2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
13 #define RSA_SECONDS 10
14 #define DSA_SECONDS 10
15 #define ECDSA_SECONDS 10
16 #define ECDH_SECONDS 10
17 #define EdDSA_SECONDS 10
18 #define SM2_SECONDS 10
20 /* We need to use some deprecated APIs */
21 #define OPENSSL_SUPPRESS_DEPRECATED
29 #include <openssl/crypto.h>
30 #include <openssl/rand.h>
31 #include <openssl/err.h>
32 #include <openssl/evp.h>
33 #include <openssl/objects.h>
34 #include <openssl/async.h>
35 #if !defined(OPENSSL_SYS_MSDOS)
43 #include <openssl/bn.h>
44 #ifndef OPENSSL_NO_DES
45 # include <openssl/des.h>
47 #include <openssl/aes.h>
48 #ifndef OPENSSL_NO_CAMELLIA
49 # include <openssl/camellia.h>
51 #ifndef OPENSSL_NO_MD2
52 # include <openssl/md2.h>
54 #ifndef OPENSSL_NO_MDC2
55 # include <openssl/mdc2.h>
57 #ifndef OPENSSL_NO_MD4
58 # include <openssl/md4.h>
60 #ifndef OPENSSL_NO_MD5
61 # include <openssl/md5.h>
63 #include <openssl/hmac.h>
64 #ifndef OPENSSL_NO_CMAC
65 #include <openssl/cmac.h>
67 #include <openssl/sha.h>
68 #ifndef OPENSSL_NO_RMD160
69 # include <openssl/ripemd.h>
71 #ifndef OPENSSL_NO_WHIRLPOOL
72 # include <openssl/whrlpool.h>
74 #ifndef OPENSSL_NO_RC4
75 # include <openssl/rc4.h>
77 #ifndef OPENSSL_NO_RC5
78 # include <openssl/rc5.h>
80 #ifndef OPENSSL_NO_RC2
81 # include <openssl/rc2.h>
83 #ifndef OPENSSL_NO_IDEA
84 # include <openssl/idea.h>
86 #ifndef OPENSSL_NO_SEED
87 # include <openssl/seed.h>
90 # include <openssl/blowfish.h>
92 #ifndef OPENSSL_NO_CAST
93 # include <openssl/cast.h>
95 #ifndef OPENSSL_NO_RSA
96 # include <openssl/rsa.h>
97 # include "./testrsa.h"
99 #include <openssl/x509.h>
100 #ifndef OPENSSL_NO_DSA
101 # include <openssl/dsa.h>
102 # include "./testdsa.h"
104 #ifndef OPENSSL_NO_EC
105 # include <openssl/ec.h>
107 #include <openssl/modes.h>
110 # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS)
123 #define MAX_MISALIGNMENT 63
124 #define MAX_ECDH_SIZE 256
127 typedef struct openssl_speed_sec_st {
135 } openssl_speed_sec_t;
137 static volatile int run = 0;
140 static int usertime = 1;
142 #ifndef OPENSSL_NO_MD2
143 static int EVP_Digest_MD2_loop(void *args);
146 #ifndef OPENSSL_NO_MDC2
147 static int EVP_Digest_MDC2_loop(void *args);
149 #ifndef OPENSSL_NO_MD4
150 static int EVP_Digest_MD4_loop(void *args);
152 #ifndef OPENSSL_NO_MD5
153 static int MD5_loop(void *args);
154 static int HMAC_loop(void *args);
156 static int SHA1_loop(void *args);
157 static int SHA256_loop(void *args);
158 static int SHA512_loop(void *args);
159 #ifndef OPENSSL_NO_WHIRLPOOL
160 static int WHIRLPOOL_loop(void *args);
162 #ifndef OPENSSL_NO_RMD160
163 static int EVP_Digest_RMD160_loop(void *args);
165 #ifndef OPENSSL_NO_RC4
166 static int RC4_loop(void *args);
168 #ifndef OPENSSL_NO_DES
169 static int DES_ncbc_encrypt_loop(void *args);
170 static int DES_ede3_cbc_encrypt_loop(void *args);
172 static int AES_cbc_128_encrypt_loop(void *args);
173 static int AES_cbc_192_encrypt_loop(void *args);
174 static int AES_cbc_256_encrypt_loop(void *args);
175 #ifndef OPENSSL_NO_DEPRECATED_3_0
176 static int AES_ige_128_encrypt_loop(void *args);
177 static int AES_ige_192_encrypt_loop(void *args);
178 static int AES_ige_256_encrypt_loop(void *args);
180 static int CRYPTO_gcm128_aad_loop(void *args);
181 static int RAND_bytes_loop(void *args);
182 static int EVP_Update_loop(void *args);
183 static int EVP_Update_loop_ccm(void *args);
184 static int EVP_Update_loop_aead(void *args);
185 static int EVP_Digest_loop(void *args);
186 #ifndef OPENSSL_NO_RSA
187 static int RSA_sign_loop(void *args);
188 static int RSA_verify_loop(void *args);
190 #ifndef OPENSSL_NO_DSA
191 static int DSA_sign_loop(void *args);
192 static int DSA_verify_loop(void *args);
194 #ifndef OPENSSL_NO_EC
195 static int ECDSA_sign_loop(void *args);
196 static int ECDSA_verify_loop(void *args);
197 static int EdDSA_sign_loop(void *args);
198 static int EdDSA_verify_loop(void *args);
199 # ifndef OPENSSL_NO_SM2
200 static int SM2_sign_loop(void *args);
201 static int SM2_verify_loop(void *args);
205 static double Time_F(int s);
206 static void print_message(const char *s, long num, int length, int tm);
207 static void pkey_print_message(const char *str, const char *str2,
208 long num, unsigned int bits, int sec);
209 static void print_result(int alg, int run_no, int count, double time_used);
211 static int do_multi(int multi, int size_num);
214 static const int lengths_list[] = {
215 16, 64, 256, 1024, 8 * 1024, 16 * 1024
217 static const int *lengths = lengths_list;
219 static const int aead_lengths_list[] = {
220 2, 31, 136, 1024, 8 * 1024, 16 * 1024
228 static void alarmed(int sig)
230 signal(SIGALRM, alarmed);
234 static double Time_F(int s)
236 double ret = app_tminterval(s, usertime);
242 #elif defined(_WIN32)
246 static unsigned int lapse;
247 static volatile unsigned int schlock;
248 static void alarm_win32(unsigned int secs)
253 # define alarm alarm_win32
255 static DWORD WINAPI sleepy(VOID * arg)
263 static double Time_F(int s)
270 thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
272 DWORD err = GetLastError();
273 BIO_printf(bio_err, "unable to CreateThread (%lu)", err);
277 Sleep(0); /* scheduler spinlock */
278 ret = app_tminterval(s, usertime);
280 ret = app_tminterval(s, usertime);
282 TerminateThread(thr, 0);
289 static double Time_F(int s)
291 return app_tminterval(s, usertime);
295 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
296 const openssl_speed_sec_t *seconds);
298 #define found(value, pairs, result)\
299 opt_found(value, result, pairs, OSSL_NELEM(pairs))
300 static int opt_found(const char *name, unsigned int *result,
301 const OPT_PAIR pairs[], unsigned int nbelem)
305 for (idx = 0; idx < nbelem; ++idx, pairs++)
306 if (strcmp(name, pairs->name) == 0) {
307 *result = pairs->retval;
313 typedef enum OPTION_choice {
314 OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
315 OPT_ELAPSED, OPT_EVP, OPT_HMAC, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
316 OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM,
317 OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD, OPT_CMAC
320 const OPTIONS speed_options[] = {
321 {OPT_HELP_STR, 1, '-', "Usage: %s [options] [algorithm...]\n"},
323 OPT_SECTION("General"),
324 {"help", OPT_HELP, '-', "Display this summary"},
326 "Enable (tls1>=1) multi-block mode on EVP-named cipher"},
327 {"mr", OPT_MR, '-', "Produce machine readable output"},
329 {"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"},
331 #ifndef OPENSSL_NO_ASYNC
332 {"async_jobs", OPT_ASYNCJOBS, 'p',
333 "Enable async mode and start specified number of jobs"},
335 #ifndef OPENSSL_NO_ENGINE
336 {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
338 {"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"},
340 OPT_SECTION("Selection"),
341 {"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"},
342 {"hmac", OPT_HMAC, 's', "HMAC using EVP-named digest"},
343 #ifndef OPENSSL_NO_CMAC
344 {"cmac", OPT_CMAC, 's', "CMAC using EVP-named cipher"},
346 {"decrypt", OPT_DECRYPT, '-',
347 "Time decryption instead of encryption (only EVP)"},
348 {"aead", OPT_AEAD, '-',
349 "Benchmark EVP-named AEAD cipher in TLS-like sequence"},
351 OPT_SECTION("Timing"),
352 {"elapsed", OPT_ELAPSED, '-',
353 "Use wall-clock time instead of CPU user time as divisor"},
354 {"seconds", OPT_SECONDS, 'p',
355 "Run benchmarks for specified amount of seconds"},
356 {"bytes", OPT_BYTES, 'p',
357 "Run [non-PKI] benchmarks on custom-sized buffer"},
358 {"misalign", OPT_MISALIGN, 'p',
359 "Use specified offset to mis-align buffers"},
364 {"algorithm", 0, 0, "Algorithm(s) to test (optional; otherwise tests all)"},
378 #define D_CBC_IDEA 10
379 #define D_CBC_SEED 11
383 #define D_CBC_CAST 15
384 #define D_CBC_128_AES 16
385 #define D_CBC_192_AES 17
386 #define D_CBC_256_AES 18
387 #define D_CBC_128_CML 19
388 #define D_CBC_192_CML 20
389 #define D_CBC_256_CML 21
393 #define D_WHIRLPOOL 25
394 #define D_IGE_128_AES 26
395 #define D_IGE_192_AES 27
396 #define D_IGE_256_AES 28
399 #define D_EVP_HMAC 31
400 #define D_EVP_CMAC 32
402 /* name of algorithms to test */
403 static const char *names[] = {
404 "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
405 "des cbc", "des ede3", "idea cbc", "seed cbc",
406 "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
407 "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
408 "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
409 "evp", "sha256", "sha512", "whirlpool",
410 "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
411 "rand", "hmac", "cmac"
413 #define ALGOR_NUM OSSL_NELEM(names)
415 /* list of configured algorithm (remaining) */
416 static const OPT_PAIR doit_choices[] = {
417 #ifndef OPENSSL_NO_MD2
420 #ifndef OPENSSL_NO_MDC2
423 #ifndef OPENSSL_NO_MD4
426 #ifndef OPENSSL_NO_MD5
431 {"sha256", D_SHA256},
432 {"sha512", D_SHA512},
433 #ifndef OPENSSL_NO_WHIRLPOOL
434 {"whirlpool", D_WHIRLPOOL},
436 #ifndef OPENSSL_NO_RMD160
437 {"ripemd", D_RMD160},
438 {"rmd160", D_RMD160},
439 {"ripemd160", D_RMD160},
441 #ifndef OPENSSL_NO_RC4
444 #ifndef OPENSSL_NO_DES
445 {"des-cbc", D_CBC_DES},
446 {"des-ede3", D_EDE3_DES},
448 {"aes-128-cbc", D_CBC_128_AES},
449 {"aes-192-cbc", D_CBC_192_AES},
450 {"aes-256-cbc", D_CBC_256_AES},
451 #ifndef OPENSSL_NO_DEPRECATED_3_0
452 {"aes-128-ige", D_IGE_128_AES},
453 {"aes-192-ige", D_IGE_192_AES},
454 {"aes-256-ige", D_IGE_256_AES},
456 #ifndef OPENSSL_NO_RC2
457 {"rc2-cbc", D_CBC_RC2},
460 #ifndef OPENSSL_NO_RC5
461 {"rc5-cbc", D_CBC_RC5},
464 #ifndef OPENSSL_NO_IDEA
465 {"idea-cbc", D_CBC_IDEA},
466 {"idea", D_CBC_IDEA},
468 #ifndef OPENSSL_NO_SEED
469 {"seed-cbc", D_CBC_SEED},
470 {"seed", D_CBC_SEED},
472 #ifndef OPENSSL_NO_BF
473 {"bf-cbc", D_CBC_BF},
474 {"blowfish", D_CBC_BF},
477 #ifndef OPENSSL_NO_CAST
478 {"cast-cbc", D_CBC_CAST},
479 {"cast", D_CBC_CAST},
480 {"cast5", D_CBC_CAST},
486 static double results[ALGOR_NUM][OSSL_NELEM(lengths_list)];
488 #ifndef OPENSSL_NO_DSA
490 # define R_DSA_1024 1
491 # define R_DSA_2048 2
492 static const OPT_PAIR dsa_choices[] = {
493 {"dsa512", R_DSA_512},
494 {"dsa1024", R_DSA_1024},
495 {"dsa2048", R_DSA_2048}
497 # define DSA_NUM OSSL_NELEM(dsa_choices)
499 static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */
500 #endif /* OPENSSL_NO_DSA */
508 #define R_RSA_15360 6
509 #ifndef OPENSSL_NO_RSA
510 static const OPT_PAIR rsa_choices[] = {
511 {"rsa512", R_RSA_512},
512 {"rsa1024", R_RSA_1024},
513 {"rsa2048", R_RSA_2048},
514 {"rsa3072", R_RSA_3072},
515 {"rsa4096", R_RSA_4096},
516 {"rsa7680", R_RSA_7680},
517 {"rsa15360", R_RSA_15360}
519 # define RSA_NUM OSSL_NELEM(rsa_choices)
521 static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */
522 #endif /* OPENSSL_NO_RSA */
531 #ifndef OPENSSL_NO_EC2M
553 #ifndef OPENSSL_NO_EC
554 static OPT_PAIR ecdsa_choices[] = {
555 {"ecdsap160", R_EC_P160},
556 {"ecdsap192", R_EC_P192},
557 {"ecdsap224", R_EC_P224},
558 {"ecdsap256", R_EC_P256},
559 {"ecdsap384", R_EC_P384},
560 {"ecdsap521", R_EC_P521},
561 # ifndef OPENSSL_NO_EC2M
562 {"ecdsak163", R_EC_K163},
563 {"ecdsak233", R_EC_K233},
564 {"ecdsak283", R_EC_K283},
565 {"ecdsak409", R_EC_K409},
566 {"ecdsak571", R_EC_K571},
567 {"ecdsab163", R_EC_B163},
568 {"ecdsab233", R_EC_B233},
569 {"ecdsab283", R_EC_B283},
570 {"ecdsab409", R_EC_B409},
571 {"ecdsab571", R_EC_B571},
573 {"ecdsabrp256r1", R_EC_BRP256R1},
574 {"ecdsabrp256t1", R_EC_BRP256T1},
575 {"ecdsabrp384r1", R_EC_BRP384R1},
576 {"ecdsabrp384t1", R_EC_BRP384T1},
577 {"ecdsabrp512r1", R_EC_BRP512R1},
578 {"ecdsabrp512t1", R_EC_BRP512T1}
580 # define ECDSA_NUM OSSL_NELEM(ecdsa_choices)
