2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
13 #define RSA_SECONDS 10
14 #define DSA_SECONDS 10
15 #define ECDSA_SECONDS 10
16 #define ECDH_SECONDS 10
17 #define EdDSA_SECONDS 10
18 #define SM2_SECONDS 10
20 /* We need to use some deprecated APIs */
21 #define OPENSSL_SUPPRESS_DEPRECATED
29 #include <openssl/crypto.h>
30 #include <openssl/rand.h>
31 #include <openssl/err.h>
32 #include <openssl/evp.h>
33 #include <openssl/objects.h>
34 #include <openssl/async.h>
35 #if !defined(OPENSSL_SYS_MSDOS)
43 #include <openssl/bn.h>
44 #ifndef OPENSSL_NO_DES
45 # include <openssl/des.h>
47 #ifndef OPENSSL_NO_DEPRECATED_3_0
48 #include <openssl/aes.h>
50 #ifndef OPENSSL_NO_CAMELLIA
51 # include <openssl/camellia.h>
53 #ifndef OPENSSL_NO_MD2
54 # include <openssl/md2.h>
56 #ifndef OPENSSL_NO_MDC2
57 # include <openssl/mdc2.h>
59 #ifndef OPENSSL_NO_MD4
60 # include <openssl/md4.h>
62 #ifndef OPENSSL_NO_MD5
63 # include <openssl/md5.h>
65 #include <openssl/hmac.h>
66 #ifndef OPENSSL_NO_CMAC
67 #include <openssl/cmac.h>
69 #include <openssl/sha.h>
70 #ifndef OPENSSL_NO_RMD160
71 # include <openssl/ripemd.h>
73 #ifndef OPENSSL_NO_WHIRLPOOL
74 # include <openssl/whrlpool.h>
76 #ifndef OPENSSL_NO_RC4
77 # include <openssl/rc4.h>
79 #ifndef OPENSSL_NO_RC5
80 # include <openssl/rc5.h>
82 #ifndef OPENSSL_NO_RC2
83 # include <openssl/rc2.h>
85 #ifndef OPENSSL_NO_IDEA
86 # include <openssl/idea.h>
88 #ifndef OPENSSL_NO_SEED
89 # include <openssl/seed.h>
92 # include <openssl/blowfish.h>
94 #ifndef OPENSSL_NO_CAST
95 # include <openssl/cast.h>
97 #ifndef OPENSSL_NO_RSA
98 # include <openssl/rsa.h>
99 # include "./testrsa.h"
101 #include <openssl/x509.h>
102 #ifndef OPENSSL_NO_DSA
103 # include <openssl/dsa.h>
104 # include "./testdsa.h"
106 #ifndef OPENSSL_NO_EC
107 # include <openssl/ec.h>
109 #include <openssl/modes.h>
112 # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS)
125 #define MAX_MISALIGNMENT 63
126 #define MAX_ECDH_SIZE 256
129 typedef struct openssl_speed_sec_st {
137 } openssl_speed_sec_t;
139 static volatile int run = 0;
141 static int mr = 0; /* machine-readeable output format to merge fork results */
142 static int usertime = 1;
144 static double Time_F(int s);
145 static void print_message(const char *s, long num, int length, int tm);
146 static void pkey_print_message(const char *str, const char *str2,
147 long num, unsigned int bits, int sec);
148 static void print_result(int alg, int run_no, int count, double time_used);
150 static int do_multi(int multi, int size_num);
153 static const int lengths_list[] = {
154 16, 64, 256, 1024, 8 * 1024, 16 * 1024
156 #define SIZE_NUM OSSL_NELEM(lengths_list)
157 static const int *lengths = lengths_list;
159 static const int aead_lengths_list[] = {
160 2, 31, 136, 1024, 8 * 1024, 16 * 1024
168 static void alarmed(int sig)
170 signal(SIGALRM, alarmed);
174 static double Time_F(int s)
176 double ret = app_tminterval(s, usertime);
182 #elif defined(_WIN32)
186 static unsigned int lapse;
187 static volatile unsigned int schlock;
188 static void alarm_win32(unsigned int secs)
193 # define alarm alarm_win32
195 static DWORD WINAPI sleepy(VOID * arg)
203 static double Time_F(int s)
210 thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
212 DWORD err = GetLastError();
213 BIO_printf(bio_err, "unable to CreateThread (%lu)", err);
217 Sleep(0); /* scheduler spinlock */
218 ret = app_tminterval(s, usertime);
220 ret = app_tminterval(s, usertime);
222 TerminateThread(thr, 0);
229 static double Time_F(int s)
231 return app_tminterval(s, usertime);
235 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
236 const openssl_speed_sec_t *seconds);
238 static int opt_found(const char *name, unsigned int *result,
239 const OPT_PAIR pairs[], unsigned int nbelem)
243 for (idx = 0; idx < nbelem; ++idx, pairs++)
244 if (strcmp(name, pairs->name) == 0) {
245 *result = pairs->retval;
250 #define opt_found(value, pairs, result)\
251 opt_found(value, result, pairs, OSSL_NELEM(pairs))
253 typedef enum OPTION_choice {
254 OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
255 OPT_ELAPSED, OPT_EVP, OPT_HMAC, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
256 OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM,
257 OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD, OPT_CMAC
260 const OPTIONS speed_options[] = {
261 {OPT_HELP_STR, 1, '-', "Usage: %s [options] [algorithm...]\n"},
263 OPT_SECTION("General"),
264 {"help", OPT_HELP, '-', "Display this summary"},
266 "Enable (tls1>=1) multi-block mode on EVP-named cipher"},
267 {"mr", OPT_MR, '-', "Produce machine readable output"},
269 {"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"},
271 #ifndef OPENSSL_NO_ASYNC
272 {"async_jobs", OPT_ASYNCJOBS, 'p',
273 "Enable async mode and start specified number of jobs"},
275 #ifndef OPENSSL_NO_ENGINE
276 {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
278 {"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"},
280 OPT_SECTION("Selection"),
281 {"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"},
282 {"hmac", OPT_HMAC, 's', "HMAC using EVP-named digest"},
283 #ifndef OPENSSL_NO_CMAC
284 {"cmac", OPT_CMAC, 's', "CMAC using EVP-named cipher"},
286 {"decrypt", OPT_DECRYPT, '-',
287 "Time decryption instead of encryption (only EVP)"},
288 {"aead", OPT_AEAD, '-',
289 "Benchmark EVP-named AEAD cipher in TLS-like sequence"},
291 OPT_SECTION("Timing"),
292 {"elapsed", OPT_ELAPSED, '-',
293 "Use wall-clock time instead of CPU user time as divisor"},
294 {"seconds", OPT_SECONDS, 'p',
295 "Run benchmarks for specified amount of seconds"},
296 {"bytes", OPT_BYTES, 'p',
297 "Run [non-PKI] benchmarks on custom-sized buffer"},
298 {"misalign", OPT_MISALIGN, 'p',
299 "Use specified offset to mis-align buffers"},
304 {"algorithm", 0, 0, "Algorithm(s) to test (optional; otherwise tests all)"},
309 D_MD2, D_MDC2, D_MD4, D_MD5 , D_HMAC, D_SHA1, D_RMD160, D_RC4,
310 D_CBC_DES, D_EDE3_DES, D_CBC_IDEA, D_CBC_SEED,
311 D_CBC_RC2, D_CBC_RC5, D_CBC_BF, D_CBC_CAST,
312 D_CBC_128_AES, D_CBC_192_AES, D_CBC_256_AES,
313 D_CBC_128_CML, D_CBC_192_CML, D_CBC_256_CML,
314 D_EVP, D_SHA256, D_SHA512, D_WHIRLPOOL,
315 D_IGE_128_AES, D_IGE_192_AES, D_IGE_256_AES,
316 D_GHASH, D_RAND, D_EVP_HMAC, D_EVP_CMAC, ALGOR_NUM
318 /* name of algorithms to test. MUST BE KEEP IN SYNC with above enum ! */
319 static const char *names[ALGOR_NUM] = {
320 "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
321 "des cbc", "des ede3", "idea cbc", "seed cbc",
322 "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
323 "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
324 "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
325 "evp", "sha256", "sha512", "whirlpool",
326 "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
327 "rand", "hmac", "cmac"
330 /* list of configured algorithm (remaining), with some few alias */
331 static const OPT_PAIR doit_choices[] = {
332 #ifndef OPENSSL_NO_MD2
335 #ifndef OPENSSL_NO_MDC2
338 #ifndef OPENSSL_NO_MD4
341 #ifndef OPENSSL_NO_MD5
346 {"sha256", D_SHA256},
347 {"sha512", D_SHA512},
348 #ifndef OPENSSL_NO_WHIRLPOOL
349 {"whirlpool", D_WHIRLPOOL},
351 #ifndef OPENSSL_NO_RMD160
352 {"ripemd", D_RMD160},
353 {"rmd160", D_RMD160},
354 {"ripemd160", D_RMD160},
356 #ifndef OPENSSL_NO_RC4
359 #ifndef OPENSSL_NO_DES
360 {"des-cbc", D_CBC_DES},
361 {"des-ede3", D_EDE3_DES},
363 #ifndef OPENSSL_NO_DEPRECATED_3_0
364 {"aes-128-cbc", D_CBC_128_AES},
365 {"aes-192-cbc", D_CBC_192_AES},
366 {"aes-256-cbc", D_CBC_256_AES},
367 {"aes-128-ige", D_IGE_128_AES},
368 {"aes-192-ige", D_IGE_192_AES},
369 {"aes-256-ige", D_IGE_256_AES},
371 #ifndef OPENSSL_NO_RC2
372 {"rc2-cbc", D_CBC_RC2},
375 #ifndef OPENSSL_NO_RC5
376 {"rc5-cbc", D_CBC_RC5},
379 #ifndef OPENSSL_NO_IDEA
380 {"idea-cbc", D_CBC_IDEA},
381 {"idea", D_CBC_IDEA},
383 #ifndef OPENSSL_NO_SEED
384 {"seed-cbc", D_CBC_SEED},
385 {"seed", D_CBC_SEED},
387 #if !defined(OPENSSL_NO_BF) && !defined(OPENSSL_NO_DEPRECATED_3_0)
388 {"bf-cbc", D_CBC_BF},
389 {"blowfish", D_CBC_BF},
392 #ifndef OPENSSL_NO_CAST
393 {"cast-cbc", D_CBC_CAST},
394 {"cast", D_CBC_CAST},
395 {"cast5", D_CBC_CAST},
401 static double results[ALGOR_NUM][SIZE_NUM];
403 #ifndef OPENSSL_NO_DSA
404 enum { R_DSA_512, R_DSA_1024, R_DSA_2048, DSA_NUM };
405 static const OPT_PAIR dsa_choices[DSA_NUM] = {
406 {"dsa512", R_DSA_512},
407 {"dsa1024", R_DSA_1024},
408 {"dsa2048", R_DSA_2048}
410 static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */
411 #endif /* OPENSSL_NO_DSA */
413 #ifndef OPENSSL_NO_RSA
415 R_RSA_512, R_RSA_1024, R_RSA_2048, R_RSA_3072, R_RSA_4096, R_RSA_7680,
418 static const OPT_PAIR rsa_choices[RSA_NUM] = {
419 {"rsa512", R_RSA_512},
420 {"rsa1024", R_RSA_1024},
421 {"rsa2048", R_RSA_2048},
422 {"rsa3072", R_RSA_3072},
423 {"rsa4096", R_RSA_4096},
424 {"rsa7680", R_RSA_7680},
425 {"rsa15360", R_RSA_15360}
428 static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */
429 #endif /* OPENSSL_NO_RSA */
431 #ifndef OPENSSL_NO_EC
433 R_EC_P160, R_EC_P192, R_EC_P224, R_EC_P256, R_EC_P384, R_EC_P521,
434 # ifndef OPENSSL_NO_EC2M
435 R_EC_K163, R_EC_K233, R_EC_K283, R_EC_K409, R_EC_K571,
436 R_EC_B163, R_EC_B233, R_EC_B283, R_EC_B409, R_EC_B571,
438 R_EC_BRP256R1, R_EC_BRP256T1, R_EC_BRP384R1, R_EC_BRP384T1,
439 R_EC_BRP512R1, R_EC_BRP512T1, ECDSA_NUM
441 /* list of ecdsa curves */
442 static const OPT_PAIR ecdsa_choices[ECDSA_NUM] = {
443 {"ecdsap160", R_EC_P160},
444 {"ecdsap192", R_EC_P192},
445 {"ecdsap224", R_EC_P224},
446 {"ecdsap256", R_EC_P256},
447 {"ecdsap384", R_EC_P384},
448 {"ecdsap521", R_EC_P521},
449 # ifndef OPENSSL_NO_EC2M
450 {"ecdsak163", R_EC_K163},
451 {"ecdsak233", R_EC_K233},
452 {"ecdsak283", R_EC_K283},
453 {"ecdsak409", R_EC_K409},
454 {"ecdsak571", R_EC_K571},
455 {"ecdsab163", R_EC_B163},
456 {"ecdsab233", R_EC_B233},
457 {"ecdsab283", R_EC_B283},
458 {"ecdsab409", R_EC_B409},
459 {"ecdsab571", R_EC_B571},
461 {"ecdsabrp256r1", R_EC_BRP256R1},
462 {"ecdsabrp256t1", R_EC_BRP256T1},
463 {"ecdsabrp384r1", R_EC_BRP384R1},
464 {"ecdsabrp384t1", R_EC_BRP384T1},
465 {"ecdsabrp512r1", R_EC_BRP512R1},
466 {"ecdsabrp512t1", R_EC_BRP512T1}
468 enum { R_EC_X25519 = ECDSA_NUM, R_EC_X448, EC_NUM };
469 /* list of ecdh curves, extension of |ecdsa_choices| list above */
470 static const OPT_PAIR ecdh_choices[EC_NUM] = {
471 {"ecdhp160", R_EC_P160},
472 {"ecdhp192", R_EC_P192},
473 {"ecdhp224", R_EC_P224},
474 {"ecdhp256", R_EC_P256},
475 {"ecdhp384", R_EC_P384},
476 {"ecdhp521", R_EC_P521},
477 # ifndef OPENSSL_NO_EC2M
478 {"ecdhk163", R_EC_K163},
479 {"ecdhk233", R_EC_K233},
480 {"ecdhk283", R_EC_K283},
481 {"ecdhk409", R_EC_K409},
482 {"ecdhk571", R_EC_K571},
483 {"ecdhb163", R_EC_B163},
484 {"ecdhb233", R_EC_B233},
485 {"ecdhb283", R_EC_B283},
486 {"ecdhb409", R_EC_B409},
487 {"ecdhb571", R_EC_B571},
489 {"ecdhbrp256r1", R_EC_BRP256R1},
