2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
13 #define RSA_SECONDS 10
14 #define DSA_SECONDS 10
15 #define ECDSA_SECONDS 10
16 #define ECDH_SECONDS 10
17 #define EdDSA_SECONDS 10
25 #include <openssl/crypto.h>
26 #include <openssl/rand.h>
27 #include <openssl/err.h>
28 #include <openssl/evp.h>
29 #include <openssl/objects.h>
30 #include <openssl/async.h>
31 #if !defined(OPENSSL_SYS_MSDOS)
32 # include OPENSSL_UNISTD
39 #include <openssl/bn.h>
40 #ifndef OPENSSL_NO_DES
41 # include <openssl/des.h>
43 #include <openssl/aes.h>
44 #ifndef OPENSSL_NO_CAMELLIA
45 # include <openssl/camellia.h>
47 #ifndef OPENSSL_NO_MD2
48 # include <openssl/md2.h>
50 #ifndef OPENSSL_NO_MDC2
51 # include <openssl/mdc2.h>
53 #ifndef OPENSSL_NO_MD4
54 # include <openssl/md4.h>
56 #ifndef OPENSSL_NO_MD5
57 # include <openssl/md5.h>
59 #include <openssl/hmac.h>
60 #include <openssl/sha.h>
61 #ifndef OPENSSL_NO_RMD160
62 # include <openssl/ripemd.h>
64 #ifndef OPENSSL_NO_WHIRLPOOL
65 # include <openssl/whrlpool.h>
67 #ifndef OPENSSL_NO_RC4
68 # include <openssl/rc4.h>
70 #ifndef OPENSSL_NO_RC5
71 # include <openssl/rc5.h>
73 #ifndef OPENSSL_NO_RC2
74 # include <openssl/rc2.h>
76 #ifndef OPENSSL_NO_IDEA
77 # include <openssl/idea.h>
79 #ifndef OPENSSL_NO_SEED
80 # include <openssl/seed.h>
83 # include <openssl/blowfish.h>
85 #ifndef OPENSSL_NO_CAST
86 # include <openssl/cast.h>
88 #ifndef OPENSSL_NO_RSA
89 # include <openssl/rsa.h>
90 # include "./testrsa.h"
92 #include <openssl/x509.h>
93 #ifndef OPENSSL_NO_DSA
94 # include <openssl/dsa.h>
95 # include "./testdsa.h"
98 # include <openssl/ec.h>
100 #include <openssl/modes.h>
103 # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS)
116 #define MAX_MISALIGNMENT 63
117 #define MAX_ECDH_SIZE 256
120 typedef struct openssl_speed_sec_st {
127 } openssl_speed_sec_t;
129 static volatile int run = 0;
132 static int usertime = 1;
134 #ifndef OPENSSL_NO_MD2
135 static int EVP_Digest_MD2_loop(void *args);
138 #ifndef OPENSSL_NO_MDC2
139 static int EVP_Digest_MDC2_loop(void *args);
141 #ifndef OPENSSL_NO_MD4
142 static int EVP_Digest_MD4_loop(void *args);
144 #ifndef OPENSSL_NO_MD5
145 static int MD5_loop(void *args);
146 static int HMAC_loop(void *args);
148 static int SHA1_loop(void *args);
149 static int SHA256_loop(void *args);
150 static int SHA512_loop(void *args);
151 #ifndef OPENSSL_NO_WHIRLPOOL
152 static int WHIRLPOOL_loop(void *args);
154 #ifndef OPENSSL_NO_RMD160
155 static int EVP_Digest_RMD160_loop(void *args);
157 #ifndef OPENSSL_NO_RC4
158 static int RC4_loop(void *args);
160 #ifndef OPENSSL_NO_DES
161 static int DES_ncbc_encrypt_loop(void *args);
162 static int DES_ede3_cbc_encrypt_loop(void *args);
164 static int AES_cbc_128_encrypt_loop(void *args);
165 static int AES_cbc_192_encrypt_loop(void *args);
166 static int AES_ige_128_encrypt_loop(void *args);
167 static int AES_cbc_256_encrypt_loop(void *args);
168 static int AES_ige_192_encrypt_loop(void *args);
169 static int AES_ige_256_encrypt_loop(void *args);
170 static int CRYPTO_gcm128_aad_loop(void *args);
171 static int RAND_bytes_loop(void *args);
172 static int EVP_Update_loop(void *args);
173 static int EVP_Update_loop_ccm(void *args);
174 static int EVP_Update_loop_aead(void *args);
175 static int EVP_Digest_loop(void *args);
176 #ifndef OPENSSL_NO_RSA
177 static int RSA_sign_loop(void *args);
178 static int RSA_verify_loop(void *args);
180 #ifndef OPENSSL_NO_DSA
181 static int DSA_sign_loop(void *args);
182 static int DSA_verify_loop(void *args);
184 #ifndef OPENSSL_NO_EC
185 static int ECDSA_sign_loop(void *args);
186 static int ECDSA_verify_loop(void *args);
187 static int EdDSA_sign_loop(void *args);
188 static int EdDSA_verify_loop(void *args);
191 static double Time_F(int s);
192 static void print_message(const char *s, long num, int length, int tm);
193 static void pkey_print_message(const char *str, const char *str2,
194 long num, unsigned int bits, int sec);
195 static void print_result(int alg, int run_no, int count, double time_used);
197 static int do_multi(int multi, int size_num);
200 static const int lengths_list[] = {
201 16, 64, 256, 1024, 8 * 1024, 16 * 1024
203 static const int *lengths = lengths_list;
205 static const int aead_lengths_list[] = {
206 2, 31, 136, 1024, 8 * 1024, 16 * 1024
214 static void alarmed(int sig)
216 signal(SIGALRM, alarmed);
220 static double Time_F(int s)
222 double ret = app_tminterval(s, usertime);
228 #elif defined(_WIN32)
232 static unsigned int lapse;
233 static volatile unsigned int schlock;
234 static void alarm_win32(unsigned int secs)
239 # define alarm alarm_win32
241 static DWORD WINAPI sleepy(VOID * arg)
249 static double Time_F(int s)
256 thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
258 DWORD err = GetLastError();
259 BIO_printf(bio_err, "unable to CreateThread (%lu)", err);
263 Sleep(0); /* scheduler spinlock */
264 ret = app_tminterval(s, usertime);
266 ret = app_tminterval(s, usertime);
268 TerminateThread(thr, 0);
275 static double Time_F(int s)
277 return app_tminterval(s, usertime);
281 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
282 const openssl_speed_sec_t *seconds);
284 #define found(value, pairs, result)\
285 opt_found(value, result, pairs, OSSL_NELEM(pairs))
286 static int opt_found(const char *name, unsigned int *result,
287 const OPT_PAIR pairs[], unsigned int nbelem)
291 for (idx = 0; idx < nbelem; ++idx, pairs++)
292 if (strcmp(name, pairs->name) == 0) {
293 *result = pairs->retval;
299 typedef enum OPTION_choice {
300 OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
301 OPT_ELAPSED, OPT_EVP, OPT_HMAC, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
302 OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM,
303 OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD
306 const OPTIONS speed_options[] = {
307 {OPT_HELP_STR, 1, '-', "Usage: %s [options] ciphers...\n"},
308 {OPT_HELP_STR, 1, '-', "Valid options are:\n"},
309 {"help", OPT_HELP, '-', "Display this summary"},
310 {"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"},
311 {"hmac", OPT_HMAC, 's', "HMAC using EVP-named digest"},
312 {"decrypt", OPT_DECRYPT, '-',
313 "Time decryption instead of encryption (only EVP)"},
314 {"aead", OPT_AEAD, '-',
315 "Benchmark EVP-named AEAD cipher in TLS-like sequence"},
317 "Enable (tls1>=1) multi-block mode on EVP-named cipher"},
318 {"mr", OPT_MR, '-', "Produce machine readable output"},
320 {"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"},
322 #ifndef OPENSSL_NO_ASYNC
323 {"async_jobs", OPT_ASYNCJOBS, 'p',
324 "Enable async mode and start specified number of jobs"},
327 #ifndef OPENSSL_NO_ENGINE
328 {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
330 {"elapsed", OPT_ELAPSED, '-',
331 "Use wall-clock time instead of CPU user time as divisor"},
332 {"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"},
333 {"seconds", OPT_SECONDS, 'p',
334 "Run benchmarks for specified amount of seconds"},
335 {"bytes", OPT_BYTES, 'p',
336 "Run [non-PKI] benchmarks on custom-sized buffer"},
337 {"misalign", OPT_MISALIGN, 'p',
338 "Use specified offset to mis-align buffers"},
352 #define D_CBC_IDEA 10
353 #define D_CBC_SEED 11
357 #define D_CBC_CAST 15
358 #define D_CBC_128_AES 16
359 #define D_CBC_192_AES 17
360 #define D_CBC_256_AES 18
361 #define D_CBC_128_CML 19
362 #define D_CBC_192_CML 20
363 #define D_CBC_256_CML 21
367 #define D_WHIRLPOOL 25
368 #define D_IGE_128_AES 26
369 #define D_IGE_192_AES 27
370 #define D_IGE_256_AES 28
373 #define D_EVP_HMAC 31
375 /* name of algorithms to test */
376 static const char *names[] = {
377 "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
378 "des cbc", "des ede3", "idea cbc", "seed cbc",
379 "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
380 "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
381 "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
382 "evp", "sha256", "sha512", "whirlpool",
383 "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
386 #define ALGOR_NUM OSSL_NELEM(names)
388 /* list of configured algorithm (remaining) */
389 static const OPT_PAIR doit_choices[] = {
390 #ifndef OPENSSL_NO_MD2
393 #ifndef OPENSSL_NO_MDC2
396 #ifndef OPENSSL_NO_MD4
399 #ifndef OPENSSL_NO_MD5
404 {"sha256", D_SHA256},
405 {"sha512", D_SHA512},
406 #ifndef OPENSSL_NO_WHIRLPOOL
407 {"whirlpool", D_WHIRLPOOL},
409 #ifndef OPENSSL_NO_RMD160
410 {"ripemd", D_RMD160},
411 {"rmd160", D_RMD160},
412 {"ripemd160", D_RMD160},
414 #ifndef OPENSSL_NO_RC4
417 #ifndef OPENSSL_NO_DES
418 {"des-cbc", D_CBC_DES},
419 {"des-ede3", D_EDE3_DES},
421 {"aes-128-cbc", D_CBC_128_AES},
422 {"aes-192-cbc", D_CBC_192_AES},
423 {"aes-256-cbc", D_CBC_256_AES},
424 {"aes-128-ige", D_IGE_128_AES},
425 {"aes-192-ige", D_IGE_192_AES},
426 {"aes-256-ige", D_IGE_256_AES},
427 #ifndef OPENSSL_NO_RC2
428 {"rc2-cbc", D_CBC_RC2},
431 #ifndef OPENSSL_NO_RC5
432 {"rc5-cbc", D_CBC_RC5},
435 #ifndef OPENSSL_NO_IDEA
436 {"idea-cbc", D_CBC_IDEA},
437 {"idea", D_CBC_IDEA},
439 #ifndef OPENSSL_NO_SEED
440 {"seed-cbc", D_CBC_SEED},
441 {"seed", D_CBC_SEED},
443 #ifndef OPENSSL_NO_BF
444 {"bf-cbc", D_CBC_BF},
445 {"blowfish", D_CBC_BF},
448 #ifndef OPENSSL_NO_CAST
449 {"cast-cbc", D_CBC_CAST},
450 {"cast", D_CBC_CAST},
451 {"cast5", D_CBC_CAST},
457 static double results[ALGOR_NUM][OSSL_NELEM(lengths_list)];
459 #ifndef OPENSSL_NO_DSA
461 # define R_DSA_1024 1
462 # define R_DSA_2048 2
463 static const OPT_PAIR dsa_choices[] = {
464 {"dsa512", R_DSA_512},
465 {"dsa1024", R_DSA_1024},
466 {"dsa2048", R_DSA_2048}
468 # define DSA_NUM OSSL_NELEM(dsa_choices)
470 static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */
471 #endif /* OPENSSL_NO_DSA */
479 #define R_RSA_15360 6
480 #ifndef OPENSSL_NO_RSA
481 static const OPT_PAIR rsa_choices[] = {
482 {"rsa512", R_RSA_512},
483 {"rsa1024", R_RSA_1024},
484 {"rsa2048", R_RSA_2048},
485 {"rsa3072", R_RSA_3072},
486 {"rsa4096", R_RSA_4096},
487 {"rsa7680", R_RSA_7680},
488 {"rsa15360", R_RSA_15360}
490 # define RSA_NUM OSSL_NELEM(rsa_choices)
492 static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */
493 #endif /* OPENSSL_NO_RSA */
511 #define R_EC_BRP256R1 16
512 #define R_EC_BRP256T1 17
513 #define R_EC_BRP384R1 18
514 #define R_EC_BRP384T1 19
515 #define R_EC_BRP512R1 20
516 #define R_EC_BRP512T1 21
517 #define R_EC_X25519 22
519 #ifndef OPENSSL_NO_EC
520 static OPT_PAIR ecdsa_choices[] = {
521 {"ecdsap160", R_EC_P160},
522 {"ecdsap192", R_EC_P192},
523 {"ecdsap224", R_EC_P224},
524 {"ecdsap256", R_EC_P256},
525 {"ecdsap384", R_EC_P384},
526 {"ecdsap521", R_EC_P521},
527 #ifndef OPENSSL_NO_EC2M