582 static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */
584 static const OPT_PAIR ecdh_choices[] = {
585 {"ecdhp160", R_EC_P160},
586 {"ecdhp192", R_EC_P192},
587 {"ecdhp224", R_EC_P224},
588 {"ecdhp256", R_EC_P256},
589 {"ecdhp384", R_EC_P384},
590 {"ecdhp521", R_EC_P521},
591 # ifndef OPENSSL_NO_EC2M
592 {"ecdhk163", R_EC_K163},
593 {"ecdhk233", R_EC_K233},
594 {"ecdhk283", R_EC_K283},
595 {"ecdhk409", R_EC_K409},
596 {"ecdhk571", R_EC_K571},
597 {"ecdhb163", R_EC_B163},
598 {"ecdhb233", R_EC_B233},
599 {"ecdhb283", R_EC_B283},
600 {"ecdhb409", R_EC_B409},
601 {"ecdhb571", R_EC_B571},
603 {"ecdhbrp256r1", R_EC_BRP256R1},
604 {"ecdhbrp256t1", R_EC_BRP256T1},
605 {"ecdhbrp384r1", R_EC_BRP384R1},
606 {"ecdhbrp384t1", R_EC_BRP384T1},
607 {"ecdhbrp512r1", R_EC_BRP512R1},
608 {"ecdhbrp512t1", R_EC_BRP512T1},
609 {"ecdhx25519", R_EC_X25519},
610 {"ecdhx448", R_EC_X448}
612 # define EC_NUM OSSL_NELEM(ecdh_choices)
614 static double ecdh_results[EC_NUM][1]; /* 1 op: derivation */
616 #define R_EC_Ed25519 0
618 static OPT_PAIR eddsa_choices[] = {
619 {"ed25519", R_EC_Ed25519},
620 {"ed448", R_EC_Ed448}
622 # define EdDSA_NUM OSSL_NELEM(eddsa_choices)
624 static double eddsa_results[EdDSA_NUM][2]; /* 2 ops: sign then verify */
626 # ifndef OPENSSL_NO_SM2
627 # define R_EC_CURVESM2 0
628 static OPT_PAIR sm2_choices[] = {
629 {"curveSM2", R_EC_CURVESM2}
631 # define SM2_ID "TLSv1.3+GM+Cipher+Suite"
632 # define SM2_ID_LEN sizeof("TLSv1.3+GM+Cipher+Suite") - 1
633 # define SM2_NUM OSSL_NELEM(sm2_choices)
635 static double sm2_results[SM2_NUM][2]; /* 2 ops: sign then verify */
636 # endif /* OPENSSL_NO_SM2 */
637 #endif /* OPENSSL_NO_EC */
640 # define COND(d) (count < (d))
641 # define COUNT(d) (d)
643 # define COND(unused_cond) (run && count<0x7fffffff)
644 # define COUNT(d) (count)
647 typedef struct loopargs_st {
648 ASYNC_JOB *inprogress_job;
649 ASYNC_WAIT_CTX *wait_ctx;
652 unsigned char *buf_malloc;
653 unsigned char *buf2_malloc;
657 #ifndef OPENSSL_NO_RSA
658 RSA *rsa_key[RSA_NUM];
660 #ifndef OPENSSL_NO_DSA
661 DSA *dsa_key[DSA_NUM];
663 #ifndef OPENSSL_NO_EC
664 EC_KEY *ecdsa[ECDSA_NUM];
665 EVP_PKEY_CTX *ecdh_ctx[EC_NUM];
666 EVP_MD_CTX *eddsa_ctx[EdDSA_NUM];
667 # ifndef OPENSSL_NO_SM2
668 EVP_MD_CTX *sm2_ctx[SM2_NUM];
669 EVP_MD_CTX *sm2_vfy_ctx[SM2_NUM];
670 EVP_PKEY *sm2_pkey[SM2_NUM];
672 unsigned char *secret_a;
673 unsigned char *secret_b;
674 size_t outlen[EC_NUM];
678 #ifndef OPENSSL_NO_CMAC
681 GCM128_CONTEXT *gcm_ctx;
683 static int run_benchmark(int async_jobs, int (*loop_function) (void *),
684 loopargs_t * loopargs);
686 static unsigned int testnum;
688 /* Nb of iterations to do per algorithm and key-size */
689 static long c[ALGOR_NUM][OSSL_NELEM(lengths_list)];
691 #ifndef OPENSSL_NO_MD2
692 static int EVP_Digest_MD2_loop(void *args)
694 loopargs_t *tempargs = *(loopargs_t **) args;
695 unsigned char *buf = tempargs->buf;
696 unsigned char md2[MD2_DIGEST_LENGTH];
699 for (count = 0; COND(c[D_MD2][testnum]); count++) {
700 if (!EVP_Digest(buf, (size_t)lengths[testnum], md2, NULL, EVP_md2(),
708 #ifndef OPENSSL_NO_MDC2
709 static int EVP_Digest_MDC2_loop(void *args)
711 loopargs_t *tempargs = *(loopargs_t **) args;
712 unsigned char *buf = tempargs->buf;
713 unsigned char mdc2[MDC2_DIGEST_LENGTH];
716 for (count = 0; COND(c[D_MDC2][testnum]); count++) {
717 if (!EVP_Digest(buf, (size_t)lengths[testnum], mdc2, NULL, EVP_mdc2(),
725 #ifndef OPENSSL_NO_MD4
726 static int EVP_Digest_MD4_loop(void *args)
728 loopargs_t *tempargs = *(loopargs_t **) args;
729 unsigned char *buf = tempargs->buf;
730 unsigned char md4[MD4_DIGEST_LENGTH];
733 for (count = 0; COND(c[D_MD4][testnum]); count++) {
734 if (!EVP_Digest(buf, (size_t)lengths[testnum], md4, NULL, EVP_md4(),
742 #ifndef OPENSSL_NO_MD5
743 static int MD5_loop(void *args)
745 loopargs_t *tempargs = *(loopargs_t **) args;
746 unsigned char *buf = tempargs->buf;
747 unsigned char md5[MD5_DIGEST_LENGTH];
749 for (count = 0; COND(c[D_MD5][testnum]); count++)
750 MD5(buf, lengths[testnum], md5);
754 static int HMAC_loop(void *args)
756 loopargs_t *tempargs = *(loopargs_t **) args;
757 unsigned char *buf = tempargs->buf;
758 HMAC_CTX *hctx = tempargs->hctx;
759 unsigned char hmac[MD5_DIGEST_LENGTH];
762 for (count = 0; COND(c[D_HMAC][testnum]); count++) {
763 HMAC_Init_ex(hctx, NULL, 0, NULL, NULL);
764 HMAC_Update(hctx, buf, lengths[testnum]);
765 HMAC_Final(hctx, hmac, NULL);
771 static int SHA1_loop(void *args)
773 loopargs_t *tempargs = *(loopargs_t **) args;
774 unsigned char *buf = tempargs->buf;
775 unsigned char sha[SHA_DIGEST_LENGTH];
777 for (count = 0; COND(c[D_SHA1][testnum]); count++)
778 SHA1(buf, lengths[testnum], sha);
782 static int SHA256_loop(void *args)
784 loopargs_t *tempargs = *(loopargs_t **) args;
785 unsigned char *buf = tempargs->buf;
786 unsigned char sha256[SHA256_DIGEST_LENGTH];
788 for (count = 0; COND(c[D_SHA256][testnum]); count++)
789 SHA256(buf, lengths[testnum], sha256);
793 static int SHA512_loop(void *args)
795 loopargs_t *tempargs = *(loopargs_t **) args;
796 unsigned char *buf = tempargs->buf;
797 unsigned char sha512[SHA512_DIGEST_LENGTH];
799 for (count = 0; COND(c[D_SHA512][testnum]); count++)
800 SHA512(buf, lengths[testnum], sha512);
804 #ifndef OPENSSL_NO_WHIRLPOOL
805 static int WHIRLPOOL_loop(void *args)
807 loopargs_t *tempargs = *(loopargs_t **) args;
808 unsigned char *buf = tempargs->buf;
809 unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
811 for (count = 0; COND(c[D_WHIRLPOOL][testnum]); count++)
812 WHIRLPOOL(buf, lengths[testnum], whirlpool);
817 #ifndef OPENSSL_NO_RMD160
818 static int EVP_Digest_RMD160_loop(void *args)
820 loopargs_t *tempargs = *(loopargs_t **) args;
821 unsigned char *buf = tempargs->buf;
822 unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
824 for (count = 0; COND(c[D_RMD160][testnum]); count++) {
825 if (!EVP_Digest(buf, (size_t)lengths[testnum], &(rmd160[0]),
826 NULL, EVP_ripemd160(), NULL))
833 #ifndef OPENSSL_NO_RC4
834 static RC4_KEY rc4_ks;
835 static int RC4_loop(void *args)
837 loopargs_t *tempargs = *(loopargs_t **) args;
838 unsigned char *buf = tempargs->buf;
840 for (count = 0; COND(c[D_RC4][testnum]); count++)
841 RC4(&rc4_ks, (size_t)lengths[testnum], buf, buf);
846 #ifndef OPENSSL_NO_DES
847 static unsigned char DES_iv[8];
848 static DES_key_schedule sch;
849 static DES_key_schedule sch2;
850 static DES_key_schedule sch3;
851 static int DES_ncbc_encrypt_loop(void *args)
853 loopargs_t *tempargs = *(loopargs_t **) args;
854 unsigned char *buf = tempargs->buf;
856 for (count = 0; COND(c[D_CBC_DES][testnum]); count++)
857 DES_ncbc_encrypt(buf, buf, lengths[testnum], &sch,
858 &DES_iv, DES_ENCRYPT);
862 static int DES_ede3_cbc_encrypt_loop(void *args)
864 loopargs_t *tempargs = *(loopargs_t **) args;
865 unsigned char *buf = tempargs->buf;
867 for (count = 0; COND(c[D_EDE3_DES][testnum]); count++)
868 DES_ede3_cbc_encrypt(buf, buf, lengths[testnum],
869 &sch, &sch2, &sch3, &DES_iv, DES_ENCRYPT);
874 #define MAX_BLOCK_SIZE 128
876 static unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
877 static AES_KEY aes_ks1, aes_ks2, aes_ks3;
878 static int AES_cbc_128_encrypt_loop(void *args)
880 loopargs_t *tempargs = *(loopargs_t **) args;
881 unsigned char *buf = tempargs->buf;
883 for (count = 0; COND(c[D_CBC_128_AES][testnum]); count++)
884 AES_cbc_encrypt(buf, buf,
885 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
889 static int AES_cbc_192_encrypt_loop(void *args)
891 loopargs_t *tempargs = *(loopargs_t **) args;
892 unsigned char *buf = tempargs->buf;
894 for (count = 0; COND(c[D_CBC_192_AES][testnum]); count++)
895 AES_cbc_encrypt(buf, buf,
896 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
900 static int AES_cbc_256_encrypt_loop(void *args)
902 loopargs_t *tempargs = *(loopargs_t **) args;
903 unsigned char *buf = tempargs->buf;
905 for (count = 0; COND(c[D_CBC_256_AES][testnum]); count++)
906 AES_cbc_encrypt(buf, buf,
907 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
911 #ifndef OPENSSL_NO_DEPRECATED_3_0
912 static int AES_ige_128_encrypt_loop(void *args)
914 loopargs_t *tempargs = *(loopargs_t **) args;
915 unsigned char *buf = tempargs->buf;
916 unsigned char *buf2 = tempargs->buf2;
918 for (count = 0; COND(c[D_IGE_128_AES][testnum]); count++)
919 AES_ige_encrypt(buf, buf2,
920 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
924 static int AES_ige_192_encrypt_loop(void *args)
926 loopargs_t *tempargs = *(loopargs_t **) args;
927 unsigned char *buf = tempargs->buf;
928 unsigned char *buf2 = tempargs->buf2;
930 for (count = 0; COND(c[D_IGE_192_AES][testnum]); count++)
931 AES_ige_encrypt(buf, buf2,
932 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
936 static int AES_ige_256_encrypt_loop(void *args)
938 loopargs_t *tempargs = *(loopargs_t **) args;
939 unsigned char *buf = tempargs->buf;
940 unsigned char *buf2 = tempargs->buf2;
942 for (count = 0; COND(c[D_IGE_256_AES][testnum]); count++)
943 AES_ige_encrypt(buf, buf2,
944 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
949 static int CRYPTO_gcm128_aad_loop(void *args)
951 loopargs_t *tempargs = *(loopargs_t **) args;
952 unsigned char *buf = tempargs->buf;
953 GCM128_CONTEXT *gcm_ctx = tempargs->gcm_ctx;
955 for (count = 0; COND(c[D_GHASH][testnum]); count++)
956 CRYPTO_gcm128_aad(gcm_ctx, buf, lengths[testnum]);
960 static int RAND_bytes_loop(void *args)
962 loopargs_t *tempargs = *(loopargs_t **) args;
963 unsigned char *buf = tempargs->buf;
966 for (count = 0; COND(c[D_RAND][testnum]); count++)
967 RAND_bytes(buf, lengths[testnum]);
971 static long save_count = 0;
972 static int decrypt = 0;
973 static int EVP_Update_loop(void *args)
975 loopargs_t *tempargs = *(loopargs_t **) args;
976 unsigned char *buf = tempargs->buf;
977 EVP_CIPHER_CTX *ctx = tempargs->ctx;
980 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
983 for (count = 0; COND(nb_iter); count++) {
984 rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
986 /* reset iv in case of counter overflow */
987 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
991 for (count = 0; COND(nb_iter); count++) {
992 rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
994 /* reset iv in case of counter overflow */
995 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
1000 EVP_DecryptFinal_ex(ctx, buf, &outl);
1002 EVP_EncryptFinal_ex(ctx, buf, &outl);
1007 * CCM does not support streaming. For the purpose of performance measurement,
1008 * each message is encrypted using the same (key,iv)-pair. Do not use this
1009 * code in your application.
1011 static int EVP_Update_loop_ccm(void *args)
1013 loopargs_t *tempargs = *(loopargs_t **) args;
1014 unsigned char *buf = tempargs->buf;
1015 EVP_CIPHER_CTX *ctx = tempargs->ctx;
1017 unsigned char tag[12];
1019 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1022 for (count = 0; COND(nb_iter); count++) {
1023 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), tag);
1025 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
1026 /* counter is reset on every update */
1027 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1030 for (count = 0; COND(nb_iter); count++) {
1031 /* restore iv length field */
1032 EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
1033 /* counter is reset on every update */
1034 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1038 EVP_DecryptFinal_ex(ctx, buf, &outl);
1040 EVP_EncryptFinal_ex(ctx, buf, &outl);
1045 * To make AEAD benchmarking more relevant perform TLS-like operations,
1046 * 13-byte AAD followed by payload. But don't use TLS-formatted AAD, as
1047 * payload length is not actually limited by 16KB...
