1 /* $OpenBSD: speed.c,v 1.34 2023/07/27 07:01:50 tb Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 /* ==================================================================== 59 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 60 * 61 * Portions of the attached software ("Contribution") are developed by 62 * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. 63 * 64 * The Contribution is licensed pursuant to the OpenSSL open source 65 * license provided above. 66 * 67 * The ECDH and ECDSA speed test software is originally written by 68 * Sumit Gupta of Sun Microsystems Laboratories. 69 * 70 */ 71 72 /* most of this code has been pilfered from my libdes speed.c program */ 73 74 #ifndef OPENSSL_NO_SPEED 75 76 #define SECONDS 3 77 #define RSA_SECONDS 10 78 #define DSA_SECONDS 10 79 #define ECDSA_SECONDS 10 80 #define ECDH_SECONDS 10 81 82 #define MAX_UNALIGN 16 83 84 #include <math.h> 85 #include <signal.h> 86 #include <stdio.h> 87 #include <stdlib.h> 88 #include <limits.h> 89 #include <string.h> 90 #include <unistd.h> 91 92 #include "apps.h" 93 94 #include <openssl/bn.h> 95 #include <openssl/crypto.h> 96 #include <openssl/err.h> 97 #include <openssl/evp.h> 98 #include <openssl/modes.h> 99 #include <openssl/objects.h> 100 #include <openssl/x509.h> 101 102 #ifndef OPENSSL_NO_AES 103 #include <openssl/aes.h> 104 #endif 105 #ifndef OPENSSL_NO_BF 106 #include <openssl/blowfish.h> 107 #endif 108 #ifndef OPENSSL_NO_CAST 109 #include <openssl/cast.h> 110 #endif 111 #ifndef OPENSSL_NO_CAMELLIA 112 #include <openssl/camellia.h> 113 #endif 114 #ifndef OPENSSL_NO_DES 115 #include <openssl/des.h> 116 #endif 117 #include <openssl/dsa.h> 118 #include <openssl/ecdh.h> 119 #include <openssl/ecdsa.h> 120 #ifndef OPENSSL_NO_HMAC 121 #include <openssl/hmac.h> 122 #endif 123 #ifndef OPENSSL_NO_IDEA 124 #include <openssl/idea.h> 125 #endif 126 #ifndef OPENSSL_NO_MD4 127 #include <openssl/md4.h> 128 #endif 129 #ifndef OPENSSL_NO_MD5 130 #include <openssl/md5.h> 131 #endif 132 #ifndef OPENSSL_NO_RC2 133 #include <openssl/rc2.h> 134 #endif 135 #ifndef OPENSSL_NO_RC4 136 #include <openssl/rc4.h> 137 #endif 138 #include <openssl/rsa.h> 139 #ifndef OPENSSL_NO_RIPEMD 140 #include <openssl/ripemd.h> 141 #endif 142 #ifndef OPENSSL_NO_SHA 143 #include <openssl/sha.h> 144 #endif 145 #ifndef OPENSSL_NO_WHIRLPOOL 146 #include <openssl/whrlpool.h> 147 #endif 148 149 #include "./testdsa.h" 150 #include "./testrsa.h" 151 152 #define BUFSIZE (1024*8+64) 153 int run = 0; 154 155 static int mr = 0; 156 static int usertime = 1; 157 158 static double Time_F(int s); 159 static void print_message(const char *s, long num, int length); 160 static void 161 pkey_print_message(const char *str, const char *str2, 162 long num, int bits, int sec); 163 static void print_result(int alg, int run_no, int count, double time_used); 164 static int do_multi(int multi); 165 166 #define ALGOR_NUM 32 167 #define SIZE_NUM 5 168 #define RSA_NUM 4 169 #define DSA_NUM 3 170 171 #define EC_NUM 6 172 #define MAX_ECDH_SIZE 256 173 174 static const char *names[ALGOR_NUM] = { 175 "md2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", 176 "rc4", "des cbc", "des ede3", "idea cbc", "seed cbc", 177 "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc", 178 "aes-128 cbc", "aes-192 cbc", "aes-256 cbc", 179 "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc", 180 "evp", "sha256", "sha512", "whirlpool", 181 "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash", 182 "aes-128 gcm", "aes-256 gcm", "chacha20 poly1305", 183 }; 184 static double results[ALGOR_NUM][SIZE_NUM]; 185 static int lengths[SIZE_NUM] = {16, 64, 256, 1024, 8 * 1024}; 186 static double rsa_results[RSA_NUM][2]; 187 static double dsa_results[DSA_NUM][2]; 188 static double ecdsa_results[EC_NUM][2]; 189 static double ecdh_results[EC_NUM][1]; 190 191 static void sig_done(int sig); 192 193 static void 194 sig_done(int sig) 195 { 196 signal(SIGALRM, sig_done); 197 run = 0; 198 } 199 200 #define START TM_RESET 201 #define STOP TM_GET 202 203 204 static double 205 Time_F(int s) 206 { 207 if (usertime) 208 return app_timer_user(s); 209 else 210 return app_timer_real(s); 211 } 212 213 214 static const int KDF1_SHA1_len = 20; 215 static void * 216 KDF1_SHA1(const void *in, size_t inlen, void *out, size_t * outlen) 217 { 218 #ifndef OPENSSL_NO_SHA 219 if (*outlen < SHA_DIGEST_LENGTH) 220 return NULL; 221 else 222 *outlen = SHA_DIGEST_LENGTH; 223 return SHA1(in, inlen, out); 224 #else 225 return NULL; 226 #endif /* OPENSSL_NO_SHA */ 227 } 228 229 int 230 speed_main(int argc, char **argv) 231 { 232 unsigned char *real_buf = NULL, *real_buf2 = NULL; 233 unsigned char *buf = NULL, *buf2 = NULL; 234 size_t unaligned = 0; 235 int mret = 1; 236 long count = 0, save_count = 0; 237 int i, j, k; 238 long rsa_count; 239 unsigned rsa_num; 240 unsigned char md[EVP_MAX_MD_SIZE]; 241 #ifndef OPENSSL_NO_MD4 242 unsigned char md4[MD4_DIGEST_LENGTH]; 243 #endif 244 #ifndef OPENSSL_NO_MD5 245 unsigned char md5[MD5_DIGEST_LENGTH]; 246 unsigned char hmac[MD5_DIGEST_LENGTH]; 247 #endif 248 #ifndef OPENSSL_NO_SHA 249 unsigned char sha[SHA_DIGEST_LENGTH]; 250 #ifndef OPENSSL_NO_SHA256 251 unsigned char sha256[SHA256_DIGEST_LENGTH]; 252 #endif 253 #ifndef OPENSSL_NO_SHA512 254 unsigned char sha512[SHA512_DIGEST_LENGTH]; 255 #endif 256 #endif 257 #ifndef OPENSSL_NO_WHIRLPOOL 258 unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH]; 259 #endif 260 #ifndef OPENSSL_NO_RIPEMD 261 unsigned char rmd160[RIPEMD160_DIGEST_LENGTH]; 262 #endif 263 #ifndef OPENSSL_NO_RC4 264 RC4_KEY rc4_ks; 265 #endif 266 #ifndef OPENSSL_NO_RC2 267 RC2_KEY rc2_ks; 268 #endif 269 #ifndef OPENSSL_NO_IDEA 270 IDEA_KEY_SCHEDULE idea_ks; 271 #endif 272 #ifndef OPENSSL_NO_BF 273 BF_KEY bf_ks; 274 #endif 275 #ifndef OPENSSL_NO_CAST 276 CAST_KEY cast_ks; 277 #endif 278 static const unsigned char key16[16] = 279 {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 280 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12}; 281 #ifndef OPENSSL_NO_AES 282 static const unsigned char key24[24] = 283 {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 284 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 285 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34}; 286 static const unsigned char key32[32] = 287 {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 288 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 289 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 290 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56}; 291 #endif 292 #ifndef OPENSSL_NO_CAMELLIA 293 static const unsigned char ckey24[24] = 294 {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 295 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 296 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34}; 297 static const unsigned char ckey32[32] = 298 {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 299 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 300 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 301 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56}; 302 #endif 303 #ifndef OPENSSL_NO_AES 304 #define MAX_BLOCK_SIZE 128 305 #else 306 #define MAX_BLOCK_SIZE 64 307 #endif 308 unsigned char DES_iv[8]; 309 unsigned char iv[2 * MAX_BLOCK_SIZE / 8]; 310 #ifndef OPENSSL_NO_DES 311 static DES_cblock key = {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0}; 312 static DES_cblock