528 {"ecdsak163", R_EC_K163},
529 {"ecdsak233", R_EC_K233},
530 {"ecdsak283", R_EC_K283},
531 {"ecdsak409", R_EC_K409},
532 {"ecdsak571", R_EC_K571},
533 {"ecdsab163", R_EC_B163},
534 {"ecdsab233", R_EC_B233},
535 {"ecdsab283", R_EC_B283},
536 {"ecdsab409", R_EC_B409},
537 {"ecdsab571", R_EC_B571},
539 {"ecdsabrp256r1", R_EC_BRP256R1},
540 {"ecdsabrp256t1", R_EC_BRP256T1},
541 {"ecdsabrp384r1", R_EC_BRP384R1},
542 {"ecdsabrp384t1", R_EC_BRP384T1},
543 {"ecdsabrp512r1", R_EC_BRP512R1},
544 {"ecdsabrp512t1", R_EC_BRP512T1}
546 # define ECDSA_NUM OSSL_NELEM(ecdsa_choices)
548 static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */
550 static const OPT_PAIR ecdh_choices[] = {
551 {"ecdhp160", R_EC_P160},
552 {"ecdhp192", R_EC_P192},
553 {"ecdhp224", R_EC_P224},
554 {"ecdhp256", R_EC_P256},
555 {"ecdhp384", R_EC_P384},
556 {"ecdhp521", R_EC_P521},
557 #ifndef OPENSSL_NO_EC2M
558 {"ecdhk163", R_EC_K163},
559 {"ecdhk233", R_EC_K233},
560 {"ecdhk283", R_EC_K283},
561 {"ecdhk409", R_EC_K409},
562 {"ecdhk571", R_EC_K571},
563 {"ecdhb163", R_EC_B163},
564 {"ecdhb233", R_EC_B233},
565 {"ecdhb283", R_EC_B283},
566 {"ecdhb409", R_EC_B409},
567 {"ecdhb571", R_EC_B571},
569 {"ecdhbrp256r1", R_EC_BRP256R1},
570 {"ecdhbrp256t1", R_EC_BRP256T1},
571 {"ecdhbrp384r1", R_EC_BRP384R1},
572 {"ecdhbrp384t1", R_EC_BRP384T1},
573 {"ecdhbrp512r1", R_EC_BRP512R1},
574 {"ecdhbrp512t1", R_EC_BRP512T1},
575 {"ecdhx25519", R_EC_X25519},
576 {"ecdhx448", R_EC_X448}
578 # define EC_NUM OSSL_NELEM(ecdh_choices)
580 static double ecdh_results[EC_NUM][1]; /* 1 op: derivation */
582 #define R_EC_Ed25519 0
584 static OPT_PAIR eddsa_choices[] = {
585 {"ed25519", R_EC_Ed25519},
586 {"ed448", R_EC_Ed448}
588 # define EdDSA_NUM OSSL_NELEM(eddsa_choices)
590 static double eddsa_results[EdDSA_NUM][2]; /* 2 ops: sign then verify */
591 #endif /* OPENSSL_NO_EC */
594 # define COND(d) (count < (d))
595 # define COUNT(d) (d)
597 # define COND(unused_cond) (run && count<0x7fffffff)
598 # define COUNT(d) (count)
601 typedef struct loopargs_st {
602 ASYNC_JOB *inprogress_job;
603 ASYNC_WAIT_CTX *wait_ctx;
606 unsigned char *buf_malloc;
607 unsigned char *buf2_malloc;
611 #ifndef OPENSSL_NO_RSA
612 RSA *rsa_key[RSA_NUM];
614 #ifndef OPENSSL_NO_DSA
615 DSA *dsa_key[DSA_NUM];
617 #ifndef OPENSSL_NO_EC
618 EC_KEY *ecdsa[ECDSA_NUM];
619 EVP_PKEY_CTX *ecdh_ctx[EC_NUM];
620 EVP_MD_CTX *eddsa_ctx[EdDSA_NUM];
621 unsigned char *secret_a;
622 unsigned char *secret_b;
623 size_t outlen[EC_NUM];
627 GCM128_CONTEXT *gcm_ctx;
629 static int run_benchmark(int async_jobs, int (*loop_function) (void *),
630 loopargs_t * loopargs);
632 static unsigned int testnum;
634 /* Nb of iterations to do per algorithm and key-size */
635 static long c[ALGOR_NUM][OSSL_NELEM(lengths_list)];
637 #ifndef OPENSSL_NO_MD2
638 static int EVP_Digest_MD2_loop(void *args)
640 loopargs_t *tempargs = *(loopargs_t **) args;
641 unsigned char *buf = tempargs->buf;
642 unsigned char md2[MD2_DIGEST_LENGTH];
645 for (count = 0; COND(c[D_MD2][testnum]); count++) {
646 if (!EVP_Digest(buf, (size_t)lengths[testnum], md2, NULL, EVP_md2(),
654 #ifndef OPENSSL_NO_MDC2
655 static int EVP_Digest_MDC2_loop(void *args)
657 loopargs_t *tempargs = *(loopargs_t **) args;
658 unsigned char *buf = tempargs->buf;
659 unsigned char mdc2[MDC2_DIGEST_LENGTH];
662 for (count = 0; COND(c[D_MDC2][testnum]); count++) {
663 if (!EVP_Digest(buf, (size_t)lengths[testnum], mdc2, NULL, EVP_mdc2(),
671 #ifndef OPENSSL_NO_MD4
672 static int EVP_Digest_MD4_loop(void *args)
674 loopargs_t *tempargs = *(loopargs_t **) args;
675 unsigned char *buf = tempargs->buf;
676 unsigned char md4[MD4_DIGEST_LENGTH];
679 for (count = 0; COND(c[D_MD4][testnum]); count++) {
680 if (!EVP_Digest(buf, (size_t)lengths[testnum], md4, NULL, EVP_md4(),
688 #ifndef OPENSSL_NO_MD5
689 static int MD5_loop(void *args)
691 loopargs_t *tempargs = *(loopargs_t **) args;
692 unsigned char *buf = tempargs->buf;
693 unsigned char md5[MD5_DIGEST_LENGTH];
695 for (count = 0; COND(c[D_MD5][testnum]); count++)
696 MD5(buf, lengths[testnum], md5);
700 static int HMAC_loop(void *args)
702 loopargs_t *tempargs = *(loopargs_t **) args;
703 unsigned char *buf = tempargs->buf;
704 HMAC_CTX *hctx = tempargs->hctx;
705 unsigned char hmac[MD5_DIGEST_LENGTH];
708 for (count = 0; COND(c[D_HMAC][testnum]); count++) {
709 HMAC_Init_ex(hctx, NULL, 0, NULL, NULL);
710 HMAC_Update(hctx, buf, lengths[testnum]);
711 HMAC_Final(hctx, hmac, NULL);
717 static int SHA1_loop(void *args)
719 loopargs_t *tempargs = *(loopargs_t **) args;
720 unsigned char *buf = tempargs->buf;
721 unsigned char sha[SHA_DIGEST_LENGTH];
723 for (count = 0; COND(c[D_SHA1][testnum]); count++)
724 SHA1(buf, lengths[testnum], sha);
728 static int SHA256_loop(void *args)
730 loopargs_t *tempargs = *(loopargs_t **) args;
731 unsigned char *buf = tempargs->buf;
732 unsigned char sha256[SHA256_DIGEST_LENGTH];
734 for (count = 0; COND(c[D_SHA256][testnum]); count++)
735 SHA256(buf, lengths[testnum], sha256);
739 static int SHA512_loop(void *args)
741 loopargs_t *tempargs = *(loopargs_t **) args;
742 unsigned char *buf = tempargs->buf;
743 unsigned char sha512[SHA512_DIGEST_LENGTH];
745 for (count = 0; COND(c[D_SHA512][testnum]); count++)
746 SHA512(buf, lengths[testnum], sha512);
750 #ifndef OPENSSL_NO_WHIRLPOOL
751 static int WHIRLPOOL_loop(void *args)
753 loopargs_t *tempargs = *(loopargs_t **) args;
754 unsigned char *buf = tempargs->buf;
755 unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
757 for (count = 0; COND(c[D_WHIRLPOOL][testnum]); count++)
758 WHIRLPOOL(buf, lengths[testnum], whirlpool);
763 #ifndef OPENSSL_NO_RMD160
764 static int EVP_Digest_RMD160_loop(void *args)
766 loopargs_t *tempargs = *(loopargs_t **) args;
767 unsigned char *buf = tempargs->buf;
768 unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
770 for (count = 0; COND(c[D_RMD160][testnum]); count++) {
771 if (!EVP_Digest(buf, (size_t)lengths[testnum], &(rmd160[0]),
772 NULL, EVP_ripemd160(), NULL))
779 #ifndef OPENSSL_NO_RC4
780 static RC4_KEY rc4_ks;
781 static int RC4_loop(void *args)
783 loopargs_t *tempargs = *(loopargs_t **) args;
784 unsigned char *buf = tempargs->buf;
786 for (count = 0; COND(c[D_RC4][testnum]); count++)
787 RC4(&rc4_ks, (size_t)lengths[testnum], buf, buf);
792 #ifndef OPENSSL_NO_DES
793 static unsigned char DES_iv[8];
794 static DES_key_schedule sch;
795 static DES_key_schedule sch2;
796 static DES_key_schedule sch3;
797 static int DES_ncbc_encrypt_loop(void *args)
799 loopargs_t *tempargs = *(loopargs_t **) args;
800 unsigned char *buf = tempargs->buf;
802 for (count = 0; COND(c[D_CBC_DES][testnum]); count++)
803 DES_ncbc_encrypt(buf, buf, lengths[testnum], &sch,
804 &DES_iv, DES_ENCRYPT);
808 static int DES_ede3_cbc_encrypt_loop(void *args)
810 loopargs_t *tempargs = *(loopargs_t **) args;
811 unsigned char *buf = tempargs->buf;
813 for (count = 0; COND(c[D_EDE3_DES][testnum]); count++)
814 DES_ede3_cbc_encrypt(buf, buf, lengths[testnum],
815 &sch, &sch2, &sch3, &DES_iv, DES_ENCRYPT);
820 #define MAX_BLOCK_SIZE 128
822 static unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
823 static AES_KEY aes_ks1, aes_ks2, aes_ks3;
824 static int AES_cbc_128_encrypt_loop(void *args)
826 loopargs_t *tempargs = *(loopargs_t **) args;
827 unsigned char *buf = tempargs->buf;
829 for (count = 0; COND(c[D_CBC_128_AES][testnum]); count++)
830 AES_cbc_encrypt(buf, buf,
831 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
835 static int AES_cbc_192_encrypt_loop(void *args)
837 loopargs_t *tempargs = *(loopargs_t **) args;
838 unsigned char *buf = tempargs->buf;
840 for (count = 0; COND(c[D_CBC_192_AES][testnum]); count++)
841 AES_cbc_encrypt(buf, buf,
842 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
846 static int AES_cbc_256_encrypt_loop(void *args)
848 loopargs_t *tempargs = *(loopargs_t **) args;
849 unsigned char *buf = tempargs->buf;
851 for (count = 0; COND(c[D_CBC_256_AES][testnum]); count++)
852 AES_cbc_encrypt(buf, buf,
853 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
857 static int AES_ige_128_encrypt_loop(void *args)
859 loopargs_t *tempargs = *(loopargs_t **) args;
860 unsigned char *buf = tempargs->buf;
861 unsigned char *buf2 = tempargs->buf2;
863 for (count = 0; COND(c[D_IGE_128_AES][testnum]); count++)
864 AES_ige_encrypt(buf, buf2,
865 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
869 static int AES_ige_192_encrypt_loop(void *args)
871 loopargs_t *tempargs = *(loopargs_t **) args;
872 unsigned char *buf = tempargs->buf;
873 unsigned char *buf2 = tempargs->buf2;
875 for (count = 0; COND(c[D_IGE_192_AES][testnum]); count++)
876 AES_ige_encrypt(buf, buf2,
877 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
881 static int AES_ige_256_encrypt_loop(void *args)
883 loopargs_t *tempargs = *(loopargs_t **) args;
884 unsigned char *buf = tempargs->buf;
885 unsigned char *buf2 = tempargs->buf2;
887 for (count = 0; COND(c[D_IGE_256_AES][testnum]); count++)
888 AES_ige_encrypt(buf, buf2,
889 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
893 static int CRYPTO_gcm128_aad_loop(void *args)
895 loopargs_t *tempargs = *(loopargs_t **) args;
896 unsigned char *buf = tempargs->buf;
897 GCM128_CONTEXT *gcm_ctx = tempargs->gcm_ctx;
899 for (count = 0; COND(c[D_GHASH][testnum]); count++)
900 CRYPTO_gcm128_aad(gcm_ctx, buf, lengths[testnum]);
904 static int RAND_bytes_loop(void *args)
906 loopargs_t *tempargs = *(loopargs_t **) args;
907 unsigned char *buf = tempargs->buf;
910 for (count = 0; COND(c[D_RAND][testnum]); count++)
911 RAND_bytes(buf, lengths[testnum]);
915 static long save_count = 0;
916 static int decrypt = 0;
917 static int EVP_Update_loop(void *args)
919 loopargs_t *tempargs = *(loopargs_t **) args;
920 unsigned char *buf = tempargs->buf;
921 EVP_CIPHER_CTX *ctx = tempargs->ctx;
924 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
927 for (count = 0; COND(nb_iter); count++) {
928 rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
930 /* reset iv in case of counter overflow */
931 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
935 for (count = 0; COND(nb_iter); count++) {
936 rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
938 /* reset iv in case of counter overflow */
939 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
944 EVP_DecryptFinal_ex(ctx, buf, &outl);
946 EVP_EncryptFinal_ex(ctx, buf, &outl);
951 * CCM does not support streaming. For the purpose of performance measurement,
952 * each message is encrypted using the same (key,iv)-pair. Do not use this
953 * code in your application.
