1 /* $OpenBSD: speed.c,v 1.28 2022/01/14 09:27:30 tb Exp $ */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58 /* ====================================================================
59 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
60 *
61 * Portions of the attached software ("Contribution") are developed by
62 * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
63 *
64 * The Contribution is licensed pursuant to the OpenSSL open source
65 * license provided above.
66 *
67 * The ECDH and ECDSA speed test software is originally written by
68 * Sumit Gupta of Sun Microsystems Laboratories.
69 *
70 */
71
72 /* most of this code has been pilfered from my libdes speed.c program */
73
74 #ifndef OPENSSL_NO_SPEED
75
76 #define SECONDS 3
77 #define RSA_SECONDS 10
78 #define DSA_SECONDS 10
79 #define ECDSA_SECONDS 10
80 #define ECDH_SECONDS 10
81
82 #include <math.h>
83 #include <signal.h>
84 #include <stdio.h>
85 #include <stdlib.h>
86 #include <limits.h>
87 #include <string.h>
88 #include <unistd.h>
89
90 #include "apps.h"
91
92 #include <openssl/bn.h>
93 #include <openssl/crypto.h>
94 #include <openssl/err.h>
95 #include <openssl/evp.h>
96 #include <openssl/modes.h>
97 #include <openssl/objects.h>
98 #include <openssl/x509.h>
99
100 #ifndef OPENSSL_NO_AES
101 #include <openssl/aes.h>
102 #endif
103 #ifndef OPENSSL_NO_BF
104 #include <openssl/blowfish.h>
105 #endif
106 #ifndef OPENSSL_NO_CAST
107 #include <openssl/cast.h>
108 #endif
109 #ifndef OPENSSL_NO_CAMELLIA
110 #include <openssl/camellia.h>
111 #endif
112 #ifndef OPENSSL_NO_DES
113 #include <openssl/des.h>
114 #endif
115 #include <openssl/dsa.h>
116 #include <openssl/ecdh.h>
117 #include <openssl/ecdsa.h>
118 #ifndef OPENSSL_NO_HMAC
119 #include <openssl/hmac.h>
120 #endif
121 #ifndef OPENSSL_NO_IDEA
122 #include <openssl/idea.h>
123 #endif
124 #ifndef OPENSSL_NO_MD4
125 #include <openssl/md4.h>
126 #endif
127 #ifndef OPENSSL_NO_MD5
128 #include <openssl/md5.h>
129 #endif
130 #ifndef OPENSSL_NO_RC2
131 #include <openssl/rc2.h>
132 #endif
133 #ifndef OPENSSL_NO_RC4
134 #include <openssl/rc4.h>
135 #endif
136 #include <openssl/rsa.h>
137 #ifndef OPENSSL_NO_RIPEMD
138 #include <openssl/ripemd.h>
139 #endif
140 #ifndef OPENSSL_NO_SHA
141 #include <openssl/sha.h>
142 #endif
143 #ifndef OPENSSL_NO_WHIRLPOOL
144 #include <openssl/whrlpool.h>
145 #endif
146
147 #include "./testdsa.h"
148 #include "./testrsa.h"
149
150 #define BUFSIZE (1024*8+64)
151 int run = 0;
152
153 static int mr = 0;
154 static int usertime = 1;
155
156 static double Time_F(int s);
157 static void print_message(const char *s, long num, int length);
158 static void
159 pkey_print_message(const char *str, const char *str2,
160 long num, int bits, int sec);
161 static void print_result(int alg, int run_no, int count, double time_used);
162 #ifndef _WIN32
163 static int do_multi(int multi);
164 #else
165 void speed_signal(int sigcatch, void (*func)(int sigraised));
166 unsigned int speed_alarm(unsigned int seconds);
167 void speed_alarm_free(int run);
168 #define SIGALRM 14
169 #define signal(sigcatch, func) speed_signal((sigcatch), (func))
170 #define alarm(seconds) speed_alarm((seconds))
171 #endif
172
173 #define ALGOR_NUM 32
174 #define SIZE_NUM 5
175 #define RSA_NUM 4
176 #define DSA_NUM 3
177
178 #define EC_NUM 16
179 #define MAX_ECDH_SIZE 256
180
181 static const char *names[ALGOR_NUM] = {
182 "md2", "md4", "md5", "hmac(md5)", "sha1", "rmd160",
183 "rc4", "des cbc", "des ede3", "idea cbc", "seed cbc",
184 "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
185 "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
186 "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
187 "evp", "sha256", "sha512", "whirlpool",
188 "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
189 "aes-128 gcm", "aes-256 gcm", "chacha20 poly1305",
190 };
191 static double results[ALGOR_NUM][SIZE_NUM];
192 static int lengths[SIZE_NUM] = {16, 64, 256, 1024, 8 * 1024};
193 static double rsa_results[RSA_NUM][2];
194 static double dsa_results[DSA_NUM][2];
195 static double ecdsa_results[EC_NUM][2];
196 static double ecdh_results[EC_NUM][1];
197
198 static void sig_done(int sig);
199
200 static void
sig_done(int sig)201 sig_done(int sig)
202 {
203 signal(SIGALRM, sig_done);
204 run = 0;
205 }
206
207 #define START TM_RESET
208 #define STOP TM_GET
209
210
211 static double
Time_F(int s)212 Time_F(int s)
213 {
214 if (usertime)
215 return app_timer_user(s);
216 else
217 return app_timer_real(s);
218 }
219
220
221 static const int KDF1_SHA1_len = 20;
222 static void *
KDF1_SHA1(const void * in,size_t inlen,void * out,size_t * outlen)223 KDF1_SHA1(const void *in, size_t inlen, void *out, size_t * outlen)
224 {
225 #ifndef OPENSSL_NO_SHA
226 if (*outlen < SHA_DIGEST_LENGTH)
227 return NULL;
228 else
229 *outlen = SHA_DIGEST_LENGTH;
230 return SHA1(in, inlen, out);
231 #else
232 return NULL;
233 #endif /* OPENSSL_NO_SHA */
234 }
235
236 int
speed_main(int argc,char ** argv)237 speed_main(int argc, char **argv)
238 {
239 unsigned char *buf = NULL, *buf2 = NULL;
240 int mret = 1;
241 long count = 0, save_count = 0;
242 int i, j, k;
243 long rsa_count;
244 unsigned rsa_num;
245 unsigned char md[EVP_MAX_MD_SIZE];
246 #ifndef OPENSSL_NO_MD4
247 unsigned char md4[MD4_DIGEST_LENGTH];
248 #endif
249 #ifndef OPENSSL_NO_MD5
250 unsigned char md5[MD5_DIGEST_LENGTH];
251 unsigned char hmac[MD5_DIGEST_LENGTH];
252 #endif
253 #ifndef OPENSSL_NO_SHA
254 unsigned char sha[SHA_DIGEST_LENGTH];
255 #ifndef OPENSSL_NO_SHA256
256 unsigned char sha256[SHA256_DIGEST_LENGTH];
257 #endif
258 #ifndef OPENSSL_NO_SHA512
259 unsigned char sha512[SHA512_DIGEST_LENGTH];
260 #endif
261 #endif
262 #ifndef OPENSSL_NO_WHIRLPOOL
263 unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
264 #endif
265 #ifndef OPENSSL_NO_RIPEMD
266 unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
267 #endif
268 #ifndef OPENSSL_NO_RC4
269 RC4_KEY rc4_ks;
270 #endif
271 #ifndef OPENSSL_NO_RC2
272 RC2_KEY rc2_ks;
273 #endif
274 #ifndef OPENSSL_NO_IDEA
275 IDEA_KEY_SCHEDULE idea_ks;
276 #endif
277 #ifndef OPENSSL_NO_BF
278 BF_KEY bf_ks;
279 #endif
280 #ifndef OPENSSL_NO_CAST
281 CAST_KEY cast_ks;
282 #endif
283 static const unsigned char key16[16] =
284 {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
285 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12};
286 #ifndef OPENSSL_NO_AES
287 static const unsigned char key24[24] =
288 {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
289 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
290 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34};
291 static const unsigned char key32[32] =
292 {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
293 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
294 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
295 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56};
296 #endif
297 #ifndef OPENSSL_NO_CAMELLIA
298 static const unsigned char ckey24[24] =
299 {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
300 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
301 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34};
302 static const unsigned char ckey32[32] =
303 {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
304 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
305 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
306 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56};
307 #endif
308 #ifndef OPENSSL_NO_AES
309 #define MAX_BLOCK_SIZE 128
310 #else
311 #define MAX_BLOCK_SIZE 64
312 #endif
313 unsigned char DES_iv[8];
314 unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
315 #ifndef OPENSSL_NO_DES
316 static DES_cblock key = {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0};
317 static DES_cblock key2 = {0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12};
318 static DES_cblock key3 = {0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34};
319 DES_key_schedule sch;
320 DES_key_schedule sch2;
321 DES_key_schedule sch3;
322 #endif
323 #ifndef OPENSSL_NO_AES
324 AES_KEY aes_ks1, aes_ks2, aes_ks3;
325 #endif
326 #ifndef OPENSSL_NO_CAMELLIA
327 CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3;
328 #endif
329 #define D_MD2 0
330 #define D_MD4 1
331 #define D_MD5 2
332 #define D_HMAC 3
333 #define D_SHA1 4
334 #define D_RMD160 5
335 #define D_RC4 6
336 #define D_CBC_DES 7
337 #define D_EDE3_DES 8
338 #define D_CBC_IDEA 9
339 #define D_CBC_SEED 10
340 #define D_CBC_RC2 11
341 #define D_CBC_RC5 12
342 #define D_CBC_BF 13
343 #define D_CBC_CAST 14
344 #define D_CBC_128_AES 15
345 #define D_CBC_192_AES 16
346 #define D_CBC_256_AES 17
347 #define D_CBC_128_CML 18
348 #define D_CBC_192_CML 19
349 #define D_CBC_256_CML 20
350 #define D_EVP 21
351 #define D_SHA256 22
352 #define D_SHA512 23
353 #define D_WHIRLPOOL 24
354 #define D_IGE_128_AES 25
355 #define D_IGE_192_AES 26
356 #define D_IGE_256_AES 27
357 #define D_GHASH 28
358 #define D_AES_128_GCM 29
359 #define D_AES_256_GCM 30
360 #define D_CHACHA20_POLY1305 31
361 double d = 0.0;
362 long c[ALGOR_NUM][SIZE_NUM];
363 #define R_DSA_512 0
364 #define R_DSA_1024 1
365 #define R_DSA_2048 2
366 #define R_RSA_512 0
367 #define R_RSA_1024 1
368 #define R_RSA_2048 2
369 #define R_RSA_4096 3
370
371 #define R_EC_P160 0
372 #define R_EC_P192 1
373 #define R_EC_P224 2
374 #define R_EC_P256 3
375 #define R_EC_P384 4
376 #define R_EC_P521 5
377 #define R_EC_K163 6
378 #define R_EC_K233 7
379 #define R_EC_K283 8
380 #define R_EC_K409 9
381 #define R_EC_K571 10
382 #define R_EC_B163 11
383 #define R_EC_B233 12
384 #define R_EC_B283 13
385 #define R_EC_B409 14
386 #define R_EC_B571 15
387
388 RSA *rsa_key[RSA_NUM];
389 long rsa_c[RSA_NUM][2];
390 static unsigned int rsa_bits[RSA_NUM] = {512, 1024, 2048, 4096};
391 static unsigned char *rsa_data[RSA_NUM] =
392 {test512, test1024, test2048, test4096};
393 static int rsa_data_length[RSA_NUM] = {
394 sizeof(test512), sizeof(test1024),
395 sizeof(test2048), sizeof(test4096)};
396 DSA *dsa_key[DSA_NUM];
397 long dsa_c[DSA_NUM][2];
398 static unsigned int dsa_bits[DSA_NUM] = {512, 1024, 2048};
399 #ifndef OPENSSL_NO_EC
400 /*
401 * We only test over the following curves as they are representative,
402 * To add tests over more curves, simply add the curve NID and curve
403 * name to the following arrays and increase the EC_NUM value
404 * accordingly.
