2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
5 * Licensed under the OpenSSL license (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
13 #define RSA_SECONDS 10
14 #define DSA_SECONDS 10
15 #define ECDSA_SECONDS 10
16 #define ECDH_SECONDS 10
24 #include <openssl/crypto.h>
25 #include <openssl/rand.h>
26 #include <openssl/err.h>
27 #include <openssl/evp.h>
28 #include <openssl/objects.h>
29 #include <openssl/async.h>
30 #if !defined(OPENSSL_SYS_MSDOS)
31 # include OPENSSL_UNISTD
38 #include <openssl/bn.h>
39 #ifndef OPENSSL_NO_DES
40 # include <openssl/des.h>
42 #include <openssl/aes.h>
43 #ifndef OPENSSL_NO_CAMELLIA
44 # include <openssl/camellia.h>
46 #ifndef OPENSSL_NO_MD2
47 # include <openssl/md2.h>
49 #ifndef OPENSSL_NO_MDC2
50 # include <openssl/mdc2.h>
52 #ifndef OPENSSL_NO_MD4
53 # include <openssl/md4.h>
55 #ifndef OPENSSL_NO_MD5
56 # include <openssl/md5.h>
58 #include <openssl/hmac.h>
59 #include <openssl/sha.h>
60 #ifndef OPENSSL_NO_RMD160
61 # include <openssl/ripemd.h>
63 #ifndef OPENSSL_NO_WHIRLPOOL
64 # include <openssl/whrlpool.h>
66 #ifndef OPENSSL_NO_RC4
67 # include <openssl/rc4.h>
69 #ifndef OPENSSL_NO_RC5
70 # include <openssl/rc5.h>
72 #ifndef OPENSSL_NO_RC2
73 # include <openssl/rc2.h>
75 #ifndef OPENSSL_NO_IDEA
76 # include <openssl/idea.h>
78 #ifndef OPENSSL_NO_SEED
79 # include <openssl/seed.h>
82 # include <openssl/blowfish.h>
84 #ifndef OPENSSL_NO_CAST
85 # include <openssl/cast.h>
87 #ifndef OPENSSL_NO_RSA
88 # include <openssl/rsa.h>
89 # include "./testrsa.h"
91 #include <openssl/x509.h>
92 #ifndef OPENSSL_NO_DSA
93 # include <openssl/dsa.h>
94 # include "./testdsa.h"
97 # include <openssl/ec.h>
99 #include <openssl/modes.h>
102 # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS)
115 #define MAX_MISALIGNMENT 63
116 #define MAX_ECDH_SIZE 256
119 typedef struct openssl_speed_sec_st {
125 } openssl_speed_sec_t;
127 static volatile int run = 0;
130 static int usertime = 1;
132 #ifndef OPENSSL_NO_MD2
133 static int EVP_Digest_MD2_loop(void *args);
136 #ifndef OPENSSL_NO_MDC2
137 static int EVP_Digest_MDC2_loop(void *args);
139 #ifndef OPENSSL_NO_MD4
140 static int EVP_Digest_MD4_loop(void *args);
142 #ifndef OPENSSL_NO_MD5
143 static int MD5_loop(void *args);
144 static int HMAC_loop(void *args);
146 static int SHA1_loop(void *args);
147 static int SHA256_loop(void *args);
148 static int SHA512_loop(void *args);
149 #ifndef OPENSSL_NO_WHIRLPOOL
150 static int WHIRLPOOL_loop(void *args);
152 #ifndef OPENSSL_NO_RMD160
153 static int EVP_Digest_RMD160_loop(void *args);
155 #ifndef OPENSSL_NO_RC4
156 static int RC4_loop(void *args);
158 #ifndef OPENSSL_NO_DES
159 static int DES_ncbc_encrypt_loop(void *args);
160 static int DES_ede3_cbc_encrypt_loop(void *args);
162 static int AES_cbc_128_encrypt_loop(void *args);
163 static int AES_cbc_192_encrypt_loop(void *args);
164 static int AES_ige_128_encrypt_loop(void *args);
165 static int AES_cbc_256_encrypt_loop(void *args);
166 static int AES_ige_192_encrypt_loop(void *args);
167 static int AES_ige_256_encrypt_loop(void *args);
168 static int CRYPTO_gcm128_aad_loop(void *args);
169 static int RAND_bytes_loop(void *args);
170 static int EVP_Update_loop(void *args);
171 static int EVP_Update_loop_ccm(void *args);
172 static int EVP_Digest_loop(void *args);
173 #ifndef OPENSSL_NO_RSA
174 static int RSA_sign_loop(void *args);
175 static int RSA_verify_loop(void *args);
177 #ifndef OPENSSL_NO_DSA
178 static int DSA_sign_loop(void *args);
179 static int DSA_verify_loop(void *args);
181 #ifndef OPENSSL_NO_EC
182 static int ECDSA_sign_loop(void *args);
183 static int ECDSA_verify_loop(void *args);
186 static double Time_F(int s);
187 static void print_message(const char *s, long num, int length, int tm);
188 static void pkey_print_message(const char *str, const char *str2,
189 long num, unsigned int bits, int sec);
190 static void print_result(int alg, int run_no, int count, double time_used);
192 static int do_multi(int multi, int size_num);
195 static const int lengths_list[] = {
196 16, 64, 256, 1024, 8 * 1024, 16 * 1024
198 static const int *lengths = lengths_list;
205 static void alarmed(int sig)
207 signal(SIGALRM, alarmed);
211 static double Time_F(int s)
213 double ret = app_tminterval(s, usertime);
219 #elif defined(_WIN32)
223 static unsigned int lapse;
224 static volatile unsigned int schlock;
225 static void alarm_win32(unsigned int secs)
230 # define alarm alarm_win32
232 static DWORD WINAPI sleepy(VOID * arg)
240 static double Time_F(int s)
247 thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
249 DWORD err = GetLastError();
250 BIO_printf(bio_err, "unable to CreateThread (%lu)", err);
254 Sleep(0); /* scheduler spinlock */
255 ret = app_tminterval(s, usertime);
257 ret = app_tminterval(s, usertime);
259 TerminateThread(thr, 0);
266 static double Time_F(int s)
268 return app_tminterval(s, usertime);
272 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
273 const openssl_speed_sec_t *seconds);
275 #define found(value, pairs, result)\
276 opt_found(value, result, pairs, OSSL_NELEM(pairs))
277 static int opt_found(const char *name, unsigned int *result,
278 const OPT_PAIR pairs[], unsigned int nbelem)
282 for (idx = 0; idx < nbelem; ++idx, pairs++)
283 if (strcmp(name, pairs->name) == 0) {
284 *result = pairs->retval;
290 typedef enum OPTION_choice {
291 OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
292 OPT_ELAPSED, OPT_EVP, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
293 OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM,
294 OPT_PRIMES, OPT_SECONDS, OPT_BYTES
297 const OPTIONS speed_options[] = {
298 {OPT_HELP_STR, 1, '-', "Usage: %s [options] ciphers...\n"},
299 {OPT_HELP_STR, 1, '-', "Valid options are:\n"},
300 {"help", OPT_HELP, '-', "Display this summary"},
301 {"evp", OPT_EVP, 's', "Use specified EVP cipher"},
302 {"decrypt", OPT_DECRYPT, '-',
303 "Time decryption instead of encryption (only EVP)"},
304 {"mr", OPT_MR, '-', "Produce machine readable output"},
306 "Enable (tls1.1) multi-block mode on evp_cipher requested with -evp"},
307 {"misalign", OPT_MISALIGN, 'n', "Amount to mis-align buffers"},
308 {"elapsed", OPT_ELAPSED, '-',
309 "Measure time in real time instead of CPU user time"},
311 {"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"},
313 #ifndef OPENSSL_NO_ASYNC
314 {"async_jobs", OPT_ASYNCJOBS, 'p',
315 "Enable async mode and start pnum jobs"},
318 #ifndef OPENSSL_NO_ENGINE
319 {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
321 {"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"},
322 {"seconds", OPT_SECONDS, 'p',
323 "Run benchmarks for pnum seconds"},
324 {"bytes", OPT_BYTES, 'p',
325 "Run cipher, digest and rand benchmarks on pnum bytes"},
339 #define D_CBC_IDEA 10
340 #define D_CBC_SEED 11
344 #define D_CBC_CAST 15
345 #define D_CBC_128_AES 16
346 #define D_CBC_192_AES 17
347 #define D_CBC_256_AES 18
348 #define D_CBC_128_CML 19
349 #define D_CBC_192_CML 20
350 #define D_CBC_256_CML 21
354 #define D_WHIRLPOOL 25
355 #define D_IGE_128_AES 26
356 #define D_IGE_192_AES 27
357 #define D_IGE_256_AES 28
360 /* name of algorithms to test */
361 static const char *names[] = {
362 "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
363 "des cbc", "des ede3", "idea cbc", "seed cbc",
364 "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
365 "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
366 "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
367 "evp", "sha256", "sha512", "whirlpool",
368 "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
371 #define ALGOR_NUM OSSL_NELEM(names)
373 /* list of configured algorithm (remaining) */
374 static const OPT_PAIR doit_choices[] = {
375 #ifndef OPENSSL_NO_MD2
378 #ifndef OPENSSL_NO_MDC2
381 #ifndef OPENSSL_NO_MD4
384 #ifndef OPENSSL_NO_MD5
389 {"sha256", D_SHA256},
390 {"sha512", D_SHA512},
391 #ifndef OPENSSL_NO_WHIRLPOOL
392 {"whirlpool", D_WHIRLPOOL},
394 #ifndef OPENSSL_NO_RMD160
395 {"ripemd", D_RMD160},
396 {"rmd160", D_RMD160},
397 {"ripemd160", D_RMD160},
399 #ifndef OPENSSL_NO_RC4
402 #ifndef OPENSSL_NO_DES
403 {"des-cbc", D_CBC_DES},
404 {"des-ede3", D_EDE3_DES},
406 {"aes-128-cbc", D_CBC_128_AES},
407 {"aes-192-cbc", D_CBC_192_AES},
408 {"aes-256-cbc", D_CBC_256_AES},
409 {"aes-128-ige", D_IGE_128_AES},
410 {"aes-192-ige", D_IGE_192_AES},
411 {"aes-256-ige", D_IGE_256_AES},
412 #ifndef OPENSSL_NO_RC2
413 {"rc2-cbc", D_CBC_RC2},
416 #ifndef OPENSSL_NO_RC5
417 {"rc5-cbc", D_CBC_RC5},
420 #ifndef OPENSSL_NO_IDEA
421 {"idea-cbc", D_CBC_IDEA},
422 {"idea", D_CBC_IDEA},
424 #ifndef OPENSSL_NO_SEED
425 {"seed-cbc", D_CBC_SEED},
426 {"seed", D_CBC_SEED},
428 #ifndef OPENSSL_NO_BF
429 {"bf-cbc", D_CBC_BF},
430 {"blowfish", D_CBC_BF},
433 #ifndef OPENSSL_NO_CAST
434 {"cast-cbc", D_CBC_CAST},
435 {"cast", D_CBC_CAST},
436 {"cast5", D_CBC_CAST},
442 static double results[ALGOR_NUM][OSSL_NELEM(lengths_list)];
444 #ifndef OPENSSL_NO_DSA
446 # define R_DSA_1024 1
447 # define R_DSA_2048 2
448 static const OPT_PAIR dsa_choices[] = {
449 {"dsa512", R_DSA_512},
450 {"dsa1024", R_DSA_1024},
451 {"dsa2048", R_DSA_2048}
453 # define DSA_NUM OSSL_NELEM(dsa_choices)
455 static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */
456 #endif /* OPENSSL_NO_DSA */
464 #define R_RSA_15360 6
465 #ifndef OPENSSL_NO_RSA
466 static const OPT_PAIR rsa_choices[] = {
467 {"rsa512", R_RSA_512},
468 {"rsa1024", R_RSA_1024},
469 {"rsa2048", R_RSA_2048},
470 {"rsa3072", R_RSA_3072},
471 {"rsa4096", R_RSA_4096},
472 {"rsa7680", R_RSA_7680},
473 {"rsa15360", R_RSA_15360}
475 # define RSA_NUM OSSL_NELEM(rsa_choices)
477 static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */
478 #endif /* OPENSSL_NO_RSA */
496 #define R_EC_BRP256R1 16
497 #define R_EC_BRP256T1 17
498 #define R_EC_BRP384R1 18
499 #define R_EC_BRP384T1 19
500 #define R_EC_BRP512R1 20
501 #define R_EC_BRP512T1 21
502 #define R_EC_X25519 22
504 #ifndef OPENSSL_NO_EC
505 static OPT_PAIR ecdsa_choices[] = {
506 {"ecdsap160", R_EC_P160},
507 {"ecdsap192", R_EC_P192},
508 {"ecdsap224", R_EC_P224},
509 {"ecdsap256", R_EC_P256},
510 {"ecdsap384", R_EC_P384},
511 {"ecdsap521", R_EC_P521},
