2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
13 #define RSA_SECONDS 10
14 #define DSA_SECONDS 10
15 #define ECDSA_SECONDS 10
16 #define ECDH_SECONDS 10
17 #define EdDSA_SECONDS 10
18 #define SM2_SECONDS 10
20 /* We need to use some deprecated APIs */
21 #define OPENSSL_SUPPRESS_DEPRECATED
29 #include <openssl/crypto.h>
30 #include <openssl/rand.h>
31 #include <openssl/err.h>
32 #include <openssl/evp.h>
33 #include <openssl/objects.h>
34 #include <openssl/async.h>
35 #if !defined(OPENSSL_SYS_MSDOS)
43 #include <openssl/bn.h>
44 #ifndef OPENSSL_NO_DES
45 # include <openssl/des.h>
47 #ifndef OPENSSL_NO_DEPRECATED_3_0
48 #include <openssl/aes.h>
50 #ifndef OPENSSL_NO_CAMELLIA
51 # include <openssl/camellia.h>
53 #ifndef OPENSSL_NO_MD2
54 # include <openssl/md2.h>
56 #ifndef OPENSSL_NO_MDC2
57 # include <openssl/mdc2.h>
59 #ifndef OPENSSL_NO_MD4
60 # include <openssl/md4.h>
62 #ifndef OPENSSL_NO_MD5
63 # include <openssl/md5.h>
65 #include <openssl/hmac.h>
66 #ifndef OPENSSL_NO_CMAC
67 #include <openssl/cmac.h>
69 #include <openssl/sha.h>
70 #ifndef OPENSSL_NO_RMD160
71 # include <openssl/ripemd.h>
73 #ifndef OPENSSL_NO_WHIRLPOOL
74 # include <openssl/whrlpool.h>
76 #ifndef OPENSSL_NO_RC4
77 # include <openssl/rc4.h>
79 #ifndef OPENSSL_NO_RC5
80 # include <openssl/rc5.h>
82 #ifndef OPENSSL_NO_RC2
83 # include <openssl/rc2.h>
85 #ifndef OPENSSL_NO_IDEA
86 # include <openssl/idea.h>
88 #ifndef OPENSSL_NO_SEED
89 # include <openssl/seed.h>
92 # include <openssl/blowfish.h>
94 #ifndef OPENSSL_NO_CAST
95 # include <openssl/cast.h>
97 #ifndef OPENSSL_NO_RSA
98 # include <openssl/rsa.h>
99 # include "./testrsa.h"
101 #include <openssl/x509.h>
102 #ifndef OPENSSL_NO_DSA
103 # include <openssl/dsa.h>
104 # include "./testdsa.h"
106 #ifndef OPENSSL_NO_EC
107 # include <openssl/ec.h>
109 #include <openssl/modes.h>
112 # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS)
125 #define MAX_MISALIGNMENT 63
126 #define MAX_ECDH_SIZE 256
129 typedef struct openssl_speed_sec_st {
137 } openssl_speed_sec_t;
139 static volatile int run = 0;
141 static int mr = 0; /* machine-readeable output format to merge fork results */
142 static int usertime = 1;
144 static double Time_F(int s);
145 static void print_message(const char *s, long num, int length, int tm);
146 static void pkey_print_message(const char *str, const char *str2,
147 long num, unsigned int bits, int sec);
148 static void print_result(int alg, int run_no, int count, double time_used);
150 static int do_multi(int multi, int size_num);
153 static const int lengths_list[] = {
154 16, 64, 256, 1024, 8 * 1024, 16 * 1024
156 #define SIZE_NUM OSSL_NELEM(lengths_list)
157 static const int *lengths = lengths_list;
159 static const int aead_lengths_list[] = {
160 2, 31, 136, 1024, 8 * 1024, 16 * 1024
168 static void alarmed(int sig)
170 signal(SIGALRM, alarmed);
174 static double Time_F(int s)
176 double ret = app_tminterval(s, usertime);
182 #elif defined(_WIN32)
186 static unsigned int lapse;
187 static volatile unsigned int schlock;
188 static void alarm_win32(unsigned int secs)
193 # define alarm alarm_win32
195 static DWORD WINAPI sleepy(VOID * arg)
203 static double Time_F(int s)
210 thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
212 DWORD err = GetLastError();
213 BIO_printf(bio_err, "unable to CreateThread (%lu)", err);
217 Sleep(0); /* scheduler spinlock */
218 ret = app_tminterval(s, usertime);
220 ret = app_tminterval(s, usertime);
222 TerminateThread(thr, 0);
229 static double Time_F(int s)
231 return app_tminterval(s, usertime);
235 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
236 const openssl_speed_sec_t *seconds);
238 static int opt_found(const char *name, unsigned int *result,
239 const OPT_PAIR pairs[], unsigned int nbelem)
243 for (idx = 0; idx < nbelem; ++idx, pairs++)
244 if (strcmp(name, pairs->name) == 0) {
245 *result = pairs->retval;
250 #define opt_found(value, pairs, result)\
251 opt_found(value, result, pairs, OSSL_NELEM(pairs))
253 typedef enum OPTION_choice {
254 OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
255 OPT_ELAPSED, OPT_EVP, OPT_HMAC, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
256 OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM,
257 OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD, OPT_CMAC
260 const OPTIONS speed_options[] = {
261 {OPT_HELP_STR, 1, '-', "Usage: %s [options] [algorithm...]\n"},
263 OPT_SECTION("General"),
264 {"help", OPT_HELP, '-', "Display this summary"},
266 "Enable (tls1>=1) multi-block mode on EVP-named cipher"},
267 {"mr", OPT_MR, '-', "Produce machine readable output"},
269 {"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"},
271 #ifndef OPENSSL_NO_ASYNC
272 {"async_jobs", OPT_ASYNCJOBS, 'p',
273 "Enable async mode and start specified number of jobs"},
275 #ifndef OPENSSL_NO_ENGINE
276 {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
278 {"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"},
280 OPT_SECTION("Selection"),
281 {"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"},
282 {"hmac", OPT_HMAC, 's', "HMAC using EVP-named digest"},
283 #ifndef OPENSSL_NO_CMAC
284 {"cmac", OPT_CMAC, 's', "CMAC using EVP-named cipher"},
286 {"decrypt", OPT_DECRYPT, '-',
287 "Time decryption instead of encryption (only EVP)"},
288 {"aead", OPT_AEAD, '-',
289 "Benchmark EVP-named AEAD cipher in TLS-like sequence"},
291 OPT_SECTION("Timing"),
292 {"elapsed", OPT_ELAPSED, '-',
293 "Use wall-clock time instead of CPU user time as divisor"},
294 {"seconds", OPT_SECONDS, 'p',
295 "Run benchmarks for specified amount of seconds"},
296 {"bytes", OPT_BYTES, 'p',
297 "Run [non-PKI] benchmarks on custom-sized buffer"},
298 {"misalign", OPT_MISALIGN, 'p',
299 "Use specified offset to mis-align buffers"},
304 {"algorithm", 0, 0, "Algorithm(s) to test (optional; otherwise tests all)"},
309 D_MD2, D_MDC2, D_MD4, D_MD5 , D_HMAC, D_SHA1, D_RMD160, D_RC4,
310 D_CBC_DES, D_EDE3_DES, D_CBC_IDEA, D_CBC_SEED,
311 D_CBC_RC2, D_CBC_RC5, D_CBC_BF, D_CBC_CAST,
312 D_CBC_128_AES, D_CBC_192_AES, D_CBC_256_AES,
313 D_CBC_128_CML, D_CBC_192_CML, D_CBC_256_CML,
314 D_EVP, D_SHA256, D_SHA512, D_WHIRLPOOL,
315 D_IGE_128_AES, D_IGE_192_AES, D_IGE_256_AES,
316 D_GHASH, D_RAND, D_EVP_HMAC, D_EVP_CMAC, ALGOR_NUM
318 /* name of algorithms to test. MUST BE KEEP IN SYNC with above enum ! */
319 static const char *names[ALGOR_NUM] = {
320 "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
321 "des cbc", "des ede3", "idea cbc", "seed cbc",
322 "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
323 "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
324 "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
325 "evp", "sha256", "sha512", "whirlpool",
326 "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
327 "rand", "hmac", "cmac"
330 /* list of configured algorithm (remaining), with some few alias */
331 static const OPT_PAIR doit_choices[] = {
332 #if !defined(OPENSSL_NO_MD2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
335 #if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
338 #if !defined(OPENSSL_NO_MD4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
341 #if !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_DEPRECATED_3_0)
345 #ifndef OPENSSL_NO_DEPRECATED_3_0
347 {"sha256", D_SHA256},
348 {"sha512", D_SHA512},
350 #if !defined(OPENSSL_NO_WHIRLPOOL) && !defined(OPENSSL_NO_DEPRECATED_3_0)
351 {"whirlpool", D_WHIRLPOOL},
353 #if !defined(OPENSSL_NO_RMD160) && !defined(OPENSSL_NO_DEPRECATED_3_0)
354 {"ripemd", D_RMD160},
355 {"rmd160", D_RMD160},
356 {"ripemd160", D_RMD160},
358 #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
361 #if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
362 {"des-cbc", D_CBC_DES},
363 {"des-ede3", D_EDE3_DES},
365 #ifndef OPENSSL_NO_DEPRECATED_3_0
366 {"aes-128-cbc", D_CBC_128_AES},
367 {"aes-192-cbc", D_CBC_192_AES},
368 {"aes-256-cbc", D_CBC_256_AES},
369 {"aes-128-ige", D_IGE_128_AES},
370 {"aes-192-ige", D_IGE_192_AES},
371 {"aes-256-ige", D_IGE_256_AES},
373 #if !defined(OPENSSL_NO_RC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
374 {"rc2-cbc", D_CBC_RC2},
377 #if !defined(OPENSSL_NO_RC5) && !defined(OPENSSL_NO_DEPRECATED_3_0)
378 {"rc5-cbc", D_CBC_RC5},
381 #if !defined(OPENSSL_NO_IDEA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
382 {"idea-cbc", D_CBC_IDEA},
383 {"idea", D_CBC_IDEA},
385 #if !defined(OPENSSL_NO_SEED) && !defined(OPENSSL_NO_DEPRECATED_3_0)
386 {"seed-cbc", D_CBC_SEED},
387 {"seed", D_CBC_SEED},
389 #if !defined(OPENSSL_NO_BF) && !defined(OPENSSL_NO_DEPRECATED_3_0)
390 {"bf-cbc", D_CBC_BF},
391 {"blowfish", D_CBC_BF},
394 #if !defined(OPENSSL_NO_CAST) && !defined(OPENSSL_NO_DEPRECATED_3_0)
395 {"cast-cbc", D_CBC_CAST},
396 {"cast", D_CBC_CAST},
397 {"cast5", D_CBC_CAST},
403 static double results[ALGOR_NUM][SIZE_NUM];
405 #ifndef OPENSSL_NO_DSA
406 enum { R_DSA_512, R_DSA_1024, R_DSA_2048, DSA_NUM };
407 static const OPT_PAIR dsa_choices[DSA_NUM] = {
408 {"dsa512", R_DSA_512},
409 {"dsa1024", R_DSA_1024},
410 {"dsa2048", R_DSA_2048}
412 static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */
413 #endif /* OPENSSL_NO_DSA */
415 #ifndef OPENSSL_NO_RSA
417 R_RSA_512, R_RSA_1024, R_RSA_2048, R_RSA_3072, R_RSA_4096, R_RSA_7680,
420 static const OPT_PAIR rsa_choices[RSA_NUM] = {
421 {"rsa512", R_RSA_512},
422 {"rsa1024", R_RSA_1024},
423 {"rsa2048", R_RSA_2048},
424 {"rsa3072", R_RSA_3072},
425 {"rsa4096", R_RSA_4096},
426 {"rsa7680", R_RSA_7680},
427 {"rsa15360", R_RSA_15360}
430 static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */
431 #endif /* OPENSSL_NO_RSA */
433 #ifndef OPENSSL_NO_EC
435 R_EC_P160, R_EC_P192, R_EC_P224, R_EC_P256, R_EC_P384, R_EC_P521,
436 # ifndef OPENSSL_NO_EC2M
437 R_EC_K163, R_EC_K233, R_EC_K283, R_EC_K409, R_EC_K571,
438 R_EC_B163, R_EC_B233, R_EC_B283, R_EC_B409, R_EC_B571,
440 R_EC_BRP256R1, R_EC_BRP256T1, R_EC_BRP384R1, R_EC_BRP384T1,
441 R_EC_BRP512R1, R_EC_BRP512T1, ECDSA_NUM
443 /* list of ecdsa curves */
444 static const OPT_PAIR ecdsa_choices[ECDSA_NUM] = {
445 {"ecdsap160", R_EC_P160},
446 {"ecdsap192", R_EC_P192},
447 {"ecdsap224", R_EC_P224},
448 {"ecdsap256", R_EC_P256},
449 {"ecdsap384", R_EC_P384},
450 {"ecdsap521", R_EC_P521},
451 # ifndef OPENSSL_NO_EC2M
452 {"ecdsak163", R_EC_K163},
453 {"ecdsak233", R_EC_K233},
454 {"ecdsak283", R_EC_K283},
455 {"ecdsak409", R_EC_K409},
456 {"ecdsak571", R_EC_K571},
457 {"ecdsab163", R_EC_B163},
458 {"ecdsab233", R_EC_B233},
459 {"ecdsab283", R_EC_B283},
460 {"ecdsab409", R_EC_B409},
461 {"ecdsab571", R_EC_B571},
463 {"ecdsabrp256r1", R_EC_BRP256R1},
464 {"ecdsabrp256t1", R_EC_BRP256T1},
465 {"ecdsabrp384r1", R_EC_BRP384R1},
466 {"ecdsabrp384t1", R_EC_BRP384T1},
467 {"ecdsabrp512r1", R_EC_BRP512R1},
468 {"ecdsabrp512t1", R_EC_BRP512T1}
470 enum { R_EC_X25519 = ECDSA_NUM, R_EC_X448, EC_NUM };
471 /* list of ecdh curves, extension of |ecdsa_choices| list above */
472 static const OPT_PAIR ecdh_choices[EC_NUM] = {
473 {"ecdhp160", R_EC_P160},
474 {"ecdhp192", R_EC_P192},
475 {"ecdhp224", R_EC_P224},
476 {"ecdhp256", R_EC_P256},
477 {"ecdhp384", R_EC_P384},
478 {"ecdhp521", R_EC_P521},
479 # ifndef OPENSSL_NO_EC2M
480 {"ecdhk163", R_EC_K163},
481 {"ecdhk233", R_EC_K233},
482 {"ecdhk283", R_EC_K283},
483 {"ecdhk409", R_EC_K409},
484 {"ecdhk571", R_EC_K571},
485 {"ecdhb163", R_EC_B163},
486 {"ecdhb233", R_EC_B233},
