1 /* $OpenBSD: speed.c,v 1.23 2018/07/13 18:36:56 cheloha Exp $ */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
58 /* ====================================================================
59 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
61 * Portions of the attached software ("Contribution") are developed by
62 * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
64 * The Contribution is licensed pursuant to the OpenSSL open source
65 * license provided above.
67 * The ECDH and ECDSA speed test software is originally written by
68 * Sumit Gupta of Sun Microsystems Laboratories.
72 /* most of this code has been pilfered from my libdes speed.c program */
74 #ifndef OPENSSL_NO_SPEED
77 #define RSA_SECONDS 10
78 #define DSA_SECONDS 10
79 #define ECDSA_SECONDS 10
80 #define ECDH_SECONDS 10
92 #include <openssl/bn.h>
93 #include <openssl/crypto.h>
94 #include <openssl/err.h>
95 #include <openssl/evp.h>
96 #include <openssl/modes.h>
97 #include <openssl/objects.h>
98 #include <openssl/x509.h>
100 #ifndef OPENSSL_NO_AES
101 #include <openssl/aes.h>
103 #ifndef OPENSSL_NO_BF
104 #include <openssl/blowfish.h>
106 #ifndef OPENSSL_NO_CAST
107 #include <openssl/cast.h>
109 #ifndef OPENSSL_NO_CAMELLIA
110 #include <openssl/camellia.h>
112 #ifndef OPENSSL_NO_DES
113 #include <openssl/des.h>
115 #include <openssl/dsa.h>
116 #include <openssl/ecdh.h>
117 #include <openssl/ecdsa.h>
118 #ifndef OPENSSL_NO_HMAC
119 #include <openssl/hmac.h>
121 #ifndef OPENSSL_NO_IDEA
122 #include <openssl/idea.h>
124 #ifndef OPENSSL_NO_MD4
125 #include <openssl/md4.h>
127 #ifndef OPENSSL_NO_MD5
128 #include <openssl/md5.h>
130 #ifndef OPENSSL_NO_RC2
131 #include <openssl/rc2.h>
133 #ifndef OPENSSL_NO_RC4
134 #include <openssl/rc4.h>
136 #include <openssl/rsa.h>
137 #ifndef OPENSSL_NO_RIPEMD
138 #include <openssl/ripemd.h>
140 #ifndef OPENSSL_NO_SHA
141 #include <openssl/sha.h>
143 #ifndef OPENSSL_NO_WHIRLPOOL
144 #include <openssl/whrlpool.h>
147 #include "./testdsa.h"
148 #include "./testrsa.h"
150 #define BUFSIZE (1024*8+64)
154 static int usertime = 1;
156 static double Time_F(int s);
157 static void print_message(const char *s, long num, int length);
159 pkey_print_message(const char *str, const char *str2,
160 long num, int bits, int sec);
161 static void print_result(int alg, int run_no, int count, double time_used);
162 static int do_multi(int multi);
170 #define MAX_ECDH_SIZE 256
172 static const char *names[ALGOR_NUM] = {
173 "md2", "md4", "md5", "hmac(md5)", "sha1", "rmd160",
174 "rc4", "des cbc", "des ede3", "idea cbc", "seed cbc",
175 "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
176 "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
177 "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
178 "evp", "sha256", "sha512", "whirlpool",
179 "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
180 "aes-128 gcm", "aes-256 gcm", "chacha20 poly1305",
182 static double results[ALGOR_NUM][SIZE_NUM];
183 static int lengths[SIZE_NUM] = {16, 64, 256, 1024, 8 * 1024};
184 static double rsa_results[RSA_NUM][2];
185 static double dsa_results[DSA_NUM][2];
186 static double ecdsa_results[EC_NUM][2];
187 static double ecdh_results[EC_NUM][1];
189 static void sig_done(int sig);
194 signal(SIGALRM, sig_done);
198 #define START TM_RESET
206 return app_timer_user(s);
208 return app_timer_real(s);
212 static const int KDF1_SHA1_len = 20;
214 KDF1_SHA1(const void *in, size_t inlen, void *out, size_t * outlen)
216 #ifndef OPENSSL_NO_SHA
217 if (*outlen < SHA_DIGEST_LENGTH)
220 *outlen = SHA_DIGEST_LENGTH;
221 return SHA1(in, inlen, out);
224 #endif /* OPENSSL_NO_SHA */
228 speed_main(int argc, char **argv)
230 unsigned char *buf = NULL, *buf2 = NULL;
232 long count = 0, save_count = 0;
236 unsigned char md[EVP_MAX_MD_SIZE];
237 #ifndef OPENSSL_NO_MD4
238 unsigned char md4[MD4_DIGEST_LENGTH];
240 #ifndef OPENSSL_NO_MD5
241 unsigned char md5[MD5_DIGEST_LENGTH];
242 unsigned char hmac[MD5_DIGEST_LENGTH];
244 #ifndef OPENSSL_NO_SHA
245 unsigned char sha[SHA_DIGEST_LENGTH];
246 #ifndef OPENSSL_NO_SHA256
247 unsigned char sha256[SHA256_DIGEST_LENGTH];
249 #ifndef OPENSSL_NO_SHA512
250 unsigned char sha512[SHA512_DIGEST_LENGTH];
253 #ifndef OPENSSL_NO_WHIRLPOOL
254 unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
256 #ifndef OPENSSL_NO_RIPEMD
257 unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
259 #ifndef OPENSSL_NO_RC4
262 #ifndef OPENSSL_NO_RC2
265 #ifndef OPENSSL_NO_IDEA
266 IDEA_KEY_SCHEDULE idea_ks;
268 #ifndef OPENSSL_NO_BF
271 #ifndef OPENSSL_NO_CAST
274 static const unsigned char key16[16] =
275 {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
276 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12};
277 #ifndef OPENSSL_NO_AES
278 static const unsigned char key24[24] =
279 {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
280 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
281 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34};
282 static const unsigned char key32[32] =
283 {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
284 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
285 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
286 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56};
288 #ifndef OPENSSL_NO_CAMELLIA
289 static const unsigned char ckey24[24] =
290 {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
291 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
292 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34};
293 static const unsigned char ckey32[32] =
294 {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
295 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
296 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
297 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56};
299 #ifndef OPENSSL_NO_AES
300 #define MAX_BLOCK_SIZE 128
302 #define MAX_BLOCK_SIZE 64
304 unsigned char DES_iv[8];