512 {"ecdsak163", R_EC_K163},
513 {"ecdsak233", R_EC_K233},
514 {"ecdsak283", R_EC_K283},
515 {"ecdsak409", R_EC_K409},
516 {"ecdsak571", R_EC_K571},
517 {"ecdsab163", R_EC_B163},
518 {"ecdsab233", R_EC_B233},
519 {"ecdsab283", R_EC_B283},
520 {"ecdsab409", R_EC_B409},
521 {"ecdsab571", R_EC_B571},
522 {"ecdsabrp256r1", R_EC_BRP256R1},
523 {"ecdsabrp256t1", R_EC_BRP256T1},
524 {"ecdsabrp384r1", R_EC_BRP384R1},
525 {"ecdsabrp384t1", R_EC_BRP384T1},
526 {"ecdsabrp512r1", R_EC_BRP512R1},
527 {"ecdsabrp512t1", R_EC_BRP512T1}
529 # define ECDSA_NUM OSSL_NELEM(ecdsa_choices)
531 static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */
533 static const OPT_PAIR ecdh_choices[] = {
534 {"ecdhp160", R_EC_P160},
535 {"ecdhp192", R_EC_P192},
536 {"ecdhp224", R_EC_P224},
537 {"ecdhp256", R_EC_P256},
538 {"ecdhp384", R_EC_P384},
539 {"ecdhp521", R_EC_P521},
540 {"ecdhk163", R_EC_K163},
541 {"ecdhk233", R_EC_K233},
542 {"ecdhk283", R_EC_K283},
543 {"ecdhk409", R_EC_K409},
544 {"ecdhk571", R_EC_K571},
545 {"ecdhb163", R_EC_B163},
546 {"ecdhb233", R_EC_B233},
547 {"ecdhb283", R_EC_B283},
548 {"ecdhb409", R_EC_B409},
549 {"ecdhb571", R_EC_B571},
550 {"ecdhbrp256r1", R_EC_BRP256R1},
551 {"ecdhbrp256t1", R_EC_BRP256T1},
552 {"ecdhbrp384r1", R_EC_BRP384R1},
553 {"ecdhbrp384t1", R_EC_BRP384T1},
554 {"ecdhbrp512r1", R_EC_BRP512R1},
555 {"ecdhbrp512t1", R_EC_BRP512T1},
556 {"ecdhx25519", R_EC_X25519},
557 {"ecdhx448", R_EC_X448}
559 # define EC_NUM OSSL_NELEM(ecdh_choices)
561 static double ecdh_results[EC_NUM][1]; /* 1 op: derivation */
562 #endif /* OPENSSL_NO_EC */
565 # define COND(d) (count < (d))
566 # define COUNT(d) (d)
568 # define COND(unused_cond) (run && count<0x7fffffff)
569 # define COUNT(d) (count)
572 typedef struct loopargs_st {
573 ASYNC_JOB *inprogress_job;
574 ASYNC_WAIT_CTX *wait_ctx;
577 unsigned char *buf_malloc;
578 unsigned char *buf2_malloc;
581 #ifndef OPENSSL_NO_RSA
582 RSA *rsa_key[RSA_NUM];
584 #ifndef OPENSSL_NO_DSA
585 DSA *dsa_key[DSA_NUM];
587 #ifndef OPENSSL_NO_EC
588 EC_KEY *ecdsa[ECDSA_NUM];
589 EVP_PKEY_CTX *ecdh_ctx[EC_NUM];
590 unsigned char *secret_a;
591 unsigned char *secret_b;
592 size_t outlen[EC_NUM];
596 GCM128_CONTEXT *gcm_ctx;
598 static int run_benchmark(int async_jobs, int (*loop_function) (void *),
599 loopargs_t * loopargs);
601 static unsigned int testnum;
603 /* Nb of iterations to do per algorithm and key-size */
604 static long c[ALGOR_NUM][OSSL_NELEM(lengths_list)];
606 #ifndef OPENSSL_NO_MD2
607 static int EVP_Digest_MD2_loop(void *args)
609 loopargs_t *tempargs = *(loopargs_t **) args;
610 unsigned char *buf = tempargs->buf;
611 unsigned char md2[MD2_DIGEST_LENGTH];
614 for (count = 0; COND(c[D_MD2][testnum]); count++) {
615 if (!EVP_Digest(buf, (size_t)lengths[testnum], md2, NULL, EVP_md2(),
623 #ifndef OPENSSL_NO_MDC2
624 static int EVP_Digest_MDC2_loop(void *args)
626 loopargs_t *tempargs = *(loopargs_t **) args;
627 unsigned char *buf = tempargs->buf;
628 unsigned char mdc2[MDC2_DIGEST_LENGTH];
631 for (count = 0; COND(c[D_MDC2][testnum]); count++) {
632 if (!EVP_Digest(buf, (size_t)lengths[testnum], mdc2, NULL, EVP_mdc2(),
640 #ifndef OPENSSL_NO_MD4
641 static int EVP_Digest_MD4_loop(void *args)
643 loopargs_t *tempargs = *(loopargs_t **) args;
644 unsigned char *buf = tempargs->buf;
645 unsigned char md4[MD4_DIGEST_LENGTH];
648 for (count = 0; COND(c[D_MD4][testnum]); count++) {
649 if (!EVP_Digest(buf, (size_t)lengths[testnum], md4, NULL, EVP_md4(),
657 #ifndef OPENSSL_NO_MD5
658 static int MD5_loop(void *args)
660 loopargs_t *tempargs = *(loopargs_t **) args;
661 unsigned char *buf = tempargs->buf;
662 unsigned char md5[MD5_DIGEST_LENGTH];
664 for (count = 0; COND(c[D_MD5][testnum]); count++)
665 MD5(buf, lengths[testnum], md5);
669 static int HMAC_loop(void *args)
671 loopargs_t *tempargs = *(loopargs_t **) args;
672 unsigned char *buf = tempargs->buf;
673 HMAC_CTX *hctx = tempargs->hctx;
674 unsigned char hmac[MD5_DIGEST_LENGTH];
677 for (count = 0; COND(c[D_HMAC][testnum]); count++) {
678 HMAC_Init_ex(hctx, NULL, 0, NULL, NULL);
679 HMAC_Update(hctx, buf, lengths[testnum]);
680 HMAC_Final(hctx, hmac, NULL);
686 static int SHA1_loop(void *args)
688 loopargs_t *tempargs = *(loopargs_t **) args;
689 unsigned char *buf = tempargs->buf;
690 unsigned char sha[SHA_DIGEST_LENGTH];
692 for (count = 0; COND(c[D_SHA1][testnum]); count++)
693 SHA1(buf, lengths[testnum], sha);
697 static int SHA256_loop(void *args)
699 loopargs_t *tempargs = *(loopargs_t **) args;
700 unsigned char *buf = tempargs->buf;
701 unsigned char sha256[SHA256_DIGEST_LENGTH];
703 for (count = 0; COND(c[D_SHA256][testnum]); count++)
704 SHA256(buf, lengths[testnum], sha256);
708 static int SHA512_loop(void *args)
710 loopargs_t *tempargs = *(loopargs_t **) args;
711 unsigned char *buf = tempargs->buf;
712 unsigned char sha512[SHA512_DIGEST_LENGTH];
714 for (count = 0; COND(c[D_SHA512][testnum]); count++)
715 SHA512(buf, lengths[testnum], sha512);
719 #ifndef OPENSSL_NO_WHIRLPOOL
720 static int WHIRLPOOL_loop(void *args)
722 loopargs_t *tempargs = *(loopargs_t **) args;
723 unsigned char *buf = tempargs->buf;
724 unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
726 for (count = 0; COND(c[D_WHIRLPOOL][testnum]); count++)
727 WHIRLPOOL(buf, lengths[testnum], whirlpool);
732 #ifndef OPENSSL_NO_RMD160
733 static int EVP_Digest_RMD160_loop(void *args)
735 loopargs_t *tempargs = *(loopargs_t **) args;
736 unsigned char *buf = tempargs->buf;
737 unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
739 for (count = 0; COND(c[D_RMD160][testnum]); count++) {
740 if (!EVP_Digest(buf, (size_t)lengths[testnum], &(rmd160[0]),
741 NULL, EVP_ripemd160(), NULL))
748 #ifndef OPENSSL_NO_RC4
749 static RC4_KEY rc4_ks;
750 static int RC4_loop(void *args)
752 loopargs_t *tempargs = *(loopargs_t **) args;
753 unsigned char *buf = tempargs->buf;
755 for (count = 0; COND(c[D_RC4][testnum]); count++)
756 RC4(&rc4_ks, (size_t)lengths[testnum], buf, buf);
761 #ifndef OPENSSL_NO_DES
762 static unsigned char DES_iv[8];
763 static DES_key_schedule sch;
764 static DES_key_schedule sch2;
765 static DES_key_schedule sch3;
766 static int DES_ncbc_encrypt_loop(void *args)
768 loopargs_t *tempargs = *(loopargs_t **) args;
769 unsigned char *buf = tempargs->buf;
771 for (count = 0; COND(c[D_CBC_DES][testnum]); count++)
772 DES_ncbc_encrypt(buf, buf, lengths[testnum], &sch,
773 &DES_iv, DES_ENCRYPT);
777 static int DES_ede3_cbc_encrypt_loop(void *args)
779 loopargs_t *tempargs = *(loopargs_t **) args;
780 unsigned char *buf = tempargs->buf;
782 for (count = 0; COND(c[D_EDE3_DES][testnum]); count++)
783 DES_ede3_cbc_encrypt(buf, buf, lengths[testnum],
784 &sch, &sch2, &sch3, &DES_iv, DES_ENCRYPT);
789 #define MAX_BLOCK_SIZE 128
791 static unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
792 static AES_KEY aes_ks1, aes_ks2, aes_ks3;
793 static int AES_cbc_128_encrypt_loop(void *args)
795 loopargs_t *tempargs = *(loopargs_t **) args;
796 unsigned char *buf = tempargs->buf;
798 for (count = 0; COND(c[D_CBC_128_AES][testnum]); count++)
799 AES_cbc_encrypt(buf, buf,
800 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
804 static int AES_cbc_192_encrypt_loop(void *args)
806 loopargs_t *tempargs = *(loopargs_t **) args;
807 unsigned char *buf = tempargs->buf;
809 for (count = 0; COND(c[D_CBC_192_AES][testnum]); count++)
810 AES_cbc_encrypt(buf, buf,
811 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
815 static int AES_cbc_256_encrypt_loop(void *args)
817 loopargs_t *tempargs = *(loopargs_t **) args;
818 unsigned char *buf = tempargs->buf;
820 for (count = 0; COND(c[D_CBC_256_AES][testnum]); count++)
821 AES_cbc_encrypt(buf, buf,
822 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
826 static int AES_ige_128_encrypt_loop(void *args)
828 loopargs_t *tempargs = *(loopargs_t **) args;
829 unsigned char *buf = tempargs->buf;
830 unsigned char *buf2 = tempargs->buf2;
832 for (count = 0; COND(c[D_IGE_128_AES][testnum]); count++)
833 AES_ige_encrypt(buf, buf2,
834 (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
838 static int AES_ige_192_encrypt_loop(void *args)
840 loopargs_t *tempargs = *(loopargs_t **) args;
841 unsigned char *buf = tempargs->buf;
842 unsigned char *buf2 = tempargs->buf2;
844 for (count = 0; COND(c[D_IGE_192_AES][testnum]); count++)
845 AES_ige_encrypt(buf, buf2,
846 (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
850 static int AES_ige_256_encrypt_loop(void *args)
852 loopargs_t *tempargs = *(loopargs_t **) args;
853 unsigned char *buf = tempargs->buf;
854 unsigned char *buf2 = tempargs->buf2;
856 for (count = 0; COND(c[D_IGE_256_AES][testnum]); count++)
857 AES_ige_encrypt(buf, buf2,
858 (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
862 static int CRYPTO_gcm128_aad_loop(void *args)
864 loopargs_t *tempargs = *(loopargs_t **) args;
865 unsigned char *buf = tempargs->buf;
866 GCM128_CONTEXT *gcm_ctx = tempargs->gcm_ctx;
868 for (count = 0; COND(c[D_GHASH][testnum]); count++)
869 CRYPTO_gcm128_aad(gcm_ctx, buf, lengths[testnum]);
873 static int RAND_bytes_loop(void *args)
875 loopargs_t *tempargs = *(loopargs_t **) args;
876 unsigned char *buf = tempargs->buf;
879 for (count = 0; COND(c[D_RAND][testnum]); count++)
880 RAND_bytes(buf, lengths[testnum]);
884 static long save_count = 0;
885 static int decrypt = 0;
886 static int EVP_Update_loop(void *args)
888 loopargs_t *tempargs = *(loopargs_t **) args;
889 unsigned char *buf = tempargs->buf;
890 EVP_CIPHER_CTX *ctx = tempargs->ctx;
893 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
896 for (count = 0; COND(nb_iter); count++) {
897 rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
899 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
902 for (count = 0; COND(nb_iter); count++) {
903 rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
905 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
909 EVP_DecryptFinal_ex(ctx, buf, &outl);
911 EVP_EncryptFinal_ex(ctx, buf, &outl);
915 * CCM does not support streaming. For the purpose of performance measurement,
916 * each message is encrypted using the same (key,iv)-pair. Do not use this
917 * code in your application.