487 {"ecdhb283", R_EC_B283},
488 {"ecdhb409", R_EC_B409},
489 {"ecdhb571", R_EC_B571},
491 {"ecdhbrp256r1", R_EC_BRP256R1},
492 {"ecdhbrp256t1", R_EC_BRP256T1},
493 {"ecdhbrp384r1", R_EC_BRP384R1},
494 {"ecdhbrp384t1", R_EC_BRP384T1},
495 {"ecdhbrp512r1", R_EC_BRP512R1},
496 {"ecdhbrp512t1", R_EC_BRP512T1},
497 {"ecdhx25519", R_EC_X25519},
498 {"ecdhx448", R_EC_X448}
501 static double ecdh_results[EC_NUM][1]; /* 1 op: derivation */
502 static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */
504 enum { R_EC_Ed25519, R_EC_Ed448, EdDSA_NUM };
505 static const OPT_PAIR eddsa_choices[EdDSA_NUM] = {
506 {"ed25519", R_EC_Ed25519},
507 {"ed448", R_EC_Ed448}
510 static double eddsa_results[EdDSA_NUM][2]; /* 2 ops: sign then verify */
512 # ifndef OPENSSL_NO_SM2
513 enum { R_EC_CURVESM2, SM2_NUM };
514 static const OPT_PAIR sm2_choices[SM2_NUM] = {
515 {"curveSM2", R_EC_CURVESM2}
517 # define SM2_ID "TLSv1.3+GM+Cipher+Suite"
518 # define SM2_ID_LEN sizeof("TLSv1.3+GM+Cipher+Suite") - 1
519 static double sm2_results[SM2_NUM][2]; /* 2 ops: sign then verify */
520 # endif /* OPENSSL_NO_SM2 */
521 #endif /* OPENSSL_NO_EC */
524 # define COND(d) (count < (d))
525 # define COUNT(d) (d)
527 # define COND(unused_cond) (run && count<0x7fffffff)
528 # define COUNT(d) (count)
531 typedef struct loopargs_st {
532 ASYNC_JOB *inprogress_job;
533 ASYNC_WAIT_CTX *wait_ctx;
536 unsigned char *buf_malloc;
537 unsigned char *buf2_malloc;
541 #ifndef OPENSSL_NO_RSA
542 RSA *rsa_key[RSA_NUM];
544 #ifndef OPENSSL_NO_DSA
545 DSA *dsa_key[DSA_NUM];
547 #ifndef OPENSSL_NO_EC
548 EC_KEY *ecdsa[ECDSA_NUM];
549 EVP_PKEY_CTX *ecdh_ctx[EC_NUM];
550 EVP_MD_CTX *eddsa_ctx[EdDSA_NUM];
551 # ifndef OPENSSL_NO_SM2
552 EVP_MD_CTX *sm2_ctx[SM2_NUM];
553 EVP_MD_CTX *sm2_vfy_ctx[SM2_NUM];
554 EVP_PKEY *sm2_pkey[SM2_NUM];
556 unsigned char *secret_a;
557 unsigned char *secret_b;
558 size_t outlen[EC_NUM];
562 #ifndef OPENSSL_NO_CMAC
565 GCM128_CONTEXT *gcm_ctx;
567 static int run_benchmark(int async_jobs, int (*loop_function) (void *),
568 loopargs_t * loopargs);
570 static unsigned int testnum;
572 /* Nb of iterations to do per algorithm and key-size */
573 static long c[ALGOR_NUM][SIZE_NUM];
575 #if !defined(OPENSSL_NO_MD2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
576 static int EVP_Digest_MD2_loop(void *args)
578 loopargs_t *tempargs = *(loopargs_t **) args;
579 unsigned char *buf = tempargs->buf;
580 unsigned char md2[MD2_DIGEST_LENGTH];
583 for (count = 0; COND(c[D_MD2][testnum]); count++) {
584 if (!EVP_Digest(buf, (size_t)lengths[testnum], md2, NULL, EVP_md2(),
592 #if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
593 static int EVP_Digest_MDC2_loop(void *args)
595 loopargs_t *tempargs = *(loopargs_t **) args;
596 unsigned char *buf = tempargs->buf;
597 unsigned char mdc2[MDC2_DIGEST_LENGTH];
600 for (count = 0; COND(c[D_MDC2][testnum]); count++) {
601 if (!EVP_Digest(buf, (size_t)lengths[testnum], mdc2, NULL, EVP_mdc2(),
609 #if !defined(OPENSSL_NO_MD4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
610 static int EVP_Digest_MD4_loop(void *args)
612 loopargs_t *tempargs = *(loopargs_t **) args;
613 unsigned char *buf = tempargs->buf;
614 unsigned char md4[MD4_DIGEST_LENGTH];
617 for (count = 0; COND(c[D_MD4][testnum]); count++) {
618 if (!EVP_Digest(buf, (size_t)lengths[testnum], md4, NULL, EVP_md4(),
626 #if !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_DEPRECATED_3_0)
627 static int MD5_loop(void *args)
629 loopargs_t *tempargs = *(loopargs_t **) args;
630 unsigned char *buf = tempargs->buf;
631 unsigned char md5[MD5_DIGEST_LENGTH];
633 for (count = 0; COND(c[D_MD5][testnum]); count++)
634 MD5(buf, lengths[testnum], md5);
638 static int HMAC_loop(void *args)
640 loopargs_t *tempargs = *(loopargs_t **) args;
641 unsigned char *buf = tempargs->buf;
642 HMAC_CTX *hctx = tempargs->hctx;
643 unsigned char hmac[MD5_DIGEST_LENGTH];
646 for (count = 0; COND(c[D_HMAC][testnum]); count++) {
647 HMAC_Init_ex(hctx, NULL, 0, NULL, NULL);
648 HMAC_Update(hctx, buf, lengths[testnum]);
649 HMAC_Final(hctx, hmac, NULL);
655 #ifndef OPENSSL_NO_DEPRECATED_3_0
656 static int SHA1_loop(void *args)
658 loopargs_t *tempargs = *(loopargs_t **) args;
659 unsigned char *buf = tempargs->buf;
660 unsigned char sha[SHA_DIGEST_LENGTH];
662 for (count = 0; COND(c[D_SHA1][testnum]); count++)
663 SHA1(buf, lengths[testnum], sha);
667 static int SHA256_loop(void *args)
669 loopargs_t *tempargs = *(loopargs_t **) args;
670 unsigned char *buf = tempargs->buf;
671 unsigned char sha256[SHA256_DIGEST_LENGTH];
673 for (count = 0; COND(c[D_SHA256][testnum]); count++)
674 SHA256(buf, lengths[testnum], sha256);
678 static int SHA512_loop(void *args)
680 loopargs_t *tempargs = *(loopargs_t **) args;
681 unsigned char *buf = tempargs->buf;
682 unsigned char sha512[SHA512_DIGEST_LENGTH];
684 for (count = 0; COND(c[D_SHA512][testnum]); count++)
685 SHA512(buf, lengths[testnum], sha512);
690 #if !defined(OPENSSL_NO_WHIRLPOOL) && !defined(OPENSSL_NO_DEPRECATED_3_0)
691 static int WHIRLPOOL_loop(void *args)
693 loopargs_t *tempargs = *(loopargs_t **) args;
694 unsigned char *buf = tempargs->buf;
695 unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
697 for (count = 0; COND(c[D_WHIRLPOOL][testnum]); count++)
698 WHIRLPOOL(buf, lengths[testnum], whirlpool);
703 #if !defined(OPENSSL_NO_RMD160) && !defined(OPENSSL_NO_DEPRECATED_3_0)
704 static int EVP_Digest_RMD160_loop(void *args)
706 loopargs_t *tempargs = *(loopargs_t **) args;
707 unsigned char *buf = tempargs->buf;
708 unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
710 for (count = 0; COND(c[D_RMD160][testnum]); count++) {
711 if (!EVP_Digest(buf, (size_t)lengths[testnum], &(rmd160[0]),
712 NULL, EVP_ripemd160(), NULL))
719 #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
720 static RC4_KEY rc4_ks;
721 static int RC4_loop(void *args)
723 loopargs_t *tempargs = *(loopargs_t **) args;
724 unsigned char *buf = tempargs->buf;
726 for (count = 0; COND(c[D_RC4][testnum]); count++)
727 RC4(&rc4_ks, (size_t)lengths[testnum], buf, buf);
732 #if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
733 static unsigned char DES_iv[8];
734 static DES_key_schedule sch[3];
735 static int DES_ncbc_encrypt_loop(void *args)
737 loopargs_t *tempargs = *(loopargs_t **) args;
738 unsigned char *buf = tempargs->buf;
740 for (count = 0; COND(c[D_CBC_DES][testnum]); count++)
741 DES_ncbc_encrypt(buf, buf, lengths[testnum], &sch[0],
742 &DES_iv, DES_ENCRYPT);
746 static int DES_ede3_cbc_encrypt_loop(void *args)
748 loopargs_t *tempargs = *(loopargs_t **) args;
749 unsigned char *buf = tempargs->buf;
751 for (count = 0; COND(c[D_EDE3_DES][testnum]); count++)
752 DES_ede3_cbc_encrypt(buf, buf, lengths[testnum],
753 &sch[0], &sch[1], &sch[2], &DES_iv, DES_ENCRYPT);
758 #define MAX_BLOCK_SIZE 128
760 static unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
762 #ifndef OPENSSL_NO_DEPRECATED_3_0
763 static AES_KEY aes_ks1, aes_ks2, aes_ks3;
764 static int AES_cbc_128_encrypt_loop(void *args)
766 loopargs_t *tempargs = *(loopargs_t **) args;
767 unsigned char *buf = tempargs->buf;
769 for (count = 0; COND(c[D_CBC_128_AES][testnum]); count++)
770 AES_cbc_encrypt(buf, buf,
771 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
775 static int AES_cbc_192_encrypt_loop(void *args)
777 loopargs_t *tempargs = *(loopargs_t **) args;
778 unsigned char *buf = tempargs->buf;
780 for (count = 0; COND(c[D_CBC_192_AES][testnum]); count++)
781 AES_cbc_encrypt(buf, buf,
782 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
786 static int AES_cbc_256_encrypt_loop(void *args)
788 loopargs_t *tempargs = *(loopargs_t **) args;
789 unsigned char *buf = tempargs->buf;
791 for (count = 0; COND(c[D_CBC_256_AES][testnum]); count++)
792 AES_cbc_encrypt(buf, buf,
793 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
797 static int AES_ige_128_encrypt_loop(void *args)
799 loopargs_t *tempargs = *(loopargs_t **) args;
800 unsigned char *buf = tempargs->buf;
801 unsigned char *buf2 = tempargs->buf2;
803 for (count = 0; COND(c[D_IGE_128_AES][testnum]); count++)
804 AES_ige_encrypt(buf, buf2,
805 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
809 static int AES_ige_192_encrypt_loop(void *args)
811 loopargs_t *tempargs = *(loopargs_t **) args;
812 unsigned char *buf = tempargs->buf;
813 unsigned char *buf2 = tempargs->buf2;
815 for (count = 0; COND(c[D_IGE_192_AES][testnum]); count++)
816 AES_ige_encrypt(buf, buf2,
817 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
821 static int AES_ige_256_encrypt_loop(void *args)
823 loopargs_t *tempargs = *(loopargs_t **) args;
824 unsigned char *buf = tempargs->buf;
825 unsigned char *buf2 = tempargs->buf2;
827 for (count = 0; COND(c[D_IGE_256_AES][testnum]); count++)
828 AES_ige_encrypt(buf, buf2,
829 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
833 static int CRYPTO_gcm128_aad_loop(void *args)
835 loopargs_t *tempargs = *(loopargs_t **) args;
836 unsigned char *buf = tempargs->buf;
837 GCM128_CONTEXT *gcm_ctx = tempargs->gcm_ctx;
839 for (count = 0; COND(c[D_GHASH][testnum]); count++)
840 CRYPTO_gcm128_aad(gcm_ctx, buf, lengths[testnum]);
845 static int RAND_bytes_loop(void *args)
847 loopargs_t *tempargs = *(loopargs_t **) args;
848 unsigned char *buf = tempargs->buf;
851 for (count = 0; COND(c[D_RAND][testnum]); count++)
852 RAND_bytes(buf, lengths[testnum]);
856 static int decrypt = 0;
857 static int EVP_Update_loop(void *args)
859 loopargs_t *tempargs = *(loopargs_t **) args;
860 unsigned char *buf = tempargs->buf;
861 EVP_CIPHER_CTX *ctx = tempargs->ctx;
865 for (count = 0; COND(c[D_EVP][testnum]); count++) {
866 rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
868 /* reset iv in case of counter overflow */
869 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
873 for (count = 0; COND(c[D_EVP][testnum]); count++) {
874 rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
876 /* reset iv in case of counter overflow */
877 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
882 EVP_DecryptFinal_ex(ctx, buf, &outl);
884 EVP_EncryptFinal_ex(ctx, buf, &outl);
889 * CCM does not support streaming. For the purpose of performance measurement,
890 * each message is encrypted using the same (key,iv)-pair. Do not use this
891 * code in your application.
893 static int EVP_Update_loop_ccm(void *args)
895 loopargs_t *tempargs = *(loopargs_t **) args;
896 unsigned char *buf = tempargs->buf;
897 EVP_CIPHER_CTX *ctx = tempargs->ctx;
899 unsigned char tag[12];
902 for (count = 0; COND(c[D_EVP][testnum]); count++) {
903 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), tag);
905 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
906 /* counter is reset on every update */
907 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
910 for (count = 0; COND(c[D_EVP][testnum]); count++) {
911 /* restore iv length field */
912 EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
913 /* counter is reset on every update */
914 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
918 EVP_DecryptFinal_ex(ctx, buf, &outl);
920 EVP_EncryptFinal_ex(ctx, buf, &outl);
925 * To make AEAD benchmarking more relevant perform TLS-like operations,
926 * 13-byte AAD followed by payload. But don't use TLS-formatted AAD, as
927 * payload length is not actually limited by 16KB...
