1 /* $OpenBSD: speed.c,v 1.29 2022/11/11 17:07:39 joshua Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 /* ==================================================================== 59 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 60 * 61 * Portions of the attached software ("Contribution") are developed by 62 * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. 63 * 64 * The Contribution is licensed pursuant to the OpenSSL open source 65 * license provided above. 66 * 67 * The ECDH and ECDSA speed test software is originally written by 68 * Sumit Gupta of Sun Microsystems Laboratories. 69 * 70 */ 71 72 /* most of this code has been pilfered from my libdes speed.c program */ 73 74 #ifndef OPENSSL_NO_SPEED 75 76 #define SECONDS 3 77 #define RSA_SECONDS 10 78 #define DSA_SECONDS 10 79 #define ECDSA_SECONDS 10 80 #define ECDH_SECONDS 10 81 82 #include <math.h> 83 #include <signal.h> 84 #include <stdio.h> 85 #include <stdlib.h> 86 #include <limits.h> 87 #include <string.h> 88 #include <unistd.h> 89 90 #include "apps.h" 91 92 #include <openssl/bn.h> 93 #include <openssl/crypto.h> 94 #include <openssl/err.h> 95 #include <openssl/evp.h> 96 #include <openssl/modes.h> 97 #include <openssl/objects.h> 98 #include <openssl/x509.h> 99 100 #ifndef OPENSSL_NO_AES 101 #include <openssl/aes.h> 102 #endif 103 #ifndef OPENSSL_NO_BF 104 #include <openssl/blowfish.h> 105 #endif 106 #ifndef OPENSSL_NO_CAST 107 #include <openssl/cast.h> 108 #endif 109 #ifndef OPENSSL_NO_CAMELLIA 110 #include <openssl/camellia.h> 111 #endif 112 #ifndef OPENSSL_NO_DES 113 #include <openssl/des.h> 114 #endif 115 #include <openssl/dsa.h> 116 #include <openssl/ecdh.h> 117 #include <openssl/ecdsa.h> 118 #ifndef OPENSSL_NO_HMAC 119 #include <openssl/hmac.h> 120 #endif 121 #ifndef OPENSSL_NO_IDEA 122 #include <openssl/idea.h> 123 #endif 124 #ifndef OPENSSL_NO_MD4 125 #include <openssl/md4.h> 126 #endif 127 #ifndef OPENSSL_NO_MD5 128 #include <openssl/md5.h> 129 #endif 130 #ifndef OPENSSL_NO_RC2 131 #include <openssl/rc2.h> 132 #endif 133 #ifndef OPENSSL_NO_RC4 134 #include <openssl/rc4.h> 135 #endif 136 #include <openssl/rsa.h> 137 #ifndef OPENSSL_NO_RIPEMD 138 #include <openssl/ripemd.h> 139 #endif 140 #ifndef OPENSSL_NO_SHA 141 #include <openssl/sha.h> 142 #endif 143 #ifndef OPENSSL_NO_WHIRLPOOL 144 #include <openssl/whrlpool.h> 145 #endif 146 147 #include "./testdsa.h" 148 #include "./testrsa.h" 149 150 #define BUFSIZE (1024*8+64) 151 int run = 0; 152 153 static int mr = 0; 154 static int usertime = 1; 155 156 static double Time_F(int s); 157 static void print_message(const char *s, long num, int length); 158 static void 159 pkey_print_message(const char *str, const char *str2, 160 long num, int bits, int sec); 161 static void print_result(int alg, int run_no, int count, double time_used); 162 static int do_multi(int multi); 163 164 #define ALGOR_NUM 32 165 #define SIZE_NUM 5 166 #define RSA_NUM 4 167 #define DSA_NUM 3 168 169 #define EC_NUM 16 170 #define MAX_ECDH_SIZE 256 171 172 static const char *names[ALGOR_NUM] = { 173 "md2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", 174 "rc4", "des cbc", "des ede3", "idea cbc", "seed cbc", 175 "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc", 176 "aes-128 cbc", "aes-192 cbc", "aes-256 cbc", 177 "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc", 