2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
5 * Licensed under the OpenSSL license (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
13 #define RSA_SECONDS 10
14 #define DSA_SECONDS 10
15 #define ECDSA_SECONDS 10
16 #define ECDH_SECONDS 10
24 #include <openssl/crypto.h>
25 #include <openssl/rand.h>
26 #include <openssl/err.h>
27 #include <openssl/evp.h>
28 #include <openssl/objects.h>
29 #include <openssl/async.h>
30 #if !defined(OPENSSL_SYS_MSDOS)
31 # include OPENSSL_UNISTD
38 #include <openssl/bn.h>
39 #ifndef OPENSSL_NO_DES
40 # include <openssl/des.h>
42 #include <openssl/aes.h>
43 #ifndef OPENSSL_NO_CAMELLIA
44 # include <openssl/camellia.h>
46 #ifndef OPENSSL_NO_MD2
47 # include <openssl/md2.h>
49 #ifndef OPENSSL_NO_MDC2
50 # include <openssl/mdc2.h>
52 #ifndef OPENSSL_NO_MD4
53 # include <openssl/md4.h>
55 #ifndef OPENSSL_NO_MD5
56 # include <openssl/md5.h>
58 #include <openssl/hmac.h>
59 #include <openssl/sha.h>
60 #ifndef OPENSSL_NO_RMD160
61 # include <openssl/ripemd.h>
63 #ifndef OPENSSL_NO_WHIRLPOOL
64 # include <openssl/whrlpool.h>
66 #ifndef OPENSSL_NO_RC4
67 # include <openssl/rc4.h>
69 #ifndef OPENSSL_NO_RC5
70 # include <openssl/rc5.h>
72 #ifndef OPENSSL_NO_RC2
73 # include <openssl/rc2.h>
75 #ifndef OPENSSL_NO_IDEA
76 # include <openssl/idea.h>
78 #ifndef OPENSSL_NO_SEED
79 # include <openssl/seed.h>
82 # include <openssl/blowfish.h>
84 #ifndef OPENSSL_NO_CAST
85 # include <openssl/cast.h>
87 #ifndef OPENSSL_NO_RSA
88 # include <openssl/rsa.h>
89 # include "./testrsa.h"
91 #include <openssl/x509.h>
92 #ifndef OPENSSL_NO_DSA
93 # include <openssl/dsa.h>
94 # include "./testdsa.h"
97 # include <openssl/ec.h>
99 #include <openssl/modes.h>
102 # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS)
115 #define MAX_MISALIGNMENT 63
116 #define MAX_ECDH_SIZE 256
119 typedef struct openssl_speed_sec_st {
125 } openssl_speed_sec_t;
127 static volatile int run = 0;
130 static int usertime = 1;
132 #ifndef OPENSSL_NO_MD2
133 static int EVP_Digest_MD2_loop(void *args);
136 #ifndef OPENSSL_NO_MDC2
137 static int EVP_Digest_MDC2_loop(void *args);
139 #ifndef OPENSSL_NO_MD4
140 static int EVP_Digest_MD4_loop(void *args);
142 #ifndef OPENSSL_NO_MD5
143 static int MD5_loop(void *args);
144 static int HMAC_loop(void *args);
146 static int SHA1_loop(void *args);
147 static int SHA256_loop(void *args);
148 static int SHA512_loop(void *args);
149 #ifndef OPENSSL_NO_WHIRLPOOL
150 static int WHIRLPOOL_loop(void *args);
152 #ifndef OPENSSL_NO_RMD160
153 static int EVP_Digest_RMD160_loop(void *args);
155 #ifndef OPENSSL_NO_RC4
156 static int RC4_loop(void *args);
158 #ifndef OPENSSL_NO_DES
159 static int DES_ncbc_encrypt_loop(void *args);
160 static int DES_ede3_cbc_encrypt_loop(void *args);
162 static int AES_cbc_128_encrypt_loop(void *args);
163 static int AES_cbc_192_encrypt_loop(void *args);
164 static int AES_ige_128_encrypt_loop(void *args);
165 static int AES_cbc_256_encrypt_loop(void *args);
166 static int AES_ige_192_encrypt_loop(void *args);
167 static int AES_ige_256_encrypt_loop(void *args);
168 static int CRYPTO_gcm128_aad_loop(void *args);
169 static int RAND_bytes_loop(void *args);
170 static int EVP_Update_loop(void *args);
171 static int EVP_Update_loop_ccm(void *args);
172 static int EVP_Digest_loop(void *args);
173 #ifndef OPENSSL_NO_RSA
174 static int RSA_sign_loop(void *args);
175 static int RSA_verify_loop(void *args);
177 #ifndef OPENSSL_NO_DSA
178 static int DSA_sign_loop(void *args);
179 static int DSA_verify_loop(void *args);
181 #ifndef OPENSSL_NO_EC
182 static int ECDSA_sign_loop(void *args);
183 static int ECDSA_verify_loop(void *args);
186 static double Time_F(int s);
187 static void print_message(const char *s, long num, int length, int tm);
188 static void pkey_print_message(const char *str, const char *str2,
189 long num, unsigned int bits, int sec);
190 static void print_result(int alg, int run_no, int count, double time_used);
192 static int do_multi(int multi, int size_num);
195 static const int lengths_list[] = {
196 16, 64, 256, 1024, 8 * 1024, 16 * 1024
198 static const int *lengths = lengths_list;
201 # if defined(__STDC__) || defined(sgi) || defined(_AIX)
202 # define SIGRETTYPE void
204 # define SIGRETTYPE int
207 static SIGRETTYPE sig_done(int sig);
208 static SIGRETTYPE sig_done(int sig)
210 signal(SIGALRM, sig_done);
220 # if !defined(SIGALRM)
223 static unsigned int lapse;
224 static volatile unsigned int schlock;
225 static void alarm_win32(unsigned int secs)
230 # define alarm alarm_win32
232 static DWORD WINAPI sleepy(VOID * arg)
240 static double Time_F(int s)
247 thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
249 DWORD err = GetLastError();
250 BIO_printf(bio_err, "unable to CreateThread (%lu)", err);
254 Sleep(0); /* scheduler spinlock */
255 ret = app_tminterval(s, usertime);
257 ret = app_tminterval(s, usertime);
259 TerminateThread(thr, 0);
267 static double Time_F(int s)
269 double ret = app_tminterval(s, usertime);
276 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
277 const openssl_speed_sec_t *seconds);
279 #define found(value, pairs, result)\
280 opt_found(value, result, pairs, OSSL_NELEM(pairs))
281 static int opt_found(const char *name, unsigned int *result,
282 const OPT_PAIR pairs[], unsigned int nbelem)
286 for (idx = 0; idx < nbelem; ++idx, pairs++)
287 if (strcmp(name, pairs->name) == 0) {
288 *result = pairs->retval;
294 typedef enum OPTION_choice {
295 OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
296 OPT_ELAPSED, OPT_EVP, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
297 OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM,
298 OPT_PRIMES, OPT_SECONDS, OPT_BYTES
301 const OPTIONS speed_options[] = {
302 {OPT_HELP_STR, 1, '-', "Usage: %s [options] ciphers...\n"},
303 {OPT_HELP_STR, 1, '-', "Valid options are:\n"},
304 {"help", OPT_HELP, '-', "Display this summary"},
305 {"evp", OPT_EVP, 's', "Use specified EVP cipher"},
306 {"decrypt", OPT_DECRYPT, '-',
307 "Time decryption instead of encryption (only EVP)"},
308 {"mr", OPT_MR, '-', "Produce machine readable output"},
310 "Enable (tls1.1) multi-block mode on evp_cipher requested with -evp"},
311 {"misalign", OPT_MISALIGN, 'n', "Amount to mis-align buffers"},
312 {"elapsed", OPT_ELAPSED, '-',
313 "Measure time in real time instead of CPU user time"},
315 {"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"},
317 #ifndef OPENSSL_NO_ASYNC
318 {"async_jobs", OPT_ASYNCJOBS, 'p',
319 "Enable async mode and start pnum jobs"},
322 #ifndef OPENSSL_NO_ENGINE
323 {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
325 {"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"},
326 {"seconds", OPT_SECONDS, 'p',
327 "Run benchmarks for pnum seconds"},
328 {"bytes", OPT_BYTES, 'p',
329 "Run cipher, digest and rand benchmarks on pnum bytes"},
343 #define D_CBC_IDEA 10
344 #define D_CBC_SEED 11
348 #define D_CBC_CAST 15
349 #define D_CBC_128_AES 16
350 #define D_CBC_192_AES 17
351 #define D_CBC_256_AES 18
352 #define D_CBC_128_CML 19
353 #define D_CBC_192_CML 20
354 #define D_CBC_256_CML 21
358 #define D_WHIRLPOOL 25
359 #define D_IGE_128_AES 26
360 #define D_IGE_192_AES 27
361 #define D_IGE_256_AES 28
364 /* name of algorithms to test */
365 static const char *names[] = {
366 "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
367 "des cbc", "des ede3", "idea cbc", "seed cbc",
368 "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
369 "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
370 "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
371 "evp", "sha256", "sha512", "whirlpool",
372 "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
375 #define ALGOR_NUM OSSL_NELEM(names)
377 /* list of configured algorithm (remaining) */
378 static const OPT_PAIR doit_choices[] = {
379 #ifndef OPENSSL_NO_MD2
382 #ifndef OPENSSL_NO_MDC2
385 #ifndef OPENSSL_NO_MD4
388 #ifndef OPENSSL_NO_MD5
393 {"sha256", D_SHA256},
394 {"sha512", D_SHA512},
395 #ifndef OPENSSL_NO_WHIRLPOOL
396 {"whirlpool", D_WHIRLPOOL},
398 #ifndef OPENSSL_NO_RMD160
399 {"ripemd", D_RMD160},
400 {"rmd160", D_RMD160},
401 {"ripemd160", D_RMD160},
403 #ifndef OPENSSL_NO_RC4
406 #ifndef OPENSSL_NO_DES
407 {"des-cbc", D_CBC_DES},
408 {"des-ede3", D_EDE3_DES},
410 {"aes-128-cbc", D_CBC_128_AES},
411 {"aes-192-cbc", D_CBC_192_AES},
412 {"aes-256-cbc", D_CBC_256_AES},
413 {"aes-128-ige", D_IGE_128_AES},
414 {"aes-192-ige", D_IGE_192_AES},
415 {"aes-256-ige", D_IGE_256_AES},
416 #ifndef OPENSSL_NO_RC2
417 {"rc2-cbc", D_CBC_RC2},
420 #ifndef OPENSSL_NO_RC5
421 {"rc5-cbc", D_CBC_RC5},
424 #ifndef OPENSSL_NO_IDEA
425 {"idea-cbc", D_CBC_IDEA},
426 {"idea", D_CBC_IDEA},
428 #ifndef OPENSSL_NO_SEED
429 {"seed-cbc", D_CBC_SEED},
430 {"seed", D_CBC_SEED},
432 #ifndef OPENSSL_NO_BF
433 {"bf-cbc", D_CBC_BF},
434 {"blowfish", D_CBC_BF},
437 #ifndef OPENSSL_NO_CAST
438 {"cast-cbc", D_CBC_CAST},
439 {"cast", D_CBC_CAST},
440 {"cast5", D_CBC_CAST},
446 static double results[ALGOR_NUM][OSSL_NELEM(lengths_list)];
448 #ifndef OPENSSL_NO_DSA
450 # define R_DSA_1024 1
451 # define R_DSA_2048 2
452 static const OPT_PAIR dsa_choices[] = {
453 {"dsa512", R_DSA_512},
454 {"dsa1024", R_DSA_1024},
455 {"dsa2048", R_DSA_2048}
457 # define DSA_NUM OSSL_NELEM(dsa_choices)
459 static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */
460 #endif /* OPENSSL_NO_DSA */
468 #define R_RSA_15360 6
469 #ifndef OPENSSL_NO_RSA
470 static const OPT_PAIR rsa_choices[] = {
471 {"rsa512", R_RSA_512},
472 {"rsa1024", R_RSA_1024},
473 {"rsa2048", R_RSA_2048},
474 {"rsa3072", R_RSA_3072},
475 {"rsa4096", R_RSA_4096},
476 {"rsa7680", R_RSA_7680},
477 {"rsa15360", R_RSA_15360}
479 # define RSA_NUM OSSL_NELEM(rsa_choices)
481 static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */
482 #endif /* OPENSSL_NO_RSA */
500 #define R_EC_BRP256R1 16
501 #define R_EC_BRP256T1 17
502 #define R_EC_BRP384R1 18
503 #define R_EC_BRP384T1 19
504 #define R_EC_BRP512R1 20
505 #define R_EC_BRP512T1 21
506 #define R_EC_X25519 22
508 #ifndef OPENSSL_NO_EC
509 static OPT_PAIR ecdsa_choices[] = {
510 {"ecdsap160", R_EC_P160},
511 {"ecdsap192", R_EC_P192},
512 {"ecdsap224", R_EC_P224},
513 {"ecdsap256", R_EC_P256},
514 {"ecdsap384", R_EC_P384},