1049 static int EVP_Update_loop_aead(void *args)
1051 loopargs_t *tempargs = *(loopargs_t **) args;
1052 unsigned char *buf = tempargs->buf;
1053 EVP_CIPHER_CTX *ctx = tempargs->ctx;
1055 unsigned char aad[13] = { 0xcc };
1056 unsigned char faketag[16] = { 0xcc };
1058 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1061 for (count = 0; COND(nb_iter); count++) {
1062 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
1063 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
1064 sizeof(faketag), faketag);
1065 EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1066 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1067 EVP_DecryptFinal_ex(ctx, buf + outl, &outl);
1070 for (count = 0; COND(nb_iter); count++) {
1071 EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv);
1072 EVP_EncryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1073 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1074 EVP_EncryptFinal_ex(ctx, buf + outl, &outl);
1080 static const EVP_MD *evp_md = NULL;
1081 static int EVP_Digest_loop(void *args)
1083 loopargs_t *tempargs = *(loopargs_t **) args;
1084 unsigned char *buf = tempargs->buf;
1085 unsigned char md[EVP_MAX_MD_SIZE];
1088 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1091 for (count = 0; COND(nb_iter); count++) {
1092 if (!EVP_Digest(buf, lengths[testnum], md, NULL, evp_md, NULL))
1098 static const EVP_MD *evp_hmac_md = NULL;
1099 static char *evp_hmac_name = NULL;
1100 static int EVP_HMAC_loop(void *args)
1102 loopargs_t *tempargs = *(loopargs_t **) args;
1103 unsigned char *buf = tempargs->buf;
1104 unsigned char no_key[32];
1107 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1110 for (count = 0; COND(nb_iter); count++) {
1111 if (HMAC(evp_hmac_md, no_key, sizeof(no_key), buf, lengths[testnum],
1112 NULL, NULL) == NULL)
1118 #ifndef OPENSSL_NO_CMAC
1119 static const EVP_CIPHER *evp_cmac_cipher = NULL;
1120 static char *evp_cmac_name = NULL;
1122 static int EVP_CMAC_loop(void *args)
1124 loopargs_t *tempargs = *(loopargs_t **) args;
1125 unsigned char *buf = tempargs->buf;
1126 CMAC_CTX *cmac_ctx = tempargs->cmac_ctx;
1127 static const char key[16] = "This is a key...";
1128 unsigned char mac[16];
1129 size_t len = sizeof(mac);
1132 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1135 for (count = 0; COND(nb_iter); count++) {
1136 if (!CMAC_Init(cmac_ctx, key, sizeof(key), evp_cmac_cipher, NULL)
1137 || !CMAC_Update(cmac_ctx, buf, lengths[testnum])
1138 || !CMAC_Final(cmac_ctx, mac, &len))
1145 #ifndef OPENSSL_NO_RSA
1146 static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */
1148 static int RSA_sign_loop(void *args)
1150 loopargs_t *tempargs = *(loopargs_t **) args;
1151 unsigned char *buf = tempargs->buf;
1152 unsigned char *buf2 = tempargs->buf2;
1153 unsigned int *rsa_num = &tempargs->siglen;
1154 RSA **rsa_key = tempargs->rsa_key;
1156 for (count = 0; COND(rsa_c[testnum][0]); count++) {
1157 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1159 BIO_printf(bio_err, "RSA sign failure\n");
1160 ERR_print_errors(bio_err);
1168 static int RSA_verify_loop(void *args)
1170 loopargs_t *tempargs = *(loopargs_t **) args;
1171 unsigned char *buf = tempargs->buf;
1172 unsigned char *buf2 = tempargs->buf2;
1173 unsigned int rsa_num = tempargs->siglen;
1174 RSA **rsa_key = tempargs->rsa_key;
1176 for (count = 0; COND(rsa_c[testnum][1]); count++) {
1178 RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1180 BIO_printf(bio_err, "RSA verify failure\n");
1181 ERR_print_errors(bio_err);
1190 #ifndef OPENSSL_NO_DSA
1191 static long dsa_c[DSA_NUM][2];
1192 static int DSA_sign_loop(void *args)
1194 loopargs_t *tempargs = *(loopargs_t **) args;
1195 unsigned char *buf = tempargs->buf;
1196 unsigned char *buf2 = tempargs->buf2;
1197 DSA **dsa_key = tempargs->dsa_key;
1198 unsigned int *siglen = &tempargs->siglen;
1200 for (count = 0; COND(dsa_c[testnum][0]); count++) {
1201 ret = DSA_sign(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1203 BIO_printf(bio_err, "DSA sign failure\n");
1204 ERR_print_errors(bio_err);
1212 static int DSA_verify_loop(void *args)
1214 loopargs_t *tempargs = *(loopargs_t **) args;
1215 unsigned char *buf = tempargs->buf;
1216 unsigned char *buf2 = tempargs->buf2;
1217 DSA **dsa_key = tempargs->dsa_key;
1218 unsigned int siglen = tempargs->siglen;
1220 for (count = 0; COND(dsa_c[testnum][1]); count++) {
1221 ret = DSA_verify(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1223 BIO_printf(bio_err, "DSA verify failure\n");
1224 ERR_print_errors(bio_err);
1233 #ifndef OPENSSL_NO_EC
1234 static long ecdsa_c[ECDSA_NUM][2];
1235 static int ECDSA_sign_loop(void *args)
1237 loopargs_t *tempargs = *(loopargs_t **) args;
1238 unsigned char *buf = tempargs->buf;
1239 EC_KEY **ecdsa = tempargs->ecdsa;
1240 unsigned char *ecdsasig = tempargs->buf2;
1241 unsigned int *ecdsasiglen = &tempargs->siglen;
1243 for (count = 0; COND(ecdsa_c[testnum][0]); count++) {
1244 ret = ECDSA_sign(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1246 BIO_printf(bio_err, "ECDSA sign failure\n");
1247 ERR_print_errors(bio_err);
1255 static int ECDSA_verify_loop(void *args)
1257 loopargs_t *tempargs = *(loopargs_t **) args;
1258 unsigned char *buf = tempargs->buf;
1259 EC_KEY **ecdsa = tempargs->ecdsa;
1260 unsigned char *ecdsasig = tempargs->buf2;
1261 unsigned int ecdsasiglen = tempargs->siglen;
1263 for (count = 0; COND(ecdsa_c[testnum][1]); count++) {
1264 ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1266 BIO_printf(bio_err, "ECDSA verify failure\n");
1267 ERR_print_errors(bio_err);
1275 /* ******************************************************************** */
1276 static long ecdh_c[EC_NUM][1];
1278 static int ECDH_EVP_derive_key_loop(void *args)
1280 loopargs_t *tempargs = *(loopargs_t **) args;
1281 EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum];
1282 unsigned char *derived_secret = tempargs->secret_a;
1284 size_t *outlen = &(tempargs->outlen[testnum]);
1286 for (count = 0; COND(ecdh_c[testnum][0]); count++)
1287 EVP_PKEY_derive(ctx, derived_secret, outlen);
1292 static long eddsa_c[EdDSA_NUM][2];
1293 static int EdDSA_sign_loop(void *args)
1295 loopargs_t *tempargs = *(loopargs_t **) args;
1296 unsigned char *buf = tempargs->buf;
1297 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1298 unsigned char *eddsasig = tempargs->buf2;
1299 size_t *eddsasigsize = &tempargs->sigsize;
1302 for (count = 0; COND(eddsa_c[testnum][0]); count++) {
1303 ret = EVP_DigestSign(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1305 BIO_printf(bio_err, "EdDSA sign failure\n");
1306 ERR_print_errors(bio_err);
1314 static int EdDSA_verify_loop(void *args)
1316 loopargs_t *tempargs = *(loopargs_t **) args;
1317 unsigned char *buf = tempargs->buf;
1318 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1319 unsigned char *eddsasig = tempargs->buf2;
1320 size_t eddsasigsize = tempargs->sigsize;
1323 for (count = 0; COND(eddsa_c[testnum][1]); count++) {
1324 ret = EVP_DigestVerify(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1326 BIO_printf(bio_err, "EdDSA verify failure\n");
1327 ERR_print_errors(bio_err);
1335 # ifndef OPENSSL_NO_SM2
1336 static long sm2_c[SM2_NUM][2];
1337 static int SM2_sign_loop(void *args)
1339 loopargs_t *tempargs = *(loopargs_t **) args;
1340 unsigned char *buf = tempargs->buf;
1341 EVP_MD_CTX **sm2ctx = tempargs->sm2_ctx;
1342 unsigned char *sm2sig = tempargs->buf2;
1343 size_t sm2sigsize = tempargs->sigsize;
1344 const size_t max_size = tempargs->sigsize;
1346 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1348 for (count = 0; COND(sm2_c[testnum][0]); count++) {
1349 if (!EVP_DigestSignInit(sm2ctx[testnum], NULL, EVP_sm3(),
1350 NULL, sm2_pkey[testnum])) {
1351 BIO_printf(bio_err, "SM2 init sign failure\n");
1352 ERR_print_errors(bio_err);
1356 ret = EVP_DigestSign(sm2ctx[testnum], sm2sig, &sm2sigsize,
1359 BIO_printf(bio_err, "SM2 sign failure\n");
1360 ERR_print_errors(bio_err);
1364 /* update the latest returned size and always use the fixed buffer size */
1365 tempargs->sigsize = sm2sigsize;
1366 sm2sigsize = max_size;
1372 static int SM2_verify_loop(void *args)
1374 loopargs_t *tempargs = *(loopargs_t **) args;
1375 unsigned char *buf = tempargs->buf;
1376 EVP_MD_CTX **sm2ctx = tempargs->sm2_vfy_ctx;
1377 unsigned char *sm2sig = tempargs->buf2;
1378 size_t sm2sigsize = tempargs->sigsize;
1380 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
1382 for (count = 0; COND(sm2_c[testnum][1]); count++) {
1383 if (!EVP_DigestVerifyInit(sm2ctx[testnum], NULL, EVP_sm3(),
1384 NULL, sm2_pkey[testnum])) {
1385 BIO_printf(bio_err, "SM2 verify init failure\n");
1386 ERR_print_errors(bio_err);
1390 ret = EVP_DigestVerify(sm2ctx[testnum], sm2sig, sm2sigsize,
1393 BIO_printf(bio_err, "SM2 verify failure\n");
1394 ERR_print_errors(bio_err);
1401 # endif /* OPENSSL_NO_SM2 */
1402 #endif /* OPENSSL_NO_EC */
1404 static int run_benchmark(int async_jobs,
1405 int (*loop_function) (void *), loopargs_t * loopargs)
1407 int job_op_count = 0;
1408 int total_op_count = 0;
1409 int num_inprogress = 0;
1410 int error = 0, i = 0, ret = 0;
1411 OSSL_ASYNC_FD job_fd = 0;
1412 size_t num_job_fds = 0;
1416 if (async_jobs == 0) {
1417 return loop_function((void *)&loopargs);
1420 for (i = 0; i < async_jobs && !error; i++) {
1421 loopargs_t *looparg_item = loopargs + i;
1423 /* Copy pointer content (looparg_t item address) into async context */
1424 ret = ASYNC_start_job(&loopargs[i].inprogress_job, loopargs[i].wait_ctx,
1425 &job_op_count, loop_function,
1426 (void *)&looparg_item, sizeof(looparg_item));
1432 if (job_op_count == -1) {
1435 total_op_count += job_op_count;
1440 BIO_printf(bio_err, "Failure in the job\n");
1441 ERR_print_errors(bio_err);
1447 while (num_inprogress > 0) {
1448 #if defined(OPENSSL_SYS_WINDOWS)
1450 #elif defined(OPENSSL_SYS_UNIX)
1451 int select_result = 0;
1452 OSSL_ASYNC_FD max_fd = 0;
1455 FD_ZERO(&waitfdset);
1457 for (i = 0; i < async_jobs && num_inprogress > 0; i++) {
1458 if (loopargs[i].inprogress_job == NULL)
1461 if (!ASYNC_WAIT_CTX_get_all_fds
1462 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1463 || num_job_fds > 1) {
1464 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1465 ERR_print_errors(bio_err);
1469 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1471 FD_SET(job_fd, &waitfdset);
1472 if (job_fd > max_fd)
1476 if (max_fd >= (OSSL_ASYNC_FD)FD_SETSIZE) {
1478 "Error: max_fd (%d) must be smaller than FD_SETSIZE (%d). "
1479 "Decrease the value of async_jobs\n",
1480 max_fd, FD_SETSIZE);
1481 ERR_print_errors(bio_err);
1486 select_result = select(max_fd + 1, &waitfdset, NULL, NULL, NULL);
1487 if (select_result == -1 && errno == EINTR)
1490 if (select_result == -1) {
1491 BIO_printf(bio_err, "Failure in the select\n");
1492 ERR_print_errors(bio_err);
1497 if (select_result == 0)
1501 for (i = 0; i < async_jobs; i++) {
1502 if (loopargs[i].inprogress_job == NULL)
1505 if (!ASYNC_WAIT_CTX_get_all_fds
1506 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1507 || num_job_fds > 1) {
1508 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1509 ERR_print_errors(bio_err);
1513 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1516 #if defined(OPENSSL_SYS_UNIX)
1517 if (num_job_fds == 1 && !FD_ISSET(job_fd, &waitfdset))
1519 #elif defined(OPENSSL_SYS_WINDOWS)
1520 if (num_job_fds == 1
1521 && !PeekNamedPipe(job_fd, NULL, 0, NULL, &avail, NULL)
1526 ret = ASYNC_start_job(&loopargs[i].inprogress_job,
1527 loopargs[i].wait_ctx, &job_op_count,
1528 loop_function, (void *)(loopargs + i),
1529 sizeof(loopargs_t));
1534 if (job_op_count == -1) {
1537 total_op_count += job_op_count;
1540 loopargs[i].inprogress_job = NULL;
1545 loopargs[i].inprogress_job = NULL;
1546 BIO_printf(bio_err, "Failure in the job\n");
1547 ERR_print_errors(bio_err);
1554 return error ? -1 : total_op_count;
1557 int speed_main(int argc, char **argv)
1560 loopargs_t *loopargs = NULL;
1562 const char *engine_id = NULL;
1563 const EVP_CIPHER *evp_cipher = NULL;
1566 int async_init = 0, multiblock = 0, pr_header = 0;
1567 int doit[ALGOR_NUM] = { 0 };
1568 int ret = 1, misalign = 0, lengths_single = 0, aead = 0;
1570 unsigned int size_num = OSSL_NELEM(lengths_list);
1571 unsigned int i, k, loop, loopargs_len = 0, async_jobs = 0;
1577 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) \
1578 || !defined(OPENSSL_NO_EC)
1581 openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS,
1582 ECDSA_SECONDS, ECDH_SECONDS,
1583 EdDSA_SECONDS, SM2_SECONDS };
1585 /* What follows are the buffers and key material. */
1586 #ifndef OPENSSL_NO_RC5
1589 #ifndef OPENSSL_NO_RC2
1592 #ifndef OPENSSL_NO_IDEA
1593 IDEA_KEY_SCHEDULE idea_ks;
1595 #ifndef OPENSSL_NO_SEED
1596 SEED_KEY_SCHEDULE seed_ks;
1598 #ifndef OPENSSL_NO_BF
1601 #ifndef OPENSSL_NO_CAST
1604 static const unsigned char key16[16] = {
1605 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1606 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1608 static const unsigned char key24[24] = {
1609 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1610 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1611 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1613 static const unsigned char key32[32] = {
1614 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1615 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1616 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1617 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1619 #ifndef OPENSSL_NO_CAMELLIA
1620 static const unsigned char ckey24[24] = {
1621 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1622 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1623 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1625 static const unsigned char ckey32[32] = {
1626 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1627 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1628 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1629 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1631 CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3;
1633 #ifndef OPENSSL_NO_DES
1634 static DES_cblock key = {
1635 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0
1637 static DES_cblock key2 = {
1638 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1640 static DES_cblock key3 = {
1641 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1644 #ifndef OPENSSL_NO_RSA
1645 static const unsigned int rsa_bits[RSA_NUM] = {
1646 512, 1024, 2048, 3072, 4096, 7680, 15360
1648 static const unsigned char *rsa_data[RSA_NUM] = {
1649 test512, test1024, test2048, test3072, test4096, test7680, test15360
1651 static const int rsa_data_length[RSA_NUM] = {
1652 sizeof(test512), sizeof(test1024),
1653 sizeof(test2048), sizeof(test3072),
1654 sizeof(test4096), sizeof(test7680),
1657 int rsa_doit[RSA_NUM] = { 0 };
1658 int primes = RSA_DEFAULT_PRIME_NUM;
1660 #ifndef OPENSSL_NO_DSA
1661 static const unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 };
1662 int dsa_doit[DSA_NUM] = { 0 };
1664 #ifndef OPENSSL_NO_EC
1666 * We only test over the following curves as they are representative, To
1667 * add tests over more curves, simply add the curve NID and curve name to
1668 * the following arrays and increase the |ecdh_choices| list accordingly.