405 */
406 static unsigned int test_curves[EC_NUM] =
407 {
408 /* Prime Curves */
409 NID_secp160r1,
410 NID_X9_62_prime192v1,
411 NID_secp224r1,
412 NID_X9_62_prime256v1,
413 NID_secp384r1,
414 NID_secp521r1,
415 /* Binary Curves */
416 NID_sect163k1,
417 NID_sect233k1,
418 NID_sect283k1,
419 NID_sect409k1,
420 NID_sect571k1,
421 NID_sect163r2,
422 NID_sect233r1,
423 NID_sect283r1,
424 NID_sect409r1,
425 NID_sect571r1
426 };
427 static const char *test_curves_names[EC_NUM] =
428 {
429 /* Prime Curves */
430 "secp160r1",
431 "nistp192",
432 "nistp224",
433 "nistp256",
434 "nistp384",
435 "nistp521",
436 /* Binary Curves */
437 "nistk163",
438 "nistk233",
439 "nistk283",
440 "nistk409",
441 "nistk571",
442 "nistb163",
443 "nistb233",
444 "nistb283",
445 "nistb409",
446 "nistb571"
447 };
448 static int test_curves_bits[EC_NUM] =
449 {
450 160, 192, 224, 256, 384, 521,
451 163, 233, 283, 409, 571,
452 163, 233, 283, 409, 571
453 };
454
455 #endif
456
457 unsigned char ecdsasig[256];
458 unsigned int ecdsasiglen;
459 EC_KEY *ecdsa[EC_NUM];
460 long ecdsa_c[EC_NUM][2];
461
462 EC_KEY *ecdh_a[EC_NUM], *ecdh_b[EC_NUM];
463 unsigned char secret_a[MAX_ECDH_SIZE], secret_b[MAX_ECDH_SIZE];
464 int secret_size_a, secret_size_b;
465 int ecdh_checks = 0;
466 int secret_idx = 0;
467 long ecdh_c[EC_NUM][2];
468
469 int rsa_doit[RSA_NUM];
470 int dsa_doit[DSA_NUM];
471 int ecdsa_doit[EC_NUM];
472 int ecdh_doit[EC_NUM];
473 int doit[ALGOR_NUM];
474 int pr_header = 0;
475 const EVP_CIPHER *evp_cipher = NULL;
476 const EVP_MD *evp_md = NULL;
477 int decrypt = 0;
478 #ifndef _WIN32
479 int multi = 0;
480 const char *errstr = NULL;
481 #endif
482
483 if (single_execution) {
484 if (pledge("stdio proc", NULL) == -1) {
485 perror("pledge");
486 exit(1);
487 }
488 }
489
490 usertime = -1;
491
492 memset(results, 0, sizeof(results));
493 memset(dsa_key, 0, sizeof(dsa_key));
494 for (i = 0; i < EC_NUM; i++)
495 ecdsa[i] = NULL;
496 for (i = 0; i < EC_NUM; i++) {
497 ecdh_a[i] = NULL;
498 ecdh_b[i] = NULL;
499 }
500
501 memset(rsa_key, 0, sizeof(rsa_key));
502 for (i = 0; i < RSA_NUM; i++)
503 rsa_key[i] = NULL;
504
505 if ((buf = malloc(BUFSIZE)) == NULL) {
506 BIO_printf(bio_err, "out of memory\n");
507 goto end;
508 }
509 if ((buf2 = malloc(BUFSIZE)) == NULL) {
510 BIO_printf(bio_err, "out of memory\n");
511 goto end;
512 }
513 memset(c, 0, sizeof(c));
514 memset(DES_iv, 0, sizeof(DES_iv));
515 memset(iv, 0, sizeof(iv));
516
517 for (i = 0; i < ALGOR_NUM; i++)
518 doit[i] = 0;
519 for (i = 0; i < RSA_NUM; i++)
520 rsa_doit[i] = 0;
521 for (i = 0; i < DSA_NUM; i++)
522 dsa_doit[i] = 0;
523 for (i = 0; i < EC_NUM; i++)
524 ecdsa_doit[i] = 0;
525 for (i = 0; i < EC_NUM; i++)
526 ecdh_doit[i] = 0;
527
528
529 j = 0;
530 argc--;
531 argv++;
532 while (argc) {
533 if ((argc > 0) && (strcmp(*argv, "-elapsed") == 0)) {
534 usertime = 0;
535 j--; /* Otherwise, -elapsed gets confused with an
536 * algorithm. */
537 } else if ((argc > 0) && (strcmp(*argv, "-evp") == 0)) {
538 argc--;
539 argv++;
540 if (argc == 0) {
541 BIO_printf(bio_err, "no EVP given\n");
542 goto end;
543 }
544 evp_cipher = EVP_get_cipherbyname(*argv);
545 if (!evp_cipher) {
546 evp_md = EVP_get_digestbyname(*argv);
547 }
548 if (!evp_cipher && !evp_md) {
549 BIO_printf(bio_err, "%s is an unknown cipher or digest\n", *argv);
550 goto end;
551 }
552 doit[D_EVP] = 1;
553 } else if (argc > 0 && !strcmp(*argv, "-decrypt")) {
554 decrypt = 1;
555 j--; /* Otherwise, -decrypt gets confused with an
556 * algorithm. */
557 }
558 #ifndef _WIN32
559 else if ((argc > 0) && (strcmp(*argv, "-multi") == 0)) {
560 argc--;
561 argv++;
562 if (argc == 0) {
563 BIO_printf(bio_err, "no multi count given\n");
564 goto end;
565 }
566 multi = strtonum(argv[0], 1, INT_MAX, &errstr);
567 if (errstr) {
568 BIO_printf(bio_err, "bad multi count: %s", errstr);
569 goto end;
570 }
571 j--; /* Otherwise, -multi gets confused with an
572 * algorithm. */
573 }
574 #endif
575 else if (argc > 0 && !strcmp(*argv, "-mr")) {
576 mr = 1;
577 j--; /* Otherwise, -mr gets confused with an
578 * algorithm. */
579 } else
580 #ifndef OPENSSL_NO_MD4
581 if (strcmp(*argv, "md4") == 0)
582 doit[D_MD4] = 1;
583 else
584 #endif
585 #ifndef OPENSSL_NO_MD5
586 if (strcmp(*argv, "md5") == 0)
587 doit[D_MD5] = 1;
588 else
589 #endif
590 #ifndef OPENSSL_NO_MD5
591 if (strcmp(*argv, "hmac") == 0)
592 doit[D_HMAC] = 1;
593 else
594 #endif
595 #ifndef OPENSSL_NO_SHA
596 if (strcmp(*argv, "sha1") == 0)
597 doit[D_SHA1] = 1;
598 else if (strcmp(*argv, "sha") == 0)
599 doit[D_SHA1] = 1,
600 doit[D_SHA256] = 1,
601 doit[D_SHA512] = 1;
602 else
603 #ifndef OPENSSL_NO_SHA256
604 if (strcmp(*argv, "sha256") == 0)
605 doit[D_SHA256] = 1;
606 else
607 #endif
608 #ifndef OPENSSL_NO_SHA512
609 if (strcmp(*argv, "sha512") == 0)
610 doit[D_SHA512] = 1;
611 else
612 #endif
613 #endif
614 #ifndef OPENSSL_NO_WHIRLPOOL
615 if (strcmp(*argv, "whirlpool") == 0)
616 doit[D_WHIRLPOOL] = 1;
617 else
618 #endif
619 #ifndef OPENSSL_NO_RIPEMD
620 if (strcmp(*argv, "ripemd") == 0)
621 doit[D_RMD160] = 1;
622 else if (strcmp(*argv, "rmd160") == 0)
623 doit[D_RMD160] = 1;
624 else if (strcmp(*argv, "ripemd160") == 0)
625 doit[D_RMD160] = 1;
626 else
627 #endif
628 #ifndef OPENSSL_NO_RC4
629 if (strcmp(*argv, "rc4") == 0)
630 doit[D_RC4] = 1;
631 else
632 #endif
633 #ifndef OPENSSL_NO_DES
634 if (strcmp(*argv, "des-cbc") == 0)
635 doit[D_CBC_DES] = 1;
636 else if (strcmp(*argv, "des-ede3") == 0)
637 doit[D_EDE3_DES] = 1;
638 else
639 #endif
640 #ifndef OPENSSL_NO_AES
641 if (strcmp(*argv, "aes-128-cbc") == 0)
642 doit[D_CBC_128_AES] = 1;
643 else if (strcmp(*argv, "aes-192-cbc") == 0)
644 doit[D_CBC_192_AES] = 1;
645 else if (strcmp(*argv, "aes-256-cbc") == 0)
646 doit[D_CBC_256_AES] = 1;
647 else if (strcmp(*argv, "aes-128-ige") == 0)
648 doit[D_IGE_128_AES] = 1;
649 else if (strcmp(*argv, "aes-192-ige") == 0)
650 doit[D_IGE_192_AES] = 1;
651 else if (strcmp(*argv, "aes-256-ige") == 0)
652 doit[D_IGE_256_AES] = 1;
653 else
654 #endif
655 #ifndef OPENSSL_NO_CAMELLIA
656 if (strcmp(*argv, "camellia-128-cbc") == 0)
657 doit[D_CBC_128_CML] = 1;
658 else if (strcmp(*argv, "camellia-192-cbc") == 0)
659 doit[D_CBC_192_CML] = 1;
660 else if (strcmp(*argv, "camellia-256-cbc") == 0)
661 doit[D_CBC_256_CML] = 1;
662 else
663 #endif
664 #ifndef RSA_NULL
665 if (strcmp(*argv, "openssl") == 0) {
666 RSA_set_default_method(RSA_PKCS1_SSLeay());
667 j--;
668 } else
669 #endif
670 if (strcmp(*argv, "dsa512") == 0)
671 dsa_doit[R_DSA_512] = 2;
672 else if (strcmp(*argv, "dsa1024") == 0)
673 dsa_doit[R_DSA_1024] = 2;
674 else if (strcmp(*argv, "dsa2048") == 0)
675 dsa_doit[R_DSA_2048] = 2;
676 else if (strcmp(*argv, "rsa512") == 0)
677 rsa_doit[R_RSA_512] = 2;
678 else if (strcmp(*argv, "rsa1024") == 0)
679 rsa_doit[R_RSA_1024] = 2;
680 else if (strcmp(*argv, "rsa2048") == 0)
681 rsa_doit[R_RSA_2048] = 2;
682 else if (strcmp(*argv, "rsa4096") == 0)
683 rsa_doit[R_RSA_4096] = 2;
684 else
685 #ifndef OPENSSL_NO_RC2
686 if (strcmp(*argv, "rc2-cbc") == 0)
687 doit[D_CBC_RC2] = 1;
688 else if (strcmp(*argv, "rc2") == 0)
689 doit[D_CBC_RC2] = 1;
690 else
691 #endif
692 #ifndef OPENSSL_NO_IDEA
693 if (strcmp(*argv, "idea-cbc") == 0)
694 doit[D_CBC_IDEA] = 1;
695 else if (strcmp(*argv, "idea") == 0)
696 doit[D_CBC_IDEA] = 1;
697 else
698 #endif
699 #ifndef OPENSSL_NO_BF
700 if (strcmp(*argv, "bf-cbc") == 0)
701 doit[D_CBC_BF] = 1;
702 else if (strcmp(*argv, "blowfish") == 0)
