2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
13 #define RSA_SECONDS 10
14 #define DSA_SECONDS 10
15 #define ECDSA_SECONDS 10
16 #define ECDH_SECONDS 10
17 #define EdDSA_SECONDS 10
18 #define SM2_SECONDS 10
26 #include <openssl/crypto.h>
27 #include <openssl/rand.h>
28 #include <openssl/err.h>
29 #include <openssl/evp.h>
30 #include <openssl/objects.h>
31 #include <openssl/async.h>
32 #if !defined(OPENSSL_SYS_MSDOS)
40 #include <openssl/bn.h>
41 #ifndef OPENSSL_NO_DES
42 # include <openssl/des.h>
44 #include <openssl/aes.h>
45 #ifndef OPENSSL_NO_CAMELLIA
46 # include <openssl/camellia.h>
48 #ifndef OPENSSL_NO_MD2
49 # include <openssl/md2.h>
51 #ifndef OPENSSL_NO_MDC2
52 # include <openssl/mdc2.h>
54 #ifndef OPENSSL_NO_MD4
55 # include <openssl/md4.h>
57 #ifndef OPENSSL_NO_MD5
58 # include <openssl/md5.h>
60 #include <openssl/hmac.h>
61 #ifndef OPENSSL_NO_CMAC
62 #include <openssl/cmac.h>
64 #include <openssl/sha.h>
65 #ifndef OPENSSL_NO_RMD160
66 # include <openssl/ripemd.h>
68 #ifndef OPENSSL_NO_WHIRLPOOL
69 # include <openssl/whrlpool.h>
71 #ifndef OPENSSL_NO_RC4
72 # include <openssl/rc4.h>
74 #ifndef OPENSSL_NO_RC5
75 # include <openssl/rc5.h>
77 #ifndef OPENSSL_NO_RC2
78 # include <openssl/rc2.h>
80 #ifndef OPENSSL_NO_IDEA
81 # include <openssl/idea.h>
83 #ifndef OPENSSL_NO_SEED
84 # include <openssl/seed.h>
87 # include <openssl/blowfish.h>
89 #ifndef OPENSSL_NO_CAST
90 # include <openssl/cast.h>
92 #ifndef OPENSSL_NO_RSA
93 # include <openssl/rsa.h>
94 # include "./testrsa.h"
96 #include <openssl/x509.h>
97 #ifndef OPENSSL_NO_DSA
98 # include <openssl/dsa.h>
99 # include "./testdsa.h"
101 #ifndef OPENSSL_NO_EC
102 # include <openssl/ec.h>
104 #include <openssl/modes.h>
107 # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS)
120 #define MAX_MISALIGNMENT 63
121 #define MAX_ECDH_SIZE 256
124 typedef struct openssl_speed_sec_st {
132 } openssl_speed_sec_t;
134 static volatile int run = 0;
137 static int usertime = 1;
139 #ifndef OPENSSL_NO_MD2
140 static int EVP_Digest_MD2_loop(void *args);
143 #ifndef OPENSSL_NO_MDC2
144 static int EVP_Digest_MDC2_loop(void *args);
146 #ifndef OPENSSL_NO_MD4
147 static int EVP_Digest_MD4_loop(void *args);
149 #ifndef OPENSSL_NO_MD5
150 static int MD5_loop(void *args);
151 static int HMAC_loop(void *args);
153 static int SHA1_loop(void *args);
154 static int SHA256_loop(void *args);
155 static int SHA512_loop(void *args);
156 #ifndef OPENSSL_NO_WHIRLPOOL
157 static int WHIRLPOOL_loop(void *args);
159 #ifndef OPENSSL_NO_RMD160
160 static int EVP_Digest_RMD160_loop(void *args);
162 #ifndef OPENSSL_NO_RC4
163 static int RC4_loop(void *args);
165 #ifndef OPENSSL_NO_DES
166 static int DES_ncbc_encrypt_loop(void *args);
167 static int DES_ede3_cbc_encrypt_loop(void *args);
169 static int AES_cbc_128_encrypt_loop(void *args);
170 static int AES_cbc_192_encrypt_loop(void *args);
171 static int AES_cbc_256_encrypt_loop(void *args);
173 static int AES_ige_128_encrypt_loop(void *args);
174 static int AES_ige_192_encrypt_loop(void *args);
175 static int AES_ige_256_encrypt_loop(void *args);
177 static int CRYPTO_gcm128_aad_loop(void *args);
178 static int RAND_bytes_loop(void *args);
179 static int EVP_Update_loop(void *args);
180 static int EVP_Update_loop_ccm(void *args);
181 static int EVP_Update_loop_aead(void *args);
182 static int EVP_Digest_loop(void *args);
183 #ifndef OPENSSL_NO_RSA
184 static int RSA_sign_loop(void *args);
185 static int RSA_verify_loop(void *args);
187 #ifndef OPENSSL_NO_DSA
188 static int DSA_sign_loop(void *args);
189 static int DSA_verify_loop(void *args);
191 #ifndef OPENSSL_NO_EC
192 static int ECDSA_sign_loop(void *args);
193 static int ECDSA_verify_loop(void *args);
194 static int EdDSA_sign_loop(void *args);
195 static int EdDSA_verify_loop(void *args);
196 # ifndef OPENSSL_NO_SM2
197 static int SM2_sign_loop(void *args);
198 static int SM2_verify_loop(void *args);
202 static double Time_F(int s);
203 static void print_message(const char *s, long num, int length, int tm);
204 static void pkey_print_message(const char *str, const char *str2,
205 long num, unsigned int bits, int sec);
206 static void print_result(int alg, int run_no, int count, double time_used);
208 static int do_multi(int multi, int size_num);
211 static const int lengths_list[] = {
212 16, 64, 256, 1024, 8 * 1024, 16 * 1024
214 static const int *lengths = lengths_list;
216 static const int aead_lengths_list[] = {
217 2, 31, 136, 1024, 8 * 1024, 16 * 1024
225 static void alarmed(int sig)
227 signal(SIGALRM, alarmed);
231 static double Time_F(int s)
233 double ret = app_tminterval(s, usertime);
239 #elif defined(_WIN32)
243 static unsigned int lapse;
244 static volatile unsigned int schlock;
245 static void alarm_win32(unsigned int secs)
250 # define alarm alarm_win32
252 static DWORD WINAPI sleepy(VOID * arg)
260 static double Time_F(int s)
267 thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
269 DWORD err = GetLastError();
270 BIO_printf(bio_err, "unable to CreateThread (%lu)", err);
274 Sleep(0); /* scheduler spinlock */
275 ret = app_tminterval(s, usertime);
277 ret = app_tminterval(s, usertime);
279 TerminateThread(thr, 0);
286 static double Time_F(int s)
288 return app_tminterval(s, usertime);
292 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
293 const openssl_speed_sec_t *seconds);
295 #define found(value, pairs, result)\
296 opt_found(value, result, pairs, OSSL_NELEM(pairs))
297 static int opt_found(const char *name, unsigned int *result,
298 const OPT_PAIR pairs[], unsigned int nbelem)
302 for (idx = 0; idx < nbelem; ++idx, pairs++)
303 if (strcmp(name, pairs->name) == 0) {
304 *result = pairs->retval;
310 typedef enum OPTION_choice {
311 OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
312 OPT_ELAPSED, OPT_EVP, OPT_HMAC, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
313 OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM,
314 OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD, OPT_CMAC
317 const OPTIONS speed_options[] = {
318 {OPT_HELP_STR, 1, '-', "Usage: %s [options] ciphers...\n"},
319 {OPT_HELP_STR, 1, '-', "Valid options are:\n"},
320 {"help", OPT_HELP, '-', "Display this summary"},
321 {"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"},
322 {"hmac", OPT_HMAC, 's', "HMAC using EVP-named digest"},
323 #ifndef OPENSSL_NO_CMAC
324 {"cmac", OPT_CMAC, 's', "CMAC using EVP-named cipher"},
326 {"decrypt", OPT_DECRYPT, '-',
327 "Time decryption instead of encryption (only EVP)"},
328 {"aead", OPT_AEAD, '-',
329 "Benchmark EVP-named AEAD cipher in TLS-like sequence"},
331 "Enable (tls1>=1) multi-block mode on EVP-named cipher"},
332 {"mr", OPT_MR, '-', "Produce machine readable output"},
334 {"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"},
336 #ifndef OPENSSL_NO_ASYNC
337 {"async_jobs", OPT_ASYNCJOBS, 'p',
338 "Enable async mode and start specified number of jobs"},
341 #ifndef OPENSSL_NO_ENGINE
342 {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
344 {"elapsed", OPT_ELAPSED, '-',
345 "Use wall-clock time instead of CPU user time as divisor"},
346 {"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"},
347 {"seconds", OPT_SECONDS, 'p',
348 "Run benchmarks for specified amount of seconds"},
349 {"bytes", OPT_BYTES, 'p',
350 "Run [non-PKI] benchmarks on custom-sized buffer"},
351 {"misalign", OPT_MISALIGN, 'p',
352 "Use specified offset to mis-align buffers"},
366 #define D_CBC_IDEA 10
367 #define D_CBC_SEED 11
371 #define D_CBC_CAST 15
372 #define D_CBC_128_AES 16
373 #define D_CBC_192_AES 17
374 #define D_CBC_256_AES 18
375 #define D_CBC_128_CML 19
376 #define D_CBC_192_CML 20
377 #define D_CBC_256_CML 21
381 #define D_WHIRLPOOL 25
382 #define D_IGE_128_AES 26
383 #define D_IGE_192_AES 27
384 #define D_IGE_256_AES 28
387 #define D_EVP_HMAC 31
388 #define D_EVP_CMAC 32
390 /* name of algorithms to test */
391 static const char *names[] = {
392 "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
393 "des cbc", "des ede3", "idea cbc", "seed cbc",
394 "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
395 "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
396 "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
397 "evp", "sha256", "sha512", "whirlpool",
398 "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
399 "rand", "hmac", "cmac"
401 #define ALGOR_NUM OSSL_NELEM(names)
403 /* list of configured algorithm (remaining) */
404 static const OPT_PAIR doit_choices[] = {
405 #ifndef OPENSSL_NO_MD2
408 #ifndef OPENSSL_NO_MDC2
411 #ifndef OPENSSL_NO_MD4
414 #ifndef OPENSSL_NO_MD5
419 {"sha256", D_SHA256},
420 {"sha512", D_SHA512},
421 #ifndef OPENSSL_NO_WHIRLPOOL
422 {"whirlpool", D_WHIRLPOOL},
424 #ifndef OPENSSL_NO_RMD160
425 {"ripemd", D_RMD160},
426 {"rmd160", D_RMD160},
427 {"ripemd160", D_RMD160},
429 #ifndef OPENSSL_NO_RC4
432 #ifndef OPENSSL_NO_DES
433 {"des-cbc", D_CBC_DES},
434 {"des-ede3", D_EDE3_DES},
436 {"aes-128-cbc", D_CBC_128_AES},
437 {"aes-192-cbc", D_CBC_192_AES},
438 {"aes-256-cbc", D_CBC_256_AES},
440 {"aes-128-ige", D_IGE_128_AES},
441 {"aes-192-ige", D_IGE_192_AES},
442 {"aes-256-ige", D_IGE_256_AES},
444 #ifndef OPENSSL_NO_RC2
445 {"rc2-cbc", D_CBC_RC2},
448 #ifndef OPENSSL_NO_RC5
449 {"rc5-cbc", D_CBC_RC5},
452 #ifndef OPENSSL_NO_IDEA
453 {"idea-cbc", D_CBC_IDEA},
454 {"idea", D_CBC_IDEA},
456 #ifndef OPENSSL_NO_SEED
457 {"seed-cbc", D_CBC_SEED},
458 {"seed", D_CBC_SEED},
460 #ifndef OPENSSL_NO_BF
461 {"bf-cbc", D_CBC_BF},
462 {"blowfish", D_CBC_BF},
465 #ifndef OPENSSL_NO_CAST
466 {"cast-cbc", D_CBC_CAST},
467 {"cast", D_CBC_CAST},
468 {"cast5", D_CBC_CAST},
474 static double results[ALGOR_NUM][OSSL_NELEM(lengths_list)];
476 #ifndef OPENSSL_NO_DSA
478 # define R_DSA_1024 1
479 # define R_DSA_2048 2
480 static const OPT_PAIR dsa_choices[] = {
481 {"dsa512", R_DSA_512},
482 {"dsa1024", R_DSA_1024},
483 {"dsa2048", R_DSA_2048}
485 # define DSA_NUM OSSL_NELEM(dsa_choices)
487 static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */
488 #endif /* OPENSSL_NO_DSA */
496 #define R_RSA_15360 6
497 #ifndef OPENSSL_NO_RSA
498 static const OPT_PAIR rsa_choices[] = {
499 {"rsa512", R_RSA_512},
500 {"rsa1024", R_RSA_1024},
501 {"rsa2048", R_RSA_2048},
502 {"rsa3072", R_RSA_3072},
503 {"rsa4096", R_RSA_4096},
504 {"rsa7680", R_RSA_7680},
505 {"rsa15360", R_RSA_15360}
507 # define RSA_NUM OSSL_NELEM(rsa_choices)
509 static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */
510 #endif /* OPENSSL_NO_RSA */
519 #ifndef OPENSSL_NO_EC2M
541 #ifndef OPENSSL_NO_EC
542 static OPT_PAIR ecdsa_choices[] = {
543 {"ecdsap160", R_EC_P160},
544 {"ecdsap192", R_EC_P192},
545 {"ecdsap224", R_EC_P224},
546 {"ecdsap256", R_EC_P256},
547 {"ecdsap384", R_EC_P384},
548 {"ecdsap521", R_EC_P521},
549 # ifndef OPENSSL_NO_EC2M
550 {"ecdsak163", R_EC_K163},
551 {"ecdsak233", R_EC_K233},
552 {"ecdsak283", R_EC_K283},
553 {"ecdsak409", R_EC_K409},
554 {"ecdsak571", R_EC_K571},
555 {"ecdsab163", R_EC_B163},
556 {"ecdsab233", R_EC_B233},
557 {"ecdsab283", R_EC_B283},
558 {"ecdsab409", R_EC_B409},
559 {"ecdsab571", R_EC_B571},
561 {"ecdsabrp256r1", R_EC_BRP256R1},
562 {"ecdsabrp256t1", R_EC_BRP256T1},
563 {"ecdsabrp384r1", R_EC_BRP384R1},
564 {"ecdsabrp384t1", R_EC_BRP384T1},
565 {"ecdsabrp512r1", R_EC_BRP512R1},
566 {"ecdsabrp512t1", R_EC_BRP512T1}
568 # define ECDSA_NUM OSSL_NELEM(ecdsa_choices)
570 static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */
572 static const OPT_PAIR ecdh_choices[] = {
573 {"ecdhp160", R_EC_P160},