919 static int EVP_Update_loop_ccm(void *args)
921 loopargs_t *tempargs = *(loopargs_t **) args;
922 unsigned char *buf = tempargs->buf;
923 EVP_CIPHER_CTX *ctx = tempargs->ctx;
925 unsigned char tag[12];
927 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
930 for (count = 0; COND(nb_iter); count++) {
931 EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
932 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), tag);
933 EVP_DecryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
934 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
935 EVP_DecryptFinal_ex(ctx, buf, &outl);
938 for (count = 0; COND(nb_iter); count++) {
939 EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv);
940 EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
941 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
942 EVP_EncryptFinal_ex(ctx, buf, &outl);
948 static const EVP_MD *evp_md = NULL;
949 static int EVP_Digest_loop(void *args)
951 loopargs_t *tempargs = *(loopargs_t **) args;
952 unsigned char *buf = tempargs->buf;
953 unsigned char md[EVP_MAX_MD_SIZE];
956 int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
959 for (count = 0; COND(nb_iter); count++) {
960 if (!EVP_Digest(buf, lengths[testnum], md, NULL, evp_md, NULL))
966 #ifndef OPENSSL_NO_RSA
967 static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */
969 static int RSA_sign_loop(void *args)
971 loopargs_t *tempargs = *(loopargs_t **) args;
972 unsigned char *buf = tempargs->buf;
973 unsigned char *buf2 = tempargs->buf2;
974 unsigned int *rsa_num = &tempargs->siglen;
975 RSA **rsa_key = tempargs->rsa_key;
977 for (count = 0; COND(rsa_c[testnum][0]); count++) {
978 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
980 BIO_printf(bio_err, "RSA sign failure\n");
981 ERR_print_errors(bio_err);
989 static int RSA_verify_loop(void *args)
991 loopargs_t *tempargs = *(loopargs_t **) args;
992 unsigned char *buf = tempargs->buf;
993 unsigned char *buf2 = tempargs->buf2;
994 unsigned int rsa_num = tempargs->siglen;
995 RSA **rsa_key = tempargs->rsa_key;
997 for (count = 0; COND(rsa_c[testnum][1]); count++) {
999 RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1001 BIO_printf(bio_err, "RSA verify failure\n");
1002 ERR_print_errors(bio_err);
1011 #ifndef OPENSSL_NO_DSA
1012 static long dsa_c[DSA_NUM][2];
1013 static int DSA_sign_loop(void *args)
1015 loopargs_t *tempargs = *(loopargs_t **) args;
1016 unsigned char *buf = tempargs->buf;
1017 unsigned char *buf2 = tempargs->buf2;
1018 DSA **dsa_key = tempargs->dsa_key;
1019 unsigned int *siglen = &tempargs->siglen;
1021 for (count = 0; COND(dsa_c[testnum][0]); count++) {
1022 ret = DSA_sign(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1024 BIO_printf(bio_err, "DSA sign failure\n");
1025 ERR_print_errors(bio_err);
1033 static int DSA_verify_loop(void *args)
1035 loopargs_t *tempargs = *(loopargs_t **) args;
1036 unsigned char *buf = tempargs->buf;
1037 unsigned char *buf2 = tempargs->buf2;
1038 DSA **dsa_key = tempargs->dsa_key;
1039 unsigned int siglen = tempargs->siglen;
1041 for (count = 0; COND(dsa_c[testnum][1]); count++) {
1042 ret = DSA_verify(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1044 BIO_printf(bio_err, "DSA verify failure\n");
1045 ERR_print_errors(bio_err);
1054 #ifndef OPENSSL_NO_EC
1055 static long ecdsa_c[ECDSA_NUM][2];
1056 static int ECDSA_sign_loop(void *args)
1058 loopargs_t *tempargs = *(loopargs_t **) args;
1059 unsigned char *buf = tempargs->buf;
1060 EC_KEY **ecdsa = tempargs->ecdsa;
1061 unsigned char *ecdsasig = tempargs->buf2;
1062 unsigned int *ecdsasiglen = &tempargs->siglen;
1064 for (count = 0; COND(ecdsa_c[testnum][0]); count++) {
1065 ret = ECDSA_sign(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1067 BIO_printf(bio_err, "ECDSA sign failure\n");
1068 ERR_print_errors(bio_err);
1076 static int ECDSA_verify_loop(void *args)
1078 loopargs_t *tempargs = *(loopargs_t **) args;
1079 unsigned char *buf = tempargs->buf;
1080 EC_KEY **ecdsa = tempargs->ecdsa;
1081 unsigned char *ecdsasig = tempargs->buf2;
1082 unsigned int ecdsasiglen = tempargs->siglen;
1084 for (count = 0; COND(ecdsa_c[testnum][1]); count++) {
1085 ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1087 BIO_printf(bio_err, "ECDSA verify failure\n");
1088 ERR_print_errors(bio_err);
1096 /* ******************************************************************** */
1097 static long ecdh_c[EC_NUM][1];
1099 static int ECDH_EVP_derive_key_loop(void *args)
1101 loopargs_t *tempargs = *(loopargs_t **) args;
1102 EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum];
1103 unsigned char *derived_secret = tempargs->secret_a;
1105 size_t *outlen = &(tempargs->outlen[testnum]);
1107 for (count = 0; COND(ecdh_c[testnum][0]); count++)
1108 EVP_PKEY_derive(ctx, derived_secret, outlen);
1113 #endif /* OPENSSL_NO_EC */
1115 static int run_benchmark(int async_jobs,
1116 int (*loop_function) (void *), loopargs_t * loopargs)
1118 int job_op_count = 0;
1119 int total_op_count = 0;
1120 int num_inprogress = 0;
1121 int error = 0, i = 0, ret = 0;
1122 OSSL_ASYNC_FD job_fd = 0;
1123 size_t num_job_fds = 0;
1127 if (async_jobs == 0) {
1128 return loop_function((void *)&loopargs);
1131 for (i = 0; i < async_jobs && !error; i++) {
1132 loopargs_t *looparg_item = loopargs + i;
1134 /* Copy pointer content (looparg_t item address) into async context */
1135 ret = ASYNC_start_job(&loopargs[i].inprogress_job, loopargs[i].wait_ctx,
1136 &job_op_count, loop_function,
1137 (void *)&looparg_item, sizeof(looparg_item));
1143 if (job_op_count == -1) {
1146 total_op_count += job_op_count;
1151 BIO_printf(bio_err, "Failure in the job\n");
1152 ERR_print_errors(bio_err);
1158 while (num_inprogress > 0) {
1159 #if defined(OPENSSL_SYS_WINDOWS)
1161 #elif defined(OPENSSL_SYS_UNIX)
1162 int select_result = 0;
1163 OSSL_ASYNC_FD max_fd = 0;
1166 FD_ZERO(&waitfdset);
1168 for (i = 0; i < async_jobs && num_inprogress > 0; i++) {
1169 if (loopargs[i].inprogress_job == NULL)
1172 if (!ASYNC_WAIT_CTX_get_all_fds
1173 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1174 || num_job_fds > 1) {
1175 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1176 ERR_print_errors(bio_err);
1180 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1182 FD_SET(job_fd, &waitfdset);
1183 if (job_fd > max_fd)
1187 if (max_fd >= (OSSL_ASYNC_FD)FD_SETSIZE) {
1189 "Error: max_fd (%d) must be smaller than FD_SETSIZE (%d). "
1190 "Decrease the value of async_jobs\n",
1191 max_fd, FD_SETSIZE);
1192 ERR_print_errors(bio_err);
1197 select_result = select(max_fd + 1, &waitfdset, NULL, NULL, NULL);
1198 if (select_result == -1 && errno == EINTR)
1201 if (select_result == -1) {
1202 BIO_printf(bio_err, "Failure in the select\n");
1203 ERR_print_errors(bio_err);
1208 if (select_result == 0)
1212 for (i = 0; i < async_jobs; i++) {
1213 if (loopargs[i].inprogress_job == NULL)
1216 if (!ASYNC_WAIT_CTX_get_all_fds
1217 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1218 || num_job_fds > 1) {
1219 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1220 ERR_print_errors(bio_err);
1224 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1227 #if defined(OPENSSL_SYS_UNIX)
1228 if (num_job_fds == 1 && !FD_ISSET(job_fd, &waitfdset))
1230 #elif defined(OPENSSL_SYS_WINDOWS)
1231 if (num_job_fds == 1
1232 && !PeekNamedPipe(job_fd, NULL, 0, NULL, &avail, NULL)
1237 ret = ASYNC_start_job(&loopargs[i].inprogress_job,
1238 loopargs[i].wait_ctx, &job_op_count,
1239 loop_function, (void *)(loopargs + i),
1240 sizeof(loopargs_t));
1245 if (job_op_count == -1) {
1248 total_op_count += job_op_count;
1251 loopargs[i].inprogress_job = NULL;
1256 loopargs[i].inprogress_job = NULL;
1257 BIO_printf(bio_err, "Failure in the job\n");
1258 ERR_print_errors(bio_err);
1265 return error ? -1 : total_op_count;
1268 int speed_main(int argc, char **argv)
1271 int (*loopfunc)(void *args);
1272 loopargs_t *loopargs = NULL;
1274 const char *engine_id = NULL;
1275 const EVP_CIPHER *evp_cipher = NULL;
1278 int async_init = 0, multiblock = 0, pr_header = 0;
1279 int doit[ALGOR_NUM] = { 0 };
1280 int ret = 1, misalign = 0, lengths_single = 0;
1282 unsigned int size_num = OSSL_NELEM(lengths_list);
1283 unsigned int i, k, loop, loopargs_len = 0, async_jobs = 0;
1289 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) \
1290 || !defined(OPENSSL_NO_EC)
1293 openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS,
1294 ECDSA_SECONDS, ECDH_SECONDS };
1296 /* What follows are the buffers and key material. */
1297 #ifndef OPENSSL_NO_RC5
1300 #ifndef OPENSSL_NO_RC2
1303 #ifndef OPENSSL_NO_IDEA
1304 IDEA_KEY_SCHEDULE idea_ks;
1306 #ifndef OPENSSL_NO_SEED
1307 SEED_KEY_SCHEDULE seed_ks;
1309 #ifndef OPENSSL_NO_BF
1312 #ifndef OPENSSL_NO_CAST
1315 static const unsigned char key16[16] = {
1316 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1317 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1319 static const unsigned char key24[24] = {
1320 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1321 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1322 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1324 static const unsigned char key32[32] = {
1325 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1326 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1327 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1328 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1330 #ifndef OPENSSL_NO_CAMELLIA
1331 static const unsigned char ckey24[24] = {
1332 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1333 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1334 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1336 static const unsigned char ckey32[32] = {
1337 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1338 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1339 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1340 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1342 CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3;
1344 #ifndef OPENSSL_NO_DES
1345 static DES_cblock key = {
1346 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0
1348 static DES_cblock key2 = {
1349 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1351 static DES_cblock key3 = {
1352 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1355 #ifndef OPENSSL_NO_RSA
1356 static const unsigned int rsa_bits[RSA_NUM] = {
1357 512, 1024, 2048, 3072, 4096, 7680, 15360
1359 static const unsigned char *rsa_data[RSA_NUM] = {
1360 test512, test1024, test2048, test3072, test4096, test7680, test15360
1362 static const int rsa_data_length[RSA_NUM] = {
1363 sizeof(test512), sizeof(test1024),
1364 sizeof(test2048), sizeof(test3072),
1365 sizeof(test4096), sizeof(test7680),
1368 int rsa_doit[RSA_NUM] = { 0 };
1369 int primes = RSA_DEFAULT_PRIME_NUM;
1371 #ifndef OPENSSL_NO_DSA
1372 static const unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 };
1373 int dsa_doit[DSA_NUM] = { 0 };
1375 #ifndef OPENSSL_NO_EC
1377 * We only test over the following curves as they are representative, To
1378 * add tests over more curves, simply add the curve NID and curve name to
1379 * the following arrays and increase the |ecdh_choices| list accordingly.