703 doit[D_CBC_BF] = 1;
704 else if (strcmp(*argv, "bf") == 0)
705 doit[D_CBC_BF] = 1;
706 else
707 #endif
708 #ifndef OPENSSL_NO_CAST
709 if (strcmp(*argv, "cast-cbc") == 0)
710 doit[D_CBC_CAST] = 1;
711 else if (strcmp(*argv, "cast") == 0)
712 doit[D_CBC_CAST] = 1;
713 else if (strcmp(*argv, "cast5") == 0)
714 doit[D_CBC_CAST] = 1;
715 else
716 #endif
717 #ifndef OPENSSL_NO_DES
718 if (strcmp(*argv, "des") == 0) {
719 doit[D_CBC_DES] = 1;
720 doit[D_EDE3_DES] = 1;
721 } else
722 #endif
723 #ifndef OPENSSL_NO_AES
724 if (strcmp(*argv, "aes") == 0) {
725 doit[D_CBC_128_AES] = 1;
726 doit[D_CBC_192_AES] = 1;
727 doit[D_CBC_256_AES] = 1;
728 } else if (strcmp(*argv, "ghash") == 0)
729 doit[D_GHASH] = 1;
730 else if (strcmp(*argv,"aes-128-gcm") == 0)
731 doit[D_AES_128_GCM]=1;
732 else if (strcmp(*argv,"aes-256-gcm") == 0)
733 doit[D_AES_256_GCM]=1;
734 else
735 #endif
736 #ifndef OPENSSL_NO_CAMELLIA
737 if (strcmp(*argv, "camellia") == 0) {
738 doit[D_CBC_128_CML] = 1;
739 doit[D_CBC_192_CML] = 1;
740 doit[D_CBC_256_CML] = 1;
741 } else
742 #endif
743 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
744 if (strcmp(*argv,"chacha20-poly1305") == 0)
745 doit[D_CHACHA20_POLY1305]=1;
746 else
747 #endif
748 if (strcmp(*argv, "rsa") == 0) {
749 rsa_doit[R_RSA_512] = 1;
750 rsa_doit[R_RSA_1024] = 1;
751 rsa_doit[R_RSA_2048] = 1;
752 rsa_doit[R_RSA_4096] = 1;
753 } else
754 if (strcmp(*argv, "dsa") == 0) {
755 dsa_doit[R_DSA_512] = 1;
756 dsa_doit[R_DSA_1024] = 1;
757 dsa_doit[R_DSA_2048] = 1;
758 } else
759 if (strcmp(*argv, "ecdsap160") == 0)
760 ecdsa_doit[R_EC_P160] = 2;
761 else if (strcmp(*argv, "ecdsap192") == 0)
762 ecdsa_doit[R_EC_P192] = 2;
763 else if (strcmp(*argv, "ecdsap224") == 0)
764 ecdsa_doit[R_EC_P224] = 2;
765 else if (strcmp(*argv, "ecdsap256") == 0)
766 ecdsa_doit[R_EC_P256] = 2;
767 else if (strcmp(*argv, "ecdsap384") == 0)
768 ecdsa_doit[R_EC_P384] = 2;
769 else if (strcmp(*argv, "ecdsap521") == 0)
770 ecdsa_doit[R_EC_P521] = 2;
771 else if (strcmp(*argv, "ecdsak163") == 0)
772 ecdsa_doit[R_EC_K163] = 2;
773 else if (strcmp(*argv, "ecdsak233") == 0)
774 ecdsa_doit[R_EC_K233] = 2;
775 else if (strcmp(*argv, "ecdsak283") == 0)
776 ecdsa_doit[R_EC_K283] = 2;
777 else if (strcmp(*argv, "ecdsak409") == 0)
778 ecdsa_doit[R_EC_K409] = 2;
779 else if (strcmp(*argv, "ecdsak571") == 0)
780 ecdsa_doit[R_EC_K571] = 2;
781 else if (strcmp(*argv, "ecdsab163") == 0)
782 ecdsa_doit[R_EC_B163] = 2;
783 else if (strcmp(*argv, "ecdsab233") == 0)
784 ecdsa_doit[R_EC_B233] = 2;
785 else if (strcmp(*argv, "ecdsab283") == 0)
786 ecdsa_doit[R_EC_B283] = 2;
787 else if (strcmp(*argv, "ecdsab409") == 0)
788 ecdsa_doit[R_EC_B409] = 2;
789 else if (strcmp(*argv, "ecdsab571") == 0)
790 ecdsa_doit[R_EC_B571] = 2;
791 else if (strcmp(*argv, "ecdsa") == 0) {
792 for (i = 0; i < EC_NUM; i++)
793 ecdsa_doit[i] = 1;
794 } else
795 if (strcmp(*argv, "ecdhp160") == 0)
796 ecdh_doit[R_EC_P160] = 2;
797 else if (strcmp(*argv, "ecdhp192") == 0)
798 ecdh_doit[R_EC_P192] = 2;
799 else if (strcmp(*argv, "ecdhp224") == 0)
800 ecdh_doit[R_EC_P224] = 2;
801 else if (strcmp(*argv, "ecdhp256") == 0)
802 ecdh_doit[R_EC_P256] = 2;
803 else if (strcmp(*argv, "ecdhp384") == 0)
804 ecdh_doit[R_EC_P384] = 2;
805 else if (strcmp(*argv, "ecdhp521") == 0)
806 ecdh_doit[R_EC_P521] = 2;
807 else if (strcmp(*argv, "ecdhk163") == 0)
808 ecdh_doit[R_EC_K163] = 2;
809 else if (strcmp(*argv, "ecdhk233") == 0)
810 ecdh_doit[R_EC_K233] = 2;
811 else if (strcmp(*argv, "ecdhk283") == 0)
812 ecdh_doit[R_EC_K283] = 2;
813 else if (strcmp(*argv, "ecdhk409") == 0)
814 ecdh_doit[R_EC_K409] = 2;
815 else if (strcmp(*argv, "ecdhk571") == 0)
816 ecdh_doit[R_EC_K571] = 2;
817 else if (strcmp(*argv, "ecdhb163") == 0)
818 ecdh_doit[R_EC_B163] = 2;
819 else if (strcmp(*argv, "ecdhb233") == 0)
820 ecdh_doit[R_EC_B233] = 2;
821 else if (strcmp(*argv, "ecdhb283") == 0)
822 ecdh_doit[R_EC_B283] = 2;
823 else if (strcmp(*argv, "ecdhb409") == 0)
824 ecdh_doit[R_EC_B409] = 2;
825 else if (strcmp(*argv, "ecdhb571") == 0)
826 ecdh_doit[R_EC_B571] = 2;
827 else if (strcmp(*argv, "ecdh") == 0) {
828 for (i = 0; i < EC_NUM; i++)
829 ecdh_doit[i] = 1;
830 } else
831 {
832 BIO_printf(bio_err, "Error: bad option or value\n");
833 BIO_printf(bio_err, "\n");
834 BIO_printf(bio_err, "Available values:\n");
835 #ifndef OPENSSL_NO_MD4
836 BIO_printf(bio_err, "md4 ");
837 #endif
838 #ifndef OPENSSL_NO_MD5
839 BIO_printf(bio_err, "md5 ");
840 #ifndef OPENSSL_NO_HMAC
841 BIO_printf(bio_err, "hmac ");
842 #endif
843 #endif
844 #ifndef OPENSSL_NO_SHA1
845 BIO_printf(bio_err, "sha1 ");
846 #endif
847 #ifndef OPENSSL_NO_SHA256
848 BIO_printf(bio_err, "sha256 ");
849 #endif
850 #ifndef OPENSSL_NO_SHA512
851 BIO_printf(bio_err, "sha512 ");
852 #endif
853 #ifndef OPENSSL_NO_WHIRLPOOL
854 BIO_printf(bio_err, "whirlpool");
855 #endif
856 #ifndef OPENSSL_NO_RIPEMD160
857 BIO_printf(bio_err, "rmd160");
858 #endif
859 #if !defined(OPENSSL_NO_MD2) || \
860 !defined(OPENSSL_NO_MD4) || !defined(OPENSSL_NO_MD5) || \
861 !defined(OPENSSL_NO_SHA1) || !defined(OPENSSL_NO_RIPEMD160) || \
862 !defined(OPENSSL_NO_WHIRLPOOL)
863 BIO_printf(bio_err, "\n");
864 #endif
865
866 #ifndef OPENSSL_NO_IDEA
867 BIO_printf(bio_err, "idea-cbc ");
868 #endif
869 #ifndef OPENSSL_NO_RC2
870 BIO_printf(bio_err, "rc2-cbc ");
871 #endif
872 #ifndef OPENSSL_NO_BF
873 BIO_printf(bio_err, "bf-cbc ");
874 #endif
875 #ifndef OPENSSL_NO_DES
876 BIO_printf(bio_err, "des-cbc des-ede3\n");
877 #endif
878 #ifndef OPENSSL_NO_AES
879 BIO_printf(bio_err, "aes-128-cbc aes-192-cbc aes-256-cbc ");
880 BIO_printf(bio_err, "aes-128-ige aes-192-ige aes-256-ige\n");
881 BIO_printf(bio_err, "aes-128-gcm aes-256-gcm ");
882 #endif
883 #ifndef OPENSSL_NO_CAMELLIA
884 BIO_printf(bio_err, "\n");
885 BIO_printf(bio_err, "camellia-128-cbc camellia-192-cbc camellia-256-cbc ");
886 #endif
887 #ifndef OPENSSL_NO_RC4
888 BIO_printf(bio_err, "rc4");
889 #endif
890 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
891 BIO_printf(bio_err," chacha20-poly1305");
892 #endif
893 BIO_printf(bio_err, "\n");
894
895 BIO_printf(bio_err, "rsa512 rsa1024 rsa2048 rsa4096\n");
896
897 BIO_printf(bio_err, "dsa512 dsa1024 dsa2048\n");
898 BIO_printf(bio_err, "ecdsap160 ecdsap192 ecdsap224 ecdsap256 ecdsap384 ecdsap521\n");
899 BIO_printf(bio_err, "ecdsak163 ecdsak233 ecdsak283 ecdsak409 ecdsak571\n");
900 BIO_printf(bio_err, "ecdsab163 ecdsab233 ecdsab283 ecdsab409 ecdsab571 ecdsa\n");
901 BIO_printf(bio_err, "ecdhp160 ecdhp192 ecdhp224 ecdhp256 ecdhp384 ecdhp521\n");
902 BIO_printf(bio_err, "ecdhk163 ecdhk233 ecdhk283 ecdhk409 ecdhk571\n");
903 BIO_printf(bio_err, "ecdhb163 ecdhb233 ecdhb283 ecdhb409 ecdhb571 ecdh\n");
904
905 #ifndef OPENSSL_NO_IDEA
906 BIO_printf(bio_err, "idea ");
907 #endif
908 #ifndef OPENSSL_NO_RC2
909 BIO_printf(bio_err, "rc2 ");
910 #endif
911 #ifndef OPENSSL_NO_DES
912 BIO_printf(bio_err, "des ");
913 #endif
914 #ifndef OPENSSL_NO_AES
915 BIO_printf(bio_err, "aes ");
916 #endif
917 #ifndef OPENSSL_NO_CAMELLIA
918 BIO_printf(bio_err, "camellia ");
919 #endif
920 BIO_printf(bio_err, "rsa ");
921 #ifndef OPENSSL_NO_BF
922 BIO_printf(bio_err, "blowfish");
923 #endif
924 #if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_SEED) || \
925 !defined(OPENSSL_NO_RC2) || !defined(OPENSSL_NO_DES) || \
926 !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_BF) || \
927 !defined(OPENSSL_NO_AES) || !defined(OPENSSL_NO_CAMELLIA)
928 BIO_printf(bio_err, "\n");
929 #endif