490 {"ecdhbrp256t1", R_EC_BRP256T1},
491 {"ecdhbrp384r1", R_EC_BRP384R1},
492 {"ecdhbrp384t1", R_EC_BRP384T1},
493 {"ecdhbrp512r1", R_EC_BRP512R1},
494 {"ecdhbrp512t1", R_EC_BRP512T1},
495 {"ecdhx25519", R_EC_X25519},
496 {"ecdhx448", R_EC_X448}
499 static double ecdh_results[EC_NUM][1]; /* 1 op: derivation */
500 static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */
502 enum { R_EC_Ed25519, R_EC_Ed448, EdDSA_NUM };
503 static const OPT_PAIR eddsa_choices[EdDSA_NUM] = {
504 {"ed25519", R_EC_Ed25519},
505 {"ed448", R_EC_Ed448}
508 static double eddsa_results[EdDSA_NUM][2]; /* 2 ops: sign then verify */
510 # ifndef OPENSSL_NO_SM2
511 enum { R_EC_CURVESM2, SM2_NUM };
512 static const OPT_PAIR sm2_choices[SM2_NUM] = {
513 {"curveSM2", R_EC_CURVESM2}
515 # define SM2_ID "TLSv1.3+GM+Cipher+Suite"
516 # define SM2_ID_LEN sizeof("TLSv1.3+GM+Cipher+Suite") - 1
517 static double sm2_results[SM2_NUM][2]; /* 2 ops: sign then verify */
518 # endif /* OPENSSL_NO_SM2 */
519 #endif /* OPENSSL_NO_EC */
522 # define COND(d) (count < (d))
523 # define COUNT(d) (d)
525 # define COND(unused_cond) (run && count<0x7fffffff)
526 # define COUNT(d) (count)
529 typedef struct loopargs_st {
530 ASYNC_JOB *inprogress_job;
531 ASYNC_WAIT_CTX *wait_ctx;
534 unsigned char *buf_malloc;
535 unsigned char *buf2_malloc;
539 #ifndef OPENSSL_NO_RSA
540 RSA *rsa_key[RSA_NUM];
542 #ifndef OPENSSL_NO_DSA
543 DSA *dsa_key[DSA_NUM];
545 #ifndef OPENSSL_NO_EC
546 EC_KEY *ecdsa[ECDSA_NUM];
547 EVP_PKEY_CTX *ecdh_ctx[EC_NUM];
548 EVP_MD_CTX *eddsa_ctx[EdDSA_NUM];
549 # ifndef OPENSSL_NO_SM2
550 EVP_MD_CTX *sm2_ctx[SM2_NUM];
551 EVP_MD_CTX *sm2_vfy_ctx[SM2_NUM];
552 EVP_PKEY *sm2_pkey[SM2_NUM];
554 unsigned char *secret_a;
555 unsigned char *secret_b;
556 size_t outlen[EC_NUM];
560 #ifndef OPENSSL_NO_CMAC
563 GCM128_CONTEXT *gcm_ctx;
565 static int run_benchmark(int async_jobs, int (*loop_function) (void *),
566 loopargs_t * loopargs);
568 static unsigned int testnum;
570 /* Nb of iterations to do per algorithm and key-size */
571 static long c[ALGOR_NUM][SIZE_NUM];
573 #ifndef OPENSSL_NO_MD2
574 static int EVP_Digest_MD2_loop(void *args)
576 loopargs_t *tempargs = *(loopargs_t **) args;
577 unsigned char *buf = tempargs->buf;
578 unsigned char md2[MD2_DIGEST_LENGTH];
581 for (count = 0; COND(c[D_MD2][testnum]); count++) {
582 if (!EVP_Digest(buf, (size_t)lengths[testnum], md2, NULL, EVP_md2(),
590 #ifndef OPENSSL_NO_MDC2
591 static int EVP_Digest_MDC2_loop(void *args)
593 loopargs_t *tempargs = *(loopargs_t **) args;
594 unsigned char *buf = tempargs->buf;
595 unsigned char mdc2[MDC2_DIGEST_LENGTH];
598 for (count = 0; COND(c[D_MDC2][testnum]); count++) {
599 if (!EVP_Digest(buf, (size_t)lengths[testnum], mdc2, NULL, EVP_mdc2(),
607 #ifndef OPENSSL_NO_MD4
608 static int EVP_Digest_MD4_loop(void *args)
610 loopargs_t *tempargs = *(loopargs_t **) args;
611 unsigned char *buf = tempargs->buf;
612 unsigned char md4[MD4_DIGEST_LENGTH];
615 for (count = 0; COND(c[D_MD4][testnum]); count++) {
616 if (!EVP_Digest(buf, (size_t)lengths[testnum], md4, NULL, EVP_md4(),
624 #ifndef OPENSSL_NO_MD5
625 static int MD5_loop(void *args)
627 loopargs_t *tempargs = *(loopargs_t **) args;
628 unsigned char *buf = tempargs->buf;
629 unsigned char md5[MD5_DIGEST_LENGTH];
631 for (count = 0; COND(c[D_MD5][testnum]); count++)
632 MD5(buf, lengths[testnum], md5);
636 static int HMAC_loop(void *args)
638 loopargs_t *tempargs = *(loopargs_t **) args;
639 unsigned char *buf = tempargs->buf;
640 HMAC_CTX *hctx = tempargs->hctx;
641 unsigned char hmac[MD5_DIGEST_LENGTH];
644 for (count = 0; COND(c[D_HMAC][testnum]); count++) {
645 HMAC_Init_ex(hctx, NULL, 0, NULL, NULL);
646 HMAC_Update(hctx, buf, lengths[testnum]);
647 HMAC_Final(hctx, hmac, NULL);
653 static int SHA1_loop(void *args)
655 loopargs_t *tempargs = *(loopargs_t **) args;
656 unsigned char *buf = tempargs->buf;
657 unsigned char sha[SHA_DIGEST_LENGTH];
659 for (count = 0; COND(c[D_SHA1][testnum]); count++)
660 SHA1(buf, lengths[testnum], sha);
664 static int SHA256_loop(void *args)
666 loopargs_t *tempargs = *(loopargs_t **) args;
667 unsigned char *buf = tempargs->buf;
668 unsigned char sha256[SHA256_DIGEST_LENGTH];
670 for (count = 0; COND(c[D_SHA256][testnum]); count++)
671 SHA256(buf, lengths[testnum], sha256);
675 static int SHA512_loop(void *args)
677 loopargs_t *tempargs = *(loopargs_t **) args;
678 unsigned char *buf = tempargs->buf;
679 unsigned char sha512[SHA512_DIGEST_LENGTH];
681 for (count = 0; COND(c[D_SHA512][testnum]); count++)
682 SHA512(buf, lengths[testnum], sha512);
686 #ifndef OPENSSL_NO_WHIRLPOOL
687 static int WHIRLPOOL_loop(void *args)
689 loopargs_t *tempargs = *(loopargs_t **) args;
690 unsigned char *buf = tempargs->buf;
691 unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
693 for (count = 0; COND(c[D_WHIRLPOOL][testnum]); count++)
694 WHIRLPOOL(buf, lengths[testnum], whirlpool);
699 #ifndef OPENSSL_NO_RMD160
700 static int EVP_Digest_RMD160_loop(void *args)
702 loopargs_t *tempargs = *(loopargs_t **) args;
703 unsigned char *buf = tempargs->buf;
704 unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
706 for (count = 0; COND(c[D_RMD160][testnum]); count++) {
707 if (!EVP_Digest(buf, (size_t)lengths[testnum], &(rmd160[0]),
708 NULL, EVP_ripemd160(), NULL))
715 #ifndef OPENSSL_NO_RC4
716 static RC4_KEY rc4_ks;
717 static int RC4_loop(void *args)
719 loopargs_t *tempargs = *(loopargs_t **) args;
720 unsigned char *buf = tempargs->buf;
722 for (count = 0; COND(c[D_RC4][testnum]); count++)
723 RC4(&rc4_ks, (size_t)lengths[testnum], buf, buf);
728 #ifndef OPENSSL_NO_DES
729 static unsigned char DES_iv[8];
730 static DES_key_schedule sch[3];
731 static int DES_ncbc_encrypt_loop(void *args)
733 loopargs_t *tempargs = *(loopargs_t **) args;
734 unsigned char *buf = tempargs->buf;
736 for (count = 0; COND(c[D_CBC_DES][testnum]); count++)
737 DES_ncbc_encrypt(buf, buf, lengths[testnum], &sch[0],
738 &DES_iv, DES_ENCRYPT);
742 static int DES_ede3_cbc_encrypt_loop(void *args)
744 loopargs_t *tempargs = *(loopargs_t **) args;
745 unsigned char *buf = tempargs->buf;
747 for (count = 0; COND(c[D_EDE3_DES][testnum]); count++)
748 DES_ede3_cbc_encrypt(buf, buf, lengths[testnum],
749 &sch[0], &sch[1], &sch[2], &DES_iv, DES_ENCRYPT);
754 #define MAX_BLOCK_SIZE 128
756 static unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
758 #ifndef OPENSSL_NO_DEPRECATED_3_0
759 static AES_KEY aes_ks1, aes_ks2, aes_ks3;
760 static int AES_cbc_128_encrypt_loop(void *args)
762 loopargs_t *tempargs = *(loopargs_t **) args;
763 unsigned char *buf = tempargs->buf;
765 for (count = 0; COND(c[D_CBC_128_AES][testnum]); count++)
766 AES_cbc_encrypt(buf, buf,
767 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
771 static int AES_cbc_192_encrypt_loop(void *args)
773 loopargs_t *tempargs = *(loopargs_t **) args;
774 unsigned char *buf = tempargs->buf;
776 for (count = 0; COND(c[D_CBC_192_AES][testnum]); count++)
777 AES_cbc_encrypt(buf, buf,
778 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
782 static int AES_cbc_256_encrypt_loop(void *args)
784 loopargs_t *tempargs = *(loopargs_t **) args;
785 unsigned char *buf = tempargs->buf;
787 for (count = 0; COND(c[D_CBC_256_AES][testnum]); count++)
788 AES_cbc_encrypt(buf, buf,
789 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
793 static int AES_ige_128_encrypt_loop(void *args)
795 loopargs_t *tempargs = *(loopargs_t **) args;
796 unsigned char *buf = tempargs->buf;
797 unsigned char *buf2 = tempargs->buf2;
799 for (count = 0; COND(c[D_IGE_128_AES][testnum]); count++)
800 AES_ige_encrypt(buf, buf2,
801 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
805 static int AES_ige_192_encrypt_loop(void *args)
807 loopargs_t *tempargs = *(loopargs_t **) args;
808 unsigned char *buf = tempargs->buf;
809 unsigned char *buf2 = tempargs->buf2;
811 for (count = 0; COND(c[D_IGE_192_AES][testnum]); count++)
812 AES_ige_encrypt(buf, buf2,
813 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
817 static int AES_ige_256_encrypt_loop(void *args)
819 loopargs_t *tempargs = *(loopargs_t **) args;
820 unsigned char *buf = tempargs->buf;
821 unsigned char *buf2 = tempargs->buf2;
823 for (count = 0; COND(c[D_IGE_256_AES][testnum]); count++)
824 AES_ige_encrypt(buf, buf2,
825 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
829 static int CRYPTO_gcm128_aad_loop(void *args)
831 loopargs_t *tempargs = *(loopargs_t **) args;
832 unsigned char *buf = tempargs->buf;
833 GCM128_CONTEXT *gcm_ctx = tempargs->gcm_ctx;
835 for (count = 0; COND(c[D_GHASH][testnum]); count++)
836 CRYPTO_gcm128_aad(gcm_ctx, buf, lengths[testnum]);
841 static int RAND_bytes_loop(void *args)
843 loopargs_t *tempargs = *(loopargs_t **) args;
844 unsigned char *buf = tempargs->buf;
847 for (count = 0; COND(c[D_RAND][testnum]); count++)
848 RAND_bytes(buf, lengths[testnum]);
852 static int decrypt = 0;
853 static int EVP_Update_loop(void *args)
855 loopargs_t *tempargs = *(loopargs_t **) args;
856 unsigned char *buf = tempargs->buf;
857 EVP_CIPHER_CTX *ctx = tempargs->ctx;
861 for (count = 0; COND(c[D_EVP][testnum]); count++) {
862 rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
864 /* reset iv in case of counter overflow */
865 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
869 for (count = 0; COND(c[D_EVP][testnum]); count++) {
870 rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
872 /* reset iv in case of counter overflow */
873 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
878 EVP_DecryptFinal_ex(ctx, buf, &outl);
880 EVP_EncryptFinal_ex(ctx, buf, &outl);
885 * CCM does not support streaming. For the purpose of performance measurement,
886 * each message is encrypted using the same (key,iv)-pair. Do not use this
887 * code in your application.
889 static int EVP_Update_loop_ccm(void *args)
891 loopargs_t *tempargs = *(loopargs_t **) args;
892 unsigned char *buf = tempargs->buf;
893 EVP_CIPHER_CTX *ctx = tempargs->ctx;
895 unsigned char tag[12];
898 for (count = 0; COND(c[D_EVP][testnum]); count++) {
899 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), tag);
901 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
902 /* counter is reset on every update */
903 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
906 for (count = 0; COND(c[D_EVP][testnum]); count++) {
907 /* restore iv length field */
908 EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
909 /* counter is reset on every update */
910 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
914 EVP_DecryptFinal_ex(ctx, buf, &outl);
916 EVP_EncryptFinal_ex(ctx, buf, &outl);
921 * To make AEAD benchmarking more relevant perform TLS-like operations,
922 * 13-byte AAD followed by payload. But don't use TLS-formatted AAD, as
923 * payload length is not actually limited by 16KB...