305 unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
306 #ifndef OPENSSL_NO_DES
307 static DES_cblock key = {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0};
308 static DES_cblock key2 = {0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12};
309 static DES_cblock key3 = {0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34};
310 DES_key_schedule sch;
311 DES_key_schedule sch2;
312 DES_key_schedule sch3;
314 #ifndef OPENSSL_NO_AES
315 AES_KEY aes_ks1, aes_ks2, aes_ks3;
317 #ifndef OPENSSL_NO_CAMELLIA
318 CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3;
330 #define D_CBC_SEED 10
334 #define D_CBC_CAST 14
335 #define D_CBC_128_AES 15
336 #define D_CBC_192_AES 16
337 #define D_CBC_256_AES 17
338 #define D_CBC_128_CML 18
339 #define D_CBC_192_CML 19
340 #define D_CBC_256_CML 20
344 #define D_WHIRLPOOL 24
345 #define D_IGE_128_AES 25
346 #define D_IGE_192_AES 26
347 #define D_IGE_256_AES 27
349 #define D_AES_128_GCM 29
350 #define D_AES_256_GCM 30
351 #define D_CHACHA20_POLY1305 31
353 long c[ALGOR_NUM][SIZE_NUM];
379 RSA *rsa_key[RSA_NUM];
380 long rsa_c[RSA_NUM][2];
381 static unsigned int rsa_bits[RSA_NUM] = {512, 1024, 2048, 4096};
382 static unsigned char *rsa_data[RSA_NUM] =
383 {test512, test1024, test2048, test4096};
384 static int rsa_data_length[RSA_NUM] = {
385 sizeof(test512), sizeof(test1024),
386 sizeof(test2048), sizeof(test4096)};
387 DSA *dsa_key[DSA_NUM];
388 long dsa_c[DSA_NUM][2];
389 static unsigned int dsa_bits[DSA_NUM] = {512, 1024, 2048};
390 #ifndef OPENSSL_NO_EC
392 * We only test over the following curves as they are representative,
393 * To add tests over more curves, simply add the curve NID and curve
394 * name to the following arrays and increase the EC_NUM value
397 static unsigned int test_curves[EC_NUM] =
401 NID_X9_62_prime192v1,
403 NID_X9_62_prime256v1,
418 static const char *test_curves_names[EC_NUM] =
439 static int test_curves_bits[EC_NUM] =
441 160, 192, 224, 256, 384, 521,
442 163, 233, 283, 409, 571,
443 163, 233, 283, 409, 571
448 unsigned char ecdsasig[256];
449 unsigned int ecdsasiglen;
450 EC_KEY *ecdsa[EC_NUM];
451 long ecdsa_c[EC_NUM][2];
453 EC_KEY *ecdh_a[EC_NUM], *ecdh_b[EC_NUM];
454 unsigned char secret_a[MAX_ECDH_SIZE], secret_b[MAX_ECDH_SIZE];
455 int secret_size_a, secret_size_b;
458 long ecdh_c[EC_NUM][2];
460 int rsa_doit[RSA_NUM];
461 int dsa_doit[DSA_NUM];
462 int ecdsa_doit[EC_NUM];
463 int ecdh_doit[EC_NUM];
466 const EVP_CIPHER *evp_cipher = NULL;
467 const EVP_MD *evp_md = NULL;
470 const char *errstr = NULL;
472 if (single_execution) {
473 if (pledge("stdio proc", NULL) == -1) {
481 memset(results, 0, sizeof(results));
482 memset(dsa_key, 0, sizeof(dsa_key));
483 for (i = 0; i < EC_NUM; i++)
485 for (i = 0; i < EC_NUM; i++) {
490 memset(rsa_key, 0, sizeof(rsa_key));
491 for (i = 0; i < RSA_NUM; i++)
494 if ((buf = malloc(BUFSIZE)) == NULL) {
495 BIO_printf(bio_err, "out of memory\n");
498 if ((buf2 = malloc(BUFSIZE)) == NULL) {
499 BIO_printf(bio_err, "out of memory\n");
502 memset(c, 0, sizeof(c));
503 memset(DES_iv, 0, sizeof(DES_iv));
504 memset(iv, 0, sizeof(iv));
506 for (i = 0; i < ALGOR_NUM; i++)
508 for (i = 0; i < RSA_NUM; i++)
510 for (i = 0; i < DSA_NUM; i++)
512 for (i = 0; i < EC_NUM; i++)
514 for (i = 0; i < EC_NUM; i++)
522 if ((argc > 0) && (strcmp(*argv, "-elapsed") == 0)) {
524 j--; /* Otherwise, -elapsed gets confused with an
526 } else if ((argc > 0) && (strcmp(*argv, "-evp") == 0)) {
530 BIO_printf(bio_err, "no EVP given\n");
533 evp_cipher = EVP_get_cipherbyname(*argv);
535 evp_md = EVP_get_digestbyname(*argv);
537 if (!evp_cipher && !evp_md) {
538 BIO_printf(bio_err, "%s is an unknown cipher or digest\n", *argv);
542 } else if (argc > 0 && !strcmp(*argv, "-decrypt")) {
544 j--; /* Otherwise, -decrypt gets confused with an
547 else if ((argc > 0) && (strcmp(*argv, "-multi") == 0)) {
551 BIO_printf(bio_err, "no multi count given\n");
554 multi = strtonum(argv[0], 1, INT_MAX, &errstr);
556 BIO_printf(bio_err, "bad multi count: %s", errstr);
559 j--; /* Otherwise, -multi gets confused with an
562 else if (argc > 0 && !strcmp(*argv, "-mr")) {
564 j--; /* Otherwise, -mr gets confused with an
567 #ifndef OPENSSL_NO_MD4
568 if (strcmp(*argv, "md4") == 0)
572 #ifndef OPENSSL_NO_MD5
573 if (strcmp(*argv, "md5") == 0)
577 #ifndef OPENSSL_NO_MD5
578 if (strcmp(*argv, "hmac") == 0)
582 #ifndef OPENSSL_NO_SHA
583 if (strcmp(*argv, "sha1") == 0)
585 else if (strcmp(*argv, "sha") == 0)
590 #ifndef OPENSSL_NO_SHA256
591 if (strcmp(*argv, "sha256") == 0)
595 #ifndef OPENSSL_NO_SHA512
596 if (strcmp(*argv, "sha512") == 0)
601 #ifndef OPENSSL_NO_WHIRLPOOL
602 if (strcmp(*argv, "whirlpool") == 0)
603 doit[D_WHIRLPOOL] = 1;
606 #ifndef OPENSSL_NO_RIPEMD
607 if (strcmp(*argv, "ripemd") == 0)
609 else if (strcmp(*argv, "rmd160") == 0)
611 else if (strcmp(*argv, "ripemd160") == 0)
615 #ifndef OPENSSL_NO_RC4
616 if (strcmp(*argv, "rc4") == 0)
620 #ifndef OPENSSL_NO_DES
621 if (strcmp(*argv, "des-cbc") == 0)
623 else if (strcmp(*argv, "des-ede3") == 0)
624 doit[D_EDE3_DES] = 1;
627 #ifndef OPENSSL_NO_AES
628 if (strcmp(*argv, "aes-128-cbc") == 0)
629 doit[D_CBC_128_AES] = 1;
630 else if (strcmp(*argv, "aes-192-cbc") == 0)
631 doit[D_CBC_192_AES] = 1;
632 else if (strcmp(*argv, "aes-256-cbc") == 0)
633 doit[D_CBC_256_AES] = 1;
634 else if (strcmp(*argv, "aes-128-ige") == 0)
635 doit[D_IGE_128_AES] = 1;
636 else if (strcmp(*argv, "aes-192-ige") == 0)
637 doit[D_IGE_192_AES] = 1;
638 else if (strcmp(*argv, "aes-256-ige") == 0)
639 doit[D_IGE_256_AES] = 1;
642 #ifndef OPENSSL_NO_CAMELLIA
643 if (strcmp(*argv, "camellia-128-cbc") == 0)
644 doit[D_CBC_128_CML] = 1;
645 else if (strcmp(*argv, "camellia-192-cbc") == 0)
646 doit[D_CBC_192_CML] = 1;
647 else if (strcmp(*argv, "camellia-256-cbc") == 0)
648 doit[D_CBC_256_CML] = 1;
652 if (strcmp(*argv, "openssl") == 0) {
653 RSA_set_default_method(RSA_PKCS1_SSLeay());