929 static int EVP_Update_loop_aead(void *args)
931 loopargs_t *tempargs = *(loopargs_t **) args;
932 unsigned char *buf = tempargs->buf;
933 EVP_CIPHER_CTX *ctx = tempargs->ctx;
935 unsigned char aad[13] = { 0xcc };
936 unsigned char faketag[16] = { 0xcc };
939 for (count = 0; COND(c[D_EVP][testnum]); count++) {
940 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
941 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
942 sizeof(faketag), faketag);
943 EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
944 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
945 EVP_DecryptFinal_ex(ctx, buf + outl, &outl);
948 for (count = 0; COND(c[D_EVP][testnum]); count++) {
949 EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv);
950 EVP_EncryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
951 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
952 EVP_EncryptFinal_ex(ctx, buf + outl, &outl);
958 static const EVP_MD *evp_md = NULL;
959 static int EVP_Digest_loop(void *args)
961 loopargs_t *tempargs = *(loopargs_t **) args;
962 unsigned char *buf = tempargs->buf;
963 unsigned char md[EVP_MAX_MD_SIZE];
966 for (count = 0; COND(c[D_EVP][testnum]); count++) {
967 if (!EVP_Digest(buf, lengths[testnum], md, NULL, evp_md, NULL))
973 static const EVP_MD *evp_hmac_md = NULL;
974 static char *evp_hmac_name = NULL;
975 static int EVP_HMAC_loop(void *args)
977 loopargs_t *tempargs = *(loopargs_t **) args;
978 unsigned char *buf = tempargs->buf;
979 unsigned char no_key[32];
982 for (count = 0; COND(c[D_EVP_HMAC][testnum]); count++) {
983 if (HMAC(evp_hmac_md, no_key, sizeof(no_key), buf, lengths[testnum],
990 #ifndef OPENSSL_NO_CMAC
991 static const EVP_CIPHER *evp_cmac_cipher = NULL;
992 static char *evp_cmac_name = NULL;
994 static int EVP_CMAC_loop(void *args)
996 loopargs_t *tempargs = *(loopargs_t **) args;
997 unsigned char *buf = tempargs->buf;
998 CMAC_CTX *cmac_ctx = tempargs->cmac_ctx;
999 static const char key[16] = "This is a key...";
1000 unsigned char mac[16];
1001 size_t len = sizeof(mac);
1004 for (count = 0; COND(c[D_EVP_CMAC][testnum]); count++) {
1005 if (!CMAC_Init(cmac_ctx, key, sizeof(key), evp_cmac_cipher, NULL)
1006 || !CMAC_Update(cmac_ctx, buf, lengths[testnum])
1007 || !CMAC_Final(cmac_ctx, mac, &len))
1014 #ifndef OPENSSL_NO_RSA
1015 static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */
1017 static int RSA_sign_loop(void *args)
1019 loopargs_t *tempargs = *(loopargs_t **) args;
1020 unsigned char *buf = tempargs->buf;
1021 unsigned char *buf2 = tempargs->buf2;
1022 unsigned int *rsa_num = &tempargs->siglen;
1023 RSA **rsa_key = tempargs->rsa_key;
1025 for (count = 0; COND(rsa_c[testnum][0]); count++) {
1026 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1028 BIO_printf(bio_err, "RSA sign failure\n");
1029 ERR_print_errors(bio_err);
1037 static int RSA_verify_loop(void *args)
1039 loopargs_t *tempargs = *(loopargs_t **) args;
1040 unsigned char *buf = tempargs->buf;
1041 unsigned char *buf2 = tempargs->buf2;
1042 unsigned int rsa_num = tempargs->siglen;
1043 RSA **rsa_key = tempargs->rsa_key;
1045 for (count = 0; COND(rsa_c[testnum][1]); count++) {
1047 RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1049 BIO_printf(bio_err, "RSA verify failure\n");
1050 ERR_print_errors(bio_err);
1059 #ifndef OPENSSL_NO_DSA
1060 static long dsa_c[DSA_NUM][2];
1061 static int DSA_sign_loop(void *args)
1063 loopargs_t *tempargs = *(loopargs_t **) args;
1064 unsigned char *buf = tempargs->buf;
1065 unsigned char *buf2 = tempargs->buf2;
1066 DSA **dsa_key = tempargs->dsa_key;
1067 unsigned int *siglen = &tempargs->siglen;
1069 for (count = 0; COND(dsa_c[testnum][0]); count++) {
1070 ret = DSA_sign(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1072 BIO_printf(bio_err, "DSA sign failure\n");
1073 ERR_print_errors(bio_err);
1081 static int DSA_verify_loop(void *args)
1083 loopargs_t *tempargs = *(loopargs_t **) args;
1084 unsigned char *buf = tempargs->buf;
1085 unsigned char *buf2 = tempargs->buf2;
1086 DSA **dsa_key = tempargs->dsa_key;
1087 unsigned int siglen = tempargs->siglen;
1089 for (count = 0; COND(dsa_c[testnum][1]); count++) {
1090 ret = DSA_verify(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1092 BIO_printf(bio_err, "DSA verify failure\n");
1093 ERR_print_errors(bio_err);
1102 #ifndef OPENSSL_NO_EC
1103 static long ecdsa_c[ECDSA_NUM][2];
1104 static int ECDSA_sign_loop(void *args)
1106 loopargs_t *tempargs = *(loopargs_t **) args;
1107 unsigned char *buf = tempargs->buf;
1108 EC_KEY **ecdsa = tempargs->ecdsa;
1109 unsigned char *ecdsasig = tempargs->buf2;
1110 unsigned int *ecdsasiglen = &tempargs->siglen;
1112 for (count = 0; COND(ecdsa_c[testnum][0]); count++) {
1113 ret = ECDSA_sign(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1115 BIO_printf(bio_err, "ECDSA sign failure\n");
1116 ERR_print_errors(bio_err);
1124 static int ECDSA_verify_loop(void *args)
1126 loopargs_t *tempargs = *(loopargs_t **) args;
1127 unsigned char *buf = tempargs->buf;
1128 EC_KEY **ecdsa = tempargs->ecdsa;
1129 unsigned char *ecdsasig = tempargs->buf2;
1130 unsigned int ecdsasiglen = tempargs->siglen;
1132 for (count = 0; COND(ecdsa_c[testnum][1]); count++) {
1133 ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1135 BIO_printf(bio_err, "ECDSA verify failure\n");
1136 ERR_print_errors(bio_err);
1144 /* ******************************************************************** */
1145 static long ecdh_c[EC_NUM][1];
1147 static int ECDH_EVP_derive_key_loop(void *args)
1149 loopargs_t *tempargs = *(loopargs_t **) args;
1150 EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum];
1151 unsigned char *derived_secret = tempargs->secret_a;
1153 size_t *outlen = &(tempargs->outlen[testnum]);
1155 for (count = 0; COND(ecdh_c[testnum][0]); count++)
1156 EVP_PKEY_derive(ctx, derived_secret, outlen);
1161 static long eddsa_c[EdDSA_NUM][2];
1162 static int EdDSA_sign_loop(void *args)
1164 loopargs_t *tempargs = *(loopargs_t **) args;
1165 unsigned char *buf = tempargs->buf;
1166 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1167 unsigned char *eddsasig = tempargs->buf2;
1168 size_t *eddsasigsize = &tempargs->sigsize;
1171 for (count = 0; COND(eddsa_c[testnum][0]); count++) {
1172 ret = EVP_DigestSign(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1174 BIO_printf(bio_err, "EdDSA sign failure\n");
1175 ERR_print_errors(bio_err);
1183 static int EdDSA_verify_loop(void *args)
1185 loopargs_t *tempargs = *(loopargs_t **) args;
1186 unsigned char *buf = tempargs->buf;
1187 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1188 unsigned char *eddsasig = tempargs->buf2;
1189 size_t eddsasigsize = tempargs->sigsize;
1192 for (count = 0; COND(eddsa_c[testnum][1]); count++) {
1193 ret = EVP_DigestVerify(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1195 BIO_printf(bio_err, "EdDSA verify failure\n");
1196 ERR_print_errors(bio_err);
1204 # ifndef OPENSSL_NO_SM2
1205 static long sm2_c[SM2_NUM][2];
1206 static int SM2_sign_loop(void *args)
1208 loopargs_t *tempargs = *(loopargs_t **) args;
1209 unsigned char *buf = tempargs->buf;
1210 EVP_MD_CTX **sm2ctx = tempargs->sm2_ctx;
1211 unsigned char *sm2sig = tempargs->buf2;
1212 size_t sm2sigsize = tempargs->sigsize;
1213 const size_t max_size = tempargs->sigsize;
1215 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1217 for (count = 0; COND(sm2_c[testnum][0]); count++) {
1218 if (!EVP_DigestSignInit(sm2ctx[testnum], NULL, EVP_sm3(),
1219 NULL, sm2_pkey[testnum])) {
1220 BIO_printf(bio_err, "SM2 init sign failure\n");
1221 ERR_print_errors(bio_err);
1225 ret = EVP_DigestSign(sm2ctx[testnum], sm2sig, &sm2sigsize,
1228 BIO_printf(bio_err, "SM2 sign failure\n");
1229 ERR_print_errors(bio_err);
1233 /* update the latest returned size and always use the fixed buffer size */
1234 tempargs->sigsize = sm2sigsize;
1235 sm2sigsize = max_size;
1241 static int SM2_verify_loop(void *args)
1243 loopargs_t *tempargs = *(loopargs_t **) args;
1244 unsigned char *buf = tempargs->buf;
1245 EVP_MD_CTX **sm2ctx = tempargs->sm2_vfy_ctx;
1246 unsigned char *sm2sig = tempargs->buf2;
1247 size_t sm2sigsize = tempargs->sigsize;
1249 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1251 for (count = 0; COND(sm2_c[testnum][1]); count++) {
1252 if (!EVP_DigestVerifyInit(sm2ctx[testnum], NULL, EVP_sm3(),
1253 NULL, sm2_pkey[testnum])) {
1254 BIO_printf(bio_err, "SM2 verify init failure\n");
1255 ERR_print_errors(bio_err);
1259 ret = EVP_DigestVerify(sm2ctx[testnum], sm2sig, sm2sigsize,
1262 BIO_printf(bio_err, "SM2 verify failure\n");
1263 ERR_print_errors(bio_err);
1270 # endif /* OPENSSL_NO_SM2 */
1271 #endif /* OPENSSL_NO_EC */
1273 static int run_benchmark(int async_jobs,
1274 int (*loop_function) (void *), loopargs_t * loopargs)
1276 int job_op_count = 0;
1277 int total_op_count = 0;
1278 int num_inprogress = 0;
1279 int error = 0, i = 0, ret = 0;
1280 OSSL_ASYNC_FD job_fd = 0;
1281 size_t num_job_fds = 0;
1283 if (async_jobs == 0) {
1284 return loop_function((void *)&loopargs);
1287 for (i = 0; i < async_jobs && !error; i++) {
1288 loopargs_t *looparg_item = loopargs + i;
1290 /* Copy pointer content (looparg_t item address) into async context */
1291 ret = ASYNC_start_job(&loopargs[i].inprogress_job, loopargs[i].wait_ctx,
1292 &job_op_count, loop_function,
1293 (void *)&looparg_item, sizeof(looparg_item));
1299 if (job_op_count == -1) {
1302 total_op_count += job_op_count;
1307 BIO_printf(bio_err, "Failure in the job\n");
1308 ERR_print_errors(bio_err);
1314 while (num_inprogress > 0) {
1315 #if defined(OPENSSL_SYS_WINDOWS)
1317 #elif defined(OPENSSL_SYS_UNIX)
1318 int select_result = 0;
1319 OSSL_ASYNC_FD max_fd = 0;
1322 FD_ZERO(&waitfdset);
1324 for (i = 0; i < async_jobs && num_inprogress > 0; i++) {
1325 if (loopargs[i].inprogress_job == NULL)
1328 if (!ASYNC_WAIT_CTX_get_all_fds
1329 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1330 || num_job_fds > 1) {
1331 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1332 ERR_print_errors(bio_err);
1336 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1338 FD_SET(job_fd, &waitfdset);
1339 if (job_fd > max_fd)
1343 if (max_fd >= (OSSL_ASYNC_FD)FD_SETSIZE) {
1345 "Error: max_fd (%d) must be smaller than FD_SETSIZE (%d). "
1346 "Decrease the value of async_jobs\n",
1347 max_fd, FD_SETSIZE);
1348 ERR_print_errors(bio_err);
1353 select_result = select(max_fd + 1, &waitfdset, NULL, NULL, NULL);
1354 if (select_result == -1 && errno == EINTR)
1357 if (select_result == -1) {
1358 BIO_printf(bio_err, "Failure in the select\n");
1359 ERR_print_errors(bio_err);
1364 if (select_result == 0)
1368 for (i = 0; i < async_jobs; i++) {
1369 if (loopargs[i].inprogress_job == NULL)
1372 if (!ASYNC_WAIT_CTX_get_all_fds
1373 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1374 || num_job_fds > 1) {
1375 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1376 ERR_print_errors(bio_err);
1380 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1383 #if defined(OPENSSL_SYS_UNIX)
1384 if (num_job_fds == 1 && !FD_ISSET(job_fd, &waitfdset))
1386 #elif defined(OPENSSL_SYS_WINDOWS)
1387 if (num_job_fds == 1
1388 && !PeekNamedPipe(job_fd, NULL, 0, NULL, &avail, NULL)
1393 ret = ASYNC_start_job(&loopargs[i].inprogress_job,
1394 loopargs[i].wait_ctx, &job_op_count,
1395 loop_function, (void *)(loopargs + i),
1396 sizeof(loopargs_t));
1401 if (job_op_count == -1) {
1404 total_op_count += job_op_count;
1407 loopargs[i].inprogress_job = NULL;
1412 loopargs[i].inprogress_job = NULL;
1413 BIO_printf(bio_err, "Failure in the job\n");
1414 ERR_print_errors(bio_err);
1421 return error ? -1 : total_op_count;
1424 #define stop_it(do_it, test_num)\
1425 memset(do_it + test_num, 0, OSSL_NELEM(do_it) - test_num);
1427 int speed_main(int argc, char **argv)
1430 loopargs_t *loopargs = NULL;
1432 const char *engine_id = NULL;
1433 const EVP_CIPHER *evp_cipher = NULL;
1436 int async_init = 0, multiblock = 0, pr_header = 0;
1437 uint8_t doit[ALGOR_NUM] = { 0 };
1438 int ret = 1, misalign = 0, lengths_single = 0, aead = 0;
1440 unsigned int size_num = SIZE_NUM;
1441 unsigned int i, k, loopargs_len = 0, async_jobs = 0;
1447 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) \
1448 || !defined(OPENSSL_NO_EC)
1451 openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS,
1452 ECDSA_SECONDS, ECDH_SECONDS,
1453 EdDSA_SECONDS, SM2_SECONDS };
1455 /* What follows are the buffers and key material. */
1456 #if !defined(OPENSSL_NO_RC5) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1459 #if !defined(OPENSSL_NO_RC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1462 #if !defined(OPENSSL_NO_IDEA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1463 IDEA_KEY_SCHEDULE idea_ks;
1465 #if !defined(OPENSSL_NO_SEED) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1466 SEED_KEY_SCHEDULE seed_ks;
1468 #if !defined(OPENSSL_NO_BF) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1471 #if !defined(OPENSSL_NO_CAST) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1474 #ifndef OPENSSL_NO_DEPRECATED_3_0
1475 static const unsigned char key16[16] = {
1476 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1477 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1479 static const unsigned char key24[24] = {
1480 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1481 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1482 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1484 static const unsigned char key32[32] = {
1485 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1486 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1487 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1488 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1491 #if !defined(OPENSSL_NO_CAMELLIA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1492 CAMELLIA_KEY camellia_ks[3];
1494 #ifndef OPENSSL_NO_RSA
1495 static const struct {
1496 const unsigned char *data;
1497 unsigned int length;
1500 { test512, sizeof(test512), 512 },
1501 { test1024, sizeof(test1024), 1024 },
1502 { test2048, sizeof(test2048), 2048 },
1503 { test3072, sizeof(test3072), 3072 },
1504 { test4096, sizeof(test4096), 4092 },
1505 { test7680, sizeof(test7680), 7680 },
1506 { test15360, sizeof(test15360), 15360 }
1508 uint8_t rsa_doit[RSA_NUM] = { 0 };
1509 int primes = RSA_DEFAULT_PRIME_NUM;
1511 #ifndef OPENSSL_NO_DSA
1512 static const unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 };
1513 uint8_t dsa_doit[DSA_NUM] = { 0 };
1515 #ifndef OPENSSL_NO_EC
1516 typedef struct ec_curve_st {
1520 size_t sigsize; /* only used for EdDSA curves */
1523 * We only test over the following curves as they are representative, To
1524 * add tests over more curves, simply add the curve NID and curve name to
1525 * the following arrays and increase the |ecdh_choices| and |ecdsa_choices|
1526 * lists accordingly.
