2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
13 #define RSA_SECONDS 10
14 #define DSA_SECONDS 10
15 #define ECDSA_SECONDS 10
16 #define ECDH_SECONDS 10
17 #define EdDSA_SECONDS 10
18 #define SM2_SECONDS 10
26 #include <openssl/crypto.h>
27 #include <openssl/rand.h>
28 #include <openssl/err.h>
29 #include <openssl/evp.h>
30 #include <openssl/objects.h>
31 #include <openssl/async.h>
32 #if !defined(OPENSSL_SYS_MSDOS)
40 #include <openssl/bn.h>
41 #ifndef OPENSSL_NO_DES
42 # include <openssl/des.h>
44 #include <openssl/aes.h>
45 #ifndef OPENSSL_NO_CAMELLIA
46 # include <openssl/camellia.h>
48 #ifndef OPENSSL_NO_MD2
49 # include <openssl/md2.h>
51 #ifndef OPENSSL_NO_MDC2
52 # include <openssl/mdc2.h>
54 #ifndef OPENSSL_NO_MD4
55 # include <openssl/md4.h>
57 #ifndef OPENSSL_NO_MD5
58 # include <openssl/md5.h>
60 #include <openssl/hmac.h>
61 #ifndef OPENSSL_NO_CMAC
62 #include <openssl/cmac.h>
64 #include <openssl/sha.h>
65 #ifndef OPENSSL_NO_RMD160
66 # include <openssl/ripemd.h>
68 #ifndef OPENSSL_NO_WHIRLPOOL
69 # include <openssl/whrlpool.h>
71 #ifndef OPENSSL_NO_RC4
72 # include <openssl/rc4.h>
74 #ifndef OPENSSL_NO_RC5
75 # include <openssl/rc5.h>
77 #ifndef OPENSSL_NO_RC2
78 # include <openssl/rc2.h>
80 #ifndef OPENSSL_NO_IDEA
81 # include <openssl/idea.h>
83 #ifndef OPENSSL_NO_SEED
84 # include <openssl/seed.h>
87 # include <openssl/blowfish.h>
89 #ifndef OPENSSL_NO_CAST
90 # include <openssl/cast.h>
92 #ifndef OPENSSL_NO_RSA
93 # include <openssl/rsa.h>
94 # include "./testrsa.h"
96 #include <openssl/x509.h>
97 #ifndef OPENSSL_NO_DSA
98 # include <openssl/dsa.h>
99 # include "./testdsa.h"
101 #ifndef OPENSSL_NO_EC
102 # include <openssl/ec.h>
104 #include <openssl/modes.h>
107 # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS)
120 #define MAX_MISALIGNMENT 63
121 #define MAX_ECDH_SIZE 256
124 typedef struct openssl_speed_sec_st {
132 } openssl_speed_sec_t;
134 static volatile int run = 0;
137 static int usertime = 1;
139 #ifndef OPENSSL_NO_MD2
140 static int EVP_Digest_MD2_loop(void *args);
143 #ifndef OPENSSL_NO_MDC2
144 static int EVP_Digest_MDC2_loop(void *args);
146 #ifndef OPENSSL_NO_MD4
147 static int EVP_Digest_MD4_loop(void *args);
149 #ifndef OPENSSL_NO_MD5
150 static int MD5_loop(void *args);
151 static int HMAC_loop(void *args);
153 static int SHA1_loop(void *args);
154 static int SHA256_loop(void *args);
155 static int SHA512_loop(void *args);
156 #ifndef OPENSSL_NO_WHIRLPOOL
157 static int WHIRLPOOL_loop(void *args);
159 #ifndef OPENSSL_NO_RMD160
160 static int EVP_Digest_RMD160_loop(void *args);
162 #ifndef OPENSSL_NO_RC4
163 static int RC4_loop(void *args);
165 #ifndef OPENSSL_NO_DES
166 static int DES_ncbc_encrypt_loop(void *args);
167 static int DES_ede3_cbc_encrypt_loop(void *args);
169 static int AES_cbc_128_encrypt_loop(void *args);
170 static int AES_cbc_192_encrypt_loop(void *args);
171 static int AES_cbc_256_encrypt_loop(void *args);
172 #ifndef OPENSSL_NO_DEPRECATED_3_0
173 static int AES_ige_128_encrypt_loop(void *args);
174 static int AES_ige_192_encrypt_loop(void *args);
175 static int AES_ige_256_encrypt_loop(void *args);
177 static int CRYPTO_gcm128_aad_loop(void *args);
178 static int RAND_bytes_loop(void *args);
179 static int EVP_Update_loop(void *args);
180 static int EVP_Update_loop_ccm(void *args);
181 static int EVP_Update_loop_aead(void *args);
182 static int EVP_Digest_loop(void *args);
183 #ifndef OPENSSL_NO_RSA
184 static int RSA_sign_loop(void *args);
185 static int RSA_verify_loop(void *args);
187 #ifndef OPENSSL_NO_DSA
188 static int DSA_sign_loop(void *args);
189 static int DSA_verify_loop(void *args);
191 #ifndef OPENSSL_NO_EC
192 static int ECDSA_sign_loop(void *args);
193 static int ECDSA_verify_loop(void *args);
194 static int EdDSA_sign_loop(void *args);
195 static int EdDSA_verify_loop(void *args);
196 # ifndef OPENSSL_NO_SM2
197 static int SM2_sign_loop(void *args);
198 static int SM2_verify_loop(void *args);
202 static double Time_F(int s);
203 static void print_message(const char *s, long num, int length, int tm);
204 static void pkey_print_message(const char *str, const char *str2,
205 long num, unsigned int bits, int sec);
206 static void print_result(int alg, int run_no, int count, double time_used);
208 static int do_multi(int multi, int size_num);
211 static const int lengths_list[] = {
212 16, 64, 256, 1024, 8 * 1024, 16 * 1024
214 static const int *lengths = lengths_list;
216 static const int aead_lengths_list[] = {
217 2, 31, 136, 1024, 8 * 1024, 16 * 1024
225 static void alarmed(int sig)
227 signal(SIGALRM, alarmed);
231 static double Time_F(int s)
233 double ret = app_tminterval(s, usertime);
239 #elif defined(_WIN32)
243 static unsigned int lapse;
244 static volatile unsigned int schlock;
245 static void alarm_win32(unsigned int secs)
250 # define alarm alarm_win32
252 static DWORD WINAPI sleepy(VOID * arg)
260 static double Time_F(int s)
267 thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
269 DWORD err = GetLastError();
270 BIO_printf(bio_err, "unable to CreateThread (%lu)", err);
274 Sleep(0); /* scheduler spinlock */
275 ret = app_tminterval(s, usertime);
277 ret = app_tminterval(s, usertime);
279 TerminateThread(thr, 0);
286 static double Time_F(int s)
288 return app_tminterval(s, usertime);
292 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
293 const openssl_speed_sec_t *seconds);
295 #define found(value, pairs, result)\
296 opt_found(value, result, pairs, OSSL_NELEM(pairs))
297 static int opt_found(const char *name, unsigned int *result,
298 const OPT_PAIR pairs[], unsigned int nbelem)
302 for (idx = 0; idx < nbelem; ++idx, pairs++)
303 if (strcmp(name, pairs->name) == 0) {
304 *result = pairs->retval;
310 typedef enum OPTION_choice {
311 OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
312 OPT_ELAPSED, OPT_EVP, OPT_HMAC, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
313 OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM,
314 OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD, OPT_CMAC
317 const OPTIONS speed_options[] = {
318 {OPT_HELP_STR, 1, '-', "Usage: %s [options] [algorithm...]\n"},
320 OPT_SECTION("General"),
321 {"help", OPT_HELP, '-', "Display this summary"},
323 "Enable (tls1>=1) multi-block mode on EVP-named cipher"},
324 {"mr", OPT_MR, '-', "Produce machine readable output"},
326 {"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"},
328 #ifndef OPENSSL_NO_ASYNC
329 {"async_jobs", OPT_ASYNCJOBS, 'p',
330 "Enable async mode and start specified number of jobs"},
332 #ifndef OPENSSL_NO_ENGINE
333 {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
335 {"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"},
337 OPT_SECTION("Selection"),
338 {"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"},
339 {"hmac", OPT_HMAC, 's', "HMAC using EVP-named digest"},
340 #ifndef OPENSSL_NO_CMAC
341 {"cmac", OPT_CMAC, 's', "CMAC using EVP-named cipher"},
343 {"decrypt", OPT_DECRYPT, '-',
344 "Time decryption instead of encryption (only EVP)"},
345 {"aead", OPT_AEAD, '-',
346 "Benchmark EVP-named AEAD cipher in TLS-like sequence"},
348 OPT_SECTION("Timing"),
349 {"elapsed", OPT_ELAPSED, '-',
350 "Use wall-clock time instead of CPU user time as divisor"},
351 {"seconds", OPT_SECONDS, 'p',
352 "Run benchmarks for specified amount of seconds"},
353 {"bytes", OPT_BYTES, 'p',
354 "Run [non-PKI] benchmarks on custom-sized buffer"},
355 {"misalign", OPT_MISALIGN, 'p',
356 "Use specified offset to mis-align buffers"},
361 {"algorithm", 0, 0, "Algorithm(s) to test (optional; otherwise tests all)"},
375 #define D_CBC_IDEA 10
376 #define D_CBC_SEED 11
380 #define D_CBC_CAST 15
381 #define D_CBC_128_AES 16
382 #define D_CBC_192_AES 17
383 #define D_CBC_256_AES 18
384 #define D_CBC_128_CML 19
385 #define D_CBC_192_CML 20
386 #define D_CBC_256_CML 21
390 #define D_WHIRLPOOL 25
391 #define D_IGE_128_AES 26
392 #define D_IGE_192_AES 27
393 #define D_IGE_256_AES 28
396 #define D_EVP_HMAC 31
397 #define D_EVP_CMAC 32
399 /* name of algorithms to test */
400 static const char *names[] = {
401 "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
402 "des cbc", "des ede3", "idea cbc", "seed cbc",
403 "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
404 "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
405 "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
406 "evp", "sha256", "sha512", "whirlpool",
407 "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
408 "rand", "hmac", "cmac"
410 #define ALGOR_NUM OSSL_NELEM(names)
412 /* list of configured algorithm (remaining) */
413 static const OPT_PAIR doit_choices[] = {
414 #ifndef OPENSSL_NO_MD2
417 #ifndef OPENSSL_NO_MDC2
420 #ifndef OPENSSL_NO_MD4
423 #ifndef OPENSSL_NO_MD5
428 {"sha256", D_SHA256},
429 {"sha512", D_SHA512},
430 #ifndef OPENSSL_NO_WHIRLPOOL
431 {"whirlpool", D_WHIRLPOOL},
433 #ifndef OPENSSL_NO_RMD160
434 {"ripemd", D_RMD160},
435 {"rmd160", D_RMD160},
436 {"ripemd160", D_RMD160},
438 #ifndef OPENSSL_NO_RC4
441 #ifndef OPENSSL_NO_DES
442 {"des-cbc", D_CBC_DES},
443 {"des-ede3", D_EDE3_DES},
445 {"aes-128-cbc", D_CBC_128_AES},
446 {"aes-192-cbc", D_CBC_192_AES},
447 {"aes-256-cbc", D_CBC_256_AES},
448 #ifndef OPENSSL_NO_DEPRECATED_3_0
449 {"aes-128-ige", D_IGE_128_AES},
450 {"aes-192-ige", D_IGE_192_AES},
451 {"aes-256-ige", D_IGE_256_AES},
453 #ifndef OPENSSL_NO_RC2
454 {"rc2-cbc", D_CBC_RC2},
457 #ifndef OPENSSL_NO_RC5
458 {"rc5-cbc", D_CBC_RC5},
461 #ifndef OPENSSL_NO_IDEA
462 {"idea-cbc", D_CBC_IDEA},
463 {"idea", D_CBC_IDEA},
465 #ifndef OPENSSL_NO_SEED
466 {"seed-cbc", D_CBC_SEED},
467 {"seed", D_CBC_SEED},
469 #ifndef OPENSSL_NO_BF
470 {"bf-cbc", D_CBC_BF},
471 {"blowfish", D_CBC_BF},
474 #ifndef OPENSSL_NO_CAST
475 {"cast-cbc", D_CBC_CAST},
476 {"cast", D_CBC_CAST},
477 {"cast5", D_CBC_CAST},
483 static double results[ALGOR_NUM][OSSL_NELEM(lengths_list)];
485 #ifndef OPENSSL_NO_DSA
487 # define R_DSA_1024 1
488 # define R_DSA_2048 2
489 static const OPT_PAIR dsa_choices[] = {
490 {"dsa512", R_DSA_512},
491 {"dsa1024", R_DSA_1024},
492 {"dsa2048", R_DSA_2048}
494 # define DSA_NUM OSSL_NELEM(dsa_choices)
496 static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */
497 #endif /* OPENSSL_NO_DSA */
505 #define R_RSA_15360 6
506 #ifndef OPENSSL_NO_RSA
507 static const OPT_PAIR rsa_choices[] = {
508 {"rsa512", R_RSA_512},
509 {"rsa1024", R_RSA_1024},
510 {"rsa2048", R_RSA_2048},
511 {"rsa3072", R_RSA_3072},
512 {"rsa4096", R_RSA_4096},
513 {"rsa7680", R_RSA_7680},
514 {"rsa15360", R_RSA_15360}
516 # define RSA_NUM OSSL_NELEM(rsa_choices)
518 static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */
519 #endif /* OPENSSL_NO_RSA */
528 #ifndef OPENSSL_NO_EC2M
550 #ifndef OPENSSL_NO_EC
551 static OPT_PAIR ecdsa_choices[] = {
552 {"ecdsap160", R_EC_P160},
553 {"ecdsap192", R_EC_P192},
554 {"ecdsap224", R_EC_P224},
555 {"ecdsap256", R_EC_P256},
556 {"ecdsap384", R_EC_P384},
557 {"ecdsap521", R_EC_P521},
558 # ifndef OPENSSL_NO_EC2M
559 {"ecdsak163", R_EC_K163},
560 {"ecdsak233", R_EC_K233},
561 {"ecdsak283", R_EC_K283},
562 {"ecdsak409", R_EC_K409},
563 {"ecdsak571", R_EC_K571},
564 {"ecdsab163", R_EC_B163},
565 {"ecdsab233", R_EC_B233},
566 {"ecdsab283", R_EC_B283},
567 {"ecdsab409", R_EC_B409},
568 {"ecdsab571", R_EC_B571},
570 {"ecdsabrp256r1", R_EC_BRP256R1},
571 {"ecdsabrp256t1", R_EC_BRP256T1},
572 {"ecdsabrp384r1", R_EC_BRP384R1},
573 {"ecdsabrp384t1", R_EC_BRP384T1},
574 {"ecdsabrp512r1", R_EC_BRP512R1},
575 {"ecdsabrp512t1", R_EC_BRP512T1}
577 # define ECDSA_NUM OSSL_NELEM(ecdsa_choices)
579 static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */
581 static const OPT_PAIR ecdh_choices[] = {
582 {"ecdhp160", R_EC_P160},
583 {"ecdhp192", R_EC_P192},
584 {"ecdhp224", R_EC_P224},
585 {"ecdhp256", R_EC_P256},
586 {"ecdhp384", R_EC_P384},
587 {"ecdhp521", R_EC_P521},
588 # ifndef OPENSSL_NO_EC2M
589 {"ecdhk163", R_EC_K163},
590 {"ecdhk233", R_EC_K233},
591 {"ecdhk283", R_EC_K283},
592 {"ecdhk409", R_EC_K409},
593 {"ecdhk571", R_EC_K571},
594 {"ecdhb163", R_EC_B163},
595 {"ecdhb233", R_EC_B233},
596 {"ecdhb283", R_EC_B283},
597 {"ecdhb409", R_EC_B409},
598 {"ecdhb571", R_EC_B571},
600 {"ecdhbrp256r1", R_EC_BRP256R1},
601 {"ecdhbrp256t1", R_EC_BRP256T1},
602 {"ecdhbrp384r1", R_EC_BRP384R1},
603 {"ecdhbrp384t1", R_EC_BRP384T1},
604 {"ecdhbrp512r1", R_EC_BRP512R1},
605 {"ecdhbrp512t1", R_EC_BRP512T1},
606 {"ecdhx25519", R_EC_X25519},
607 {"ecdhx448", R_EC_X448}
609 # define EC_NUM OSSL_NELEM(ecdh_choices)
611 static double ecdh_results[EC_NUM][1]; /* 1 op: derivation */
613 #define R_EC_Ed25519 0
615 static OPT_PAIR eddsa_choices[] = {
616 {"ed25519", R_EC_Ed25519},
617 {"ed448", R_EC_Ed448}
619 # define EdDSA_NUM OSSL_NELEM(eddsa_choices)
621 static double eddsa_results[EdDSA_NUM][2]; /* 2 ops: sign then verify */
623 # ifndef OPENSSL_NO_SM2
624 # define R_EC_CURVESM2 0
625 static OPT_PAIR sm2_choices[] = {
626 {"curveSM2", R_EC_CURVESM2}
628 # define SM2_ID "TLSv1.3+GM+Cipher+Suite"
629 # define SM2_ID_LEN sizeof("TLSv1.3+GM+Cipher+Suite") - 1
630 # define SM2_NUM OSSL_NELEM(sm2_choices)
632 static double sm2_results[SM2_NUM][2]; /* 2 ops: sign then verify */
633 # endif /* OPENSSL_NO_SM2 */
634 #endif /* OPENSSL_NO_EC */
637 # define COND(d) (count < (d))
638 # define COUNT(d) (d)
640 # define COND(unused_cond) (run && count<0x7fffffff)
641 # define COUNT(d) (count)
644 typedef struct loopargs_st {
645 ASYNC_JOB *inprogress_job;
646 ASYNC_WAIT_CTX *wait_ctx;
649 unsigned char *buf_malloc;
650 unsigned char *buf2_malloc;
654 #ifndef OPENSSL_NO_RSA
655 RSA *rsa_key[RSA_NUM];
657 #ifndef OPENSSL_NO_DSA
658 DSA *dsa_key[DSA_NUM];
660 #ifndef OPENSSL_NO_EC
661 EC_KEY *ecdsa[ECDSA_NUM];
662 EVP_PKEY_CTX *ecdh_ctx[EC_NUM];
663 EVP_MD_CTX *eddsa_ctx[EdDSA_NUM];
664 # ifndef OPENSSL_NO_SM2
665 EVP_MD_CTX *sm2_ctx[SM2_NUM];
666 EVP_MD_CTX *sm2_vfy_ctx[SM2_NUM];
667 EVP_PKEY *sm2_pkey[SM2_NUM];
669 unsigned char *secret_a;
670 unsigned char *secret_b;
671 size_t outlen[EC_NUM];
675 #ifndef OPENSSL_NO_CMAC
678 GCM128_CONTEXT *gcm_ctx;
680 static int run_benchmark(int async_jobs, int (*loop_function) (void *),
681 loopargs_t * loopargs);
683 static unsigned int testnum;
685 /* Nb of iterations to do per algorithm and key-size */
686 static long c[ALGOR_NUM][OSSL_NELEM(lengths_list)];
688 #ifndef OPENSSL_NO_MD2
689 static int EVP_Digest_MD2_loop(void *args)
691 loopargs_t *tempargs = *(loopargs_t **) args;
692 unsigned char *buf = tempargs->buf;
693 unsigned char md2[MD2_DIGEST_LENGTH];
696 for (count = 0; COND(c[D_MD2][testnum]); count++) {
697 if (!EVP_Digest(buf, (size_t)lengths[testnum], md2, NULL, EVP_md2(),
705 #ifndef OPENSSL_NO_MDC2
706 static int EVP_Digest_MDC2_loop(void *args)
708 loopargs_t *tempargs = *(loopargs_t **) args;
709 unsigned char *buf = tempargs->buf;
710 unsigned char mdc2[MDC2_DIGEST_LENGTH];
713 for (count = 0; COND(c[D_MDC2][testnum]); count++) {
714 if (!EVP_Digest(buf, (size_t)lengths[testnum], mdc2, NULL, EVP_mdc2(),
722 #ifndef OPENSSL_NO_MD4
723 static int EVP_Digest_MD4_loop(void *args)
725 loopargs_t *tempargs = *(loopargs_t **) args;
726 unsigned char *buf = tempargs->buf;
727 unsigned char md4[MD4_DIGEST_LENGTH];
730 for (count = 0; COND(c[D_MD4][testnum]); count++) {
731 if (!EVP_Digest(buf, (size_t)lengths[testnum], md4, NULL, EVP_md4(),
739 #ifndef OPENSSL_NO_MD5
740 static int MD5_loop(void *args)
742 loopargs_t *tempargs = *(loopargs_t **) args;
743 unsigned char *buf = tempargs->buf;
744 unsigned char md5[MD5_DIGEST_LENGTH];
746 for (count = 0; COND(c[D_MD5][testnum]); count++)
747 MD5(buf, lengths[testnum], md5);
751 static int HMAC_loop(void *args)
753 loopargs_t *tempargs = *(loopargs_t **) args;
754 unsigned char *buf = tempargs->buf;
755 HMAC_CTX *hctx = tempargs->hctx;
756 unsigned char hmac[MD5_DIGEST_LENGTH];
759 for (count = 0; COND(c[D_HMAC][testnum]); count++) {
760 HMAC_Init_ex(hctx, NULL, 0, NULL, NULL);
761 HMAC_Update(hctx, buf, lengths[testnum]);
762 HMAC_Final(hctx, hmac, NULL);
768 static int SHA1_loop(void *args)
770 loopargs_t *tempargs = *(loopargs_t **) args;
771 unsigned char *buf = tempargs->buf;
772 unsigned char sha[SHA_DIGEST_LENGTH];
774 for (count = 0; COND(c[D_SHA1][testnum]); count++)
775 SHA1(buf, lengths[testnum], sha);
779 static int SHA256_loop(void *args)
781 loopargs_t *tempargs = *(loopargs_t **) args;
782 unsigned char *buf = tempargs->buf;
783 unsigned char sha256[SHA256_DIGEST_LENGTH];
785 for (count = 0; COND(c[D_SHA256][testnum]); count++)
786 SHA256(buf, lengths[testnum], sha256);
790 static int SHA512_loop(void *args)
792 loopargs_t *tempargs = *(loopargs_t **) args;
793 unsigned char *buf = tempargs->buf;
794 unsigned char sha512[SHA512_DIGEST_LENGTH];
796 for (count = 0; COND(c[D_SHA512][testnum]); count++)
797 SHA512(buf, lengths[testnum], sha512);
801 #ifndef OPENSSL_NO_WHIRLPOOL
802 static int WHIRLPOOL_loop(void *args)
804 loopargs_t *tempargs = *(loopargs_t **) args;
805 unsigned char *buf = tempargs->buf;
806 unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
808 for (count = 0; COND(c[D_WHIRLPOOL][testnum]); count++)
809 WHIRLPOOL(buf, lengths[testnum], whirlpool);
814 #ifndef OPENSSL_NO_RMD160
815 static int EVP_Digest_RMD160_loop(void *args)
817 loopargs_t *tempargs = *(loopargs_t **) args;
818 unsigned char *buf = tempargs->buf;
819 unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
821 for (count = 0; COND(c[D_RMD160][testnum]); count++) {
822 if (!EVP_Digest(buf, (size_t)lengths[testnum], &(rmd160[0]),
823 NULL, EVP_ripemd160(), NULL))
830 #ifndef OPENSSL_NO_RC4
831 static RC4_KEY rc4_ks;
832 static int RC4_loop(void *args)
834 loopargs_t *tempargs = *(loopargs_t **) args;
835 unsigned char *buf = tempargs->buf;
837 for (count = 0; COND(c[D_RC4][testnum]); count++)
838 RC4(&rc4_ks, (size_t)lengths[testnum], buf, buf);
843 #ifndef OPENSSL_NO_DES
844 static unsigned char DES_iv[8];
845 static DES_key_schedule sch;
846 static DES_key_schedule sch2;
847 static DES_key_schedule sch3;
848 static int DES_ncbc_encrypt_loop(void *args)
850 loopargs_t *tempargs = *(loopargs_t **) args;
851 unsigned char *buf = tempargs->buf;
853 for (count = 0; COND(c[D_CBC_DES][testnum]); count++)
854 DES_ncbc_encrypt(buf, buf, lengths[testnum], &sch,
855 &DES_iv, DES_ENCRYPT);
859 static int DES_ede3_cbc_encrypt_loop(void *args)
861 loopargs_t *tempargs = *(loopargs_t **) args;
862 unsigned char *buf = tempargs->buf;
864 for (count = 0; COND(c[D_EDE3_DES][testnum]); count++)
865 DES_ede3_cbc_encrypt(buf, buf, lengths[testnum],
866 &sch, &sch2, &sch3, &DES_iv, DES_ENCRYPT);
871 #define MAX_BLOCK_SIZE 128
873 static unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
874 static AES_KEY aes_ks1, aes_ks2, aes_ks3;
875 static int AES_cbc_128_encrypt_loop(void *args)
877 loopargs_t *tempargs = *(loopargs_t **) args;
878 unsigned char *buf = tempargs->buf;
880 for (count = 0; COND(c[D_CBC_128_AES][testnum]); count++)
881 AES_cbc_encrypt(buf, buf,
882 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
886 static int AES_cbc_192_encrypt_loop(void *args)
888 loopargs_t *tempargs = *(loopargs_t **) args;
889 unsigned char *buf = tempargs->buf;
891 for (count = 0; COND(c[D_CBC_192_AES][testnum]); count++)
892 AES_cbc_encrypt(buf, buf,
893 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
897 static int AES_cbc_256_encrypt_loop(void *args)
899 loopargs_t *tempargs = *(loopargs_t **) args;
900 unsigned char *buf = tempargs->buf;
902 for (count = 0; COND(c[D_CBC_256_AES][testnum]); count++)
903 AES_cbc_encrypt(buf, buf,
904 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
908 #ifndef OPENSSL_NO_DEPRECATED_3_0
909 static int AES_ige_128_encrypt_loop(void *args)
911 loopargs_t *tempargs = *(loopargs_t **) args;
912 unsigned char *buf = tempargs->buf;
913 unsigned char *buf2 = tempargs->buf2;
915 for (count = 0; COND(c[D_IGE_128_AES][testnum]); count++)
916 AES_ige_encrypt(buf, buf2,
917 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
921 static int AES_ige_192_encrypt_loop(void *args)
923 loopargs_t *tempargs = *(loopargs_t **) args;
924 unsigned char *buf = tempargs->buf;
925 unsigned char *buf2 = tempargs->buf2;
927 for (count = 0; COND(c[D_IGE_192_AES][testnum]); count++)
928 AES_ige_encrypt(buf, buf2,
929 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
933 static int AES_ige_256_encrypt_loop(void *args)
935 loopargs_t *tempargs = *(loopargs_t **) args;
936 unsigned char *buf = tempargs->buf;
937 unsigned char *buf2 = tempargs->buf2;
939 for (count = 0; COND(c[D_IGE_256_AES][testnum]); count++)
940 AES_ige_encrypt(buf, buf2,
941 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
946 static int CRYPTO_gcm128_aad_loop(void *args)
948 loopargs_t *tempargs = *(loopargs_t **) args;
949 unsigned char *buf = tempargs->buf;
950 GCM128_CONTEXT *gcm_ctx = tempargs->gcm_ctx;
952 for (count = 0; COND(c[D_GHASH][testnum]); count++)
953 CRYPTO_gcm128_aad(gcm_ctx, buf, lengths[testnum]);
957 static int RAND_bytes_loop(void *args)
959 loopargs_t *tempargs = *(loopargs_t **) args;
960 unsigned char *buf = tempargs->buf;
963 for (count = 0; COND(c[D_RAND][testnum]); count++)
964 RAND_bytes(buf, lengths[testnum]);
968 static long save_count = 0;
969 static int decrypt = 0;
970 static int EVP_Update_loop(void *args)
972 loopargs_t *tempargs = *(loopargs_t **) args;
973 unsigned char *buf = tempargs->buf;
974 EVP_CIPHER_CTX *ctx = tempargs->ctx;
977 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
980 for (count = 0; COND(nb_iter); count++) {
981 rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
983 /* reset iv in case of counter overflow */
984 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
988 for (count = 0; COND(nb_iter); count++) {
989 rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
991 /* reset iv in case of counter overflow */
992 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
997 EVP_DecryptFinal_ex(ctx, buf, &outl);
999 EVP_EncryptFinal_ex(ctx, buf, &outl);
1004 * CCM does not support streaming. For the purpose of performance measurement,
1005 * each message is encrypted using the same (key,iv)-pair. Do not use this
1006 * code in your application.
1008 static int EVP_Update_loop_ccm(void *args)
1010 loopargs_t *tempargs = *(loopargs_t **) args;
1011 unsigned char *buf = tempargs->buf;
1012 EVP_CIPHER_CTX *ctx = tempargs->ctx;
1014 unsigned char tag[12];
1016 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1019 for (count = 0; COND(nb_iter); count++) {
1020 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), tag);
1022 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
1023 /* counter is reset on every update */
1024 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1027 for (count = 0; COND(nb_iter); count++) {
1028 /* restore iv length field */
1029 EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
1030 /* counter is reset on every update */
1031 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1035 EVP_DecryptFinal_ex(ctx, buf, &outl);
1037 EVP_EncryptFinal_ex(ctx, buf, &outl);
1042 * To make AEAD benchmarking more relevant perform TLS-like operations,
1043 * 13-byte AAD followed by payload. But don't use TLS-formatted AAD, as
1044 * payload length is not actually limited by 16KB...
