R_EC_P160},
580 {"ecdhp192", R_EC_P192},
581 {"ecdhp224", R_EC_P224},
582 {"ecdhp256", R_EC_P256},
583 {"ecdhp384", R_EC_P384},
584 {"ecdhp521", R_EC_P521},
585 # ifndef OPENSSL_NO_EC2M
586 {"ecdhk163", R_EC_K163},
587 {"ecdhk233", R_EC_K233},
588 {"ecdhk283", R_EC_K283},
589 {"ecdhk409", R_EC_K409},
590 {"ecdhk571", R_EC_K571},
591 {"ecdhb163", R_EC_B163},
592 {"ecdhb233", R_EC_B233},
593 {"ecdhb283", R_EC_B283},
594 {"ecdhb409", R_EC_B409},
595 {"ecdhb571", R_EC_B571},
597 {"ecdhbrp256r1", R_EC_BRP256R1},
598 {"ecdhbrp256t1", R_EC_BRP256T1},
599 {"ecdhbrp384r1", R_EC_BRP384R1},
600 {"ecdhbrp384t1", R_EC_BRP384T1},
601 {"ecdhbrp512r1", R_EC_BRP512R1},
602 {"ecdhbrp512t1", R_EC_BRP512T1},
603 {"ecdhx25519", R_EC_X25519},
604 {"ecdhx448", R_EC_X448}
606 # define EC_NUM OSSL_NELEM(ecdh_choices)
608 static double ecdh_results[EC_NUM][1]; /* 1 op: derivation */
610 #define R_EC_Ed25519 0
612 static OPT_PAIR eddsa_choices[] = {
613 {"ed25519", R_EC_Ed25519},
614 {"ed448", R_EC_Ed448}
616 # define EdDSA_NUM OSSL_NELEM(eddsa_choices)
618 static double eddsa_results[EdDSA_NUM][2]; /* 2 ops: sign then verify */
620 # ifndef OPENSSL_NO_SM2
621 # define R_EC_CURVESM2 0
622 static OPT_PAIR sm2_choices[] = {
623 {"curveSM2", R_EC_CURVESM2}
625 # define SM2_ID "TLSv1.3+GM+Cipher+Suite"
626 # define SM2_ID_LEN sizeof("TLSv1.3+GM+Cipher+Suite") - 1
627 # define SM2_NUM OSSL_NELEM(sm2_choices)
629 static double sm2_results[SM2_NUM][2]; /* 2 ops: sign then verify */
630 # endif /* OPENSSL_NO_SM2 */
631 #endif /* OPENSSL_NO_EC */
634 # define COND(d) (count < (d))
635 # define COUNT(d) (d)
637 # define COND(unused_cond) (run && count<0x7fffffff)
638 # define COUNT(d) (count)
641 typedef struct loopargs_st {
642 ASYNC_JOB *inprogress_job;
643 ASYNC_WAIT_CTX *wait_ctx;
646 unsigned char *buf_malloc;
647 unsigned char *buf2_malloc;
651 #ifndef OPENSSL_NO_RSA
652 RSA *rsa_key[RSA_NUM];
654 #ifndef OPENSSL_NO_DSA
655 DSA *dsa_key[DSA_NUM];
657 #ifndef OPENSSL_NO_EC
658 EC_KEY *ecdsa[ECDSA_NUM];
659 EVP_PKEY_CTX *ecdh_ctx[EC_NUM];
660 EVP_MD_CTX *eddsa_ctx[EdDSA_NUM];
661 # ifndef OPENSSL_NO_SM2
662 EVP_MD_CTX *sm2_ctx[SM2_NUM];
663 EVP_MD_CTX *sm2_vfy_ctx[SM2_NUM];
664 EVP_PKEY *sm2_pkey[SM2_NUM];
666 unsigned char *secret_a;
667 unsigned char *secret_b;
668 size_t outlen[EC_NUM];
672 #ifndef OPENSSL_NO_CMAC
675 GCM128_CONTEXT *gcm_ctx;
677 static int run_benchmark(int async_jobs, int (*loop_function) (void *),
678 loopargs_t * loopargs);
680 static unsigned int testnum;
682 /* Nb of iterations to do per algorithm and key-size */
683 static long c[ALGOR_NUM][OSSL_NELEM(lengths_list)];
685 #ifndef OPENSSL_NO_MD2
686 static int EVP_Digest_MD2_loop(void *args)
688 loopargs_t *tempargs = *(loopargs_t **) args;
689 unsigned char *buf = tempargs->buf;
690 unsigned char md2[MD2_DIGEST_LENGTH];
693 for (count = 0; COND(c[D_MD2][testnum]); count++) {
694 if (!EVP_Digest(buf, (size_t)lengths[testnum], md2, NULL, EVP_md2(),
702 #ifndef OPENSSL_NO_MDC2
703 static int EVP_Digest_MDC2_loop(void *args)
705 loopargs_t *tempargs = *(loopargs_t **) args;
706 unsigned char *buf = tempargs->buf;
707 unsigned char mdc2[MDC2_DIGEST_LENGTH];
710 for (count = 0; COND(c[D_MDC2][testnum]); count++) {
711 if (!EVP_Digest(buf, (size_t)lengths[testnum], mdc2, NULL, EVP_mdc2(),
719 #ifndef OPENSSL_NO_MD4
720 static int EVP_Digest_MD4_loop(void *args)
722 loopargs_t *tempargs = *(loopargs_t **) args;
723 unsigned char *buf = tempargs->buf;
724 unsigned char md4[MD4_DIGEST_LENGTH];
727 for (count = 0; COND(c[D_MD4][testnum]); count++) {
728 if (!EVP_Digest(buf, (size_t)lengths[testnum], md4, NULL, EVP_md4(),
736 #ifndef OPENSSL_NO_MD5
737 static int MD5_loop(void *args)
739 loopargs_t *tempargs = *(loopargs_t **) args;
740 unsigned char *buf = tempargs->buf;
741 unsigned char md5[MD5_DIGEST_LENGTH];
743 for (count = 0; COND(c[D_MD5][testnum]); count++)
744 MD5(buf, lengths[testnum], md5);
748 static int HMAC_loop(void *args)
750 loopargs_t *tempargs = *(loopargs_t **) args;
751 unsigned char *buf = tempargs->buf;
752 HMAC_CTX *hctx = tempargs->hctx;
753 unsigned char hmac[MD5_DIGEST_LENGTH];
756 for (count = 0; COND(c[D_HMAC][testnum]); count++) {
757 HMAC_Init_ex(hctx, NULL, 0, NULL, NULL);
758 HMAC_Update(hctx, buf, lengths[testnum]);
759 HMAC_Final(hctx, hmac, NULL);
765 static int SHA1_loop(void *args)
767 loopargs_t *tempargs = *(loopargs_t **) args;
768 unsigned char *buf = tempargs->buf;
769 unsigned char sha[SHA_DIGEST_LENGTH];
771 for (count = 0; COND(c[D_SHA1][testnum]); count++)
772 SHA1(buf, lengths[testnum], sha);
776 static int SHA256_loop(void *args)
778 loopargs_t *tempargs = *(loopargs_t **) args;
779 unsigned char *buf = tempargs->buf;
780 unsigned char sha256[SHA256_DIGEST_LENGTH];
782 for (count = 0; COND(c[D_SHA256][testnum]); count++)
783 SHA256(buf, lengths[testnum], sha256);
787 static int SHA512_loop(void *args)
789 loopargs_t *tempargs = *(loopargs_t **) args;
790 unsigned char *buf = tempargs->buf;
791 unsigned char sha512[SHA512_DIGEST_LENGTH];
793 for (count = 0; COND(c[D_SHA512][testnum]); count++)
794 SHA512(buf, lengths[testnum], sha512);
798 #ifndef OPENSSL_NO_WHIRLPOOL
799 static int WHIRLPOOL_loop(void *args)
801 loopargs_t *tempargs = *(loopargs_t **) args;
802 unsigned char *buf = tempargs->buf;
803 unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
805 for (count = 0; COND(c[D_WHIRLPOOL][testnum]); count++)
806 WHIRLPOOL(buf, lengths[testnum], whirlpool);
811 #ifndef OPENSSL_NO_RMD160
812 static int EVP_Digest_RMD160_loop(void *args)
814 loopargs_t *tempargs = *(loopargs_t **) args;
815 unsigned char *buf = tempargs->buf;
816 unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
818 for (count = 0; COND(c[D_RMD160][testnum]); count++) {
819 if (!EVP_Digest(buf, (size_t)lengths[testnum], &(rmd160[0]),
820 NULL, EVP_ripemd160(), NULL))
827 #ifndef OPENSSL_NO_RC4
828 static RC4_KEY rc4_ks;
829 static int RC4_loop(void *args)
831 loopargs_t *tempargs = *(loopargs_t **) args;
832 unsigned char *buf = tempargs->buf;
834 for (count = 0; COND(c[D_RC4][testnum]); count++)
835 RC4(&rc4_ks, (size_t)lengths[testnum], buf, buf);
840 #ifndef OPENSSL_NO_DES
841 static unsigned char DES_iv[8];
842 static DES_key_schedule sch;
843 static DES_key_schedule sch2;
844 static DES_key_schedule sch3;
845 static int DES_ncbc_encrypt_loop(void *args)
847 loopargs_t *tempargs = *(loopargs_t **) args;
848 unsigned char *buf = tempargs->buf;
850 for (count = 0; COND(c[D_CBC_DES][testnum]); count++)
851 DES_ncbc_encrypt(buf, buf, lengths[testnum], &sch,
852 &DES_iv, DES_ENCRYPT);
856 static int DES_ede3_cbc_encrypt_loop(void *args)
858 loopargs_t *tempargs = *(loopargs_t **) args;
859 unsigned char *buf = tempargs->buf;
861 for (count = 0; COND(c[D_EDE3_DES][testnum]); count++)
862 DES_ede3_cbc_encrypt(buf, buf, lengths[testnum],
863 &sch, &sch2, &sch3, &DES_iv, DES_ENCRYPT);
868 #define MAX_BLOCK_SIZE 128
870 static unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
871 static AES_KEY aes_ks1, aes_ks2, aes_ks3;
872 static int AES_cbc_128_encrypt_loop(void *args)
874 loopargs_t *tempargs = *(loopargs_t **) args;
875 unsigned char *buf = tempargs->buf;
877 for (count = 0; COND(c[D_CBC_128_AES][testnum]); count++)
878 AES_cbc_encrypt(buf, buf,
879 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
883 static int AES_cbc_192_encrypt_loop(void *args)
885 loopargs_t *tempargs = *(loopargs_t **) args;
886 unsigned char *buf = tempargs->buf;
888 for (count = 0; COND(c[D_CBC_192_AES][testnum]); count++)
889 AES_cbc_encrypt(buf, buf,
890 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
894 static int AES_cbc_256_encrypt_loop(void *args)
896 loopargs_t *tempargs = *(loopargs_t **) args;
897 unsigned char *buf = tempargs->buf;
899 for (count = 0; COND(c[D_CBC_256_AES][testnum]); count++)
900 AES_cbc_encrypt(buf, buf,
901 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
905 #ifndef OPENSSL_NO_DEPRECATED_3_0
906 static int AES_ige_128_encrypt_loop(void *args)
908 loopargs_t *tempargs = *(loopargs_t **) args;
909 unsigned char *buf = tempargs->buf;
910 unsigned char *buf2 = tempargs->buf2;
912 for (count = 0; COND(c[D_IGE_128_AES][testnum]); count++)
913 AES_ige_encrypt(buf, buf2,
914 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
918 static int AES_ige_192_encrypt_loop(void *args)
920 loopargs_t *tempargs = *(loopargs_t **) args;
921 unsigned char *buf = tempargs->buf;
922 unsigned char *buf2 = tempargs->buf2;
924 for (count = 0; COND(c[D_IGE_192_AES][testnum]); count++)
925 AES_ige_encrypt(buf, buf2,
926 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
930 static int AES_ige_256_encrypt_loop(void *args)
932 loopargs_t *tempargs = *(loopargs_t **) args;
933 unsigned char *buf = tempargs->buf;
934 unsigned char *buf2 = tempargs->buf2;
936 for (count = 0; COND(c[D_IGE_256_AES][testnum]); count++)
937 AES_ige_encrypt(buf, buf2,
938 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
943 static int CRYPTO_gcm128_aad_loop(void *args)
945 loopargs_t *tempargs = *(loopargs_t **) args;
946 unsigned char *buf = tempargs->buf;
947 GCM128_CONTEXT *gcm_ctx = tempargs->gcm_ctx;
949 for (count = 0; COND(c[D_GHASH][testnum]); count++)
950 CRYPTO_gcm128_aad(gcm_ctx, buf, lengths[testnum]);
954 static int RAND_bytes_loop(void *args)
956 loopargs_t *tempargs = *(loopargs_t **) args;
957 unsigned char *buf = tempargs->buf;
960 for (count = 0; COND(c[D_RAND][testnum]); count++)
961 RAND_bytes(buf, lengths[testnum]);
965 static long save_count = 0;
966 static int decrypt = 0;
967 static int EVP_Update_loop(void *args)
969 loopargs_t *tempargs = *(loopargs_t **) args;
970 unsigned char *buf = tempargs->buf;
971 EVP_CIPHER_CTX *ctx = tempargs->ctx;
974 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
977 for (count = 0; COND(nb_iter); count++) {
978 rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
980 /* reset iv in case of counter overflow */
981 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
985 for (count = 0; COND(nb_iter); count++) {
986 rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
988 /* reset iv in case of counter overflow */
989 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
994 EVP_DecryptFinal_ex(ctx, buf, &outl);
996 EVP_EncryptFinal_ex(ctx, buf, &outl);
1001 * CCM does not support streaming. For the purpose of performance measurement,
1002 * each message is encrypted using the same (key,iv)-pair. Do not use this
1003 * code in your application.