1381 static const struct {
1387 {"secp160r1", NID_secp160r1, 160},
1388 {"nistp192", NID_X9_62_prime192v1, 192},
1389 {"nistp224", NID_secp224r1, 224},
1390 {"nistp256", NID_X9_62_prime256v1, 256},
1391 {"nistp384", NID_secp384r1, 384},
1392 {"nistp521", NID_secp521r1, 521},
1394 {"nistk163", NID_sect163k1, 163},
1395 {"nistk233", NID_sect233k1, 233},
1396 {"nistk283", NID_sect283k1, 283},
1397 {"nistk409", NID_sect409k1, 409},
1398 {"nistk571", NID_sect571k1, 571},
1399 {"nistb163", NID_sect163r2, 163},
1400 {"nistb233", NID_sect233r1, 233},
1401 {"nistb283", NID_sect283r1, 283},
1402 {"nistb409", NID_sect409r1, 409},
1403 {"nistb571", NID_sect571r1, 571},
1404 {"brainpoolP256r1", NID_brainpoolP256r1, 256},
1405 {"brainpoolP256t1", NID_brainpoolP256t1, 256},
1406 {"brainpoolP384r1", NID_brainpoolP384r1, 384},
1407 {"brainpoolP384t1", NID_brainpoolP384t1, 384},
1408 {"brainpoolP512r1", NID_brainpoolP512r1, 512},
1409 {"brainpoolP512t1", NID_brainpoolP512t1, 512},
1410 /* Other and ECDH only ones */
1411 {"X25519", NID_X25519, 253},
1412 {"X448", NID_X448, 448}
1414 int ecdsa_doit[ECDSA_NUM] = { 0 };
1415 int ecdh_doit[EC_NUM] = { 0 };
1416 OPENSSL_assert(OSSL_NELEM(test_curves) >= EC_NUM);
1417 #endif /* ndef OPENSSL_NO_EC */
1419 prog = opt_init(argc, argv, speed_options);
1420 while ((o = opt_next()) != OPT_EOF) {
1425 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
1428 opt_help(speed_options);
1436 evp_cipher = EVP_get_cipherbyname(opt_arg());
1437 if (evp_cipher == NULL)
1438 evp_md = EVP_get_digestbyname(opt_arg());
1439 if (evp_cipher == NULL && evp_md == NULL) {
1441 "%s: %s is an unknown cipher or digest\n",
1452 * In a forked execution, an engine might need to be
1453 * initialised by each child process, not by the parent.
1454 * So store the name here and run setup_engine() later on.
1456 engine_id = opt_arg();
1460 multi = atoi(opt_arg());
1464 #ifndef OPENSSL_NO_ASYNC
1465 async_jobs = atoi(opt_arg());
1466 if (!ASYNC_is_capable()) {
1468 "%s: async_jobs specified but async not supported\n",
1472 if (async_jobs > 99999) {
1473 BIO_printf(bio_err, "%s: too many async_jobs\n", prog);
1479 if (!opt_int(opt_arg(), &misalign))
1481 if (misalign > MISALIGN) {
1483 "%s: Maximum offset is %d\n", prog, MISALIGN);
1492 #ifdef OPENSSL_NO_MULTIBLOCK
1494 "%s: -mb specified but multi-block support is disabled\n",
1504 if (!opt_int(opt_arg(), &primes))
1508 seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa
1509 = seconds.ecdh = atoi(opt_arg());
1512 lengths_single = atoi(opt_arg());
1513 lengths = &lengths_single;
1518 argc = opt_num_rest();
1521 /* Remaining arguments are algorithms. */
1522 for (; *argv; argv++) {
1523 if (found(*argv, doit_choices, &i)) {
1527 #ifndef OPENSSL_NO_DES
1528 if (strcmp(*argv, "des") == 0) {
1529 doit[D_CBC_DES] = doit[D_EDE3_DES] = 1;
1533 if (strcmp(*argv, "sha") == 0) {
1534 doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1;
1537 #ifndef OPENSSL_NO_RSA
1538 if (strcmp(*argv, "openssl") == 0)
1540 if (strcmp(*argv, "rsa") == 0) {
1541 for (loop = 0; loop < OSSL_NELEM(rsa_doit); loop++)
1545 if (found(*argv, rsa_choices, &i)) {
1550 #ifndef OPENSSL_NO_DSA
1551 if (strcmp(*argv, "dsa") == 0) {
1552 dsa_doit[R_DSA_512] = dsa_doit[R_DSA_1024] =
1553 dsa_doit[R_DSA_2048] = 1;
1556 if (found(*argv, dsa_choices, &i)) {
1561 if (strcmp(*argv, "aes") == 0) {
1562 doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1;
1565 #ifndef OPENSSL_NO_CAMELLIA
1566 if (strcmp(*argv, "camellia") == 0) {
1567 doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1;
1571 #ifndef OPENSSL_NO_EC
1572 if (strcmp(*argv, "ecdsa") == 0) {
1573 for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
1574 ecdsa_doit[loop] = 1;
1577 if (found(*argv, ecdsa_choices, &i)) {
1581 if (strcmp(*argv, "ecdh") == 0) {
1582 for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
1583 ecdh_doit[loop] = 1;
1586 if (found(*argv, ecdh_choices, &i)) {
1591 BIO_printf(bio_err, "%s: Unknown algorithm %s\n", prog, *argv);
1595 /* Initialize the job pool if async mode is enabled */
1596 if (async_jobs > 0) {
1597 async_init = ASYNC_init_thread(async_jobs, async_jobs);
1599 BIO_printf(bio_err, "Error creating the ASYNC job pool\n");
1604 loopargs_len = (async_jobs == 0 ? 1 : async_jobs);
1606 app_malloc(loopargs_len * sizeof(loopargs_t), "array of loopargs");
1607 memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));
1609 for (i = 0; i < loopargs_len; i++) {
1610 if (async_jobs > 0) {
1611 loopargs[i].wait_ctx = ASYNC_WAIT_CTX_new();
1612 if (loopargs[i].wait_ctx == NULL) {
1613 BIO_printf(bio_err, "Error creating the ASYNC_WAIT_CTX\n");
1618 buflen = lengths[size_num - 1] + MAX_MISALIGNMENT + 1;
1619 loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
1620 loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");
1621 memset(loopargs[i].buf_malloc, 0, buflen);
1622 memset(loopargs[i].buf2_malloc, 0, buflen);
1624 /* Align the start of buffers on a 64 byte boundary */
1625 loopargs[i].buf = loopargs[i].buf_malloc + misalign;
1626 loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;
1627 #ifndef OPENSSL_NO_EC
1628 loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a");
1629 loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b");
1634 if (multi && do_multi(multi, size_num))
1638 /* Initialize the engine after the fork */
1639 e = setup_engine(engine_id, 0);
1641 /* No parameters; turn on everything. */
1642 if ((argc == 0) && !doit[D_EVP]) {
1643 for (i = 0; i < ALGOR_NUM; i++)
1646 #ifndef OPENSSL_NO_RSA
1647 for (i = 0; i < RSA_NUM; i++)
1650 #ifndef OPENSSL_NO_DSA
1651 for (i = 0; i < DSA_NUM; i++)
1654 #ifndef OPENSSL_NO_EC
1655 for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
1656 ecdsa_doit[loop] = 1;
1657 for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
1658 ecdh_doit[loop] = 1;
1661 for (i = 0; i < ALGOR_NUM; i++)
1665 if (usertime == 0 && !mr)
1667 "You have chosen to measure elapsed time "
1668 "instead of user CPU time.\n");
1670 #ifndef OPENSSL_NO_RSA
1671 for (i = 0; i < loopargs_len; i++) {
1672 if (primes > RSA_DEFAULT_PRIME_NUM) {
1673 /* for multi-prime RSA, skip this */
1676 for (k = 0; k < RSA_NUM; k++) {
1677 const unsigned char *p;
1680 loopargs[i].rsa_key[k] =
1681 d2i_RSAPrivateKey(NULL, &p, rsa_data_length[k]);
1682 if (loopargs[i].rsa_key[k] == NULL) {
1684 "internal error loading RSA key number %d\n", k);
1690 #ifndef OPENSSL_NO_DSA
1691 for (i = 0; i < loopargs_len; i++) {
1692 loopargs[i].dsa_key[0] = get_dsa(512);
1693 loopargs[i].dsa_key[1] = get_dsa(1024);
1694 loopargs[i].dsa_key[2] = get_dsa(2048);
1697 #ifndef OPENSSL_NO_DES
1698 DES_set_key_unchecked(&key, &sch);
1699 DES_set_key_unchecked(&key2, &sch2);
1700 DES_set_key_unchecked(&key3, &sch3);
1702 AES_set_encrypt_key(key16, 128, &aes_ks1);
1703 AES_set_encrypt_key(key24, 192, &aes_ks2);
1704 AES_set_encrypt_key(key32, 256, &aes_ks3);
1705 #ifndef OPENSSL_NO_CAMELLIA
1706 Camellia_set_key(key16, 128, &camellia_ks1);
1707 Camellia_set_key(ckey24, 192, &camellia_ks2);
1708 Camellia_set_key(ckey32, 256, &camellia_ks3);
1710 #ifndef OPENSSL_NO_IDEA
1711 IDEA_set_encrypt_key(key16, &idea_ks);
1713 #ifndef OPENSSL_NO_SEED
1714 SEED_set_key(key16, &seed_ks);
1716 #ifndef OPENSSL_NO_RC4
1717 RC4_set_key(&rc4_ks, 16, key16);
1719 #ifndef OPENSSL_NO_RC2
1720 RC2_set_key(&rc2_ks, 16, key16, 128);
1722 #ifndef OPENSSL_NO_RC5
1723 RC5_32_set_key(&rc5_ks, 16, key16, 12);
1725 #ifndef OPENSSL_NO_BF
1726 BF_set_key(&bf_ks, 16, key16);
1728 #ifndef OPENSSL_NO_CAST
1729 CAST_set_key(&cast_ks, 16, key16);
1732 # ifndef OPENSSL_NO_DES
1733 BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
1739 for (it = count; it; it--)
1740 DES_ecb_encrypt((DES_cblock *)loopargs[0].buf,
1741 (DES_cblock *)loopargs[0].buf, &sch, DES_ENCRYPT);
1745 c[D_MD2][0] = count / 10;
1746 c[D_MDC2][0] = count / 10;
1747 c[D_MD4][0] = count;
1748 c[D_MD5][0] = count;
1749 c[D_HMAC][0] = count;
1750 c[D_SHA1][0] = count;
1751 c[D_RMD160][0] = count;
1752 c[D_RC4][0] = count * 5;
1753 c[D_CBC_DES][0] = count;
1754 c[D_EDE3_DES][0] = count / 3;
1755 c[D_CBC_IDEA][0] = count;
1756 c[D_CBC_SEED][0] = count;
1757 c[D_CBC_RC2][0] = count;
1758 c[D_CBC_RC5][0] = count;
1759 c[D_CBC_BF][0] = count;
1760 c[D_CBC_CAST][0] = count;
1761 c[D_CBC_128_AES][0] = count;
1762 c[D_CBC_192_AES][0] = count;
1763 c[D_CBC_256_AES][0] = count;
1764 c[D_CBC_128_CML][0] = count;
1765 c[D_CBC_192_CML][0] = count;
1766 c[D_CBC_256_CML][0] = count;
1767 c[D_SHA256][0] = count;
1768 c[D_SHA512][0] = count;
1769 c[D_WHIRLPOOL][0] = count;
1770 c[D_IGE_128_AES][0] = count;
1771 c[D_IGE_192_AES][0] = count;
1772 c[D_IGE_256_AES][0] = count;
1773 c[D_GHASH][0] = count;
1774 c[D_RAND][0] = count;
1776 for (i = 1; i < size_num; i++) {
1779 l0 = (long)lengths[0];
1780 l1 = (long)lengths[i];
1782 c[D_MD2][i] = c[D_MD2][0] * 4 * l0 / l1;
1783 c[D_MDC2][i] = c[D_MDC2][0] * 4 * l0 / l1;