515 {"ecdsap521", R_EC_P521},
516 {"ecdsak163", R_EC_K163},
517 {"ecdsak233", R_EC_K233},
518 {"ecdsak283", R_EC_K283},
519 {"ecdsak409", R_EC_K409},
520 {"ecdsak571", R_EC_K571},
521 {"ecdsab163", R_EC_B163},
522 {"ecdsab233", R_EC_B233},
523 {"ecdsab283", R_EC_B283},
524 {"ecdsab409", R_EC_B409},
525 {"ecdsab571", R_EC_B571},
526 {"ecdsabrp256r1", R_EC_BRP256R1},
527 {"ecdsabrp256t1", R_EC_BRP256T1},
528 {"ecdsabrp384r1", R_EC_BRP384R1},
529 {"ecdsabrp384t1", R_EC_BRP384T1},
530 {"ecdsabrp512r1", R_EC_BRP512R1},
531 {"ecdsabrp512t1", R_EC_BRP512T1}
533 # define ECDSA_NUM OSSL_NELEM(ecdsa_choices)
535 static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */
537 static const OPT_PAIR ecdh_choices[] = {
538 {"ecdhp160", R_EC_P160},
539 {"ecdhp192", R_EC_P192},
540 {"ecdhp224", R_EC_P224},
541 {"ecdhp256", R_EC_P256},
542 {"ecdhp384", R_EC_P384},
543 {"ecdhp521", R_EC_P521},
544 {"ecdhk163", R_EC_K163},
545 {"ecdhk233", R_EC_K233},
546 {"ecdhk283", R_EC_K283},
547 {"ecdhk409", R_EC_K409},
548 {"ecdhk571", R_EC_K571},
549 {"ecdhb163", R_EC_B163},
550 {"ecdhb233", R_EC_B233},
551 {"ecdhb283", R_EC_B283},
552 {"ecdhb409", R_EC_B409},
553 {"ecdhb571", R_EC_B571},
554 {"ecdhbrp256r1", R_EC_BRP256R1},
555 {"ecdhbrp256t1", R_EC_BRP256T1},
556 {"ecdhbrp384r1", R_EC_BRP384R1},
557 {"ecdhbrp384t1", R_EC_BRP384T1},
558 {"ecdhbrp512r1", R_EC_BRP512R1},
559 {"ecdhbrp512t1", R_EC_BRP512T1},
560 {"ecdhx25519", R_EC_X25519},
561 {"ecdhx448", R_EC_X448}
563 # define EC_NUM OSSL_NELEM(ecdh_choices)
565 static double ecdh_results[EC_NUM][1]; /* 1 op: derivation */
566 #endif /* OPENSSL_NO_EC */
569 # define COND(d) (count < (d))
570 # define COUNT(d) (d)
572 # define COND(unused_cond) (run && count<0x7fffffff)
573 # define COUNT(d) (count)
576 typedef struct loopargs_st {
577 ASYNC_JOB *inprogress_job;
578 ASYNC_WAIT_CTX *wait_ctx;
581 unsigned char *buf_malloc;
582 unsigned char *buf2_malloc;
585 #ifndef OPENSSL_NO_RSA
586 RSA *rsa_key[RSA_NUM];
588 #ifndef OPENSSL_NO_DSA
589 DSA *dsa_key[DSA_NUM];
591 #ifndef OPENSSL_NO_EC
592 EC_KEY *ecdsa[ECDSA_NUM];
593 EVP_PKEY_CTX *ecdh_ctx[EC_NUM];
594 unsigned char *secret_a;
595 unsigned char *secret_b;
596 size_t outlen[EC_NUM];
600 GCM128_CONTEXT *gcm_ctx;
602 static int run_benchmark(int async_jobs, int (*loop_function) (void *),
603 loopargs_t * loopargs);
605 static unsigned int testnum;
607 /* Nb of iterations to do per algorithm and key-size */
608 static long c[ALGOR_NUM][OSSL_NELEM(lengths_list)];
610 #ifndef OPENSSL_NO_MD2
611 static int EVP_Digest_MD2_loop(void *args)
613 loopargs_t *tempargs = *(loopargs_t **) args;
614 unsigned char *buf = tempargs->buf;
615 unsigned char md2[MD2_DIGEST_LENGTH];
618 for (count = 0; COND(c[D_MD2][testnum]); count++) {
619 if (!EVP_Digest(buf, (size_t)lengths[testnum], md2, NULL, EVP_md2(),
627 #ifndef OPENSSL_NO_MDC2
628 static int EVP_Digest_MDC2_loop(void *args)
630 loopargs_t *tempargs = *(loopargs_t **) args;
631 unsigned char *buf = tempargs->buf;
632 unsigned char mdc2[MDC2_DIGEST_LENGTH];
635 for (count = 0; COND(c[D_MDC2][testnum]); count++) {
636 if (!EVP_Digest(buf, (size_t)lengths[testnum], mdc2, NULL, EVP_mdc2(),
644 #ifndef OPENSSL_NO_MD4
645 static int EVP_Digest_MD4_loop(void *args)
647 loopargs_t *tempargs = *(loopargs_t **) args;
648 unsigned char *buf = tempargs->buf;
649 unsigned char md4[MD4_DIGEST_LENGTH];
652 for (count = 0; COND(c[D_MD4][testnum]); count++) {
653 if (!EVP_Digest(buf, (size_t)lengths[testnum], md4, NULL, EVP_md4(),
661 #ifndef OPENSSL_NO_MD5
662 static int MD5_loop(void *args)
664 loopargs_t *tempargs = *(loopargs_t **) args;
665 unsigned char *buf = tempargs->buf;
666 unsigned char md5[MD5_DIGEST_LENGTH];
668 for (count = 0; COND(c[D_MD5][testnum]); count++)
669 MD5(buf, lengths[testnum], md5);
673 static int HMAC_loop(void *args)
675 loopargs_t *tempargs = *(loopargs_t **) args;
676 unsigned char *buf = tempargs->buf;
677 HMAC_CTX *hctx = tempargs->hctx;
678 unsigned char hmac[MD5_DIGEST_LENGTH];
681 for (count = 0; COND(c[D_HMAC][testnum]); count++) {
682 HMAC_Init_ex(hctx, NULL, 0, NULL, NULL);
683 HMAC_Update(hctx, buf, lengths[testnum]);
684 HMAC_Final(hctx, hmac, NULL);
690 static int SHA1_loop(void *args)
692 loopargs_t *tempargs = *(loopargs_t **) args;
693 unsigned char *buf = tempargs->buf;
694 unsigned char sha[SHA_DIGEST_LENGTH];
696 for (count = 0; COND(c[D_SHA1][testnum]); count++)
697 SHA1(buf, lengths[testnum], sha);
701 static int SHA256_loop(void *args)
703 loopargs_t *tempargs = *(loopargs_t **) args;
704 unsigned char *buf = tempargs->buf;
705 unsigned char sha256[SHA256_DIGEST_LENGTH];
707 for (count = 0; COND(c[D_SHA256][testnum]); count++)
708 SHA256(buf, lengths[testnum], sha256);
712 static int SHA512_loop(void *args)
714 loopargs_t *tempargs = *(loopargs_t **) args;
715 unsigned char *buf = tempargs->buf;
716 unsigned char sha512[SHA512_DIGEST_LENGTH];
718 for (count = 0; COND(c[D_SHA512][testnum]); count++)
719 SHA512(buf, lengths[testnum], sha512);
723 #ifndef OPENSSL_NO_WHIRLPOOL
724 static int WHIRLPOOL_loop(void *args)
726 loopargs_t *tempargs = *(loopargs_t **) args;
727 unsigned char *buf = tempargs->buf;
728 unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
730 for (count = 0; COND(c[D_WHIRLPOOL][testnum]); count++)
731 WHIRLPOOL(buf, lengths[testnum], whirlpool);
736 #ifndef OPENSSL_NO_RMD160
737 static int EVP_Digest_RMD160_loop(void *args)
739 loopargs_t *tempargs = *(loopargs_t **) args;
740 unsigned char *buf = tempargs->buf;
741 unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
743 for (count = 0; COND(c[D_RMD160][testnum]); count++) {
744 if (!EVP_Digest(buf, (size_t)lengths[testnum], &(rmd160[0]),
745 NULL, EVP_ripemd160(), NULL))
752 #ifndef OPENSSL_NO_RC4
753 static RC4_KEY rc4_ks;
754 static int RC4_loop(void *args)
756 loopargs_t *tempargs = *(loopargs_t **) args;
757 unsigned char *buf = tempargs->buf;
759 for (count = 0; COND(c[D_RC4][testnum]); count++)
760 RC4(&rc4_ks, (size_t)lengths[testnum], buf, buf);
765 #ifndef OPENSSL_NO_DES
766 static unsigned char DES_iv[8];
767 static DES_key_schedule sch;
768 static DES_key_schedule sch2;
769 static DES_key_schedule sch3;
770 static int DES_ncbc_encrypt_loop(void *args)
772 loopargs_t *tempargs = *(loopargs_t **) args;
773 unsigned char *buf = tempargs->buf;
775 for (count = 0; COND(c[D_CBC_DES][testnum]); count++)
776 DES_ncbc_encrypt(buf, buf, lengths[testnum], &sch,
777 &DES_iv, DES_ENCRYPT);
781 static int DES_ede3_cbc_encrypt_loop(void *args)
783 loopargs_t *tempargs = *(loopargs_t **) args;
784 unsigned char *buf = tempargs->buf;
786 for (count = 0; COND(c[D_EDE3_DES][testnum]); count++)
787 DES_ede3_cbc_encrypt(buf, buf, lengths[testnum],
788 &sch, &sch2, &sch3, &DES_iv, DES_ENCRYPT);
793 #define MAX_BLOCK_SIZE 128
795 static unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
796 static AES_KEY aes_ks1, aes_ks2, aes_ks3;
797 static int AES_cbc_128_encrypt_loop(void *args)
799 loopargs_t *tempargs = *(loopargs_t **) args;
800 unsigned char *buf = tempargs->buf;
802 for (count = 0; COND(c[D_CBC_128_AES][testnum]); count++)
803 AES_cbc_encrypt(buf, buf,
804 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
808 static int AES_cbc_192_encrypt_loop(void *args)
810 loopargs_t *tempargs = *(loopargs_t **) args;
811 unsigned char *buf = tempargs->buf;
813 for (count = 0; COND(c[D_CBC_192_AES][testnum]); count++)
814 AES_cbc_encrypt(buf, buf,
815 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
819 static int AES_cbc_256_encrypt_loop(void *args)
821 loopargs_t *tempargs = *(loopargs_t **) args;
822 unsigned char *buf = tempargs->buf;
824 for (count = 0; COND(c[D_CBC_256_AES][testnum]); count++)
825 AES_cbc_encrypt(buf, buf,
826 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
830 static int AES_ige_128_encrypt_loop(void *args)
832 loopargs_t *tempargs = *(loopargs_t **) args;
833 unsigned char *buf = tempargs->buf;
834 unsigned char *buf2 = tempargs->buf2;
836 for (count = 0; COND(c[D_IGE_128_AES][testnum]); count++)
837 AES_ige_encrypt(buf, buf2,
838 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
842 static int AES_ige_192_encrypt_loop(void *args)
844 loopargs_t *tempargs = *(loopargs_t **) args;
845 unsigned char *buf = tempargs->buf;
846 unsigned char *buf2 = tempargs->buf2;
848 for (count = 0; COND(c[D_IGE_192_AES][testnum]); count++)
849 AES_ige_encrypt(buf, buf2,
850 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
854 static int AES_ige_256_encrypt_loop(void *args)
856 loopargs_t *tempargs = *(loopargs_t **) args;
857 unsigned char *buf = tempargs->buf;
858 unsigned char *buf2 = tempargs->buf2;
860 for (count = 0; COND(c[D_IGE_256_AES][testnum]); count++)
861 AES_ige_encrypt(buf, buf2,
862 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
866 static int CRYPTO_gcm128_aad_loop(void *args)
868 loopargs_t *tempargs = *(loopargs_t **) args;
869 unsigned char *buf = tempargs->buf;
870 GCM128_CONTEXT *gcm_ctx = tempargs->gcm_ctx;
872 for (count = 0; COND(c[D_GHASH][testnum]); count++)
873 CRYPTO_gcm128_aad(gcm_ctx, buf, lengths[testnum]);
877 static int RAND_bytes_loop(void *args)
879 loopargs_t *tempargs = *(loopargs_t **) args;
880 unsigned char *buf = tempargs->buf;
883 for (count = 0; COND(c[D_RAND][testnum]); count++)
884 RAND_bytes(buf, lengths[testnum]);
888 static long save_count = 0;
889 static int decrypt = 0;
890 static int EVP_Update_loop(void *args)
892 loopargs_t *tempargs = *(loopargs_t **) args;
893 unsigned char *buf = tempargs->buf;
894 EVP_CIPHER_CTX *ctx = tempargs->ctx;
897 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
900 for (count = 0; COND(nb_iter); count++) {
901 rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
903 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
906 for (count = 0; COND(nb_iter); count++) {
907 rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
909 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
913 EVP_DecryptFinal_ex(ctx, buf, &outl);
915 EVP_EncryptFinal_ex(ctx, buf, &outl);
919 * CCM does not support streaming. For the purpose of performance measurement,
920 * each message is encrypted using the same (key,iv)-pair. Do not use this
921 * code in your application.