1005 static int EVP_Update_loop_ccm(void *args)
1007 loopargs_t *tempargs = *(loopargs_t **) args;
1008 unsigned char *buf = tempargs->buf;
1009 EVP_CIPHER_CTX *ctx = tempargs->ctx;
1011 unsigned char tag[12];
1013 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1016 for (count = 0; COND(nb_iter); count++) {
1017 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), tag);
1019 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
1020 /* counter is reset on every update */
1021 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1024 for (count = 0; COND(nb_iter); count++) {
1025 /* restore iv length field */
1026 EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
1027 /* counter is reset on every update */
1028 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1032 EVP_DecryptFinal_ex(ctx, buf, &outl);
1034 EVP_EncryptFinal_ex(ctx, buf, &outl);
1039 * To make AEAD benchmarking more relevant perform TLS-like operations,
1040 * 13-byte AAD followed by payload. But don't use TLS-formatted AAD, as
1041 * payload length is not actually limited by 16KB...
1043 static int EVP_Update_loop_aead(void *args)
1045 loopargs_t *tempargs = *(loopargs_t **) args;
1046 unsigned char *buf = tempargs->buf;
1047 EVP_CIPHER_CTX *ctx = tempargs->ctx;
1049 unsigned char aad[13] = { 0xcc };
1050 unsigned char faketag[16] = { 0xcc };
1052 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1055 for (count = 0; COND(nb_iter); count++) {
1056 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
1057 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
1058 sizeof(faketag), faketag);
1059 EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1060 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1061 EVP_DecryptFinal_ex(ctx, buf + outl, &outl);
1064 for (count = 0; COND(nb_iter); count++) {
1065 EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv);
1066 EVP_EncryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1067 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1068 EVP_EncryptFinal_ex(ctx, buf + outl, &outl);
1074 static const EVP_MD *evp_md = NULL;
1075 static int EVP_Digest_loop(void *args)
1077 loopargs_t *tempargs = *(loopargs_t **) args;
1078 unsigned char *buf = tempargs->buf;
1079 unsigned char md[EVP_MAX_MD_SIZE];
1082 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1085 for (count = 0; COND(nb_iter); count++) {
1086 if (!EVP_Digest(buf, lengths[testnum], md, NULL, evp_md, NULL))
1092 static const EVP_MD *evp_hmac_md = NULL;
1093 static char *evp_hmac_name = NULL;
1094 static int EVP_HMAC_loop(void *args)
1096 loopargs_t *tempargs = *(loopargs_t **) args;
1097 unsigned char *buf = tempargs->buf;
1098 unsigned char no_key[32];
1101 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1104 for (count = 0; COND(nb_iter); count++) {
1105 if (HMAC(evp_hmac_md, no_key, sizeof(no_key), buf, lengths[testnum],
1106 NULL, NULL) == NULL)
1112 #ifndef OPENSSL_NO_CMAC
1113 static const EVP_CIPHER *evp_cmac_cipher = NULL;
1114 static char *evp_cmac_name = NULL;
1116 static int EVP_CMAC_loop(void *args)
1118 loopargs_t *tempargs = *(loopargs_t **) args;
1119 unsigned char *buf = tempargs->buf;
1120 CMAC_CTX *cmac_ctx = tempargs->cmac_ctx;
1121 static const char key[16] = "This is a key...";
1122 unsigned char mac[16];
1123 size_t len = sizeof(mac);
1126 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1129 for (count = 0; COND(nb_iter); count++) {
1130 if (!CMAC_Init(cmac_ctx, key, sizeof(key), evp_cmac_cipher, NULL)
1131 || !CMAC_Update(cmac_ctx, buf, lengths[testnum])
1132 || !CMAC_Final(cmac_ctx, mac, &len))
1139 #ifndef OPENSSL_NO_RSA
1140 static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */
1142 static int RSA_sign_loop(void *args)
1144 loopargs_t *tempargs = *(loopargs_t **) args;
1145 unsigned char *buf = tempargs->buf;
1146 unsigned char *buf2 = tempargs->buf2;
1147 unsigned int *rsa_num = &tempargs->siglen;
1148 RSA **rsa_key = tempargs->rsa_key;
1150 for (count = 0; COND(rsa_c[testnum][0]); count++) {
1151 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1153 BIO_printf(bio_err, "RSA sign failure\n");
1154 ERR_print_errors(bio_err);
1162 static int RSA_verify_loop(void *args)
1164 loopargs_t *tempargs = *(loopargs_t **) args;
1165 unsigned char *buf = tempargs->buf;
1166 unsigned char *buf2 = tempargs->buf2;
1167 unsigned int rsa_num = tempargs->siglen;
1168 RSA **rsa_key = tempargs->rsa_key;
1170 for (count = 0; COND(rsa_c[testnum][1]); count++) {
1172 RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1174 BIO_printf(bio_err, "RSA verify failure\n");
1175 ERR_print_errors(bio_err);
1184 #ifndef OPENSSL_NO_DSA
1185 static long dsa_c[DSA_NUM][2];
1186 static int DSA_sign_loop(void *args)
1188 loopargs_t *tempargs = *(loopargs_t **) args;
1189 unsigned char *buf = tempargs->buf;
1190 unsigned char *buf2 = tempargs->buf2;
1191 DSA **dsa_key = tempargs->dsa_key;
1192 unsigned int *siglen = &tempargs->siglen;
1194 for (count = 0; COND(dsa_c[testnum][0]); count++) {
1195 ret = DSA_sign(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1197 BIO_printf(bio_err, "DSA sign failure\n");
1198 ERR_print_errors(bio_err);
1206 static int DSA_verify_loop(void *args)
1208 loopargs_t *tempargs = *(loopargs_t **) args;
1209 unsigned char *buf = tempargs->buf;
1210 unsigned char *buf2 = tempargs->buf2;
1211 DSA **dsa_key = tempargs->dsa_key;
1212 unsigned int siglen = tempargs->siglen;
1214 for (count = 0; COND(dsa_c[testnum][1]); count++) {
1215 ret = DSA_verify(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1217 BIO_printf(bio_err, "DSA verify failure\n");
1218 ERR_print_errors(bio_err);
1227 #ifndef OPENSSL_NO_EC
1228 static long ecdsa_c[ECDSA_NUM][2];
1229 static int ECDSA_sign_loop(void *args)
1231 loopargs_t *tempargs = *(loopargs_t **) args;
1232 unsigned char *buf = tempargs->buf;
1233 EC_KEY **ecdsa = tempargs->ecdsa;
1234 unsigned char *ecdsasig = tempargs->buf2;
1235 unsigned int *ecdsasiglen = &tempargs->siglen;
1237 for (count = 0; COND(ecdsa_c[testnum][0]); count++) {
1238 ret = ECDSA_sign(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1240 BIO_printf(bio_err, "ECDSA sign failure\n");
1241 ERR_print_errors(bio_err);
1249 static int ECDSA_verify_loop(void *args)
1251 loopargs_t *tempargs = *(loopargs_t **) args;
1252 unsigned char *buf = tempargs->buf;
1253 EC_KEY **ecdsa = tempargs->ecdsa;
1254 unsigned char *ecdsasig = tempargs->buf2;
1255 unsigned int ecdsasiglen = tempargs->siglen;
1257 for (count = 0; COND(ecdsa_c[testnum][1]); count++) {
1258 ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1260 BIO_printf(bio_err, "ECDSA verify failure\n");
1261 ERR_print_errors(bio_err);
1269 /* ******************************************************************** */
1270 static long ecdh_c[EC_NUM][1];
1272 static int ECDH_EVP_derive_key_loop(void *args)
1274 loopargs_t *tempargs = *(loopargs_t **) args;
1275 EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum];
1276 unsigned char *derived_secret = tempargs->secret_a;
1278 size_t *outlen = &(tempargs->outlen[testnum]);
1280 for (count = 0; COND(ecdh_c[testnum][0]); count++)
1281 EVP_PKEY_derive(ctx, derived_secret, outlen);
1286 static long eddsa_c[EdDSA_NUM][2];
1287 static int EdDSA_sign_loop(void *args)
1289 loopargs_t *tempargs = *(loopargs_t **) args;
1290 unsigned char *buf = tempargs->buf;
1291 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1292 unsigned char *eddsasig = tempargs->buf2;
1293 size_t *eddsasigsize = &tempargs->sigsize;
1296 for (count = 0; COND(eddsa_c[testnum][0]); count++) {
1297 ret = EVP_DigestSign(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1299 BIO_printf(bio_err, "EdDSA sign failure\n");
1300 ERR_print_errors(bio_err);
1308 static int EdDSA_verify_loop(void *args)
1310 loopargs_t *tempargs = *(loopargs_t **) args;
1311 unsigned char *buf = tempargs->buf;
1312 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1313 unsigned char *eddsasig = tempargs->buf2;
1314 size_t eddsasigsize = tempargs->sigsize;
1317 for (count = 0; COND(eddsa_c[testnum][1]); count++) {
1318 ret = EVP_DigestVerify(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1320 BIO_printf(bio_err, "EdDSA verify failure\n");
1321 ERR_print_errors(bio_err);
1329 # ifndef OPENSSL_NO_SM2
1330 static long sm2_c[SM2_NUM][2];
1331 static int SM2_sign_loop(void *args)
1333 loopargs_t *tempargs = *(loopargs_t **) args;
1334 unsigned char *buf = tempargs->buf;
1335 EVP_MD_CTX **sm2ctx = tempargs->sm2_ctx;
1336 unsigned char *sm2sig = tempargs->buf2;
1337 size_t sm2sigsize = tempargs->sigsize;
1338 const size_t max_size = tempargs->sigsize;
1340 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1342 for (count = 0; COND(sm2_c[testnum][0]); count++) {
1343 if (!EVP_DigestSignInit(sm2ctx[testnum], NULL, EVP_sm3(),
1344 NULL, sm2_pkey[testnum])) {
1345 BIO_printf(bio_err, "SM2 init sign failure\n");
1346 ERR_print_errors(bio_err);
1350 ret = EVP_DigestSign(sm2ctx[testnum], sm2sig, &sm2sigsize,
1353 BIO_printf(bio_err, "SM2 sign failure\n");
1354 ERR_print_errors(bio_err);
1358 /* update the latest returned size and always use the fixed buffer size */
1359 tempargs->sigsize = sm2sigsize;
1360 sm2sigsize = max_size;
1366 static int SM2_verify_loop(void *args)
1368 loopargs_t *tempargs = *(loopargs_t **) args;
1369 unsigned char *buf = tempargs->buf;
1370 EVP_MD_CTX **sm2ctx = tempargs->sm2_vfy_ctx;
1371 unsigned char *sm2sig = tempargs->buf2;
1372 size_t sm2sigsize = tempargs->sigsize;
1374 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1376 for (count = 0; COND(sm2_c[testnum][1]); count++) {
1377 if (!EVP_DigestVerifyInit(sm2ctx[testnum], NULL, EVP_sm3(),
1378 NULL, sm2_pkey[testnum])) {
1379 BIO_printf(bio_err, "SM2 verify init failure\n");
1380 ERR_print_errors(bio_err);
1384 ret = EVP_DigestVerify(sm2ctx[testnum], sm2sig, sm2sigsize,
1387 BIO_printf(bio_err, "SM2 verify failure\n");
1388 ERR_print_errors(bio_err);
1395 # endif /* OPENSSL_NO_SM2 */
1396 #endif /* OPENSSL_NO_EC */
1398 static int run_benchmark(int async_jobs,
1399 int (*loop_function) (void *), loopargs_t * loopargs)
1401 int job_op_count = 0;
1402 int total_op_count = 0;
1403 int num_inprogress = 0;
1404 int error = 0, i = 0, ret = 0;
1405 OSSL_ASYNC_FD job_fd = 0;
1406 size_t num_job_fds = 0;
1410 if (async_jobs == 0) {
1411 return loop_function((void *)&loopargs);
1414 for (i = 0; i < async_jobs && !error; i++) {
1415 loopargs_t *looparg_item = loopargs + i;
1417 /* Copy pointer content (looparg_t item address) into async context */
1418 ret = ASYNC_start_job(&loopargs[i].inprogress_job, loopargs[i].wait_ctx,
1419 &job_op_count, loop_function,
1420 (void *)&looparg_item, sizeof(looparg_item));
1426 if (job_op_count == -1) {
1429 total_op_count += job_op_count;
1434 BIO_printf(bio_err, "Failure in the job\n");
1435 ERR_print_errors(bio_err);
1441 while (num_inprogress > 0) {
1442 #if defined(OPENSSL_SYS_WINDOWS)
1444 #elif defined(OPENSSL_SYS_UNIX)
1445 int select_result = 0;