657 if (strcmp(*argv, "dsa512") == 0)
658 dsa_doit[R_DSA_512] = 2;
659 else if (strcmp(*argv, "dsa1024") == 0)
660 dsa_doit[R_DSA_1024] = 2;
661 else if (strcmp(*argv, "dsa2048") == 0)
662 dsa_doit[R_DSA_2048] = 2;
663 else if (strcmp(*argv, "rsa512") == 0)
664 rsa_doit[R_RSA_512] = 2;
665 else if (strcmp(*argv, "rsa1024") == 0)
666 rsa_doit[R_RSA_1024] = 2;
667 else if (strcmp(*argv, "rsa2048") == 0)
668 rsa_doit[R_RSA_2048] = 2;
669 else if (strcmp(*argv, "rsa4096") == 0)
670 rsa_doit[R_RSA_4096] = 2;
672 #ifndef OPENSSL_NO_RC2
673 if (strcmp(*argv, "rc2-cbc") == 0)
675 else if (strcmp(*argv, "rc2") == 0)
679 #ifndef OPENSSL_NO_IDEA
680 if (strcmp(*argv, "idea-cbc") == 0)
681 doit[D_CBC_IDEA] = 1;
682 else if (strcmp(*argv, "idea") == 0)
683 doit[D_CBC_IDEA] = 1;
686 #ifndef OPENSSL_NO_BF
687 if (strcmp(*argv, "bf-cbc") == 0)
689 else if (strcmp(*argv, "blowfish") == 0)
691 else if (strcmp(*argv, "bf") == 0)
695 #ifndef OPENSSL_NO_CAST
696 if (strcmp(*argv, "cast-cbc") == 0)
697 doit[D_CBC_CAST] = 1;
698 else if (strcmp(*argv, "cast") == 0)
699 doit[D_CBC_CAST] = 1;
700 else if (strcmp(*argv, "cast5") == 0)
701 doit[D_CBC_CAST] = 1;
704 #ifndef OPENSSL_NO_DES
705 if (strcmp(*argv, "des") == 0) {
707 doit[D_EDE3_DES] = 1;
710 #ifndef OPENSSL_NO_AES
711 if (strcmp(*argv, "aes") == 0) {
712 doit[D_CBC_128_AES] = 1;
713 doit[D_CBC_192_AES] = 1;
714 doit[D_CBC_256_AES] = 1;
715 } else if (strcmp(*argv, "ghash") == 0)
717 else if (strcmp(*argv,"aes-128-gcm") == 0)
718 doit[D_AES_128_GCM]=1;
719 else if (strcmp(*argv,"aes-256-gcm") == 0)
720 doit[D_AES_256_GCM]=1;
723 #ifndef OPENSSL_NO_CAMELLIA
724 if (strcmp(*argv, "camellia") == 0) {
725 doit[D_CBC_128_CML] = 1;
726 doit[D_CBC_192_CML] = 1;
727 doit[D_CBC_256_CML] = 1;
730 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
731 if (strcmp(*argv,"chacha20-poly1305") == 0)
732 doit[D_CHACHA20_POLY1305]=1;
735 if (strcmp(*argv, "rsa") == 0) {
736 rsa_doit[R_RSA_512] = 1;
737 rsa_doit[R_RSA_1024] = 1;
738 rsa_doit[R_RSA_2048] = 1;
739 rsa_doit[R_RSA_4096] = 1;
741 if (strcmp(*argv, "dsa") == 0) {
742 dsa_doit[R_DSA_512] = 1;
743 dsa_doit[R_DSA_1024] = 1;
744 dsa_doit[R_DSA_2048] = 1;
746 if (strcmp(*argv, "ecdsap160") == 0)
747 ecdsa_doit[R_EC_P160] = 2;
748 else if (strcmp(*argv, "ecdsap192") == 0)
749 ecdsa_doit[R_EC_P192] = 2;
750 else if (strcmp(*argv, "ecdsap224") == 0)
751 ecdsa_doit[R_EC_P224] = 2;
752 else if (strcmp(*argv, "ecdsap256") == 0)
753 ecdsa_doit[R_EC_P256] = 2;
754 else if (strcmp(*argv, "ecdsap384") == 0)
755 ecdsa_doit[R_EC_P384] = 2;
756 else if (strcmp(*argv, "ecdsap521") == 0)
757 ecdsa_doit[R_EC_P521] = 2;
758 else if (strcmp(*argv, "ecdsak163") == 0)
759 ecdsa_doit[R_EC_K163] = 2;
760 else if (strcmp(*argv, "ecdsak233") == 0)
761 ecdsa_doit[R_EC_K233] = 2;
762 else if (strcmp(*argv, "ecdsak283") == 0)
763 ecdsa_doit[R_EC_K283] = 2;
764 else if (strcmp(*argv, "ecdsak409") == 0)
765 ecdsa_doit[R_EC_K409] = 2;
766 else if (strcmp(*argv, "ecdsak571") == 0)
767 ecdsa_doit[R_EC_K571] = 2;
768 else if (strcmp(*argv, "ecdsab163") == 0)
769 ecdsa_doit[R_EC_B163] = 2;
770 else if (strcmp(*argv, "ecdsab233") == 0)
771 ecdsa_doit[R_EC_B233] = 2;
772 else if (strcmp(*argv, "ecdsab283") == 0)
773 ecdsa_doit[R_EC_B283] = 2;
774 else if (strcmp(*argv, "ecdsab409") == 0)
775 ecdsa_doit[R_EC_B409] = 2;
776 else if (strcmp(*argv, "ecdsab571") == 0)
777 ecdsa_doit[R_EC_B571] = 2;
778 else if (strcmp(*argv, "ecdsa") == 0) {
779 for (i = 0; i < EC_NUM; i++)
782 if (strcmp(*argv, "ecdhp160") == 0)
783 ecdh_doit[R_EC_P160] = 2;
784 else if (strcmp(*argv, "ecdhp192") == 0)
785 ecdh_doit[R_EC_P192] = 2;
786 else if (strcmp(*argv, "ecdhp224") == 0)
787 ecdh_doit[R_EC_P224] = 2;
788 else if (strcmp(*argv, "ecdhp256") == 0)
789 ecdh_doit[R_EC_P256] = 2;
790 else if (strcmp(*argv, "ecdhp384") == 0)
791 ecdh_doit[R_EC_P384] = 2;
792 else if (strcmp(*argv, "ecdhp521") == 0)
793 ecdh_doit[R_EC_P521] = 2;
794 else if (strcmp(*argv, "ecdhk163") == 0)
795 ecdh_doit[R_EC_K163] = 2;
796 else if (strcmp(*argv, "ecdhk233") == 0)
797 ecdh_doit[R_EC_K233] = 2;
798 else if (strcmp(*argv, "ecdhk283") == 0)
799 ecdh_doit[R_EC_K283] = 2;
800 else if (strcmp(*argv, "ecdhk409") == 0)
801 ecdh_doit[R_EC_K409] = 2;
802 else if (strcmp(*argv, "ecdhk571") == 0)
803 ecdh_doit[R_EC_K571] = 2;
804 else if (strcmp(*argv, "ecdhb163") == 0)
805 ecdh_doit[R_EC_B163] = 2;
806 else if (strcmp(*argv, "ecdhb233") == 0)
807 ecdh_doit[R_EC_B233] = 2;
808 else if (strcmp(*argv, "ecdhb283") == 0)
809 ecdh_doit[R_EC_B283] = 2;
810 else if (strcmp(*argv, "ecdhb409") == 0)
811 ecdh_doit[R_EC_B409] = 2;
812 else if (strcmp(*argv, "ecdhb571") == 0)
813 ecdh_doit[R_EC_B571] = 2;
814 else if (strcmp(*argv, "ecdh") == 0) {
815 for (i = 0; i < EC_NUM; i++)
819 BIO_printf(bio_err, "Error: bad option or value\n");
820 BIO_printf(bio_err, "\n");
821 BIO_printf(bio_err, "Available values:\n");
822 #ifndef OPENSSL_NO_MD4
823 BIO_printf(bio_err, "md4 ");
825 #ifndef OPENSSL_NO_MD5
826 BIO_printf(bio_err, "md5 ");
827 #ifndef OPENSSL_NO_HMAC
828 BIO_printf(bio_err, "hmac ");
831 #ifndef OPENSSL_NO_SHA1
832 BIO_printf(bio_err, "sha1 ");
834 #ifndef OPENSSL_NO_SHA256
835 BIO_printf(bio_err, "sha256 ");
837 #ifndef OPENSSL_NO_SHA512
838 BIO_printf(bio_err, "sha512 ");
840 #ifndef OPENSSL_NO_WHIRLPOOL
841 BIO_printf(bio_err, "whirlpool");
843 #ifndef OPENSSL_NO_RIPEMD160
844 BIO_printf(bio_err, "rmd160");
846 #if !defined(OPENSSL_NO_MD2) || \
847 !defined(OPENSSL_NO_MD4) || !defined(OPENSSL_NO_MD5) || \
848 !defined(OPENSSL_NO_SHA1) || !defined(OPENSSL_NO_RIPEMD160) || \
849 !defined(OPENSSL_NO_WHIRLPOOL)
850 BIO_printf(bio_err, "\n");
853 #ifndef OPENSSL_NO_IDEA
854 BIO_printf(bio_err, "idea-cbc ");
856 #ifndef OPENSSL_NO_RC2
857 BIO_printf(bio_err, "rc2-cbc ");
859 #ifndef OPENSSL_NO_BF
860 BIO_printf(bio_err, "bf-cbc ");
862 #ifndef OPENSSL_NO_DES