1046 static int EVP_Update_loop_aead(void *args)
1048 loopargs_t *tempargs = *(loopargs_t **) args;
1049 unsigned char *buf = tempargs->buf;
1050 EVP_CIPHER_CTX *ctx = tempargs->ctx;
1052 unsigned char aad[13] = { 0xcc };
1053 unsigned char faketag[16] = { 0xcc };
1055 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1058 for (count = 0; COND(nb_iter); count++) {
1059 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
1060 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
1061 sizeof(faketag), faketag);
1062 EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1063 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1064 EVP_DecryptFinal_ex(ctx, buf + outl, &outl);
1067 for (count = 0; COND(nb_iter); count++) {
1068 EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv);
1069 EVP_EncryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1070 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1071 EVP_EncryptFinal_ex(ctx, buf + outl, &outl);
1077 static const EVP_MD *evp_md = NULL;
1078 static int EVP_Digest_loop(void *args)
1080 loopargs_t *tempargs = *(loopargs_t **) args;
1081 unsigned char *buf = tempargs->buf;
1082 unsigned char md[EVP_MAX_MD_SIZE];
1085 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1088 for (count = 0; COND(nb_iter); count++) {
1089 if (!EVP_Digest(buf, lengths[testnum], md, NULL, evp_md, NULL))
1095 static const EVP_MD *evp_hmac_md = NULL;
1096 static char *evp_hmac_name = NULL;
1097 static int EVP_HMAC_loop(void *args)
1099 loopargs_t *tempargs = *(loopargs_t **) args;
1100 unsigned char *buf = tempargs->buf;
1101 unsigned char no_key[32];
1104 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1107 for (count = 0; COND(nb_iter); count++) {
1108 if (HMAC(evp_hmac_md, no_key, sizeof(no_key), buf, lengths[testnum],
1109 NULL, NULL) == NULL)
1115 #ifndef OPENSSL_NO_CMAC
1116 static const EVP_CIPHER *evp_cmac_cipher = NULL;
1117 static char *evp_cmac_name = NULL;
1119 static int EVP_CMAC_loop(void *args)
1121 loopargs_t *tempargs = *(loopargs_t **) args;
1122 unsigned char *buf = tempargs->buf;
1123 CMAC_CTX *cmac_ctx = tempargs->cmac_ctx;
1124 static const char key[16] = "This is a key...";
1125 unsigned char mac[16];
1126 size_t len = sizeof(mac);
1129 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1132 for (count = 0; COND(nb_iter); count++) {
1133 if (!CMAC_Init(cmac_ctx, key, sizeof(key), evp_cmac_cipher, NULL)
1134 || !CMAC_Update(cmac_ctx, buf, lengths[testnum])
1135 || !CMAC_Final(cmac_ctx, mac, &len))
1142 #ifndef OPENSSL_NO_RSA
1143 static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */
1145 static int RSA_sign_loop(void *args)
1147 loopargs_t *tempargs = *(loopargs_t **) args;
1148 unsigned char *buf = tempargs->buf;
1149 unsigned char *buf2 = tempargs->buf2;
1150 unsigned int *rsa_num = &tempargs->siglen;
1151 RSA **rsa_key = tempargs->rsa_key;
1153 for (count = 0; COND(rsa_c[testnum][0]); count++) {
1154 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1156 BIO_printf(bio_err, "RSA sign failure\n");
1157 ERR_print_errors(bio_err);
1165 static int RSA_verify_loop(void *args)
1167 loopargs_t *tempargs = *(loopargs_t **) args;
1168 unsigned char *buf = tempargs->buf;
1169 unsigned char *buf2 = tempargs->buf2;
1170 unsigned int rsa_num = tempargs->siglen;
1171 RSA **rsa_key = tempargs->rsa_key;
1173 for (count = 0; COND(rsa_c[testnum][1]); count++) {
1175 RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1177 BIO_printf(bio_err, "RSA verify failure\n");
1178 ERR_print_errors(bio_err);
1187 #ifndef OPENSSL_NO_DSA
1188 static long dsa_c[DSA_NUM][2];
1189 static int DSA_sign_loop(void *args)
1191 loopargs_t *tempargs = *(loopargs_t **) args;
1192 unsigned char *buf = tempargs->buf;
1193 unsigned char *buf2 = tempargs->buf2;
1194 DSA **dsa_key = tempargs->dsa_key;
1195 unsigned int *siglen = &tempargs->siglen;
1197 for (count = 0; COND(dsa_c[testnum][0]); count++) {
1198 ret = DSA_sign(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1200 BIO_printf(bio_err, "DSA sign failure\n");
1201 ERR_print_errors(bio_err);
1209 static int DSA_verify_loop(void *args)
1211 loopargs_t *tempargs = *(loopargs_t **) args;
1212 unsigned char *buf = tempargs->buf;
1213 unsigned char *buf2 = tempargs->buf2;
1214 DSA **dsa_key = tempargs->dsa_key;
1215 unsigned int siglen = tempargs->siglen;
1217 for (count = 0; COND(dsa_c[testnum][1]); count++) {
1218 ret = DSA_verify(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1220 BIO_printf(bio_err, "DSA verify failure\n");
1221 ERR_print_errors(bio_err);
1230 #ifndef OPENSSL_NO_EC
1231 static long ecdsa_c[ECDSA_NUM][2];
1232 static int ECDSA_sign_loop(void *args)
1234 loopargs_t *tempargs = *(loopargs_t **) args;
1235 unsigned char *buf = tempargs->buf;
1236 EC_KEY **ecdsa = tempargs->ecdsa;
1237 unsigned char *ecdsasig = tempargs->buf2;
1238 unsigned int *ecdsasiglen = &tempargs->siglen;
1240 for (count = 0; COND(ecdsa_c[testnum][0]); count++) {
1241 ret = ECDSA_sign(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1243 BIO_printf(bio_err, "ECDSA sign failure\n");
1244 ERR_print_errors(bio_err);
1252 static int ECDSA_verify_loop(void *args)
1254 loopargs_t *tempargs = *(loopargs_t **) args;
1255 unsigned char *buf = tempargs->buf;
1256 EC_KEY **ecdsa = tempargs->ecdsa;
1257 unsigned char *ecdsasig = tempargs->buf2;
1258 unsigned int ecdsasiglen = tempargs->siglen;
1260 for (count = 0; COND(ecdsa_c[testnum][1]); count++) {
1261 ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1263 BIO_printf(bio_err, "ECDSA verify failure\n");
1264 ERR_print_errors(bio_err);
1272 /* ******************************************************************** */
1273 static long ecdh_c[EC_NUM][1];
1275 static int ECDH_EVP_derive_key_loop(void *args)
1277 loopargs_t *tempargs = *(loopargs_t **) args;
1278 EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum];
1279 unsigned char *derived_secret = tempargs->secret_a;
1281 size_t *outlen = &(tempargs->outlen[testnum]);
1283 for (count = 0; COND(ecdh_c[testnum][0]); count++)
1284 EVP_PKEY_derive(ctx, derived_secret, outlen);
1289 static long eddsa_c[EdDSA_NUM][2];
1290 static int EdDSA_sign_loop(void *args)
1292 loopargs_t *tempargs = *(loopargs_t **) args;
1293 unsigned char *buf = tempargs->buf;
1294 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1295 unsigned char *eddsasig = tempargs->buf2;
1296 size_t *eddsasigsize = &tempargs->sigsize;
1299 for (count = 0; COND(eddsa_c[testnum][0]); count++) {
1300 ret = EVP_DigestSign(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1302 BIO_printf(bio_err, "EdDSA sign failure\n");
1303 ERR_print_errors(bio_err);
1311 static int EdDSA_verify_loop(void *args)
1313 loopargs_t *tempargs = *(loopargs_t **) args;
1314 unsigned char *buf = tempargs->buf;
1315 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1316 unsigned char *eddsasig = tempargs->buf2;
1317 size_t eddsasigsize = tempargs->sigsize;
1320 for (count = 0; COND(eddsa_c[testnum][1]); count++) {
1321 ret = EVP_DigestVerify(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1323 BIO_printf(bio_err, "EdDSA verify failure\n");
1324 ERR_print_errors(bio_err);
1332 # ifndef OPENSSL_NO_SM2
1333 static long sm2_c[SM2_NUM][2];
1334 static int SM2_sign_loop(void *args)
1336 loopargs_t *tempargs = *(loopargs_t **) args;
1337 unsigned char *buf = tempargs->buf;
1338 EVP_MD_CTX **sm2ctx = tempargs->sm2_ctx;
1339 unsigned char *sm2sig = tempargs->buf2;
1340 size_t sm2sigsize = tempargs->sigsize;
1341 const size_t max_size = tempargs->sigsize;
1343 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1345 for (count = 0; COND(sm2_c[testnum][0]); count++) {
1346 if (!EVP_DigestSignInit(sm2ctx[testnum], NULL, EVP_sm3(),
1347 NULL, sm2_pkey[testnum])) {
1348 BIO_printf(bio_err, "SM2 init sign failure\n");
1349 ERR_print_errors(bio_err);
1353 ret = EVP_DigestSign(sm2ctx[testnum], sm2sig, &sm2sigsize,
1356 BIO_printf(bio_err, "SM2 sign failure\n");
1357 ERR_print_errors(bio_err);
1361 /* update the latest returned size and always use the fixed buffer size */
1362 tempargs->sigsize = sm2sigsize;
1363 sm2sigsize = max_size;
1369 static int SM2_verify_loop(void *args)
1371 loopargs_t *tempargs = *(loopargs_t **) args;
1372 unsigned char *buf = tempargs->buf;
1373 EVP_MD_CTX **sm2ctx = tempargs->sm2_vfy_ctx;
1374 unsigned char *sm2sig = tempargs->buf2;
1375 size_t sm2sigsize = tempargs->sigsize;
1377 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1379 for (count = 0; COND(sm2_c[testnum][1]); count++) {
1380 if (!EVP_DigestVerifyInit(sm2ctx[testnum], NULL, EVP_sm3(),
1381 NULL, sm2_pkey[testnum])) {
1382 BIO_printf(bio_err, "SM2 verify init failure\n");
1383 ERR_print_errors(bio_err);
1387 ret = EVP_DigestVerify(sm2ctx[testnum], sm2sig, sm2sigsize,
1390 BIO_printf(bio_err, "SM2 verify failure\n");
1391 ERR_print_errors(bio_err);
1398 # endif /* OPENSSL_NO_SM2 */
1399 #endif /* OPENSSL_NO_EC */
1401 static int run_benchmark(int async_jobs,
1402 int (*loop_function) (void *), loopargs_t * loopargs)
1404 int job_op_count = 0;
1405 int total_op_count = 0;
1406 int num_inprogress = 0;
1407 int error = 0, i = 0, ret = 0;
1408 OSSL_ASYNC_FD job_fd = 0;
1409 size_t num_job_fds = 0;
1413 if (async_jobs == 0) {
1414 return loop_function((void *)&loopargs);
1417 for (i = 0; i < async_jobs && !error; i++) {
1418 loopargs_t *looparg_item = loopargs + i;
1420 /* Copy pointer content (looparg_t item address) into async context */
1421 ret = ASYNC_start_job(&loopargs[i].inprogress_job, loopargs[i].wait_ctx,
1422 &job_op_count, loop_function,
1423 (void *)&looparg_item, sizeof(looparg_item));
1429 if (job_op_count == -1) {
1432 total_op_count += job_op_count;
1437 BIO_printf(bio_err, "Failure in the job\n");
1438 ERR_print_errors(bio_err);
1444 while (num_inprogress > 0) {
1445 #if defined(OPENSSL_SYS_WINDOWS)
1447 #elif defined(OPENSSL_SYS_UNIX)
1448 int select_result = 0;
1449 OSSL_ASYNC_FD max_fd = 0;
1452 FD_ZERO(&waitfdset);
1454 for (i = 0; i < async_jobs && num_inprogress > 0; i++) {
1455 if (loopargs[i].inprogress_job == NULL)
1458 if (!ASYNC_WAIT_CTX_get_all_fds
1459 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1460 || num_job_fds > 1) {
1461 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1462 ERR_print_errors(bio_err);
1466 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1468 FD_SET(job_fd, &waitfdset);
1469 if (job_fd > max_fd)
1473 if (max_fd >= (OSSL_ASYNC_FD)FD_SETSIZE) {
1475 "Error: max_fd (%d) must be smaller than FD_SETSIZE (%d). "
1476 "Decrease the value of async_jobs\n",
1477 max_fd, FD_SETSIZE);
1478 ERR_print_errors(bio_err);
1483 select_result = select(max_fd + 1, &waitfdset, NULL, NULL, NULL);
1484 if (select_result == -1 && errno == EINTR)
1487 if (select_result == -1) {
1488 BIO_printf(bio_err, "Failure in the select\n");
1489 ERR_print_errors(bio_err);
1494 if (select_result == 0)
1498 for (i = 0; i < async_jobs; i++) {
1499 if (loopargs[i].inprogress_job == NULL)
1502 if (!ASYNC_WAIT_CTX_get_all_fds
1503 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1504 || num_job_fds > 1) {
1505 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1506 ERR_print_errors(bio_err);
1510 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1513 #if defined(OPENSSL_SYS_UNIX)
1514 if (num_job_fds == 1 && !FD_ISSET(job_fd, &waitfdset))
1516 #elif defined(OPENSSL_SYS_WINDOWS)
1517 if (num_job_fds == 1
1518 && !PeekNamedPipe(job_fd, NULL, 0, NULL, &avail, NULL)
1523 ret = ASYNC_start_job(&loopargs[i].inprogress_job,
1524 loopargs[i].wait_ctx, &job_op_count,
1525 loop_function, (void *)(loopargs + i),
1526 sizeof(loopargs_t));
1531 if (job_op_count == -1) {
1534 total_op_count += job_op_count;
1537 loopargs[i].inprogress_job = NULL;
1542 loopargs[i].inprogress_job = NULL;
1543 BIO_printf(bio_err, "Failure in the job\n");
1544 ERR_print_errors(bio_err);
1551 return error ? -1 : total_op_count;
1554 int speed_main(int argc, char **argv)
1557 loopargs_t *loopargs = NULL;
1559 const char *engine_id = NULL;
1560 const EVP_CIPHER *evp_cipher = NULL;
1563 int async_init = 0, multiblock = 0, pr_header = 0;
1564 int doit[ALGOR_NUM] = { 0 };
1565 int ret = 1, misalign = 0, lengths_single = 0, aead = 0;
1567 unsigned int size_num = OSSL_NELEM(lengths_list);
1568 unsigned int i, k, loop, loopargs_len = 0, async_jobs = 0;
1574 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) \
1575 || !defined(OPENSSL_NO_EC)
1578 openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS,
1579 ECDSA_SECONDS, ECDH_SECONDS,
1580 EdDSA_SECONDS, SM2_SECONDS };
1582 /* What follows are the buffers and key material. */
1583 #ifndef OPENSSL_NO_RC5
1586 #ifndef OPENSSL_NO_RC2
1589 #ifndef OPENSSL_NO_IDEA
1590 IDEA_KEY_SCHEDULE idea_ks;
1592 #ifndef OPENSSL_NO_SEED
1593 SEED_KEY_SCHEDULE seed_ks;
1595 #ifndef OPENSSL_NO_BF
1598 #ifndef OPENSSL_NO_CAST
1601 static const unsigned char key16[16] = {
1602 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1603 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1605 static const unsigned char key24[24] = {
1606 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1607 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1608 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1610 static const unsigned char key32[32] = {
1611 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1612 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1613 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1614 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1616 #ifndef OPENSSL_NO_CAMELLIA
1617 static const unsigned char ckey24[24] = {
1618 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1619 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1620 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1622 static const unsigned char ckey32[32] = {
1623 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1624 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1625 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1626 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1628 CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3;
1630 #ifndef OPENSSL_NO_DES
1631 static DES_cblock key = {
1632 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0
1634 static DES_cblock key2 = {
1635 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1637 static DES_cblock key3 = {
1638 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1641 #ifndef OPENSSL_NO_RSA
1642 static const unsigned int rsa_bits[RSA_NUM] = {
1643 512, 1024, 2048, 3072, 4096, 7680, 15360
1645 static const unsigned char *rsa_data[RSA_NUM] = {
1646 test512, test1024, test2048, test3072, test4096, test7680, test15360
1648 static const int rsa_data_length[RSA_NUM] = {
1649 sizeof(test512), sizeof(test1024),
1650 sizeof(test2048), sizeof(test3072),
1651 sizeof(test4096), sizeof(test7680),
1654 int rsa_doit[RSA_NUM] = { 0 };
1655 int primes = RSA_DEFAULT_PRIME_NUM;
1657 #ifndef OPENSSL_NO_DSA
1658 static const unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 };
1659 int dsa_doit[DSA_NUM] = { 0 };
1661 #ifndef OPENSSL_NO_EC
1663 * We only test over the following curves as they are representative, To
1664 * add tests over more curves, simply add the curve NID and curve name to
1665 * the following arrays and increase the |ecdh_choices| list accordingly.