1446 OSSL_ASYNC_FD max_fd = 0;
1449 FD_ZERO(&waitfdset);
1451 for (i = 0; i < async_jobs && num_inprogress > 0; i++) {
1452 if (loopargs[i].inprogress_job == NULL)
1455 if (!ASYNC_WAIT_CTX_get_all_fds
1456 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1457 || num_job_fds > 1) {
1458 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1459 ERR_print_errors(bio_err);
1463 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1465 FD_SET(job_fd, &waitfdset);
1466 if (job_fd > max_fd)
1470 if (max_fd >= (OSSL_ASYNC_FD)FD_SETSIZE) {
1472 "Error: max_fd (%d) must be smaller than FD_SETSIZE (%d). "
1473 "Decrease the value of async_jobs\n",
1474 max_fd, FD_SETSIZE);
1475 ERR_print_errors(bio_err);
1480 select_result = select(max_fd + 1, &waitfdset, NULL, NULL, NULL);
1481 if (select_result == -1 && errno == EINTR)
1484 if (select_result == -1) {
1485 BIO_printf(bio_err, "Failure in the select\n");
1486 ERR_print_errors(bio_err);
1491 if (select_result == 0)
1495 for (i = 0; i < async_jobs; i++) {
1496 if (loopargs[i].inprogress_job == NULL)
1499 if (!ASYNC_WAIT_CTX_get_all_fds
1500 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1501 || num_job_fds > 1) {
1502 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1503 ERR_print_errors(bio_err);
1507 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1510 #if defined(OPENSSL_SYS_UNIX)
1511 if (num_job_fds == 1 && !FD_ISSET(job_fd, &waitfdset))
1513 #elif defined(OPENSSL_SYS_WINDOWS)
1514 if (num_job_fds == 1
1515 && !PeekNamedPipe(job_fd, NULL, 0, NULL, &avail, NULL)
1520 ret = ASYNC_start_job(&loopargs[i].inprogress_job,
1521 loopargs[i].wait_ctx, &job_op_count,
1522 loop_function, (void *)(loopargs + i),
1523 sizeof(loopargs_t));
1528 if (job_op_count == -1) {
1531 total_op_count += job_op_count;
1534 loopargs[i].inprogress_job = NULL;
1539 loopargs[i].inprogress_job = NULL;
1540 BIO_printf(bio_err, "Failure in the job\n");
1541 ERR_print_errors(bio_err);
1548 return error ? -1 : total_op_count;
1551 int speed_main(int argc, char **argv)
1554 loopargs_t *loopargs = NULL;
1556 const char *engine_id = NULL;
1557 const EVP_CIPHER *evp_cipher = NULL;
1560 int async_init = 0, multiblock = 0, pr_header = 0;
1561 int doit[ALGOR_NUM] = { 0 };
1562 int ret = 1, misalign = 0, lengths_single = 0, aead = 0;
1564 unsigned int size_num = OSSL_NELEM(lengths_list);
1565 unsigned int i, k, loop, loopargs_len = 0, async_jobs = 0;
1571 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) \
1572 || !defined(OPENSSL_NO_EC)
1575 openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS,
1576 ECDSA_SECONDS, ECDH_SECONDS,
1577 EdDSA_SECONDS, SM2_SECONDS };
1579 /* What follows are the buffers and key material. */
1580 #ifndef OPENSSL_NO_RC5
1583 #ifndef OPENSSL_NO_RC2
1586 #ifndef OPENSSL_NO_IDEA
1587 IDEA_KEY_SCHEDULE idea_ks;
1589 #ifndef OPENSSL_NO_SEED
1590 SEED_KEY_SCHEDULE seed_ks;
1592 #ifndef OPENSSL_NO_BF
1595 #ifndef OPENSSL_NO_CAST
1598 static const unsigned char key16[16] = {
1599 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1600 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1602 static const unsigned char key24[24] = {
1603 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1604 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1605 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1607 static const unsigned char key32[32] = {
1608 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1609 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1610 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1611 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1613 #ifndef OPENSSL_NO_CAMELLIA
1614 static const unsigned char ckey24[24] = {
1615 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1616 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1617 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1619 static const unsigned char ckey32[32] = {
1620 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1621 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1622 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1623 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1625 CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3;
1627 #ifndef OPENSSL_NO_DES
1628 static DES_cblock key = {
1629 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0
1631 static DES_cblock key2 = {
1632 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1634 static DES_cblock key3 = {
1635 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1638 #ifndef OPENSSL_NO_RSA
1639 static const unsigned int rsa_bits[RSA_NUM] = {
1640 512, 1024, 2048, 3072, 4096, 7680, 15360
1642 static const unsigned char *rsa_data[RSA_NUM] = {
1643 test512, test1024, test2048, test3072, test4096, test7680, test15360
1645 static const int rsa_data_length[RSA_NUM] = {
1646 sizeof(test512), sizeof(test1024),
1647 sizeof(test2048), sizeof(test3072),
1648 sizeof(test4096), sizeof(test7680),
1651 int rsa_doit[RSA_NUM] = { 0 };
1652 int primes = RSA_DEFAULT_PRIME_NUM;
1654 #ifndef OPENSSL_NO_DSA
1655 static const unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 };
1656 int dsa_doit[DSA_NUM] = { 0 };
1658 #ifndef OPENSSL_NO_EC
1660 * We only test over the following curves as they are representative, To
1661 * add tests over more curves, simply add the curve NID and curve name to
1662 * the following arrays and increase the |ecdh_choices| list accordingly.
1664 static const struct {
1670 {"secp160r1", NID_secp160r1, 160},
1671 {"nistp192", NID_X9_62_prime192v1, 192},
1672 {"nistp224", NID_secp224r1, 224},
1673 {"nistp256", NID_X9_62_prime256v1, 256},
1674 {"nistp384", NID_secp384r1, 384},
1675 {"nistp521", NID_secp521r1, 521},
1676 # ifndef OPENSSL_NO_EC2M
1678 {"nistk163", NID_sect163k1, 163},
1679 {"nistk233", NID_sect233k1, 233},
1680 {"nistk283", NID_sect283k1, 283},
1681 {"nistk409", NID_sect409k1, 409},
1682 {"nistk571", NID_sect571k1, 571},
1683 {"nistb163", NID_sect163r2, 163},
1684 {"nistb233", NID_sect233r1, 233},
1685 {"nistb283", NID_sect283r1, 283},
1686 {"nistb409", NID_sect409r1, 409},
1687 {"nistb571", NID_sect571r1, 571},
1689 {"brainpoolP256r1", NID_brainpoolP256r1, 256},
1690 {"brainpoolP256t1", NID_brainpoolP256t1, 256},
1691 {"brainpoolP384r1", NID_brainpoolP384r1, 384},
1692 {"brainpoolP384t1", NID_brainpoolP384t1, 384},
1693 {"brainpoolP512r1", NID_brainpoolP512r1, 512},
1694 {"brainpoolP512t1", NID_brainpoolP512t1, 512},
1695 /* Other and ECDH only ones */
1696 {"X25519", NID_X25519, 253},
1697 {"X448", NID_X448, 448}
1699 static const struct {
1704 } test_ed_curves[] = {
1706 {"Ed25519", NID_ED25519, 253, 64},
1707 {"Ed448", NID_ED448, 456, 114}
1709 # ifndef OPENSSL_NO_SM2
1710 static const struct {
1714 } test_sm2_curves[] = {
1716 {"CurveSM2", NID_sm2, 256}
1719 int ecdsa_doit[ECDSA_NUM] = { 0 };
1720 int ecdh_doit[EC_NUM] = { 0 };
1721 int eddsa_doit[EdDSA_NUM] = { 0 };
1722 # ifndef OPENSSL_NO_SM2
1723 int sm2_doit[SM2_NUM] = { 0 };
1725 OPENSSL_assert(OSSL_NELEM(test_curves) >= EC_NUM);
1726 OPENSSL_assert(OSSL_NELEM(test_ed_curves) >= EdDSA_NUM);
1727 # ifndef OPENSSL_NO_SM2
1728 OPENSSL_assert(OSSL_NELEM(test_sm2_curves) >= SM2_NUM);
1730 #endif /* ndef OPENSSL_NO_EC */
1732 prog = opt_init(argc, argv, speed_options);
1733 while ((o = opt_next()) != OPT_EOF) {
1738 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
1741 opt_help(speed_options);
1749 evp_cipher = EVP_get_cipherbyname(opt_arg());
1750 if (evp_cipher == NULL)
1751 evp_md = EVP_get_digestbyname(opt_arg());
1752 if (evp_cipher == NULL && evp_md == NULL) {
1754 "%s: %s is an unknown cipher or digest\n",
1761 evp_hmac_md = EVP_get_digestbyname(opt_arg());
1762 if (evp_hmac_md == NULL) {
1763 BIO_printf(bio_err, "%s: %s is an unknown digest\n",
1767 doit[D_EVP_HMAC] = 1;
1770 #ifndef OPENSSL_NO_CMAC
1771 evp_cmac_cipher = EVP_get_cipherbyname(opt_arg());
1772 if (evp_cmac_cipher == NULL) {
1773 BIO_printf(bio_err, "%s: %s is an unknown cipher\n",
1777 doit[D_EVP_CMAC] = 1;
1785 * In a forked execution, an engine might need to be
1786 * initialised by each child process, not by the parent.
1787 * So store the name here and run setup_engine() later on.
1789 engine_id = opt_arg();
1793 multi = atoi(opt_arg());
1797 #ifndef OPENSSL_NO_ASYNC
1798 async_jobs = atoi(opt_arg());
1799 if (!ASYNC_is_capable()) {
1801 "%s: async_jobs specified but async not supported\n",
1805 if (async_jobs > 99999) {
1806 BIO_printf(bio_err, "%s: too many async_jobs\n", prog);
1812 if (!opt_int(opt_arg(), &misalign))
1814 if (misalign > MISALIGN) {
1816 "%s: Maximum offset is %d\n", prog, MISALIGN);
1825 #ifdef OPENSSL_NO_MULTIBLOCK
1827 "%s: -mb specified but multi-block support is disabled\n",
1837 if (!opt_int(opt_arg(), &primes))
1841 seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa
1842 = seconds.ecdh = seconds.eddsa
1843 = seconds.sm2 = atoi(opt_arg());
1846 lengths_single = atoi(opt_arg());
1847 lengths = &lengths_single;
1855 argc = opt_num_rest();
1858 /* Remaining arguments are algorithms. */
1859 for (; *argv; argv++) {
1860 if (found(*argv, doit_choices, &i)) {
1864 #ifndef OPENSSL_NO_DES
1865 if (strcmp(*argv, "des") == 0) {
1866 doit[D_CBC_DES] = doit[D_EDE3_DES] = 1;
1870 if (strcmp(*argv, "sha") == 0) {
1871 doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1;
1874 #ifndef OPENSSL_NO_RSA
1875 if (strcmp(*argv, "openssl") == 0)
1877 if (strcmp(*argv, "rsa") == 0) {
1878 for (loop = 0; loop < OSSL_NELEM(rsa_doit); loop++)
1882 if (found(*argv, rsa_choices, &i)) {
1887 #ifndef OPENSSL_NO_DSA
1888 if (strcmp(*argv, "dsa") == 0) {
1889 dsa_doit[R_DSA_512] = dsa_doit[R_DSA_1024] =
1890 dsa_doit[R_DSA_2048] = 1;
1893 if (found(*argv, dsa_choices, &i)) {
1898 if (strcmp(*argv, "aes") == 0) {
1899 doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1;
1902 #ifndef OPENSSL_NO_CAMELLIA
1903 if (strcmp(*argv, "camellia") == 0) {
1904 doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1;
1908 #ifndef OPENSSL_NO_EC
1909 if (strcmp(*argv, "ecdsa") == 0) {
1910 for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
1911 ecdsa_doit[loop] = 1;
1914 if (found(*argv, ecdsa_choices, &i)) {
1918 if (strcmp(*argv, "ecdh") == 0) {
1919 for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
1920 ecdh_doit[loop] = 1;
1923 if (found(*argv, ecdh_choices, &i)) {
1927 if (strcmp(*argv, "eddsa") == 0) {
1928 for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
1929 eddsa_doit[loop] = 1;
1932 if (found(*argv, eddsa_choices, &i)) {
1936 # ifndef OPENSSL_NO_SM2
1937 if (strcmp(*argv, "sm2") == 0) {
1938 for (loop = 0; loop < OSSL_NELEM(sm2_doit); loop++)
1942 if (found(*argv, sm2_choices, &i)) {
1948 BIO_printf(bio_err, "%s: Unknown algorithm %s\n", prog, *argv);
1954 if (evp_cipher == NULL) {
1955 BIO_printf(bio_err, "-aead can be used only with an AEAD cipher\n");
1957 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1958 EVP_CIPH_FLAG_AEAD_CIPHER)) {
1959 BIO_printf(bio_err, "%s is not an AEAD cipher\n",