925 static int EVP_Update_loop_aead(void *args)
927 loopargs_t *tempargs = *(loopargs_t **) args;
928 unsigned char *buf = tempargs->buf;
929 EVP_CIPHER_CTX *ctx = tempargs->ctx;
931 unsigned char aad[13] = { 0xcc };
932 unsigned char faketag[16] = { 0xcc };
935 for (count = 0; COND(c[D_EVP][testnum]); count++) {
936 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
937 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
938 sizeof(faketag), faketag);
939 EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
940 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
941 EVP_DecryptFinal_ex(ctx, buf + outl, &outl);
944 for (count = 0; COND(c[D_EVP][testnum]); count++) {
945 EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv);
946 EVP_EncryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
947 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
948 EVP_EncryptFinal_ex(ctx, buf + outl, &outl);
954 static const EVP_MD *evp_md = NULL;
955 static int EVP_Digest_loop(void *args)
957 loopargs_t *tempargs = *(loopargs_t **) args;
958 unsigned char *buf = tempargs->buf;
959 unsigned char md[EVP_MAX_MD_SIZE];
962 for (count = 0; COND(c[D_EVP][testnum]); count++) {
963 if (!EVP_Digest(buf, lengths[testnum], md, NULL, evp_md, NULL))
969 static const EVP_MD *evp_hmac_md = NULL;
970 static char *evp_hmac_name = NULL;
971 static int EVP_HMAC_loop(void *args)
973 loopargs_t *tempargs = *(loopargs_t **) args;
974 unsigned char *buf = tempargs->buf;
975 unsigned char no_key[32];
978 for (count = 0; COND(c[D_EVP_HMAC][testnum]); count++) {
979 if (HMAC(evp_hmac_md, no_key, sizeof(no_key), buf, lengths[testnum],
986 #ifndef OPENSSL_NO_CMAC
987 static const EVP_CIPHER *evp_cmac_cipher = NULL;
988 static char *evp_cmac_name = NULL;
990 static int EVP_CMAC_loop(void *args)
992 loopargs_t *tempargs = *(loopargs_t **) args;
993 unsigned char *buf = tempargs->buf;
994 CMAC_CTX *cmac_ctx = tempargs->cmac_ctx;
995 static const char key[16] = "This is a key...";
996 unsigned char mac[16];
997 size_t len = sizeof(mac);
1000 for (count = 0; COND(c[D_EVP_CMAC][testnum]); count++) {
1001 if (!CMAC_Init(cmac_ctx, key, sizeof(key), evp_cmac_cipher, NULL)
1002 || !CMAC_Update(cmac_ctx, buf, lengths[testnum])
1003 || !CMAC_Final(cmac_ctx, mac, &len))
1010 #ifndef OPENSSL_NO_RSA
1011 static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */
1013 static int RSA_sign_loop(void *args)
1015 loopargs_t *tempargs = *(loopargs_t **) args;
1016 unsigned char *buf = tempargs->buf;
1017 unsigned char *buf2 = tempargs->buf2;
1018 unsigned int *rsa_num = &tempargs->siglen;
1019 RSA **rsa_key = tempargs->rsa_key;
1021 for (count = 0; COND(rsa_c[testnum][0]); count++) {
1022 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1024 BIO_printf(bio_err, "RSA sign failure\n");
1025 ERR_print_errors(bio_err);
1033 static int RSA_verify_loop(void *args)
1035 loopargs_t *tempargs = *(loopargs_t **) args;
1036 unsigned char *buf = tempargs->buf;
1037 unsigned char *buf2 = tempargs->buf2;
1038 unsigned int rsa_num = tempargs->siglen;
1039 RSA **rsa_key = tempargs->rsa_key;
1041 for (count = 0; COND(rsa_c[testnum][1]); count++) {
1043 RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1045 BIO_printf(bio_err, "RSA verify failure\n");
1046 ERR_print_errors(bio_err);
1055 #ifndef OPENSSL_NO_DSA
1056 static long dsa_c[DSA_NUM][2];
1057 static int DSA_sign_loop(void *args)
1059 loopargs_t *tempargs = *(loopargs_t **) args;
1060 unsigned char *buf = tempargs->buf;
1061 unsigned char *buf2 = tempargs->buf2;
1062 DSA **dsa_key = tempargs->dsa_key;
1063 unsigned int *siglen = &tempargs->siglen;
1065 for (count = 0; COND(dsa_c[testnum][0]); count++) {
1066 ret = DSA_sign(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1068 BIO_printf(bio_err, "DSA sign failure\n");
1069 ERR_print_errors(bio_err);
1077 static int DSA_verify_loop(void *args)
1079 loopargs_t *tempargs = *(loopargs_t **) args;
1080 unsigned char *buf = tempargs->buf;
1081 unsigned char *buf2 = tempargs->buf2;
1082 DSA **dsa_key = tempargs->dsa_key;
1083 unsigned int siglen = tempargs->siglen;
1085 for (count = 0; COND(dsa_c[testnum][1]); count++) {
1086 ret = DSA_verify(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1088 BIO_printf(bio_err, "DSA verify failure\n");
1089 ERR_print_errors(bio_err);
1098 #ifndef OPENSSL_NO_EC
1099 static long ecdsa_c[ECDSA_NUM][2];
1100 static int ECDSA_sign_loop(void *args)
1102 loopargs_t *tempargs = *(loopargs_t **) args;
1103 unsigned char *buf = tempargs->buf;
1104 EC_KEY **ecdsa = tempargs->ecdsa;
1105 unsigned char *ecdsasig = tempargs->buf2;
1106 unsigned int *ecdsasiglen = &tempargs->siglen;
1108 for (count = 0; COND(ecdsa_c[testnum][0]); count++) {
1109 ret = ECDSA_sign(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1111 BIO_printf(bio_err, "ECDSA sign failure\n");
1112 ERR_print_errors(bio_err);
1120 static int ECDSA_verify_loop(void *args)
1122 loopargs_t *tempargs = *(loopargs_t **) args;
1123 unsigned char *buf = tempargs->buf;
1124 EC_KEY **ecdsa = tempargs->ecdsa;
1125 unsigned char *ecdsasig = tempargs->buf2;
1126 unsigned int ecdsasiglen = tempargs->siglen;
1128 for (count = 0; COND(ecdsa_c[testnum][1]); count++) {
1129 ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1131 BIO_printf(bio_err, "ECDSA verify failure\n");
1132 ERR_print_errors(bio_err);
1140 /* ******************************************************************** */
1141 static long ecdh_c[EC_NUM][1];
1143 static int ECDH_EVP_derive_key_loop(void *args)
1145 loopargs_t *tempargs = *(loopargs_t **) args;
1146 EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum];
1147 unsigned char *derived_secret = tempargs->secret_a;
1149 size_t *outlen = &(tempargs->outlen[testnum]);
1151 for (count = 0; COND(ecdh_c[testnum][0]); count++)
1152 EVP_PKEY_derive(ctx, derived_secret, outlen);
1157 static long eddsa_c[EdDSA_NUM][2];
1158 static int EdDSA_sign_loop(void *args)
1160 loopargs_t *tempargs = *(loopargs_t **) args;
1161 unsigned char *buf = tempargs->buf;
1162 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1163 unsigned char *eddsasig = tempargs->buf2;
1164 size_t *eddsasigsize = &tempargs->sigsize;
1167 for (count = 0; COND(eddsa_c[testnum][0]); count++) {
1168 ret = EVP_DigestSign(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1170 BIO_printf(bio_err, "EdDSA sign failure\n");
1171 ERR_print_errors(bio_err);
1179 static int EdDSA_verify_loop(void *args)
1181 loopargs_t *tempargs = *(loopargs_t **) args;
1182 unsigned char *buf = tempargs->buf;
1183 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1184 unsigned char *eddsasig = tempargs->buf2;
1185 size_t eddsasigsize = tempargs->sigsize;
1188 for (count = 0; COND(eddsa_c[testnum][1]); count++) {
1189 ret = EVP_DigestVerify(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1191 BIO_printf(bio_err, "EdDSA verify failure\n");
1192 ERR_print_errors(bio_err);
1200 # ifndef OPENSSL_NO_SM2
1201 static long sm2_c[SM2_NUM][2];
1202 static int SM2_sign_loop(void *args)
1204 loopargs_t *tempargs = *(loopargs_t **) args;
1205 unsigned char *buf = tempargs->buf;
1206 EVP_MD_CTX **sm2ctx = tempargs->sm2_ctx;
1207 unsigned char *sm2sig = tempargs->buf2;
1208 size_t sm2sigsize = tempargs->sigsize;
1209 const size_t max_size = tempargs->sigsize;
1211 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1213 for (count = 0; COND(sm2_c[testnum][0]); count++) {
1214 if (!EVP_DigestSignInit(sm2ctx[testnum], NULL, EVP_sm3(),
1215 NULL, sm2_pkey[testnum])) {
1216 BIO_printf(bio_err, "SM2 init sign failure\n");
1217 ERR_print_errors(bio_err);
1221 ret = EVP_DigestSign(sm2ctx[testnum], sm2sig, &sm2sigsize,
1224 BIO_printf(bio_err, "SM2 sign failure\n");
1225 ERR_print_errors(bio_err);
1229 /* update the latest returned size and always use the fixed buffer size */
1230 tempargs->sigsize = sm2sigsize;
1231 sm2sigsize = max_size;
1237 static int SM2_verify_loop(void *args)
1239 loopargs_t *tempargs = *(loopargs_t **) args;
1240 unsigned char *buf = tempargs->buf;
1241 EVP_MD_CTX **sm2ctx = tempargs->sm2_vfy_ctx;
1242 unsigned char *sm2sig = tempargs->buf2;
1243 size_t sm2sigsize = tempargs->sigsize;
1245 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1247 for (count = 0; COND(sm2_c[testnum][1]); count++) {
1248 if (!EVP_DigestVerifyInit(sm2ctx[testnum], NULL, EVP_sm3(),
1249 NULL, sm2_pkey[testnum])) {
1250 BIO_printf(bio_err, "SM2 verify init failure\n");
1251 ERR_print_errors(bio_err);
1255 ret = EVP_DigestVerify(sm2ctx[testnum], sm2sig, sm2sigsize,
1258 BIO_printf(bio_err, "SM2 verify failure\n");
1259 ERR_print_errors(bio_err);
1266 # endif /* OPENSSL_NO_SM2 */
1267 #endif /* OPENSSL_NO_EC */
1269 static int run_benchmark(int async_jobs,
1270 int (*loop_function) (void *), loopargs_t * loopargs)
1272 int job_op_count = 0;
1273 int total_op_count = 0;
1274 int num_inprogress = 0;
1275 int error = 0, i = 0, ret = 0;
1276 OSSL_ASYNC_FD job_fd = 0;
1277 size_t num_job_fds = 0;
1279 if (async_jobs == 0) {
1280 return loop_function((void *)&loopargs);
1283 for (i = 0; i < async_jobs && !error; i++) {
1284 loopargs_t *looparg_item = loopargs + i;
1286 /* Copy pointer content (looparg_t item address) into async context */
1287 ret = ASYNC_start_job(&loopargs[i].inprogress_job, loopargs[i].wait_ctx,
1288 &job_op_count, loop_function,
1289 (void *)&looparg_item, sizeof(looparg_item));
1295 if (job_op_count == -1) {
1298 total_op_count += job_op_count;
1303 BIO_printf(bio_err, "Failure in the job\n");
1304 ERR_print_errors(bio_err);
1310 while (num_inprogress > 0) {
1311 #if defined(OPENSSL_SYS_WINDOWS)
1313 #elif defined(OPENSSL_SYS_UNIX)
1314 int select_result = 0;
1315 OSSL_ASYNC_FD max_fd = 0;
1318 FD_ZERO(&waitfdset);
1320 for (i = 0; i < async_jobs && num_inprogress > 0; i++) {
1321 if (loopargs[i].inprogress_job == NULL)
1324 if (!ASYNC_WAIT_CTX_get_all_fds
1325 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1326 || num_job_fds > 1) {
1327 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1328 ERR_print_errors(bio_err);
1332 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1334 FD_SET(job_fd, &waitfdset);
1335 if (job_fd > max_fd)
1339 if (max_fd >= (OSSL_ASYNC_FD)FD_SETSIZE) {
1341 "Error: max_fd (%d) must be smaller than FD_SETSIZE (%d). "
1342 "Decrease the value of async_jobs\n",
1343 max_fd, FD_SETSIZE);
1344 ERR_print_errors(bio_err);
1349 select_result = select(max_fd + 1, &waitfdset, NULL, NULL, NULL);
1350 if (select_result == -1 && errno == EINTR)
1353 if (select_result == -1) {
1354 BIO_printf(bio_err, "Failure in the select\n");
1355 ERR_print_errors(bio_err);
1360 if (select_result == 0)
1364 for (i = 0; i < async_jobs; i++) {
1365 if (loopargs[i].inprogress_job == NULL)
1368 if (!ASYNC_WAIT_CTX_get_all_fds
1369 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1370 || num_job_fds > 1) {
1371 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1372 ERR_print_errors(bio_err);
1376 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1379 #if defined(OPENSSL_SYS_UNIX)
1380 if (num_job_fds == 1 && !FD_ISSET(job_fd, &waitfdset))
1382 #elif defined(OPENSSL_SYS_WINDOWS)
1383 if (num_job_fds == 1
1384 && !PeekNamedPipe(job_fd, NULL, 0, NULL, &avail, NULL)
1389 ret = ASYNC_start_job(&loopargs[i].inprogress_job,
1390 loopargs[i].wait_ctx, &job_op_count,
1391 loop_function, (void *)(loopargs + i),
1392 sizeof(loopargs_t));
1397 if (job_op_count == -1) {
1400 total_op_count += job_op_count;
1403 loopargs[i].inprogress_job = NULL;
1408 loopargs[i].inprogress_job = NULL;
1409 BIO_printf(bio_err, "Failure in the job\n");
1410 ERR_print_errors(bio_err);
1417 return error ? -1 : total_op_count;
1420 #define stop_it(do_it, test_num)\
1421 memset(do_it + test_num, 0, OSSL_NELEM(do_it) - test_num);
1423 int speed_main(int argc, char **argv)
1426 loopargs_t *loopargs = NULL;
1428 const char *engine_id = NULL;
1429 const EVP_CIPHER *evp_cipher = NULL;
1432 int async_init = 0, multiblock = 0, pr_header = 0;
1433 uint8_t doit[ALGOR_NUM] = { 0 };
1434 int ret = 1, misalign = 0, lengths_single = 0, aead = 0;
1436 unsigned int size_num = SIZE_NUM;
1437 unsigned int i, k, loopargs_len = 0, async_jobs = 0;
1443 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) \
1444 || !defined(OPENSSL_NO_EC)
1447 openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS,
1448 ECDSA_SECONDS, ECDH_SECONDS,
1449 EdDSA_SECONDS, SM2_SECONDS };
1451 /* What follows are the buffers and key material. */
1452 #ifndef OPENSSL_NO_RC5
1455 #ifndef OPENSSL_NO_RC2
1458 #ifndef OPENSSL_NO_IDEA
1459 IDEA_KEY_SCHEDULE idea_ks;
1461 #ifndef OPENSSL_NO_SEED
1462 SEED_KEY_SCHEDULE seed_ks;
1464 #if !defined(OPENSSL_NO_BF) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1467 #ifndef OPENSSL_NO_CAST
1470 static const unsigned char key16[16] = {
1471 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1472 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1474 static const unsigned char key24[24] = {
1475 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1476 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1477 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1479 static const unsigned char key32[32] = {
1480 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1481 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1482 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1483 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1485 #ifndef OPENSSL_NO_CAMELLIA
1486 CAMELLIA_KEY camellia_ks[3];
1488 #ifndef OPENSSL_NO_RSA
1489 static const struct {
1490 const unsigned char *data;
1491 unsigned int length;
1494 { test512, sizeof(test512), 512 },
1495 { test1024, sizeof(test1024), 1024 },
1496 { test2048, sizeof(test2048), 2048 },
1497 { test3072, sizeof(test3072), 3072 },
1498 { test4096, sizeof(test4096), 4092 },
1499 { test7680, sizeof(test7680), 7680 },
1500 { test15360, sizeof(test15360), 15360 }
1502 uint8_t rsa_doit[RSA_NUM] = { 0 };
1503 int primes = RSA_DEFAULT_PRIME_NUM;
1505 #ifndef OPENSSL_NO_DSA
1506 static const unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 };
1507 uint8_t dsa_doit[DSA_NUM] = { 0 };
1509 #ifndef OPENSSL_NO_EC
1510 typedef struct ec_curve_st {
1514 size_t sigsize; /* only used for EdDSA curves */
1517 * We only test over the following curves as they are representative, To
1518 * add tests over more curves, simply add the curve NID and curve name to
1519 * the following arrays and increase the |ecdh_choices| and |ecdsa_choices|
1520 * lists accordingly.
