2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
13 #define RSA_SECONDS 10
14 #define DSA_SECONDS 10
15 #define ECDSA_SECONDS 10
16 #define ECDH_SECONDS 10
17 #define EdDSA_SECONDS 10
25 #include <openssl/crypto.h>
26 #include <openssl/rand.h>
27 #include <openssl/err.h>
28 #include <openssl/evp.h>
29 #include <openssl/objects.h>
30 #include <openssl/async.h>
31 #if !defined(OPENSSL_SYS_MSDOS)
32 # include OPENSSL_UNISTD
39 #include <openssl/bn.h>
40 #ifndef OPENSSL_NO_DES
41 # include <openssl/des.h>
43 #include <openssl/aes.h>
44 #ifndef OPENSSL_NO_CAMELLIA
45 # include <openssl/camellia.h>
47 #ifndef OPENSSL_NO_MD2
48 # include <openssl/md2.h>
50 #ifndef OPENSSL_NO_MDC2
51 # include <openssl/mdc2.h>
53 #ifndef OPENSSL_NO_MD4
54 # include <openssl/md4.h>
56 #ifndef OPENSSL_NO_MD5
57 # include <openssl/md5.h>
59 #include <openssl/hmac.h>
60 #include <openssl/sha.h>
61 #ifndef OPENSSL_NO_RMD160
62 # include <openssl/ripemd.h>
64 #ifndef OPENSSL_NO_WHIRLPOOL
65 # include <openssl/whrlpool.h>
67 #ifndef OPENSSL_NO_RC4
68 # include <openssl/rc4.h>
70 #ifndef OPENSSL_NO_RC5
71 # include <openssl/rc5.h>
73 #ifndef OPENSSL_NO_RC2
74 # include <openssl/rc2.h>
76 #ifndef OPENSSL_NO_IDEA
77 # include <openssl/idea.h>
79 #ifndef OPENSSL_NO_SEED
80 # include <openssl/seed.h>
83 # include <openssl/blowfish.h>
85 #ifndef OPENSSL_NO_CAST
86 # include <openssl/cast.h>
88 #ifndef OPENSSL_NO_RSA
89 # include <openssl/rsa.h>
90 # include "./testrsa.h"
92 #include <openssl/x509.h>
93 #ifndef OPENSSL_NO_DSA
94 # include <openssl/dsa.h>
95 # include "./testdsa.h"
98 # include <openssl/ec.h>
100 #include <openssl/modes.h>
103 # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS)
116 #define MAX_MISALIGNMENT 63
117 #define MAX_ECDH_SIZE 256
120 typedef struct openssl_speed_sec_st {
127 } openssl_speed_sec_t;
129 static volatile int run = 0;
132 static int usertime = 1;
134 #ifndef OPENSSL_NO_MD2
135 static int EVP_Digest_MD2_loop(void *args);
138 #ifndef OPENSSL_NO_MDC2
139 static int EVP_Digest_MDC2_loop(void *args);
141 #ifndef OPENSSL_NO_MD4
142 static int EVP_Digest_MD4_loop(void *args);
144 #ifndef OPENSSL_NO_MD5
145 static int MD5_loop(void *args);
146 static int HMAC_loop(void *args);
148 static int SHA1_loop(void *args);
149 static int SHA256_loop(void *args);
150 static int SHA512_loop(void *args);
151 #ifndef OPENSSL_NO_WHIRLPOOL
152 static int WHIRLPOOL_loop(void *args);
154 #ifndef OPENSSL_NO_RMD160
155 static int EVP_Digest_RMD160_loop(void *args);
157 #ifndef OPENSSL_NO_RC4
158 static int RC4_loop(void *args);
160 #ifndef OPENSSL_NO_DES
161 static int DES_ncbc_encrypt_loop(void *args);
162 static int DES_ede3_cbc_encrypt_loop(void *args);
164 static int AES_cbc_128_encrypt_loop(void *args);
165 static int AES_cbc_192_encrypt_loop(void *args);
166 static int AES_ige_128_encrypt_loop(void *args);
167 static int AES_cbc_256_encrypt_loop(void *args);
168 static int AES_ige_192_encrypt_loop(void *args);
169 static int AES_ige_256_encrypt_loop(void *args);
170 static int CRYPTO_gcm128_aad_loop(void *args);
171 static int RAND_bytes_loop(void *args);
172 static int EVP_Update_loop(void *args);
173 static int EVP_Update_loop_ccm(void *args);
174 static int EVP_Update_loop_aead(void *args);
175 static int EVP_Digest_loop(void *args);
176 #ifndef OPENSSL_NO_RSA
177 static int RSA_sign_loop(void *args);
178 static int RSA_verify_loop(void *args);
180 #ifndef OPENSSL_NO_DSA
181 static int DSA_sign_loop(void *args);
182 static int DSA_verify_loop(void *args);
184 #ifndef OPENSSL_NO_EC
185 static int ECDSA_sign_loop(void *args);
186 static int ECDSA_verify_loop(void *args);
187 static int EdDSA_sign_loop(void *args);
188 static int EdDSA_verify_loop(void *args);
191 static double Time_F(int s);
192 static void print_message(const char *s, long num, int length, int tm);
193 static void pkey_print_message(const char *str, const char *str2,
194 long num, unsigned int bits, int sec);
195 static void print_result(int alg, int run_no, int count, double time_used);
197 static int do_multi(int multi, int size_num);
200 static const int lengths_list[] = {
201 16, 64, 256, 1024, 8 * 1024, 16 * 1024
203 static const int *lengths = lengths_list;
205 static const int aead_lengths_list[] = {
206 2, 31, 136, 1024, 8 * 1024, 16 * 1024
214 static void alarmed(int sig)
216 signal(SIGALRM, alarmed);
220 static double Time_F(int s)
222 double ret = app_tminterval(s, usertime);
228 #elif defined(_WIN32)
232 static unsigned int lapse;
233 static volatile unsigned int schlock;
234 static void alarm_win32(unsigned int secs)
239 # define alarm alarm_win32
241 static DWORD WINAPI sleepy(VOID * arg)
249 static double Time_F(int s)
256 thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
258 DWORD err = GetLastError();
259 BIO_printf(bio_err, "unable to CreateThread (%lu)", err);
263 Sleep(0); /* scheduler spinlock */
264 ret = app_tminterval(s, usertime);
266 ret = app_tminterval(s, usertime);
268 TerminateThread(thr, 0);
275 static double Time_F(int s)
277 return app_tminterval(s, usertime);
281 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
282 const openssl_speed_sec_t *seconds);
284 #define found(value, pairs, result)\
285 opt_found(value, result, pairs, OSSL_NELEM(pairs))
286 static int opt_found(const char *name, unsigned int *result,
287 const OPT_PAIR pairs[], unsigned int nbelem)
291 for (idx = 0; idx < nbelem; ++idx, pairs++)
292 if (strcmp(name, pairs->name) == 0) {
293 *result = pairs->retval;
299 typedef enum OPTION_choice {
300 OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
301 OPT_ELAPSED, OPT_EVP, OPT_HMAC, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
302 OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM,
303 OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD
306 const OPTIONS speed_options[] = {
307 {OPT_HELP_STR, 1, '-', "Usage: %s [options] ciphers...\n"},
308 {OPT_HELP_STR, 1, '-', "Valid options are:\n"},
309 {"help", OPT_HELP, '-', "Display this summary"},
310 {"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"},
311 {"hmac", OPT_HMAC, 's', "HMAC using EVP-named digest"},
312 {"decrypt", OPT_DECRYPT, '-',
313 "Time decryption instead of encryption (only EVP)"},
314 {"aead", OPT_AEAD, '-',
315 "Benchmark EVP-named AEAD cipher in TLS-like sequence"},
317 "Enable (tls1>=1) multi-block mode on EVP-named cipher"},
318 {"mr", OPT_MR, '-', "Produce machine readable output"},
320 {"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"},
322 #ifndef OPENSSL_NO_ASYNC
323 {"async_jobs", OPT_ASYNCJOBS, 'p',
324 "Enable async mode and start specified number of jobs"},
327 #ifndef OPENSSL_NO_ENGINE
328 {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
330 {"elapsed", OPT_ELAPSED, '-',
331 "Use wall-clock time instead of CPU user time as divisor"},
332 {"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"},
333 {"seconds", OPT_SECONDS, 'p',
334 "Run benchmarks for specified amount of seconds"},
335 {"bytes", OPT_BYTES, 'p',
336 "Run [non-PKI] benchmarks on custom-sized buffer"},
337 {"misalign", OPT_MISALIGN, 'p',
338 "Use specified offset to mis-align buffers"},
352 #define D_CBC_IDEA 10
353 #define D_CBC_SEED 11
357 #define D_CBC_CAST 15
358 #define D_CBC_128_AES 16
359 #define D_CBC_192_AES 17
360 #define D_CBC_256_AES 18
361 #define D_CBC_128_CML 19
362 #define D_CBC_192_CML 20
363 #define D_CBC_256_CML 21
367 #define D_WHIRLPOOL 25
368 #define D_IGE_128_AES 26
369 #define D_IGE_192_AES 27
370 #define D_IGE_256_AES 28
373 #define D_EVP_HMAC 31
375 /* name of algorithms to test */
376 static const char *names[] = {
377 "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
378 "des cbc", "des ede3", "idea cbc", "seed cbc",
379 "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
380 "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
381 "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
382 "evp", "sha256", "sha512", "whirlpool",
383 "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
386 #define ALGOR_NUM OSSL_NELEM(names)
388 /* list of configured algorithm (remaining) */
389 static const OPT_PAIR doit_choices[] = {
390 #ifndef OPENSSL_NO_MD2
393 #ifndef OPENSSL_NO_MDC2
396 #ifndef OPENSSL_NO_MD4
399 #ifndef OPENSSL_NO_MD5
404 {"sha256", D_SHA256},
405 {"sha512", D_SHA512},
406 #ifndef OPENSSL_NO_WHIRLPOOL
407 {"whirlpool", D_WHIRLPOOL},
409 #ifndef OPENSSL_NO_RMD160
410 {"ripemd", D_RMD160},
411 {"rmd160", D_RMD160},
412 {"ripemd160", D_RMD160},
414 #ifndef OPENSSL_NO_RC4
417 #ifndef OPENSSL_NO_DES
418 {"des-cbc", D_CBC_DES},
419 {"des-ede3", D_EDE3_DES},
421 {"aes-128-cbc", D_CBC_128_AES},
422 {"aes-192-cbc", D_CBC_192_AES},
423 {"aes-256-cbc", D_CBC_256_AES},
424 {"aes-128-ige", D_IGE_128_AES},
425 {"aes-192-ige", D_IGE_192_AES},
426 {"aes-256-ige", D_IGE_256_AES},
427 #ifndef OPENSSL_NO_RC2
428 {"rc2-cbc", D_CBC_RC2},
431 #ifndef OPENSSL_NO_RC5
432 {"rc5-cbc", D_CBC_RC5},
435 #ifndef OPENSSL_NO_IDEA
436 {"idea-cbc", D_CBC_IDEA},
437 {"idea", D_CBC_IDEA},
439 #ifndef OPENSSL_NO_SEED
440 {"seed-cbc", D_CBC_SEED},
441 {"seed", D_CBC_SEED},
443 #ifndef OPENSSL_NO_BF
444 {"bf-cbc", D_CBC_BF},
445 {"blowfish", D_CBC_BF},
448 #ifndef OPENSSL_NO_CAST
449 {"cast-cbc", D_CBC_CAST},
450 {"cast", D_CBC_CAST},
451 {"cast5", D_CBC_CAST},
457 static double results[ALGOR_NUM][OSSL_NELEM(lengths_list)];
459 #ifndef OPENSSL_NO_DSA
461 # define R_DSA_1024 1
462 # define R_DSA_2048 2
463 static const OPT_PAIR dsa_choices[] = {
464 {"dsa512", R_DSA_512},
465 {"dsa1024", R_DSA_1024},
466 {"dsa2048", R_DSA_2048}
468 # define DSA_NUM OSSL_NELEM(dsa_choices)
470 static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */
471 #endif /* OPENSSL_NO_DSA */
479 #define R_RSA_15360 6
480 #ifndef OPENSSL_NO_RSA
481 static const OPT_PAIR rsa_choices[] = {
482 {"rsa512", R_RSA_512},
483 {"rsa1024", R_RSA_1024},
484 {"rsa2048", R_RSA_2048},
485 {"rsa3072", R_RSA_3072},
486 {"rsa4096", R_RSA_4096},
487 {"rsa7680", R_RSA_7680},
488 {"rsa15360", R_RSA_15360}
490 # define RSA_NUM OSSL_NELEM(rsa_choices)
492 static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */
493 #endif /* OPENSSL_NO_RSA */
511 #define R_EC_BRP256R1 16
512 #define R_EC_BRP256T1 17
513 #define R_EC_BRP384R1 18
514 #define R_EC_BRP384T1 19
515 #define R_EC_BRP512R1 20
516 #define R_EC_BRP512T1 21
517 #define R_EC_X25519 22
519 #ifndef OPENSSL_NO_EC
520 static OPT_PAIR ecdsa_choices[] = {
521 {"ecdsap160", R_EC_P160},
522 {"ecdsap192", R_EC_P192},
523 {"ecdsap224", R_EC_P224},
524 {"ecdsap256", R_EC_P256},
525 {"ecdsap384", R_EC_P384},
526 {"ecdsap521", R_EC_P521},