178 "evp", "sha256", "sha512", "whirlpool", 179 "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash", 180 "aes-128 gcm", "aes-256 gcm", "chacha20 poly1305", 181 }; 182 static double results[ALGOR_NUM][SIZE_NUM]; 183 static int lengths[SIZE_NUM] = {16, 64, 256, 1024, 8 * 1024}; 184 static double rsa_results[RSA_NUM][2]; 185 static double dsa_results[DSA_NUM][2]; 186 static double ecdsa_results[EC_NUM][2]; 187 static double ecdh_results[EC_NUM][1]; 188 189 static void sig_done(int sig); 190 191 static void 192 sig_done(int sig) 193 { 194 signal(SIGALRM, sig_done); 195 run = 0; 196 } 197 198 #define START TM_RESET 199 #define STOP TM_GET 200 201 202 static double 203 Time_F(int s) 204 { 205 if (usertime) 206 return app_timer_user(s); 207 else 208 return app_timer_real(s); 209 } 210 211 212 static const int KDF1_SHA1_len = 20; 213 static void * 214 KDF1_SHA1(const void *in, size_t inlen, void *out, size_t * outlen) 215 { 216 #ifndef OPENSSL_NO_SHA 217 if (*outlen < SHA_DIGEST_LENGTH) 218 return NULL; 219 else 220 *outlen = SHA_DIGEST_LENGTH; 221 return SHA1(in, inlen, out); 222 #else 223 return NULL; 224 #endif /* OPENSSL_NO_SHA */ 225 } 226 227 int 228 speed_main(int argc, char **argv) 229 { 230 unsigned char *buf = NULL, *buf2 = NULL; 231 int mret = 1; 232 long count = 0, save_count = 0; 233 int i, j, k; 234 long rsa_count; 235 unsigned rsa_num; 236 unsigned char md[EVP_MAX_MD_SIZE]; 237 #ifndef OPENSSL_NO_MD4 238 unsigned char md4[MD4_DIGEST_LENGTH]; 239 #endif 240 #ifndef OPENSSL_NO_MD5 241 unsigned char md5[MD5_DIGEST_LENGTH]; 242 unsigned char hmac[MD5_DIGEST_LENGTH]; 243 #endif 244 #ifndef OPENSSL_NO_SHA 245 unsigned char sha[SHA_DIGEST_LENGTH]; 246 #ifndef OPENSSL_NO_SHA256 247 unsigned char sha256[SHA256_DIGEST_LENGTH]; 248 #endif 249 #ifndef OPENSSL_NO_SHA512 250 unsigned char sha512[SHA512_DIGEST_LENGTH]; 251 #endif 252 #endif 253 #ifndef OPENSSL_NO_WHIRLPOOL 254 unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH]; 255 #endif 256 #ifndef OPENSSL_NO_RIPEMD 257 unsigned char rmd160[RIPEMD160_DIGEST_LENGTH]; 258 #endif 259 #ifndef OPENSSL_NO_RC4 260 RC4_KEY rc4_ks; 261 #endif 262 #ifndef OPENSSL_NO_RC2 263 RC2_KEY rc2_ks; 264 #endif 265 #ifndef OPENSSL_NO_IDEA 266 IDEA_KEY_SCHEDULE idea_ks; 267 #endif 268 #ifndef OPENSSL_NO_BF 269 BF_KEY bf_ks; 270 #endif 271 #ifndef OPENSSL_NO_CAST 272 CAST_KEY cast_ks; 273 #endif 274 static const unsigned char key16[16] = 275 {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 276 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12}; 277 #ifndef OPENSSL_NO_AES 278 static const unsigned char key24[24] = 279 {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 280 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 281 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34}; 282 static const unsigned char key32[32] = 283 {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 284 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 285 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 286 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56}; 287 #endif 288 #ifndef OPENSSL_NO_CAMELLIA 289 static const unsigned char ckey24[24] = 290 {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 291 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 292 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34}; 