1522 static const EC_CURVE ec_curves[EC_NUM] = {
1524 {"secp160r1", NID_secp160r1, 160},
1525 {"nistp192", NID_X9_62_prime192v1, 192},
1526 {"nistp224", NID_secp224r1, 224},
1527 {"nistp256", NID_X9_62_prime256v1, 256},
1528 {"nistp384", NID_secp384r1, 384},
1529 {"nistp521", NID_secp521r1, 521},
1530 # ifndef OPENSSL_NO_EC2M
1532 {"nistk163", NID_sect163k1, 163},
1533 {"nistk233", NID_sect233k1, 233},
1534 {"nistk283", NID_sect283k1, 283},
1535 {"nistk409", NID_sect409k1, 409},
1536 {"nistk571", NID_sect571k1, 571},
1537 {"nistb163", NID_sect163r2, 163},
1538 {"nistb233", NID_sect233r1, 233},
1539 {"nistb283", NID_sect283r1, 283},
1540 {"nistb409", NID_sect409r1, 409},
1541 {"nistb571", NID_sect571r1, 571},
1543 {"brainpoolP256r1", NID_brainpoolP256r1, 256},
1544 {"brainpoolP256t1", NID_brainpoolP256t1, 256},
1545 {"brainpoolP384r1", NID_brainpoolP384r1, 384},
1546 {"brainpoolP384t1", NID_brainpoolP384t1, 384},
1547 {"brainpoolP512r1", NID_brainpoolP512r1, 512},
1548 {"brainpoolP512t1", NID_brainpoolP512t1, 512},
1549 /* Other and ECDH only ones */
1550 {"X25519", NID_X25519, 253},
1551 {"X448", NID_X448, 448}
1553 static const EC_CURVE ed_curves[EdDSA_NUM] = {
1555 {"Ed25519", NID_ED25519, 253, 64},
1556 {"Ed448", NID_ED448, 456, 114}
1558 # ifndef OPENSSL_NO_SM2
1559 static const EC_CURVE sm2_curves[SM2_NUM] = {
1561 {"CurveSM2", NID_sm2, 256}
1563 uint8_t sm2_doit[SM2_NUM] = { 0 };
1565 uint8_t ecdsa_doit[ECDSA_NUM] = { 0 };
1566 uint8_t ecdh_doit[EC_NUM] = { 0 };
1567 uint8_t eddsa_doit[EdDSA_NUM] = { 0 };
1569 /* checks declarated curves against choices list. */
1570 OPENSSL_assert(ed_curves[EdDSA_NUM - 1].nid == NID_ED448);
1571 OPENSSL_assert(strcmp(eddsa_choices[EdDSA_NUM - 1].name, "ed448") == 0);
1573 OPENSSL_assert(ec_curves[EC_NUM - 1].nid == NID_X448);
1574 OPENSSL_assert(strcmp(ecdh_choices[EC_NUM - 1].name, "ecdhx448") == 0);
1576 OPENSSL_assert(ec_curves[ECDSA_NUM - 1].nid == NID_brainpoolP512t1);
1577 OPENSSL_assert(strcmp(ecdsa_choices[ECDSA_NUM - 1].name, "ecdsabrp512t1") == 0);
1579 # ifndef OPENSSL_NO_SM2
1580 OPENSSL_assert(sm2_curves[SM2_NUM - 1].nid == NID_sm2);
1581 OPENSSL_assert(strcmp(sm2_choices[SM2_NUM - 1].name, "curveSM2") == 0);
1583 #endif /* ndef OPENSSL_NO_EC */
1585 prog = opt_init(argc, argv, speed_options);
1586 while ((o = opt_next()) != OPT_EOF) {
1591 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
1594 opt_help(speed_options);
1602 evp_cipher = EVP_get_cipherbyname(opt_arg());
1603 if (evp_cipher == NULL)
1604 evp_md = EVP_get_digestbyname(opt_arg());
1605 if (evp_cipher == NULL && evp_md == NULL) {
1607 "%s: %s is an unknown cipher or digest\n",
1614 evp_hmac_md = EVP_get_digestbyname(opt_arg());
1615 if (evp_hmac_md == NULL) {
1616 BIO_printf(bio_err, "%s: %s is an unknown digest\n",
1620 doit[D_EVP_HMAC] = 1;
1623 #ifndef OPENSSL_NO_CMAC
1624 evp_cmac_cipher = EVP_get_cipherbyname(opt_arg());
1625 if (evp_cmac_cipher == NULL) {
1626 BIO_printf(bio_err, "%s: %s is an unknown cipher\n",
1630 doit[D_EVP_CMAC] = 1;
1638 * In a forked execution, an engine might need to be
1639 * initialised by each child process, not by the parent.
1640 * So store the name here and run setup_engine() later on.
1642 engine_id = opt_arg();
1646 multi = atoi(opt_arg());
1650 #ifndef OPENSSL_NO_ASYNC
1651 async_jobs = atoi(opt_arg());
1652 if (!ASYNC_is_capable()) {
1654 "%s: async_jobs specified but async not supported\n",
1658 if (async_jobs > 99999) {
1659 BIO_printf(bio_err, "%s: too many async_jobs\n", prog);
1665 if (!opt_int(opt_arg(), &misalign))
1667 if (misalign > MISALIGN) {
1669 "%s: Maximum offset is %d\n", prog, MISALIGN);
1678 #ifdef OPENSSL_NO_MULTIBLOCK
1680 "%s: -mb specified but multi-block support is disabled\n",
1690 if (!opt_int(opt_arg(), &primes))
1694 seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa
1695 = seconds.ecdh = seconds.eddsa
1696 = seconds.sm2 = atoi(opt_arg());
1699 lengths_single = atoi(opt_arg());
1700 lengths = &lengths_single;
1708 argc = opt_num_rest();
1711 /* Remaining arguments are algorithms. */
1712 for (; *argv; argv++) {
1713 const char *algo = *argv;
1715 if (opt_found(algo, doit_choices, &i)) {
1719 #ifndef OPENSSL_NO_DES
1720 if (strcmp(algo, "des") == 0) {
1721 doit[D_CBC_DES] = doit[D_EDE3_DES] = 1;
1725 if (strcmp(algo, "sha") == 0) {
1726 doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1;
1729 #ifndef OPENSSL_NO_RSA
1730 if (strcmp(algo, "openssl") == 0) /* just for compatibility */
1732 if (strncmp(algo, "rsa", 3) == 0) {
1733 if (algo[3] == '\0') {
1734 memset(rsa_doit, 1, sizeof(rsa_doit));
1737 if (opt_found(algo, rsa_choices, &i)) {
1743 #ifndef OPENSSL_NO_DSA
1744 if (strncmp(algo, "dsa", 3) == 0) {
1745 if (algo[3] == '\0') {
1746 memset(dsa_doit, 1, sizeof(dsa_doit));
1749 if (opt_found(algo, dsa_choices, &i)) {
1755 #ifndef OPENSSL_NO_DEPRECATED_3_0
1756 if (strcmp(algo, "aes") == 0) {
1757 doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1;
1761 #ifndef OPENSSL_NO_CAMELLIA
1762 if (strcmp(algo, "camellia") == 0) {
1763 doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1;
1767 #ifndef OPENSSL_NO_EC
1768 if (strncmp(algo, "ecdsa", 5) == 0) {
1769 if (algo[5] == '\0') {
1770 memset(ecdsa_doit, 1, sizeof(ecdsa_doit));
1773 if (opt_found(algo, ecdsa_choices, &i)) {
1778 if (strncmp(algo, "ecdh", 4) == 0) {
1779 if (algo[4] == '\0') {
1780 memset(ecdh_doit, 1, sizeof(ecdh_doit));
1783 if (opt_found(algo, ecdh_choices, &i)) {
1788 if (strcmp(algo, "eddsa") == 0) {
1789 memset(eddsa_doit, 1, sizeof(eddsa_doit));
1792 if (opt_found(algo, eddsa_choices, &i)) {
1796 # ifndef OPENSSL_NO_SM2
1797 if (strcmp(algo, "sm2") == 0) {
1798 memset(sm2_doit, 1, sizeof(sm2_doit));
1801 if (opt_found(algo, sm2_choices, &i)) {
1806 #endif /* OPENSSL_NO_EC */
1807 BIO_printf(bio_err, "%s: Unknown algorithm %s\n", prog, algo);
1813 if (evp_cipher == NULL) {
1814 BIO_printf(bio_err, "-aead can be used only with an AEAD cipher\n");
1816 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1817 EVP_CIPH_FLAG_AEAD_CIPHER)) {
1818 BIO_printf(bio_err, "%s is not an AEAD cipher\n",
1819 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1824 if (evp_cipher == NULL) {
1825 BIO_printf(bio_err,"-mb can be used only with a multi-block"
1826 " capable cipher\n");
1828 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1829 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
1830 BIO_printf(bio_err, "%s is not a multi-block capable\n",
1831 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1833 } else if (async_jobs > 0) {
1834 BIO_printf(bio_err, "Async mode is not supported with -mb");
1839 /* Initialize the job pool if async mode is enabled */
1840 if (async_jobs > 0) {
1841 async_init = ASYNC_init_thread(async_jobs, async_jobs);
1843 BIO_printf(bio_err, "Error creating the ASYNC job pool\n");
1848 loopargs_len = (async_jobs == 0 ? 1 : async_jobs);
1850 app_malloc(loopargs_len * sizeof(loopargs_t), "array of loopargs");
1851 memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));
1853 for (i = 0; i < loopargs_len; i++) {
1854 if (async_jobs > 0) {
1855 loopargs[i].wait_ctx = ASYNC_WAIT_CTX_new();
1856 if (loopargs[i].wait_ctx == NULL) {
1857 BIO_printf(bio_err, "Error creating the ASYNC_WAIT_CTX\n");
1862 buflen = lengths[size_num - 1];
1863 if (buflen < 36) /* size of random vector in RSA benchmark */
1865 buflen += MAX_MISALIGNMENT + 1;
1866 loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
1867 loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");
1868 memset(loopargs[i].buf_malloc, 0, buflen);
1869 memset(loopargs[i].buf2_malloc, 0, buflen);
1871 /* Align the start of buffers on a 64 byte boundary */
1872 loopargs[i].buf = loopargs[i].buf_malloc + misalign;
1873 loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;
1874 #ifndef OPENSSL_NO_EC
1875 loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a");
1876 loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b");
1881 if (multi && do_multi(multi, size_num))
1885 /* Initialize the engine after the fork */
1886 e = setup_engine(engine_id, 0);
1888 /* No parameters; turn on everything. */
1889 if (argc == 0 && !doit[D_EVP] && !doit[D_EVP_HMAC] && !doit[D_EVP_CMAC]) {
1890 memset(doit, 1, sizeof(doit));
1891 doit[D_EVP] = doit[D_EVP_HMAC] = doit[D_EVP_CMAC] = 0;
1892 #ifndef OPENSSL_NO_RSA
1893 memset(rsa_doit, 1, sizeof(rsa_doit));
1895 #ifndef OPENSSL_NO_DSA
1896 memset(dsa_doit, 1, sizeof(dsa_doit));
1898 #ifndef OPENSSL_NO_EC
1899 memset(ecdsa_doit, 1, sizeof(ecdsa_doit));
1900 memset(ecdh_doit, 1, sizeof(ecdh_doit));
1901 memset(eddsa_doit, 1, sizeof(eddsa_doit));
1902 # ifndef OPENSSL_NO_SM2
1903 memset(sm2_doit, 1, sizeof(sm2_doit));
1907 for (i = 0; i < ALGOR_NUM; i++)
1911 if (usertime == 0 && !mr)
1913 "You have chosen to measure elapsed time "
1914 "instead of user CPU time.\n");
1916 #ifndef OPENSSL_NO_RSA
1917 for (i = 0; i < loopargs_len; i++) {
1918 if (primes > RSA_DEFAULT_PRIME_NUM) {
1919 /* for multi-prime RSA, skip this */
1922 for (k = 0; k < RSA_NUM; k++) {
1923 const unsigned char *p = rsa_keys[k].data;
1925 loopargs[i].rsa_key[k] =
1926 d2i_RSAPrivateKey(NULL, &p, rsa_keys[k].length);
1927 if (loopargs[i].rsa_key[k] == NULL) {
1929 "internal error loading RSA key number %d\n", k);
1935 #ifndef OPENSSL_NO_DSA
1936 for (i = 0; i < loopargs_len; i++) {
1937 loopargs[i].dsa_key[0] = get_dsa(512);
1938 loopargs[i].dsa_key[1] = get_dsa(1024);
1939 loopargs[i].dsa_key[2] = get_dsa(2048);
1942 #ifndef OPENSSL_NO_DES
1943 if (doit[D_CBC_DES] || doit[D_EDE3_DES]) {
1944 static DES_cblock keys[] = {
1945 { 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0 }, /* keys[0] */
1946 { 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12 }, /* keys[1] */
1947 { 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34 } /* keys[3] */
1949 DES_set_key_unchecked(&keys[0], &sch[0]);
1950 DES_set_key_unchecked(&keys[1], &sch[1]);
1951 DES_set_key_unchecked(&keys[2], &sch[2]);
1954 #ifndef OPENSSL_NO_DEPRECATED_3_0
1955 AES_set_encrypt_key(key16, 128, &aes_ks1);
1956 AES_set_encrypt_key(key24, 192, &aes_ks2);
1957 AES_set_encrypt_key(key32, 256, &aes_ks3);
1959 #ifndef OPENSSL_NO_CAMELLIA
1960 if (doit[D_CBC_128_CML] || doit[D_CBC_192_CML] || doit[D_CBC_256_CML]) {
1961 Camellia_set_key(key16, 128, &camellia_ks[0]);
1962 Camellia_set_key(key24, 192, &camellia_ks[1]);
1963 Camellia_set_key(key32, 256, &camellia_ks[2]);
1966 #ifndef OPENSSL_NO_IDEA
1967 if (doit[D_CBC_IDEA])
1968 IDEA_set_encrypt_key(key16, &idea_ks);
1970 #ifndef OPENSSL_NO_SEED
1971 if (doit[D_CBC_SEED])
1972 SEED_set_key(key16, &seed_ks);
1974 #ifndef OPENSSL_NO_RC4
1976 RC4_set_key(&rc4_ks, 16, key16);
1978 #ifndef OPENSSL_NO_RC2
1979 if (doit[D_CBC_RC2])
1980 RC2_set_key(&rc2_ks, 16, key16, 128);
1982 #ifndef OPENSSL_NO_RC5
1983 if (doit[D_CBC_RC5])
1984 if (!RC5_32_set_key(&rc5_ks, 16, key16, 12)) {
1985 BIO_printf(bio_err, "Failed setting RC5 key\n");
1989 #if !defined(OPENSSL_NO_BF) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1991 BF_set_key(&bf_ks, 16, key16);
1993 #ifndef OPENSSL_NO_CAST
1994 if (doit[D_CBC_CAST])
1995 CAST_set_key(&cast_ks, 16, key16);
1998 # ifndef OPENSSL_NO_DES
1999 BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
2005 for (it = count; it; it--)
2006 DES_ecb_encrypt((DES_cblock *)loopargs[0].buf,
2007 (DES_cblock *)loopargs[0].buf, &sch, DES_ENCRYPT);
2010 c[D_MD2][0] = count / 10;
2011 c[D_MDC2][0] = count / 10;
2012 c[D_MD4][0] = count;
2013 c[D_MD5][0] = count;
2014 c[D_HMAC][0] = count;
2015 c[D_SHA1][0] = count;
2016 c[D_RMD160][0] = count;
2017 c[D_RC4][0] = count * 5;
2018 c[D_CBC_DES][0] = count;
2019 c[D_EDE3_DES][0] = count / 3;
2020 c[D_CBC_IDEA][0] = count;
2021 c[D_CBC_SEED][0] = count;
2022 c[D_CBC_RC2][0] = count;
2023 c[D_CBC_RC5][0] = count;
2024 c[D_CBC_BF][0] = count;
2025 c[D_CBC_CAST][0] = count;
2026 c[D_CBC_128_AES][0] = count;
2027 c[D_CBC_192_AES][0] = count;
2028 c[D_CBC_256_AES][0] = count;
2029 c[D_CBC_128_CML][0] = count;
2030 c[D_CBC_192_CML][0] = count;
2031 c[D_CBC_256_CML][0] = count;
2032 c[D_EVP][0] = count;
2033 c[D_SHA256][0] = count;
2034 c[D_SHA512][0] = count;
2035 c[D_WHIRLPOOL][0] = count;
2036 c[D_IGE_128_AES][0] = count;
2037 c[D_IGE_192_AES][0] = count;
2038 c[D_IGE_256_AES][0] = count;
2039 c[D_GHASH][0] = count;
2040 c[D_RAND][0] = count;
2041 c[D_EVP_HMAC][0] = count;
2042 c[D_EVP_CMAC][0] = count;
2044 for (i = 1; i < size_num; i++) {
2045 long l0 = (long)lengths[0];
2046 long l1 = (long)lengths[i];
2048 c[D_MD2][i] = c[D_MD2][0] * 4 * l0 / l1;
2049 c[D_MDC2][i] = c[D_MDC2][0] * 4 * l0 / l1;
2050 c[D_MD4][i] = c[D_MD4][0] * 4 * l0 / l1;
2051 c[D_MD5][i] = c[D_MD5][0] * 4 * l0 / l1;
2052 c[D_HMAC][i] = c[D_HMAC][0] * 4 * l0 / l1;
2053 c[D_SHA1][i] = c[D_SHA1][0] * 4 * l0 / l1;
2054 c[D_RMD160][i] = c[D_RMD160][0] * 4 * l0 / l1;
2055 c[D_EVP][i] = = c[D_EVP][0] * 4 * l0 / l1;
2056 c[D_SHA256][i] = c[D_SHA256][0] * 4 * l0 / l1;
2057 c[D_SHA512][i] = c[D_SHA512][0] * 4 * l0 / l1;
2058 c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * l0 / l1;
2059 c[D_GHASH][i] = c[D_GHASH][0] * 4 * l0 / l1;
2060 c[D_RAND][i] = c[D_RAND][0] * 4 * l0 / l1;
2061 c[D_EVP_HMAC][i] = = c[D_EVP_HMAC][0] * 4 * l0 / l1;
2062 c[D_EVP_CMAC][i] = = c[D_EVP_CMAC][0] * 4 * l0 / l1;
2064 l0 = (long)lengths[i - 1];
2066 c[D_RC4][i] = c[D_RC4][i - 1] * l0 / l1;
2067 c[D_CBC_DES][i] = c[D_CBC_DES][i - 1] * l0 / l1;
2068 c[D_EDE3_DES][i] = c[D_EDE3_DES][i - 1] * l0 / l1;
2069 c[D_CBC_IDEA][i] = c[D_CBC_IDEA][i - 1] * l0 / l1;