1670 static const struct {
1676 {"secp160r1", NID_secp160r1, 160},
1677 {"nistp192", NID_X9_62_prime192v1, 192},
1678 {"nistp224", NID_secp224r1, 224},
1679 {"nistp256", NID_X9_62_prime256v1, 256},
1680 {"nistp384", NID_secp384r1, 384},
1681 {"nistp521", NID_secp521r1, 521},
1682 # ifndef OPENSSL_NO_EC2M
1684 {"nistk163", NID_sect163k1, 163},
1685 {"nistk233", NID_sect233k1, 233},
1686 {"nistk283", NID_sect283k1, 283},
1687 {"nistk409", NID_sect409k1, 409},
1688 {"nistk571", NID_sect571k1, 571},
1689 {"nistb163", NID_sect163r2, 163},
1690 {"nistb233", NID_sect233r1, 233},
1691 {"nistb283", NID_sect283r1, 283},
1692 {"nistb409", NID_sect409r1, 409},
1693 {"nistb571", NID_sect571r1, 571},
1695 {"brainpoolP256r1", NID_brainpoolP256r1, 256},
1696 {"brainpoolP256t1", NID_brainpoolP256t1, 256},
1697 {"brainpoolP384r1", NID_brainpoolP384r1, 384},
1698 {"brainpoolP384t1", NID_brainpoolP384t1, 384},
1699 {"brainpoolP512r1", NID_brainpoolP512r1, 512},
1700 {"brainpoolP512t1", NID_brainpoolP512t1, 512},
1701 /* Other and ECDH only ones */
1702 {"X25519", NID_X25519, 253},
1703 {"X448", NID_X448, 448}
1705 static const struct {
1710 } test_ed_curves[] = {
1712 {"Ed25519", NID_ED25519, 253, 64},
1713 {"Ed448", NID_ED448, 456, 114}
1715 # ifndef OPENSSL_NO_SM2
1716 static const struct {
1720 } test_sm2_curves[] = {
1722 {"CurveSM2", NID_sm2, 256}
1725 int ecdsa_doit[ECDSA_NUM] = { 0 };
1726 int ecdh_doit[EC_NUM] = { 0 };
1727 int eddsa_doit[EdDSA_NUM] = { 0 };
1728 # ifndef OPENSSL_NO_SM2
1729 int sm2_doit[SM2_NUM] = { 0 };
1731 OPENSSL_assert(OSSL_NELEM(test_curves) >= EC_NUM);
1732 OPENSSL_assert(OSSL_NELEM(test_ed_curves) >= EdDSA_NUM);
1733 # ifndef OPENSSL_NO_SM2
1734 OPENSSL_assert(OSSL_NELEM(test_sm2_curves) >= SM2_NUM);
1736 #endif /* ndef OPENSSL_NO_EC */
1738 prog = opt_init(argc, argv, speed_options);
1739 while ((o = opt_next()) != OPT_EOF) {
1744 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
1747 opt_help(speed_options);
1755 evp_cipher = EVP_get_cipherbyname(opt_arg());
1756 if (evp_cipher == NULL)
1757 evp_md = EVP_get_digestbyname(opt_arg());
1758 if (evp_cipher == NULL && evp_md == NULL) {
1760 "%s: %s is an unknown cipher or digest\n",
1767 evp_hmac_md = EVP_get_digestbyname(opt_arg());
1768 if (evp_hmac_md == NULL) {
1769 BIO_printf(bio_err, "%s: %s is an unknown digest\n",
1773 doit[D_EVP_HMAC] = 1;
1776 #ifndef OPENSSL_NO_CMAC
1777 evp_cmac_cipher = EVP_get_cipherbyname(opt_arg());
1778 if (evp_cmac_cipher == NULL) {
1779 BIO_printf(bio_err, "%s: %s is an unknown cipher\n",
1783 doit[D_EVP_CMAC] = 1;
1791 * In a forked execution, an engine might need to be
1792 * initialised by each child process, not by the parent.
1793 * So store the name here and run setup_engine() later on.
1795 engine_id = opt_arg();
1799 multi = atoi(opt_arg());
1803 #ifndef OPENSSL_NO_ASYNC
1804 async_jobs = atoi(opt_arg());
1805 if (!ASYNC_is_capable()) {
1807 "%s: async_jobs specified but async not supported\n",
1811 if (async_jobs > 99999) {
1812 BIO_printf(bio_err, "%s: too many async_jobs\n", prog);
1818 if (!opt_int(opt_arg(), &misalign))
1820 if (misalign > MISALIGN) {
1822 "%s: Maximum offset is %d\n", prog, MISALIGN);
1831 #ifdef OPENSSL_NO_MULTIBLOCK
1833 "%s: -mb specified but multi-block support is disabled\n",
1843 if (!opt_int(opt_arg(), &primes))
1847 seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa
1848 = seconds.ecdh = seconds.eddsa
1849 = seconds.sm2 = atoi(opt_arg());
1852 lengths_single = atoi(opt_arg());
1853 lengths = &lengths_single;
1861 argc = opt_num_rest();
1864 /* Remaining arguments are algorithms. */
1865 for (; *argv; argv++) {
1866 if (found(*argv, doit_choices, &i)) {
1870 #ifndef OPENSSL_NO_DES
1871 if (strcmp(*argv, "des") == 0) {
1872 doit[D_CBC_DES] = doit[D_EDE3_DES] = 1;
1876 if (strcmp(*argv, "sha") == 0) {
1877 doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1;
1880 #ifndef OPENSSL_NO_RSA
1881 if (strcmp(*argv, "openssl") == 0)
1883 if (strcmp(*argv, "rsa") == 0) {
1884 for (loop = 0; loop < OSSL_NELEM(rsa_doit); loop++)
1888 if (found(*argv, rsa_choices, &i)) {
1893 #ifndef OPENSSL_NO_DSA
1894 if (strcmp(*argv, "dsa") == 0) {
1895 dsa_doit[R_DSA_512] = dsa_doit[R_DSA_1024] =
1896 dsa_doit[R_DSA_2048] = 1;
1899 if (found(*argv, dsa_choices, &i)) {
1904 if (strcmp(*argv, "aes") == 0) {
1905 doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1;
1908 #ifndef OPENSSL_NO_CAMELLIA
1909 if (strcmp(*argv, "camellia") == 0) {
1910 doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1;
1914 #ifndef OPENSSL_NO_EC
1915 if (strcmp(*argv, "ecdsa") == 0) {
1916 for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
1917 ecdsa_doit[loop] = 1;
1920 if (found(*argv, ecdsa_choices, &i)) {
1924 if (strcmp(*argv, "ecdh") == 0) {
1925 for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
1926 ecdh_doit[loop] = 1;
1929 if (found(*argv, ecdh_choices, &i)) {
1933 if (strcmp(*argv, "eddsa") == 0) {
1934 for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
1935 eddsa_doit[loop] = 1;
1938 if (found(*argv, eddsa_choices, &i)) {
1942 # ifndef OPENSSL_NO_SM2
1943 if (strcmp(*argv, "sm2") == 0) {
1944 for (loop = 0; loop < OSSL_NELEM(sm2_doit); loop++)
1948 if (found(*argv, sm2_choices, &i)) {
1954 BIO_printf(bio_err, "%s: Unknown algorithm %s\n", prog, *argv);
1960 if (evp_cipher == NULL) {
1961 BIO_printf(bio_err, "-aead can be used only with an AEAD cipher\n");
1963 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1964 EVP_CIPH_FLAG_AEAD_CIPHER)) {
1965 BIO_printf(bio_err, "%s is not an AEAD cipher\n",
1966 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1971 if (evp_cipher == NULL) {
1972 BIO_printf(bio_err,"-mb can be used only with a multi-block"
1973 " capable cipher\n");
1975 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1976 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
1977 BIO_printf(bio_err, "%s is not a multi-block capable\n",
1978 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1980 } else if (async_jobs > 0) {
1981 BIO_printf(bio_err, "Async mode is not supported with -mb");
1986 /* Initialize the job pool if async mode is enabled */
1987 if (async_jobs > 0) {
1988 async_init = ASYNC_init_thread(async_jobs, async_jobs);
1990 BIO_printf(bio_err, "Error creating the ASYNC job pool\n");
1995 loopargs_len = (async_jobs == 0 ? 1 : async_jobs);
1997 app_malloc(loopargs_len * sizeof(loopargs_t), "array of loopargs");
1998 memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));
2000 for (i = 0; i < loopargs_len; i++) {
2001 if (async_jobs > 0) {
2002 loopargs[i].wait_ctx = ASYNC_WAIT_CTX_new();
2003 if (loopargs[i].wait_ctx == NULL) {
2004 BIO_printf(bio_err, "Error creating the ASYNC_WAIT_CTX\n");
2009 buflen = lengths[size_num - 1];
2010 if (buflen < 36) /* size of random vector in RSA benchmark */
2012 buflen += MAX_MISALIGNMENT + 1;
2013 loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
2014 loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");
2015 memset(loopargs[i].buf_malloc, 0, buflen);
2016 memset(loopargs[i].buf2_malloc, 0, buflen);
2018 /* Align the start of buffers on a 64 byte boundary */
2019 loopargs[i].buf = loopargs[i].buf_malloc + misalign;
2020 loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;
2021 #ifndef OPENSSL_NO_EC
2022 loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a");
2023 loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b");
2028 if (multi && do_multi(multi, size_num))
2032 /* Initialize the engine after the fork */
2033 e = setup_engine(engine_id, 0);
2035 /* No parameters; turn on everything. */
2036 if (argc == 0 && !doit[D_EVP] && !doit[D_EVP_HMAC] && !doit[D_EVP_CMAC]) {
2037 for (i = 0; i < ALGOR_NUM; i++)
2038 if (i != D_EVP && i != D_EVP_HMAC && i != D_EVP_CMAC)
2040 #ifndef OPENSSL_NO_RSA
2041 for (i = 0; i < RSA_NUM; i++)
2044 #ifndef OPENSSL_NO_DSA
2045 for (i = 0; i < DSA_NUM; i++)
2048 #ifndef OPENSSL_NO_EC
2049 for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
2050 ecdsa_doit[loop] = 1;
2051 for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
2052 ecdh_doit[loop] = 1;
2053 for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
2054 eddsa_doit[loop] = 1;
2055 # ifndef OPENSSL_NO_SM2
2056 for (loop = 0; loop < OSSL_NELEM(sm2_doit); loop++)
2061 for (i = 0; i < ALGOR_NUM; i++)
2065 if (usertime == 0 && !mr)
2067 "You have chosen to measure elapsed time "
2068 "instead of user CPU time.\n");
2070 #ifndef OPENSSL_NO_RSA
2071 for (i = 0; i < loopargs_len; i++) {
2072 if (primes > RSA_DEFAULT_PRIME_NUM) {
2073 /* for multi-prime RSA, skip this */
2076 for (k = 0; k < RSA_NUM; k++) {
2077 const unsigned char *p;
2080 loopargs[i].rsa_key[k] =
2081 d2i_RSAPrivateKey(NULL, &p, rsa_data_length[k]);
2082 if (loopargs[i].rsa_key[k] == NULL) {
2084 "internal error loading RSA key number %d\n", k);
2090 #ifndef OPENSSL_NO_DSA
2091 for (i = 0; i < loopargs_len; i++) {
2092 loopargs[i].dsa_key[0] = get_dsa(512);
2093 loopargs[i].dsa_key[1] = get_dsa(1024);
2094 loopargs[i].dsa_key[2] = get_dsa(2048);
2097 #ifndef OPENSSL_NO_DES
2098 DES_set_key_unchecked(&key, &sch);
2099 DES_set_key_unchecked(&key2, &sch2);
2100 DES_set_key_unchecked(&key3, &sch3);
2102 AES_set_encrypt_key(key16, 128, &aes_ks1);
2103 AES_set_encrypt_key(key24, 192, &aes_ks2);
2104 AES_set_encrypt_key(key32, 256, &aes_ks3);
2105 #ifndef OPENSSL_NO_CAMELLIA
2106 Camellia_set_key(key16, 128, &camellia_ks1);
2107 Camellia_set_key(ckey24, 192, &camellia_ks2);
2108 Camellia_set_key(ckey32, 256, &camellia_ks3);
2110 #ifndef OPENSSL_NO_IDEA
2111 IDEA_set_encrypt_key(key16, &idea_ks);
2113 #ifndef OPENSSL_NO_SEED
2114 SEED_set_key(key16, &seed_ks);
2116 #ifndef OPENSSL_NO_RC4
2117 RC4_set_key(&rc4_ks, 16, key16);
2119 #ifndef OPENSSL_NO_RC2
2120 RC2_set_key(&rc2_ks, 16, key16, 128);
2122 #ifndef OPENSSL_NO_RC5
2123 if (!RC5_32_set_key(&rc5_ks, 16, key16, 12)) {
2124 BIO_printf(bio_err, "Failed setting RC5 key\n");
2128 #ifndef OPENSSL_NO_BF
2129 BF_set_key(&bf_ks, 16, key16);
2131 #ifndef OPENSSL_NO_CAST
2132 CAST_set_key(&cast_ks, 16, key16);
2135 # ifndef OPENSSL_NO_DES
2136 BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
2142 for (it = count; it; it--)
2143 DES_ecb_encrypt((DES_cblock *)loopargs[0].buf,
2144 (DES_cblock *)loopargs[0].buf, &sch, DES_ENCRYPT);
2148 c[D_MD2][0] = count / 10;
2149 c[D_MDC2][0] = count / 10;
2150 c[D_MD4][0] = count;
2151 c[D_MD5][0] = count;
2152 c[D_HMAC][0] = count;
2153 c[D_SHA1][0] = count;
2154 c[D_RMD160][0] = count;
2155 c[D_RC4][0] = count * 5;
2156 c[D_CBC_DES][0] = count;
2157 c[D_EDE3_DES][0] = count / 3;
2158 c[D_CBC_IDEA][0] = count;
2159 c[D_CBC_SEED][0] = count;
2160 c[D_CBC_RC2][0] = count;
2161 c[D_CBC_RC5][0] = count;
2162 c[D_CBC_BF][0] = count;
2163 c[D_CBC_CAST][0] = count;
2164 c[D_CBC_128_AES][0] = count;
2165 c[D_CBC_192_AES][0] = count;
2166 c[D_CBC_256_AES][0] = count;
2167 c[D_CBC_128_CML][0] = count;
2168 c[D_CBC_192_CML][0] = count;
2169 c[D_CBC_256_CML][0] = count;
2170 c[D_SHA256][0] = count;
2171 c[D_SHA512][0] = count;
2172 c[D_WHIRLPOOL][0] = count;
2173 c[D_IGE_128_AES][0] = count;
2174 c[D_IGE_192_AES][0] = count;
2175 c[D_IGE_256_AES][0] = count;
2176 c[D_GHASH][0] = count;
2177 c[D_RAND][0] = count;
2179 for (i = 1; i < size_num; i++) {
2182 l0 = (long)lengths[0];
2183 l1 = (long)lengths[i];
2185 c[D_MD2][i] = c[D_MD2][0] * 4 * l0 / l1;
2186 c[D_MDC2][i] = c[D_MDC2][0] * 4 * l0 / l1;
2187 c[D_MD4][i] = c[D_MD4][0] * 4 * l0 / l1;
2188 c[D_MD5][i] = c[D_MD5][0] * 4 * l0 / l1;
2189 c[D_HMAC][i] = c[D_HMAC][0] * 4 * l0 / l1;
2190 c[D_SHA1][i] = c[D_SHA1][0] * 4 * l0 / l1;
2191 c[D_RMD160][i] = c[D_RMD160][0] * 4 * l0 / l1;
2192 c[D_SHA256][i] = c[D_SHA256][0] * 4 * l0 / l1;
2193 c[D_SHA512][i] = c[D_SHA512][0] * 4 * l0 / l1;
2194 c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * l0 / l1;
2195 c[D_GHASH][i] = c[D_GHASH][0] * 4 * l0 / l1;
2196 c[D_RAND][i] = c[D_RAND][0] * 4 * l0 / l1;
2198 l0 = (long)lengths[i - 1];
2200 c[D_RC4][i] = c[D_RC4][i - 1] * l0 / l1;
2201 c[D_CBC_DES][i] = c[D_CBC_DES][i - 1] * l0 / l1;
2202 c[D_EDE3_DES][i] = c[D_EDE3_DES][i - 1] * l0 / l1;
2203 c[D_CBC_IDEA][i] = c[D_CBC_IDEA][i - 1] * l0 / l1;
2204 c[D_CBC_SEED][i] = c[D_CBC_SEED][i - 1] * l0 / l1;
2205 c[D_CBC_RC2][i] = c[D_CBC_RC2][i - 1] * l0 / l1;
2206 c[D_CBC_RC5][i] = c[D_CBC_RC5][i - 1] * l0 / l1;
2207 c[D_CBC_BF][i] = c[D_CBC_BF][i - 1] * l0 / l1;
2208 c[D_CBC_CAST][i] = c[D_CBC_CAST][i - 1] * l0 / l1;
2209 c[D_CBC_128_AES][i] = c[D_CBC_128_AES][i - 1] * l0 / l1;
2210 c[D_CBC_192_AES][i] = c[D_CBC_192_AES][i - 1] * l0 / l1;
2211 c[D_CBC_256_AES][i] = c[D_CBC_256_AES][i - 1] * l0 / l1;
2212 c[D_CBC_128_CML][i] = c[D_CBC_128_CML][i - 1] * l0 / l1;
2213 c[D_CBC_192_CML][i] = c[D_CBC_192_CML][i - 1] * l0 / l1;
2214 c[D_CBC_256_CML][i] = c[D_CBC_256_CML][i - 1] * l0 / l1;
2215 c[D_IGE_128_AES][i] = c[D_IGE_128_AES][i - 1] * l0 / l1;
2216 c[D_IGE_192_AES][i] = c[D_IGE_192_AES][i - 1] * l0 / l1;
2217 c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
2220 # ifndef OPENSSL_NO_RSA
