1 /* $OpenBSD: speed.c,v 1.18 2015/10/17 15:00:11 doug Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 /* ==================================================================== 59 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 60 * 61 * Portions of the attached software ("Contribution") are developed by 62 * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. 63 * 64 * The Contribution is licensed pursuant to the OpenSSL open source 65 * license provided above. 66 * 67 * The ECDH and ECDSA speed test software is originally written by 68 * Sumit Gupta of Sun Microsystems Laboratories. 69 * 70 */ 71 72 /* most of this code has been pilfered from my libdes speed.c program */ 73 74 #ifndef OPENSSL_NO_SPEED 75 76 #define SECONDS 3 77 #define RSA_SECONDS 10 78 #define DSA_SECONDS 10 79 #define ECDSA_SECONDS 10 80 #define ECDH_SECONDS 10 81 82 /* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */ 83 /* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */ 84 85 #include <math.h> 86 #include <signal.h> 87 #include <stdio.h> 88 #include <stdlib.h> 89 #include <limits.h> 90 #include <string.h> 91 #include <unistd.h> 92 93 #include "apps.h" 94 95 #include <openssl/bn.h> 96 #include <openssl/crypto.h> 97 #include <openssl/err.h> 98 #include <openssl/evp.h> 99 #include <openssl/modes.h> 100 #include <openssl/objects.h> 101 #include <openssl/x509.h> 102 103 #ifndef OPENSSL_NO_AES 104 #include <openssl/aes.h> 105 #endif 106 #ifndef OPENSSL_NO_BF 107 #include <openssl/blowfish.h> 108 #endif 109 #ifndef OPENSSL_NO_CAST 110 #include <openssl/cast.h> 111 #endif 112 #ifndef OPENSSL_NO_CAMELLIA 113 #include <openssl/camellia.h> 114 #endif 115 #ifndef OPENSSL_NO_DES 116 #include <openssl/des.h> 117 #endif 118 #include <openssl/dsa.h> 119 #include <openssl/ecdh.h> 120 #include <openssl/ecdsa.h> 121 #ifndef OPENSSL_NO_HMAC 122 #include <openssl/hmac.h> 123 #endif 124 #ifndef OPENSSL_NO_IDEA 125 #include <openssl/idea.h> 126 #endif 127 #ifndef OPENSSL_NO_MD4 128 #include <openssl/md4.h> 129 #endif 130 #ifndef OPENSSL_NO_MD5 131 #include <openssl/md5.h> 132 #endif 133 #ifndef OPENSSL_NO_RC2 134 #include <openssl/rc2.h> 135 #endif 136 #ifndef OPENSSL_NO_RC4 137 #include <openssl/rc4.h> 138 #endif 139 #include <openssl/rsa.h> 140 #ifndef OPENSSL_NO_RIPEMD 141 #include <openssl/ripemd.h> 142 #endif 143 #ifndef OPENSSL_NO_SHA 144 #include <openssl/sha.h> 145 #endif 146 #ifndef OPENSSL_NO_WHIRLPOOL 147 #include <openssl/whrlpool.h> 148 #endif 149 150 #include "./testdsa.h" 151 #include "./testrsa.h" 152 153 #define BUFSIZE (1024*8+64) 154 int run = 0; 155 156 static int mr = 0; 157 static int usertime = 1; 158 159 static double Time_F(int s); 160 static void print_message(const char *s, long num, int length); 161 static void 162 pkey_print_message(const char *str, const char *str2, 163 long num, int bits, int sec); 164 static void print_result(int alg, int run_no, int count, double time_used); 165 static int do_multi(int multi); 166 167 #define ALGOR_NUM 32 168 #define SIZE_NUM 5 169 #define RSA_NUM 4 170 #define DSA_NUM 3 171 172 #define EC_NUM 16 173 #define MAX_ECDH_SIZE 256 174 175 static const char *names[ALGOR_NUM] = { 176 "md2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", 177 "rc4", "des cbc", "des ede3", "idea cbc", "seed cbc", 178 "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc", 179 "aes-128 cbc", "aes-192 cbc", "aes-256 cbc", 180 "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc", 181 "evp", "sha256", "sha512", "whirlpool", 182 "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash", 183 "aes-128 gcm", "aes-256 gcm", "chacha20 poly1305", 184 }; 185 static double results[ALGOR_NUM][SIZE_NUM]; 186 static int lengths[SIZE_NUM] = {16, 64, 256, 1024, 8 * 1024}; 187 static double rsa_results[RSA_NUM][2]; 188 static double dsa_results[DSA_NUM][2]; 189 static double ecdsa_results[EC_NUM][2]; 190 static double ecdh_results[EC_NUM][1]; 191 192 static void sig_done(int sig); 193 194 static void 195 sig_done(int sig) 196 { 197 signal(SIGALRM, sig_done); 198 run = 0; 199 } 200 201 #define START 0 202 #define STOP 1 203 204 205 static double 206 Time_F(int s) 207 { 208 return app_tminterval(s, usertime); 209 } 210 211 212 static const int KDF1_SHA1_len = 20; 213 static void * 214 KDF1_SHA1(const void *in, size_t inlen, void *out, size_t * outlen) 215 { 216 #ifndef OPENSSL_NO_SHA 217 if (*outlen < SHA_DIGEST_LENGTH) 218 return NULL; 219 else 220 *outlen = SHA_DIGEST_LENGTH; 221 return SHA1(in, inlen, out); 222 #else 223 return NULL; 224 #endif /* OPENSSL_NO_SHA */ 225 } 226 227 int 228 speed_main(int argc, char **argv) 229 { 230 unsigned char *buf = NULL, *buf2 = NULL; 231 int mret = 1; 232 long count = 0, save_count = 0; 233 int i, j, k; 234 long rsa_count; 235 unsigned rsa_num; 236 unsigned char md[EVP_MAX_MD_SIZE]; 237 #ifndef OPENSSL_NO_MD4 238 unsigned char md4[MD4_DIGEST_LENGTH]; 239 #endif 240 #ifndef OPENSSL_NO_MD5 241 unsigned char md5[MD5_DIGEST_LENGTH]; 242 unsigned char hmac[MD5_DIGEST_LENGTH]; 243 #endif 244 #ifndef OPENSSL_NO_SHA 245 unsigned char sha[SHA_DIGEST_LENGTH]; 246 #ifndef OPENSSL_NO_SHA256 247 unsigned char sha256[SHA256_DIGEST_LENGTH]; 248 #endif 249 #ifndef OPENSSL_NO_SHA512 250 unsigned char sha512[SHA512_DIGEST_LENGTH]; 251 #endif 252 #endif 253 #ifndef OPENSSL_NO_WHIRLPOOL 254 unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH]; 255 #endif 256 #ifndef OPENSSL_NO_RIPEMD 257 unsigned char rmd160[RIPEMD160_DIGEST_LENGTH]; 258 #endif 259 #ifndef OPENSSL_NO_RC4 260 RC4_KEY rc4_ks; 261 #endif 262 #ifndef OPENSSL_NO_RC2 263 RC2_KEY rc2_ks; 264 #endif 265 #ifndef OPENSSL_NO_IDEA 266 IDEA_KEY_SCHEDULE idea_ks; 267 #endif 268 #ifndef OPENSSL_NO_BF 269 BF_KEY bf_ks; 270 #endif 271 #ifndef OPENSSL_NO_CAST 272 CAST_KEY cast_ks; 273 #endif 274 static const unsigned char key16[16] = 275 {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 276 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12}; 277 #ifndef OPENSSL_NO_AES 278 static const unsigned char key24[24] = 279 {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 280 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 281 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34}; 282 static const unsigned char key32[32] = 283 {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 284 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 285 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 286 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56}; 287 #endif 288 #ifndef OPENSSL_NO_CAMELLIA 289 static const unsigned char ckey24[24] = 290 {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 291 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 292 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34}; 293 static const unsigned char ckey32[32] = 294 {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 295 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 296 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 297 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56}; 298 #endif 299 #ifndef OPENSSL_NO_AES 300 #define MAX_BLOCK_SIZE 128 301 #else 302 #define MAX_BLOCK_SIZE 64 303 #endif 304 unsigned char DES_iv[8]; 305 unsigned char iv[2 * MAX_BLOCK_SIZE / 8]; 306 #ifndef OPENSSL_NO_DES 307 static DES_cblock key = {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0}; 308 static DES_cblock key2 = {0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12}; 309 static DES_cblock key3 = {0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34}; 310 DES_key_schedule sch; 311 DES_key_schedule sch2; 312 DES_key_schedule sch3; 313 #endif 