2070 c[D_CBC_SEED][i] = c[D_CBC_SEED][i - 1] * l0 / l1;
2071 c[D_CBC_RC2][i] = c[D_CBC_RC2][i - 1] * l0 / l1;
2072 c[D_CBC_RC5][i] = c[D_CBC_RC5][i - 1] * l0 / l1;
2073 c[D_CBC_BF][i] = c[D_CBC_BF][i - 1] * l0 / l1;
2074 c[D_CBC_CAST][i] = c[D_CBC_CAST][i - 1] * l0 / l1;
2075 c[D_CBC_128_AES][i] = c[D_CBC_128_AES][i - 1] * l0 / l1;
2076 c[D_CBC_192_AES][i] = c[D_CBC_192_AES][i - 1] * l0 / l1;
2077 c[D_CBC_256_AES][i] = c[D_CBC_256_AES][i - 1] * l0 / l1;
2078 c[D_CBC_128_CML][i] = c[D_CBC_128_CML][i - 1] * l0 / l1;
2079 c[D_CBC_192_CML][i] = c[D_CBC_192_CML][i - 1] * l0 / l1;
2080 c[D_CBC_256_CML][i] = c[D_CBC_256_CML][i - 1] * l0 / l1;
2081 c[D_IGE_128_AES][i] = c[D_IGE_128_AES][i - 1] * l0 / l1;
2082 c[D_IGE_192_AES][i] = c[D_IGE_192_AES][i - 1] * l0 / l1;
2083 c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
2086 # ifndef OPENSSL_NO_RSA
2087 rsa_c[R_RSA_512][0] = count / 2000;
2088 rsa_c[R_RSA_512][1] = count / 400;
2089 for (i = 1; i < RSA_NUM; i++) {
2090 rsa_c[i][0] = rsa_c[i - 1][0] / 8;
2091 rsa_c[i][1] = rsa_c[i - 1][1] / 4;
2092 if (rsa_doit[i] <= 1 && rsa_c[i][0] == 0)
2095 if (rsa_c[i][0] == 0) {
2096 rsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2103 # ifndef OPENSSL_NO_DSA
2104 dsa_c[R_DSA_512][0] = count / 1000;
2105 dsa_c[R_DSA_512][1] = count / 1000 / 2;
2106 for (i = 1; i < DSA_NUM; i++) {
2107 dsa_c[i][0] = dsa_c[i - 1][0] / 4;
2108 dsa_c[i][1] = dsa_c[i - 1][1] / 4;
2109 if (dsa_doit[i] <= 1 && dsa_c[i][0] == 0)
2112 if (dsa_c[i][0] == 0) {
2113 dsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2120 # ifndef OPENSSL_NO_EC
2121 ecdsa_c[R_EC_P160][0] = count / 1000;
2122 ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
2123 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2124 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2125 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2126 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2129 if (ecdsa_c[i][0] == 0) {
2135 # ifndef OPENSSL_NO_EC2M
2136 ecdsa_c[R_EC_K163][0] = count / 1000;
2137 ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
2138 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2139 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2140 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2141 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2144 if (ecdsa_c[i][0] == 0) {
2150 ecdsa_c[R_EC_B163][0] = count / 1000;
2151 ecdsa_c[R_EC_B163][1] = count / 1000 / 2;
2152 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2153 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2154 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2155 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2158 if (ecdsa_c[i][0] == 0) {
2166 ecdh_c[R_EC_P160][0] = count / 1000;
2167 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2168 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2169 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2172 if (ecdh_c[i][0] == 0) {
2177 # ifndef OPENSSL_NO_EC2M
2178 ecdh_c[R_EC_K163][0] = count / 1000;
2179 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2180 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2181 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2184 if (ecdh_c[i][0] == 0) {
2189 ecdh_c[R_EC_B163][0] = count / 1000;
2190 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2191 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2192 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2195 if (ecdh_c[i][0] == 0) {
2201 /* repeated code good to factorize */
2202 ecdh_c[R_EC_BRP256R1][0] = count / 1000;
2203 for (i = R_EC_BRP384R1; i <= R_EC_BRP512R1; i += 2) {
2204 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2205 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2208 if (ecdh_c[i][0] == 0) {
2213 ecdh_c[R_EC_BRP256T1][0] = count / 1000;
2214 for (i = R_EC_BRP384T1; i <= R_EC_BRP512T1; i += 2) {
2215 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2216 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2219 if (ecdh_c[i][0] == 0) {
2224 /* default iteration count for the last two EC Curves */
2225 ecdh_c[R_EC_X25519][0] = count / 1800;
2226 ecdh_c[R_EC_X448][0] = count / 7200;
2228 eddsa_c[R_EC_Ed25519][0] = count / 1800;
2229 eddsa_c[R_EC_Ed448][0] = count / 7200;
2231 # ifndef OPENSSL_NO_SM2
2232 sm2_c[R_EC_SM2P256][0] = count / 1800;
2234 # endif /* OPENSSL_NO_EC */
2237 /* not worth fixing */
2238 # error "You cannot disable DES on systems without SIGALRM."
2239 # endif /* OPENSSL_NO_DES */
2241 signal(SIGALRM, alarmed);
2242 #endif /* SIGALRM */
2244 #ifndef OPENSSL_NO_MD2
2246 for (testnum = 0; testnum < size_num; testnum++) {
2247 print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum],
2250 count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs);
2252 print_result(D_MD2, testnum, count, d);
2256 #ifndef OPENSSL_NO_MDC2
2258 for (testnum = 0; testnum < size_num; testnum++) {
2259 print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum],
2262 count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs);
2264 print_result(D_MDC2, testnum, count, d);
2271 #ifndef OPENSSL_NO_MD4
2273 for (testnum = 0; testnum < size_num; testnum++) {
2274 print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum],
2277 count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs);
2279 print_result(D_MD4, testnum, count, d);
2286 #ifndef OPENSSL_NO_MD5
2288 for (testnum = 0; testnum < size_num; testnum++) {
2289 print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum],
2292 count = run_benchmark(async_jobs, MD5_loop, loopargs);
2294 print_result(D_MD5, testnum, count, d);
2299 static const char hmac_key[] = "This is a key...";
2300 int len = strlen(hmac_key);
2302 for (i = 0; i < loopargs_len; i++) {
2303 loopargs[i].hctx = HMAC_CTX_new();
2304 if (loopargs[i].hctx == NULL) {
2305 BIO_printf(bio_err, "HMAC malloc failure, exiting...");
2309 HMAC_Init_ex(loopargs[i].hctx, hmac_key, len, EVP_md5(), NULL);
2311 for (testnum = 0; testnum < size_num; testnum++) {
2312 print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum],
2315 count = run_benchmark(async_jobs, HMAC_loop, loopargs);
2317 print_result(D_HMAC, testnum, count, d);
2319 for (i = 0; i < loopargs_len; i++)
2320 HMAC_CTX_free(loopargs[i].hctx);
2324 for (testnum = 0; testnum < size_num; testnum++) {
2325 print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum],
2328 count = run_benchmark(async_jobs, SHA1_loop, loopargs);
2330 print_result(D_SHA1, testnum, count, d);
2333 if (doit[D_SHA256]) {
2334 for (testnum = 0; testnum < size_num; testnum++) {
2335 print_message(names[D_SHA256], c[D_SHA256][testnum],
2336 lengths[testnum], seconds.sym);
2338 count = run_benchmark(async_jobs, SHA256_loop, loopargs);
2340 print_result(D_SHA256, testnum, count, d);
2343 if (doit[D_SHA512]) {
2344 for (testnum = 0; testnum < size_num; testnum++) {
2345 print_message(names[D_SHA512], c[D_SHA512][testnum],
2346 lengths[testnum], seconds.sym);
2348 count = run_benchmark(async_jobs, SHA512_loop, loopargs);
2350 print_result(D_SHA512, testnum, count, d);
2353 #ifndef OPENSSL_NO_WHIRLPOOL
2354 if (doit[D_WHIRLPOOL]) {
2355 for (testnum = 0; testnum < size_num; testnum++) {
2356 print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][testnum],
2357 lengths[testnum], seconds.sym);
2359 count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs);
2361 print_result(D_WHIRLPOOL, testnum, count, d);
2366 #ifndef OPENSSL_NO_RMD160
2367 if (doit[D_RMD160]) {
2368 for (testnum = 0; testnum < size_num; testnum++) {
2369 print_message(names[D_RMD160], c[D_RMD160][testnum],
2370 lengths[testnum], seconds.sym);
2372 count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs);
2374 print_result(D_RMD160, testnum, count, d);
2380 #ifndef OPENSSL_NO_RC4
2382 for (testnum = 0; testnum < size_num; testnum++) {
2383 print_message(names[D_RC4], c[D_RC4][testnum], lengths[testnum],
2386 count = run_benchmark(async_jobs, RC4_loop, loopargs);
2388 print_result(D_RC4, testnum, count, d);
2392 #ifndef OPENSSL_NO_DES
2393 if (doit[D_CBC_DES]) {
2394 for (testnum = 0; testnum < size_num; testnum++) {
2395 print_message(names[D_CBC_DES], c[D_CBC_DES][testnum],
2396 lengths[testnum], seconds.sym);
2398 count = run_benchmark(async_jobs, DES_ncbc_encrypt_loop, loopargs);
2400 print_result(D_CBC_DES, testnum, count, d);
2404 if (doit[D_EDE3_DES]) {
2405 for (testnum = 0; testnum < size_num; testnum++) {
2406 print_message(names[D_EDE3_DES], c[D_EDE3_DES][testnum],
2407 lengths[testnum], seconds.sym);
2410 run_benchmark(async_jobs, DES_ede3_cbc_encrypt_loop, loopargs);
2412 print_result(D_EDE3_DES, testnum, count, d);
2417 #ifndef OPENSSL_NO_DEPRECATED_3_0
2418 if (doit[D_CBC_128_AES]) {
2419 for (testnum = 0; testnum < size_num; testnum++) {
2420 print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][testnum],
2421 lengths[testnum], seconds.sym);
2424 run_benchmark(async_jobs, AES_cbc_128_encrypt_loop, loopargs);
2426 print_result(D_CBC_128_AES, testnum, count, d);
2429 if (doit[D_CBC_192_AES]) {
2430 for (testnum = 0; testnum < size_num; testnum++) {
2431 print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][testnum],
2432 lengths[testnum], seconds.sym);
2435 run_benchmark(async_jobs, AES_cbc_192_encrypt_loop, loopargs);
2437 print_result(D_CBC_192_AES, testnum, count, d);
2440 if (doit[D_CBC_256_AES]) {
2441 for (testnum = 0; testnum < size_num; testnum++) {
2442 print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][testnum],
2443 lengths[testnum], seconds.sym);
2446 run_benchmark(async_jobs, AES_cbc_256_encrypt_loop, loopargs);
2448 print_result(D_CBC_256_AES, testnum, count, d);
2453 if (doit[D_IGE_128_AES]) {
2454 for (testnum = 0; testnum < size_num; testnum++) {
2455 print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][testnum],
2456 lengths[testnum], seconds.sym);
2459 run_benchmark(async_jobs, AES_ige_128_encrypt_loop, loopargs);
2461 print_result(D_IGE_128_AES, testnum, count, d);
2464 if (doit[D_IGE_192_AES]) {
2465 for (testnum = 0; testnum < size_num; testnum++) {
2466 print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][testnum],
2467 lengths[testnum], seconds.sym);
2470 run_benchmark(async_jobs, AES_ige_192_encrypt_loop, loopargs);
2472 print_result(D_IGE_192_AES, testnum, count, d);
2475 if (doit[D_IGE_256_AES]) {
2476 for (testnum = 0; testnum < size_num; testnum++) {
2477 print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][testnum],
2478 lengths[testnum], seconds.sym);
2481 run_benchmark(async_jobs, AES_ige_256_encrypt_loop, loopargs);
2483 print_result(D_IGE_256_AES, testnum, count, d);
2486 if (doit[D_GHASH]) {
2487 for (i = 0; i < loopargs_len; i++) {
2488 loopargs[i].gcm_ctx =
2489 CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
2490 CRYPTO_gcm128_setiv(loopargs[i].gcm_ctx,
2491 (unsigned char *)"0123456789ab", 12);
2494 for (testnum = 0; testnum < size_num; testnum++) {
2495 print_message(names[D_GHASH], c[D_GHASH][testnum],
2496 lengths[testnum], seconds.sym);
2498 count = run_benchmark(async_jobs, CRYPTO_gcm128_aad_loop, loopargs);
2500 print_result(D_GHASH, testnum, count, d);
2502 for (i = 0; i < loopargs_len; i++)
2503 CRYPTO_gcm128_release(loopargs[i].gcm_ctx);
2505 #endif /* OPENSSL_NO_DEPRECATED_3_0 */
2506 #ifndef OPENSSL_NO_CAMELLIA
2507 if (doit[D_CBC_128_CML]) {
2508 if (async_jobs > 0) {
2509 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2510 names[D_CBC_128_CML]);
2511 doit[D_CBC_128_CML] = 0;
2513 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2514 print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][testnum],
2515 lengths[testnum], seconds.sym);
2517 for (count = 0; COND(c[D_CBC_128_CML][testnum]); count++)
2518 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2519 (size_t)lengths[testnum], &camellia_ks[0],
2520 iv, CAMELLIA_ENCRYPT);
2522 print_result(D_CBC_128_CML, testnum, count, d);
2525 if (doit[D_CBC_192_CML]) {
2526 if (async_jobs > 0) {
2527 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2528 names[D_CBC_192_CML]);
2529 doit[D_CBC_192_CML] = 0;
2531 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2532 print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][testnum],
2533 lengths[testnum], seconds.sym);
2534 if (async_jobs > 0) {
2535 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2539 for (count = 0; COND(c[D_CBC_192_CML][testnum]); count++)
2540 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2541 (size_t)lengths[testnum], &camellia_ks[1],
2542 iv, CAMELLIA_ENCRYPT);
2544 print_result(D_CBC_192_CML, testnum, count, d);
2547 if (doit[D_CBC_256_CML]) {
2548 if (async_jobs > 0) {
2549 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2550 names[D_CBC_256_CML]);
2551 doit[D_CBC_256_CML] = 0;
2553 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2554 print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][testnum],
2555 lengths[testnum], seconds.sym);
2557 for (count = 0; COND(c[D_CBC_256_CML][testnum]); count++)
2558 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2559 (size_t)lengths[testnum], &camellia_ks[2],
2560 iv, CAMELLIA_ENCRYPT);
2562 print_result(D_CBC_256_CML, testnum, count, d);
2566 #ifndef OPENSSL_NO_IDEA
2567 if (doit[D_CBC_IDEA]) {
2568 if (async_jobs > 0) {
2569 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2571 doit[D_CBC_IDEA] = 0;
2573 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2574 print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][testnum],