527 {"ecdsak163", R_EC_K163},
528 {"ecdsak233", R_EC_K233},
529 {"ecdsak283", R_EC_K283},
530 {"ecdsak409", R_EC_K409},
531 {"ecdsak571", R_EC_K571},
532 {"ecdsab163", R_EC_B163},
533 {"ecdsab233", R_EC_B233},
534 {"ecdsab283", R_EC_B283},
535 {"ecdsab409", R_EC_B409},
536 {"ecdsab571", R_EC_B571},
537 {"ecdsabrp256r1", R_EC_BRP256R1},
538 {"ecdsabrp256t1", R_EC_BRP256T1},
539 {"ecdsabrp384r1", R_EC_BRP384R1},
540 {"ecdsabrp384t1", R_EC_BRP384T1},
541 {"ecdsabrp512r1", R_EC_BRP512R1},
542 {"ecdsabrp512t1", R_EC_BRP512T1}
544 # define ECDSA_NUM OSSL_NELEM(ecdsa_choices)
546 static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */
548 static const OPT_PAIR ecdh_choices[] = {
549 {"ecdhp160", R_EC_P160},
550 {"ecdhp192", R_EC_P192},
551 {"ecdhp224", R_EC_P224},
552 {"ecdhp256", R_EC_P256},
553 {"ecdhp384", R_EC_P384},
554 {"ecdhp521", R_EC_P521},
555 {"ecdhk163", R_EC_K163},
556 {"ecdhk233", R_EC_K233},
557 {"ecdhk283", R_EC_K283},
558 {"ecdhk409", R_EC_K409},
559 {"ecdhk571", R_EC_K571},
560 {"ecdhb163", R_EC_B163},
561 {"ecdhb233", R_EC_B233},
562 {"ecdhb283", R_EC_B283},
563 {"ecdhb409", R_EC_B409},
564 {"ecdhb571", R_EC_B571},
565 {"ecdhbrp256r1", R_EC_BRP256R1},
566 {"ecdhbrp256t1", R_EC_BRP256T1},
567 {"ecdhbrp384r1", R_EC_BRP384R1},
568 {"ecdhbrp384t1", R_EC_BRP384T1},
569 {"ecdhbrp512r1", R_EC_BRP512R1},
570 {"ecdhbrp512t1", R_EC_BRP512T1},
571 {"ecdhx25519", R_EC_X25519},
572 {"ecdhx448", R_EC_X448}
574 # define EC_NUM OSSL_NELEM(ecdh_choices)
576 static double ecdh_results[EC_NUM][1]; /* 1 op: derivation */
578 #define R_EC_Ed25519 0
580 static OPT_PAIR eddsa_choices[] = {
581 {"ed25519", R_EC_Ed25519},
582 {"ed448", R_EC_Ed448}
584 # define EdDSA_NUM OSSL_NELEM(eddsa_choices)
586 static double eddsa_results[EdDSA_NUM][2]; /* 2 ops: sign then verify */
587 #endif /* OPENSSL_NO_EC */
590 # define COND(d) (count < (d))
591 # define COUNT(d) (d)
593 # define COND(unused_cond) (run && count<0x7fffffff)
594 # define COUNT(d) (count)
597 typedef struct loopargs_st {
598 ASYNC_JOB *inprogress_job;
599 ASYNC_WAIT_CTX *wait_ctx;
602 unsigned char *buf_malloc;
603 unsigned char *buf2_malloc;
607 #ifndef OPENSSL_NO_RSA
608 RSA *rsa_key[RSA_NUM];
610 #ifndef OPENSSL_NO_DSA
611 DSA *dsa_key[DSA_NUM];
613 #ifndef OPENSSL_NO_EC
614 EC_KEY *ecdsa[ECDSA_NUM];
615 EVP_PKEY_CTX *ecdh_ctx[EC_NUM];
616 EVP_MD_CTX *eddsa_ctx[EdDSA_NUM];
617 unsigned char *secret_a;
618 unsigned char *secret_b;
619 size_t outlen[EC_NUM];
623 GCM128_CONTEXT *gcm_ctx;
625 static int run_benchmark(int async_jobs, int (*loop_function) (void *),
626 loopargs_t * loopargs);
628 static unsigned int testnum;
630 /* Nb of iterations to do per algorithm and key-size */
631 static long c[ALGOR_NUM][OSSL_NELEM(lengths_list)];
633 #ifndef OPENSSL_NO_MD2
634 static int EVP_Digest_MD2_loop(void *args)
636 loopargs_t *tempargs = *(loopargs_t **) args;
637 unsigned char *buf = tempargs->buf;
638 unsigned char md2[MD2_DIGEST_LENGTH];
641 for (count = 0; COND(c[D_MD2][testnum]); count++) {
642 if (!EVP_Digest(buf, (size_t)lengths[testnum], md2, NULL, EVP_md2(),
650 #ifndef OPENSSL_NO_MDC2
651 static int EVP_Digest_MDC2_loop(void *args)
653 loopargs_t *tempargs = *(loopargs_t **) args;
654 unsigned char *buf = tempargs->buf;
655 unsigned char mdc2[MDC2_DIGEST_LENGTH];
658 for (count = 0; COND(c[D_MDC2][testnum]); count++) {
659 if (!EVP_Digest(buf, (size_t)lengths[testnum], mdc2, NULL, EVP_mdc2(),
667 #ifndef OPENSSL_NO_MD4
668 static int EVP_Digest_MD4_loop(void *args)
670 loopargs_t *tempargs = *(loopargs_t **) args;
671 unsigned char *buf = tempargs->buf;
672 unsigned char md4[MD4_DIGEST_LENGTH];
675 for (count = 0; COND(c[D_MD4][testnum]); count++) {
676 if (!EVP_Digest(buf, (size_t)lengths[testnum], md4, NULL, EVP_md4(),
684 #ifndef OPENSSL_NO_MD5
685 static int MD5_loop(void *args)
687 loopargs_t *tempargs = *(loopargs_t **) args;
688 unsigned char *buf = tempargs->buf;
689 unsigned char md5[MD5_DIGEST_LENGTH];
691 for (count = 0; COND(c[D_MD5][testnum]); count++)
692 MD5(buf, lengths[testnum], md5);
696 static int HMAC_loop(void *args)
698 loopargs_t *tempargs = *(loopargs_t **) args;
699 unsigned char *buf = tempargs->buf;
700 HMAC_CTX *hctx = tempargs->hctx;
701 unsigned char hmac[MD5_DIGEST_LENGTH];
704 for (count = 0; COND(c[D_HMAC][testnum]); count++) {
705 HMAC_Init_ex(hctx, NULL, 0, NULL, NULL);
706 HMAC_Update(hctx, buf, lengths[testnum]);
707 HMAC_Final(hctx, hmac, NULL);
713 static int SHA1_loop(void *args)
715 loopargs_t *tempargs = *(loopargs_t **) args;
716 unsigned char *buf = tempargs->buf;
717 unsigned char sha[SHA_DIGEST_LENGTH];
719 for (count = 0; COND(c[D_SHA1][testnum]); count++)
720 SHA1(buf, lengths[testnum], sha);
724 static int SHA256_loop(void *args)
726 loopargs_t *tempargs = *(loopargs_t **) args;
727 unsigned char *buf = tempargs->buf;
728 unsigned char sha256[SHA256_DIGEST_LENGTH];
730 for (count = 0; COND(c[D_SHA256][testnum]); count++)
731 SHA256(buf, lengths[testnum], sha256);
735 static int SHA512_loop(void *args)
737 loopargs_t *tempargs = *(loopargs_t **) args;
738 unsigned char *buf = tempargs->buf;
739 unsigned char sha512[SHA512_DIGEST_LENGTH];
741 for (count = 0; COND(c[D_SHA512][testnum]); count++)
742 SHA512(buf, lengths[testnum], sha512);
746 #ifndef OPENSSL_NO_WHIRLPOOL
747 static int WHIRLPOOL_loop(void *args)
749 loopargs_t *tempargs = *(loopargs_t **) args;
750 unsigned char *buf = tempargs->buf;
751 unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
753 for (count = 0; COND(c[D_WHIRLPOOL][testnum]); count++)
754 WHIRLPOOL(buf, lengths[testnum], whirlpool);
759 #ifndef OPENSSL_NO_RMD160
760 static int EVP_Digest_RMD160_loop(void *args)
762 loopargs_t *tempargs = *(loopargs_t **) args;
763 unsigned char *buf = tempargs->buf;
764 unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
766 for (count = 0; COND(c[D_RMD160][testnum]); count++) {
767 if (!EVP_Digest(buf, (size_t)lengths[testnum], &(rmd160[0]),
768 NULL, EVP_ripemd160(), NULL))
775 #ifndef OPENSSL_NO_RC4
776 static RC4_KEY rc4_ks;
777 static int RC4_loop(void *args)
779 loopargs_t *tempargs = *(loopargs_t **) args;
780 unsigned char *buf = tempargs->buf;
782 for (count = 0; COND(c[D_RC4][testnum]); count++)
783 RC4(&rc4_ks, (size_t)lengths[testnum], buf, buf);
788 #ifndef OPENSSL_NO_DES
789 static unsigned char DES_iv[8];
790 static DES_key_schedule sch;
791 static DES_key_schedule sch2;
792 static DES_key_schedule sch3;
793 static int DES_ncbc_encrypt_loop(void *args)
795 loopargs_t *tempargs = *(loopargs_t **) args;
796 unsigned char *buf = tempargs->buf;
798 for (count = 0; COND(c[D_CBC_DES][testnum]); count++)
799 DES_ncbc_encrypt(buf, buf, lengths[testnum], &sch,
800 &DES_iv, DES_ENCRYPT);
804 static int DES_ede3_cbc_encrypt_loop(void *args)
806 loopargs_t *tempargs = *(loopargs_t **) args;
807 unsigned char *buf = tempargs->buf;
809 for (count = 0; COND(c[D_EDE3_DES][testnum]); count++)
810 DES_ede3_cbc_encrypt(buf, buf, lengths[testnum],
811 &sch, &sch2, &sch3, &DES_iv, DES_ENCRYPT);
816 #define MAX_BLOCK_SIZE 128
818 static unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
819 static AES_KEY aes_ks1, aes_ks2, aes_ks3;
820 static int AES_cbc_128_encrypt_loop(void *args)
822 loopargs_t *tempargs = *(loopargs_t **) args;
823 unsigned char *buf = tempargs->buf;
825 for (count = 0; COND(c[D_CBC_128_AES][testnum]); count++)
826 AES_cbc_encrypt(buf, buf,
827 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
831 static int AES_cbc_192_encrypt_loop(void *args)
833 loopargs_t *tempargs = *(loopargs_t **) args;
834 unsigned char *buf = tempargs->buf;
836 for (count = 0; COND(c[D_CBC_192_AES][testnum]); count++)
837 AES_cbc_encrypt(buf, buf,
838 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
842 static int AES_cbc_256_encrypt_loop(void *args)
844 loopargs_t *tempargs = *(loopargs_t **) args;
845 unsigned char *buf = tempargs->buf;
847 for (count = 0; COND(c[D_CBC_256_AES][testnum]); count++)
848 AES_cbc_encrypt(buf, buf,
849 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
853 static int AES_ige_128_encrypt_loop(void *args)
855 loopargs_t *tempargs = *(loopargs_t **) args;
856 unsigned char *buf = tempargs->buf;
857 unsigned char *buf2 = tempargs->buf2;
859 for (count = 0; COND(c[D_IGE_128_AES][testnum]); count++)
860 AES_ige_encrypt(buf, buf2,
861 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
865 static int AES_ige_192_encrypt_loop(void *args)
867 loopargs_t *tempargs = *(loopargs_t **) args;
868 unsigned char *buf = tempargs->buf;
869 unsigned char *buf2 = tempargs->buf2;
871 for (count = 0; COND(c[D_IGE_192_AES][testnum]); count++)
872 AES_ige_encrypt(buf, buf2,
873 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
877 static int AES_ige_256_encrypt_loop(void *args)
879 loopargs_t *tempargs = *(loopargs_t **) args;
880 unsigned char *buf = tempargs->buf;
881 unsigned char *buf2 = tempargs->buf2;
883 for (count = 0; COND(c[D_IGE_256_AES][testnum]); count++)
884 AES_ige_encrypt(buf, buf2,
885 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
889 static int CRYPTO_gcm128_aad_loop(void *args)
891 loopargs_t *tempargs = *(loopargs_t **) args;
892 unsigned char *buf = tempargs->buf;
893 GCM128_CONTEXT *gcm_ctx = tempargs->gcm_ctx;
895 for (count = 0; COND(c[D_GHASH][testnum]); count++)
896 CRYPTO_gcm128_aad(gcm_ctx, buf, lengths[testnum]);
900 static int RAND_bytes_loop(void *args)
902 loopargs_t *tempargs = *(loopargs_t **) args;
903 unsigned char *buf = tempargs->buf;
906 for (count = 0; COND(c[D_RAND][testnum]); count++)
907 RAND_bytes(buf, lengths[testnum]);
911 static long save_count = 0;
912 static int decrypt = 0;
913 static int EVP_Update_loop(void *args)
915 loopargs_t *tempargs = *(loopargs_t **) args;
916 unsigned char *buf = tempargs->buf;
917 EVP_CIPHER_CTX *ctx = tempargs->ctx;
920 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
923 for (count = 0; COND(nb_iter); count++) {
924 rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
926 /* reset iv in case of counter overflow */
927 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
931 for (count = 0; COND(nb_iter); count++) {
932 rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
934 /* reset iv in case of counter overflow */
935 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
940 EVP_DecryptFinal_ex(ctx, buf, &outl);
942 EVP_EncryptFinal_ex(ctx, buf, &outl);
947 * CCM does not support streaming. For the purpose of performance measurement,
948 * each message is encrypted using the same (key,iv)-pair. Do not use this
949 * code in your application.