293 static const unsigned char ckey32[32] = 294 {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 295 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 296 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 297 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56}; 298 #endif 299 #ifndef OPENSSL_NO_AES 300 #define MAX_BLOCK_SIZE 128 301 #else 302 #define MAX_BLOCK_SIZE 64 303 #endif 304 unsigned char DES_iv[8]; 305 unsigned char iv[2 * MAX_BLOCK_SIZE / 8]; 306 #ifndef OPENSSL_NO_DES 307 static DES_cblock key = {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0}; 308 static DES_cblock key2 = {0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12}; 309 static DES_cblock key3 = {0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34}; 310 DES_key_schedule sch; 311 DES_key_schedule sch2; 312 DES_key_schedule sch3; 313 #endif 314 #ifndef OPENSSL_NO_AES 315 AES_KEY aes_ks1, aes_ks2, aes_ks3; 316 #endif 317 #ifndef OPENSSL_NO_CAMELLIA 318 CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3; 319 #endif 320 #define D_MD2 0 321 #define D_MD4 1 322 #define D_MD5 2 323 #define D_HMAC 3 324 #define D_SHA1 4 325 #define D_RMD160 5 326 #define D_RC4 6 327 #define D_CBC_DES 7 328 #define D_EDE3_DES 8 329 #define D_CBC_IDEA 9 330 #define D_CBC_SEED 10 331 #define D_CBC_RC2 11 332 #define D_CBC_RC5 12 333 #define D_CBC_BF 13 334 #define D_CBC_CAST 14 335 #define D_CBC_128_AES 15 336 #define D_CBC_192_AES 16 337 #define D_CBC_256_AES 17 338 #define D_CBC_128_CML 18 339 #define D_CBC_192_CML 19 340 #define D_CBC_256_CML 20 341 #define D_EVP 21 342 #define D_SHA256 22 343 #define D_SHA512 23 344 #define D_WHIRLPOOL 24 345 #define D_IGE_128_AES 25 346 #define D_IGE_192_AES 26 347 #define D_IGE_256_AES 27 348 #define D_GHASH 28 349 #define D_AES_128_GCM 29 350 #define D_AES_256_GCM 30 351 #define D_CHACHA20_POLY1305 31 352 double d = 0.0; 353 long c[ALGOR_NUM][SIZE_NUM]; 354 #define R_DSA_512 0 355 #define R_DSA_1024 1 356 #define R_DSA_2048 2 357 #define R_RSA_512 0 358 #define R_RSA_1024 1 359 #define R_RSA_2048 2 360 #define R_RSA_4096 3 361 362 #define R_EC_P160 0 363 #define R_EC_P192 1 364 #define R_EC_P224 2 365 #define R_EC_P256 3 366 #define R_EC_P384 4 367 #define R_EC_P521 5 368 #define R_EC_K163 6 369 #define R_EC_K233 7 370 #define R_EC_K283 8 371 #define R_EC_K409 9 372 #define R_EC_K571 10 373 #define R_EC_B163 11 374 #define R_EC_B233 12 375 #define R_EC_B283 13 376 #define R_EC_B409 14 377 #define R_EC_B571 15 378 379 RSA *rsa_key[RSA_NUM]; 380 long rsa_c[RSA_NUM][2]; 381 static unsigned int rsa_bits[RSA_NUM] = {512, 1024, 2048, 4096}; 382 static unsigned char *rsa_data[RSA_NUM] = 383 {test512, test1024, test2048, test4096}; 384 static int rsa_data_length[RSA_NUM] = { 385 sizeof(test512), sizeof(test1024), 386 sizeof(test2048), sizeof(test4096)}; 387 DSA *dsa_key[DSA_NUM]; 388 long dsa_c[DSA_NUM][2]; 389 static unsigned int dsa_bits[DSA_NUM] = {512, 1024, 2048}; 390 #ifndef OPENSSL_NO_EC 391 /* 392 * We only test over the following curves as they are representative, 393 * To add tests over more curves, simply add the curve NID and curve 394 * name to the following arrays and increase the EC_NUM value 395 * accordingly. 