955 static int EVP_Update_loop_ccm(void *args)
957 loopargs_t *tempargs = *(loopargs_t **) args;
958 unsigned char *buf = tempargs->buf;
959 EVP_CIPHER_CTX *ctx = tempargs->ctx;
961 unsigned char tag[12];
963 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
966 for (count = 0; COND(nb_iter); count++) {
967 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), tag);
969 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
970 /* counter is reset on every update */
971 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
974 for (count = 0; COND(nb_iter); count++) {
975 /* restore iv length field */
976 EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
977 /* counter is reset on every update */
978 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
982 EVP_DecryptFinal_ex(ctx, buf, &outl);
984 EVP_EncryptFinal_ex(ctx, buf, &outl);
989 * To make AEAD benchmarking more relevant perform TLS-like operations,
990 * 13-byte AAD followed by payload. But don't use TLS-formatted AAD, as
991 * payload length is not actually limited by 16KB...
993 static int EVP_Update_loop_aead(void *args)
995 loopargs_t *tempargs = *(loopargs_t **) args;
996 unsigned char *buf = tempargs->buf;
997 EVP_CIPHER_CTX *ctx = tempargs->ctx;
999 unsigned char aad[13] = { 0xcc };
1000 unsigned char faketag[16] = { 0xcc };
1002 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1005 for (count = 0; COND(nb_iter); count++) {
1006 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
1007 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
1008 sizeof(faketag), faketag);
1009 EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1010 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1011 EVP_DecryptFinal_ex(ctx, buf + outl, &outl);
1014 for (count = 0; COND(nb_iter); count++) {
1015 EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv);
1016 EVP_EncryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1017 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1018 EVP_EncryptFinal_ex(ctx, buf + outl, &outl);
1024 static const EVP_MD *evp_md = NULL;
1025 static int EVP_Digest_loop(void *args)
1027 loopargs_t *tempargs = *(loopargs_t **) args;
1028 unsigned char *buf = tempargs->buf;
1029 unsigned char md[EVP_MAX_MD_SIZE];
1032 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1035 for (count = 0; COND(nb_iter); count++) {
1036 if (!EVP_Digest(buf, lengths[testnum], md, NULL, evp_md, NULL))
1042 static const EVP_MD *evp_hmac_md = NULL;
1043 static char *evp_hmac_name = NULL;
1044 static int EVP_HMAC_loop(void *args)
1046 loopargs_t *tempargs = *(loopargs_t **) args;
1047 unsigned char *buf = tempargs->buf;
1048 unsigned char no_key[32];
1051 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1054 for (count = 0; COND(nb_iter); count++) {
1055 if (HMAC(evp_hmac_md, no_key, sizeof(no_key), buf, lengths[testnum],
1056 NULL, NULL) == NULL)
1062 #ifndef OPENSSL_NO_RSA
1063 static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */
1065 static int RSA_sign_loop(void *args)
1067 loopargs_t *tempargs = *(loopargs_t **) args;
1068 unsigned char *buf = tempargs->buf;
1069 unsigned char *buf2 = tempargs->buf2;
1070 unsigned int *rsa_num = &tempargs->siglen;
1071 RSA **rsa_key = tempargs->rsa_key;
1073 for (count = 0; COND(rsa_c[testnum][0]); count++) {
1074 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1076 BIO_printf(bio_err, "RSA sign failure\n");
1077 ERR_print_errors(bio_err);
1085 static int RSA_verify_loop(void *args)
1087 loopargs_t *tempargs = *(loopargs_t **) args;
1088 unsigned char *buf = tempargs->buf;
1089 unsigned char *buf2 = tempargs->buf2;
1090 unsigned int rsa_num = tempargs->siglen;
1091 RSA **rsa_key = tempargs->rsa_key;
1093 for (count = 0; COND(rsa_c[testnum][1]); count++) {
1095 RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1097 BIO_printf(bio_err, "RSA verify failure\n");
1098 ERR_print_errors(bio_err);
1107 #ifndef OPENSSL_NO_DSA
1108 static long dsa_c[DSA_NUM][2];
1109 static int DSA_sign_loop(void *args)
1111 loopargs_t *tempargs = *(loopargs_t **) args;
1112 unsigned char *buf = tempargs->buf;
1113 unsigned char *buf2 = tempargs->buf2;
1114 DSA **dsa_key = tempargs->dsa_key;
1115 unsigned int *siglen = &tempargs->siglen;
1117 for (count = 0; COND(dsa_c[testnum][0]); count++) {
1118 ret = DSA_sign(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1120 BIO_printf(bio_err, "DSA sign failure\n");
1121 ERR_print_errors(bio_err);
1129 static int DSA_verify_loop(void *args)
1131 loopargs_t *tempargs = *(loopargs_t **) args;
1132 unsigned char *buf = tempargs->buf;
1133 unsigned char *buf2 = tempargs->buf2;
1134 DSA **dsa_key = tempargs->dsa_key;
1135 unsigned int siglen = tempargs->siglen;
1137 for (count = 0; COND(dsa_c[testnum][1]); count++) {
1138 ret = DSA_verify(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1140 BIO_printf(bio_err, "DSA verify failure\n");
1141 ERR_print_errors(bio_err);
1150 #ifndef OPENSSL_NO_EC
1151 static long ecdsa_c[ECDSA_NUM][2];
1152 static int ECDSA_sign_loop(void *args)
1154 loopargs_t *tempargs = *(loopargs_t **) args;
1155 unsigned char *buf = tempargs->buf;
1156 EC_KEY **ecdsa = tempargs->ecdsa;
1157 unsigned char *ecdsasig = tempargs->buf2;
1158 unsigned int *ecdsasiglen = &tempargs->siglen;
1160 for (count = 0; COND(ecdsa_c[testnum][0]); count++) {
1161 ret = ECDSA_sign(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1163 BIO_printf(bio_err, "ECDSA sign failure\n");
1164 ERR_print_errors(bio_err);
1172 static int ECDSA_verify_loop(void *args)
1174 loopargs_t *tempargs = *(loopargs_t **) args;
1175 unsigned char *buf = tempargs->buf;
1176 EC_KEY **ecdsa = tempargs->ecdsa;
1177 unsigned char *ecdsasig = tempargs->buf2;
1178 unsigned int ecdsasiglen = tempargs->siglen;
1180 for (count = 0; COND(ecdsa_c[testnum][1]); count++) {
1181 ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1183 BIO_printf(bio_err, "ECDSA verify failure\n");
1184 ERR_print_errors(bio_err);
1192 /* ******************************************************************** */
1193 static long ecdh_c[EC_NUM][1];
1195 static int ECDH_EVP_derive_key_loop(void *args)
1197 loopargs_t *tempargs = *(loopargs_t **) args;
1198 EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum];
1199 unsigned char *derived_secret = tempargs->secret_a;
1201 size_t *outlen = &(tempargs->outlen[testnum]);
1203 for (count = 0; COND(ecdh_c[testnum][0]); count++)
1204 EVP_PKEY_derive(ctx, derived_secret, outlen);
1209 static long eddsa_c[EdDSA_NUM][2];
1210 static int EdDSA_sign_loop(void *args)
1212 loopargs_t *tempargs = *(loopargs_t **) args;
1213 unsigned char *buf = tempargs->buf;
1214 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1215 unsigned char *eddsasig = tempargs->buf2;
1216 size_t *eddsasigsize = &tempargs->sigsize;
1219 for (count = 0; COND(eddsa_c[testnum][0]); count++) {
1220 ret = EVP_DigestSign(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1222 BIO_printf(bio_err, "EdDSA sign failure\n");
1223 ERR_print_errors(bio_err);
1231 static int EdDSA_verify_loop(void *args)
1233 loopargs_t *tempargs = *(loopargs_t **) args;
1234 unsigned char *buf = tempargs->buf;
1235 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1236 unsigned char *eddsasig = tempargs->buf2;
1237 size_t eddsasigsize = tempargs->sigsize;
1240 for (count = 0; COND(eddsa_c[testnum][1]); count++) {
1241 ret = EVP_DigestVerify(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1243 BIO_printf(bio_err, "EdDSA verify failure\n");
1244 ERR_print_errors(bio_err);
1251 #endif /* OPENSSL_NO_EC */
1253 static int run_benchmark(int async_jobs,
1254 int (*loop_function) (void *), loopargs_t * loopargs)
1256 int job_op_count = 0;
1257 int total_op_count = 0;
1258 int num_inprogress = 0;
1259 int error = 0, i = 0, ret = 0;
1260 OSSL_ASYNC_FD job_fd = 0;
1261 size_t num_job_fds = 0;
1265 if (async_jobs == 0) {
1266 return loop_function((void *)&loopargs);
1269 for (i = 0; i < async_jobs && !error; i++) {
1270 loopargs_t *looparg_item = loopargs + i;
1272 /* Copy pointer content (looparg_t item address) into async context */
1273 ret = ASYNC_start_job(&loopargs[i].inprogress_job, loopargs[i].wait_ctx,
1274 &job_op_count, loop_function,
1275 (void *)&looparg_item, sizeof(looparg_item));
1281 if (job_op_count == -1) {
1284 total_op_count += job_op_count;
1289 BIO_printf(bio_err, "Failure in the job\n");
1290 ERR_print_errors(bio_err);
1296 while (num_inprogress > 0) {
1297 #if defined(OPENSSL_SYS_WINDOWS)
1299 #elif defined(OPENSSL_SYS_UNIX)
1300 int select_result = 0;
1301 OSSL_ASYNC_FD max_fd = 0;
1304 FD_ZERO(&waitfdset);
1306 for (i = 0; i < async_jobs && num_inprogress > 0; i++) {
1307 if (loopargs[i].inprogress_job == NULL)
1310 if (!ASYNC_WAIT_CTX_get_all_fds
1311 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1312 || num_job_fds > 1) {
1313 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1314 ERR_print_errors(bio_err);
1318 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1320 FD_SET(job_fd, &waitfdset);
1321 if (job_fd > max_fd)
1325 if (max_fd >= (OSSL_ASYNC_FD)FD_SETSIZE) {
1327 "Error: max_fd (%d) must be smaller than FD_SETSIZE (%d). "
1328 "Decrease the value of async_jobs\n",
1329 max_fd, FD_SETSIZE);
1330 ERR_print_errors(bio_err);
1335 select_result = select(max_fd + 1, &waitfdset, NULL, NULL, NULL);
1336 if (select_result == -1 && errno == EINTR)
1339 if (select_result == -1) {
1340 BIO_printf(bio_err, "Failure in the select\n");
1341 ERR_print_errors(bio_err);
1346 if (select_result == 0)
1350 for (i = 0; i < async_jobs; i++) {
1351 if (loopargs[i].inprogress_job == NULL)
1354 if (!ASYNC_WAIT_CTX_get_all_fds
1355 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1356 || num_job_fds > 1) {
1357 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1358 ERR_print_errors(bio_err);
1362 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1365 #if defined(OPENSSL_SYS_UNIX)
1366 if (num_job_fds == 1 && !FD_ISSET(job_fd, &waitfdset))
1368 #elif defined(OPENSSL_SYS_WINDOWS)
1369 if (num_job_fds == 1
1370 && !PeekNamedPipe(job_fd, NULL, 0, NULL, &avail, NULL)
1375 ret = ASYNC_start_job(&loopargs[i].inprogress_job,
1376 loopargs[i].wait_ctx, &job_op_count,
1377 loop_function, (void *)(loopargs + i),
1378 sizeof(loopargs_t));
1383 if (job_op_count == -1) {
1386 total_op_count += job_op_count;
1389 loopargs[i].inprogress_job = NULL;
1394 loopargs[i].inprogress_job = NULL;
1395 BIO_printf(bio_err, "Failure in the job\n");
1396 ERR_print_errors(bio_err);
1403 return error ? -1 : total_op_count;
1406 int speed_main(int argc, char **argv)
1409 loopargs_t *loopargs = NULL;
1411 const char *engine_id = NULL;
1412 const EVP_CIPHER *evp_cipher = NULL;
1415 int async_init = 0, multiblock = 0, pr_header = 0;
1416 int doit[ALGOR_NUM] = { 0 };
1417 int ret = 1, misalign = 0, lengths_single = 0, aead = 0;
1419 unsigned int size_num = OSSL_NELEM(lengths_list);
1420 unsigned int i, k, loop, loopargs_len = 0, async_jobs = 0;
1426 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) \
1427 || !defined(OPENSSL_NO_EC)
1430 openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS,
1431 ECDSA_SECONDS, ECDH_SECONDS,
1434 /* What follows are the buffers and key material. */
1435 #ifndef OPENSSL_NO_RC5
1438 #ifndef OPENSSL_NO_RC2
1441 #ifndef OPENSSL_NO_IDEA
1442 IDEA_KEY_SCHEDULE idea_ks;
1444 #ifndef OPENSSL_NO_SEED
1445 SEED_KEY_SCHEDULE seed_ks;
1447 #ifndef OPENSSL_NO_BF
1450 #ifndef OPENSSL_NO_CAST
1453 static const unsigned char key16[16] = {
1454 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1455 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1457 static const unsigned char key24[24] = {
1458 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1459 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1460 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1462 static const unsigned char key32[32] = {
1463 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1464 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1465 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1466 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1468 #ifndef OPENSSL_NO_CAMELLIA
1469 static const unsigned char ckey24[24] = {
1470 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1471 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1472 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1474 static const unsigned char ckey32[32] = {
1475 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1476 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1477 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1478 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1480 CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3;
1482 #ifndef OPENSSL_NO_DES
1483 static DES_cblock key = {
1484 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0
1486 static DES_cblock key2 = {
1487 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1489 static DES_cblock key3 = {
1490 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1493 #ifndef OPENSSL_NO_RSA
1494 static const unsigned int rsa_bits[RSA_NUM] = {
1495 512, 1024, 2048, 3072, 4096, 7680, 15360
1497 static const unsigned char *rsa_data[RSA_NUM] = {
1498 test512, test1024, test2048, test3072, test4096, test7680, test15360
1500 static const int rsa_data_length[RSA_NUM] = {
1501 sizeof(test512), sizeof(test1024),
1502 sizeof(test2048), sizeof(test3072),
1503 sizeof(test4096), sizeof(test7680),
1506 int rsa_doit[RSA_NUM] = { 0 };
1507 int primes = RSA_DEFAULT_PRIME_NUM;
1509 #ifndef OPENSSL_NO_DSA
1510 static const unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 };
1511 int dsa_doit[DSA_NUM] = { 0 };
1513 #ifndef OPENSSL_NO_EC
1515 * We only test over the following curves as they are representative, To
1516 * add tests over more curves, simply add the curve NID and curve name to
1517 * the following arrays and increase the |ecdh_choices| list accordingly.