1784 c[D_MD4][i] = c[D_MD4][0] * 4 * l0 / l1;
1785 c[D_MD5][i] = c[D_MD5][0] * 4 * l0 / l1;
1786 c[D_HMAC][i] = c[D_HMAC][0] * 4 * l0 / l1;
1787 c[D_SHA1][i] = c[D_SHA1][0] * 4 * l0 / l1;
1788 c[D_RMD160][i] = c[D_RMD160][0] * 4 * l0 / l1;
1789 c[D_SHA256][i] = c[D_SHA256][0] * 4 * l0 / l1;
1790 c[D_SHA512][i] = c[D_SHA512][0] * 4 * l0 / l1;
1791 c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * l0 / l1;
1792 c[D_GHASH][i] = c[D_GHASH][0] * 4 * l0 / l1;
1793 c[D_RAND][i] = c[D_RAND][0] * 4 * l0 / l1;
1795 l0 = (long)lengths[i - 1];
1797 c[D_RC4][i] = c[D_RC4][i - 1] * l0 / l1;
1798 c[D_CBC_DES][i] = c[D_CBC_DES][i - 1] * l0 / l1;
1799 c[D_EDE3_DES][i] = c[D_EDE3_DES][i - 1] * l0 / l1;
1800 c[D_CBC_IDEA][i] = c[D_CBC_IDEA][i - 1] * l0 / l1;
1801 c[D_CBC_SEED][i] = c[D_CBC_SEED][i - 1] * l0 / l1;
1802 c[D_CBC_RC2][i] = c[D_CBC_RC2][i - 1] * l0 / l1;
1803 c[D_CBC_RC5][i] = c[D_CBC_RC5][i - 1] * l0 / l1;
1804 c[D_CBC_BF][i] = c[D_CBC_BF][i - 1] * l0 / l1;
1805 c[D_CBC_CAST][i] = c[D_CBC_CAST][i - 1] * l0 / l1;
1806 c[D_CBC_128_AES][i] = c[D_CBC_128_AES][i - 1] * l0 / l1;
1807 c[D_CBC_192_AES][i] = c[D_CBC_192_AES][i - 1] * l0 / l1;
1808 c[D_CBC_256_AES][i] = c[D_CBC_256_AES][i - 1] * l0 / l1;
1809 c[D_CBC_128_CML][i] = c[D_CBC_128_CML][i - 1] * l0 / l1;
1810 c[D_CBC_192_CML][i] = c[D_CBC_192_CML][i - 1] * l0 / l1;
1811 c[D_CBC_256_CML][i] = c[D_CBC_256_CML][i - 1] * l0 / l1;
1812 c[D_IGE_128_AES][i] = c[D_IGE_128_AES][i - 1] * l0 / l1;
1813 c[D_IGE_192_AES][i] = c[D_IGE_192_AES][i - 1] * l0 / l1;
1814 c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
1817 # ifndef OPENSSL_NO_RSA
1818 rsa_c[R_RSA_512][0] = count / 2000;
1819 rsa_c[R_RSA_512][1] = count / 400;
1820 for (i = 1; i < RSA_NUM; i++) {
1821 rsa_c[i][0] = rsa_c[i - 1][0] / 8;
1822 rsa_c[i][1] = rsa_c[i - 1][1] / 4;
1823 if (rsa_doit[i] <= 1 && rsa_c[i][0] == 0)
1826 if (rsa_c[i][0] == 0) {
1827 rsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
1834 # ifndef OPENSSL_NO_DSA
1835 dsa_c[R_DSA_512][0] = count / 1000;
1836 dsa_c[R_DSA_512][1] = count / 1000 / 2;
1837 for (i = 1; i < DSA_NUM; i++) {
1838 dsa_c[i][0] = dsa_c[i - 1][0] / 4;
1839 dsa_c[i][1] = dsa_c[i - 1][1] / 4;
1840 if (dsa_doit[i] <= 1 && dsa_c[i][0] == 0)
1843 if (dsa_c[i][0] == 0) {
1844 dsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
1851 # ifndef OPENSSL_NO_EC
1852 ecdsa_c[R_EC_P160][0] = count / 1000;
1853 ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
1854 for (i = R_EC_P192; i <= R_EC_P521; i++) {
1855 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
1856 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
1857 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
1860 if (ecdsa_c[i][0] == 0) {
1866 ecdsa_c[R_EC_K163][0] = count / 1000;
1867 ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
1868 for (i = R_EC_K233; i <= R_EC_K571; i++) {
1869 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
1870 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
1871 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
1874 if (ecdsa_c[i][0] == 0) {
1880 ecdsa_c[R_EC_B163][0] = count / 1000;
1881 ecdsa_c[R_EC_B163][1] = count / 1000 / 2;
1882 for (i = R_EC_B233; i <= R_EC_B571; i++) {
1883 ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
1884 ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
1885 if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
1888 if (ecdsa_c[i][0] == 0) {
1895 ecdh_c[R_EC_P160][0] = count / 1000;
1896 for (i = R_EC_P192; i <= R_EC_P521; i++) {
1897 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
1898 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
1901 if (ecdh_c[i][0] == 0) {
1906 ecdh_c[R_EC_K163][0] = count / 1000;
1907 for (i = R_EC_K233; i <= R_EC_K571; i++) {
1908 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
1909 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
1912 if (ecdh_c[i][0] == 0) {
1917 ecdh_c[R_EC_B163][0] = count / 1000;
1918 for (i = R_EC_B233; i <= R_EC_B571; i++) {
1919 ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
1920 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
1923 if (ecdh_c[i][0] == 0) {
1928 /* repeated code good to factorize */
1929 ecdh_c[R_EC_BRP256R1][0] = count / 1000;
1930 for (i = R_EC_BRP384R1; i <= R_EC_BRP512R1; i += 2) {
1931 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
1932 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
1935 if (ecdh_c[i][0] == 0) {
1940 ecdh_c[R_EC_BRP256T1][0] = count / 1000;
1941 for (i = R_EC_BRP384T1; i <= R_EC_BRP512T1; i += 2) {
1942 ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
1943 if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
1946 if (ecdh_c[i][0] == 0) {
1951 /* default iteration count for the last two EC Curves */
1952 ecdh_c[R_EC_X25519][0] = count / 1800;
1953 ecdh_c[R_EC_X448][0] = count / 7200;
1957 /* not worth fixing */
1958 # error "You cannot disable DES on systems without SIGALRM."
1959 # endif /* OPENSSL_NO_DES */
1961 signal(SIGALRM, alarmed);
1962 #endif /* SIGALRM */
1964 #ifndef OPENSSL_NO_MD2
1966 for (testnum = 0; testnum < size_num; testnum++) {
1967 print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum],
1970 count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs);
1972 print_result(D_MD2, testnum, count, d);
1976 #ifndef OPENSSL_NO_MDC2
1978 for (testnum = 0; testnum < size_num; testnum++) {
1979 print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum],
1982 count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs);
1984 print_result(D_MDC2, testnum, count, d);
1989 #ifndef OPENSSL_NO_MD4
1991 for (testnum = 0; testnum < size_num; testnum++) {
1992 print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum],
1995 count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs);
1997 print_result(D_MD4, testnum, count, d);
2002 #ifndef OPENSSL_NO_MD5
2004 for (testnum = 0; testnum < size_num; testnum++) {
2005 print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum],
2008 count = run_benchmark(async_jobs, MD5_loop, loopargs);
2010 print_result(D_MD5, testnum, count, d);
2015 static const char hmac_key[] = "This is a key...";
2016 int len = strlen(hmac_key);
2018 for (i = 0; i < loopargs_len; i++) {
2019 loopargs[i].hctx = HMAC_CTX_new();
2020 if (loopargs[i].hctx == NULL) {
2021 BIO_printf(bio_err, "HMAC malloc failure, exiting...");
2025 HMAC_Init_ex(loopargs[i].hctx, hmac_key, len, EVP_md5(), NULL);
2027 for (testnum = 0; testnum < size_num; testnum++) {
2028 print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum],
2031 count = run_benchmark(async_jobs, HMAC_loop, loopargs);
2033 print_result(D_HMAC, testnum, count, d);
2035 for (i = 0; i < loopargs_len; i++) {
2036 HMAC_CTX_free(loopargs[i].hctx);
2041 for (testnum = 0; testnum < size_num; testnum++) {
2042 print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum],
2045 count = run_benchmark(async_jobs, SHA1_loop, loopargs);
2047 print_result(D_SHA1, testnum, count, d);
2050 if (doit[D_SHA256]) {
2051 for (testnum = 0; testnum < size_num; testnum++) {
2052 print_message(names[D_SHA256], c[D_SHA256][testnum],
2053 lengths[testnum], seconds.sym);
2055 count = run_benchmark(async_jobs, SHA256_loop, loopargs);
2057 print_result(D_SHA256, testnum, count, d);
2060 if (doit[D_SHA512]) {
2061 for (testnum = 0; testnum < size_num; testnum++) {
2062 print_message(names[D_SHA512], c[D_SHA512][testnum],
2063 lengths[testnum], seconds.sym);
2065 count = run_benchmark(async_jobs, SHA512_loop, loopargs);
2067 print_result(D_SHA512, testnum, count, d);
2070 #ifndef OPENSSL_NO_WHIRLPOOL
2071 if (doit[D_WHIRLPOOL]) {
2072 for (testnum = 0; testnum < size_num; testnum++) {
2073 print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][testnum],
2074 lengths[testnum], seconds.sym);
2076 count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs);
2078 print_result(D_WHIRLPOOL, testnum, count, d);
2083 #ifndef OPENSSL_NO_RMD160
2084 if (doit[D_RMD160]) {
2085 for (testnum = 0; testnum < size_num; testnum++) {
2086 print_message(names[D_RMD160], c[D_RMD160][testnum],
2087 lengths[testnum], seconds.sym);
2089 count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs);
2091 print_result(D_RMD160, testnum, count, d);
2095 #ifndef OPENSSL_NO_RC4
2097 for (testnum = 0; testnum < size_num; testnum++) {
2098 print_message(names[D_RC4], c[D_RC4][testnum], lengths[testnum],
2101 count = run_benchmark(async_jobs, RC4_loop, loopargs);
2103 print_result(D_RC4, testnum, count, d);
2107 #ifndef OPENSSL_NO_DES
2108 if (doit[D_CBC_DES]) {
2109 for (testnum = 0; testnum < size_num; testnum++) {
2110 print_message(names[D_CBC_DES], c[D_CBC_DES][testnum],
2111 lengths[testnum], seconds.sym);
2113 count = run_benchmark(async_jobs, DES_ncbc_encrypt_loop, loopargs);
2115 print_result(D_CBC_DES, testnum, count, d);
2119 if (doit[D_EDE3_DES]) {
2120 for (testnum = 0; testnum < size_num; testnum++) {
2121 print_message(names[D_EDE3_DES], c[D_EDE3_DES][testnum],