863 BIO_printf(bio_err, "des-cbc des-ede3\n");
865 #ifndef OPENSSL_NO_AES
866 BIO_printf(bio_err, "aes-128-cbc aes-192-cbc aes-256-cbc ");
867 BIO_printf(bio_err, "aes-128-ige aes-192-ige aes-256-ige\n");
868 BIO_printf(bio_err, "aes-128-gcm aes-256-gcm ");
870 #ifndef OPENSSL_NO_CAMELLIA
871 BIO_printf(bio_err, "\n");
872 BIO_printf(bio_err, "camellia-128-cbc camellia-192-cbc camellia-256-cbc ");
874 #ifndef OPENSSL_NO_RC4
875 BIO_printf(bio_err, "rc4");
877 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
878 BIO_printf(bio_err," chacha20-poly1305");
880 BIO_printf(bio_err, "\n");
882 BIO_printf(bio_err, "rsa512 rsa1024 rsa2048 rsa4096\n");
884 BIO_printf(bio_err, "dsa512 dsa1024 dsa2048\n");
885 BIO_printf(bio_err, "ecdsap160 ecdsap192 ecdsap224 ecdsap256 ecdsap384 ecdsap521\n");
886 BIO_printf(bio_err, "ecdsak163 ecdsak233 ecdsak283 ecdsak409 ecdsak571\n");
887 BIO_printf(bio_err, "ecdsab163 ecdsab233 ecdsab283 ecdsab409 ecdsab571 ecdsa\n");
888 BIO_printf(bio_err, "ecdhp160 ecdhp192 ecdhp224 ecdhp256 ecdhp384 ecdhp521\n");
889 BIO_printf(bio_err, "ecdhk163 ecdhk233 ecdhk283 ecdhk409 ecdhk571\n");
890 BIO_printf(bio_err, "ecdhb163 ecdhb233 ecdhb283 ecdhb409 ecdhb571 ecdh\n");
892 #ifndef OPENSSL_NO_IDEA
893 BIO_printf(bio_err, "idea ");
895 #ifndef OPENSSL_NO_RC2
896 BIO_printf(bio_err, "rc2 ");
898 #ifndef OPENSSL_NO_DES
899 BIO_printf(bio_err, "des ");
901 #ifndef OPENSSL_NO_AES
902 BIO_printf(bio_err, "aes ");
904 #ifndef OPENSSL_NO_CAMELLIA
905 BIO_printf(bio_err, "camellia ");
907 BIO_printf(bio_err, "rsa ");
908 #ifndef OPENSSL_NO_BF
909 BIO_printf(bio_err, "blowfish");
911 #if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_SEED) || \
912 !defined(OPENSSL_NO_RC2) || !defined(OPENSSL_NO_DES) || \
913 !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_BF) || \
914 !defined(OPENSSL_NO_AES) || !defined(OPENSSL_NO_CAMELLIA)
915 BIO_printf(bio_err, "\n");
918 BIO_printf(bio_err, "\n");
919 BIO_printf(bio_err, "Available options:\n");
920 BIO_printf(bio_err, "-elapsed measure time in real time instead of CPU user time.\n");
921 BIO_printf(bio_err, "-evp e use EVP e.\n");
922 BIO_printf(bio_err, "-decrypt time decryption instead of encryption (only EVP).\n");
923 BIO_printf(bio_err, "-mr produce machine readable output.\n");
924 BIO_printf(bio_err, "-multi n run n benchmarks in parallel.\n");
932 if (multi && do_multi(multi))
936 for (i = 0; i < ALGOR_NUM; i++) {
940 for (i = 0; i < RSA_NUM; i++)
942 for (i = 0; i < DSA_NUM; i++)
944 for (i = 0; i < EC_NUM; i++)
946 for (i = 0; i < EC_NUM; i++)
949 for (i = 0; i < ALGOR_NUM; i++)
953 if (usertime == 0 && !mr)
954 BIO_printf(bio_err, "You have chosen to measure elapsed time instead of user CPU time.\n");
956 for (i = 0; i < RSA_NUM; i++) {
957 const unsigned char *p;
960 rsa_key[i] = d2i_RSAPrivateKey(NULL, &p, rsa_data_length[i]);
961 if (rsa_key[i] == NULL) {
962 BIO_printf(bio_err, "internal error loading RSA key number %d\n", i);
967 dsa_key[0] = get_dsa512();
968 dsa_key[1] = get_dsa1024();
969 dsa_key[2] = get_dsa2048();
971 #ifndef OPENSSL_NO_DES
972 DES_set_key_unchecked(&key, &sch);
973 DES_set_key_unchecked(&key2, &sch2);
974 DES_set_key_unchecked(&key3, &sch3);
976 #ifndef OPENSSL_NO_AES
977 AES_set_encrypt_key(key16, 128, &aes_ks1);
978 AES_set_encrypt_key(key24, 192, &aes_ks2);
979 AES_set_encrypt_key(key32, 256, &aes_ks3);
981 #ifndef OPENSSL_NO_CAMELLIA
982 Camellia_set_key(key16, 128, &camellia_ks1);
983 Camellia_set_key(ckey24, 192, &camellia_ks2);
984 Camellia_set_key(ckey32, 256, &camellia_ks3);
986 #ifndef OPENSSL_NO_IDEA
987 idea_set_encrypt_key(key16, &idea_ks);
989 #ifndef OPENSSL_NO_RC4
990 RC4_set_key(&rc4_ks, 16, key16);
992 #ifndef OPENSSL_NO_RC2
993 RC2_set_key(&rc2_ks, 16, key16, 128);
995 #ifndef OPENSSL_NO_BF
996 BF_set_key(&bf_ks, 16, key16);
998 #ifndef OPENSSL_NO_CAST
999 CAST_set_key(&cast_ks, 16, key16);
1001 memset(rsa_c, 0, sizeof(rsa_c));
1002 #define COND(c) (run && count<0x7fffffff)
1003 #define COUNT(d) (count)
1004 signal(SIGALRM, sig_done);
1006 #ifndef OPENSSL_NO_MD4
1008 for (j = 0; j < SIZE_NUM; j++) {
1009 print_message(names[D_MD4], c[D_MD4][j], lengths[j]);
1011 for (count = 0, run = 1; COND(c[D_MD4][j]); count++)
1012 EVP_Digest(&(buf[0]), (unsigned long) lengths[j], &(md4[0]), NULL, EVP_md4(), NULL);
1014 print_result(D_MD4, j, count, d);
1019 #ifndef OPENSSL_NO_MD5
1021 for (j = 0; j < SIZE_NUM; j++) {
1022 print_message(names[D_MD5], c[D_MD5][j], lengths[j]);
1024 for (count = 0, run = 1; COND(c[D_MD5][j]); count++)
1025 EVP_Digest(&(buf[0]), (unsigned long) lengths[j], &(md5[0]), NULL, EVP_get_digestbyname("md5"), NULL);
1027 print_result(D_MD5, j, count, d);
1032 #if !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_HMAC)
1036 HMAC_CTX_init(&hctx);
1037 HMAC_Init_ex(&hctx, (unsigned char *) "This is a key...",
1038 16, EVP_md5(), NULL);
1040 for (j = 0; j < SIZE_NUM; j++) {
1041 print_message(names[D_HMAC], c[D_HMAC][j], lengths[j]);
1043 for (count = 0, run = 1; COND(c[D_HMAC][j]); count++) {
1044 HMAC_Init_ex(&hctx, NULL, 0, NULL, NULL);
1045 HMAC_Update(&hctx, buf, lengths[j]);
1046 HMAC_Final(&hctx, &(hmac[0]), NULL);
1049 print_result(D_HMAC, j, count, d);
1051 HMAC_CTX_cleanup(&hctx);
1054 #ifndef OPENSSL_NO_SHA
1056 for (j = 0; j < SIZE_NUM; j++) {
1057 print_message(names[D_SHA1], c[D_SHA1][j], lengths[j]);
1059 for (count = 0, run = 1; COND(c[D_SHA1][j]); count++)
1060 EVP_Digest(buf, (unsigned long) lengths[j], &(sha[0]), NULL, EVP_sha1(), NULL);
1062 print_result(D_SHA1, j, count, d);
1065 #ifndef OPENSSL_NO_SHA256
1066 if (doit[D_SHA256]) {
1067 for (j = 0; j < SIZE_NUM; j++) {
1068 print_message(names[D_SHA256], c[D_SHA256][j], lengths[j]);
1070 for (count = 0, run = 1; COND(c[D_SHA256][j]); count++)
1071 SHA256(buf, lengths[j], sha256);
1073 print_result(D_SHA256, j, count, d);
1078 #ifndef OPENSSL_NO_SHA512
1079 if (doit[D_SHA512]) {