1528 static const EC_CURVE ec_curves[EC_NUM] = {
1530 {"secp160r1", NID_secp160r1, 160},
1531 {"nistp192", NID_X9_62_prime192v1, 192},
1532 {"nistp224", NID_secp224r1, 224},
1533 {"nistp256", NID_X9_62_prime256v1, 256},
1534 {"nistp384", NID_secp384r1, 384},
1535 {"nistp521", NID_secp521r1, 521},
1536 # ifndef OPENSSL_NO_EC2M
1538 {"nistk163", NID_sect163k1, 163},
1539 {"nistk233", NID_sect233k1, 233},
1540 {"nistk283", NID_sect283k1, 283},
1541 {"nistk409", NID_sect409k1, 409},
1542 {"nistk571", NID_sect571k1, 571},
1543 {"nistb163", NID_sect163r2, 163},
1544 {"nistb233", NID_sect233r1, 233},
1545 {"nistb283", NID_sect283r1, 283},
1546 {"nistb409", NID_sect409r1, 409},
1547 {"nistb571", NID_sect571r1, 571},
1549 {"brainpoolP256r1", NID_brainpoolP256r1, 256},
1550 {"brainpoolP256t1", NID_brainpoolP256t1, 256},
1551 {"brainpoolP384r1", NID_brainpoolP384r1, 384},
1552 {"brainpoolP384t1", NID_brainpoolP384t1, 384},
1553 {"brainpoolP512r1", NID_brainpoolP512r1, 512},
1554 {"brainpoolP512t1", NID_brainpoolP512t1, 512},
1555 /* Other and ECDH only ones */
1556 {"X25519", NID_X25519, 253},
1557 {"X448", NID_X448, 448}
1559 static const EC_CURVE ed_curves[EdDSA_NUM] = {
1561 {"Ed25519", NID_ED25519, 253, 64},
1562 {"Ed448", NID_ED448, 456, 114}
1564 # ifndef OPENSSL_NO_SM2
1565 static const EC_CURVE sm2_curves[SM2_NUM] = {
1567 {"CurveSM2", NID_sm2, 256}
1569 uint8_t sm2_doit[SM2_NUM] = { 0 };
1571 uint8_t ecdsa_doit[ECDSA_NUM] = { 0 };
1572 uint8_t ecdh_doit[EC_NUM] = { 0 };
1573 uint8_t eddsa_doit[EdDSA_NUM] = { 0 };
1575 /* checks declarated curves against choices list. */
1576 OPENSSL_assert(ed_curves[EdDSA_NUM - 1].nid == NID_ED448);
1577 OPENSSL_assert(strcmp(eddsa_choices[EdDSA_NUM - 1].name, "ed448") == 0);
1579 OPENSSL_assert(ec_curves[EC_NUM - 1].nid == NID_X448);
1580 OPENSSL_assert(strcmp(ecdh_choices[EC_NUM - 1].name, "ecdhx448") == 0);
1582 OPENSSL_assert(ec_curves[ECDSA_NUM - 1].nid == NID_brainpoolP512t1);
1583 OPENSSL_assert(strcmp(ecdsa_choices[ECDSA_NUM - 1].name, "ecdsabrp512t1") == 0);
1585 # ifndef OPENSSL_NO_SM2
1586 OPENSSL_assert(sm2_curves[SM2_NUM - 1].nid == NID_sm2);
1587 OPENSSL_assert(strcmp(sm2_choices[SM2_NUM - 1].name, "curveSM2") == 0);
1589 #endif /* ndef OPENSSL_NO_EC */
1591 prog = opt_init(argc, argv, speed_options);
1592 while ((o = opt_next()) != OPT_EOF) {
1597 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
1600 opt_help(speed_options);
1608 evp_cipher = EVP_get_cipherbyname(opt_arg());
1609 if (evp_cipher == NULL)
1610 evp_md = EVP_get_digestbyname(opt_arg());
1611 if (evp_cipher == NULL && evp_md == NULL) {
1613 "%s: %s is an unknown cipher or digest\n",
1620 evp_hmac_md = EVP_get_digestbyname(opt_arg());
1621 if (evp_hmac_md == NULL) {
1622 BIO_printf(bio_err, "%s: %s is an unknown digest\n",
1626 doit[D_EVP_HMAC] = 1;
1629 #ifndef OPENSSL_NO_CMAC
1630 evp_cmac_cipher = EVP_get_cipherbyname(opt_arg());
1631 if (evp_cmac_cipher == NULL) {
1632 BIO_printf(bio_err, "%s: %s is an unknown cipher\n",
1636 doit[D_EVP_CMAC] = 1;
1644 * In a forked execution, an engine might need to be
1645 * initialised by each child process, not by the parent.
1646 * So store the name here and run setup_engine() later on.
1648 engine_id = opt_arg();
1652 multi = atoi(opt_arg());
1656 #ifndef OPENSSL_NO_ASYNC
1657 async_jobs = atoi(opt_arg());
1658 if (!ASYNC_is_capable()) {
1660 "%s: async_jobs specified but async not supported\n",
1664 if (async_jobs > 99999) {
1665 BIO_printf(bio_err, "%s: too many async_jobs\n", prog);
1671 if (!opt_int(opt_arg(), &misalign))
1673 if (misalign > MISALIGN) {
1675 "%s: Maximum offset is %d\n", prog, MISALIGN);
1684 #ifdef OPENSSL_NO_MULTIBLOCK
1686 "%s: -mb specified but multi-block support is disabled\n",
1696 if (!opt_int(opt_arg(), &primes))
1700 seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa
1701 = seconds.ecdh = seconds.eddsa
1702 = seconds.sm2 = atoi(opt_arg());
1705 lengths_single = atoi(opt_arg());
1706 lengths = &lengths_single;
1714 argc = opt_num_rest();
1717 /* Remaining arguments are algorithms. */
1718 for (; *argv; argv++) {
1719 const char *algo = *argv;
1721 if (opt_found(algo, doit_choices, &i)) {
1725 #if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1726 if (strcmp(algo, "des") == 0) {
1727 doit[D_CBC_DES] = doit[D_EDE3_DES] = 1;
1731 if (strcmp(algo, "sha") == 0) {
1732 doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1;
1735 #ifndef OPENSSL_NO_RSA
1736 if (strcmp(algo, "openssl") == 0) /* just for compatibility */
1738 if (strncmp(algo, "rsa", 3) == 0) {
1739 if (algo[3] == '\0') {
1740 memset(rsa_doit, 1, sizeof(rsa_doit));
1743 if (opt_found(algo, rsa_choices, &i)) {
1749 #ifndef OPENSSL_NO_DSA
1750 if (strncmp(algo, "dsa", 3) == 0) {
1751 if (algo[3] == '\0') {
1752 memset(dsa_doit, 1, sizeof(dsa_doit));
1755 if (opt_found(algo, dsa_choices, &i)) {
1761 #ifndef OPENSSL_NO_DEPRECATED_3_0
1762 if (strcmp(algo, "aes") == 0) {
1763 doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1;
1767 #if !defined(OPENSSL_NO_CAMELLIA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1768 if (strcmp(algo, "camellia") == 0) {
1769 doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1;
1773 #ifndef OPENSSL_NO_EC
1774 if (strncmp(algo, "ecdsa", 5) == 0) {
1775 if (algo[5] == '\0') {
1776 memset(ecdsa_doit, 1, sizeof(ecdsa_doit));
1779 if (opt_found(algo, ecdsa_choices, &i)) {
1784 if (strncmp(algo, "ecdh", 4) == 0) {
1785 if (algo[4] == '\0') {
1786 memset(ecdh_doit, 1, sizeof(ecdh_doit));
1789 if (opt_found(algo, ecdh_choices, &i)) {
1794 if (strcmp(algo, "eddsa") == 0) {
1795 memset(eddsa_doit, 1, sizeof(eddsa_doit));
1798 if (opt_found(algo, eddsa_choices, &i)) {
1802 # ifndef OPENSSL_NO_SM2
1803 if (strcmp(algo, "sm2") == 0) {
1804 memset(sm2_doit, 1, sizeof(sm2_doit));
1807 if (opt_found(algo, sm2_choices, &i)) {
1812 #endif /* OPENSSL_NO_EC */
1813 BIO_printf(bio_err, "%s: Unknown algorithm %s\n", prog, algo);
1819 if (evp_cipher == NULL) {
1820 BIO_printf(bio_err, "-aead can be used only with an AEAD cipher\n");
1822 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1823 EVP_CIPH_FLAG_AEAD_CIPHER)) {
1824 BIO_printf(bio_err, "%s is not an AEAD cipher\n",
1825 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1830 if (evp_cipher == NULL) {
1831 BIO_printf(bio_err,"-mb can be used only with a multi-block"
1832 " capable cipher\n");
1834 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1835 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
1836 BIO_printf(bio_err, "%s is not a multi-block capable\n",
1837 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1839 } else if (async_jobs > 0) {
1840 BIO_printf(bio_err, "Async mode is not supported with -mb");
1845 /* Initialize the job pool if async mode is enabled */
1846 if (async_jobs > 0) {
1847 async_init = ASYNC_init_thread(async_jobs, async_jobs);
1849 BIO_printf(bio_err, "Error creating the ASYNC job pool\n");
1854 loopargs_len = (async_jobs == 0 ? 1 : async_jobs);
1856 app_malloc(loopargs_len * sizeof(loopargs_t), "array of loopargs");
1857 memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));
1859 for (i = 0; i < loopargs_len; i++) {
1860 if (async_jobs > 0) {
1861 loopargs[i].wait_ctx = ASYNC_WAIT_CTX_new();
1862 if (loopargs[i].wait_ctx == NULL) {
1863 BIO_printf(bio_err, "Error creating the ASYNC_WAIT_CTX\n");
1868 buflen = lengths[size_num - 1];
1869 if (buflen < 36) /* size of random vector in RSA benchmark */
1871 buflen += MAX_MISALIGNMENT + 1;
1872 loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
1873 loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");
1874 memset(loopargs[i].buf_malloc, 0, buflen);
1875 memset(loopargs[i].buf2_malloc, 0, buflen);
1877 /* Align the start of buffers on a 64 byte boundary */
1878 loopargs[i].buf = loopargs[i].buf_malloc + misalign;
1879 loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;
1880 #ifndef OPENSSL_NO_EC
1881 loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a");
1882 loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b");
1887 if (multi && do_multi(multi, size_num))
1891 /* Initialize the engine after the fork */
1892 e = setup_engine(engine_id, 0);
1894 /* No parameters; turn on everything. */
1895 if (argc == 0 && !doit[D_EVP] && !doit[D_EVP_HMAC] && !doit[D_EVP_CMAC]) {
1896 memset(doit, 1, sizeof(doit));
1897 doit[D_EVP] = doit[D_EVP_HMAC] = doit[D_EVP_CMAC] = 0;
1898 #ifndef OPENSSL_NO_RSA
1899 memset(rsa_doit, 1, sizeof(rsa_doit));
1901 #ifndef OPENSSL_NO_DSA
1902 memset(dsa_doit, 1, sizeof(dsa_doit));
1904 #ifndef OPENSSL_NO_EC
1905 memset(ecdsa_doit, 1, sizeof(ecdsa_doit));
1906 memset(ecdh_doit, 1, sizeof(ecdh_doit));
1907 memset(eddsa_doit, 1, sizeof(eddsa_doit));
1908 # ifndef OPENSSL_NO_SM2
1909 memset(sm2_doit, 1, sizeof(sm2_doit));
1913 for (i = 0; i < ALGOR_NUM; i++)
1917 if (usertime == 0 && !mr)
1919 "You have chosen to measure elapsed time "
1920 "instead of user CPU time.\n");
1922 #ifndef OPENSSL_NO_RSA
1923 for (i = 0; i < loopargs_len; i++) {
1924 if (primes > RSA_DEFAULT_PRIME_NUM) {
1925 /* for multi-prime RSA, skip this */
1928 for (k = 0; k < RSA_NUM; k++) {
1929 const unsigned char *p = rsa_keys[k].data;
1931 loopargs[i].rsa_key[k] =
1932 d2i_RSAPrivateKey(NULL, &p, rsa_keys[k].length);
1933 if (loopargs[i].rsa_key[k] == NULL) {
1935 "internal error loading RSA key number %d\n", k);
1941 #ifndef OPENSSL_NO_DSA
1942 for (i = 0; i < loopargs_len; i++) {
1943 loopargs[i].dsa_key[0] = get_dsa(512);
1944 loopargs[i].dsa_key[1] = get_dsa(1024);
1945 loopargs[i].dsa_key[2] = get_dsa(2048);
1948 #if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1949 if (doit[D_CBC_DES] || doit[D_EDE3_DES]) {
1950 static DES_cblock keys[] = {
1951 { 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0 }, /* keys[0] */
1952 { 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12 }, /* keys[1] */
1953 { 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34 } /* keys[3] */
1955 DES_set_key_unchecked(&keys[0], &sch[0]);
1956 DES_set_key_unchecked(&keys[1], &sch[1]);
1957 DES_set_key_unchecked(&keys[2], &sch[2]);
1960 #ifndef OPENSSL_NO_DEPRECATED_3_0
1961 AES_set_encrypt_key(key16, 128, &aes_ks1);
1962 AES_set_encrypt_key(key24, 192, &aes_ks2);
1963 AES_set_encrypt_key(key32, 256, &aes_ks3);
1965 #if !defined(OPENSSL_NO_CAMELLIA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1966 if (doit[D_CBC_128_CML] || doit[D_CBC_192_CML] || doit[D_CBC_256_CML]) {
1967 Camellia_set_key(key16, 128, &camellia_ks[0]);
1968 Camellia_set_key(key24, 192, &camellia_ks[1]);
1969 Camellia_set_key(key32, 256, &camellia_ks[2]);
1972 #if !defined(OPENSSL_NO_IDEA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1973 if (doit[D_CBC_IDEA])
1974 IDEA_set_encrypt_key(key16, &idea_ks);
1976 #if !defined(OPENSSL_NO_SEED) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1977 if (doit[D_CBC_SEED])
1978 SEED_set_key(key16, &seed_ks);
1980 #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1982 RC4_set_key(&rc4_ks, 16, key16);
1984 #if !defined(OPENSSL_NO_RC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1985 if (doit[D_CBC_RC2])
1986 RC2_set_key(&rc2_ks, 16, key16, 128);
1988 #if !defined(OPENSSL_NO_RC5) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1989 if (doit[D_CBC_RC5])
1990 if (!RC5_32_set_key(&rc5_ks, 16, key16, 12)) {
1991 BIO_printf(bio_err, "Failed setting RC5 key\n");
1995 #if !defined(OPENSSL_NO_BF) && !defined(OPENSSL_NO_DEPRECATED_3_0)
1997 BF_set_key(&bf_ks, 16, key16);
1999 #if !defined(OPENSSL_NO_CAST) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2000 if (doit[D_CBC_CAST])
2001 CAST_set_key(&cast_ks, 16, key16);
2004 #if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2005 BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
2011 for (it = count; it; it--)
2012 DES_ecb_encrypt((DES_cblock *)loopargs[0].buf,
2013 (DES_cblock *)loopargs[0].buf, &sch, DES_ENCRYPT);
2016 c[D_MD2][0] = count / 10;
2017 c[D_MDC2][0] = count / 10;
2018 c[D_MD4][0] = count;
2019 c[D_MD5][0] = count;
2020 c[D_HMAC][0] = count;
2021 c[D_SHA1][0] = count;
2022 c[D_RMD160][0] = count;
2023 c[D_RC4][0] = count * 5;
2024 c[D_CBC_DES][0] = count;
2025 c[D_EDE3_DES][0] = count / 3;
2026 c[D_CBC_IDEA][0] = count;
2027 c[D_CBC_SEED][0] = count;
2028 c[D_CBC_RC2][0] = count;
2029 c[D_CBC_RC5][0] = count;
2030 c[D_CBC_BF][0] = count;
2031 c[D_CBC_CAST][0] = count;
2032 c[D_CBC_128_AES][0] = count;
2033 c[D_CBC_192_AES][0] = count;
2034 c[D_CBC_256_AES][0] = count;
2035 c[D_CBC_128_CML][0] = count;
2036 c[D_CBC_192_CML][0] = count;
2037 c[D_CBC_256_CML][0] = count;
2038 c[D_EVP][0] = count;
2039 c[D_SHA256][0] = count;
2040 c[D_SHA512][0] = count;
2041 c[D_WHIRLPOOL][0] = count;
2042 c[D_IGE_128_AES][0] = count;
2043 c[D_IGE_192_AES][0] = count;
2044 c[D_IGE_256_AES][0] = count;
2045 c[D_GHASH][0] = count;
2046 c[D_RAND][0] = count;
2047 c[D_EVP_HMAC][0] = count;
2048 c[D_EVP_CMAC][0] = count;
2050 for (i = 1; i < size_num; i++) {
2051 long l0 = (long)lengths[0];
2052 long l1 = (long)lengths[i];
2054 c[D_MD2][i] = c[D_MD2][0] * 4 * l0 / l1;
2055 c[D_MDC2][i] = c[D_MDC2][0] * 4 * l0 / l1;
2056 c[D_MD4][i] = c[D_MD4][0] * 4 * l0 / l1;
2057 c[D_MD5][i] = c[D_MD5][0] * 4 * l0 / l1;
2058 c[D_HMAC][i] = c[D_HMAC][0] * 4 * l0 / l1;
2059 c[D_SHA1][i] = c[D_SHA1][0] * 4 * l0 / l1;
2060 c[D_RMD160][i] = c[D_RMD160][0] * 4 * l0 / l1;
2061 c[D_EVP][i] = = c[D_EVP][0] * 4 * l0 / l1;
2062 c[D_SHA256][i] = c[D_SHA256][0] * 4 * l0 / l1;
2063 c[D_SHA512][i] = c[D_SHA512][0] * 4 * l0 / l1;
2064 c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * l0 / l1;
2065 c[D_GHASH][i] = c[D_GHASH][0] * 4 * l0 / l1;
2066 c[D_RAND][i] = c[D_RAND][0] * 4 * l0 / l1;
2067 c[D_EVP_HMAC][i] = = c[D_EVP_HMAC][0] * 4 * l0 / l1;
2068 c[D_EVP_CMAC][i] = = c[D_EVP_CMAC][0] * 4 * l0 / l1;
2070 l0 = (long)lengths[i - 1];
2072 c[D_RC4][i] = c[D_RC4][i - 1] * l0 / l1;
2073 c[D_CBC_DES][i] = c[D_CBC_DES][i - 1] * l0 / l1;