1519 static const struct {
1525 {"secp160r1", NID_secp160r1, 160},
1526 {"nistp192", NID_X9_62_prime192v1, 192},
1527 {"nistp224", NID_secp224r1, 224},
1528 {"nistp256", NID_X9_62_prime256v1, 256},
1529 {"nistp384", NID_secp384r1, 384},
1530 {"nistp521", NID_secp521r1, 521},
1531 #ifndef OPENSSL_NO_EC2M
1533 {"nistk163", NID_sect163k1, 163},
1534 {"nistk233", NID_sect233k1, 233},
1535 {"nistk283", NID_sect283k1, 283},
1536 {"nistk409", NID_sect409k1, 409},
1537 {"nistk571", NID_sect571k1, 571},
1538 {"nistb163", NID_sect163r2, 163},
1539 {"nistb233", NID_sect233r1, 233},
1540 {"nistb283", NID_sect283r1, 283},
1541 {"nistb409", NID_sect409r1, 409},
1542 {"nistb571", NID_sect571r1, 571},
1544 {"brainpoolP256r1", NID_brainpoolP256r1, 256},
1545 {"brainpoolP256t1", NID_brainpoolP256t1, 256},
1546 {"brainpoolP384r1", NID_brainpoolP384r1, 384},
1547 {"brainpoolP384t1", NID_brainpoolP384t1, 384},
1548 {"brainpoolP512r1", NID_brainpoolP512r1, 512},
1549 {"brainpoolP512t1", NID_brainpoolP512t1, 512},
1550 /* Other and ECDH only ones */
1551 {"X25519", NID_X25519, 253},
1552 {"X448", NID_X448, 448}
1554 static const struct {
1559 } test_ed_curves[] = {
1561 {"Ed25519", NID_ED25519, 253, 64},
1562 {"Ed448", NID_ED448, 456, 114}
1564 int ecdsa_doit[ECDSA_NUM] = { 0 };
1565 int ecdh_doit[EC_NUM] = { 0 };
1566 int eddsa_doit[EdDSA_NUM] = { 0 };
1567 OPENSSL_assert(OSSL_NELEM(test_curves) >= EC_NUM);
1568 OPENSSL_assert(OSSL_NELEM(test_ed_curves) >= EdDSA_NUM);
1569 #endif /* ndef OPENSSL_NO_EC */
1571 prog = opt_init(argc, argv, speed_options);
1572 while ((o = opt_next()) != OPT_EOF) {
1577 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
1580 opt_help(speed_options);
1588 evp_cipher = EVP_get_cipherbyname(opt_arg());
1589 if (evp_cipher == NULL)
1590 evp_md = EVP_get_digestbyname(opt_arg());
1591 if (evp_cipher == NULL && evp_md == NULL) {
1593 "%s: %s is an unknown cipher or digest\n",
1600 evp_hmac_md = EVP_get_digestbyname(opt_arg());
1601 if (evp_hmac_md == NULL) {
1602 BIO_printf(bio_err, "%s: %s is an unknown digest\n",
1606 doit[D_EVP_HMAC] = 1;
1613 * In a forked execution, an engine might need to be
1614 * initialised by each child process, not by the parent.
1615 * So store the name here and run setup_engine() later on.
1617 engine_id = opt_arg();
1621 multi = atoi(opt_arg());
1625 #ifndef OPENSSL_NO_ASYNC
1626 async_jobs = atoi(opt_arg());
1627 if (!ASYNC_is_capable()) {
1629 "%s: async_jobs specified but async not supported\n",
1633 if (async_jobs > 99999) {
1634 BIO_printf(bio_err, "%s: too many async_jobs\n", prog);
1640 if (!opt_int(opt_arg(), &misalign))
1642 if (misalign > MISALIGN) {
1644 "%s: Maximum offset is %d\n", prog, MISALIGN);
1653 #ifdef OPENSSL_NO_MULTIBLOCK
1655 "%s: -mb specified but multi-block support is disabled\n",
1665 if (!opt_int(opt_arg(), &primes))
1669 seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa
1670 = seconds.ecdh = seconds.eddsa = atoi(opt_arg());
1673 lengths_single = atoi(opt_arg());
1674 lengths = &lengths_single;
1682 argc = opt_num_rest();
1685 /* Remaining arguments are algorithms. */
1686 for (; *argv; argv++) {
1687 if (found(*argv, doit_choices, &i)) {
1691 #ifndef OPENSSL_NO_DES
1692 if (strcmp(*argv, "des") == 0) {
1693 doit[D_CBC_DES] = doit[D_EDE3_DES] = 1;
1697 if (strcmp(*argv, "sha") == 0) {
1698 doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1;
1701 #ifndef OPENSSL_NO_RSA
1702 if (strcmp(*argv, "openssl") == 0)
1704 if (strcmp(*argv, "rsa") == 0) {
1705 for (loop = 0; loop < OSSL_NELEM(rsa_doit); loop++)
1709 if (found(*argv, rsa_choices, &i)) {
1714 #ifndef OPENSSL_NO_DSA
1715 if (strcmp(*argv, "dsa") == 0) {
1716 dsa_doit[R_DSA_512] = dsa_doit[R_DSA_1024] =
1717 dsa_doit[R_DSA_2048] = 1;
1720 if (found(*argv, dsa_choices, &i)) {
1725 if (strcmp(*argv, "aes") == 0) {
1726 doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1;
1729 #ifndef OPENSSL_NO_CAMELLIA
1730 if (strcmp(*argv, "camellia") == 0) {
1731 doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1;
1735 #ifndef OPENSSL_NO_EC
1736 if (strcmp(*argv, "ecdsa") == 0) {
1737 for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
1738 ecdsa_doit[loop] = 1;
1741 if (found(*argv, ecdsa_choices, &i)) {
1745 if (strcmp(*argv, "ecdh") == 0) {
1746 for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
1747 ecdh_doit[loop] = 1;
1750 if (found(*argv, ecdh_choices, &i)) {
1754 if (strcmp(*argv, "eddsa") == 0) {
1755 for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
1756 eddsa_doit[loop] = 1;
1759 if (found(*argv, eddsa_choices, &i)) {
1764 BIO_printf(bio_err, "%s: Unknown algorithm %s\n", prog, *argv);
1770 if (evp_cipher == NULL) {
1771 BIO_printf(bio_err, "-aead can be used only with an AEAD cipher\n");
1773 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1774 EVP_CIPH_FLAG_AEAD_CIPHER)) {
1775 BIO_printf(bio_err, "%s is not an AEAD cipher\n",
1776 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1781 if (evp_cipher == NULL) {
1782 BIO_printf(bio_err,"-mb can be used only with a multi-block"
1783 " capable cipher\n");
1785 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1786 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
1787 BIO_printf(bio_err, "%s is not a multi-block capable\n",
1788 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1790 } else if (async_jobs > 0) {
1791 BIO_printf(bio_err, "Async mode is not supported with -mb");
1796 /* Initialize the job pool if async mode is enabled */
1797 if (async_jobs > 0) {
1798 async_init = ASYNC_init_thread(async_jobs, async_jobs);
1800 BIO_printf(bio_err, "Error creating the ASYNC job pool\n");
1805 loopargs_len = (async_jobs == 0 ? 1 : async_jobs);
1807 app_malloc(loopargs_len * sizeof(loopargs_t), "array of loopargs");
1808 memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));
1810 for (i = 0; i < loopargs_len; i++) {
1811 if (async_jobs > 0) {
1812 loopargs[i].wait_ctx = ASYNC_WAIT_CTX_new();
1813 if (loopargs[i].wait_ctx == NULL) {
1814 BIO_printf(bio_err, "Error creating the ASYNC_WAIT_CTX\n");
1819 buflen = lengths[size_num - 1];
1820 if (buflen < 36) /* size of random vector in RSA bencmark */
1822 buflen += MAX_MISALIGNMENT + 1;
1823 loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
1824 loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");
1825 memset(loopargs[i].buf_malloc, 0, buflen);
1826 memset(loopargs[i].buf2_malloc, 0, buflen);
1828 /* Align the start of buffers on a 64 byte boundary */
1829 loopargs[i].buf = loopargs[i].buf_malloc + misalign;
1830 loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;
1831 #ifndef OPENSSL_NO_EC
1832 loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a");
1833 loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b");
1838 if (multi && do_multi(multi, size_num))
1842 /* Initialize the engine after the fork */
1843 e = setup_engine(engine_id, 0);
1845 /* No parameters; turn on everything. */
1846 if (argc == 0 && !doit[D_EVP] && !doit[D_EVP_HMAC]) {
1847 for (i = 0; i < ALGOR_NUM; i++)
1848 if (i != D_EVP && i != D_EVP_HMAC)
1850 #ifndef OPENSSL_NO_RSA
1851 for (i = 0; i < RSA_NUM; i++)
1854 #ifndef OPENSSL_NO_DSA
1855 for (i = 0; i < DSA_NUM; i++)
1858 #ifndef OPENSSL_NO_EC
1859 for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
1860 ecdsa_doit[loop] = 1;
1861 for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
1862 ecdh_doit[loop] = 1;
1863 for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
1864 eddsa_doit[loop] = 1;
1867 for (i = 0; i < ALGOR_NUM; i++)
1871 if (usertime == 0 && !mr)
1873 "You have chosen to measure elapsed time "
1874 "instead of user CPU time.\n");
1876 #ifndef OPENSSL_NO_RSA
1877 for (i = 0; i < loopargs_len; i++) {
1878 if (primes > RSA_DEFAULT_PRIME_NUM) {
1879 /* for multi-prime RSA, skip this */
1882 for (k = 0; k < RSA_NUM; k++) {
1883 const unsigned char *p;
1886 loopargs[i].rsa_key[k] =
1887 d2i_RSAPrivateKey(NULL, &p, rsa_data_length[k]);
1888 if (loopargs[i].rsa_key[k] == NULL) {
1890 "internal error loading RSA key number %d\n", k);
1896 #ifndef OPENSSL_NO_DSA
1897 for (i = 0; i < loopargs_len; i++) {
1898 loopargs[i].dsa_key[0] = get_dsa(512);
1899 loopargs[i].dsa_key[1] = get_dsa(1024);
1900 loopargs[i].dsa_key[2] = get_dsa(2048);
1903 #ifndef OPENSSL_NO_DES
1904 DES_set_key_unchecked(&key, &sch);
1905 DES_set_key_unchecked(&key2, &sch2);
1906 DES_set_key_unchecked(&key3, &sch3);
1908 AES_set_encrypt_key(key16, 128, &aes_ks1);
1909 AES_set_encrypt_key(key24, 192, &aes_ks2);
1910 AES_set_encrypt_key(key32, 256, &aes_ks3);
1911 #ifndef OPENSSL_NO_CAMELLIA
1912 Camellia_set_key(key16, 128, &camellia_ks1);
1913 Camellia_set_key(ckey24, 192, &camellia_ks2);
1914 Camellia_set_key(ckey32, 256, &camellia_ks3);
1916 #ifndef OPENSSL_NO_IDEA
1917 IDEA_set_encrypt_key(key16, &idea_ks);
1919 #ifndef OPENSSL_NO_SEED
1920 SEED_set_key(key16, &seed_ks);
1922 #ifndef OPENSSL_NO_RC4
1923 RC4_set_key(&rc4_ks, 16, key16);
1925 #ifndef OPENSSL_NO_RC2
1926 RC2_set_key(&rc2_ks, 16, key16, 128);
1928 #ifndef OPENSSL_NO_RC5
1929 RC5_32_set_key(&rc5_ks, 16, key16, 12);
1931 #ifndef OPENSSL_NO_BF
1932 BF_set_key(&bf_ks, 16, key16);
1934 #ifndef OPENSSL_NO_CAST
1935 CAST_set_key(&cast_ks, 16, key16);
1938 # ifndef OPENSSL_NO_DES
1939 BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
1945 for (it = count; it; it--)
1946 DES_ecb_encrypt((DES_cblock *)loopargs[0].buf,
1947 (DES_cblock *)loopargs[0].buf, &sch, DES_ENCRYPT);
1951 c[D_MD2][0] = count / 10;
1952 c[D_MDC2][0] = count / 10;
1953 c[D_MD4][0] = count;
1954 c[D_MD5][0] = count;
1955 c[D_HMAC][0] = count;
1956 c[D_SHA1][0] = count;
1957 c[D_RMD160][0] = count;
1958 c[D_RC4][0] = count * 5;
1959 c[D_CBC_DES][0] = count;
1960 c[D_EDE3_DES][0] = count / 3;
1961 c[D_CBC_IDEA][0] = count;
1962 c[D_CBC_SEED][0] = count;
1963 c[D_CBC_RC2][0] = count;
1964 c[D_CBC_RC5][0] = count;
1965 c[D_CBC_BF][0] = count;
1966 c[D_CBC_CAST][0] = count;
1967 c[D_CBC_128_AES][0] = count;
1968 c[D_CBC_192_AES][0] = count;
1969 c[D_CBC_256_AES][0] = count;
1970 c[D_CBC_128_CML][0] = count;
1971 c[D_CBC_192_CML][0] = count;
1972 c[D_CBC_256_CML][0] = count;
1973 c[D_SHA256][0] = count;
1974 c[D_SHA512][0] = count;
1975 c[D_WHIRLPOOL][0] = count;
1976 c[D_IGE_128_AES][0] = count;
1977 c[D_IGE_192_AES][0] = count;
1978 c[D_IGE_256_AES][0] = count;
1979 c[D_GHASH][0] = count;
1980 c[D_RAND][0] = count;
1982 for (i = 1; i < size_num; i++) {
1985 l0 = (long)lengths[0];
1986 l1 = (long)lengths[i];
1988 c[D_MD2][i] = c[D_MD2][0] * 4 * l0 / l1;
1989 c[D_MDC2][i] = c[D_MDC2][0] * 4 * l0 / l1;
1990 c[D_MD4][i] = c[D_MD4][0] * 4 * l0 / l1;
1991 c[D_MD5][i] = c[D_MD5][0] * 4 * l0 / l1;
1992 c[D_HMAC][i] = c[D_HMAC][0] * 4 * l0 / l1;
1993 c[D_SHA1][i] = c[D_SHA1][0] * 4 * l0 / l1;
1994 c[D_RMD160][i] = c[D_RMD160][0] * 4 * l0 / l1;
1995 c[D_SHA256][i] = c[D_SHA256][0] * 4 * l0 / l1;
1996 c[D_SHA512][i] = c[D_SHA512][0] * 4 * l0 / l1;