1960 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1965 if (evp_cipher == NULL) {
1966 BIO_printf(bio_err,"-mb can be used only with a multi-block"
1967 " capable cipher\n");
1969 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1970 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
1971 BIO_printf(bio_err, "%s is not a multi-block capable\n",
1972 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1974 } else if (async_jobs > 0) {
1975 BIO_printf(bio_err, "Async mode is not supported with -mb");
1980 /* Initialize the job pool if async mode is enabled */
1981 if (async_jobs > 0) {
1982 async_init = ASYNC_init_thread(async_jobs, async_jobs);
1984 BIO_printf(bio_err, "Error creating the ASYNC job pool\n");
1989 loopargs_len = (async_jobs == 0 ? 1 : async_jobs);
1991 app_malloc(loopargs_len * sizeof(loopargs_t), "array of loopargs");
1992 memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));
1994 for (i = 0; i < loopargs_len; i++) {
1995 if (async_jobs > 0) {
1996 loopargs[i].wait_ctx = ASYNC_WAIT_CTX_new();
1997 if (loopargs[i].wait_ctx == NULL) {
1998 BIO_printf(bio_err, "Error creating the ASYNC_WAIT_CTX\n");
2003 buflen = lengths[size_num - 1];
2004 if (buflen < 36) /* size of random vector in RSA benchmark */
2006 buflen += MAX_MISALIGNMENT + 1;
2007 loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
2008 loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");
2009 memset(loopargs[i].buf_malloc, 0, buflen);
2010 memset(loopargs[i].buf2_malloc, 0, buflen);
2012 /* Align the start of buffers on a 64 byte boundary */
2013 loopargs[i].buf = loopargs[i].buf_malloc + misalign;
2014 loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;
2015 #ifndef OPENSSL_NO_EC
2016 loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a");
2017 loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b");
2022 if (multi && do_multi(multi, size_num))
2026 /* Initialize the engine after the fork */
2027 e = setup_engine(engine_id, 0);
2029 /* No parameters; turn on everything. */
2030 if (argc == 0 && !doit[D_EVP] && !doit[D_EVP_HMAC] && !doit[D_EVP_CMAC]) {
2031 for (i = 0; i < ALGOR_NUM; i++)
2032 if (i != D_EVP && i != D_EVP_HMAC && i != D_EVP_CMAC)
2034 #ifndef OPENSSL_NO_RSA
2035 for (i = 0; i < RSA_NUM; i++)
2038 #ifndef OPENSSL_NO_DSA
2039 for (i = 0; i < DSA_NUM; i++)
2042 #ifndef OPENSSL_NO_EC
2043 for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
2044 ecdsa_doit[loop] = 1;
2045 for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
2046 ecdh_doit[loop] = 1;
2047 for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
2048 eddsa_doit[loop] = 1;
2049 # ifndef OPENSSL_NO_SM2
2050 for (loop = 0; loop < OSSL_NELEM(sm2_doit); loop++)
2055 for (i = 0; i < ALGOR_NUM; i++)
2059 if (usertime == 0 && !mr)
2061 "You have chosen to measure elapsed time "
2062 "instead of user CPU time.\n");
2064 #ifndef OPENSSL_NO_RSA
2065 for (i = 0; i < loopargs_len; i++) {
2066 if (primes > RSA_DEFAULT_PRIME_NUM) {
2067 /* for multi-prime RSA, skip this */
2070 for (k = 0; k < RSA_NUM; k++) {
2071 const unsigned char *p;
2074 loopargs[i].rsa_key[k] =
2075 d2i_RSAPrivateKey(NULL, &p, rsa_data_length[k]);
2076 if (loopargs[i].rsa_key[k] == NULL) {
2078 "internal error loading RSA key number %d\n", k);
2084 #ifndef OPENSSL_NO_DSA
2085 for (i = 0; i < loopargs_len; i++) {
2086 loopargs[i].dsa_key[0] = get_dsa(512);
2087 loopargs[i].dsa_key[1] = get_dsa(1024);
2088 loopargs[i].dsa_key[2] = get_dsa(2048);
2091 #ifndef OPENSSL_NO_DES
2092 DES_set_key_unchecked(&key, &sch);
2093 DES_set_key_unchecked(&key2, &sch2);
2094 DES_set_key_unchecked(&key3, &sch3);
2096 AES_set_encrypt_key(key16, 128, &aes_ks1);
2097 AES_set_encrypt_key(key24, 192, &aes_ks2);
2098 AES_set_encrypt_key(key32, 256, &aes_ks3);
2099 #ifndef OPENSSL_NO_CAMELLIA
2100 Camellia_set_key(key16, 128, &camellia_ks1);
2101 Camellia_set_key(ckey24, 192, &camellia_ks2);
2102 Camellia_set_key(ckey32, 256, &camellia_ks3);
2104 #ifndef OPENSSL_NO_IDEA
2105 IDEA_set_encrypt_key(key16, &idea_ks);
2107 #ifndef OPENSSL_NO_SEED
2108 SEED_set_key(key16, &seed_ks);
2110 #ifndef OPENSSL_NO_RC4
2111 RC4_set_key(&rc4_ks, 16, key16);
2113 #ifndef OPENSSL_NO_RC2
2114 RC2_set_key(&rc2_ks, 16, key16, 128);
2116 #ifndef OPENSSL_NO_RC5
2117 if (!RC5_32_set_key(&rc5_ks, 16, key16, 12)) {
2118 BIO_printf(bio_err, "Failed setting RC5 key\n");
2122 #ifndef OPENSSL_NO_BF
2123 BF_set_key(&bf_ks, 16, key16);
2125 #ifndef OPENSSL_NO_CAST
2126 CAST_set_key(&cast_ks, 16, key16);
2129 # ifndef OPENSSL_NO_DES
2130 BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
2136 for (it = count; it; it--)
2137 DES_ecb_encrypt((DES_cblock *)loopargs[0].buf,
2138 (DES_cblock *)loopargs[0].buf, &sch, DES_ENCRYPT);
2142 c[D_MD2][0] = count / 10;
2143 c[D_MDC2][0] = count / 10;
2144 c[D_MD4][0] = count;
2145 c[D_MD5][0] = count;
2146 c[D_HMAC][0] = count;
2147 c[D_SHA1][0] = count;
2148 c[D_RMD160][0] = count;
2149 c[D_RC4][0] = count * 5;
2150 c[D_CBC_DES][0] = count;
2151 c[D_EDE3_DES][0] = count / 3;
2152 c[D_CBC_IDEA][0] = count;
2153 c[D_CBC_SEED][0] = count;
2154 c[D_CBC_RC2][0] = count;
2155 c[D_CBC_RC5][0] = count;
2156 c[D_CBC_BF][0] = count;
2157 c[D_CBC_CAST][0] = count;
2158 c[D_CBC_128_AES][0] = count;
2159 c[D_CBC_192_AES][0] = count;
2160 c[D_CBC_256_AES][0] = count;
2161 c[D_CBC_128_CML][0] = count;
2162 c[D_CBC_192_CML][0] = count;
2163 c[D_CBC_256_CML][0] = count;
2164 c[D_SHA256][0] = count;
2165 c[D_SHA512][0] = count;
2166 c[D_WHIRLPOOL][0] = count;
2167 c[D_IGE_128_AES][0] = count;
2168 c[D_IGE_192_AES][0] = count;
2169 c[D_IGE_256_AES][0] = count;
2170 c[D_GHASH][0] = count;
2171 c[D_RAND][0] = count;
2173 for (i = 1; i < size_num; i++) {
2176 l0 = (long)lengths[0];
2177 l1 = (long)lengths[i];
2179 c[D_MD2][i] = c[D_MD2][0] * 4 * l0 / l1;
2180 c[D_MDC2][i] = c[D_MDC2][0] * 4 * l0 / l1;
2181 c[D_MD4][i] = c[D_MD4][0] * 4 * l0 / l1;
2182 c[D_MD5][i] = c[D_MD5][0] * 4 * l0 / l1;
2183 c[D_HMAC][i] = c[D_HMAC][0] * 4 * l0 / l1;
2184 c[D_SHA1][i] = c[D_SHA1][0] * 4 * l0 / l1;
2185 c[D_RMD160][i] = c[D_RMD160][0] * 4 * l0 / l1;
2186 c[D_SHA256][i] = c[D_SHA256][0] * 4 * l0 / l1;
2187 c[D_SHA512][i] = c[D_SHA512][0] * 4 * l0 / l1;
2188 c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * l0 / l1;
2189 c[D_GHASH][i] = c[D_GHASH][0] * 4 * l0 / l1;
2190 c[D_RAND][i] = c[D_RAND][0] * 4 * l0 / l1;
2192 l0 = (long)lengths[i - 1];
2194 c[D_RC4][i] = c[D_RC4][i - 1] * l0 / l1;
2195 c[D_CBC_DES][i] = c[D_CBC_DES][i - 1] * l0 / l1;
2196 c[D_EDE3_DES][i] = c[D_EDE3_DES][i - 1] * l0 / l1;
2197 c[D_CBC_IDEA][i] = c[D_CBC_IDEA][i - 1] * l0 / l1;
2198 c[D_CBC_SEED][i] = c[D_CBC_SEED][i - 1] * l0 / l1;
2199 c[D_CBC_RC2][i] = c[D_CBC_RC2][i - 1] * l0 / l1;
2200 c[D_CBC_RC5][i] = c[D_CBC_RC5][i - 1] * l0 / l1;
2201 c[D_CBC_BF][i] = c[D_CBC_BF][i - 1] * l0 / l1;
2202 c[D_CBC_CAST][i] = c[D_CBC_CAST][i - 1] * l0 / l1;
2203 c[D_CBC_128_AES][i] = c[D_CBC_128_AES][i - 1] * l0 / l1;
2204 c[D_CBC_192_AES][i] = c[D_CBC_192_AES][i - 1] * l0 / l1;
2205 c[D_CBC_256_AES][i] = c[D_CBC_256_AES][i - 1] * l0 / l1;
2206 c[D_CBC_128_CML][i] = c[D_CBC_128_CML][i - 1] * l0 / l1;
2207 c[D_CBC_192_CML][i] = c[D_CBC_192_CML][i - 1] * l0 / l1;
2208 c[D_CBC_256_CML][i] = c[D_CBC_256_CML][i - 1] * l0 / l1;
2209 c[D_IGE_128_AES][i] = c[D_IGE_128_AES][i - 1] * l0 / l1;
2210 c[D_IGE_192_AES][i] = c[D_IGE_192_AES][i - 1] * l0 / l1;
2211 c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
2214 # ifndef OPENSSL_NO_RSA
2215 rsa_c[R_RSA_512][0] = count / 2000;
2216 rsa_c[R_RSA_512][1] = count / 400;
2217 for (i = 1; i < RSA_NUM; i++) {
2218 rsa_c[i][0] = rsa_c[i - 1][0] / 8;
2219 rsa_c[i][1] = rsa_c[i - 1][1] / 4;
2220 if (rsa_doit[i] <= 1 && rsa_c[i][0] == 0)
2223 if (rsa_c[i][0] == 0) {
2224 rsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2231 # ifndef OPENSSL_NO_DSA
2232 dsa_c[R_DSA_512][0] = count / 1000;
2233 dsa_c[R_DSA_512][1] = count / 1000 / 2;
2234 for (i = 1; i < DSA_NUM; i++) {
2235 dsa_c[i][0] = dsa_c[i - 1][0] / 4;
2236 dsa_c[i][1] = dsa_c[i - 1][1] / 4;
2237 if (dsa_doit[i] <= 1 && dsa_c[i][0] == 0)
2240 if (dsa_c[i][0] == 0) {
2241 dsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2248 # ifndef OPENSSL_NO_EC
2249 ecdsa_c[R_EC_P160][0] = count / 1000;
2250 ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
2251 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2252 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2253 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2254 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2257 if (ecdsa_c[i][0] == 0) {
2263 # ifndef OPENSSL_NO_EC2M
2264 ecdsa_c[R_EC_K163][0] = count / 1000;
2265 ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
2266 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2267 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2268 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2269 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2272 if (ecdsa_c[i][0] == 0) {
2278 ecdsa_c[R_EC_B163][0] = count / 1000;
2279 ecdsa_c[R_EC_B163][1] = count / 1000 / 2;
2280 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2281 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2282 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2283 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2286 if (ecdsa_c[i][0] == 0) {
2294 ecdh_c[R_EC_P160][0] = count / 1000;
2295 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2296 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2297 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2300 if (ecdh_c[i][0] == 0) {
2305 # ifndef OPENSSL_NO_EC2M
2306 ecdh_c[R_EC_K163][0] = count / 1000;
2307 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2308 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2309 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2312 if (ecdh_c[i][0] == 0) {
2317 ecdh_c[R_EC_B163][0] = count / 1000;
2318 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2319 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2320 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2323 if (ecdh_c[i][0] == 0) {
2329 /* repeated code good to factorize */
2330 ecdh_c[R_EC_BRP256R1][0] = count / 1000;
2331 for (i = R_EC_BRP384R1; i <= R_EC_BRP512R1; i += 2) {
2332 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2333 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2336 if (ecdh_c[i][0] == 0) {
2341 ecdh_c[R_EC_BRP256T1][0] = count / 1000;
2342 for (i = R_EC_BRP384T1; i <= R_EC_BRP512T1; i += 2) {
2343 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2344 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2347 if (ecdh_c[i][0] == 0) {
2352 /* default iteration count for the last two EC Curves */
2353 ecdh_c[R_EC_X25519][0] = count / 1800;
2354 ecdh_c[R_EC_X448][0] = count / 7200;
2356 eddsa_c[R_EC_Ed25519][0] = count / 1800;
2357 eddsa_c[R_EC_Ed448][0] = count / 7200;
2359 # ifndef OPENSSL_NO_SM2
2360 sm2_c[R_EC_SM2P256][0] = count / 1800;
2365 /* not worth fixing */
2366 # error "You cannot disable DES on systems without SIGALRM."