2074 c[D_EDE3_DES][i] = c[D_EDE3_DES][i - 1] * l0 / l1;
2075 c[D_CBC_IDEA][i] = c[D_CBC_IDEA][i - 1] * l0 / l1;
2076 c[D_CBC_SEED][i] = c[D_CBC_SEED][i - 1] * l0 / l1;
2077 c[D_CBC_RC2][i] = c[D_CBC_RC2][i - 1] * l0 / l1;
2078 c[D_CBC_RC5][i] = c[D_CBC_RC5][i - 1] * l0 / l1;
2079 c[D_CBC_BF][i] = c[D_CBC_BF][i - 1] * l0 / l1;
2080 c[D_CBC_CAST][i] = c[D_CBC_CAST][i - 1] * l0 / l1;
2081 c[D_CBC_128_AES][i] = c[D_CBC_128_AES][i - 1] * l0 / l1;
2082 c[D_CBC_192_AES][i] = c[D_CBC_192_AES][i - 1] * l0 / l1;
2083 c[D_CBC_256_AES][i] = c[D_CBC_256_AES][i - 1] * l0 / l1;
2084 c[D_CBC_128_CML][i] = c[D_CBC_128_CML][i - 1] * l0 / l1;
2085 c[D_CBC_192_CML][i] = c[D_CBC_192_CML][i - 1] * l0 / l1;
2086 c[D_CBC_256_CML][i] = c[D_CBC_256_CML][i - 1] * l0 / l1;
2087 c[D_IGE_128_AES][i] = c[D_IGE_128_AES][i - 1] * l0 / l1;
2088 c[D_IGE_192_AES][i] = c[D_IGE_192_AES][i - 1] * l0 / l1;
2089 c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
2092 # ifndef OPENSSL_NO_RSA
2093 rsa_c[R_RSA_512][0] = count / 2000;
2094 rsa_c[R_RSA_512][1] = count / 400;
2095 for (i = 1; i < RSA_NUM; i++) {
2096 rsa_c[i][0] = rsa_c[i - 1][0] / 8;
2097 rsa_c[i][1] = rsa_c[i - 1][1] / 4;
2098 if (rsa_doit[i] <= 1 && rsa_c[i][0] == 0)
2101 if (rsa_c[i][0] == 0) {
2102 rsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2109 # ifndef OPENSSL_NO_DSA
2110 dsa_c[R_DSA_512][0] = count / 1000;
2111 dsa_c[R_DSA_512][1] = count / 1000 / 2;
2112 for (i = 1; i < DSA_NUM; i++) {
2113 dsa_c[i][0] = dsa_c[i - 1][0] / 4;
2114 dsa_c[i][1] = dsa_c[i - 1][1] / 4;
2115 if (dsa_doit[i] <= 1 && dsa_c[i][0] == 0)
2118 if (dsa_c[i][0] == 0) {
2119 dsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2126 # ifndef OPENSSL_NO_EC
2127 ecdsa_c[R_EC_P160][0] = count / 1000;
2128 ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
2129 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2130 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2131 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2132 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2135 if (ecdsa_c[i][0] == 0) {
2141 # ifndef OPENSSL_NO_EC2M
2142 ecdsa_c[R_EC_K163][0] = count / 1000;
2143 ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
2144 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2145 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2146 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2147 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2150 if (ecdsa_c[i][0] == 0) {
2156 ecdsa_c[R_EC_B163][0] = count / 1000;
2157 ecdsa_c[R_EC_B163][1] = count / 1000 / 2;
2158 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2159 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2160 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2161 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2164 if (ecdsa_c[i][0] == 0) {
2172 ecdh_c[R_EC_P160][0] = count / 1000;
2173 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2174 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2175 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2178 if (ecdh_c[i][0] == 0) {
2183 # ifndef OPENSSL_NO_EC2M
2184 ecdh_c[R_EC_K163][0] = count / 1000;
2185 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2186 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2187 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2190 if (ecdh_c[i][0] == 0) {
2195 ecdh_c[R_EC_B163][0] = count / 1000;
2196 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2197 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2198 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2201 if (ecdh_c[i][0] == 0) {
2207 /* repeated code good to factorize */
2208 ecdh_c[R_EC_BRP256R1][0] = count / 1000;
2209 for (i = R_EC_BRP384R1; i <= R_EC_BRP512R1; i += 2) {
2210 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2211 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2214 if (ecdh_c[i][0] == 0) {
2219 ecdh_c[R_EC_BRP256T1][0] = count / 1000;
2220 for (i = R_EC_BRP384T1; i <= R_EC_BRP512T1; i += 2) {
2221 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2222 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2225 if (ecdh_c[i][0] == 0) {
2230 /* default iteration count for the last two EC Curves */
2231 ecdh_c[R_EC_X25519][0] = count / 1800;
2232 ecdh_c[R_EC_X448][0] = count / 7200;
2234 eddsa_c[R_EC_Ed25519][0] = count / 1800;
2235 eddsa_c[R_EC_Ed448][0] = count / 7200;
2237 # ifndef OPENSSL_NO_SM2
2238 sm2_c[R_EC_SM2P256][0] = count / 1800;
2240 # endif /* OPENSSL_NO_EC */
2243 /* not worth fixing */
2244 # error "You cannot disable DES on systems without SIGALRM."
2245 # endif /* OPENSSL_NO_DES */
2247 signal(SIGALRM, alarmed);
2248 #endif /* SIGALRM */
2250 #if !defined(OPENSSL_NO_MD2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2252 for (testnum = 0; testnum < size_num; testnum++) {
2253 print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum],
2256 count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs);
2258 print_result(D_MD2, testnum, count, d);
2262 #if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2264 for (testnum = 0; testnum < size_num; testnum++) {
2265 print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum],
2268 count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs);
2270 print_result(D_MDC2, testnum, count, d);
2277 #if !defined(OPENSSL_NO_MD4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2279 for (testnum = 0; testnum < size_num; testnum++) {
2280 print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum],
2283 count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs);
2285 print_result(D_MD4, testnum, count, d);
2292 #if !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2294 for (testnum = 0; testnum < size_num; testnum++) {
2295 print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum],
2298 count = run_benchmark(async_jobs, MD5_loop, loopargs);
2300 print_result(D_MD5, testnum, count, d);
2305 static const char hmac_key[] = "This is a key...";
2306 int len = strlen(hmac_key);
2308 for (i = 0; i < loopargs_len; i++) {
2309 loopargs[i].hctx = HMAC_CTX_new();
2310 if (loopargs[i].hctx == NULL) {
2311 BIO_printf(bio_err, "HMAC malloc failure, exiting...");
2315 HMAC_Init_ex(loopargs[i].hctx, hmac_key, len, EVP_md5(), NULL);
2317 for (testnum = 0; testnum < size_num; testnum++) {
2318 print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum],
2321 count = run_benchmark(async_jobs, HMAC_loop, loopargs);
2323 print_result(D_HMAC, testnum, count, d);
2325 for (i = 0; i < loopargs_len; i++)
2326 HMAC_CTX_free(loopargs[i].hctx);
2329 #ifndef OPENSSL_NO_DEPRECATED_3_0
2331 for (testnum = 0; testnum < size_num; testnum++) {
2332 print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum],
2335 count = run_benchmark(async_jobs, SHA1_loop, loopargs);
2337 print_result(D_SHA1, testnum, count, d);
2340 if (doit[D_SHA256]) {
2341 for (testnum = 0; testnum < size_num; testnum++) {
2342 print_message(names[D_SHA256], c[D_SHA256][testnum],
2343 lengths[testnum], seconds.sym);
2345 count = run_benchmark(async_jobs, SHA256_loop, loopargs);
2347 print_result(D_SHA256, testnum, count, d);
2350 if (doit[D_SHA512]) {
2351 for (testnum = 0; testnum < size_num; testnum++) {
2352 print_message(names[D_SHA512], c[D_SHA512][testnum],
2353 lengths[testnum], seconds.sym);
2355 count = run_benchmark(async_jobs, SHA512_loop, loopargs);
2357 print_result(D_SHA512, testnum, count, d);
2361 #if !defined(OPENSSL_NO_WHIRLPOOL) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2362 if (doit[D_WHIRLPOOL]) {
2363 for (testnum = 0; testnum < size_num; testnum++) {
2364 print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][testnum],
2365 lengths[testnum], seconds.sym);
2367 count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs);
2369 print_result(D_WHIRLPOOL, testnum, count, d);
2374 #if !defined(OPENSSL_NO_RMD160) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2375 if (doit[D_RMD160]) {
2376 for (testnum = 0; testnum < size_num; testnum++) {
2377 print_message(names[D_RMD160], c[D_RMD160][testnum],
2378 lengths[testnum], seconds.sym);
2380 count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs);
2382 print_result(D_RMD160, testnum, count, d);
2388 #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2390 for (testnum = 0; testnum < size_num; testnum++) {
2391 print_message(names[D_RC4], c[D_RC4][testnum], lengths[testnum],
2394 count = run_benchmark(async_jobs, RC4_loop, loopargs);
2396 print_result(D_RC4, testnum, count, d);
2400 #if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2401 if (doit[D_CBC_DES]) {
2402 for (testnum = 0; testnum < size_num; testnum++) {
2403 print_message(names[D_CBC_DES], c[D_CBC_DES][testnum],
2404 lengths[testnum], seconds.sym);
2406 count = run_benchmark(async_jobs, DES_ncbc_encrypt_loop, loopargs);
2408 print_result(D_CBC_DES, testnum, count, d);
2412 if (doit[D_EDE3_DES]) {
2413 for (testnum = 0; testnum < size_num; testnum++) {
2414 print_message(names[D_EDE3_DES], c[D_EDE3_DES][testnum],
2415 lengths[testnum], seconds.sym);
2418 run_benchmark(async_jobs, DES_ede3_cbc_encrypt_loop, loopargs);
2420 print_result(D_EDE3_DES, testnum, count, d);
2425 #ifndef OPENSSL_NO_DEPRECATED_3_0
2426 if (doit[D_CBC_128_AES]) {
2427 for (testnum = 0; testnum < size_num; testnum++) {
2428 print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][testnum],
2429 lengths[testnum], seconds.sym);
2432 run_benchmark(async_jobs, AES_cbc_128_encrypt_loop, loopargs);
2434 print_result(D_CBC_128_AES, testnum, count, d);
2437 if (doit[D_CBC_192_AES]) {
2438 for (testnum = 0; testnum < size_num; testnum++) {
2439 print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][testnum],
2440 lengths[testnum], seconds.sym);
2443 run_benchmark(async_jobs, AES_cbc_192_encrypt_loop, loopargs);
2445 print_result(D_CBC_192_AES, testnum, count, d);
2448 if (doit[D_CBC_256_AES]) {
2449 for (testnum = 0; testnum < size_num; testnum++) {
2450 print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][testnum],
2451 lengths[testnum], seconds.sym);
2454 run_benchmark(async_jobs, AES_cbc_256_encrypt_loop, loopargs);
2456 print_result(D_CBC_256_AES, testnum, count, d);
2461 if (doit[D_IGE_128_AES]) {
2462 for (testnum = 0; testnum < size_num; testnum++) {
2463 print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][testnum],
2464 lengths[testnum], seconds.sym);
2467 run_benchmark(async_jobs, AES_ige_128_encrypt_loop, loopargs);
2469 print_result(D_IGE_128_AES, testnum, count, d);
2472 if (doit[D_IGE_192_AES]) {
2473 for (testnum = 0; testnum < size_num; testnum++) {
2474 print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][testnum],
2475 lengths[testnum], seconds.sym);
2478 run_benchmark(async_jobs, AES_ige_192_encrypt_loop, loopargs);
2480 print_result(D_IGE_192_AES, testnum, count, d);
2483 if (doit[D_IGE_256_AES]) {
2484 for (testnum = 0; testnum < size_num; testnum++) {
2485 print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][testnum],
2486 lengths[testnum], seconds.sym);
2489 run_benchmark(async_jobs, AES_ige_256_encrypt_loop, loopargs);
2491 print_result(D_IGE_256_AES, testnum, count, d);
2494 if (doit[D_GHASH]) {
2495 for (i = 0; i < loopargs_len; i++) {
2496 loopargs[i].gcm_ctx =
2497 CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
2498 CRYPTO_gcm128_setiv(loopargs[i].gcm_ctx,
2499 (unsigned char *)"0123456789ab", 12);
2502 for (testnum = 0; testnum < size_num; testnum++) {
2503 print_message(names[D_GHASH], c[D_GHASH][testnum],
2504 lengths[testnum], seconds.sym);
2506 count = run_benchmark(async_jobs, CRYPTO_gcm128_aad_loop, loopargs);
2508 print_result(D_GHASH, testnum, count, d);
2510 for (i = 0; i < loopargs_len; i++)
2511 CRYPTO_gcm128_release(loopargs[i].gcm_ctx);
2513 #endif /* OPENSSL_NO_DEPRECATED_3_0 */
2514 #if !defined(OPENSSL_NO_CAMELLIA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2515 if (doit[D_CBC_128_CML]) {
2516 if (async_jobs > 0) {
2517 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2518 names[D_CBC_128_CML]);
2519 doit[D_CBC_128_CML] = 0;
2521 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2522 print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][testnum],
2523 lengths[testnum], seconds.sym);
2525 for (count = 0; COND(c[D_CBC_128_CML][testnum]); count++)
2526 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2527 (size_t)lengths[testnum], &camellia_ks[0],
2528 iv, CAMELLIA_ENCRYPT);
2530 print_result(D_CBC_128_CML, testnum, count, d);
2533 if (doit[D_CBC_192_CML]) {
2534 if (async_jobs > 0) {
2535 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2536 names[D_CBC_192_CML]);
2537 doit[D_CBC_192_CML] = 0;
2539 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2540 print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][testnum],
2541 lengths[testnum], seconds.sym);
2542 if (async_jobs > 0) {
2543 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2547 for (count = 0; COND(c[D_CBC_192_CML][testnum]); count++)
2548 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2549 (size_t)lengths[testnum], &camellia_ks[1],
2550 iv, CAMELLIA_ENCRYPT);
2552 print_result(D_CBC_192_CML, testnum, count, d);
2555 if (doit[D_CBC_256_CML]) {
2556 if (async_jobs > 0) {
2557 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2558 names[D_CBC_256_CML]);
2559 doit[D_CBC_256_CML] = 0;
2561 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2562 print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][testnum],
2563 lengths[testnum], seconds.sym);
2565 for (count = 0; COND(c[D_CBC_256_CML][testnum]); count++)
2566 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2567 (size_t)lengths[testnum], &camellia_ks[2],
2568 iv, CAMELLIA_ENCRYPT);
2570 print_result(D_CBC_256_CML, testnum, count, d);
2574 #if !defined(OPENSSL_NO_IDEA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2575 if (doit[D_CBC_IDEA]) {
2576 if (async_jobs > 0) {