314 #ifndef OPENSSL_NO_AES 315 AES_KEY aes_ks1, aes_ks2, aes_ks3; 316 #endif 317 #ifndef OPENSSL_NO_CAMELLIA 318 CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3; 319 #endif 320 #define D_MD2 0 321 #define D_MD4 1 322 #define D_MD5 2 323 #define D_HMAC 3 324 #define D_SHA1 4 325 #define D_RMD160 5 326 #define D_RC4 6 327 #define D_CBC_DES 7 328 #define D_EDE3_DES 8 329 #define D_CBC_IDEA 9 330 #define D_CBC_SEED 10 331 #define D_CBC_RC2 11 332 #define D_CBC_RC5 12 333 #define D_CBC_BF 13 334 #define D_CBC_CAST 14 335 #define D_CBC_128_AES 15 336 #define D_CBC_192_AES 16 337 #define D_CBC_256_AES 17 338 #define D_CBC_128_CML 18 339 #define D_CBC_192_CML 19 340 #define D_CBC_256_CML 20 341 #define D_EVP 21 342 #define D_SHA256 22 343 #define D_SHA512 23 344 #define D_WHIRLPOOL 24 345 #define D_IGE_128_AES 25 346 #define D_IGE_192_AES 26 347 #define D_IGE_256_AES 27 348 #define D_GHASH 28 349 #define D_AES_128_GCM 29 350 #define D_AES_256_GCM 30 351 #define D_CHACHA20_POLY1305 31 352 double d = 0.0; 353 long c[ALGOR_NUM][SIZE_NUM]; 354 #define R_DSA_512 0 355 #define R_DSA_1024 1 356 #define R_DSA_2048 2 357 #define R_RSA_512 0 358 #define R_RSA_1024 1 359 #define R_RSA_2048 2 360 #define R_RSA_4096 3 361 362 #define R_EC_P160 0 363 #define R_EC_P192 1 364 #define R_EC_P224 2 365 #define R_EC_P256 3 366 #define R_EC_P384 4 367 #define R_EC_P521 5 368 #define R_EC_K163 6 369 #define R_EC_K233 7 370 #define R_EC_K283 8 371 #define R_EC_K409 9 372 #define R_EC_K571 10 373 #define R_EC_B163 11 374 #define R_EC_B233 12 375 #define R_EC_B283 13 376 #define R_EC_B409 14 377 #define R_EC_B571 15 378 379 RSA *rsa_key[RSA_NUM]; 380 long rsa_c[RSA_NUM][2]; 381 static unsigned int rsa_bits[RSA_NUM] = {512, 1024, 2048, 4096}; 382 static unsigned char *rsa_data[RSA_NUM] = 383 {test512, test1024, test2048, test4096}; 384 static int rsa_data_length[RSA_NUM] = { 385 sizeof(test512), sizeof(test1024), 386 sizeof(test2048), sizeof(test4096)}; 387 DSA *dsa_key[DSA_NUM]; 388 long dsa_c[DSA_NUM][2]; 389 static unsigned int dsa_bits[DSA_NUM] = {512, 1024, 2048}; 390 #ifndef OPENSSL_NO_EC 391 /* 392 * We only test over the following curves as they are representative, 393 * To add tests over more curves, simply add the curve NID and curve 394 * name to the following arrays and increase the EC_NUM value 395 * accordingly. 396 */ 397 static unsigned int test_curves[EC_NUM] = 398 { 399 /* Prime Curves */ 400 NID_secp160r1, 401 NID_X9_62_prime192v1, 402 NID_secp224r1, 403 NID_X9_62_prime256v1, 404 NID_secp384r1, 405 NID_secp521r1, 406 /* Binary Curves */ 407 NID_sect163k1, 408 NID_sect233k1, 409 NID_sect283k1, 410 NID_sect409k1, 411 NID_sect571k1, 412 NID_sect163r2, 413 NID_sect233r1, 414 NID_sect283r1, 415 NID_sect409r1, 416 NID_sect571r1 417 }; 418 static const char *test_curves_names[EC_NUM] = 419 { 420 /* Prime Curves */ 421 "secp160r1", 422 "nistp192", 423 "nistp224", 424 "nistp256", 425 "nistp384", 426 "nistp521", 427 /* Binary Curves */ 428 "nistk163", 429 "nistk233", 430 "nistk283", 431 "nistk409", 432 "nistk571", 433 "nistb163", 434 "nistb233", 435 "nistb283", 436 "nistb409", 437 "nistb571" 438 }; 439 static int test_curves_bits[EC_NUM] = 440 { 441 160, 192, 224, 256, 384, 521, 442 163, 233, 283, 409, 571, 443 163, 233, 283, 409, 571 444 }; 445 446 #endif 447 448 unsigned char ecdsasig[256]; 449 unsigned int ecdsasiglen; 450 EC_KEY *ecdsa[EC_NUM]; 451 long ecdsa_c[EC_NUM][2]; 452 453 EC_KEY *ecdh_a[EC_NUM], *ecdh_b[EC_NUM]; 454 unsigned char secret_a[MAX_ECDH_SIZE], secret_b[MAX_ECDH_SIZE]; 455 int secret_size_a, secret_size_b; 456 int ecdh_checks = 0; 457 int secret_idx = 0; 458 long ecdh_c[EC_NUM][2]; 459 460 int rsa_doit[RSA_NUM]; 461 int dsa_doit[DSA_NUM]; 462 int ecdsa_doit[EC_NUM]; 463 int ecdh_doit[EC_NUM]; 464 int doit[ALGOR_NUM]; 465 int pr_header = 0; 466 const EVP_CIPHER *evp_cipher = NULL; 467 const EVP_MD *evp_md = NULL; 468 int decrypt = 0; 469 int multi = 0; 470 const char *errstr = NULL; 471 472 if (single_execution) { 473 if (pledge("stdio proc", NULL) == -1) { 474 perror("pledge"); 475 exit(1); 476 } 477 } 478 479 usertime = -1; 480 481 memset(results, 0, sizeof(results)); 482 memset(dsa_key, 0, sizeof(dsa_key)); 483 for (i = 0; i < EC_NUM; i++) 484 ecdsa[i] = NULL; 485 for (i = 0; i < EC_NUM; i++) { 486 ecdh_a[i] = NULL; 487 ecdh_b[i] = NULL; 488 } 489 490 memset(rsa_key, 0, sizeof(rsa_key)); 491 for (i = 0; i < RSA_NUM; i++) 492 rsa_key[i] = NULL; 493 494 if ((buf = malloc(BUFSIZE)) == NULL) { 495 BIO_printf(bio_err, "out of memory\n"); 496 goto end; 497 } 498 if ((buf2 = malloc(BUFSIZE)) == NULL) { 499 BIO_printf(bio_err, "out of memory\n"); 500 goto end; 501 } 502 memset(c, 0, sizeof(c)); 503 memset(DES_iv, 0, sizeof(DES_iv)); 504 memset(iv, 0, sizeof(iv)); 505 506 for (i = 0; i < ALGOR_NUM; i++) 507 doit[i] = 0; 508 for (i = 0; i < RSA_NUM; i++) 509 rsa_doit[i] = 0; 510 for (i = 0; i < DSA_NUM; i++) 511 dsa_doit[i] = 0; 512 for (i = 0; i < EC_NUM; i++) 513 ecdsa_doit[i] = 0; 514 for (i = 0; i < EC_NUM; i++) 515 ecdh_doit[i] = 0; 516 517 518 j = 0; 519 argc--; 520 argv++; 521 while (argc) { 522 if ((argc > 0) && (strcmp(*argv, "-elapsed") == 0)) { 523 usertime = 0; 524 j--; /* Otherwise, -elapsed gets confused with an 525 * algorithm. */ 526 } else if ((argc > 0) && (strcmp(*argv, "-evp") == 0)) { 527 argc--; 528 argv++; 529 if (argc == 0) { 530 BIO_printf(bio_err, "no EVP given\n"); 531 goto end; 532 } 533 evp_cipher = EVP_get_cipherbyname(*argv); 534 if (!evp_cipher) { 535 evp_md = EVP_get_digestbyname(*argv); 536 } 537 if (!evp_cipher && !evp_md) { 538 BIO_printf(bio_err, "%s is an unknown cipher or digest\n", *argv); 539 goto end; 540 } 541 doit[D_EVP] = 1; 542 } else if (argc > 0 && !strcmp(*argv, "-decrypt")) { 543 decrypt = 1; 544 j--; /* Otherwise, -elapsed gets confused with an 545 * algorithm. */ 546 } 547 else if ((argc > 0) && (strcmp(*argv, "-multi") == 0)) { 548 argc--; 549 argv++; 550 if (argc == 0) { 551 BIO_printf(bio_err, "no multi count given\n"); 552 goto end; 553 } 554 multi = strtonum(argv[0], 1, INT_MAX, &errstr); 555 if (errstr) { 556 BIO_printf(bio_err, "bad multi count: %s", errstr); 557 goto end; 558 } 559 j--; /* Otherwise, -mr gets confused with an 560 * algorithm. */ 561 } 562 else if (argc > 0 && !strcmp(*argv, "-mr")) { 563 mr = 1; 564 j--; /* Otherwise, -mr gets confused with an 565 * algorithm. */ 566 } else 567 #ifndef OPENSSL_NO_MD4 568 if (strcmp(*argv, "md4") == 0) 569 doit[D_MD4] = 1; 570 else 571 #endif 572 #ifndef OPENSSL_NO_MD5 573 if (strcmp(*argv, "md5") == 0) 574 doit[D_MD5] = 1; 575 else 576 #endif 577 #ifndef OPENSSL_NO_MD5 578 if (strcmp(*argv, "hmac") == 0) 579 doit[D_HMAC] = 1; 580 else 581 #endif 582 #ifndef OPENSSL_NO_SHA 583 if (strcmp(*argv, "sha1") == 0) 584 doit[D_SHA1] = 1; 585 else if (strcmp(*argv, "sha") == 0) 586 doit[D_SHA1] = 1, 587 doit[D_SHA256] = 1, 588 doit[D_SHA512] = 1; 589 else 590 #ifndef OPENSSL_NO_SHA256 591 if (strcmp(*argv, "sha256") == 0) 592 doit[D_SHA256] = 1; 593 else 594 #endif 595 #ifndef OPENSSL_NO_SHA512 596 if (strcmp(*argv, "sha512") == 0) 597 doit[D_SHA512] = 1; 598 else 599 #endif 600 #endif 601 #ifndef OPENSSL_NO_WHIRLPOOL 602 if (strcmp(*argv, "whirlpool") == 0) 603 doit[D_WHIRLPOOL] = 1; 604 else 605 #endif 606 #ifndef OPENSSL_NO_RIPEMD 607 if (strcmp(*argv, "ripemd") == 0) 608 doit[D_RMD160] = 1; 609 else if (strcmp(*argv, "rmd160") == 0) 610 doit[D_RMD160] = 1; 611 else if (strcmp(*argv, "ripemd160") == 0) 612 doit[D_RMD160] = 1; 613 else 614 #endif 615 #ifndef OPENSSL_NO_RC4 616 if (strcmp(*argv, "rc4") == 0) 617 doit[D_RC4] = 1; 618 else 619 #endif 