396 */ 397 static unsigned int test_curves[EC_NUM] = 398 { 399 /* Prime Curves */ 400 NID_secp160r1, 401 NID_X9_62_prime192v1, 402 NID_secp224r1, 403 NID_X9_62_prime256v1, 404 NID_secp384r1, 405 NID_secp521r1, 406 /* Binary Curves */ 407 NID_sect163k1, 408 NID_sect233k1, 409 NID_sect283k1, 410 NID_sect409k1, 411 NID_sect571k1, 412 NID_sect163r2, 413 NID_sect233r1, 414 NID_sect283r1, 415 NID_sect409r1, 416 NID_sect571r1 417 }; 418 static const char *test_curves_names[EC_NUM] = 419 { 420 /* Prime Curves */ 421 "secp160r1", 422 "nistp192", 423 "nistp224", 424 "nistp256", 425 "nistp384", 426 "nistp521", 427 /* Binary Curves */ 428 "nistk163", 429 "nistk233", 430 "nistk283", 431 "nistk409", 432 "nistk571", 433 "nistb163", 434 "nistb233", 435 "nistb283", 436 "nistb409", 437 "nistb571" 438 }; 439 static int test_curves_bits[EC_NUM] = 440 { 441 160, 192, 224, 256, 384, 521, 442 163, 233, 283, 409, 571, 443 163, 233, 283, 409, 571 444 }; 445 446 #endif 447 448 unsigned char ecdsasig[256]; 449 unsigned int ecdsasiglen; 450 EC_KEY *ecdsa[EC_NUM]; 451 long ecdsa_c[EC_NUM][2]; 452 453 EC_KEY *ecdh_a[EC_NUM], *ecdh_b[EC_NUM]; 454 unsigned char secret_a[MAX_ECDH_SIZE], secret_b[MAX_ECDH_SIZE]; 455 int secret_size_a, secret_size_b; 456 int ecdh_checks = 0; 457 int secret_idx = 0; 458 long ecdh_c[EC_NUM][2]; 459 460 int rsa_doit[RSA_NUM]; 461 int dsa_doit[DSA_NUM]; 462 int ecdsa_doit[EC_NUM]; 463 int ecdh_doit[EC_NUM]; 464 int doit[ALGOR_NUM]; 465 int pr_header = 0; 466 const EVP_CIPHER *evp_cipher = NULL; 467 const EVP_MD *evp_md = NULL; 468 int decrypt = 0; 469 int multi = 0; 470 const char *errstr = NULL; 471 472 if (pledge("stdio proc", NULL) == -1) { 473 perror("pledge"); 474 exit(1); 475 } 476 477 usertime = -1; 478 479 memset(results, 0, sizeof(results)); 480 memset(dsa_key, 0, sizeof(dsa_key)); 481 for (i = 0; i < EC_NUM; i++) 482 ecdsa[i] = NULL; 483 for (i = 0; i < EC_NUM; i++) { 484 ecdh_a[i] = NULL; 485 ecdh_b[i] = NULL; 486 } 487 488 memset(rsa_key, 0, sizeof(rsa_key)); 489 for (i = 0; i < RSA_NUM; i++) 490 rsa_key[i] = NULL; 491 492 if ((buf = malloc(BUFSIZE)) == NULL) { 493 BIO_printf(bio_err, "out of memory\n"); 494 goto end; 495 } 496 if ((buf2 = malloc(BUFSIZE)) == NULL) { 497 BIO_printf(bio_err, "out of memory\n"); 498 goto end; 499 } 500 memset(c, 0, sizeof(c)); 501 memset(DES_iv, 0, sizeof(DES_iv)); 502 memset(iv, 0, sizeof(iv)); 503 504 for (i = 0; i < ALGOR_NUM; i++) 505 doit[i] = 0; 506 for (i = 0; i < RSA_NUM; i++) 507 rsa_doit[i] = 0; 508 for (i = 0; i < DSA_NUM; i++) 509 dsa_doit[i] = 0; 510 for (i = 0; i < EC_NUM; i++) 511 ecdsa_doit[i] = 0; 512 for (i = 0; i < EC_NUM; i++) 513 ecdh_doit[i] = 0; 514 515 516 j = 0; 517 argc--; 518 argv++; 519 while (argc) { 520 if ((argc > 0) && (strcmp(*argv, "-elapsed") == 0)) { 521 usertime = 0; 522 j--; /* Otherwise, -elapsed gets confused with an 523 * algorithm. */ 524 } else if ((argc > 0) && (strcmp(*argv, "-evp") == 0)) { 525 argc--; 526 argv++; 527 if (argc == 0) { 528 BIO_printf(bio_err, "no EVP given\n"); 529 goto end; 530 } 531 evp_cipher = EVP_get_cipherbyname(*argv); 532 if (!evp_cipher) { 533 evp_md = EVP_get_digestbyname(*argv); 534 } 535 if (!evp_cipher && !evp_md) { 536 BIO_printf(bio_err, "%s is an unknown cipher or digest\n", *argv); 537 goto end; 538 } 539 doit[D_EVP] = 1; 540 } else if (argc > 0 && !strcmp(*argv, "-decrypt")) { 541 decrypt = 1; 542 j--; /* Otherwise, -decrypt gets confused with an 543 * algorithm. */ 544 } 545 else