key2 = {0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12}; 313 static DES_cblock key3 = {0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34}; 314 DES_key_schedule sch; 315 DES_key_schedule sch2; 316 DES_key_schedule sch3; 317 #endif 318 #ifndef OPENSSL_NO_AES 319 AES_KEY aes_ks1, aes_ks2, aes_ks3; 320 #endif 321 #ifndef OPENSSL_NO_CAMELLIA 322 CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3; 323 #endif 324 #define D_MD2 0 325 #define D_MD4 1 326 #define D_MD5 2 327 #define D_HMAC 3 328 #define D_SHA1 4 329 #define D_RMD160 5 330 #define D_RC4 6 331 #define D_CBC_DES 7 332 #define D_EDE3_DES 8 333 #define D_CBC_IDEA 9 334 #define D_CBC_SEED 10 335 #define D_CBC_RC2 11 336 #define D_CBC_RC5 12 337 #define D_CBC_BF 13 338 #define D_CBC_CAST 14 339 #define D_CBC_128_AES 15 340 #define D_CBC_192_AES 16 341 #define D_CBC_256_AES 17 342 #define D_CBC_128_CML 18 343 #define D_CBC_192_CML 19 344 #define D_CBC_256_CML 20 345 #define D_EVP 21 346 #define D_SHA256 22 347 #define D_SHA512 23 348 #define D_WHIRLPOOL 24 349 #define D_IGE_128_AES 25 350 #define D_IGE_192_AES 26 351 #define D_IGE_256_AES 27 352 #define D_GHASH 28 353 #define D_AES_128_GCM 29 354 #define D_AES_256_GCM 30 355 #define D_CHACHA20_POLY1305 31 356 double d = 0.0; 357 long c[ALGOR_NUM][SIZE_NUM]; 358 #define R_DSA_512 0 359 #define R_DSA_1024 1 360 #define R_DSA_2048 2 361 #define R_RSA_512 0 362 #define R_RSA_1024 1 363 #define R_RSA_2048 2 364 #define R_RSA_4096 3 365 366 #define R_EC_P160 0 367 #define R_EC_P192 1 368 #define R_EC_P224 2 369 #define R_EC_P256 3 370 #define R_EC_P384 4 371 #define R_EC_P521 5 372 373 RSA *rsa_key[RSA_NUM]; 374 long rsa_c[RSA_NUM][2]; 375 static unsigned int rsa_bits[RSA_NUM] = {512, 1024, 2048, 4096}; 376 static unsigned char *rsa_data[RSA_NUM] = 377 {test512, test1024, test2048, test4096}; 378 static int rsa_data_length[RSA_NUM] = { 379 sizeof(test512), sizeof(test1024), 380 sizeof(test2048), sizeof(test4096)}; 381 DSA *dsa_key[DSA_NUM]; 382 long dsa_c[DSA_NUM][2]; 383 static unsigned int dsa_bits[DSA_NUM] = {512, 1024, 2048}; 384 #ifndef OPENSSL_NO_EC 385 /* 386 * We only test over the following curves as they are representative, 387 * To add tests over more curves, simply add the curve NID and curve 388 * name to the following arrays and increase the EC_NUM value 389 * accordingly. 390 */ 391 static unsigned int test_curves[EC_NUM] = { 392 NID_secp160r1, 393 NID_X9_62_prime192v1, 394 NID_secp224r1, 395 NID_X9_62_prime256v1, 396 NID_secp384r1, 397 NID_secp521r1, 398 }; 399 static const char *test_curves_names[EC_NUM] = { 400 "secp160r1", 401 "nistp192", 402 "nistp224", 403 "nistp256", 404 "nistp384", 405 "nistp521", 406 }; 407 static int test_curves_bits[EC_NUM] = { 408 160, 192, 224, 256, 384, 521, 409 }; 410 411 #endif 412 413 unsigned char ecdsasig[256]; 414 unsigned int ecdsasiglen; 415 EC_KEY *ecdsa[EC_NUM]; 416 long ecdsa_c[EC_NUM][2]; 417 418 EC_KEY *ecdh_a[EC_NUM], *ecdh_b[EC_NUM]; 419 unsigned char secret_a[MAX_ECDH_SIZE], secret_b[MAX_ECDH_SIZE]; 420 int secret_size_a, secret_size_b; 421 int ecdh_checks = 0; 422 int secret_idx = 0; 423 long ecdh_c[EC_NUM][2]; 424 425 int rsa_doit[RSA_NUM]; 426 int dsa_doit[DSA_NUM]; 427 int ecdsa_doit[EC_NUM]; 428 int ecdh_doit[EC_NUM]; 429 int doit[ALGOR_NUM]; 430 int pr_header = 0; 431 const EVP_CIPHER *evp_cipher = NULL; 432 const EVP_MD *evp_md = NULL; 433 int decrypt = 0; 434 int multi = 0; 435 const char *errstr = NULL; 436 437 if (pledge("stdio proc", NULL) == -1) { 438 perror("pledge"); 439 exit(1); 440 } 441 442 usertime = -1; 443 444 memset(results, 0, sizeof(results)); 445 memset(dsa_key, 0, sizeof(dsa_key)); 446 for (i = 0; i < EC_NUM; i++) 447 ecdsa[i] = NULL; 448 for (i = 0; i < EC_NUM; i++) { 449 ecdh_a[i] = NULL; 450 ecdh_b[i] = NULL; 451 } 452 453 memset(rsa_key, 0, sizeof(rsa_key)); 454 for (i = 0; i < RSA_NUM; i++) 455 rsa_key[i] = NULL; 456 457 if ((buf = real_buf = malloc(BUFSIZE + MAX_UNALIGN)) == NULL) { 458 BIO_printf(bio_err, "out of memory\n"); 459 goto end; 460 } 461 if ((buf2 = real_buf2 = malloc(BUFSIZE + MAX_UNALIGN)) == NULL) { 462 BIO_printf(bio_err, "out of memory\n"); 463 goto end; 464 } 465 memset(c, 0, sizeof(c)); 466 memset(DES_iv, 0, sizeof(DES_iv)); 467 memset(iv, 0, sizeof(iv)); 468 469 for (i = 0; i < ALGOR_NUM; i++) 470 doit[i] = 0; 471 for (i = 0; i < RSA_NUM; i++) 472 rsa_doit[i] = 0; 473 for (i = 0; i < DSA_NUM; i++) 474 dsa_doit[i] = 0; 475 for (i = 0; i < EC_NUM; i++) 476 ecdsa_doit[i] = 0; 477 for (i = 0; i < EC_NUM; i++) 478 ecdh_doit[i] = 0; 479 480 481 j = 0; 482 argc--; 483 argv++; 484 while (argc) { 485 if (argc > 0 && strcmp(*argv, "-elapsed") == 0) { 486 usertime = 0; 487 j--; /* Otherwise, -elapsed gets confused with an 488 * algorithm. */ 489 } else if (argc > 0 && strcmp(*argv, "-evp") == 0) { 490 argc--; 491 argv++; 492 if (argc == 0) { 493 BIO_printf(bio_err, "no EVP given\n"); 494 goto end; 495 } 496 evp_cipher = EVP_get_cipherbyname(*argv); 497 if (!evp_cipher) { 498 evp_md = EVP_get_digestbyname(*argv); 499 } 500 if (!evp_cipher && !evp_md) { 501 BIO_printf(bio_err, "%s is an unknown cipher or digest\n", *argv); 502 goto end; 503 } 504 doit[D_EVP] = 1; 505 } else if (argc > 0 && strcmp(*argv, "-decrypt") == 0) { 506 decrypt = 1; 507 j--; /* Otherwise, -decrypt gets confused with an 508 * algorithm. */ 509 } else if (argc > 0 && strcmp(*argv, "-multi") == 0) { 510 argc--; 511 argv++; 512 if (argc == 0) { 513 BIO_printf(bio_err, "no multi count given\n"); 514 goto end; 515 } 516 multi = strtonum(argv[0], 1, INT_MAX, &errstr); 517 if (errstr) { 518 BIO_printf(bio_err, "bad multi count: %s", errstr); 519 goto end; 520 } 521 j--; /* Otherwise, -multi gets confused with an 522 * algorithm. */ 523 } else if (argc > 0 && strcmp(*argv, "-unaligned") == 0) { 524 argc--; 525 argv++; 526 if (argc == 0) { 527 BIO_printf(bio_err, "no alignment offset given\n"); 528 goto end; 529 } 530 unaligned = strtonum(argv[0], 0, MAX_UNALIGN, &errstr); 531 if (errstr) { 532 BIO_printf(bio_err, "bad alignment offset: %s", 533 errstr); 534 goto end; 535 } 536 buf = real_buf + unaligned; 537 buf2 = real_buf2 + unaligned; 538 j--; /* Otherwise, -unaligned gets confused with an 539 * algorithm. */ 540 } else if (argc > 0 && strcmp(*argv, "-mr") == 0) { 541 mr = 1; 542 j--; /* Otherwise, -mr gets confused with an 543 * algorithm. */ 544 } else 545 #ifndef OPENSSL_NO_MD4 546 if (strcmp(*argv, "md4") == 0) 547 doit[D_MD4] = 1; 548 else 549 #endif 550 #ifndef OPENSSL_NO_MD5 551 if (strcmp(*argv, "md5") == 0) 552 doit[D_MD5] = 1; 553 else 554 #endif 555 #ifndef OPENSSL_NO_MD5 556 if (strcmp(*argv, "hmac") == 0) 557 doit[D_HMAC] = 1; 558 else 559 #endif 560 #ifndef OPENSSL_NO_SHA 561 if (strcmp(*argv, "sha1") == 0) 562 doit[D_SHA1] = 1; 563 else if (strcmp(*argv, "sha") == 0) 564 doit[D_SHA1] = 1, 565 doit[D_SHA256] = 1, 566 doit[D_SHA512] = 1; 567 else 568 #ifndef OPENSSL_NO_SHA256 569 if (strcmp(*argv, "sha256") == 0) 570 doit[D_SHA256] = 1; 571 else 572 #endif 573 #ifndef OPENSSL_NO_SHA512 574 if (strcmp(*argv, "sha512") == 0) 575 doit[D_SHA512] = 1; 576 else 577 #endif 578 #endif 579 #ifndef OPENSSL_NO_WHIRLPOOL 580 if (strcmp(*argv, "whirlpool") == 0) 581 doit[D_WHIRLPOOL] = 1; 582 else 583 #endif 584 #ifndef OPENSSL_NO_RIPEMD 585 if (strcmp(*argv, "ripemd") == 0) 586 doit[D_RMD160] = 1; 587 else if (strcmp(*argv, "rmd160") == 0) 588 doit[D_RMD160] = 1; 589 else