2367 # endif /* OPENSSL_NO_DES */
2369 signal(SIGALRM, alarmed);
2370 #endif /* SIGALRM */
2372 #ifndef OPENSSL_NO_MD2
2374 for (testnum = 0; testnum < size_num; testnum++) {
2375 print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum],
2378 count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs);
2380 print_result(D_MD2, testnum, count, d);
2384 #ifndef OPENSSL_NO_MDC2
2386 for (testnum = 0; testnum < size_num; testnum++) {
2387 print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum],
2390 count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs);
2392 print_result(D_MDC2, testnum, count, d);
2397 #ifndef OPENSSL_NO_MD4
2399 for (testnum = 0; testnum < size_num; testnum++) {
2400 print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum],
2403 count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs);
2405 print_result(D_MD4, testnum, count, d);
2410 #ifndef OPENSSL_NO_MD5
2412 for (testnum = 0; testnum < size_num; testnum++) {
2413 print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum],
2416 count = run_benchmark(async_jobs, MD5_loop, loopargs);
2418 print_result(D_MD5, testnum, count, d);
2423 static const char hmac_key[] = "This is a key...";
2424 int len = strlen(hmac_key);
2426 for (i = 0; i < loopargs_len; i++) {
2427 loopargs[i].hctx = HMAC_CTX_new();
2428 if (loopargs[i].hctx == NULL) {
2429 BIO_printf(bio_err, "HMAC malloc failure, exiting...");
2433 HMAC_Init_ex(loopargs[i].hctx, hmac_key, len, EVP_md5(), NULL);
2435 for (testnum = 0; testnum < size_num; testnum++) {
2436 print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum],
2439 count = run_benchmark(async_jobs, HMAC_loop, loopargs);
2441 print_result(D_HMAC, testnum, count, d);
2443 for (i = 0; i < loopargs_len; i++) {
2444 HMAC_CTX_free(loopargs[i].hctx);
2449 for (testnum = 0; testnum < size_num; testnum++) {
2450 print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum],
2453 count = run_benchmark(async_jobs, SHA1_loop, loopargs);
2455 print_result(D_SHA1, testnum, count, d);
2458 if (doit[D_SHA256]) {
2459 for (testnum = 0; testnum < size_num; testnum++) {
2460 print_message(names[D_SHA256], c[D_SHA256][testnum],
2461 lengths[testnum], seconds.sym);
2463 count = run_benchmark(async_jobs, SHA256_loop, loopargs);
2465 print_result(D_SHA256, testnum, count, d);
2468 if (doit[D_SHA512]) {
2469 for (testnum = 0; testnum < size_num; testnum++) {
2470 print_message(names[D_SHA512], c[D_SHA512][testnum],
2471 lengths[testnum], seconds.sym);
2473 count = run_benchmark(async_jobs, SHA512_loop, loopargs);
2475 print_result(D_SHA512, testnum, count, d);
2478 #ifndef OPENSSL_NO_WHIRLPOOL
2479 if (doit[D_WHIRLPOOL]) {
2480 for (testnum = 0; testnum < size_num; testnum++) {
2481 print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][testnum],
2482 lengths[testnum], seconds.sym);
2484 count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs);
2486 print_result(D_WHIRLPOOL, testnum, count, d);
2491 #ifndef OPENSSL_NO_RMD160
2492 if (doit[D_RMD160]) {
2493 for (testnum = 0; testnum < size_num; testnum++) {
2494 print_message(names[D_RMD160], c[D_RMD160][testnum],
2495 lengths[testnum], seconds.sym);
2497 count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs);
2499 print_result(D_RMD160, testnum, count, d);
2503 #ifndef OPENSSL_NO_RC4
2505 for (testnum = 0; testnum < size_num; testnum++) {
2506 print_message(names[D_RC4], c[D_RC4][testnum], lengths[testnum],
2509 count = run_benchmark(async_jobs, RC4_loop, loopargs);
2511 print_result(D_RC4, testnum, count, d);
2515 #ifndef OPENSSL_NO_DES
2516 if (doit[D_CBC_DES]) {
2517 for (testnum = 0; testnum < size_num; testnum++) {
2518 print_message(names[D_CBC_DES], c[D_CBC_DES][testnum],
2519 lengths[testnum], seconds.sym);
2521 count = run_benchmark(async_jobs, DES_ncbc_encrypt_loop, loopargs);
2523 print_result(D_CBC_DES, testnum, count, d);
2527 if (doit[D_EDE3_DES]) {
2528 for (testnum = 0; testnum < size_num; testnum++) {
2529 print_message(names[D_EDE3_DES], c[D_EDE3_DES][testnum],
2530 lengths[testnum], seconds.sym);
2533 run_benchmark(async_jobs, DES_ede3_cbc_encrypt_loop, loopargs);
2535 print_result(D_EDE3_DES, testnum, count, d);
2540 if (doit[D_CBC_128_AES]) {
2541 for (testnum = 0; testnum < size_num; testnum++) {
2542 print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][testnum],
2543 lengths[testnum], seconds.sym);
2546 run_benchmark(async_jobs, AES_cbc_128_encrypt_loop, loopargs);
2548 print_result(D_CBC_128_AES, testnum, count, d);
2551 if (doit[D_CBC_192_AES]) {
2552 for (testnum = 0; testnum < size_num; testnum++) {
2553 print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][testnum],
2554 lengths[testnum], seconds.sym);
2557 run_benchmark(async_jobs, AES_cbc_192_encrypt_loop, loopargs);
2559 print_result(D_CBC_192_AES, testnum, count, d);
2562 if (doit[D_CBC_256_AES]) {
2563 for (testnum = 0; testnum < size_num; testnum++) {
2564 print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][testnum],
2565 lengths[testnum], seconds.sym);
2568 run_benchmark(async_jobs, AES_cbc_256_encrypt_loop, loopargs);
2570 print_result(D_CBC_256_AES, testnum, count, d);
2574 #ifndef OPENSSL_NO_DEPRECATED_3_0
2575 if (doit[D_IGE_128_AES]) {
2576 for (testnum = 0; testnum < size_num; testnum++) {
2577 print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][testnum],
2578 lengths[testnum], seconds.sym);
2581 run_benchmark(async_jobs, AES_ige_128_encrypt_loop, loopargs);
2583 print_result(D_IGE_128_AES, testnum, count, d);
2586 if (doit[D_IGE_192_AES]) {
2587 for (testnum = 0; testnum < size_num; testnum++) {
2588 print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][testnum],
2589 lengths[testnum], seconds.sym);
2592 run_benchmark(async_jobs, AES_ige_192_encrypt_loop, loopargs);
2594 print_result(D_IGE_192_AES, testnum, count, d);
2597 if (doit[D_IGE_256_AES]) {
2598 for (testnum = 0; testnum < size_num; testnum++) {
2599 print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][testnum],
2600 lengths[testnum], seconds.sym);
2603 run_benchmark(async_jobs, AES_ige_256_encrypt_loop, loopargs);
2605 print_result(D_IGE_256_AES, testnum, count, d);
2609 if (doit[D_GHASH]) {
2610 for (i = 0; i < loopargs_len; i++) {
2611 loopargs[i].gcm_ctx =
2612 CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
2613 CRYPTO_gcm128_setiv(loopargs[i].gcm_ctx,
2614 (unsigned char *)"0123456789ab", 12);
2617 for (testnum = 0; testnum < size_num; testnum++) {
2618 print_message(names[D_GHASH], c[D_GHASH][testnum],
2619 lengths[testnum], seconds.sym);
2621 count = run_benchmark(async_jobs, CRYPTO_gcm128_aad_loop, loopargs);
2623 print_result(D_GHASH, testnum, count, d);
2625 for (i = 0; i < loopargs_len; i++)
2626 CRYPTO_gcm128_release(loopargs[i].gcm_ctx);
2628 #ifndef OPENSSL_NO_CAMELLIA
2629 if (doit[D_CBC_128_CML]) {
2630 if (async_jobs > 0) {
2631 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2632 names[D_CBC_128_CML]);
2633 doit[D_CBC_128_CML] = 0;
2635 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2636 print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][testnum],
2637 lengths[testnum], seconds.sym);
2639 for (count = 0, run = 1; COND(c[D_CBC_128_CML][testnum]); count++)
2640 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2641 (size_t)lengths[testnum], &camellia_ks1,
2642 iv, CAMELLIA_ENCRYPT);
2644 print_result(D_CBC_128_CML, testnum, count, d);
2647 if (doit[D_CBC_192_CML]) {
2648 if (async_jobs > 0) {
2649 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2650 names[D_CBC_192_CML]);
2651 doit[D_CBC_192_CML] = 0;
2653 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2654 print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][testnum],
2655 lengths[testnum], seconds.sym);
2656 if (async_jobs > 0) {
2657 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2661 for (count = 0, run = 1; COND(c[D_CBC_192_CML][testnum]); count++)
2662 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2663 (size_t)lengths[testnum], &camellia_ks2,
2664 iv, CAMELLIA_ENCRYPT);
2666 print_result(D_CBC_192_CML, testnum, count, d);
2669 if (doit[D_CBC_256_CML]) {
2670 if (async_jobs > 0) {
2671 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2672 names[D_CBC_256_CML]);
2673 doit[D_CBC_256_CML] = 0;
2675 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2676 print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][testnum],
2677 lengths[testnum], seconds.sym);
2679 for (count = 0, run = 1; COND(c[D_CBC_256_CML][testnum]); count++)
2680 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2681 (size_t)lengths[testnum], &camellia_ks3,
2682 iv, CAMELLIA_ENCRYPT);
2684 print_result(D_CBC_256_CML, testnum, count, d);
2688 #ifndef OPENSSL_NO_IDEA
2689 if (doit[D_CBC_IDEA]) {
2690 if (async_jobs > 0) {
2691 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2693 doit[D_CBC_IDEA] = 0;
2695 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2696 print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][testnum],
2697 lengths[testnum], seconds.sym);
2699 for (count = 0, run = 1; COND(c[D_CBC_IDEA][testnum]); count++)
2700 IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2701 (size_t)lengths[testnum], &idea_ks,
2704 print_result(D_CBC_IDEA, testnum, count, d);
2708 #ifndef OPENSSL_NO_SEED
2709 if (doit[D_CBC_SEED]) {
2710 if (async_jobs > 0) {
2711 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2713 doit[D_CBC_SEED] = 0;
2715 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2716 print_message(names[D_CBC_SEED], c[D_CBC_SEED][testnum],
2717 lengths[testnum], seconds.sym);
2719 for (count = 0, run = 1; COND(c[D_CBC_SEED][testnum]); count++)
2720 SEED_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2721 (size_t)lengths[testnum], &seed_ks, iv, 1);
2723 print_result(D_CBC_SEED, testnum, count, d);
2727 #ifndef OPENSSL_NO_RC2
2728 if (doit[D_CBC_RC2]) {
2729 if (async_jobs > 0) {
2730 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2732 doit[D_CBC_RC2] = 0;
2734 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2735 print_message(names[D_CBC_RC2], c[D_CBC_RC2][testnum],
2736 lengths[testnum], seconds.sym);
2737 if (async_jobs > 0) {
2738 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2742 for (count = 0, run = 1; COND(c[D_CBC_RC2][testnum]); count++)
2743 RC2_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2744 (size_t)lengths[testnum], &rc2_ks,
2747 print_result(D_CBC_RC2, testnum, count, d);
2751 #ifndef OPENSSL_NO_RC5
2752 if (doit[D_CBC_RC5]) {
2753 if (async_jobs > 0) {
2754 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2756 doit[D_CBC_RC5] = 0;
2758 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2759 print_message(names[D_CBC_RC5], c[D_CBC_RC5][testnum],
2760 lengths[testnum], seconds.sym);
2761 if (async_jobs > 0) {
2762 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2766 for (count = 0, run = 1; COND(c[D_CBC_RC5][testnum]); count++)
2767 RC5_32_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2768 (size_t)lengths[testnum], &rc5_ks,
2771 print_result(D_CBC_RC5, testnum, count, d);
2775 #ifndef OPENSSL_NO_BF
2776 if (doit[D_CBC_BF]) {
2777 if (async_jobs > 0) {
2778 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2782 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2783 print_message(names[D_CBC_BF], c[D_CBC_BF][testnum],