620 #ifndef OPENSSL_NO_DES 621 if (strcmp(*argv, "des-cbc") == 0) 622 doit[D_CBC_DES] = 1; 623 else if (strcmp(*argv, "des-ede3") == 0) 624 doit[D_EDE3_DES] = 1; 625 else 626 #endif 627 #ifndef OPENSSL_NO_AES 628 if (strcmp(*argv, "aes-128-cbc") == 0) 629 doit[D_CBC_128_AES] = 1; 630 else if (strcmp(*argv, "aes-192-cbc") == 0) 631 doit[D_CBC_192_AES] = 1; 632 else if (strcmp(*argv, "aes-256-cbc") == 0) 633 doit[D_CBC_256_AES] = 1; 634 else if (strcmp(*argv, "aes-128-ige") == 0) 635 doit[D_IGE_128_AES] = 1; 636 else if (strcmp(*argv, "aes-192-ige") == 0) 637 doit[D_IGE_192_AES] = 1; 638 else if (strcmp(*argv, "aes-256-ige") == 0) 639 doit[D_IGE_256_AES] = 1; 640 else 641 #endif 642 #ifndef OPENSSL_NO_CAMELLIA 643 if (strcmp(*argv, "camellia-128-cbc") == 0) 644 doit[D_CBC_128_CML] = 1; 645 else if (strcmp(*argv, "camellia-192-cbc") == 0) 646 doit[D_CBC_192_CML] = 1; 647 else if (strcmp(*argv, "camellia-256-cbc") == 0) 648 doit[D_CBC_256_CML] = 1; 649 else 650 #endif 651 #ifndef RSA_NULL 652 if (strcmp(*argv, "openssl") == 0) { 653 RSA_set_default_method(RSA_PKCS1_SSLeay()); 654 j--; 655 } else 656 #endif 657 if (strcmp(*argv, "dsa512") == 0) 658 dsa_doit[R_DSA_512] = 2; 659 else if (strcmp(*argv, "dsa1024") == 0) 660 dsa_doit[R_DSA_1024] = 2; 661 else if (strcmp(*argv, "dsa2048") == 0) 662 dsa_doit[R_DSA_2048] = 2; 663 else if (strcmp(*argv, "rsa512") == 0) 664 rsa_doit[R_RSA_512] = 2; 665 else if (strcmp(*argv, "rsa1024") == 0) 666 rsa_doit[R_RSA_1024] = 2; 667 else if (strcmp(*argv, "rsa2048") == 0) 668 rsa_doit[R_RSA_2048] = 2; 669 else if (strcmp(*argv, "rsa4096") == 0) 670 rsa_doit[R_RSA_4096] = 2; 671 else 672 #ifndef OPENSSL_NO_RC2 673 if (strcmp(*argv, "rc2-cbc") == 0) 674 doit[D_CBC_RC2] = 1; 675 else if (strcmp(*argv, "rc2") == 0) 676 doit[D_CBC_RC2] = 1; 677 else 678 #endif 679 #ifndef OPENSSL_NO_IDEA 680 if (strcmp(*argv, "idea-cbc") == 0) 681 doit[D_CBC_IDEA] = 1; 682 else if (strcmp(*argv, "idea") == 0) 683 doit[D_CBC_IDEA] = 1; 684 else 685 #endif 686 #ifndef OPENSSL_NO_BF 687 if (strcmp(*argv, "bf-cbc") == 0) 688 doit[D_CBC_BF] = 1; 689 else if (strcmp(*argv, "blowfish") == 0) 690 doit[D_CBC_BF] = 1; 691 else if (strcmp(*argv, "bf") == 0) 692 doit[D_CBC_BF] = 1; 693 else 694 #endif 695 #ifndef OPENSSL_NO_CAST 696 if (strcmp(*argv, "cast-cbc") == 0) 697 doit[D_CBC_CAST] = 1; 698 else if (strcmp(*argv, "cast") == 0) 699 doit[D_CBC_CAST] = 1; 700 else if (strcmp(*argv, "cast5") == 0) 701 doit[D_CBC_CAST] = 1; 702 else 703 #endif 704 #ifndef OPENSSL_NO_DES 705 if (strcmp(*argv, "des") == 0) { 706 doit[D_CBC_DES] = 1; 707 doit[D_EDE3_DES] = 1; 708 } else 709 #endif 710 #ifndef OPENSSL_NO_AES 711 if (strcmp(*argv, "aes") == 0) { 712 doit[D_CBC_128_AES] = 1; 713 doit[D_CBC_192_AES] = 1; 714 doit[D_CBC_256_AES] = 1; 715 } else if (strcmp(*argv, "ghash") == 0) 716 doit[D_GHASH] = 1; 717 else if (strcmp(*argv,"aes-128-gcm") == 0) 718 doit[D_AES_128_GCM]=1; 719 else if (strcmp(*argv,"aes-256-gcm") == 0) 720 doit[D_AES_256_GCM]=1; 721 else 722 #endif 723 #ifndef OPENSSL_NO_CAMELLIA 724 if (strcmp(*argv, "camellia") == 0) { 725 doit[D_CBC_128_CML] = 1; 726 doit[D_CBC_192_CML] = 1; 727 doit[D_CBC_256_CML] = 1; 728 } else 729 #endif 730 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) 731 if (strcmp(*argv,"chacha20-poly1305") == 0) 732 doit[D_CHACHA20_POLY1305]=1; 733 else 734 #endif 735 if (strcmp(*argv, "rsa") == 0) { 736 rsa_doit[R_RSA_512] = 1; 737 rsa_doit[R_RSA_1024] = 1; 738 rsa_doit[R_RSA_2048] = 1; 739 rsa_doit[R_RSA_4096] = 1; 740 } else 741 if (strcmp(*argv, "dsa") == 0) { 742 dsa_doit[R_DSA_512] = 1; 743 dsa_doit[R_DSA_1024] = 1; 744 dsa_doit[R_DSA_2048] = 1; 745 } else 746 if (strcmp(*argv, "ecdsap160") == 0) 747 ecdsa_doit[R_EC_P160] = 2; 748 else if (strcmp(*argv, "ecdsap192") == 0) 749 ecdsa_doit[R_EC_P192] = 2; 750 else if (strcmp(*argv, "ecdsap224") == 0) 751 ecdsa_doit[R_EC_P224] = 2; 752 else if (strcmp(*argv, "ecdsap256") == 0) 753 ecdsa_doit[R_EC_P256] = 2; 754 else if (strcmp(*argv, "ecdsap384") == 0) 755 ecdsa_doit[R_EC_P384] = 2; 756 else if (strcmp(*argv, "ecdsap521") == 0) 757 ecdsa_doit[R_EC_P521] = 2; 758 else if (strcmp(*argv, "ecdsak163") == 0) 759 ecdsa_doit[R_EC_K163] = 2; 760 else if (strcmp(*argv, "ecdsak233") == 0) 761 ecdsa_doit[R_EC_K233] = 2; 762 else if (strcmp(*argv, "ecdsak283") == 0) 763 ecdsa_doit[R_EC_K283] = 2; 764 else if (strcmp(*argv, "ecdsak409") == 0) 765 ecdsa_doit[R_EC_K409] = 2; 766 else if (strcmp(*argv, "ecdsak571") == 0) 767 ecdsa_doit[R_EC_K571] = 2; 768 else if (strcmp(*argv, "ecdsab163") == 0) 769 ecdsa_doit[R_EC_B163] = 2; 770 else if (strcmp(*argv, "ecdsab233") == 0) 771 ecdsa_doit[R_EC_B233] = 2; 772 else if (strcmp(*argv, "ecdsab283") == 0) 773 ecdsa_doit[R_EC_B283] = 2; 774 else if (strcmp(*argv, "ecdsab409") == 0) 775 ecdsa_doit[R_EC_B409] = 2; 776 else if (strcmp(*argv, "ecdsab571") == 0) 777 ecdsa_doit[R_EC_B571] = 2; 778 else if (strcmp(*argv, "ecdsa") == 0) { 779 for (i = 0; i < EC_NUM; i++) 780 ecdsa_doit[i] = 1; 781 } else 782 if (strcmp(*argv, "ecdhp160") == 0) 783 ecdh_doit[R_EC_P160] = 2; 784 else if (strcmp(*argv, "ecdhp192") == 0) 785 ecdh_doit[R_EC_P192] = 2; 786 else if (strcmp(*argv, "ecdhp224") == 0) 787 ecdh_doit[R_EC_P224] = 2; 788 else if (strcmp(*argv, "ecdhp256") == 0) 789 ecdh_doit[R_EC_P256] = 2; 790 else if (strcmp(*argv, "ecdhp384") == 0) 791 ecdh_doit[R_EC_P384] = 2; 792 else if (strcmp(*argv, "ecdhp521") == 0) 793 ecdh_doit[R_EC_P521] = 2; 794 else if (strcmp(*argv, "ecdhk163") == 0) 795 ecdh_doit[R_EC_K163] = 2; 796 else if (strcmp(*argv, "ecdhk233") == 0) 797 ecdh_doit[R_EC_K233] = 2; 798 else if (strcmp(*argv, "ecdhk283") == 0) 799 ecdh_doit[R_EC_K283] = 2; 800 else if (strcmp(*argv, "ecdhk409") == 0) 801 ecdh_doit[R_EC_K409] = 2; 802 else if (strcmp(*argv, "ecdhk571") == 0) 803 ecdh_doit[R_EC_K571] = 2; 804 else if (strcmp(*argv, "ecdhb163") == 0) 805 ecdh_doit[R_EC_B163] = 2; 806 else if (strcmp(*argv, "ecdhb233") == 0) 807 ecdh_doit[R_EC_B233] = 2; 808 else if (strcmp(*argv, "ecdhb283") == 0) 809 ecdh_doit[R_EC_B283] = 2; 810 else if (strcmp(*argv, "ecdhb409") == 0) 811 ecdh_doit[R_EC_B409] = 2; 812 else if (strcmp(*argv, "ecdhb571") == 0) 813 ecdh_doit[R_EC_B571] = 2; 814 else if (strcmp(*argv, "ecdh") == 0) { 815 for (i = 0; i < EC_NUM; i++) 816 ecdh_doit[i] = 1; 817 } else 818 { 819 BIO_printf(bio_err, "Error: bad option or value\n"); 820 BIO_printf(bio_err, "\n"); 821 BIO_printf(bio_err, "Available values:\n"); 822 #ifndef OPENSSL_NO_MD4 823 BIO_printf(bio_err, "md4 "); 824 #endif 825 #ifndef OPENSSL_NO_MD5 826 BIO_printf(bio_err, "md5 "); 827 #ifndef OPENSSL_NO_HMAC 828 BIO_printf(bio_err, "hmac "); 829 #endif 830 #endif 831 #ifndef OPENSSL_NO_SHA1 832 BIO_printf(bio_err, "sha1 "); 833 #endif 834 #ifndef OPENSSL_NO_SHA256 835 BIO_printf(bio_err, "sha256 "); 836 #endif 837 #ifndef OPENSSL_NO_SHA512 838 BIO_printf(bio_err, "sha512 "); 839 #endif 840 #ifndef OPENSSL_NO_WHIRLPOOL 841 BIO_printf(bio_err, "whirlpool"); 842 #endif 843 #ifndef OPENSSL_NO_RIPEMD160 844 BIO_printf(bio_err, "rmd160"); 845 #endif 846 #if !defined(OPENSSL_NO_MD2) || \ 847 !defined(OPENSSL_NO_MD4) || !defined(OPENSSL_NO_MD5) || \ 848 !defined(OPENSSL_NO_SHA1) || !defined(OPENSSL_NO_RIPEMD160) || \ 849 !defined(OPENSSL_NO_WHIRLPOOL) 850 BIO_printf(bio_err, "\n"); 851 #endif 852 853 #ifndef OPENSSL_NO_IDEA 854 BIO_printf(bio_err, "idea-cbc "); 855 #endif 856 #ifndef OPENSSL_NO_RC2 857 BIO_printf(bio_err, "rc2-cbc "); 858 #endif 859 #ifndef OPENSSL_NO_BF 860 BIO_printf(bio_err, "bf-cbc "); 861 #endif 862 #ifndef OPENSSL_NO_DES 863 BIO_printf(bio_err, "des-cbc des-ede3\n"); 