2221 rsa_c[R_RSA_512][0] = count / 2000;
2222 rsa_c[R_RSA_512][1] = count / 400;
2223 for (i = 1; i < RSA_NUM; i++) {
2224 rsa_c[i][0] = rsa_c[i - 1][0] / 8;
2225 rsa_c[i][1] = rsa_c[i - 1][1] / 4;
2226 if (rsa_doit[i] <= 1 && rsa_c[i][0] == 0)
2229 if (rsa_c[i][0] == 0) {
2230 rsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2237 # ifndef OPENSSL_NO_DSA
2238 dsa_c[R_DSA_512][0] = count / 1000;
2239 dsa_c[R_DSA_512][1] = count / 1000 / 2;
2240 for (i = 1; i < DSA_NUM; i++) {
2241 dsa_c[i][0] = dsa_c[i - 1][0] / 4;
2242 dsa_c[i][1] = dsa_c[i - 1][1] / 4;
2243 if (dsa_doit[i] <= 1 && dsa_c[i][0] == 0)
2246 if (dsa_c[i][0] == 0) {
2247 dsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2254 # ifndef OPENSSL_NO_EC
2255 ecdsa_c[R_EC_P160][0] = count / 1000;
2256 ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
2257 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2258 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2259 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2260 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2263 if (ecdsa_c[i][0] == 0) {
2269 # ifndef OPENSSL_NO_EC2M
2270 ecdsa_c[R_EC_K163][0] = count / 1000;
2271 ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
2272 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2273 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2274 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2275 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2278 if (ecdsa_c[i][0] == 0) {
2284 ecdsa_c[R_EC_B163][0] = count / 1000;
2285 ecdsa_c[R_EC_B163][1] = count / 1000 / 2;
2286 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2287 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2288 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2289 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2292 if (ecdsa_c[i][0] == 0) {
2300 ecdh_c[R_EC_P160][0] = count / 1000;
2301 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2302 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2303 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2306 if (ecdh_c[i][0] == 0) {
2311 # ifndef OPENSSL_NO_EC2M
2312 ecdh_c[R_EC_K163][0] = count / 1000;
2313 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2314 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2315 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2318 if (ecdh_c[i][0] == 0) {
2323 ecdh_c[R_EC_B163][0] = count / 1000;
2324 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2325 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2326 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2329 if (ecdh_c[i][0] == 0) {
2335 /* repeated code good to factorize */
2336 ecdh_c[R_EC_BRP256R1][0] = count / 1000;
2337 for (i = R_EC_BRP384R1; i <= R_EC_BRP512R1; i += 2) {
2338 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2339 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2342 if (ecdh_c[i][0] == 0) {
2347 ecdh_c[R_EC_BRP256T1][0] = count / 1000;
2348 for (i = R_EC_BRP384T1; i <= R_EC_BRP512T1; i += 2) {
2349 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2350 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2353 if (ecdh_c[i][0] == 0) {
2358 /* default iteration count for the last two EC Curves */
2359 ecdh_c[R_EC_X25519][0] = count / 1800;
2360 ecdh_c[R_EC_X448][0] = count / 7200;
2362 eddsa_c[R_EC_Ed25519][0] = count / 1800;
2363 eddsa_c[R_EC_Ed448][0] = count / 7200;
2365 # ifndef OPENSSL_NO_SM2
2366 sm2_c[R_EC_SM2P256][0] = count / 1800;
2371 /* not worth fixing */
2372 # error "You cannot disable DES on systems without SIGALRM."
2373 # endif /* OPENSSL_NO_DES */
2375 signal(SIGALRM, alarmed);
2376 #endif /* SIGALRM */
2378 #ifndef OPENSSL_NO_MD2
2380 for (testnum = 0; testnum < size_num; testnum++) {
2381 print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum],
2384 count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs);
2386 print_result(D_MD2, testnum, count, d);
2390 #ifndef OPENSSL_NO_MDC2
2392 for (testnum = 0; testnum < size_num; testnum++) {
2393 print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum],
2396 count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs);
2398 print_result(D_MDC2, testnum, count, d);
2403 #ifndef OPENSSL_NO_MD4
2405 for (testnum = 0; testnum < size_num; testnum++) {
2406 print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum],
2409 count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs);
2411 print_result(D_MD4, testnum, count, d);
2416 #ifndef OPENSSL_NO_MD5
2418 for (testnum = 0; testnum < size_num; testnum++) {
2419 print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum],
2422 count = run_benchmark(async_jobs, MD5_loop, loopargs);
2424 print_result(D_MD5, testnum, count, d);
2429 static const char hmac_key[] = "This is a key...";
2430 int len = strlen(hmac_key);
2432 for (i = 0; i < loopargs_len; i++) {
2433 loopargs[i].hctx = HMAC_CTX_new();
2434 if (loopargs[i].hctx == NULL) {
2435 BIO_printf(bio_err, "HMAC malloc failure, exiting...");
2439 HMAC_Init_ex(loopargs[i].hctx, hmac_key, len, EVP_md5(), NULL);
2441 for (testnum = 0; testnum < size_num; testnum++) {
2442 print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum],
2445 count = run_benchmark(async_jobs, HMAC_loop, loopargs);
2447 print_result(D_HMAC, testnum, count, d);
2449 for (i = 0; i < loopargs_len; i++) {
2450 HMAC_CTX_free(loopargs[i].hctx);
2455 for (testnum = 0; testnum < size_num; testnum++) {
2456 print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum],
2459 count = run_benchmark(async_jobs, SHA1_loop, loopargs);
2461 print_result(D_SHA1, testnum, count, d);
2464 if (doit[D_SHA256]) {
2465 for (testnum = 0; testnum < size_num; testnum++) {
2466 print_message(names[D_SHA256], c[D_SHA256][testnum],
2467 lengths[testnum], seconds.sym);
2469 count = run_benchmark(async_jobs, SHA256_loop, loopargs);
2471 print_result(D_SHA256, testnum, count, d);
2474 if (doit[D_SHA512]) {
2475 for (testnum = 0; testnum < size_num; testnum++) {
2476 print_message(names[D_SHA512], c[D_SHA512][testnum],
2477 lengths[testnum], seconds.sym);
2479 count = run_benchmark(async_jobs, SHA512_loop, loopargs);
2481 print_result(D_SHA512, testnum, count, d);
2484 #ifndef OPENSSL_NO_WHIRLPOOL
2485 if (doit[D_WHIRLPOOL]) {
2486 for (testnum = 0; testnum < size_num; testnum++) {
2487 print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][testnum],
2488 lengths[testnum], seconds.sym);
2490 count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs);
2492 print_result(D_WHIRLPOOL, testnum, count, d);
2497 #ifndef OPENSSL_NO_RMD160
2498 if (doit[D_RMD160]) {
2499 for (testnum = 0; testnum < size_num; testnum++) {
2500 print_message(names[D_RMD160], c[D_RMD160][testnum],
2501 lengths[testnum], seconds.sym);
2503 count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs);
2505 print_result(D_RMD160, testnum, count, d);
2509 #ifndef OPENSSL_NO_RC4
2511 for (testnum = 0; testnum < size_num; testnum++) {
2512 print_message(names[D_RC4], c[D_RC4][testnum], lengths[testnum],
2515 count = run_benchmark(async_jobs, RC4_loop, loopargs);
2517 print_result(D_RC4, testnum, count, d);
2521 #ifndef OPENSSL_NO_DES
2522 if (doit[D_CBC_DES]) {
2523 for (testnum = 0; testnum < size_num; testnum++) {
2524 print_message(names[D_CBC_DES], c[D_CBC_DES][testnum],
2525 lengths[testnum], seconds.sym);
2527 count = run_benchmark(async_jobs, DES_ncbc_encrypt_loop, loopargs);
2529 print_result(D_CBC_DES, testnum, count, d);
2533 if (doit[D_EDE3_DES]) {
2534 for (testnum = 0; testnum < size_num; testnum++) {
2535 print_message(names[D_EDE3_DES], c[D_EDE3_DES][testnum],
2536 lengths[testnum], seconds.sym);
2539 run_benchmark(async_jobs, DES_ede3_cbc_encrypt_loop, loopargs);
2541 print_result(D_EDE3_DES, testnum, count, d);
2546 if (doit[D_CBC_128_AES]) {
2547 for (testnum = 0; testnum < size_num; testnum++) {
2548 print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][testnum],
2549 lengths[testnum], seconds.sym);
2552 run_benchmark(async_jobs, AES_cbc_128_encrypt_loop, loopargs);
2554 print_result(D_CBC_128_AES, testnum, count, d);
2557 if (doit[D_CBC_192_AES]) {
2558 for (testnum = 0; testnum < size_num; testnum++) {
2559 print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][testnum],
2560 lengths[testnum], seconds.sym);
2563 run_benchmark(async_jobs, AES_cbc_192_encrypt_loop, loopargs);
2565 print_result(D_CBC_192_AES, testnum, count, d);
2568 if (doit[D_CBC_256_AES]) {
2569 for (testnum = 0; testnum < size_num; testnum++) {
2570 print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][testnum],
2571 lengths[testnum], seconds.sym);
2574 run_benchmark(async_jobs, AES_cbc_256_encrypt_loop, loopargs);
2576 print_result(D_CBC_256_AES, testnum, count, d);
2580 #ifndef OPENSSL_NO_DEPRECATED_3_0
2581 if (doit[D_IGE_128_AES]) {
2582 for (testnum = 0; testnum < size_num; testnum++) {
2583 print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][testnum],
2584 lengths[testnum], seconds.sym);
2587 run_benchmark(async_jobs, AES_ige_128_encrypt_loop, loopargs);
2589 print_result(D_IGE_128_AES, testnum, count, d);
2592 if (doit[D_IGE_192_AES]) {
2593 for (testnum = 0; testnum < size_num; testnum++) {
2594 print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][testnum],
2595 lengths[testnum], seconds.sym);
2598 run_benchmark(async_jobs, AES_ige_192_encrypt_loop, loopargs);
2600 print_result(D_IGE_192_AES, testnum, count, d);
2603 if (doit[D_IGE_256_AES]) {
2604 for (testnum = 0; testnum < size_num; testnum++) {
2605 print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][testnum],
2606 lengths[testnum], seconds.sym);
2609 run_benchmark(async_jobs, AES_ige_256_encrypt_loop, loopargs);
2611 print_result(D_IGE_256_AES, testnum, count, d);
2615 if (doit[D_GHASH]) {
2616 for (i = 0; i < loopargs_len; i++) {
2617 loopargs[i].gcm_ctx =
2618 CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
2619 CRYPTO_gcm128_setiv(loopargs[i].gcm_ctx,
2620 (unsigned char *)"0123456789ab", 12);
2623 for (testnum = 0; testnum < size_num; testnum++) {
2624 print_message(names[D_GHASH], c[D_GHASH][testnum],
2625 lengths[testnum], seconds.sym);
2627 count = run_benchmark(async_jobs, CRYPTO_gcm128_aad_loop, loopargs);
2629 print_result(D_GHASH, testnum, count, d);
2631 for (i = 0; i < loopargs_len; i++)
2632 CRYPTO_gcm128_release(loopargs[i].gcm_ctx);
2634 #ifndef OPENSSL_NO_CAMELLIA
2635 if (doit[D_CBC_128_CML]) {
2636 if (async_jobs > 0) {
2637 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2638 names[D_CBC_128_CML]);
2639 doit[D_CBC_128_CML] = 0;
2641 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2642 print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][testnum],
2643 lengths[testnum], seconds.sym);
2645 for (count = 0, run = 1; COND(c[D_CBC_128_CML][testnum]); count++)
2646 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2647 (size_t)lengths[testnum], &camellia_ks1,
2648 iv, CAMELLIA_ENCRYPT);
2650 print_result(D_CBC_128_CML, testnum, count, d);
2653 if (doit[D_CBC_192_CML]) {
2654 if (async_jobs > 0) {
2655 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2656 names[D_CBC_192_CML]);
2657 doit[D_CBC_192_CML] = 0;
2659 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2660 print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][testnum],
2661 lengths[testnum], seconds.sym);
2662 if (async_jobs > 0) {
2663 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2667 for (count = 0, run = 1; COND(c[D_CBC_192_CML][testnum]); count++)
2668 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2669 (size_t)lengths[testnum], &camellia_ks2,
2670 iv, CAMELLIA_ENCRYPT);
2672 print_result(D_CBC_192_CML, testnum, count, d);
2675 if (doit[D_CBC_256_CML]) {
2676 if (async_jobs > 0) {
2677 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2678 names[D_CBC_256_CML]);
2679 doit[D_CBC_256_CML] = 0;
2681 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2682 print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][testnum],
2683 lengths[testnum], seconds.sym);
2685 for (count = 0, run = 1; COND(c[D_CBC_256_CML][testnum]); count++)
2686 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2687 (size_t)lengths[testnum], &camellia_ks3,
2688 iv, CAMELLIA_ENCRYPT);
2690 print_result(D_CBC_256_CML, testnum, count, d);
2694 #ifndef OPENSSL_NO_IDEA
2695 if (doit[D_CBC_IDEA]) {
2696 if (async_jobs > 0) {
2697 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2699 doit[D_CBC_IDEA] = 0;
2701 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2702 print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][testnum],
2703 lengths[testnum], seconds.sym);
2705 for (count = 0, run = 1; COND(c[D_CBC_IDEA][testnum]); count++)
2706 IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2707 (size_t)lengths[testnum], &idea_ks,
2710 print_result(D_CBC_IDEA, testnum, count, d);
2714 #ifndef OPENSSL_NO_SEED
2715 if (doit[D_CBC_SEED]) {
2716 if (async_jobs > 0) {
2717 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2719 doit[D_CBC_SEED] = 0;
2721 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2722 print_message(names[D_CBC_SEED], c[D_CBC_SEED][testnum],