930
931 BIO_printf(bio_err, "\n");
932 BIO_printf(bio_err, "Available options:\n");
933 BIO_printf(bio_err, "-elapsed measure time in real time instead of CPU user time.\n");
934 BIO_printf(bio_err, "-evp e use EVP e.\n");
935 BIO_printf(bio_err, "-decrypt time decryption instead of encryption (only EVP).\n");
936 BIO_printf(bio_err, "-mr produce machine readable output.\n");
937 #ifndef _WIN32
938 BIO_printf(bio_err, "-multi n run n benchmarks in parallel.\n");
939 #endif
940 goto end;
941 }
942 argc--;
943 argv++;
944 j++;
945 }
946
947 #ifndef _WIN32
948 if (multi && do_multi(multi))
949 goto show_res;
950 #endif
951
952 if (j == 0) {
953 for (i = 0; i < ALGOR_NUM; i++) {
954 if (i != D_EVP)
955 doit[i] = 1;
956 }
957 for (i = 0; i < RSA_NUM; i++)
958 rsa_doit[i] = 1;
959 for (i = 0; i < DSA_NUM; i++)
960 dsa_doit[i] = 1;
961 for (i = 0; i < EC_NUM; i++)
962 ecdsa_doit[i] = 1;
963 for (i = 0; i < EC_NUM; i++)
964 ecdh_doit[i] = 1;
965 }
966 for (i = 0; i < ALGOR_NUM; i++)
967 if (doit[i])
968 pr_header++;
969
970 if (usertime == 0 && !mr)
971 BIO_printf(bio_err, "You have chosen to measure elapsed time instead of user CPU time.\n");
972
973 for (i = 0; i < RSA_NUM; i++) {
974 const unsigned char *p;
975
976 p = rsa_data[i];
977 rsa_key[i] = d2i_RSAPrivateKey(NULL, &p, rsa_data_length[i]);
978 if (rsa_key[i] == NULL) {
979 BIO_printf(bio_err, "internal error loading RSA key number %d\n", i);
980 goto end;
981 }
982 }
983
984 dsa_key[0] = get_dsa512();
985 dsa_key[1] = get_dsa1024();
986 dsa_key[2] = get_dsa2048();
987
988 #ifndef OPENSSL_NO_DES
989 DES_set_key_unchecked(&key, &sch);
990 DES_set_key_unchecked(&key2, &sch2);
991 DES_set_key_unchecked(&key3, &sch3);
992 #endif
993 #ifndef OPENSSL_NO_AES
994 AES_set_encrypt_key(key16, 128, &aes_ks1);
995 AES_set_encrypt_key(key24, 192, &aes_ks2);
996 AES_set_encrypt_key(key32, 256, &aes_ks3);
997 #endif
998 #ifndef OPENSSL_NO_CAMELLIA
999 Camellia_set_key(key16, 128, &camellia_ks1);
1000 Camellia_set_key(ckey24, 192, &camellia_ks2);
1001 Camellia_set_key(ckey32, 256, &camellia_ks3);
1002 #endif
1003 #ifndef OPENSSL_NO_IDEA
1004 idea_set_encrypt_key(key16, &idea_ks);
1005 #endif
1006 #ifndef OPENSSL_NO_RC4
1007 RC4_set_key(&rc4_ks, 16, key16);
1008 #endif
1009 #ifndef OPENSSL_NO_RC2
1010 RC2_set_key(&rc2_ks, 16, key16, 128);
1011 #endif
1012 #ifndef OPENSSL_NO_BF
1013 BF_set_key(&bf_ks, 16, key16);
1014 #endif
1015 #ifndef OPENSSL_NO_CAST
1016 CAST_set_key(&cast_ks, 16, key16);
1017 #endif
1018 memset(rsa_c, 0, sizeof(rsa_c));
1019 #define COND(c) (run && count<0x7fffffff)
1020 #define COUNT(d) (count)
1021 signal(SIGALRM, sig_done);
1022
1023 #ifndef OPENSSL_NO_MD4
1024 if (doit[D_MD4]) {
1025 for (j = 0; j < SIZE_NUM; j++) {
1026 print_message(names[D_MD4], c[D_MD4][j], lengths[j]);
1027 Time_F(START);
1028 for (count = 0, run = 1; COND(c[D_MD4][j]); count++)
1029 EVP_Digest(&(buf[0]), (unsigned long) lengths[j], &(md4[0]), NULL, EVP_md4(), NULL);
1030 d = Time_F(STOP);
1031 print_result(D_MD4, j, count, d);
1032 }
1033 }
1034 #endif
1035
1036 #ifndef OPENSSL_NO_MD5
1037 if (doit[D_MD5]) {
1038 for (j = 0; j < SIZE_NUM; j++) {
1039 print_message(names[D_MD5], c[D_MD5][j], lengths[j]);
1040 Time_F(START);
1041 for (count = 0, run = 1; COND(c[D_MD5][j]); count++)
1042 EVP_Digest(&(buf[0]), (unsigned long) lengths[j], &(md5[0]), NULL, EVP_get_digestbyname("md5"), NULL);
1043 d = Time_F(STOP);
1044 print_result(D_MD5, j, count, d);
1045 }
1046 }
1047 #endif
1048
1049 #if !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_HMAC)
1050 if (doit[D_HMAC]) {
1051 HMAC_CTX *hctx;
1052
1053 if ((hctx = HMAC_CTX_new()) == NULL) {
1054 BIO_printf(bio_err, "Failed to allocate HMAC context.\n");
1055 goto end;
1056 }
1057
1058 HMAC_Init_ex(hctx, (unsigned char *) "This is a key...",
1059 16, EVP_md5(), NULL);
1060
1061 for (j = 0; j < SIZE_NUM; j++) {
1062 print_message(names[D_HMAC], c[D_HMAC][j], lengths[j]);
1063 Time_F(START);
1064 for (count = 0, run = 1; COND(c[D_HMAC][j]); count++) {
1065 if (!HMAC_Init_ex(hctx, NULL, 0, NULL, NULL)) {
1066 HMAC_CTX_free(hctx);
1067 goto end;
1068 }
1069 if (!HMAC_Update(hctx, buf, lengths[j])) {
1070 HMAC_CTX_free(hctx);
1071 goto end;
1072 }
1073 if (!HMAC_Final(hctx, &(hmac[0]), NULL)) {
1074 HMAC_CTX_free(hctx);
1075 goto end;
1076 }
1077 }
1078 d = Time_F(STOP);
1079 print_result(D_HMAC, j, count, d);
1080 }
1081 HMAC_CTX_free(hctx);
1082 }
1083 #endif
1084 #ifndef OPENSSL_NO_SHA
1085 if (doit[D_SHA1]) {
1086 for (j = 0; j < SIZE_NUM; j++) {
1087 print_message(names[D_SHA1], c[D_SHA1][j], lengths[j]);
1088 Time_F(START);
1089 for (count = 0, run = 1; COND(c[D_SHA1][j]); count++)
1090 EVP_Digest(buf, (unsigned long) lengths[j], &(sha[0]), NULL, EVP_sha1(), NULL);
1091 d = Time_F(STOP);
1092 print_result(D_SHA1, j, count, d);
1093 }
1094 }
1095 #ifndef OPENSSL_NO_SHA256
1096 if (doit[D_SHA256]) {
1097 for (j = 0; j < SIZE_NUM; j++) {
1098 print_message(names[D_SHA256], c[D_SHA256][j], lengths[j]);
1099 Time_F(START);
1100 for (count = 0, run = 1; COND(c[D_SHA256][j]); count++)
1101 SHA256(buf, lengths[j], sha256);
1102 d = Time_F(STOP);
1103 print_result(D_SHA256, j, count, d);
1104 }
1105 }
1106 #endif
1107
1108 #ifndef OPENSSL_NO_SHA512
1109 if (doit[D_SHA512]) {
1110 for (j = 0; j < SIZE_NUM; j++) {
1111 print_message(names[D_SHA512], c[D_SHA512][j], lengths[j]);
1112 Time_F(START);
1113 for (count = 0, run = 1; COND(c[D_SHA512][j]); count++)
1114 SHA512(buf, lengths[j], sha512);
1115 d = Time_F(STOP);
1116 print_result(D_SHA512, j, count, d);
1117 }
1118 }
1119 #endif
1120 #endif
1121
1122 #ifndef OPENSSL_NO_WHIRLPOOL
1123 if (doit[D_WHIRLPOOL]) {
1124 for (j = 0; j < SIZE_NUM; j++) {
1125 print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][j], lengths[j]);
1126 Time_F(START);
1127 for (count = 0, run = 1; COND(c[D_WHIRLPOOL][j]); count++)
1128 WHIRLPOOL(buf, lengths[j], whirlpool);
1129 d = Time_F(STOP);
1130 print_result(D_WHIRLPOOL, j, count, d);
1131 }
1132 }
1133 #endif
1134
1135 #ifndef OPENSSL_NO_RIPEMD
1136 if (doit[D_RMD160]) {
1137 for (j = 0; j < SIZE_NUM; j++) {
1138 print_message(names[D_RMD160], c[D_RMD160][j], lengths[j]);
1139 Time_F(START);
1140 for (count = 0, run = 1; COND(c[D_RMD160][j]); count++)
1141 EVP_Digest(buf, (unsigned long) lengths[j], &(rmd160[0]), NULL, EVP_ripemd160(), NULL);
1142 d = Time_F(STOP);
1143 print_result(D_RMD160, j, count, d);
1144 }
1145 }
1146 #endif
1147 #ifndef OPENSSL_NO_RC4
1148 if (doit[D_RC4]) {
1149 for (j = 0; j < SIZE_NUM; j++) {
1150 print_message(names[D_RC4], c[D_RC4][j], lengths[j]);
1151 Time_F(START);
1152 for (count = 0, run = 1; COND(c[D_RC4][j]); count++)
1153 RC4(&rc4_ks, (unsigned int) lengths[j],
1154 buf, buf);
1155 d = Time_F(STOP);
1156 print_result(D_RC4, j, count, d);
1157 }
1158 }
1159 #endif
1160 #ifndef OPENSSL_NO_DES
1161 if (doit[D_CBC_DES]) {
1162 for (j = 0; j < SIZE_NUM; j++) {
1163 print_message(names[D_CBC_DES], c[D_CBC_DES][j], lengths[j]);
1164 Time_F(START);
1165 for (count = 0, run = 1; COND(c[D_CBC_DES][j]); count++)
1166 DES_ncbc_encrypt(buf, buf, lengths[j], &sch,
1167 &DES_iv, DES_ENCRYPT);
1168 d = Time_F(STOP);
1169 print_result(D_CBC_DES, j, count, d);
1170 }
1171 }
1172 if (doit[D_EDE3_DES]) {
1173 for (j = 0; j < SIZE_NUM; j++) {
1174 print_message(names[D_EDE3_DES], c[D_EDE3_DES][j], lengths[j]);
1175 Time_F(START);
1176 for (count = 0, run = 1; COND(c[D_EDE3_DES][j]); count++)
1177 DES_ede3_cbc_encrypt(buf, buf, lengths[j],