864 #endif 865 #ifndef OPENSSL_NO_AES 866 BIO_printf(bio_err, "aes-128-cbc aes-192-cbc aes-256-cbc "); 867 BIO_printf(bio_err, "aes-128-ige aes-192-ige aes-256-ige\n"); 868 BIO_printf(bio_err, "aes-128-gcm aes-256-gcm "); 869 #endif 870 #ifndef OPENSSL_NO_CAMELLIA 871 BIO_printf(bio_err, "\n"); 872 BIO_printf(bio_err, "camellia-128-cbc camellia-192-cbc camellia-256-cbc "); 873 #endif 874 #ifndef OPENSSL_NO_RC4 875 BIO_printf(bio_err, "rc4"); 876 #endif 877 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) 878 BIO_printf(bio_err," chacha20-poly1305"); 879 #endif 880 BIO_printf(bio_err, "\n"); 881 882 BIO_printf(bio_err, "rsa512 rsa1024 rsa2048 rsa4096\n"); 883 884 BIO_printf(bio_err, "dsa512 dsa1024 dsa2048\n"); 885 BIO_printf(bio_err, "ecdsap160 ecdsap192 ecdsap224 ecdsap256 ecdsap384 ecdsap521\n"); 886 BIO_printf(bio_err, "ecdsak163 ecdsak233 ecdsak283 ecdsak409 ecdsak571\n"); 887 BIO_printf(bio_err, "ecdsab163 ecdsab233 ecdsab283 ecdsab409 ecdsab571 ecdsa\n"); 888 BIO_printf(bio_err, "ecdhp160 ecdhp192 ecdhp224 ecdhp256 ecdhp384 ecdhp521\n"); 889 BIO_printf(bio_err, "ecdhk163 ecdhk233 ecdhk283 ecdhk409 ecdhk571\n"); 890 BIO_printf(bio_err, "ecdhb163 ecdhb233 ecdhb283 ecdhb409 ecdhb571 ecdh\n"); 891 892 #ifndef OPENSSL_NO_IDEA 893 BIO_printf(bio_err, "idea "); 894 #endif 895 #ifndef OPENSSL_NO_RC2 896 BIO_printf(bio_err, "rc2 "); 897 #endif 898 #ifndef OPENSSL_NO_DES 899 BIO_printf(bio_err, "des "); 900 #endif 901 #ifndef OPENSSL_NO_AES 902 BIO_printf(bio_err, "aes "); 903 #endif 904 #ifndef OPENSSL_NO_CAMELLIA 905 BIO_printf(bio_err, "camellia "); 906 #endif 907 BIO_printf(bio_err, "rsa "); 908 #ifndef OPENSSL_NO_BF 909 BIO_printf(bio_err, "blowfish"); 910 #endif 911 #if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_SEED) || \ 912 !defined(OPENSSL_NO_RC2) || !defined(OPENSSL_NO_DES) || \ 913 !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_BF) || \ 914 !defined(OPENSSL_NO_AES) || !defined(OPENSSL_NO_CAMELLIA) 915 BIO_printf(bio_err, "\n"); 916 #endif 917 918 BIO_printf(bio_err, "\n"); 919 BIO_printf(bio_err, "Available options:\n"); 920 BIO_printf(bio_err, "-elapsed measure time in real time instead of CPU user time.\n"); 921 BIO_printf(bio_err, "-evp e use EVP e.\n"); 922 BIO_printf(bio_err, "-decrypt time decryption instead of encryption (only EVP).\n"); 923 BIO_printf(bio_err, "-mr produce machine readable output.\n"); 924 BIO_printf(bio_err, "-multi n run n benchmarks in parallel.\n"); 925 goto end; 926 } 927 argc--; 928 argv++; 929 j++; 930 } 931 932 if (multi && do_multi(multi)) 933 goto show_res; 934 935 if (j == 0) { 936 for (i = 0; i < ALGOR_NUM; i++) { 937 if (i != D_EVP) 938 doit[i] = 1; 939 } 940 for (i = 0; i < RSA_NUM; i++) 941 rsa_doit[i] = 1; 942 for (i = 0; i < DSA_NUM; i++) 943 dsa_doit[i] = 1; 944 for (i = 0; i < EC_NUM; i++) 945 ecdsa_doit[i] = 1; 946 for (i = 0; i < EC_NUM; i++) 947 ecdh_doit[i] = 1; 948 } 949 for (i = 0; i < ALGOR_NUM; i++) 950 if (doit[i]) 951 pr_header++; 952 953 if (usertime == 0 && !mr) 954 BIO_printf(bio_err, "You have chosen to measure elapsed time instead of user CPU time.\n"); 955 956 for (i = 0; i < RSA_NUM; i++) { 957 const unsigned char *p; 958 959 p = rsa_data[i]; 960 rsa_key[i] = d2i_RSAPrivateKey(NULL, &p, rsa_data_length[i]); 961 if (rsa_key[i] == NULL) { 962 BIO_printf(bio_err, "internal error loading RSA key number %d\n", i); 963 goto end; 964 } 965 } 966 967 dsa_key[0] = get_dsa512(); 968 dsa_key[1] = get_dsa1024(); 969 dsa_key[2] = get_dsa2048(); 970 971 #ifndef OPENSSL_NO_DES 972 DES_set_key_unchecked(&key, &sch); 973 DES_set_key_unchecked(&key2, &sch2); 974 DES_set_key_unchecked(&key3, &sch3); 975 #endif 976 #ifndef OPENSSL_NO_AES 977 AES_set_encrypt_key(key16, 128, &aes_ks1); 978 AES_set_encrypt_key(key24, 192, &aes_ks2); 979 AES_set_encrypt_key(key32, 256, &aes_ks3); 980 #endif 981 #ifndef OPENSSL_NO_CAMELLIA 982 Camellia_set_key(key16, 128, &camellia_ks1); 983 Camellia_set_key(ckey24, 192, &camellia_ks2); 984 Camellia_set_key(ckey32, 256, &camellia_ks3); 985 #endif 986 #ifndef OPENSSL_NO_IDEA 987 idea_set_encrypt_key(key16, &idea_ks); 988 #endif 989 #ifndef OPENSSL_NO_RC4 990 RC4_set_key(&rc4_ks, 16, key16); 991 #endif 992 #ifndef OPENSSL_NO_RC2 993 RC2_set_key(&rc2_ks, 16, key16, 128); 994 #endif 995 #ifndef OPENSSL_NO_BF 996 BF_set_key(&bf_ks, 16, key16); 997 #endif 998 #ifndef OPENSSL_NO_CAST 999 CAST_set_key(&cast_ks, 16, key16); 1000 #endif 1001 memset(rsa_c, 0, sizeof(rsa_c)); 1002 #define COND(c) (run && count<0x7fffffff) 1003 #define COUNT(d) (count) 1004 signal(SIGALRM, sig_done); 1005 1006 #ifndef OPENSSL_NO_MD4 1007 if (doit[D_MD4]) { 1008 for (j = 0; j < SIZE_NUM; j++) { 1009 print_message(names[D_MD4], c[D_MD4][j], lengths[j]); 1010 Time_F(START); 1011 for (count = 0, run = 1; COND(c[D_MD4][j]); count++) 1012 EVP_Digest(&(buf[0]), (unsigned long) lengths[j], &(md4[0]), NULL, EVP_md4(), NULL); 1013 d = Time_F(STOP); 1014 print_result(D_MD4, j, count, d); 1015 } 1016 } 1017 #endif 1018 1019 #ifndef OPENSSL_NO_MD5 1020 if (doit[D_MD5]) { 1021 for (j = 0; j < SIZE_NUM; j++) { 1022 print_message(names[D_MD5], c[D_MD5][j], lengths[j]); 1023 Time_F(START); 1024 for (count = 0, run = 1; COND(c[D_MD5][j]); count++) 1025 EVP_Digest(&(buf[0]), (unsigned long) lengths[j], &(md5[0]), NULL, EVP_get_digestbyname("md5"), NULL); 1026 d = Time_F(STOP); 1027 print_result(D_MD5, j, count, d); 1028 } 1029 } 1030 #endif 1031 1032 #if !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_HMAC) 1033 if (doit[D_HMAC]) { 1034 HMAC_CTX hctx; 1035 1036 HMAC_CTX_init(&hctx); 1037 HMAC_Init_ex(&hctx, (unsigned char *) "This is a key...", 1038 16, EVP_md5(), NULL); 1039 1040 for (j = 0; j < SIZE_NUM; j++) { 1041 print_message(names[D_HMAC], c[D_HMAC][j], lengths[j]); 1042 Time_F(START); 1043 for (count = 0, run = 1; COND(c[D_HMAC][j]); count++) { 1044 HMAC_Init_ex(&hctx, NULL, 0, NULL, NULL); 1045 HMAC_Update(&hctx, buf, lengths[j]); 1046 HMAC_Final(&hctx, &(hmac[0]), NULL); 1047 } 1048 d = Time_F(STOP); 1049 print_result(D_HMAC, j, count, d); 1050 } 1051 HMAC_CTX_cleanup(&hctx); 1052 } 1053 #endif 1054 #ifndef OPENSSL_NO_SHA 1055 if (doit[D_SHA1]) { 1056 for (j = 0; j < SIZE_NUM; j++) { 1057 print_message(names[D_SHA1], c[D_SHA1][j], lengths[j]); 1058 Time_F(START); 1059 for (count = 0, run = 1; COND(c[D_SHA1][j]); count++) 1060 EVP_Digest(buf, (unsigned long) lengths[j], &(sha[0]), NULL, EVP_sha1(), NULL); 1061 d = Time_F(STOP); 1062 print_result(D_SHA1, j, count, d); 1063 } 1064 } 1065 #ifndef OPENSSL_NO_SHA256 1066 if (doit[D_SHA256]) { 1067 for (j = 0; j < SIZE_NUM; j++) { 1068 print_message(names[D_SHA256], c[D_SHA256][j], lengths[j]); 1069 Time_F(START); 1070 for (count = 0, run = 1; COND(c[D_SHA256][j]); count++) 1071 SHA256(buf, lengths[j], sha256); 1072 d = Time_F(STOP); 1073 print_result(D_SHA256, j, count, d); 1074 } 1075 } 1076 #endif 1077 1078 #ifndef OPENSSL_NO_SHA512 1079 if (doit[D_SHA512]) { 1080 for (j = 0; j < SIZE_NUM; j++) { 1081 print_message(names[D_SHA512], c[D_SHA512][j], lengths[j]); 1082 Time_F(START); 1083 for (count = 0, run = 1; COND(c[D_SHA512][j]); count++) 1084 SHA512(buf, lengths[j], sha512); 1085 d = Time_F(STOP); 1086 print_result(D_SHA512, j, count, d); 1087 } 1088 } 1089 #endif 1090 #endif 1091 1092 #ifndef OPENSSL_NO_WHIRLPOOL 1093 if (doit[D_WHIRLPOOL]) { 1094 for (j = 0; j < SIZE_NUM; j++) { 1095 print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][j], lengths[j]); 1096 Time_F(START); 1097 for (count = 0, run = 1; COND(c[D_WHIRLPOOL][j]); count++) 1098 WHIRLPOOL(buf, lengths[j], whirlpool); 1099 d = Time_F(STOP); 1100 