2723 lengths[testnum], seconds.sym);
2725 for (count = 0, run = 1; COND(c[D_CBC_SEED][testnum]); count++)
2726 SEED_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2727 (size_t)lengths[testnum], &seed_ks, iv, 1);
2729 print_result(D_CBC_SEED, testnum, count, d);
2733 #ifndef OPENSSL_NO_RC2
2734 if (doit[D_CBC_RC2]) {
2735 if (async_jobs > 0) {
2736 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2738 doit[D_CBC_RC2] = 0;
2740 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2741 print_message(names[D_CBC_RC2], c[D_CBC_RC2][testnum],
2742 lengths[testnum], seconds.sym);
2743 if (async_jobs > 0) {
2744 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2748 for (count = 0, run = 1; COND(c[D_CBC_RC2][testnum]); count++)
2749 RC2_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2750 (size_t)lengths[testnum], &rc2_ks,
2753 print_result(D_CBC_RC2, testnum, count, d);
2757 #ifndef OPENSSL_NO_RC5
2758 if (doit[D_CBC_RC5]) {
2759 if (async_jobs > 0) {
2760 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2762 doit[D_CBC_RC5] = 0;
2764 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2765 print_message(names[D_CBC_RC5], c[D_CBC_RC5][testnum],
2766 lengths[testnum], seconds.sym);
2767 if (async_jobs > 0) {
2768 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2772 for (count = 0, run = 1; COND(c[D_CBC_RC5][testnum]); count++)
2773 RC5_32_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2774 (size_t)lengths[testnum], &rc5_ks,
2777 print_result(D_CBC_RC5, testnum, count, d);
2781 #ifndef OPENSSL_NO_BF
2782 if (doit[D_CBC_BF]) {
2783 if (async_jobs > 0) {
2784 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2788 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2789 print_message(names[D_CBC_BF], c[D_CBC_BF][testnum],
2790 lengths[testnum], seconds.sym);
2792 for (count = 0, run = 1; COND(c[D_CBC_BF][testnum]); count++)
2793 BF_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2794 (size_t)lengths[testnum], &bf_ks,
2797 print_result(D_CBC_BF, testnum, count, d);
2801 #ifndef OPENSSL_NO_CAST
2802 if (doit[D_CBC_CAST]) {
2803 if (async_jobs > 0) {
2804 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2806 doit[D_CBC_CAST] = 0;
2808 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2809 print_message(names[D_CBC_CAST], c[D_CBC_CAST][testnum],
2810 lengths[testnum], seconds.sym);
2812 for (count = 0, run = 1; COND(c[D_CBC_CAST][testnum]); count++)
2813 CAST_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2814 (size_t)lengths[testnum], &cast_ks,
2817 print_result(D_CBC_CAST, testnum, count, d);
2822 for (testnum = 0; testnum < size_num; testnum++) {
2823 print_message(names[D_RAND], c[D_RAND][testnum], lengths[testnum],
2826 count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs);
2828 print_result(D_RAND, testnum, count, d);
2833 if (evp_cipher != NULL) {
2834 int (*loopfunc)(void *args) = EVP_Update_loop;
2836 if (multiblock && (EVP_CIPHER_flags(evp_cipher) &
2837 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
2838 multiblock_speed(evp_cipher, lengths_single, &seconds);
2843 names[D_EVP] = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
2845 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_CCM_MODE) {
2846 loopfunc = EVP_Update_loop_ccm;
2847 } else if (aead && (EVP_CIPHER_flags(evp_cipher) &
2848 EVP_CIPH_FLAG_AEAD_CIPHER)) {
2849 loopfunc = EVP_Update_loop_aead;
2850 if (lengths == lengths_list) {
2851 lengths = aead_lengths_list;
2852 size_num = OSSL_NELEM(aead_lengths_list);
2856 for (testnum = 0; testnum < size_num; testnum++) {
2857 print_message(names[D_EVP], save_count, lengths[testnum],
2860 for (k = 0; k < loopargs_len; k++) {
2861 loopargs[k].ctx = EVP_CIPHER_CTX_new();
2862 if (loopargs[k].ctx == NULL) {
2863 BIO_printf(bio_err, "\nEVP_CIPHER_CTX_new failure\n");
2866 if (!EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL,
2867 NULL, iv, decrypt ? 0 : 1)) {
2868 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2869 ERR_print_errors(bio_err);
2873 EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
2875 keylen = EVP_CIPHER_CTX_key_length(loopargs[k].ctx);
2876 loopargs[k].key = app_malloc(keylen, "evp_cipher key");
2877 EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key);
2878 if (!EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
2879 loopargs[k].key, NULL, -1)) {
2880 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2881 ERR_print_errors(bio_err);
2884 OPENSSL_clear_free(loopargs[k].key, keylen);
2886 /* SIV mode only allows for a single Update operation */
2887 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_SIV_MODE)
2888 EVP_CIPHER_CTX_ctrl(loopargs[k].ctx, EVP_CTRL_SET_SPEED, 1, NULL);
2892 count = run_benchmark(async_jobs, loopfunc, loopargs);
2894 for (k = 0; k < loopargs_len; k++) {
2895 EVP_CIPHER_CTX_free(loopargs[k].ctx);
2897 print_result(D_EVP, testnum, count, d);
2899 } else if (evp_md != NULL) {
2900 names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md));
2902 for (testnum = 0; testnum < size_num; testnum++) {
2903 print_message(names[D_EVP], save_count, lengths[testnum],
2906 count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs);
2908 print_result(D_EVP, testnum, count, d);
2913 if (doit[D_EVP_HMAC]) {
2914 if (evp_hmac_md != NULL) {
2915 const char *md_name = OBJ_nid2ln(EVP_MD_type(evp_hmac_md));
2916 evp_hmac_name = app_malloc(sizeof("HMAC()") + strlen(md_name),
2918 sprintf(evp_hmac_name, "HMAC(%s)", md_name);
2919 names[D_EVP_HMAC] = evp_hmac_name;
2921 for (testnum = 0; testnum < size_num; testnum++) {
2922 print_message(names[D_EVP_HMAC], save_count, lengths[testnum],
2925 count = run_benchmark(async_jobs, EVP_HMAC_loop, loopargs);
2927 print_result(D_EVP_HMAC, testnum, count, d);
2932 #ifndef OPENSSL_NO_CMAC
2933 if (doit[D_EVP_CMAC]) {
2934 if (evp_cmac_cipher != NULL) {
2935 const char *cipher_name = OBJ_nid2ln(EVP_CIPHER_type(evp_cmac_cipher));
2936 evp_cmac_name = app_malloc(sizeof("CMAC()") + strlen(cipher_name),
2938 sprintf(evp_cmac_name, "CMAC(%s)", cipher_name);
2939 names[D_EVP_CMAC] = evp_cmac_name;
2941 for (i = 0; i < loopargs_len; i++) {
2942 loopargs[i].cmac_ctx = CMAC_CTX_new();
2943 if (loopargs[i].cmac_ctx == NULL) {
2944 BIO_printf(bio_err, "CMAC malloc failure, exiting...");
2948 for (testnum = 0; testnum < size_num; testnum++) {
2949 print_message(names[D_EVP_CMAC], save_count, lengths[testnum],
2952 count = run_benchmark(async_jobs, EVP_CMAC_loop, loopargs);
2954 print_result(D_EVP_CMAC, testnum, count, d);
2956 for (i = 0; i < loopargs_len; i++)
2957 CMAC_CTX_free(loopargs[i].cmac_ctx);
2962 for (i = 0; i < loopargs_len; i++)
2963 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2966 #ifndef OPENSSL_NO_RSA
2967 for (testnum = 0; testnum < RSA_NUM; testnum++) {
2969 if (!rsa_doit[testnum])
2971 for (i = 0; i < loopargs_len; i++) {
2973 /* we haven't set keys yet, generate multi-prime RSA keys */
2974 BIGNUM *bn = BN_new();
2978 if (!BN_set_word(bn, RSA_F4)) {
2983 BIO_printf(bio_err, "Generate multi-prime RSA key for %s\n",
2984 rsa_choices[testnum].name);
2986 loopargs[i].rsa_key[testnum] = RSA_new();
2987 if (loopargs[i].rsa_key[testnum] == NULL) {
2992 if (!RSA_generate_multi_prime_key(loopargs[i].rsa_key[testnum],
2994 primes, bn, NULL)) {
3000 st = RSA_sign(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
3001 &loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
3007 "RSA sign failure. No RSA sign will be done.\n");
3008 ERR_print_errors(bio_err);
3011 pkey_print_message("private", "rsa",
3012 rsa_c[testnum][0], rsa_bits[testnum],
3014 /* RSA_blinding_on(rsa_key[testnum],NULL); */
3016 count = run_benchmark(async_jobs, RSA_sign_loop, loopargs);
3019 mr ? "+R1:%ld:%d:%.2f\n"
3020 : "%ld %u bits private RSA's in %.2fs\n",
3021 count, rsa_bits[testnum], d);
3022 rsa_results[testnum][0] = (double)count / d;
3026 for (i = 0; i < loopargs_len; i++) {
3027 st = RSA_verify(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
3028 loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
3034 "RSA verify failure. No RSA verify will be done.\n");
3035 ERR_print_errors(bio_err);
3036 rsa_doit[testnum] = 0;
3038 pkey_print_message("public", "rsa",
3039 rsa_c[testnum][1], rsa_bits[testnum],
3042 count = run_benchmark(async_jobs, RSA_verify_loop, loopargs);
3045 mr ? "+R2:%ld:%d:%.2f\n"
3046 : "%ld %u bits public RSA's in %.2fs\n",
3047 count, rsa_bits[testnum], d);
3048 rsa_results[testnum][1] = (double)count / d;
3051 if (rsa_count <= 1) {
3052 /* if longer than 10s, don't do any more */
3053 for (testnum++; testnum < RSA_NUM; testnum++)
3054 rsa_doit[testnum] = 0;
3057 #endif /* OPENSSL_NO_RSA */
3059 for (i = 0; i < loopargs_len; i++)
3060 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
3063 #ifndef OPENSSL_NO_DSA
3064 for (testnum = 0; testnum < DSA_NUM; testnum++) {
3066 if (!dsa_doit[testnum])
3069 /* DSA_generate_key(dsa_key[testnum]); */
3070 /* DSA_sign_setup(dsa_key[testnum],NULL); */
3071 for (i = 0; i < loopargs_len; i++) {
3072 st = DSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
3073 &loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
3079 "DSA sign failure. No DSA sign will be done.\n");
3080 ERR_print_errors(bio_err);
3083 pkey_print_message("sign", "dsa",
3084 dsa_c[testnum][0], dsa_bits[testnum],
3087 count = run_benchmark(async_jobs, DSA_sign_loop, loopargs);
3090 mr ? "+R3:%ld:%u:%.2f\n"
3091 : "%ld %u bits DSA signs in %.2fs\n",
3092 count, dsa_bits[testnum], d);
3093 dsa_results[testnum][0] = (double)count / d;
3097 for (i = 0; i < loopargs_len; i++) {
3098 st = DSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
3099 loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
3105 "DSA verify failure. No DSA verify will be done.\n");
3106 ERR_print_errors(bio_err);
3107 dsa_doit[testnum] = 0;
3109 pkey_print_message("verify", "dsa",
3110 dsa_c[testnum][1], dsa_bits[testnum],
3113 count = run_benchmark(async_jobs, DSA_verify_loop, loopargs);
3116 mr ? "+R4:%ld:%u:%.2f\n"
3117 : "%ld %u bits DSA verify in %.2fs\n",
3118 count, dsa_bits[testnum], d);
3119 dsa_results[testnum][1] = (double)count / d;
3122 if (rsa_count <= 1) {
3123 /* if longer than 10s, don't do any more */
3124 for (testnum++; testnum < DSA_NUM; testnum++)
3125 dsa_doit[testnum] = 0;
3128 #endif /* OPENSSL_NO_DSA */
3130 #ifndef OPENSSL_NO_EC
3131 for (testnum = 0; testnum < ECDSA_NUM; testnum++) {
3134 if (!ecdsa_doit[testnum])
3135 continue; /* Ignore Curve */
3136 for (i = 0; i < loopargs_len; i++) {
3137 loopargs[i].ecdsa[testnum] =
3138 EC_KEY_new_by_curve_name(test_curves[testnum].nid);
3139 if (loopargs[i].ecdsa[testnum] == NULL) {
3145 BIO_printf(bio_err, "ECDSA failure.\n");
3146 ERR_print_errors(bio_err);
3149 for (i = 0; i < loopargs_len; i++) {
3150 EC_KEY_precompute_mult(loopargs[i].ecdsa[testnum], NULL);
3151 /* Perform ECDSA signature test */
3152 EC_KEY_generate_key(loopargs[i].ecdsa[testnum]);
3153 st = ECDSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
3154 &loopargs[i].siglen,
3155 loopargs[i].ecdsa[testnum]);
3161 "ECDSA sign failure. No ECDSA sign will be done.\n");
3162 ERR_print_errors(bio_err);
3165 pkey_print_message("sign", "ecdsa",
3166 ecdsa_c[testnum][0],
3167 test_curves[testnum].bits, seconds.ecdsa);
3169 count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs);
3173 mr ? "+R5:%ld:%u:%.2f\n" :
3174 "%ld %u bits ECDSA signs in %.2fs \n",
3175 count, test_curves[testnum].bits, d);
3176 ecdsa_results[testnum][0] = (double)count / d;
3180 /* Perform ECDSA verification test */
3181 for (i = 0; i < loopargs_len; i++) {
3182 st = ECDSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
3184 loopargs[i].ecdsa[testnum]);
3190 "ECDSA verify failure. No ECDSA verify will be done.\n");
3191 ERR_print_errors(bio_err);
3192 ecdsa_doit[testnum] = 0;
3194 pkey_print_message("verify", "ecdsa",
3195 ecdsa_c[testnum][1],
3196 test_curves[testnum].bits, seconds.ecdsa);
3198 count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs);
3201 mr ? "+R6:%ld:%u:%.2f\n"
3202 : "%ld %u bits ECDSA verify in %.2fs\n",
3203 count, test_curves[testnum].bits, d);
3204 ecdsa_results[testnum][1] = (double)count / d;
3207 if (rsa_count <= 1) {
3208 /* if longer than 10s, don't do any more */
3209 for (testnum++; testnum < ECDSA_NUM; testnum++)
3210 ecdsa_doit[testnum] = 0;
3215 for (testnum = 0; testnum < EC_NUM; testnum++) {
3216 int ecdh_checks = 1;
3218 if (!ecdh_doit[testnum])
3221 for (i = 0; i < loopargs_len; i++) {
3222 EVP_PKEY_CTX *kctx = NULL;
3223 EVP_PKEY_CTX *test_ctx = NULL;
3224 EVP_PKEY_CTX *ctx = NULL;
3225 EVP_PKEY *key_A = NULL;
3226 EVP_PKEY *key_B = NULL;
3230 /* Ensure that the error queue is empty */
3231 if (ERR_peek_error()) {
3233 "WARNING: the error queue contains previous unhandled errors.\n");
3234 ERR_print_errors(bio_err);
3237 /* Let's try to create a ctx directly from the NID: this works for
3238 * curves like Curve25519 that are not implemented through the low
3239 * level EC interface.