1178 &sch, &sch2, &sch3,
1179 &DES_iv, DES_ENCRYPT);
1180 d = Time_F(STOP);
1181 print_result(D_EDE3_DES, j, count, d);
1182 }
1183 }
1184 #endif
1185 #ifndef OPENSSL_NO_AES
1186 if (doit[D_CBC_128_AES]) {
1187 for (j = 0; j < SIZE_NUM; j++) {
1188 print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][j], lengths[j]);
1189 Time_F(START);
1190 for (count = 0, run = 1; COND(c[D_CBC_128_AES][j]); count++)
1191 AES_cbc_encrypt(buf, buf,
1192 (unsigned long) lengths[j], &aes_ks1,
1193 iv, AES_ENCRYPT);
1194 d = Time_F(STOP);
1195 print_result(D_CBC_128_AES, j, count, d);
1196 }
1197 }
1198 if (doit[D_CBC_192_AES]) {
1199 for (j = 0; j < SIZE_NUM; j++) {
1200 print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][j], lengths[j]);
1201 Time_F(START);
1202 for (count = 0, run = 1; COND(c[D_CBC_192_AES][j]); count++)
1203 AES_cbc_encrypt(buf, buf,
1204 (unsigned long) lengths[j], &aes_ks2,
1205 iv, AES_ENCRYPT);
1206 d = Time_F(STOP);
1207 print_result(D_CBC_192_AES, j, count, d);
1208 }
1209 }
1210 if (doit[D_CBC_256_AES]) {
1211 for (j = 0; j < SIZE_NUM; j++) {
1212 print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][j], lengths[j]);
1213 Time_F(START);
1214 for (count = 0, run = 1; COND(c[D_CBC_256_AES][j]); count++)
1215 AES_cbc_encrypt(buf, buf,
1216 (unsigned long) lengths[j], &aes_ks3,
1217 iv, AES_ENCRYPT);
1218 d = Time_F(STOP);
1219 print_result(D_CBC_256_AES, j, count, d);
1220 }
1221 }
1222 if (doit[D_IGE_128_AES]) {
1223 for (j = 0; j < SIZE_NUM; j++) {
1224 print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][j], lengths[j]);
1225 Time_F(START);
1226 for (count = 0, run = 1; COND(c[D_IGE_128_AES][j]); count++)
1227 AES_ige_encrypt(buf, buf2,
1228 (unsigned long) lengths[j], &aes_ks1,
1229 iv, AES_ENCRYPT);
1230 d = Time_F(STOP);
1231 print_result(D_IGE_128_AES, j, count, d);
1232 }
1233 }
1234 if (doit[D_IGE_192_AES]) {
1235 for (j = 0; j < SIZE_NUM; j++) {
1236 print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][j], lengths[j]);
1237 Time_F(START);
1238 for (count = 0, run = 1; COND(c[D_IGE_192_AES][j]); count++)
1239 AES_ige_encrypt(buf, buf2,
1240 (unsigned long) lengths[j], &aes_ks2,
1241 iv, AES_ENCRYPT);
1242 d = Time_F(STOP);
1243 print_result(D_IGE_192_AES, j, count, d);
1244 }
1245 }
1246 if (doit[D_IGE_256_AES]) {
1247 for (j = 0; j < SIZE_NUM; j++) {
1248 print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][j], lengths[j]);
1249 Time_F(START);
1250 for (count = 0, run = 1; COND(c[D_IGE_256_AES][j]); count++)
1251 AES_ige_encrypt(buf, buf2,
1252 (unsigned long) lengths[j], &aes_ks3,
1253 iv, AES_ENCRYPT);
1254 d = Time_F(STOP);
1255 print_result(D_IGE_256_AES, j, count, d);
1256 }
1257 }
1258 if (doit[D_GHASH]) {
1259 GCM128_CONTEXT *ctx = CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
1260 CRYPTO_gcm128_setiv(ctx, (unsigned char *) "0123456789ab", 12);
1261
1262 for (j = 0; j < SIZE_NUM; j++) {
1263 print_message(names[D_GHASH], c[D_GHASH][j], lengths[j]);
1264 Time_F(START);
1265 for (count = 0, run = 1; COND(c[D_GHASH][j]); count++)
1266 CRYPTO_gcm128_aad(ctx, buf, lengths[j]);
1267 d = Time_F(STOP);
1268 print_result(D_GHASH, j, count, d);
1269 }
1270 CRYPTO_gcm128_release(ctx);
1271 }
1272 if (doit[D_AES_128_GCM]) {
1273 const EVP_AEAD *aead = EVP_aead_aes_128_gcm();
1274 static const unsigned char nonce[32] = {0};
1275 size_t buf_len, nonce_len;
1276 EVP_AEAD_CTX *ctx;
1277
1278 if ((ctx = EVP_AEAD_CTX_new()) == NULL) {
1279 BIO_printf(bio_err,
1280 "Failed to allocate aead context.\n");
1281 goto end;
1282 }
1283
1284 EVP_AEAD_CTX_init(ctx, aead, key32, EVP_AEAD_key_length(aead),
1285 EVP_AEAD_DEFAULT_TAG_LENGTH, NULL);
1286 nonce_len = EVP_AEAD_nonce_length(aead);
1287
1288 for (j = 0; j < SIZE_NUM; j++) {
1289 print_message(names[D_AES_128_GCM],c[D_AES_128_GCM][j],lengths[j]);
1290 Time_F(START);
1291 for (count = 0, run = 1; COND(c[D_AES_128_GCM][j]); count++)
1292 EVP_AEAD_CTX_seal(ctx, buf, &buf_len, BUFSIZE, nonce,
1293 nonce_len, buf, lengths[j], NULL, 0);
1294 d=Time_F(STOP);
1295 print_result(D_AES_128_GCM,j,count,d);
1296 }
1297 EVP_AEAD_CTX_free(ctx);
1298 }
1299
1300 if (doit[D_AES_256_GCM]) {
1301 const EVP_AEAD *aead = EVP_aead_aes_256_gcm();
1302 static const unsigned char nonce[32] = {0};
1303 size_t buf_len, nonce_len;
1304 EVP_AEAD_CTX *ctx;
1305
1306 if ((ctx = EVP_AEAD_CTX_new()) == NULL) {
1307 BIO_printf(bio_err,
1308 "Failed to allocate aead context.\n");
1309 goto end;
1310 }
1311
1312 EVP_AEAD_CTX_init(ctx, aead, key32, EVP_AEAD_key_length(aead),
1313 EVP_AEAD_DEFAULT_TAG_LENGTH, NULL);
1314 nonce_len = EVP_AEAD_nonce_length(aead);
1315
1316 for (j = 0; j < SIZE_NUM; j++) {
1317 print_message(names[D_AES_256_GCM],c[D_AES_256_GCM][j],lengths[j]);
1318 Time_F(START);
1319 for (count = 0, run = 1; COND(c[D_AES_256_GCM][j]); count++)
1320 EVP_AEAD_CTX_seal(ctx, buf, &buf_len, BUFSIZE, nonce,
1321 nonce_len, buf, lengths[j], NULL, 0);
1322 d=Time_F(STOP);
1323 print_result(D_AES_256_GCM, j, count, d);
1324 }
1325 EVP_AEAD_CTX_free(ctx);
1326 }
1327 #endif
1328 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
1329 if (doit[D_CHACHA20_POLY1305]) {
1330 const EVP_AEAD *aead = EVP_aead_chacha20_poly1305();
1331 static const unsigned char nonce[32] = {0};
1332 size_t buf_len, nonce_len;
1333 EVP_AEAD_CTX *ctx;
1334
1335 if ((ctx = EVP_AEAD_CTX_new()) == NULL) {
1336 BIO_printf(bio_err,
1337 "Failed to allocate aead context.\n");
1338 goto end;
1339 }
1340
1341 EVP_AEAD_CTX_init(ctx, aead, key32, EVP_AEAD_key_length(aead),
1342 EVP_AEAD_DEFAULT_TAG_LENGTH, NULL);
1343 nonce_len = EVP_AEAD_nonce_length(aead);
1344
1345 for (j = 0; j < SIZE_NUM; j++) {
1346 print_message(names[D_CHACHA20_POLY1305],
1347 c[D_CHACHA20_POLY1305][j], lengths[j]);
1348 Time_F(START);
1349 for (count = 0, run = 1; COND(c[D_CHACHA20_POLY1305][j]); count++)
1350 EVP_AEAD_CTX_seal(ctx, buf, &buf_len, BUFSIZE, nonce,
1351 nonce_len, buf, lengths[j], NULL, 0);
1352 d=Time_F(STOP);
1353 print_result(D_CHACHA20_POLY1305, j, count, d);
1354 }
1355 EVP_AEAD_CTX_free(ctx);
1356 }
1357 #endif
1358 #ifndef OPENSSL_NO_CAMELLIA
1359 if (doit[D_CBC_128_CML]) {
1360 for (j = 0; j < SIZE_NUM; j++) {
1361 print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][j], lengths[j]);
1362 Time_F(START);
1363 for (count = 0, run = 1; COND(c[D_CBC_128_CML][j]); count++)
1364 Camellia_cbc_encrypt(buf, buf,
1365 (unsigned long) lengths[j], &camellia_ks1,
1366 iv, CAMELLIA_ENCRYPT);
1367 d = Time_F(STOP);
1368 print_result(D_CBC_128_CML, j, count, d);
1369 }
1370 }
1371 if (doit[D_CBC_192_CML]) {
1372 for (j = 0; j < SIZE_NUM; j++) {
1373 print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][j], lengths[j]);
1374 Time_F(START);
1375 for (count = 0, run = 1; COND(c[D_CBC_192_CML][j]); count++)
1376 Camellia_cbc_encrypt(buf, buf,
1377 (unsigned long) lengths[j], &camellia_ks2,
1378 iv, CAMELLIA_ENCRYPT);
1379 d = Time_F(STOP);
1380 print_result(D_CBC_192_CML, j, count, d);
1381 }
1382 }
1383 if (doit[D_CBC_256_CML]) {
1384 for (j = 0; j < SIZE_NUM; j++) {
1385 print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][j], lengths[j]);
1386 Time_F(START);
1387 for (count = 0, run = 1; COND(c[D_CBC_256_CML][j]); count++)
1388 Camellia_cbc_encrypt(buf, buf,
1389 (unsigned long) lengths[j], &camellia_ks3,
1390 iv, CAMELLIA_ENCRYPT);
1391 d = Time_F(STOP);
1392 print_result(D_CBC_256_CML, j, count, d);
1393 }
1394 }
1395 #endif
1396 #ifndef OPENSSL_NO_IDEA