2575 lengths[testnum], seconds.sym);
2577 for (count = 0; COND(c[D_CBC_IDEA][testnum]); count++)
2578 IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2579 (size_t)lengths[testnum], &idea_ks,
2582 print_result(D_CBC_IDEA, testnum, count, d);
2586 #ifndef OPENSSL_NO_SEED
2587 if (doit[D_CBC_SEED]) {
2588 if (async_jobs > 0) {
2589 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2591 doit[D_CBC_SEED] = 0;
2593 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2594 print_message(names[D_CBC_SEED], c[D_CBC_SEED][testnum],
2595 lengths[testnum], seconds.sym);
2597 for (count = 0; COND(c[D_CBC_SEED][testnum]); count++)
2598 SEED_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2599 (size_t)lengths[testnum], &seed_ks, iv, 1);
2601 print_result(D_CBC_SEED, testnum, count, d);
2605 #ifndef OPENSSL_NO_RC2
2606 if (doit[D_CBC_RC2]) {
2607 if (async_jobs > 0) {
2608 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2610 doit[D_CBC_RC2] = 0;
2612 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2613 print_message(names[D_CBC_RC2], c[D_CBC_RC2][testnum],
2614 lengths[testnum], seconds.sym);
2615 if (async_jobs > 0) {
2616 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2620 for (count = 0; COND(c[D_CBC_RC2][testnum]); count++)
2621 RC2_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2622 (size_t)lengths[testnum], &rc2_ks,
2625 print_result(D_CBC_RC2, testnum, count, d);
2629 #ifndef OPENSSL_NO_RC5
2630 if (doit[D_CBC_RC5]) {
2631 if (async_jobs > 0) {
2632 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2634 doit[D_CBC_RC5] = 0;
2636 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2637 print_message(names[D_CBC_RC5], c[D_CBC_RC5][testnum],
2638 lengths[testnum], seconds.sym);
2639 if (async_jobs > 0) {
2640 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2644 for (count = 0; COND(c[D_CBC_RC5][testnum]); count++)
2645 RC5_32_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2646 (size_t)lengths[testnum], &rc5_ks,
2649 print_result(D_CBC_RC5, testnum, count, d);
2653 #if !defined(OPENSSL_NO_BF) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2654 if (doit[D_CBC_BF]) {
2655 if (async_jobs > 0) {
2656 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2660 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2661 print_message(names[D_CBC_BF], c[D_CBC_BF][testnum],
2662 lengths[testnum], seconds.sym);
2664 for (count = 0; COND(c[D_CBC_BF][testnum]); count++)
2665 BF_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2666 (size_t)lengths[testnum], &bf_ks,
2669 print_result(D_CBC_BF, testnum, count, d);
2673 #ifndef OPENSSL_NO_CAST
2674 if (doit[D_CBC_CAST]) {
2675 if (async_jobs > 0) {
2676 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2678 doit[D_CBC_CAST] = 0;
2680 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2681 print_message(names[D_CBC_CAST], c[D_CBC_CAST][testnum],
2682 lengths[testnum], seconds.sym);
2684 for (count = 0; COND(c[D_CBC_CAST][testnum]); count++)
2685 CAST_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2686 (size_t)lengths[testnum], &cast_ks,
2689 print_result(D_CBC_CAST, testnum, count, d);
2694 for (testnum = 0; testnum < size_num; testnum++) {
2695 print_message(names[D_RAND], c[D_RAND][testnum], lengths[testnum],
2698 count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs);
2700 print_result(D_RAND, testnum, count, d);
2705 if (evp_cipher != NULL) {
2706 int (*loopfunc) (void *) = EVP_Update_loop;
2708 if (multiblock && (EVP_CIPHER_flags(evp_cipher) &
2709 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
2710 multiblock_speed(evp_cipher, lengths_single, &seconds);
2715 names[D_EVP] = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
2717 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_CCM_MODE) {
2718 loopfunc = EVP_Update_loop_ccm;
2719 } else if (aead && (EVP_CIPHER_flags(evp_cipher) &
2720 EVP_CIPH_FLAG_AEAD_CIPHER)) {
2721 loopfunc = EVP_Update_loop_aead;
2722 if (lengths == lengths_list) {
2723 lengths = aead_lengths_list;
2724 size_num = OSSL_NELEM(aead_lengths_list);
2728 for (testnum = 0; testnum < size_num; testnum++) {
2729 print_message(names[D_EVP], c[D_EVP][testnum], lengths[testnum],
2732 for (k = 0; k < loopargs_len; k++) {
2733 loopargs[k].ctx = EVP_CIPHER_CTX_new();
2734 if (loopargs[k].ctx == NULL) {
2735 BIO_printf(bio_err, "\nEVP_CIPHER_CTX_new failure\n");
2738 if (!EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL,
2739 NULL, iv, decrypt ? 0 : 1)) {
2740 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2741 ERR_print_errors(bio_err);
2745 EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
2747 keylen = EVP_CIPHER_CTX_key_length(loopargs[k].ctx);
2748 loopargs[k].key = app_malloc(keylen, "evp_cipher key");
2749 EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key);
2750 if (!EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
2751 loopargs[k].key, NULL, -1)) {
2752 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2753 ERR_print_errors(bio_err);
2756 OPENSSL_clear_free(loopargs[k].key, keylen);
2758 /* SIV mode only allows for a single Update operation */
2759 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_SIV_MODE)
2760 EVP_CIPHER_CTX_ctrl(loopargs[k].ctx, EVP_CTRL_SET_SPEED, 1, NULL);
2764 count = run_benchmark(async_jobs, loopfunc, loopargs);
2766 for (k = 0; k < loopargs_len; k++) {
2767 EVP_CIPHER_CTX_free(loopargs[k].ctx);
2769 print_result(D_EVP, testnum, count, d);
2771 } else if (evp_md != NULL) {
2772 names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md));
2774 for (testnum = 0; testnum < size_num; testnum++) {
2775 print_message(names[D_EVP], c[D_EVP][testnum], lengths[testnum],
2778 count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs);
2780 print_result(D_EVP, testnum, count, d);
2785 if (doit[D_EVP_HMAC] && evp_hmac_md != NULL) {
2786 const char *md_name = OBJ_nid2ln(EVP_MD_type(evp_hmac_md));
2788 evp_hmac_name = app_malloc(sizeof("HMAC()") + strlen(md_name),
2790 sprintf(evp_hmac_name, "HMAC(%s)", md_name);
2791 names[D_EVP_HMAC] = evp_hmac_name;
2793 for (testnum = 0; testnum < size_num; testnum++) {
2794 print_message(names[D_EVP_HMAC], c[D_EVP_HMAC][testnum], lengths[testnum],
2797 count = run_benchmark(async_jobs, EVP_HMAC_loop, loopargs);
2799 print_result(D_EVP_HMAC, testnum, count, d);
2803 #ifndef OPENSSL_NO_CMAC
2804 if (doit[D_EVP_CMAC] && evp_cmac_cipher != NULL) {
2805 const char *cipher_name = OBJ_nid2ln(EVP_CIPHER_type(evp_cmac_cipher));
2807 evp_cmac_name = app_malloc(sizeof("CMAC()") + strlen(cipher_name),
2809 sprintf(evp_cmac_name, "CMAC(%s)", cipher_name);
2810 names[D_EVP_CMAC] = evp_cmac_name;
2812 for (i = 0; i < loopargs_len; i++) {
2813 loopargs[i].cmac_ctx = CMAC_CTX_new();
2814 if (loopargs[i].cmac_ctx == NULL) {
2815 BIO_printf(bio_err, "CMAC malloc failure, exiting...");
2819 for (testnum = 0; testnum < size_num; testnum++) {
2820 print_message(names[D_EVP_CMAC], c[D_EVP_CMAC][testnum], lengths[testnum],
2823 count = run_benchmark(async_jobs, EVP_CMAC_loop, loopargs);
2825 print_result(D_EVP_CMAC, testnum, count, d);
2827 for (i = 0; i < loopargs_len; i++)
2828 CMAC_CTX_free(loopargs[i].cmac_ctx);
2832 for (i = 0; i < loopargs_len; i++)
2833 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2836 #ifndef OPENSSL_NO_RSA
2837 for (testnum = 0; testnum < RSA_NUM; testnum++) {
2839 if (!rsa_doit[testnum])
2841 for (i = 0; i < loopargs_len; i++) {
2842 if (primes > RSA_DEFAULT_PRIME_NUM) {
2843 /* we haven't set keys yet, generate multi-prime RSA keys */
2844 BIGNUM *bn = BN_new();
2848 if (!BN_set_word(bn, RSA_F4)) {
2853 BIO_printf(bio_err, "Generate multi-prime RSA key for %s\n",
2854 rsa_choices[testnum].name);
2856 loopargs[i].rsa_key[testnum] = RSA_new();
2857 if (loopargs[i].rsa_key[testnum] == NULL) {
2862 if (!RSA_generate_multi_prime_key(loopargs[i].rsa_key[testnum],
2863 rsa_keys[testnum].bits,
2864 primes, bn, NULL)) {
2870 st = RSA_sign(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2871 &loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2877 "RSA sign failure. No RSA sign will be done.\n");
2878 ERR_print_errors(bio_err);
2881 pkey_print_message("private", "rsa",
2882 rsa_c[testnum][0], rsa_keys[testnum].bits,
2884 /* RSA_blinding_on(rsa_key[testnum],NULL); */
2886 count = run_benchmark(async_jobs, RSA_sign_loop, loopargs);
2889 mr ? "+R1:%ld:%d:%.2f\n"
2890 : "%ld %u bits private RSA's in %.2fs\n",
2891 count, rsa_keys[testnum].bits, d);
2892 rsa_results[testnum][0] = (double)count / d;
2896 for (i = 0; i < loopargs_len; i++) {
2897 st = RSA_verify(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2898 loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2904 "RSA verify failure. No RSA verify will be done.\n");
2905 ERR_print_errors(bio_err);
2906 rsa_doit[testnum] = 0;
2908 pkey_print_message("public", "rsa",
2909 rsa_c[testnum][1], rsa_keys[testnum].bits,
2912 count = run_benchmark(async_jobs, RSA_verify_loop, loopargs);
2915 mr ? "+R2:%ld:%d:%.2f\n"
2916 : "%ld %u bits public RSA's in %.2fs\n",
2917 count, rsa_keys[testnum].bits, d);
2918 rsa_results[testnum][1] = (double)count / d;
2921 if (rsa_count <= 1) {
2922 /* if longer than 10s, don't do any more */
2923 stop_it(rsa_doit, testnum);
2926 #endif /* OPENSSL_NO_RSA */
2928 for (i = 0; i < loopargs_len; i++)
2929 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2932 #ifndef OPENSSL_NO_DSA
2933 for (testnum = 0; testnum < DSA_NUM; testnum++) {
2935 if (!dsa_doit[testnum])
2938 /* DSA_generate_key(dsa_key[testnum]); */
2939 /* DSA_sign_setup(dsa_key[testnum],NULL); */
2940 for (i = 0; i < loopargs_len; i++) {
2941 st = DSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
2942 &loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2948 "DSA sign failure. No DSA sign will be done.\n");
2949 ERR_print_errors(bio_err);
2952 pkey_print_message("sign", "dsa",
2953 dsa_c[testnum][0], dsa_bits[testnum],
2956 count = run_benchmark(async_jobs, DSA_sign_loop, loopargs);
2959 mr ? "+R3:%ld:%u:%.2f\n"
2960 : "%ld %u bits DSA signs in %.2fs\n",
2961 count, dsa_bits[testnum], d);
2962 dsa_results[testnum][0] = (double)count / d;
2966 for (i = 0; i < loopargs_len; i++) {
2967 st = DSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
2968 loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2974 "DSA verify failure. No DSA verify will be done.\n");
2975 ERR_print_errors(bio_err);
2976 dsa_doit[testnum] = 0;
2978 pkey_print_message("verify", "dsa",
2979 dsa_c[testnum][1], dsa_bits[testnum],
2982 count = run_benchmark(async_jobs, DSA_verify_loop, loopargs);
2985 mr ? "+R4:%ld:%u:%.2f\n"
2986 : "%ld %u bits DSA verify in %.2fs\n",
2987 count, dsa_bits[testnum], d);
2988 dsa_results[testnum][1] = (double)count / d;
2991 if (rsa_count <= 1) {
2992 /* if longer than 10s, don't do any more */
2993 stop_it(dsa_doit, testnum);
2996 #endif /* OPENSSL_NO_DSA */
2998 #ifndef OPENSSL_NO_EC
2999 for (testnum = 0; testnum < ECDSA_NUM; testnum++) {
3002 if (!ecdsa_doit[testnum])
3003 continue; /* Ignore Curve */
3004 for (i = 0; i < loopargs_len; i++) {
3005 loopargs[i].ecdsa[testnum] =
3006 EC_KEY_new_by_curve_name(ec_curves[testnum].nid);
3007 if (loopargs[i].ecdsa[testnum] == NULL) {
3013 BIO_printf(bio_err, "ECDSA failure.\n");
3014 ERR_print_errors(bio_err);
3017 for (i = 0; i < loopargs_len; i++) {
3018 EC_KEY_precompute_mult(loopargs[i].ecdsa[testnum], NULL);
3019 /* Perform ECDSA signature test */
3020 EC_KEY_generate_key(loopargs[i].ecdsa[testnum]);
3021 st = ECDSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
3022 &loopargs[i].siglen,
3023 loopargs[i].ecdsa[testnum]);
3029 "ECDSA sign failure. No ECDSA sign will be done.\n");
3030 ERR_print_errors(bio_err);
3033 pkey_print_message("sign", "ecdsa",
3034 ecdsa_c[testnum][0],
3035 ec_curves[testnum].bits, seconds.ecdsa);
3037 count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs);
3041 mr ? "+R5:%ld:%u:%.2f\n" :
3042 "%ld %u bits ECDSA signs in %.2fs \n",
3043 count, ec_curves[testnum].bits, d);
3044 ecdsa_results[testnum][0] = (double)count / d;
3048 /* Perform ECDSA verification test */
3049 for (i = 0; i < loopargs_len; i++) {
3050 st = ECDSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
3052 loopargs[i].ecdsa[testnum]);
3058 "ECDSA verify failure. No ECDSA verify will be done.\n");
3059 ERR_print_errors(bio_err);
3060 ecdsa_doit[testnum] = 0;
3062 pkey_print_message("verify", "ecdsa",
3063 ecdsa_c[testnum][1],
3064 ec_curves[testnum].bits, seconds.ecdsa);
3066 count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs);
3069 mr ? "+R6:%ld:%u:%.2f\n"
3070 : "%ld %u bits ECDSA verify in %.2fs\n",
3071 count, ec_curves[testnum].bits, d);
3072 ecdsa_results[testnum][1] = (double)count / d;
3075 if (rsa_count <= 1) {
3076 /* if longer than 10s, don't do any more */
3077 stop_it(ecdsa_doit, testnum);
3082 for (testnum = 0; testnum < EC_NUM; testnum++) {
3083 int ecdh_checks = 1;
3085 if (!ecdh_doit[testnum])
3088 for (i = 0; i < loopargs_len; i++) {
3089 EVP_PKEY_CTX *kctx = NULL;
3090 EVP_PKEY_CTX *test_ctx = NULL;
3091 EVP_PKEY_CTX *ctx = NULL;
3092 EVP_PKEY *key_A = NULL;
3093 EVP_PKEY *key_B = NULL;
3097 /* Ensure that the error queue is empty */
3098 if (ERR_peek_error()) {
3100 "WARNING: the error queue contains previous unhandled errors.\n");
3101 ERR_print_errors(bio_err);
3104 /* Let's try to create a ctx directly from the NID: this works for
3105 * curves like Curve25519 that are not implemented through the low
3106 * level EC interface.