if (strcmp(*argv, "ripemd160") == 0) 590 doit[D_RMD160] = 1; 591 else 592 #endif 593 #ifndef OPENSSL_NO_RC4 594 if (strcmp(*argv, "rc4") == 0) 595 doit[D_RC4] = 1; 596 else 597 #endif 598 #ifndef OPENSSL_NO_DES 599 if (strcmp(*argv, "des-cbc") == 0) 600 doit[D_CBC_DES] = 1; 601 else if (strcmp(*argv, "des-ede3") == 0) 602 doit[D_EDE3_DES] = 1; 603 else 604 #endif 605 #ifndef OPENSSL_NO_AES 606 if (strcmp(*argv, "aes-128-cbc") == 0) 607 doit[D_CBC_128_AES] = 1; 608 else if (strcmp(*argv, "aes-192-cbc") == 0) 609 doit[D_CBC_192_AES] = 1; 610 else if (strcmp(*argv, "aes-256-cbc") == 0) 611 doit[D_CBC_256_AES] = 1; 612 else if (strcmp(*argv, "aes-128-ige") == 0) 613 doit[D_IGE_128_AES] = 1; 614 else if (strcmp(*argv, "aes-192-ige") == 0) 615 doit[D_IGE_192_AES] = 1; 616 else if (strcmp(*argv, "aes-256-ige") == 0) 617 doit[D_IGE_256_AES] = 1; 618 else 619 #endif 620 #ifndef OPENSSL_NO_CAMELLIA 621 if (strcmp(*argv, "camellia-128-cbc") == 0) 622 doit[D_CBC_128_CML] = 1; 623 else if (strcmp(*argv, "camellia-192-cbc") == 0) 624 doit[D_CBC_192_CML] = 1; 625 else if (strcmp(*argv, "camellia-256-cbc") == 0) 626 doit[D_CBC_256_CML] = 1; 627 else 628 #endif 629 #ifndef RSA_NULL 630 if (strcmp(*argv, "openssl") == 0) { 631 RSA_set_default_method(RSA_PKCS1_SSLeay()); 632 j--; 633 } else 634 #endif 635 if (strcmp(*argv, "dsa512") == 0) 636 dsa_doit[R_DSA_512] = 2; 637 else if (strcmp(*argv, "dsa1024") == 0) 638 dsa_doit[R_DSA_1024] = 2; 639 else if (strcmp(*argv, "dsa2048") == 0) 640 dsa_doit[R_DSA_2048] = 2; 641 else if (strcmp(*argv, "rsa512") == 0) 642 rsa_doit[R_RSA_512] = 2; 643 else if (strcmp(*argv, "rsa1024") == 0) 644 rsa_doit[R_RSA_1024] = 2; 645 else if (strcmp(*argv, "rsa2048") == 0) 646 rsa_doit[R_RSA_2048] = 2; 647 else if (strcmp(*argv, "rsa4096") == 0) 648 rsa_doit[R_RSA_4096] = 2; 649 else 650 #ifndef OPENSSL_NO_RC2 651 if (strcmp(*argv, "rc2-cbc") == 0) 652 doit[D_CBC_RC2] = 1; 653 else if (strcmp(*argv, "rc2") == 0) 654 doit[D_CBC_RC2] = 1; 655 else 656 #endif 657 #ifndef OPENSSL_NO_IDEA 658 if (strcmp(*argv, "idea-cbc") == 0) 659 doit[D_CBC_IDEA] = 1; 660 else if (strcmp(*argv, "idea") == 0) 661 doit[D_CBC_IDEA] = 1; 662 else 663 #endif 664 #ifndef OPENSSL_NO_BF 665 if (strcmp(*argv, "bf-cbc") == 0) 666 doit[D_CBC_BF] = 1; 667 else if (strcmp(*argv, "blowfish") == 0) 668 doit[D_CBC_BF] = 1; 669 else if (strcmp(*argv, "bf") == 0) 670 doit[D_CBC_BF] = 1; 671 else 672 #endif 673 #ifndef OPENSSL_NO_CAST 674 if (strcmp(*argv, "cast-cbc") == 0) 675 doit[D_CBC_CAST] = 1; 676 else if (strcmp(*argv, "cast") == 0) 677 doit[D_CBC_CAST] = 1; 678 else if (strcmp(*argv, "cast5") == 0) 679 doit[D_CBC_CAST] = 1; 680 else 681 #endif 682 #ifndef OPENSSL_NO_DES 683 if (strcmp(*argv, "des") == 0) { 684 doit[D_CBC_DES] = 1; 685 doit[D_EDE3_DES] = 1; 686 } else 687 #endif 688 #ifndef OPENSSL_NO_AES 689 if (strcmp(*argv, "aes") == 0) { 690 doit[D_CBC_128_AES] = 1; 691 doit[D_CBC_192_AES] = 1; 692 doit[D_CBC_256_AES] = 1; 693 } else if (strcmp(*argv, "ghash") == 0) 694 doit[D_GHASH] = 1; 695 else if (strcmp(*argv,"aes-128-gcm") == 0) 696 doit[D_AES_128_GCM]=1; 697 else if (strcmp(*argv,"aes-256-gcm") == 0) 698 doit[D_AES_256_GCM]=1; 699 else 700 #endif 701 #ifndef OPENSSL_NO_CAMELLIA 702 if (strcmp(*argv, "camellia") == 0) { 703 doit[D_CBC_128_CML] = 1; 704 doit[D_CBC_192_CML] = 1; 705 doit[D_CBC_256_CML] = 1; 706 } else 707 #endif 708 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) 709 if (strcmp(*argv,"chacha20-poly1305") == 0) 710 doit[D_CHACHA20_POLY1305]=1; 711 else 712 #endif 713 if (strcmp(*argv, "rsa") == 0) { 714 rsa_doit[R_RSA_512] = 1; 715 rsa_doit[R_RSA_1024] = 1; 716 rsa_doit[R_RSA_2048] = 1; 717 rsa_doit[R_RSA_4096] = 1; 718 } else 719 if (strcmp(*argv, "dsa") == 0) { 720 dsa_doit[R_DSA_512] = 1; 721 dsa_doit[R_DSA_1024] = 1; 722 dsa_doit[R_DSA_2048] = 1; 723 } else 724 if (strcmp(*argv, "ecdsap160") == 0) 725 ecdsa_doit[R_EC_P160] = 2; 726 else if (strcmp(*argv, "ecdsap192") == 0) 727 ecdsa_doit[R_EC_P192] = 2; 728 else if (strcmp(*argv, "ecdsap224") == 0) 729 ecdsa_doit[R_EC_P224] = 2; 730 else if (strcmp(*argv, "ecdsap256") == 0) 731 ecdsa_doit[R_EC_P256] = 2; 732 else if (strcmp(*argv, "ecdsap384") == 0) 733 ecdsa_doit[R_EC_P384] = 2; 734 else if (strcmp(*argv, "ecdsap521") == 0) 735 ecdsa_doit[R_EC_P521] = 2; 736 else if (strcmp(*argv, "ecdsa") == 0) { 737 for (i = 0; i < EC_NUM; i++) 738 ecdsa_doit[i] = 1; 739 } else 740 if (strcmp(*argv, "ecdhp160") == 0) 741 ecdh_doit[R_EC_P160] = 2; 742 else if (strcmp(*argv, "ecdhp192") == 0) 743 ecdh_doit[R_EC_P192] = 2; 744 else if (strcmp(*argv, "ecdhp224") == 0) 745 ecdh_doit[R_EC_P224] = 2; 746 else if (strcmp(*argv, "ecdhp256") == 0) 747 ecdh_doit[R_EC_P256] = 2; 748 else if (strcmp(*argv, "ecdhp384") == 0) 749 ecdh_doit[R_EC_P384] = 2; 750 else if (strcmp(*argv, "ecdhp521") == 0) 751 ecdh_doit[R_EC_P521] = 2; 752 else if (strcmp(*argv, "ecdh") == 0) { 753 for (i = 0; i < EC_NUM; i++) 754 ecdh_doit[i] = 1; 755 } else 756 { 757 BIO_printf(bio_err, "Error: bad option or value\n"); 758 BIO_printf(bio_err, "\n"); 759 BIO_printf(bio_err, "Available values:\n"); 760 #ifndef OPENSSL_NO_MD4 761 BIO_printf(bio_err, "md4 "); 762 #endif 763 #ifndef OPENSSL_NO_MD5 764 BIO_printf(bio_err, "md5 "); 765 #ifndef OPENSSL_NO_HMAC 766 BIO_printf(bio_err, "hmac "); 767 #endif 768 #endif 769 #ifndef OPENSSL_NO_SHA1 770 BIO_printf(bio_err, "sha1 "); 771 #endif 772 #ifndef OPENSSL_NO_SHA256 773 BIO_printf(bio_err, "sha256 "); 774 #endif 775 #ifndef OPENSSL_NO_SHA512 776 BIO_printf(bio_err, "sha512 "); 777 #endif 778 #ifndef OPENSSL_NO_WHIRLPOOL 779 BIO_printf(bio_err, "whirlpool"); 780 #endif 781 #ifndef OPENSSL_NO_RIPEMD160 782 BIO_printf(bio_err, "rmd160"); 783 #endif 784 #if !defined(OPENSSL_NO_MD2) || \ 785 !defined(OPENSSL_NO_MD4) || !defined(OPENSSL_NO_MD5) || \ 786 !defined(OPENSSL_NO_SHA1) || !defined(OPENSSL_NO_RIPEMD160) || \ 787 !defined(OPENSSL_NO_WHIRLPOOL) 788 BIO_printf(bio_err, "\n"); 789 #endif 790 791 #ifndef OPENSSL_NO_IDEA 792 BIO_printf(bio_err, "idea-cbc "); 793 #endif 794 #ifndef OPENSSL_NO_RC2 795 BIO_printf(bio_err, "rc2-cbc "); 796 #endif 797 #ifndef OPENSSL_NO_BF 798 BIO_printf(bio_err, "bf-cbc "); 799 #endif 800 #ifndef OPENSSL_NO_DES 801 BIO_printf(bio_err, "des-cbc des-ede3\n"); 802 #endif 803 #ifndef OPENSSL_NO_AES 804 BIO_printf(bio_err, "aes-128-cbc aes-192-cbc aes-256-cbc "); 805 BIO_printf(bio_err, "aes-128-ige aes-192-ige aes-256-ige\n"); 806 BIO_printf(bio_err, "aes-128-gcm aes-256-gcm "); 807 #endif 808 #ifndef OPENSSL_NO_CAMELLIA 809 BIO_printf(bio_err, "\n"); 810 BIO_printf(bio_err, "camellia-128-cbc camellia-192-cbc camellia-256-cbc "); 811 #endif 812 #ifndef OPENSSL_NO_RC4 813 BIO_printf(bio_err, "rc4"); 814 #endif 815 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) 816 BIO_printf(bio_err," chacha20-poly1305"); 817 #endif 818 BIO_printf(bio_err, "\n"); 819 820 BIO_printf(bio_err, "rsa512 rsa1024 rsa2048 rsa4096\n"); 821 822 BIO_printf(bio_err, "dsa512 dsa1024 dsa2048\n"); 823 BIO_printf(bio_err, "ecdsap160 ecdsap192 ecdsap224 ecdsap256 ecdsap384 ecdsap521\n"); 824 BIO_printf(bio_err, "ecdhp160 ecdhp192 ecdhp224 ecdhp256 ecdhp384 ecdhp521\n"); 825 826 #ifndef OPENSSL_NO_IDEA 827 BIO_printf(bio_err, "idea "); 828 #endif 829 #ifndef OPENSSL_NO_RC2 830 BIO_printf(bio_err, "rc2 "); 831 #endif 832 #ifndef OPENSSL_NO_DES 833 BIO_printf(bio_err, "des "); 834 #endif 835 #ifndef OPENSSL_NO_AES 836 BIO_printf(bio_err, "aes "); 837 #endif 838 #ifndef OPENSSL_NO_CAMELLIA 839 BIO_printf(bio_err, "camellia "); 840 #endif 841 BIO_printf(bio_err, "rsa "); 842 #ifndef OPENSSL_NO_BF 843 BIO_printf(bio_err, "blowfish"); 844 #endif 845 #if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_SEED) || \ 846 !defined(OPENSSL_NO_RC2) || !defined(OPENSSL_NO_DES) || \ 847 !