3240 * If this fails we try creating a EVP_PKEY_EC generic param ctx,
3241 * then we set the curve by NID before deriving the actual keygen
3242 * ctx for that specific curve. */
3243 kctx = EVP_PKEY_CTX_new_id(test_curves[testnum].nid, NULL); /* keygen ctx from NID */
3245 EVP_PKEY_CTX *pctx = NULL;
3246 EVP_PKEY *params = NULL;
3248 /* If we reach this code EVP_PKEY_CTX_new_id() failed and a
3249 * "int_ctx_new:unsupported algorithm" error was added to the
3251 * We remove it from the error queue as we are handling it. */
3252 unsigned long error = ERR_peek_error(); /* peek the latest error in the queue */
3253 if (error == ERR_peek_last_error() && /* oldest and latest errors match */
3254 /* check that the error origin matches */
3255 ERR_GET_LIB(error) == ERR_LIB_EVP &&
3256 ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM)
3257 ERR_get_error(); /* pop error from queue */
3258 if (ERR_peek_error()) {
3260 "Unhandled error in the error queue during ECDH init.\n");
3261 ERR_print_errors(bio_err);
3266 if ( /* Create the context for parameter generation */
3267 !(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) ||
3268 /* Initialise the parameter generation */
3269 !EVP_PKEY_paramgen_init(pctx) ||
3270 /* Set the curve by NID */
3271 !EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3274 /* Create the parameter object params */
3275 !EVP_PKEY_paramgen(pctx, ¶ms)) {
3277 BIO_printf(bio_err, "ECDH EC params init failure.\n");
3278 ERR_print_errors(bio_err);
3282 /* Create the context for the key generation */
3283 kctx = EVP_PKEY_CTX_new(params, NULL);
3285 EVP_PKEY_free(params);
3287 EVP_PKEY_CTX_free(pctx);
3290 if (kctx == NULL || /* keygen ctx is not null */
3291 EVP_PKEY_keygen_init(kctx) <= 0/* init keygen ctx */ ) {
3293 BIO_printf(bio_err, "ECDH keygen failure.\n");
3294 ERR_print_errors(bio_err);
3299 if (EVP_PKEY_keygen(kctx, &key_A) <= 0 || /* generate secret key A */
3300 EVP_PKEY_keygen(kctx, &key_B) <= 0 || /* generate secret key B */
3301 !(ctx = EVP_PKEY_CTX_new(key_A, NULL)) || /* derivation ctx from skeyA */
3302 EVP_PKEY_derive_init(ctx) <= 0 || /* init derivation ctx */
3303 EVP_PKEY_derive_set_peer(ctx, key_B) <= 0 || /* set peer pubkey in ctx */
3304 EVP_PKEY_derive(ctx, NULL, &outlen) <= 0 || /* determine max length */
3305 outlen == 0 || /* ensure outlen is a valid size */
3306 outlen > MAX_ECDH_SIZE /* avoid buffer overflow */ ) {
3308 BIO_printf(bio_err, "ECDH key generation failure.\n");
3309 ERR_print_errors(bio_err);
3314 /* Here we perform a test run, comparing the output of a*B and b*A;
3315 * we try this here and assume that further EVP_PKEY_derive calls
3316 * never fail, so we can skip checks in the actually benchmarked
3317 * code, for maximum performance. */
3318 if (!(test_ctx = EVP_PKEY_CTX_new(key_B, NULL)) || /* test ctx from skeyB */
3319 !EVP_PKEY_derive_init(test_ctx) || /* init derivation test_ctx */
3320 !EVP_PKEY_derive_set_peer(test_ctx, key_A) || /* set peer pubkey in test_ctx */
3321 !EVP_PKEY_derive(test_ctx, NULL, &test_outlen) || /* determine max length */
3322 !EVP_PKEY_derive(ctx, loopargs[i].secret_a, &outlen) || /* compute a*B */
3323 !EVP_PKEY_derive(test_ctx, loopargs[i].secret_b, &test_outlen) || /* compute b*A */
3324 test_outlen != outlen /* compare output length */ ) {
3326 BIO_printf(bio_err, "ECDH computation failure.\n");
3327 ERR_print_errors(bio_err);
3332 /* Compare the computation results: CRYPTO_memcmp() returns 0 if equal */
3333 if (CRYPTO_memcmp(loopargs[i].secret_a,
3334 loopargs[i].secret_b, outlen)) {
3336 BIO_printf(bio_err, "ECDH computations don't match.\n");
3337 ERR_print_errors(bio_err);
3342 loopargs[i].ecdh_ctx[testnum] = ctx;
3343 loopargs[i].outlen[testnum] = outlen;
3345 EVP_PKEY_free(key_A);
3346 EVP_PKEY_free(key_B);
3347 EVP_PKEY_CTX_free(kctx);
3349 EVP_PKEY_CTX_free(test_ctx);
3352 if (ecdh_checks != 0) {
3353 pkey_print_message("", "ecdh",
3355 test_curves[testnum].bits, seconds.ecdh);
3358 run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs);
3361 mr ? "+R7:%ld:%d:%.2f\n" :
3362 "%ld %u-bits ECDH ops in %.2fs\n", count,
3363 test_curves[testnum].bits, d);
3364 ecdh_results[testnum][0] = (double)count / d;
3368 if (rsa_count <= 1) {
3369 /* if longer than 10s, don't do any more */
3370 for (testnum++; testnum < OSSL_NELEM(ecdh_doit); testnum++)
3371 ecdh_doit[testnum] = 0;
3375 for (testnum = 0; testnum < EdDSA_NUM; testnum++) {
3377 EVP_PKEY *ed_pkey = NULL;
3378 EVP_PKEY_CTX *ed_pctx = NULL;
3380 if (!eddsa_doit[testnum])
3381 continue; /* Ignore Curve */
3382 for (i = 0; i < loopargs_len; i++) {
3383 loopargs[i].eddsa_ctx[testnum] = EVP_MD_CTX_new();
3384 if (loopargs[i].eddsa_ctx[testnum] == NULL) {
3389 if ((ed_pctx = EVP_PKEY_CTX_new_id(test_ed_curves[testnum].nid, NULL))
3391 || EVP_PKEY_keygen_init(ed_pctx) <= 0
3392 || EVP_PKEY_keygen(ed_pctx, &ed_pkey) <= 0) {
3394 EVP_PKEY_CTX_free(ed_pctx);
3397 EVP_PKEY_CTX_free(ed_pctx);
3399 if (!EVP_DigestSignInit(loopargs[i].eddsa_ctx[testnum], NULL, NULL,
3402 EVP_PKEY_free(ed_pkey);
3405 EVP_PKEY_free(ed_pkey);
3408 BIO_printf(bio_err, "EdDSA failure.\n");
3409 ERR_print_errors(bio_err);
3412 for (i = 0; i < loopargs_len; i++) {
3413 /* Perform EdDSA signature test */
3414 loopargs[i].sigsize = test_ed_curves[testnum].sigsize;
3415 st = EVP_DigestSign(loopargs[i].eddsa_ctx[testnum],
3416 loopargs[i].buf2, &loopargs[i].sigsize,
3417 loopargs[i].buf, 20);
3423 "EdDSA sign failure. No EdDSA sign will be done.\n");
3424 ERR_print_errors(bio_err);
3427 pkey_print_message("sign", test_ed_curves[testnum].name,
3428 eddsa_c[testnum][0],
3429 test_ed_curves[testnum].bits, seconds.eddsa);
3431 count = run_benchmark(async_jobs, EdDSA_sign_loop, loopargs);
3435 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3436 "%ld %u bits %s signs in %.2fs \n",
3437 count, test_ed_curves[testnum].bits,
3438 test_ed_curves[testnum].name, d);
3439 eddsa_results[testnum][0] = (double)count / d;
3443 /* Perform EdDSA verification test */
3444 for (i = 0; i < loopargs_len; i++) {
3445 st = EVP_DigestVerify(loopargs[i].eddsa_ctx[testnum],
3446 loopargs[i].buf2, loopargs[i].sigsize,
3447 loopargs[i].buf, 20);
3453 "EdDSA verify failure. No EdDSA verify will be done.\n");
3454 ERR_print_errors(bio_err);
3455 eddsa_doit[testnum] = 0;
3457 pkey_print_message("verify", test_ed_curves[testnum].name,
3458 eddsa_c[testnum][1],
3459 test_ed_curves[testnum].bits, seconds.eddsa);
3461 count = run_benchmark(async_jobs, EdDSA_verify_loop, loopargs);
3464 mr ? "+R9:%ld:%u:%s:%.2f\n"
3465 : "%ld %u bits %s verify in %.2fs\n",
3466 count, test_ed_curves[testnum].bits,
3467 test_ed_curves[testnum].name, d);
3468 eddsa_results[testnum][1] = (double)count / d;
3471 if (rsa_count <= 1) {
3472 /* if longer than 10s, don't do any more */
3473 for (testnum++; testnum < EdDSA_NUM; testnum++)
3474 eddsa_doit[testnum] = 0;
3479 # ifndef OPENSSL_NO_SM2
3480 for (testnum = 0; testnum < SM2_NUM; testnum++) {
3482 EVP_PKEY *sm2_pkey = NULL;
3483 EVP_PKEY_CTX *pctx = NULL;
3484 EVP_PKEY_CTX *sm2_pctx = NULL;
3485 EVP_PKEY_CTX *sm2_vfy_pctx = NULL;
3486 size_t sm2_sigsize = 0;
3488 if (!sm2_doit[testnum])
3489 continue; /* Ignore Curve */
3490 /* Init signing and verification */
3491 for (i = 0; i < loopargs_len; i++) {
3492 loopargs[i].sm2_ctx[testnum] = EVP_MD_CTX_new();
3493 if (loopargs[i].sm2_ctx[testnum] == NULL) {
3497 loopargs[i].sm2_vfy_ctx[testnum] = EVP_MD_CTX_new();
3498 if (loopargs[i].sm2_vfy_ctx[testnum] == NULL) {
3503 /* SM2 keys are generated as normal EC keys with a special curve */
3504 if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) == NULL
3505 || EVP_PKEY_keygen_init(pctx) <= 0
3506 || EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3507 test_sm2_curves[testnum].nid) <= 0
3508 || EVP_PKEY_keygen(pctx, &sm2_pkey) <= 0) {
3510 EVP_PKEY_CTX_free(pctx);
3513 /* free previous one and alloc a new one */
3514 EVP_PKEY_CTX_free(pctx);
3516 loopargs[i].sigsize = sm2_sigsize
3517 = ECDSA_size(EVP_PKEY_get0_EC_KEY(sm2_pkey));
3519 if (!EVP_PKEY_set_alias_type(sm2_pkey, EVP_PKEY_SM2)) {
3521 EVP_PKEY_free(sm2_pkey);
3525 sm2_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3526 if (sm2_pctx == NULL) {
3528 EVP_PKEY_free(sm2_pkey);
3531 sm2_vfy_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
3532 if (sm2_vfy_pctx == NULL) {
3534 EVP_PKEY_CTX_free(sm2_pctx);
3535 EVP_PKEY_free(sm2_pkey);
3539 * No need to allow user to set an explicit ID here, just use
3540 * the one defined in the 'draft-yang-tls-tl13-sm-suites' I-D.