923 static int EVP_Update_loop_ccm(void *args)
925 loopargs_t *tempargs = *(loopargs_t **) args;
926 unsigned char *buf = tempargs->buf;
927 EVP_CIPHER_CTX *ctx = tempargs->ctx;
929 unsigned char tag[12];
931 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
934 for (count = 0; COND(nb_iter); count++) {
935 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
936 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), tag);
937 EVP_DecryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
938 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
939 EVP_DecryptFinal_ex(ctx, buf, &outl);
942 for (count = 0; COND(nb_iter); count++) {
943 EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv);
944 EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
945 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
946 EVP_EncryptFinal_ex(ctx, buf, &outl);
952 static const EVP_MD *evp_md = NULL;
953 static int EVP_Digest_loop(void *args)
955 loopargs_t *tempargs = *(loopargs_t **) args;
956 unsigned char *buf = tempargs->buf;
957 unsigned char md[EVP_MAX_MD_SIZE];
960 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
963 for (count = 0; COND(nb_iter); count++) {
964 if (!EVP_Digest(buf, lengths[testnum], md, NULL, evp_md, NULL))
970 #ifndef OPENSSL_NO_RSA
971 static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */
973 static int RSA_sign_loop(void *args)
975 loopargs_t *tempargs = *(loopargs_t **) args;
976 unsigned char *buf = tempargs->buf;
977 unsigned char *buf2 = tempargs->buf2;
978 unsigned int *rsa_num = &tempargs->siglen;
979 RSA **rsa_key = tempargs->rsa_key;
981 for (count = 0; COND(rsa_c[testnum][0]); count++) {
982 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
984 BIO_printf(bio_err, "RSA sign failure\n");
985 ERR_print_errors(bio_err);
993 static int RSA_verify_loop(void *args)
995 loopargs_t *tempargs = *(loopargs_t **) args;
996 unsigned char *buf = tempargs->buf;
997 unsigned char *buf2 = tempargs->buf2;
998 unsigned int rsa_num = tempargs->siglen;
999 RSA **rsa_key = tempargs->rsa_key;
1001 for (count = 0; COND(rsa_c[testnum][1]); count++) {
1003 RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1005 BIO_printf(bio_err, "RSA verify failure\n");
1006 ERR_print_errors(bio_err);
1015 #ifndef OPENSSL_NO_DSA
1016 static long dsa_c[DSA_NUM][2];
1017 static int DSA_sign_loop(void *args)
1019 loopargs_t *tempargs = *(loopargs_t **) args;
1020 unsigned char *buf = tempargs->buf;
1021 unsigned char *buf2 = tempargs->buf2;
1022 DSA **dsa_key = tempargs->dsa_key;
1023 unsigned int *siglen = &tempargs->siglen;
1025 for (count = 0; COND(dsa_c[testnum][0]); count++) {
1026 ret = DSA_sign(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1028 BIO_printf(bio_err, "DSA sign failure\n");
1029 ERR_print_errors(bio_err);
1037 static int DSA_verify_loop(void *args)
1039 loopargs_t *tempargs = *(loopargs_t **) args;
1040 unsigned char *buf = tempargs->buf;
1041 unsigned char *buf2 = tempargs->buf2;
1042 DSA **dsa_key = tempargs->dsa_key;
1043 unsigned int siglen = tempargs->siglen;
1045 for (count = 0; COND(dsa_c[testnum][1]); count++) {
1046 ret = DSA_verify(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1048 BIO_printf(bio_err, "DSA verify failure\n");
1049 ERR_print_errors(bio_err);
1058 #ifndef OPENSSL_NO_EC
1059 static long ecdsa_c[ECDSA_NUM][2];
1060 static int ECDSA_sign_loop(void *args)
1062 loopargs_t *tempargs = *(loopargs_t **) args;
1063 unsigned char *buf = tempargs->buf;
1064 EC_KEY **ecdsa = tempargs->ecdsa;
1065 unsigned char *ecdsasig = tempargs->buf2;
1066 unsigned int *ecdsasiglen = &tempargs->siglen;
1068 for (count = 0; COND(ecdsa_c[testnum][0]); count++) {
1069 ret = ECDSA_sign(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1071 BIO_printf(bio_err, "ECDSA sign failure\n");
1072 ERR_print_errors(bio_err);
1080 static int ECDSA_verify_loop(void *args)
1082 loopargs_t *tempargs = *(loopargs_t **) args;
1083 unsigned char *buf = tempargs->buf;
1084 EC_KEY **ecdsa = tempargs->ecdsa;
1085 unsigned char *ecdsasig = tempargs->buf2;
1086 unsigned int ecdsasiglen = tempargs->siglen;
1088 for (count = 0; COND(ecdsa_c[testnum][1]); count++) {
1089 ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1091 BIO_printf(bio_err, "ECDSA verify failure\n");
1092 ERR_print_errors(bio_err);
1100 /* ******************************************************************** */
1101 static long ecdh_c[EC_NUM][1];
1103 static int ECDH_EVP_derive_key_loop(void *args)
1105 loopargs_t *tempargs = *(loopargs_t **) args;
1106 EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum];
1107 unsigned char *derived_secret = tempargs->secret_a;
1109 size_t *outlen = &(tempargs->outlen[testnum]);
1111 for (count = 0; COND(ecdh_c[testnum][0]); count++)
1112 EVP_PKEY_derive(ctx, derived_secret, outlen);
1117 #endif /* OPENSSL_NO_EC */
1119 static int run_benchmark(int async_jobs,
1120 int (*loop_function) (void *), loopargs_t * loopargs)
1122 int job_op_count = 0;
1123 int total_op_count = 0;
1124 int num_inprogress = 0;
1125 int error = 0, i = 0, ret = 0;
1126 OSSL_ASYNC_FD job_fd = 0;
1127 size_t num_job_fds = 0;
1131 if (async_jobs == 0) {
1132 return loop_function((void *)&loopargs);
1135 for (i = 0; i < async_jobs && !error; i++) {
1136 loopargs_t *looparg_item = loopargs + i;
1138 /* Copy pointer content (looparg_t item address) into async context */
1139 ret = ASYNC_start_job(&loopargs[i].inprogress_job, loopargs[i].wait_ctx,
1140 &job_op_count, loop_function,
1141 (void *)&looparg_item, sizeof(looparg_item));
1147 if (job_op_count == -1) {
1150 total_op_count += job_op_count;
1155 BIO_printf(bio_err, "Failure in the job\n");
1156 ERR_print_errors(bio_err);
1162 while (num_inprogress > 0) {
1163 #if defined(OPENSSL_SYS_WINDOWS)
1165 #elif defined(OPENSSL_SYS_UNIX)
1166 int select_result = 0;
1167 OSSL_ASYNC_FD max_fd = 0;
1170 FD_ZERO(&waitfdset);
1172 for (i = 0; i < async_jobs && num_inprogress > 0; i++) {
1173 if (loopargs[i].inprogress_job == NULL)
1176 if (!ASYNC_WAIT_CTX_get_all_fds
1177 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1178 || num_job_fds > 1) {
1179 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1180 ERR_print_errors(bio_err);
1184 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1186 FD_SET(job_fd, &waitfdset);
1187 if (job_fd > max_fd)
1191 if (max_fd >= (OSSL_ASYNC_FD)FD_SETSIZE) {
1193 "Error: max_fd (%d) must be smaller than FD_SETSIZE (%d). "
1194 "Decrease the value of async_jobs\n",
1195 max_fd, FD_SETSIZE);
1196 ERR_print_errors(bio_err);
1201 select_result = select(max_fd + 1, &waitfdset, NULL, NULL, NULL);
1202 if (select_result == -1 && errno == EINTR)
1205 if (select_result == -1) {
1206 BIO_printf(bio_err, "Failure in the select\n");
1207 ERR_print_errors(bio_err);
1212 if (select_result == 0)
1216 for (i = 0; i < async_jobs; i++) {
1217 if (loopargs[i].inprogress_job == NULL)
1220 if (!ASYNC_WAIT_CTX_get_all_fds
1221 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1222 || num_job_fds > 1) {
1223 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1224 ERR_print_errors(bio_err);
1228 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1231 #if defined(OPENSSL_SYS_UNIX)
1232 if (num_job_fds == 1 && !FD_ISSET(job_fd, &waitfdset))
1234 #elif defined(OPENSSL_SYS_WINDOWS)
1235 if (num_job_fds == 1
1236 && !PeekNamedPipe(job_fd, NULL, 0, NULL, &avail, NULL)
1241 ret = ASYNC_start_job(&loopargs[i].inprogress_job,
1242 loopargs[i].wait_ctx, &job_op_count,
1243 loop_function, (void *)(loopargs + i),
1244 sizeof(loopargs_t));
1249 if (job_op_count == -1) {
1252 total_op_count += job_op_count;
1255 loopargs[i].inprogress_job = NULL;
1260 loopargs[i].inprogress_job = NULL;
1261 BIO_printf(bio_err, "Failure in the job\n");
1262 ERR_print_errors(bio_err);
1269 return error ? -1 : total_op_count;
1272 int speed_main(int argc, char **argv)
1275 int (*loopfunc)(void *args);
1276 loopargs_t *loopargs = NULL;
1278 const char *engine_id = NULL;
1279 const EVP_CIPHER *evp_cipher = NULL;
1282 int async_init = 0, multiblock = 0, pr_header = 0;
1283 int doit[ALGOR_NUM] = { 0 };
1284 int ret = 1, misalign = 0, lengths_single = 0;
1286 unsigned int size_num = OSSL_NELEM(lengths_list);
1287 unsigned int i, k, loop, loopargs_len = 0, async_jobs = 0;
1293 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) \
1294 || !defined(OPENSSL_NO_EC)
1297 openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS,
1298 ECDSA_SECONDS, ECDH_SECONDS };
1300 /* What follows are the buffers and key material. */
1301 #ifndef OPENSSL_NO_RC5
1304 #ifndef OPENSSL_NO_RC2
1307 #ifndef OPENSSL_NO_IDEA
1308 IDEA_KEY_SCHEDULE idea_ks;
1310 #ifndef OPENSSL_NO_SEED
1311 SEED_KEY_SCHEDULE seed_ks;
1313 #ifndef OPENSSL_NO_BF
1316 #ifndef OPENSSL_NO_CAST
1319 static const unsigned char key16[16] = {
1320 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1321 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1323 static const unsigned char key24[24] = {
1324 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1325 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1326 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1328 static const unsigned char key32[32] = {
1329 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1330 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1331 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1332 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1334 #ifndef OPENSSL_NO_CAMELLIA
1335 static const unsigned char ckey24[24] = {
1336 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1337 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1338 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1340 static const unsigned char ckey32[32] = {
1341 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1342 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1343 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1344 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1346 CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3;
1348 #ifndef OPENSSL_NO_DES
1349 static DES_cblock key = {
1350 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0
1352 static DES_cblock key2 = {
1353 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1355 static DES_cblock key3 = {
1356 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1359 #ifndef OPENSSL_NO_RSA
1360 static const unsigned int rsa_bits[RSA_NUM] = {
1361 512, 1024, 2048, 3072, 4096, 7680, 15360
1363 static const unsigned char *rsa_data[RSA_NUM] = {
1364 test512, test1024, test2048, test3072, test4096, test7680, test15360
1366 static const int rsa_data_length[RSA_NUM] = {
1367 sizeof(test512), sizeof(test1024),
1368 sizeof(test2048), sizeof(test3072),
1369 sizeof(test4096), sizeof(test7680),
1372 int rsa_doit[RSA_NUM] = { 0 };
1373 int primes = RSA_DEFAULT_PRIME_NUM;
1375 #ifndef OPENSSL_NO_DSA
1376 static const unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 };
1377 int dsa_doit[DSA_NUM] = { 0 };
1379 #ifndef OPENSSL_NO_EC
1381 * We only test over the following curves as they are representative, To
1382 * add tests over more curves, simply add the curve NID and curve name to
1383 * the following arrays and increase the |ecdh_choices| list accordingly.