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_BF) || \ 848 !defined(OPENSSL_NO_AES) || !defined(OPENSSL_NO_CAMELLIA) 849 BIO_printf(bio_err, "\n"); 850 #endif 851 852 BIO_printf(bio_err, "\n"); 853 BIO_printf(bio_err, "Available options:\n"); 854 BIO_printf(bio_err, "-elapsed measure time in real time instead of CPU user time.\n"); 855 BIO_printf(bio_err, "-evp e use EVP e.\n"); 856 BIO_printf(bio_err, "-decrypt time decryption instead of encryption (only EVP).\n"); 857 BIO_printf(bio_err, "-mr produce machine readable output.\n"); 858 BIO_printf(bio_err, "-multi n run n benchmarks in parallel.\n"); 859 BIO_printf(bio_err, "-unaligned n use buffers with offset n from proper alignment.\n"); 860 goto end; 861 } 862 argc--; 863 argv++; 864 j++; 865 } 866 867 if (multi && do_multi(multi)) 868 goto show_res; 869 870 if (j == 0) { 871 for (i = 0; i < ALGOR_NUM; i++) { 872 if (i != D_EVP) 873 doit[i] = 1; 874 } 875 for (i = 0; i < RSA_NUM; i++) 876 rsa_doit[i] = 1; 877 for (i = 0; i < DSA_NUM; i++) 878 dsa_doit[i] = 1; 879 for (i = 0; i < EC_NUM; i++) 880 ecdsa_doit[i] = 1; 881 for (i = 0; i < EC_NUM; i++) 882 ecdh_doit[i] = 1; 883 } 884 for (i = 0; i < ALGOR_NUM; i++) 885 if (doit[i]) 886 pr_header++; 887 888 if (usertime == 0 && !mr) 889 BIO_printf(bio_err, "You have chosen to measure elapsed time instead of user CPU time.\n"); 890 891 for (i = 0; i < RSA_NUM; i++) { 892 const unsigned char *p; 893 894 p = rsa_data[i]; 895 rsa_key[i] = d2i_RSAPrivateKey(NULL, &p, rsa_data_length[i]); 896 if (rsa_key[i] == NULL) { 897 BIO_printf(bio_err, "internal error loading RSA key number %d\n", i); 898 goto end; 899 } 900 } 901 902 dsa_key[0] = get_dsa512(); 903 dsa_key[1] = get_dsa1024(); 904 dsa_key[2] = get_dsa2048(); 905 906 #ifndef OPENSSL_NO_DES 907 DES_set_key_unchecked(&key, &sch); 908 DES_set_key_unchecked(&key2, &sch2); 909 DES_set_key_unchecked(&key3, &sch3); 910 #endif 911 #ifndef OPENSSL_NO_AES 912 AES_set_encrypt_key(key16, 128, &aes_ks1); 913 AES_set_encrypt_key(key24, 192, &aes_ks2); 914 AES_set_encrypt_key(key32, 256, &aes_ks3); 915 #endif 916 #ifndef OPENSSL_NO_CAMELLIA 917 Camellia_set_key(key16, 128, &camellia_ks1); 918 Camellia_set_key(ckey24, 192, &camellia_ks2); 919 Camellia_set_key(ckey32, 256, &camellia_ks3); 920 #endif 921 #ifndef OPENSSL_NO_IDEA 922 idea_set_encrypt_key(key16, &idea_ks); 923 #endif 924 #ifndef OPENSSL_NO_RC4 925 RC4_set_key(&rc4_ks, 16, key16); 926 #endif 927 #ifndef OPENSSL_NO_RC2 928 RC2_set_key(&rc2_ks, 16, key16, 128); 929 #endif 930 #ifndef OPENSSL_NO_BF 931 BF_set_key(&bf_ks, 16, key16); 932 #endif 933 #ifndef OPENSSL_NO_CAST 934 CAST_set_key(&cast_ks, 16, key16); 935 #endif 936 memset(rsa_c, 0, sizeof(rsa_c)); 937 #define COND(c) (run && count<0x7fffffff) 938 #define COUNT(d) (count) 939 signal(SIGALRM, sig_done); 940 941 #ifndef OPENSSL_NO_MD4 942 if (doit[D_MD4]) { 943 for (j = 0; j < SIZE_NUM; j++) { 944 print_message(names[D_MD4], c[D_MD4][j], lengths[j]); 945 Time_F(START); 946 for (count = 0, run = 1; COND(c[D_MD4][j]); count++) 947 EVP_Digest(&(buf[0]), (unsigned long) lengths[j], &(md4[0]), NULL, EVP_md4(), NULL); 948 d = Time_F(STOP); 949 print_result(D_MD4, j, count, d); 950 } 951 } 952 #endif 953 954 #ifndef OPENSSL_NO_MD5 955 if (doit[D_MD5]) { 956 for (j = 0; j < SIZE_NUM; j++) { 957 print_message(names[D_MD5], c[D_MD5][j], lengths[j]); 958 Time_F(START); 959 for (count = 0, run = 1; COND(c[D_MD5][j]); count++) 960 EVP_Digest(&(buf[0]), (unsigned long) lengths[j], &(md5[0]), NULL, EVP_get_digestbyname("md5"), NULL); 961 d = Time_F(STOP); 962 print_result(D_MD5, j, count, d); 963 } 964 } 965 #endif 966 967 #if !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_HMAC) 968 if (doit[D_HMAC]) { 969 HMAC_CTX *hctx; 970 971 if ((hctx = HMAC_CTX_new()) == NULL) { 972 BIO_printf(bio_err, "Failed to allocate HMAC context.\n"); 973 goto end; 974 } 975 976 HMAC_Init_ex(hctx, (unsigned char *) "This is a key...", 977 16, EVP_md5(), NULL); 978 979 for (j = 0; j < SIZE_NUM; j++) { 980 print_message(names[D_HMAC], c[D_HMAC][j], lengths[j]); 981 Time_F(START); 982 for (count = 0, run = 1; COND(c[D_HMAC][j]); count++) { 983 if (!HMAC_Init_ex(hctx, NULL, 0, NULL, NULL)) { 984 HMAC_CTX_free(hctx); 985 goto end; 986 } 987 if (!HMAC_Update(hctx, buf, lengths[j])) { 988 HMAC_CTX_free(hctx); 989 goto end; 990 } 991 if (!HMAC_Final(hctx, &(hmac[0]), NULL)) { 992 HMAC_CTX_free(hctx); 993 goto end; 994 } 995 } 996 d = Time_F(STOP); 997 print_result(D_HMAC, j, count, d); 998 } 999 HMAC_CTX_free(hctx); 1000 } 1001 #endif 1002 #ifndef OPENSSL_NO_SHA 1003 if (doit[D_SHA1]) { 1004 for (j = 0; j < SIZE_NUM; j++) { 1005 print_message(names[D_SHA1], c[D_SHA1][j], lengths[j]); 1006 Time_F(START); 1007 for (count = 0, run = 1; COND(c[D_SHA1][j]); count++) 1008 EVP_Digest(buf, (unsigned long) lengths[j], &(sha[0]), NULL, EVP_sha1(), NULL); 1009 d = Time_F(STOP); 1010 print_result(D_SHA1, j, count, d); 1011 } 1012 } 1013 #ifndef OPENSSL_NO_SHA256 1014 if (doit[D_SHA256]) { 1015 for (j = 0; j < SIZE_NUM; j++) { 1016 print_message(names[D_SHA256], c[D_SHA256][j], lengths[j]); 1017 Time_F(START); 1018 for (count = 0, run = 1; COND(c[D_SHA256][j]); count++) 1019 SHA256(buf, lengths[j], sha256); 1020 d = Time_F(STOP); 1021 print_result(D_SHA256, j, count, d); 1022 } 1023 } 1024 #endif 1025 1026 #ifndef OPENSSL_NO_SHA512 1027 if (doit[D_SHA512]) { 1028 for (j = 0; j < SIZE_NUM; j++) { 1029 print_message(names[D_SHA512], c[D_SHA512][j], lengths[j]); 1030 Time_F(START); 1031 for (count = 0, run = 1; COND(c[D_SHA512][j]); count++) 1032 SHA512(buf, lengths[j], sha512); 1033 d = Time_F(STOP); 1034 print_result(D_SHA512, j, count, d); 1035 } 1036 } 1037 #endif 1038 #endif 1039 1040 #ifndef OPENSSL_NO_WHIRLPOOL 1041 if (doit[D_WHIRLPOOL]) { 1042 for (j = 0; j < SIZE_NUM; j++) { 1043 print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][j], lengths[j]); 1044 Time_F(START); 1045 for (count = 0, run = 1; COND(c[D_WHIRLPOOL][j]); count++) 1046 WHIRLPOOL(buf, lengths[j], whirlpool); 1047 d = Time_F(STOP); 1048 print_result(D_WHIRLPOOL, j, count, d); 1049 } 1050 } 1051 #endif 1052 1053 #ifndef OPENSSL_NO_RIPEMD 1054 if (doit[D_RMD160]) { 1055 for (j = 0; j < SIZE_NUM; j++) { 1056 print_message(names[D_RMD160], c[D_RMD160][j], lengths[j]); 1057 Time_F(START); 1058 for (count = 0, run = 1; COND(c[D_RMD160][j]); count++) 1059 EVP_Digest(buf, (unsigned long) lengths[j], &(rmd160[0]), NULL, EVP_ripemd160(), NULL); 1060 d = Time_F(STOP); 1061 print_result(D_RMD160, j, count, d); 1062 } 1063 } 1064 #endif 1065 #ifndef OPENSSL_NO_RC4 1066 if (doit[D_RC4]) { 1067 for (j = 0; j < SIZE_NUM; j++) { 1068 print_message(names[D_RC4], c[D_RC4][j], lengths[j]); 1069 Time_F(START); 1070 for (count = 0, run = 1; COND(c[D_RC4][j]); count++) 1071 RC4(&rc4_ks, (unsigned int) lengths[j], 1072 buf, buf); 1073 d = Time_F(STOP); 1074 print_result(D_RC4, j, count, d); 1075 } 1076 } 1077 #endif 1078 #ifndef OPENSSL_NO_DES 1079 if (doit[D_CBC_DES]) { 1080 for (j = 0; j < SIZE_NUM; j++) { 1081 