1667 static const struct {
1673 {"secp160r1", NID_secp160r1, 160},
1674 {"nistp192", NID_X9_62_prime192v1, 192},
1675 {"nistp224", NID_secp224r1, 224},
1676 {"nistp256", NID_X9_62_prime256v1, 256},
1677 {"nistp384", NID_secp384r1, 384},
1678 {"nistp521", NID_secp521r1, 521},
1679 # ifndef OPENSSL_NO_EC2M
1681 {"nistk163", NID_sect163k1, 163},
1682 {"nistk233", NID_sect233k1, 233},
1683 {"nistk283", NID_sect283k1, 283},
1684 {"nistk409", NID_sect409k1, 409},
1685 {"nistk571", NID_sect571k1, 571},
1686 {"nistb163", NID_sect163r2, 163},
1687 {"nistb233", NID_sect233r1, 233},
1688 {"nistb283", NID_sect283r1, 283},
1689 {"nistb409", NID_sect409r1, 409},
1690 {"nistb571", NID_sect571r1, 571},
1692 {"brainpoolP256r1", NID_brainpoolP256r1, 256},
1693 {"brainpoolP256t1", NID_brainpoolP256t1, 256},
1694 {"brainpoolP384r1", NID_brainpoolP384r1, 384},
1695 {"brainpoolP384t1", NID_brainpoolP384t1, 384},
1696 {"brainpoolP512r1", NID_brainpoolP512r1, 512},
1697 {"brainpoolP512t1", NID_brainpoolP512t1, 512},
1698 /* Other and ECDH only ones */
1699 {"X25519", NID_X25519, 253},
1700 {"X448", NID_X448, 448}
1702 static const struct {
1707 } test_ed_curves[] = {
1709 {"Ed25519", NID_ED25519, 253, 64},
1710 {"Ed448", NID_ED448, 456, 114}
1712 # ifndef OPENSSL_NO_SM2
1713 static const struct {
1717 } test_sm2_curves[] = {
1719 {"CurveSM2", NID_sm2, 256}
1722 int ecdsa_doit[ECDSA_NUM] = { 0 };
1723 int ecdh_doit[EC_NUM] = { 0 };
1724 int eddsa_doit[EdDSA_NUM] = { 0 };
1725 # ifndef OPENSSL_NO_SM2
1726 int sm2_doit[SM2_NUM] = { 0 };
1728 OPENSSL_assert(OSSL_NELEM(test_curves) >= EC_NUM);
1729 OPENSSL_assert(OSSL_NELEM(test_ed_curves) >= EdDSA_NUM);
1730 # ifndef OPENSSL_NO_SM2
1731 OPENSSL_assert(OSSL_NELEM(test_sm2_curves) >= SM2_NUM);
1733 #endif /* ndef OPENSSL_NO_EC */
1735 prog = opt_init(argc, argv, speed_options);
1736 while ((o = opt_next()) != OPT_EOF) {
1741 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
1744 opt_help(speed_options);
1752 evp_cipher = EVP_get_cipherbyname(opt_arg());
1753 if (evp_cipher == NULL)
1754 evp_md = EVP_get_digestbyname(opt_arg());
1755 if (evp_cipher == NULL && evp_md == NULL) {
1757 "%s: %s is an unknown cipher or digest\n",
1764 evp_hmac_md = EVP_get_digestbyname(opt_arg());
1765 if (evp_hmac_md == NULL) {
1766 BIO_printf(bio_err, "%s: %s is an unknown digest\n",
1770 doit[D_EVP_HMAC] = 1;
1773 #ifndef OPENSSL_NO_CMAC
1774 evp_cmac_cipher = EVP_get_cipherbyname(opt_arg());
1775 if (evp_cmac_cipher == NULL) {
1776 BIO_printf(bio_err, "%s: %s is an unknown cipher\n",
1780 doit[D_EVP_CMAC] = 1;
1788 * In a forked execution, an engine might need to be
1789 * initialised by each child process, not by the parent.
1790 * So store the name here and run setup_engine() later on.
1792 engine_id = opt_arg();
1796 multi = atoi(opt_arg());
1800 #ifndef OPENSSL_NO_ASYNC
1801 async_jobs = atoi(opt_arg());
1802 if (!ASYNC_is_capable()) {
1804 "%s: async_jobs specified but async not supported\n",
1808 if (async_jobs > 99999) {
1809 BIO_printf(bio_err, "%s: too many async_jobs\n", prog);
1815 if (!opt_int(opt_arg(), &misalign))
1817 if (misalign > MISALIGN) {
1819 "%s: Maximum offset is %d\n", prog, MISALIGN);
1828 #ifdef OPENSSL_NO_MULTIBLOCK
1830 "%s: -mb specified but multi-block support is disabled\n",
1840 if (!opt_int(opt_arg(), &primes))
1844 seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa
1845 = seconds.ecdh = seconds.eddsa
1846 = seconds.sm2 = atoi(opt_arg());
1849 lengths_single = atoi(opt_arg());
1850 lengths = &lengths_single;
1858 argc = opt_num_rest();
1861 /* Remaining arguments are algorithms. */
1862 for (; *argv; argv++) {
1863 if (found(*argv, doit_choices, &i)) {
1867 #ifndef OPENSSL_NO_DES
1868 if (strcmp(*argv, "des") == 0) {
1869 doit[D_CBC_DES] = doit[D_EDE3_DES] = 1;
1873 if (strcmp(*argv, "sha") == 0) {
1874 doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1;
1877 #ifndef OPENSSL_NO_RSA
1878 if (strcmp(*argv, "openssl") == 0)
1880 if (strcmp(*argv, "rsa") == 0) {
1881 for (loop = 0; loop < OSSL_NELEM(rsa_doit); loop++)
1885 if (found(*argv, rsa_choices, &i)) {
1890 #ifndef OPENSSL_NO_DSA
1891 if (strcmp(*argv, "dsa") == 0) {
1892 dsa_doit[R_DSA_512] = dsa_doit[R_DSA_1024] =
1893 dsa_doit[R_DSA_2048] = 1;
1896 if (found(*argv, dsa_choices, &i)) {
1901 if (strcmp(*argv, "aes") == 0) {
1902 doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1;
1905 #ifndef OPENSSL_NO_CAMELLIA
1906 if (strcmp(*argv, "camellia") == 0) {
1907 doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1;
1911 #ifndef OPENSSL_NO_EC
1912 if (strcmp(*argv, "ecdsa") == 0) {
1913 for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
1914 ecdsa_doit[loop] = 1;
1917 if (found(*argv, ecdsa_choices, &i)) {
1921 if (strcmp(*argv, "ecdh") == 0) {
1922 for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
1923 ecdh_doit[loop] = 1;
1926 if (found(*argv, ecdh_choices, &i)) {
1930 if (strcmp(*argv, "eddsa") == 0) {
1931 for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
1932 eddsa_doit[loop] = 1;
1935 if (found(*argv, eddsa_choices, &i)) {
1939 # ifndef OPENSSL_NO_SM2
1940 if (strcmp(*argv, "sm2") == 0) {
1941 for (loop = 0; loop < OSSL_NELEM(sm2_doit); loop++)
1945 if (found(*argv, sm2_choices, &i)) {
1951 BIO_printf(bio_err, "%s: Unknown algorithm %s\n", prog, *argv);
1957 if (evp_cipher == NULL) {
1958 BIO_printf(bio_err, "-aead can be used only with an AEAD cipher\n");
1960 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1961 EVP_CIPH_FLAG_AEAD_CIPHER)) {
1962 BIO_printf(bio_err, "%s is not an AEAD cipher\n",
1963 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1968 if (evp_cipher == NULL) {
1969 BIO_printf(bio_err,"-mb can be used only with a multi-block"
1970 " capable cipher\n");
1972 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1973 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
1974 BIO_printf(bio_err, "%s is not a multi-block capable\n",
1975 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1977 } else if (async_jobs > 0) {
1978 BIO_printf(bio_err, "Async mode is not supported with -mb");
1983 /* Initialize the job pool if async mode is enabled */
1984 if (async_jobs > 0) {
1985 async_init = ASYNC_init_thread(async_jobs, async_jobs);
1987 BIO_printf(bio_err, "Error creating the ASYNC job pool\n");
1992 loopargs_len = (async_jobs == 0 ? 1 : async_jobs);
1994 app_malloc(loopargs_len * sizeof(loopargs_t), "array of loopargs");
1995 memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));
1997 for (i = 0; i < loopargs_len; i++) {
1998 if (async_jobs > 0) {
1999 loopargs[i].wait_ctx = ASYNC_WAIT_CTX_new();
2000 if (loopargs[i].wait_ctx == NULL) {
2001 BIO_printf(bio_err, "Error creating the ASYNC_WAIT_CTX\n");
2006 buflen = lengths[size_num - 1];
2007 if (buflen < 36) /* size of random vector in RSA benchmark */
2009 buflen += MAX_MISALIGNMENT + 1;
2010 loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
2011 loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");
2012 memset(loopargs[i].buf_malloc, 0, buflen);
2013 memset(loopargs[i].buf2_malloc, 0, buflen);
2015 /* Align the start of buffers on a 64 byte boundary */
2016 loopargs[i].buf = loopargs[i].buf_malloc + misalign;
2017 loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;
2018 #ifndef OPENSSL_NO_EC
2019 loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a");
2020 loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b");
2025 if (multi && do_multi(multi, size_num))
2029 /* Initialize the engine after the fork */
2030 e = setup_engine(engine_id, 0);
2032 /* No parameters; turn on everything. */
2033 if (argc == 0 && !doit[D_EVP] && !doit[D_EVP_HMAC] && !doit[D_EVP_CMAC]) {
2034 for (i = 0; i < ALGOR_NUM; i++)
2035 if (i != D_EVP && i != D_EVP_HMAC && i != D_EVP_CMAC)
2037 #ifndef OPENSSL_NO_RSA
2038 for (i = 0; i < RSA_NUM; i++)
2041 #ifndef OPENSSL_NO_DSA
2042 for (i = 0; i < DSA_NUM; i++)
2045 #ifndef OPENSSL_NO_EC
2046 for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
2047 ecdsa_doit[loop] = 1;
2048 for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
2049 ecdh_doit[loop] = 1;
2050 for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
2051 eddsa_doit[loop] = 1;
2052 # ifndef OPENSSL_NO_SM2
2053 for (loop = 0; loop < OSSL_NELEM(sm2_doit); loop++)
2058 for (i = 0; i < ALGOR_NUM; i++)
2062 if (usertime == 0 && !mr)
2064 "You have chosen to measure elapsed time "
2065 "instead of user CPU time.\n");
2067 #ifndef OPENSSL_NO_RSA
2068 for (i = 0; i < loopargs_len; i++) {
2069 if (primes > RSA_DEFAULT_PRIME_NUM) {
2070 /* for multi-prime RSA, skip this */
2073 for (k = 0; k < RSA_NUM; k++) {
2074 const unsigned char *p;
2077 loopargs[i].rsa_key[k] =
2078 d2i_RSAPrivateKey(NULL, &p, rsa_data_length[k]);
2079 if (loopargs[i].rsa_key[k] == NULL) {
2081 "internal error loading RSA key number %d\n", k);
2087 #ifndef OPENSSL_NO_DSA
2088 for (i = 0; i < loopargs_len; i++) {
2089 loopargs[i].dsa_key[0] = get_dsa(512);
2090 loopargs[i].dsa_key[1] = get_dsa(1024);
2091 loopargs[i].dsa_key[2] = get_dsa(2048);
2094 #ifndef OPENSSL_NO_DES
2095 DES_set_key_unchecked(&key, &sch);
2096 DES_set_key_unchecked(&key2, &sch2);
2097 DES_set_key_unchecked(&key3, &sch3);
2099 AES_set_encrypt_key(key16, 128, &aes_ks1);
2100 AES_set_encrypt_key(key24, 192, &aes_ks2);
2101 AES_set_encrypt_key(key32, 256, &aes_ks3);
2102 #ifndef OPENSSL_NO_CAMELLIA
2103 Camellia_set_key(key16, 128, &camellia_ks1);
2104 Camellia_set_key(ckey24, 192, &camellia_ks2);
2105 Camellia_set_key(ckey32, 256, &camellia_ks3);
2107 #ifndef OPENSSL_NO_IDEA
2108 IDEA_set_encrypt_key(key16, &idea_ks);
2110 #ifndef OPENSSL_NO_SEED
2111 SEED_set_key(key16, &seed_ks);
2113 #ifndef OPENSSL_NO_RC4
2114 RC4_set_key(&rc4_ks, 16, key16);
2116 #ifndef OPENSSL_NO_RC2
2117 RC2_set_key(&rc2_ks, 16, key16, 128);
2119 #ifndef OPENSSL_NO_RC5
2120 if (!RC5_32_set_key(&rc5_ks, 16, key16, 12)) {
2121 BIO_printf(bio_err, "Failed setting RC5 key\n");
2125 #ifndef OPENSSL_NO_BF
2126 BF_set_key(&bf_ks, 16, key16);
2128 #ifndef OPENSSL_NO_CAST
2129 CAST_set_key(&cast_ks, 16, key16);
2132 # ifndef OPENSSL_NO_DES
2133 BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
2139 for (it = count; it; it--)
2140 DES_ecb_encrypt((DES_cblock *)loopargs[0].buf,
2141 (DES_cblock *)loopargs[0].buf, &sch, DES_ENCRYPT);
2145 c[D_MD2][0] = count / 10;
2146 c[D_MDC2][0] = count / 10;
2147 c[D_MD4][0] = count;
2148 c[D_MD5][0] = count;
2149 c[D_HMAC][0] = count;
2150 c[D_SHA1][0] = count;
2151 c[D_RMD160][0] = count;
2152 c[D_RC4][0] = count * 5;
2153 c[D_CBC_DES][0] = count;
2154 c[D_EDE3_DES][0] = count / 3;
2155 c[D_CBC_IDEA][0] = count;
2156 c[D_CBC_SEED][0] = count;
2157 c[D_CBC_RC2][0] = count;
2158 c[D_CBC_RC5][0] = count;
2159 c[D_CBC_BF][0] = count;
2160 c[D_CBC_CAST][0] = count;
2161 c[D_CBC_128_AES][0] = count;
2162 c[D_CBC_192_AES][0] = count;
2163 c[D_CBC_256_AES][0] = count;
2164 c[D_CBC_128_CML][0] = count;
2165 c[D_CBC_192_CML][0] = count;
2166 c[D_CBC_256_CML][0] = count;
2167 c[D_SHA256][0] = count;
2168 c[D_SHA512][0] = count;
2169 c[D_WHIRLPOOL][0] = count;
2170 c[D_IGE_128_AES][0] = count;
2171 c[D_IGE_192_AES][0] = count;
2172 c[D_IGE_256_AES][0] = count;
2173 c[D_GHASH][0] = count;
2174 c[D_RAND][0] = count;
2176 for (i = 1; i < size_num; i++) {
2179 l0 = (long)lengths[0];
2180 l1 = (long)lengths[i];
2182 c[D_MD2][i] = c[D_MD2][0] * 4 * l0 / l1;
2183 c[D_MDC2][i] = c[D_MDC2][0] * 4 * l0 / l1;
2184 c[D_MD4][i] = c[D_MD4][0] * 4 * l0 / l1;
2185 c[D_MD5][i] = c[D_MD5][0] * 4 * l0 / l1;
2186 c[D_HMAC][i] = c[D_HMAC][0] * 4 * l0 / l1;
2187 c[D_SHA1][i] = c[D_SHA1][0] * 4 * l0 / l1;
2188 c[D_RMD160][i] = c[D_RMD160][0] * 4 * l0 / l1;
2189 c[D_SHA256][i] = c[D_SHA256][0] * 4 * l0 / l1;
2190 c[D_SHA512][i] = c[D_SHA512][0] * 4 * l0 / l1;
2191 c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * l0 / l1;
2192 c[D_GHASH][i] = c[D_GHASH][0] * 4 * l0 / l1;
2193 c[D_RAND][i] = c[D_RAND][0] * 4 * l0 / l1;
2195 l0 = (long)lengths[i - 1];
2197 c[D_RC4][i] = c[D_RC4][i - 1] * l0 / l1;
2198 c[D_CBC_DES][i] = c[D_CBC_DES][i - 1] * l0 / l1;
2199 c[D_EDE3_DES][i] = c[D_EDE3_DES][i - 1] * l0 / l1;
2200 c[D_CBC_IDEA][i] = c[D_CBC_IDEA][i - 1] * l0 / l1;
2201 c[D_CBC_SEED][i] = c[D_CBC_SEED][i - 1] * l0 / l1;
2202 c[D_CBC_RC2][i] = c[D_CBC_RC2][i - 1] * l0 / l1;
2203 c[D_CBC_RC5][i] = c[D_CBC_RC5][i - 1] * l0 / l1;
2204 c[D_CBC_BF][i] = c[D_CBC_BF][i - 1] * l0 / l1;
2205 c[D_CBC_CAST][i] = c[D_CBC_CAST][i - 1] * l0 / l1;
2206 c[D_CBC_128_AES][i] = c[D_CBC_128_AES][i - 1] * l0 / l1;
2207 c[D_CBC_192_AES][i] = c[D_CBC_192_AES][i - 1] * l0 / l1;
2208 c[D_CBC_256_AES][i] = c[D_CBC_256_AES][i - 1] * l0 / l1;
2209 c[D_CBC_128_CML][i] = c[D_CBC_128_CML][i - 1] * l0 / l1;
2210 c[D_CBC_192_CML][i] = c[D_CBC_192_CML][i - 1] * l0 / l1;
2211 c[D_CBC_256_CML][i] = c[D_CBC_256_CML][i - 1] * l0 / l1;
2212 c[D_IGE_128_AES][i] = c[D_IGE_128_AES][i - 1] * l0 / l1;
2213 c[D_IGE_192_AES][i] = c[D_IGE_192_AES][i - 1] * l0 / l1;
2214 c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
2217 # ifndef OPENSSL_NO_RSA