1385 static const struct {
1391 {"secp160r1", NID_secp160r1, 160},
1392 {"nistp192", NID_X9_62_prime192v1, 192},
1393 {"nistp224", NID_secp224r1, 224},
1394 {"nistp256", NID_X9_62_prime256v1, 256},
1395 {"nistp384", NID_secp384r1, 384},
1396 {"nistp521", NID_secp521r1, 521},
1398 {"nistk163", NID_sect163k1, 163},
1399 {"nistk233", NID_sect233k1, 233},
1400 {"nistk283", NID_sect283k1, 283},
1401 {"nistk409", NID_sect409k1, 409},
1402 {"nistk571", NID_sect571k1, 571},
1403 {"nistb163", NID_sect163r2, 163},
1404 {"nistb233", NID_sect233r1, 233},
1405 {"nistb283", NID_sect283r1, 283},
1406 {"nistb409", NID_sect409r1, 409},
1407 {"nistb571", NID_sect571r1, 571},
1408 {"brainpoolP256r1", NID_brainpoolP256r1, 256},
1409 {"brainpoolP256t1", NID_brainpoolP256t1, 256},
1410 {"brainpoolP384r1", NID_brainpoolP384r1, 384},
1411 {"brainpoolP384t1", NID_brainpoolP384t1, 384},
1412 {"brainpoolP512r1", NID_brainpoolP512r1, 512},
1413 {"brainpoolP512t1", NID_brainpoolP512t1, 512},
1414 /* Other and ECDH only ones */
1415 {"X25519", NID_X25519, 253},
1416 {"X448", NID_X448, 448}
1418 int ecdsa_doit[ECDSA_NUM] = { 0 };
1419 int ecdh_doit[EC_NUM] = { 0 };
1420 OPENSSL_assert(OSSL_NELEM(test_curves) >= EC_NUM);
1421 #endif /* ndef OPENSSL_NO_EC */
1423 prog = opt_init(argc, argv, speed_options);
1424 while ((o = opt_next()) != OPT_EOF) {
1429 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
1432 opt_help(speed_options);
1440 evp_cipher = EVP_get_cipherbyname(opt_arg());
1441 if (evp_cipher == NULL)
1442 evp_md = EVP_get_digestbyname(opt_arg());
1443 if (evp_cipher == NULL && evp_md == NULL) {
1445 "%s: %s is an unknown cipher or digest\n",
1456 * In a forked execution, an engine might need to be
1457 * initialised by each child process, not by the parent.
1458 * So store the name here and run setup_engine() later on.
1460 engine_id = opt_arg();
1464 multi = atoi(opt_arg());
1468 #ifndef OPENSSL_NO_ASYNC
1469 async_jobs = atoi(opt_arg());
1470 if (!ASYNC_is_capable()) {
1472 "%s: async_jobs specified but async not supported\n",
1476 if (async_jobs > 99999) {
1477 BIO_printf(bio_err, "%s: too many async_jobs\n", prog);
1483 if (!opt_int(opt_arg(), &misalign))
1485 if (misalign > MISALIGN) {
1487 "%s: Maximum offset is %d\n", prog, MISALIGN);
1496 #ifdef OPENSSL_NO_MULTIBLOCK
1498 "%s: -mb specified but multi-block support is disabled\n",
1508 if (!opt_int(opt_arg(), &primes))
1512 seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa
1513 = seconds.ecdh = atoi(opt_arg());
1516 lengths_single = atoi(opt_arg());
1517 lengths = &lengths_single;
1522 argc = opt_num_rest();
1525 /* Remaining arguments are algorithms. */
1526 for (; *argv; argv++) {
1527 if (found(*argv, doit_choices, &i)) {
1531 #ifndef OPENSSL_NO_DES
1532 if (strcmp(*argv, "des") == 0) {
1533 doit[D_CBC_DES] = doit[D_EDE3_DES] = 1;
1537 if (strcmp(*argv, "sha") == 0) {
1538 doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1;
1541 #ifndef OPENSSL_NO_RSA
1542 if (strcmp(*argv, "openssl") == 0)
1544 if (strcmp(*argv, "rsa") == 0) {
1545 for (loop = 0; loop < OSSL_NELEM(rsa_doit); loop++)
1549 if (found(*argv, rsa_choices, &i)) {
1554 #ifndef OPENSSL_NO_DSA
1555 if (strcmp(*argv, "dsa") == 0) {
1556 dsa_doit[R_DSA_512] = dsa_doit[R_DSA_1024] =
1557 dsa_doit[R_DSA_2048] = 1;
1560 if (found(*argv, dsa_choices, &i)) {
1565 if (strcmp(*argv, "aes") == 0) {
1566 doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1;
1569 #ifndef OPENSSL_NO_CAMELLIA
1570 if (strcmp(*argv, "camellia") == 0) {
1571 doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1;
1575 #ifndef OPENSSL_NO_EC
1576 if (strcmp(*argv, "ecdsa") == 0) {
1577 for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
1578 ecdsa_doit[loop] = 1;
1581 if (found(*argv, ecdsa_choices, &i)) {
1585 if (strcmp(*argv, "ecdh") == 0) {
1586 for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
1587 ecdh_doit[loop] = 1;
1590 if (found(*argv, ecdh_choices, &i)) {
1595 BIO_printf(bio_err, "%s: Unknown algorithm %s\n", prog, *argv);
1599 /* Initialize the job pool if async mode is enabled */
1600 if (async_jobs > 0) {
1601 async_init = ASYNC_init_thread(async_jobs, async_jobs);
1603 BIO_printf(bio_err, "Error creating the ASYNC job pool\n");
1608 loopargs_len = (async_jobs == 0 ? 1 : async_jobs);
1610 app_malloc(loopargs_len * sizeof(loopargs_t), "array of loopargs");
1611 memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));
1613 for (i = 0; i < loopargs_len; i++) {
1614 if (async_jobs > 0) {
1615 loopargs[i].wait_ctx = ASYNC_WAIT_CTX_new();
1616 if (loopargs[i].wait_ctx == NULL) {
1617 BIO_printf(bio_err, "Error creating the ASYNC_WAIT_CTX\n");
1622 buflen = lengths[size_num - 1] + MAX_MISALIGNMENT + 1;
1623 loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
1624 loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");
1625 memset(loopargs[i].buf_malloc, 0, buflen);
1626 memset(loopargs[i].buf2_malloc, 0, buflen);
1628 /* Align the start of buffers on a 64 byte boundary */
1629 loopargs[i].buf = loopargs[i].buf_malloc + misalign;
1630 loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;
1631 #ifndef OPENSSL_NO_EC
1632 loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a");
1633 loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b");
1638 if (multi && do_multi(multi, size_num))
1642 /* Initialize the engine after the fork */
1643 e = setup_engine(engine_id, 0);
1645 /* No parameters; turn on everything. */
1646 if ((argc == 0) && !doit[D_EVP]) {
1647 for (i = 0; i < ALGOR_NUM; i++)
1650 #ifndef OPENSSL_NO_RSA
1651 for (i = 0; i < RSA_NUM; i++)
1654 #ifndef OPENSSL_NO_DSA
1655 for (i = 0; i < DSA_NUM; i++)
1658 #ifndef OPENSSL_NO_EC
1659 for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
1660 ecdsa_doit[loop] = 1;
1661 for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
1662 ecdh_doit[loop] = 1;
1665 for (i = 0; i < ALGOR_NUM; i++)
1669 if (usertime == 0 && !mr)
1671 "You have chosen to measure elapsed time "
1672 "instead of user CPU time.\n");
1674 #ifndef OPENSSL_NO_RSA
1675 for (i = 0; i < loopargs_len; i++) {
1676 if (primes > RSA_DEFAULT_PRIME_NUM) {
1677 /* for multi-prime RSA, skip this */
1680 for (k = 0; k < RSA_NUM; k++) {
1681 const unsigned char *p;
1684 loopargs[i].rsa_key[k] =
1685 d2i_RSAPrivateKey(NULL, &p, rsa_data_length[k]);
1686 if (loopargs[i].rsa_key[k] == NULL) {
1688 "internal error loading RSA key number %d\n", k);
1694 #ifndef OPENSSL_NO_DSA
1695 for (i = 0; i < loopargs_len; i++) {
1696 loopargs[i].dsa_key[0] = get_dsa(512);
1697 loopargs[i].dsa_key[1] = get_dsa(1024);
1698 loopargs[i].dsa_key[2] = get_dsa(2048);
1701 #ifndef OPENSSL_NO_DES
1702 DES_set_key_unchecked(&key, &sch);
1703 DES_set_key_unchecked(&key2, &sch2);
1704 DES_set_key_unchecked(&key3, &sch3);
1706 AES_set_encrypt_key(key16, 128, &aes_ks1);
1707 AES_set_encrypt_key(key24, 192, &aes_ks2);
1708 AES_set_encrypt_key(key32, 256, &aes_ks3);
1709 #ifndef OPENSSL_NO_CAMELLIA
1710 Camellia_set_key(key16, 128, &camellia_ks1);
1711 Camellia_set_key(ckey24, 192, &camellia_ks2);
1712 Camellia_set_key(ckey32, 256, &camellia_ks3);
1714 #ifndef OPENSSL_NO_IDEA
1715 IDEA_set_encrypt_key(key16, &idea_ks);
1717 #ifndef OPENSSL_NO_SEED
1718 SEED_set_key(key16, &seed_ks);
1720 #ifndef OPENSSL_NO_RC4
1721 RC4_set_key(&rc4_ks, 16, key16);
1723 #ifndef OPENSSL_NO_RC2
1724 RC2_set_key(&rc2_ks, 16, key16, 128);
1726 #ifndef OPENSSL_NO_RC5
1727 RC5_32_set_key(&rc5_ks, 16, key16, 12);
1729 #ifndef OPENSSL_NO_BF
1730 BF_set_key(&bf_ks, 16, key16);
1732 #ifndef OPENSSL_NO_CAST
1733 CAST_set_key(&cast_ks, 16, key16);
1736 # ifndef OPENSSL_NO_DES
1737 BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
1743 for (it = count; it; it--)
1744 DES_ecb_encrypt((DES_cblock *)loopargs[0].buf,
1745 (DES_cblock *)loopargs[0].buf, &sch, DES_ENCRYPT);
1749 c[D_MD2][0] = count / 10;
1750 c[D_MDC2][0] = count / 10;
1751 c[D_MD4][0] = count;
1752 c[D_MD5][0] = count;
1753 c[D_HMAC][0] = count;
1754 c[D_SHA1][0] = count;
1755 c[D_RMD160][0] = count;
1756 c[D_RC4][0] = count * 5;
1757 c[D_CBC_DES][0] = count;
1758 c[D_EDE3_DES][0] = count / 3;
1759 c[D_CBC_IDEA][0] = count;
1760 c[D_CBC_SEED][0] = count;
1761 c[D_CBC_RC2][0] = count;
1762 c[D_CBC_RC5][0] = count;
1763 c[D_CBC_BF][0] = count;
1764 c[D_CBC_CAST][0] = count;
1765 c[D_CBC_128_AES][0] = count;
1766 c[D_CBC_192_AES][0] = count;
1767 c[D_CBC_256_AES][0] = count;
1768 c[D_CBC_128_CML][0] = count;
1769 c[D_CBC_192_CML][0] = count;
1770 c[D_CBC_256_CML][0] = count;
1771 c[D_SHA256][0] = count;
1772 c[D_SHA512][0] = count;
1773 c[D_WHIRLPOOL][0] = count;
1774 c[D_IGE_128_AES][0] = count;
1775 c[D_IGE_192_AES][0] = count;
1776 c[D_IGE_256_AES][0] = count;
1777 c[D_GHASH][0] = count;
1778 c[D_RAND][0] = count;
1780 for (i = 1; i < size_num; i++) {
1783 l0 = (long)lengths[0];
1784 l1 = (long)lengths[i];
1786 c[D_MD2][i] = c[D_MD2][0] * 4 * l0 / l1;
1787 c[D_MDC2][i] = c[D_MDC2][0] * 4 * l0 / l1;