print_message(names[D_CBC_DES], c[D_CBC_DES][j], lengths[j]); 1082 Time_F(START); 1083 for (count = 0, run = 1; COND(c[D_CBC_DES][j]); count++) 1084 DES_ncbc_encrypt(buf, buf, lengths[j], &sch, 1085 &DES_iv, DES_ENCRYPT); 1086 d = Time_F(STOP); 1087 print_result(D_CBC_DES, j, count, d); 1088 } 1089 } 1090 if (doit[D_EDE3_DES]) { 1091 for (j = 0; j < SIZE_NUM; j++) { 1092 print_message(names[D_EDE3_DES], c[D_EDE3_DES][j], lengths[j]); 1093 Time_F(START); 1094 for (count = 0, run = 1; COND(c[D_EDE3_DES][j]); count++) 1095 DES_ede3_cbc_encrypt(buf, buf, lengths[j], 1096 &sch, &sch2, &sch3, 1097 &DES_iv, DES_ENCRYPT); 1098 d = Time_F(STOP); 1099 print_result(D_EDE3_DES, j, count, d); 1100 } 1101 } 1102 #endif 1103 #ifndef OPENSSL_NO_AES 1104 if (doit[D_CBC_128_AES]) { 1105 for (j = 0; j < SIZE_NUM; j++) { 1106 print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][j], lengths[j]); 1107 Time_F(START); 1108 for (count = 0, run = 1; COND(c[D_CBC_128_AES][j]); count++) 1109 AES_cbc_encrypt(buf, buf, 1110 (unsigned long) lengths[j], &aes_ks1, 1111 iv, AES_ENCRYPT); 1112 d = Time_F(STOP); 1113 print_result(D_CBC_128_AES, j, count, d); 1114 } 1115 } 1116 if (doit[D_CBC_192_AES]) { 1117 for (j = 0; j < SIZE_NUM; j++) { 1118 print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][j], lengths[j]); 1119 Time_F(START); 1120 for (count = 0, run = 1; COND(c[D_CBC_192_AES][j]); count++) 1121 AES_cbc_encrypt(buf, buf, 1122 (unsigned long) lengths[j], &aes_ks2, 1123 iv, AES_ENCRYPT); 1124 d = Time_F(STOP); 1125 print_result(D_CBC_192_AES, j, count, d); 1126 } 1127 } 1128 if (doit[D_CBC_256_AES]) { 1129 for (j = 0; j < SIZE_NUM; j++) { 1130 print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][j], lengths[j]); 1131 Time_F(START); 1132 for (count = 0, run = 1; COND(c[D_CBC_256_AES][j]); count++) 1133 AES_cbc_encrypt(buf, buf, 1134 (unsigned long) lengths[j], &aes_ks3, 1135 iv, AES_ENCRYPT); 1136 d = Time_F(STOP); 1137 print_result(D_CBC_256_AES, j, count, d); 1138 } 1139 } 1140 if (doit[D_IGE_128_AES]) { 1141 for (j = 0; j < SIZE_NUM; j++) { 1142 print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][j], lengths[j]); 1143 Time_F(START); 1144 for (count = 0, run = 1; COND(c[D_IGE_128_AES][j]); count++) 1145 AES_ige_encrypt(buf, buf2, 1146 (unsigned long) lengths[j], &aes_ks1, 1147 iv, AES_ENCRYPT); 1148 d = Time_F(STOP); 1149 print_result(D_IGE_128_AES, j, count, d); 1150 } 1151 } 1152 if (doit[D_IGE_192_AES]) { 1153 for (j = 0; j < SIZE_NUM; j++) { 1154 print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][j], lengths[j]); 1155 Time_F(START); 1156 for (count = 0, run = 1; COND(c[D_IGE_192_AES][j]); count++) 1157 AES_ige_encrypt(buf, buf2, 1158 (unsigned long) lengths[j], &aes_ks2, 1159 iv, AES_ENCRYPT); 1160 d = Time_F(STOP); 1161 print_result(D_IGE_192_AES, j, count, d); 1162 } 1163 } 1164 if (doit[D_IGE_256_AES]) { 1165 for (j = 0; j < SIZE_NUM; j++) { 1166 print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][j], lengths[j]); 1167 Time_F(START); 1168 for (count = 0, run = 1; COND(c[D_IGE_256_AES][j]); count++) 1169 AES_ige_encrypt(buf, buf2, 1170 (unsigned long) lengths[j], &aes_ks3, 1171 iv, AES_ENCRYPT); 1172 d = Time_F(STOP); 1173 print_result(D_IGE_256_AES, j, count, d); 1174 } 1175 } 1176 if (doit[D_GHASH]) { 1177 GCM128_CONTEXT *ctx = CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt); 1178 CRYPTO_gcm128_setiv(ctx, (unsigned char *) "0123456789ab", 12); 1179 1180 for (j = 0; j < SIZE_NUM; j++) { 1181 print_message(names[D_GHASH], c[D_GHASH][j], lengths[j]); 1182 Time_F(START); 1183 for (count = 0, run = 1; COND(c[D_GHASH][j]); count++) 1184 CRYPTO_gcm128_aad(ctx, buf, lengths[j]); 1185 d = Time_F(STOP); 1186 print_result(D_GHASH, j, count, d); 1187 } 1188 CRYPTO_gcm128_release(ctx); 1189 } 1190 if (doit[D_AES_128_GCM]) { 1191 const EVP_AEAD *aead = EVP_aead_aes_128_gcm(); 1192 static const unsigned char nonce[32] = {0}; 1193 size_t buf_len, nonce_len; 1194 EVP_AEAD_CTX *ctx; 1195 1196 if ((ctx = EVP_AEAD_CTX_new()) == NULL) { 1197 BIO_printf(bio_err, 1198 "Failed to allocate aead context.\n"); 1199 goto end; 1200 } 1201 1202 EVP_AEAD_CTX_init(ctx, aead, key32, EVP_AEAD_key_length(aead), 1203 EVP_AEAD_DEFAULT_TAG_LENGTH, NULL); 1204 nonce_len = EVP_AEAD_nonce_length(aead); 1205 1206 for (j = 0; j < SIZE_NUM; j++) { 1207 print_message(names[D_AES_128_GCM],c[D_AES_128_GCM][j],lengths[j]); 1208 Time_F(START); 1209 for (count = 0, run = 1; COND(c[D_AES_128_GCM][j]); count++) 1210 EVP_AEAD_CTX_seal(ctx, buf, &buf_len, BUFSIZE, nonce, 1211 nonce_len, buf, lengths[j], NULL, 0); 1212 d=Time_F(STOP); 1213 print_result(D_AES_128_GCM,j,count,d); 1214 } 1215 EVP_AEAD_CTX_free(ctx); 1216 } 1217 1218 if (doit[D_AES_256_GCM]) { 1219 const EVP_AEAD *aead = EVP_aead_aes_256_gcm(); 1220 static const unsigned char nonce[32] = {0}; 1221 size_t buf_len, nonce_len; 1222 EVP_AEAD_CTX *ctx; 1223 1224 if ((ctx = EVP_AEAD_CTX_new()) == NULL) { 1225 BIO_printf(bio_err, 1226 "Failed to allocate aead context.\n"); 1227 goto end; 1228 } 1229 1230 EVP_AEAD_CTX_init(ctx, aead, key32, EVP_AEAD_key_length(aead), 1231 EVP_AEAD_DEFAULT_TAG_LENGTH, NULL); 1232 nonce_len = EVP_AEAD_nonce_length(aead); 1233 1234 for (j = 0; j < SIZE_NUM; j++) { 1235 print_message(names[D_AES_256_GCM],c[D_AES_256_GCM][j],lengths[j]); 1236 Time_F(START); 1237 for (count = 0, run = 1; COND(c[D_AES_256_GCM][j]); count++) 1238 EVP_AEAD_CTX_seal(ctx, buf, &buf_len, BUFSIZE, nonce, 1239 nonce_len, buf, lengths[j], NULL, 0); 1240 d=Time_F(STOP); 1241 print_result(D_AES_256_GCM, j, count, d); 1242 } 1243 EVP_AEAD_CTX_free(ctx); 1244 } 1245 #endif 1246 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) 1247 if (doit[D_CHACHA20_POLY1305]) { 1248 const EVP_AEAD *aead = EVP_aead_chacha20_poly1305(); 1249 static const unsigned char nonce[32] = {0}; 1250 size_t buf_len, nonce_len; 1251 EVP_AEAD_CTX *ctx; 1252 1253 if ((ctx = EVP_AEAD_CTX_new()) == NULL) { 1254 BIO_printf(bio_err, 1255 "Failed to allocate aead context.\n"); 1256 goto end; 1257 } 1258 1259 EVP_AEAD_CTX_init(ctx, aead, key32, EVP_AEAD_key_length(aead), 1260 EVP_AEAD_DEFAULT_TAG_LENGTH, NULL); 1261 nonce_len = EVP_AEAD_nonce_length(aead); 1262 1263 for (j = 0; j < SIZE_NUM; j++) { 1264 print_message(names[D_CHACHA20_POLY1305], 1265 c[D_CHACHA20_POLY1305][j], lengths[j]); 1266 Time_F(START); 1267 for (count = 0, run = 1; COND(c[D_CHACHA20_POLY1305][j]); count++) 1268 EVP_AEAD_CTX_seal(ctx, buf, &buf_len, BUFSIZE, nonce, 1269 nonce_len, buf, lengths[j], NULL, 0); 1270 d=Time_F(STOP); 1271 print_result(D_CHACHA20_POLY1305, j, count, d); 1272 } 1273 EVP_AEAD_CTX_free(ctx); 1274 } 1275 #endif 1276 #ifndef OPENSSL_NO_CAMELLIA 1277 if (doit[D_CBC_128_CML]) { 1278 for (j = 0; j < SIZE_NUM; j++) { 1279 print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][j], lengths[j]); 1280 Time_F(START); 1281 for (count = 0, run = 1; COND(c[D_CBC_128_CML][j]); count++) 1282 Camellia_cbc_encrypt(buf, buf, 1283 (unsigned long) lengths[j], &camellia_ks1, 1284 iv, CAMELLIA_ENCRYPT); 1285 d = Time_F(STOP); 1286 print_result(D_CBC_128_CML, j, count, d); 1287 } 1288 } 1289 if (doit[D_CBC_192_CML]) { 1290 for (j = 0; j < SIZE_NUM; j++) { 1291 print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][j], lengths[j]); 1292 Time_F(START); 1293 for (count = 0, run = 1; COND(c[D_CBC_192_CML][j]); count++) 1294 Camellia_cbc_encrypt(buf, buf, 1295 (unsigned