2122 lengths[testnum], seconds.sym);
2125 run_benchmark(async_jobs, DES_ede3_cbc_encrypt_loop, loopargs);
2127 print_result(D_EDE3_DES, testnum, count, d);
2132 if (doit[D_CBC_128_AES]) {
2133 for (testnum = 0; testnum < size_num; testnum++) {
2134 print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][testnum],
2135 lengths[testnum], seconds.sym);
2138 run_benchmark(async_jobs, AES_cbc_128_encrypt_loop, loopargs);
2140 print_result(D_CBC_128_AES, testnum, count, d);
2143 if (doit[D_CBC_192_AES]) {
2144 for (testnum = 0; testnum < size_num; testnum++) {
2145 print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][testnum],
2146 lengths[testnum], seconds.sym);
2149 run_benchmark(async_jobs, AES_cbc_192_encrypt_loop, loopargs);
2151 print_result(D_CBC_192_AES, testnum, count, d);
2154 if (doit[D_CBC_256_AES]) {
2155 for (testnum = 0; testnum < size_num; testnum++) {
2156 print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][testnum],
2157 lengths[testnum], seconds.sym);
2160 run_benchmark(async_jobs, AES_cbc_256_encrypt_loop, loopargs);
2162 print_result(D_CBC_256_AES, testnum, count, d);
2166 if (doit[D_IGE_128_AES]) {
2167 for (testnum = 0; testnum < size_num; testnum++) {
2168 print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][testnum],
2169 lengths[testnum], seconds.sym);
2172 run_benchmark(async_jobs, AES_ige_128_encrypt_loop, loopargs);
2174 print_result(D_IGE_128_AES, testnum, count, d);
2177 if (doit[D_IGE_192_AES]) {
2178 for (testnum = 0; testnum < size_num; testnum++) {
2179 print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][testnum],
2180 lengths[testnum], seconds.sym);
2183 run_benchmark(async_jobs, AES_ige_192_encrypt_loop, loopargs);
2185 print_result(D_IGE_192_AES, testnum, count, d);
2188 if (doit[D_IGE_256_AES]) {
2189 for (testnum = 0; testnum < size_num; testnum++) {
2190 print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][testnum],
2191 lengths[testnum], seconds.sym);
2194 run_benchmark(async_jobs, AES_ige_256_encrypt_loop, loopargs);
2196 print_result(D_IGE_256_AES, testnum, count, d);
2199 if (doit[D_GHASH]) {
2200 for (i = 0; i < loopargs_len; i++) {
2201 loopargs[i].gcm_ctx =
2202 CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
2203 CRYPTO_gcm128_setiv(loopargs[i].gcm_ctx,
2204 (unsigned char *)"0123456789ab", 12);
2207 for (testnum = 0; testnum < size_num; testnum++) {
2208 print_message(names[D_GHASH], c[D_GHASH][testnum],
2209 lengths[testnum], seconds.sym);
2211 count = run_benchmark(async_jobs, CRYPTO_gcm128_aad_loop, loopargs);
2213 print_result(D_GHASH, testnum, count, d);
2215 for (i = 0; i < loopargs_len; i++)
2216 CRYPTO_gcm128_release(loopargs[i].gcm_ctx);
2218 #ifndef OPENSSL_NO_CAMELLIA
2219 if (doit[D_CBC_128_CML]) {
2220 if (async_jobs > 0) {
2221 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2222 names[D_CBC_128_CML]);
2223 doit[D_CBC_128_CML] = 0;
2225 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2226 print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][testnum],
2227 lengths[testnum], seconds.sym);
2229 for (count = 0, run = 1; COND(c[D_CBC_128_CML][testnum]); count++)
2230 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2231 (size_t)lengths[testnum], &camellia_ks1,
2232 iv, CAMELLIA_ENCRYPT);
2234 print_result(D_CBC_128_CML, testnum, count, d);
2237 if (doit[D_CBC_192_CML]) {
2238 if (async_jobs > 0) {
2239 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2240 names[D_CBC_192_CML]);
2241 doit[D_CBC_192_CML] = 0;
2243 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2244 print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][testnum],
2245 lengths[testnum], seconds.sym);
2246 if (async_jobs > 0) {
2247 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2251 for (count = 0, run = 1; COND(c[D_CBC_192_CML][testnum]); count++)
2252 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2253 (size_t)lengths[testnum], &camellia_ks2,
2254 iv, CAMELLIA_ENCRYPT);
2256 print_result(D_CBC_192_CML, testnum, count, d);
2259 if (doit[D_CBC_256_CML]) {
2260 if (async_jobs > 0) {
2261 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2262 names[D_CBC_256_CML]);
2263 doit[D_CBC_256_CML] = 0;
2265 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2266 print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][testnum],
2267 lengths[testnum], seconds.sym);
2269 for (count = 0, run = 1; COND(c[D_CBC_256_CML][testnum]); count++)
2270 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2271 (size_t)lengths[testnum], &camellia_ks3,
2272 iv, CAMELLIA_ENCRYPT);
2274 print_result(D_CBC_256_CML, testnum, count, d);
2278 #ifndef OPENSSL_NO_IDEA
2279 if (doit[D_CBC_IDEA]) {
2280 if (async_jobs > 0) {
2281 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2283 doit[D_CBC_IDEA] = 0;
2285 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2286 print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][testnum],
2287 lengths[testnum], seconds.sym);
2289 for (count = 0, run = 1; COND(c[D_CBC_IDEA][testnum]); count++)
2290 IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2291 (size_t)lengths[testnum], &idea_ks,
2294 print_result(D_CBC_IDEA, testnum, count, d);
2298 #ifndef OPENSSL_NO_SEED
2299 if (doit[D_CBC_SEED]) {
2300 if (async_jobs > 0) {
2301 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2303 doit[D_CBC_SEED] = 0;
2305 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2306 print_message(names[D_CBC_SEED], c[D_CBC_SEED][testnum],
2307 lengths[testnum], seconds.sym);
2309 for (count = 0, run = 1; COND(c[D_CBC_SEED][testnum]); count++)
2310 SEED_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2311 (size_t)lengths[testnum], &seed_ks, iv, 1);
2313 print_result(D_CBC_SEED, testnum, count, d);
2317 #ifndef OPENSSL_NO_RC2
2318 if (doit[D_CBC_RC2]) {
2319 if (async_jobs > 0) {
2320 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2322 doit[D_CBC_RC2] = 0;
2324 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2325 print_message(names[D_CBC_RC2], c[D_CBC_RC2][testnum],
2326 lengths[testnum], seconds.sym);
2327 if (async_jobs > 0) {
2328 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2332 for (count = 0, run = 1; COND(c[D_CBC_RC2][testnum]); count++)
2333 RC2_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2334 (size_t)lengths[testnum], &rc2_ks,
2337 print_result(D_CBC_RC2, testnum, count, d);
2341 #ifndef OPENSSL_NO_RC5
2342 if (doit[D_CBC_RC5]) {
2343 if (async_jobs > 0) {
2344 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2346 doit[D_CBC_RC5] = 0;
2348 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2349 print_message(names[D_CBC_RC5], c[D_CBC_RC5][testnum],
2350 lengths[testnum], seconds.sym);
2351 if (async_jobs > 0) {
2352 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2356 for (count = 0, run = 1; COND(c[D_CBC_RC5][testnum]); count++)
2357 RC5_32_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2358 (size_t)lengths[testnum], &rc5_ks,
2361 print_result(D_CBC_RC5, testnum, count, d);
2365 #ifndef OPENSSL_NO_BF
2366 if (doit[D_CBC_BF]) {
2367 if (async_jobs > 0) {
2368 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2372 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2373 print_message(names[D_CBC_BF], c[D_CBC_BF][testnum],
2374 lengths[testnum], seconds.sym);
2376 for (count = 0, run = 1; COND(c[D_CBC_BF][testnum]); count++)
2377 BF_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2378 (size_t)lengths[testnum], &bf_ks,
2381 print_result(D_CBC_BF, testnum, count, d);
2385 #ifndef OPENSSL_NO_CAST
2386 if (doit[D_CBC_CAST]) {
2387 if (async_jobs > 0) {
2388 BIO_printf(bio_err, "Async mode is not supported with %s\n",
2390 doit[D_CBC_CAST] = 0;
2392 for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2393 print_message(names[D_CBC_CAST], c[D_CBC_CAST][testnum],
2394 lengths[testnum], seconds.sym);
2396 for (count = 0, run = 1; COND(c[D_CBC_CAST][testnum]); count++)
2397 CAST_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2398 (size_t)lengths[testnum], &cast_ks,
2401 print_result(D_CBC_CAST, testnum, count, d);
2406 for (testnum = 0; testnum < size_num; testnum++) {
2407 print_message(names[D_RAND], c[D_RAND][testnum], lengths[testnum],
2410 count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs);
2412 print_result(D_RAND, testnum, count, d);
2417 if (multiblock && evp_cipher) {
2419 (EVP_CIPHER_flags(evp_cipher) &
2420 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
2421 BIO_printf(bio_err, "%s is not multi-block capable\n",
2422 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
2425 if (async_jobs > 0) {
2426 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2429 multiblock_speed(evp_cipher, lengths_single, &seconds);
2433 for (testnum = 0; testnum < size_num; testnum++) {
2436 names[D_EVP] = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
2438 * -O3 -fschedule-insns messes up an optimization here!