print_result(D_WHIRLPOOL, j, count, d); 1101 } 1102 } 1103 #endif 1104 1105 #ifndef OPENSSL_NO_RIPEMD 1106 if (doit[D_RMD160]) { 1107 for (j = 0; j < SIZE_NUM; j++) { 1108 print_message(names[D_RMD160], c[D_RMD160][j], lengths[j]); 1109 Time_F(START); 1110 for (count = 0, run = 1; COND(c[D_RMD160][j]); count++) 1111 EVP_Digest(buf, (unsigned long) lengths[j], &(rmd160[0]), NULL, EVP_ripemd160(), NULL); 1112 d = Time_F(STOP); 1113 print_result(D_RMD160, j, count, d); 1114 } 1115 } 1116 #endif 1117 #ifndef OPENSSL_NO_RC4 1118 if (doit[D_RC4]) { 1119 for (j = 0; j < SIZE_NUM; j++) { 1120 print_message(names[D_RC4], c[D_RC4][j], lengths[j]); 1121 Time_F(START); 1122 for (count = 0, run = 1; COND(c[D_RC4][j]); count++) 1123 RC4(&rc4_ks, (unsigned int) lengths[j], 1124 buf, buf); 1125 d = Time_F(STOP); 1126 print_result(D_RC4, j, count, d); 1127 } 1128 } 1129 #endif 1130 #ifndef OPENSSL_NO_DES 1131 if (doit[D_CBC_DES]) { 1132 for (j = 0; j < SIZE_NUM; j++) { 1133 print_message(names[D_CBC_DES], c[D_CBC_DES][j], lengths[j]); 1134 Time_F(START); 1135 for (count = 0, run = 1; COND(c[D_CBC_DES][j]); count++) 1136 DES_ncbc_encrypt(buf, buf, lengths[j], &sch, 1137 &DES_iv, DES_ENCRYPT); 1138 d = Time_F(STOP); 1139 print_result(D_CBC_DES, j, count, d); 1140 } 1141 } 1142 if (doit[D_EDE3_DES]) { 1143 for (j = 0; j < SIZE_NUM; j++) { 1144 print_message(names[D_EDE3_DES], c[D_EDE3_DES][j], lengths[j]); 1145 Time_F(START); 1146 for (count = 0, run = 1; COND(c[D_EDE3_DES][j]); count++) 1147 DES_ede3_cbc_encrypt(buf, buf, lengths[j], 1148 &sch, &sch2, &sch3, 1149 &DES_iv, DES_ENCRYPT); 1150 d = Time_F(STOP); 1151 print_result(D_EDE3_DES, j, count, d); 1152 } 1153 } 1154 #endif 1155 #ifndef OPENSSL_NO_AES 1156 if (doit[D_CBC_128_AES]) { 1157 for (j = 0; j < SIZE_NUM; j++) { 1158 print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][j], lengths[j]); 1159 Time_F(START); 1160 for (count = 0, run = 1; COND(c[D_CBC_128_AES][j]); count++) 1161 AES_cbc_encrypt(buf, buf, 1162 (unsigned long) lengths[j], &aes_ks1, 1163 iv, AES_ENCRYPT); 1164 d = Time_F(STOP); 1165 print_result(D_CBC_128_AES, j, count, d); 1166 } 1167 } 1168 if (doit[D_CBC_192_AES]) { 1169 for (j = 0; j < SIZE_NUM; j++) { 1170 print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][j], lengths[j]); 1171 Time_F(START); 1172 for (count = 0, run = 1; COND(c[D_CBC_192_AES][j]); count++) 1173 AES_cbc_encrypt(buf, buf, 1174 (unsigned long) lengths[j], &aes_ks2, 1175 iv, AES_ENCRYPT); 1176 d = Time_F(STOP); 1177 print_result(D_CBC_192_AES, j, count, d); 1178 } 1179 } 1180 if (doit[D_CBC_256_AES]) { 1181 for (j = 0; j < SIZE_NUM; j++) { 1182 print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][j], lengths[j]); 1183 Time_F(START); 1184 for (count = 0, run = 1; COND(c[D_CBC_256_AES][j]); count++) 1185 AES_cbc_encrypt(buf, buf, 1186 (unsigned long) lengths[j], &aes_ks3, 1187 iv, AES_ENCRYPT); 1188 d = Time_F(STOP); 1189 print_result(D_CBC_256_AES, j, count, d); 1190 } 1191 } 1192 if (doit[D_IGE_128_AES]) { 1193 for (j = 0; j < SIZE_NUM; j++) { 1194 print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][j], lengths[j]); 1195 Time_F(START); 1196 for (count = 0, run = 1; COND(c[D_IGE_128_AES][j]); count++) 1197 AES_ige_encrypt(buf, buf2, 1198 (unsigned long) lengths[j], &aes_ks1, 1199 iv, AES_ENCRYPT); 1200 d = Time_F(STOP); 1201 print_result(D_IGE_128_AES, j, count, d); 1202 } 1203 } 1204 if (doit[D_IGE_192_AES]) { 1205 for (j = 0; j < SIZE_NUM; j++) { 1206 print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][j], lengths[j]); 1207 Time_F(START); 1208 for (count = 0, run = 1; COND(c[D_IGE_192_AES][j]); count++) 1209 AES_ige_encrypt(buf, buf2, 1210 (unsigned long) lengths[j], &aes_ks2, 1211 iv, AES_ENCRYPT); 1212 d = Time_F(STOP); 1213 print_result(D_IGE_192_AES, j, count, d); 1214 } 1215 } 1216 if (doit[D_IGE_256_AES]) { 1217 for (j = 0; j < SIZE_NUM; j++) { 1218 print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][j], lengths[j]); 1219 Time_F(START); 1220 for (count = 0, run = 1; COND(c[D_IGE_256_AES][j]); count++) 1221 AES_ige_encrypt(buf, buf2, 1222 (unsigned long) lengths[j], &aes_ks3, 1223 iv, AES_ENCRYPT); 1224 d = Time_F(STOP); 1225 print_result(D_IGE_256_AES, j, count, d); 1226 } 1227 } 1228 if (doit[D_GHASH]) { 1229 GCM128_CONTEXT *ctx = CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt); 1230 CRYPTO_gcm128_setiv(ctx, (unsigned char *) "0123456789ab", 12); 1231 1232 for (j = 0; j < SIZE_NUM; j++) { 1233 print_message(names[D_GHASH], c[D_GHASH][j], lengths[j]); 1234 Time_F(START); 1235 for (count = 0, run = 1; COND(c[D_GHASH][j]); count++) 1236 CRYPTO_gcm128_aad(ctx, buf, lengths[j]); 1237 d = Time_F(STOP); 1238 print_result(D_GHASH, j, count, d); 1239 } 1240 CRYPTO_gcm128_release(ctx); 1241 } 1242 if (doit[D_AES_128_GCM]) { 1243 const EVP_AEAD *aead = EVP_aead_aes_128_gcm(); 1244 static const unsigned char nonce[32] = {0}; 1245 size_t buf_len, nonce_len; 1246 EVP_AEAD_CTX ctx; 1247 1248 EVP_AEAD_CTX_init(&ctx, aead, key32, EVP_AEAD_key_length(aead), 1249 EVP_AEAD_DEFAULT_TAG_LENGTH, NULL); 1250 nonce_len = EVP_AEAD_nonce_length(aead); 1251 1252 for (j = 0; j < SIZE_NUM; j++) { 1253 print_message(names[D_AES_128_GCM],c[D_AES_128_GCM][j],lengths[j]); 1254 Time_F(START); 1255 for (count = 0, run = 1; COND(c[D_AES_128_GCM][j]); count++) 1256 EVP_AEAD_CTX_seal(&ctx, buf, &buf_len, BUFSIZE, nonce, 1257 nonce_len, buf, lengths[j], NULL, 0); 1258 d=Time_F(STOP); 1259 print_result(D_AES_128_GCM,j,count,d); 1260 } 1261 EVP_AEAD_CTX_cleanup(&ctx); 1262 } 1263 1264 if (doit[D_AES_256_GCM]) { 1265 const EVP_AEAD *aead = EVP_aead_aes_256_gcm(); 1266 static const unsigned char nonce[32] = {0}; 1267 size_t buf_len, nonce_len; 1268 EVP_AEAD_CTX ctx; 1269 1270 EVP_AEAD_CTX_init(&ctx, aead, key32, EVP_AEAD_key_length(aead), 1271 EVP_AEAD_DEFAULT_TAG_LENGTH, NULL); 1272 nonce_len = EVP_AEAD_nonce_length(aead); 1273 1274 for (j = 0; j < SIZE_NUM; j++) { 1275 print_message(names[D_AES_256_GCM],c[D_AES_256_GCM][j],lengths[j]); 1276 Time_F(START); 1277 for (count = 0, run = 1; COND(c[D_AES_256_GCM][j]); count++) 1278 EVP_AEAD_CTX_seal(&ctx, buf, &buf_len, BUFSIZE, nonce, 1279 nonce_len, buf, lengths[j], NULL, 0); 1280 d=Time_F(STOP); 1281 print_result(D_AES_256_GCM, j, count, d); 1282 } 1283 EVP_AEAD_CTX_cleanup(&ctx); 1284 } 1285 #endif 1286 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) 1287 if (doit[D_CHACHA20_POLY1305]) { 1288 const EVP_AEAD *aead = EVP_aead_chacha20_poly1305(); 1289 static const unsigned char nonce[32] = {0}; 1290 size_t buf_len, nonce_len; 1291 EVP_AEAD_CTX ctx; 1292 1293 EVP_AEAD_CTX_init(&ctx, aead, key32, EVP_AEAD_key_length(aead), 1294 EVP_AEAD_DEFAULT_TAG_LENGTH, NULL); 1295 nonce_len = EVP_AEAD_nonce_length(aead); 1296 1297 for (j = 0; j < SIZE_NUM; j++) { 1298 print_message(names[D_CHACHA20_POLY1305], 1299 c[D_CHACHA20_POLY1305][j], lengths[j]); 1300 Time_F(START); 1301 for (count = 0, run = 1; COND(c[D_CHACHA20_POLY1305][j]); count++) 1302 EVP_AEAD_CTX_seal(&ctx, buf, &buf_len, BUFSIZE, nonce, 1303 nonce_len, buf, lengths[j], NULL, 0); 1304 d=Time_F(STOP); 1305 print_result(D_CHACHA20_POLY1305, j, count, d); 1306 } 1307 EVP_AEAD_CTX_cleanup(&ctx); 1308 } 1309 #endif 1310 #ifndef OPENSSL_NO_CAMELLIA 1311 if (doit[D_CBC_128_CML]) { 1312 for (j = 0; j < SIZE_NUM; j++) { 1313 print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][j], lengths[j]); 1314 Time_F(START); 1315 for (count = 0, run = 1; COND(c[D_CBC_128_CML][j]); count++) 1316 Camellia_cbc_encrypt(buf, buf, 1317 (unsigned long) lengths[j], &camellia_ks1, 1318 iv, CAMELLIA_ENCRYPT); 1319 d = Time_F(STOP); 1320 