long) lengths[j], &camellia_ks2, 1296 iv, CAMELLIA_ENCRYPT); 1297 d = Time_F(STOP); 1298 print_result(D_CBC_192_CML, j, count, d); 1299 } 1300 } 1301 if (doit[D_CBC_256_CML]) { 1302 for (j = 0; j < SIZE_NUM; j++) { 1303 print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][j], lengths[j]); 1304 Time_F(START); 1305 for (count = 0, run = 1; COND(c[D_CBC_256_CML][j]); count++) 1306 Camellia_cbc_encrypt(buf, buf, 1307 (unsigned long) lengths[j], &camellia_ks3, 1308 iv, CAMELLIA_ENCRYPT); 1309 d = Time_F(STOP); 1310 print_result(D_CBC_256_CML, j, count, d); 1311 } 1312 } 1313 #endif 1314 #ifndef OPENSSL_NO_IDEA 1315 if (doit[D_CBC_IDEA]) { 1316 for (j = 0; j < SIZE_NUM; j++) { 1317 print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][j], lengths[j]); 1318 Time_F(START); 1319 for (count = 0, run = 1; COND(c[D_CBC_IDEA][j]); count++) 1320 idea_cbc_encrypt(buf, buf, 1321 (unsigned long) lengths[j], &idea_ks, 1322 iv, IDEA_ENCRYPT); 1323 d = Time_F(STOP); 1324 print_result(D_CBC_IDEA, j, count, d); 1325 } 1326 } 1327 #endif 1328 #ifndef OPENSSL_NO_RC2 1329 if (doit[D_CBC_RC2]) { 1330 for (j = 0; j < SIZE_NUM; j++) { 1331 print_message(names[D_CBC_RC2], c[D_CBC_RC2][j], lengths[j]); 1332 Time_F(START); 1333 for (count = 0, run = 1; COND(c[D_CBC_RC2][j]); count++) 1334 RC2_cbc_encrypt(buf, buf, 1335 (unsigned long) lengths[j], &rc2_ks, 1336 iv, RC2_ENCRYPT); 1337 d = Time_F(STOP); 1338 print_result(D_CBC_RC2, j, count, d); 1339 } 1340 } 1341 #endif 1342 #ifndef OPENSSL_NO_BF 1343 if (doit[D_CBC_BF]) { 1344 for (j = 0; j < SIZE_NUM; j++) { 1345 print_message(names[D_CBC_BF], c[D_CBC_BF][j], lengths[j]); 1346 Time_F(START); 1347 for (count = 0, run = 1; COND(c[D_CBC_BF][j]); count++) 1348 BF_cbc_encrypt(buf, buf, 1349 (unsigned long) lengths[j], &bf_ks, 1350 iv, BF_ENCRYPT); 1351 d = Time_F(STOP); 1352 print_result(D_CBC_BF, j, count, d); 1353 } 1354 } 1355 #endif 1356 #ifndef OPENSSL_NO_CAST 1357 if (doit[D_CBC_CAST]) { 1358 for (j = 0; j < SIZE_NUM; j++) { 1359 print_message(names[D_CBC_CAST], c[D_CBC_CAST][j], lengths[j]); 1360 Time_F(START); 1361 for (count = 0, run = 1; COND(c[D_CBC_CAST][j]); count++) 1362 CAST_cbc_encrypt(buf, buf, 1363 (unsigned long) lengths[j], &cast_ks, 1364 iv, CAST_ENCRYPT); 1365 d = Time_F(STOP); 1366 print_result(D_CBC_CAST, j, count, d); 1367 } 1368 } 1369 #endif 1370 1371 if (doit[D_EVP]) { 1372 for (j = 0; j < SIZE_NUM; j++) { 1373 if (evp_cipher) { 1374 EVP_CIPHER_CTX *ctx; 1375 int outl; 1376 1377 names[D_EVP] = 1378 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)); 1379 /* 1380 * -O3 -fschedule-insns messes up an 1381 * optimization here! names[D_EVP] somehow 1382 * becomes NULL 1383 */ 1384 print_message(names[D_EVP], save_count, 1385 lengths[j]); 1386 1387 if ((ctx = EVP_CIPHER_CTX_new()) == NULL) { 1388 BIO_printf(bio_err, "Failed to " 1389 "allocate cipher context.\n"); 1390 goto end; 1391 } 1392 if (decrypt) 1393 EVP_DecryptInit_ex(ctx, evp_cipher, NULL, key16, iv); 1394 else 1395 EVP_EncryptInit_ex(ctx, evp_cipher, NULL, key16, iv); 1396 EVP_CIPHER_CTX_set_padding(ctx, 0); 1397 1398 Time_F(START); 1399 if (decrypt) 1400 for (count = 0, run = 1; COND(save_count * 4 * lengths[0] / lengths[j]); count++) 1401 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[j]); 1402 else 1403 for (count = 0, run = 1; COND(save_count * 4 * lengths[0] / lengths[j]); count++) 1404 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[j]); 1405 if (decrypt) 1406 EVP_DecryptFinal_ex(ctx, buf, &outl); 1407 else 1408 EVP_EncryptFinal_ex(ctx, buf, &outl); 1409 d = Time_F(STOP); 1410 EVP_CIPHER_CTX_free(ctx); 1411 } 1412 if (evp_md) { 1413 names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md)); 1414 print_message(names[D_EVP], save_count, 1415 lengths[j]); 1416 1417 Time_F(START); 1418 for (count = 0, run = 1; COND(save_count * 4 * lengths[0] / lengths[j]); count++) 1419 EVP_Digest(buf, lengths[j], &(md[0]), NULL, evp_md, NULL); 1420 1421 d = Time_F(STOP); 1422 } 1423 print_result(D_EVP, j, count, d); 1424 } 1425 } 1426 arc4random_buf(buf, 36); 1427 for (j = 0; j < RSA_NUM; j++) { 1428 int ret; 1429 if (!rsa_doit[j]) 1430 continue; 1431 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, &rsa_num, rsa_key[j]); 1432 if (ret == 0) { 1433 BIO_printf(bio_err, "RSA sign failure. No RSA sign will be done.\n"); 1434 ERR_print_errors(bio_err); 1435 rsa_count = 1; 1436 } else { 1437 pkey_print_message("private", "rsa", 1438 rsa_c[j][0], rsa_bits[j], 1439 RSA_SECONDS); 1440 /* RSA_blinding_on(rsa_key[j],NULL); */ 1441 Time_F(START); 1442 for (count = 0, run = 1; COND(rsa_c[j][0]); count++) { 1443 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, 1444 &rsa_num, rsa_key[j]); 1445 if (ret == 0) { 1446 BIO_printf(bio_err, 1447 "RSA sign failure\n"); 1448 ERR_print_errors(bio_err); 1449 count = 1; 1450 break; 1451 } 1452 } 1453 d = Time_F(STOP); 1454 BIO_printf(bio_err, mr ? "+R1:%ld:%d:%.2f\n" 1455 : "%ld %d bit private RSA in %.2fs\n", 1456 count, rsa_bits[j], d); 1457 rsa_results[j][0] = d / (double) count; 1458 rsa_count = count; 1459 } 1460 1461 ret = RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[j]); 1462 if (ret <= 0) { 1463 BIO_printf(bio_err, "RSA verify failure. No RSA verify will be done.\n"); 1464 ERR_print_errors(bio_err); 1465 rsa_doit[j] = 0; 1466 } else { 1467 pkey_print_message("public", "rsa", 1468 rsa_c[j][1], rsa_bits[j], 1469 RSA_SECONDS); 1470 Time_F(START); 1471 for (count = 0, run = 1; COND(rsa_c[j][1]); count++) { 1472 ret = RSA_verify(NID_md5_sha1, buf, 36, buf2, 1473 rsa_num, rsa_key[j]); 1474 if (ret <= 0) { 1475 BIO_printf(bio_err, 1476 "RSA verify failure\n"); 1477 ERR_print_errors(bio_err); 1478 count = 1; 1479 break; 1480 } 1481 } 1482 d = Time_F(STOP); 1483 BIO_printf(bio_err, mr ? "+R2:%ld:%d:%.2f\n" 1484 : "%ld %d bit public RSA in %.2fs\n", 1485 count, rsa_bits[j], d); 1486 rsa_results[j][1] = d / (double) count; 1487 } 1488 1489 if (rsa_count <= 1) { 1490 /* if longer than 10s, don't do any more */ 1491 for (j++; j < RSA_NUM; j++) 1492 rsa_doit[j] = 0; 1493 } 1494 } 1495 1496 arc4random_buf(buf, 20); 1497 for (j = 0; j < DSA_NUM; j++) { 1498 unsigned int kk; 1499 int ret; 1500 1501 if (!dsa_doit[j]) 1502 continue; 1503 /* DSA_generate_key(dsa_key[j]); */ 1504 /* DSA_sign_setup(dsa_key[j],NULL); */ 1505 ret = DSA_sign(EVP_PKEY_DSA, buf, 20, buf2, 1506 &kk, dsa_key[j]); 1507 if (ret == 0) { 1508 BIO_printf(bio_err, "DSA sign failure. No DSA sign will be done.\n"); 1509 ERR_print_errors(bio_err); 1510 rsa_count = 1; 1511 } else { 1512 pkey_print_message("sign", "dsa", 1513 dsa_c[j][0], dsa_bits[j], 1514 DSA_SECONDS); 1515 Time_F(START); 1516 for (count = 0, run = 1; COND(dsa_c[j][0]); count++) { 1517 ret = DSA_sign(EVP_PKEY_DSA, buf, 20, buf2, 1518 &kk, dsa_key[j]); 1519 if (ret == 0) { 1520 BIO_printf(bio_err, 1521 "DSA sign failure\n"); 1522 ERR_print_errors(bio_err); 1523 count = 1; 1524 break; 1525 } 1526 } 1527 d = Time_F(STOP); 1528 BIO_printf(bio_err, mr ? "+R3:%ld:%d:%.2f\n" 1529 : "%ld %d bit DSA signs in %.2fs\n", 1530 count, dsa_bits[j], d); 1531 dsa_results[j][0] = d / (double) count; 1532 rsa_count = count; 1533 } 1534 1535 ret = DSA_verify(EVP_PKEY_DSA, buf, 20, buf2, 1536 kk, dsa_key[j]); 1537 if (ret <= 0) { 1538 BIO_printf(bio_err, "DSA verify failure. No DSA verify will be done.