1397 if (doit[D_CBC_IDEA]) {
1398 for (j = 0; j < SIZE_NUM; j++) {
1399 print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][j], lengths[j]);
1400 Time_F(START);
1401 for (count = 0, run = 1; COND(c[D_CBC_IDEA][j]); count++)
1402 idea_cbc_encrypt(buf, buf,
1403 (unsigned long) lengths[j], &idea_ks,
1404 iv, IDEA_ENCRYPT);
1405 d = Time_F(STOP);
1406 print_result(D_CBC_IDEA, j, count, d);
1407 }
1408 }
1409 #endif
1410 #ifndef OPENSSL_NO_RC2
1411 if (doit[D_CBC_RC2]) {
1412 for (j = 0; j < SIZE_NUM; j++) {
1413 print_message(names[D_CBC_RC2], c[D_CBC_RC2][j], lengths[j]);
1414 Time_F(START);
1415 for (count = 0, run = 1; COND(c[D_CBC_RC2][j]); count++)
1416 RC2_cbc_encrypt(buf, buf,
1417 (unsigned long) lengths[j], &rc2_ks,
1418 iv, RC2_ENCRYPT);
1419 d = Time_F(STOP);
1420 print_result(D_CBC_RC2, j, count, d);
1421 }
1422 }
1423 #endif
1424 #ifndef OPENSSL_NO_BF
1425 if (doit[D_CBC_BF]) {
1426 for (j = 0; j < SIZE_NUM; j++) {
1427 print_message(names[D_CBC_BF], c[D_CBC_BF][j], lengths[j]);
1428 Time_F(START);
1429 for (count = 0, run = 1; COND(c[D_CBC_BF][j]); count++)
1430 BF_cbc_encrypt(buf, buf,
1431 (unsigned long) lengths[j], &bf_ks,
1432 iv, BF_ENCRYPT);
1433 d = Time_F(STOP);
1434 print_result(D_CBC_BF, j, count, d);
1435 }
1436 }
1437 #endif
1438 #ifndef OPENSSL_NO_CAST
1439 if (doit[D_CBC_CAST]) {
1440 for (j = 0; j < SIZE_NUM; j++) {
1441 print_message(names[D_CBC_CAST], c[D_CBC_CAST][j], lengths[j]);
1442 Time_F(START);
1443 for (count = 0, run = 1; COND(c[D_CBC_CAST][j]); count++)
1444 CAST_cbc_encrypt(buf, buf,
1445 (unsigned long) lengths[j], &cast_ks,
1446 iv, CAST_ENCRYPT);
1447 d = Time_F(STOP);
1448 print_result(D_CBC_CAST, j, count, d);
1449 }
1450 }
1451 #endif
1452
1453 if (doit[D_EVP]) {
1454 for (j = 0; j < SIZE_NUM; j++) {
1455 if (evp_cipher) {
1456 EVP_CIPHER_CTX *ctx;
1457 int outl;
1458
1459 names[D_EVP] =
1460 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
1461 /*
1462 * -O3 -fschedule-insns messes up an
1463 * optimization here! names[D_EVP] somehow
1464 * becomes NULL
1465 */
1466 print_message(names[D_EVP], save_count,
1467 lengths[j]);
1468
1469 if ((ctx = EVP_CIPHER_CTX_new()) == NULL) {
1470 BIO_printf(bio_err, "Failed to "
1471 "allocate cipher context.\n");
1472 goto end;
1473 }
1474 if (decrypt)
1475 EVP_DecryptInit_ex(ctx, evp_cipher, NULL, key16, iv);
1476 else
1477 EVP_EncryptInit_ex(ctx, evp_cipher, NULL, key16, iv);
1478 EVP_CIPHER_CTX_set_padding(ctx, 0);
1479
1480 Time_F(START);
1481 if (decrypt)
1482 for (count = 0, run = 1; COND(save_count * 4 * lengths[0] / lengths[j]); count++)
1483 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[j]);
1484 else
1485 for (count = 0, run = 1; COND(save_count * 4 * lengths[0] / lengths[j]); count++)
1486 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[j]);
1487 if (decrypt)
1488 EVP_DecryptFinal_ex(ctx, buf, &outl);
1489 else
1490 EVP_EncryptFinal_ex(ctx, buf, &outl);
1491 d = Time_F(STOP);
1492 EVP_CIPHER_CTX_free(ctx);
1493 }
1494 if (evp_md) {
1495 names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md));
1496 print_message(names[D_EVP], save_count,
1497 lengths[j]);
1498
1499 Time_F(START);
1500 for (count = 0, run = 1; COND(save_count * 4 * lengths[0] / lengths[j]); count++)
1501 EVP_Digest(buf, lengths[j], &(md[0]), NULL, evp_md, NULL);
1502
1503 d = Time_F(STOP);
1504 }
1505 print_result(D_EVP, j, count, d);
1506 }
1507 }
1508 arc4random_buf(buf, 36);
1509 for (j = 0; j < RSA_NUM; j++) {
1510 int ret;
1511 if (!rsa_doit[j])
1512 continue;
1513 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, &rsa_num, rsa_key[j]);
1514 if (ret == 0) {
1515 BIO_printf(bio_err, "RSA sign failure. No RSA sign will be done.\n");
1516 ERR_print_errors(bio_err);
1517 rsa_count = 1;
1518 } else {
1519 pkey_print_message("private", "rsa",
1520 rsa_c[j][0], rsa_bits[j],
1521 RSA_SECONDS);
1522 /* RSA_blinding_on(rsa_key[j],NULL); */
1523 Time_F(START);
1524 for (count = 0, run = 1; COND(rsa_c[j][0]); count++) {
1525 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2,
1526 &rsa_num, rsa_key[j]);
1527 if (ret == 0) {
1528 BIO_printf(bio_err,
1529 "RSA sign failure\n");
1530 ERR_print_errors(bio_err);
1531 count = 1;
1532 break;
1533 }
1534 }
1535 d = Time_F(STOP);
1536 BIO_printf(bio_err, mr ? "+R1:%ld:%d:%.2f\n"
1537 : "%ld %d bit private RSA's in %.2fs\n",
1538 count, rsa_bits[j], d);
1539 rsa_results[j][0] = d / (double) count;
1540 rsa_count = count;
1541 }
1542
1543 ret = RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[j]);
1544 if (ret <= 0) {
1545 BIO_printf(bio_err, "RSA verify failure. No RSA verify will be done.\n");
1546 ERR_print_errors(bio_err);
1547 rsa_doit[j] = 0;
1548 } else {
1549 pkey_print_message("public", "rsa",
1550 rsa_c[j][1], rsa_bits[j],
1551 RSA_SECONDS);
1552 Time_F(START);
1553 for (count = 0, run = 1; COND(rsa_c[j][1]); count++) {
1554 ret = RSA_verify(NID_md5_sha1, buf, 36, buf2,
1555 rsa_num, rsa_key[j]);
1556 if (ret <= 0) {
1557 BIO_printf(bio_err,
1558 "RSA verify failure\n");
1559 ERR_print_errors(bio_err);
1560 count = 1;
1561 break;
1562 }
1563 }
1564 d = Time_F(STOP);
1565 BIO_printf(bio_err, mr ? "+R2:%ld:%d:%.2f\n"
1566 : "%ld %d bit public RSA's in %.2fs\n",
1567 count, rsa_bits[j], d);
1568 rsa_results[j][1] = d / (double) count;
1569 }
1570
1571 if (rsa_count <= 1) {
1572 /* if longer than 10s, don't do any more */
1573 for (j++; j < RSA_NUM; j++)
1574 rsa_doit[j] = 0;
1575 }
1576 }
1577
1578 arc4random_buf(buf, 20);
1579 for (j = 0; j < DSA_NUM; j++) {
1580 unsigned int kk;
1581 int ret;
1582
1583 if (!dsa_doit[j])
1584 continue;
1585 /* DSA_generate_key(dsa_key[j]); */
1586 /* DSA_sign_setup(dsa_key[j],NULL); */
1587 ret = DSA_sign(EVP_PKEY_DSA, buf, 20, buf2,
1588 &kk, dsa_key[j]);
1589 if (ret == 0) {
1590 BIO_printf(bio_err, "DSA sign failure. No DSA sign will be done.\n");
1591 ERR_print_errors(bio_err);
1592 rsa_count = 1;
1593 } else {
1594 pkey_print_message("sign", "dsa",
1595 dsa_c[j][0], dsa_bits[j],
1596 DSA_SECONDS);
1597 Time_F(START);
1598 for (count = 0, run = 1; COND(dsa_c[j][0]); count++) {
1599 ret = DSA_sign(EVP_PKEY_DSA, buf, 20, buf2,
1600 &kk, dsa_key[j]);
1601 if (ret == 0) {
1602 BIO_printf(bio_err,
1603 "DSA sign failure\n");
1604 ERR_print_errors(bio_err);
1605 count = 1;
1606 break;
1607 }
1608 }
1609 d = Time_F(STOP);
1610 BIO_printf(bio_err, mr ? "+R3:%ld:%d:%.2f\n"
1611 : "%ld %d bit DSA signs in %.2fs\n",
1612 count, dsa_bits[j], d);
1613 dsa_results[j][0] = d / (double) count;
1614 rsa_count = count;
1615 }
1616
1617 ret = DSA_verify(EVP_PKEY_DSA, buf, 20, buf2,
1618 kk, dsa_key[j]);
1619 if (ret <= 0) {
1620 BIO_printf(bio_err, "DSA verify failure. No DSA verify will be done.\n");
1621 ERR_print_errors(bio_err);
1622 dsa_doit[j] = 0;
1623 } else {
1624 pkey_print_message("verify", "dsa",
1625 dsa_c[j][1], dsa_bits[j],
1626 DSA_SECONDS);
1627 Time_F(START);
1628 for (count = 0, run = 1; COND(dsa_c[j][1]); count++) {
1629 ret = DSA_verify(EVP_PKEY_DSA, buf, 20, buf2,
1630 kk, dsa_key[j]);
1631 if (ret <= 0) {
1632 BIO_printf(bio_err,
1633 "DSA verify failure\n");
1634 ERR_print_errors(bio_err);
1635 count = 1;
1636 break;
1637 }
1638 }
1639 d = Time_F(STOP);
1640 BIO_printf(bio_err, mr ? "+R4:%ld:%d:%.2f\n"
1641 : "%ld %d bit DSA verify in %.2fs\n",
1642 count, dsa_bits[j], d);
1643 dsa_results[j][1] = d / (double) count;
1644 }
1645
1646 if (rsa_count <= 1) {
1647 /* if longer than 10s, don't do any more */
1648 for (j++; j < DSA_NUM; j++)