574 {"ecdhp192", R_EC_P192},
575 {"ecdhp224", R_EC_P224},
576 {"ecdhp256", R_EC_P256},
577 {"ecdhp384", R_EC_P384},
578 {"ecdhp521", R_EC_P521},
579 # ifndef OPENSSL_NO_EC2M
580 {"ecdhk163", R_EC_K163},
581 {"ecdhk233", R_EC_K233},
582 {"ecdhk283", R_EC_K283},
583 {"ecdhk409", R_EC_K409},
584 {"ecdhk571", R_EC_K571},
585 {"ecdhb163", R_EC_B163},
586 {"ecdhb233", R_EC_B233},
587 {"ecdhb283", R_EC_B283},
588 {"ecdhb409", R_EC_B409},
589 {"ecdhb571", R_EC_B571},
591 {"ecdhbrp256r1", R_EC_BRP256R1},
592 {"ecdhbrp256t1", R_EC_BRP256T1},
593 {"ecdhbrp384r1", R_EC_BRP384R1},
594 {"ecdhbrp384t1", R_EC_BRP384T1},
595 {"ecdhbrp512r1", R_EC_BRP512R1},
596 {"ecdhbrp512t1", R_EC_BRP512T1},
597 {"ecdhx25519", R_EC_X25519},
598 {"ecdhx448", R_EC_X448}
600 # define EC_NUM OSSL_NELEM(ecdh_choices)
602 static double ecdh_results[EC_NUM][1]; /* 1 op: derivation */
604 #define R_EC_Ed25519 0
606 static OPT_PAIR eddsa_choices[] = {
607 {"ed25519", R_EC_Ed25519},
608 {"ed448", R_EC_Ed448}
610 # define EdDSA_NUM OSSL_NELEM(eddsa_choices)
612 static double eddsa_results[EdDSA_NUM][2]; /* 2 ops: sign then verify */
614 # ifndef OPENSSL_NO_SM2
615 # define R_EC_CURVESM2 0
616 static OPT_PAIR sm2_choices[] = {
617 {"curveSM2", R_EC_CURVESM2}
619 # define SM2_ID "TLSv1.3+GM+Cipher+Suite"
620 # define SM2_ID_LEN sizeof("TLSv1.3+GM+Cipher+Suite") - 1
621 # define SM2_NUM OSSL_NELEM(sm2_choices)
623 static double sm2_results[SM2_NUM][2]; /* 2 ops: sign then verify */
624 # endif /* OPENSSL_NO_SM2 */
625 #endif /* OPENSSL_NO_EC */
628 # define COND(d) (count < (d))
629 # define COUNT(d) (d)
631 # define COND(unused_cond) (run && count<0x7fffffff)
632 # define COUNT(d) (count)
635 typedef struct loopargs_st {
636 ASYNC_JOB *inprogress_job;
637 ASYNC_WAIT_CTX *wait_ctx;
640 unsigned char *buf_malloc;
641 unsigned char *buf2_malloc;
645 #ifndef OPENSSL_NO_RSA
646 RSA *rsa_key[RSA_NUM];
648 #ifndef OPENSSL_NO_DSA
649 DSA *dsa_key[DSA_NUM];
651 #ifndef OPENSSL_NO_EC
652 EC_KEY *ecdsa[ECDSA_NUM];
653 EVP_PKEY_CTX *ecdh_ctx[EC_NUM];
654 EVP_MD_CTX *eddsa_ctx[EdDSA_NUM];
655 # ifndef OPENSSL_NO_SM2
656 EVP_MD_CTX *sm2_ctx[SM2_NUM];
657 EVP_MD_CTX *sm2_vfy_ctx[SM2_NUM];
658 EVP_PKEY *sm2_pkey[SM2_NUM];
660 unsigned char *secret_a;
661 unsigned char *secret_b;
662 size_t outlen[EC_NUM];
666 #ifndef OPENSSL_NO_CMAC
669 GCM128_CONTEXT *gcm_ctx;
671 static int run_benchmark(int async_jobs, int (*loop_function) (void *),
672 loopargs_t * loopargs);
674 static unsigned int testnum;
676 /* Nb of iterations to do per algorithm and key-size */
677 static long c[ALGOR_NUM][OSSL_NELEM(lengths_list)];
679 #ifndef OPENSSL_NO_MD2
680 static int EVP_Digest_MD2_loop(void *args)
682 loopargs_t *tempargs = *(loopargs_t **) args;
683 unsigned char *buf = tempargs->buf;
684 unsigned char md2[MD2_DIGEST_LENGTH];
687 for (count = 0; COND(c[D_MD2][testnum]); count++) {
688 if (!EVP_Digest(buf, (size_t)lengths[testnum], md2, NULL, EVP_md2(),
696 #ifndef OPENSSL_NO_MDC2
697 static int EVP_Digest_MDC2_loop(void *args)
699 loopargs_t *tempargs = *(loopargs_t **) args;
700 unsigned char *buf = tempargs->buf;
701 unsigned char mdc2[MDC2_DIGEST_LENGTH];
704 for (count = 0; COND(c[D_MDC2][testnum]); count++) {
705 if (!EVP_Digest(buf, (size_t)lengths[testnum], mdc2, NULL, EVP_mdc2(),
713 #ifndef OPENSSL_NO_MD4
714 static int EVP_Digest_MD4_loop(void *args)
716 loopargs_t *tempargs = *(loopargs_t **) args;
717 unsigned char *buf = tempargs->buf;
718 unsigned char md4[MD4_DIGEST_LENGTH];
721 for (count = 0; COND(c[D_MD4][testnum]); count++) {
722 if (!EVP_Digest(buf, (size_t)lengths[testnum], md4, NULL, EVP_md4(),
730 #ifndef OPENSSL_NO_MD5
731 static int MD5_loop(void *args)
733 loopargs_t *tempargs = *(loopargs_t **) args;
734 unsigned char *buf = tempargs->buf;
735 unsigned char md5[MD5_DIGEST_LENGTH];
737 for (count = 0; COND(c[D_MD5][testnum]); count++)
738 MD5(buf, lengths[testnum], md5);
742 static int HMAC_loop(void *args)
744 loopargs_t *tempargs = *(loopargs_t **) args;
745 unsigned char *buf = tempargs->buf;
746 HMAC_CTX *hctx = tempargs->hctx;
747 unsigned char hmac[MD5_DIGEST_LENGTH];
750 for (count = 0; COND(c[D_HMAC][testnum]); count++) {
751 HMAC_Init_ex(hctx, NULL, 0, NULL, NULL);
752 HMAC_Update(hctx, buf, lengths[testnum]);
753 HMAC_Final(hctx, hmac, NULL);
759 static int SHA1_loop(void *args)
761 loopargs_t *tempargs = *(loopargs_t **) args;
762 unsigned char *buf = tempargs->buf;
763 unsigned char sha[SHA_DIGEST_LENGTH];
765 for (count = 0; COND(c[D_SHA1][testnum]); count++)
766 SHA1(buf, lengths[testnum], sha);
770 static int SHA256_loop(void *args)
772 loopargs_t *tempargs = *(loopargs_t **) args;
773 unsigned char *buf = tempargs->buf;
774 unsigned char sha256[SHA256_DIGEST_LENGTH];
776 for (count = 0; COND(c[D_SHA256][testnum]); count++)
777 SHA256(buf, lengths[testnum], sha256);
781 static int SHA512_loop(void *args)
783 loopargs_t *tempargs = *(loopargs_t **) args;
784 unsigned char *buf = tempargs->buf;
785 unsigned char sha512[SHA512_DIGEST_LENGTH];
787 for (count = 0; COND(c[D_SHA512][testnum]); count++)
788 SHA512(buf, lengths[testnum], sha512);
792 #ifndef OPENSSL_NO_WHIRLPOOL
793 static int WHIRLPOOL_loop(void *args)
795 loopargs_t *tempargs = *(loopargs_t **) args;
796 unsigned char *buf = tempargs->buf;
797 unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
799 for (count = 0; COND(c[D_WHIRLPOOL][testnum]); count++)
800 WHIRLPOOL(buf, lengths[testnum], whirlpool);
805 #ifndef OPENSSL_NO_RMD160
806 static int EVP_Digest_RMD160_loop(void *args)
808 loopargs_t *tempargs = *(loopargs_t **) args;
809 unsigned char *buf = tempargs->buf;
810 unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
812 for (count = 0; COND(c[D_RMD160][testnum]); count++) {
813 if (!EVP_Digest(buf, (size_t)lengths[testnum], &(rmd160[0]),
814 NULL, EVP_ripemd160(), NULL))
821 #ifndef OPENSSL_NO_RC4
822 static RC4_KEY rc4_ks;
823 static int RC4_loop(void *args)
825 loopargs_t *tempargs = *(loopargs_t **) args;
826 unsigned char *buf = tempargs->buf;
828 for (count = 0; COND(c[D_RC4][testnum]); count++)
829 RC4(&rc4_ks, (size_t)lengths[testnum], buf, buf);
834 #ifndef OPENSSL_NO_DES
835 static unsigned char DES_iv[8];
836 static DES_key_schedule sch;
837 static DES_key_schedule sch2;
838 static DES_key_schedule sch3;
839 static int DES_ncbc_encrypt_loop(void *args)
841 loopargs_t *tempargs = *(loopargs_t **) args;
842 unsigned char *buf = tempargs->buf;
844 for (count = 0; COND(c[D_CBC_DES][testnum]); count++)
845 DES_ncbc_encrypt(buf, buf, lengths[testnum], &sch,
846 &DES_iv, DES_ENCRYPT);
850 static int DES_ede3_cbc_encrypt_loop(void *args)
852 loopargs_t *tempargs = *(loopargs_t **) args;
853 unsigned char *buf = tempargs->buf;
855 for (count = 0; COND(c[D_EDE3_DES][testnum]); count++)
856 DES_ede3_cbc_encrypt(buf, buf, lengths[testnum],
857 &sch, &sch2, &sch3, &DES_iv, DES_ENCRYPT);
862 #define MAX_BLOCK_SIZE 128
864 static unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
865 static AES_KEY aes_ks1, aes_ks2, aes_ks3;
866 static int AES_cbc_128_encrypt_loop(void *args)
868 loopargs_t *tempargs = *(loopargs_t **) args;
869 unsigned char *buf = tempargs->buf;
871 for (count = 0; COND(c[D_CBC_128_AES][testnum]); count++)
872 AES_cbc_encrypt(buf, buf,
873 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
877 static int AES_cbc_192_encrypt_loop(void *args)
879 loopargs_t *tempargs = *(loopargs_t **) args;
880 unsigned char *buf = tempargs->buf;
882 for (count = 0; COND(c[D_CBC_192_AES][testnum]); count++)
883 AES_cbc_encrypt(buf, buf,
884 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
888 static int AES_cbc_256_encrypt_loop(void *args)
890 loopargs_t *tempargs = *(loopargs_t **) args;
891 unsigned char *buf = tempargs->buf;
893 for (count = 0; COND(c[D_CBC_256_AES][testnum]); count++)
894 AES_cbc_encrypt(buf, buf,
895 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
900 static int AES_ige_128_encrypt_loop(void *args)
902 loopargs_t *tempargs = *(loopargs_t **) args;
903 unsigned char *buf = tempargs->buf;
904 unsigned char *buf2 = tempargs->buf2;
906 for (count = 0; COND(c[D_IGE_128_AES][testnum]); count++)
907 AES_ige_encrypt(buf, buf2,
908 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
912 static int AES_ige_192_encrypt_loop(void *args)
914 loopargs_t *tempargs = *(loopargs_t **) args;
915 unsigned char *buf = tempargs->buf;
916 unsigned char *buf2 = tempargs->buf2;
918 for (count = 0; COND(c[D_IGE_192_AES][testnum]); count++)
919 AES_ige_encrypt(buf, buf2,
920 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
924 static int AES_ige_256_encrypt_loop(void *args)
926 loopargs_t *tempargs = *(loopargs_t **) args;
927 unsigned char *buf = tempargs->buf;
928 unsigned char *buf2 = tempargs->buf2;
930 for (count = 0; COND(c[D_IGE_256_AES][testnum]); count++)
931 AES_ige_encrypt(buf, buf2,
932 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
937 static int CRYPTO_gcm128_aad_loop(void *args)
939 loopargs_t *tempargs = *(loopargs_t **) args;
940 unsigned char *buf = tempargs->buf;
941 GCM128_CONTEXT *gcm_ctx = tempargs->gcm_ctx;
943 for (count = 0; COND(c[D_GHASH][testnum]); count++)
944 CRYPTO_gcm128_aad(gcm_ctx, buf, lengths[testnum]);
948 static int RAND_bytes_loop(void *args)
950 loopargs_t *tempargs = *(loopargs_t **) args;
951 unsigned char *buf = tempargs->buf;
954 for (count = 0; COND(c[D_RAND][testnum]); count++)
955 RAND_bytes(buf, lengths[testnum]);
959 static long save_count = 0;
960 static int decrypt = 0;
961 static int EVP_Update_loop(void *args)
963 loopargs_t *tempargs = *(loopargs_t **) args;
964 unsigned char *buf = tempargs->buf;
965 EVP_CIPHER_CTX *ctx = tempargs->ctx;
968 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
971 for (count = 0; COND(nb_iter); count++) {
972 rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
974 /* reset iv in case of counter overflow */
975 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
979 for (count = 0; COND(nb_iter); count++) {
980 rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
982 /* reset iv in case of counter overflow */
983 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
988 EVP_DecryptFinal_ex(ctx, buf, &outl);
990 EVP_EncryptFinal_ex(ctx, buf, &outl);
995 * CCM does not support streaming. For the purpose of performance measurement,
996 * each message is encrypted using the same (key,iv)-pair. Do not use this
997 * code in your application.
999 static int EVP_Update_loop_ccm(void *args)
1001 loopargs_t *tempargs = *(loopargs_t **) args;
1002 unsigned char *buf = tempargs->buf;
1003 EVP_CIPHER_CTX *ctx = tempargs->ctx;
1005 unsigned char tag[12];
1007 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1010 for (count = 0; COND(nb_iter); count++) {
1011 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), tag);
1013 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
1014 /* counter is reset on every update */
1015 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1018 for (count = 0; COND(nb_iter); count++) {
1019 /* restore iv length field */
1020 EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
1021 /* counter is reset on every update */
1022 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1026 EVP_DecryptFinal_ex(ctx, buf, &outl);
1028 EVP_EncryptFinal_ex(ctx, buf, &outl);
1033 * To make AEAD benchmarking more relevant perform TLS-like operations,
1034 * 13-byte AAD followed by payload. But don't use TLS-formatted AAD, as
1035 * payload length is not actually limited by 16KB...