2439 * names[D_EVP] somehow becomes NULL
2441 print_message(names[D_EVP], save_count, lengths[testnum],
2444 for (k = 0; k < loopargs_len; k++) {
2445 loopargs[k].ctx = EVP_CIPHER_CTX_new();
2446 EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL, NULL,
2447 iv, decrypt ? 0 : 1);
2449 EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
2451 keylen = EVP_CIPHER_CTX_key_length(loopargs[k].ctx);
2452 loopargs[k].key = app_malloc(keylen, "evp_cipher key");
2453 EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key);
2454 EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
2455 loopargs[k].key, NULL, -1);
2456 OPENSSL_clear_free(loopargs[k].key, keylen);
2458 switch (EVP_CIPHER_mode(evp_cipher)) {
2459 case EVP_CIPH_CCM_MODE:
2460 loopfunc = EVP_Update_loop_ccm;
2463 loopfunc = EVP_Update_loop;
2467 count = run_benchmark(async_jobs, loopfunc, loopargs);
2469 for (k = 0; k < loopargs_len; k++) {
2470 EVP_CIPHER_CTX_free(loopargs[k].ctx);
2474 names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md));
2475 print_message(names[D_EVP], save_count, lengths[testnum],
2478 count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs);
2481 print_result(D_EVP, testnum, count, d);
2485 for (i = 0; i < loopargs_len; i++)
2486 RAND_bytes(loopargs[i].buf, 36);
2488 #ifndef OPENSSL_NO_RSA
2489 for (testnum = 0; testnum < RSA_NUM; testnum++) {
2491 if (!rsa_doit[testnum])
2493 for (i = 0; i < loopargs_len; i++) {
2495 /* we haven't set keys yet, generate multi-prime RSA keys */
2496 BIGNUM *bn = BN_new();
2500 if (!BN_set_word(bn, RSA_F4)) {
2505 BIO_printf(bio_err, "Generate multi-prime RSA key for %s\n",
2506 rsa_choices[testnum].name);
2508 loopargs[i].rsa_key[testnum] = RSA_new();
2509 if (loopargs[i].rsa_key[testnum] == NULL) {
2514 if (!RSA_generate_multi_prime_key(loopargs[i].rsa_key[testnum],
2516 primes, bn, NULL)) {
2522 st = RSA_sign(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2523 &loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2529 "RSA sign failure. No RSA sign will be done.\n");
2530 ERR_print_errors(bio_err);
2533 pkey_print_message("private", "rsa",
2534 rsa_c[testnum][0], rsa_bits[testnum],
2536 /* RSA_blinding_on(rsa_key[testnum],NULL); */
2538 count = run_benchmark(async_jobs, RSA_sign_loop, loopargs);
2541 mr ? "+R1:%ld:%d:%.2f\n"
2542 : "%ld %u bits private RSA's in %.2fs\n",
2543 count, rsa_bits[testnum], d);
2544 rsa_results[testnum][0] = (double)count / d;
2548 for (i = 0; i < loopargs_len; i++) {
2549 st = RSA_verify(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2550 loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2556 "RSA verify failure. No RSA verify will be done.\n");
2557 ERR_print_errors(bio_err);
2558 rsa_doit[testnum] = 0;
2560 pkey_print_message("public", "rsa",
2561 rsa_c[testnum][1], rsa_bits[testnum],
2564 count = run_benchmark(async_jobs, RSA_verify_loop, loopargs);
2567 mr ? "+R2:%ld:%d:%.2f\n"
2568 : "%ld %u bits public RSA's in %.2fs\n",
2569 count, rsa_bits[testnum], d);
2570 rsa_results[testnum][1] = (double)count / d;
2573 if (rsa_count <= 1) {
2574 /* if longer than 10s, don't do any more */
2575 for (testnum++; testnum < RSA_NUM; testnum++)
2576 rsa_doit[testnum] = 0;
2579 #endif /* OPENSSL_NO_RSA */
2581 for (i = 0; i < loopargs_len; i++)
2582 RAND_bytes(loopargs[i].buf, 36);
2584 #ifndef OPENSSL_NO_DSA
2585 for (testnum = 0; testnum < DSA_NUM; testnum++) {
2587 if (!dsa_doit[testnum])
2590 /* DSA_generate_key(dsa_key[testnum]); */
2591 /* DSA_sign_setup(dsa_key[testnum],NULL); */
2592 for (i = 0; i < loopargs_len; i++) {
2593 st = DSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
2594 &loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2600 "DSA sign failure. No DSA sign will be done.\n");
2601 ERR_print_errors(bio_err);
2604 pkey_print_message("sign", "dsa",
2605 dsa_c[testnum][0], dsa_bits[testnum],
2608 count = run_benchmark(async_jobs, DSA_sign_loop, loopargs);
2611 mr ? "+R3:%ld:%u:%.2f\n"
2612 : "%ld %u bits DSA signs in %.2fs\n",
2613 count, dsa_bits[testnum], d);
2614 dsa_results[testnum][0] = (double)count / d;
2618 for (i = 0; i < loopargs_len; i++) {
2619 st = DSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
2620 loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2626 "DSA verify failure. No DSA verify will be done.\n");
2627 ERR_print_errors(bio_err);
2628 dsa_doit[testnum] = 0;
2630 pkey_print_message("verify", "dsa",
2631 dsa_c[testnum][1], dsa_bits[testnum],
2634 count = run_benchmark(async_jobs, DSA_verify_loop, loopargs);
2637 mr ? "+R4:%ld:%u:%.2f\n"
2638 : "%ld %u bits DSA verify in %.2fs\n",
2639 count, dsa_bits[testnum], d);
2640 dsa_results[testnum][1] = (double)count / d;
2643 if (rsa_count <= 1) {
2644 /* if longer than 10s, don't do any more */
2645 for (testnum++; testnum < DSA_NUM; testnum++)
2646 dsa_doit[testnum] = 0;
2649 #endif /* OPENSSL_NO_DSA */
2651 #ifndef OPENSSL_NO_EC
2652 for (testnum = 0; testnum < ECDSA_NUM; testnum++) {
2655 if (!ecdsa_doit[testnum])
2656 continue; /* Ignore Curve */
2657 for (i = 0; i < loopargs_len; i++) {
2658 loopargs[i].ecdsa[testnum] =
2659 EC_KEY_new_by_curve_name(test_curves[testnum].nid);
2660 if (loopargs[i].ecdsa[testnum] == NULL) {
2666 BIO_printf(bio_err, "ECDSA failure.\n");
2667 ERR_print_errors(bio_err);
2670 for (i = 0; i < loopargs_len; i++) {
2671 EC_KEY_precompute_mult(loopargs[i].ecdsa[testnum], NULL);
2672 /* Perform ECDSA signature test */
2673 EC_KEY_generate_key(loopargs[i].ecdsa[testnum]);
2674 st = ECDSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
2675 &loopargs[i].siglen,
2676 loopargs[i].ecdsa[testnum]);
2682 "ECDSA sign failure. No ECDSA sign will be done.\n");
2683 ERR_print_errors(bio_err);
2686 pkey_print_message("sign", "ecdsa",
2687 ecdsa_c[testnum][0],
2688 test_curves[testnum].bits, seconds.ecdsa);
2690 count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs);
2694 mr ? "+R5:%ld:%u:%.2f\n" :
2695 "%ld %u bits ECDSA signs in %.2fs \n",
2696 count, test_curves[testnum].bits, d);
2697 ecdsa_results[testnum][0] = (double)count / d;
2701 /* Perform ECDSA verification test */
2702 for (i = 0; i < loopargs_len; i++) {
2703 st = ECDSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
2705 loopargs[i].ecdsa[testnum]);
2711 "ECDSA verify failure. No ECDSA verify will be done.\n");
2712 ERR_print_errors(bio_err);
2713 ecdsa_doit[testnum] = 0;
2715 pkey_print_message("verify", "ecdsa",
2716 ecdsa_c[testnum][1],
2717 test_curves[testnum].bits, seconds.ecdsa);
2719 count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs);
2722 mr ? "+R6:%ld:%u:%.2f\n"
2723 : "%ld %u bits ECDSA verify in %.2fs\n",
2724 count, test_curves[testnum].bits, d);
2725 ecdsa_results[testnum][1] = (double)count / d;
2728 if (rsa_count <= 1) {
2729 /* if longer than 10s, don't do any more */
2730 for (testnum++; testnum < EC_NUM; testnum++)
2731 ecdsa_doit[testnum] = 0;
2736 for (testnum = 0; testnum < EC_NUM; testnum++) {
2737 int ecdh_checks = 1;
2739 if (!ecdh_doit[testnum])
2742 for (i = 0; i < loopargs_len; i++) {
2743 EVP_PKEY_CTX *kctx = NULL;
2744 EVP_PKEY_CTX *test_ctx = NULL;
2745 EVP_PKEY_CTX *ctx = NULL;
2746 EVP_PKEY *key_A = NULL;
2747 EVP_PKEY *key_B = NULL;
2751 /* Ensure that the error queue is empty */
2752 if (ERR_peek_error()) {
2754 "WARNING: the error queue contains previous unhandled errors.\n");
2755 ERR_print_errors(bio_err);
2758 /* Let's try to create a ctx directly from the NID: this works for
2759 * curves like Curve25519 that are not implemented through the low
2760 * level EC interface.
2761 * If this fails we try creating a EVP_PKEY_EC generic param ctx,
2762 * then we set the curve by NID before deriving the actual keygen
2763 * ctx for that specific curve. */
2764 kctx = EVP_PKEY_CTX_new_id(test_curves[testnum].nid, NULL); /* keygen ctx from NID */
2766 EVP_PKEY_CTX *pctx = NULL;
2767 EVP_PKEY *params = NULL;
2769 /* If we reach this code EVP_PKEY_CTX_new_id() failed and a
2770 * "int_ctx_new:unsupported algorithm" error was added to the
2772 * We remove it from the error queue as we are handling it. */
2773 unsigned long error = ERR_peek_error(); /* peek the latest error in the queue */
2774 if (error == ERR_peek_last_error() && /* oldest and latest errors match */
2775 /* check that the error origin matches */
2776 ERR_GET_LIB(error) == ERR_LIB_EVP &&
2777 ERR_GET_FUNC(error) == EVP_F_INT_CTX_NEW &&
2778 ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM)
2779 ERR_get_error(); /* pop error from queue */
2780 if (ERR_peek_error()) {
2782 "Unhandled error in the error queue during ECDH init.\n");
2783 ERR_print_errors(bio_err);
2788 if ( /* Create the context for parameter generation */
2789 !(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) ||
2790 /* Initialise the parameter generation */
2791 !EVP_PKEY_paramgen_init(pctx) ||
2792 /* Set the curve by NID */
2793 !EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
2796 /* Create the parameter object params */
2797 !EVP_PKEY_paramgen(pctx, ¶ms)) {
2799 BIO_printf(bio_err, "ECDH EC params init failure.\n");
2800 ERR_print_errors(bio_err);
2804 /* Create the context for the key generation */
2805 kctx = EVP_PKEY_CTX_new(params, NULL);
2807 EVP_PKEY_free(params);
2809 EVP_PKEY_CTX_free(pctx);
2812 if (kctx == NULL || /* keygen ctx is not null */
2813 !EVP_PKEY_keygen_init(kctx) /* init keygen ctx */ ) {
2815 BIO_printf(bio_err, "ECDH keygen failure.\n");
2816 ERR_print_errors(bio_err);
2821 if (!EVP_PKEY_keygen(kctx, &key_A) || /* generate secret key A */
2822 !EVP_PKEY_keygen(kctx, &key_B) || /* generate secret key B */
2823 !(ctx = EVP_PKEY_CTX_new(key_A, NULL)) || /* derivation ctx from skeyA */
2824 !EVP_PKEY_derive_init(ctx) || /* init derivation ctx */
2825 !EVP_PKEY_derive_set_peer(ctx, key_B) || /* set peer pubkey in ctx */
2826 !EVP_PKEY_derive(ctx, NULL, &outlen) || /* determine max length */
2827 outlen == 0 || /* ensure outlen is a valid size */
2828 outlen > MAX_ECDH_SIZE /* avoid buffer overflow */ ) {
2830 BIO_printf(bio_err, "ECDH key generation failure.\n");
2831 ERR_print_errors(bio_err);
2836 /* Here we perform a test run, comparing the output of a*B and b*A;
2837 * we try this here and assume that further EVP_PKEY_derive calls
2838 * never fail, so we can skip checks in the actually benchmarked
2839 * code, for maximum performance. */
2840 if (!(test_ctx = EVP_PKEY_CTX_new(key_B, NULL)) || /* test ctx from skeyB */
2841 !EVP_PKEY_derive_init(test_ctx) || /* init derivation test_ctx */
2842 !EVP_PKEY_derive_set_peer(test_ctx, key_A) || /* set peer pubkey in test_ctx */
2843 !EVP_PKEY_derive(test_ctx, NULL, &test_outlen) || /* determine max length */
2844 !EVP_PKEY_derive(ctx, loopargs[i].secret_a, &outlen) || /* compute a*B */
2845 !EVP_PKEY_derive(test_ctx, loopargs[i].secret_b, &test_outlen) || /* compute b*A */