print_result(D_CBC_128_CML, j, count, d); 1321 } 1322 } 1323 if (doit[D_CBC_192_CML]) { 1324 for (j = 0; j < SIZE_NUM; j++) { 1325 print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][j], lengths[j]); 1326 Time_F(START); 1327 for (count = 0, run = 1; COND(c[D_CBC_192_CML][j]); count++) 1328 Camellia_cbc_encrypt(buf, buf, 1329 (unsigned long) lengths[j], &camellia_ks2, 1330 iv, CAMELLIA_ENCRYPT); 1331 d = Time_F(STOP); 1332 print_result(D_CBC_192_CML, j, count, d); 1333 } 1334 } 1335 if (doit[D_CBC_256_CML]) { 1336 for (j = 0; j < SIZE_NUM; j++) { 1337 print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][j], lengths[j]); 1338 Time_F(START); 1339 for (count = 0, run = 1; COND(c[D_CBC_256_CML][j]); count++) 1340 Camellia_cbc_encrypt(buf, buf, 1341 (unsigned long) lengths[j], &camellia_ks3, 1342 iv, CAMELLIA_ENCRYPT); 1343 d = Time_F(STOP); 1344 print_result(D_CBC_256_CML, j, count, d); 1345 } 1346 } 1347 #endif 1348 #ifndef OPENSSL_NO_IDEA 1349 if (doit[D_CBC_IDEA]) { 1350 for (j = 0; j < SIZE_NUM; j++) { 1351 print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][j], lengths[j]); 1352 Time_F(START); 1353 for (count = 0, run = 1; COND(c[D_CBC_IDEA][j]); count++) 1354 idea_cbc_encrypt(buf, buf, 1355 (unsigned long) lengths[j], &idea_ks, 1356 iv, IDEA_ENCRYPT); 1357 d = Time_F(STOP); 1358 print_result(D_CBC_IDEA, j, count, d); 1359 } 1360 } 1361 #endif 1362 #ifndef OPENSSL_NO_RC2 1363 if (doit[D_CBC_RC2]) { 1364 for (j = 0; j < SIZE_NUM; j++) { 1365 print_message(names[D_CBC_RC2], c[D_CBC_RC2][j], lengths[j]); 1366 Time_F(START); 1367 for (count = 0, run = 1; COND(c[D_CBC_RC2][j]); count++) 1368 RC2_cbc_encrypt(buf, buf, 1369 (unsigned long) lengths[j], &rc2_ks, 1370 iv, RC2_ENCRYPT); 1371 d = Time_F(STOP); 1372 print_result(D_CBC_RC2, j, count, d); 1373 } 1374 } 1375 #endif 1376 #ifndef OPENSSL_NO_BF 1377 if (doit[D_CBC_BF]) { 1378 for (j = 0; j < SIZE_NUM; j++) { 1379 print_message(names[D_CBC_BF], c[D_CBC_BF][j], lengths[j]); 1380 Time_F(START); 1381 for (count = 0, run = 1; COND(c[D_CBC_BF][j]); count++) 1382 BF_cbc_encrypt(buf, buf, 1383 (unsigned long) lengths[j], &bf_ks, 1384 iv, BF_ENCRYPT); 1385 d = Time_F(STOP); 1386 print_result(D_CBC_BF, j, count, d); 1387 } 1388 } 1389 #endif 1390 #ifndef OPENSSL_NO_CAST 1391 if (doit[D_CBC_CAST]) { 1392 for (j = 0; j < SIZE_NUM; j++) { 1393 print_message(names[D_CBC_CAST], c[D_CBC_CAST][j], lengths[j]); 1394 Time_F(START); 1395 for (count = 0, run = 1; COND(c[D_CBC_CAST][j]); count++) 1396 CAST_cbc_encrypt(buf, buf, 1397 (unsigned long) lengths[j], &cast_ks, 1398 iv, CAST_ENCRYPT); 1399 d = Time_F(STOP); 1400 print_result(D_CBC_CAST, j, count, d); 1401 } 1402 } 1403 #endif 1404 1405 if (doit[D_EVP]) { 1406 for (j = 0; j < SIZE_NUM; j++) { 1407 if (evp_cipher) { 1408 EVP_CIPHER_CTX ctx; 1409 int outl; 1410 1411 names[D_EVP] = OBJ_nid2ln(evp_cipher->nid); 1412 /* 1413 * -O3 -fschedule-insns messes up an 1414 * optimization here! names[D_EVP] somehow 1415 * becomes NULL 1416 */ 1417 print_message(names[D_EVP], save_count, 1418 lengths[j]); 1419 1420 EVP_CIPHER_CTX_init(&ctx); 1421 if (decrypt) 1422 EVP_DecryptInit_ex(&ctx, evp_cipher, NULL, key16, iv); 1423 else 1424 EVP_EncryptInit_ex(&ctx, evp_cipher, NULL, key16, iv); 1425 EVP_CIPHER_CTX_set_padding(&ctx, 0); 1426 1427 Time_F(START); 1428 if (decrypt) 1429 for (count = 0, run = 1; COND(save_count * 4 * lengths[0] / lengths[j]); count++) 1430 EVP_DecryptUpdate(&ctx, buf, &outl, buf, lengths[j]); 1431 else 1432 for (count = 0, run = 1; COND(save_count * 4 * lengths[0] / lengths[j]); count++) 1433 EVP_EncryptUpdate(&ctx, buf, &outl, buf, lengths[j]); 1434 if (decrypt) 1435 EVP_DecryptFinal_ex(&ctx, buf, &outl); 1436 else 1437 EVP_EncryptFinal_ex(&ctx, buf, &outl); 1438 d = Time_F(STOP); 1439 EVP_CIPHER_CTX_cleanup(&ctx); 1440 } 1441 if (evp_md) { 1442 names[D_EVP] = OBJ_nid2ln(evp_md->type); 1443 print_message(names[D_EVP], save_count, 1444 lengths[j]); 1445 1446 Time_F(START); 1447 for (count = 0, run = 1; COND(save_count * 4 * lengths[0] / lengths[j]); count++) 1448 EVP_Digest(buf, lengths[j], &(md[0]), NULL, evp_md, NULL); 1449 1450 d = Time_F(STOP); 1451 } 1452 print_result(D_EVP, j, count, d); 1453 } 1454 } 1455 arc4random_buf(buf, 36); 1456 for (j = 0; j < RSA_NUM; j++) { 1457 int ret; 1458 if (!rsa_doit[j]) 1459 continue; 1460 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, &rsa_num, rsa_key[j]); 1461 if (ret == 0) { 1462 BIO_printf(bio_err, "RSA sign failure. No RSA sign will be done.\n"); 1463 ERR_print_errors(bio_err); 1464 rsa_count = 1; 1465 } else { 1466 pkey_print_message("private", "rsa", 1467 rsa_c[j][0], rsa_bits[j], 1468 RSA_SECONDS); 1469 /* RSA_blinding_on(rsa_key[j],NULL); */ 1470 Time_F(START); 1471 for (count = 0, run = 1; COND(rsa_c[j][0]); count++) { 1472 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, 1473 &rsa_num, rsa_key[j]); 1474 if (ret == 0) { 1475 BIO_printf(bio_err, 1476 "RSA sign failure\n"); 1477 ERR_print_errors(bio_err); 1478 count = 1; 1479 break; 1480 } 1481 } 1482 d = Time_F(STOP); 1483 BIO_printf(bio_err, mr ? "+R1:%ld:%d:%.2f\n" 1484 : "%ld %d bit private RSA's in %.2fs\n", 1485 count, rsa_bits[j], d); 1486 rsa_results[j][0] = d / (double) count; 1487 rsa_count = count; 1488 } 1489 1490 ret = RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[j]); 1491 if (ret <= 0) { 1492 BIO_printf(bio_err, "RSA verify failure. No RSA verify will be done.\n"); 1493 ERR_print_errors(bio_err); 1494 rsa_doit[j] = 0; 1495 } else { 1496 pkey_print_message("public", "rsa", 1497 rsa_c[j][1], rsa_bits[j], 1498 RSA_SECONDS); 1499 Time_F(START); 1500 for (count = 0, run = 1; COND(rsa_c[j][1]); count++) { 1501 ret = RSA_verify(NID_md5_sha1, buf, 36, buf2, 1502 rsa_num, rsa_key[j]); 1503 if (ret <= 0) { 1504 BIO_printf(bio_err, 1505 "RSA verify failure\n"); 1506 ERR_print_errors(bio_err); 1507 count = 1; 1508 break; 1509 } 1510 } 1511 d = Time_F(STOP); 1512 BIO_printf(bio_err, mr ? "+R2:%ld:%d:%.2f\n" 1513 : "%ld %d bit public RSA's in %.2fs\n", 1514 count, rsa_bits[j], d); 1515 rsa_results[j][1] = d / (double) count; 1516 } 1517 1518 if (rsa_count <= 1) { 1519 /* if longer than 10s, don't do any more */ 1520 for (j++; j < RSA_NUM; j++) 1521 rsa_doit[j] = 0; 1522 } 1523 } 1524 1525 arc4random_buf(buf, 20); 1526 for (j = 0; j < DSA_NUM; j++) { 1527 unsigned int kk; 1528 int ret; 1529 1530 if (!dsa_doit[j]) 1531 continue; 1532 /* DSA_generate_key(dsa_key[j]); */ 1533 /* DSA_sign_setup(dsa_key[j],NULL); */ 1534 ret = DSA_sign(EVP_PKEY_DSA, buf, 20, buf2, 1535 &kk, dsa_key[j]); 1536 if (ret == 0) { 1537 BIO_printf(bio_err, "DSA sign failure. No DSA sign will be done.\n"); 1538 ERR_print_errors(bio_err); 1539 rsa_count = 1; 1540 } else { 1541 pkey_print_message("sign", "dsa", 1542 dsa_c[j][0], dsa_bits[j], 1543 DSA_SECONDS); 1544 Time_F(START); 1545 for (count = 0, run = 1; COND(dsa_c[j][0]); count++) { 1546 ret = DSA_sign(EVP_PKEY_DSA, buf, 20, buf2, 1547 &kk, dsa_key[j]); 1548 if (ret == 0) { 1549 BIO_printf(bio_err, 1550 "DSA sign failure\n"); 1551 ERR_print_errors(bio_err); 1552 count = 1; 1553 break; 1554 } 1555 } 1556 d = Time_F(STOP); 1557 BIO_printf(bio_err, mr ? "+R3:%ld:%d:%.2f\n" 1558 : "%ld %d bit DSA signs in %.2fs\n", 1559 count, dsa_bits[j], d); 1560 dsa_results[j][0] = d / (double) count; 1561 rsa_count = count; 1562 } 1563 1564 ret = DSA_verify(EVP_PKEY_DSA, buf, 20, buf2, 1565 kk, dsa_key[j]); 1566 if (ret <= 0) { 1567 BIO_printf(bio_err, "DSA verify failure. No DSA verify will be done.