1080 for (j = 0; j < SIZE_NUM; j++) {
1081 print_message(names[D_SHA512], c[D_SHA512][j], lengths[j]);
1083 for (count = 0, run = 1; COND(c[D_SHA512][j]); count++)
1084 SHA512(buf, lengths[j], sha512);
1086 print_result(D_SHA512, j, count, d);
1092 #ifndef OPENSSL_NO_WHIRLPOOL
1093 if (doit[D_WHIRLPOOL]) {
1094 for (j = 0; j < SIZE_NUM; j++) {
1095 print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][j], lengths[j]);
1097 for (count = 0, run = 1; COND(c[D_WHIRLPOOL][j]); count++)
1098 WHIRLPOOL(buf, lengths[j], whirlpool);
1100 print_result(D_WHIRLPOOL, j, count, d);
1105 #ifndef OPENSSL_NO_RIPEMD
1106 if (doit[D_RMD160]) {
1107 for (j = 0; j < SIZE_NUM; j++) {
1108 print_message(names[D_RMD160], c[D_RMD160][j], lengths[j]);
1110 for (count = 0, run = 1; COND(c[D_RMD160][j]); count++)
1111 EVP_Digest(buf, (unsigned long) lengths[j], &(rmd160[0]), NULL, EVP_ripemd160(), NULL);
1113 print_result(D_RMD160, j, count, d);
1117 #ifndef OPENSSL_NO_RC4
1119 for (j = 0; j < SIZE_NUM; j++) {
1120 print_message(names[D_RC4], c[D_RC4][j], lengths[j]);
1122 for (count = 0, run = 1; COND(c[D_RC4][j]); count++)
1123 RC4(&rc4_ks, (unsigned int) lengths[j],
1126 print_result(D_RC4, j, count, d);
1130 #ifndef OPENSSL_NO_DES
1131 if (doit[D_CBC_DES]) {
1132 for (j = 0; j < SIZE_NUM; j++) {
1133 print_message(names[D_CBC_DES], c[D_CBC_DES][j], lengths[j]);
1135 for (count = 0, run = 1; COND(c[D_CBC_DES][j]); count++)
1136 DES_ncbc_encrypt(buf, buf, lengths[j], &sch,
1137 &DES_iv, DES_ENCRYPT);
1139 print_result(D_CBC_DES, j, count, d);
1142 if (doit[D_EDE3_DES]) {
1143 for (j = 0; j < SIZE_NUM; j++) {
1144 print_message(names[D_EDE3_DES], c[D_EDE3_DES][j], lengths[j]);
1146 for (count = 0, run = 1; COND(c[D_EDE3_DES][j]); count++)
1147 DES_ede3_cbc_encrypt(buf, buf, lengths[j],
1149 &DES_iv, DES_ENCRYPT);
1151 print_result(D_EDE3_DES, j, count, d);
1155 #ifndef OPENSSL_NO_AES
1156 if (doit[D_CBC_128_AES]) {
1157 for (j = 0; j < SIZE_NUM; j++) {
1158 print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][j], lengths[j]);
1160 for (count = 0, run = 1; COND(c[D_CBC_128_AES][j]); count++)
1161 AES_cbc_encrypt(buf, buf,
1162 (unsigned long) lengths[j], &aes_ks1,
1165 print_result(D_CBC_128_AES, j, count, d);
1168 if (doit[D_CBC_192_AES]) {
1169 for (j = 0; j < SIZE_NUM; j++) {
1170 print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][j], lengths[j]);
1172 for (count = 0, run = 1; COND(c[D_CBC_192_AES][j]); count++)
1173 AES_cbc_encrypt(buf, buf,
1174 (unsigned long) lengths[j], &aes_ks2,
1177 print_result(D_CBC_192_AES, j, count, d);
1180 if (doit[D_CBC_256_AES]) {
1181 for (j = 0; j < SIZE_NUM; j++) {
1182 print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][j], lengths[j]);
1184 for (count = 0, run = 1; COND(c[D_CBC_256_AES][j]); count++)
1185 AES_cbc_encrypt(buf, buf,
1186 (unsigned long) lengths[j], &aes_ks3,
1189 print_result(D_CBC_256_AES, j, count, d);
1192 if (doit[D_IGE_128_AES]) {
1193 for (j = 0; j < SIZE_NUM; j++) {
1194 print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][j], lengths[j]);
1196 for (count = 0, run = 1; COND(c[D_IGE_128_AES][j]); count++)
1197 AES_ige_encrypt(buf, buf2,
1198 (unsigned long) lengths[j], &aes_ks1,
1201 print_result(D_IGE_128_AES, j, count, d);
1204 if (doit[D_IGE_192_AES]) {
1205 for (j = 0; j < SIZE_NUM; j++) {
1206 print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][j], lengths[j]);
1208 for (count = 0, run = 1; COND(c[D_IGE_192_AES][j]); count++)
1209 AES_ige_encrypt(buf, buf2,
1210 (unsigned long) lengths[j], &aes_ks2,
1213 print_result(D_IGE_192_AES, j, count, d);
1216 if (doit[D_IGE_256_AES]) {
1217 for (j = 0; j < SIZE_NUM; j++) {
1218 print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][j], lengths[j]);
1220 for (count = 0, run = 1; COND(c[D_IGE_256_AES][j]); count++)
1221 AES_ige_encrypt(buf, buf2,
1222 (unsigned long) lengths[j], &aes_ks3,
1225 print_result(D_IGE_256_AES, j, count, d);
1228 if (doit[D_GHASH]) {
1229 GCM128_CONTEXT *ctx = CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
1230 CRYPTO_gcm128_setiv(ctx, (unsigned char *) "0123456789ab", 12);
1232 for (j = 0; j < SIZE_NUM; j++) {
1233 print_message(names[D_GHASH], c[D_GHASH][j], lengths[j]);
1235 for (count = 0, run = 1; COND(c[D_GHASH][j]); count++)
1236 CRYPTO_gcm128_aad(ctx, buf, lengths[j]);
1238 print_result(D_GHASH, j, count, d);
1240 CRYPTO_gcm128_release(ctx);
1242 if (doit[D_AES_128_GCM]) {
1243 const EVP_AEAD *aead = EVP_aead_aes_128_gcm();
1244 static const unsigned char nonce[32] = {0};
1245 size_t buf_len, nonce_len;
1248 EVP_AEAD_CTX_init(&ctx, aead, key32, EVP_AEAD_key_length(aead),
1249 EVP_AEAD_DEFAULT_TAG_LENGTH, NULL);
1250 nonce_len = EVP_AEAD_nonce_length(aead);
1252 for (j = 0; j < SIZE_NUM; j++) {
1253 print_message(names[D_AES_128_GCM],c[D_AES_128_GCM][j],lengths[j]);
1255 for (count = 0, run = 1; COND(c[D_AES_128_GCM][j]); count++)
1256 EVP_AEAD_CTX_seal(&ctx, buf, &buf_len, BUFSIZE, nonce,
1257 nonce_len, buf, lengths[j], NULL, 0);
1259 print_result(D_AES_128_GCM,j,count,d);
1261 EVP_AEAD_CTX_cleanup(&ctx);
1264 if (doit[D_AES_256_GCM]) {
1265 const EVP_AEAD *aead = EVP_aead_aes_256_gcm();
1266 static const unsigned char nonce[32] = {0};
1267 size_t buf_len, nonce_len;
1270 EVP_AEAD_CTX_init(&ctx, aead, key32, EVP_AEAD_key_length(aead),
1271 EVP_AEAD_DEFAULT_TAG_LENGTH, NULL);
1272 nonce_len = EVP_AEAD_nonce_length(aead);
1274 for (j = 0; j < SIZE_NUM; j++) {
1275 print_message(names[D_AES_256_GCM],c[D_AES_256_GCM][j],lengths[j]);
1277 for (count = 0, run = 1; COND(c[D_AES_256_GCM][j]); count++)
1278 EVP_AEAD_CTX_seal(&ctx, buf, &buf_len, BUFSIZE, nonce,
1279 nonce_len, buf, lengths[j], NULL, 0);
1281 print_result(D_AES_256_GCM, j, count, d);
1283 EVP_AEAD_CTX_cleanup(&ctx);
1286 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
1287 if (doit[D_CHACHA20_POLY1305]) {
1288 const EVP_AEAD *aead = EVP_aead_chacha20_poly1305();