3107 * If this fails we try creating a EVP_PKEY_EC generic param ctx,
3108 * then we set the curve by NID before deriving the actual keygen
3109 * ctx for that specific curve. */
3110 kctx = EVP_PKEY_CTX_new_id(ec_curves[testnum].nid, NULL); /* keygen ctx from NID */
3112 EVP_PKEY_CTX *pctx = NULL;
3113 EVP_PKEY *params = NULL;
3115 /* If we reach this code EVP_PKEY_CTX_new_id() failed and a
3116 * "int_ctx_new:unsupported algorithm" error was added to the
3118 * We remove it from the error queue as we are handling it. */
3119 unsigned long error = ERR_peek_error(); /* peek the latest error in the queue */
3120 if (error == ERR_peek_last_error() && /* oldest and latest errors match */
3121 /* check that the error origin matches */
3122 ERR_GET_LIB(error) == ERR_LIB_EVP &&
3123 ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM)
3124 ERR_get_error(); /* pop error from queue */
3125 if (ERR_peek_error()) {
3127 "Unhandled error in the error queue during ECDH init.\n");
3128 ERR_print_errors(bio_err);
3133 /* Create the context for parameter generation */
3134 if (!(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) ||
3135 /* Initialise the parameter generation */
3136 !EVP_PKEY_paramgen_init(pctx) ||
3137 /* Set the curve by NID */
3138 !EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3141 /* Create the parameter object params */
3142 !EVP_PKEY_paramgen(pctx, ¶ms)) {
3144 BIO_printf(bio_err, "ECDH EC params init failure.\n");
3145 ERR_print_errors(bio_err);
3149 /* Create the context for the key generation */
3150 kctx = EVP_PKEY_CTX_new(params, NULL);
3152 EVP_PKEY_free(params);
3154 EVP_PKEY_CTX_free(pctx);
3157 if (kctx == NULL || /* keygen ctx is not null */
3158 EVP_PKEY_keygen_init(kctx) <= 0/* init keygen ctx */ ) {
3160 BIO_printf(bio_err, "ECDH keygen failure.\n");
3161 ERR_print_errors(bio_err);
3166 if (EVP_PKEY_keygen(kctx, &key_A) <= 0 || /* generate secret key A */
3167 EVP_PKEY_keygen(kctx, &key_B) <= 0 || /* generate secret key B */
3168 !(ctx = EVP_PKEY_CTX_new(key_A, NULL)) || /* derivation ctx from skeyA */
3169 EVP_PKEY_derive_init(ctx) <= 0 || /* init derivation ctx */
3170 EVP_PKEY_derive_set_peer(ctx, key_B) <= 0 || /* set peer pubkey in ctx */
3171 EVP_PKEY_derive(ctx, NULL, &outlen) <= 0 || /* determine max length */
3172 outlen == 0 || /* ensure outlen is a valid size */
3173 outlen > MAX_ECDH_SIZE /* avoid buffer overflow */ ) {
3175 BIO_printf(bio_err, "ECDH key generation failure.\n");
3176 ERR_print_errors(bio_err);
3181 /* Here we perform a test run, comparing the output of a*B and b*A;
3182 * we try this here and assume that further EVP_PKEY_derive calls
3183 * never fail, so we can skip checks in the actually benchmarked
3184 * code, for maximum performance. */
3185 if (!(test_ctx = EVP_PKEY_CTX_new(key_B, NULL)) || /* test ctx from skeyB */
3186 !EVP_PKEY_derive_init(test_ctx) || /* init derivation test_ctx */
3187 !EVP_PKEY_derive_set_peer(test_ctx, key_A) || /* set peer pubkey in test_ctx */
3188 !EVP_PKEY_derive(test_ctx, NULL, &test_outlen) || /* determine max length */
3189 !EVP_PKEY_derive(ctx, loopargs[i].secret_a, &outlen) || /* compute a*B */
3190 !EVP_PKEY_derive(test_ctx, loopargs[i].secret_b, &test_outlen) || /* compute b*A */
3191 test_outlen != outlen /* compare output length */ ) {
3193 BIO_printf(bio_err, "ECDH computation failure.\n");
3194 ERR_print_errors(bio_err);
3199 /* Compare the computation results: CRYPTO_memcmp() returns 0 if equal */
3200 if (CRYPTO_memcmp(loopargs[i].secret_a,
3201 loopargs[i].secret_b, outlen)) {
3203 BIO_printf(bio_err, "ECDH computations don't match.\n");
3204 ERR_print_errors(bio_err);
3209 loopargs[i].ecdh_ctx[testnum] = ctx;
3210 loopargs[i].outlen[testnum] = outlen;
3212 EVP_PKEY_free(key_A);
3213 EVP_PKEY_free(key_B);
3214 EVP_PKEY_CTX_free(kctx);
3216 EVP_PKEY_CTX_free(test_ctx);
3219 if (ecdh_checks != 0) {
3220 pkey_print_message("", "ecdh",
3222 ec_curves[testnum].bits, seconds.ecdh);
3225 run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs);
3228 mr ? "+R7:%ld:%d:%.2f\n" :
3229 "%ld %u-bits ECDH ops in %.2fs\n", count,
3230 ec_curves[testnum].bits, d);
3231 ecdh_results[testnum][0] = (double)count / d;
3235 if (rsa_count <= 1) {
3236 /* if longer than 10s, don't do any more */
3237 stop_it(ecdh_doit, testnum);
3241 for (testnum = 0; testnum < EdDSA_NUM; testnum++) {
3243 EVP_PKEY *ed_pkey = NULL;
3244 EVP_PKEY_CTX *ed_pctx = NULL;
3246 if (!eddsa_doit[testnum])
3247 continue; /* Ignore Curve */
3248 for (i = 0; i < loopargs_len; i++) {
3249 loopargs[i].eddsa_ctx[testnum] = EVP_MD_CTX_new();
3250 if (loopargs[i].eddsa_ctx[testnum] == NULL) {
3255 if ((ed_pctx = EVP_PKEY_CTX_new_id(ed_curves[testnum].nid, NULL))
3257 || EVP_PKEY_keygen_init(ed_pctx) <= 0
3258 || EVP_PKEY_keygen(ed_pctx, &ed_pkey) <= 0) {
3260 EVP_PKEY_CTX_free(ed_pctx);
3263 EVP_PKEY_CTX_free(ed_pctx);
3265 if (!EVP_DigestSignInit(loopargs[i].eddsa_ctx[testnum], NULL, NULL,
3268 EVP_PKEY_free(ed_pkey);
3271 EVP_PKEY_free(ed_pkey);
3274 BIO_printf(bio_err, "EdDSA failure.\n");
3275 ERR_print_errors(bio_err);
3278 for (i = 0; i < loopargs_len; i++) {
3279 /* Perform EdDSA signature test */
3280 loopargs[i].sigsize = ed_curves[testnum].sigsize;
3281 st = EVP_DigestSign(loopargs[i].eddsa_ctx[testnum],
3282 loopargs[i].buf2, &loopargs[i].sigsize,
3283 loopargs[i].buf, 20);
3289 "EdDSA sign failure. No EdDSA sign will be done.\n");
3290 ERR_print_errors(bio_err);
3293 pkey_print_message("sign", ed_curves[testnum].name,
3294 eddsa_c[testnum][0],
3295 ed_curves[testnum].bits, seconds.eddsa);
3297 count = run_benchmark(async_jobs, EdDSA_sign_loop, loopargs);
3301 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3302 "%ld %u bits %s signs in %.2fs \n",
3303 count, ed_curves[testnum].bits,
3304 ed_curves[testnum].name, d);
3305 eddsa_results[testnum][0] = (double)count / d;
3309 /* Perform EdDSA verification test */
3310 for (i = 0; i < loopargs_len; i++) {
3311 st = EVP_DigestVerify(loopargs[i].eddsa_ctx[testnum],
3312 loopargs[i].buf2, loopargs[i].sigsize,
3313 loopargs[i].buf, 20);
3319 "EdDSA verify failure. No EdDSA verify will be done.\n");
3320 ERR_print_errors(bio_err);
3321 eddsa_doit[testnum] = 0;
3323 pkey_print_message("verify", ed_curves[testnum].name,
3324 eddsa_c[testnum][1],
3325 ed_curves[testnum].bits, seconds.eddsa);
3327 count = run_benchmark(async_jobs, EdDSA_verify_loop, loopargs);
3330 mr ? "+R9:%ld:%u:%s:%.2f\n"
3331 : "%ld %u bits %s verify in %.2fs\n",
3332 count, ed_curves[testnum].bits,
3333 ed_curves[testnum].name, d);
3334 eddsa_results[testnum][1] = (double)count / d;
3337 if (rsa_count <= 1) {
3338 /* if longer than 10s, don't do any more */
3339 stop_it(eddsa_doit, testnum);
3344 # ifndef OPENSSL_NO_SM2
3345 for (testnum = 0; testnum < SM2_NUM; testnum++) {
3347 EVP_PKEY *sm2_pkey = NULL;
3349 if (!sm2_doit[testnum])
3350 continue; /* Ignore Curve */
3351 /* Init signing and verification */
3352 for (i = 0; i < loopargs_len; i++) {
3353 EVP_PKEY_CTX *sm2_pctx = NULL;
3354 EVP_PKEY_CTX *sm2_vfy_pctx = NULL;
3355 EVP_PKEY_CTX *pctx = NULL;
3358 loopargs[i].sm2_ctx[testnum] = EVP_MD_CTX_new();
3359 loopargs[i].sm2_vfy_ctx[testnum] = EVP_MD_CTX_new();
3360 if (loopargs[i].sm2_ctx[testnum] == NULL
3361 || loopargs[i].sm2_vfy_ctx[testnum] == NULL)
3364 /* SM2 keys are generated as normal EC keys with a special curve */
3365 st = !((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) == NULL
3366 || EVP_PKEY_keygen_init(pctx) <= 0
3367 || EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3368 sm2_curves[testnum].nid) <= 0
3369 || EVP_PKEY_keygen(pctx, &sm2_pkey) <= 0);
3370 EVP_PKEY_CTX_free(pctx);
3374 st = 0; /* set back to zero */
3375 /* attach it sooner to rely on main final cleanup */
3376 loopargs[i].sm2_pkey[testnum] = sm2_pkey;
3377 loopargs[i].sigsize = ECDSA_size(EVP_PKEY_get0_EC_KEY(sm2_pkey));
3378 if (!EVP_PKEY_set_alias_type(sm2_pkey, EVP_PKEY_SM2))
3381 sm2_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3382 sm2_vfy_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3383 if (sm2_pctx == NULL || sm2_vfy_pctx == NULL) {
3384 EVP_PKEY_CTX_free(sm2_vfy_pctx);
3387 /* attach them directly to respective ctx */
3388 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_ctx[testnum], sm2_pctx);
3389 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_vfy_ctx[testnum], sm2_vfy_pctx);
3392 * No need to allow user to set an explicit ID here, just use
3393 * the one defined in the 'draft-yang-tls-tl13-sm-suites' I-D.