2577 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2579 doit[D_CBC_IDEA] = 0;
2581 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2582 print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][testnum],
2583 lengths[testnum], seconds.sym);
2585 for (count = 0; COND(c[D_CBC_IDEA][testnum]); count++)
2586 IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2587 (size_t)lengths[testnum], &idea_ks,
2590 print_result(D_CBC_IDEA, testnum, count, d);
2594 #if !defined(OPENSSL_NO_SEED) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2595 if (doit[D_CBC_SEED]) {
2596 if (async_jobs > 0) {
2597 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2599 doit[D_CBC_SEED] = 0;
2601 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2602 print_message(names[D_CBC_SEED], c[D_CBC_SEED][testnum],
2603 lengths[testnum], seconds.sym);
2605 for (count = 0; COND(c[D_CBC_SEED][testnum]); count++)
2606 SEED_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2607 (size_t)lengths[testnum], &seed_ks, iv, 1);
2609 print_result(D_CBC_SEED, testnum, count, d);
2613 #if !defined(OPENSSL_NO_RC2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2614 if (doit[D_CBC_RC2]) {
2615 if (async_jobs > 0) {
2616 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2618 doit[D_CBC_RC2] = 0;
2620 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2621 print_message(names[D_CBC_RC2], c[D_CBC_RC2][testnum],
2622 lengths[testnum], seconds.sym);
2623 if (async_jobs > 0) {
2624 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2628 for (count = 0; COND(c[D_CBC_RC2][testnum]); count++)
2629 RC2_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2630 (size_t)lengths[testnum], &rc2_ks,
2633 print_result(D_CBC_RC2, testnum, count, d);
2637 #if !defined(OPENSSL_NO_RC5) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2638 if (doit[D_CBC_RC5]) {
2639 if (async_jobs > 0) {
2640 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2642 doit[D_CBC_RC5] = 0;
2644 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2645 print_message(names[D_CBC_RC5], c[D_CBC_RC5][testnum],
2646 lengths[testnum], seconds.sym);
2647 if (async_jobs > 0) {
2648 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2652 for (count = 0; COND(c[D_CBC_RC5][testnum]); count++)
2653 RC5_32_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2654 (size_t)lengths[testnum], &rc5_ks,
2657 print_result(D_CBC_RC5, testnum, count, d);
2661 #if !defined(OPENSSL_NO_BF) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2662 if (doit[D_CBC_BF]) {
2663 if (async_jobs > 0) {
2664 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2668 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2669 print_message(names[D_CBC_BF], c[D_CBC_BF][testnum],
2670 lengths[testnum], seconds.sym);
2672 for (count = 0; COND(c[D_CBC_BF][testnum]); count++)
2673 BF_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2674 (size_t)lengths[testnum], &bf_ks,
2677 print_result(D_CBC_BF, testnum, count, d);
2681 #if !defined(OPENSSL_NO_CAST) && !defined(OPENSSL_NO_DEPRECATED_3_0)
2682 if (doit[D_CBC_CAST]) {
2683 if (async_jobs > 0) {
2684 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2686 doit[D_CBC_CAST] = 0;
2688 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2689 print_message(names[D_CBC_CAST], c[D_CBC_CAST][testnum],
2690 lengths[testnum], seconds.sym);
2692 for (count = 0; COND(c[D_CBC_CAST][testnum]); count++)
2693 CAST_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2694 (size_t)lengths[testnum], &cast_ks,
2697 print_result(D_CBC_CAST, testnum, count, d);
2702 for (testnum = 0; testnum < size_num; testnum++) {
2703 print_message(names[D_RAND], c[D_RAND][testnum], lengths[testnum],
2706 count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs);
2708 print_result(D_RAND, testnum, count, d);
2713 if (evp_cipher != NULL) {
2714 int (*loopfunc) (void *) = EVP_Update_loop;
2716 if (multiblock && (EVP_CIPHER_flags(evp_cipher) &
2717 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
2718 multiblock_speed(evp_cipher, lengths_single, &seconds);
2723 names[D_EVP] = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
2725 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_CCM_MODE) {
2726 loopfunc = EVP_Update_loop_ccm;
2727 } else if (aead && (EVP_CIPHER_flags(evp_cipher) &
2728 EVP_CIPH_FLAG_AEAD_CIPHER)) {
2729 loopfunc = EVP_Update_loop_aead;
2730 if (lengths == lengths_list) {
2731 lengths = aead_lengths_list;
2732 size_num = OSSL_NELEM(aead_lengths_list);
2736 for (testnum = 0; testnum < size_num; testnum++) {
2737 print_message(names[D_EVP], c[D_EVP][testnum], lengths[testnum],
2740 for (k = 0; k < loopargs_len; k++) {
2741 loopargs[k].ctx = EVP_CIPHER_CTX_new();
2742 if (loopargs[k].ctx == NULL) {
2743 BIO_printf(bio_err, "\nEVP_CIPHER_CTX_new failure\n");
2746 if (!EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL,
2747 NULL, iv, decrypt ? 0 : 1)) {
2748 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2749 ERR_print_errors(bio_err);
2753 EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
2755 keylen = EVP_CIPHER_CTX_key_length(loopargs[k].ctx);
2756 loopargs[k].key = app_malloc(keylen, "evp_cipher key");
2757 EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key);
2758 if (!EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
2759 loopargs[k].key, NULL, -1)) {
2760 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2761 ERR_print_errors(bio_err);
2764 OPENSSL_clear_free(loopargs[k].key, keylen);
2766 /* SIV mode only allows for a single Update operation */
2767 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_SIV_MODE)
2768 EVP_CIPHER_CTX_ctrl(loopargs[k].ctx, EVP_CTRL_SET_SPEED, 1, NULL);
2772 count = run_benchmark(async_jobs, loopfunc, loopargs);
2774 for (k = 0; k < loopargs_len; k++) {
2775 EVP_CIPHER_CTX_free(loopargs[k].ctx);
2777 print_result(D_EVP, testnum, count, d);
2779 } else if (evp_md != NULL) {
2780 names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md));
2782 for (testnum = 0; testnum < size_num; testnum++) {
2783 print_message(names[D_EVP], c[D_EVP][testnum], lengths[testnum],
2786 count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs);
2788 print_result(D_EVP, testnum, count, d);
2793 if (doit[D_EVP_HMAC] && evp_hmac_md != NULL) {
2794 const char *md_name = OBJ_nid2ln(EVP_MD_type(evp_hmac_md));
2796 evp_hmac_name = app_malloc(sizeof("HMAC()") + strlen(md_name),
2798 sprintf(evp_hmac_name, "HMAC(%s)", md_name);
2799 names[D_EVP_HMAC] = evp_hmac_name;
2801 for (testnum = 0; testnum < size_num; testnum++) {
2802 print_message(names[D_EVP_HMAC], c[D_EVP_HMAC][testnum], lengths[testnum],
2805 count = run_benchmark(async_jobs, EVP_HMAC_loop, loopargs);
2807 print_result(D_EVP_HMAC, testnum, count, d);
2811 #ifndef OPENSSL_NO_CMAC
2812 if (doit[D_EVP_CMAC] && evp_cmac_cipher != NULL) {
2813 const char *cipher_name = OBJ_nid2ln(EVP_CIPHER_type(evp_cmac_cipher));
2815 evp_cmac_name = app_malloc(sizeof("CMAC()") + strlen(cipher_name),
2817 sprintf(evp_cmac_name, "CMAC(%s)", cipher_name);
2818 names[D_EVP_CMAC] = evp_cmac_name;
2820 for (i = 0; i < loopargs_len; i++) {
2821 loopargs[i].cmac_ctx = CMAC_CTX_new();
2822 if (loopargs[i].cmac_ctx == NULL) {
2823 BIO_printf(bio_err, "CMAC malloc failure, exiting...");
2827 for (testnum = 0; testnum < size_num; testnum++) {
2828 print_message(names[D_EVP_CMAC], c[D_EVP_CMAC][testnum], lengths[testnum],
2831 count = run_benchmark(async_jobs, EVP_CMAC_loop, loopargs);
2833 print_result(D_EVP_CMAC, testnum, count, d);
2835 for (i = 0; i < loopargs_len; i++)
2836 CMAC_CTX_free(loopargs[i].cmac_ctx);
2840 for (i = 0; i < loopargs_len; i++)
2841 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2844 #ifndef OPENSSL_NO_RSA
2845 for (testnum = 0; testnum < RSA_NUM; testnum++) {
2847 if (!rsa_doit[testnum])
2849 for (i = 0; i < loopargs_len; i++) {
2850 if (primes > RSA_DEFAULT_PRIME_NUM) {
2851 /* we haven't set keys yet, generate multi-prime RSA keys */
2852 BIGNUM *bn = BN_new();
2856 if (!BN_set_word(bn, RSA_F4)) {
2861 BIO_printf(bio_err, "Generate multi-prime RSA key for %s\n",
2862 rsa_choices[testnum].name);
2864 loopargs[i].rsa_key[testnum] = RSA_new();
2865 if (loopargs[i].rsa_key[testnum] == NULL) {
2870 if (!RSA_generate_multi_prime_key(loopargs[i].rsa_key[testnum],
2871 rsa_keys[testnum].bits,
2872 primes, bn, NULL)) {
2878 st = RSA_sign(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2879 &loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2885 "RSA sign failure. No RSA sign will be done.\n");
2886 ERR_print_errors(bio_err);
2889 pkey_print_message("private", "rsa",
2890 rsa_c[testnum][0], rsa_keys[testnum].bits,
2892 /* RSA_blinding_on(rsa_key[testnum],NULL); */
2894 count = run_benchmark(async_jobs, RSA_sign_loop, loopargs);
2897 mr ? "+R1:%ld:%d:%.2f\n"
2898 : "%ld %u bits private RSA's in %.2fs\n",
2899 count, rsa_keys[testnum].bits, d);
2900 rsa_results[testnum][0] = (double)count / d;
2904 for (i = 0; i < loopargs_len; i++) {
2905 st = RSA_verify(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2906 loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2912 "RSA verify failure. No RSA verify will be done.\n");
2913 ERR_print_errors(bio_err);
2914 rsa_doit[testnum] = 0;
2916 pkey_print_message("public", "rsa",
2917 rsa_c[testnum][1], rsa_keys[testnum].bits,
2920 count = run_benchmark(async_jobs, RSA_verify_loop, loopargs);
2923 mr ? "+R2:%ld:%d:%.2f\n"
2924 : "%ld %u bits public RSA's in %.2fs\n",
2925 count, rsa_keys[testnum].bits, d);
2926 rsa_results[testnum][1] = (double)count / d;
2929 if (rsa_count <= 1) {
2930 /* if longer than 10s, don't do any more */
2931 stop_it(rsa_doit, testnum);
2934 #endif /* OPENSSL_NO_RSA */
2936 for (i = 0; i < loopargs_len; i++)
2937 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2940 #ifndef OPENSSL_NO_DSA
2941 for (testnum = 0; testnum < DSA_NUM; testnum++) {
2943 if (!dsa_doit[testnum])
2946 /* DSA_generate_key(dsa_key[testnum]); */
2947 /* DSA_sign_setup(dsa_key[testnum],NULL); */
2948 for (i = 0; i < loopargs_len; i++) {
2949 st = DSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
2950 &loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2956 "DSA sign failure. No DSA sign will be done.\n");
2957 ERR_print_errors(bio_err);
2960 pkey_print_message("sign", "dsa",
2961 dsa_c[testnum][0], dsa_bits[testnum],
2964 count = run_benchmark(async_jobs, DSA_sign_loop, loopargs);
2967 mr ? "+R3:%ld:%u:%.2f\n"
2968 : "%ld %u bits DSA signs in %.2fs\n",
2969 count, dsa_bits[testnum], d);
2970 dsa_results[testnum][0] = (double)count / d;
2974 for (i = 0; i < loopargs_len; i++) {
2975 st = DSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
2976 loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2982 "DSA verify failure. No DSA verify will be done.\n");
2983 ERR_print_errors(bio_err);
2984 dsa_doit[testnum] = 0;
2986 pkey_print_message("verify", "dsa",
2987 dsa_c[testnum][1], dsa_bits[testnum],
2990 count = run_benchmark(async_jobs, DSA_verify_loop, loopargs);
2993 mr ? "+R4:%ld:%u:%.2f\n"
2994 : "%ld %u bits DSA verify in %.2fs\n",
2995 count, dsa_bits[testnum], d);
2996 dsa_results[testnum][1] = (double)count / d;
2999 if (rsa_count <= 1) {
3000 /* if longer than 10s, don't do any more */
3001 stop_it(dsa_doit, testnum);
3004 #endif /* OPENSSL_NO_DSA */
3006 #ifndef OPENSSL_NO_EC
3007 for (testnum = 0; testnum < ECDSA_NUM; testnum++) {
3010 if (!ecdsa_doit[testnum])
3011 continue; /* Ignore Curve */
3012 for (i = 0; i < loopargs_len; i++) {
3013 loopargs[i].ecdsa[testnum] =
3014 EC_KEY_new_by_curve_name(ec_curves[testnum].nid);
3015 if (loopargs[i].ecdsa[testnum] == NULL) {
3021 BIO_printf(bio_err, "ECDSA failure.\n");
3022 ERR_print_errors(bio_err);
3025 for (i = 0; i < loopargs_len; i++) {
3026 EC_KEY_precompute_mult(loopargs[i].ecdsa[testnum], NULL);
3027 /* Perform ECDSA signature test */
3028 EC_KEY_generate_key(loopargs[i].ecdsa[testnum]);
3029 st = ECDSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
3030 &loopargs[i].siglen,
3031 loopargs[i].ecdsa[testnum]);
3037 "ECDSA sign failure. No ECDSA sign will be done.\n");
3038 ERR_print_errors(bio_err);
3041 pkey_print_message("sign", "ecdsa",
3042 ecdsa_c[testnum][0],
3043 ec_curves[testnum].bits, seconds.ecdsa);
3045 count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs);
3049 mr ? "+R5:%ld:%u:%.2f\n" :
3050 "%ld %u bits ECDSA signs in %.2fs \n",
3051 count, ec_curves[testnum].bits, d);
3052 ecdsa_results[testnum][0] = (double)count / d;
3056 /* Perform ECDSA verification test */
3057 for (i = 0; i < loopargs_len; i++) {
3058 st = ECDSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
3060 loopargs[i].ecdsa[testnum]);
3066 "ECDSA verify failure. No ECDSA verify will be done.\n");
3067 ERR_print_errors(bio_err);
3068 ecdsa_doit[testnum] = 0;
3070 pkey_print_message("verify", "ecdsa",
3071 ecdsa_c[testnum][1],
3072 ec_curves[testnum].bits, seconds.ecdsa);
3074 count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs);
3077 mr ? "+R6:%ld:%u:%.2f\n"
3078 : "%ld %u bits ECDSA verify in %.2fs\n",
3079 count, ec_curves[testnum].bits, d);
3080 ecdsa_results[testnum][1] = (double)count / d;
3083 if (rsa_count <= 1) {
3084 /* if longer than 10s, don't do any more */
3085 stop_it(ecdsa_doit, testnum);
3090 for (testnum = 0; testnum < EC_NUM; testnum++) {
3091 int ecdh_checks = 1;
3093 if (!ecdh_doit[testnum])
3096 for (i = 0; i < loopargs_len; i++) {
3097 EVP_PKEY_CTX *kctx = NULL;
3098 EVP_PKEY_CTX *test_ctx = NULL;
3099 EVP_PKEY_CTX *ctx = NULL;
3100 EVP_PKEY *key_A = NULL;
3101 EVP_PKEY *key_B = NULL;
3105 /* Ensure that the error queue is empty */
3106 if (ERR_peek_error()) {
3108 "WARNING: the error queue contains previous unhandled errors.\n");
3109 ERR_print_errors(bio_err);
3112 /* Let's try to create a ctx directly from the NID: this works for
3113 * curves like Curve25519 that are not implemented through the low
3114 * level EC interface.