\n"); 1539 ERR_print_errors(bio_err); 1540 dsa_doit[j] = 0; 1541 } else { 1542 pkey_print_message("verify", "dsa", 1543 dsa_c[j][1], dsa_bits[j], 1544 DSA_SECONDS); 1545 Time_F(START); 1546 for (count = 0, run = 1; COND(dsa_c[j][1]); count++) { 1547 ret = DSA_verify(EVP_PKEY_DSA, buf, 20, buf2, 1548 kk, dsa_key[j]); 1549 if (ret <= 0) { 1550 BIO_printf(bio_err, 1551 "DSA verify failure\n"); 1552 ERR_print_errors(bio_err); 1553 count = 1; 1554 break; 1555 } 1556 } 1557 d = Time_F(STOP); 1558 BIO_printf(bio_err, mr ? "+R4:%ld:%d:%.2f\n" 1559 : "%ld %d bit DSA verify in %.2fs\n", 1560 count, dsa_bits[j], d); 1561 dsa_results[j][1] = d / (double) count; 1562 } 1563 1564 if (rsa_count <= 1) { 1565 /* if longer than 10s, don't do any more */ 1566 for (j++; j < DSA_NUM; j++) 1567 dsa_doit[j] = 0; 1568 } 1569 } 1570 1571 for (j = 0; j < EC_NUM; j++) { 1572 int ret; 1573 1574 if (!ecdsa_doit[j]) 1575 continue; /* Ignore Curve */ 1576 ecdsa[j] = EC_KEY_new_by_curve_name(test_curves[j]); 1577 if (ecdsa[j] == NULL) { 1578 BIO_printf(bio_err, "ECDSA failure.\n"); 1579 ERR_print_errors(bio_err); 1580 rsa_count = 1; 1581 } else { 1582 EC_KEY_precompute_mult(ecdsa[j], NULL); 1583 1584 /* Perform ECDSA signature test */ 1585 EC_KEY_generate_key(ecdsa[j]); 1586 ret = ECDSA_sign(0, buf, 20, ecdsasig, 1587 &ecdsasiglen, ecdsa[j]); 1588 if (ret == 0) { 1589 BIO_printf(bio_err, "ECDSA sign failure. No ECDSA sign will be done.\n"); 1590 ERR_print_errors(bio_err); 1591 rsa_count = 1; 1592 } else { 1593 pkey_print_message("sign", "ecdsa", 1594 ecdsa_c[j][0], 1595 test_curves_bits[j], 1596 ECDSA_SECONDS); 1597 1598 Time_F(START); 1599 for (count = 0, run = 1; COND(ecdsa_c[j][0]); 1600 count++) { 1601 ret = ECDSA_sign(0, buf, 20, 1602 ecdsasig, &ecdsasiglen, 1603 ecdsa[j]); 1604 if (ret == 0) { 1605 BIO_printf(bio_err, "ECDSA sign failure\n"); 1606 ERR_print_errors(bio_err); 1607 count = 1; 1608 break; 1609 } 1610 } 1611 d = Time_F(STOP); 1612 1613 BIO_printf(bio_err, mr ? "+R5:%ld:%d:%.2f\n" : 1614 "%ld %d bit ECDSA signs in %.2fs \n", 1615 count, test_curves_bits[j], d); 1616 ecdsa_results[j][0] = d / (double) count; 1617 rsa_count = count; 1618 } 1619 1620 /* Perform ECDSA verification test */ 1621 ret = ECDSA_verify(0, buf, 20, ecdsasig, 1622 ecdsasiglen, ecdsa[j]); 1623 if (ret != 1) { 1624 BIO_printf(bio_err, "ECDSA verify failure. No ECDSA verify will be done.\n"); 1625 ERR_print_errors(bio_err); 1626 ecdsa_doit[j] = 0; 1627 } else { 1628 pkey_print_message("verify", "ecdsa", 1629 ecdsa_c[j][1], 1630 test_curves_bits[j], 1631 ECDSA_SECONDS); 1632 Time_F(START); 1633 for (count = 0, run = 1; COND(ecdsa_c[j][1]); count++) { 1634 ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[j]); 1635 if (ret != 1) { 1636 BIO_printf(bio_err, "ECDSA verify failure\n"); 1637 ERR_print_errors(bio_err); 1638 count = 1; 1639 break; 1640 } 1641 } 1642 d = Time_F(STOP); 1643 BIO_printf(bio_err, mr ? "+R6:%ld:%d:%.2f\n" 1644 : "%ld %d bit ECDSA verify in %.2fs\n", 1645 count, test_curves_bits[j], d); 1646 ecdsa_results[j][1] = d / (double) count; 1647 } 1648 1649 if (rsa_count <= 1) { 1650 /* if longer than 10s, don't do any more */ 1651 for (j++; j < EC_NUM; j++) 1652 ecdsa_doit[j] = 0; 1653 } 1654 } 1655 } 1656 1657 for (j = 0; j < EC_NUM; j++) { 1658 if (!ecdh_doit[j]) 1659 continue; 1660 ecdh_a[j] = EC_KEY_new_by_curve_name(test_curves[j]); 1661 ecdh_b[j] = EC_KEY_new_by_curve_name(test_curves[j]); 1662 if ((ecdh_a[j] == NULL) || (ecdh_b[j] == NULL)) { 1663 BIO_printf(bio_err, "ECDH failure.\n"); 1664 ERR_print_errors(bio_err); 1665 rsa_count = 1; 1666 } else { 1667 /* generate two ECDH key pairs */ 1668 if (!EC_KEY_generate_key(ecdh_a[j]) || 1669 !EC_KEY_generate_key(ecdh_b[j])) { 1670 BIO_printf(bio_err, "ECDH key generation failure.\n"); 1671 ERR_print_errors(bio_err); 1672 rsa_count = 1; 1673 } else { 1674 /* 1675 * If field size is not more than 24 octets, 1676 * then use SHA-1 hash of result; otherwise, 1677 * use result (see section 4.8 of 1678 * draft-ietf-tls-ecc-03.txt). 1679 */ 1680 int field_size, outlen; 1681 void *(*kdf) (const void *in, size_t inlen, void *out, size_t * xoutlen); 1682 field_size = EC_GROUP_get_degree(EC_KEY_get0_group(ecdh_a[j])); 1683 if (field_size <= 24 * 8) { 1684 outlen = KDF1_SHA1_len; 1685 kdf = KDF1_SHA1; 1686 } else { 1687 outlen = (field_size + 7) / 8; 1688 kdf = NULL; 1689 } 1690 secret_size_a = ECDH_compute_key(secret_a, outlen, 1691 EC_KEY_get0_public_key(ecdh_b[j]), 1692 ecdh_a[j], kdf); 1693 secret_size_b = ECDH_compute_key(secret_b, outlen, 1694 EC_KEY_get0_public_key(ecdh_a[j]), 1695 ecdh_b[j], kdf); 1696 if (secret_size_a != secret_size_b) 1697 ecdh_checks = 0; 1698 else 1699 ecdh_checks = 1; 1700 1701 for (secret_idx = 0; 1702 (secret_idx < secret_size_a) 1703 && (ecdh_checks == 1); 1704 secret_idx++) { 1705 if (secret_a[secret_idx] != secret_b[secret_idx]) 1706 ecdh_checks = 0; 1707 } 1708 1709 if (ecdh_checks == 0) { 1710 BIO_printf(bio_err, 1711 "ECDH computations don't match.\n"); 1712 ERR_print_errors(bio_err); 1713 rsa_count = 1; 1714 } else { 1715 pkey_print_message("", "ecdh", 1716 ecdh_c[j][0], 1717 test_curves_bits[j], 1718 ECDH_SECONDS); 1719 Time_F(START); 1720 for (count = 0, run = 1; 1721 COND(ecdh_c[j][0]); count++) { 1722 ECDH_compute_key(secret_a, 1723 outlen, 1724 EC_KEY_get0_public_key(ecdh_b[j]), 1725 ecdh_a[j], kdf); 1726 } 1727 d = Time_F(STOP); 1728 BIO_printf(bio_err, mr 1729 ? "+R7:%ld:%d:%.2f\n" 1730 : "%ld %d-bit ECDH ops in %.2fs\n", 1731 count, test_curves_bits[j], d); 1732 ecdh_results[j][0] = d / (double) count; 1733 rsa_count = count; 1734 } 1735 } 1736 } 1737 1738 1739 if (rsa_count <= 1) { 1740 /* if longer than 10s, don't do any more */ 1741 for (j++; j < EC_NUM; j++) 1742 ecdh_doit[j] = 0; 1743 } 1744 } 1745 show_res: 1746 if (!mr) { 1747 fprintf(stdout, "%s\n", SSLeay_version(SSLEAY_VERSION)); 1748 fprintf(stdout, "%s\n", SSLeay_version(SSLEAY_BUILT_ON)); 1749 fprintf(stdout, "%s\n", SSLeay_version(SSLEAY_CFLAGS)); 1750 } 1751 if (pr_header) { 1752 if (mr) 1753 fprintf(stdout, "+H"); 1754 else { 1755 fprintf(stdout, "The 'numbers' are in 1000s of bytes per second processed.\n"); 1756 fprintf(stdout, "type "); 1757 } 1758 for (j = 0; j < SIZE_NUM; j++) 1759 fprintf(stdout, mr ? ":%d" : "%7d bytes", lengths[j]); 1760 fprintf(stdout, "\n"); 1761 } 1762 for (k = 0; k < ALGOR_NUM; k++) { 1763 if (!doit[k]) 1764 continue; 1765 if (mr) 1766 fprintf(stdout, "+F:%d:%s", k, names[k]); 1767 else 1768 fprintf(stdout, "%-13s", names[k]); 1769 for (j = 0; j < SIZE_NUM; j++) { 1770 if (results[k][j] > 10000 && !mr) 1771 fprintf(stdout, " %11.2fk", results[k][j] / 1e3); 1772 else 1773 fprintf(stdout, mr ? ":%.2f" : " %11.2f ", results[k][j]); 1774 } 1775 fprintf(stdout, "\n"); 1776 } 1777 j = 1; 1778 for (k = 0; k < RSA_NUM; k++) { 1779 if (!rsa_doit[k]) 1780 continue; 1781 if (j && !mr) { 1782 printf("%18ssign verify sign/s verify/s\n", " "); 1783 j = 0; 1784 } 1785 if (mr) 1786 fprintf(stdout, "+F2:%u:%u:%f:%f\n", 1787 k, rsa_bits[k], rsa_results[k][0], 1788 rsa_results[k][1]); 1789 else 1790 fprintf(stdout, "rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n", 1791 rsa_bits[k], rsa_results[k][0], rsa_results[k][1], 1792 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1]); 1793 } 1794 j = 1; 1795 for (k = 0; k < DSA_NUM; k++) { 1796 if (!dsa_doit[k]) 1797 continue; 1798 if (j && !mr) { 1799 printf("%18ssign verify sign/s verify/s\n", " "); 1800 j = 0; 1801 } 1802 if (mr) 1803 