1997 c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * l0 / l1;
1998 c[D_GHASH][i] = c[D_GHASH][0] * 4 * l0 / l1;
1999 c[D_RAND][i] = c[D_RAND][0] * 4 * l0 / l1;
2001 l0 = (long)lengths[i - 1];
2003 c[D_RC4][i] = c[D_RC4][i - 1] * l0 / l1;
2004 c[D_CBC_DES][i] = c[D_CBC_DES][i - 1] * l0 / l1;
2005 c[D_EDE3_DES][i] = c[D_EDE3_DES][i - 1] * l0 / l1;
2006 c[D_CBC_IDEA][i] = c[D_CBC_IDEA][i - 1] * l0 / l1;
2007 c[D_CBC_SEED][i] = c[D_CBC_SEED][i - 1] * l0 / l1;
2008 c[D_CBC_RC2][i] = c[D_CBC_RC2][i - 1] * l0 / l1;
2009 c[D_CBC_RC5][i] = c[D_CBC_RC5][i - 1] * l0 / l1;
2010 c[D_CBC_BF][i] = c[D_CBC_BF][i - 1] * l0 / l1;
2011 c[D_CBC_CAST][i] = c[D_CBC_CAST][i - 1] * l0 / l1;
2012 c[D_CBC_128_AES][i] = c[D_CBC_128_AES][i - 1] * l0 / l1;
2013 c[D_CBC_192_AES][i] = c[D_CBC_192_AES][i - 1] * l0 / l1;
2014 c[D_CBC_256_AES][i] = c[D_CBC_256_AES][i - 1] * l0 / l1;
2015 c[D_CBC_128_CML][i] = c[D_CBC_128_CML][i - 1] * l0 / l1;
2016 c[D_CBC_192_CML][i] = c[D_CBC_192_CML][i - 1] * l0 / l1;
2017 c[D_CBC_256_CML][i] = c[D_CBC_256_CML][i - 1] * l0 / l1;
2018 c[D_IGE_128_AES][i] = c[D_IGE_128_AES][i - 1] * l0 / l1;
2019 c[D_IGE_192_AES][i] = c[D_IGE_192_AES][i - 1] * l0 / l1;
2020 c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
2023 # ifndef OPENSSL_NO_RSA
2024 rsa_c[R_RSA_512][0] = count / 2000;
2025 rsa_c[R_RSA_512][1] = count / 400;
2026 for (i = 1; i < RSA_NUM; i++) {
2027 rsa_c[i][0] = rsa_c[i - 1][0] / 8;
2028 rsa_c[i][1] = rsa_c[i - 1][1] / 4;
2029 if (rsa_doit[i] <= 1 && rsa_c[i][0] == 0)
2032 if (rsa_c[i][0] == 0) {
2033 rsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2040 # ifndef OPENSSL_NO_DSA
2041 dsa_c[R_DSA_512][0] = count / 1000;
2042 dsa_c[R_DSA_512][1] = count / 1000 / 2;
2043 for (i = 1; i < DSA_NUM; i++) {
2044 dsa_c[i][0] = dsa_c[i - 1][0] / 4;
2045 dsa_c[i][1] = dsa_c[i - 1][1] / 4;
2046 if (dsa_doit[i] <= 1 && dsa_c[i][0] == 0)
2049 if (dsa_c[i][0] == 0) {
2050 dsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2057 # ifndef OPENSSL_NO_EC
2058 ecdsa_c[R_EC_P160][0] = count / 1000;
2059 ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
2060 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2061 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2062 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2063 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2066 if (ecdsa_c[i][0] == 0) {
2072 ecdsa_c[R_EC_K163][0] = count / 1000;
2073 ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
2074 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2075 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2076 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2077 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2080 if (ecdsa_c[i][0] == 0) {
2086 ecdsa_c[R_EC_B163][0] = count / 1000;
2087 ecdsa_c[R_EC_B163][1] = count / 1000 / 2;
2088 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2089 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2090 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2091 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2094 if (ecdsa_c[i][0] == 0) {
2101 ecdh_c[R_EC_P160][0] = count / 1000;
2102 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2103 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2104 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2107 if (ecdh_c[i][0] == 0) {
2112 ecdh_c[R_EC_K163][0] = count / 1000;
2113 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2114 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2115 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2118 if (ecdh_c[i][0] == 0) {
2123 ecdh_c[R_EC_B163][0] = count / 1000;
2124 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2125 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2126 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2129 if (ecdh_c[i][0] == 0) {
2134 /* repeated code good to factorize */
2135 ecdh_c[R_EC_BRP256R1][0] = count / 1000;
2136 for (i = R_EC_BRP384R1; i <= R_EC_BRP512R1; i += 2) {
2137 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2138 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2141 if (ecdh_c[i][0] == 0) {
2146 ecdh_c[R_EC_BRP256T1][0] = count / 1000;
2147 for (i = R_EC_BRP384T1; i <= R_EC_BRP512T1; i += 2) {
2148 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2149 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2152 if (ecdh_c[i][0] == 0) {
2157 /* default iteration count for the last two EC Curves */
2158 ecdh_c[R_EC_X25519][0] = count / 1800;
2159 ecdh_c[R_EC_X448][0] = count / 7200;
2161 eddsa_c[R_EC_Ed25519][0] = count / 1800;
2162 eddsa_c[R_EC_Ed448][0] = count / 7200;
2166 /* not worth fixing */
2167 # error "You cannot disable DES on systems without SIGALRM."
2168 # endif /* OPENSSL_NO_DES */
2170 signal(SIGALRM, alarmed);
2171 #endif /* SIGALRM */
2173 #ifndef OPENSSL_NO_MD2
2175 for (testnum = 0; testnum < size_num; testnum++) {
2176 print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum],
2179 count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs);
2181 print_result(D_MD2, testnum, count, d);
2185 #ifndef OPENSSL_NO_MDC2
2187 for (testnum = 0; testnum < size_num; testnum++) {
2188 print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum],
2191 count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs);
2193 print_result(D_MDC2, testnum, count, d);
2198 #ifndef OPENSSL_NO_MD4
2200 for (testnum = 0; testnum < size_num; testnum++) {
2201 print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum],
2204 count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs);
2206 print_result(D_MD4, testnum, count, d);
2211 #ifndef OPENSSL_NO_MD5
2213 for (testnum = 0; testnum < size_num; testnum++) {
2214 print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum],
2217 count = run_benchmark(async_jobs, MD5_loop, loopargs);
2219 print_result(D_MD5, testnum, count, d);
2224 static const char hmac_key[] = "This is a key...";
2225 int len = strlen(hmac_key);
2227 for (i = 0; i < loopargs_len; i++) {
2228 loopargs[i].hctx = HMAC_CTX_new();
2229 if (loopargs[i].hctx == NULL) {
2230 BIO_printf(bio_err, "HMAC malloc failure, exiting...");
2234 HMAC_Init_ex(loopargs[i].hctx, hmac_key, len, EVP_md5(), NULL);
2236 for (testnum = 0; testnum < size_num; testnum++) {
2237 print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum],
2240 count = run_benchmark(async_jobs, HMAC_loop, loopargs);
2242 print_result(D_HMAC, testnum, count, d);
2244 for (i = 0; i < loopargs_len; i++) {
2245 HMAC_CTX_free(loopargs[i].hctx);
2250 for (testnum = 0; testnum < size_num; testnum++) {
2251 print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum],
2254 count = run_benchmark(async_jobs, SHA1_loop, loopargs);
2256 print_result(D_SHA1, testnum, count, d);
2259 if (doit[D_SHA256]) {
2260 for (testnum = 0; testnum < size_num; testnum++) {
2261 print_message(names[D_SHA256], c[D_SHA256][testnum],
2262 lengths[testnum], seconds.sym);
2264 count = run_benchmark(async_jobs, SHA256_loop, loopargs);
2266 print_result(D_SHA256, testnum, count, d);
2269 if (doit[D_SHA512]) {
2270 for (testnum = 0; testnum < size_num; testnum++) {
2271 print_message(names[D_SHA512], c[D_SHA512][testnum],
2272 lengths[testnum], seconds.sym);
2274 count = run_benchmark(async_jobs, SHA512_loop, loopargs);
2276 print_result(D_SHA512, testnum, count, d);
2279 #ifndef OPENSSL_NO_WHIRLPOOL
2280 if (doit[D_WHIRLPOOL]) {
2281 for (testnum = 0; testnum < size_num; testnum++) {
2282 print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][testnum],
2283 lengths[testnum], seconds.sym);
2285 count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs);
2287 print_result(D_WHIRLPOOL, testnum, count, d);
2292 #ifndef OPENSSL_NO_RMD160
2293 if (doit[D_RMD160]) {
2294 for (testnum = 0; testnum < size_num; testnum++) {
2295 print_message(names[D_RMD160], c[D_RMD160][testnum],
2296 lengths[testnum], seconds.sym);
2298 count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs);
2300 print_result(D_RMD160, testnum, count, d);
2304 #ifndef OPENSSL_NO_RC4
2306 for (testnum = 0; testnum < size_num; testnum++) {
2307 print_message(names[D_RC4], c[D_RC4][testnum], lengths[testnum],
2310 count = run_benchmark(async_jobs, RC4_loop, loopargs);
2312 print_result(D_RC4, testnum, count, d);
2316 #ifndef OPENSSL_NO_DES
2317 if (doit[D_CBC_DES]) {
2318 for (testnum = 0; testnum < size_num; testnum++) {
2319 print_message(names[D_CBC_DES], c[D_CBC_DES][testnum],
2320 lengths[testnum], seconds.sym);
2322 count = run_benchmark(async_jobs, DES_ncbc_encrypt_loop, loopargs);
2324 print_result(D_CBC_DES, testnum, count, d);
2328 if (doit[D_EDE3_DES]) {
2329 for (testnum = 0; testnum < size_num; testnum++) {
2330 print_message(names[D_EDE3_DES], c[D_EDE3_DES][testnum],
2331 lengths[testnum], seconds.sym);
2334 run_benchmark(async_jobs, DES_ede3_cbc_encrypt_loop, loopargs);
2336 print_result(D_EDE3_DES, testnum, count, d);
2341 if (doit[D_CBC_128_AES]) {
2342 for (testnum = 0; testnum < size_num; testnum++) {
2343 print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][testnum],
2344 lengths[testnum], seconds.sym);
2347 run_benchmark(async_jobs, AES_cbc_128_encrypt_loop, loopargs);
2349 print_result(D_CBC_128_AES, testnum, count, d);
2352 if (doit[D_CBC_192_AES]) {
2353 for (testnum = 0; testnum < size_num; testnum++) {
2354 print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][testnum],
2355 lengths[testnum], seconds.sym);
2358 run_benchmark(async_jobs, AES_cbc_192_encrypt_loop, loopargs);
2360 print_result(D_CBC_192_AES, testnum, count, d);
2363 if (doit[D_CBC_256_AES]) {
2364 for (testnum = 0; testnum < size_num; testnum++) {
2365 print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][testnum],
2366 lengths[testnum], seconds.sym);
2369 run_benchmark(async_jobs, AES_cbc_256_encrypt_loop, loopargs);
2371 print_result(D_CBC_256_AES, testnum, count, d);
2375 if (doit[D_IGE_128_AES]) {
2376 for (testnum = 0; testnum < size_num; testnum++) {
2377 print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][testnum],
2378 lengths[testnum], seconds.sym);
2381 run_benchmark(async_jobs, AES_ige_128_encrypt_loop, loopargs);
2383 print_result(D_IGE_128_AES, testnum, count, d);
2386 if (doit[D_IGE_192_AES]) {
2387 for (testnum = 0; testnum < size_num; testnum++) {
2388 print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][testnum],
2389 lengths[testnum], seconds.sym);
2392 run_benchmark(async_jobs, AES_ige_192_encrypt_loop, loopargs);
2394 print_result(D_IGE_192_AES, testnum, count, d);
2397 if (doit[D_IGE_256_AES]) {
2398 for (testnum = 0; testnum < size_num; testnum++) {
2399 print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][testnum],
2400 lengths[testnum], seconds.sym);
2403 run_benchmark(async_jobs, AES_ige_256_encrypt_loop, loopargs);
2405 print_result(D_IGE_256_AES, testnum, count, d);
2408 if (doit[D_GHASH]) {