2218 rsa_c[R_RSA_512][0] = count / 2000;
2219 rsa_c[R_RSA_512][1] = count / 400;
2220 for (i = 1; i < RSA_NUM; i++) {
2221 rsa_c[i][0] = rsa_c[i - 1][0] / 8;
2222 rsa_c[i][1] = rsa_c[i - 1][1] / 4;
2223 if (rsa_doit[i] <= 1 && rsa_c[i][0] == 0)
2226 if (rsa_c[i][0] == 0) {
2227 rsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2234 # ifndef OPENSSL_NO_DSA
2235 dsa_c[R_DSA_512][0] = count / 1000;
2236 dsa_c[R_DSA_512][1] = count / 1000 / 2;
2237 for (i = 1; i < DSA_NUM; i++) {
2238 dsa_c[i][0] = dsa_c[i - 1][0] / 4;
2239 dsa_c[i][1] = dsa_c[i - 1][1] / 4;
2240 if (dsa_doit[i] <= 1 && dsa_c[i][0] == 0)
2243 if (dsa_c[i][0] == 0) {
2244 dsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2251 # ifndef OPENSSL_NO_EC
2252 ecdsa_c[R_EC_P160][0] = count / 1000;
2253 ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
2254 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2255 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2256 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2257 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2260 if (ecdsa_c[i][0] == 0) {
2266 # ifndef OPENSSL_NO_EC2M
2267 ecdsa_c[R_EC_K163][0] = count / 1000;
2268 ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
2269 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2270 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2271 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2272 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2275 if (ecdsa_c[i][0] == 0) {
2281 ecdsa_c[R_EC_B163][0] = count / 1000;
2282 ecdsa_c[R_EC_B163][1] = count / 1000 / 2;
2283 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2284 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2285 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2286 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2289 if (ecdsa_c[i][0] == 0) {
2297 ecdh_c[R_EC_P160][0] = count / 1000;
2298 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2299 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2300 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2303 if (ecdh_c[i][0] == 0) {
2308 # ifndef OPENSSL_NO_EC2M
2309 ecdh_c[R_EC_K163][0] = count / 1000;
2310 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2311 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2312 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2315 if (ecdh_c[i][0] == 0) {
2320 ecdh_c[R_EC_B163][0] = count / 1000;
2321 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2322 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2323 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2326 if (ecdh_c[i][0] == 0) {
2332 /* repeated code good to factorize */
2333 ecdh_c[R_EC_BRP256R1][0] = count / 1000;
2334 for (i = R_EC_BRP384R1; i <= R_EC_BRP512R1; i += 2) {
2335 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2336 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2339 if (ecdh_c[i][0] == 0) {
2344 ecdh_c[R_EC_BRP256T1][0] = count / 1000;
2345 for (i = R_EC_BRP384T1; i <= R_EC_BRP512T1; i += 2) {
2346 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2347 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2350 if (ecdh_c[i][0] == 0) {
2355 /* default iteration count for the last two EC Curves */
2356 ecdh_c[R_EC_X25519][0] = count / 1800;
2357 ecdh_c[R_EC_X448][0] = count / 7200;
2359 eddsa_c[R_EC_Ed25519][0] = count / 1800;
2360 eddsa_c[R_EC_Ed448][0] = count / 7200;
2362 # ifndef OPENSSL_NO_SM2
2363 sm2_c[R_EC_SM2P256][0] = count / 1800;
2368 /* not worth fixing */
2369 # error "You cannot disable DES on systems without SIGALRM."
2370 # endif /* OPENSSL_NO_DES */
2372 signal(SIGALRM, alarmed);
2373 #endif /* SIGALRM */
2375 #ifndef OPENSSL_NO_MD2
2377 for (testnum = 0; testnum < size_num; testnum++) {
2378 print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum],
2381 count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs);
2383 print_result(D_MD2, testnum, count, d);
2387 #ifndef OPENSSL_NO_MDC2
2389 for (testnum = 0; testnum < size_num; testnum++) {
2390 print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum],
2393 count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs);
2395 print_result(D_MDC2, testnum, count, d);
2400 #ifndef OPENSSL_NO_MD4
2402 for (testnum = 0; testnum < size_num; testnum++) {
2403 print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum],
2406 count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs);
2408 print_result(D_MD4, testnum, count, d);
2413 #ifndef OPENSSL_NO_MD5
2415 for (testnum = 0; testnum < size_num; testnum++) {
2416 print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum],
2419 count = run_benchmark(async_jobs, MD5_loop, loopargs);
2421 print_result(D_MD5, testnum, count, d);
2426 static const char hmac_key[] = "This is a key...";
2427 int len = strlen(hmac_key);
2429 for (i = 0; i < loopargs_len; i++) {
2430 loopargs[i].hctx = HMAC_CTX_new();
2431 if (loopargs[i].hctx == NULL) {
2432 BIO_printf(bio_err, "HMAC malloc failure, exiting...");
2436 HMAC_Init_ex(loopargs[i].hctx, hmac_key, len, EVP_md5(), NULL);
2438 for (testnum = 0; testnum < size_num; testnum++) {
2439 print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum],
2442 count = run_benchmark(async_jobs, HMAC_loop, loopargs);
2444 print_result(D_HMAC, testnum, count, d);
2446 for (i = 0; i < loopargs_len; i++) {
2447 HMAC_CTX_free(loopargs[i].hctx);
2452 for (testnum = 0; testnum < size_num; testnum++) {
2453 print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum],
2456 count = run_benchmark(async_jobs, SHA1_loop, loopargs);
2458 print_result(D_SHA1, testnum, count, d);
2461 if (doit[D_SHA256]) {
2462 for (testnum = 0; testnum < size_num; testnum++) {
2463 print_message(names[D_SHA256], c[D_SHA256][testnum],
2464 lengths[testnum], seconds.sym);
2466 count = run_benchmark(async_jobs, SHA256_loop, loopargs);
2468 print_result(D_SHA256, testnum, count, d);
2471 if (doit[D_SHA512]) {
2472 for (testnum = 0; testnum < size_num; testnum++) {
2473 print_message(names[D_SHA512], c[D_SHA512][testnum],
2474 lengths[testnum], seconds.sym);
2476 count = run_benchmark(async_jobs, SHA512_loop, loopargs);
2478 print_result(D_SHA512, testnum, count, d);
2481 #ifndef OPENSSL_NO_WHIRLPOOL
2482 if (doit[D_WHIRLPOOL]) {
2483 for (testnum = 0; testnum < size_num; testnum++) {
2484 print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][testnum],
2485 lengths[testnum], seconds.sym);
2487 count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs);
2489 print_result(D_WHIRLPOOL, testnum, count, d);
2494 #ifndef OPENSSL_NO_RMD160
2495 if (doit[D_RMD160]) {
2496 for (testnum = 0; testnum < size_num; testnum++) {
2497 print_message(names[D_RMD160], c[D_RMD160][testnum],
2498 lengths[testnum], seconds.sym);
2500 count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs);
2502 print_result(D_RMD160, testnum, count, d);
2506 #ifndef OPENSSL_NO_RC4
2508 for (testnum = 0; testnum < size_num; testnum++) {
2509 print_message(names[D_RC4], c[D_RC4][testnum], lengths[testnum],
2512 count = run_benchmark(async_jobs, RC4_loop, loopargs);
2514 print_result(D_RC4, testnum, count, d);
2518 #ifndef OPENSSL_NO_DES
2519 if (doit[D_CBC_DES]) {
2520 for (testnum = 0; testnum < size_num; testnum++) {
2521 print_message(names[D_CBC_DES], c[D_CBC_DES][testnum],
2522 lengths[testnum], seconds.sym);
2524 count = run_benchmark(async_jobs, DES_ncbc_encrypt_loop, loopargs);
2526 print_result(D_CBC_DES, testnum, count, d);
2530 if (doit[D_EDE3_DES]) {
2531 for (testnum = 0; testnum < size_num; testnum++) {
2532 print_message(names[D_EDE3_DES], c[D_EDE3_DES][testnum],
2533 lengths[testnum], seconds.sym);
2536 run_benchmark(async_jobs, DES_ede3_cbc_encrypt_loop, loopargs);
2538 print_result(D_EDE3_DES, testnum, count, d);
2543 if (doit[D_CBC_128_AES]) {
2544 for (testnum = 0; testnum < size_num; testnum++) {
2545 print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][testnum],
2546 lengths[testnum], seconds.sym);
2549 run_benchmark(async_jobs, AES_cbc_128_encrypt_loop, loopargs);
2551 print_result(D_CBC_128_AES, testnum, count, d);
2554 if (doit[D_CBC_192_AES]) {
2555 for (testnum = 0; testnum < size_num; testnum++) {
2556 print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][testnum],
2557 lengths[testnum], seconds.sym);
2560 run_benchmark(async_jobs, AES_cbc_192_encrypt_loop, loopargs);
2562 print_result(D_CBC_192_AES, testnum, count, d);
2565 if (doit[D_CBC_256_AES]) {
2566 for (testnum = 0; testnum < size_num; testnum++) {
2567 print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][testnum],
2568 lengths[testnum], seconds.sym);
2571 run_benchmark(async_jobs, AES_cbc_256_encrypt_loop, loopargs);
2573 print_result(D_CBC_256_AES, testnum, count, d);
2577 #ifndef OPENSSL_NO_DEPRECATED_3_0
2578 if (doit[D_IGE_128_AES]) {
2579 for (testnum = 0; testnum < size_num; testnum++) {
2580 print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][testnum],
2581 lengths[testnum], seconds.sym);
2584 run_benchmark(async_jobs, AES_ige_128_encrypt_loop, loopargs);
2586 print_result(D_IGE_128_AES, testnum, count, d);
2589 if (doit[D_IGE_192_AES]) {
2590 for (testnum = 0; testnum < size_num; testnum++) {
2591 print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][testnum],
2592 lengths[testnum], seconds.sym);
2595 run_benchmark(async_jobs, AES_ige_192_encrypt_loop, loopargs);
2597 print_result(D_IGE_192_AES, testnum, count, d);
2600 if (doit[D_IGE_256_AES]) {
2601 for (testnum = 0; testnum < size_num; testnum++) {
2602 print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][testnum],
2603 lengths[testnum], seconds.sym);
2606 run_benchmark(async_jobs, AES_ige_256_encrypt_loop, loopargs);
2608 print_result(D_IGE_256_AES, testnum, count, d);
2612 if (doit[D_GHASH]) {
2613 for (i = 0; i < loopargs_len; i++) {
2614 loopargs[i].gcm_ctx =
2615 CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
2616 CRYPTO_gcm128_setiv(loopargs[i].gcm_ctx,
2617 (unsigned char *)"0123456789ab", 12);
2620 for (testnum = 0; testnum < size_num; testnum++) {
2621 print_message(names[D_GHASH], c[D_GHASH][testnum],
2622 lengths[testnum], seconds.sym);
2624 count = run_benchmark(async_jobs, CRYPTO_gcm128_aad_loop, loopargs);
2626 print_result(D_GHASH, testnum, count, d);
2628 for (i = 0; i < loopargs_len; i++)
2629 CRYPTO_gcm128_release(loopargs[i].gcm_ctx);
2631 #ifndef OPENSSL_NO_CAMELLIA
2632 if (doit[D_CBC_128_CML]) {
2633 if (async_jobs > 0) {
2634 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2635 names[D_CBC_128_CML]);
2636 doit[D_CBC_128_CML] = 0;
2638 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2639 print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][testnum],
2640 lengths[testnum], seconds.sym);
2642 for (count = 0, run = 1; COND(c[D_CBC_128_CML][testnum]); count++)
2643 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2644 (size_t)lengths[testnum], &camellia_ks1,
2645 iv, CAMELLIA_ENCRYPT);
2647 print_result(D_CBC_128_CML, testnum, count, d);
2650 if (doit[D_CBC_192_CML]) {
2651 if (async_jobs > 0) {
2652 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2653 names[D_CBC_192_CML]);
2654 doit[D_CBC_192_CML] = 0;
2656 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2657 print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][testnum],
2658 lengths[testnum], seconds.sym);
2659 if (async_jobs > 0) {
2660 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2664 for (count = 0, run = 1; COND(c[D_CBC_192_CML][testnum]); count++)
2665 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2666 (size_t)lengths[testnum], &camellia_ks2,
2667 iv, CAMELLIA_ENCRYPT);
2669 print_result(D_CBC_192_CML, testnum, count, d);
2672 if (doit[D_CBC_256_CML]) {
2673 if (async_jobs > 0) {
2674 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2675 names[D_CBC_256_CML]);
2676 doit[D_CBC_256_CML] = 0;
2678 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2679 print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][testnum],
2680 lengths[testnum], seconds.sym);
2682 for (count = 0, run = 1; COND(c[D_CBC_256_CML][testnum]); count++)
2683 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2684 (size_t)lengths[testnum], &camellia_ks3,
2685 iv, CAMELLIA_ENCRYPT);
2687 print_result(D_CBC_256_CML, testnum, count, d);
2691 #ifndef OPENSSL_NO_IDEA
2692 if (doit[D_CBC_IDEA]) {
2693 if (async_jobs > 0) {
2694 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2696 doit[D_CBC_IDEA] = 0;
2698 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2699 print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][testnum],
2700 lengths[testnum], seconds.sym);
2702 for (count = 0, run = 1; COND(c[D_CBC_IDEA][testnum]); count++)
2703 IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2704 (size_t)lengths[testnum], &idea_ks,
2707 print_result(D_CBC_IDEA, testnum, count, d);
2711 #ifndef OPENSSL_NO_SEED
2712 if (doit[D_CBC_SEED]) {
2713 if (async_jobs > 0) {
2714 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2716 doit[D_CBC_SEED] = 0;
2718 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2719 print_message(names[D_CBC_SEED], c[D_CBC_SEED][testnum],