\n"); 1568 ERR_print_errors(bio_err); 1569 dsa_doit[j] = 0; 1570 } else { 1571 pkey_print_message("verify", "dsa", 1572 dsa_c[j][1], dsa_bits[j], 1573 DSA_SECONDS); 1574 Time_F(START); 1575 for (count = 0, run = 1; COND(dsa_c[j][1]); count++) { 1576 ret = DSA_verify(EVP_PKEY_DSA, buf, 20, buf2, 1577 kk, dsa_key[j]); 1578 if (ret <= 0) { 1579 BIO_printf(bio_err, 1580 "DSA verify failure\n"); 1581 ERR_print_errors(bio_err); 1582 count = 1; 1583 break; 1584 } 1585 } 1586 d = Time_F(STOP); 1587 BIO_printf(bio_err, mr ? "+R4:%ld:%d:%.2f\n" 1588 : "%ld %d bit DSA verify in %.2fs\n", 1589 count, dsa_bits[j], d); 1590 dsa_results[j][1] = d / (double) count; 1591 } 1592 1593 if (rsa_count <= 1) { 1594 /* if longer than 10s, don't do any more */ 1595 for (j++; j < DSA_NUM; j++) 1596 dsa_doit[j] = 0; 1597 } 1598 } 1599 1600 for (j = 0; j < EC_NUM; j++) { 1601 int ret; 1602 1603 if (!ecdsa_doit[j]) 1604 continue; /* Ignore Curve */ 1605 ecdsa[j] = EC_KEY_new_by_curve_name(test_curves[j]); 1606 if (ecdsa[j] == NULL) { 1607 BIO_printf(bio_err, "ECDSA failure.\n"); 1608 ERR_print_errors(bio_err); 1609 rsa_count = 1; 1610 } else { 1611 EC_KEY_precompute_mult(ecdsa[j], NULL); 1612 1613 /* Perform ECDSA signature test */ 1614 EC_KEY_generate_key(ecdsa[j]); 1615 ret = ECDSA_sign(0, buf, 20, ecdsasig, 1616 &ecdsasiglen, ecdsa[j]); 1617 if (ret == 0) { 1618 BIO_printf(bio_err, "ECDSA sign failure. No ECDSA sign will be done.\n"); 1619 ERR_print_errors(bio_err); 1620 rsa_count = 1; 1621 } else { 1622 pkey_print_message("sign", "ecdsa", 1623 ecdsa_c[j][0], 1624 test_curves_bits[j], 1625 ECDSA_SECONDS); 1626 1627 Time_F(START); 1628 for (count = 0, run = 1; COND(ecdsa_c[j][0]); 1629 count++) { 1630 ret = ECDSA_sign(0, buf, 20, 1631 ecdsasig, &ecdsasiglen, 1632 ecdsa[j]); 1633 if (ret == 0) { 1634 BIO_printf(bio_err, "ECDSA sign failure\n"); 1635 ERR_print_errors(bio_err); 1636 count = 1; 1637 break; 1638 } 1639 } 1640 d = Time_F(STOP); 1641 1642 BIO_printf(bio_err, mr ? "+R5:%ld:%d:%.2f\n" : 1643 "%ld %d bit ECDSA signs in %.2fs \n", 1644 count, test_curves_bits[j], d); 1645 ecdsa_results[j][0] = d / (double) count; 1646 rsa_count = count; 1647 } 1648 1649 /* Perform ECDSA verification test */ 1650 ret = ECDSA_verify(0, buf, 20, ecdsasig, 1651 ecdsasiglen, ecdsa[j]); 1652 if (ret != 1) { 1653 BIO_printf(bio_err, "ECDSA verify failure. No ECDSA verify will be done.\n"); 1654 ERR_print_errors(bio_err); 1655 ecdsa_doit[j] = 0; 1656 } else { 1657 pkey_print_message("verify", "ecdsa", 1658 ecdsa_c[j][1], 1659 test_curves_bits[j], 1660 ECDSA_SECONDS); 1661 Time_F(START); 1662 for (count = 0, run = 1; COND(ecdsa_c[j][1]); count++) { 1663 ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[j]); 1664 if (ret != 1) { 1665 BIO_printf(bio_err, "ECDSA verify failure\n"); 1666 ERR_print_errors(bio_err); 1667 count = 1; 1668 break; 1669 } 1670 } 1671 d = Time_F(STOP); 1672 BIO_printf(bio_err, mr ? "+R6:%ld:%d:%.2f\n" 1673 : "%ld %d bit ECDSA verify in %.2fs\n", 1674 count, test_curves_bits[j], d); 1675 ecdsa_results[j][1] = d / (double) count; 1676 } 1677 1678 if (rsa_count <= 1) { 1679 /* if longer than 10s, don't do any more */ 1680 for (j++; j < EC_NUM; j++) 1681 ecdsa_doit[j] = 0; 1682 } 1683 } 1684 } 1685 1686 for (j = 0; j < EC_NUM; j++) { 1687 if (!ecdh_doit[j]) 1688 continue; 1689 ecdh_a[j] = EC_KEY_new_by_curve_name(test_curves[j]); 1690 ecdh_b[j] = EC_KEY_new_by_curve_name(test_curves[j]); 1691 if ((ecdh_a[j] == NULL) || (ecdh_b[j] == NULL)) { 1692 BIO_printf(bio_err, "ECDH failure.\n"); 1693 ERR_print_errors(bio_err); 1694 rsa_count = 1; 1695 } else { 1696 /* generate two ECDH key pairs */ 1697 if (!EC_KEY_generate_key(ecdh_a[j]) || 1698 !EC_KEY_generate_key(ecdh_b[j])) { 1699 BIO_printf(bio_err, "ECDH key generation failure.\n"); 1700 ERR_print_errors(bio_err); 1701 rsa_count = 1; 1702 } else { 1703 /* 1704 * If field size is not more than 24 octets, 1705 * then use SHA-1 hash of result; otherwise, 1706 * use result (see section 4.8 of 1707 * draft-ietf-tls-ecc-03.txt). 1708 */ 1709 int field_size, outlen; 1710 void *(*kdf) (const void *in, size_t inlen, void *out, size_t * xoutlen); 1711 field_size = EC_GROUP_get_degree(EC_KEY_get0_group(ecdh_a[j])); 1712 if (field_size <= 24 * 8) { 1713 outlen = KDF1_SHA1_len; 1714 kdf = KDF1_SHA1; 1715 } else { 1716 outlen = (field_size + 7) / 8; 1717 kdf = NULL; 1718 } 1719 secret_size_a = ECDH_compute_key(secret_a, outlen, 1720 EC_KEY_get0_public_key(ecdh_b[j]), 1721 ecdh_a[j], kdf); 1722 secret_size_b = ECDH_compute_key(secret_b, outlen, 1723 EC_KEY_get0_public_key(ecdh_a[j]), 1724 ecdh_b[j], kdf); 1725 if (secret_size_a != secret_size_b) 1726 ecdh_checks = 0; 1727 else 1728 ecdh_checks = 1; 1729 1730 for (secret_idx = 0; 1731 (secret_idx < secret_size_a) 1732 && (ecdh_checks == 1); 1733 secret_idx++) { 1734 if (secret_a[secret_idx] != secret_b[secret_idx]) 1735 ecdh_checks = 0; 1736 } 1737 1738 if (ecdh_checks == 0) { 1739 BIO_printf(bio_err, 1740 "ECDH computations don't match.\n"); 1741 ERR_print_errors(bio_err); 1742 rsa_count = 1; 1743 } else { 1744 pkey_print_message("", "ecdh", 1745 ecdh_c[j][0], 1746 test_curves_bits[j], 1747 ECDH_SECONDS); 1748 Time_F(START); 1749 for (count = 0, run = 1; 1750 COND(ecdh_c[j][0]); count++) { 1751 ECDH_compute_key(secret_a, 1752 outlen, 1753 EC_KEY_get0_public_key(ecdh_b[j]), 1754 ecdh_a[j], kdf); 1755 } 1756 d = Time_F(STOP); 1757 BIO_printf(bio_err, mr 1758 ? "+R7:%ld:%d:%.2f\n" 1759 : "%ld %d-bit ECDH ops in %.2fs\n", 1760 count, test_curves_bits[j], d); 1761 ecdh_results[j][0] = d / (double) count; 1762 rsa_count = count; 1763 } 1764 } 1765 } 1766 1767 1768 if (rsa_count <= 1) { 1769 /* if longer than 10s, don't do any more */ 1770 for (j++; j < EC_NUM; j++) 1771 ecdh_doit[j] = 0; 1772 } 1773 } 1774 show_res: 1775 if (!mr) { 1776 fprintf(stdout, "%s\n", SSLeay_version(SSLEAY_VERSION)); 1777 fprintf(stdout, "%s\n", SSLeay_version(SSLEAY_BUILT_ON)); 1778 printf("options:"); 1779 printf("%s ", BN_options()); 1780 #ifndef OPENSSL_NO_RC4 1781 printf("%s ", RC4_options()); 1782 #endif 1783 #ifndef OPENSSL_NO_DES 1784 printf("%s ", DES_options()); 1785 #endif 1786 #ifndef OPENSSL_NO_AES 1787 printf("%s ", AES_options()); 1788 #endif 1789 #ifndef OPENSSL_NO_IDEA 1790 printf("%s ", idea_options()); 1791 #endif 1792 #ifndef OPENSSL_NO_BF 1793 printf("%s ", BF_options()); 1794 #endif 1795 fprintf(stdout, "\n%s\n", SSLeay_version(SSLEAY_CFLAGS)); 1796 } 1797 if (pr_header) { 1798 if (mr) 1799 fprintf(stdout, "+H"); 1800 else { 1801 fprintf(stdout, "The 'numbers' are in 1000s of bytes per second processed.