951 static int EVP_Update_loop_ccm(void *args)
953 loopargs_t *tempargs = *(loopargs_t **) args;
954 unsigned char *buf = tempargs->buf;
955 EVP_CIPHER_CTX *ctx = tempargs->ctx;
957 unsigned char tag[12];
959 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
962 for (count = 0; COND(nb_iter); count++) {
963 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), tag);
965 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
966 /* counter is reset on every update */
967 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
970 for (count = 0; COND(nb_iter); count++) {
971 /* restore iv length field */
972 EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
973 /* counter is reset on every update */
974 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
978 EVP_DecryptFinal_ex(ctx, buf, &outl);
980 EVP_EncryptFinal_ex(ctx, buf, &outl);
985 * To make AEAD benchmarking more relevant perform TLS-like operations,
986 * 13-byte AAD followed by payload. But don't use TLS-formatted AAD, as
987 * payload length is not actually limited by 16KB...
989 static int EVP_Update_loop_aead(void *args)
991 loopargs_t *tempargs = *(loopargs_t **) args;
992 unsigned char *buf = tempargs->buf;
993 EVP_CIPHER_CTX *ctx = tempargs->ctx;
995 unsigned char aad[13] = { 0xcc };
996 unsigned char faketag[16] = { 0xcc };
998 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1001 for (count = 0; COND(nb_iter); count++) {
1002 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
1003 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
1004 sizeof(faketag), faketag);
1005 EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1006 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1007 EVP_DecryptFinal_ex(ctx, buf + outl, &outl);
1010 for (count = 0; COND(nb_iter); count++) {
1011 EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv);
1012 EVP_EncryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1013 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1014 EVP_EncryptFinal_ex(ctx, buf + outl, &outl);
1020 static const EVP_MD *evp_md = NULL;
1021 static int EVP_Digest_loop(void *args)
1023 loopargs_t *tempargs = *(loopargs_t **) args;
1024 unsigned char *buf = tempargs->buf;
1025 unsigned char md[EVP_MAX_MD_SIZE];
1028 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1031 for (count = 0; COND(nb_iter); count++) {
1032 if (!EVP_Digest(buf, lengths[testnum], md, NULL, evp_md, NULL))
1038 static const EVP_MD *evp_hmac_md = NULL;
1039 static char *evp_hmac_name = NULL;
1040 static int EVP_HMAC_loop(void *args)
1042 loopargs_t *tempargs = *(loopargs_t **) args;
1043 unsigned char *buf = tempargs->buf;
1044 unsigned char no_key[32];
1047 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1050 for (count = 0; COND(nb_iter); count++) {
1051 if (HMAC(evp_hmac_md, no_key, sizeof(no_key), buf, lengths[testnum],
1052 NULL, NULL) == NULL)
1058 #ifndef OPENSSL_NO_RSA
1059 static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */
1061 static int RSA_sign_loop(void *args)
1063 loopargs_t *tempargs = *(loopargs_t **) args;
1064 unsigned char *buf = tempargs->buf;
1065 unsigned char *buf2 = tempargs->buf2;
1066 unsigned int *rsa_num = &tempargs->siglen;
1067 RSA **rsa_key = tempargs->rsa_key;
1069 for (count = 0; COND(rsa_c[testnum][0]); count++) {
1070 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1072 BIO_printf(bio_err, "RSA sign failure\n");
1073 ERR_print_errors(bio_err);
1081 static int RSA_verify_loop(void *args)
1083 loopargs_t *tempargs = *(loopargs_t **) args;
1084 unsigned char *buf = tempargs->buf;
1085 unsigned char *buf2 = tempargs->buf2;
1086 unsigned int rsa_num = tempargs->siglen;
1087 RSA **rsa_key = tempargs->rsa_key;
1089 for (count = 0; COND(rsa_c[testnum][1]); count++) {
1091 RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1093 BIO_printf(bio_err, "RSA verify failure\n");
1094 ERR_print_errors(bio_err);
1103 #ifndef OPENSSL_NO_DSA
1104 static long dsa_c[DSA_NUM][2];
1105 static int DSA_sign_loop(void *args)
1107 loopargs_t *tempargs = *(loopargs_t **) args;
1108 unsigned char *buf = tempargs->buf;
1109 unsigned char *buf2 = tempargs->buf2;
1110 DSA **dsa_key = tempargs->dsa_key;
1111 unsigned int *siglen = &tempargs->siglen;
1113 for (count = 0; COND(dsa_c[testnum][0]); count++) {
1114 ret = DSA_sign(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1116 BIO_printf(bio_err, "DSA sign failure\n");
1117 ERR_print_errors(bio_err);
1125 static int DSA_verify_loop(void *args)
1127 loopargs_t *tempargs = *(loopargs_t **) args;
1128 unsigned char *buf = tempargs->buf;
1129 unsigned char *buf2 = tempargs->buf2;
1130 DSA **dsa_key = tempargs->dsa_key;
1131 unsigned int siglen = tempargs->siglen;
1133 for (count = 0; COND(dsa_c[testnum][1]); count++) {
1134 ret = DSA_verify(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1136 BIO_printf(bio_err, "DSA verify failure\n");
1137 ERR_print_errors(bio_err);
1146 #ifndef OPENSSL_NO_EC
1147 static long ecdsa_c[ECDSA_NUM][2];
1148 static int ECDSA_sign_loop(void *args)
1150 loopargs_t *tempargs = *(loopargs_t **) args;
1151 unsigned char *buf = tempargs->buf;
1152 EC_KEY **ecdsa = tempargs->ecdsa;
1153 unsigned char *ecdsasig = tempargs->buf2;
1154 unsigned int *ecdsasiglen = &tempargs->siglen;
1156 for (count = 0; COND(ecdsa_c[testnum][0]); count++) {
1157 ret = ECDSA_sign(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1159 BIO_printf(bio_err, "ECDSA sign failure\n");
1160 ERR_print_errors(bio_err);
1168 static int ECDSA_verify_loop(void *args)
1170 loopargs_t *tempargs = *(loopargs_t **) args;
1171 unsigned char *buf = tempargs->buf;
1172 EC_KEY **ecdsa = tempargs->ecdsa;
1173 unsigned char *ecdsasig = tempargs->buf2;
1174 unsigned int ecdsasiglen = tempargs->siglen;
1176 for (count = 0; COND(ecdsa_c[testnum][1]); count++) {
1177 ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1179 BIO_printf(bio_err, "ECDSA verify failure\n");
1180 ERR_print_errors(bio_err);
1188 /* ******************************************************************** */
1189 static long ecdh_c[EC_NUM][1];
1191 static int ECDH_EVP_derive_key_loop(void *args)
1193 loopargs_t *tempargs = *(loopargs_t **) args;
1194 EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum];
1195 unsigned char *derived_secret = tempargs->secret_a;
1197 size_t *outlen = &(tempargs->outlen[testnum]);
1199 for (count = 0; COND(ecdh_c[testnum][0]); count++)
1200 EVP_PKEY_derive(ctx, derived_secret, outlen);
1205 static long eddsa_c[EdDSA_NUM][2];
1206 static int EdDSA_sign_loop(void *args)
1208 loopargs_t *tempargs = *(loopargs_t **) args;
1209 unsigned char *buf = tempargs->buf;
1210 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1211 unsigned char *eddsasig = tempargs->buf2;
1212 size_t *eddsasigsize = &tempargs->sigsize;
1215 for (count = 0; COND(eddsa_c[testnum][0]); count++) {
1216 ret = EVP_DigestSign(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1218 BIO_printf(bio_err, "EdDSA sign failure\n");
1219 ERR_print_errors(bio_err);
1227 static int EdDSA_verify_loop(void *args)
1229 loopargs_t *tempargs = *(loopargs_t **) args;
1230 unsigned char *buf = tempargs->buf;
1231 EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1232 unsigned char *eddsasig = tempargs->buf2;
1233 size_t eddsasigsize = tempargs->sigsize;
1236 for (count = 0; COND(eddsa_c[testnum][1]); count++) {
1237 ret = EVP_DigestVerify(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1239 BIO_printf(bio_err, "EdDSA verify failure\n");
1240 ERR_print_errors(bio_err);
1247 #endif /* OPENSSL_NO_EC */
1249 static int run_benchmark(int async_jobs,
1250 int (*loop_function) (void *), loopargs_t * loopargs)
1252 int job_op_count = 0;
1253 int total_op_count = 0;
1254 int num_inprogress = 0;
1255 int error = 0, i = 0, ret = 0;
1256 OSSL_ASYNC_FD job_fd = 0;
1257 size_t num_job_fds = 0;
1261 if (async_jobs == 0) {
1262 return loop_function((void *)&loopargs);
1265 for (i = 0; i < async_jobs && !error; i++) {
1266 loopargs_t *looparg_item = loopargs + i;
1268 /* Copy pointer content (looparg_t item address) into async context */
1269 ret = ASYNC_start_job(&loopargs[i].inprogress_job, loopargs[i].wait_ctx,
1270 &job_op_count, loop_function,
1271 (void *)&looparg_item, sizeof(looparg_item));
1277 if (job_op_count == -1) {
1280 total_op_count += job_op_count;
1285 BIO_printf(bio_err, "Failure in the job\n");
1286 ERR_print_errors(bio_err);
1292 while (num_inprogress > 0) {
1293 #if defined(OPENSSL_SYS_WINDOWS)
1295 #elif defined(OPENSSL_SYS_UNIX)
1296 int select_result = 0;
1297 OSSL_ASYNC_FD max_fd = 0;
1300 FD_ZERO(&waitfdset);
1302 for (i = 0; i < async_jobs && num_inprogress > 0; i++) {
1303 if (loopargs[i].inprogress_job == NULL)
1306 if (!ASYNC_WAIT_CTX_get_all_fds
1307 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1308 || num_job_fds > 1) {
1309 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1310 ERR_print_errors(bio_err);
1314 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1316 FD_SET(job_fd, &waitfdset);
1317 if (job_fd > max_fd)
1321 if (max_fd >= (OSSL_ASYNC_FD)FD_SETSIZE) {
1323 "Error: max_fd (%d) must be smaller than FD_SETSIZE (%d). "
1324 "Decrease the value of async_jobs\n",
1325 max_fd, FD_SETSIZE);
1326 ERR_print_errors(bio_err);
1331 select_result = select(max_fd + 1, &waitfdset, NULL, NULL, NULL);
1332 if (select_result == -1 && errno == EINTR)
1335 if (select_result == -1) {
1336 BIO_printf(bio_err, "Failure in the select\n");
1337 ERR_print_errors(bio_err);
1342 if (select_result == 0)
1346 for (i = 0; i < async_jobs; i++) {
1347 if (loopargs[i].inprogress_job == NULL)
1350 if (!ASYNC_WAIT_CTX_get_all_fds
1351 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1352 || num_job_fds > 1) {
1353 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1354 ERR_print_errors(bio_err);
1358 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1361 #if defined(OPENSSL_SYS_UNIX)
1362 if (num_job_fds == 1 && !FD_ISSET(job_fd, &waitfdset))
1364 #elif defined(OPENSSL_SYS_WINDOWS)
1365 if (num_job_fds == 1
1366 && !PeekNamedPipe(job_fd, NULL, 0, NULL, &avail, NULL)
1371 ret = ASYNC_start_job(&loopargs[i].inprogress_job,
1372 loopargs[i].wait_ctx, &job_op_count,
1373 loop_function, (void *)(loopargs + i),
1374 sizeof(loopargs_t));
1379 if (job_op_count == -1) {
1382 total_op_count += job_op_count;
1385 loopargs[i].inprogress_job = NULL;
1390 loopargs[i].inprogress_job = NULL;
1391 BIO_printf(bio_err, "Failure in the job\n");
1392 ERR_print_errors(bio_err);
1399 return error ? -1 : total_op_count;
1402 int speed_main(int argc, char **argv)
1405 loopargs_t *loopargs = NULL;
1407 const char *engine_id = NULL;
1408 const EVP_CIPHER *evp_cipher = NULL;
1411 int async_init = 0, multiblock = 0, pr_header = 0;
1412 int doit[ALGOR_NUM] = { 0 };
1413 int ret = 1, misalign = 0, lengths_single = 0, aead = 0;
1415 unsigned int size_num = OSSL_NELEM(lengths_list);
1416 unsigned int i, k, loop, loopargs_len = 0, async_jobs = 0;
1422 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) \
1423 || !defined(OPENSSL_NO_EC)
1426 openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS,
1427 ECDSA_SECONDS, ECDH_SECONDS,
1430 /* What follows are the buffers and key material. */
1431 #ifndef OPENSSL_NO_RC5
1434 #ifndef OPENSSL_NO_RC2
1437 #ifndef OPENSSL_NO_IDEA
1438 IDEA_KEY_SCHEDULE idea_ks;
1440 #ifndef OPENSSL_NO_SEED
1441 SEED_KEY_SCHEDULE seed_ks;
1443 #ifndef OPENSSL_NO_BF
1446 #ifndef OPENSSL_NO_CAST
1449 static const unsigned char key16[16] = {
1450 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1451 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1453 static const unsigned char key24[24] = {
1454 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1455 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1456 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1458 static const unsigned char key32[32] = {
1459 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1460 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1461 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1462 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1464 #ifndef OPENSSL_NO_CAMELLIA
1465 static const unsigned char ckey24[24] = {
1466 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1467 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1468 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1470 static const unsigned char ckey32[32] = {
1471 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1472 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1473 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1474 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1476 CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3;
1478 #ifndef OPENSSL_NO_DES
1479 static DES_cblock key = {
1480 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0
1482 static DES_cblock key2 = {
1483 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1485 static DES_cblock key3 = {
1486 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1489 #ifndef OPENSSL_NO_RSA
1490 static const unsigned int rsa_bits[RSA_NUM] = {
1491 512, 1024, 2048, 3072, 4096, 7680, 15360
1493 static const unsigned char *rsa_data[RSA_NUM] = {
1494 test512, test1024, test2048, test3072, test4096, test7680, test15360
1496 static const int rsa_data_length[RSA_NUM] = {
1497 sizeof(test512), sizeof(test1024),
1498 sizeof(test2048), sizeof(test3072),
1499 sizeof(test4096), sizeof(test7680),
1502 int rsa_doit[RSA_NUM] = { 0 };
1503 int primes = RSA_DEFAULT_PRIME_NUM;
1505 #ifndef OPENSSL_NO_DSA
1506 static const unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 };
1507 int dsa_doit[DSA_NUM] = { 0 };
1509 #ifndef OPENSSL_NO_EC
1511 * We only test over the following curves as they are representative, To
1512 * add tests over more curves, simply add the curve NID and curve name to
1513 * the following arrays and increase the |ecdh_choices| list accordingly.