2846 test_outlen != outlen /* compare output length */ ) {
2848 BIO_printf(bio_err, "ECDH computation failure.\n");
2849 ERR_print_errors(bio_err);
2854 /* Compare the computation results: CRYPTO_memcmp() returns 0 if equal */
2855 if (CRYPTO_memcmp(loopargs[i].secret_a,
2856 loopargs[i].secret_b, outlen)) {
2858 BIO_printf(bio_err, "ECDH computations don't match.\n");
2859 ERR_print_errors(bio_err);
2864 loopargs[i].ecdh_ctx[testnum] = ctx;
2865 loopargs[i].outlen[testnum] = outlen;
2867 EVP_PKEY_free(key_A);
2868 EVP_PKEY_free(key_B);
2869 EVP_PKEY_CTX_free(kctx);
2871 EVP_PKEY_CTX_free(test_ctx);
2874 if (ecdh_checks != 0) {
2875 pkey_print_message("", "ecdh",
2877 test_curves[testnum].bits, seconds.ecdh);
2880 run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs);
2883 mr ? "+R7:%ld:%d:%.2f\n" :
2884 "%ld %u-bits ECDH ops in %.2fs\n", count,
2885 test_curves[testnum].bits, d);
2886 ecdh_results[testnum][0] = (double)count / d;
2890 if (rsa_count <= 1) {
2891 /* if longer than 10s, don't do any more */
2892 for (testnum++; testnum < OSSL_NELEM(ecdh_doit); testnum++)
2893 ecdh_doit[testnum] = 0;
2896 #endif /* OPENSSL_NO_EC */
2901 printf("%s\n", OpenSSL_version(OPENSSL_VERSION));
2902 printf("%s\n", OpenSSL_version(OPENSSL_BUILT_ON));
2904 printf("%s ", BN_options());
2905 #ifndef OPENSSL_NO_MD2
2906 printf("%s ", MD2_options());
2908 #ifndef OPENSSL_NO_RC4
2909 printf("%s ", RC4_options());
2911 #ifndef OPENSSL_NO_DES
2912 printf("%s ", DES_options());
2914 printf("%s ", AES_options());
2915 #ifndef OPENSSL_NO_IDEA
2916 printf("%s ", IDEA_options());
2918 #ifndef OPENSSL_NO_BF
2919 printf("%s ", BF_options());
2921 printf("\n%s\n", OpenSSL_version(OPENSSL_CFLAGS));
2929 ("The 'numbers' are in 1000s of bytes per second processed.\n");
2932 for (testnum = 0; testnum < size_num; testnum++)
2933 printf(mr ? ":%d" : "%7d bytes", lengths[testnum]);
2937 for (k = 0; k < ALGOR_NUM; k++) {
2941 printf("+F:%u:%s", k, names[k]);
2943 printf("%-13s", names[k]);
2944 for (testnum = 0; testnum < size_num; testnum++) {
2945 if (results[k][testnum] > 10000 && !mr)
2946 printf(" %11.2fk", results[k][testnum] / 1e3);
2948 printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]);
2952 #ifndef OPENSSL_NO_RSA
2954 for (k = 0; k < RSA_NUM; k++) {
2957 if (testnum && !mr) {
2958 printf("%18ssign verify sign/s verify/s\n", " ");
2962 printf("+F2:%u:%u:%f:%f\n",
2963 k, rsa_bits[k], rsa_results[k][0], rsa_results[k][1]);
2965 printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
2966 rsa_bits[k], 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1],
2967 rsa_results[k][0], rsa_results[k][1]);
2970 #ifndef OPENSSL_NO_DSA
2972 for (k = 0; k < DSA_NUM; k++) {
2975 if (testnum && !mr) {
2976 printf("%18ssign verify sign/s verify/s\n", " ");
2980 printf("+F3:%u:%u:%f:%f\n",
2981 k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
2983 printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
2984 dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1],
2985 dsa_results[k][0], dsa_results[k][1]);
2988 #ifndef OPENSSL_NO_EC
2990 for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) {
2993 if (testnum && !mr) {
2994 printf("%30ssign verify sign/s verify/s\n", " ");
2999 printf("+F4:%u:%u:%f:%f\n",
3000 k, test_curves[k].bits,
3001 ecdsa_results[k][0], ecdsa_results[k][1]);
3003 printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3004 test_curves[k].bits, test_curves[k].name,
3005 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1],
3006 ecdsa_results[k][0], ecdsa_results[k][1]);
3010 for (k = 0; k < EC_NUM; k++) {
3013 if (testnum && !mr) {
3014 printf("%30sop op/s\n", " ");
3018 printf("+F5:%u:%u:%f:%f\n",
3019 k, test_curves[k].bits,
3020 ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
3023 printf("%4u bits ecdh (%s) %8.4fs %8.1f\n",
3024 test_curves[k].bits, test_curves[k].name,
3025 1.0 / ecdh_results[k][0], ecdh_results[k][0]);
3032 ERR_print_errors(bio_err);
3033 for (i = 0; i < loopargs_len; i++) {
3034 OPENSSL_free(loopargs[i].buf_malloc);
3035 OPENSSL_free(loopargs[i].buf2_malloc);
3037 #ifndef OPENSSL_NO_RSA
3038 for (k = 0; k < RSA_NUM; k++)
3039 RSA_free(loopargs[i].rsa_key[k]);
3041 #ifndef OPENSSL_NO_DSA
3042 for (k = 0; k < DSA_NUM; k++)
3043 DSA_free(loopargs[i].dsa_key[k]);
3045 #ifndef OPENSSL_NO_EC
3046 for (k = 0; k < ECDSA_NUM; k++)
3047 EC_KEY_free(loopargs[i].ecdsa[k]);
3048 for (k = 0; k < EC_NUM; k++)
3049 EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]);
3050 OPENSSL_free(loopargs[i].secret_a);
3051 OPENSSL_free(loopargs[i].secret_b);
3055 if (async_jobs > 0) {
3056 for (i = 0; i < loopargs_len; i++)
3057 ASYNC_WAIT_CTX_free(loopargs[i].wait_ctx);
3061 ASYNC_cleanup_thread();
3063 OPENSSL_free(loopargs);
3068 static void print_message(const char *s, long num, int length, int tm)
3072 mr ? "+DT:%s:%d:%d\n"
3073 : "Doing %s for %ds on %d size blocks: ", s, tm, length);
3074 (void)BIO_flush(bio_err);
3078 mr ? "+DN:%s:%ld:%d\n"
3079 : "Doing %s %ld times on %d size blocks: ", s, num, length);
3080 (void)BIO_flush(bio_err);
3084 static void pkey_print_message(const char *str, const char *str2, long num,
3085 unsigned int bits, int tm)
3089 mr ? "+DTP:%d:%s:%s:%d\n"
3090 : "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm);
3091 (void)BIO_flush(bio_err);
3095 mr ? "+DNP:%ld:%d:%s:%s\n"
3096 : "Doing %ld %u bits %s %s's: ", num, bits, str, str2);
3097 (void)BIO_flush(bio_err);
3101 static void print_result(int alg, int run_no, int count, double time_used)
3104 BIO_puts(bio_err, "EVP error!\n");
3108 mr ? "+R:%d:%s:%f\n"
3109 : "%d %s's in %.2fs\n", count, names[alg], time_used);
3110 results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
3114 static char *sstrsep(char **string, const char *delim)
3117 char *token = *string;
3122 memset(isdelim, 0, sizeof(isdelim));
3126 isdelim[(unsigned char)(*delim)] = 1;
3130 while (!isdelim[(unsigned char)(**string)]) {
3142 static int do_multi(int multi, int size_num)
3147 static char sep[] = ":";
3149 fds = app_malloc(sizeof(*fds) * multi, "fd buffer for do_multi");
3150 for (n = 0; n < multi; ++n) {
3151 if (pipe(fd) == -1) {
3152 BIO_printf(bio_err, "pipe failure\n");
3156 (void)BIO_flush(bio_err);
3163 if (dup(fd[1]) == -1) {
3164 BIO_printf(bio_err, "dup failed\n");
3173 printf("Forked child %d\n", n);
3176 /* for now, assume the pipe is long enough to take all the output */
3177 for (n = 0; n < multi; ++n) {
3182 f = fdopen(fds[n], "r");
3183 while (fgets(buf, sizeof(buf), f)) {
3184 p = strchr(buf, '\n');
3187 if (buf[0] != '+') {
3189 "Don't understand line '%s' from child %d\n", buf,
3193 printf("Got: %s from %d\n", buf, n);
3194 if (strncmp(buf, "+F:", 3) == 0) {
3199 alg = atoi(sstrsep(&p, sep));
3201 for (j = 0; j < size_num; ++j)
3202 results[alg][j] += atof(sstrsep(&p, sep));
3203 } else if (strncmp(buf, "+F2:", 4) == 0) {
3208 k = atoi(sstrsep(&p, sep));
3211 d = atof(sstrsep(&p, sep));
3212 rsa_results[k][0] += d;
3214 d = atof(sstrsep(&p, sep));
3215 rsa_results[k][1] += d;
3217 # ifndef OPENSSL_NO_DSA
3218 else if (strncmp(buf, "+F3:", 4) == 0) {
3223 k = atoi(sstrsep(&p, sep));
3226 d = atof(sstrsep(&p, sep));
3227 dsa_results[k][0] += d;
3229 d = atof(sstrsep(&p, sep));
3230 dsa_results[k][1] += d;
3233 # ifndef OPENSSL_NO_EC
3234 else if (strncmp(buf, "+F4:", 4) == 0) {
3239 k = atoi(sstrsep(&p, sep));
3242 d = atof(sstrsep(&p, sep));
3243 ecdsa_results[k][0] += d;
3245 d = atof(sstrsep(&p, sep));
3246 ecdsa_results[k][1] += d;
3247 } else if (strncmp(buf, "+F5:", 4) == 0) {
3252 k = atoi(sstrsep(&p, sep));
3255 d = atof(sstrsep(&p, sep));
3256 ecdh_results[k][0] += d;
3260 else if (strncmp(buf, "+H:", 3) == 0) {
3263 BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf,
3274 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
3275 const openssl_speed_sec_t *seconds)
3277 static const int mblengths_list[] =
3278 { 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 };
3279 const int *mblengths = mblengths_list;
3280 int j, count, keylen, num = OSSL_NELEM(mblengths_list);
3281 const char *alg_name;
3282 unsigned char *inp, *out, *key, no_key[32], no_iv[16];
3283 EVP_CIPHER_CTX *ctx;
3286 if (lengths_single) {
3287 mblengths = &lengths_single;
3291 inp = app_malloc(mblengths[num - 1], "multiblock input buffer");
3292 out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer");
3293 ctx = EVP_CIPHER_CTX_new();
3294 EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv);
3296 keylen = EVP_CIPHER_CTX_key_length(ctx);
3297 key = app_malloc(keylen, "evp_cipher key");
3298 EVP_CIPHER_CTX_rand_key(ctx, key);
3299 EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
3300 OPENSSL_clear_free(key, keylen);
3302 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key), no_key);
3303 alg_name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
3305 for (j = 0; j < num; j++) {
3306 print_message(alg_name, 0, mblengths[j], seconds->sym);
3308 for (count = 0, run = 1; run && count < 0x7fffffff; count++) {
3309 unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
3310 EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
3311 size_t len = mblengths[j];
3314 memset(aad, 0, 8); /* avoid uninitialized values */
3315 aad[8] = 23; /* SSL3_RT_APPLICATION_DATA */
3316 aad[9] = 3; /* version */
3318 aad[11] = 0; /* length */
3320 mb_param.out = NULL;
3323 mb_param.interleave = 8;
3325 packlen = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
3326 sizeof(mb_param), &mb_param);
3332 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
3333 sizeof(mb_param), &mb_param);
3337 RAND_bytes(out, 16);
3339 aad[11] = (unsigned char)(len >> 8);
3340 aad[12] = (unsigned char)(len);
3341 pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD,
3342 EVP_AEAD_TLS1_AAD_LEN, aad);
3343 EVP_Cipher(ctx, out, inp, len + pad);
3347 BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n"
3348 : "%d %s's in %.2fs\n", count, "evp", d);
3349 results[D_EVP][j] = ((double)count) / d * mblengths[j];
3353 fprintf(stdout, "+H");
3354 for (j = 0; j < num; j++)
3355 fprintf(stdout, ":%d", mblengths[j]);
3356 fprintf(stdout, "\n");
3357 fprintf(stdout, "+F:%d:%s", D_EVP, alg_name);
3358 for (j = 0; j < num; j++)
3359 fprintf(stdout, ":%.2f", results[D_EVP][j]);
3360 fprintf(stdout, "\n");
3363 "The 'numbers' are in 1000s of bytes per second processed.\n");
3364 fprintf(stdout, "type ");
3365 for (j = 0; j < num; j++)
3366 fprintf(stdout, "%7d bytes", mblengths[j]);
3367 fprintf(stdout, "\n");
3368 fprintf(stdout, "%-24s", alg_name);
3370 for (j = 0; j < num; j++) {
3371 if (results[D_EVP][j] > 10000)
3372 fprintf(stdout, " %11.2fk", results[D_EVP][j] / 1e3);
3374 fprintf(stdout, " %11.2f ", results[D_EVP][j]);
3376 fprintf(stdout, "\n");
3381 EVP_CIPHER_CTX_free(ctx);