fprintf(stdout, "+F3:%u:%u:%f:%f\n", 1804 k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]); 1805 else 1806 fprintf(stdout, "dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n", 1807 dsa_bits[k], dsa_results[k][0], dsa_results[k][1], 1808 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1]); 1809 } 1810 j = 1; 1811 for (k = 0; k < EC_NUM; k++) { 1812 if (!ecdsa_doit[k]) 1813 continue; 1814 if (j && !mr) { 1815 printf("%30ssign verify sign/s verify/s\n", " "); 1816 j = 0; 1817 } 1818 if (mr) 1819 fprintf(stdout, "+F4:%u:%u:%f:%f\n", 1820 k, test_curves_bits[k], 1821 ecdsa_results[k][0], ecdsa_results[k][1]); 1822 else 1823 fprintf(stdout, 1824 "%4u bit ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n", 1825 test_curves_bits[k], 1826 test_curves_names[k], 1827 ecdsa_results[k][0], ecdsa_results[k][1], 1828 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1]); 1829 } 1830 1831 1832 j = 1; 1833 for (k = 0; k < EC_NUM; k++) { 1834 if (!ecdh_doit[k]) 1835 continue; 1836 if (j && !mr) { 1837 printf("%30sop op/s\n", " "); 1838 j = 0; 1839 } 1840 if (mr) 1841 fprintf(stdout, "+F5:%u:%u:%f:%f\n", 1842 k, test_curves_bits[k], 1843 ecdh_results[k][0], 1.0 / ecdh_results[k][0]); 1844 1845 else 1846 fprintf(stdout, "%4u bit ecdh (%s) %8.4fs %8.1f\n", 1847 test_curves_bits[k], 1848 test_curves_names[k], 1849 ecdh_results[k][0], 1.0 / ecdh_results[k][0]); 1850 } 1851 1852 mret = 0; 1853 1854 end: 1855 ERR_print_errors(bio_err); 1856 free(real_buf); 1857 free(real_buf2); 1858 for (i = 0; i < RSA_NUM; i++) 1859 if (rsa_key[i] != NULL) 1860 RSA_free(rsa_key[i]); 1861 for (i = 0; i < DSA_NUM; i++) 1862 if (dsa_key[i] != NULL) 1863 DSA_free(dsa_key[i]); 1864 1865 for (i = 0; i < EC_NUM; i++) 1866 if (ecdsa[i] != NULL) 1867 EC_KEY_free(ecdsa[i]); 1868 for (i = 0; i < EC_NUM; i++) { 1869 if (ecdh_a[i] != NULL) 1870 EC_KEY_free(ecdh_a[i]); 1871 if (ecdh_b[i] != NULL) 1872 EC_KEY_free(ecdh_b[i]); 1873 } 1874 1875 1876 return (mret); 1877 } 1878 1879 static void 1880 print_message(const char *s, long num, int length) 1881 { 1882 BIO_printf(bio_err, mr ? "+DT:%s:%d:%d\n" 1883 : "Doing %s for %ds on %d size blocks: ", s, SECONDS, length); 1884 (void) BIO_flush(bio_err); 1885 alarm(SECONDS); 1886 } 1887 1888 static void 1889 pkey_print_message(const char *str, const char *str2, long num, 1890 int bits, int tm) 1891 { 1892 BIO_printf(bio_err, mr ? "+DTP:%d:%s:%s:%d\n" 1893 : "Doing %d bit %s %s for %ds: ", bits, str, str2, tm); 1894 (void) BIO_flush(bio_err); 1895 alarm(tm); 1896 } 1897 1898 static void 1899 print_result(int alg, int run_no, int count, double time_used) 1900 { 1901 BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n" 1902 : "%d %s in %.2fs\n", count, names[alg], time_used); 1903 results[alg][run_no] = ((double) count) / time_used * lengths[run_no]; 1904 } 1905 1906 static char * 1907 sstrsep(char **string, const char *delim) 1908 { 1909 char isdelim[256]; 1910 char *token = *string; 1911 1912 if (**string == 0) 1913 return NULL; 1914 1915 memset(isdelim, 0, sizeof isdelim); 1916 isdelim[0] = 1; 1917 1918 while (*delim) { 1919 isdelim[(unsigned char) (*delim)] = 1; 1920 delim++; 1921 } 1922 1923 while (!isdelim[(unsigned char) (**string)]) { 1924 (*string)++; 1925 } 1926 1927 if (**string) { 1928 **string = 0; 1929 (*string)++; 1930 } 1931 return token; 1932 } 1933 1934 static int 1935 do_multi(int multi) 1936 { 1937 int n; 1938 int fd[2]; 1939 int *fds; 1940 static char sep[] = ":"; 1941 const char *errstr = NULL; 1942 1943 fds = reallocarray(NULL, multi, sizeof *fds); 1944 if (fds == NULL) { 1945 fprintf(stderr, "reallocarray failure\n"); 1946 exit(1); 1947 } 1948 for (n = 0; n < multi; ++n) { 1949 if (pipe(fd) == -1) { 1950 fprintf(stderr, "pipe failure\n"); 1951 exit(1); 1952 } 1953 fflush(stdout); 1954 fflush(stderr); 1955 if (fork()) { 1956 close(fd[1]); 1957 fds[n] = fd[0]; 1958 } else { 1959 close(fd[0]); 1960 close(1); 1961 if (dup(fd[1]) == -1) { 1962 fprintf(stderr, "dup failed\n"); 1963 exit(1); 1964 } 1965 close(fd[1]); 1966 mr = 1; 1967 usertime = 0; 1968 free(fds); 1969 return 0; 1970 } 1971 printf("Forked child %d\n", n); 1972 } 1973 1974 /* for now, assume the pipe is long enough to take all the output */ 1975 for (n = 0; n < multi; ++n) { 1976 FILE *f; 1977 char buf[1024]; 1978 char *p; 1979 1980 f = fdopen(fds[n], "r"); 1981 while (fgets(buf, sizeof buf, f)) { 1982 p = strchr(buf, '\n'); 1983 if (p) 1984 *p = '\0'; 1985 if (buf[0] != '+') { 1986 fprintf(stderr, "Don't understand line '%s' from child %d\n", 1987 buf, n); 1988 continue; 1989 } 1990 printf("Got: %s from %d\n", buf, n); 1991 if (!strncmp(buf, "+F:", 3)) { 1992 int alg; 1993 int j; 1994 1995 p = buf + 3; 1996 alg = strtonum(sstrsep(&p, sep), 1997 0, ALGOR_NUM - 1, &errstr); 1998 sstrsep(&p, sep); 1999 for (j = 0; j < SIZE_NUM; ++j) 2000 results[alg][j] += atof(sstrsep(&p, sep)); 2001 } else if (!strncmp(buf, "+F2:", 4)) { 2002 int k; 2003 double d; 2004 2005 p = buf + 4; 2006 k = strtonum(sstrsep(&p, sep), 2007 0, ALGOR_NUM - 1, &errstr); 2008 sstrsep(&p, sep); 2009 2010 d = atof(sstrsep(&p, sep)); 2011 if (n) 2012 rsa_results[k][0] = 1 / (1 / rsa_results[k][0] + 1 / d); 2013 else 2014 rsa_results[k][0] = d; 2015 2016 d = atof(sstrsep(&p, sep)); 2017 if (n) 2018 rsa_results[k][1] = 1 / (1 / rsa_results[k][1] + 1 / d); 2019 else 2020 rsa_results[k][1] = d; 2021 } else if (!strncmp(buf, "+F2:", 4)) { 2022 int k; 2023 double d; 2024 2025 p = buf + 4; 2026 k = strtonum(sstrsep(&p, sep), 2027 0, ALGOR_NUM - 1, &errstr); 2028 sstrsep(&p, sep); 2029 2030 d = atof(sstrsep(&p, sep)); 2031 if (n) 2032 rsa_results[k][0] = 1 / (1 / rsa_results[k][0] + 1 / d); 2033 else 2034 rsa_results[k][0] = d; 2035 2036 d = atof(sstrsep(&p, sep)); 2037 if (n) 2038 rsa_results[k][1] = 1 / (1 / rsa_results[k][1] + 1 / d); 2039 else 2040 rsa_results[k][1] = d; 2041 } 2042 else if (!strncmp(buf, "+F3:", 4)) { 2043 int k; 2044 double d; 2045 2046 p = buf + 4; 2047 k = strtonum(sstrsep(&p, sep), 2048 0, ALGOR_NUM - 1, &errstr); 2049 sstrsep(&p, sep); 2050 2051 d = atof(sstrsep(&p, sep)); 2052 if (n) 2053 dsa_results[k][0] = 1 / (1 / dsa_results[k][0] + 1 / d); 2054 else 2055 dsa_results[k][0] = d; 2056 2057 d = atof(sstrsep(&p, sep)); 2058 if (n) 2059 dsa_results[k][1] = 1 / (1 / dsa_results[k][1] + 1 / d); 2060 else 2061 dsa_results[k][1] = d; 2062 } 2063 else if (!strncmp(buf, "+F4:", 4)) { 2064 int k; 2065 double d; 2066 2067 p = buf + 4; 2068 k = strtonum(sstrsep(&p, sep), 2069 0, ALGOR_NUM - 1, &errstr); 2070 sstrsep(&p, sep); 2071 2072 d = atof(sstrsep(&p, sep)); 2073 if (n) 2074 ecdsa_results[k][0] = 1 / (1 / ecdsa_results[k][0] + 1 / d); 2075 else 2076 ecdsa_results[k][0] = d; 2077 2078 d = atof(sstrsep(&p, sep)); 2079 if (n) 2080 ecdsa_results[k][1] = 1 / (1 / ecdsa_results[k][1] + 1 / d); 2081 else 2082 ecdsa_results[k][1] = d; 2083 } 2084 2085 else if (!strncmp(buf, "+F5:", 4)) { 2086 int k; 2087 double d; 2088 2089 p = buf + 4; 2090 k = strtonum(sstrsep(&p, sep), 2091 0, ALGOR_NUM - 1, &errstr); 2092 sstrsep(&p, sep); 2093 2094 d = atof(sstrsep(&p, sep)); 2095 if (n) 2096 ecdh_results[k][0] = 1 / (1 / ecdh_results[k][0] + 1 / d); 2097 else 2098 ecdh_results[k][0] = d; 2099 2100 } 2101 2102 else if (!strncmp(buf, "+H:", 3)) { 2103 } else 2104 fprintf(stderr, "Unknown type '%s' from child %d\n", buf, n); 2105 } 2106 2107 fclose(f); 2108 } 2109 free(fds); 2110 return 1; 2111 } 2112 #endif 2113