1037 static int EVP_Update_loop_aead(void *args)
1039 loopargs_t *tempargs = *(loopargs_t **) args;
1040 unsigned char *buf = tempargs->buf;
1041 EVP_CIPHER_CTX *ctx = tempargs->ctx;
1043 unsigned char aad[13] = { 0xcc };
1044 unsigned char faketag[16] = { 0xcc };
1046 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1049 for (count = 0; COND(nb_iter); count++) {
1050 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
1051 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
1052 sizeof(faketag), faketag);
1053 EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1054 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1055 EVP_DecryptFinal_ex(ctx, buf + outl, &outl);
1058 for (count = 0; COND(nb_iter); count++) {
1059 EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv);
1060 EVP_EncryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1061 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1062 EVP_EncryptFinal_ex(ctx, buf + outl, &outl);
1068 static const EVP_MD *evp_md = NULL;
1069 static int EVP_Digest_loop(void *args)
1071 loopargs_t *tempargs = *(loopargs_t **) args;
1072 unsigned char *buf = tempargs->buf;
1073 unsigned char md[EVP_MAX_MD_SIZE];
1076 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1079 for (count = 0; COND(nb_iter); count++) {
1080 if (!EVP_Digest(buf, lengths[testnum], md, NULL, evp_md, NULL))
1086 static const EVP_MD *evp_hmac_md = NULL;
1087 static char *evp_hmac_name = NULL;
1088 static int EVP_HMAC_loop(void *args)
1090 loopargs_t *tempargs = *(loopargs_t **) args;
1091 unsigned char *buf = tempargs->buf;
1092 unsigned char no_key[32];
1095 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1098 for (count = 0; COND(nb_iter); count++) {
1099 if (HMAC(evp_hmac_md, no_key, sizeof(no_key), buf, lengths[testnum],
1100 NULL, NULL) == NULL)
1106 #ifndef OPENSSL_NO_CMAC
1107 static const EVP_CIPHER *evp_cmac_cipher = NULL;
1108 static char *evp_cmac_name = NULL;
1110 static int EVP_CMAC_loop(void *args)
1112 loopargs_t *tempargs = *(loopargs_t **) args;
1113 unsigned char *buf = tempargs->buf;
1114 CMAC_CTX *cmac_ctx = tempargs->cmac_ctx;
1115 static const char key[16] = "This is a key...";
1116 unsigned char mac[16];
1117 size_t len = sizeof(mac);
1120 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1123 for (count = 0; COND(nb_iter); count++) {
1124 if (!CMAC_Init(cmac_ctx, key, sizeof(key), evp_cmac_cipher, NULL)
1125 || !CMAC_Update(cmac_ctx, buf, lengths[testnum])
1126 || !CMAC_Final(cmac_ctx, mac, &len))
1133 #ifndef OPENSSL_NO_RSA
1134 static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */
1136 static int RSA_sign_loop(void *args)
1138 loopargs_t *tempargs = *(loopargs_t **) args;
1139 unsigned char *buf = tempargs->buf;
1140 unsigned char *buf2 = tempargs->buf2;
1141 unsigned int *rsa_num = &tempargs->siglen;
1142 RSA **rsa_key = tempargs->rsa_key;
1144 for (count = 0; COND(rsa_c[testnum][0]); count++) {
1145 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1147 BIO_printf(bio_err, "RSA sign failure\n");
1148 ERR_print_errors(bio_err);
1156 static int RSA_verify_loop(void *args)
1158 loopargs_t *tempargs = *(loopargs_t **) args;
1159 unsigned char *buf = tempargs->buf;
1160 unsigned char *buf2 = tempargs->buf2;
1161 unsigned int rsa_num = tempargs->siglen;
1162 RSA **rsa_key = tempargs->rsa_key;
1164 for (count = 0; COND(rsa_c[testnum][1]); count++) {
1166 RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1168 BIO_printf(bio_err, "RSA verify failure\n");
1169 ERR_print_errors(bio_err);
1178 #ifndef OPENSSL_NO_DSA
1179 static long dsa_c[DSA_NUM][2];
1180 static int DSA_sign_loop(void *args)
1182 loopargs_t *tempargs = *(loopargs_t **) args;
1183 unsigned char *buf = tempargs->buf;
1184 unsigned char *buf2 = tempargs->buf2;
1185 DSA **dsa_key = tempargs->dsa_key;
1186 unsigned int *siglen = &tempargs->siglen;
1188 for (count = 0; COND(dsa_c[testnum][0]); count++) {
1189 ret = DSA_sign(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1191 BIO_printf(bio_err, "DSA sign failure\n");
1192 ERR_print_errors(bio_err);
1200 static int DSA_verify_loop(void *args)
1202 loopargs_t *tempargs = *(loopargs_t **) args;
1203 unsigned char *buf = tempargs->buf;
1204 unsigned char *buf2 = tempargs->buf2;
1205 DSA **dsa_key = tempargs->dsa_key;
1206 unsigned int siglen = tempargs->siglen;
1208 for (count = 0; COND(dsa_c[testnum][1]); count++) {
1209 ret = DSA_verify(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1211 BIO_printf(bio_err, "DSA verify failure\n");
1212 ERR_print_errors(bio_err);
1221 #ifndef OPENSSL_NO_EC
1222 static long ecdsa_c[ECDSA_NUM][2];
1223 static int ECDSA_sign_loop(void *args)
1225 loopargs_t *tempargs = *(loopargs_t **) args;
1226 unsigned char *buf = tempargs->buf;
1227 EC_KEY **ecdsa = tempargs->ecdsa;
1228 unsigned char *ecdsasig = tempargs->buf2;
1229 unsigned int *ecdsasiglen = &tempargs->siglen;
1231 for (count = 0; COND(ecdsa_c[testnum][0]); count++) {
1232 ret = ECDSA_sign(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1234 BIO_printf(bio_err, "ECDSA sign failure\n");
1235 ERR_print_errors(bio_err);
1243 static int ECDSA_verify_loop(void *args)
1245 loopargs_t *tempargs = *(loopargs_t **) args;
1246 unsigned char *buf = tempargs->buf;
1247 EC_KEY **ecdsa = tempargs->ecdsa;
1248 unsigned char *ecdsasig = tempargs->buf2;
1249 unsigned int ecdsasiglen = tempargs->siglen;
1251 for (count = 0; COND(ecdsa_c[testnum][1]); count++) {
1252 ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1254 BIO_printf(bio_err, "ECDSA verify failure\n");
1255 ERR_print_errors(bio_err);
1263 /* ******************************************************************** */
1264 static long ecdh_c[EC_NUM][1];
1266 static int ECDH_EVP_derive_key_loop(void *args)
1268 loopargs_t *tempargs = *(loopargs_t **) args;
1269 EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum];
1270 unsigned char *derived_secret = tempargs->secret_a;
1272 size_t *outlen = &(tempargs->outlen[testnum]);
1274 for (count = 0; COND(ecdh_c[testnum][0]); count++)
1275 EVP_PKEY_derive(ctx, derived_secret, outlen);
1280 static long eddsa_c[EdDSA_NUM][2];
1281 static int EdDSA_sign_loop(void *args)
1283 loopargs_t *tempargs = *(loopargs_t **) args;
1284 unsigned char *buf = tempargs->buf;
1285 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1286 unsigned char *eddsasig = tempargs->buf2;
1287 size_t *eddsasigsize = &tempargs->sigsize;
1290 for (count = 0; COND(eddsa_c[testnum][0]); count++) {
1291 ret = EVP_DigestSign(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1293 BIO_printf(bio_err, "EdDSA sign failure\n");
1294 ERR_print_errors(bio_err);
1302 static int EdDSA_verify_loop(void *args)
1304 loopargs_t *tempargs = *(loopargs_t **) args;
1305 unsigned char *buf = tempargs->buf;
1306 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1307 unsigned char *eddsasig = tempargs->buf2;
1308 size_t eddsasigsize = tempargs->sigsize;
1311 for (count = 0; COND(eddsa_c[testnum][1]); count++) {
1312 ret = EVP_DigestVerify(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1314 BIO_printf(bio_err, "EdDSA verify failure\n");
1315 ERR_print_errors(bio_err);
1323 # ifndef OPENSSL_NO_SM2
1324 static long sm2_c[SM2_NUM][2];
1325 static int SM2_sign_loop(void *args)
1327 loopargs_t *tempargs = *(loopargs_t **) args;
1328 unsigned char *buf = tempargs->buf;
1329 EVP_MD_CTX **sm2ctx = tempargs->sm2_ctx;
1330 unsigned char *sm2sig = tempargs->buf2;
1331 size_t sm2sigsize = tempargs->sigsize;
1332 const size_t max_size = tempargs->sigsize;
1334 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1336 for (count = 0; COND(sm2_c[testnum][0]); count++) {
1337 if (!EVP_DigestSignInit(sm2ctx[testnum], NULL, EVP_sm3(),
1338 NULL, sm2_pkey[testnum])) {
1339 BIO_printf(bio_err, "SM2 init sign failure\n");
1340 ERR_print_errors(bio_err);
1344 ret = EVP_DigestSign(sm2ctx[testnum], sm2sig, &sm2sigsize,
1347 BIO_printf(bio_err, "SM2 sign failure\n");
1348 ERR_print_errors(bio_err);
1352 /* update the latest returned size and always use the fixed buffer size */
1353 tempargs->sigsize = sm2sigsize;
1354 sm2sigsize = max_size;
1360 static int SM2_verify_loop(void *args)
1362 loopargs_t *tempargs = *(loopargs_t **) args;
1363 unsigned char *buf = tempargs->buf;
1364 EVP_MD_CTX **sm2ctx = tempargs->sm2_vfy_ctx;
1365 unsigned char *sm2sig = tempargs->buf2;
1366 size_t sm2sigsize = tempargs->sigsize;
1368 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1370 for (count = 0; COND(sm2_c[testnum][1]); count++) {
1371 if (!EVP_DigestVerifyInit(sm2ctx[testnum], NULL, EVP_sm3(),
1372 NULL, sm2_pkey[testnum])) {
1373 BIO_printf(bio_err, "SM2 verify init failure\n");
1374 ERR_print_errors(bio_err);
1378 ret = EVP_DigestVerify(sm2ctx[testnum], sm2sig, sm2sigsize,
1381 BIO_printf(bio_err, "SM2 verify failure\n");
1382 ERR_print_errors(bio_err);
1389 # endif /* OPENSSL_NO_SM2 */
1390 #endif /* OPENSSL_NO_EC */
1392 static int run_benchmark(int async_jobs,
1393 int (*loop_function) (void *), loopargs_t * loopargs)
1395 int job_op_count = 0;
1396 int total_op_count = 0;
1397 int num_inprogress = 0;
1398 int error = 0, i = 0, ret = 0;
1399 OSSL_ASYNC_FD job_fd = 0;
1400 size_t num_job_fds = 0;
1404 if (async_jobs == 0) {
1405 return loop_function((void *)&loopargs);
1408 for (i = 0; i < async_jobs && !error; i++) {
1409 loopargs_t *looparg_item = loopargs + i;
1411 /* Copy pointer content (looparg_t item address) into async context */
1412 ret = ASYNC_start_job(&loopargs[i].inprogress_job, loopargs[i].wait_ctx,
1413 &job_op_count, loop_function,
1414 (void *)&looparg_item, sizeof(looparg_item));
1420 if (job_op_count == -1) {
1423 total_op_count += job_op_count;
1428 BIO_printf(bio_err, "Failure in the job\n");
1429 ERR_print_errors(bio_err);
1435 while (num_inprogress > 0) {
1436 #if defined(OPENSSL_SYS_WINDOWS)
1438 #elif defined(OPENSSL_SYS_UNIX)
1439 int select_result = 0;
1440 OSSL_ASYNC_FD max_fd = 0;
1443 FD_ZERO(&waitfdset);
1445 for (i = 0; i < async_jobs && num_inprogress > 0; i++) {
1446 if (loopargs[i].inprogress_job == NULL)
1449 if (!ASYNC_WAIT_CTX_get_all_fds
1450 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1451 || num_job_fds > 1) {
1452 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1453 ERR_print_errors(bio_err);
1457 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1459 FD_SET(job_fd, &waitfdset);
1460 if (job_fd > max_fd)
1464 if (max_fd >= (OSSL_ASYNC_FD)FD_SETSIZE) {
1466 "Error: max_fd (%d) must be smaller than FD_SETSIZE (%d). "
1467 "Decrease the value of async_jobs\n",
1468 max_fd, FD_SETSIZE);
1469 ERR_print_errors(bio_err);
1474 select_result = select(max_fd + 1, &waitfdset, NULL, NULL, NULL);
1475 if (select_result == -1 && errno == EINTR)
1478 if (select_result == -1) {
1479 BIO_printf(bio_err, "Failure in the select\n");
1480 ERR_print_errors(bio_err);
1485 if (select_result == 0)
1489 for (i = 0; i < async_jobs; i++) {
1490 if (loopargs[i].inprogress_job == NULL)
1493 if (!ASYNC_WAIT_CTX_get_all_fds
1494 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1495 || num_job_fds > 1) {
1496 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1497 ERR_print_errors(bio_err);
1501 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1504 #if defined(OPENSSL_SYS_UNIX)
1505 if (num_job_fds == 1 && !FD_ISSET(job_fd, &waitfdset))
1507 #elif defined(OPENSSL_SYS_WINDOWS)
1508 if (num_job_fds == 1
1509 && !PeekNamedPipe(job_fd, NULL, 0, NULL, &avail, NULL)
1514 ret = ASYNC_start_job(&loopargs[i].inprogress_job,
1515 loopargs[i].wait_ctx, &job_op_count,
1516 loop_function, (void *)(loopargs + i),
1517 sizeof(loopargs_t));
1522 if (job_op_count == -1) {
1525 total_op_count += job_op_count;
1528 loopargs[i].inprogress_job = NULL;
1533 loopargs[i].inprogress_job = NULL;
1534 BIO_printf(bio_err, "Failure in the job\n");
1535 ERR_print_errors(bio_err);
1542 return error ? -1 : total_op_count;
1545 int speed_main(int argc, char **argv)
1548 loopargs_t *loopargs = NULL;
1550 const char *engine_id = NULL;
1551 const EVP_CIPHER *evp_cipher = NULL;
1554 int async_init = 0, multiblock = 0, pr_header = 0;
1555 int doit[ALGOR_NUM] = { 0 };
1556 int ret = 1, misalign = 0, lengths_single = 0, aead = 0;
1558 unsigned int size_num = OSSL_NELEM(lengths_list);
1559 unsigned int i, k, loop, loopargs_len = 0, async_jobs = 0;
1565 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) \
1566 || !defined(OPENSSL_NO_EC)
1569 openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS,
1570 ECDSA_SECONDS, ECDH_SECONDS,
1571 EdDSA_SECONDS, SM2_SECONDS };
1573 /* What follows are the buffers and key material. */
1574 #ifndef OPENSSL_NO_RC5
1577 #ifndef OPENSSL_NO_RC2
1580 #ifndef OPENSSL_NO_IDEA
1581 IDEA_KEY_SCHEDULE idea_ks;
1583 #ifndef OPENSSL_NO_SEED
1584 SEED_KEY_SCHEDULE seed_ks;
1586 #ifndef OPENSSL_NO_BF
1589 #ifndef OPENSSL_NO_CAST
1592 static const unsigned char key16[16] = {
1593 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1594 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1596 static const unsigned char key24[24] = {
1597 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1598 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1599 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1601 static const unsigned char key32[32] = {
1602 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1603 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1604 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1605 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1607 #ifndef OPENSSL_NO_CAMELLIA
1608 static const unsigned char ckey24[24] = {
1609 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1610 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1611 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1613 static const unsigned char ckey32[32] = {
1614 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1615 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1616 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1617 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1619 CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3;
1621 #ifndef OPENSSL_NO_DES
1622 static DES_cblock key = {
1623 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0
1625 static DES_cblock key2 = {
1626 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1628 static DES_cblock key3 = {
1629 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1632 #ifndef OPENSSL_NO_RSA
1633 static const unsigned int rsa_bits[RSA_NUM] = {
1634 512, 1024, 2048, 3072, 4096, 7680, 15360
1636 static const unsigned char *rsa_data[RSA_NUM] = {
1637 test512, test1024, test2048, test3072, test4096, test7680, test15360
1639 static const int rsa_data_length[RSA_NUM] = {
1640 sizeof(test512), sizeof(test1024),
1641 sizeof(test2048), sizeof(test3072),
1642 sizeof(test4096), sizeof(test7680),
1645 int rsa_doit[RSA_NUM] = { 0 };
1646 int primes = RSA_DEFAULT_PRIME_NUM;
1648 #ifndef OPENSSL_NO_DSA
1649 static const unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 };
1650 int dsa_doit[DSA_NUM] = { 0 };
1652 #ifndef OPENSSL_NO_EC
1654 * We only test over the following curves as they are representative, To
1655 * add tests over more curves, simply add the curve NID and curve name to
1656 * the following arrays and increase the |ecdh_choices| list accordingly.