1515 static const struct {
1521 {"secp160r1", NID_secp160r1, 160},
1522 {"nistp192", NID_X9_62_prime192v1, 192},
1523 {"nistp224", NID_secp224r1, 224},
1524 {"nistp256", NID_X9_62_prime256v1, 256},
1525 {"nistp384", NID_secp384r1, 384},
1526 {"nistp521", NID_secp521r1, 521},
1528 {"nistk163", NID_sect163k1, 163},
1529 {"nistk233", NID_sect233k1, 233},
1530 {"nistk283", NID_sect283k1, 283},
1531 {"nistk409", NID_sect409k1, 409},
1532 {"nistk571", NID_sect571k1, 571},
1533 {"nistb163", NID_sect163r2, 163},
1534 {"nistb233", NID_sect233r1, 233},
1535 {"nistb283", NID_sect283r1, 283},
1536 {"nistb409", NID_sect409r1, 409},
1537 {"nistb571", NID_sect571r1, 571},
1538 {"brainpoolP256r1", NID_brainpoolP256r1, 256},
1539 {"brainpoolP256t1", NID_brainpoolP256t1, 256},
1540 {"brainpoolP384r1", NID_brainpoolP384r1, 384},
1541 {"brainpoolP384t1", NID_brainpoolP384t1, 384},
1542 {"brainpoolP512r1", NID_brainpoolP512r1, 512},
1543 {"brainpoolP512t1", NID_brainpoolP512t1, 512},
1544 /* Other and ECDH only ones */
1545 {"X25519", NID_X25519, 253},
1546 {"X448", NID_X448, 448}
1548 static const struct {
1553 } test_ed_curves[] = {
1555 {"Ed25519", NID_ED25519, 253, 64},
1556 {"Ed448", NID_ED448, 456, 114}
1558 int ecdsa_doit[ECDSA_NUM] = { 0 };
1559 int ecdh_doit[EC_NUM] = { 0 };
1560 int eddsa_doit[EdDSA_NUM] = { 0 };
1561 OPENSSL_assert(OSSL_NELEM(test_curves) >= EC_NUM);
1562 OPENSSL_assert(OSSL_NELEM(test_ed_curves) >= EdDSA_NUM);
1563 #endif /* ndef OPENSSL_NO_EC */
1565 prog = opt_init(argc, argv, speed_options);
1566 while ((o = opt_next()) != OPT_EOF) {
1571 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
1574 opt_help(speed_options);
1582 evp_cipher = EVP_get_cipherbyname(opt_arg());
1583 if (evp_cipher == NULL)
1584 evp_md = EVP_get_digestbyname(opt_arg());
1585 if (evp_cipher == NULL && evp_md == NULL) {
1587 "%s: %s is an unknown cipher or digest\n",
1594 evp_hmac_md = EVP_get_digestbyname(opt_arg());
1595 if (evp_hmac_md == NULL) {
1596 BIO_printf(bio_err, "%s: %s is an unknown digest\n",
1600 doit[D_EVP_HMAC] = 1;
1607 * In a forked execution, an engine might need to be
1608 * initialised by each child process, not by the parent.
1609 * So store the name here and run setup_engine() later on.
1611 engine_id = opt_arg();
1615 multi = atoi(opt_arg());
1619 #ifndef OPENSSL_NO_ASYNC
1620 async_jobs = atoi(opt_arg());
1621 if (!ASYNC_is_capable()) {
1623 "%s: async_jobs specified but async not supported\n",
1627 if (async_jobs > 99999) {
1628 BIO_printf(bio_err, "%s: too many async_jobs\n", prog);
1634 if (!opt_int(opt_arg(), &misalign))
1636 if (misalign > MISALIGN) {
1638 "%s: Maximum offset is %d\n", prog, MISALIGN);
1647 #ifdef OPENSSL_NO_MULTIBLOCK
1649 "%s: -mb specified but multi-block support is disabled\n",
1659 if (!opt_int(opt_arg(), &primes))
1663 seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa
1664 = seconds.ecdh = seconds.eddsa = atoi(opt_arg());
1667 lengths_single = atoi(opt_arg());
1668 lengths = &lengths_single;
1676 argc = opt_num_rest();
1679 /* Remaining arguments are algorithms. */
1680 for (; *argv; argv++) {
1681 if (found(*argv, doit_choices, &i)) {
1685 #ifndef OPENSSL_NO_DES
1686 if (strcmp(*argv, "des") == 0) {
1687 doit[D_CBC_DES] = doit[D_EDE3_DES] = 1;
1691 if (strcmp(*argv, "sha") == 0) {
1692 doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1;
1695 #ifndef OPENSSL_NO_RSA
1696 if (strcmp(*argv, "openssl") == 0)
1698 if (strcmp(*argv, "rsa") == 0) {
1699 for (loop = 0; loop < OSSL_NELEM(rsa_doit); loop++)
1703 if (found(*argv, rsa_choices, &i)) {
1708 #ifndef OPENSSL_NO_DSA
1709 if (strcmp(*argv, "dsa") == 0) {
1710 dsa_doit[R_DSA_512] = dsa_doit[R_DSA_1024] =
1711 dsa_doit[R_DSA_2048] = 1;
1714 if (found(*argv, dsa_choices, &i)) {
1719 if (strcmp(*argv, "aes") == 0) {
1720 doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1;
1723 #ifndef OPENSSL_NO_CAMELLIA
1724 if (strcmp(*argv, "camellia") == 0) {
1725 doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1;
1729 #ifndef OPENSSL_NO_EC
1730 if (strcmp(*argv, "ecdsa") == 0) {
1731 for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
1732 ecdsa_doit[loop] = 1;
1735 if (found(*argv, ecdsa_choices, &i)) {
1739 if (strcmp(*argv, "ecdh") == 0) {
1740 for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
1741 ecdh_doit[loop] = 1;
1744 if (found(*argv, ecdh_choices, &i)) {
1748 if (strcmp(*argv, "eddsa") == 0) {
1749 for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
1750 eddsa_doit[loop] = 1;
1753 if (found(*argv, eddsa_choices, &i)) {
1758 BIO_printf(bio_err, "%s: Unknown algorithm %s\n", prog, *argv);
1764 if (evp_cipher == NULL) {
1765 BIO_printf(bio_err, "-aead can be used only with an AEAD cipher\n");
1767 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1768 EVP_CIPH_FLAG_AEAD_CIPHER)) {
1769 BIO_printf(bio_err, "%s is not an AEAD cipher\n",
1770 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1775 if (evp_cipher == NULL) {
1776 BIO_printf(bio_err,"-mb can be used only with a multi-block"
1777 " capable cipher\n");
1779 } else if (!(EVP_CIPHER_flags(evp_cipher) &
1780 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
1781 BIO_printf(bio_err, "%s is not a multi-block capable\n",
1782 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1784 } else if (async_jobs > 0) {
1785 BIO_printf(bio_err, "Async mode is not supported with -mb");
1790 /* Initialize the job pool if async mode is enabled */
1791 if (async_jobs > 0) {
1792 async_init = ASYNC_init_thread(async_jobs, async_jobs);
1794 BIO_printf(bio_err, "Error creating the ASYNC job pool\n");
1799 loopargs_len = (async_jobs == 0 ? 1 : async_jobs);
1801 app_malloc(loopargs_len * sizeof(loopargs_t), "array of loopargs");
1802 memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));
1804 for (i = 0; i < loopargs_len; i++) {
1805 if (async_jobs > 0) {
1806 loopargs[i].wait_ctx = ASYNC_WAIT_CTX_new();
1807 if (loopargs[i].wait_ctx == NULL) {
1808 BIO_printf(bio_err, "Error creating the ASYNC_WAIT_CTX\n");
1813 buflen = lengths[size_num - 1];
1814 if (buflen < 36) /* size of random vector in RSA bencmark */
1816 buflen += MAX_MISALIGNMENT + 1;
1817 loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
1818 loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");
1819 memset(loopargs[i].buf_malloc, 0, buflen);
1820 memset(loopargs[i].buf2_malloc, 0, buflen);
1822 /* Align the start of buffers on a 64 byte boundary */
1823 loopargs[i].buf = loopargs[i].buf_malloc + misalign;
1824 loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;
1825 #ifndef OPENSSL_NO_EC
1826 loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a");
1827 loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b");
1832 if (multi && do_multi(multi, size_num))
1836 /* Initialize the engine after the fork */
1837 e = setup_engine(engine_id, 0);
1839 /* No parameters; turn on everything. */
1840 if (argc == 0 && !doit[D_EVP] && !doit[D_EVP_HMAC]) {
1841 for (i = 0; i < ALGOR_NUM; i++)
1842 if (i != D_EVP && i != D_EVP_HMAC)
1844 #ifndef OPENSSL_NO_RSA
1845 for (i = 0; i < RSA_NUM; i++)
1848 #ifndef OPENSSL_NO_DSA
1849 for (i = 0; i < DSA_NUM; i++)
1852 #ifndef OPENSSL_NO_EC
1853 for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
1854 ecdsa_doit[loop] = 1;
1855 for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
1856 ecdh_doit[loop] = 1;
1857 for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
1858 eddsa_doit[loop] = 1;
1861 for (i = 0; i < ALGOR_NUM; i++)
1865 if (usertime == 0 && !mr)
1867 "You have chosen to measure elapsed time "
1868 "instead of user CPU time.\n");
1870 #ifndef OPENSSL_NO_RSA
1871 for (i = 0; i < loopargs_len; i++) {
1872 if (primes > RSA_DEFAULT_PRIME_NUM) {
1873 /* for multi-prime RSA, skip this */
1876 for (k = 0; k < RSA_NUM; k++) {
1877 const unsigned char *p;
1880 loopargs[i].rsa_key[k] =
1881 d2i_RSAPrivateKey(NULL, &p, rsa_data_length[k]);
1882 if (loopargs[i].rsa_key[k] == NULL) {
1884 "internal error loading RSA key number %d\n", k);
1890 #ifndef OPENSSL_NO_DSA
1891 for (i = 0; i < loopargs_len; i++) {
1892 loopargs[i].dsa_key[0] = get_dsa(512);
1893 loopargs[i].dsa_key[1] = get_dsa(1024);
1894 loopargs[i].dsa_key[2] = get_dsa(2048);
1897 #ifndef OPENSSL_NO_DES
1898 DES_set_key_unchecked(&key, &sch);
1899 DES_set_key_unchecked(&key2, &sch2);
1900 DES_set_key_unchecked(&key3, &sch3);
1902 AES_set_encrypt_key(key16, 128, &aes_ks1);
1903 AES_set_encrypt_key(key24, 192, &aes_ks2);
1904 AES_set_encrypt_key(key32, 256, &aes_ks3);
1905 #ifndef OPENSSL_NO_CAMELLIA
1906 Camellia_set_key(key16, 128, &camellia_ks1);
1907 Camellia_set_key(ckey24, 192, &camellia_ks2);
1908 Camellia_set_key(ckey32, 256, &camellia_ks3);
1910 #ifndef OPENSSL_NO_IDEA
1911 IDEA_set_encrypt_key(key16, &idea_ks);
1913 #ifndef OPENSSL_NO_SEED
1914 SEED_set_key(key16, &seed_ks);
1916 #ifndef OPENSSL_NO_RC4
1917 RC4_set_key(&rc4_ks, 16, key16);
1919 #ifndef OPENSSL_NO_RC2
1920 RC2_set_key(&rc2_ks, 16, key16, 128);
1922 #ifndef OPENSSL_NO_RC5
1923 RC5_32_set_key(&rc5_ks, 16, key16, 12);
1925 #ifndef OPENSSL_NO_BF
1926 BF_set_key(&bf_ks, 16, key16);
1928 #ifndef OPENSSL_NO_CAST
1929 CAST_set_key(&cast_ks, 16, key16);
1932 # ifndef OPENSSL_NO_DES
1933 BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
1939 for (it = count; it; it--)
1940 DES_ecb_encrypt((DES_cblock *)loopargs[0].buf,
1941 (DES_cblock *)loopargs[0].buf, &sch, DES_ENCRYPT);
1945 c[D_MD2][0] = count / 10;
1946 c[D_MDC2][0] = count / 10;
1947 c[D_MD4][0] = count;
1948 c[D_MD5][0] = count;
1949 c[D_HMAC][0] = count;
1950 c[D_SHA1][0] = count;
1951 c[D_RMD160][0] = count;
1952 c[D_RC4][0] = count * 5;
1953 c[D_CBC_DES][0] = count;
1954 c[D_EDE3_DES][0] = count / 3;
1955 c[D_CBC_IDEA][0] = count;
1956 c[D_CBC_SEED][0] = count;
1957 c[D_CBC_RC2][0] = count;
1958 c[D_CBC_RC5][0] = count;
1959 c[D_CBC_BF][0] = count;
1960 c[D_CBC_CAST][0] = count;
1961 c[D_CBC_128_AES][0] = count;
1962 c[D_CBC_192_AES][0] = count;
1963 c[D_CBC_256_AES][0] = count;
1964 c[D_CBC_128_CML][0] = count;
1965 c[D_CBC_192_CML][0] = count;
1966 c[D_CBC_256_CML][0] = count;
1967 c[D_SHA256][0] = count;
1968 c[D_SHA512][0] = count;
1969 c[D_WHIRLPOOL][0] = count;
1970 c[D_IGE_128_AES][0] = count;
1971 c[D_IGE_192_AES][0] = count;
1972 c[D_IGE_256_AES][0] = count;
1973 c[D_GHASH][0] = count;
1974 c[D_RAND][0] = count;
1976 for (i = 1; i < size_num; i++) {
1979 l0 = (long)lengths[0];
1980 l1 = (long)lengths[i];
1982 c[D_MD2][i] = c[D_MD2][0] * 4 * l0 / l1;
1983 c[D_MDC2][i] = c[D_MDC2][0] * 4 * l0 / l1;
1984 c[D_MD4][i] = c[D_MD4][0] * 4 * l0 / l1;
1985 c[D_MD5][i] = c[D_MD5][0] * 4 * l0 / l1;
1986 c[D_HMAC][i] = c[D_HMAC][0] * 4 * l0 / l1;
1987 c[D_SHA1][i] = c[D_SHA1][0] * 4 * l0 / l1;
1988 c[D_RMD160][i] = c[D_RMD160][0] * 4 * l0 / l1;
1989 c[D_SHA256][i] = c[D_SHA256][0] * 4 * l0 / l1;
1990 c[D_SHA512][i] = c[D_SHA512][0] * 4 * l0 / l1;