1788 c[D_MD4][i] = c[D_MD4][0] * 4 * l0 / l1;
1789 c[D_MD5][i] = c[D_MD5][0] * 4 * l0 / l1;
1790 c[D_HMAC][i] = c[D_HMAC][0] * 4 * l0 / l1;
1791 c[D_SHA1][i] = c[D_SHA1][0] * 4 * l0 / l1;
1792 c[D_RMD160][i] = c[D_RMD160][0] * 4 * l0 / l1;
1793 c[D_SHA256][i] = c[D_SHA256][0] * 4 * l0 / l1;
1794 c[D_SHA512][i] = c[D_SHA512][0] * 4 * l0 / l1;
1795 c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * l0 / l1;
1796 c[D_GHASH][i] = c[D_GHASH][0] * 4 * l0 / l1;
1797 c[D_RAND][i] = c[D_RAND][0] * 4 * l0 / l1;
1799 l0 = (long)lengths[i - 1];
1801 c[D_RC4][i] = c[D_RC4][i - 1] * l0 / l1;
1802 c[D_CBC_DES][i] = c[D_CBC_DES][i - 1] * l0 / l1;
1803 c[D_EDE3_DES][i] = c[D_EDE3_DES][i - 1] * l0 / l1;
1804 c[D_CBC_IDEA][i] = c[D_CBC_IDEA][i - 1] * l0 / l1;
1805 c[D_CBC_SEED][i] = c[D_CBC_SEED][i - 1] * l0 / l1;
1806 c[D_CBC_RC2][i] = c[D_CBC_RC2][i - 1] * l0 / l1;
1807 c[D_CBC_RC5][i] = c[D_CBC_RC5][i - 1] * l0 / l1;
1808 c[D_CBC_BF][i] = c[D_CBC_BF][i - 1] * l0 / l1;
1809 c[D_CBC_CAST][i] = c[D_CBC_CAST][i - 1] * l0 / l1;
1810 c[D_CBC_128_AES][i] = c[D_CBC_128_AES][i - 1] * l0 / l1;
1811 c[D_CBC_192_AES][i] = c[D_CBC_192_AES][i - 1] * l0 / l1;
1812 c[D_CBC_256_AES][i] = c[D_CBC_256_AES][i - 1] * l0 / l1;
1813 c[D_CBC_128_CML][i] = c[D_CBC_128_CML][i - 1] * l0 / l1;
1814 c[D_CBC_192_CML][i] = c[D_CBC_192_CML][i - 1] * l0 / l1;
1815 c[D_CBC_256_CML][i] = c[D_CBC_256_CML][i - 1] * l0 / l1;
1816 c[D_IGE_128_AES][i] = c[D_IGE_128_AES][i - 1] * l0 / l1;
1817 c[D_IGE_192_AES][i] = c[D_IGE_192_AES][i - 1] * l0 / l1;
1818 c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
1821 # ifndef OPENSSL_NO_RSA
1822 rsa_c[R_RSA_512][0] = count / 2000;
1823 rsa_c[R_RSA_512][1] = count / 400;
1824 for (i = 1; i < RSA_NUM; i++) {
1825 rsa_c[i][0] = rsa_c[i - 1][0] / 8;
1826 rsa_c[i][1] = rsa_c[i - 1][1] / 4;
1827 if (rsa_doit[i] <= 1 && rsa_c[i][0] == 0)
1830 if (rsa_c[i][0] == 0) {
1831 rsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
1838 # ifndef OPENSSL_NO_DSA
1839 dsa_c[R_DSA_512][0] = count / 1000;
1840 dsa_c[R_DSA_512][1] = count / 1000 / 2;
1841 for (i = 1; i < DSA_NUM; i++) {
1842 dsa_c[i][0] = dsa_c[i - 1][0] / 4;
1843 dsa_c[i][1] = dsa_c[i - 1][1] / 4;
1844 if (dsa_doit[i] <= 1 && dsa_c[i][0] == 0)
1847 if (dsa_c[i][0] == 0) {
1848 dsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
1855 # ifndef OPENSSL_NO_EC
1856 ecdsa_c[R_EC_P160][0] = count / 1000;
1857 ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
1858 for (i = R_EC_P192; i <= R_EC_P521; i++) {
1859 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
1860 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
1861 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
1864 if (ecdsa_c[i][0] == 0) {
1870 ecdsa_c[R_EC_K163][0] = count / 1000;
1871 ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
1872 for (i = R_EC_K233; i <= R_EC_K571; i++) {
1873 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
1874 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
1875 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
1878 if (ecdsa_c[i][0] == 0) {
1884 ecdsa_c[R_EC_B163][0] = count / 1000;
1885 ecdsa_c[R_EC_B163][1] = count / 1000 / 2;
1886 for (i = R_EC_B233; i <= R_EC_B571; i++) {
1887 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
1888 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
1889 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
1892 if (ecdsa_c[i][0] == 0) {
1899 ecdh_c[R_EC_P160][0] = count / 1000;
1900 for (i = R_EC_P192; i <= R_EC_P521; i++) {
1901 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
1902 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
1905 if (ecdh_c[i][0] == 0) {
1910 ecdh_c[R_EC_K163][0] = count / 1000;
1911 for (i = R_EC_K233; i <= R_EC_K571; i++) {
1912 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
1913 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
1916 if (ecdh_c[i][0] == 0) {
1921 ecdh_c[R_EC_B163][0] = count / 1000;
1922 for (i = R_EC_B233; i <= R_EC_B571; i++) {
1923 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
1924 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
1927 if (ecdh_c[i][0] == 0) {
1932 /* repeated code good to factorize */
1933 ecdh_c[R_EC_BRP256R1][0] = count / 1000;
1934 for (i = R_EC_BRP384R1; i <= R_EC_BRP512R1; i += 2) {
1935 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
1936 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
1939 if (ecdh_c[i][0] == 0) {
1944 ecdh_c[R_EC_BRP256T1][0] = count / 1000;
1945 for (i = R_EC_BRP384T1; i <= R_EC_BRP512T1; i += 2) {
1946 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
1947 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
1950 if (ecdh_c[i][0] == 0) {
1955 /* default iteration count for the last two EC Curves */
1956 ecdh_c[R_EC_X25519][0] = count / 1800;
1957 ecdh_c[R_EC_X448][0] = count / 7200;
1961 /* not worth fixing */
1962 # error "You cannot disable DES on systems without SIGALRM."
1963 # endif /* OPENSSL_NO_DES */
1966 signal(SIGALRM, sig_done);
1968 #endif /* SIGALRM */
1970 #ifndef OPENSSL_NO_MD2
1972 for (testnum = 0; testnum < size_num; testnum++) {
1973 print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum],
1976 count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs);
1978 print_result(D_MD2, testnum, count, d);
1982 #ifndef OPENSSL_NO_MDC2
1984 for (testnum = 0; testnum < size_num; testnum++) {
1985 print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum],
1988 count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs);
1990 print_result(D_MDC2, testnum, count, d);
1995 #ifndef OPENSSL_NO_MD4
1997 for (testnum = 0; testnum < size_num; testnum++) {
1998 print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum],
2001 count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs);
2003 print_result(D_MD4, testnum, count, d);
2008 #ifndef OPENSSL_NO_MD5
2010 for (testnum = 0; testnum < size_num; testnum++) {
2011 print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum],
2014 count = run_benchmark(async_jobs, MD5_loop, loopargs);
2016 print_result(D_MD5, testnum, count, d);
2021 static const char hmac_key[] = "This is a key...";
2022 int len = strlen(hmac_key);
2024 for (i = 0; i < loopargs_len; i++) {
2025 loopargs[i].hctx = HMAC_CTX_new();
2026 if (loopargs[i].hctx == NULL) {
2027 BIO_printf(bio_err, "HMAC malloc failure, exiting...");
2031 HMAC_Init_ex(loopargs[i].hctx, hmac_key, len, EVP_md5(), NULL);
2033 for (testnum = 0; testnum < size_num; testnum++) {
2034 print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum],
2037 count = run_benchmark(async_jobs, HMAC_loop, loopargs);
2039 print_result(D_HMAC, testnum, count, d);
2041 for (i = 0; i < loopargs_len; i++) {
2042 HMAC_CTX_free(loopargs[i].hctx);
2047 for (testnum = 0; testnum < size_num; testnum++) {
2048 print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum],
2051 count = run_benchmark(async_jobs, SHA1_loop, loopargs);
2053 print_result(D_SHA1, testnum, count, d);
2056 if (doit[D_SHA256]) {
2057 for (testnum = 0; testnum < size_num; testnum++) {
2058 print_message(names[D_SHA256], c[D_SHA256][testnum],
2059 lengths[testnum], seconds.sym);
2061 count = run_benchmark(async_jobs, SHA256_loop, loopargs);
2063 print_result(D_SHA256, testnum, count, d);
2066 if (doit[D_SHA512]) {
2067 for (testnum = 0; testnum < size_num; testnum++) {
2068 print_message(names[D_SHA512], c[D_SHA512][testnum],
2069 lengths[testnum], seconds.sym);
2071 count = run_benchmark(async_jobs, SHA512_loop, loopargs);
2073 print_result(D_SHA512, testnum, count, d);
2076 #ifndef OPENSSL_NO_WHIRLPOOL
2077 if (doit[D_WHIRLPOOL]) {
2078 for (testnum = 0; testnum < size_num; testnum++) {
2079 print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][testnum],
2080 lengths[testnum], seconds.sym);
2082 count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs);
2084 print_result(D_WHIRLPOOL, testnum, count, d);
2089 #ifndef OPENSSL_NO_RMD160
2090 if (doit[D_RMD160]) {
2091 for (testnum = 0; testnum < size_num; testnum++) {
2092 print_message(names[D_RMD160], c[D_RMD160][testnum],
2093 lengths[testnum], seconds.sym);
2095 count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs);
2097 print_result(D_RMD160, testnum, count, d);
2101 #ifndef OPENSSL_NO_RC4
2103 for (testnum = 0; testnum < size_num; testnum++) {
2104 print_message(names[D_RC4], c[D_RC4][testnum], lengths[testnum],
2107 count = run_benchmark(async_jobs, RC4_loop, loopargs);
2109 print_result(D_RC4, testnum, count, d);
2113 #ifndef OPENSSL_NO_DES
2114 if (doit[D_CBC_DES]) {
2115 for (testnum = 0; testnum < size_num; testnum++) {
2116 print_message(names[D_CBC_DES], c[D_CBC_DES][testnum],
2117 lengths[testnum], seconds.sym);
2119 count = run_benchmark(async_jobs, DES_ncbc_encrypt_loop, loopargs);
2121 print_result(D_CBC_DES, testnum, count, d);
2125 if (doit[D_EDE3_DES]) {
2126 for (testnum = 0; testnum < size_num; testnum++) {