1649 dsa_doit[j] = 0;
1650 }
1651 }
1652
1653 for (j = 0; j < EC_NUM; j++) {
1654 int ret;
1655
1656 if (!ecdsa_doit[j])
1657 continue; /* Ignore Curve */
1658 ecdsa[j] = EC_KEY_new_by_curve_name(test_curves[j]);
1659 if (ecdsa[j] == NULL) {
1660 BIO_printf(bio_err, "ECDSA failure.\n");
1661 ERR_print_errors(bio_err);
1662 rsa_count = 1;
1663 } else {
1664 EC_KEY_precompute_mult(ecdsa[j], NULL);
1665
1666 /* Perform ECDSA signature test */
1667 EC_KEY_generate_key(ecdsa[j]);
1668 ret = ECDSA_sign(0, buf, 20, ecdsasig,
1669 &ecdsasiglen, ecdsa[j]);
1670 if (ret == 0) {
1671 BIO_printf(bio_err, "ECDSA sign failure. No ECDSA sign will be done.\n");
1672 ERR_print_errors(bio_err);
1673 rsa_count = 1;
1674 } else {
1675 pkey_print_message("sign", "ecdsa",
1676 ecdsa_c[j][0],
1677 test_curves_bits[j],
1678 ECDSA_SECONDS);
1679
1680 Time_F(START);
1681 for (count = 0, run = 1; COND(ecdsa_c[j][0]);
1682 count++) {
1683 ret = ECDSA_sign(0, buf, 20,
1684 ecdsasig, &ecdsasiglen,
1685 ecdsa[j]);
1686 if (ret == 0) {
1687 BIO_printf(bio_err, "ECDSA sign failure\n");
1688 ERR_print_errors(bio_err);
1689 count = 1;
1690 break;
1691 }
1692 }
1693 d = Time_F(STOP);
1694
1695 BIO_printf(bio_err, mr ? "+R5:%ld:%d:%.2f\n" :
1696 "%ld %d bit ECDSA signs in %.2fs \n",
1697 count, test_curves_bits[j], d);
1698 ecdsa_results[j][0] = d / (double) count;
1699 rsa_count = count;
1700 }
1701
1702 /* Perform ECDSA verification test */
1703 ret = ECDSA_verify(0, buf, 20, ecdsasig,
1704 ecdsasiglen, ecdsa[j]);
1705 if (ret != 1) {
1706 BIO_printf(bio_err, "ECDSA verify failure. No ECDSA verify will be done.\n");
1707 ERR_print_errors(bio_err);
1708 ecdsa_doit[j] = 0;
1709 } else {
1710 pkey_print_message("verify", "ecdsa",
1711 ecdsa_c[j][1],
1712 test_curves_bits[j],
1713 ECDSA_SECONDS);
1714 Time_F(START);
1715 for (count = 0, run = 1; COND(ecdsa_c[j][1]); count++) {
1716 ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[j]);
1717 if (ret != 1) {
1718 BIO_printf(bio_err, "ECDSA verify failure\n");
1719 ERR_print_errors(bio_err);
1720 count = 1;
1721 break;
1722 }
1723 }
1724 d = Time_F(STOP);
1725 BIO_printf(bio_err, mr ? "+R6:%ld:%d:%.2f\n"
1726 : "%ld %d bit ECDSA verify in %.2fs\n",
1727 count, test_curves_bits[j], d);
1728 ecdsa_results[j][1] = d / (double) count;
1729 }
1730
1731 if (rsa_count <= 1) {
1732 /* if longer than 10s, don't do any more */
1733 for (j++; j < EC_NUM; j++)
1734 ecdsa_doit[j] = 0;
1735 }
1736 }
1737 }
1738
1739 for (j = 0; j < EC_NUM; j++) {
1740 if (!ecdh_doit[j])
1741 continue;
1742 ecdh_a[j] = EC_KEY_new_by_curve_name(test_curves[j]);
1743 ecdh_b[j] = EC_KEY_new_by_curve_name(test_curves[j]);
1744 if ((ecdh_a[j] == NULL) || (ecdh_b[j] == NULL)) {
1745 BIO_printf(bio_err, "ECDH failure.\n");
1746 ERR_print_errors(bio_err);
1747 rsa_count = 1;
1748 } else {
1749 /* generate two ECDH key pairs */
1750 if (!EC_KEY_generate_key(ecdh_a[j]) ||
1751 !EC_KEY_generate_key(ecdh_b[j])) {
1752 BIO_printf(bio_err, "ECDH key generation failure.\n");
1753 ERR_print_errors(bio_err);
1754 rsa_count = 1;
1755 } else {
1756 /*
1757 * If field size is not more than 24 octets,
1758 * then use SHA-1 hash of result; otherwise,
1759 * use result (see section 4.8 of
1760 * draft-ietf-tls-ecc-03.txt).
1761 */
1762 int field_size, outlen;
1763 void *(*kdf) (const void *in, size_t inlen, void *out, size_t * xoutlen);
1764 field_size = EC_GROUP_get_degree(EC_KEY_get0_group(ecdh_a[j]));
1765 if (field_size <= 24 * 8) {
1766 outlen = KDF1_SHA1_len;
1767 kdf = KDF1_SHA1;
1768 } else {
1769 outlen = (field_size + 7) / 8;
1770 kdf = NULL;
1771 }
1772 secret_size_a = ECDH_compute_key(secret_a, outlen,
1773 EC_KEY_get0_public_key(ecdh_b[j]),
1774 ecdh_a[j], kdf);
1775 secret_size_b = ECDH_compute_key(secret_b, outlen,
1776 EC_KEY_get0_public_key(ecdh_a[j]),
1777 ecdh_b[j], kdf);
1778 if (secret_size_a != secret_size_b)
1779 ecdh_checks = 0;
1780 else
1781 ecdh_checks = 1;
1782
1783 for (secret_idx = 0;
1784 (secret_idx < secret_size_a)
1785 && (ecdh_checks == 1);
1786 secret_idx++) {
1787 if (secret_a[secret_idx] != secret_b[secret_idx])
1788 ecdh_checks = 0;
1789 }
1790
1791 if (ecdh_checks == 0) {
1792 BIO_printf(bio_err,
1793 "ECDH computations don't match.\n");
1794 ERR_print_errors(bio_err);
1795 rsa_count = 1;
1796 } else {
1797 pkey_print_message("", "ecdh",
1798 ecdh_c[j][0],
1799 test_curves_bits[j],
1800 ECDH_SECONDS);
1801 Time_F(START);
1802 for (count = 0, run = 1;
1803 COND(ecdh_c[j][0]); count++) {
1804 ECDH_compute_key(secret_a,
1805 outlen,
1806 EC_KEY_get0_public_key(ecdh_b[j]),
1807 ecdh_a[j], kdf);
1808 }
1809 d = Time_F(STOP);
1810 BIO_printf(bio_err, mr
1811 ? "+R7:%ld:%d:%.2f\n"
1812 : "%ld %d-bit ECDH ops in %.2fs\n",
1813 count, test_curves_bits[j], d);
1814 ecdh_results[j][0] = d / (double) count;
1815 rsa_count = count;
1816 }
1817 }
1818 }
1819
1820
1821 if (rsa_count <= 1) {
1822 /* if longer than 10s, don't do any more */
1823 for (j++; j < EC_NUM; j++)
1824 ecdh_doit[j] = 0;
1825 }
1826 }
1827 #ifndef _WIN32
1828 show_res:
1829 #endif
1830 if (!mr) {
1831 fprintf(stdout, "%s\n", SSLeay_version(SSLEAY_VERSION));
1832 fprintf(stdout, "%s\n", SSLeay_version(SSLEAY_BUILT_ON));
1833 printf("options:");
1834 printf("%s ", BN_options());
1835 #ifndef OPENSSL_NO_RC4
1836 printf("%s ", RC4_options());
1837 #endif
1838 #ifndef OPENSSL_NO_DES
1839 printf("%s ", DES_options());
1840 #endif
1841 #ifndef OPENSSL_NO_AES
1842 printf("%s ", AES_options());
1843 #endif
1844 #ifndef OPENSSL_NO_IDEA
1845 printf("%s ", idea_options());
1846 #endif
1847 #ifndef OPENSSL_NO_BF
1848 printf("%s ", BF_options());
1849 #endif
1850 fprintf(stdout, "\n%s\n", SSLeay_version(SSLEAY_CFLAGS));
1851 }
1852 if (pr_header) {
1853 if (mr)
1854 fprintf(stdout, "+H");
1855 else {
1856 fprintf(stdout, "The 'numbers' are in 1000s of bytes per second processed.\n");
1857 fprintf(stdout, "type ");
1858 }
1859 for (j = 0; j < SIZE_NUM; j++)
1860 fprintf(stdout, mr ? ":%d" : "%7d bytes", lengths[j]);
1861 fprintf(stdout, "\n");
1862 }
1863 for (k = 0; k < ALGOR_NUM; k++) {
1864 if (!doit[k])
1865 continue;
1866 if (mr)
1867 fprintf(stdout, "+F:%d:%s", k, names[k]);
1868 else
1869 fprintf(stdout, "%-13s", names[k]);
1870 for (j = 0; j < SIZE_NUM; j++) {
1871 if (results[k][j] > 10000 && !mr)
1872 fprintf(stdout, " %11.2fk", results[k][j] / 1e3);
1873 else
1874 fprintf(stdout, mr ? ":%.2f" : " %11.2f ", results[k][j]);
1875 }
1876 fprintf(stdout, "\n");
1877 }
1878 j = 1;
1879 for (k = 0; k < RSA_NUM; k++) {
1880 if (!rsa_doit[k])
1881 continue;
1882 if (j && !mr) {
1883 printf("%18ssign verify sign/s verify/s\n", " ");
1884 j = 0;
1885 }
1886 if (mr)
1887 fprintf(stdout, "+F2:%u:%u:%f:%f\n",
1888 k, rsa_bits[k], rsa_results[k][0],
1889 rsa_results[k][1]);
1890 else
1891 fprintf(stdout, "rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
1892 rsa_bits[k], rsa_results[k][0], rsa_results[k][1],
1893 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1]);
1894 }
1895 j = 1;
1896 for (k = 0; k < DSA_NUM; k++) {
1897 if (!dsa_doit[k])
1898 continue;
1899 if (j && !mr) {
1900 printf("%18ssign verify sign/s verify/s\n", " ");
1901 j = 0;
1902 }
1903 if (mr)
1904 fprintf(stdout, "+F3:%u:%u:%f:%f\n",
1905 k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
1906 else
1907 fprintf(stdout, "dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
1908 dsa_bits[k], dsa_results[k][0], dsa_results[k][1],
1909 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1]);