2784 lengths[testnum], seconds.sym);
2786 for (count = 0, run = 1; COND(c[D_CBC_BF][testnum]); count++)
2787 BF_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2788 (size_t)lengths[testnum], &bf_ks,
2791 print_result(D_CBC_BF, testnum, count, d);
2795 #ifndef OPENSSL_NO_CAST
2796 if (doit[D_CBC_CAST]) {
2797 if (async_jobs > 0) {
2798 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2800 doit[D_CBC_CAST] = 0;
2802 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2803 print_message(names[D_CBC_CAST], c[D_CBC_CAST][testnum],
2804 lengths[testnum], seconds.sym);
2806 for (count = 0, run = 1; COND(c[D_CBC_CAST][testnum]); count++)
2807 CAST_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2808 (size_t)lengths[testnum], &cast_ks,
2811 print_result(D_CBC_CAST, testnum, count, d);
2816 for (testnum = 0; testnum < size_num; testnum++) {
2817 print_message(names[D_RAND], c[D_RAND][testnum], lengths[testnum],
2820 count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs);
2822 print_result(D_RAND, testnum, count, d);
2827 if (evp_cipher != NULL) {
2828 int (*loopfunc)(void *args) = EVP_Update_loop;
2830 if (multiblock && (EVP_CIPHER_flags(evp_cipher) &
2831 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
2832 multiblock_speed(evp_cipher, lengths_single, &seconds);
2837 names[D_EVP] = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
2839 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_CCM_MODE) {
2840 loopfunc = EVP_Update_loop_ccm;
2841 } else if (aead && (EVP_CIPHER_flags(evp_cipher) &
2842 EVP_CIPH_FLAG_AEAD_CIPHER)) {
2843 loopfunc = EVP_Update_loop_aead;
2844 if (lengths == lengths_list) {
2845 lengths = aead_lengths_list;
2846 size_num = OSSL_NELEM(aead_lengths_list);
2850 for (testnum = 0; testnum < size_num; testnum++) {
2851 print_message(names[D_EVP], save_count, lengths[testnum],
2854 for (k = 0; k < loopargs_len; k++) {
2855 loopargs[k].ctx = EVP_CIPHER_CTX_new();
2856 if (loopargs[k].ctx == NULL) {
2857 BIO_printf(bio_err, "\nEVP_CIPHER_CTX_new failure\n");
2860 if (!EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL,
2861 NULL, iv, decrypt ? 0 : 1)) {
2862 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2863 ERR_print_errors(bio_err);
2867 EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
2869 keylen = EVP_CIPHER_CTX_key_length(loopargs[k].ctx);
2870 loopargs[k].key = app_malloc(keylen, "evp_cipher key");
2871 EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key);
2872 if (!EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
2873 loopargs[k].key, NULL, -1)) {
2874 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2875 ERR_print_errors(bio_err);
2878 OPENSSL_clear_free(loopargs[k].key, keylen);
2880 /* SIV mode only allows for a single Update operation */
2881 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_SIV_MODE)
2882 EVP_CIPHER_CTX_ctrl(loopargs[k].ctx, EVP_CTRL_SET_SPEED, 1, NULL);
2886 count = run_benchmark(async_jobs, loopfunc, loopargs);
2888 for (k = 0; k < loopargs_len; k++) {
2889 EVP_CIPHER_CTX_free(loopargs[k].ctx);
2891 print_result(D_EVP, testnum, count, d);
2893 } else if (evp_md != NULL) {
2894 names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md));
2896 for (testnum = 0; testnum < size_num; testnum++) {
2897 print_message(names[D_EVP], save_count, lengths[testnum],
2900 count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs);
2902 print_result(D_EVP, testnum, count, d);
2907 if (doit[D_EVP_HMAC]) {
2908 if (evp_hmac_md != NULL) {
2909 const char *md_name = OBJ_nid2ln(EVP_MD_type(evp_hmac_md));
2910 evp_hmac_name = app_malloc(sizeof("HMAC()") + strlen(md_name),
2912 sprintf(evp_hmac_name, "HMAC(%s)", md_name);
2913 names[D_EVP_HMAC] = evp_hmac_name;
2915 for (testnum = 0; testnum < size_num; testnum++) {
2916 print_message(names[D_EVP_HMAC], save_count, lengths[testnum],
2919 count = run_benchmark(async_jobs, EVP_HMAC_loop, loopargs);
2921 print_result(D_EVP_HMAC, testnum, count, d);
2926 #ifndef OPENSSL_NO_CMAC
2927 if (doit[D_EVP_CMAC]) {
2928 if (evp_cmac_cipher != NULL) {
2929 const char *cipher_name = OBJ_nid2ln(EVP_CIPHER_type(evp_cmac_cipher));
2930 evp_cmac_name = app_malloc(sizeof("CMAC()") + strlen(cipher_name),
2932 sprintf(evp_cmac_name, "CMAC(%s)", cipher_name);
2933 names[D_EVP_CMAC] = evp_cmac_name;
2935 for (i = 0; i < loopargs_len; i++) {
2936 loopargs[i].cmac_ctx = CMAC_CTX_new();
2937 if (loopargs[i].cmac_ctx == NULL) {
2938 BIO_printf(bio_err, "CMAC malloc failure, exiting...");
2942 for (testnum = 0; testnum < size_num; testnum++) {
2943 print_message(names[D_EVP_CMAC], save_count, lengths[testnum],
2946 count = run_benchmark(async_jobs, EVP_CMAC_loop, loopargs);
2948 print_result(D_EVP_CMAC, testnum, count, d);
2950 for (i = 0; i < loopargs_len; i++)
2951 CMAC_CTX_free(loopargs[i].cmac_ctx);
2956 for (i = 0; i < loopargs_len; i++)
2957 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2960 #ifndef OPENSSL_NO_RSA
2961 for (testnum = 0; testnum < RSA_NUM; testnum++) {
2963 if (!rsa_doit[testnum])
2965 for (i = 0; i < loopargs_len; i++) {
2967 /* we haven't set keys yet, generate multi-prime RSA keys */
2968 BIGNUM *bn = BN_new();
2972 if (!BN_set_word(bn, RSA_F4)) {
2977 BIO_printf(bio_err, "Generate multi-prime RSA key for %s\n",
2978 rsa_choices[testnum].name);
2980 loopargs[i].rsa_key[testnum] = RSA_new();
2981 if (loopargs[i].rsa_key[testnum] == NULL) {
2986 if (!RSA_generate_multi_prime_key(loopargs[i].rsa_key[testnum],
2988 primes, bn, NULL)) {
2994 st = RSA_sign(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2995 &loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
3001 "RSA sign failure. No RSA sign will be done.\n");
3002 ERR_print_errors(bio_err);
3005 pkey_print_message("private", "rsa",
3006 rsa_c[testnum][0], rsa_bits[testnum],
3008 /* RSA_blinding_on(rsa_key[testnum],NULL); */
3010 count = run_benchmark(async_jobs, RSA_sign_loop, loopargs);
3013 mr ? "+R1:%ld:%d:%.2f\n"
3014 : "%ld %u bits private RSA's in %.2fs\n",
3015 count, rsa_bits[testnum], d);
3016 rsa_results[testnum][0] = (double)count / d;
3020 for (i = 0; i < loopargs_len; i++) {
3021 st = RSA_verify(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
3022 loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
3028 "RSA verify failure. No RSA verify will be done.\n");
3029 ERR_print_errors(bio_err);
3030 rsa_doit[testnum] = 0;
3032 pkey_print_message("public", "rsa",
3033 rsa_c[testnum][1], rsa_bits[testnum],
3036 count = run_benchmark(async_jobs, RSA_verify_loop, loopargs);
3039 mr ? "+R2:%ld:%d:%.2f\n"
3040 : "%ld %u bits public RSA's in %.2fs\n",
3041 count, rsa_bits[testnum], d);
3042 rsa_results[testnum][1] = (double)count / d;
3045 if (rsa_count <= 1) {
3046 /* if longer than 10s, don't do any more */
3047 for (testnum++; testnum < RSA_NUM; testnum++)
3048 rsa_doit[testnum] = 0;
3051 #endif /* OPENSSL_NO_RSA */
3053 for (i = 0; i < loopargs_len; i++)
3054 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
3057 #ifndef OPENSSL_NO_DSA
3058 for (testnum = 0; testnum < DSA_NUM; testnum++) {
3060 if (!dsa_doit[testnum])
3063 /* DSA_generate_key(dsa_key[testnum]); */
3064 /* DSA_sign_setup(dsa_key[testnum],NULL); */
3065 for (i = 0; i < loopargs_len; i++) {
3066 st = DSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
3067 &loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
3073 "DSA sign failure. No DSA sign will be done.\n");
3074 ERR_print_errors(bio_err);
3077 pkey_print_message("sign", "dsa",
3078 dsa_c[testnum][0], dsa_bits[testnum],
3081 count = run_benchmark(async_jobs, DSA_sign_loop, loopargs);
3084 mr ? "+R3:%ld:%u:%.2f\n"
3085 : "%ld %u bits DSA signs in %.2fs\n",
3086 count, dsa_bits[testnum], d);
3087 dsa_results[testnum][0] = (double)count / d;
3091 for (i = 0; i < loopargs_len; i++) {
3092 st = DSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
3093 loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
3099 "DSA verify failure. No DSA verify will be done.\n");
3100 ERR_print_errors(bio_err);
3101 dsa_doit[testnum] = 0;
3103 pkey_print_message("verify", "dsa",
3104 dsa_c[testnum][1], dsa_bits[testnum],
3107 count = run_benchmark(async_jobs, DSA_verify_loop, loopargs);
3110 mr ? "+R4:%ld:%u:%.2f\n"
3111 : "%ld %u bits DSA verify in %.2fs\n",
3112 count, dsa_bits[testnum], d);
3113 dsa_results[testnum][1] = (double)count / d;
3116 if (rsa_count <= 1) {
3117 /* if longer than 10s, don't do any more */
3118 for (testnum++; testnum < DSA_NUM; testnum++)
3119 dsa_doit[testnum] = 0;
3122 #endif /* OPENSSL_NO_DSA */
3124 #ifndef OPENSSL_NO_EC
3125 for (testnum = 0; testnum < ECDSA_NUM; testnum++) {
3128 if (!ecdsa_doit[testnum])
3129 continue; /* Ignore Curve */
3130 for (i = 0; i < loopargs_len; i++) {
3131 loopargs[i].ecdsa[testnum] =
3132 EC_KEY_new_by_curve_name(test_curves[testnum].nid);
3133 if (loopargs[i].ecdsa[testnum] == NULL) {
3139 BIO_printf(bio_err, "ECDSA failure.\n");
3140 ERR_print_errors(bio_err);
3143 for (i = 0; i < loopargs_len; i++) {
3144 EC_KEY_precompute_mult(loopargs[i].ecdsa[testnum], NULL);
3145 /* Perform ECDSA signature test */
3146 EC_KEY_generate_key(loopargs[i].ecdsa[testnum]);
3147 st = ECDSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
3148 &loopargs[i].siglen,
3149 loopargs[i].ecdsa[testnum]);
3155 "ECDSA sign failure. No ECDSA sign will be done.\n");
3156 ERR_print_errors(bio_err);
3159 pkey_print_message("sign", "ecdsa",
3160 ecdsa_c[testnum][0],
3161 test_curves[testnum].bits, seconds.ecdsa);
3163 count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs);
3167 mr ? "+R5:%ld:%u:%.2f\n" :
3168 "%ld %u bits ECDSA signs in %.2fs \n",
3169 count, test_curves[testnum].bits, d);
3170 ecdsa_results[testnum][0] = (double)count / d;
3174 /* Perform ECDSA verification test */
3175 for (i = 0; i < loopargs_len; i++) {
3176 st = ECDSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
3178 loopargs[i].ecdsa[testnum]);
3184 "ECDSA verify failure. No ECDSA verify will be done.\n");
3185 ERR_print_errors(bio_err);
3186 ecdsa_doit[testnum] = 0;
3188 pkey_print_message("verify", "ecdsa",
3189 ecdsa_c[testnum][1],
3190 test_curves[testnum].bits, seconds.ecdsa);
3192 count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs);
3195 mr ? "+R6:%ld:%u:%.2f\n"
3196 : "%ld %u bits ECDSA verify in %.2fs\n",
3197 count, test_curves[testnum].bits, d);
3198 ecdsa_results[testnum][1] = (double)count / d;
3201 if (rsa_count <= 1) {
3202 /* if longer than 10s, don't do any more */
3203 for (testnum++; testnum < ECDSA_NUM; testnum++)
3204 ecdsa_doit[testnum] = 0;
3209 for (testnum = 0; testnum < EC_NUM; testnum++) {
3210 int ecdh_checks = 1;
3212 if (!ecdh_doit[testnum])
3215 for (i = 0; i < loopargs_len; i++) {
3216 EVP_PKEY_CTX *kctx = NULL;
3217 EVP_PKEY_CTX *test_ctx = NULL;
3218 EVP_PKEY_CTX *ctx = NULL;
3219 EVP_PKEY *key_A = NULL;
3220 EVP_PKEY *key_B = NULL;
3224 /* Ensure that the error queue is empty */
3225 if (ERR_peek_error()) {
3227 "WARNING: the error queue contains previous unhandled errors.\n");
3228 ERR_print_errors(bio_err);
3231 /* Let's try to create a ctx directly from the NID: this works for
3232 * curves like Curve25519 that are not implemented through the low
3233 * level EC interface.