2127 print_message(names[D_EDE3_DES], c[D_EDE3_DES][testnum],
2128 lengths[testnum], seconds.sym);
2131 run_benchmark(async_jobs, DES_ede3_cbc_encrypt_loop, loopargs);
2133 print_result(D_EDE3_DES, testnum, count, d);
2138 if (doit[D_CBC_128_AES]) {
2139 for (testnum = 0; testnum < size_num; testnum++) {
2140 print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][testnum],
2141 lengths[testnum], seconds.sym);
2144 run_benchmark(async_jobs, AES_cbc_128_encrypt_loop, loopargs);
2146 print_result(D_CBC_128_AES, testnum, count, d);
2149 if (doit[D_CBC_192_AES]) {
2150 for (testnum = 0; testnum < size_num; testnum++) {
2151 print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][testnum],
2152 lengths[testnum], seconds.sym);
2155 run_benchmark(async_jobs, AES_cbc_192_encrypt_loop, loopargs);
2157 print_result(D_CBC_192_AES, testnum, count, d);
2160 if (doit[D_CBC_256_AES]) {
2161 for (testnum = 0; testnum < size_num; testnum++) {
2162 print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][testnum],
2163 lengths[testnum], seconds.sym);
2166 run_benchmark(async_jobs, AES_cbc_256_encrypt_loop, loopargs);
2168 print_result(D_CBC_256_AES, testnum, count, d);
2172 if (doit[D_IGE_128_AES]) {
2173 for (testnum = 0; testnum < size_num; testnum++) {
2174 print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][testnum],
2175 lengths[testnum], seconds.sym);
2178 run_benchmark(async_jobs, AES_ige_128_encrypt_loop, loopargs);
2180 print_result(D_IGE_128_AES, testnum, count, d);
2183 if (doit[D_IGE_192_AES]) {
2184 for (testnum = 0; testnum < size_num; testnum++) {
2185 print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][testnum],
2186 lengths[testnum], seconds.sym);
2189 run_benchmark(async_jobs, AES_ige_192_encrypt_loop, loopargs);
2191 print_result(D_IGE_192_AES, testnum, count, d);
2194 if (doit[D_IGE_256_AES]) {
2195 for (testnum = 0; testnum < size_num; testnum++) {
2196 print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][testnum],
2197 lengths[testnum], seconds.sym);
2200 run_benchmark(async_jobs, AES_ige_256_encrypt_loop, loopargs);
2202 print_result(D_IGE_256_AES, testnum, count, d);
2205 if (doit[D_GHASH]) {
2206 for (i = 0; i < loopargs_len; i++) {
2207 loopargs[i].gcm_ctx =
2208 CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
2209 CRYPTO_gcm128_setiv(loopargs[i].gcm_ctx,
2210 (unsigned char *)"0123456789ab", 12);
2213 for (testnum = 0; testnum < size_num; testnum++) {
2214 print_message(names[D_GHASH], c[D_GHASH][testnum],
2215 lengths[testnum], seconds.sym);
2217 count = run_benchmark(async_jobs, CRYPTO_gcm128_aad_loop, loopargs);
2219 print_result(D_GHASH, testnum, count, d);
2221 for (i = 0; i < loopargs_len; i++)
2222 CRYPTO_gcm128_release(loopargs[i].gcm_ctx);
2224 #ifndef OPENSSL_NO_CAMELLIA
2225 if (doit[D_CBC_128_CML]) {
2226 if (async_jobs > 0) {
2227 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2228 names[D_CBC_128_CML]);
2229 doit[D_CBC_128_CML] = 0;
2231 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2232 print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][testnum],
2233 lengths[testnum], seconds.sym);
2235 for (count = 0, run = 1; COND(c[D_CBC_128_CML][testnum]); count++)
2236 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2237 (size_t)lengths[testnum], &camellia_ks1,
2238 iv, CAMELLIA_ENCRYPT);
2240 print_result(D_CBC_128_CML, testnum, count, d);
2243 if (doit[D_CBC_192_CML]) {
2244 if (async_jobs > 0) {
2245 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2246 names[D_CBC_192_CML]);
2247 doit[D_CBC_192_CML] = 0;
2249 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2250 print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][testnum],
2251 lengths[testnum], seconds.sym);
2252 if (async_jobs > 0) {
2253 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2257 for (count = 0, run = 1; COND(c[D_CBC_192_CML][testnum]); count++)
2258 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2259 (size_t)lengths[testnum], &camellia_ks2,
2260 iv, CAMELLIA_ENCRYPT);
2262 print_result(D_CBC_192_CML, testnum, count, d);
2265 if (doit[D_CBC_256_CML]) {
2266 if (async_jobs > 0) {
2267 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2268 names[D_CBC_256_CML]);
2269 doit[D_CBC_256_CML] = 0;
2271 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2272 print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][testnum],
2273 lengths[testnum], seconds.sym);
2275 for (count = 0, run = 1; COND(c[D_CBC_256_CML][testnum]); count++)
2276 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2277 (size_t)lengths[testnum], &camellia_ks3,
2278 iv, CAMELLIA_ENCRYPT);
2280 print_result(D_CBC_256_CML, testnum, count, d);
2284 #ifndef OPENSSL_NO_IDEA
2285 if (doit[D_CBC_IDEA]) {
2286 if (async_jobs > 0) {
2287 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2289 doit[D_CBC_IDEA] = 0;
2291 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2292 print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][testnum],
2293 lengths[testnum], seconds.sym);
2295 for (count = 0, run = 1; COND(c[D_CBC_IDEA][testnum]); count++)
2296 IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2297 (size_t)lengths[testnum], &idea_ks,
2300 print_result(D_CBC_IDEA, testnum, count, d);
2304 #ifndef OPENSSL_NO_SEED
2305 if (doit[D_CBC_SEED]) {
2306 if (async_jobs > 0) {
2307 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2309 doit[D_CBC_SEED] = 0;
2311 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2312 print_message(names[D_CBC_SEED], c[D_CBC_SEED][testnum],
2313 lengths[testnum], seconds.sym);
2315 for (count = 0, run = 1; COND(c[D_CBC_SEED][testnum]); count++)
2316 SEED_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2317 (size_t)lengths[testnum], &seed_ks, iv, 1);
2319 print_result(D_CBC_SEED, testnum, count, d);
2323 #ifndef OPENSSL_NO_RC2
2324 if (doit[D_CBC_RC2]) {
2325 if (async_jobs > 0) {
2326 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2328 doit[D_CBC_RC2] = 0;
2330 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2331 print_message(names[D_CBC_RC2], c[D_CBC_RC2][testnum],
2332 lengths[testnum], seconds.sym);
2333 if (async_jobs > 0) {
2334 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2338 for (count = 0, run = 1; COND(c[D_CBC_RC2][testnum]); count++)
2339 RC2_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2340 (size_t)lengths[testnum], &rc2_ks,
2343 print_result(D_CBC_RC2, testnum, count, d);
2347 #ifndef OPENSSL_NO_RC5
2348 if (doit[D_CBC_RC5]) {
2349 if (async_jobs > 0) {
2350 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2352 doit[D_CBC_RC5] = 0;
2354 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2355 print_message(names[D_CBC_RC5], c[D_CBC_RC5][testnum],
2356 lengths[testnum], seconds.sym);
2357 if (async_jobs > 0) {
2358 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2362 for (count = 0, run = 1; COND(c[D_CBC_RC5][testnum]); count++)
2363 RC5_32_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2364 (size_t)lengths[testnum], &rc5_ks,
2367 print_result(D_CBC_RC5, testnum, count, d);
2371 #ifndef OPENSSL_NO_BF
2372 if (doit[D_CBC_BF]) {
2373 if (async_jobs > 0) {
2374 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2378 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2379 print_message(names[D_CBC_BF], c[D_CBC_BF][testnum],
2380 lengths[testnum], seconds.sym);
2382 for (count = 0, run = 1; COND(c[D_CBC_BF][testnum]); count++)
2383 BF_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2384 (size_t)lengths[testnum], &bf_ks,
2387 print_result(D_CBC_BF, testnum, count, d);
2391 #ifndef OPENSSL_NO_CAST
2392 if (doit[D_CBC_CAST]) {
2393 if (async_jobs > 0) {
2394 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2396 doit[D_CBC_CAST] = 0;
2398 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2399 print_message(names[D_CBC_CAST], c[D_CBC_CAST][testnum],
2400 lengths[testnum], seconds.sym);
2402 for (count = 0, run = 1; COND(c[D_CBC_CAST][testnum]); count++)
2403 CAST_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2404 (size_t)lengths[testnum], &cast_ks,
2407 print_result(D_CBC_CAST, testnum, count, d);
2412 for (testnum = 0; testnum < size_num; testnum++) {
2413 print_message(names[D_RAND], c[D_RAND][testnum], lengths[testnum],
2416 count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs);
2418 print_result(D_RAND, testnum, count, d);
2423 if (multiblock && evp_cipher) {
2425 (EVP_CIPHER_flags(evp_cipher) &
2426 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
2427 BIO_printf(bio_err, "%s is not multi-block capable\n",
2428 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
2431 if (async_jobs > 0) {
2432 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2435 multiblock_speed(evp_cipher, lengths_single, &seconds);
2439 for (testnum = 0; testnum < size_num; testnum++) {
2442 names[D_EVP] = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
2444 * -O3 -fschedule-insns messes up an optimization here!