1910 }
1911 j = 1;
1912 for (k = 0; k < EC_NUM; k++) {
1913 if (!ecdsa_doit[k])
1914 continue;
1915 if (j && !mr) {
1916 printf("%30ssign verify sign/s verify/s\n", " ");
1917 j = 0;
1918 }
1919 if (mr)
1920 fprintf(stdout, "+F4:%u:%u:%f:%f\n",
1921 k, test_curves_bits[k],
1922 ecdsa_results[k][0], ecdsa_results[k][1]);
1923 else
1924 fprintf(stdout,
1925 "%4u bit ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
1926 test_curves_bits[k],
1927 test_curves_names[k],
1928 ecdsa_results[k][0], ecdsa_results[k][1],
1929 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1]);
1930 }
1931
1932
1933 j = 1;
1934 for (k = 0; k < EC_NUM; k++) {
1935 if (!ecdh_doit[k])
1936 continue;
1937 if (j && !mr) {
1938 printf("%30sop op/s\n", " ");
1939 j = 0;
1940 }
1941 if (mr)
1942 fprintf(stdout, "+F5:%u:%u:%f:%f\n",
1943 k, test_curves_bits[k],
1944 ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
1945
1946 else
1947 fprintf(stdout, "%4u bit ecdh (%s) %8.4fs %8.1f\n",
1948 test_curves_bits[k],
1949 test_curves_names[k],
1950 ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
1951 }
1952
1953 mret = 0;
1954
1955 end:
1956 ERR_print_errors(bio_err);
1957 free(buf);
1958 free(buf2);
1959 for (i = 0; i < RSA_NUM; i++)
1960 if (rsa_key[i] != NULL)
1961 RSA_free(rsa_key[i]);
1962 for (i = 0; i < DSA_NUM; i++)
1963 if (dsa_key[i] != NULL)
1964 DSA_free(dsa_key[i]);
1965
1966 for (i = 0; i < EC_NUM; i++)
1967 if (ecdsa[i] != NULL)
1968 EC_KEY_free(ecdsa[i]);
1969 for (i = 0; i < EC_NUM; i++) {
1970 if (ecdh_a[i] != NULL)
1971 EC_KEY_free(ecdh_a[i]);
1972 if (ecdh_b[i] != NULL)
1973 EC_KEY_free(ecdh_b[i]);
1974 }
1975
1976
1977 return (mret);
1978 }
1979
1980 static void
print_message(const char * s,long num,int length)1981 print_message(const char *s, long num, int length)
1982 {
1983 BIO_printf(bio_err, mr ? "+DT:%s:%d:%d\n"
1984 : "Doing %s for %ds on %d size blocks: ", s, SECONDS, length);
1985 (void) BIO_flush(bio_err);
1986 alarm(SECONDS);
1987 }
1988
1989 static void
pkey_print_message(const char * str,const char * str2,long num,int bits,int tm)1990 pkey_print_message(const char *str, const char *str2, long num,
1991 int bits, int tm)
1992 {
1993 BIO_printf(bio_err, mr ? "+DTP:%d:%s:%s:%d\n"
1994 : "Doing %d bit %s %s's for %ds: ", bits, str, str2, tm);
1995 (void) BIO_flush(bio_err);
1996 alarm(tm);
1997 }
1998
1999 static void
print_result(int alg,int run_no,int count,double time_used)2000 print_result(int alg, int run_no, int count, double time_used)
2001 {
2002 #ifdef _WIN32
2003 speed_alarm_free(run);
2004 #endif
2005 BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n"
2006 : "%d %s's in %.2fs\n", count, names[alg], time_used);
2007 results[alg][run_no] = ((double) count) / time_used * lengths[run_no];
2008 }
2009
2010 #ifndef _WIN32
2011 static char *
sstrsep(char ** string,const char * delim)2012 sstrsep(char **string, const char *delim)
2013 {
2014 char isdelim[256];
2015 char *token = *string;
2016
2017 if (**string == 0)
2018 return NULL;
2019
2020 memset(isdelim, 0, sizeof isdelim);
2021 isdelim[0] = 1;
2022
2023 while (*delim) {
2024 isdelim[(unsigned char) (*delim)] = 1;
2025 delim++;
2026 }
2027
2028 while (!isdelim[(unsigned char) (**string)]) {
2029 (*string)++;
2030 }
2031
2032 if (**string) {
2033 **string = 0;
2034 (*string)++;
2035 }
2036 return token;
2037 }
2038
2039 static int
do_multi(int multi)2040 do_multi(int multi)
2041 {
2042 int n;
2043 int fd[2];
2044 int *fds;
2045 static char sep[] = ":";
2046 const char *errstr = NULL;
2047
2048 fds = reallocarray(NULL, multi, sizeof *fds);
2049 if (fds == NULL) {
2050 fprintf(stderr, "reallocarray failure\n");
2051 exit(1);
2052 }
2053 for (n = 0; n < multi; ++n) {
2054 if (pipe(fd) == -1) {
2055 fprintf(stderr, "pipe failure\n");
2056 exit(1);
2057 }
2058 fflush(stdout);
2059 fflush(stderr);
2060 if (fork()) {
2061 close(fd[1]);
2062 fds[n] = fd[0];
2063 } else {
2064 close(fd[0]);
2065 close(1);
2066 if (dup(fd[1]) == -1) {
2067 fprintf(stderr, "dup failed\n");
2068 exit(1);
2069 }
2070 close(fd[1]);
2071 mr = 1;
2072 usertime = 0;
2073 free(fds);
2074 return 0;
2075 }
2076 printf("Forked child %d\n", n);
2077 }
2078
2079 /* for now, assume the pipe is long enough to take all the output */
2080 for (n = 0; n < multi; ++n) {
2081 FILE *f;
2082 char buf[1024];
2083 char *p;
2084
2085 f = fdopen(fds[n], "r");
2086 while (fgets(buf, sizeof buf, f)) {
2087 p = strchr(buf, '\n');
2088 if (p)
2089 *p = '\0';
2090 if (buf[0] != '+') {
2091 fprintf(stderr, "Don't understand line '%s' from child %d\n",
2092 buf, n);
2093 continue;
2094 }
2095 printf("Got: %s from %d\n", buf, n);
2096 if (!strncmp(buf, "+F:", 3)) {
2097 int alg;
2098 int j;
2099
2100 p = buf + 3;
2101 alg = strtonum(sstrsep(&p, sep),
2102 0, ALGOR_NUM - 1, &errstr);
2103 sstrsep(&p, sep);
2104 for (j = 0; j < SIZE_NUM; ++j)
2105 results[alg][j] += atof(sstrsep(&p, sep));
2106 } else if (!strncmp(buf, "+F2:", 4)) {
2107 int k;
2108 double d;
2109
2110 p = buf + 4;
2111 k = strtonum(sstrsep(&p, sep),
2112 0, ALGOR_NUM - 1, &errstr);
2113 sstrsep(&p, sep);
2114
2115 d = atof(sstrsep(&p, sep));
2116 if (n)
2117 rsa_results[k][0] = 1 / (1 / rsa_results[k][0] + 1 / d);
2118 else
2119 rsa_results[k][0] = d;
2120
2121 d = atof(sstrsep(&p, sep));
2122 if (n)
2123 rsa_results[k][1] = 1 / (1 / rsa_results[k][1] + 1 / d);
2124 else
2125 rsa_results[k][1] = d;
2126 } else if (!strncmp(buf, "+F2:", 4)) {
2127 int k;
2128 double d;
2129
2130 p = buf + 4;
2131 k = strtonum(sstrsep(&p, sep),
2132 0, ALGOR_NUM - 1, &errstr);
2133 sstrsep(&p, sep);
2134
2135 d = atof(sstrsep(&p, sep));
2136 if (n)
2137 rsa_results[k][0] = 1 / (1 / rsa_results[k][0] + 1 / d);
2138 else
2139 rsa_results[k][0] = d;
2140
2141 d = atof(sstrsep(&p, sep));
2142 if (n)
2143 rsa_results[k][1] = 1 / (1 / rsa_results[k][1] + 1 / d);
2144 else
2145 rsa_results[k][1] = d;
2146 }
2147 else if (!strncmp(buf, "+F3:", 4)) {
2148 int k;
2149 double d;
2150
2151 p = buf + 4;
2152 k = strtonum(sstrsep(&p, sep),
2153 0, ALGOR_NUM - 1, &errstr);
2154 sstrsep(&p, sep);
2155
2156 d = atof(sstrsep(&p, sep));
2157 if (n)
2158 dsa_results[k][0] = 1 / (1 / dsa_results[k][0] + 1 / d);
2159 else
2160 dsa_results[k][0] = d;
2161
2162 d = atof(sstrsep(&p, sep));
2163 if (n)
2164 dsa_results[k][1] = 1 / (1 / dsa_results[k][1] + 1 / d);
2165 else
2166 dsa_results[k][1] = d;
2167 }
2168 else if (!strncmp(buf, "+F4:", 4)) {
2169 int k;
2170 double d;
2171
2172 p = buf + 4;
2173 k = strtonum(sstrsep(&p, sep),
2174 0, ALGOR_NUM - 1, &errstr);
2175 sstrsep(&p, sep);
2176
2177 d = atof(sstrsep(&p, sep));
2178 if (n)
2179 ecdsa_results[k][0] = 1 / (1 / ecdsa_results[k][0] + 1 / d);
2180 else
2181 ecdsa_results[k][0] = d;
2182
2183 d = atof(sstrsep(&p, sep));
2184 if (n)
2185 ecdsa_results[k][1] = 1 / (1 / ecdsa_results[k][1] + 1 / d);
2186 else
2187 ecdsa_results[k][1] = d;
2188 }
2189
2190 else if (!strncmp(buf, "+F5:", 4)) {
2191 int k;
2192 double d;
2193
2194 p = buf + 4;
2195 k = strtonum(sstrsep(&p, sep),
2196 0, ALGOR_NUM - 1, &errstr);
2197 sstrsep(&p, sep);
2198
2199 d = atof(sstrsep(&p, sep));
2200 if (n)
2201 ecdh_results[k][0] = 1 / (1 / ecdh_results[k][0] + 1 / d);
2202 else
2203 ecdh_results[k][0] = d;
2204
2205 }
2206
2207 else if (!strncmp(buf, "+H:", 3)) {
2208 } else
2209 fprintf(stderr, "Unknown type '%s' from child %d\n", buf, n);
2210 }
2211
2212 fclose(f);
2213 }
2214 free(fds);
2215 return 1;
2216 }
2217 #endif
2218 #endif
2219