1658 static const struct {
1664 {"secp160r1", NID_secp160r1, 160},
1665 {"nistp192", NID_X9_62_prime192v1, 192},
1666 {"nistp224", NID_secp224r1, 224},
1667 {"nistp256", NID_X9_62_prime256v1, 256},
1668 {"nistp384", NID_secp384r1, 384},
1669 {"nistp521", NID_secp521r1, 521},
1670 # ifndef OPENSSL_NO_EC2M
1672 {"nistk163", NID_sect163k1, 163},
1673 {"nistk233", NID_sect233k1, 233},
1674 {"nistk283", NID_sect283k1, 283},
1675 {"nistk409", NID_sect409k1, 409},
1676 {"nistk571", NID_sect571k1, 571},
1677 {"nistb163", NID_sect163r2, 163},
1678 {"nistb233", NID_sect233r1, 233},
1679 {"nistb283", NID_sect283r1, 283},
1680 {"nistb409", NID_sect409r1, 409},
1681 {"nistb571", NID_sect571r1, 571},
1683 {"brainpoolP256r1", NID_brainpoolP256r1, 256},
1684 {"brainpoolP256t1", NID_brainpoolP256t1, 256},
1685 {"brainpoolP384r1", NID_brainpoolP384r1, 384},
1686 {"brainpoolP384t1", NID_brainpoolP384t1, 384},
1687 {"brainpoolP512r1", NID_brainpoolP512r1, 512},
1688 {"brainpoolP512t1", NID_brainpoolP512t1, 512},
1689 /* Other and ECDH only ones */
1690 {"X25519", NID_X25519, 253},
1691 {"X448", NID_X448, 448}
1693 static const struct {
1698 } test_ed_curves[] = {
1700 {"Ed25519", NID_ED25519, 253, 64},
1701 {"Ed448", NID_ED448, 456, 114}
1703 # ifndef OPENSSL_NO_SM2
1704 static const struct {
1708 } test_sm2_curves[] = {
1710 {"CurveSM2", NID_sm2, 256}
1713 int ecdsa_doit[ECDSA_NUM] = { 0 };
1714 int ecdh_doit[EC_NUM] = { 0 };
1715 int eddsa_doit[EdDSA_NUM] = { 0 };
1716 # ifndef OPENSSL_NO_SM2
1717 int sm2_doit[SM2_NUM] = { 0 };
1719 OPENSSL_assert(OSSL_NELEM(test_curves) >= EC_NUM);
1720 OPENSSL_assert(OSSL_NELEM(test_ed_curves) >= EdDSA_NUM);
1721 # ifndef OPENSSL_NO_SM2
1722 OPENSSL_assert(OSSL_NELEM(test_sm2_curves) >= SM2_NUM);
1724 #endif /* ndef OPENSSL_NO_EC */
1726 prog = opt_init(argc, argv, speed_options);
1727 while ((o = opt_next()) != OPT_EOF) {
1732 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
1735 opt_help(speed_options);
1743 evp_cipher = EVP_get_cipherbyname(opt_arg());
1744 if (evp_cipher == NULL)
1745 evp_md = EVP_get_digestbyname(opt_arg());
1746 if (evp_cipher == NULL && evp_md == NULL) {
1748 "%s: %s is an unknown cipher or digest\n",
1755 evp_hmac_md = EVP_get_digestbyname(opt_arg());
1756 if (evp_hmac_md == NULL) {
1757 BIO_printf(bio_err, "%s: %s is an unknown digest\n",
1761 doit[D_EVP_HMAC] = 1;
1764 #ifndef OPENSSL_NO_CMAC
1765 evp_cmac_cipher = EVP_get_cipherbyname(opt_arg());
1766 if (evp_cmac_cipher == NULL) {
1767 BIO_printf(bio_err, "%s: %s is an unknown cipher\n",
1771 doit[D_EVP_CMAC] = 1;
1779 * In a forked execution, an engine might need to be
1780 * initialised by each child process, not by the parent.
1781 * So store the name here and run setup_engine() later on.
1783 engine_id = opt_arg();
1787 multi = atoi(opt_arg());
1791 #ifndef OPENSSL_NO_ASYNC
1792 async_jobs = atoi(opt_arg());
1793 if (!ASYNC_is_capable()) {
1795 "%s: async_jobs specified but async not supported\n",
1799 if (async_jobs > 99999) {
1800 BIO_printf(bio_err, "%s: too many async_jobs\n", prog);
1806 if (!opt_int(opt_arg(), &misalign))
1808 if (misalign > MISALIGN) {
1810 "%s: Maximum offset is %d\n", prog, MISALIGN);
1819 #ifdef OPENSSL_NO_MULTIBLOCK
1821 "%s: -mb specified but multi-block support is disabled\n",
1831 if (!opt_int(opt_arg(), &primes))
1835 seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa
1836 = seconds.ecdh = seconds.eddsa
1837 = seconds.sm2 = atoi(opt_arg());
1840 lengths_single = atoi(opt_arg());
1841 lengths = &lengths_single;
1849 argc = opt_num_rest();
1852 /* Remaining arguments are algorithms. */
1853 for (; *argv; argv++) {
1854 if (found(*argv, doit_choices, &i)) {
1858 #ifndef OPENSSL_NO_DES
1859 if (strcmp(*argv, "des") == 0) {
1860 doit[D_CBC_DES] = doit[D_EDE3_DES] = 1;
1864 if (strcmp(*argv, "sha") == 0) {
1865 doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1;
1868 #ifndef OPENSSL_NO_RSA
1869 if (strcmp(*argv, "openssl") == 0)
1871 if (strcmp(*argv, "rsa") == 0) {
1872 for (loop = 0; loop < OSSL_NELEM(rsa_doit); loop++)
1876 if (found(*argv, rsa_choices, &i)) {
1881 #ifndef OPENSSL_NO_DSA
1882 if (strcmp(*argv, "dsa") == 0) {
1883 dsa_doit[R_DSA_512] = dsa_doit[R_DSA_1024] =
1884 dsa_doit[R_DSA_2048] = 1;
1887 if (found(*argv, dsa_choices, &i)) {
1892 if (strcmp(*argv, "aes") == 0) {
1893 doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1;
1896 #ifndef OPENSSL_NO_CAMELLIA
1897 if (strcmp(*argv, "camellia") == 0) {
1898 doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1;
1902 #ifndef OPENSSL_NO_EC
1903 if (strcmp(*argv, "ecdsa") == 0) {
1904 for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
1905 ecdsa_doit[loop] = 1;
1908 if (found(*argv, ecdsa_choices, &i)) {
1912 if (strcmp(*argv, "ecdh") == 0) {
1913 for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
1914 ecdh_doit[loop] = 1;
1917 if (found(*argv, ecdh_choices, &i)) {
1921 if (strcmp(*argv, "eddsa") == 0) {
1922 for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
1923 eddsa_doit[loop] = 1;
1926 if (found(*argv, eddsa_choices, &i)) {
1930 # ifndef OPENSSL_NO_SM2
1931 if (strcmp(*argv, "sm2") == 0) {
1932 for (loop = 0; loop < OSSL_NELEM(sm2_doit); loop++)
1936 if (found(*argv, sm2_choices, &i)) {
1942 BIO_printf(bio_err, "%s: Unknown algorithm %s\n", prog, *argv);
1948 if (evp_cipher == NULL) {
1949 BIO_printf(bio_err, "-aead can be used only with an AEAD cipher\n");
1951 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1952 EVP_CIPH_FLAG_AEAD_CIPHER)) {
1953 BIO_printf(bio_err, "%s is not an AEAD cipher\n",
1954 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1959 if (evp_cipher == NULL) {
1960 BIO_printf(bio_err,"-mb can be used only with a multi-block"
1961 " capable cipher\n");
1963 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1964 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
1965 BIO_printf(bio_err, "%s is not a multi-block capable\n",
1966 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1968 } else if (async_jobs > 0) {
1969 BIO_printf(bio_err, "Async mode is not supported with -mb");
1974 /* Initialize the job pool if async mode is enabled */
1975 if (async_jobs > 0) {
1976 async_init = ASYNC_init_thread(async_jobs, async_jobs);
1978 BIO_printf(bio_err, "Error creating the ASYNC job pool\n");
1983 loopargs_len = (async_jobs == 0 ? 1 : async_jobs);
1985 app_malloc(loopargs_len * sizeof(loopargs_t), "array of loopargs");
1986 memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));
1988 for (i = 0; i < loopargs_len; i++) {
1989 if (async_jobs > 0) {
1990 loopargs[i].wait_ctx = ASYNC_WAIT_CTX_new();
1991 if (loopargs[i].wait_ctx == NULL) {
1992 BIO_printf(bio_err, "Error creating the ASYNC_WAIT_CTX\n");
1997 buflen = lengths[size_num - 1];
1998 if (buflen < 36) /* size of random vector in RSA benchmark */
2000 buflen += MAX_MISALIGNMENT + 1;
2001 loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
2002 loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");
2003 memset(loopargs[i].buf_malloc, 0, buflen);
2004 memset(loopargs[i].buf2_malloc, 0, buflen);
2006 /* Align the start of buffers on a 64 byte boundary */
2007 loopargs[i].buf = loopargs[i].buf_malloc + misalign;
2008 loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;
2009 #ifndef OPENSSL_NO_EC
2010 loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a");
2011 loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b");
2016 if (multi && do_multi(multi, size_num))
2020 /* Initialize the engine after the fork */
2021 e = setup_engine(engine_id, 0);
2023 /* No parameters; turn on everything. */
2024 if (argc == 0 && !doit[D_EVP] && !doit[D_EVP_HMAC] && !doit[D_EVP_CMAC]) {
2025 for (i = 0; i < ALGOR_NUM; i++)
2026 if (i != D_EVP && i != D_EVP_HMAC && i != D_EVP_CMAC)
2028 #ifndef OPENSSL_NO_RSA
2029 for (i = 0; i < RSA_NUM; i++)
2032 #ifndef OPENSSL_NO_DSA
2033 for (i = 0; i < DSA_NUM; i++)
2036 #ifndef OPENSSL_NO_EC
2037 for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
2038 ecdsa_doit[loop] = 1;
2039 for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
2040 ecdh_doit[loop] = 1;
2041 for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
2042 eddsa_doit[loop] = 1;
2043 # ifndef OPENSSL_NO_SM2
2044 for (loop = 0; loop < OSSL_NELEM(sm2_doit); loop++)
2049 for (i = 0; i < ALGOR_NUM; i++)
2053 if (usertime == 0 && !mr)
2055 "You have chosen to measure elapsed time "
2056 "instead of user CPU time.\n");
2058 #ifndef OPENSSL_NO_RSA
2059 for (i = 0; i < loopargs_len; i++) {
2060 if (primes > RSA_DEFAULT_PRIME_NUM) {
2061 /* for multi-prime RSA, skip this */
2064 for (k = 0; k < RSA_NUM; k++) {
2065 const unsigned char *p;
2068 loopargs[i].rsa_key[k] =
2069 d2i_RSAPrivateKey(NULL, &p, rsa_data_length[k]);
2070 if (loopargs[i].rsa_key[k] == NULL) {
2072 "internal error loading RSA key number %d\n", k);
2078 #ifndef OPENSSL_NO_DSA
2079 for (i = 0; i < loopargs_len; i++) {
2080 loopargs[i].dsa_key[0] = get_dsa(512);
2081 loopargs[i].dsa_key[1] = get_dsa(1024);
2082 loopargs[i].dsa_key[2] = get_dsa(2048);
2085 #ifndef OPENSSL_NO_DES
2086 DES_set_key_unchecked(&key, &sch);
2087 DES_set_key_unchecked(&key2, &sch2);
2088 DES_set_key_unchecked(&key3, &sch3);
2090 AES_set_encrypt_key(key16, 128, &aes_ks1);
2091 AES_set_encrypt_key(key24, 192, &aes_ks2);
2092 AES_set_encrypt_key(key32, 256, &aes_ks3);
2093 #ifndef OPENSSL_NO_CAMELLIA
2094 Camellia_set_key(key16, 128, &camellia_ks1);
2095 Camellia_set_key(ckey24, 192, &camellia_ks2);
2096 Camellia_set_key(ckey32, 256, &camellia_ks3);
2098 #ifndef OPENSSL_NO_IDEA
2099 IDEA_set_encrypt_key(key16, &idea_ks);
2101 #ifndef OPENSSL_NO_SEED
2102 SEED_set_key(key16, &seed_ks);
2104 #ifndef OPENSSL_NO_RC4
2105 RC4_set_key(&rc4_ks, 16, key16);
2107 #ifndef OPENSSL_NO_RC2
2108 RC2_set_key(&rc2_ks, 16, key16, 128);
2110 #ifndef OPENSSL_NO_RC5
2111 if (!RC5_32_set_key(&rc5_ks, 16, key16, 12)) {
2112 BIO_printf(bio_err, "Failed setting RC5 key\n");
2116 #ifndef OPENSSL_NO_BF
2117 BF_set_key(&bf_ks, 16, key16);
2119 #ifndef OPENSSL_NO_CAST
2120 CAST_set_key(&cast_ks, 16, key16);
2123 # ifndef OPENSSL_NO_DES
2124 BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
2130 for (it = count; it; it--)
2131 DES_ecb_encrypt((DES_cblock *)loopargs[0].buf,
2132 (DES_cblock *)loopargs[0].buf, &sch, DES_ENCRYPT);
2136 c[D_MD2][0] = count / 10;
2137 c[D_MDC2][0] = count / 10;
2138 c[D_MD4][0] = count;
2139 c[D_MD5][0] = count;
2140 c[D_HMAC][0] = count;
2141 c[D_SHA1][0] = count;
2142 c[D_RMD160][0] = count;
2143 c[D_RC4][0] = count * 5;
2144 c[D_CBC_DES][0] = count;
2145 c[D_EDE3_DES][0] = count / 3;
2146 c[D_CBC_IDEA][0] = count;
2147 c[D_CBC_SEED][0] = count;
2148 c[D_CBC_RC2][0] = count;
2149 c[D_CBC_RC5][0] = count;
2150 c[D_CBC_BF][0] = count;
2151 c[D_CBC_CAST][0] = count;
2152 c[D_CBC_128_AES][0] = count;
2153 c[D_CBC_192_AES][0] = count;
2154 c[D_CBC_256_AES][0] = count;
2155 c[D_CBC_128_CML][0] = count;
2156 c[D_CBC_192_CML][0] = count;
2157 c[D_CBC_256_CML][0] = count;
2158 c[D_SHA256][0] = count;
2159 c[D_SHA512][0] = count;
2160 c[D_WHIRLPOOL][0] = count;
2161 c[D_IGE_128_AES][0] = count;
2162 c[D_IGE_192_AES][0] = count;
2163 c[D_IGE_256_AES][0] = count;
2164 c[D_GHASH][0] = count;
2165 c[D_RAND][0] = count;
2167 for (i = 1; i < size_num; i++) {
2170 l0 = (long)lengths[0];
2171 l1 = (long)lengths[i];
2173 c[D_MD2][i] = c[D_MD2][0] * 4 * l0 / l1;
2174 c[D_MDC2][i] = c[D_MDC2][0] * 4 * l0 / l1;
2175 c[D_MD4][i] = c[D_MD4][0] * 4 * l0 / l1;
2176 c[D_MD5][i] = c[D_MD5][0] * 4 * l0 / l1;
2177 c[D_HMAC][i] = c[D_HMAC][0] * 4 * l0 / l1;
2178 c[D_SHA1][i] = c[D_SHA1][0] * 4 * l0 / l1;
2179 c[D_RMD160][i] = c[D_RMD160][0] * 4 * l0 / l1;
2180 c[D_SHA256][i] = c[D_SHA256][0] * 4 * l0 / l1;
2181 c[D_SHA512][i] = c[D_SHA512][0] * 4 * l0 / l1;
2182 c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * l0 / l1;
2183 c[D_GHASH][i] = c[D_GHASH][0] * 4 * l0 / l1;
2184 c[D_RAND][i] = c[D_RAND][0] * 4 * l0 / l1;
2186 l0 = (long)lengths[i - 1];
2188 c[D_RC4][i] = c[D_RC4][i - 1] * l0 / l1;
2189 c[D_CBC_DES][i] = c[D_CBC_DES][i - 1] * l0 / l1;
2190 c[D_EDE3_DES][i] = c[D_EDE3_DES][i - 1] * l0 / l1;
2191 c[D_CBC_IDEA][i] = c[D_CBC_IDEA][i - 1] * l0 / l1;
2192 c[D_CBC_SEED][i] = c[D_CBC_SEED][i - 1] * l0 / l1;
2193 c[D_CBC_RC2][i] = c[D_CBC_RC2][i - 1] * l0 / l1;
2194 c[D_CBC_RC5][i] = c[D_CBC_RC5][i - 1] * l0 / l1;
2195 c[D_CBC_BF][i] = c[D_CBC_BF][i - 1] * l0 / l1;
2196 c[D_CBC_CAST][i] = c[D_CBC_CAST][i - 1] * l0 / l1;
2197 c[D_CBC_128_AES][i] = c[D_CBC_128_AES][i - 1] * l0 / l1;
2198 c[D_CBC_192_AES][i] = c[D_CBC_192_AES][i - 1] * l0 / l1;
2199 c[D_CBC_256_AES][i] = c[D_CBC_256_AES][i - 1] * l0 / l1;
2200 c[D_CBC_128_CML][i] = c[D_CBC_128_CML][i - 1] * l0 / l1;
2201 c[D_CBC_192_CML][i] = c[D_CBC_192_CML][i - 1] * l0 / l1;
2202 c[D_CBC_256_CML][i] = c[D_CBC_256_CML][i - 1] * l0 / l1;
2203 c[D_IGE_128_AES][i] = c[D_IGE_128_AES][i - 1] * l0 / l1;
2204 c[D_IGE_192_AES][i] = c[D_IGE_192_AES][i - 1] * l0 / l1;
2205 c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
2208 # ifndef OPENSSL_NO_RSA