1991 c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * l0 / l1;
1992 c[D_GHASH][i] = c[D_GHASH][0] * 4 * l0 / l1;
1993 c[D_RAND][i] = c[D_RAND][0] * 4 * l0 / l1;
1995 l0 = (long)lengths[i - 1];
1997 c[D_RC4][i] = c[D_RC4][i - 1] * l0 / l1;
1998 c[D_CBC_DES][i] = c[D_CBC_DES][i - 1] * l0 / l1;
1999 c[D_EDE3_DES][i] = c[D_EDE3_DES][i - 1] * l0 / l1;
2000 c[D_CBC_IDEA][i] = c[D_CBC_IDEA][i - 1] * l0 / l1;
2001 c[D_CBC_SEED][i] = c[D_CBC_SEED][i - 1] * l0 / l1;
2002 c[D_CBC_RC2][i] = c[D_CBC_RC2][i - 1] * l0 / l1;
2003 c[D_CBC_RC5][i] = c[D_CBC_RC5][i - 1] * l0 / l1;
2004 c[D_CBC_BF][i] = c[D_CBC_BF][i - 1] * l0 / l1;
2005 c[D_CBC_CAST][i] = c[D_CBC_CAST][i - 1] * l0 / l1;
2006 c[D_CBC_128_AES][i] = c[D_CBC_128_AES][i - 1] * l0 / l1;
2007 c[D_CBC_192_AES][i] = c[D_CBC_192_AES][i - 1] * l0 / l1;
2008 c[D_CBC_256_AES][i] = c[D_CBC_256_AES][i - 1] * l0 / l1;
2009 c[D_CBC_128_CML][i] = c[D_CBC_128_CML][i - 1] * l0 / l1;
2010 c[D_CBC_192_CML][i] = c[D_CBC_192_CML][i - 1] * l0 / l1;
2011 c[D_CBC_256_CML][i] = c[D_CBC_256_CML][i - 1] * l0 / l1;
2012 c[D_IGE_128_AES][i] = c[D_IGE_128_AES][i - 1] * l0 / l1;
2013 c[D_IGE_192_AES][i] = c[D_IGE_192_AES][i - 1] * l0 / l1;
2014 c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
2017 # ifndef OPENSSL_NO_RSA
2018 rsa_c[R_RSA_512][0] = count / 2000;
2019 rsa_c[R_RSA_512][1] = count / 400;
2020 for (i = 1; i < RSA_NUM; i++) {
2021 rsa_c[i][0] = rsa_c[i - 1][0] / 8;
2022 rsa_c[i][1] = rsa_c[i - 1][1] / 4;
2023 if (rsa_doit[i] <= 1 && rsa_c[i][0] == 0)
2026 if (rsa_c[i][0] == 0) {
2027 rsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2034 # ifndef OPENSSL_NO_DSA
2035 dsa_c[R_DSA_512][0] = count / 1000;
2036 dsa_c[R_DSA_512][1] = count / 1000 / 2;
2037 for (i = 1; i < DSA_NUM; i++) {
2038 dsa_c[i][0] = dsa_c[i - 1][0] / 4;
2039 dsa_c[i][1] = dsa_c[i - 1][1] / 4;
2040 if (dsa_doit[i] <= 1 && dsa_c[i][0] == 0)
2043 if (dsa_c[i][0] == 0) {
2044 dsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2051 # ifndef OPENSSL_NO_EC
2052 ecdsa_c[R_EC_P160][0] = count / 1000;
2053 ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
2054 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2055 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2056 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2057 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2060 if (ecdsa_c[i][0] == 0) {
2066 ecdsa_c[R_EC_K163][0] = count / 1000;
2067 ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
2068 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2069 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2070 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2071 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2074 if (ecdsa_c[i][0] == 0) {
2080 ecdsa_c[R_EC_B163][0] = count / 1000;
2081 ecdsa_c[R_EC_B163][1] = count / 1000 / 2;
2082 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2083 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2084 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2085 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2088 if (ecdsa_c[i][0] == 0) {
2095 ecdh_c[R_EC_P160][0] = count / 1000;
2096 for (i = R_EC_P192; i <= R_EC_P521; i++) {
2097 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2098 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2101 if (ecdh_c[i][0] == 0) {
2106 ecdh_c[R_EC_K163][0] = count / 1000;
2107 for (i = R_EC_K233; i <= R_EC_K571; i++) {
2108 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2109 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2112 if (ecdh_c[i][0] == 0) {
2117 ecdh_c[R_EC_B163][0] = count / 1000;
2118 for (i = R_EC_B233; i <= R_EC_B571; i++) {
2119 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2120 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2123 if (ecdh_c[i][0] == 0) {
2128 /* repeated code good to factorize */
2129 ecdh_c[R_EC_BRP256R1][0] = count / 1000;
2130 for (i = R_EC_BRP384R1; i <= R_EC_BRP512R1; i += 2) {
2131 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2132 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2135 if (ecdh_c[i][0] == 0) {
2140 ecdh_c[R_EC_BRP256T1][0] = count / 1000;
2141 for (i = R_EC_BRP384T1; i <= R_EC_BRP512T1; i += 2) {
2142 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2143 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2146 if (ecdh_c[i][0] == 0) {
2151 /* default iteration count for the last two EC Curves */
2152 ecdh_c[R_EC_X25519][0] = count / 1800;
2153 ecdh_c[R_EC_X448][0] = count / 7200;
2155 eddsa_c[R_EC_Ed25519][0] = count / 1800;
2156 eddsa_c[R_EC_Ed448][0] = count / 7200;
2160 /* not worth fixing */
2161 # error "You cannot disable DES on systems without SIGALRM."
2162 # endif /* OPENSSL_NO_DES */
2164 signal(SIGALRM, alarmed);
2165 #endif /* SIGALRM */
2167 #ifndef OPENSSL_NO_MD2
2169 for (testnum = 0; testnum < size_num; testnum++) {
2170 print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum],
2173 count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs);
2175 print_result(D_MD2, testnum, count, d);
2179 #ifndef OPENSSL_NO_MDC2
2181 for (testnum = 0; testnum < size_num; testnum++) {
2182 print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum],
2185 count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs);
2187 print_result(D_MDC2, testnum, count, d);
2192 #ifndef OPENSSL_NO_MD4
2194 for (testnum = 0; testnum < size_num; testnum++) {
2195 print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum],
2198 count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs);
2200 print_result(D_MD4, testnum, count, d);
2205 #ifndef OPENSSL_NO_MD5
2207 for (testnum = 0; testnum < size_num; testnum++) {
2208 print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum],
2211 count = run_benchmark(async_jobs, MD5_loop, loopargs);
2213 print_result(D_MD5, testnum, count, d);
2218 static const char hmac_key[] = "This is a key...";
2219 int len = strlen(hmac_key);
2221 for (i = 0; i < loopargs_len; i++) {
2222 loopargs[i].hctx = HMAC_CTX_new();
2223 if (loopargs[i].hctx == NULL) {
2224 BIO_printf(bio_err, "HMAC malloc failure, exiting...");
2228 HMAC_Init_ex(loopargs[i].hctx, hmac_key, len, EVP_md5(), NULL);
2230 for (testnum = 0; testnum < size_num; testnum++) {
2231 print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum],
2234 count = run_benchmark(async_jobs, HMAC_loop, loopargs);
2236 print_result(D_HMAC, testnum, count, d);
2238 for (i = 0; i < loopargs_len; i++) {
2239 HMAC_CTX_free(loopargs[i].hctx);
2244 for (testnum = 0; testnum < size_num; testnum++) {
2245 print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum],
2248 count = run_benchmark(async_jobs, SHA1_loop, loopargs);
2250 print_result(D_SHA1, testnum, count, d);
2253 if (doit[D_SHA256]) {
2254 for (testnum = 0; testnum < size_num; testnum++) {
2255 print_message(names[D_SHA256], c[D_SHA256][testnum],
2256 lengths[testnum], seconds.sym);
2258 count = run_benchmark(async_jobs, SHA256_loop, loopargs);
2260 print_result(D_SHA256, testnum, count, d);
2263 if (doit[D_SHA512]) {
2264 for (testnum = 0; testnum < size_num; testnum++) {
2265 print_message(names[D_SHA512], c[D_SHA512][testnum],
2266 lengths[testnum], seconds.sym);
2268 count = run_benchmark(async_jobs, SHA512_loop, loopargs);
2270 print_result(D_SHA512, testnum, count, d);
2273 #ifndef OPENSSL_NO_WHIRLPOOL
2274 if (doit[D_WHIRLPOOL]) {
2275 for (testnum = 0; testnum < size_num; testnum++) {
2276 print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][testnum],
2277 lengths[testnum], seconds.sym);
2279 count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs);
2281 print_result(D_WHIRLPOOL, testnum, count, d);
2286 #ifndef OPENSSL_NO_RMD160
2287 if (doit[D_RMD160]) {
2288 for (testnum = 0; testnum < size_num; testnum++) {
2289 print_message(names[D_RMD160], c[D_RMD160][testnum],
2290 lengths[testnum], seconds.sym);
2292 count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs);
2294 print_result(D_RMD160, testnum, count, d);
2298 #ifndef OPENSSL_NO_RC4
2300 for (testnum = 0; testnum < size_num; testnum++) {
2301 print_message(names[D_RC4], c[D_RC4][testnum], lengths[testnum],
2304 count = run_benchmark(async_jobs, RC4_loop, loopargs);
2306 print_result(D_RC4, testnum, count, d);
2310 #ifndef OPENSSL_NO_DES
2311 if (doit[D_CBC_DES]) {
2312 for (testnum = 0; testnum < size_num; testnum++) {
2313 print_message(names[D_CBC_DES], c[D_CBC_DES][testnum],
2314 lengths[testnum], seconds.sym);
2316 count = run_benchmark(async_jobs, DES_ncbc_encrypt_loop, loopargs);
2318 print_result(D_CBC_DES, testnum, count, d);
2322 if (doit[D_EDE3_DES]) {
2323 for (testnum = 0; testnum < size_num; testnum++) {
2324 print_message(names[D_EDE3_DES], c[D_EDE3_DES][testnum],
2325 lengths[testnum], seconds.sym);
2328 run_benchmark(async_jobs, DES_ede3_cbc_encrypt_loop, loopargs);
2330 print_result(D_EDE3_DES, testnum, count, d);
2335 if (doit[D_CBC_128_AES]) {
2336 for (testnum = 0; testnum < size_num; testnum++) {
2337 print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][testnum],
2338 lengths[testnum], seconds.sym);
2341 run_benchmark(async_jobs, AES_cbc_128_encrypt_loop, loopargs);
2343 print_result(D_CBC_128_AES, testnum, count, d);
2346 if (doit[D_CBC_192_AES]) {
2347 for (testnum = 0; testnum < size_num; testnum++) {
2348 print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][testnum],
2349 lengths[testnum], seconds.sym);
2352 run_benchmark(async_jobs, AES_cbc_192_encrypt_loop, loopargs);
2354 print_result(D_CBC_192_AES, testnum, count, d);
2357 if (doit[D_CBC_256_AES]) {
2358 for (testnum = 0; testnum < size_num; testnum++) {
2359 print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][testnum],
2360 lengths[testnum], seconds.sym);
2363 run_benchmark(async_jobs, AES_cbc_256_encrypt_loop, loopargs);
2365 print_result(D_CBC_256_AES, testnum, count, d);
2369 if (doit[D_IGE_128_AES]) {
2370 for (testnum = 0; testnum < size_num; testnum++) {
2371 print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][testnum],
2372 lengths[testnum], seconds.sym);
2375 run_benchmark(async_jobs, AES_ige_128_encrypt_loop, loopargs);
2377 print_result(D_IGE_128_AES, testnum, count, d);
2380 if (doit[D_IGE_192_AES]) {
2381 for (testnum = 0; testnum < size_num; testnum++) {
2382 print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][testnum],
2383 lengths[testnum], seconds.sym);
2386 run_benchmark(async_jobs, AES_ige_192_encrypt_loop, loopargs);
2388 print_result(D_IGE_192_AES, testnum, count, d);
2391 if (doit[D_IGE_256_AES]) {
2392 for (testnum = 0; testnum < size_num; testnum++) {
2393 print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][testnum],
2394 lengths[testnum], seconds.sym);
2397 run_benchmark(async_jobs, AES_ige_256_encrypt_loop, loopargs);
2399 print_result(D_IGE_256_AES, testnum, count, d);
2402 if (doit[D_GHASH]) {
2403 for (i = 0; i < loopargs_len; i++) {