2409 for (i = 0; i < loopargs_len; i++) {
2410 loopargs[i].gcm_ctx =
2411 CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
2412 CRYPTO_gcm128_setiv(loopargs[i].gcm_ctx,
2413 (unsigned char *)"0123456789ab", 12);
2416 for (testnum = 0; testnum < size_num; testnum++) {
2417 print_message(names[D_GHASH], c[D_GHASH][testnum],
2418 lengths[testnum], seconds.sym);
2420 count = run_benchmark(async_jobs, CRYPTO_gcm128_aad_loop, loopargs);
2422 print_result(D_GHASH, testnum, count, d);
2424 for (i = 0; i < loopargs_len; i++)
2425 CRYPTO_gcm128_release(loopargs[i].gcm_ctx);
2427 #ifndef OPENSSL_NO_CAMELLIA
2428 if (doit[D_CBC_128_CML]) {
2429 if (async_jobs > 0) {
2430 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2431 names[D_CBC_128_CML]);
2432 doit[D_CBC_128_CML] = 0;
2434 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2435 print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][testnum],
2436 lengths[testnum], seconds.sym);
2438 for (count = 0, run = 1; COND(c[D_CBC_128_CML][testnum]); count++)
2439 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2440 (size_t)lengths[testnum], &camellia_ks1,
2441 iv, CAMELLIA_ENCRYPT);
2443 print_result(D_CBC_128_CML, testnum, count, d);
2446 if (doit[D_CBC_192_CML]) {
2447 if (async_jobs > 0) {
2448 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2449 names[D_CBC_192_CML]);
2450 doit[D_CBC_192_CML] = 0;
2452 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2453 print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][testnum],
2454 lengths[testnum], seconds.sym);
2455 if (async_jobs > 0) {
2456 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2460 for (count = 0, run = 1; COND(c[D_CBC_192_CML][testnum]); count++)
2461 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2462 (size_t)lengths[testnum], &camellia_ks2,
2463 iv, CAMELLIA_ENCRYPT);
2465 print_result(D_CBC_192_CML, testnum, count, d);
2468 if (doit[D_CBC_256_CML]) {
2469 if (async_jobs > 0) {
2470 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2471 names[D_CBC_256_CML]);
2472 doit[D_CBC_256_CML] = 0;
2474 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2475 print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][testnum],
2476 lengths[testnum], seconds.sym);
2478 for (count = 0, run = 1; COND(c[D_CBC_256_CML][testnum]); count++)
2479 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2480 (size_t)lengths[testnum], &camellia_ks3,
2481 iv, CAMELLIA_ENCRYPT);
2483 print_result(D_CBC_256_CML, testnum, count, d);
2487 #ifndef OPENSSL_NO_IDEA
2488 if (doit[D_CBC_IDEA]) {
2489 if (async_jobs > 0) {
2490 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2492 doit[D_CBC_IDEA] = 0;
2494 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2495 print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][testnum],
2496 lengths[testnum], seconds.sym);
2498 for (count = 0, run = 1; COND(c[D_CBC_IDEA][testnum]); count++)
2499 IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2500 (size_t)lengths[testnum], &idea_ks,
2503 print_result(D_CBC_IDEA, testnum, count, d);
2507 #ifndef OPENSSL_NO_SEED
2508 if (doit[D_CBC_SEED]) {
2509 if (async_jobs > 0) {
2510 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2512 doit[D_CBC_SEED] = 0;
2514 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2515 print_message(names[D_CBC_SEED], c[D_CBC_SEED][testnum],
2516 lengths[testnum], seconds.sym);
2518 for (count = 0, run = 1; COND(c[D_CBC_SEED][testnum]); count++)
2519 SEED_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2520 (size_t)lengths[testnum], &seed_ks, iv, 1);
2522 print_result(D_CBC_SEED, testnum, count, d);
2526 #ifndef OPENSSL_NO_RC2
2527 if (doit[D_CBC_RC2]) {
2528 if (async_jobs > 0) {
2529 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2531 doit[D_CBC_RC2] = 0;
2533 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2534 print_message(names[D_CBC_RC2], c[D_CBC_RC2][testnum],
2535 lengths[testnum], seconds.sym);
2536 if (async_jobs > 0) {
2537 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2541 for (count = 0, run = 1; COND(c[D_CBC_RC2][testnum]); count++)
2542 RC2_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2543 (size_t)lengths[testnum], &rc2_ks,
2546 print_result(D_CBC_RC2, testnum, count, d);
2550 #ifndef OPENSSL_NO_RC5
2551 if (doit[D_CBC_RC5]) {
2552 if (async_jobs > 0) {
2553 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2555 doit[D_CBC_RC5] = 0;
2557 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2558 print_message(names[D_CBC_RC5], c[D_CBC_RC5][testnum],
2559 lengths[testnum], seconds.sym);
2560 if (async_jobs > 0) {
2561 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2565 for (count = 0, run = 1; COND(c[D_CBC_RC5][testnum]); count++)
2566 RC5_32_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2567 (size_t)lengths[testnum], &rc5_ks,
2570 print_result(D_CBC_RC5, testnum, count, d);
2574 #ifndef OPENSSL_NO_BF
2575 if (doit[D_CBC_BF]) {
2576 if (async_jobs > 0) {
2577 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2581 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2582 print_message(names[D_CBC_BF], c[D_CBC_BF][testnum],
2583 lengths[testnum], seconds.sym);
2585 for (count = 0, run = 1; COND(c[D_CBC_BF][testnum]); count++)
2586 BF_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2587 (size_t)lengths[testnum], &bf_ks,
2590 print_result(D_CBC_BF, testnum, count, d);
2594 #ifndef OPENSSL_NO_CAST
2595 if (doit[D_CBC_CAST]) {
2596 if (async_jobs > 0) {
2597 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2599 doit[D_CBC_CAST] = 0;
2601 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2602 print_message(names[D_CBC_CAST], c[D_CBC_CAST][testnum],
2603 lengths[testnum], seconds.sym);
2605 for (count = 0, run = 1; COND(c[D_CBC_CAST][testnum]); count++)
2606 CAST_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2607 (size_t)lengths[testnum], &cast_ks,
2610 print_result(D_CBC_CAST, testnum, count, d);
2615 for (testnum = 0; testnum < size_num; testnum++) {
2616 print_message(names[D_RAND], c[D_RAND][testnum], lengths[testnum],
2619 count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs);
2621 print_result(D_RAND, testnum, count, d);
2626 if (evp_cipher != NULL) {
2627 int (*loopfunc)(void *args) = EVP_Update_loop;
2629 if (multiblock && (EVP_CIPHER_flags(evp_cipher) &
2630 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
2631 multiblock_speed(evp_cipher, lengths_single, &seconds);
2636 names[D_EVP] = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
2638 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_CCM_MODE) {
2639 loopfunc = EVP_Update_loop_ccm;
2640 } else if (aead && (EVP_CIPHER_flags(evp_cipher) &
2641 EVP_CIPH_FLAG_AEAD_CIPHER)) {
2642 loopfunc = EVP_Update_loop_aead;
2643 if (lengths == lengths_list) {
2644 lengths = aead_lengths_list;
2645 size_num = OSSL_NELEM(aead_lengths_list);
2649 for (testnum = 0; testnum < size_num; testnum++) {
2650 print_message(names[D_EVP], save_count, lengths[testnum],
2653 for (k = 0; k < loopargs_len; k++) {
2654 loopargs[k].ctx = EVP_CIPHER_CTX_new();
2655 EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL, NULL,
2656 iv, decrypt ? 0 : 1);
2658 EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
2660 keylen = EVP_CIPHER_CTX_key_length(loopargs[k].ctx);
2661 loopargs[k].key = app_malloc(keylen, "evp_cipher key");
2662 EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key);
2663 EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
2664 loopargs[k].key, NULL, -1);
2665 OPENSSL_clear_free(loopargs[k].key, keylen);
2667 /* SIV mode only allows for a single Update operation */
2668 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_SIV_MODE)
2669 EVP_CIPHER_CTX_ctrl(loopargs[k].ctx, EVP_CTRL_SET_SPEED, 1, NULL);
2673 count = run_benchmark(async_jobs, loopfunc, loopargs);
2675 for (k = 0; k < loopargs_len; k++) {
2676 EVP_CIPHER_CTX_free(loopargs[k].ctx);
2678 print_result(D_EVP, testnum, count, d);
2680 } else if (evp_md != NULL) {
2681 names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md));
2683 for (testnum = 0; testnum < size_num; testnum++) {
2684 print_message(names[D_EVP], save_count, lengths[testnum],
2687 count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs);
2689 print_result(D_EVP, testnum, count, d);
2694 if (doit[D_EVP_HMAC]) {
2695 if (evp_hmac_md != NULL) {
2696 const char *md_name = OBJ_nid2ln(EVP_MD_type(evp_hmac_md));
2697 evp_hmac_name = app_malloc(sizeof("HMAC()") + strlen(md_name),
2699 sprintf(evp_hmac_name, "HMAC(%s)", md_name);
2700 names[D_EVP_HMAC] = evp_hmac_name;
2702 for (testnum = 0; testnum < size_num; testnum++) {
2703 print_message(names[D_EVP_HMAC], save_count, lengths[testnum],
2706 count = run_benchmark(async_jobs, EVP_HMAC_loop, loopargs);
2708 print_result(D_EVP_HMAC, testnum, count, d);
2713 for (i = 0; i < loopargs_len; i++)
2714 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2717 #ifndef OPENSSL_NO_RSA
2718 for (testnum = 0; testnum < RSA_NUM; testnum++) {
2720 if (!rsa_doit[testnum])
2722 for (i = 0; i < loopargs_len; i++) {
2724 /* we haven't set keys yet, generate multi-prime RSA keys */
2725 BIGNUM *bn = BN_new();
2729 if (!BN_set_word(bn, RSA_F4)) {
2734 BIO_printf(bio_err, "Generate multi-prime RSA key for %s\n",
2735 rsa_choices[testnum].name);
2737 loopargs[i].rsa_key[testnum] = RSA_new();
2738 if (loopargs[i].rsa_key[testnum] == NULL) {
2743 if (!RSA_generate_multi_prime_key(loopargs[i].rsa_key[testnum],
2745 primes, bn, NULL)) {
2751 st = RSA_sign(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2752 &loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2758 "RSA sign failure. No RSA sign will be done.\n");
2759 ERR_print_errors(bio_err);
2762 pkey_print_message("private", "rsa",
2763 rsa_c[testnum][0], rsa_bits[testnum],
2765 /* RSA_blinding_on(rsa_key[testnum],NULL); */
2767 count = run_benchmark(async_jobs, RSA_sign_loop, loopargs);
2770 mr ? "+R1:%ld:%d:%.2f\n"
2771 : "%ld %u bits private RSA's in %.2fs\n",
2772 count, rsa_bits[testnum], d);
2773 rsa_results[testnum][0] = (double)count / d;
2777 for (i = 0; i < loopargs_len; i++) {
2778 st = RSA_verify(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2779 loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2785 "RSA verify failure. No RSA verify will be done.\n");
2786 ERR_print_errors(bio_err);
2787 rsa_doit[testnum] = 0;
2789 pkey_print_message("public", "rsa",
2790 rsa_c[testnum][1], rsa_bits[testnum],
2793 count = run_benchmark(async_jobs, RSA_verify_loop, loopargs);
2796 mr ? "+R2:%ld:%d:%.2f\n"
2797 : "%ld %u bits public RSA's in %.2fs\n",
2798 count, rsa_bits[testnum], d);
2799 rsa_results[testnum][1] = (double)count / d;
2802 if (rsa_count <= 1) {
2803 /* if longer than 10s, don't do any more */
2804 for (testnum++; testnum < RSA_NUM; testnum++)
2805 rsa_doit[testnum] = 0;
2808 #endif /* OPENSSL_NO_RSA */