2209 rsa_c[R_RSA_512][0] = count / 2000;
2210 rsa_c[R_RSA_512][1] = count / 400;
2211 for (i = 1; i < RSA_NUM; i++) {
2212 rsa_c[i][0] = rsa_c[i - 1][0] / 8;
2213 rsa_c[i][1] = rsa_c[i - 1][1] / 4;
2214 if (rsa_doit[i] <= 1 && rsa_c[i][0] == 0)
2217 if (rsa_c[i][0] == 0) {
2218 rsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2225 # ifndef OPENSSL_NO_DSA
2226 dsa_c[R_DSA_512][0] = count / 1000;
2227 dsa_c[R_DSA_512][1] = count / 1000 / 2;
2228 for (i = 1; i < DSA_NUM; i++) {
2229 dsa_c[i][0] = dsa_c[i - 1][0] / 4;
2230 dsa_c[i][1] = dsa_c[i - 1][1] / 4;
2231 if (dsa_doit[i] <= 1 && dsa_c[i][0] == 0)
2234 if (dsa_c[i][0] == 0) {
2235 dsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2242 # ifndef OPENSSL_NO_EC
2243 ecdsa_c[R_EC_P160][0] = count / 1000;
2244 ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
2245 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2246 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2247 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2248 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2251 if (ecdsa_c[i][0] == 0) {
2257 # ifndef OPENSSL_NO_EC2M
2258 ecdsa_c[R_EC_K163][0] = count / 1000;
2259 ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
2260 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2261 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2262 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2263 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2266 if (ecdsa_c[i][0] == 0) {
2272 ecdsa_c[R_EC_B163][0] = count / 1000;
2273 ecdsa_c[R_EC_B163][1] = count / 1000 / 2;
2274 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2275 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2276 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2277 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2280 if (ecdsa_c[i][0] == 0) {
2288 ecdh_c[R_EC_P160][0] = count / 1000;
2289 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2290 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2291 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2294 if (ecdh_c[i][0] == 0) {
2299 # ifndef OPENSSL_NO_EC2M
2300 ecdh_c[R_EC_K163][0] = count / 1000;
2301 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2302 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2303 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2306 if (ecdh_c[i][0] == 0) {
2311 ecdh_c[R_EC_B163][0] = count / 1000;
2312 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2313 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2314 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2317 if (ecdh_c[i][0] == 0) {
2323 /* repeated code good to factorize */
2324 ecdh_c[R_EC_BRP256R1][0] = count / 1000;
2325 for (i = R_EC_BRP384R1; i <= R_EC_BRP512R1; i += 2) {
2326 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2327 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2330 if (ecdh_c[i][0] == 0) {
2335 ecdh_c[R_EC_BRP256T1][0] = count / 1000;
2336 for (i = R_EC_BRP384T1; i <= R_EC_BRP512T1; i += 2) {
2337 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2338 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2341 if (ecdh_c[i][0] == 0) {
2346 /* default iteration count for the last two EC Curves */
2347 ecdh_c[R_EC_X25519][0] = count / 1800;
2348 ecdh_c[R_EC_X448][0] = count / 7200;
2350 eddsa_c[R_EC_Ed25519][0] = count / 1800;
2351 eddsa_c[R_EC_Ed448][0] = count / 7200;
2353 # ifndef OPENSSL_NO_SM2
2354 sm2_c[R_EC_SM2P256][0] = count / 1800;
2359 /* not worth fixing */
2360 # error "You cannot disable DES on systems without SIGALRM."
2361 # endif /* OPENSSL_NO_DES */
2363 signal(SIGALRM, alarmed);
2364 #endif /* SIGALRM */
2366 #ifndef OPENSSL_NO_MD2
2368 for (testnum = 0; testnum < size_num; testnum++) {
2369 print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum],
2372 count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs);
2374 print_result(D_MD2, testnum, count, d);
2378 #ifndef OPENSSL_NO_MDC2
2380 for (testnum = 0; testnum < size_num; testnum++) {
2381 print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum],
2384 count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs);
2386 print_result(D_MDC2, testnum, count, d);
2391 #ifndef OPENSSL_NO_MD4
2393 for (testnum = 0; testnum < size_num; testnum++) {
2394 print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum],
2397 count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs);
2399 print_result(D_MD4, testnum, count, d);
2404 #ifndef OPENSSL_NO_MD5
2406 for (testnum = 0; testnum < size_num; testnum++) {
2407 print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum],
2410 count = run_benchmark(async_jobs, MD5_loop, loopargs);
2412 print_result(D_MD5, testnum, count, d);
2417 static const char hmac_key[] = "This is a key...";
2418 int len = strlen(hmac_key);
2420 for (i = 0; i < loopargs_len; i++) {
2421 loopargs[i].hctx = HMAC_CTX_new();
2422 if (loopargs[i].hctx == NULL) {
2423 BIO_printf(bio_err, "HMAC malloc failure, exiting...");
2427 HMAC_Init_ex(loopargs[i].hctx, hmac_key, len, EVP_md5(), NULL);
2429 for (testnum = 0; testnum < size_num; testnum++) {
2430 print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum],
2433 count = run_benchmark(async_jobs, HMAC_loop, loopargs);
2435 print_result(D_HMAC, testnum, count, d);
2437 for (i = 0; i < loopargs_len; i++) {
2438 HMAC_CTX_free(loopargs[i].hctx);
2443 for (testnum = 0; testnum < size_num; testnum++) {
2444 print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum],
2447 count = run_benchmark(async_jobs, SHA1_loop, loopargs);
2449 print_result(D_SHA1, testnum, count, d);
2452 if (doit[D_SHA256]) {
2453 for (testnum = 0; testnum < size_num; testnum++) {
2454 print_message(names[D_SHA256], c[D_SHA256][testnum],
2455 lengths[testnum], seconds.sym);
2457 count = run_benchmark(async_jobs, SHA256_loop, loopargs);
2459 print_result(D_SHA256, testnum, count, d);
2462 if (doit[D_SHA512]) {
2463 for (testnum = 0; testnum < size_num; testnum++) {
2464 print_message(names[D_SHA512], c[D_SHA512][testnum],
2465 lengths[testnum], seconds.sym);
2467 count = run_benchmark(async_jobs, SHA512_loop, loopargs);
2469 print_result(D_SHA512, testnum, count, d);
2472 #ifndef OPENSSL_NO_WHIRLPOOL
2473 if (doit[D_WHIRLPOOL]) {
2474 for (testnum = 0; testnum < size_num; testnum++) {
2475 print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][testnum],
2476 lengths[testnum], seconds.sym);
2478 count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs);
2480 print_result(D_WHIRLPOOL, testnum, count, d);
2485 #ifndef OPENSSL_NO_RMD160
2486 if (doit[D_RMD160]) {
2487 for (testnum = 0; testnum < size_num; testnum++) {
2488 print_message(names[D_RMD160], c[D_RMD160][testnum],
2489 lengths[testnum], seconds.sym);
2491 count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs);
2493 print_result(D_RMD160, testnum, count, d);
2497 #ifndef OPENSSL_NO_RC4
2499 for (testnum = 0; testnum < size_num; testnum++) {
2500 print_message(names[D_RC4], c[D_RC4][testnum], lengths[testnum],
2503 count = run_benchmark(async_jobs, RC4_loop, loopargs);
2505 print_result(D_RC4, testnum, count, d);
2509 #ifndef OPENSSL_NO_DES
2510 if (doit[D_CBC_DES]) {
2511 for (testnum = 0; testnum < size_num; testnum++) {
2512 print_message(names[D_CBC_DES], c[D_CBC_DES][testnum],
2513 lengths[testnum], seconds.sym);
2515 count = run_benchmark(async_jobs, DES_ncbc_encrypt_loop, loopargs);
2517 print_result(D_CBC_DES, testnum, count, d);
2521 if (doit[D_EDE3_DES]) {
2522 for (testnum = 0; testnum < size_num; testnum++) {
2523 print_message(names[D_EDE3_DES], c[D_EDE3_DES][testnum],
2524 lengths[testnum], seconds.sym);
2527 run_benchmark(async_jobs, DES_ede3_cbc_encrypt_loop, loopargs);
2529 print_result(D_EDE3_DES, testnum, count, d);
2534 if (doit[D_CBC_128_AES]) {
2535 for (testnum = 0; testnum < size_num; testnum++) {
2536 print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][testnum],
2537 lengths[testnum], seconds.sym);
2540 run_benchmark(async_jobs, AES_cbc_128_encrypt_loop, loopargs);
2542 print_result(D_CBC_128_AES, testnum, count, d);
2545 if (doit[D_CBC_192_AES]) {
2546 for (testnum = 0; testnum < size_num; testnum++) {
2547 print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][testnum],
2548 lengths[testnum], seconds.sym);
2551 run_benchmark(async_jobs, AES_cbc_192_encrypt_loop, loopargs);
2553 print_result(D_CBC_192_AES, testnum, count, d);
2556 if (doit[D_CBC_256_AES]) {
2557 for (testnum = 0; testnum < size_num; testnum++) {
2558 print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][testnum],
2559 lengths[testnum], seconds.sym);
2562 run_benchmark(async_jobs, AES_cbc_256_encrypt_loop, loopargs);
2564 print_result(D_CBC_256_AES, testnum, count, d);
2569 if (doit[D_IGE_128_AES]) {
2570 for (testnum = 0; testnum < size_num; testnum++) {
2571 print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][testnum],
2572 lengths[testnum], seconds.sym);
2575 run_benchmark(async_jobs, AES_ige_128_encrypt_loop, loopargs);
2577 print_result(D_IGE_128_AES, testnum, count, d);
2580 if (doit[D_IGE_192_AES]) {
2581 for (testnum = 0; testnum < size_num; testnum++) {
2582 print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][testnum],
2583 lengths[testnum], seconds.sym);
2586 run_benchmark(async_jobs, AES_ige_192_encrypt_loop, loopargs);
2588 print_result(D_IGE_192_AES, testnum, count, d);
2591 if (doit[D_IGE_256_AES]) {
2592 for (testnum = 0; testnum < size_num; testnum++) {
2593 print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][testnum],
2594 lengths[testnum], seconds.sym);
2597 run_benchmark(async_jobs, AES_ige_256_encrypt_loop, loopargs);
2599 print_result(D_IGE_256_AES, testnum, count, d);
2603 if (doit[D_GHASH]) {
2604 for (i = 0; i < loopargs_len; i++) {
2605 loopargs[i].gcm_ctx =
2606 CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
2607 CRYPTO_gcm128_setiv(loopargs[i].gcm_ctx,
2608 (unsigned char *)"0123456789ab", 12);
2611 for (testnum = 0; testnum < size_num; testnum++) {
2612 print_message(names[D_GHASH], c[D_GHASH][testnum],
2613 lengths[testnum], seconds.sym);
2615 count = run_benchmark(async_jobs, CRYPTO_gcm128_aad_loop, loopargs);
2617 print_result(D_GHASH, testnum, count, d);
2619 for (i = 0; i < loopargs_len; i++)
2620 CRYPTO_gcm128_release(loopargs[i].gcm_ctx);
2622 #ifndef OPENSSL_NO_CAMELLIA
2623 if (doit[D_CBC_128_CML]) {
2624 if (async_jobs > 0) {
2625 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2626 names[D_CBC_128_CML]);
2627 doit[D_CBC_128_CML] = 0;
2629 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2630 print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][testnum],
2631 lengths[testnum], seconds.sym);
2633 for (count = 0, run = 1; COND(c[D_CBC_128_CML][testnum]); count++)
2634 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2635 (size_t)lengths[testnum], &camellia_ks1,
2636 iv, CAMELLIA_ENCRYPT);
2638 print_result(D_CBC_128_CML, testnum, count, d);
2641 if (doit[D_CBC_192_CML]) {
2642 if (async_jobs > 0) {
2643 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2644 names[D_CBC_192_CML]);
2645 doit[D_CBC_192_CML] = 0;
2647 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2648 print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][testnum],
2649 lengths[testnum], seconds.sym);
2650 if (async_jobs > 0) {
2651 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2655 for (count = 0, run = 1; COND(c[D_CBC_192_CML][testnum]); count++)
2656 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2657 (size_t)lengths[testnum], &camellia_ks2,
2658 iv, CAMELLIA_ENCRYPT);
2660 print_result(D_CBC_192_CML, testnum, count, d);
2663 if (doit[D_CBC_256_CML]) {
2664 if (async_jobs > 0) {
2665 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2666 names[D_CBC_256_CML]);
2667 doit[D_CBC_256_CML] = 0;
2669 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2670 print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][testnum],
2671 lengths[testnum], seconds.sym);
2673 for (count = 0, run = 1; COND(c[D_CBC_256_CML][testnum]); count++)
2674 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2675 (size_t)lengths[testnum], &camellia_ks3,
2676 iv, CAMELLIA_ENCRYPT);
2678 print_result(D_CBC_256_CML, testnum, count, d);
2682 #ifndef OPENSSL_NO_IDEA
2683 if (doit[D_CBC_IDEA]) {
2684 if (async_jobs > 0) {
2685 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2687 doit[D_CBC_IDEA] = 0;
2689 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2690 print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][testnum],
2691 lengths[testnum], seconds.sym);
2693 for (count = 0, run = 1; COND(c[D_CBC_IDEA][testnum]); count++)
2694 IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2695 (size_t)lengths[testnum], &idea_ks,
2698 print_result(D_CBC_IDEA, testnum, count, d);
2702 #ifndef OPENSSL_NO_SEED
2703 if (doit[D_CBC_SEED]) {
2704 if (async_jobs > 0) {
2705 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2707 doit[D_CBC_SEED] = 0;
2709 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2710 print_message(names[D_CBC_SEED], c[D_CBC_SEED][testnum],