if ((argc > 0) && (strcmp(*argv, "-multi") == 0)) { 546 argc--; 547 argv++; 548 if (argc == 0) { 549 BIO_printf(bio_err, "no multi count given\n"); 550 goto end; 551 } 552 multi = strtonum(argv[0], 1, INT_MAX, &errstr); 553 if (errstr) { 554 BIO_printf(bio_err, "bad multi count: %s", errstr); 555 goto end; 556 } 557 j--; /* Otherwise, -multi gets confused with an 558 * algorithm. */ 559 } 560 else if (argc > 0 && !strcmp(*argv, "-mr")) { 561 mr = 1; 562 j--; /* Otherwise, -mr gets confused with an 563 * algorithm. */ 564 } else 565 #ifndef OPENSSL_NO_MD4 566 if (strcmp(*argv, "md4") == 0) 567 doit[D_MD4] = 1; 568 else 569 #endif 570 #ifndef OPENSSL_NO_MD5 571 if (strcmp(*argv, "md5") == 0) 572 doit[D_MD5] = 1; 573 else 574 #endif 575 #ifndef OPENSSL_NO_MD5 576 if (strcmp(*argv, "hmac") == 0) 577 doit[D_HMAC] = 1; 578 else 579 #endif 580 #ifndef OPENSSL_NO_SHA 581 if (strcmp(*argv, "sha1") == 0) 582 doit[D_SHA1] = 1; 583 else if (strcmp(*argv, "sha") == 0) 584 doit[D_SHA1] = 1, 585 doit[D_SHA256] = 1, 586 doit[D_SHA512] = 1; 587 else 588 #ifndef OPENSSL_NO_SHA256 589 if (strcmp(*argv, "sha256") == 0) 590 doit[D_SHA256] = 1; 591 else 592 #endif 593 #ifndef OPENSSL_NO_SHA512 594 if (strcmp(*argv, "sha512") == 0) 595 doit[D_SHA512] = 1; 596 else 597 #endif 598 #endif 599 #ifndef OPENSSL_NO_WHIRLPOOL 600 if (strcmp(*argv, "whirlpool") == 0) 601 doit[D_WHIRLPOOL] = 1; 602 else 603 #endif 604 #ifndef OPENSSL_NO_RIPEMD 605 if (strcmp(*argv, "ripemd") == 0) 606 doit[D_RMD160] = 1; 607 else if (strcmp(*argv, "rmd160") == 0) 608 doit[D_RMD160] = 1; 609 else if (strcmp(*argv, "ripemd160") == 0) 610 doit[D_RMD160] = 1; 611 else 612 #endif 613 #ifndef OPENSSL_NO_RC4 614 if (strcmp(*argv, "rc4") == 0) 615 doit[D_RC4] = 1; 616 else 617 #endif 618 #ifndef OPENSSL_NO_DES 619 if (strcmp(*argv, "des-cbc") == 0) 620 doit[D_CBC_DES] = 1; 621 else if (strcmp(*argv, "des-ede3") == 0) 622 doit[D_EDE3_DES] = 1; 623 else 624 #endif 625 #ifndef OPENSSL_NO_AES 626 if (strcmp(*argv, "aes-128-cbc") == 0) 627 doit[D_CBC_128_AES] = 1; 628 else if (strcmp(*argv, "aes-192-cbc") == 0) 629 doit[D_CBC_192_AES] = 1; 630 else if (strcmp(*argv, "aes-256-cbc") == 0) 631 doit[D_CBC_256_AES] = 1; 632 else if (strcmp(*argv, "aes-128-ige") == 0) 633 doit[D_IGE_128_AES] = 1; 634 else if (strcmp(*argv, "aes-192-ige") == 0) 635 doit[D_IGE_192_AES] = 1; 636 else if (strcmp(*argv, "aes-256-ige") == 0) 637 doit[D_IGE_256_AES] = 1; 638 else 639 #endif 640 #ifndef OPENSSL_NO_CAMELLIA 641 if (strcmp(*argv, "camellia-128-cbc") == 0) 642 doit[D_CBC_128_CML] = 1; 643 else if (strcmp(*argv, "camellia-192-cbc") == 0) 644 doit[D_CBC_192_CML] = 1; 645 else if (strcmp(*argv, "camellia-256-cbc") == 0) 646 doit[D_CBC_256_CML] = 1; 647 else 648 #endif 649 #ifndef RSA_NULL 650 if (strcmp(*argv, "openssl") == 0) { 651 RSA_set_default_method(RSA_PKCS1_SSLeay()); 652 j--; 653 } else 654 #endif 655 if (strcmp(*argv, "dsa512") == 0) 656 dsa_doit[R_DSA_512] = 2; 657 else if (strcmp(*argv, "dsa1024") == 0) 658 dsa_doit[R_DSA_1024] = 2; 659 else if (strcmp(*argv, "dsa2048") == 0) 660 dsa_doit[R_DSA_2048] = 2; 661 else if (strcmp(*argv, "rsa512") == 0) 662 rsa_doit[R_RSA_512] = 2; 663 else if (strcmp(*argv, "rsa1024") == 0) 664 rsa_doit[R_RSA_1024] = 2; 665 else if (strcmp(*argv, "rsa2048") == 0) 666 rsa_doit[R_RSA_2048] = 2; 667 else if (strcmp(*argv, "rsa4096") == 0) 668 rsa_doit[R_RSA_4096] = 2; 669 else 670 #ifndef OPENSSL_NO_RC2 671 if (strcmp(*argv, "rc2-cbc") == 0) 672 doit[D_CBC_RC2] = 1; 673 else if (strcmp(*argv, "rc2") == 0) 674 doit[D_CBC_RC2] = 1; 675 else 676 #endif 677 #ifndef OPENSSL_NO_IDEA 678 if (strcmp(*argv, "idea-cbc") == 0) 679 doit[D_CBC_IDEA] = 1; 680 else if (strcmp(*argv, "idea") == 0) 681 doit[D_CBC_IDEA] = 1; 682 else 683 #endif 684 #ifndef OPENSSL_NO_BF 685 if (strcmp(*argv, "bf-cbc") == 0) 686 doit[D_CBC_BF] = 1; 687 else if (strcmp(*argv, "blowfish") == 0) 688 doit[D_CBC_BF] = 1; 689 else if (strcmp(*argv, "bf") == 0) 690 doit[D_CBC_BF] = 1; 691 else 692 #endif 693 #ifndef OPENSSL_NO_CAST 694 if (strcmp(*argv, "cast-cbc") == 0) 695 doit[D_CBC_CAST] = 1; 696 else if (strcmp(*argv, "cast") == 0) 697 doit[D_CBC_CAST] = 1; 698 else if (strcmp(*argv, "cast5") == 0) 699 doit[D_CBC_CAST] = 1; 700 else 701 #endif 702 #ifndef OPENSSL_NO_DES 703 if (strcmp(*argv, "des") == 0) { 704 doit[D_CBC_DES] = 1; 705 doit[D_EDE3_DES] = 1; 706 } else 707 #endif 708 #ifndef OPENSSL_NO_AES 709 if (strcmp(*argv, "aes") == 0) { 710 doit[D_CBC_128_AES] = 1; 711 doit[D_CBC_192_AES] = 1; 712 doit[D_CBC_256_AES] = 1; 713 } else if (strcmp(*argv, "ghash") == 0) 714 doit[D_GHASH] = 1; 715 else if (strcmp(*argv,"aes-128-gcm") == 0) 716 doit[D_AES_128_GCM]=1; 717 else if (strcmp(*argv,"aes-256-gcm") == 0) 718 doit[D_AES_256_GCM]=1; 719 else 720 #endif 721 #ifndef OPENSSL_NO_CAMELLIA 722 if (strcmp(*argv, "camellia") == 0) { 723 doit[D_CBC_128_CML] = 1; 724 doit[D_CBC_192_CML] = 1; 725 doit[D_CBC_256_CML] = 1; 726 } else 727 #endif 728 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) 729 if (strcmp(*argv,"chacha20-poly1305") == 0) 730 doit[D_CHACHA20_POLY1305]=1; 731 else 732 #endif 733 if (strcmp(*argv, "rsa") == 0) { 734 rsa_doit[R_RSA_512] = 1; 735 rsa_doit[R_RSA_1024] = 1; 736 rsa_doit[R_RSA_2048] = 1; 737 rsa_doit[R_RSA_4096] = 1; 738 } else 739 if (strcmp(*argv, "dsa") == 0) { 740 dsa_doit[R_DSA_512] = 1; 741 dsa_doit[R_DSA_1024] = 1; 742 dsa_doit[R_DSA_2048] = 1; 743 } else 744 if (strcmp(*argv, "ecdsap160") == 0) 745 ecdsa_doit[R_EC_P160] = 2; 746 else if (strcmp(*argv, "ecdsap192") == 0) 747 ecdsa_doit[R_EC_P192] = 2; 748 else if (strcmp(*argv, "ecdsap224") == 0) 749 ecdsa_doit[R_EC_P224] = 2; 750 else if (strcmp(*argv, "ecdsap256") == 0) 751 ecdsa_doit[R_EC_P256] = 2; 752 else if (strcmp(*argv, "ecdsap384") == 0) 753 ecdsa_doit[R_EC_P384] = 2; 754 else if (strcmp(*argv, "ecdsap521") == 0) 755 ecdsa_doit[R_EC_P521] = 2; 756 else if (strcmp(*argv, "ecdsak163") == 0) 757 ecdsa_doit[R_EC_K163] = 2; 758 else if (strcmp(*argv, "ecdsak233") == 0) 759 ecdsa_doit[R_EC_K233] = 2; 760 else if (strcmp(*argv, "ecdsak283") == 0) 761 ecdsa_doit[R_EC_K283] = 2; 762 else if (strcmp(*argv, "ecdsak409") == 0) 763 ecdsa_doit[R_EC_K409] = 2; 764 else if (strcmp(*argv, "ecdsak571") == 0) 765 ecdsa_doit[R_EC_K571] = 2; 766 else if (strcmp(*argv, "ecdsab163") == 0) 767 ecdsa_doit[R_EC_B163] = 2; 768 else if (strcmp(*argv, "ecdsab233") == 0) 769 ecdsa_doit[R_EC_B233] = 2; 770 else if (strcmp(*argv, "ecdsab283") == 0) 771 ecdsa_doit[R_EC_B283] = 2; 772 else if (strcmp(*argv, "ecdsab409") == 0) 773 ecdsa_doit[R_EC_B409] = 2; 774 else if (strcmp(*argv, "ecdsab571") == 0) 775 ecdsa_doit[R_EC_B571] = 2; 776 else if (strcmp(*argv, "ecdsa") == 0) { 777 for (i = 0; i < EC_NUM; i++) 778 ecdsa_doit[i] = 1; 779 } else 780 if (strcmp(*argv, "ecdhp160") == 0) 781 ecdh_doit[R_EC_P160] = 2; 782 else if (strcmp(*argv, "ecdhp192") == 0) 783 ecdh_doit[R_EC_P192] = 2; 784 else if (strcmp(*argv, "ecdhp224") == 0) 785 ecdh_doit[R_EC_P224] = 2; 786 else if (strcmp(*argv, "ecdhp256") == 0) 787 ecdh_doit[R_EC_P256] = 2; 788 else if (strcmp(*argv, "ecdhp384") == 0) 789 ecdh_doit[R_EC_P384] = 2; 790 else if (strcmp(*argv, "ecdhp521") == 0) 791 ecdh_doit[R_EC_P521] = 2; 792 else if (strcmp(*argv, "ecdhk163") == 0) 793 ecdh_doit[R_EC_K163] = 2; 794 else if (strcmp(*argv, "ecdhk233") == 0) 795 ecdh_doit[R_EC_K233] = 2; 796 else if (strcmp(*argv, "ecdhk283") == 0) 797 ecdh_doit[R_EC_K283] = 2; 798 else if (strcmp(*argv, "ecdhk409") == 0) 799 ecdh_doit[R_EC_K409] = 2; 800 else if (strcmp(*argv, "ecdhk571") == 0) 801 ecdh_doit[R_EC_K571] = 2; 802 else if (strcmp(*argv, "ecdhb163") == 0) 803 ecdh_doit[R_EC_B163] = 2; 804 else if (strcmp(*argv, "ecdhb233") == 0) 805 ecdh_doit[R_EC_B233] = 2; 806 else if (strcmp(*argv, "ecdhb283") == 0) 807 ecdh_doit[R_EC_B283] = 2; 808 else if (strcmp(*argv, "ecdhb409") == 0) 809 ecdh_doit[R_EC_B409] = 2; 810 else if (strcmp(*argv, "ecdhb571") == 0) 811 ecdh_doit[R_EC_B571] = 2; 812 else if (strcmp(*argv, "ecdh") == 0) { 813 for (i = 0; i < EC_NUM; i++) 814 ecdh_doit[i] = 1; 815 } else 816 { 817 BIO_printf(bio_err, "Error: bad option or value\n"); 818 BIO_printf(bio_err, "\n"); 819 BIO_printf(bio_err, "Available values:\n"); 820 #ifndef OPENSSL_NO_MD4 821 BIO_printf(bio_err, "md4 "); 822 #endif 823 #ifndef OPENSSL_NO_MD5 824 BIO_printf(bio_err, "md5 "); 825 #ifndef OPENSSL_NO_HMAC 826 BIO_printf(bio_err, "hmac "); 827 #endif 828 #endif 829 #ifndef OPENSSL_NO_SHA1 830 BIO_printf(bio_err, "sha1 "); 831 #endif 832 #ifndef OPENSSL_NO_SHA256 833 BIO_printf(bio_err, "sha256 "); 834 #endif 835 #ifndef OPENSSL_NO_SHA512 836 BIO_printf(bio_err, "sha512 "); 837 #endif 838 #ifndef OPENSSL_NO_WHIRLPOOL 839 BIO_printf(bio_err, "whirlpool"); 840 #endif 841 #ifndef OPENSSL_NO_RIPEMD160 842 BIO_printf(bio_err, "rmd160"); 843 #endif 844 #if !defined(OPENSSL_NO_MD2) || \ 845 !defined(OPENSSL_NO_MD4) || !defined(OPENSSL_NO_MD5) || \ 846 !defined(OPENSSL_NO_SHA1) || !defined(OPENSSL_NO_RIPEMD160) || \ 847 !defined(OPENSSL_NO_WHIRLPOOL) 848 BIO_printf(bio_err, "\n"); 849 #endif 850 851 #ifndef OPENSSL_NO_IDEA 852 BIO_printf(bio_err, "idea-cbc "); 853 #endif 854 #ifndef OPENSSL_NO_RC2 855 BIO_printf(bio_err, "rc2-cbc "); 856 #endif 857 #ifndef OPENSSL_NO_BF 858 BIO_printf(bio_err, "bf-cbc "); 859 #endif 860 #ifndef OPENSSL_NO_DES 861 BIO_printf(bio_err, "des-cbc des-ede3\n"); 862 #endif 863 #ifndef OPENSSL_NO_AES 864 BIO_printf(bio_err, "aes-128-cbc aes-192-cbc aes-256-cbc "); 865 BIO_printf(bio_err, "aes-128-ige aes-192-ige aes-256-ige\n"); 866 BIO_printf(bio_err, "aes-128-gcm aes-256-gcm "); 867 #endif 868 #ifndef OPENSSL_NO_CAMELLIA 869 BIO_printf(bio_err, "\n"); 870 BIO_printf(bio_err, "camellia-128-cbc camellia-192-cbc camellia-256-cbc "); 871 #endif 872 #ifndef OPENSSL_NO_RC4 873 BIO_printf(bio_err, "rc4"); 874 #endif 875 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) 876 BIO_printf(bio_err," chacha20-poly1305"); 877 #endif 878 BIO_printf(bio_err, "\n"); 879 880 BIO_printf(bio_err, "rsa512 rsa1024 