3234 * If this fails we try creating a EVP_PKEY_EC generic param ctx,
3235 * then we set the curve by NID before deriving the actual keygen
3236 * ctx for that specific curve. */
3237 kctx = EVP_PKEY_CTX_new_id(test_curves[testnum].nid, NULL); /* keygen ctx from NID */
3239 EVP_PKEY_CTX *pctx = NULL;
3240 EVP_PKEY *params = NULL;
3242 /* If we reach this code EVP_PKEY_CTX_new_id() failed and a
3243 * "int_ctx_new:unsupported algorithm" error was added to the
3245 * We remove it from the error queue as we are handling it. */
3246 unsigned long error = ERR_peek_error(); /* peek the latest error in the queue */
3247 if (error == ERR_peek_last_error() && /* oldest and latest errors match */
3248 /* check that the error origin matches */
3249 ERR_GET_LIB(error) == ERR_LIB_EVP &&
3250 ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM)
3251 ERR_get_error(); /* pop error from queue */
3252 if (ERR_peek_error()) {
3254 "Unhandled error in the error queue during ECDH init.\n");
3255 ERR_print_errors(bio_err);
3260 if ( /* Create the context for parameter generation */
3261 !(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) ||
3262 /* Initialise the parameter generation */
3263 !EVP_PKEY_paramgen_init(pctx) ||
3264 /* Set the curve by NID */
3265 !EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3268 /* Create the parameter object params */
3269 !EVP_PKEY_paramgen(pctx, ¶ms)) {
3271 BIO_printf(bio_err, "ECDH EC params init failure.\n");
3272 ERR_print_errors(bio_err);
3276 /* Create the context for the key generation */
3277 kctx = EVP_PKEY_CTX_new(params, NULL);
3279 EVP_PKEY_free(params);
3281 EVP_PKEY_CTX_free(pctx);
3284 if (kctx == NULL || /* keygen ctx is not null */
3285 EVP_PKEY_keygen_init(kctx) <= 0/* init keygen ctx */ ) {
3287 BIO_printf(bio_err, "ECDH keygen failure.\n");
3288 ERR_print_errors(bio_err);
3293 if (EVP_PKEY_keygen(kctx, &key_A) <= 0 || /* generate secret key A */
3294 EVP_PKEY_keygen(kctx, &key_B) <= 0 || /* generate secret key B */
3295 !(ctx = EVP_PKEY_CTX_new(key_A, NULL)) || /* derivation ctx from skeyA */
3296 EVP_PKEY_derive_init(ctx) <= 0 || /* init derivation ctx */
3297 EVP_PKEY_derive_set_peer(ctx, key_B) <= 0 || /* set peer pubkey in ctx */
3298 EVP_PKEY_derive(ctx, NULL, &outlen) <= 0 || /* determine max length */
3299 outlen == 0 || /* ensure outlen is a valid size */
3300 outlen > MAX_ECDH_SIZE /* avoid buffer overflow */ ) {
3302 BIO_printf(bio_err, "ECDH key generation failure.\n");
3303 ERR_print_errors(bio_err);
3308 /* Here we perform a test run, comparing the output of a*B and b*A;
3309 * we try this here and assume that further EVP_PKEY_derive calls
3310 * never fail, so we can skip checks in the actually benchmarked
3311 * code, for maximum performance. */
3312 if (!(test_ctx = EVP_PKEY_CTX_new(key_B, NULL)) || /* test ctx from skeyB */
3313 !EVP_PKEY_derive_init(test_ctx) || /* init derivation test_ctx */
3314 !EVP_PKEY_derive_set_peer(test_ctx, key_A) || /* set peer pubkey in test_ctx */
3315 !EVP_PKEY_derive(test_ctx, NULL, &test_outlen) || /* determine max length */
3316 !EVP_PKEY_derive(ctx, loopargs[i].secret_a, &outlen) || /* compute a*B */
3317 !EVP_PKEY_derive(test_ctx, loopargs[i].secret_b, &test_outlen) || /* compute b*A */
3318 test_outlen != outlen /* compare output length */ ) {
3320 BIO_printf(bio_err, "ECDH computation failure.\n");
3321 ERR_print_errors(bio_err);
3326 /* Compare the computation results: CRYPTO_memcmp() returns 0 if equal */
3327 if (CRYPTO_memcmp(loopargs[i].secret_a,
3328 loopargs[i].secret_b, outlen)) {
3330 BIO_printf(bio_err, "ECDH computations don't match.\n");
3331 ERR_print_errors(bio_err);
3336 loopargs[i].ecdh_ctx[testnum] = ctx;
3337 loopargs[i].outlen[testnum] = outlen;
3339 EVP_PKEY_free(key_A);
3340 EVP_PKEY_free(key_B);
3341 EVP_PKEY_CTX_free(kctx);
3343 EVP_PKEY_CTX_free(test_ctx);
3346 if (ecdh_checks != 0) {
3347 pkey_print_message("", "ecdh",
3349 test_curves[testnum].bits, seconds.ecdh);
3352 run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs);
3355 mr ? "+R7:%ld:%d:%.2f\n" :
3356 "%ld %u-bits ECDH ops in %.2fs\n", count,
3357 test_curves[testnum].bits, d);
3358 ecdh_results[testnum][0] = (double)count / d;
3362 if (rsa_count <= 1) {
3363 /* if longer than 10s, don't do any more */
3364 for (testnum++; testnum < OSSL_NELEM(ecdh_doit); testnum++)
3365 ecdh_doit[testnum] = 0;
3369 for (testnum = 0; testnum < EdDSA_NUM; testnum++) {
3371 EVP_PKEY *ed_pkey = NULL;
3372 EVP_PKEY_CTX *ed_pctx = NULL;
3374 if (!eddsa_doit[testnum])
3375 continue; /* Ignore Curve */
3376 for (i = 0; i < loopargs_len; i++) {
3377 loopargs[i].eddsa_ctx[testnum] = EVP_MD_CTX_new();
3378 if (loopargs[i].eddsa_ctx[testnum] == NULL) {
3383 if ((ed_pctx = EVP_PKEY_CTX_new_id(test_ed_curves[testnum].nid, NULL))
3385 || EVP_PKEY_keygen_init(ed_pctx) <= 0
3386 || EVP_PKEY_keygen(ed_pctx, &ed_pkey) <= 0) {
3388 EVP_PKEY_CTX_free(ed_pctx);
3391 EVP_PKEY_CTX_free(ed_pctx);
3393 if (!EVP_DigestSignInit(loopargs[i].eddsa_ctx[testnum], NULL, NULL,
3396 EVP_PKEY_free(ed_pkey);
3399 EVP_PKEY_free(ed_pkey);
3402 BIO_printf(bio_err, "EdDSA failure.\n");
3403 ERR_print_errors(bio_err);
3406 for (i = 0; i < loopargs_len; i++) {
3407 /* Perform EdDSA signature test */
3408 loopargs[i].sigsize = test_ed_curves[testnum].sigsize;
3409 st = EVP_DigestSign(loopargs[i].eddsa_ctx[testnum],
3410 loopargs[i].buf2, &loopargs[i].sigsize,
3411 loopargs[i].buf, 20);
3417 "EdDSA sign failure. No EdDSA sign will be done.\n");
3418 ERR_print_errors(bio_err);
3421 pkey_print_message("sign", test_ed_curves[testnum].name,
3422 eddsa_c[testnum][0],
3423 test_ed_curves[testnum].bits, seconds.eddsa);
3425 count = run_benchmark(async_jobs, EdDSA_sign_loop, loopargs);
3429 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3430 "%ld %u bits %s signs in %.2fs \n",
3431 count, test_ed_curves[testnum].bits,
3432 test_ed_curves[testnum].name, d);
3433 eddsa_results[testnum][0] = (double)count / d;
3437 /* Perform EdDSA verification test */
3438 for (i = 0; i < loopargs_len; i++) {
3439 st = EVP_DigestVerify(loopargs[i].eddsa_ctx[testnum],
3440 loopargs[i].buf2, loopargs[i].sigsize,
3441 loopargs[i].buf, 20);
3447 "EdDSA verify failure. No EdDSA verify will be done.\n");
3448 ERR_print_errors(bio_err);
3449 eddsa_doit[testnum] = 0;
3451 pkey_print_message("verify", test_ed_curves[testnum].name,
3452 eddsa_c[testnum][1],
3453 test_ed_curves[testnum].bits, seconds.eddsa);
3455 count = run_benchmark(async_jobs, EdDSA_verify_loop, loopargs);
3458 mr ? "+R9:%ld:%u:%s:%.2f\n"
3459 : "%ld %u bits %s verify in %.2fs\n",
3460 count, test_ed_curves[testnum].bits,
3461 test_ed_curves[testnum].name, d);
3462 eddsa_results[testnum][1] = (double)count / d;
3465 if (rsa_count <= 1) {
3466 /* if longer than 10s, don't do any more */
3467 for (testnum++; testnum < EdDSA_NUM; testnum++)
3468 eddsa_doit[testnum] = 0;
3473 # ifndef OPENSSL_NO_SM2
3474 for (testnum = 0; testnum < SM2_NUM; testnum++) {
3476 EVP_PKEY *sm2_pkey = NULL;
3477 EVP_PKEY_CTX *pctx = NULL;
3478 EVP_PKEY_CTX *sm2_pctx = NULL;
3479 EVP_PKEY_CTX *sm2_vfy_pctx = NULL;
3480 size_t sm2_sigsize = 0;
3482 if (!sm2_doit[testnum])
3483 continue; /* Ignore Curve */
3484 /* Init signing and verification */
3485 for (i = 0; i < loopargs_len; i++) {
3486 loopargs[i].sm2_ctx[testnum] = EVP_MD_CTX_new();
3487 if (loopargs[i].sm2_ctx[testnum] == NULL) {
3491 loopargs[i].sm2_vfy_ctx[testnum] = EVP_MD_CTX_new();
3492 if (loopargs[i].sm2_vfy_ctx[testnum] == NULL) {
3497 /* SM2 keys are generated as normal EC keys with a special curve */
3498 if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) == NULL
3499 || EVP_PKEY_keygen_init(pctx) <= 0
3500 || EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3501 test_sm2_curves[testnum].nid) <= 0
3502 || EVP_PKEY_keygen(pctx, &sm2_pkey) <= 0) {
3504 EVP_PKEY_CTX_free(pctx);
3507 /* free previous one and alloc a new one */
3508 EVP_PKEY_CTX_free(pctx);
3510 loopargs[i].sigsize = sm2_sigsize
3511 = ECDSA_size(EVP_PKEY_get0_EC_KEY(sm2_pkey));
3513 if (!EVP_PKEY_set_alias_type(sm2_pkey, EVP_PKEY_SM2)) {
3515 EVP_PKEY_free(sm2_pkey);
3519 sm2_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3520 if (sm2_pctx == NULL) {
3522 EVP_PKEY_free(sm2_pkey);
3525 sm2_vfy_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3526 if (sm2_vfy_pctx == NULL) {
3528 EVP_PKEY_CTX_free(sm2_pctx);
3529 EVP_PKEY_free(sm2_pkey);
3533 * No need to allow user to set an explicit ID here, just use
3534 * the one defined in the 'draft-yang-tls-tl13-sm-suites' I-D.
3536 if (EVP_PKEY_CTX_set1_id(sm2_pctx, SM2_ID, SM2_ID_LEN) != 1) {
3538 EVP_PKEY_CTX_free(sm2_pctx);
3539 EVP_PKEY_CTX_free(sm2_vfy_pctx);
3540 EVP_PKEY_free(sm2_pkey);
3544 if (EVP_PKEY_CTX_set1_id(sm2_vfy_pctx, SM2_ID, SM2_ID_LEN) != 1) {
3546 EVP_PKEY_CTX_free(sm2_pctx);
3547 EVP_PKEY_CTX_free(sm2_vfy_pctx);
3548 EVP_PKEY_free(sm2_pkey);
3552 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_ctx[testnum], sm2_pctx);
3553 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_vfy_ctx[testnum], sm2_vfy_pctx);
3555 if (!EVP_DigestSignInit(loopargs[i].sm2_ctx[testnum], NULL,
3556 EVP_sm3(), NULL, sm2_pkey)) {
3558 EVP_PKEY_free(sm2_pkey);
3561 if (!EVP_DigestVerifyInit(loopargs[i].sm2_vfy_ctx[testnum], NULL,
3562 EVP_sm3(), NULL, sm2_pkey)) {
3564 EVP_PKEY_free(sm2_pkey);
3567 loopargs[i].sm2_pkey[testnum] = sm2_pkey;
3570 BIO_printf(bio_err, "SM2 failure.\n");
3571 ERR_print_errors(bio_err);
3574 for (i = 0; i < loopargs_len; i++) {
3575 sm2_sigsize = loopargs[i].sigsize;
3576 /* Perform SM2 signature test */
3577 st = EVP_DigestSign(loopargs[i].sm2_ctx[testnum],
3578 loopargs[i].buf2, &sm2_sigsize,
3579 loopargs[i].buf, 20);
3585 "SM2 sign failure. No SM2 sign will be done.\n");
3586 ERR_print_errors(bio_err);
3589 pkey_print_message("sign", test_sm2_curves[testnum].name,
3591 test_sm2_curves[testnum].bits, seconds.sm2);
3593 count = run_benchmark(async_jobs, SM2_sign_loop, loopargs);
3597 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3598 "%ld %u bits %s signs in %.2fs \n",
3599 count, test_sm2_curves[testnum].bits,
3600 test_sm2_curves[testnum].name, d);
3601 sm2_results[testnum][0] = (double)count / d;
3605 /* Perform SM2 verification test */
3606 for (i = 0; i < loopargs_len; i++) {
3607 st = EVP_DigestVerify(loopargs[i].sm2_vfy_ctx[testnum],
3608 loopargs[i].buf2, loopargs[i].sigsize,
3609 loopargs[i].buf, 20);
3615 "SM2 verify failure. No SM2 verify will be done.\n");
3616 ERR_print_errors(bio_err);
3617 sm2_doit[testnum] = 0;
3619 pkey_print_message("verify", test_sm2_curves[testnum].name,
3621 test_sm2_curves[testnum].bits, seconds.sm2);
3623 count = run_benchmark(async_jobs, SM2_verify_loop, loopargs);
3626 mr ? "+R9:%ld:%u:%s:%.2f\n"
3627 : "%ld %u bits %s verify in %.2fs\n",
3628 count, test_sm2_curves[testnum].bits,
3629 test_sm2_curves[testnum].name, d);
3630 sm2_results[testnum][1] = (double)count / d;
3633 if (rsa_count <= 1) {
3634 /* if longer than 10s, don't do any more */
3635 for (testnum++; testnum < SM2_NUM; testnum++)
3636 sm2_doit[testnum] = 0;
3640 # endif /* OPENSSL_NO_SM2 */
3642 #endif /* OPENSSL_NO_EC */
3647 printf("version: %s\n", OpenSSL_version(OPENSSL_FULL_VERSION_STRING));
3648 printf("built on: %s\n", OpenSSL_version(OPENSSL_BUILT_ON));
3650 printf("%s ", BN_options());
3651 #ifndef OPENSSL_NO_MD2
3652 printf("%s ", MD2_options());
3654 #ifndef OPENSSL_NO_RC4
3655 printf("%s ", RC4_options());
3657 #ifndef OPENSSL_NO_DES
3658 printf("%s ", DES_options());
3660 printf("%s ", AES_options());
3661 #ifndef OPENSSL_NO_IDEA