2720 lengths[testnum], seconds.sym);
2722 for (count = 0, run = 1; COND(c[D_CBC_SEED][testnum]); count++)
2723 SEED_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2724 (size_t)lengths[testnum], &seed_ks, iv, 1);
2726 print_result(D_CBC_SEED, testnum, count, d);
2730 #ifndef OPENSSL_NO_RC2
2731 if (doit[D_CBC_RC2]) {
2732 if (async_jobs > 0) {
2733 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2735 doit[D_CBC_RC2] = 0;
2737 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2738 print_message(names[D_CBC_RC2], c[D_CBC_RC2][testnum],
2739 lengths[testnum], seconds.sym);
2740 if (async_jobs > 0) {
2741 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2745 for (count = 0, run = 1; COND(c[D_CBC_RC2][testnum]); count++)
2746 RC2_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2747 (size_t)lengths[testnum], &rc2_ks,
2750 print_result(D_CBC_RC2, testnum, count, d);
2754 #ifndef OPENSSL_NO_RC5
2755 if (doit[D_CBC_RC5]) {
2756 if (async_jobs > 0) {
2757 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2759 doit[D_CBC_RC5] = 0;
2761 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2762 print_message(names[D_CBC_RC5], c[D_CBC_RC5][testnum],
2763 lengths[testnum], seconds.sym);
2764 if (async_jobs > 0) {
2765 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2769 for (count = 0, run = 1; COND(c[D_CBC_RC5][testnum]); count++)
2770 RC5_32_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2771 (size_t)lengths[testnum], &rc5_ks,
2774 print_result(D_CBC_RC5, testnum, count, d);
2778 #ifndef OPENSSL_NO_BF
2779 if (doit[D_CBC_BF]) {
2780 if (async_jobs > 0) {
2781 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2785 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2786 print_message(names[D_CBC_BF], c[D_CBC_BF][testnum],
2787 lengths[testnum], seconds.sym);
2789 for (count = 0, run = 1; COND(c[D_CBC_BF][testnum]); count++)
2790 BF_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2791 (size_t)lengths[testnum], &bf_ks,
2794 print_result(D_CBC_BF, testnum, count, d);
2798 #ifndef OPENSSL_NO_CAST
2799 if (doit[D_CBC_CAST]) {
2800 if (async_jobs > 0) {
2801 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2803 doit[D_CBC_CAST] = 0;
2805 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2806 print_message(names[D_CBC_CAST], c[D_CBC_CAST][testnum],
2807 lengths[testnum], seconds.sym);
2809 for (count = 0, run = 1; COND(c[D_CBC_CAST][testnum]); count++)
2810 CAST_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2811 (size_t)lengths[testnum], &cast_ks,
2814 print_result(D_CBC_CAST, testnum, count, d);
2819 for (testnum = 0; testnum < size_num; testnum++) {
2820 print_message(names[D_RAND], c[D_RAND][testnum], lengths[testnum],
2823 count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs);
2825 print_result(D_RAND, testnum, count, d);
2830 if (evp_cipher != NULL) {
2831 int (*loopfunc)(void *args) = EVP_Update_loop;
2833 if (multiblock && (EVP_CIPHER_flags(evp_cipher) &
2834 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
2835 multiblock_speed(evp_cipher, lengths_single, &seconds);
2840 names[D_EVP] = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
2842 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_CCM_MODE) {
2843 loopfunc = EVP_Update_loop_ccm;
2844 } else if (aead && (EVP_CIPHER_flags(evp_cipher) &
2845 EVP_CIPH_FLAG_AEAD_CIPHER)) {
2846 loopfunc = EVP_Update_loop_aead;
2847 if (lengths == lengths_list) {
2848 lengths = aead_lengths_list;
2849 size_num = OSSL_NELEM(aead_lengths_list);
2853 for (testnum = 0; testnum < size_num; testnum++) {
2854 print_message(names[D_EVP], save_count, lengths[testnum],
2857 for (k = 0; k < loopargs_len; k++) {
2858 loopargs[k].ctx = EVP_CIPHER_CTX_new();
2859 if (loopargs[k].ctx == NULL) {
2860 BIO_printf(bio_err, "\nEVP_CIPHER_CTX_new failure\n");
2863 if (!EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL,
2864 NULL, iv, decrypt ? 0 : 1)) {
2865 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2866 ERR_print_errors(bio_err);
2870 EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
2872 keylen = EVP_CIPHER_CTX_key_length(loopargs[k].ctx);
2873 loopargs[k].key = app_malloc(keylen, "evp_cipher key");
2874 EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key);
2875 if (!EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
2876 loopargs[k].key, NULL, -1)) {
2877 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2878 ERR_print_errors(bio_err);
2881 OPENSSL_clear_free(loopargs[k].key, keylen);
2883 /* SIV mode only allows for a single Update operation */
2884 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_SIV_MODE)
2885 EVP_CIPHER_CTX_ctrl(loopargs[k].ctx, EVP_CTRL_SET_SPEED, 1, NULL);
2889 count = run_benchmark(async_jobs, loopfunc, loopargs);
2891 for (k = 0; k < loopargs_len; k++) {
2892 EVP_CIPHER_CTX_free(loopargs[k].ctx);
2894 print_result(D_EVP, testnum, count, d);
2896 } else if (evp_md != NULL) {
2897 names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md));
2899 for (testnum = 0; testnum < size_num; testnum++) {
2900 print_message(names[D_EVP], save_count, lengths[testnum],
2903 count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs);
2905 print_result(D_EVP, testnum, count, d);
2910 if (doit[D_EVP_HMAC]) {
2911 if (evp_hmac_md != NULL) {
2912 const char *md_name = OBJ_nid2ln(EVP_MD_type(evp_hmac_md));
2913 evp_hmac_name = app_malloc(sizeof("HMAC()") + strlen(md_name),
2915 sprintf(evp_hmac_name, "HMAC(%s)", md_name);
2916 names[D_EVP_HMAC] = evp_hmac_name;
2918 for (testnum = 0; testnum < size_num; testnum++) {
2919 print_message(names[D_EVP_HMAC], save_count, lengths[testnum],
2922 count = run_benchmark(async_jobs, EVP_HMAC_loop, loopargs);
2924 print_result(D_EVP_HMAC, testnum, count, d);
2929 #ifndef OPENSSL_NO_CMAC
2930 if (doit[D_EVP_CMAC]) {
2931 if (evp_cmac_cipher != NULL) {
2932 const char *cipher_name = OBJ_nid2ln(EVP_CIPHER_type(evp_cmac_cipher));
2933 evp_cmac_name = app_malloc(sizeof("CMAC()") + strlen(cipher_name),
2935 sprintf(evp_cmac_name, "CMAC(%s)", cipher_name);
2936 names[D_EVP_CMAC] = evp_cmac_name;
2938 for (i = 0; i < loopargs_len; i++) {
2939 loopargs[i].cmac_ctx = CMAC_CTX_new();
2940 if (loopargs[i].cmac_ctx == NULL) {
2941 BIO_printf(bio_err, "CMAC malloc failure, exiting...");
2945 for (testnum = 0; testnum < size_num; testnum++) {
2946 print_message(names[D_EVP_CMAC], save_count, lengths[testnum],
2949 count = run_benchmark(async_jobs, EVP_CMAC_loop, loopargs);
2951 print_result(D_EVP_CMAC, testnum, count, d);
2953 for (i = 0; i < loopargs_len; i++)
2954 CMAC_CTX_free(loopargs[i].cmac_ctx);
2959 for (i = 0; i < loopargs_len; i++)
2960 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2963 #ifndef OPENSSL_NO_RSA
2964 for (testnum = 0; testnum < RSA_NUM; testnum++) {
2966 if (!rsa_doit[testnum])
2968 for (i = 0; i < loopargs_len; i++) {
2970 /* we haven't set keys yet, generate multi-prime RSA keys */
2971 BIGNUM *bn = BN_new();
2975 if (!BN_set_word(bn, RSA_F4)) {
2980 BIO_printf(bio_err, "Generate multi-prime RSA key for %s\n",
2981 rsa_choices[testnum].name);
2983 loopargs[i].rsa_key[testnum] = RSA_new();
2984 if (loopargs[i].rsa_key[testnum] == NULL) {
2989 if (!RSA_generate_multi_prime_key(loopargs[i].rsa_key[testnum],
2991 primes, bn, NULL)) {
2997 st = RSA_sign(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2998 &loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
3004 "RSA sign failure. No RSA sign will be done.\n");
3005 ERR_print_errors(bio_err);
3008 pkey_print_message("private", "rsa",
3009 rsa_c[testnum][0], rsa_bits[testnum],
3011 /* RSA_blinding_on(rsa_key[testnum],NULL); */
3013 count = run_benchmark(async_jobs, RSA_sign_loop, loopargs);
3016 mr ? "+R1:%ld:%d:%.2f\n"
3017 : "%ld %u bits private RSA's in %.2fs\n",
3018 count, rsa_bits[testnum], d);
3019 rsa_results[testnum][0] = (double)count / d;
3023 for (i = 0; i < loopargs_len; i++) {
3024 st = RSA_verify(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
3025 loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
3031 "RSA verify failure. No RSA verify will be done.\n");
3032 ERR_print_errors(bio_err);
3033 rsa_doit[testnum] = 0;
3035 pkey_print_message("public", "rsa",
3036 rsa_c[testnum][1], rsa_bits[testnum],
3039 count = run_benchmark(async_jobs, RSA_verify_loop, loopargs);
3042 mr ? "+R2:%ld:%d:%.2f\n"
3043 : "%ld %u bits public RSA's in %.2fs\n",
3044 count, rsa_bits[testnum], d);
3045 rsa_results[testnum][1] = (double)count / d;
3048 if (rsa_count <= 1) {
3049 /* if longer than 10s, don't do any more */
3050 for (testnum++; testnum < RSA_NUM; testnum++)
3051 rsa_doit[testnum] = 0;
3054 #endif /* OPENSSL_NO_RSA */
3056 for (i = 0; i < loopargs_len; i++)
3057 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
3060 #ifndef OPENSSL_NO_DSA
3061 for (testnum = 0; testnum < DSA_NUM; testnum++) {
3063 if (!dsa_doit[testnum])
3066 /* DSA_generate_key(dsa_key[testnum]); */
3067 /* DSA_sign_setup(dsa_key[testnum],NULL); */
3068 for (i = 0; i < loopargs_len; i++) {
3069 st = DSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
3070 &loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
3076 "DSA sign failure. No DSA sign will be done.\n");
3077 ERR_print_errors(bio_err);
3080 pkey_print_message("sign", "dsa",
3081 dsa_c[testnum][0], dsa_bits[testnum],
3084 count = run_benchmark(async_jobs, DSA_sign_loop, loopargs);
3087 mr ? "+R3:%ld:%u:%.2f\n"
3088 : "%ld %u bits DSA signs in %.2fs\n",
3089 count, dsa_bits[testnum], d);
3090 dsa_results[testnum][0] = (double)count / d;
3094 for (i = 0; i < loopargs_len; i++) {
3095 st = DSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
3096 loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
3102 "DSA verify failure. No DSA verify will be done.\n");
3103 ERR_print_errors(bio_err);
3104 dsa_doit[testnum] = 0;
3106 pkey_print_message("verify", "dsa",
3107 dsa_c[testnum][1], dsa_bits[testnum],
3110 count = run_benchmark(async_jobs, DSA_verify_loop, loopargs);
3113 mr ? "+R4:%ld:%u:%.2f\n"
3114 : "%ld %u bits DSA verify in %.2fs\n",
3115 count, dsa_bits[testnum], d);
3116 dsa_results[testnum][1] = (double)count / d;
3119 if (rsa_count <= 1) {
3120 /* if longer than 10s, don't do any more */
3121 for (testnum++; testnum < DSA_NUM; testnum++)
3122 dsa_doit[testnum] = 0;
3125 #endif /* OPENSSL_NO_DSA */
3127 #ifndef OPENSSL_NO_EC
3128 for (testnum = 0; testnum < ECDSA_NUM; testnum++) {
3131 if (!ecdsa_doit[testnum])
3132 continue; /* Ignore Curve */
3133 for (i = 0; i < loopargs_len; i++) {
3134 loopargs[i].ecdsa[testnum] =
3135 EC_KEY_new_by_curve_name(test_curves[testnum].nid);
3136 if (loopargs[i].ecdsa[testnum] == NULL) {
3142 BIO_printf(bio_err, "ECDSA failure.\n");
3143 ERR_print_errors(bio_err);
3146 for (i = 0; i < loopargs_len; i++) {
3147 EC_KEY_precompute_mult(loopargs[i].ecdsa[testnum], NULL);
3148 /* Perform ECDSA signature test */
3149 EC_KEY_generate_key(loopargs[i].ecdsa[testnum]);
3150 st = ECDSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
3151 &loopargs[i].siglen,
3152 loopargs[i].ecdsa[testnum]);
3158 "ECDSA sign failure. No ECDSA sign will be done.\n");
3159 ERR_print_errors(bio_err);
3162 pkey_print_message("sign", "ecdsa",
3163 ecdsa_c[testnum][0],
3164 test_curves[testnum].bits, seconds.ecdsa);
3166 count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs);
3170 mr ? "+R5:%ld:%u:%.2f\n" :
3171 "%ld %u bits ECDSA signs in %.2fs \n",
3172 count, test_curves[testnum].bits, d);
3173 ecdsa_results[testnum][0] = (double)count / d;
3177 /* Perform ECDSA verification test */
3178 for (i = 0; i < loopargs_len; i++) {
3179 st = ECDSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
3181 loopargs[i].ecdsa[testnum]);
3187 "ECDSA verify failure. No ECDSA verify will be done.\n");
3188 ERR_print_errors(bio_err);
3189 ecdsa_doit[testnum] = 0;
3191 pkey_print_message("verify", "ecdsa",
3192 ecdsa_c[testnum][1],
3193 test_curves[testnum].bits, seconds.ecdsa);
3195 count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs);
3198 mr ? "+R6:%ld:%u:%.2f\n"
3199 : "%ld %u bits ECDSA verify in %.2fs\n",
3200 count, test_curves[testnum].bits, d);
3201 ecdsa_results[testnum][1] = (double)count / d;
3204 if (rsa_count <= 1) {
3205 /* if longer than 10s, don't do any more */
3206 for (testnum++; testnum < ECDSA_NUM; testnum++)
3207 ecdsa_doit[testnum] = 0;
3212 for (testnum = 0; testnum < EC_NUM; testnum++) {
3213 int ecdh_checks = 1;
3215 if (!ecdh_doit[testnum])
3218 for (i = 0; i < loopargs_len; i++) {
3219 EVP_PKEY_CTX *kctx = NULL;
3220 EVP_PKEY_CTX *test_ctx = NULL;
3221 EVP_PKEY_CTX *ctx = NULL;
3222 EVP_PKEY *key_A = NULL;
3223 EVP_PKEY *key_B = NULL;
3227 /* Ensure that the error queue is empty */
3228 if (ERR_peek_error()) {
3230 "WARNING: the error queue contains previous unhandled errors.\n");
3231 ERR_print_errors(bio_err);
3234 /* Let's try to create a ctx directly from the NID: this works for
3235 * curves like Curve25519 that are not implemented through the low
3236 * level EC interface.