2711 lengths[testnum], seconds.sym);
2713 for (count = 0, run = 1; COND(c[D_CBC_SEED][testnum]); count++)
2714 SEED_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2715 (size_t)lengths[testnum], &seed_ks, iv, 1);
2717 print_result(D_CBC_SEED, testnum, count, d);
2721 #ifndef OPENSSL_NO_RC2
2722 if (doit[D_CBC_RC2]) {
2723 if (async_jobs > 0) {
2724 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2726 doit[D_CBC_RC2] = 0;
2728 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2729 print_message(names[D_CBC_RC2], c[D_CBC_RC2][testnum],
2730 lengths[testnum], seconds.sym);
2731 if (async_jobs > 0) {
2732 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2736 for (count = 0, run = 1; COND(c[D_CBC_RC2][testnum]); count++)
2737 RC2_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2738 (size_t)lengths[testnum], &rc2_ks,
2741 print_result(D_CBC_RC2, testnum, count, d);
2745 #ifndef OPENSSL_NO_RC5
2746 if (doit[D_CBC_RC5]) {
2747 if (async_jobs > 0) {
2748 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2750 doit[D_CBC_RC5] = 0;
2752 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2753 print_message(names[D_CBC_RC5], c[D_CBC_RC5][testnum],
2754 lengths[testnum], seconds.sym);
2755 if (async_jobs > 0) {
2756 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2760 for (count = 0, run = 1; COND(c[D_CBC_RC5][testnum]); count++)
2761 RC5_32_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2762 (size_t)lengths[testnum], &rc5_ks,
2765 print_result(D_CBC_RC5, testnum, count, d);
2769 #ifndef OPENSSL_NO_BF
2770 if (doit[D_CBC_BF]) {
2771 if (async_jobs > 0) {
2772 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2776 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2777 print_message(names[D_CBC_BF], c[D_CBC_BF][testnum],
2778 lengths[testnum], seconds.sym);
2780 for (count = 0, run = 1; COND(c[D_CBC_BF][testnum]); count++)
2781 BF_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2782 (size_t)lengths[testnum], &bf_ks,
2785 print_result(D_CBC_BF, testnum, count, d);
2789 #ifndef OPENSSL_NO_CAST
2790 if (doit[D_CBC_CAST]) {
2791 if (async_jobs > 0) {
2792 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2794 doit[D_CBC_CAST] = 0;
2796 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2797 print_message(names[D_CBC_CAST], c[D_CBC_CAST][testnum],
2798 lengths[testnum], seconds.sym);
2800 for (count = 0, run = 1; COND(c[D_CBC_CAST][testnum]); count++)
2801 CAST_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2802 (size_t)lengths[testnum], &cast_ks,
2805 print_result(D_CBC_CAST, testnum, count, d);
2810 for (testnum = 0; testnum < size_num; testnum++) {
2811 print_message(names[D_RAND], c[D_RAND][testnum], lengths[testnum],
2814 count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs);
2816 print_result(D_RAND, testnum, count, d);
2821 if (evp_cipher != NULL) {
2822 int (*loopfunc)(void *args) = EVP_Update_loop;
2824 if (multiblock && (EVP_CIPHER_flags(evp_cipher) &
2825 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
2826 multiblock_speed(evp_cipher, lengths_single, &seconds);
2831 names[D_EVP] = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
2833 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_CCM_MODE) {
2834 loopfunc = EVP_Update_loop_ccm;
2835 } else if (aead && (EVP_CIPHER_flags(evp_cipher) &
2836 EVP_CIPH_FLAG_AEAD_CIPHER)) {
2837 loopfunc = EVP_Update_loop_aead;
2838 if (lengths == lengths_list) {
2839 lengths = aead_lengths_list;
2840 size_num = OSSL_NELEM(aead_lengths_list);
2844 for (testnum = 0; testnum < size_num; testnum++) {
2845 print_message(names[D_EVP], save_count, lengths[testnum],
2848 for (k = 0; k < loopargs_len; k++) {
2849 loopargs[k].ctx = EVP_CIPHER_CTX_new();
2850 if (loopargs[k].ctx == NULL) {
2851 BIO_printf(bio_err, "\nEVP_CIPHER_CTX_new failure\n");
2854 if (!EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL,
2855 NULL, iv, decrypt ? 0 : 1)) {
2856 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2857 ERR_print_errors(bio_err);
2861 EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
2863 keylen = EVP_CIPHER_CTX_key_length(loopargs[k].ctx);
2864 loopargs[k].key = app_malloc(keylen, "evp_cipher key");
2865 EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key);
2866 if (!EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
2867 loopargs[k].key, NULL, -1)) {
2868 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2869 ERR_print_errors(bio_err);
2872 OPENSSL_clear_free(loopargs[k].key, keylen);
2874 /* SIV mode only allows for a single Update operation */
2875 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_SIV_MODE)
2876 EVP_CIPHER_CTX_ctrl(loopargs[k].ctx, EVP_CTRL_SET_SPEED, 1, NULL);
2880 count = run_benchmark(async_jobs, loopfunc, loopargs);
2882 for (k = 0; k < loopargs_len; k++) {
2883 EVP_CIPHER_CTX_free(loopargs[k].ctx);
2885 print_result(D_EVP, testnum, count, d);
2887 } else if (evp_md != NULL) {
2888 names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md));
2890 for (testnum = 0; testnum < size_num; testnum++) {
2891 print_message(names[D_EVP], save_count, lengths[testnum],
2894 count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs);
2896 print_result(D_EVP, testnum, count, d);
2901 if (doit[D_EVP_HMAC]) {
2902 if (evp_hmac_md != NULL) {
2903 const char *md_name = OBJ_nid2ln(EVP_MD_type(evp_hmac_md));
2904 evp_hmac_name = app_malloc(sizeof("HMAC()") + strlen(md_name),
2906 sprintf(evp_hmac_name, "HMAC(%s)", md_name);
2907 names[D_EVP_HMAC] = evp_hmac_name;
2909 for (testnum = 0; testnum < size_num; testnum++) {
2910 print_message(names[D_EVP_HMAC], save_count, lengths[testnum],
2913 count = run_benchmark(async_jobs, EVP_HMAC_loop, loopargs);
2915 print_result(D_EVP_HMAC, testnum, count, d);
2920 #ifndef OPENSSL_NO_CMAC
2921 if (doit[D_EVP_CMAC]) {
2922 if (evp_cmac_cipher != NULL) {
2923 const char *cipher_name = OBJ_nid2ln(EVP_CIPHER_type(evp_cmac_cipher));
2924 evp_cmac_name = app_malloc(sizeof("CMAC()") + strlen(cipher_name),
2926 sprintf(evp_cmac_name, "CMAC(%s)", cipher_name);
2927 names[D_EVP_CMAC] = evp_cmac_name;
2929 for (i = 0; i < loopargs_len; i++) {
2930 loopargs[i].cmac_ctx = CMAC_CTX_new();
2931 if (loopargs[i].cmac_ctx == NULL) {
2932 BIO_printf(bio_err, "CMAC malloc failure, exiting...");
2936 for (testnum = 0; testnum < size_num; testnum++) {
2937 print_message(names[D_EVP_CMAC], save_count, lengths[testnum],
2940 count = run_benchmark(async_jobs, EVP_CMAC_loop, loopargs);
2942 print_result(D_EVP_CMAC, testnum, count, d);
2944 for (i = 0; i < loopargs_len; i++)
2945 CMAC_CTX_free(loopargs[i].cmac_ctx);
2950 for (i = 0; i < loopargs_len; i++)
2951 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2954 #ifndef OPENSSL_NO_RSA
2955 for (testnum = 0; testnum < RSA_NUM; testnum++) {
2957 if (!rsa_doit[testnum])
2959 for (i = 0; i < loopargs_len; i++) {
2961 /* we haven't set keys yet, generate multi-prime RSA keys */
2962 BIGNUM *bn = BN_new();
2966 if (!BN_set_word(bn, RSA_F4)) {
2971 BIO_printf(bio_err, "Generate multi-prime RSA key for %s\n",
2972 rsa_choices[testnum].name);
2974 loopargs[i].rsa_key[testnum] = RSA_new();
2975 if (loopargs[i].rsa_key[testnum] == NULL) {
2980 if (!RSA_generate_multi_prime_key(loopargs[i].rsa_key[testnum],
2982 primes, bn, NULL)) {
2988 st = RSA_sign(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2989 &loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2995 "RSA sign failure. No RSA sign will be done.\n");
2996 ERR_print_errors(bio_err);
2999 pkey_print_message("private", "rsa",
3000 rsa_c[testnum][0], rsa_bits[testnum],
3002 /* RSA_blinding_on(rsa_key[testnum],NULL); */
3004 count = run_benchmark(async_jobs, RSA_sign_loop, loopargs);
3007 mr ? "+R1:%ld:%d:%.2f\n"
3008 : "%ld %u bits private RSA's in %.2fs\n",
3009 count, rsa_bits[testnum], d);
3010 rsa_results[testnum][0] = (double)count / d;
3014 for (i = 0; i < loopargs_len; i++) {
3015 st = RSA_verify(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
3016 loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
3022 "RSA verify failure. No RSA verify will be done.\n");
3023 ERR_print_errors(bio_err);
3024 rsa_doit[testnum] = 0;
3026 pkey_print_message("public", "rsa",
3027 rsa_c[testnum][1], rsa_bits[testnum],
3030 count = run_benchmark(async_jobs, RSA_verify_loop, loopargs);
3033 mr ? "+R2:%ld:%d:%.2f\n"
3034 : "%ld %u bits public RSA's in %.2fs\n",
3035 count, rsa_bits[testnum], d);
3036 rsa_results[testnum][1] = (double)count / d;
3039 if (rsa_count <= 1) {
3040 /* if longer than 10s, don't do any more */
3041 for (testnum++; testnum < RSA_NUM; testnum++)
3042 rsa_doit[testnum] = 0;
3045 #endif /* OPENSSL_NO_RSA */
3047 for (i = 0; i < loopargs_len; i++)
3048 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
3051 #ifndef OPENSSL_NO_DSA
3052 for (testnum = 0; testnum < DSA_NUM; testnum++) {
3054 if (!dsa_doit[testnum])
3057 /* DSA_generate_key(dsa_key[testnum]); */
3058 /* DSA_sign_setup(dsa_key[testnum],NULL); */
3059 for (i = 0; i < loopargs_len; i++) {
3060 st = DSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
3061 &loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
3067 "DSA sign failure. No DSA sign will be done.\n");
3068 ERR_print_errors(bio_err);
3071 pkey_print_message("sign", "dsa",
3072 dsa_c[testnum][0], dsa_bits[testnum],
3075 count = run_benchmark(async_jobs, DSA_sign_loop, loopargs);
3078 mr ? "+R3:%ld:%u:%.2f\n"
3079 : "%ld %u bits DSA signs in %.2fs\n",
3080 count, dsa_bits[testnum], d);
3081 dsa_results[testnum][0] = (double)count / d;
3085 for (i = 0; i < loopargs_len; i++) {
3086 st = DSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
3087 loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
3093 "DSA verify failure. No DSA verify will be done.\n");
3094 ERR_print_errors(bio_err);
3095 dsa_doit[testnum] = 0;
3097 pkey_print_message("verify", "dsa",
3098 dsa_c[testnum][1], dsa_bits[testnum],
3101 count = run_benchmark(async_jobs, DSA_verify_loop, loopargs);
3104 mr ? "+R4:%ld:%u:%.2f\n"
3105 : "%ld %u bits DSA verify in %.2fs\n",
3106 count, dsa_bits[testnum], d);
3107 dsa_results[testnum][1] = (double)count / d;
3110 if (rsa_count <= 1) {
3111 /* if longer than 10s, don't do any more */
3112 for (testnum++; testnum < DSA_NUM; testnum++)
3113 dsa_doit[testnum] = 0;
3116 #endif /* OPENSSL_NO_DSA */
3118 #ifndef OPENSSL_NO_EC
3119 for (testnum = 0; testnum < ECDSA_NUM; testnum++) {
3122 if (!ecdsa_doit[testnum])
3123 continue; /* Ignore Curve */
3124 for (i = 0; i < loopargs_len; i++) {
3125 loopargs[i].ecdsa[testnum] =
3126 EC_KEY_new_by_curve_name(test_curves[testnum].nid);
3127 if (loopargs[i].ecdsa[testnum] == NULL) {
3133 BIO_printf(bio_err, "ECDSA failure.\n");
3134 ERR_print_errors(bio_err);
3137 for (i = 0; i < loopargs_len; i++) {
3138 EC_KEY_precompute_mult(loopargs[i].ecdsa[testnum], NULL);
3139 /* Perform ECDSA signature test */
3140 EC_KEY_generate_key(loopargs[i].ecdsa[testnum]);
3141 st = ECDSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
3142 &loopargs[i].siglen,
3143 loopargs[i].ecdsa[testnum]);
3149 "ECDSA sign failure. No ECDSA sign will be done.\n");
3150 ERR_print_errors(bio_err);
3153 pkey_print_message("sign", "ecdsa",
3154 ecdsa_c[testnum][0],
3155 test_curves[testnum].bits, seconds.ecdsa);
3157 count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs);
3161 mr ? "+R5:%ld:%u:%.2f\n" :
3162 "%ld %u bits ECDSA signs in %.2fs \n",
3163 count, test_curves[testnum].bits, d);
3164 ecdsa_results[testnum][0] = (double)count / d;
3168 /* Perform ECDSA verification test */
3169 for (i = 0; i < loopargs_len; i++) {
3170 st = ECDSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
3172 loopargs[i].ecdsa[testnum]);
3178 "ECDSA verify failure. No ECDSA verify will be done.\n");
3179 ERR_print_errors(bio_err);
3180 ecdsa_doit[testnum] = 0;
3182 pkey_print_message("verify", "ecdsa",
3183 ecdsa_c[testnum][1],
3184 test_curves[testnum].bits, seconds.ecdsa);
3186 count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs);
3189 mr ? "+R6:%ld:%u:%.2f\n"
3190 : "%ld %u bits ECDSA verify in %.2fs\n",
3191 count, test_curves[testnum].bits, d);
3192 ecdsa_results[testnum][1] = (double)count / d;
3195 if (rsa_count <= 1) {
3196 /* if longer than 10s, don't do any more */
3197 for (testnum++; testnum < ECDSA_NUM; testnum++)
3198 ecdsa_doit[testnum] = 0;
3203 for (testnum = 0; testnum < EC_NUM; testnum++) {
3204 int ecdh_checks = 1;
3206 if (!ecdh_doit[testnum])
3209 for (i = 0; i < loopargs_len; i++) {
3210 EVP_PKEY_CTX *kctx = NULL;
3211 EVP_PKEY_CTX *test_ctx = NULL;
3212 EVP_PKEY_CTX *ctx = NULL;
3213 EVP_PKEY *key_A = NULL;
3214 EVP_PKEY *key_B = NULL;
3218 /* Ensure that the error queue is empty */
3219 if (ERR_peek_error()) {
3221 "WARNING: the error queue contains previous unhandled errors.\n");
3222 ERR_print_errors(bio_err);
3225 /* Let's try to create a ctx directly from the NID: this works for
3226 * curves like Curve25519 that are not implemented through the low
3227 * level EC interface.