2404 loopargs[i].gcm_ctx =
2405 CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
2406 CRYPTO_gcm128_setiv(loopargs[i].gcm_ctx,
2407 (unsigned char *)"0123456789ab", 12);
2410 for (testnum = 0; testnum < size_num; testnum++) {
2411 print_message(names[D_GHASH], c[D_GHASH][testnum],
2412 lengths[testnum], seconds.sym);
2414 count = run_benchmark(async_jobs, CRYPTO_gcm128_aad_loop, loopargs);
2416 print_result(D_GHASH, testnum, count, d);
2418 for (i = 0; i < loopargs_len; i++)
2419 CRYPTO_gcm128_release(loopargs[i].gcm_ctx);
2421 #ifndef OPENSSL_NO_CAMELLIA
2422 if (doit[D_CBC_128_CML]) {
2423 if (async_jobs > 0) {
2424 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2425 names[D_CBC_128_CML]);
2426 doit[D_CBC_128_CML] = 0;
2428 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2429 print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][testnum],
2430 lengths[testnum], seconds.sym);
2432 for (count = 0, run = 1; COND(c[D_CBC_128_CML][testnum]); count++)
2433 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2434 (size_t)lengths[testnum], &camellia_ks1,
2435 iv, CAMELLIA_ENCRYPT);
2437 print_result(D_CBC_128_CML, testnum, count, d);
2440 if (doit[D_CBC_192_CML]) {
2441 if (async_jobs > 0) {
2442 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2443 names[D_CBC_192_CML]);
2444 doit[D_CBC_192_CML] = 0;
2446 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2447 print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][testnum],
2448 lengths[testnum], seconds.sym);
2449 if (async_jobs > 0) {
2450 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2454 for (count = 0, run = 1; COND(c[D_CBC_192_CML][testnum]); count++)
2455 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2456 (size_t)lengths[testnum], &camellia_ks2,
2457 iv, CAMELLIA_ENCRYPT);
2459 print_result(D_CBC_192_CML, testnum, count, d);
2462 if (doit[D_CBC_256_CML]) {
2463 if (async_jobs > 0) {
2464 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2465 names[D_CBC_256_CML]);
2466 doit[D_CBC_256_CML] = 0;
2468 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2469 print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][testnum],
2470 lengths[testnum], seconds.sym);
2472 for (count = 0, run = 1; COND(c[D_CBC_256_CML][testnum]); count++)
2473 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2474 (size_t)lengths[testnum], &camellia_ks3,
2475 iv, CAMELLIA_ENCRYPT);
2477 print_result(D_CBC_256_CML, testnum, count, d);
2481 #ifndef OPENSSL_NO_IDEA
2482 if (doit[D_CBC_IDEA]) {
2483 if (async_jobs > 0) {
2484 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2486 doit[D_CBC_IDEA] = 0;
2488 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2489 print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][testnum],
2490 lengths[testnum], seconds.sym);
2492 for (count = 0, run = 1; COND(c[D_CBC_IDEA][testnum]); count++)
2493 IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2494 (size_t)lengths[testnum], &idea_ks,
2497 print_result(D_CBC_IDEA, testnum, count, d);
2501 #ifndef OPENSSL_NO_SEED
2502 if (doit[D_CBC_SEED]) {
2503 if (async_jobs > 0) {
2504 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2506 doit[D_CBC_SEED] = 0;
2508 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2509 print_message(names[D_CBC_SEED], c[D_CBC_SEED][testnum],
2510 lengths[testnum], seconds.sym);
2512 for (count = 0, run = 1; COND(c[D_CBC_SEED][testnum]); count++)
2513 SEED_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2514 (size_t)lengths[testnum], &seed_ks, iv, 1);
2516 print_result(D_CBC_SEED, testnum, count, d);
2520 #ifndef OPENSSL_NO_RC2
2521 if (doit[D_CBC_RC2]) {
2522 if (async_jobs > 0) {
2523 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2525 doit[D_CBC_RC2] = 0;
2527 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2528 print_message(names[D_CBC_RC2], c[D_CBC_RC2][testnum],
2529 lengths[testnum], seconds.sym);
2530 if (async_jobs > 0) {
2531 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2535 for (count = 0, run = 1; COND(c[D_CBC_RC2][testnum]); count++)
2536 RC2_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2537 (size_t)lengths[testnum], &rc2_ks,
2540 print_result(D_CBC_RC2, testnum, count, d);
2544 #ifndef OPENSSL_NO_RC5
2545 if (doit[D_CBC_RC5]) {
2546 if (async_jobs > 0) {
2547 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2549 doit[D_CBC_RC5] = 0;
2551 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2552 print_message(names[D_CBC_RC5], c[D_CBC_RC5][testnum],
2553 lengths[testnum], seconds.sym);
2554 if (async_jobs > 0) {
2555 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2559 for (count = 0, run = 1; COND(c[D_CBC_RC5][testnum]); count++)
2560 RC5_32_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2561 (size_t)lengths[testnum], &rc5_ks,
2564 print_result(D_CBC_RC5, testnum, count, d);
2568 #ifndef OPENSSL_NO_BF
2569 if (doit[D_CBC_BF]) {
2570 if (async_jobs > 0) {
2571 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2575 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2576 print_message(names[D_CBC_BF], c[D_CBC_BF][testnum],
2577 lengths[testnum], seconds.sym);
2579 for (count = 0, run = 1; COND(c[D_CBC_BF][testnum]); count++)
2580 BF_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2581 (size_t)lengths[testnum], &bf_ks,
2584 print_result(D_CBC_BF, testnum, count, d);
2588 #ifndef OPENSSL_NO_CAST
2589 if (doit[D_CBC_CAST]) {
2590 if (async_jobs > 0) {
2591 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2593 doit[D_CBC_CAST] = 0;
2595 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2596 print_message(names[D_CBC_CAST], c[D_CBC_CAST][testnum],
2597 lengths[testnum], seconds.sym);
2599 for (count = 0, run = 1; COND(c[D_CBC_CAST][testnum]); count++)
2600 CAST_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2601 (size_t)lengths[testnum], &cast_ks,
2604 print_result(D_CBC_CAST, testnum, count, d);
2609 for (testnum = 0; testnum < size_num; testnum++) {
2610 print_message(names[D_RAND], c[D_RAND][testnum], lengths[testnum],
2613 count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs);
2615 print_result(D_RAND, testnum, count, d);
2620 if (evp_cipher != NULL) {
2621 int (*loopfunc)(void *args) = EVP_Update_loop;
2623 if (multiblock && (EVP_CIPHER_flags(evp_cipher) &
2624 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
2625 multiblock_speed(evp_cipher, lengths_single, &seconds);
2630 names[D_EVP] = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
2632 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_CCM_MODE) {
2633 loopfunc = EVP_Update_loop_ccm;
2634 } else if (aead && (EVP_CIPHER_flags(evp_cipher) &
2635 EVP_CIPH_FLAG_AEAD_CIPHER)) {
2636 loopfunc = EVP_Update_loop_aead;
2637 if (lengths == lengths_list) {
2638 lengths = aead_lengths_list;
2639 size_num = OSSL_NELEM(aead_lengths_list);
2643 for (testnum = 0; testnum < size_num; testnum++) {
2644 print_message(names[D_EVP], save_count, lengths[testnum],
2647 for (k = 0; k < loopargs_len; k++) {
2648 loopargs[k].ctx = EVP_CIPHER_CTX_new();
2649 EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL, NULL,
2650 iv, decrypt ? 0 : 1);
2652 EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
2654 keylen = EVP_CIPHER_CTX_key_length(loopargs[k].ctx);
2655 loopargs[k].key = app_malloc(keylen, "evp_cipher key");
2656 EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key);
2657 EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
2658 loopargs[k].key, NULL, -1);
2659 OPENSSL_clear_free(loopargs[k].key, keylen);
2661 /* SIV mode only allows for a single Update operation */
2662 if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_SIV_MODE)
2663 EVP_CIPHER_CTX_ctrl(loopargs[k].ctx, EVP_CTRL_SET_SPEED, 1, NULL);
2667 count = run_benchmark(async_jobs, loopfunc, loopargs);
2669 for (k = 0; k < loopargs_len; k++) {
2670 EVP_CIPHER_CTX_free(loopargs[k].ctx);
2672 print_result(D_EVP, testnum, count, d);
2674 } else if (evp_md != NULL) {
2675 names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md));
2677 for (testnum = 0; testnum < size_num; testnum++) {
2678 print_message(names[D_EVP], save_count, lengths[testnum],
2681 count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs);
2683 print_result(D_EVP, testnum, count, d);
2688 if (doit[D_EVP_HMAC]) {
2689 if (evp_hmac_md != NULL) {
2690 const char *md_name = OBJ_nid2ln(EVP_MD_type(evp_hmac_md));
2691 evp_hmac_name = app_malloc(sizeof("HMAC()") + strlen(md_name),
2693 sprintf(evp_hmac_name, "HMAC(%s)", md_name);
2694 names[D_EVP_HMAC] = evp_hmac_name;
2696 for (testnum = 0; testnum < size_num; testnum++) {
2697 print_message(names[D_EVP_HMAC], save_count, lengths[testnum],
2700 count = run_benchmark(async_jobs, EVP_HMAC_loop, loopargs);
2702 print_result(D_EVP_HMAC, testnum, count, d);
2707 for (i = 0; i < loopargs_len; i++)
2708 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2711 #ifndef OPENSSL_NO_RSA
2712 for (testnum = 0; testnum < RSA_NUM; testnum++) {
2714 if (!rsa_doit[testnum])
2716 for (i = 0; i < loopargs_len; i++) {
2718 /* we haven't set keys yet, generate multi-prime RSA keys */
2719 BIGNUM *bn = BN_new();
2723 if (!BN_set_word(bn, RSA_F4)) {
2728 BIO_printf(bio_err, "Generate multi-prime RSA key for %s\n",
2729 rsa_choices[testnum].name);
2731 loopargs[i].rsa_key[testnum] = RSA_new();
2732 if (loopargs[i].rsa_key[testnum] == NULL) {
2737 if (!RSA_generate_multi_prime_key(loopargs[i].rsa_key[testnum],
2739 primes, bn, NULL)) {
2745 st = RSA_sign(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2746 &loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2752 "RSA sign failure. No RSA sign will be done.\n");
2753 ERR_print_errors(bio_err);
2756 pkey_print_message("private", "rsa",
2757 rsa_c[testnum][0], rsa_bits[testnum],
2759 /* RSA_blinding_on(rsa_key[testnum],NULL); */
2761 count = run_benchmark(async_jobs, RSA_sign_loop, loopargs);
2764 mr ? "+R1:%ld:%d:%.2f\n"
2765 : "%ld %u bits private RSA's in %.2fs\n",
2766 count, rsa_bits[testnum], d);
2767 rsa_results[testnum][0] = (double)count / d;
2771 for (i = 0; i < loopargs_len; i++) {
2772 st = RSA_verify(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2773 loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2779 "RSA verify failure. No RSA verify will be done.\n");
2780 ERR_print_errors(bio_err);
2781 rsa_doit[testnum] = 0;
2783 pkey_print_message("public", "rsa",
2784 rsa_c[testnum][1], rsa_bits[testnum],
2787 count = run_benchmark(async_jobs, RSA_verify_loop, loopargs);
2790 mr ? "+R2:%ld:%d:%.2f\n"
2791 : "%ld %u bits public RSA's in %.2fs\n",
2792 count, rsa_bits[testnum], d);
2793 rsa_results[testnum][1] = (double)count / d;
2796 if (rsa_count <= 1) {
2797 /* if longer than 10s, don't do any more */
2798 for (testnum++; testnum < RSA_NUM; testnum++)
2799 rsa_doit[testnum] = 0;
2802 #endif /* OPENSSL_NO_RSA */
2804 for (i = 0; i < loopargs_len; i++)