3237 * If this fails we try creating a EVP_PKEY_EC generic param ctx,
3238 * then we set the curve by NID before deriving the actual keygen
3239 * ctx for that specific curve. */
3240 kctx = EVP_PKEY_CTX_new_id(test_curves[testnum].nid, NULL); /* keygen ctx from NID */
3242 EVP_PKEY_CTX *pctx = NULL;
3243 EVP_PKEY *params = NULL;
3245 /* If we reach this code EVP_PKEY_CTX_new_id() failed and a
3246 * "int_ctx_new:unsupported algorithm" error was added to the
3248 * We remove it from the error queue as we are handling it. */
3249 unsigned long error = ERR_peek_error(); /* peek the latest error in the queue */
3250 if (error == ERR_peek_last_error() && /* oldest and latest errors match */
3251 /* check that the error origin matches */
3252 ERR_GET_LIB(error) == ERR_LIB_EVP &&
3253 ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM)
3254 ERR_get_error(); /* pop error from queue */
3255 if (ERR_peek_error()) {
3257 "Unhandled error in the error queue during ECDH init.\n");
3258 ERR_print_errors(bio_err);
3263 if ( /* Create the context for parameter generation */
3264 !(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) ||
3265 /* Initialise the parameter generation */
3266 !EVP_PKEY_paramgen_init(pctx) ||
3267 /* Set the curve by NID */
3268 !EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3271 /* Create the parameter object params */
3272 !EVP_PKEY_paramgen(pctx, ¶ms)) {
3274 BIO_printf(bio_err, "ECDH EC params init failure.\n");
3275 ERR_print_errors(bio_err);
3279 /* Create the context for the key generation */
3280 kctx = EVP_PKEY_CTX_new(params, NULL);
3282 EVP_PKEY_free(params);
3284 EVP_PKEY_CTX_free(pctx);
3287 if (kctx == NULL || /* keygen ctx is not null */
3288 EVP_PKEY_keygen_init(kctx) <= 0/* init keygen ctx */ ) {
3290 BIO_printf(bio_err, "ECDH keygen failure.\n");
3291 ERR_print_errors(bio_err);
3296 if (EVP_PKEY_keygen(kctx, &key_A) <= 0 || /* generate secret key A */
3297 EVP_PKEY_keygen(kctx, &key_B) <= 0 || /* generate secret key B */
3298 !(ctx = EVP_PKEY_CTX_new(key_A, NULL)) || /* derivation ctx from skeyA */
3299 EVP_PKEY_derive_init(ctx) <= 0 || /* init derivation ctx */
3300 EVP_PKEY_derive_set_peer(ctx, key_B) <= 0 || /* set peer pubkey in ctx */
3301 EVP_PKEY_derive(ctx, NULL, &outlen) <= 0 || /* determine max length */
3302 outlen == 0 || /* ensure outlen is a valid size */
3303 outlen > MAX_ECDH_SIZE /* avoid buffer overflow */ ) {
3305 BIO_printf(bio_err, "ECDH key generation failure.\n");
3306 ERR_print_errors(bio_err);
3311 /* Here we perform a test run, comparing the output of a*B and b*A;
3312 * we try this here and assume that further EVP_PKEY_derive calls
3313 * never fail, so we can skip checks in the actually benchmarked
3314 * code, for maximum performance. */
3315 if (!(test_ctx = EVP_PKEY_CTX_new(key_B, NULL)) || /* test ctx from skeyB */
3316 !EVP_PKEY_derive_init(test_ctx) || /* init derivation test_ctx */
3317 !EVP_PKEY_derive_set_peer(test_ctx, key_A) || /* set peer pubkey in test_ctx */
3318 !EVP_PKEY_derive(test_ctx, NULL, &test_outlen) || /* determine max length */
3319 !EVP_PKEY_derive(ctx, loopargs[i].secret_a, &outlen) || /* compute a*B */
3320 !EVP_PKEY_derive(test_ctx, loopargs[i].secret_b, &test_outlen) || /* compute b*A */
3321 test_outlen != outlen /* compare output length */ ) {
3323 BIO_printf(bio_err, "ECDH computation failure.\n");
3324 ERR_print_errors(bio_err);
3329 /* Compare the computation results: CRYPTO_memcmp() returns 0 if equal */
3330 if (CRYPTO_memcmp(loopargs[i].secret_a,
3331 loopargs[i].secret_b, outlen)) {
3333 BIO_printf(bio_err, "ECDH computations don't match.\n");
3334 ERR_print_errors(bio_err);
3339 loopargs[i].ecdh_ctx[testnum] = ctx;
3340 loopargs[i].outlen[testnum] = outlen;
3342 EVP_PKEY_free(key_A);
3343 EVP_PKEY_free(key_B);
3344 EVP_PKEY_CTX_free(kctx);
3346 EVP_PKEY_CTX_free(test_ctx);
3349 if (ecdh_checks != 0) {
3350 pkey_print_message("", "ecdh",
3352 test_curves[testnum].bits, seconds.ecdh);
3355 run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs);
3358 mr ? "+R7:%ld:%d:%.2f\n" :
3359 "%ld %u-bits ECDH ops in %.2fs\n", count,
3360 test_curves[testnum].bits, d);
3361 ecdh_results[testnum][0] = (double)count / d;
3365 if (rsa_count <= 1) {
3366 /* if longer than 10s, don't do any more */
3367 for (testnum++; testnum < OSSL_NELEM(ecdh_doit); testnum++)
3368 ecdh_doit[testnum] = 0;
3372 for (testnum = 0; testnum < EdDSA_NUM; testnum++) {
3374 EVP_PKEY *ed_pkey = NULL;
3375 EVP_PKEY_CTX *ed_pctx = NULL;
3377 if (!eddsa_doit[testnum])
3378 continue; /* Ignore Curve */
3379 for (i = 0; i < loopargs_len; i++) {
3380 loopargs[i].eddsa_ctx[testnum] = EVP_MD_CTX_new();
3381 if (loopargs[i].eddsa_ctx[testnum] == NULL) {
3386 if ((ed_pctx = EVP_PKEY_CTX_new_id(test_ed_curves[testnum].nid, NULL))
3388 || EVP_PKEY_keygen_init(ed_pctx) <= 0
3389 || EVP_PKEY_keygen(ed_pctx, &ed_pkey) <= 0) {
3391 EVP_PKEY_CTX_free(ed_pctx);
3394 EVP_PKEY_CTX_free(ed_pctx);
3396 if (!EVP_DigestSignInit(loopargs[i].eddsa_ctx[testnum], NULL, NULL,
3399 EVP_PKEY_free(ed_pkey);
3402 EVP_PKEY_free(ed_pkey);
3405 BIO_printf(bio_err, "EdDSA failure.\n");
3406 ERR_print_errors(bio_err);
3409 for (i = 0; i < loopargs_len; i++) {
3410 /* Perform EdDSA signature test */
3411 loopargs[i].sigsize = test_ed_curves[testnum].sigsize;
3412 st = EVP_DigestSign(loopargs[i].eddsa_ctx[testnum],
3413 loopargs[i].buf2, &loopargs[i].sigsize,
3414 loopargs[i].buf, 20);
3420 "EdDSA sign failure. No EdDSA sign will be done.\n");
3421 ERR_print_errors(bio_err);
3424 pkey_print_message("sign", test_ed_curves[testnum].name,
3425 eddsa_c[testnum][0],
3426 test_ed_curves[testnum].bits, seconds.eddsa);
3428 count = run_benchmark(async_jobs, EdDSA_sign_loop, loopargs);
3432 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3433 "%ld %u bits %s signs in %.2fs \n",
3434 count, test_ed_curves[testnum].bits,
3435 test_ed_curves[testnum].name, d);
3436 eddsa_results[testnum][0] = (double)count / d;
3440 /* Perform EdDSA verification test */
3441 for (i = 0; i < loopargs_len; i++) {
3442 st = EVP_DigestVerify(loopargs[i].eddsa_ctx[testnum],
3443 loopargs[i].buf2, loopargs[i].sigsize,
3444 loopargs[i].buf, 20);
3450 "EdDSA verify failure. No EdDSA verify will be done.\n");
3451 ERR_print_errors(bio_err);
3452 eddsa_doit[testnum] = 0;
3454 pkey_print_message("verify", test_ed_curves[testnum].name,
3455 eddsa_c[testnum][1],
3456 test_ed_curves[testnum].bits, seconds.eddsa);
3458 count = run_benchmark(async_jobs, EdDSA_verify_loop, loopargs);
3461 mr ? "+R9:%ld:%u:%s:%.2f\n"
3462 : "%ld %u bits %s verify in %.2fs\n",
3463 count, test_ed_curves[testnum].bits,
3464 test_ed_curves[testnum].name, d);
3465 eddsa_results[testnum][1] = (double)count / d;
3468 if (rsa_count <= 1) {
3469 /* if longer than 10s, don't do any more */
3470 for (testnum++; testnum < EdDSA_NUM; testnum++)
3471 eddsa_doit[testnum] = 0;
3476 # ifndef OPENSSL_NO_SM2
3477 for (testnum = 0; testnum < SM2_NUM; testnum++) {
3479 EVP_PKEY *sm2_pkey = NULL;
3480 EVP_PKEY_CTX *pctx = NULL;
3481 EVP_PKEY_CTX *sm2_pctx = NULL;
3482 EVP_PKEY_CTX *sm2_vfy_pctx = NULL;
3483 size_t sm2_sigsize = 0;
3485 if (!sm2_doit[testnum])
3486 continue; /* Ignore Curve */
3487 /* Init signing and verification */
3488 for (i = 0; i < loopargs_len; i++) {
3489 loopargs[i].sm2_ctx[testnum] = EVP_MD_CTX_new();
3490 if (loopargs[i].sm2_ctx[testnum] == NULL) {
3494 loopargs[i].sm2_vfy_ctx[testnum] = EVP_MD_CTX_new();
3495 if (loopargs[i].sm2_vfy_ctx[testnum] == NULL) {
3500 /* SM2 keys are generated as normal EC keys with a special curve */
3501 if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) == NULL
3502 || EVP_PKEY_keygen_init(pctx) <= 0
3503 || EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3504 test_sm2_curves[testnum].nid) <= 0
3505 || EVP_PKEY_keygen(pctx, &sm2_pkey) <= 0) {
3507 EVP_PKEY_CTX_free(pctx);
3510 /* free previous one and alloc a new one */
3511 EVP_PKEY_CTX_free(pctx);
3513 loopargs[i].sigsize = sm2_sigsize
3514 = ECDSA_size(EVP_PKEY_get0_EC_KEY(sm2_pkey));
3516 if (!EVP_PKEY_set_alias_type(sm2_pkey, EVP_PKEY_SM2)) {
3518 EVP_PKEY_free(sm2_pkey);
3522 sm2_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3523 if (sm2_pctx == NULL) {
3525 EVP_PKEY_free(sm2_pkey);
3528 sm2_vfy_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3529 if (sm2_vfy_pctx == NULL) {
3531 EVP_PKEY_CTX_free(sm2_pctx);
3532 EVP_PKEY_free(sm2_pkey);
3536 * No need to allow user to set an explicit ID here, just use
3537 * the one defined in the 'draft-yang-tls-tl13-sm-suites' I-D.