3115 * If this fails we try creating a EVP_PKEY_EC generic param ctx,
3116 * then we set the curve by NID before deriving the actual keygen
3117 * ctx for that specific curve. */
3118 kctx = EVP_PKEY_CTX_new_id(ec_curves[testnum].nid, NULL); /* keygen ctx from NID */
3120 EVP_PKEY_CTX *pctx = NULL;
3121 EVP_PKEY *params = NULL;
3123 /* If we reach this code EVP_PKEY_CTX_new_id() failed and a
3124 * "int_ctx_new:unsupported algorithm" error was added to the
3126 * We remove it from the error queue as we are handling it. */
3127 unsigned long error = ERR_peek_error(); /* peek the latest error in the queue */
3128 if (error == ERR_peek_last_error() && /* oldest and latest errors match */
3129 /* check that the error origin matches */
3130 ERR_GET_LIB(error) == ERR_LIB_EVP &&
3131 ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM)
3132 ERR_get_error(); /* pop error from queue */
3133 if (ERR_peek_error()) {
3135 "Unhandled error in the error queue during ECDH init.\n");
3136 ERR_print_errors(bio_err);
3141 /* Create the context for parameter generation */
3142 if (!(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) ||
3143 /* Initialise the parameter generation */
3144 !EVP_PKEY_paramgen_init(pctx) ||
3145 /* Set the curve by NID */
3146 !EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3149 /* Create the parameter object params */
3150 !EVP_PKEY_paramgen(pctx, ¶ms)) {
3152 BIO_printf(bio_err, "ECDH EC params init failure.\n");
3153 ERR_print_errors(bio_err);
3157 /* Create the context for the key generation */
3158 kctx = EVP_PKEY_CTX_new(params, NULL);
3160 EVP_PKEY_free(params);
3162 EVP_PKEY_CTX_free(pctx);
3165 if (kctx == NULL || /* keygen ctx is not null */
3166 EVP_PKEY_keygen_init(kctx) <= 0/* init keygen ctx */ ) {
3168 BIO_printf(bio_err, "ECDH keygen failure.\n");
3169 ERR_print_errors(bio_err);
3174 if (EVP_PKEY_keygen(kctx, &key_A) <= 0 || /* generate secret key A */
3175 EVP_PKEY_keygen(kctx, &key_B) <= 0 || /* generate secret key B */
3176 !(ctx = EVP_PKEY_CTX_new(key_A, NULL)) || /* derivation ctx from skeyA */
3177 EVP_PKEY_derive_init(ctx) <= 0 || /* init derivation ctx */
3178 EVP_PKEY_derive_set_peer(ctx, key_B) <= 0 || /* set peer pubkey in ctx */
3179 EVP_PKEY_derive(ctx, NULL, &outlen) <= 0 || /* determine max length */
3180 outlen == 0 || /* ensure outlen is a valid size */
3181 outlen > MAX_ECDH_SIZE /* avoid buffer overflow */ ) {
3183 BIO_printf(bio_err, "ECDH key generation failure.\n");
3184 ERR_print_errors(bio_err);
3189 /* Here we perform a test run, comparing the output of a*B and b*A;
3190 * we try this here and assume that further EVP_PKEY_derive calls
3191 * never fail, so we can skip checks in the actually benchmarked
3192 * code, for maximum performance. */
3193 if (!(test_ctx = EVP_PKEY_CTX_new(key_B, NULL)) || /* test ctx from skeyB */
3194 !EVP_PKEY_derive_init(test_ctx) || /* init derivation test_ctx */
3195 !EVP_PKEY_derive_set_peer(test_ctx, key_A) || /* set peer pubkey in test_ctx */
3196 !EVP_PKEY_derive(test_ctx, NULL, &test_outlen) || /* determine max length */
3197 !EVP_PKEY_derive(ctx, loopargs[i].secret_a, &outlen) || /* compute a*B */
3198 !EVP_PKEY_derive(test_ctx, loopargs[i].secret_b, &test_outlen) || /* compute b*A */
3199 test_outlen != outlen /* compare output length */ ) {
3201 BIO_printf(bio_err, "ECDH computation failure.\n");
3202 ERR_print_errors(bio_err);
3207 /* Compare the computation results: CRYPTO_memcmp() returns 0 if equal */
3208 if (CRYPTO_memcmp(loopargs[i].secret_a,
3209 loopargs[i].secret_b, outlen)) {
3211 BIO_printf(bio_err, "ECDH computations don't match.\n");
3212 ERR_print_errors(bio_err);
3217 loopargs[i].ecdh_ctx[testnum] = ctx;
3218 loopargs[i].outlen[testnum] = outlen;
3220 EVP_PKEY_free(key_A);
3221 EVP_PKEY_free(key_B);
3222 EVP_PKEY_CTX_free(kctx);
3224 EVP_PKEY_CTX_free(test_ctx);
3227 if (ecdh_checks != 0) {
3228 pkey_print_message("", "ecdh",
3230 ec_curves[testnum].bits, seconds.ecdh);
3233 run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs);
3236 mr ? "+R7:%ld:%d:%.2f\n" :
3237 "%ld %u-bits ECDH ops in %.2fs\n", count,
3238 ec_curves[testnum].bits, d);
3239 ecdh_results[testnum][0] = (double)count / d;
3243 if (rsa_count <= 1) {
3244 /* if longer than 10s, don't do any more */
3245 stop_it(ecdh_doit, testnum);
3249 for (testnum = 0; testnum < EdDSA_NUM; testnum++) {
3251 EVP_PKEY *ed_pkey = NULL;
3252 EVP_PKEY_CTX *ed_pctx = NULL;
3254 if (!eddsa_doit[testnum])
3255 continue; /* Ignore Curve */
3256 for (i = 0; i < loopargs_len; i++) {
3257 loopargs[i].eddsa_ctx[testnum] = EVP_MD_CTX_new();
3258 if (loopargs[i].eddsa_ctx[testnum] == NULL) {
3263 if ((ed_pctx = EVP_PKEY_CTX_new_id(ed_curves[testnum].nid, NULL))
3265 || EVP_PKEY_keygen_init(ed_pctx) <= 0
3266 || EVP_PKEY_keygen(ed_pctx, &ed_pkey) <= 0) {
3268 EVP_PKEY_CTX_free(ed_pctx);
3271 EVP_PKEY_CTX_free(ed_pctx);
3273 if (!EVP_DigestSignInit(loopargs[i].eddsa_ctx[testnum], NULL, NULL,
3276 EVP_PKEY_free(ed_pkey);
3279 EVP_PKEY_free(ed_pkey);
3282 BIO_printf(bio_err, "EdDSA failure.\n");
3283 ERR_print_errors(bio_err);
3286 for (i = 0; i < loopargs_len; i++) {
3287 /* Perform EdDSA signature test */
3288 loopargs[i].sigsize = ed_curves[testnum].sigsize;
3289 st = EVP_DigestSign(loopargs[i].eddsa_ctx[testnum],
3290 loopargs[i].buf2, &loopargs[i].sigsize,
3291 loopargs[i].buf, 20);
3297 "EdDSA sign failure. No EdDSA sign will be done.\n");
3298 ERR_print_errors(bio_err);
3301 pkey_print_message("sign", ed_curves[testnum].name,
3302 eddsa_c[testnum][0],
3303 ed_curves[testnum].bits, seconds.eddsa);
3305 count = run_benchmark(async_jobs, EdDSA_sign_loop, loopargs);
3309 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3310 "%ld %u bits %s signs in %.2fs \n",
3311 count, ed_curves[testnum].bits,
3312 ed_curves[testnum].name, d);
3313 eddsa_results[testnum][0] = (double)count / d;
3317 /* Perform EdDSA verification test */
3318 for (i = 0; i < loopargs_len; i++) {
3319 st = EVP_DigestVerify(loopargs[i].eddsa_ctx[testnum],
3320 loopargs[i].buf2, loopargs[i].sigsize,
3321 loopargs[i].buf, 20);
3327 "EdDSA verify failure. No EdDSA verify will be done.\n");
3328 ERR_print_errors(bio_err);
3329 eddsa_doit[testnum] = 0;
3331 pkey_print_message("verify", ed_curves[testnum].name,
3332 eddsa_c[testnum][1],
3333 ed_curves[testnum].bits, seconds.eddsa);
3335 count = run_benchmark(async_jobs, EdDSA_verify_loop, loopargs);
3338 mr ? "+R9:%ld:%u:%s:%.2f\n"
3339 : "%ld %u bits %s verify in %.2fs\n",
3340 count, ed_curves[testnum].bits,
3341 ed_curves[testnum].name, d);
3342 eddsa_results[testnum][1] = (double)count / d;
3345 if (rsa_count <= 1) {
3346 /* if longer than 10s, don't do any more */
3347 stop_it(eddsa_doit, testnum);
3352 # ifndef OPENSSL_NO_SM2
3353 for (testnum = 0; testnum < SM2_NUM; testnum++) {
3355 EVP_PKEY *sm2_pkey = NULL;
3357 if (!sm2_doit[testnum])
3358 continue; /* Ignore Curve */
3359 /* Init signing and verification */
3360 for (i = 0; i < loopargs_len; i++) {
3361 EVP_PKEY_CTX *sm2_pctx = NULL;
3362 EVP_PKEY_CTX *sm2_vfy_pctx = NULL;
3363 EVP_PKEY_CTX *pctx = NULL;
3366 loopargs[i].sm2_ctx[testnum] = EVP_MD_CTX_new();
3367 loopargs[i].sm2_vfy_ctx[testnum] = EVP_MD_CTX_new();
3368 if (loopargs[i].sm2_ctx[testnum] == NULL
3369 || loopargs[i].sm2_vfy_ctx[testnum] == NULL)
3372 /* SM2 keys are generated as normal EC keys with a special curve */
3373 st = !((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) == NULL
3374 || EVP_PKEY_keygen_init(pctx) <= 0
3375 || EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3376 sm2_curves[testnum].nid) <= 0
3377 || EVP_PKEY_keygen(pctx, &sm2_pkey) <= 0);
3378 EVP_PKEY_CTX_free(pctx);
3382 st = 0; /* set back to zero */
3383 /* attach it sooner to rely on main final cleanup */
3384 loopargs[i].sm2_pkey[testnum] = sm2_pkey;
3385 loopargs[i].sigsize = ECDSA_size(EVP_PKEY_get0_EC_KEY(sm2_pkey));
3386 if (!EVP_PKEY_set_alias_type(sm2_pkey, EVP_PKEY_SM2))
3389 sm2_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3390 sm2_vfy_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3391 if (sm2_pctx == NULL || sm2_vfy_pctx == NULL) {
3392 EVP_PKEY_CTX_free(sm2_vfy_pctx);
3395 /* attach them directly to respective ctx */
3396 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_ctx[testnum], sm2_pctx);
3397 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_vfy_ctx[testnum], sm2_vfy_pctx);
3400 * No need to allow user to set an explicit ID here, just use
3401 * the one defined in the 'draft-yang-tls-tl13-sm-suites' I-D.