2805 if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2808 #ifndef OPENSSL_NO_DSA
2809 for (testnum = 0; testnum < DSA_NUM; testnum++) {
2811 if (!dsa_doit[testnum])
2814 /* DSA_generate_key(dsa_key[testnum]); */
2815 /* DSA_sign_setup(dsa_key[testnum],NULL); */
2816 for (i = 0; i < loopargs_len; i++) {
2817 st = DSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
2818 &loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2824 "DSA sign failure. No DSA sign will be done.\n");
2825 ERR_print_errors(bio_err);
2828 pkey_print_message("sign", "dsa",
2829 dsa_c[testnum][0], dsa_bits[testnum],
2832 count = run_benchmark(async_jobs, DSA_sign_loop, loopargs);
2835 mr ? "+R3:%ld:%u:%.2f\n"
2836 : "%ld %u bits DSA signs in %.2fs\n",
2837 count, dsa_bits[testnum], d);
2838 dsa_results[testnum][0] = (double)count / d;
2842 for (i = 0; i < loopargs_len; i++) {
2843 st = DSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
2844 loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2850 "DSA verify failure. No DSA verify will be done.\n");
2851 ERR_print_errors(bio_err);
2852 dsa_doit[testnum] = 0;
2854 pkey_print_message("verify", "dsa",
2855 dsa_c[testnum][1], dsa_bits[testnum],
2858 count = run_benchmark(async_jobs, DSA_verify_loop, loopargs);
2861 mr ? "+R4:%ld:%u:%.2f\n"
2862 : "%ld %u bits DSA verify in %.2fs\n",
2863 count, dsa_bits[testnum], d);
2864 dsa_results[testnum][1] = (double)count / d;
2867 if (rsa_count <= 1) {
2868 /* if longer than 10s, don't do any more */
2869 for (testnum++; testnum < DSA_NUM; testnum++)
2870 dsa_doit[testnum] = 0;
2873 #endif /* OPENSSL_NO_DSA */
2875 #ifndef OPENSSL_NO_EC
2876 for (testnum = 0; testnum < ECDSA_NUM; testnum++) {
2879 if (!ecdsa_doit[testnum])
2880 continue; /* Ignore Curve */
2881 for (i = 0; i < loopargs_len; i++) {
2882 loopargs[i].ecdsa[testnum] =
2883 EC_KEY_new_by_curve_name(test_curves[testnum].nid);
2884 if (loopargs[i].ecdsa[testnum] == NULL) {
2890 BIO_printf(bio_err, "ECDSA failure.\n");
2891 ERR_print_errors(bio_err);
2894 for (i = 0; i < loopargs_len; i++) {
2895 EC_KEY_precompute_mult(loopargs[i].ecdsa[testnum], NULL);
2896 /* Perform ECDSA signature test */
2897 EC_KEY_generate_key(loopargs[i].ecdsa[testnum]);
2898 st = ECDSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
2899 &loopargs[i].siglen,
2900 loopargs[i].ecdsa[testnum]);
2906 "ECDSA sign failure. No ECDSA sign will be done.\n");
2907 ERR_print_errors(bio_err);
2910 pkey_print_message("sign", "ecdsa",
2911 ecdsa_c[testnum][0],
2912 test_curves[testnum].bits, seconds.ecdsa);
2914 count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs);
2918 mr ? "+R5:%ld:%u:%.2f\n" :
2919 "%ld %u bits ECDSA signs in %.2fs \n",
2920 count, test_curves[testnum].bits, d);
2921 ecdsa_results[testnum][0] = (double)count / d;
2925 /* Perform ECDSA verification test */
2926 for (i = 0; i < loopargs_len; i++) {
2927 st = ECDSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
2929 loopargs[i].ecdsa[testnum]);
2935 "ECDSA verify failure. No ECDSA verify will be done.\n");
2936 ERR_print_errors(bio_err);
2937 ecdsa_doit[testnum] = 0;
2939 pkey_print_message("verify", "ecdsa",
2940 ecdsa_c[testnum][1],
2941 test_curves[testnum].bits, seconds.ecdsa);
2943 count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs);
2946 mr ? "+R6:%ld:%u:%.2f\n"
2947 : "%ld %u bits ECDSA verify in %.2fs\n",
2948 count, test_curves[testnum].bits, d);
2949 ecdsa_results[testnum][1] = (double)count / d;
2952 if (rsa_count <= 1) {
2953 /* if longer than 10s, don't do any more */
2954 for (testnum++; testnum < ECDSA_NUM; testnum++)
2955 ecdsa_doit[testnum] = 0;
2960 for (testnum = 0; testnum < EC_NUM; testnum++) {
2961 int ecdh_checks = 1;
2963 if (!ecdh_doit[testnum])
2966 for (i = 0; i < loopargs_len; i++) {
2967 EVP_PKEY_CTX *kctx = NULL;
2968 EVP_PKEY_CTX *test_ctx = NULL;
2969 EVP_PKEY_CTX *ctx = NULL;
2970 EVP_PKEY *key_A = NULL;
2971 EVP_PKEY *key_B = NULL;
2975 /* Ensure that the error queue is empty */
2976 if (ERR_peek_error()) {
2978 "WARNING: the error queue contains previous unhandled errors.\n");
2979 ERR_print_errors(bio_err);
2982 /* Let's try to create a ctx directly from the NID: this works for
2983 * curves like Curve25519 that are not implemented through the low
2984 * level EC interface.
2985 * If this fails we try creating a EVP_PKEY_EC generic param ctx,
2986 * then we set the curve by NID before deriving the actual keygen
2987 * ctx for that specific curve. */
2988 kctx = EVP_PKEY_CTX_new_id(test_curves[testnum].nid, NULL); /* keygen ctx from NID */
2990 EVP_PKEY_CTX *pctx = NULL;
2991 EVP_PKEY *params = NULL;
2993 /* If we reach this code EVP_PKEY_CTX_new_id() failed and a
2994 * "int_ctx_new:unsupported algorithm" error was added to the
2996 * We remove it from the error queue as we are handling it. */
2997 unsigned long error = ERR_peek_error(); /* peek the latest error in the queue */
2998 if (error == ERR_peek_last_error() && /* oldest and latest errors match */
2999 /* check that the error origin matches */
3000 ERR_GET_LIB(error) == ERR_LIB_EVP &&
3001 ERR_GET_FUNC(error) == EVP_F_INT_CTX_NEW &&
3002 ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM)
3003 ERR_get_error(); /* pop error from queue */
3004 if (ERR_peek_error()) {
3006 "Unhandled error in the error queue during ECDH init.\n");
3007 ERR_print_errors(bio_err);
3012 if ( /* Create the context for parameter generation */
3013 !(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) ||
3014 /* Initialise the parameter generation */
3015 !EVP_PKEY_paramgen_init(pctx) ||
3016 /* Set the curve by NID */
3017 !EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
3020 /* Create the parameter object params */
3021 !EVP_PKEY_paramgen(pctx, ¶ms)) {
3023 BIO_printf(bio_err, "ECDH EC params init failure.\n");
3024 ERR_print_errors(bio_err);
3028 /* Create the context for the key generation */
3029 kctx = EVP_PKEY_CTX_new(params, NULL);
3031 EVP_PKEY_free(params);
3033 EVP_PKEY_CTX_free(pctx);
3036 if (kctx == NULL || /* keygen ctx is not null */
3037 !EVP_PKEY_keygen_init(kctx) /* init keygen ctx */ ) {
3039 BIO_printf(bio_err, "ECDH keygen failure.\n");
3040 ERR_print_errors(bio_err);
3045 if (!EVP_PKEY_keygen(kctx, &key_A) || /* generate secret key A */
3046 !EVP_PKEY_keygen(kctx, &key_B) || /* generate secret key B */
3047 !(ctx = EVP_PKEY_CTX_new(key_A, NULL)) || /* derivation ctx from skeyA */
3048 !EVP_PKEY_derive_init(ctx) || /* init derivation ctx */
3049 !EVP_PKEY_derive_set_peer(ctx, key_B) || /* set peer pubkey in ctx */
3050 !EVP_PKEY_derive(ctx, NULL, &outlen) || /* determine max length */
3051 outlen == 0 || /* ensure outlen is a valid size */
3052 outlen > MAX_ECDH_SIZE /* avoid buffer overflow */ ) {
3054 BIO_printf(bio_err, "ECDH key generation failure.\n");
3055 ERR_print_errors(bio_err);
3060 /* Here we perform a test run, comparing the output of a*B and b*A;
3061 * we try this here and assume that further EVP_PKEY_derive calls
3062 * never fail, so we can skip checks in the actually benchmarked
3063 * code, for maximum performance. */
3064 if (!(test_ctx = EVP_PKEY_CTX_new(key_B, NULL)) || /* test ctx from skeyB */
3065 !EVP_PKEY_derive_init(test_ctx) || /* init derivation test_ctx */
3066 !EVP_PKEY_derive_set_peer(test_ctx, key_A) || /* set peer pubkey in test_ctx */
3067 !EVP_PKEY_derive(test_ctx, NULL, &test_outlen) || /* determine max length */
3068 !EVP_PKEY_derive(ctx, loopargs[i].secret_a, &outlen) || /* compute a*B */
3069 !EVP_PKEY_derive(test_ctx, loopargs[i].secret_b, &test_outlen) || /* compute b*A */
3070 test_outlen != outlen /* compare output length */ ) {
3072 BIO_printf(bio_err, "ECDH computation failure.\n");
3073 ERR_print_errors(bio_err);
3078 /* Compare the computation results: CRYPTO_memcmp() returns 0 if equal */
3079 if (CRYPTO_memcmp(loopargs[i].secret_a,
3080 loopargs[i].secret_b, outlen)) {
3082 BIO_printf(bio_err, "ECDH computations don't match.\n");
3083 ERR_print_errors(bio_err);
3088 loopargs[i].ecdh_ctx[testnum] = ctx;
3089 loopargs[i].outlen[testnum] = outlen;
3091 EVP_PKEY_free(key_A);
3092 EVP_PKEY_free(key_B);
3093 EVP_PKEY_CTX_free(kctx);
3095 EVP_PKEY_CTX_free(test_ctx);
3098 if (ecdh_checks != 0) {
3099 pkey_print_message("", "ecdh",
3101 test_curves[testnum].bits, seconds.ecdh);
3104 run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs);
3107 mr ? "+R7:%ld:%d:%.2f\n" :
3108 "%ld %u-bits ECDH ops in %.2fs\n", count,
3109 test_curves[testnum].bits, d);
3110 ecdh_results[testnum][0] = (double)count / d;
3114 if (rsa_count <= 1) {
3115 /* if longer than 10s, don't do any more */
3116 for (testnum++; testnum < OSSL_NELEM(ecdh_doit); testnum++)
3117 ecdh_doit[testnum] = 0;
3121 for (testnum = 0; testnum < EdDSA_NUM; testnum++) {
3123 EVP_PKEY *ed_pkey = NULL;
3124 EVP_PKEY_CTX *ed_pctx = NULL;
3126 if (!eddsa_doit[testnum])
3127 continue; /* Ignore Curve */
3128 for (i = 0; i < loopargs_len; i++) {
3129 loopargs[i].eddsa_ctx[testnum] = EVP_MD_CTX_new();
3130 if (loopargs[i].eddsa_ctx[testnum] == NULL) {
3135 if ((ed_pctx = EVP_PKEY_CTX_new_id(test_ed_curves[testnum].nid, NULL))
3137 || !EVP_PKEY_keygen_init(ed_pctx)
3138 || !EVP_PKEY_keygen(ed_pctx, &ed_pkey)) {
3140 EVP_PKEY_CTX_free(ed_pctx);
3143 EVP_PKEY_CTX_free(ed_pctx);
3145 if (!EVP_DigestSignInit(loopargs[i].eddsa_ctx[testnum], NULL, NULL,
3148 EVP_PKEY_free(ed_pkey);
3151 EVP_PKEY_free(ed_pkey);
3154 BIO_printf(bio_err, "EdDSA failure.\n");
3155 ERR_print_errors(bio_err);
3158 for (i = 0; i < loopargs_len; i++) {
3159 /* Perform EdDSA signature test */
3160 loopargs[i].sigsize = test_ed_curves[testnum].sigsize;
3161 st = EVP_DigestSign(loopargs[i].eddsa_ctx[testnum],
3162 loopargs[i].buf2, &loopargs[i].sigsize,
3163 loopargs[i].buf, 20);
3169 "EdDSA sign failure. No EdDSA sign will be done.\n");
3170 ERR_print_errors(bio_err);
3173 pkey_print_message("sign", test_ed_curves[testnum].name,
3174 eddsa_c[testnum][0],
3175 test_ed_curves[testnum].bits, seconds.eddsa);
3177 count = run_benchmark(async_jobs, EdDSA_sign_loop, loopargs);
3181 mr ? "+R8:%ld:%u:%s:%.2f\n" :
3182 "%ld %u bits %s signs in %.2fs \n",
3183 count, test_ed_curves[testnum].bits,
3184 test_ed_curves[testnum].name, d);
3185 eddsa_results[testnum][0] = (double)count / d;
3189 /* Perform EdDSA verification test */
3190 for (i = 0; i < loopargs_len; i++) {
3191 st = EVP_DigestVerify(loopargs[i].eddsa_ctx[testnum],
3192 loopargs[i].buf2, loopargs[i].sigsize,
3193 loopargs[i].buf, 20);
3199 "EdDSA verify failure. No EdDSA verify will be done.\n");
3200 ERR_print_errors(bio_err);
3201 eddsa_doit[testnum] = 0;
3203 pkey_print_message("verify", test_ed_curves[testnum].name,
3204 eddsa_c[testnum][1],
3205 test_ed_curves[testnum].bits, seconds.eddsa);
3207 count = run_benchmark(async_jobs, EdDSA_verify_loop, loopargs);
3210 mr ? "+R9:%ld:%u:%s:%.2f\n"