1289 static const unsigned char nonce[32] = {0};
1290 size_t buf_len, nonce_len;
1293 EVP_AEAD_CTX_init(&ctx, aead, key32, EVP_AEAD_key_length(aead),
1294 EVP_AEAD_DEFAULT_TAG_LENGTH, NULL);
1295 nonce_len = EVP_AEAD_nonce_length(aead);
1297 for (j = 0; j < SIZE_NUM; j++) {
1298 print_message(names[D_CHACHA20_POLY1305],
1299 c[D_CHACHA20_POLY1305][j], lengths[j]);
1301 for (count = 0, run = 1; COND(c[D_CHACHA20_POLY1305][j]); count++)
1302 EVP_AEAD_CTX_seal(&ctx, buf, &buf_len, BUFSIZE, nonce,
1303 nonce_len, buf, lengths[j], NULL, 0);
1305 print_result(D_CHACHA20_POLY1305, j, count, d);
1307 EVP_AEAD_CTX_cleanup(&ctx);
1310 #ifndef OPENSSL_NO_CAMELLIA
1311 if (doit[D_CBC_128_CML]) {
1312 for (j = 0; j < SIZE_NUM; j++) {
1313 print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][j], lengths[j]);
1315 for (count = 0, run = 1; COND(c[D_CBC_128_CML][j]); count++)
1316 Camellia_cbc_encrypt(buf, buf,
1317 (unsigned long) lengths[j], &camellia_ks1,
1318 iv, CAMELLIA_ENCRYPT);
1320 print_result(D_CBC_128_CML, j, count, d);
1323 if (doit[D_CBC_192_CML]) {
1324 for (j = 0; j < SIZE_NUM; j++) {
1325 print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][j], lengths[j]);
1327 for (count = 0, run = 1; COND(c[D_CBC_192_CML][j]); count++)
1328 Camellia_cbc_encrypt(buf, buf,
1329 (unsigned long) lengths[j], &camellia_ks2,
1330 iv, CAMELLIA_ENCRYPT);
1332 print_result(D_CBC_192_CML, j, count, d);
1335 if (doit[D_CBC_256_CML]) {
1336 for (j = 0; j < SIZE_NUM; j++) {
1337 print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][j], lengths[j]);
1339 for (count = 0, run = 1; COND(c[D_CBC_256_CML][j]); count++)
1340 Camellia_cbc_encrypt(buf, buf,
1341 (unsigned long) lengths[j], &camellia_ks3,
1342 iv, CAMELLIA_ENCRYPT);
1344 print_result(D_CBC_256_CML, j, count, d);
1348 #ifndef OPENSSL_NO_IDEA
1349 if (doit[D_CBC_IDEA]) {
1350 for (j = 0; j < SIZE_NUM; j++) {
1351 print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][j], lengths[j]);
1353 for (count = 0, run = 1; COND(c[D_CBC_IDEA][j]); count++)
1354 idea_cbc_encrypt(buf, buf,
1355 (unsigned long) lengths[j], &idea_ks,
1358 print_result(D_CBC_IDEA, j, count, d);
1362 #ifndef OPENSSL_NO_RC2
1363 if (doit[D_CBC_RC2]) {
1364 for (j = 0; j < SIZE_NUM; j++) {
1365 print_message(names[D_CBC_RC2], c[D_CBC_RC2][j], lengths[j]);
1367 for (count = 0, run = 1; COND(c[D_CBC_RC2][j]); count++)
1368 RC2_cbc_encrypt(buf, buf,
1369 (unsigned long) lengths[j], &rc2_ks,
1372 print_result(D_CBC_RC2, j, count, d);
1376 #ifndef OPENSSL_NO_BF
1377 if (doit[D_CBC_BF]) {
1378 for (j = 0; j < SIZE_NUM; j++) {
1379 print_message(names[D_CBC_BF], c[D_CBC_BF][j], lengths[j]);
1381 for (count = 0, run = 1; COND(c[D_CBC_BF][j]); count++)
1382 BF_cbc_encrypt(buf, buf,
1383 (unsigned long) lengths[j], &bf_ks,
1386 print_result(D_CBC_BF, j, count, d);
1390 #ifndef OPENSSL_NO_CAST
1391 if (doit[D_CBC_CAST]) {
1392 for (j = 0; j < SIZE_NUM; j++) {
1393 print_message(names[D_CBC_CAST], c[D_CBC_CAST][j], lengths[j]);
1395 for (count = 0, run = 1; COND(c[D_CBC_CAST][j]); count++)
1396 CAST_cbc_encrypt(buf, buf,
1397 (unsigned long) lengths[j], &cast_ks,
1400 print_result(D_CBC_CAST, j, count, d);
1406 for (j = 0; j < SIZE_NUM; j++) {
1411 names[D_EVP] = OBJ_nid2ln(evp_cipher->nid);
1413 * -O3 -fschedule-insns messes up an
1414 * optimization here! names[D_EVP] somehow
1417 print_message(names[D_EVP], save_count,
1420 EVP_CIPHER_CTX_init(&ctx);
1422 EVP_DecryptInit_ex(&ctx, evp_cipher, NULL, key16, iv);
1424 EVP_EncryptInit_ex(&ctx, evp_cipher, NULL, key16, iv);
1425 EVP_CIPHER_CTX_set_padding(&ctx, 0);
1429 for (count = 0, run = 1; COND(save_count * 4 * lengths[0] / lengths[j]); count++)
1430 EVP_DecryptUpdate(&ctx, buf, &outl, buf, lengths[j]);
1432 for (count = 0, run = 1; COND(save_count * 4 * lengths[0] / lengths[j]); count++)
1433 EVP_EncryptUpdate(&ctx, buf, &outl, buf, lengths[j]);
1435 EVP_DecryptFinal_ex(&ctx, buf, &outl);
1437 EVP_EncryptFinal_ex(&ctx, buf, &outl);
1439 EVP_CIPHER_CTX_cleanup(&ctx);
1442 names[D_EVP] = OBJ_nid2ln(evp_md->type);
1443 print_message(names[D_EVP], save_count,
1447 for (count = 0, run = 1; COND(save_count * 4 * lengths[0] / lengths[j]); count++)
1448 EVP_Digest(buf, lengths[j], &(md[0]), NULL, evp_md, NULL);
1452 print_result(D_EVP, j, count, d);
1455 arc4random_buf(buf, 36);
1456 for (j = 0; j < RSA_NUM; j++) {
1460 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, &rsa_num, rsa_key[j]);
1462 BIO_printf(bio_err, "RSA sign failure. No RSA sign will be done.\n");
1463 ERR_print_errors(bio_err);
1466 pkey_print_message("private", "rsa",
1467 rsa_c[j][0], rsa_bits[j],
1469 /* RSA_blinding_on(rsa_key[j],NULL); */
1471 for (count = 0, run = 1; COND(rsa_c[j][0]); count++) {
1472 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2,
1473 &rsa_num, rsa_key[j]);
1476 "RSA sign failure\n");
1477 ERR_print_errors(bio_err);
1483 BIO_printf(bio_err, mr ? "+R1:%ld:%d:%.2f\n"
1484 : "%ld %d bit private RSA's in %.2fs\n",
1485 count, rsa_bits[j], d);
1486 rsa_results[j][0] = d / (double) count;
1490 ret = RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[j]);
1492 BIO_printf(bio_err, "RSA verify failure. No RSA verify will be done.\n");
1493 ERR_print_errors(bio_err);
1496 pkey_print_message("public", "rsa",
1497 rsa_c[j][1], rsa_bits[j],
1500 for (count = 0, run = 1; COND(rsa_c[j][1]); count++) {
1501 ret = RSA_verify(NID_md5_sha1, buf, 36, buf2,
1502 rsa_num, rsa_key[j]);
1505 "RSA verify failure\n");
1506 ERR_print_errors(bio_err);
1512 BIO_printf(bio_err, mr ? "+R2:%ld:%d:%.2f\n"
1513 : "%ld %d bit public RSA's in %.2fs\n",
1514 count, rsa_bits[j], d);
1515 rsa_results[j][1] = d / (double) count;
1518 if (rsa_count <= 1) {
1519 /* if longer than 10s, don't do any more */
1520 for (j++; j < RSA_NUM; j++)
1525 arc4random_buf(buf, 20);
1526 for (j = 0; j < DSA_NUM; j++) {
1532 /* DSA_generate_key(dsa_key[j]); */