3403 if (EVP_PKEY_CTX_set1_id(sm2_pctx, SM2_ID, SM2_ID_LEN) != 1
3404 || EVP_PKEY_CTX_set1_id(sm2_vfy_pctx, SM2_ID, SM2_ID_LEN) != 1)
3407 if (!EVP_DigestSignInit(loopargs[i].sm2_ctx[testnum], NULL,
3408 EVP_sm3(), NULL, sm2_pkey))
3410 if (!EVP_DigestVerifyInit(loopargs[i].sm2_vfy_ctx[testnum], NULL,
3411 EVP_sm3(), NULL, sm2_pkey))
3413 st = 1; /* mark loop as succeeded */
3416 BIO_printf(bio_err, "SM2 init failure.\n");
3417 ERR_print_errors(bio_err);
3420 for (i = 0; i < loopargs_len; i++) {
3421 size_t sm2_sigsize = loopargs[i].sigsize;
3423 /* Perform SM2 signature test */
3424 st = EVP_DigestSign(loopargs[i].sm2_ctx[testnum],
3425 loopargs[i].buf2, &sm2_sigsize,
3426 loopargs[i].buf, 20);
3432 "SM2 sign failure. No SM2 sign will be done.\n");
3433 ERR_print_errors(bio_err);
3436 pkey_print_message("sign", sm2_curves[testnum].name,
3438 sm2_curves[testnum].bits, seconds.sm2);
3440 count = run_benchmark(async_jobs, SM2_sign_loop, loopargs);
3444 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3445 "%ld %u bits %s signs in %.2fs \n",
3446 count, sm2_curves[testnum].bits,
3447 sm2_curves[testnum].name, d);
3448 sm2_results[testnum][0] = (double)count / d;
3452 /* Perform SM2 verification test */
3453 for (i = 0; i < loopargs_len; i++) {
3454 st = EVP_DigestVerify(loopargs[i].sm2_vfy_ctx[testnum],
3455 loopargs[i].buf2, loopargs[i].sigsize,
3456 loopargs[i].buf, 20);
3462 "SM2 verify failure. No SM2 verify will be done.\n");
3463 ERR_print_errors(bio_err);
3464 sm2_doit[testnum] = 0;
3466 pkey_print_message("verify", sm2_curves[testnum].name,
3468 sm2_curves[testnum].bits, seconds.sm2);
3470 count = run_benchmark(async_jobs, SM2_verify_loop, loopargs);
3473 mr ? "+R9:%ld:%u:%s:%.2f\n"
3474 : "%ld %u bits %s verify in %.2fs\n",
3475 count, sm2_curves[testnum].bits,
3476 sm2_curves[testnum].name, d);
3477 sm2_results[testnum][1] = (double)count / d;
3480 if (rsa_count <= 1) {
3481 /* if longer than 10s, don't do any more */
3482 for (testnum++; testnum < SM2_NUM; testnum++)
3483 sm2_doit[testnum] = 0;
3487 # endif /* OPENSSL_NO_SM2 */
3489 #endif /* OPENSSL_NO_EC */
3494 printf("version: %s\n", OpenSSL_version(OPENSSL_FULL_VERSION_STRING));
3495 printf("built on: %s\n", OpenSSL_version(OPENSSL_BUILT_ON));
3497 printf("%s ", BN_options());
3498 #if !defined(OPENSSL_NO_MD2) && !defined(OPENSSL_NO_DEPRECATED_3_0)
3499 printf("%s ", MD2_options());
3501 #if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_DEPRECATED_3_0)
3502 printf("%s ", RC4_options());
3504 #if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_DEPRECATED_3_0)
3505 printf("%s ", DES_options());
3507 #ifndef OPENSSL_NO_DEPRECATED_3_0
3508 printf("%s ", AES_options());
3510 #if !defined(OPENSSL_NO_IDEA) && !defined(OPENSSL_NO_DEPRECATED_3_0)
3511 printf("%s ", IDEA_options());
3513 #if !defined(OPENSSL_NO_BF) && !defined(OPENSSL_NO_DEPRECATED_3_0)
3514 printf("%s ", BF_options());
3516 printf("\n%s\n", OpenSSL_version(OPENSSL_CFLAGS));
3517 printf("%s\n", OpenSSL_version(OPENSSL_CPU_INFO));
3525 ("The 'numbers' are in 1000s of bytes per second processed.\n");
3528 for (testnum = 0; testnum < size_num; testnum++)
3529 printf(mr ? ":%d" : "%7d bytes", lengths[testnum]);
3533 for (k = 0; k < ALGOR_NUM; k++) {
3537 printf("+F:%u:%s", k, names[k]);
3539 printf("%-13s", names[k]);
3540 for (testnum = 0; testnum < size_num; testnum++) {
3541 if (results[k][testnum] > 10000 && !mr)
3542 printf(" %11.2fk", results[k][testnum] / 1e3);
3544 printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]);
3548 #ifndef OPENSSL_NO_RSA
3550 for (k = 0; k < RSA_NUM; k++) {
3553 if (testnum && !mr) {
3554 printf("%18ssign verify sign/s verify/s\n", " ");
3558 printf("+F2:%u:%u:%f:%f\n",
3559 k, rsa_keys[k].bits, rsa_results[k][0], rsa_results[k][1]);
3561 printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3562 rsa_keys[k].bits, 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1],
3563 rsa_results[k][0], rsa_results[k][1]);
3566 #ifndef OPENSSL_NO_DSA
3568 for (k = 0; k < DSA_NUM; k++) {
3571 if (testnum && !mr) {
3572 printf("%18ssign verify sign/s verify/s\n", " ");
3576 printf("+F3:%u:%u:%f:%f\n",
3577 k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
3579 printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3580 dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1],
3581 dsa_results[k][0], dsa_results[k][1]);
3584 #ifndef OPENSSL_NO_EC
3586 for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) {
3589 if (testnum && !mr) {
3590 printf("%30ssign verify sign/s verify/s\n", " ");
3595 printf("+F4:%u:%u:%f:%f\n",
3596 k, ec_curves[k].bits,
3597 ecdsa_results[k][0], ecdsa_results[k][1]);
3599 printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3600 ec_curves[k].bits, ec_curves[k].name,
3601 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1],
3602 ecdsa_results[k][0], ecdsa_results[k][1]);
3606 for (k = 0; k < EC_NUM; k++) {
3609 if (testnum && !mr) {
3610 printf("%30sop op/s\n", " ");
3614 printf("+F5:%u:%u:%f:%f\n",
3615 k, ec_curves[k].bits,
3616 ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
3619 printf("%4u bits ecdh (%s) %8.4fs %8.1f\n",
3620 ec_curves[k].bits, ec_curves[k].name,
3621 1.0 / ecdh_results[k][0], ecdh_results[k][0]);
3625 for (k = 0; k < OSSL_NELEM(eddsa_doit); k++) {
3628 if (testnum && !mr) {
3629 printf("%30ssign verify sign/s verify/s\n", " ");
3634 printf("+F6:%u:%u:%s:%f:%f\n",
3635 k, ed_curves[k].bits, ed_curves[k].name,
3636 eddsa_results[k][0], eddsa_results[k][1]);
3638 printf("%4u bits EdDSA (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3639 ed_curves[k].bits, ed_curves[k].name,
3640 1.0 / eddsa_results[k][0], 1.0 / eddsa_results[k][1],
3641 eddsa_results[k][0], eddsa_results[k][1]);
3644 # ifndef OPENSSL_NO_SM2
3646 for (k = 0; k < OSSL_NELEM(sm2_doit); k++) {
3649 if (testnum && !mr) {
3650 printf("%30ssign verify sign/s verify/s\n", " ");
3655 printf("+F6:%u:%u:%s:%f:%f\n",
3656 k, sm2_curves[k].bits, sm2_curves[k].name,
3657 sm2_results[k][0], sm2_results[k][1]);
3659 printf("%4u bits SM2 (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3660 sm2_curves[k].bits, sm2_curves[k].name,
3661 1.0 / sm2_results[k][0], 1.0 / sm2_results[k][1],
3662 sm2_results[k][0], sm2_results[k][1]);
3665 #endif /* OPENSSL_NO_EC */
3670 ERR_print_errors(bio_err);
3671 for (i = 0; i < loopargs_len; i++) {
3672 OPENSSL_free(loopargs[i].buf_malloc);
3673 OPENSSL_free(loopargs[i].buf2_malloc);
3675 #ifndef OPENSSL_NO_RSA
3676 for (k = 0; k < RSA_NUM; k++)
3677 RSA_free(loopargs[i].rsa_key[k]);
3679 #ifndef OPENSSL_NO_DSA
3680 for (k = 0; k < DSA_NUM; k++)
3681 DSA_free(loopargs[i].dsa_key[k]);
3683 #ifndef OPENSSL_NO_EC
3684 for (k = 0; k < ECDSA_NUM; k++)
3685 EC_KEY_free(loopargs[i].ecdsa[k]);
3686 for (k = 0; k < EC_NUM; k++)
3687 EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]);
3688 for (k = 0; k < EdDSA_NUM; k++)
3689 EVP_MD_CTX_free(loopargs[i].eddsa_ctx[k]);
3690 # ifndef OPENSSL_NO_SM2
3691 for (k = 0; k < SM2_NUM; k++) {
3692 EVP_PKEY_CTX *pctx = NULL;
3694 /* free signing ctx */
3695 if (loopargs[i].sm2_ctx[k] != NULL
3696 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_ctx[k])) != NULL)
3697 EVP_PKEY_CTX_free(pctx);
3698 EVP_MD_CTX_free(loopargs[i].sm2_ctx[k]);
3699 /* free verification ctx */
3700 if (loopargs[i].sm2_vfy_ctx[k] != NULL
3701 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_vfy_ctx[k])) != NULL)
3702 EVP_PKEY_CTX_free(pctx);
3703 EVP_MD_CTX_free(loopargs[i].sm2_vfy_ctx[k]);
3705 EVP_PKEY_free(loopargs[i].sm2_pkey[k]);
3708 OPENSSL_free(loopargs[i].secret_a);
3709 OPENSSL_free(loopargs[i].secret_b);
3712 OPENSSL_free(evp_hmac_name);
3713 #ifndef OPENSSL_NO_CMAC
3714 OPENSSL_free(evp_cmac_name);
3717 if (async_jobs > 0) {
3718 for (i = 0; i < loopargs_len; i++)
3719 ASYNC_WAIT_CTX_free(loopargs[i].wait_ctx);
3723 ASYNC_cleanup_thread();
3725 OPENSSL_free(loopargs);
3730 static void print_message(const char *s, long num, int length, int tm)
3734 mr ? "+DT:%s:%d:%d\n"
3735 : "Doing %s for %ds on %d size blocks: ", s, tm, length);
3736 (void)BIO_flush(bio_err);
3741 mr ? "+DN:%s:%ld:%d\n"
3742 : "Doing %s %ld times on %d size blocks: ", s, num, length);
3743 (void)BIO_flush(bio_err);
3747 static void pkey_print_message(const char *str, const char *str2, long num,
3748 unsigned int bits, int tm)
3752 mr ? "+DTP:%d:%s:%s:%d\n"
3753 : "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm);
3754 (void)BIO_flush(bio_err);
3759 mr ? "+DNP:%ld:%d:%s:%s\n"
3760 : "Doing %ld %u bits %s %s's: ", num, bits, str, str2);
3761 (void)BIO_flush(bio_err);
3765 static void print_result(int alg, int run_no, int count, double time_used)
3768 BIO_printf(bio_err, "%s error!\n", names[alg]);
3769 ERR_print_errors(bio_err);
3770 /* exit(1); disable exit until default provider enabled */
3774 mr ? "+R:%d:%s:%f\n"
3775 : "%d %s's in %.2fs\n", count, names[alg], time_used);
3776 results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
3780 static char *sstrsep(char **string, const char *delim)
3783 char *token = *string;
3788 memset(isdelim, 0, sizeof(isdelim));
3792 isdelim[(unsigned char)(*delim)] = 1;
3796 while (!isdelim[(unsigned char)(**string)]) {
3808 static int do_multi(int multi, int size_num)
3813 static char sep[] = ":";
3815 fds = app_malloc(sizeof(*fds) * multi, "fd buffer for do_multi");
3816 for (n = 0; n < multi; ++n) {
3817 if (pipe(fd) == -1) {
3818 BIO_printf(bio_err, "pipe failure\n");
3822 (void)BIO_flush(bio_err);
3829 if (dup(fd[1]) == -1) {
3830 BIO_printf(bio_err, "dup failed\n");
3839 printf("Forked child %d\n", n);
3842 /* for now, assume the pipe is long enough to take all the output */
3843 for (n = 0; n < multi; ++n) {
3848 f = fdopen(fds[n], "r");
3849 while (fgets(buf, sizeof(buf), f)) {
3850 p = strchr(buf, '\n');
3853 if (buf[0] != '+') {
3855 "Don't understand line '%s' from child %d\n", buf,
3859 printf("Got: %s from %d\n", buf, n);
3860 if (strncmp(buf, "+F:", 3) == 0) {
3865 alg = atoi(sstrsep(&p, sep));
3867 for (j = 0; j < size_num; ++j)
3868 results[alg][j] += atof(sstrsep(&p, sep));
3869 } else if (strncmp(buf, "+F2:", 4) == 0) {
3874 k = atoi(sstrsep(&p, sep));
3877 d = atof(sstrsep(&p, sep));
3878 rsa_results[k][0] += d;
3880 d = atof(sstrsep(&p, sep));
3881 rsa_results[k][1] += d;
3883 # ifndef OPENSSL_NO_DSA
3884 else if (strncmp(buf, "+F3:", 4) == 0) {
3889 k = atoi(sstrsep(&p, sep));
3892 d = atof(sstrsep(&p, sep));
3893 dsa_results[k][0] += d;
3895 d = atof(sstrsep(&p, sep));
3896 dsa_results[k][1] += d;
3899 # ifndef OPENSSL_NO_EC
3900 else if (strncmp(buf, "+F4:", 4) == 0) {
3905 k = atoi(sstrsep(&p, sep));
3908 d = atof(sstrsep(&p, sep));
3909 ecdsa_results[k][0] += d;
3911 d = atof(sstrsep(&p, sep));
3912 ecdsa_results[k][1] += d;
3913 } else if (strncmp(buf, "+F5:", 4) == 0) {
3918 k = atoi(sstrsep(&p, sep));
3921 d = atof(sstrsep(&p, sep));
3922 ecdh_results[k][0] += d;
3923 } else if (strncmp(buf, "+F6:", 4) == 0) {
3928 k = atoi(sstrsep(&p, sep));
3932 d = atof(sstrsep(&p, sep));
3933 eddsa_results[k][0] += d;
3935 d = atof(sstrsep(&p, sep));
3936 eddsa_results[k][1] += d;
3938 # ifndef OPENSSL_NO_SM2
3939 else if (strncmp(buf, "+F7:", 4) == 0) {
3944 k = atoi(sstrsep(&p, sep));
3947 d = atof(sstrsep(&p, sep));
3948 sm2_results[k][0] += d;
3950 d = atof(sstrsep(&p, sep));
3951 sm2_results[k][1] += d;
3953 # endif /* OPENSSL_NO_SM2 */
3956 else if (strncmp(buf, "+H:", 3) == 0) {
3959 BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf,
3970 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
3971 const openssl_speed_sec_t *seconds)
3973 static const int mblengths_list[] =
3974 { 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 };
3975 const int *mblengths = mblengths_list;
3976 int j, count, keylen, num = OSSL_NELEM(mblengths_list);
3977 const char *alg_name;
3978 unsigned char *inp, *out, *key, no_key[32], no_iv[16];
3979 EVP_CIPHER_CTX *ctx;
3982 if (lengths_single) {
3983 mblengths = &lengths_single;
3987 inp = app_malloc(mblengths[num - 1], "multiblock input buffer");
3988 out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer");
3989 ctx = EVP_CIPHER_CTX_new();
3990 EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv);
3992 keylen = EVP_CIPHER_CTX_key_length(ctx);
3993 key = app_malloc(keylen, "evp_cipher key");
3994 EVP_CIPHER_CTX_rand_key(ctx, key);
3995 EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
3996 OPENSSL_clear_free(key, keylen);
3998 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key), no_key);
3999 alg_name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
4001 for (j = 0; j < num; j++) {
4002 print_message(alg_name, 0, mblengths[j], seconds->sym);
4004 for (count = 0; run && count < 0x7fffffff; count++) {
4005 unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
4006 EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
4007 size_t len = mblengths[j];
4010 memset(aad, 0, 8); /* avoid uninitialized values */
4011 aad[8] = 23; /* SSL3_RT_APPLICATION_DATA */
4012 aad[9] = 3; /* version */
4014 aad[11] = 0; /* length */
4016 mb_param.out = NULL;
4019 mb_param.interleave = 8;
4021 packlen = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
4022 sizeof(mb_param), &mb_param);
4028 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
4029 sizeof(mb_param), &mb_param);
4033 RAND_bytes(out, 16);
4035 aad[11] = (unsigned char)(len >> 8);
4036 aad[12] = (unsigned char)(len);
4037 pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD,
4038 EVP_AEAD_TLS1_AAD_LEN, aad);
4039 EVP_Cipher(ctx, out, inp, len + pad);
4043 BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n"
4044 : "%d %s's in %.2fs\n", count, "evp", d);
4045 results[D_EVP][j] = ((double)count) / d * mblengths[j];
4049 fprintf(stdout, "+H");
4050 for (j = 0; j < num; j++)
4051 fprintf(stdout, ":%d", mblengths[j]);
4052 fprintf(stdout, "\n");
4053 fprintf(stdout, "+F:%d:%s", D_EVP, alg_name);
4054 for (j = 0; j < num; j++)
4055 fprintf(stdout, ":%.2f", results[D_EVP][j]);
4056 fprintf(stdout, "\n");
4059 "The 'numbers' are in 1000s of bytes per second processed.\n");
4060 fprintf(stdout, "type ");
4061 for (j = 0; j < num; j++)
4062 fprintf(stdout, "%7d bytes", mblengths[j]);
4063 fprintf(stdout, "\n");
4064 fprintf(stdout, "%-24s", alg_name);
4066 for (j = 0; j < num; j++) {
4067 if (results[D_EVP][j] > 10000)
4068 fprintf(stdout, " %11.2fk", results[D_EVP][j] / 1e3);
4070 fprintf(stdout, " %11.2f ", results[D_EVP][j]);
4072 fprintf(stdout, "\n");
4077 EVP_CIPHER_CTX_free(ctx);