3228 * If this fails we try creating a EVP_PKEY_EC generic param ctx,
3229 * then we set the curve by NID before deriving the actual keygen
3230 * ctx for that specific curve. */
3231 kctx = EVP_PKEY_CTX_new_id(test_curves[testnum].nid, NULL); /* keygen ctx from NID */
3233 EVP_PKEY_CTX *pctx = NULL;
3234 EVP_PKEY *params = NULL;
3236 /* If we reach this code EVP_PKEY_CTX_new_id() failed and a
3237 * "int_ctx_new:unsupported algorithm" error was added to the
3239 * We remove it from the error queue as we are handling it. */
3240 unsigned long error = ERR_peek_error(); /* peek the latest error in the queue */
3241 if (error == ERR_peek_last_error() && /* oldest and latest errors match */
3242 /* check that the error origin matches */
3243 ERR_GET_LIB(error) == ERR_LIB_EVP &&
3244 ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM)
3245 ERR_get_error(); /* pop error from queue */
3246 if (ERR_peek_error()) {
3248 "Unhandled error in the error queue during ECDH init.\n");
3249 ERR_print_errors(bio_err);
3254 if ( /* Create the context for parameter generation */
3255 !(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) ||
3256 /* Initialise the parameter generation */
3257 !EVP_PKEY_paramgen_init(pctx) ||
3258 /* Set the curve by NID */
3259 !EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3262 /* Create the parameter object params */
3263 !EVP_PKEY_paramgen(pctx, ¶ms)) {
3265 BIO_printf(bio_err, "ECDH EC params init failure.\n");
3266 ERR_print_errors(bio_err);
3270 /* Create the context for the key generation */
3271 kctx = EVP_PKEY_CTX_new(params, NULL);
3273 EVP_PKEY_free(params);
3275 EVP_PKEY_CTX_free(pctx);
3278 if (kctx == NULL || /* keygen ctx is not null */
3279 EVP_PKEY_keygen_init(kctx) <= 0/* init keygen ctx */ ) {
3281 BIO_printf(bio_err, "ECDH keygen failure.\n");
3282 ERR_print_errors(bio_err);
3287 if (EVP_PKEY_keygen(kctx, &key_A) <= 0 || /* generate secret key A */
3288 EVP_PKEY_keygen(kctx, &key_B) <= 0 || /* generate secret key B */
3289 !(ctx = EVP_PKEY_CTX_new(key_A, NULL)) || /* derivation ctx from skeyA */
3290 EVP_PKEY_derive_init(ctx) <= 0 || /* init derivation ctx */
3291 EVP_PKEY_derive_set_peer(ctx, key_B) <= 0 || /* set peer pubkey in ctx */
3292 EVP_PKEY_derive(ctx, NULL, &outlen) <= 0 || /* determine max length */
3293 outlen == 0 || /* ensure outlen is a valid size */
3294 outlen > MAX_ECDH_SIZE /* avoid buffer overflow */ ) {
3296 BIO_printf(bio_err, "ECDH key generation failure.\n");
3297 ERR_print_errors(bio_err);
3302 /* Here we perform a test run, comparing the output of a*B and b*A;
3303 * we try this here and assume that further EVP_PKEY_derive calls
3304 * never fail, so we can skip checks in the actually benchmarked
3305 * code, for maximum performance. */
3306 if (!(test_ctx = EVP_PKEY_CTX_new(key_B, NULL)) || /* test ctx from skeyB */
3307 !EVP_PKEY_derive_init(test_ctx) || /* init derivation test_ctx */
3308 !EVP_PKEY_derive_set_peer(test_ctx, key_A) || /* set peer pubkey in test_ctx */
3309 !EVP_PKEY_derive(test_ctx, NULL, &test_outlen) || /* determine max length */
3310 !EVP_PKEY_derive(ctx, loopargs[i].secret_a, &outlen) || /* compute a*B */
3311 !EVP_PKEY_derive(test_ctx, loopargs[i].secret_b, &test_outlen) || /* compute b*A */
3312 test_outlen != outlen /* compare output length */ ) {
3314 BIO_printf(bio_err, "ECDH computation failure.\n");
3315 ERR_print_errors(bio_err);
3320 /* Compare the computation results: CRYPTO_memcmp() returns 0 if equal */
3321 if (CRYPTO_memcmp(loopargs[i].secret_a,
3322 loopargs[i].secret_b, outlen)) {
3324 BIO_printf(bio_err, "ECDH computations don't match.\n");
3325 ERR_print_errors(bio_err);
3330 loopargs[i].ecdh_ctx[testnum] = ctx;
3331 loopargs[i].outlen[testnum] = outlen;
3333 EVP_PKEY_free(key_A);
3334 EVP_PKEY_free(key_B);
3335 EVP_PKEY_CTX_free(kctx);
3337 EVP_PKEY_CTX_free(test_ctx);
3340 if (ecdh_checks != 0) {
3341 pkey_print_message("", "ecdh",
3343 test_curves[testnum].bits, seconds.ecdh);
3346 run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs);
3349 mr ? "+R7:%ld:%d:%.2f\n" :
3350 "%ld %u-bits ECDH ops in %.2fs\n", count,
3351 test_curves[testnum].bits, d);
3352 ecdh_results[testnum][0] = (double)count / d;
3356 if (rsa_count <= 1) {
3357 /* if longer than 10s, don't do any more */
3358 for (testnum++; testnum < OSSL_NELEM(ecdh_doit); testnum++)
3359 ecdh_doit[testnum] = 0;
3363 for (testnum = 0; testnum < EdDSA_NUM; testnum++) {
3365 EVP_PKEY *ed_pkey = NULL;
3366 EVP_PKEY_CTX *ed_pctx = NULL;
3368 if (!eddsa_doit[testnum])
3369 continue; /* Ignore Curve */
3370 for (i = 0; i < loopargs_len; i++) {
3371 loopargs[i].eddsa_ctx[testnum] = EVP_MD_CTX_new();
3372 if (loopargs[i].eddsa_ctx[testnum] == NULL) {
3377 if ((ed_pctx = EVP_PKEY_CTX_new_id(test_ed_curves[testnum].nid, NULL))
3379 || EVP_PKEY_keygen_init(ed_pctx) <= 0
3380 || EVP_PKEY_keygen(ed_pctx, &ed_pkey) <= 0) {
3382 EVP_PKEY_CTX_free(ed_pctx);
3385 EVP_PKEY_CTX_free(ed_pctx);
3387 if (!EVP_DigestSignInit(loopargs[i].eddsa_ctx[testnum], NULL, NULL,
3390 EVP_PKEY_free(ed_pkey);
3393 EVP_PKEY_free(ed_pkey);
3396 BIO_printf(bio_err, "EdDSA failure.\n");
3397 ERR_print_errors(bio_err);
3400 for (i = 0; i < loopargs_len; i++) {
3401 /* Perform EdDSA signature test */
3402 loopargs[i].sigsize = test_ed_curves[testnum].sigsize;
3403 st = EVP_DigestSign(loopargs[i].eddsa_ctx[testnum],
3404 loopargs[i].buf2, &loopargs[i].sigsize,
3405 loopargs[i].buf, 20);
3411 "EdDSA sign failure. No EdDSA sign will be done.\n");
3412 ERR_print_errors(bio_err);
3415 pkey_print_message("sign", test_ed_curves[testnum].name,
3416 eddsa_c[testnum][0],
3417 test_ed_curves[testnum].bits, seconds.eddsa);
3419 count = run_benchmark(async_jobs, EdDSA_sign_loop, loopargs);
3423 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3424 "%ld %u bits %s signs in %.2fs \n",
3425 count, test_ed_curves[testnum].bits,
3426 test_ed_curves[testnum].name, d);
3427 eddsa_results[testnum][0] = (double)count / d;
3431 /* Perform EdDSA verification test */
3432 for (i = 0; i < loopargs_len; i++) {
3433 st = EVP_DigestVerify(loopargs[i].eddsa_ctx[testnum],
3434 loopargs[i].buf2, loopargs[i].sigsize,
3435 loopargs[i].buf, 20);
3441 "EdDSA verify failure. No EdDSA verify will be done.\n");
3442 ERR_print_errors(bio_err);
3443 eddsa_doit[testnum] = 0;
3445 pkey_print_message("verify", test_ed_curves[testnum].name,
3446 eddsa_c[testnum][1],
3447 test_ed_curves[testnum].bits, seconds.eddsa);
3449 count = run_benchmark(async_jobs, EdDSA_verify_loop, loopargs);
3452 mr ? "+R9:%ld:%u:%s:%.2f\n"
3453 : "%ld %u bits %s verify in %.2fs\n",
3454 count, test_ed_curves[testnum].bits,
3455 test_ed_curves[testnum].name, d);
3456 eddsa_results[testnum][1] = (double)count / d;
3459 if (rsa_count <= 1) {
3460 /* if longer than 10s, don't do any more */
3461 for (testnum++; testnum < EdDSA_NUM; testnum++)
3462 eddsa_doit[testnum] = 0;
3467 # ifndef OPENSSL_NO_SM2
3468 for (testnum = 0; testnum < SM2_NUM; testnum++) {
3470 EVP_PKEY *sm2_pkey = NULL;
3471 EVP_PKEY_CTX *pctx = NULL;
3472 EVP_PKEY_CTX *sm2_pctx = NULL;
3473 EVP_PKEY_CTX *sm2_vfy_pctx = NULL;
3474 size_t sm2_sigsize = 0;
3476 if (!sm2_doit[testnum])
3477 continue; /* Ignore Curve */
3478 /* Init signing and verification */
3479 for (i = 0; i < loopargs_len; i++) {
3480 loopargs[i].sm2_ctx[testnum] = EVP_MD_CTX_new();
3481 if (loopargs[i].sm2_ctx[testnum] == NULL) {
3485 loopargs[i].sm2_vfy_ctx[testnum] = EVP_MD_CTX_new();
3486 if (loopargs[i].sm2_vfy_ctx[testnum] == NULL) {
3491 /* SM2 keys are generated as normal EC keys with a special curve */
3492 if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) == NULL
3493 || EVP_PKEY_keygen_init(pctx) <= 0
3494 || EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3495 test_sm2_curves[testnum].nid) <= 0
3496 || EVP_PKEY_keygen(pctx, &sm2_pkey) <= 0) {
3498 EVP_PKEY_CTX_free(pctx);
3501 /* free previous one and alloc a new one */
3502 EVP_PKEY_CTX_free(pctx);
3504 loopargs[i].sigsize = sm2_sigsize
3505 = ECDSA_size(EVP_PKEY_get0_EC_KEY(sm2_pkey));
3507 if (!EVP_PKEY_set_alias_type(sm2_pkey, EVP_PKEY_SM2)) {
3509 EVP_PKEY_free(sm2_pkey);
3513 sm2_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3514 if (sm2_pctx == NULL) {
3516 EVP_PKEY_free(sm2_pkey);
3519 sm2_vfy_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3520 if (sm2_vfy_pctx == NULL) {
3522 EVP_PKEY_CTX_free(sm2_pctx);
3523 EVP_PKEY_free(sm2_pkey);
3527 * No need to allow user to set an explicit ID here, just use
3528 * the one defined in the 'draft-yang-tls-tl13-sm-suites' I-D.