1533 /* DSA_sign_setup(dsa_key[j],NULL); */
1534 ret = DSA_sign(EVP_PKEY_DSA, buf, 20, buf2,
1537 BIO_printf(bio_err, "DSA sign failure. No DSA sign will be done.\n");
1538 ERR_print_errors(bio_err);
1541 pkey_print_message("sign", "dsa",
1542 dsa_c[j][0], dsa_bits[j],
1545 for (count = 0, run = 1; COND(dsa_c[j][0]); count++) {
1546 ret = DSA_sign(EVP_PKEY_DSA, buf, 20, buf2,
1550 "DSA sign failure\n");
1551 ERR_print_errors(bio_err);
1557 BIO_printf(bio_err, mr ? "+R3:%ld:%d:%.2f\n"
1558 : "%ld %d bit DSA signs in %.2fs\n",
1559 count, dsa_bits[j], d);
1560 dsa_results[j][0] = d / (double) count;
1564 ret = DSA_verify(EVP_PKEY_DSA, buf, 20, buf2,
1567 BIO_printf(bio_err, "DSA verify failure. No DSA verify will be done.\n");
1568 ERR_print_errors(bio_err);
1571 pkey_print_message("verify", "dsa",
1572 dsa_c[j][1], dsa_bits[j],
1575 for (count = 0, run = 1; COND(dsa_c[j][1]); count++) {
1576 ret = DSA_verify(EVP_PKEY_DSA, buf, 20, buf2,
1580 "DSA verify failure\n");
1581 ERR_print_errors(bio_err);
1587 BIO_printf(bio_err, mr ? "+R4:%ld:%d:%.2f\n"
1588 : "%ld %d bit DSA verify in %.2fs\n",
1589 count, dsa_bits[j], d);
1590 dsa_results[j][1] = d / (double) count;
1593 if (rsa_count <= 1) {
1594 /* if longer than 10s, don't do any more */
1595 for (j++; j < DSA_NUM; j++)
1600 for (j = 0; j < EC_NUM; j++) {
1604 continue; /* Ignore Curve */
1605 ecdsa[j] = EC_KEY_new_by_curve_name(test_curves[j]);
1606 if (ecdsa[j] == NULL) {
1607 BIO_printf(bio_err, "ECDSA failure.\n");
1608 ERR_print_errors(bio_err);
1611 EC_KEY_precompute_mult(ecdsa[j], NULL);
1613 /* Perform ECDSA signature test */
1614 EC_KEY_generate_key(ecdsa[j]);
1615 ret = ECDSA_sign(0, buf, 20, ecdsasig,
1616 &ecdsasiglen, ecdsa[j]);
1618 BIO_printf(bio_err, "ECDSA sign failure. No ECDSA sign will be done.\n");
1619 ERR_print_errors(bio_err);
1622 pkey_print_message("sign", "ecdsa",
1624 test_curves_bits[j],
1628 for (count = 0, run = 1; COND(ecdsa_c[j][0]);
1630 ret = ECDSA_sign(0, buf, 20,
1631 ecdsasig, &ecdsasiglen,
1634 BIO_printf(bio_err, "ECDSA sign failure\n");
1635 ERR_print_errors(bio_err);
1642 BIO_printf(bio_err, mr ? "+R5:%ld:%d:%.2f\n" :
1643 "%ld %d bit ECDSA signs in %.2fs \n",
1644 count, test_curves_bits[j], d);
1645 ecdsa_results[j][0] = d / (double) count;
1649 /* Perform ECDSA verification test */
1650 ret = ECDSA_verify(0, buf, 20, ecdsasig,
1651 ecdsasiglen, ecdsa[j]);
1653 BIO_printf(bio_err, "ECDSA verify failure. No ECDSA verify will be done.\n");
1654 ERR_print_errors(bio_err);
1657 pkey_print_message("verify", "ecdsa",
1659 test_curves_bits[j],
1662 for (count = 0, run = 1; COND(ecdsa_c[j][1]); count++) {
1663 ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[j]);
1665 BIO_printf(bio_err, "ECDSA verify failure\n");
1666 ERR_print_errors(bio_err);
1672 BIO_printf(bio_err, mr ? "+R6:%ld:%d:%.2f\n"
1673 : "%ld %d bit ECDSA verify in %.2fs\n",
1674 count, test_curves_bits[j], d);
1675 ecdsa_results[j][1] = d / (double) count;
1678 if (rsa_count <= 1) {
1679 /* if longer than 10s, don't do any more */
1680 for (j++; j < EC_NUM; j++)
1686 for (j = 0; j < EC_NUM; j++) {
1689 ecdh_a[j] = EC_KEY_new_by_curve_name(test_curves[j]);
1690 ecdh_b[j] = EC_KEY_new_by_curve_name(test_curves[j]);
1691 if ((ecdh_a[j] == NULL) || (ecdh_b[j] == NULL)) {
1692 BIO_printf(bio_err, "ECDH failure.\n");
1693 ERR_print_errors(bio_err);
1696 /* generate two ECDH key pairs */
1697 if (!EC_KEY_generate_key(ecdh_a[j]) ||
1698 !EC_KEY_generate_key(ecdh_b[j])) {
1699 BIO_printf(bio_err, "ECDH key generation failure.\n");
1700 ERR_print_errors(bio_err);
1704 * If field size is not more than 24 octets,
1705 * then use SHA-1 hash of result; otherwise,
1706 * use result (see section 4.8 of
1707 * draft-ietf-tls-ecc-03.txt).
1709 int field_size, outlen;
1710 void *(*kdf) (const void *in, size_t inlen, void *out, size_t * xoutlen);
1711 field_size = EC_GROUP_get_degree(EC_KEY_get0_group(ecdh_a[j]));
1712 if (field_size <= 24 * 8) {
1713 outlen = KDF1_SHA1_len;
1716 outlen = (field_size + 7) / 8;
1719 secret_size_a = ECDH_compute_key(secret_a, outlen,
1720 EC_KEY_get0_public_key(ecdh_b[j]),
1722 secret_size_b = ECDH_compute_key(secret_b, outlen,
1723 EC_KEY_get0_public_key(ecdh_a[j]),
1725 if (secret_size_a != secret_size_b)
1730 for (secret_idx = 0;
1731 (secret_idx < secret_size_a)
1732 && (ecdh_checks == 1);
1734 if (secret_a[secret_idx] != secret_b[secret_idx])
1738 if (ecdh_checks == 0) {
1740 "ECDH computations don't match.\n");
1741 ERR_print_errors(bio_err);
1744 pkey_print_message("", "ecdh",
1746 test_curves_bits[j],
1749 for (count = 0, run = 1;
1750 COND(ecdh_c[j][0]); count++) {
1751 ECDH_compute_key(secret_a,
1753 EC_KEY_get0_public_key(ecdh_b[j]),
1757 BIO_printf(bio_err, mr
1758 ? "+R7:%ld:%d:%.2f\n"
1759 : "%ld %d-bit ECDH ops in %.2fs\n",
1760 count, test_curves_bits[j], d);
1761 ecdh_results[j][0] = d / (double) count;
1768 if (rsa_count <= 1) {
1769 /* if longer than 10s, don't do any more */
1770 for (j++; j < EC_NUM; j++)
1776 fprintf(stdout, "%s\n", SSLeay_version(SSLEAY_VERSION));
1777 fprintf(stdout, "%s\n", SSLeay_version(SSLEAY_BUILT_ON));
1779 printf("%s ", BN_options());
1780 #ifndef OPENSSL_NO_RC4
1781 printf("%s ", RC4_options());
1783 #ifndef OPENSSL_NO_DES
1784 printf("%s ", DES_options());
1786 #ifndef OPENSSL_NO_AES
1787 printf("%s ", AES_options());
1789 #ifndef OPENSSL_NO_IDEA
1790 printf("%s ", idea_options());
1792 #ifndef OPENSSL_NO_BF
1793 printf("%s ", BF_options());
1795 fprintf(stdout, "\n%s\n", SSLeay_version(SSLEAY_CFLAGS));
1799 fprintf(stdout, "+H");
1801 fprintf(stdout, "The 'numbers' are in 1000s of bytes per second processed.\n");
1802 fprintf(stdout, "type ");
1804 for (j = 0; j < SIZE_NUM; j++)
1805 fprintf(stdout, mr ? ":%d" : "%7d bytes", lengths[j]);
1806 fprintf(stdout, "\n");
1808 for (k = 0; k < ALGOR_NUM; k++) {
1812 fprintf(stdout, "+F:%d:%s", k, names[k]);