3395 if (EVP_PKEY_CTX_set1_id(sm2_pctx, SM2_ID, SM2_ID_LEN) != 1
3396 || EVP_PKEY_CTX_set1_id(sm2_vfy_pctx, SM2_ID, SM2_ID_LEN) != 1)
3399 if (!EVP_DigestSignInit(loopargs[i].sm2_ctx[testnum], NULL,
3400 EVP_sm3(), NULL, sm2_pkey))
3402 if (!EVP_DigestVerifyInit(loopargs[i].sm2_vfy_ctx[testnum], NULL,
3403 EVP_sm3(), NULL, sm2_pkey))
3405 st = 1; /* mark loop as succeeded */
3408 BIO_printf(bio_err, "SM2 init failure.\n");
3409 ERR_print_errors(bio_err);
3412 for (i = 0; i < loopargs_len; i++) {
3413 size_t sm2_sigsize = loopargs[i].sigsize;
3415 /* Perform SM2 signature test */
3416 st = EVP_DigestSign(loopargs[i].sm2_ctx[testnum],
3417 loopargs[i].buf2, &sm2_sigsize,
3418 loopargs[i].buf, 20);
3424 "SM2 sign failure. No SM2 sign will be done.\n");
3425 ERR_print_errors(bio_err);
3428 pkey_print_message("sign", sm2_curves[testnum].name,
3430 sm2_curves[testnum].bits, seconds.sm2);
3432 count = run_benchmark(async_jobs, SM2_sign_loop, loopargs);
3436 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3437 "%ld %u bits %s signs in %.2fs \n",
3438 count, sm2_curves[testnum].bits,
3439 sm2_curves[testnum].name, d);
3440 sm2_results[testnum][0] = (double)count / d;
3444 /* Perform SM2 verification test */
3445 for (i = 0; i < loopargs_len; i++) {
3446 st = EVP_DigestVerify(loopargs[i].sm2_vfy_ctx[testnum],
3447 loopargs[i].buf2, loopargs[i].sigsize,
3448 loopargs[i].buf, 20);
3454 "SM2 verify failure. No SM2 verify will be done.\n");
3455 ERR_print_errors(bio_err);
3456 sm2_doit[testnum] = 0;
3458 pkey_print_message("verify", sm2_curves[testnum].name,
3460 sm2_curves[testnum].bits, seconds.sm2);
3462 count = run_benchmark(async_jobs, SM2_verify_loop, loopargs);
3465 mr ? "+R9:%ld:%u:%s:%.2f\n"
3466 : "%ld %u bits %s verify in %.2fs\n",
3467 count, sm2_curves[testnum].bits,
3468 sm2_curves[testnum].name, d);
3469 sm2_results[testnum][1] = (double)count / d;
3472 if (rsa_count <= 1) {
3473 /* if longer than 10s, don't do any more */
3474 for (testnum++; testnum < SM2_NUM; testnum++)
3475 sm2_doit[testnum] = 0;
3479 # endif /* OPENSSL_NO_SM2 */
3481 #endif /* OPENSSL_NO_EC */
3486 printf("version: %s\n", OpenSSL_version(OPENSSL_FULL_VERSION_STRING));
3487 printf("built on: %s\n", OpenSSL_version(OPENSSL_BUILT_ON));
3489 printf("%s ", BN_options());
3490 #ifndef OPENSSL_NO_MD2
3491 printf("%s ", MD2_options());
3493 #ifndef OPENSSL_NO_RC4
3494 printf("%s ", RC4_options());
3496 #ifndef OPENSSL_NO_DES
3497 printf("%s ", DES_options());
3499 #ifndef OPENSSL_NO_DEPRECATED_3_0
3500 printf("%s ", AES_options());
3502 #ifndef OPENSSL_NO_IDEA
3503 printf("%s ", IDEA_options());
3505 #if !defined(OPENSSL_NO_BF) && !defined(OPENSSL_NO_DEPRECATED_3_0)
3506 printf("%s ", BF_options());
3508 printf("\n%s\n", OpenSSL_version(OPENSSL_CFLAGS));
3509 printf("%s\n", OpenSSL_version(OPENSSL_CPU_INFO));
3517 ("The 'numbers' are in 1000s of bytes per second processed.\n");
3520 for (testnum = 0; testnum < size_num; testnum++)
3521 printf(mr ? ":%d" : "%7d bytes", lengths[testnum]);
3525 for (k = 0; k < ALGOR_NUM; k++) {
3529 printf("+F:%u:%s", k, names[k]);
3531 printf("%-13s", names[k]);
3532 for (testnum = 0; testnum < size_num; testnum++) {
3533 if (results[k][testnum] > 10000 && !mr)
3534 printf(" %11.2fk", results[k][testnum] / 1e3);
3536 printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]);
3540 #ifndef OPENSSL_NO_RSA
3542 for (k = 0; k < RSA_NUM; k++) {
3545 if (testnum && !mr) {
3546 printf("%18ssign verify sign/s verify/s\n", " ");
3550 printf("+F2:%u:%u:%f:%f\n",
3551 k, rsa_keys[k].bits, rsa_results[k][0], rsa_results[k][1]);
3553 printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3554 rsa_keys[k].bits, 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1],
3555 rsa_results[k][0], rsa_results[k][1]);
3558 #ifndef OPENSSL_NO_DSA
3560 for (k = 0; k < DSA_NUM; k++) {
3563 if (testnum && !mr) {
3564 printf("%18ssign verify sign/s verify/s\n", " ");
3568 printf("+F3:%u:%u:%f:%f\n",
3569 k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
3571 printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3572 dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1],
3573 dsa_results[k][0], dsa_results[k][1]);
3576 #ifndef OPENSSL_NO_EC
3578 for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) {
3581 if (testnum && !mr) {
3582 printf("%30ssign verify sign/s verify/s\n", " ");
3587 printf("+F4:%u:%u:%f:%f\n",
3588 k, ec_curves[k].bits,
3589 ecdsa_results[k][0], ecdsa_results[k][1]);
3591 printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3592 ec_curves[k].bits, ec_curves[k].name,
3593 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1],
3594 ecdsa_results[k][0], ecdsa_results[k][1]);
3598 for (k = 0; k < EC_NUM; k++) {
3601 if (testnum && !mr) {
3602 printf("%30sop op/s\n", " ");
3606 printf("+F5:%u:%u:%f:%f\n",
3607 k, ec_curves[k].bits,
3608 ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
3611 printf("%4u bits ecdh (%s) %8.4fs %8.1f\n",
3612 ec_curves[k].bits, ec_curves[k].name,
3613 1.0 / ecdh_results[k][0], ecdh_results[k][0]);
3617 for (k = 0; k < OSSL_NELEM(eddsa_doit); k++) {
3620 if (testnum && !mr) {
3621 printf("%30ssign verify sign/s verify/s\n", " ");
3626 printf("+F6:%u:%u:%s:%f:%f\n",
3627 k, ed_curves[k].bits, ed_curves[k].name,
3628 eddsa_results[k][0], eddsa_results[k][1]);
3630 printf("%4u bits EdDSA (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3631 ed_curves[k].bits, ed_curves[k].name,
3632 1.0 / eddsa_results[k][0], 1.0 / eddsa_results[k][1],
3633 eddsa_results[k][0], eddsa_results[k][1]);
3636 # ifndef OPENSSL_NO_SM2
3638 for (k = 0; k < OSSL_NELEM(sm2_doit); k++) {
3641 if (testnum && !mr) {
3642 printf("%30ssign verify sign/s verify/s\n", " ");
3647 printf("+F6:%u:%u:%s:%f:%f\n",
3648 k, sm2_curves[k].bits, sm2_curves[k].name,
3649 sm2_results[k][0], sm2_results[k][1]);
3651 printf("%4u bits SM2 (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3652 sm2_curves[k].bits, sm2_curves[k].name,
3653 1.0 / sm2_results[k][0], 1.0 / sm2_results[k][1],
3654 sm2_results[k][0], sm2_results[k][1]);
3657 #endif /* OPENSSL_NO_EC */
3662 ERR_print_errors(bio_err);
3663 for (i = 0; i < loopargs_len; i++) {
3664 OPENSSL_free(loopargs[i].buf_malloc);
3665 OPENSSL_free(loopargs[i].buf2_malloc);
3667 #ifndef OPENSSL_NO_RSA
3668 for (k = 0; k < RSA_NUM; k++)
3669 RSA_free(loopargs[i].rsa_key[k]);
3671 #ifndef OPENSSL_NO_DSA
3672 for (k = 0; k < DSA_NUM; k++)
3673 DSA_free(loopargs[i].dsa_key[k]);
3675 #ifndef OPENSSL_NO_EC
3676 for (k = 0; k < ECDSA_NUM; k++)
3677 EC_KEY_free(loopargs[i].ecdsa[k]);
3678 for (k = 0; k < EC_NUM; k++)
3679 EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]);
3680 for (k = 0; k < EdDSA_NUM; k++)
3681 EVP_MD_CTX_free(loopargs[i].eddsa_ctx[k]);
3682 # ifndef OPENSSL_NO_SM2
3683 for (k = 0; k < SM2_NUM; k++) {
3684 EVP_PKEY_CTX *pctx = NULL;
3686 /* free signing ctx */
3687 if (loopargs[i].sm2_ctx[k] != NULL
3688 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_ctx[k])) != NULL)
3689 EVP_PKEY_CTX_free(pctx);
3690 EVP_MD_CTX_free(loopargs[i].sm2_ctx[k]);
3691 /* free verification ctx */
3692 if (loopargs[i].sm2_vfy_ctx[k] != NULL
3693 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_vfy_ctx[k])) != NULL)
3694 EVP_PKEY_CTX_free(pctx);
3695 EVP_MD_CTX_free(loopargs[i].sm2_vfy_ctx[k]);
3697 EVP_PKEY_free(loopargs[i].sm2_pkey[k]);
3700 OPENSSL_free(loopargs[i].secret_a);
3701 OPENSSL_free(loopargs[i].secret_b);
3704 OPENSSL_free(evp_hmac_name);
3705 #ifndef OPENSSL_NO_CMAC
3706 OPENSSL_free(evp_cmac_name);
3709 if (async_jobs > 0) {
3710 for (i = 0; i < loopargs_len; i++)
3711 ASYNC_WAIT_CTX_free(loopargs[i].wait_ctx);
3715 ASYNC_cleanup_thread();
3717 OPENSSL_free(loopargs);
3722 static void print_message(const char *s, long num, int length, int tm)
3726 mr ? "+DT:%s:%d:%d\n"
3727 : "Doing %s for %ds on %d size blocks: ", s, tm, length);
3728 (void)BIO_flush(bio_err);
3733 mr ? "+DN:%s:%ld:%d\n"
3734 : "Doing %s %ld times on %d size blocks: ", s, num, length);
3735 (void)BIO_flush(bio_err);
3739 static void pkey_print_message(const char *str, const char *str2, long num,
3740 unsigned int bits, int tm)
3744 mr ? "+DTP:%d:%s:%s:%d\n"
3745 : "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm);
3746 (void)BIO_flush(bio_err);
3751 mr ? "+DNP:%ld:%d:%s:%s\n"
3752 : "Doing %ld %u bits %s %s's: ", num, bits, str, str2);
3753 (void)BIO_flush(bio_err);
3757 static void print_result(int alg, int run_no, int count, double time_used)
3760 BIO_printf(bio_err, "%s error!\n", names[alg]);
3761 ERR_print_errors(bio_err);
3762 /* exit(1); disable exit until default provider enabled */
3766 mr ? "+R:%d:%s:%f\n"
3767 : "%d %s's in %.2fs\n", count, names[alg], time_used);
3768 results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
3772 static char *sstrsep(char **string, const char *delim)
3775 char *token = *string;
3780 memset(isdelim, 0, sizeof(isdelim));
3784 isdelim[(unsigned char)(*delim)] = 1;
3788 while (!isdelim[(unsigned char)(**string)]) {
3800 static int do_multi(int multi, int size_num)
3805 static char sep[] = ":";
3807 fds = app_malloc(sizeof(*fds) * multi, "fd buffer for do_multi");
3808 for (n = 0; n < multi; ++n) {
3809 if (pipe(fd) == -1) {
3810 BIO_printf(bio_err, "pipe failure\n");
3814 (void)BIO_flush(bio_err);
3821 if (dup(fd[1]) == -1) {
3822 BIO_printf(bio_err, "dup failed\n");
3831 printf("Forked child %d\n", n);
3834 /* for now, assume the pipe is long enough to take all the output */
3835 for (n = 0; n < multi; ++n) {
3840 f = fdopen(fds[n], "r");
3841 while (fgets(buf, sizeof(buf), f)) {
3842 p = strchr(buf, '\n');
3845 if (buf[0] != '+') {
3847 "Don't understand line '%s' from child %d\n", buf,
3851 printf("Got: %s from %d\n", buf, n);
3852 if (strncmp(buf, "+F:", 3) == 0) {
3857 alg = atoi(sstrsep(&p, sep));
3859 for (j = 0; j < size_num; ++j)
3860 results[alg][j] += atof(sstrsep(&p, sep));
3861 } else if (strncmp(buf, "+F2:", 4) == 0) {
3866 k = atoi(sstrsep(&p, sep));
3869 d = atof(sstrsep(&p, sep));
3870 rsa_results[k][0] += d;
3872 d = atof(sstrsep(&p, sep));
3873 rsa_results[k][1] += d;
3875 # ifndef OPENSSL_NO_DSA
3876 else if (strncmp(buf, "+F3:", 4) == 0) {
3881 k = atoi(sstrsep(&p, sep));
3884 d = atof(sstrsep(&p, sep));
3885 dsa_results[k][0] += d;
3887 d = atof(sstrsep(&p, sep));
3888 dsa_results[k][1] += d;
3891 # ifndef OPENSSL_NO_EC
3892 else if (strncmp(buf, "+F4:", 4) == 0) {
3897 k = atoi(sstrsep(&p, sep));
3900 d = atof(sstrsep(&p, sep));
3901 ecdsa_results[k][0] += d;
3903 d = atof(sstrsep(&p, sep));
3904 ecdsa_results[k][1] += d;
3905 } else if (strncmp(buf, "+F5:", 4) == 0) {
3910 k = atoi(sstrsep(&p, sep));
3913 d = atof(sstrsep(&p, sep));
3914 ecdh_results[k][0] += d;
3915 } else if (strncmp(buf, "+F6:", 4) == 0) {
3920 k = atoi(sstrsep(&p, sep));
3924 d = atof(sstrsep(&p, sep));
3925 eddsa_results[k][0] += d;
3927 d = atof(sstrsep(&p, sep));
3928 eddsa_results[k][1] += d;
3930 # ifndef OPENSSL_NO_SM2
3931 else if (strncmp(buf, "+F7:", 4) == 0) {
3936 k = atoi(sstrsep(&p, sep));
3939 d = atof(sstrsep(&p, sep));
3940 sm2_results[k][0] += d;
3942 d = atof(sstrsep(&p, sep));
3943 sm2_results[k][1] += d;
3945 # endif /* OPENSSL_NO_SM2 */
3948 else if (strncmp(buf, "+H:", 3) == 0) {
3951 BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf,
3962 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
3963 const openssl_speed_sec_t *seconds)
3965 static const int mblengths_list[] =
3966 { 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 };
3967 const int *mblengths = mblengths_list;
3968 int j, count, keylen, num = OSSL_NELEM(mblengths_list);
3969 const char *alg_name;
3970 unsigned char *inp, *out, *key, no_key[32], no_iv[16];
3971 EVP_CIPHER_CTX *ctx;
3974 if (lengths_single) {
3975 mblengths = &lengths_single;
3979 inp = app_malloc(mblengths[num - 1], "multiblock input buffer");
3980 out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer");
3981 ctx = EVP_CIPHER_CTX_new();
3982 EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv);
3984 keylen = EVP_CIPHER_CTX_key_length(ctx);
3985 key = app_malloc(keylen, "evp_cipher key");
3986 EVP_CIPHER_CTX_rand_key(ctx, key);
3987 EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
3988 OPENSSL_clear_free(key, keylen);
3990 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key), no_key);
3991 alg_name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
3993 for (j = 0; j < num; j++) {
3994 print_message(alg_name, 0, mblengths[j], seconds->sym);
3996 for (count = 0; run && count < 0x7fffffff; count++) {
3997 unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
3998 EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
3999 size_t len = mblengths[j];
4002 memset(aad, 0, 8); /* avoid uninitialized values */
4003 aad[8] = 23; /* SSL3_RT_APPLICATION_DATA */
4004 aad[9] = 3; /* version */
4006 aad[11] = 0; /* length */
4008 mb_param.out = NULL;
4011 mb_param.interleave = 8;
4013 packlen = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
4014 sizeof(mb_param), &mb_param);
4020 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
4021 sizeof(mb_param), &mb_param);
4025 RAND_bytes(out, 16);
4027 aad[11] = (unsigned char)(len >> 8);
4028 aad[12] = (unsigned char)(len);
4029 pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD,
4030 EVP_AEAD_TLS1_AAD_LEN, aad);
4031 EVP_Cipher(ctx, out, inp, len + pad);
4035 BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n"
4036 : "%d %s's in %.2fs\n", count, "evp", d);
4037 results[D_EVP][j] = ((double)count) / d * mblengths[j];
4041 fprintf(stdout, "+H");
4042 for (j = 0; j < num; j++)
4043 fprintf(stdout, ":%d", mblengths[j]);
4044 fprintf(stdout, "\n");
4045 fprintf(stdout, "+F:%d:%s", D_EVP, alg_name);
4046 for (j = 0; j < num; j++)
4047 fprintf(stdout, ":%.2f", results[D_EVP][j]);
4048 fprintf(stdout, "\n");
4051 "The 'numbers' are in 1000s of bytes per second processed.\n");
4052 fprintf(stdout, "type ");
4053 for (j = 0; j < num; j++)
4054 fprintf(stdout, "%7d bytes", mblengths[j]);
4055 fprintf(stdout, "\n");
4056 fprintf(stdout, "%-24s", alg_name);
4058 for (j = 0; j < num; j++) {
4059 if (results[D_EVP][j] > 10000)
4060 fprintf(stdout, " %11.2fk", results[D_EVP][j] / 1e3);
4062 fprintf(stdout, " %11.2f ", results[D_EVP][j]);
4064 fprintf(stdout, "\n");
4069 EVP_CIPHER_CTX_free(ctx);