2445 * names[D_EVP] somehow becomes NULL
2447 print_message(names[D_EVP], save_count, lengths[testnum],
2450 for (k = 0; k < loopargs_len; k++) {
2451 loopargs[k].ctx = EVP_CIPHER_CTX_new();
2452 EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL, NULL,
2453 iv, decrypt ? 0 : 1);
2455 EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
2457 keylen = EVP_CIPHER_CTX_key_length(loopargs[k].ctx);
2458 loopargs[k].key = app_malloc(keylen, "evp_cipher key");
2459 EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key);
2460 EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
2461 loopargs[k].key, NULL, -1);
2462 OPENSSL_clear_free(loopargs[k].key, keylen);
2464 switch (EVP_CIPHER_mode(evp_cipher)) {
2465 case EVP_CIPH_CCM_MODE:
2466 loopfunc = EVP_Update_loop_ccm;
2469 loopfunc = EVP_Update_loop;
2473 count = run_benchmark(async_jobs, loopfunc, loopargs);
2475 for (k = 0; k < loopargs_len; k++) {
2476 EVP_CIPHER_CTX_free(loopargs[k].ctx);
2480 names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md));
2481 print_message(names[D_EVP], save_count, lengths[testnum],
2484 count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs);
2487 print_result(D_EVP, testnum, count, d);
2491 for (i = 0; i < loopargs_len; i++)
2492 RAND_bytes(loopargs[i].buf, 36);
2494 #ifndef OPENSSL_NO_RSA
2495 for (testnum = 0; testnum < RSA_NUM; testnum++) {
2497 if (!rsa_doit[testnum])
2499 for (i = 0; i < loopargs_len; i++) {
2501 /* we haven't set keys yet, generate multi-prime RSA keys */
2502 BIGNUM *bn = BN_new();
2506 if (!BN_set_word(bn, RSA_F4)) {
2511 BIO_printf(bio_err, "Generate multi-prime RSA key for %s\n",
2512 rsa_choices[testnum].name);
2514 loopargs[i].rsa_key[testnum] = RSA_new();
2515 if (loopargs[i].rsa_key[testnum] == NULL) {
2520 if (!RSA_generate_multi_prime_key(loopargs[i].rsa_key[testnum],
2522 primes, bn, NULL)) {
2528 st = RSA_sign(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2529 &loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2535 "RSA sign failure. No RSA sign will be done.\n");
2536 ERR_print_errors(bio_err);
2539 pkey_print_message("private", "rsa",
2540 rsa_c[testnum][0], rsa_bits[testnum],
2542 /* RSA_blinding_on(rsa_key[testnum],NULL); */
2544 count = run_benchmark(async_jobs, RSA_sign_loop, loopargs);
2547 mr ? "+R1:%ld:%d:%.2f\n"
2548 : "%ld %u bits private RSA's in %.2fs\n",
2549 count, rsa_bits[testnum], d);
2550 rsa_results[testnum][0] = (double)count / d;
2554 for (i = 0; i < loopargs_len; i++) {
2555 st = RSA_verify(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2556 loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2562 "RSA verify failure. No RSA verify will be done.\n");
2563 ERR_print_errors(bio_err);
2564 rsa_doit[testnum] = 0;
2566 pkey_print_message("public", "rsa",
2567 rsa_c[testnum][1], rsa_bits[testnum],
2570 count = run_benchmark(async_jobs, RSA_verify_loop, loopargs);
2573 mr ? "+R2:%ld:%d:%.2f\n"
2574 : "%ld %u bits public RSA's in %.2fs\n",
2575 count, rsa_bits[testnum], d);
2576 rsa_results[testnum][1] = (double)count / d;
2579 if (rsa_count <= 1) {
2580 /* if longer than 10s, don't do any more */
2581 for (testnum++; testnum < RSA_NUM; testnum++)
2582 rsa_doit[testnum] = 0;
2585 #endif /* OPENSSL_NO_RSA */
2587 for (i = 0; i < loopargs_len; i++)
2588 RAND_bytes(loopargs[i].buf, 36);
2590 #ifndef OPENSSL_NO_DSA
2591 for (testnum = 0; testnum < DSA_NUM; testnum++) {
2593 if (!dsa_doit[testnum])
2596 /* DSA_generate_key(dsa_key[testnum]); */
2597 /* DSA_sign_setup(dsa_key[testnum],NULL); */
2598 for (i = 0; i < loopargs_len; i++) {
2599 st = DSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
2600 &loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2606 "DSA sign failure. No DSA sign will be done.\n");
2607 ERR_print_errors(bio_err);
2610 pkey_print_message("sign", "dsa",
2611 dsa_c[testnum][0], dsa_bits[testnum],
2614 count = run_benchmark(async_jobs, DSA_sign_loop, loopargs);
2617 mr ? "+R3:%ld:%u:%.2f\n"
2618 : "%ld %u bits DSA signs in %.2fs\n",
2619 count, dsa_bits[testnum], d);
2620 dsa_results[testnum][0] = (double)count / d;
2624 for (i = 0; i < loopargs_len; i++) {
2625 st = DSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
2626 loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2632 "DSA verify failure. No DSA verify will be done.\n");
2633 ERR_print_errors(bio_err);
2634 dsa_doit[testnum] = 0;
2636 pkey_print_message("verify", "dsa",
2637 dsa_c[testnum][1], dsa_bits[testnum],
2640 count = run_benchmark(async_jobs, DSA_verify_loop, loopargs);
2643 mr ? "+R4:%ld:%u:%.2f\n"
2644 : "%ld %u bits DSA verify in %.2fs\n",
2645 count, dsa_bits[testnum], d);
2646 dsa_results[testnum][1] = (double)count / d;
2649 if (rsa_count <= 1) {
2650 /* if longer than 10s, don't do any more */
2651 for (testnum++; testnum < DSA_NUM; testnum++)
2652 dsa_doit[testnum] = 0;
2655 #endif /* OPENSSL_NO_DSA */
2657 #ifndef OPENSSL_NO_EC
2658 for (testnum = 0; testnum < ECDSA_NUM; testnum++) {
2661 if (!ecdsa_doit[testnum])
2662 continue; /* Ignore Curve */
2663 for (i = 0; i < loopargs_len; i++) {
2664 loopargs[i].ecdsa[testnum] =
2665 EC_KEY_new_by_curve_name(test_curves[testnum].nid);
2666 if (loopargs[i].ecdsa[testnum] == NULL) {
2672 BIO_printf(bio_err, "ECDSA failure.\n");
2673 ERR_print_errors(bio_err);
2676 for (i = 0; i < loopargs_len; i++) {
2677 EC_KEY_precompute_mult(loopargs[i].ecdsa[testnum], NULL);
2678 /* Perform ECDSA signature test */
2679 EC_KEY_generate_key(loopargs[i].ecdsa[testnum]);
2680 st = ECDSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
2681 &loopargs[i].siglen,
2682 loopargs[i].ecdsa[testnum]);
2688 "ECDSA sign failure. No ECDSA sign will be done.\n");
2689 ERR_print_errors(bio_err);
2692 pkey_print_message("sign", "ecdsa",
2693 ecdsa_c[testnum][0],
2694 test_curves[testnum].bits, seconds.ecdsa);
2696 count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs);
2700 mr ? "+R5:%ld:%u:%.2f\n" :
2701 "%ld %u bits ECDSA signs in %.2fs \n",
2702 count, test_curves[testnum].bits, d);
2703 ecdsa_results[testnum][0] = (double)count / d;
2707 /* Perform ECDSA verification test */
2708 for (i = 0; i < loopargs_len; i++) {
2709 st = ECDSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
2711 loopargs[i].ecdsa[testnum]);
2717 "ECDSA verify failure. No ECDSA verify will be done.\n");
2718 ERR_print_errors(bio_err);
2719 ecdsa_doit[testnum] = 0;
2721 pkey_print_message("verify", "ecdsa",
2722 ecdsa_c[testnum][1],
2723 test_curves[testnum].bits, seconds.ecdsa);
2725 count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs);
2728 mr ? "+R6:%ld:%u:%.2f\n"
2729 : "%ld %u bits ECDSA verify in %.2fs\n",
2730 count, test_curves[testnum].bits, d);
2731 ecdsa_results[testnum][1] = (double)count / d;
2734 if (rsa_count <= 1) {
2735 /* if longer than 10s, don't do any more */
2736 for (testnum++; testnum < EC_NUM; testnum++)
2737 ecdsa_doit[testnum] = 0;
2742 for (testnum = 0; testnum < EC_NUM; testnum++) {
2743 int ecdh_checks = 1;
2745 if (!ecdh_doit[testnum])
2748 for (i = 0; i < loopargs_len; i++) {
2749 EVP_PKEY_CTX *kctx = NULL;
2750 EVP_PKEY_CTX *test_ctx = NULL;
2751 EVP_PKEY_CTX *ctx = NULL;
2752 EVP_PKEY *key_A = NULL;
2753 EVP_PKEY *key_B = NULL;
2757 /* Ensure that the error queue is empty */
2758 if (ERR_peek_error()) {
2760 "WARNING: the error queue contains previous unhandled errors.\n");
2761 ERR_print_errors(bio_err);
2764 /* Let's try to create a ctx directly from the NID: this works for
2765 * curves like Curve25519 that are not implemented through the low
2766 * level EC interface.
2767 * If this fails we try creating a EVP_PKEY_EC generic param ctx,
2768 * then we set the curve by NID before deriving the actual keygen
2769 * ctx for that specific curve. */
2770 kctx = EVP_PKEY_CTX_new_id(test_curves[testnum].nid, NULL); /* keygen ctx from NID */
2772 EVP_PKEY_CTX *pctx = NULL;
2773 EVP_PKEY *params = NULL;
2775 /* If we reach this code EVP_PKEY_CTX_new_id() failed and a
2776 * "int_ctx_new:unsupported algorithm" error was added to the
2778 * We remove it from the error queue as we are handling it. */
2779 unsigned long error = ERR_peek_error(); /* peek the latest error in the queue */
2780 if (error == ERR_peek_last_error() && /* oldest and latest errors match */
2781 /* check that the error origin matches */
2782 ERR_GET_LIB(error) == ERR_LIB_EVP &&
2783 ERR_GET_FUNC(error) == EVP_F_INT_CTX_NEW &&
2784 ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM)
2785 ERR_get_error(); /* pop error from queue */
2786 if (ERR_peek_error()) {
2788 "Unhandled error in the error queue during ECDH init.\n");
2789 ERR_print_errors(bio_err);
2794 if ( /* Create the context for parameter generation */
2795 !(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) ||
2796 /* Initialise the parameter generation */
2797 !EVP_PKEY_paramgen_init(pctx) ||
2798 /* Set the curve by NID */
2799 !EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
2802 /* Create the parameter object params */
2803 !EVP_PKEY_paramgen(pctx, ¶ms)) {
2805 BIO_printf(bio_err, "ECDH EC params init failure.\n");
2806 ERR_print_errors(bio_err);
2810 /* Create the context for the key generation */
2811 kctx = EVP_PKEY_CTX_new(params, NULL);
2813 EVP_PKEY_free(params);
2815 EVP_PKEY_CTX_free(pctx);
2818 if (kctx == NULL || /* keygen ctx is not null */
2819 !EVP_PKEY_keygen_init(kctx) /* init keygen ctx */ ) {
2821 BIO_printf(bio_err, "ECDH keygen failure.\n");
2822 ERR_print_errors(bio_err);
2827 if (!EVP_PKEY_keygen(kctx, &key_A) || /* generate secret key A */
2828 !EVP_PKEY_keygen(kctx, &key_B) || /* generate secret key B */
2829 !(ctx = EVP_PKEY_CTX_new(key_A, NULL)) || /* derivation ctx from skeyA */
2830 !EVP_PKEY_derive_init(ctx) || /* init derivation ctx */
2831 !EVP_PKEY_derive_set_peer(ctx, key_B) || /* set peer pubkey in ctx */
2832 !EVP_PKEY_derive(ctx, NULL, &outlen) || /* determine max length */
2833 outlen == 0 || /* ensure outlen is a valid size */
2834 outlen > MAX_ECDH_SIZE /* avoid buffer overflow */ ) {
2836 BIO_printf(bio_err, "ECDH key generation failure.\n");
2837 ERR_print_errors(bio_err);
2842 /* Here we perform a test run, comparing the output of a*B and b*A;
2843 * we try this here and assume that further EVP_PKEY_derive calls
2844 * never fail, so we can skip checks in the actually benchmarked
2845 * code, for maximum performance. */
2846 if (!(test_ctx = EVP_PKEY_CTX_new(key_B, NULL)) || /* test ctx from skeyB */
2847 !EVP_PKEY_derive_init(test_ctx) || /* init derivation test_ctx */
2848 !EVP_PKEY_derive_set_peer(test_ctx, key_A) || /* set peer pubkey in test_ctx */
2849 !EVP_PKEY_derive(test_ctx, NULL, &test_outlen) || /* determine max length */
2850 !EVP_PKEY_derive(ctx, loopargs[i].secret_a, &outlen) || /* compute a*B */
2851 !EVP_PKEY_derive(test_ctx, loopargs[i].secret_b, &test_outlen) || /* compute b*A */