1814 fprintf(stdout, "%-13s", names[k]);
1815 for (j = 0; j < SIZE_NUM; j++) {
1816 if (results[k][j] > 10000 && !mr)
1817 fprintf(stdout, " %11.2fk", results[k][j] / 1e3);
1819 fprintf(stdout, mr ? ":%.2f" : " %11.2f ", results[k][j]);
1821 fprintf(stdout, "\n");
1824 for (k = 0; k < RSA_NUM; k++) {
1828 printf("%18ssign verify sign/s verify/s\n", " ");
1832 fprintf(stdout, "+F2:%u:%u:%f:%f\n",
1833 k, rsa_bits[k], rsa_results[k][0],
1836 fprintf(stdout, "rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
1837 rsa_bits[k], rsa_results[k][0], rsa_results[k][1],
1838 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1]);
1841 for (k = 0; k < DSA_NUM; k++) {
1845 printf("%18ssign verify sign/s verify/s\n", " ");
1849 fprintf(stdout, "+F3:%u:%u:%f:%f\n",
1850 k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
1852 fprintf(stdout, "dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
1853 dsa_bits[k], dsa_results[k][0], dsa_results[k][1],
1854 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1]);
1857 for (k = 0; k < EC_NUM; k++) {
1861 printf("%30ssign verify sign/s verify/s\n", " ");
1865 fprintf(stdout, "+F4:%u:%u:%f:%f\n",
1866 k, test_curves_bits[k],
1867 ecdsa_results[k][0], ecdsa_results[k][1]);
1870 "%4u bit ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
1871 test_curves_bits[k],
1872 test_curves_names[k],
1873 ecdsa_results[k][0], ecdsa_results[k][1],
1874 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1]);
1879 for (k = 0; k < EC_NUM; k++) {
1883 printf("%30sop op/s\n", " ");
1887 fprintf(stdout, "+F5:%u:%u:%f:%f\n",
1888 k, test_curves_bits[k],
1889 ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
1892 fprintf(stdout, "%4u bit ecdh (%s) %8.4fs %8.1f\n",
1893 test_curves_bits[k],
1894 test_curves_names[k],
1895 ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
1901 ERR_print_errors(bio_err);
1904 for (i = 0; i < RSA_NUM; i++)
1905 if (rsa_key[i] != NULL)
1906 RSA_free(rsa_key[i]);
1907 for (i = 0; i < DSA_NUM; i++)
1908 if (dsa_key[i] != NULL)
1909 DSA_free(dsa_key[i]);
1911 for (i = 0; i < EC_NUM; i++)
1912 if (ecdsa[i] != NULL)
1913 EC_KEY_free(ecdsa[i]);
1914 for (i = 0; i < EC_NUM; i++) {
1915 if (ecdh_a[i] != NULL)
1916 EC_KEY_free(ecdh_a[i]);
1917 if (ecdh_b[i] != NULL)
1918 EC_KEY_free(ecdh_b[i]);
1926 print_message(const char *s, long num, int length)
1928 BIO_printf(bio_err, mr ? "+DT:%s:%d:%d\n"
1929 : "Doing %s for %ds on %d size blocks: ", s, SECONDS, length);
1930 (void) BIO_flush(bio_err);
1935 pkey_print_message(const char *str, const char *str2, long num,
1938 BIO_printf(bio_err, mr ? "+DTP:%d:%s:%s:%d\n"
1939 : "Doing %d bit %s %s's for %ds: ", bits, str, str2, tm);
1940 (void) BIO_flush(bio_err);
1945 print_result(int alg, int run_no, int count, double time_used)
1947 BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n"
1948 : "%d %s's in %.2fs\n", count, names[alg], time_used);
1949 results[alg][run_no] = ((double) count) / time_used * lengths[run_no];
1953 sstrsep(char **string, const char *delim)
1956 char *token = *string;
1961 memset(isdelim, 0, sizeof isdelim);
1965 isdelim[(unsigned char) (*delim)] = 1;
1969 while (!isdelim[(unsigned char) (**string)]) {
1986 static char sep[] = ":";
1987 const char *errstr = NULL;
1989 fds = reallocarray(NULL, multi, sizeof *fds);
1991 fprintf(stderr, "reallocarray failure\n");
1994 for (n = 0; n < multi; ++n) {
1995 if (pipe(fd) == -1) {
1996 fprintf(stderr, "pipe failure\n");
2007 if (dup(fd[1]) == -1) {
2008 fprintf(stderr, "dup failed\n");
2017 printf("Forked child %d\n", n);
2020 /* for now, assume the pipe is long enough to take all the output */
2021 for (n = 0; n < multi; ++n) {
2026 f = fdopen(fds[n], "r");
2027 while (fgets(buf, sizeof buf, f)) {
2028 p = strchr(buf, '\n');
2031 if (buf[0] != '+') {
2032 fprintf(stderr, "Don't understand line '%s' from child %d\n",
2036 printf("Got: %s from %d\n", buf, n);
2037 if (!strncmp(buf, "+F:", 3)) {
2042 alg = strtonum(sstrsep(&p, sep),
2043 0, ALGOR_NUM - 1, &errstr);
2045 for (j = 0; j < SIZE_NUM; ++j)
2046 results[alg][j] += atof(sstrsep(&p, sep));
2047 } else if (!strncmp(buf, "+F2:", 4)) {
2052 k = strtonum(sstrsep(&p, sep),
2053 0, ALGOR_NUM - 1, &errstr);
2056 d = atof(sstrsep(&p, sep));
2058 rsa_results[k][0] = 1 / (1 / rsa_results[k][0] + 1 / d);
2060 rsa_results[k][0] = d;
2062 d = atof(sstrsep(&p, sep));
2064 rsa_results[k][1] = 1 / (1 / rsa_results[k][1] + 1 / d);
2066 rsa_results[k][1] = d;
2067 } else if (!strncmp(buf, "+F2:", 4)) {
2072 k = strtonum(sstrsep(&p, sep),
2073 0, ALGOR_NUM - 1, &errstr);
2076 d = atof(sstrsep(&p, sep));
2078 rsa_results[k][0] = 1 / (1 / rsa_results[k][0] + 1 / d);
2080 rsa_results[k][0] = d;
2082 d = atof(sstrsep(&p, sep));
2084 rsa_results[k][1] = 1 / (1 / rsa_results[k][1] + 1 / d);
2086 rsa_results[k][1] = d;
2088 else if (!strncmp(buf, "+F3:", 4)) {
2093 k = strtonum(sstrsep(&p, sep),
2094 0, ALGOR_NUM - 1, &errstr);
2097 d = atof(sstrsep(&p, sep));
2099 dsa_results[k][0] = 1 / (1 / dsa_results[k][0] + 1 / d);
2101 dsa_results[k][0] = d;
2103 d = atof(sstrsep(&p, sep));
2105 dsa_results[k][1] = 1 / (1 / dsa_results[k][1] + 1 / d);
2107 dsa_results[k][1] = d;
2109 else if (!strncmp(buf, "+F4:", 4)) {
2114 k = strtonum(sstrsep(&p, sep),
2115 0, ALGOR_NUM - 1, &errstr);
2118 d = atof(sstrsep(&p, sep));
2120 ecdsa_results[k][0] = 1 / (1 / ecdsa_results[k][0] + 1 / d);
2122 ecdsa_results[k][0] = d;
2124 d = atof(sstrsep(&p, sep));
2126 ecdsa_results[k][1] = 1 / (1 / ecdsa_results[k][1] + 1 / d);
2128 ecdsa_results[k][1] = d;
2131 else if (!strncmp(buf, "+F5:", 4)) {
2136 k = strtonum(sstrsep(&p, sep),
2137 0, ALGOR_NUM - 1, &errstr);
2140 d = atof(sstrsep(&p, sep));
2142 ecdh_results[k][0] = 1 / (1 / ecdh_results[k][0] + 1 / d);
2144 ecdh_results[k][0] = d;
2148 else if (!strncmp(buf, "+H:", 3)) {
2150 fprintf(stderr, "Unknown type '%s' from child %d\n", buf, n);