3211 : "%ld %u bits %s verify in %.2fs\n",
3212 count, test_ed_curves[testnum].bits,
3213 test_ed_curves[testnum].name, d);
3214 eddsa_results[testnum][1] = (double)count / d;
3217 if (rsa_count <= 1) {
3218 /* if longer than 10s, don't do any more */
3219 for (testnum++; testnum < EdDSA_NUM; testnum++)
3220 eddsa_doit[testnum] = 0;
3225 #endif /* OPENSSL_NO_EC */
3230 printf("version: %s\n", OpenSSL_version(OPENSSL_FULL_VERSION_STRING));
3231 printf("built on: %s\n", OpenSSL_version(OPENSSL_BUILT_ON));
3233 printf("%s ", BN_options());
3234 #ifndef OPENSSL_NO_MD2
3235 printf("%s ", MD2_options());
3237 #ifndef OPENSSL_NO_RC4
3238 printf("%s ", RC4_options());
3240 #ifndef OPENSSL_NO_DES
3241 printf("%s ", DES_options());
3243 printf("%s ", AES_options());
3244 #ifndef OPENSSL_NO_IDEA
3245 printf("%s ", IDEA_options());
3247 #ifndef OPENSSL_NO_BF
3248 printf("%s ", BF_options());
3250 printf("\n%s\n", OpenSSL_version(OPENSSL_CFLAGS));
3258 ("The 'numbers' are in 1000s of bytes per second processed.\n");
3261 for (testnum = 0; testnum < size_num; testnum++)
3262 printf(mr ? ":%d" : "%7d bytes", lengths[testnum]);
3266 for (k = 0; k < ALGOR_NUM; k++) {
3270 printf("+F:%u:%s", k, names[k]);
3272 printf("%-13s", names[k]);
3273 for (testnum = 0; testnum < size_num; testnum++) {
3274 if (results[k][testnum] > 10000 && !mr)
3275 printf(" %11.2fk", results[k][testnum] / 1e3);
3277 printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]);
3281 #ifndef OPENSSL_NO_RSA
3283 for (k = 0; k < RSA_NUM; k++) {
3286 if (testnum && !mr) {
3287 printf("%18ssign verify sign/s verify/s\n", " ");
3291 printf("+F2:%u:%u:%f:%f\n",
3292 k, rsa_bits[k], rsa_results[k][0], rsa_results[k][1]);
3294 printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3295 rsa_bits[k], 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1],
3296 rsa_results[k][0], rsa_results[k][1]);
3299 #ifndef OPENSSL_NO_DSA
3301 for (k = 0; k < DSA_NUM; k++) {
3304 if (testnum && !mr) {
3305 printf("%18ssign verify sign/s verify/s\n", " ");
3309 printf("+F3:%u:%u:%f:%f\n",
3310 k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
3312 printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3313 dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1],
3314 dsa_results[k][0], dsa_results[k][1]);
3317 #ifndef OPENSSL_NO_EC
3319 for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) {
3322 if (testnum && !mr) {
3323 printf("%30ssign verify sign/s verify/s\n", " ");
3328 printf("+F4:%u:%u:%f:%f\n",
3329 k, test_curves[k].bits,
3330 ecdsa_results[k][0], ecdsa_results[k][1]);
3332 printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3333 test_curves[k].bits, test_curves[k].name,
3334 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1],
3335 ecdsa_results[k][0], ecdsa_results[k][1]);
3339 for (k = 0; k < EC_NUM; k++) {
3342 if (testnum && !mr) {
3343 printf("%30sop op/s\n", " ");
3347 printf("+F5:%u:%u:%f:%f\n",
3348 k, test_curves[k].bits,
3349 ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
3352 printf("%4u bits ecdh (%s) %8.4fs %8.1f\n",
3353 test_curves[k].bits, test_curves[k].name,
3354 1.0 / ecdh_results[k][0], ecdh_results[k][0]);
3358 for (k = 0; k < OSSL_NELEM(eddsa_doit); k++) {
3361 if (testnum && !mr) {
3362 printf("%30ssign verify sign/s verify/s\n", " ");
3367 printf("+F6:%u:%u:%s:%f:%f\n",
3368 k, test_ed_curves[k].bits, test_ed_curves[k].name,
3369 eddsa_results[k][0], eddsa_results[k][1]);
3371 printf("%4u bits EdDSA (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3372 test_ed_curves[k].bits, test_ed_curves[k].name,
3373 1.0 / eddsa_results[k][0], 1.0 / eddsa_results[k][1],
3374 eddsa_results[k][0], eddsa_results[k][1]);
3381 ERR_print_errors(bio_err);
3382 for (i = 0; i < loopargs_len; i++) {
3383 OPENSSL_free(loopargs[i].buf_malloc);
3384 OPENSSL_free(loopargs[i].buf2_malloc);
3386 #ifndef OPENSSL_NO_RSA
3387 for (k = 0; k < RSA_NUM; k++)
3388 RSA_free(loopargs[i].rsa_key[k]);
3390 #ifndef OPENSSL_NO_DSA
3391 for (k = 0; k < DSA_NUM; k++)
3392 DSA_free(loopargs[i].dsa_key[k]);
3394 #ifndef OPENSSL_NO_EC
3395 for (k = 0; k < ECDSA_NUM; k++)
3396 EC_KEY_free(loopargs[i].ecdsa[k]);
3397 for (k = 0; k < EC_NUM; k++)
3398 EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]);
3399 for (k = 0; k < EdDSA_NUM; k++)
3400 EVP_MD_CTX_free(loopargs[i].eddsa_ctx[k]);
3401 OPENSSL_free(loopargs[i].secret_a);
3402 OPENSSL_free(loopargs[i].secret_b);
3405 OPENSSL_free(evp_hmac_name);
3407 if (async_jobs > 0) {
3408 for (i = 0; i < loopargs_len; i++)
3409 ASYNC_WAIT_CTX_free(loopargs[i].wait_ctx);
3413 ASYNC_cleanup_thread();
3415 OPENSSL_free(loopargs);
3420 static void print_message(const char *s, long num, int length, int tm)
3424 mr ? "+DT:%s:%d:%d\n"
3425 : "Doing %s for %ds on %d size blocks: ", s, tm, length);
3426 (void)BIO_flush(bio_err);
3430 mr ? "+DN:%s:%ld:%d\n"
3431 : "Doing %s %ld times on %d size blocks: ", s, num, length);
3432 (void)BIO_flush(bio_err);
3436 static void pkey_print_message(const char *str, const char *str2, long num,
3437 unsigned int bits, int tm)
3441 mr ? "+DTP:%d:%s:%s:%d\n"
3442 : "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm);
3443 (void)BIO_flush(bio_err);
3447 mr ? "+DNP:%ld:%d:%s:%s\n"
3448 : "Doing %ld %u bits %s %s's: ", num, bits, str, str2);
3449 (void)BIO_flush(bio_err);
3453 static void print_result(int alg, int run_no, int count, double time_used)
3456 BIO_puts(bio_err, "EVP error!\n");
3460 mr ? "+R:%d:%s:%f\n"
3461 : "%d %s's in %.2fs\n", count, names[alg], time_used);
3462 results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
3466 static char *sstrsep(char **string, const char *delim)
3469 char *token = *string;
3474 memset(isdelim, 0, sizeof(isdelim));
3478 isdelim[(unsigned char)(*delim)] = 1;
3482 while (!isdelim[(unsigned char)(**string)]) {
3494 static int do_multi(int multi, int size_num)
3499 static char sep[] = ":";
3501 fds = app_malloc(sizeof(*fds) * multi, "fd buffer for do_multi");
3502 for (n = 0; n < multi; ++n) {
3503 if (pipe(fd) == -1) {
3504 BIO_printf(bio_err, "pipe failure\n");
3508 (void)BIO_flush(bio_err);
3515 if (dup(fd[1]) == -1) {
3516 BIO_printf(bio_err, "dup failed\n");
3525 printf("Forked child %d\n", n);
3528 /* for now, assume the pipe is long enough to take all the output */
3529 for (n = 0; n < multi; ++n) {
3534 f = fdopen(fds[n], "r");
3535 while (fgets(buf, sizeof(buf), f)) {
3536 p = strchr(buf, '\n');
3539 if (buf[0] != '+') {
3541 "Don't understand line '%s' from child %d\n", buf,
3545 printf("Got: %s from %d\n", buf, n);
3546 if (strncmp(buf, "+F:", 3) == 0) {
3551 alg = atoi(sstrsep(&p, sep));
3553 for (j = 0; j < size_num; ++j)
3554 results[alg][j] += atof(sstrsep(&p, sep));
3555 } else if (strncmp(buf, "+F2:", 4) == 0) {
3560 k = atoi(sstrsep(&p, sep));
3563 d = atof(sstrsep(&p, sep));
3564 rsa_results[k][0] += d;
3566 d = atof(sstrsep(&p, sep));
3567 rsa_results[k][1] += d;
3569 # ifndef OPENSSL_NO_DSA
3570 else if (strncmp(buf, "+F3:", 4) == 0) {
3575 k = atoi(sstrsep(&p, sep));
3578 d = atof(sstrsep(&p, sep));
3579 dsa_results[k][0] += d;
3581 d = atof(sstrsep(&p, sep));
3582 dsa_results[k][1] += d;
3585 # ifndef OPENSSL_NO_EC
3586 else if (strncmp(buf, "+F4:", 4) == 0) {
3591 k = atoi(sstrsep(&p, sep));
3594 d = atof(sstrsep(&p, sep));
3595 ecdsa_results[k][0] += d;
3597 d = atof(sstrsep(&p, sep));
3598 ecdsa_results[k][1] += d;
3599 } else if (strncmp(buf, "+F5:", 4) == 0) {
3604 k = atoi(sstrsep(&p, sep));
3607 d = atof(sstrsep(&p, sep));
3608 ecdh_results[k][0] += d;
3609 } else if (strncmp(buf, "+F6:", 4) == 0) {
3614 k = atoi(sstrsep(&p, sep));
3617 d = atof(sstrsep(&p, sep));
3618 eddsa_results[k][0] += d;
3620 d = atof(sstrsep(&p, sep));
3621 eddsa_results[k][1] += d;
3625 else if (strncmp(buf, "+H:", 3) == 0) {
3628 BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf,
3639 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
3640 const openssl_speed_sec_t *seconds)
3642 static const int mblengths_list[] =
3643 { 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 };
3644 const int *mblengths = mblengths_list;
3645 int j, count, keylen, num = OSSL_NELEM(mblengths_list);
3646 const char *alg_name;
3647 unsigned char *inp, *out, *key, no_key[32], no_iv[16];
3648 EVP_CIPHER_CTX *ctx;
3651 if (lengths_single) {
3652 mblengths = &lengths_single;
3656 inp = app_malloc(mblengths[num - 1], "multiblock input buffer");
3657 out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer");
3658 ctx = EVP_CIPHER_CTX_new();
3659 EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv);
3661 keylen = EVP_CIPHER_CTX_key_length(ctx);
3662 key = app_malloc(keylen, "evp_cipher key");
3663 EVP_CIPHER_CTX_rand_key(ctx, key);
3664 EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
3665 OPENSSL_clear_free(key, keylen);
3667 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key), no_key);
3668 alg_name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
3670 for (j = 0; j < num; j++) {
3671 print_message(alg_name, 0, mblengths[j], seconds->sym);
3673 for (count = 0, run = 1; run && count < 0x7fffffff; count++) {
3674 unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
3675 EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
3676 size_t len = mblengths[j];
3679 memset(aad, 0, 8); /* avoid uninitialized values */
3680 aad[8] = 23; /* SSL3_RT_APPLICATION_DATA */
3681 aad[9] = 3; /* version */
3683 aad[11] = 0; /* length */
3685 mb_param.out = NULL;
3688 mb_param.interleave = 8;
3690 packlen = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
3691 sizeof(mb_param), &mb_param);
3697 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
3698 sizeof(mb_param), &mb_param);
3702 RAND_bytes(out, 16);
3704 aad[11] = (unsigned char)(len >> 8);
3705 aad[12] = (unsigned char)(len);
3706 pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD,
3707 EVP_AEAD_TLS1_AAD_LEN, aad);
3708 EVP_Cipher(ctx, out, inp, len + pad);
3712 BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n"
3713 : "%d %s's in %.2fs\n", count, "evp", d);
3714 results[D_EVP][j] = ((double)count) / d * mblengths[j];
3718 fprintf(stdout, "+H");
3719 for (j = 0; j < num; j++)
3720 fprintf(stdout, ":%d", mblengths[j]);
3721 fprintf(stdout, "\n");
3722 fprintf(stdout, "+F:%d:%s", D_EVP, alg_name);
3723 for (j = 0; j < num; j++)
3724 fprintf(stdout, ":%.2f", results[D_EVP][j]);
3725 fprintf(stdout, "\n");
3728 "The 'numbers' are in 1000s of bytes per second processed.\n");
3729 fprintf(stdout, "type ");
3730 for (j = 0; j < num; j++)
3731 fprintf(stdout, "%7d bytes", mblengths[j]);
3732 fprintf(stdout, "\n");
3733 fprintf(stdout, "%-24s", alg_name);
3735 for (j = 0; j < num; j++) {
3736 if (results[D_EVP][j] > 10000)
3737 fprintf(stdout, " %11.2fk", results[D_EVP][j] / 1e3);
3739 fprintf(stdout, " %11.2f ", results[D_EVP][j]);
3741 fprintf(stdout, "\n");
3746 EVP_CIPHER_CTX_free(ctx);