2810 for (i = 0; i < loopargs_len; i++)
2811 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2814 #ifndef OPENSSL_NO_DSA
2815 for (testnum = 0; testnum < DSA_NUM; testnum++) {
2817 if (!dsa_doit[testnum])
2820 /* DSA_generate_key(dsa_key[testnum]); */
2821 /* DSA_sign_setup(dsa_key[testnum],NULL); */
2822 for (i = 0; i < loopargs_len; i++) {
2823 st = DSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
2824 &loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2830 "DSA sign failure. No DSA sign will be done.\n");
2831 ERR_print_errors(bio_err);
2834 pkey_print_message("sign", "dsa",
2835 dsa_c[testnum][0], dsa_bits[testnum],
2838 count = run_benchmark(async_jobs, DSA_sign_loop, loopargs);
2841 mr ? "+R3:%ld:%u:%.2f\n"
2842 : "%ld %u bits DSA signs in %.2fs\n",
2843 count, dsa_bits[testnum], d);
2844 dsa_results[testnum][0] = (double)count / d;
2848 for (i = 0; i < loopargs_len; i++) {
2849 st = DSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
2850 loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2856 "DSA verify failure. No DSA verify will be done.\n");
2857 ERR_print_errors(bio_err);
2858 dsa_doit[testnum] = 0;
2860 pkey_print_message("verify", "dsa",
2861 dsa_c[testnum][1], dsa_bits[testnum],
2864 count = run_benchmark(async_jobs, DSA_verify_loop, loopargs);
2867 mr ? "+R4:%ld:%u:%.2f\n"
2868 : "%ld %u bits DSA verify in %.2fs\n",
2869 count, dsa_bits[testnum], d);
2870 dsa_results[testnum][1] = (double)count / d;
2873 if (rsa_count <= 1) {
2874 /* if longer than 10s, don't do any more */
2875 for (testnum++; testnum < DSA_NUM; testnum++)
2876 dsa_doit[testnum] = 0;
2879 #endif /* OPENSSL_NO_DSA */
2881 #ifndef OPENSSL_NO_EC
2882 for (testnum = 0; testnum < ECDSA_NUM; testnum++) {
2885 if (!ecdsa_doit[testnum])
2886 continue; /* Ignore Curve */
2887 for (i = 0; i < loopargs_len; i++) {
2888 loopargs[i].ecdsa[testnum] =
2889 EC_KEY_new_by_curve_name(test_curves[testnum].nid);
2890 if (loopargs[i].ecdsa[testnum] == NULL) {
2896 BIO_printf(bio_err, "ECDSA failure.\n");
2897 ERR_print_errors(bio_err);
2900 for (i = 0; i < loopargs_len; i++) {
2901 EC_KEY_precompute_mult(loopargs[i].ecdsa[testnum], NULL);
2902 /* Perform ECDSA signature test */
2903 EC_KEY_generate_key(loopargs[i].ecdsa[testnum]);
2904 st = ECDSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
2905 &loopargs[i].siglen,
2906 loopargs[i].ecdsa[testnum]);
2912 "ECDSA sign failure. No ECDSA sign will be done.\n");
2913 ERR_print_errors(bio_err);
2916 pkey_print_message("sign", "ecdsa",
2917 ecdsa_c[testnum][0],
2918 test_curves[testnum].bits, seconds.ecdsa);
2920 count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs);
2924 mr ? "+R5:%ld:%u:%.2f\n" :
2925 "%ld %u bits ECDSA signs in %.2fs \n",
2926 count, test_curves[testnum].bits, d);
2927 ecdsa_results[testnum][0] = (double)count / d;
2931 /* Perform ECDSA verification test */
2932 for (i = 0; i < loopargs_len; i++) {
2933 st = ECDSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
2935 loopargs[i].ecdsa[testnum]);
2941 "ECDSA verify failure. No ECDSA verify will be done.\n");
2942 ERR_print_errors(bio_err);
2943 ecdsa_doit[testnum] = 0;
2945 pkey_print_message("verify", "ecdsa",
2946 ecdsa_c[testnum][1],
2947 test_curves[testnum].bits, seconds.ecdsa);
2949 count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs);
2952 mr ? "+R6:%ld:%u:%.2f\n"
2953 : "%ld %u bits ECDSA verify in %.2fs\n",
2954 count, test_curves[testnum].bits, d);
2955 ecdsa_results[testnum][1] = (double)count / d;
2958 if (rsa_count <= 1) {
2959 /* if longer than 10s, don't do any more */
2960 for (testnum++; testnum < ECDSA_NUM; testnum++)
2961 ecdsa_doit[testnum] = 0;
2966 for (testnum = 0; testnum < EC_NUM; testnum++) {
2967 int ecdh_checks = 1;
2969 if (!ecdh_doit[testnum])
2972 for (i = 0; i < loopargs_len; i++) {
2973 EVP_PKEY_CTX *kctx = NULL;
2974 EVP_PKEY_CTX *test_ctx = NULL;
2975 EVP_PKEY_CTX *ctx = NULL;
2976 EVP_PKEY *key_A = NULL;
2977 EVP_PKEY *key_B = NULL;
2981 /* Ensure that the error queue is empty */
2982 if (ERR_peek_error()) {
2984 "WARNING: the error queue contains previous unhandled errors.\n");
2985 ERR_print_errors(bio_err);
2988 /* Let's try to create a ctx directly from the NID: this works for
2989 * curves like Curve25519 that are not implemented through the low
2990 * level EC interface.
2991 * If this fails we try creating a EVP_PKEY_EC generic param ctx,
2992 * then we set the curve by NID before deriving the actual keygen
2993 * ctx for that specific curve. */
2994 kctx = EVP_PKEY_CTX_new_id(test_curves[testnum].nid, NULL); /* keygen ctx from NID */
2996 EVP_PKEY_CTX *pctx = NULL;
2997 EVP_PKEY *params = NULL;
2999 /* If we reach this code EVP_PKEY_CTX_new_id() failed and a
3000 * "int_ctx_new:unsupported algorithm" error was added to the
3002 * We remove it from the error queue as we are handling it. */
3003 unsigned long error = ERR_peek_error(); /* peek the latest error in the queue */
3004 if (error == ERR_peek_last_error() && /* oldest and latest errors match */
3005 /* check that the error origin matches */
3006 ERR_GET_LIB(error) == ERR_LIB_EVP &&
3007 ERR_GET_FUNC(error) == EVP_F_INT_CTX_NEW &&
3008 ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM)
3009 ERR_get_error(); /* pop error from queue */
3010 if (ERR_peek_error()) {
3012 "Unhandled error in the error queue during ECDH init.\n");
3013 ERR_print_errors(bio_err);
3018 if ( /* Create the context for parameter generation */
3019 !(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) ||
3020 /* Initialise the parameter generation */
3021 !EVP_PKEY_paramgen_init(pctx) ||
3022 /* Set the curve by NID */
3023 !EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3026 /* Create the parameter object params */
3027 !EVP_PKEY_paramgen(pctx, ¶ms)) {
3029 BIO_printf(bio_err, "ECDH EC params init failure.\n");
3030 ERR_print_errors(bio_err);
3034 /* Create the context for the key generation */
3035 kctx = EVP_PKEY_CTX_new(params, NULL);
3037 EVP_PKEY_free(params);
3039 EVP_PKEY_CTX_free(pctx);
3042 if (kctx == NULL || /* keygen ctx is not null */
3043 !EVP_PKEY_keygen_init(kctx) /* init keygen ctx */ ) {
3045 BIO_printf(bio_err, "ECDH keygen failure.\n");
3046 ERR_print_errors(bio_err);
3051 if (!EVP_PKEY_keygen(kctx, &key_A) || /* generate secret key A */
3052 !EVP_PKEY_keygen(kctx, &key_B) || /* generate secret key B */
3053 !(ctx = EVP_PKEY_CTX_new(key_A, NULL)) || /* derivation ctx from skeyA */
3054 !EVP_PKEY_derive_init(ctx) || /* init derivation ctx */
3055 !EVP_PKEY_derive_set_peer(ctx, key_B) || /* set peer pubkey in ctx */
3056 !EVP_PKEY_derive(ctx, NULL, &outlen) || /* determine max length */
3057 outlen == 0 || /* ensure outlen is a valid size */
3058 outlen > MAX_ECDH_SIZE /* avoid buffer overflow */ ) {
3060 BIO_printf(bio_err, "ECDH key generation failure.\n");
3061 ERR_print_errors(bio_err);
3066 /* Here we perform a test run, comparing the output of a*B and b*A;
3067 * we try this here and assume that further EVP_PKEY_derive calls
3068 * never fail, so we can skip checks in the actually benchmarked
3069 * code, for maximum performance. */
3070 if (!(test_ctx = EVP_PKEY_CTX_new(key_B, NULL)) || /* test ctx from skeyB */
3071 !EVP_PKEY_derive_init(test_ctx) || /* init derivation test_ctx */
3072 !EVP_PKEY_derive_set_peer(test_ctx, key_A) || /* set peer pubkey in test_ctx */
3073 !EVP_PKEY_derive(test_ctx, NULL, &test_outlen) || /* determine max length */
3074 !EVP_PKEY_derive(ctx, loopargs[i].secret_a, &outlen) || /* compute a*B */
3075 !EVP_PKEY_derive(test_ctx, loopargs[i].secret_b, &test_outlen) || /* compute b*A */
3076 test_outlen != outlen /* compare output length */ ) {
3078 BIO_printf(bio_err, "ECDH computation failure.\n");
3079 ERR_print_errors(bio_err);
3084 /* Compare the computation results: CRYPTO_memcmp() returns 0 if equal */
3085 if (CRYPTO_memcmp(loopargs[i].secret_a,
3086 loopargs[i].secret_b, outlen)) {
3088 BIO_printf(bio_err, "ECDH computations don't match.\n");
3089 ERR_print_errors(bio_err);
3094 loopargs[i].ecdh_ctx[testnum] = ctx;
3095 loopargs[i].outlen[testnum] = outlen;
3097 EVP_PKEY_free(key_A);
3098 EVP_PKEY_free(key_B);
3099 EVP_PKEY_CTX_free(kctx);
3101 EVP_PKEY_CTX_free(test_ctx);
3104 if (ecdh_checks != 0) {
3105 pkey_print_message("", "ecdh",
3107 test_curves[testnum].bits, seconds.ecdh);
3110 run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs);
3113 mr ? "+R7:%ld:%d:%.2f\n" :
3114 "%ld %u-bits ECDH ops in %.2fs\n", count,
3115 test_curves[testnum].bits, d);
3116 ecdh_results[testnum][0] = (double)count / d;
3120 if (rsa_count <= 1) {
3121 /* if longer than 10s, don't do any more */
3122 for (testnum++; testnum < OSSL_NELEM(ecdh_doit); testnum++)
3123 ecdh_doit[testnum] = 0;
3127 for (testnum = 0; testnum < EdDSA_NUM; testnum++) {
3129 EVP_PKEY *ed_pkey = NULL;
3130 EVP_PKEY_CTX *ed_pctx = NULL;
3132 if (!eddsa_doit[testnum])
3133 continue; /* Ignore Curve */
3134 for (i = 0; i < loopargs_len; i++) {
3135 loopargs[i].eddsa_ctx[testnum] = EVP_MD_CTX_new();
3136 if (loopargs[i].eddsa_ctx[testnum] == NULL) {
3141 if ((ed_pctx = EVP_PKEY_CTX_new_id(test_ed_curves[testnum].nid, NULL))
3143 || !EVP_PKEY_keygen_init(ed_pctx)
3144 || !EVP_PKEY_keygen(ed_pctx, &ed_pkey)) {
3146 EVP_PKEY_CTX_free(ed_pctx);
3149 EVP_PKEY_CTX_free(ed_pctx);
3151 if (!EVP_DigestSignInit(loopargs[i].eddsa_ctx[testnum], NULL, NULL,
3154 EVP_PKEY_free(ed_pkey);
3157 EVP_PKEY_free(ed_pkey);
3160 BIO_printf(bio_err, "EdDSA failure.\n");
3161 ERR_print_errors(bio_err);
3164 for (i = 0; i < loopargs_len; i++) {
3165 /* Perform EdDSA signature test */
3166 loopargs[i].sigsize = test_ed_curves[testnum].sigsize;
3167 st = EVP_DigestSign(loopargs[i].eddsa_ctx[testnum],
3168 loopargs[i].buf2, &loopargs[i].sigsize,
3169 loopargs[i].buf, 20);
3175 "EdDSA sign failure. No EdDSA sign will be done.\n");
3176 ERR_print_errors(bio_err);
3179 pkey_print_message("sign", test_ed_curves[testnum].name,
3180 eddsa_c[testnum][0],
3181 test_ed_curves[testnum].bits, seconds.eddsa);
3183 count = run_benchmark(async_jobs, EdDSA_sign_loop, loopargs);
3187 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3188 "%ld %u bits %s signs in %.2fs \n",
3189 count, test_ed_curves[testnum].bits,
3190 test_ed_curves[testnum].name, d);
3191 eddsa_results[testnum][0] = (double)count / d;
3195 /* Perform EdDSA verification test */
3196 for (i = 0; i < loopargs_len; i++) {
3197 st = EVP_DigestVerify(loopargs[i].eddsa_ctx[testnum],
3198 loopargs[i].buf2, loopargs[i].sigsize,
3199 loopargs[i].buf, 20);
3205 "EdDSA verify failure. No EdDSA verify will be done.\n");
3206 ERR_print_errors(bio_err);
3207 eddsa_doit[testnum] = 0;
3209 pkey_print_message("verify", test_ed_curves[testnum].name,
3210 eddsa_c[testnum][1],
3211 test_ed_curves[testnum].bits, seconds.eddsa);
3213 count = run_benchmark(async_jobs, EdDSA_verify_loop, loopargs);
3216 mr ? "+R9:%ld:%u:%s:%.2f\n"