3539 if (EVP_PKEY_CTX_set1_id(sm2_pctx, SM2_ID, SM2_ID_LEN) != 1) {
3541 EVP_PKEY_CTX_free(sm2_pctx);
3542 EVP_PKEY_CTX_free(sm2_vfy_pctx);
3543 EVP_PKEY_free(sm2_pkey);
3547 if (EVP_PKEY_CTX_set1_id(sm2_vfy_pctx, SM2_ID, SM2_ID_LEN) != 1) {
3549 EVP_PKEY_CTX_free(sm2_pctx);
3550 EVP_PKEY_CTX_free(sm2_vfy_pctx);
3551 EVP_PKEY_free(sm2_pkey);
3555 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_ctx[testnum], sm2_pctx);
3556 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_vfy_ctx[testnum], sm2_vfy_pctx);
3558 if (!EVP_DigestSignInit(loopargs[i].sm2_ctx[testnum], NULL,
3559 EVP_sm3(), NULL, sm2_pkey)) {
3561 EVP_PKEY_free(sm2_pkey);
3564 if (!EVP_DigestVerifyInit(loopargs[i].sm2_vfy_ctx[testnum], NULL,
3565 EVP_sm3(), NULL, sm2_pkey)) {
3567 EVP_PKEY_free(sm2_pkey);
3570 loopargs[i].sm2_pkey[testnum] = sm2_pkey;
3573 BIO_printf(bio_err, "SM2 failure.\n");
3574 ERR_print_errors(bio_err);
3577 for (i = 0; i < loopargs_len; i++) {
3578 sm2_sigsize = loopargs[i].sigsize;
3579 /* Perform SM2 signature test */
3580 st = EVP_DigestSign(loopargs[i].sm2_ctx[testnum],
3581 loopargs[i].buf2, &sm2_sigsize,
3582 loopargs[i].buf, 20);
3588 "SM2 sign failure. No SM2 sign will be done.\n");
3589 ERR_print_errors(bio_err);
3592 pkey_print_message("sign", test_sm2_curves[testnum].name,
3594 test_sm2_curves[testnum].bits, seconds.sm2);
3596 count = run_benchmark(async_jobs, SM2_sign_loop, loopargs);
3600 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3601 "%ld %u bits %s signs in %.2fs \n",
3602 count, test_sm2_curves[testnum].bits,
3603 test_sm2_curves[testnum].name, d);
3604 sm2_results[testnum][0] = (double)count / d;
3608 /* Perform SM2 verification test */
3609 for (i = 0; i < loopargs_len; i++) {
3610 st = EVP_DigestVerify(loopargs[i].sm2_vfy_ctx[testnum],
3611 loopargs[i].buf2, loopargs[i].sigsize,
3612 loopargs[i].buf, 20);
3618 "SM2 verify failure. No SM2 verify will be done.\n");
3619 ERR_print_errors(bio_err);
3620 sm2_doit[testnum] = 0;
3622 pkey_print_message("verify", test_sm2_curves[testnum].name,
3624 test_sm2_curves[testnum].bits, seconds.sm2);
3626 count = run_benchmark(async_jobs, SM2_verify_loop, loopargs);
3629 mr ? "+R9:%ld:%u:%s:%.2f\n"
3630 : "%ld %u bits %s verify in %.2fs\n",
3631 count, test_sm2_curves[testnum].bits,
3632 test_sm2_curves[testnum].name, d);
3633 sm2_results[testnum][1] = (double)count / d;
3636 if (rsa_count <= 1) {
3637 /* if longer than 10s, don't do any more */
3638 for (testnum++; testnum < SM2_NUM; testnum++)
3639 sm2_doit[testnum] = 0;
3643 # endif /* OPENSSL_NO_SM2 */
3645 #endif /* OPENSSL_NO_EC */
3650 printf("version: %s\n", OpenSSL_version(OPENSSL_FULL_VERSION_STRING));
3651 printf("built on: %s\n", OpenSSL_version(OPENSSL_BUILT_ON));
3653 printf("%s ", BN_options());
3654 #ifndef OPENSSL_NO_MD2
3655 printf("%s ", MD2_options());
3657 #ifndef OPENSSL_NO_RC4
3658 printf("%s ", RC4_options());
3660 #ifndef OPENSSL_NO_DES
3661 printf("%s ", DES_options());
3663 printf("%s ", AES_options());
3664 #ifndef OPENSSL_NO_IDEA
3665 printf("%s ", IDEA_options());
3667 #ifndef OPENSSL_NO_BF
3668 printf("%s ", BF_options());
3670 printf("\n%s\n", OpenSSL_version(OPENSSL_CFLAGS));
3671 printf("%s\n", OpenSSL_version(OPENSSL_CPU_INFO));
3679 ("The 'numbers' are in 1000s of bytes per second processed.\n");
3682 for (testnum = 0; testnum < size_num; testnum++)
3683 printf(mr ? ":%d" : "%7d bytes", lengths[testnum]);
3687 for (k = 0; k < ALGOR_NUM; k++) {
3691 printf("+F:%u:%s", k, names[k]);
3693 printf("%-13s", names[k]);
3694 for (testnum = 0; testnum < size_num; testnum++) {
3695 if (results[k][testnum] > 10000 && !mr)
3696 printf(" %11.2fk", results[k][testnum] / 1e3);
3698 printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]);
3702 #ifndef OPENSSL_NO_RSA
3704 for (k = 0; k < RSA_NUM; k++) {
3707 if (testnum && !mr) {
3708 printf("%18ssign verify sign/s verify/s\n", " ");
3712 printf("+F2:%u:%u:%f:%f\n",
3713 k, rsa_bits[k], rsa_results[k][0], rsa_results[k][1]);
3715 printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3716 rsa_bits[k], 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1],
3717 rsa_results[k][0], rsa_results[k][1]);
3720 #ifndef OPENSSL_NO_DSA
3722 for (k = 0; k < DSA_NUM; k++) {
3725 if (testnum && !mr) {
3726 printf("%18ssign verify sign/s verify/s\n", " ");
3730 printf("+F3:%u:%u:%f:%f\n",
3731 k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
3733 printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3734 dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1],
3735 dsa_results[k][0], dsa_results[k][1]);
3738 #ifndef OPENSSL_NO_EC
3740 for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) {
3743 if (testnum && !mr) {
3744 printf("%30ssign verify sign/s verify/s\n", " ");
3749 printf("+F4:%u:%u:%f:%f\n",
3750 k, test_curves[k].bits,
3751 ecdsa_results[k][0], ecdsa_results[k][1]);
3753 printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3754 test_curves[k].bits, test_curves[k].name,
3755 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1],
3756 ecdsa_results[k][0], ecdsa_results[k][1]);
3760 for (k = 0; k < EC_NUM; k++) {
3763 if (testnum && !mr) {
3764 printf("%30sop op/s\n", " ");
3768 printf("+F5:%u:%u:%f:%f\n",
3769 k, test_curves[k].bits,
3770 ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
3773 printf("%4u bits ecdh (%s) %8.4fs %8.1f\n",
3774 test_curves[k].bits, test_curves[k].name,
3775 1.0 / ecdh_results[k][0], ecdh_results[k][0]);
3779 for (k = 0; k < OSSL_NELEM(eddsa_doit); k++) {
3782 if (testnum && !mr) {
3783 printf("%30ssign verify sign/s verify/s\n", " ");
3788 printf("+F6:%u:%u:%s:%f:%f\n",
3789 k, test_ed_curves[k].bits, test_ed_curves[k].name,
3790 eddsa_results[k][0], eddsa_results[k][1]);
3792 printf("%4u bits EdDSA (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3793 test_ed_curves[k].bits, test_ed_curves[k].name,
3794 1.0 / eddsa_results[k][0], 1.0 / eddsa_results[k][1],
3795 eddsa_results[k][0], eddsa_results[k][1]);
3798 # ifndef OPENSSL_NO_SM2
3800 for (k = 0; k < OSSL_NELEM(sm2_doit); k++) {
3803 if (testnum && !mr) {
3804 printf("%30ssign verify sign/s verify/s\n", " ");
3809 printf("+F6:%u:%u:%s:%f:%f\n",
3810 k, test_sm2_curves[k].bits, test_sm2_curves[k].name,
3811 sm2_results[k][0], sm2_results[k][1]);
3813 printf("%4u bits SM2 (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3814 test_sm2_curves[k].bits, test_sm2_curves[k].name,
3815 1.0 / sm2_results[k][0], 1.0 / sm2_results[k][1],
3816 sm2_results[k][0], sm2_results[k][1]);
3824 ERR_print_errors(bio_err);
3825 for (i = 0; i < loopargs_len; i++) {
3826 OPENSSL_free(loopargs[i].buf_malloc);
3827 OPENSSL_free(loopargs[i].buf2_malloc);
3829 #ifndef OPENSSL_NO_RSA
3830 for (k = 0; k < RSA_NUM; k++)
3831 RSA_free(loopargs[i].rsa_key[k]);
3833 #ifndef OPENSSL_NO_DSA
3834 for (k = 0; k < DSA_NUM; k++)
3835 DSA_free(loopargs[i].dsa_key[k]);
3837 #ifndef OPENSSL_NO_EC
3838 for (k = 0; k < ECDSA_NUM; k++)
3839 EC_KEY_free(loopargs[i].ecdsa[k]);
3840 for (k = 0; k < EC_NUM; k++)
3841 EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]);
3842 for (k = 0; k < EdDSA_NUM; k++)
3843 EVP_MD_CTX_free(loopargs[i].eddsa_ctx[k]);
3844 # ifndef OPENSSL_NO_SM2
3845 for (k = 0; k < SM2_NUM; k++) {
3846 EVP_PKEY_CTX *pctx = NULL;
3848 /* free signing ctx */
3849 if (loopargs[i].sm2_ctx[k] != NULL
3850 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_ctx[k])) != NULL)
3851 EVP_PKEY_CTX_free(pctx);
3852 EVP_MD_CTX_free(loopargs[i].sm2_ctx[k]);
3853 /* free verification ctx */
3854 if (loopargs[i].sm2_vfy_ctx[k] != NULL
3855 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_vfy_ctx[k])) != NULL)
3856 EVP_PKEY_CTX_free(pctx);
3857 EVP_MD_CTX_free(loopargs[i].sm2_vfy_ctx[k]);
3859 EVP_PKEY_free(loopargs[i].sm2_pkey[k]);
3862 OPENSSL_free(loopargs[i].secret_a);
3863 OPENSSL_free(loopargs[i].secret_b);
3866 OPENSSL_free(evp_hmac_name);
3867 #ifndef OPENSSL_NO_CMAC
3868 OPENSSL_free(evp_cmac_name);
3871 if (async_jobs > 0) {
3872 for (i = 0; i < loopargs_len; i++)
3873 ASYNC_WAIT_CTX_free(loopargs[i].wait_ctx);
3877 ASYNC_cleanup_thread();
3879 OPENSSL_free(loopargs);
3884 static void print_message(const char *s, long num, int length, int tm)
3888 mr ? "+DT:%s:%d:%d\n"
3889 : "Doing %s for %ds on %d size blocks: ", s, tm, length);
3890 (void)BIO_flush(bio_err);
3894 mr ? "+DN:%s:%ld:%d\n"
3895 : "Doing %s %ld times on %d size blocks: ", s, num, length);
3896 (void)BIO_flush(bio_err);
3900 static void pkey_print_message(const char *str, const char *str2, long num,
3901 unsigned int bits, int tm)
3905 mr ? "+DTP:%d:%s:%s:%d\n"
3906 : "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm);
3907 (void)BIO_flush(bio_err);
3911 mr ? "+DNP:%ld:%d:%s:%s\n"
3912 : "Doing %ld %u bits %s %s's: ", num, bits, str, str2);
3913 (void)BIO_flush(bio_err);
3917 static void print_result(int alg, int run_no, int count, double time_used)
3920 BIO_puts(bio_err, "EVP error!\n");
3924 mr ? "+R:%d:%s:%f\n"
3925 : "%d %s's in %.2fs\n", count, names[alg], time_used);
3926 results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
3930 static char *sstrsep(char **string, const char *delim)
3933 char *token = *string;
3938 memset(isdelim, 0, sizeof(isdelim));
3942 isdelim[(unsigned char)(*delim)] = 1;
3946 while (!isdelim[(unsigned char)(**string)]) {
3958 static int do_multi(int multi, int size_num)
3963 static char sep[] = ":";
3965 fds = app_malloc(sizeof(*fds) * multi, "fd buffer for do_multi");
3966 for (n = 0; n < multi; ++n) {
3967 if (pipe(fd) == -1) {
3968 BIO_printf(bio_err, "pipe failure\n");
3972 (void)BIO_flush(bio_err);
3979 if (dup(fd[1]) == -1) {
3980 BIO_printf(bio_err, "dup failed\n");
3989 printf("Forked child %d\n", n);
3992 /* for now, assume the pipe is long enough to take all the output */
3993 for (n = 0; n < multi; ++n) {
3998 f = fdopen(fds[n], "r");
3999 while (fgets(buf, sizeof(buf), f)) {
4000 p = strchr(buf, '\n');
4003 if (buf[0] != '+') {
4005 "Don't understand line '%s' from child %d\n", buf,
4009 printf("Got: %s from %d\n", buf, n);
4010 if (strncmp(buf, "+F:", 3) == 0) {
4015 alg = atoi(sstrsep(&p, sep));
4017 for (j = 0; j < size_num; ++j)
4018 results[alg][j] += atof(sstrsep(&p, sep));
4019 } else if (strncmp(buf, "+F2:", 4) == 0) {
4024 k = atoi(sstrsep(&p, sep));
4027 d = atof(sstrsep(&p, sep));
4028 rsa_results[k][0] += d;
4030 d = atof(sstrsep(&p, sep));
4031 rsa_results[k][1] += d;
4033 # ifndef OPENSSL_NO_DSA
4034 else if (strncmp(buf, "+F3:", 4) == 0) {
4039 k = atoi(sstrsep(&p, sep));
4042 d = atof(sstrsep(&p, sep));
4043 dsa_results[k][0] += d;
4045 d = atof(sstrsep(&p, sep));
4046 dsa_results[k][1] += d;
4049 # ifndef OPENSSL_NO_EC
4050 else if (strncmp(buf, "+F4:", 4) == 0) {
4055 k = atoi(sstrsep(&p, sep));
4058 d = atof(sstrsep(&p, sep));
4059 ecdsa_results[k][0] += d;
4061 d = atof(sstrsep(&p, sep));
4062 ecdsa_results[k][1] += d;
4063 } else if (strncmp(buf, "+F5:", 4) == 0) {
4068 k = atoi(sstrsep(&p, sep));
4071 d = atof(sstrsep(&p, sep));
4072 ecdh_results[k][0] += d;
4073 } else if (strncmp(buf, "+F6:", 4) == 0) {
4078 k = atoi(sstrsep(&p, sep));
4081 d = atof(sstrsep(&p, sep));
4082 eddsa_results[k][0] += d;
4084 d = atof(sstrsep(&p, sep));
4085 eddsa_results[k][1] += d;
4087 # ifndef OPENSSL_NO_SM2
4088 else if (strncmp(buf, "+F7:", 4) == 0) {
4093 k = atoi(sstrsep(&p, sep));
4096 d = atof(sstrsep(&p, sep));
4097 sm2_results[k][0] += d;
4099 d = atof(sstrsep(&p, sep));
4100 sm2_results[k][1] += d;
4102 # endif /* OPENSSL_NO_SM2 */
4105 else if (strncmp(buf, "+H:", 3) == 0) {
4108 BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf,
4119 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
4120 const openssl_speed_sec_t *seconds)
4122 static const int mblengths_list[] =
4123 { 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 };
4124 const int *mblengths = mblengths_list;
4125 int j, count, keylen, num = OSSL_NELEM(mblengths_list);
4126 const char *alg_name;
4127 unsigned char *inp, *out, *key, no_key[32], no_iv[16];
4128 EVP_CIPHER_CTX *ctx;
4131 if (lengths_single) {
4132 mblengths = &lengths_single;
4136 inp = app_malloc(mblengths[num - 1], "multiblock input buffer");
4137 out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer");
4138 ctx = EVP_CIPHER_CTX_new();
4139 EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv);
4141 keylen = EVP_CIPHER_CTX_key_length(ctx);
4142 key = app_malloc(keylen, "evp_cipher key");
4143 EVP_CIPHER_CTX_rand_key(ctx, key);
4144 EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
4145 OPENSSL_clear_free(key, keylen);
4147 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key), no_key);
4148 alg_name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
4150 for (j = 0; j < num; j++) {
4151 print_message(alg_name, 0, mblengths[j], seconds->sym);
4153 for (count = 0, run = 1; run && count < 0x7fffffff; count++) {
4154 unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
4155 EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
4156 size_t len = mblengths[j];
4159 memset(aad, 0, 8); /* avoid uninitialized values */
4160 aad[8] = 23; /* SSL3_RT_APPLICATION_DATA */
4161 aad[9] = 3; /* version */
4163 aad[11] = 0; /* length */
4165 mb_param.out = NULL;
4168 mb_param.interleave = 8;
4170 packlen = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
4171 sizeof(mb_param), &mb_param);
4177 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
4178 sizeof(mb_param), &mb_param);
4182 RAND_bytes(out, 16);
4184 aad[11] = (unsigned char)(len >> 8);
4185 aad[12] = (unsigned char)(len);
4186 pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD,
4187 EVP_AEAD_TLS1_AAD_LEN, aad);
4188 EVP_Cipher(ctx, out, inp, len + pad);
4192 BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n"
4193 : "%d %s's in %.2fs\n", count, "evp", d);
4194 results[D_EVP][j] = ((double)count) / d * mblengths[j];
4198 fprintf(stdout, "+H");
4199 for (j = 0; j < num; j++)
4200 fprintf(stdout, ":%d", mblengths[j]);
4201 fprintf(stdout, "\n");
4202 fprintf(stdout, "+F:%d:%s", D_EVP, alg_name);
4203 for (j = 0; j < num; j++)
4204 fprintf(stdout, ":%.2f", results[D_EVP][j]);
4205 fprintf(stdout, "\n");
4208 "The 'numbers' are in 1000s of bytes per second processed.\n");
4209 fprintf(stdout, "type ");
4210 for (j = 0; j < num; j++)
4211 fprintf(stdout, "%7d bytes", mblengths[j]);
4212 fprintf(stdout, "\n");
4213 fprintf(stdout, "%-24s", alg_name);
4215 for (j = 0; j < num; j++) {
4216 if (results[D_EVP][j] > 10000)
4217 fprintf(stdout, " %11.2fk", results[D_EVP][j] / 1e3);
4219 fprintf(stdout, " %11.2f ", results[D_EVP][j]);
4221 fprintf(stdout, "\n");
4226 EVP_CIPHER_CTX_free(ctx);