3662 printf("%s ", IDEA_options());
3664 #ifndef OPENSSL_NO_BF
3665 printf("%s ", BF_options());
3667 printf("\n%s\n", OpenSSL_version(OPENSSL_CFLAGS));
3668 printf("%s\n", OpenSSL_version(OPENSSL_CPU_INFO));
3676 ("The 'numbers' are in 1000s of bytes per second processed.\n");
3679 for (testnum = 0; testnum < size_num; testnum++)
3680 printf(mr ? ":%d" : "%7d bytes", lengths[testnum]);
3684 for (k = 0; k < ALGOR_NUM; k++) {
3688 printf("+F:%u:%s", k, names[k]);
3690 printf("%-13s", names[k]);
3691 for (testnum = 0; testnum < size_num; testnum++) {
3692 if (results[k][testnum] > 10000 && !mr)
3693 printf(" %11.2fk", results[k][testnum] / 1e3);
3695 printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]);
3699 #ifndef OPENSSL_NO_RSA
3701 for (k = 0; k < RSA_NUM; k++) {
3704 if (testnum && !mr) {
3705 printf("%18ssign verify sign/s verify/s\n", " ");
3709 printf("+F2:%u:%u:%f:%f\n",
3710 k, rsa_bits[k], rsa_results[k][0], rsa_results[k][1]);
3712 printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3713 rsa_bits[k], 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1],
3714 rsa_results[k][0], rsa_results[k][1]);
3717 #ifndef OPENSSL_NO_DSA
3719 for (k = 0; k < DSA_NUM; k++) {
3722 if (testnum && !mr) {
3723 printf("%18ssign verify sign/s verify/s\n", " ");
3727 printf("+F3:%u:%u:%f:%f\n",
3728 k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
3730 printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3731 dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1],
3732 dsa_results[k][0], dsa_results[k][1]);
3735 #ifndef OPENSSL_NO_EC
3737 for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) {
3740 if (testnum && !mr) {
3741 printf("%30ssign verify sign/s verify/s\n", " ");
3746 printf("+F4:%u:%u:%f:%f\n",
3747 k, test_curves[k].bits,
3748 ecdsa_results[k][0], ecdsa_results[k][1]);
3750 printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3751 test_curves[k].bits, test_curves[k].name,
3752 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1],
3753 ecdsa_results[k][0], ecdsa_results[k][1]);
3757 for (k = 0; k < EC_NUM; k++) {
3760 if (testnum && !mr) {
3761 printf("%30sop op/s\n", " ");
3765 printf("+F5:%u:%u:%f:%f\n",
3766 k, test_curves[k].bits,
3767 ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
3770 printf("%4u bits ecdh (%s) %8.4fs %8.1f\n",
3771 test_curves[k].bits, test_curves[k].name,
3772 1.0 / ecdh_results[k][0], ecdh_results[k][0]);
3776 for (k = 0; k < OSSL_NELEM(eddsa_doit); k++) {
3779 if (testnum && !mr) {
3780 printf("%30ssign verify sign/s verify/s\n", " ");
3785 printf("+F6:%u:%u:%s:%f:%f\n",
3786 k, test_ed_curves[k].bits, test_ed_curves[k].name,
3787 eddsa_results[k][0], eddsa_results[k][1]);
3789 printf("%4u bits EdDSA (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3790 test_ed_curves[k].bits, test_ed_curves[k].name,
3791 1.0 / eddsa_results[k][0], 1.0 / eddsa_results[k][1],
3792 eddsa_results[k][0], eddsa_results[k][1]);
3795 # ifndef OPENSSL_NO_SM2
3797 for (k = 0; k < OSSL_NELEM(sm2_doit); k++) {
3800 if (testnum && !mr) {
3801 printf("%30ssign verify sign/s verify/s\n", " ");
3806 printf("+F6:%u:%u:%s:%f:%f\n",
3807 k, test_sm2_curves[k].bits, test_sm2_curves[k].name,
3808 sm2_results[k][0], sm2_results[k][1]);
3810 printf("%4u bits SM2 (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3811 test_sm2_curves[k].bits, test_sm2_curves[k].name,
3812 1.0 / sm2_results[k][0], 1.0 / sm2_results[k][1],
3813 sm2_results[k][0], sm2_results[k][1]);
3821 ERR_print_errors(bio_err);
3822 for (i = 0; i < loopargs_len; i++) {
3823 OPENSSL_free(loopargs[i].buf_malloc);
3824 OPENSSL_free(loopargs[i].buf2_malloc);
3826 #ifndef OPENSSL_NO_RSA
3827 for (k = 0; k < RSA_NUM; k++)
3828 RSA_free(loopargs[i].rsa_key[k]);
3830 #ifndef OPENSSL_NO_DSA
3831 for (k = 0; k < DSA_NUM; k++)
3832 DSA_free(loopargs[i].dsa_key[k]);
3834 #ifndef OPENSSL_NO_EC
3835 for (k = 0; k < ECDSA_NUM; k++)
3836 EC_KEY_free(loopargs[i].ecdsa[k]);
3837 for (k = 0; k < EC_NUM; k++)
3838 EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]);
3839 for (k = 0; k < EdDSA_NUM; k++)
3840 EVP_MD_CTX_free(loopargs[i].eddsa_ctx[k]);
3841 # ifndef OPENSSL_NO_SM2
3842 for (k = 0; k < SM2_NUM; k++) {
3843 EVP_PKEY_CTX *pctx = NULL;
3845 /* free signing ctx */
3846 if (loopargs[i].sm2_ctx[k] != NULL
3847 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_ctx[k])) != NULL)
3848 EVP_PKEY_CTX_free(pctx);
3849 EVP_MD_CTX_free(loopargs[i].sm2_ctx[k]);
3850 /* free verification ctx */
3851 if (loopargs[i].sm2_vfy_ctx[k] != NULL
3852 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_vfy_ctx[k])) != NULL)
3853 EVP_PKEY_CTX_free(pctx);
3854 EVP_MD_CTX_free(loopargs[i].sm2_vfy_ctx[k]);
3856 EVP_PKEY_free(loopargs[i].sm2_pkey[k]);
3859 OPENSSL_free(loopargs[i].secret_a);
3860 OPENSSL_free(loopargs[i].secret_b);
3863 OPENSSL_free(evp_hmac_name);
3864 #ifndef OPENSSL_NO_CMAC
3865 OPENSSL_free(evp_cmac_name);
3868 if (async_jobs > 0) {
3869 for (i = 0; i < loopargs_len; i++)
3870 ASYNC_WAIT_CTX_free(loopargs[i].wait_ctx);
3874 ASYNC_cleanup_thread();
3876 OPENSSL_free(loopargs);
3881 static void print_message(const char *s, long num, int length, int tm)
3885 mr ? "+DT:%s:%d:%d\n"
3886 : "Doing %s for %ds on %d size blocks: ", s, tm, length);
3887 (void)BIO_flush(bio_err);
3891 mr ? "+DN:%s:%ld:%d\n"
3892 : "Doing %s %ld times on %d size blocks: ", s, num, length);
3893 (void)BIO_flush(bio_err);
3897 static void pkey_print_message(const char *str, const char *str2, long num,
3898 unsigned int bits, int tm)
3902 mr ? "+DTP:%d:%s:%s:%d\n"
3903 : "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm);
3904 (void)BIO_flush(bio_err);
3908 mr ? "+DNP:%ld:%d:%s:%s\n"
3909 : "Doing %ld %u bits %s %s's: ", num, bits, str, str2);
3910 (void)BIO_flush(bio_err);
3914 static void print_result(int alg, int run_no, int count, double time_used)
3917 BIO_puts(bio_err, "EVP error!\n");
3921 mr ? "+R:%d:%s:%f\n"
3922 : "%d %s's in %.2fs\n", count, names[alg], time_used);
3923 results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
3927 static char *sstrsep(char **string, const char *delim)
3930 char *token = *string;
3935 memset(isdelim, 0, sizeof(isdelim));
3939 isdelim[(unsigned char)(*delim)] = 1;
3943 while (!isdelim[(unsigned char)(**string)]) {
3955 static int do_multi(int multi, int size_num)
3960 static char sep[] = ":";
3962 fds = app_malloc(sizeof(*fds) * multi, "fd buffer for do_multi");
3963 for (n = 0; n < multi; ++n) {
3964 if (pipe(fd) == -1) {
3965 BIO_printf(bio_err, "pipe failure\n");
3969 (void)BIO_flush(bio_err);
3976 if (dup(fd[1]) == -1) {
3977 BIO_printf(bio_err, "dup failed\n");
3986 printf("Forked child %d\n", n);
3989 /* for now, assume the pipe is long enough to take all the output */
3990 for (n = 0; n < multi; ++n) {
3995 f = fdopen(fds[n], "r");
3996 while (fgets(buf, sizeof(buf), f)) {
3997 p = strchr(buf, '\n');
4000 if (buf[0] != '+') {
4002 "Don't understand line '%s' from child %d\n", buf,
4006 printf("Got: %s from %d\n", buf, n);
4007 if (strncmp(buf, "+F:", 3) == 0) {
4012 alg = atoi(sstrsep(&p, sep));
4014 for (j = 0; j < size_num; ++j)
4015 results[alg][j] += atof(sstrsep(&p, sep));
4016 } else if (strncmp(buf, "+F2:", 4) == 0) {
4021 k = atoi(sstrsep(&p, sep));
4024 d = atof(sstrsep(&p, sep));
4025 rsa_results[k][0] += d;
4027 d = atof(sstrsep(&p, sep));
4028 rsa_results[k][1] += d;
4030 # ifndef OPENSSL_NO_DSA
4031 else if (strncmp(buf, "+F3:", 4) == 0) {
4036 k = atoi(sstrsep(&p, sep));
4039 d = atof(sstrsep(&p, sep));
4040 dsa_results[k][0] += d;
4042 d = atof(sstrsep(&p, sep));
4043 dsa_results[k][1] += d;
4046 # ifndef OPENSSL_NO_EC
4047 else if (strncmp(buf, "+F4:", 4) == 0) {
4052 k = atoi(sstrsep(&p, sep));
4055 d = atof(sstrsep(&p, sep));
4056 ecdsa_results[k][0] += d;
4058 d = atof(sstrsep(&p, sep));
4059 ecdsa_results[k][1] += d;
4060 } else if (strncmp(buf, "+F5:", 4) == 0) {
4065 k = atoi(sstrsep(&p, sep));
4068 d = atof(sstrsep(&p, sep));
4069 ecdh_results[k][0] += d;
4070 } else if (strncmp(buf, "+F6:", 4) == 0) {
4075 k = atoi(sstrsep(&p, sep));
4078 d = atof(sstrsep(&p, sep));
4079 eddsa_results[k][0] += d;
4081 d = atof(sstrsep(&p, sep));
4082 eddsa_results[k][1] += d;
4084 # ifndef OPENSSL_NO_SM2
4085 else if (strncmp(buf, "+F7:", 4) == 0) {
4090 k = atoi(sstrsep(&p, sep));
4093 d = atof(sstrsep(&p, sep));
4094 sm2_results[k][0] += d;
4096 d = atof(sstrsep(&p, sep));
4097 sm2_results[k][1] += d;
4099 # endif /* OPENSSL_NO_SM2 */
4102 else if (strncmp(buf, "+H:", 3) == 0) {
4105 BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf,
4116 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
4117 const openssl_speed_sec_t *seconds)
4119 static const int mblengths_list[] =
4120 { 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 };
4121 const int *mblengths = mblengths_list;
4122 int j, count, keylen, num = OSSL_NELEM(mblengths_list);
4123 const char *alg_name;
4124 unsigned char *inp, *out, *key, no_key[32], no_iv[16];
4125 EVP_CIPHER_CTX *ctx;
4128 if (lengths_single) {
4129 mblengths = &lengths_single;
4133 inp = app_malloc(mblengths[num - 1], "multiblock input buffer");
4134 out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer");
4135 ctx = EVP_CIPHER_CTX_new();
4136 EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv);
4138 keylen = EVP_CIPHER_CTX_key_length(ctx);
4139 key = app_malloc(keylen, "evp_cipher key");
4140 EVP_CIPHER_CTX_rand_key(ctx, key);
4141 EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
4142 OPENSSL_clear_free(key, keylen);
4144 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key), no_key);
4145 alg_name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
4147 for (j = 0; j < num; j++) {
4148 print_message(alg_name, 0, mblengths[j], seconds->sym);
4150 for (count = 0, run = 1; run && count < 0x7fffffff; count++) {
4151 unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
4152 EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
4153 size_t len = mblengths[j];
4156 memset(aad, 0, 8); /* avoid uninitialized values */
4157 aad[8] = 23; /* SSL3_RT_APPLICATION_DATA */
4158 aad[9] = 3; /* version */
4160 aad[11] = 0; /* length */
4162 mb_param.out = NULL;
4165 mb_param.interleave = 8;
4167 packlen = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
4168 sizeof(mb_param), &mb_param);
4174 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
4175 sizeof(mb_param), &mb_param);
4179 RAND_bytes(out, 16);
4181 aad[11] = (unsigned char)(len >> 8);
4182 aad[12] = (unsigned char)(len);
4183 pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD,
4184 EVP_AEAD_TLS1_AAD_LEN, aad);
4185 EVP_Cipher(ctx, out, inp, len + pad);
4189 BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n"
4190 : "%d %s's in %.2fs\n", count, "evp", d);
4191 results[D_EVP][j] = ((double)count) / d * mblengths[j];
4195 fprintf(stdout, "+H");
4196 for (j = 0; j < num; j++)
4197 fprintf(stdout, ":%d", mblengths[j]);
4198 fprintf(stdout, "\n");
4199 fprintf(stdout, "+F:%d:%s", D_EVP, alg_name);
4200 for (j = 0; j < num; j++)
4201 fprintf(stdout, ":%.2f", results[D_EVP][j]);
4202 fprintf(stdout, "\n");
4205 "The 'numbers' are in 1000s of bytes per second processed.\n");
4206 fprintf(stdout, "type ");
4207 for (j = 0; j < num; j++)
4208 fprintf(stdout, "%7d bytes", mblengths[j]);
4209 fprintf(stdout, "\n");
4210 fprintf(stdout, "%-24s", alg_name);
4212 for (j = 0; j < num; j++) {
4213 if (results[D_EVP][j] > 10000)
4214 fprintf(stdout, " %11.2fk", results[D_EVP][j] / 1e3);
4216 fprintf(stdout, " %11.2f ", results[D_EVP][j]);
4218 fprintf(stdout, "\n");
4223 EVP_CIPHER_CTX_free(ctx);