3217 : "%ld %u bits %s verify in %.2fs\n",
3218 count, test_ed_curves[testnum].bits,
3219 test_ed_curves[testnum].name, d);
3220 eddsa_results[testnum][1] = (double)count / d;
3223 if (rsa_count <= 1) {
3224 /* if longer than 10s, don't do any more */
3225 for (testnum++; testnum < EdDSA_NUM; testnum++)
3226 eddsa_doit[testnum] = 0;
3231 #endif /* OPENSSL_NO_EC */
3236 printf("version: %s\n", OpenSSL_version(OPENSSL_FULL_VERSION_STRING));
3237 printf("built on: %s\n", OpenSSL_version(OPENSSL_BUILT_ON));
3239 printf("%s ", BN_options());
3240 #ifndef OPENSSL_NO_MD2
3241 printf("%s ", MD2_options());
3243 #ifndef OPENSSL_NO_RC4
3244 printf("%s ", RC4_options());
3246 #ifndef OPENSSL_NO_DES
3247 printf("%s ", DES_options());
3249 printf("%s ", AES_options());
3250 #ifndef OPENSSL_NO_IDEA
3251 printf("%s ", IDEA_options());
3253 #ifndef OPENSSL_NO_BF
3254 printf("%s ", BF_options());
3256 printf("\n%s\n", OpenSSL_version(OPENSSL_CFLAGS));
3264 ("The 'numbers' are in 1000s of bytes per second processed.\n");
3267 for (testnum = 0; testnum < size_num; testnum++)
3268 printf(mr ? ":%d" : "%7d bytes", lengths[testnum]);
3272 for (k = 0; k < ALGOR_NUM; k++) {
3276 printf("+F:%u:%s", k, names[k]);
3278 printf("%-13s", names[k]);
3279 for (testnum = 0; testnum < size_num; testnum++) {
3280 if (results[k][testnum] > 10000 && !mr)
3281 printf(" %11.2fk", results[k][testnum] / 1e3);
3283 printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]);
3287 #ifndef OPENSSL_NO_RSA
3289 for (k = 0; k < RSA_NUM; k++) {
3292 if (testnum && !mr) {
3293 printf("%18ssign verify sign/s verify/s\n", " ");
3297 printf("+F2:%u:%u:%f:%f\n",
3298 k, rsa_bits[k], rsa_results[k][0], rsa_results[k][1]);
3300 printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3301 rsa_bits[k], 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1],
3302 rsa_results[k][0], rsa_results[k][1]);
3305 #ifndef OPENSSL_NO_DSA
3307 for (k = 0; k < DSA_NUM; k++) {
3310 if (testnum && !mr) {
3311 printf("%18ssign verify sign/s verify/s\n", " ");
3315 printf("+F3:%u:%u:%f:%f\n",
3316 k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
3318 printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3319 dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1],
3320 dsa_results[k][0], dsa_results[k][1]);
3323 #ifndef OPENSSL_NO_EC
3325 for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) {
3328 if (testnum && !mr) {
3329 printf("%30ssign verify sign/s verify/s\n", " ");
3334 printf("+F4:%u:%u:%f:%f\n",
3335 k, test_curves[k].bits,
3336 ecdsa_results[k][0], ecdsa_results[k][1]);
3338 printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3339 test_curves[k].bits, test_curves[k].name,
3340 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1],
3341 ecdsa_results[k][0], ecdsa_results[k][1]);
3345 for (k = 0; k < EC_NUM; k++) {
3348 if (testnum && !mr) {
3349 printf("%30sop op/s\n", " ");
3353 printf("+F5:%u:%u:%f:%f\n",
3354 k, test_curves[k].bits,
3355 ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
3358 printf("%4u bits ecdh (%s) %8.4fs %8.1f\n",
3359 test_curves[k].bits, test_curves[k].name,
3360 1.0 / ecdh_results[k][0], ecdh_results[k][0]);
3364 for (k = 0; k < OSSL_NELEM(eddsa_doit); k++) {
3367 if (testnum && !mr) {
3368 printf("%30ssign verify sign/s verify/s\n", " ");
3373 printf("+F6:%u:%u:%s:%f:%f\n",
3374 k, test_ed_curves[k].bits, test_ed_curves[k].name,
3375 eddsa_results[k][0], eddsa_results[k][1]);
3377 printf("%4u bits EdDSA (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3378 test_ed_curves[k].bits, test_ed_curves[k].name,
3379 1.0 / eddsa_results[k][0], 1.0 / eddsa_results[k][1],
3380 eddsa_results[k][0], eddsa_results[k][1]);
3387 ERR_print_errors(bio_err);
3388 for (i = 0; i < loopargs_len; i++) {
3389 OPENSSL_free(loopargs[i].buf_malloc);
3390 OPENSSL_free(loopargs[i].buf2_malloc);
3392 #ifndef OPENSSL_NO_RSA
3393 for (k = 0; k < RSA_NUM; k++)
3394 RSA_free(loopargs[i].rsa_key[k]);
3396 #ifndef OPENSSL_NO_DSA
3397 for (k = 0; k < DSA_NUM; k++)
3398 DSA_free(loopargs[i].dsa_key[k]);
3400 #ifndef OPENSSL_NO_EC
3401 for (k = 0; k < ECDSA_NUM; k++)
3402 EC_KEY_free(loopargs[i].ecdsa[k]);
3403 for (k = 0; k < EC_NUM; k++)
3404 EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]);
3405 for (k = 0; k < EdDSA_NUM; k++)
3406 EVP_MD_CTX_free(loopargs[i].eddsa_ctx[k]);
3407 OPENSSL_free(loopargs[i].secret_a);
3408 OPENSSL_free(loopargs[i].secret_b);
3411 OPENSSL_free(evp_hmac_name);
3413 if (async_jobs > 0) {
3414 for (i = 0; i < loopargs_len; i++)
3415 ASYNC_WAIT_CTX_free(loopargs[i].wait_ctx);
3419 ASYNC_cleanup_thread();
3421 OPENSSL_free(loopargs);
3426 static void print_message(const char *s, long num, int length, int tm)
3430 mr ? "+DT:%s:%d:%d\n"
3431 : "Doing %s for %ds on %d size blocks: ", s, tm, length);
3432 (void)BIO_flush(bio_err);
3436 mr ? "+DN:%s:%ld:%d\n"
3437 : "Doing %s %ld times on %d size blocks: ", s, num, length);
3438 (void)BIO_flush(bio_err);
3442 static void pkey_print_message(const char *str, const char *str2, long num,
3443 unsigned int bits, int tm)
3447 mr ? "+DTP:%d:%s:%s:%d\n"
3448 : "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm);
3449 (void)BIO_flush(bio_err);
3453 mr ? "+DNP:%ld:%d:%s:%s\n"
3454 : "Doing %ld %u bits %s %s's: ", num, bits, str, str2);
3455 (void)BIO_flush(bio_err);
3459 static void print_result(int alg, int run_no, int count, double time_used)
3462 BIO_puts(bio_err, "EVP error!\n");
3466 mr ? "+R:%d:%s:%f\n"
3467 : "%d %s's in %.2fs\n", count, names[alg], time_used);
3468 results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
3472 static char *sstrsep(char **string, const char *delim)
3475 char *token = *string;
3480 memset(isdelim, 0, sizeof(isdelim));
3484 isdelim[(unsigned char)(*delim)] = 1;
3488 while (!isdelim[(unsigned char)(**string)]) {
3500 static int do_multi(int multi, int size_num)
3505 static char sep[] = ":";
3507 fds = app_malloc(sizeof(*fds) * multi, "fd buffer for do_multi");
3508 for (n = 0; n < multi; ++n) {
3509 if (pipe(fd) == -1) {
3510 BIO_printf(bio_err, "pipe failure\n");
3514 (void)BIO_flush(bio_err);
3521 if (dup(fd[1]) == -1) {
3522 BIO_printf(bio_err, "dup failed\n");
3531 printf("Forked child %d\n", n);
3534 /* for now, assume the pipe is long enough to take all the output */
3535 for (n = 0; n < multi; ++n) {
3540 f = fdopen(fds[n], "r");
3541 while (fgets(buf, sizeof(buf), f)) {
3542 p = strchr(buf, '\n');
3545 if (buf[0] != '+') {
3547 "Don't understand line '%s' from child %d\n", buf,
3551 printf("Got: %s from %d\n", buf, n);
3552 if (strncmp(buf, "+F:", 3) == 0) {
3557 alg = atoi(sstrsep(&p, sep));
3559 for (j = 0; j < size_num; ++j)
3560 results[alg][j] += atof(sstrsep(&p, sep));
3561 } else if (strncmp(buf, "+F2:", 4) == 0) {
3566 k = atoi(sstrsep(&p, sep));
3569 d = atof(sstrsep(&p, sep));
3570 rsa_results[k][0] += d;
3572 d = atof(sstrsep(&p, sep));
3573 rsa_results[k][1] += d;
3575 # ifndef OPENSSL_NO_DSA
3576 else if (strncmp(buf, "+F3:", 4) == 0) {
3581 k = atoi(sstrsep(&p, sep));
3584 d = atof(sstrsep(&p, sep));
3585 dsa_results[k][0] += d;
3587 d = atof(sstrsep(&p, sep));
3588 dsa_results[k][1] += d;
3591 # ifndef OPENSSL_NO_EC
3592 else if (strncmp(buf, "+F4:", 4) == 0) {
3597 k = atoi(sstrsep(&p, sep));
3600 d = atof(sstrsep(&p, sep));
3601 ecdsa_results[k][0] += d;
3603 d = atof(sstrsep(&p, sep));
3604 ecdsa_results[k][1] += d;
3605 } else if (strncmp(buf, "+F5:", 4) == 0) {
3610 k = atoi(sstrsep(&p, sep));
3613 d = atof(sstrsep(&p, sep));
3614 ecdh_results[k][0] += d;
3615 } else if (strncmp(buf, "+F6:", 4) == 0) {
3620 k = atoi(sstrsep(&p, sep));
3623 d = atof(sstrsep(&p, sep));
3624 eddsa_results[k][0] += d;
3626 d = atof(sstrsep(&p, sep));
3627 eddsa_results[k][1] += d;
3631 else if (strncmp(buf, "+H:", 3) == 0) {
3634 BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf,
3645 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
3646 const openssl_speed_sec_t *seconds)
3648 static const int mblengths_list[] =
3649 { 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 };
3650 const int *mblengths = mblengths_list;
3651 int j, count, keylen, num = OSSL_NELEM(mblengths_list);
3652 const char *alg_name;
3653 unsigned char *inp, *out, *key, no_key[32], no_iv[16];
3654 EVP_CIPHER_CTX *ctx;
3657 if (lengths_single) {
3658 mblengths = &lengths_single;
3662 inp = app_malloc(mblengths[num - 1], "multiblock input buffer");
3663 out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer");
3664 ctx = EVP_CIPHER_CTX_new();
3665 EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv);
3667 keylen = EVP_CIPHER_CTX_key_length(ctx);
3668 key = app_malloc(keylen, "evp_cipher key");
3669 EVP_CIPHER_CTX_rand_key(ctx, key);
3670 EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
3671 OPENSSL_clear_free(key, keylen);
3673 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key), no_key);
3674 alg_name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
3676 for (j = 0; j < num; j++) {
3677 print_message(alg_name, 0, mblengths[j], seconds->sym);
3679 for (count = 0, run = 1; run && count < 0x7fffffff; count++) {
3680 unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
3681 EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
3682 size_t len = mblengths[j];
3685 memset(aad, 0, 8); /* avoid uninitialized values */
3686 aad[8] = 23; /* SSL3_RT_APPLICATION_DATA */
3687 aad[9] = 3; /* version */
3689 aad[11] = 0; /* length */
3691 mb_param.out = NULL;
3694 mb_param.interleave = 8;
3696 packlen = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
3697 sizeof(mb_param), &mb_param);
3703 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
3704 sizeof(mb_param), &mb_param);
3708 RAND_bytes(out, 16);
3710 aad[11] = (unsigned char)(len >> 8);
3711 aad[12] = (unsigned char)(len);
3712 pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD,
3713 EVP_AEAD_TLS1_AAD_LEN, aad);
3714 EVP_Cipher(ctx, out, inp, len + pad);
3718 BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n"
3719 : "%d %s's in %.2fs\n", count, "evp", d);
3720 results[D_EVP][j] = ((double)count) / d * mblengths[j];
3724 fprintf(stdout, "+H");
3725 for (j = 0; j < num; j++)
3726 fprintf(stdout, ":%d", mblengths[j]);
3727 fprintf(stdout, "\n");
3728 fprintf(stdout, "+F:%d:%s", D_EVP, alg_name);
3729 for (j = 0; j < num; j++)
3730 fprintf(stdout, ":%.2f", results[D_EVP][j]);
3731 fprintf(stdout, "\n");
3734 "The 'numbers' are in 1000s of bytes per second processed.\n");
3735 fprintf(stdout, "type ");
3736 for (j = 0; j < num; j++)
3737 fprintf(stdout, "%7d bytes", mblengths[j]);
3738 fprintf(stdout, "\n");
3739 fprintf(stdout, "%-24s", alg_name);
3741 for (j = 0; j < num; j++) {
3742 if (results[D_EVP][j] > 10000)
3743 fprintf(stdout, " %11.2fk", results[D_EVP][j] / 1e3);
3745 fprintf(stdout, " %11.2f ", results[D_EVP][j]);
3747 fprintf(stdout, "\n");
3752 EVP_CIPHER_CTX_free(ctx);