3530 if (EVP_PKEY_CTX_set1_id(sm2_pctx, SM2_ID, SM2_ID_LEN) != 1) {
3532 EVP_PKEY_CTX_free(sm2_pctx);
3533 EVP_PKEY_CTX_free(sm2_vfy_pctx);
3534 EVP_PKEY_free(sm2_pkey);
3538 if (EVP_PKEY_CTX_set1_id(sm2_vfy_pctx, SM2_ID, SM2_ID_LEN) != 1) {
3540 EVP_PKEY_CTX_free(sm2_pctx);
3541 EVP_PKEY_CTX_free(sm2_vfy_pctx);
3542 EVP_PKEY_free(sm2_pkey);
3546 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_ctx[testnum], sm2_pctx);
3547 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_vfy_ctx[testnum], sm2_vfy_pctx);
3549 if (!EVP_DigestSignInit(loopargs[i].sm2_ctx[testnum], NULL,
3550 EVP_sm3(), NULL, sm2_pkey)) {
3552 EVP_PKEY_free(sm2_pkey);
3555 if (!EVP_DigestVerifyInit(loopargs[i].sm2_vfy_ctx[testnum], NULL,
3556 EVP_sm3(), NULL, sm2_pkey)) {
3558 EVP_PKEY_free(sm2_pkey);
3561 loopargs[i].sm2_pkey[testnum] = sm2_pkey;
3564 BIO_printf(bio_err, "SM2 failure.\n");
3565 ERR_print_errors(bio_err);
3568 for (i = 0; i < loopargs_len; i++) {
3569 sm2_sigsize = loopargs[i].sigsize;
3570 /* Perform SM2 signature test */
3571 st = EVP_DigestSign(loopargs[i].sm2_ctx[testnum],
3572 loopargs[i].buf2, &sm2_sigsize,
3573 loopargs[i].buf, 20);
3579 "SM2 sign failure. No SM2 sign will be done.\n");
3580 ERR_print_errors(bio_err);
3583 pkey_print_message("sign", test_sm2_curves[testnum].name,
3585 test_sm2_curves[testnum].bits, seconds.sm2);
3587 count = run_benchmark(async_jobs, SM2_sign_loop, loopargs);
3591 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3592 "%ld %u bits %s signs in %.2fs \n",
3593 count, test_sm2_curves[testnum].bits,
3594 test_sm2_curves[testnum].name, d);
3595 sm2_results[testnum][0] = (double)count / d;
3599 /* Perform SM2 verification test */
3600 for (i = 0; i < loopargs_len; i++) {
3601 st = EVP_DigestVerify(loopargs[i].sm2_vfy_ctx[testnum],
3602 loopargs[i].buf2, loopargs[i].sigsize,
3603 loopargs[i].buf, 20);
3609 "SM2 verify failure. No SM2 verify will be done.\n");
3610 ERR_print_errors(bio_err);
3611 sm2_doit[testnum] = 0;
3613 pkey_print_message("verify", test_sm2_curves[testnum].name,
3615 test_sm2_curves[testnum].bits, seconds.sm2);
3617 count = run_benchmark(async_jobs, SM2_verify_loop, loopargs);
3620 mr ? "+R9:%ld:%u:%s:%.2f\n"
3621 : "%ld %u bits %s verify in %.2fs\n",
3622 count, test_sm2_curves[testnum].bits,
3623 test_sm2_curves[testnum].name, d);
3624 sm2_results[testnum][1] = (double)count / d;
3627 if (rsa_count <= 1) {
3628 /* if longer than 10s, don't do any more */
3629 for (testnum++; testnum < SM2_NUM; testnum++)
3630 sm2_doit[testnum] = 0;
3634 # endif /* OPENSSL_NO_SM2 */
3636 #endif /* OPENSSL_NO_EC */
3641 printf("version: %s\n", OpenSSL_version(OPENSSL_FULL_VERSION_STRING));
3642 printf("built on: %s\n", OpenSSL_version(OPENSSL_BUILT_ON));
3644 printf("%s ", BN_options());
3645 #ifndef OPENSSL_NO_MD2
3646 printf("%s ", MD2_options());
3648 #ifndef OPENSSL_NO_RC4
3649 printf("%s ", RC4_options());
3651 #ifndef OPENSSL_NO_DES
3652 printf("%s ", DES_options());
3654 printf("%s ", AES_options());
3655 #ifndef OPENSSL_NO_IDEA
3656 printf("%s ", IDEA_options());
3658 #ifndef OPENSSL_NO_BF
3659 printf("%s ", BF_options());
3661 printf("\n%s\n", OpenSSL_version(OPENSSL_CFLAGS));
3662 printf("%s\n", OpenSSL_version(OPENSSL_CPU_INFO));
3670 ("The 'numbers' are in 1000s of bytes per second processed.\n");
3673 for (testnum = 0; testnum < size_num; testnum++)
3674 printf(mr ? ":%d" : "%7d bytes", lengths[testnum]);
3678 for (k = 0; k < ALGOR_NUM; k++) {
3682 printf("+F:%u:%s", k, names[k]);
3684 printf("%-13s", names[k]);
3685 for (testnum = 0; testnum < size_num; testnum++) {
3686 if (results[k][testnum] > 10000 && !mr)
3687 printf(" %11.2fk", results[k][testnum] / 1e3);
3689 printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]);
3693 #ifndef OPENSSL_NO_RSA
3695 for (k = 0; k < RSA_NUM; k++) {
3698 if (testnum && !mr) {
3699 printf("%18ssign verify sign/s verify/s\n", " ");
3703 printf("+F2:%u:%u:%f:%f\n",
3704 k, rsa_bits[k], rsa_results[k][0], rsa_results[k][1]);
3706 printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3707 rsa_bits[k], 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1],
3708 rsa_results[k][0], rsa_results[k][1]);
3711 #ifndef OPENSSL_NO_DSA
3713 for (k = 0; k < DSA_NUM; k++) {
3716 if (testnum && !mr) {
3717 printf("%18ssign verify sign/s verify/s\n", " ");
3721 printf("+F3:%u:%u:%f:%f\n",
3722 k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
3724 printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3725 dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1],
3726 dsa_results[k][0], dsa_results[k][1]);
3729 #ifndef OPENSSL_NO_EC
3731 for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) {
3734 if (testnum && !mr) {
3735 printf("%30ssign verify sign/s verify/s\n", " ");
3740 printf("+F4:%u:%u:%f:%f\n",
3741 k, test_curves[k].bits,
3742 ecdsa_results[k][0], ecdsa_results[k][1]);
3744 printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3745 test_curves[k].bits, test_curves[k].name,
3746 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1],
3747 ecdsa_results[k][0], ecdsa_results[k][1]);
3751 for (k = 0; k < EC_NUM; k++) {
3754 if (testnum && !mr) {
3755 printf("%30sop op/s\n", " ");
3759 printf("+F5:%u:%u:%f:%f\n",
3760 k, test_curves[k].bits,
3761 ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
3764 printf("%4u bits ecdh (%s) %8.4fs %8.1f\n",
3765 test_curves[k].bits, test_curves[k].name,
3766 1.0 / ecdh_results[k][0], ecdh_results[k][0]);
3770 for (k = 0; k < OSSL_NELEM(eddsa_doit); k++) {
3773 if (testnum && !mr) {
3774 printf("%30ssign verify sign/s verify/s\n", " ");
3779 printf("+F6:%u:%u:%s:%f:%f\n",
3780 k, test_ed_curves[k].bits, test_ed_curves[k].name,
3781 eddsa_results[k][0], eddsa_results[k][1]);
3783 printf("%4u bits EdDSA (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3784 test_ed_curves[k].bits, test_ed_curves[k].name,
3785 1.0 / eddsa_results[k][0], 1.0 / eddsa_results[k][1],
3786 eddsa_results[k][0], eddsa_results[k][1]);
3789 # ifndef OPENSSL_NO_SM2
3791 for (k = 0; k < OSSL_NELEM(sm2_doit); k++) {
3794 if (testnum && !mr) {
3795 printf("%30ssign verify sign/s verify/s\n", " ");
3800 printf("+F6:%u:%u:%s:%f:%f\n",
3801 k, test_sm2_curves[k].bits, test_sm2_curves[k].name,
3802 sm2_results[k][0], sm2_results[k][1]);
3804 printf("%4u bits SM2 (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3805 test_sm2_curves[k].bits, test_sm2_curves[k].name,
3806 1.0 / sm2_results[k][0], 1.0 / sm2_results[k][1],
3807 sm2_results[k][0], sm2_results[k][1]);
3815 ERR_print_errors(bio_err);
3816 for (i = 0; i < loopargs_len; i++) {
3817 OPENSSL_free(loopargs[i].buf_malloc);
3818 OPENSSL_free(loopargs[i].buf2_malloc);
3820 #ifndef OPENSSL_NO_RSA
3821 for (k = 0; k < RSA_NUM; k++)
3822 RSA_free(loopargs[i].rsa_key[k]);
3824 #ifndef OPENSSL_NO_DSA
3825 for (k = 0; k < DSA_NUM; k++)
3826 DSA_free(loopargs[i].dsa_key[k]);
3828 #ifndef OPENSSL_NO_EC
3829 for (k = 0; k < ECDSA_NUM; k++)
3830 EC_KEY_free(loopargs[i].ecdsa[k]);
3831 for (k = 0; k < EC_NUM; k++)
3832 EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]);
3833 for (k = 0; k < EdDSA_NUM; k++)
3834 EVP_MD_CTX_free(loopargs[i].eddsa_ctx[k]);
3835 # ifndef OPENSSL_NO_SM2
3836 for (k = 0; k < SM2_NUM; k++) {
3837 EVP_PKEY_CTX *pctx = NULL;
3839 /* free signing ctx */
3840 if (loopargs[i].sm2_ctx[k] != NULL
3841 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_ctx[k])) != NULL)
3842 EVP_PKEY_CTX_free(pctx);
3843 EVP_MD_CTX_free(loopargs[i].sm2_ctx[k]);
3844 /* free verification ctx */
3845 if (loopargs[i].sm2_vfy_ctx[k] != NULL
3846 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_vfy_ctx[k])) != NULL)
3847 EVP_PKEY_CTX_free(pctx);
3848 EVP_MD_CTX_free(loopargs[i].sm2_vfy_ctx[k]);
3850 EVP_PKEY_free(loopargs[i].sm2_pkey[k]);
3853 OPENSSL_free(loopargs[i].secret_a);
3854 OPENSSL_free(loopargs[i].secret_b);
3857 OPENSSL_free(evp_hmac_name);
3858 #ifndef OPENSSL_NO_CMAC
3859 OPENSSL_free(evp_cmac_name);
3862 if (async_jobs > 0) {
3863 for (i = 0; i < loopargs_len; i++)
3864 ASYNC_WAIT_CTX_free(loopargs[i].wait_ctx);
3868 ASYNC_cleanup_thread();
3870 OPENSSL_free(loopargs);
3875 static void print_message(const char *s, long num, int length, int tm)
3879 mr ? "+DT:%s:%d:%d\n"
3880 : "Doing %s for %ds on %d size blocks: ", s, tm, length);
3881 (void)BIO_flush(bio_err);
3885 mr ? "+DN:%s:%ld:%d\n"
3886 : "Doing %s %ld times on %d size blocks: ", s, num, length);
3887 (void)BIO_flush(bio_err);
3891 static void pkey_print_message(const char *str, const char *str2, long num,
3892 unsigned int bits, int tm)
3896 mr ? "+DTP:%d:%s:%s:%d\n"
3897 : "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm);
3898 (void)BIO_flush(bio_err);
3902 mr ? "+DNP:%ld:%d:%s:%s\n"
3903 : "Doing %ld %u bits %s %s's: ", num, bits, str, str2);
3904 (void)BIO_flush(bio_err);
3908 static void print_result(int alg, int run_no, int count, double time_used)
3911 BIO_puts(bio_err, "EVP error!\n");
3915 mr ? "+R:%d:%s:%f\n"
3916 : "%d %s's in %.2fs\n", count, names[alg], time_used);
3917 results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
3921 static char *sstrsep(char **string, const char *delim)
3924 char *token = *string;
3929 memset(isdelim, 0, sizeof(isdelim));
3933 isdelim[(unsigned char)(*delim)] = 1;
3937 while (!isdelim[(unsigned char)(**string)]) {
3949 static int do_multi(int multi, int size_num)
3954 static char sep[] = ":";
3956 fds = app_malloc(sizeof(*fds) * multi, "fd buffer for do_multi");
3957 for (n = 0; n < multi; ++n) {
3958 if (pipe(fd) == -1) {
3959 BIO_printf(bio_err, "pipe failure\n");
3963 (void)BIO_flush(bio_err);
3970 if (dup(fd[1]) == -1) {
3971 BIO_printf(bio_err, "dup failed\n");
3980 printf("Forked child %d\n", n);
3983 /* for now, assume the pipe is long enough to take all the output */
3984 for (n = 0; n < multi; ++n) {
3989 f = fdopen(fds[n], "r");
3990 while (fgets(buf, sizeof(buf), f)) {
3991 p = strchr(buf, '\n');
3994 if (buf[0] != '+') {
3996 "Don't understand line '%s' from child %d\n", buf,
4000 printf("Got: %s from %d\n", buf, n);
4001 if (strncmp(buf, "+F:", 3) == 0) {
4006 alg = atoi(sstrsep(&p, sep));
4008 for (j = 0; j < size_num; ++j)
4009 results[alg][j] += atof(sstrsep(&p, sep));
4010 } else if (strncmp(buf, "+F2:", 4) == 0) {
4015 k = atoi(sstrsep(&p, sep));
4018 d = atof(sstrsep(&p, sep));
4019 rsa_results[k][0] += d;
4021 d = atof(sstrsep(&p, sep));
4022 rsa_results[k][1] += d;
4024 # ifndef OPENSSL_NO_DSA
4025 else if (strncmp(buf, "+F3:", 4) == 0) {
4030 k = atoi(sstrsep(&p, sep));
4033 d = atof(sstrsep(&p, sep));
4034 dsa_results[k][0] += d;
4036 d = atof(sstrsep(&p, sep));
4037 dsa_results[k][1] += d;
4040 # ifndef OPENSSL_NO_EC
4041 else if (strncmp(buf, "+F4:", 4) == 0) {
4046 k = atoi(sstrsep(&p, sep));
4049 d = atof(sstrsep(&p, sep));
4050 ecdsa_results[k][0] += d;
4052 d = atof(sstrsep(&p, sep));
4053 ecdsa_results[k][1] += d;
4054 } else if (strncmp(buf, "+F5:", 4) == 0) {
4059 k = atoi(sstrsep(&p, sep));
4062 d = atof(sstrsep(&p, sep));
4063 ecdh_results[k][0] += d;
4064 } else if (strncmp(buf, "+F6:", 4) == 0) {
4069 k = atoi(sstrsep(&p, sep));
4072 d = atof(sstrsep(&p, sep));
4073 eddsa_results[k][0] += d;
4075 d = atof(sstrsep(&p, sep));
4076 eddsa_results[k][1] += d;
4078 # ifndef OPENSSL_NO_SM2
4079 else if (strncmp(buf, "+F7:", 4) == 0) {
4084 k = atoi(sstrsep(&p, sep));
4087 d = atof(sstrsep(&p, sep));
4088 sm2_results[k][0] += d;
4090 d = atof(sstrsep(&p, sep));
4091 sm2_results[k][1] += d;
4093 # endif /* OPENSSL_NO_SM2 */
4096 else if (strncmp(buf, "+H:", 3) == 0) {
4099 BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf,
4110 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
4111 const openssl_speed_sec_t *seconds)
4113 static const int mblengths_list[] =
4114 { 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 };
4115 const int *mblengths = mblengths_list;
4116 int j, count, keylen, num = OSSL_NELEM(mblengths_list);
4117 const char *alg_name;
4118 unsigned char *inp, *out, *key, no_key[32], no_iv[16];
4119 EVP_CIPHER_CTX *ctx;
4122 if (lengths_single) {
4123 mblengths = &lengths_single;
4127 inp = app_malloc(mblengths[num - 1], "multiblock input buffer");
4128 out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer");
4129 ctx = EVP_CIPHER_CTX_new();
4130 EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv);
4132 keylen = EVP_CIPHER_CTX_key_length(ctx);
4133 key = app_malloc(keylen, "evp_cipher key");
4134 EVP_CIPHER_CTX_rand_key(ctx, key);
4135 EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
4136 OPENSSL_clear_free(key, keylen);
4138 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key), no_key);
4139 alg_name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
4141 for (j = 0; j < num; j++) {
4142 print_message(alg_name, 0, mblengths[j], seconds->sym);
4144 for (count = 0, run = 1; run && count < 0x7fffffff; count++) {
4145 unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
4146 EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
4147 size_t len = mblengths[j];
4150 memset(aad, 0, 8); /* avoid uninitialized values */
4151 aad[8] = 23; /* SSL3_RT_APPLICATION_DATA */
4152 aad[9] = 3; /* version */
4154 aad[11] = 0; /* length */
4156 mb_param.out = NULL;
4159 mb_param.interleave = 8;
4161 packlen = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
4162 sizeof(mb_param), &mb_param);
4168 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
4169 sizeof(mb_param), &mb_param);
4173 RAND_bytes(out, 16);
4175 aad[11] = (unsigned char)(len >> 8);
4176 aad[12] = (unsigned char)(len);
4177 pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD,
4178 EVP_AEAD_TLS1_AAD_LEN, aad);
4179 EVP_Cipher(ctx, out, inp, len + pad);
4183 BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n"
4184 : "%d %s's in %.2fs\n", count, "evp", d);
4185 results[D_EVP][j] = ((double)count) / d * mblengths[j];
4189 fprintf(stdout, "+H");
4190 for (j = 0; j < num; j++)
4191 fprintf(stdout, ":%d", mblengths[j]);
4192 fprintf(stdout, "\n");
4193 fprintf(stdout, "+F:%d:%s", D_EVP, alg_name);
4194 for (j = 0; j < num; j++)
4195 fprintf(stdout, ":%.2f", results[D_EVP][j]);
4196 fprintf(stdout, "\n");
4199 "The 'numbers' are in 1000s of bytes per second processed.\n");
4200 fprintf(stdout, "type ");
4201 for (j = 0; j < num; j++)
4202 fprintf(stdout, "%7d bytes", mblengths[j]);
4203 fprintf(stdout, "\n");
4204 fprintf(stdout, "%-24s", alg_name);
4206 for (j = 0; j < num; j++) {
4207 if (results[D_EVP][j] > 10000)
4208 fprintf(stdout, " %11.2fk", results[D_EVP][j] / 1e3);
4210 fprintf(stdout, " %11.2f ", results[D_EVP][j]);
4212 fprintf(stdout, "\n");
4217 EVP_CIPHER_CTX_free(ctx);