2852 test_outlen != outlen /* compare output length */ ) {
2854 BIO_printf(bio_err, "ECDH computation failure.\n");
2855 ERR_print_errors(bio_err);
2860 /* Compare the computation results: CRYPTO_memcmp() returns 0 if equal */
2861 if (CRYPTO_memcmp(loopargs[i].secret_a,
2862 loopargs[i].secret_b, outlen)) {
2864 BIO_printf(bio_err, "ECDH computations don't match.\n");
2865 ERR_print_errors(bio_err);
2870 loopargs[i].ecdh_ctx[testnum] = ctx;
2871 loopargs[i].outlen[testnum] = outlen;
2873 EVP_PKEY_free(key_A);
2874 EVP_PKEY_free(key_B);
2875 EVP_PKEY_CTX_free(kctx);
2877 EVP_PKEY_CTX_free(test_ctx);
2880 if (ecdh_checks != 0) {
2881 pkey_print_message("", "ecdh",
2883 test_curves[testnum].bits, seconds.ecdh);
2886 run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs);
2889 mr ? "+R7:%ld:%d:%.2f\n" :
2890 "%ld %u-bits ECDH ops in %.2fs\n", count,
2891 test_curves[testnum].bits, d);
2892 ecdh_results[testnum][0] = (double)count / d;
2896 if (rsa_count <= 1) {
2897 /* if longer than 10s, don't do any more */
2898 for (testnum++; testnum < OSSL_NELEM(ecdh_doit); testnum++)
2899 ecdh_doit[testnum] = 0;
2902 #endif /* OPENSSL_NO_EC */
2907 printf("%s\n", OpenSSL_version(OPENSSL_VERSION));
2908 printf("%s\n", OpenSSL_version(OPENSSL_BUILT_ON));
2910 printf("%s ", BN_options());
2911 #ifndef OPENSSL_NO_MD2
2912 printf("%s ", MD2_options());
2914 #ifndef OPENSSL_NO_RC4
2915 printf("%s ", RC4_options());
2917 #ifndef OPENSSL_NO_DES
2918 printf("%s ", DES_options());
2920 printf("%s ", AES_options());
2921 #ifndef OPENSSL_NO_IDEA
2922 printf("%s ", IDEA_options());
2924 #ifndef OPENSSL_NO_BF
2925 printf("%s ", BF_options());
2927 printf("\n%s\n", OpenSSL_version(OPENSSL_CFLAGS));
2935 ("The 'numbers' are in 1000s of bytes per second processed.\n");
2938 for (testnum = 0; testnum < size_num; testnum++)
2939 printf(mr ? ":%d" : "%7d bytes", lengths[testnum]);
2943 for (k = 0; k < ALGOR_NUM; k++) {
2947 printf("+F:%u:%s", k, names[k]);
2949 printf("%-13s", names[k]);
2950 for (testnum = 0; testnum < size_num; testnum++) {
2951 if (results[k][testnum] > 10000 && !mr)
2952 printf(" %11.2fk", results[k][testnum] / 1e3);
2954 printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]);
2958 #ifndef OPENSSL_NO_RSA
2960 for (k = 0; k < RSA_NUM; k++) {
2963 if (testnum && !mr) {
2964 printf("%18ssign verify sign/s verify/s\n", " ");
2968 printf("+F2:%u:%u:%f:%f\n",
2969 k, rsa_bits[k], rsa_results[k][0], rsa_results[k][1]);
2971 printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
2972 rsa_bits[k], 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1],
2973 rsa_results[k][0], rsa_results[k][1]);
2976 #ifndef OPENSSL_NO_DSA
2978 for (k = 0; k < DSA_NUM; k++) {
2981 if (testnum && !mr) {
2982 printf("%18ssign verify sign/s verify/s\n", " ");
2986 printf("+F3:%u:%u:%f:%f\n",
2987 k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
2989 printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
2990 dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1],
2991 dsa_results[k][0], dsa_results[k][1]);
2994 #ifndef OPENSSL_NO_EC
2996 for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) {
2999 if (testnum && !mr) {
3000 printf("%30ssign verify sign/s verify/s\n", " ");
3005 printf("+F4:%u:%u:%f:%f\n",
3006 k, test_curves[k].bits,
3007 ecdsa_results[k][0], ecdsa_results[k][1]);
3009 printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3010 test_curves[k].bits, test_curves[k].name,
3011 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1],
3012 ecdsa_results[k][0], ecdsa_results[k][1]);
3016 for (k = 0; k < EC_NUM; k++) {
3019 if (testnum && !mr) {
3020 printf("%30sop op/s\n", " ");
3024 printf("+F5:%u:%u:%f:%f\n",
3025 k, test_curves[k].bits,
3026 ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
3029 printf("%4u bits ecdh (%s) %8.4fs %8.1f\n",
3030 test_curves[k].bits, test_curves[k].name,
3031 1.0 / ecdh_results[k][0], ecdh_results[k][0]);
3038 ERR_print_errors(bio_err);
3039 for (i = 0; i < loopargs_len; i++) {
3040 OPENSSL_free(loopargs[i].buf_malloc);
3041 OPENSSL_free(loopargs[i].buf2_malloc);
3043 #ifndef OPENSSL_NO_RSA
3044 for (k = 0; k < RSA_NUM; k++)
3045 RSA_free(loopargs[i].rsa_key[k]);
3047 #ifndef OPENSSL_NO_DSA
3048 for (k = 0; k < DSA_NUM; k++)
3049 DSA_free(loopargs[i].dsa_key[k]);
3051 #ifndef OPENSSL_NO_EC
3052 for (k = 0; k < ECDSA_NUM; k++)
3053 EC_KEY_free(loopargs[i].ecdsa[k]);
3054 for (k = 0; k < EC_NUM; k++)
3055 EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]);
3056 OPENSSL_free(loopargs[i].secret_a);
3057 OPENSSL_free(loopargs[i].secret_b);
3061 if (async_jobs > 0) {
3062 for (i = 0; i < loopargs_len; i++)
3063 ASYNC_WAIT_CTX_free(loopargs[i].wait_ctx);
3067 ASYNC_cleanup_thread();
3069 OPENSSL_free(loopargs);
3074 static void print_message(const char *s, long num, int length, int tm)
3078 mr ? "+DT:%s:%d:%d\n"
3079 : "Doing %s for %ds on %d size blocks: ", s, tm, length);
3080 (void)BIO_flush(bio_err);
3084 mr ? "+DN:%s:%ld:%d\n"
3085 : "Doing %s %ld times on %d size blocks: ", s, num, length);
3086 (void)BIO_flush(bio_err);
3090 static void pkey_print_message(const char *str, const char *str2, long num,
3091 unsigned int bits, int tm)
3095 mr ? "+DTP:%d:%s:%s:%d\n"
3096 : "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm);
3097 (void)BIO_flush(bio_err);
3101 mr ? "+DNP:%ld:%d:%s:%s\n"
3102 : "Doing %ld %u bits %s %s's: ", num, bits, str, str2);
3103 (void)BIO_flush(bio_err);
3107 static void print_result(int alg, int run_no, int count, double time_used)
3110 BIO_puts(bio_err, "EVP error!\n");
3114 mr ? "+R:%d:%s:%f\n"
3115 : "%d %s's in %.2fs\n", count, names[alg], time_used);
3116 results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
3120 static char *sstrsep(char **string, const char *delim)
3123 char *token = *string;
3128 memset(isdelim, 0, sizeof(isdelim));
3132 isdelim[(unsigned char)(*delim)] = 1;
3136 while (!isdelim[(unsigned char)(**string)]) {
3148 static int do_multi(int multi, int size_num)
3153 static char sep[] = ":";
3155 fds = malloc(sizeof(*fds) * multi);
3156 for (n = 0; n < multi; ++n) {
3157 if (pipe(fd) == -1) {
3158 BIO_printf(bio_err, "pipe failure\n");
3162 (void)BIO_flush(bio_err);
3169 if (dup(fd[1]) == -1) {
3170 BIO_printf(bio_err, "dup failed\n");
3179 printf("Forked child %d\n", n);
3182 /* for now, assume the pipe is long enough to take all the output */
3183 for (n = 0; n < multi; ++n) {
3188 f = fdopen(fds[n], "r");
3189 while (fgets(buf, sizeof(buf), f)) {
3190 p = strchr(buf, '\n');
3193 if (buf[0] != '+') {
3195 "Don't understand line '%s' from child %d\n", buf,
3199 printf("Got: %s from %d\n", buf, n);
3200 if (strncmp(buf, "+F:", 3) == 0) {
3205 alg = atoi(sstrsep(&p, sep));
3207 for (j = 0; j < size_num; ++j)
3208 results[alg][j] += atof(sstrsep(&p, sep));
3209 } else if (strncmp(buf, "+F2:", 4) == 0) {
3214 k = atoi(sstrsep(&p, sep));
3217 d = atof(sstrsep(&p, sep));
3218 rsa_results[k][0] += d;
3220 d = atof(sstrsep(&p, sep));
3221 rsa_results[k][1] += d;
3223 # ifndef OPENSSL_NO_DSA
3224 else if (strncmp(buf, "+F3:", 4) == 0) {
3229 k = atoi(sstrsep(&p, sep));
3232 d = atof(sstrsep(&p, sep));
3233 dsa_results[k][0] += d;
3235 d = atof(sstrsep(&p, sep));
3236 dsa_results[k][1] += d;
3239 # ifndef OPENSSL_NO_EC
3240 else if (strncmp(buf, "+F4:", 4) == 0) {
3245 k = atoi(sstrsep(&p, sep));
3248 d = atof(sstrsep(&p, sep));
3249 ecdsa_results[k][0] += d;
3251 d = atof(sstrsep(&p, sep));
3252 ecdsa_results[k][1] += d;
3253 } else if (strncmp(buf, "+F5:", 4) == 0) {
3258 k = atoi(sstrsep(&p, sep));
3261 d = atof(sstrsep(&p, sep));
3262 ecdh_results[k][0] += d;
3266 else if (strncmp(buf, "+H:", 3) == 0) {
3269 BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf,
3280 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
3281 const openssl_speed_sec_t *seconds)
3283 static const int mblengths_list[] =
3284 { 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 };
3285 const int *mblengths = mblengths_list;
3286 int j, count, keylen, num = OSSL_NELEM(mblengths_list);
3287 const char *alg_name;
3288 unsigned char *inp, *out, *key, no_key[32], no_iv[16];
3289 EVP_CIPHER_CTX *ctx;
3292 if (lengths_single) {
3293 mblengths = &lengths_single;
3297 inp = app_malloc(mblengths[num - 1], "multiblock input buffer");
3298 out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer");
3299 ctx = EVP_CIPHER_CTX_new();
3300 EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv);
3302 keylen = EVP_CIPHER_CTX_key_length(ctx);
3303 key = app_malloc(keylen, "evp_cipher key");
3304 EVP_CIPHER_CTX_rand_key(ctx, key);
3305 EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
3306 OPENSSL_clear_free(key, keylen);
3308 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key), no_key);
3309 alg_name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
3311 for (j = 0; j < num; j++) {
3312 print_message(alg_name, 0, mblengths[j], seconds->sym);
3314 for (count = 0, run = 1; run && count < 0x7fffffff; count++) {
3315 unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
3316 EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
3317 size_t len = mblengths[j];
3320 memset(aad, 0, 8); /* avoid uninitialized values */
3321 aad[8] = 23; /* SSL3_RT_APPLICATION_DATA */
3322 aad[9] = 3; /* version */
3324 aad[11] = 0; /* length */
3326 mb_param.out = NULL;
3329 mb_param.interleave = 8;
3331 packlen = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
3332 sizeof(mb_param), &mb_param);
3338 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
3339 sizeof(mb_param), &mb_param);
3343 RAND_bytes(out, 16);
3345 aad[11] = (unsigned char)(len >> 8);
3346 aad[12] = (unsigned char)(len);
3347 pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD,
3348 EVP_AEAD_TLS1_AAD_LEN, aad);
3349 EVP_Cipher(ctx, out, inp, len + pad);
3353 BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n"
3354 : "%d %s's in %.2fs\n", count, "evp", d);
3355 results[D_EVP][j] = ((double)count) / d * mblengths[j];
3359 fprintf(stdout, "+H");
3360 for (j = 0; j < num; j++)
3361 fprintf(stdout, ":%d", mblengths[j]);
3362 fprintf(stdout, "\n");
3363 fprintf(stdout, "+F:%d:%s", D_EVP, alg_name);
3364 for (j = 0; j < num; j++)
3365 fprintf(stdout, ":%.2f", results[D_EVP][j]);
3366 fprintf(stdout, "\n");
3369 "The 'numbers' are in 1000s of bytes per second processed.\n");
3370 fprintf(stdout, "type ");
3371 for (j = 0; j < num; j++)
3372 fprintf(stdout, "%7d bytes", mblengths[j]);
3373 fprintf(stdout, "\n");
3374 fprintf(stdout, "%-24s", alg_name);
3376 for (j = 0; j < num; j++) {
3377 if (results[D_EVP][j] > 10000)
3378 fprintf(stdout, " %11.2fk", results[D_EVP][j] / 1e3);
3380 fprintf(stdout, " %11.2f ", results[D_EVP][j]);
3382 fprintf(stdout, "\n");
3387 EVP_CIPHER_CTX_free(ctx);