3542 if (EVP_PKEY_CTX_set1_id(sm2_pctx, SM2_ID, SM2_ID_LEN) != 1) {
3544 EVP_PKEY_CTX_free(sm2_pctx);
3545 EVP_PKEY_CTX_free(sm2_vfy_pctx);
3546 EVP_PKEY_free(sm2_pkey);
3550 if (EVP_PKEY_CTX_set1_id(sm2_vfy_pctx, SM2_ID, SM2_ID_LEN) != 1) {
3552 EVP_PKEY_CTX_free(sm2_pctx);
3553 EVP_PKEY_CTX_free(sm2_vfy_pctx);
3554 EVP_PKEY_free(sm2_pkey);
3558 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_ctx[testnum], sm2_pctx);
3559 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_vfy_ctx[testnum], sm2_vfy_pctx);
3561 if (!EVP_DigestSignInit(loopargs[i].sm2_ctx[testnum], NULL,
3562 EVP_sm3(), NULL, sm2_pkey)) {
3564 EVP_PKEY_free(sm2_pkey);
3567 if (!EVP_DigestVerifyInit(loopargs[i].sm2_vfy_ctx[testnum], NULL,
3568 EVP_sm3(), NULL, sm2_pkey)) {
3570 EVP_PKEY_free(sm2_pkey);
3573 loopargs[i].sm2_pkey[testnum] = sm2_pkey;
3576 BIO_printf(bio_err, "SM2 failure.\n");
3577 ERR_print_errors(bio_err);
3580 for (i = 0; i < loopargs_len; i++) {
3581 sm2_sigsize = loopargs[i].sigsize;
3582 /* Perform SM2 signature test */
3583 st = EVP_DigestSign(loopargs[i].sm2_ctx[testnum],
3584 loopargs[i].buf2, &sm2_sigsize,
3585 loopargs[i].buf, 20);
3591 "SM2 sign failure. No SM2 sign will be done.\n");
3592 ERR_print_errors(bio_err);
3595 pkey_print_message("sign", test_sm2_curves[testnum].name,
3597 test_sm2_curves[testnum].bits, seconds.sm2);
3599 count = run_benchmark(async_jobs, SM2_sign_loop, loopargs);
3603 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3604 "%ld %u bits %s signs in %.2fs \n",
3605 count, test_sm2_curves[testnum].bits,
3606 test_sm2_curves[testnum].name, d);
3607 sm2_results[testnum][0] = (double)count / d;
3611 /* Perform SM2 verification test */
3612 for (i = 0; i < loopargs_len; i++) {
3613 st = EVP_DigestVerify(loopargs[i].sm2_vfy_ctx[testnum],
3614 loopargs[i].buf2, loopargs[i].sigsize,
3615 loopargs[i].buf, 20);
3621 "SM2 verify failure. No SM2 verify will be done.\n");
3622 ERR_print_errors(bio_err);
3623 sm2_doit[testnum] = 0;
3625 pkey_print_message("verify", test_sm2_curves[testnum].name,
3627 test_sm2_curves[testnum].bits, seconds.sm2);
3629 count = run_benchmark(async_jobs, SM2_verify_loop, loopargs);
3632 mr ? "+R9:%ld:%u:%s:%.2f\n"
3633 : "%ld %u bits %s verify in %.2fs\n",
3634 count, test_sm2_curves[testnum].bits,
3635 test_sm2_curves[testnum].name, d);
3636 sm2_results[testnum][1] = (double)count / d;
3639 if (rsa_count <= 1) {
3640 /* if longer than 10s, don't do any more */
3641 for (testnum++; testnum < SM2_NUM; testnum++)
3642 sm2_doit[testnum] = 0;
3646 # endif /* OPENSSL_NO_SM2 */
3648 #endif /* OPENSSL_NO_EC */
3653 printf("version: %s\n", OpenSSL_version(OPENSSL_FULL_VERSION_STRING));
3654 printf("built on: %s\n", OpenSSL_version(OPENSSL_BUILT_ON));
3656 printf("%s ", BN_options());
3657 #ifndef OPENSSL_NO_MD2
3658 printf("%s ", MD2_options());
3660 #ifndef OPENSSL_NO_RC4
3661 printf("%s ", RC4_options());
3663 #ifndef OPENSSL_NO_DES
3664 printf("%s ", DES_options());
3666 printf("%s ", AES_options());
3667 #ifndef OPENSSL_NO_IDEA
3668 printf("%s ", IDEA_options());
3670 #ifndef OPENSSL_NO_BF
3671 printf("%s ", BF_options());
3673 printf("\n%s\n", OpenSSL_version(OPENSSL_CFLAGS));
3674 printf("%s\n", OpenSSL_version(OPENSSL_CPU_INFO));
3682 ("The 'numbers' are in 1000s of bytes per second processed.\n");
3685 for (testnum = 0; testnum < size_num; testnum++)
3686 printf(mr ? ":%d" : "%7d bytes", lengths[testnum]);
3690 for (k = 0; k < ALGOR_NUM; k++) {
3694 printf("+F:%u:%s", k, names[k]);
3696 printf("%-13s", names[k]);
3697 for (testnum = 0; testnum < size_num; testnum++) {
3698 if (results[k][testnum] > 10000 && !mr)
3699 printf(" %11.2fk", results[k][testnum] / 1e3);
3701 printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]);
3705 #ifndef OPENSSL_NO_RSA
3707 for (k = 0; k < RSA_NUM; k++) {
3710 if (testnum && !mr) {
3711 printf("%18ssign verify sign/s verify/s\n", " ");
3715 printf("+F2:%u:%u:%f:%f\n",
3716 k, rsa_bits[k], rsa_results[k][0], rsa_results[k][1]);
3718 printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3719 rsa_bits[k], 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1],
3720 rsa_results[k][0], rsa_results[k][1]);
3723 #ifndef OPENSSL_NO_DSA
3725 for (k = 0; k < DSA_NUM; k++) {
3728 if (testnum && !mr) {
3729 printf("%18ssign verify sign/s verify/s\n", " ");
3733 printf("+F3:%u:%u:%f:%f\n",
3734 k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
3736 printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3737 dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1],
3738 dsa_results[k][0], dsa_results[k][1]);
3741 #ifndef OPENSSL_NO_EC
3743 for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) {
3746 if (testnum && !mr) {
3747 printf("%30ssign verify sign/s verify/s\n", " ");
3752 printf("+F4:%u:%u:%f:%f\n",
3753 k, test_curves[k].bits,
3754 ecdsa_results[k][0], ecdsa_results[k][1]);
3756 printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3757 test_curves[k].bits, test_curves[k].name,
3758 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1],
3759 ecdsa_results[k][0], ecdsa_results[k][1]);
3763 for (k = 0; k < EC_NUM; k++) {
3766 if (testnum && !mr) {
3767 printf("%30sop op/s\n", " ");
3771 printf("+F5:%u:%u:%f:%f\n",
3772 k, test_curves[k].bits,
3773 ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
3776 printf("%4u bits ecdh (%s) %8.4fs %8.1f\n",
3777 test_curves[k].bits, test_curves[k].name,
3778 1.0 / ecdh_results[k][0], ecdh_results[k][0]);
3782 for (k = 0; k < OSSL_NELEM(eddsa_doit); k++) {
3785 if (testnum && !mr) {
3786 printf("%30ssign verify sign/s verify/s\n", " ");
3791 printf("+F6:%u:%u:%s:%f:%f\n",
3792 k, test_ed_curves[k].bits, test_ed_curves[k].name,
3793 eddsa_results[k][0], eddsa_results[k][1]);
3795 printf("%4u bits EdDSA (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3796 test_ed_curves[k].bits, test_ed_curves[k].name,
3797 1.0 / eddsa_results[k][0], 1.0 / eddsa_results[k][1],
3798 eddsa_results[k][0], eddsa_results[k][1]);
3801 # ifndef OPENSSL_NO_SM2
3803 for (k = 0; k < OSSL_NELEM(sm2_doit); k++) {
3806 if (testnum && !mr) {
3807 printf("%30ssign verify sign/s verify/s\n", " ");
3812 printf("+F6:%u:%u:%s:%f:%f\n",
3813 k, test_sm2_curves[k].bits, test_sm2_curves[k].name,
3814 sm2_results[k][0], sm2_results[k][1]);
3816 printf("%4u bits SM2 (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3817 test_sm2_curves[k].bits, test_sm2_curves[k].name,
3818 1.0 / sm2_results[k][0], 1.0 / sm2_results[k][1],
3819 sm2_results[k][0], sm2_results[k][1]);
3827 ERR_print_errors(bio_err);
3828 for (i = 0; i < loopargs_len; i++) {
3829 OPENSSL_free(loopargs[i].buf_malloc);
3830 OPENSSL_free(loopargs[i].buf2_malloc);
3832 #ifndef OPENSSL_NO_RSA
3833 for (k = 0; k < RSA_NUM; k++)
3834 RSA_free(loopargs[i].rsa_key[k]);
3836 #ifndef OPENSSL_NO_DSA
3837 for (k = 0; k < DSA_NUM; k++)
3838 DSA_free(loopargs[i].dsa_key[k]);
3840 #ifndef OPENSSL_NO_EC
3841 for (k = 0; k < ECDSA_NUM; k++)
3842 EC_KEY_free(loopargs[i].ecdsa[k]);
3843 for (k = 0; k < EC_NUM; k++)
3844 EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]);
3845 for (k = 0; k < EdDSA_NUM; k++)
3846 EVP_MD_CTX_free(loopargs[i].eddsa_ctx[k]);
3847 # ifndef OPENSSL_NO_SM2
3848 for (k = 0; k < SM2_NUM; k++) {
3849 EVP_PKEY_CTX *pctx = NULL;
3851 /* free signing ctx */
3852 if (loopargs[i].sm2_ctx[k] != NULL
3853 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_ctx[k])) != NULL)
3854 EVP_PKEY_CTX_free(pctx);
3855 EVP_MD_CTX_free(loopargs[i].sm2_ctx[k]);
3856 /* free verification ctx */
3857 if (loopargs[i].sm2_vfy_ctx[k] != NULL
3858 && (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_vfy_ctx[k])) != NULL)
3859 EVP_PKEY_CTX_free(pctx);
3860 EVP_MD_CTX_free(loopargs[i].sm2_vfy_ctx[k]);
3862 EVP_PKEY_free(loopargs[i].sm2_pkey[k]);
3865 OPENSSL_free(loopargs[i].secret_a);
3866 OPENSSL_free(loopargs[i].secret_b);
3869 OPENSSL_free(evp_hmac_name);
3870 #ifndef OPENSSL_NO_CMAC
3871 OPENSSL_free(evp_cmac_name);
3874 if (async_jobs > 0) {
3875 for (i = 0; i < loopargs_len; i++)
3876 ASYNC_WAIT_CTX_free(loopargs[i].wait_ctx);
3880 ASYNC_cleanup_thread();
3882 OPENSSL_free(loopargs);
3887 static void print_message(const char *s, long num, int length, int tm)
3891 mr ? "+DT:%s:%d:%d\n"
3892 : "Doing %s for %ds on %d size blocks: ", s, tm, length);
3893 (void)BIO_flush(bio_err);
3897 mr ? "+DN:%s:%ld:%d\n"
3898 : "Doing %s %ld times on %d size blocks: ", s, num, length);
3899 (void)BIO_flush(bio_err);
3903 static void pkey_print_message(const char *str, const char *str2, long num,
3904 unsigned int bits, int tm)
3908 mr ? "+DTP:%d:%s:%s:%d\n"
3909 : "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm);
3910 (void)BIO_flush(bio_err);
3914 mr ? "+DNP:%ld:%d:%s:%s\n"
3915 : "Doing %ld %u bits %s %s's: ", num, bits, str, str2);
3916 (void)BIO_flush(bio_err);
3920 static void print_result(int alg, int run_no, int count, double time_used)
3923 BIO_puts(bio_err, "EVP error!\n");
3927 mr ? "+R:%d:%s:%f\n"
3928 : "%d %s's in %.2fs\n", count, names[alg], time_used);
3929 results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
3933 static char *sstrsep(char **string, const char *delim)
3936 char *token = *string;
3941 memset(isdelim, 0, sizeof(isdelim));
3945 isdelim[(unsigned char)(*delim)] = 1;
3949 while (!isdelim[(unsigned char)(**string)]) {
3961 static int do_multi(int multi, int size_num)
3966 static char sep[] = ":";
3968 fds = app_malloc(sizeof(*fds) * multi, "fd buffer for do_multi");
3969 for (n = 0; n < multi; ++n) {
3970 if (pipe(fd) == -1) {
3971 BIO_printf(bio_err, "pipe failure\n");
3975 (void)BIO_flush(bio_err);
3982 if (dup(fd[1]) == -1) {
3983 BIO_printf(bio_err, "dup failed\n");
3992 printf("Forked child %d\n", n);
3995 /* for now, assume the pipe is long enough to take all the output */
3996 for (n = 0; n < multi; ++n) {
4001 f = fdopen(fds[n], "r");
4002 while (fgets(buf, sizeof(buf), f)) {
4003 p = strchr(buf, '\n');
4006 if (buf[0] != '+') {
4008 "Don't understand line '%s' from child %d\n", buf,
4012 printf("Got: %s from %d\n", buf, n);
4013 if (strncmp(buf, "+F:", 3) == 0) {
4018 alg = atoi(sstrsep(&p, sep));
4020 for (j = 0; j < size_num; ++j)
4021 results[alg][j] += atof(sstrsep(&p, sep));
4022 } else if (strncmp(buf, "+F2:", 4) == 0) {
4027 k = atoi(sstrsep(&p, sep));
4030 d = atof(sstrsep(&p, sep));
4031 rsa_results[k][0] += d;
4033 d = atof(sstrsep(&p, sep));
4034 rsa_results[k][1] += d;
4036 # ifndef OPENSSL_NO_DSA
4037 else if (strncmp(buf, "+F3:", 4) == 0) {
4042 k = atoi(sstrsep(&p, sep));
4045 d = atof(sstrsep(&p, sep));
4046 dsa_results[k][0] += d;
4048 d = atof(sstrsep(&p, sep));
4049 dsa_results[k][1] += d;
4052 # ifndef OPENSSL_NO_EC
4053 else if (strncmp(buf, "+F4:", 4) == 0) {
4058 k = atoi(sstrsep(&p, sep));
4061 d = atof(sstrsep(&p, sep));
4062 ecdsa_results[k][0] += d;
4064 d = atof(sstrsep(&p, sep));
4065 ecdsa_results[k][1] += d;
4066 } else if (strncmp(buf, "+F5:", 4) == 0) {
4071 k = atoi(sstrsep(&p, sep));
4074 d = atof(sstrsep(&p, sep));
4075 ecdh_results[k][0] += d;
4076 } else if (strncmp(buf, "+F6:", 4) == 0) {
4081 k = atoi(sstrsep(&p, sep));
4084 d = atof(sstrsep(&p, sep));
4085 eddsa_results[k][0] += d;
4087 d = atof(sstrsep(&p, sep));
4088 eddsa_results[k][1] += d;
4090 # ifndef OPENSSL_NO_SM2
4091 else if (strncmp(buf, "+F7:", 4) == 0) {
4096 k = atoi(sstrsep(&p, sep));
4099 d = atof(sstrsep(&p, sep));
4100 sm2_results[k][0] += d;
4102 d = atof(sstrsep(&p, sep));
4103 sm2_results[k][1] += d;
4105 # endif /* OPENSSL_NO_SM2 */
4108 else if (strncmp(buf, "+H:", 3) == 0) {
4111 BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf,
4122 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
4123 const openssl_speed_sec_t *seconds)
4125 static const int mblengths_list[] =
4126 { 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 };
4127 const int *mblengths = mblengths_list;
4128 int j, count, keylen, num = OSSL_NELEM(mblengths_list);
4129 const char *alg_name;
4130 unsigned char *inp, *out, *key, no_key[32], no_iv[16];
4131 EVP_CIPHER_CTX *ctx;
4134 if (lengths_single) {
4135 mblengths = &lengths_single;
4139 inp = app_malloc(mblengths[num - 1], "multiblock input buffer");
4140 out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer");
4141 ctx = EVP_CIPHER_CTX_new();
4142 EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv);
4144 keylen = EVP_CIPHER_CTX_key_length(ctx);
4145 key = app_malloc(keylen, "evp_cipher key");
4146 EVP_CIPHER_CTX_rand_key(ctx, key);
4147 EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
4148 OPENSSL_clear_free(key, keylen);
4150 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key), no_key);
4151 alg_name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
4153 for (j = 0; j < num; j++) {
4154 print_message(alg_name, 0, mblengths[j], seconds->sym);
4156 for (count = 0, run = 1; run && count < 0x7fffffff; count++) {
4157 unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
4158 EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
4159 size_t len = mblengths[j];
4162 memset(aad, 0, 8); /* avoid uninitialized values */
4163 aad[8] = 23; /* SSL3_RT_APPLICATION_DATA */
4164 aad[9] = 3; /* version */
4166 aad[11] = 0; /* length */
4168 mb_param.out = NULL;
4171 mb_param.interleave = 8;
4173 packlen = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
4174 sizeof(mb_param), &mb_param);
4180 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
4181 sizeof(mb_param), &mb_param);
4185 RAND_bytes(out, 16);
4187 aad[11] = (unsigned char)(len >> 8);
4188 aad[12] = (unsigned char)(len);
4189 pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD,
4190 EVP_AEAD_TLS1_AAD_LEN, aad);
4191 EVP_Cipher(ctx, out, inp, len + pad);
4195 BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n"
4196 : "%d %s's in %.2fs\n", count, "evp", d);
4197 results[D_EVP][j] = ((double)count) / d * mblengths[j];
4201 fprintf(stdout, "+H");
4202 for (j = 0; j < num; j++)
4203 fprintf(stdout, ":%d", mblengths[j]);
4204 fprintf(stdout, "\n");
4205 fprintf(stdout, "+F:%d:%s", D_EVP, alg_name);
4206 for (j = 0; j < num; j++)
4207 fprintf(stdout, ":%.2f", results[D_EVP][j]);
4208 fprintf(stdout, "\n");
4211 "The 'numbers' are in 1000s of bytes per second processed.\n");
4212 fprintf(stdout, "type ");
4213 for (j = 0; j < num; j++)
4214 fprintf(stdout, "%7d bytes", mblengths[j]);
4215 fprintf(stdout, "\n");
4216 fprintf(stdout, "%-24s", alg_name);
4218 for (j = 0; j < num; j++) {
4219 if (results[D_EVP][j] > 10000)
4220 fprintf(stdout, " %11.2fk", results[D_EVP][j] / 1e3);
4222 fprintf(stdout, " %11.2f ", results[D_EVP][j]);
4224 fprintf(stdout, "\n");
4229 EVP_CIPHER_CTX_free(ctx);