\n"); 1802 fprintf(stdout, "type "); 1803 } 1804 for (j = 0; j < SIZE_NUM; j++) 1805 fprintf(stdout, mr ? ":%d" : "%7d bytes", lengths[j]); 1806 fprintf(stdout, "\n"); 1807 } 1808 for (k = 0; k < ALGOR_NUM; k++) { 1809 if (!doit[k]) 1810 continue; 1811 if (mr) 1812 fprintf(stdout, "+F:%d:%s", k, names[k]); 1813 else 1814 fprintf(stdout, "%-13s", names[k]); 1815 for (j = 0; j < SIZE_NUM; j++) { 1816 if (results[k][j] > 10000 && !mr) 1817 fprintf(stdout, " %11.2fk", results[k][j] / 1e3); 1818 else 1819 fprintf(stdout, mr ? ":%.2f" : " %11.2f ", results[k][j]); 1820 } 1821 fprintf(stdout, "\n"); 1822 } 1823 j = 1; 1824 for (k = 0; k < RSA_NUM; k++) { 1825 if (!rsa_doit[k]) 1826 continue; 1827 if (j && !mr) { 1828 printf("%18ssign verify sign/s verify/s\n", " "); 1829 j = 0; 1830 } 1831 if (mr) 1832 fprintf(stdout, "+F2:%u:%u:%f:%f\n", 1833 k, rsa_bits[k], rsa_results[k][0], 1834 rsa_results[k][1]); 1835 else 1836 fprintf(stdout, "rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n", 1837 rsa_bits[k], rsa_results[k][0], rsa_results[k][1], 1838 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1]); 1839 } 1840 j = 1; 1841 for (k = 0; k < DSA_NUM; k++) { 1842 if (!dsa_doit[k]) 1843 continue; 1844 if (j && !mr) { 1845 printf("%18ssign verify sign/s verify/s\n", " "); 1846 j = 0; 1847 } 1848 if (mr) 1849 fprintf(stdout, "+F3:%u:%u:%f:%f\n", 1850 k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]); 1851 else 1852 fprintf(stdout, "dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n", 1853 dsa_bits[k], dsa_results[k][0], dsa_results[k][1], 1854 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1]); 1855 } 1856 j = 1; 1857 for (k = 0; k < EC_NUM; k++) { 1858 if (!ecdsa_doit[k]) 1859 continue; 1860 if (j && !mr) { 1861 printf("%30ssign verify sign/s verify/s\n", " "); 1862 j = 0; 1863 } 1864 if (mr) 1865 fprintf(stdout, "+F4:%u:%u:%f:%f\n", 1866 k, test_curves_bits[k], 1867 ecdsa_results[k][0], ecdsa_results[k][1]); 1868 else 1869 fprintf(stdout, 1870 "%4u bit ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n", 1871 test_curves_bits[k], 1872 test_curves_names[k], 1873 ecdsa_results[k][0], ecdsa_results[k][1], 1874 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1]); 1875 } 1876 1877 1878 j = 1; 1879 for (k = 0; k < EC_NUM; k++) { 1880 if (!ecdh_doit[k]) 1881 continue; 1882 if (j && !mr) { 1883 printf("%30sop op/s\n", " "); 1884 j = 0; 1885 } 1886 if (mr) 1887 fprintf(stdout, "+F5:%u:%u:%f:%f\n", 1888 k, test_curves_bits[k], 1889 ecdh_results[k][0], 1.0 / ecdh_results[k][0]); 1890 1891 else 1892 fprintf(stdout, "%4u bit ecdh (%s) %8.4fs %8.1f\n", 1893 test_curves_bits[k], 1894 test_curves_names[k], 1895 ecdh_results[k][0], 1.0 / ecdh_results[k][0]); 1896 } 1897 1898 mret = 0; 1899 1900 end: 1901 ERR_print_errors(bio_err); 1902 free(buf); 1903 free(buf2); 1904 for (i = 0; i < RSA_NUM; i++) 1905 if (rsa_key[i] != NULL) 1906 RSA_free(rsa_key[i]); 1907 for (i = 0; i < DSA_NUM; i++) 1908 if (dsa_key[i] != NULL) 1909 DSA_free(dsa_key[i]); 1910 1911 for (i = 0; i < EC_NUM; i++) 1912 if (ecdsa[i] != NULL) 1913 EC_KEY_free(ecdsa[i]); 1914 for (i = 0; i < EC_NUM; i++) { 1915 if (ecdh_a[i] != NULL) 1916 EC_KEY_free(ecdh_a[i]); 1917 if (ecdh_b[i] != NULL) 1918 EC_KEY_free(ecdh_b[i]); 1919 } 1920 1921 1922 return (mret); 1923 } 1924 1925 static void 1926 print_message(const char *s, long num, int length) 1927 { 1928 BIO_printf(bio_err, mr ? "+DT:%s:%d:%d\n" 1929 : "Doing %s for %ds on %d size blocks: ", s, SECONDS, length); 1930 (void) BIO_flush(bio_err); 1931 alarm(SECONDS); 1932 } 1933 1934 static void 1935 pkey_print_message(const char *str, const char *str2, long num, 1936 int bits, int tm) 1937 { 1938 BIO_printf(bio_err, mr ? "+DTP:%d:%s:%s:%d\n" 1939 : "Doing %d bit %s %s's for %ds: ", bits, str, str2, tm); 1940 (void) BIO_flush(bio_err); 1941 alarm(tm); 1942 } 1943 1944 static void 1945 print_result(int alg, int run_no, int count, double time_used) 1946 { 1947 BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n" 1948 : "%d %s's in %.2fs\n", count, names[alg], time_used); 1949 results[alg][run_no] = ((double) count) / time_used * lengths[run_no]; 1950 } 1951 1952 static char * 1953 sstrsep(char **string, const char *delim) 1954 { 1955 char isdelim[256]; 1956 char *token = *string; 1957 1958 if (**string == 0) 1959 return NULL; 1960 1961 memset(isdelim, 0, sizeof isdelim); 1962 isdelim[0] = 1; 1963 1964 while (*delim) { 1965 isdelim[(unsigned char) (*delim)] = 1; 1966 delim++; 1967 } 1968 1969 while (!isdelim[(unsigned char) (**string)]) { 1970 (*string)++; 1971 } 1972 1973 if (**string) { 1974 **string = 0; 1975 (*string)++; 1976 } 1977 return token; 1978 } 1979 1980 static int 1981 do_multi(int multi) 1982 { 1983 int n; 1984 int fd[2]; 1985 int *fds; 1986 static char sep[] = ":"; 1987 const char *errstr = NULL; 1988 1989 fds = reallocarray(NULL, multi, sizeof *fds); 1990 if (fds == NULL) { 1991 fprintf(stderr, "reallocarray failure\n"); 1992 exit(1); 1993 } 1994 for (n = 0; n < multi; ++n) { 1995 if (pipe(fd) == -1) { 1996 fprintf(stderr, "pipe failure\n"); 1997 exit(1); 1998 } 1999 fflush(stdout); 2000 fflush(stderr); 2001 if (fork()) { 2002 close(fd[1]); 2003 fds[n] = fd[0]; 2004 } else { 2005 close(fd[0]); 2006 close(1); 2007 if (dup(fd[1]) == -1) { 2008 fprintf(stderr, "dup failed\n"); 2009 exit(1); 2010 } 2011 close(fd[1]); 2012 mr = 1; 2013 usertime = 0; 2014 free(fds); 2015 return 0; 2016 } 2017 printf("Forked child %d\n", n); 2018 } 2019 2020 /* for now, assume the pipe is long enough to take all the output */ 2021 for (n = 0; n < multi; ++n) { 2022 FILE *f; 2023 char buf[1024]; 2024 char *p; 2025 2026 f = fdopen(fds[n], "r"); 2027 while (fgets(buf, sizeof buf, f)) { 2028 p = strchr(buf, '\n'); 2029 if (p) 2030 *p = '\0'; 2031 if (buf[0] != '+') { 2032 fprintf(stderr, "Don't understand line '%s' from child %d\n", 2033 buf, n); 2034 continue; 2035 } 2036 printf("Got: %s from %d\n", buf, n); 2037 if (!strncmp(buf, "+F:", 3)) { 2038 int alg; 2039 int j; 2040 2041 p = buf + 3; 2042 alg = strtonum(sstrsep(&p, sep), 2043 0, ALGOR_NUM - 1, &errstr); 2044 sstrsep(&p, sep); 2045 for (j = 0; j < SIZE_NUM; ++j) 2046 results[alg][j] += atof(sstrsep(&p, sep)); 2047 } else if (!strncmp(buf, "+F2:", 4)) { 2048 int k; 2049 double d; 2050 2051 p = buf + 4; 2052 k = strtonum(sstrsep(&p, sep), 2053 0, ALGOR_NUM - 1, &errstr); 2054 sstrsep(&p, sep); 2055 2056 d = atof(sstrsep(&p, sep)); 2057 if (n) 2058 rsa_results[k][0] = 1 / (1 / rsa_results[k][0] + 1 / d); 2059 else 2060 rsa_results[k][0] = d; 2061 2062 d = atof(sstrsep(&p, sep)); 2063 if (n) 2064 rsa_results[k][1] = 1 / (1 / rsa_results[k][1] + 1 / d); 2065 else 2066 rsa_results[k][1] = d; 2067 } else if (!strncmp(buf, "+F2:", 4)) { 2068 int k; 2069 double d; 2070 2071 p = buf + 4; 2072 k = strtonum(sstrsep(&p, sep), 2073 0, ALGOR_NUM - 1, &errstr); 2074 sstrsep(&p, sep); 2075 2076 d = atof(sstrsep(&p, sep)); 2077 if (n) 2078 rsa_results[k][0] = 1 / (1 / rsa_results[k][0] + 1 / d); 2079 else 2080 rsa_results[k][0] = d; 2081 2082 d = atof(sstrsep(&p, sep)); 2083 if (n) 2084 rsa_results[k][1] = 1 / (1 / rsa_results[k][1] + 1 / d); 2085 else 2086 rsa_results[k][1] = d; 2087 } 2088 else if (!strncmp(buf, "+F3:", 4)) { 2089 int k; 2090 double d; 2091 2092 p = buf + 4; 2093 k = strtonum(sstrsep(&p, sep), 2094 0, ALGOR_NUM - 1, &errstr); 2095 sstrsep(&p, sep); 2096 2097 d = atof(sstrsep(&p, sep)); 2098 if (n) 2099 dsa_results[k][0] = 1 / (1 / dsa_results[k][0] + 1 / d); 2100 else 2101 dsa_results[k][0] = d; 2102 2103 d = atof(sstrsep(&p, sep)); 2104 if (n) 2105 dsa_results[k][1] = 1 / (1 / dsa_results[k][1] + 1 / d); 2106 else 2107 dsa_results[k][1] = d; 2108 } 2109 else if (!strncmp(buf, "+F4:", 4)) { 2110 int k; 2111 double d; 2112 2113 p = buf + 4; 2114 k = strtonum(sstrsep(&p, sep), 2115 0, ALGOR_NUM - 1, &errstr); 2116 sstrsep(&p, sep); 2117 2118 d = atof(sstrsep(&p, sep)); 2119 if (n) 2120 ecdsa_results[k][0] = 1 / (1 / ecdsa_results[k][0] + 1 / d); 2121 else 2122 ecdsa_results[k][0] = d; 2123 2124 d = atof(sstrsep(&p, sep)); 2125 if (n) 2126 ecdsa_results[k][1] = 1 / (1 / ecdsa_results[k][1] + 1 / d); 2127 else 2128 ecdsa_results[k][1] = d; 2129 } 2130 2131 else if (!strncmp(buf, "+F5:", 4)) { 2132 int k; 2133 double d; 2134 2135 p = buf + 4; 2136 k = strtonum(sstrsep(&p, sep), 2137 0, ALGOR_NUM - 1, &errstr); 2138 sstrsep(&p, sep); 2139 2140 d = atof(sstrsep(&p, sep)); 2141 if (n) 2142 ecdh_results[k][0] = 1 / (1 / ecdh_results[k][0] + 1 / d); 2143 else 2144 ecdh_results[k][0] = d; 2145 2146 } 2147 2148 else if (!strncmp(buf, "+H:", 3)) { 2149 } else 2150 fprintf(stderr, "Unknown type '%s' from child %d\n", buf, n); 2151 } 2152 2153 fclose(f); 2154 } 2155 free(fds); 2156 return 1; 2157 } 2158 #endif 2159