rsa2048 rsa4096\n"); 881 882 BIO_printf(bio_err, "dsa512 dsa1024 dsa2048\n"); 883 BIO_printf(bio_err, "ecdsap160 ecdsap192 ecdsap224 ecdsap256 ecdsap384 ecdsap521\n"); 884 BIO_printf(bio_err, "ecdsak163 ecdsak233 ecdsak283 ecdsak409 ecdsak571\n"); 885 BIO_printf(bio_err, "ecdsab163 ecdsab233 ecdsab283 ecdsab409 ecdsab571 ecdsa\n"); 886 BIO_printf(bio_err, "ecdhp160 ecdhp192 ecdhp224 ecdhp256 ecdhp384 ecdhp521\n"); 887 BIO_printf(bio_err, "ecdhk163 ecdhk233 ecdhk283 ecdhk409 ecdhk571\n"); 888 BIO_printf(bio_err, "ecdhb163 ecdhb233 ecdhb283 ecdhb409 ecdhb571 ecdh\n"); 889 890 #ifndef OPENSSL_NO_IDEA 891 BIO_printf(bio_err, "idea "); 892 #endif 893 #ifndef OPENSSL_NO_RC2 894 BIO_printf(bio_err, "rc2 "); 895 #endif 896 #ifndef OPENSSL_NO_DES 897 BIO_printf(bio_err, "des "); 898 #endif 899 #ifndef OPENSSL_NO_AES 900 BIO_printf(bio_err, "aes "); 901 #endif 902 #ifndef OPENSSL_NO_CAMELLIA 903 BIO_printf(bio_err, "camellia "); 904 #endif 905 BIO_printf(bio_err, "rsa "); 906 #ifndef OPENSSL_NO_BF 907 BIO_printf(bio_err, "blowfish"); 908 #endif 909 #if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_SEED) || \ 910 !defined(OPENSSL_NO_RC2) || !defined(OPENSSL_NO_DES) || \ 911 !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_BF) || \ 912 !defined(OPENSSL_NO_AES) || !defined(OPENSSL_NO_CAMELLIA) 913 BIO_printf(bio_err, "\n"); 914 #endif 915 916 BIO_printf(bio_err, "\n"); 917 BIO_printf(bio_err, "Available options:\n"); 918 BIO_printf(bio_err, "-elapsed measure time in real time instead of CPU user time.\n"); 919 BIO_printf(bio_err, "-evp e use EVP e.\n"); 920 BIO_printf(bio_err, "-decrypt time decryption instead of encryption (only EVP).\n"); 921 BIO_printf(bio_err, "-mr produce machine readable output.\n"); 922 BIO_printf(bio_err, "-multi n run n benchmarks in parallel.\n"); 923 goto end; 924 } 925 argc--; 926 argv++; 927 j++; 928 } 929 930 if (multi && do_multi(multi)) 931 goto show_res; 932 933 if (j == 0) { 934 for (i = 0; i < ALGOR_NUM; i++) { 935 if (i != D_EVP) 936 doit[i] = 1; 937 } 938 for (i = 0; i < RSA_NUM; i++) 939 rsa_doit[i] = 1; 940 for (i = 0; i < DSA_NUM; i++) 941 dsa_doit[i] = 1; 942 for (i = 0; i < EC_NUM; i++) 943 ecdsa_doit[i] = 1; 944 for (i = 0; i < EC_NUM; i++) 945 ecdh_doit[i] = 1; 946 } 947 for (i = 0; i < ALGOR_NUM; i++) 948 if (doit[i]) 949 pr_header++; 950 951 if (usertime == 0 && !mr) 952 BIO_printf(bio_err, "You have chosen to measure elapsed time instead of user CPU time.\n"); 953 954 for (i = 0; i < RSA_NUM; i++) { 955 const unsigned char *p; 956 957 p = rsa_data[i]; 958 rsa_key[i] = d2i_RSAPrivateKey(NULL, &p, rsa_data_length[i]); 959 if (rsa_key[i] == NULL) { 960 BIO_printf(bio_err, "internal error loading RSA key number %d\n", i); 961 goto end; 962 } 963 } 964 965 dsa_key[0] = get_dsa512(); 966 dsa_key[1] = get_dsa1024(); 967 dsa_key[2] = get_dsa2048(); 968 969 #ifndef OPENSSL_NO_DES 970 DES_set_key_unchecked(&key, &sch); 971 DES_set_key_unchecked(&key2, &sch2); 972 DES_set_key_unchecked(&key3, &sch3); 973 #endif 974 #ifndef OPENSSL_NO_AES 975 AES_set_encrypt_key(key16, 128, &aes_ks1); 976 AES_set_encrypt_key(key24, 192, &aes_ks2); 977 AES_set_encrypt_key(key32, 256, &aes_ks3); 978 #endif 979 #ifndef OPENSSL_NO_CAMELLIA 980 Camellia_set_key(key16, 128, &camellia_ks1); 981 Camellia_set_key(ckey24, 192, &camellia_ks2); 982 Camellia_set_key(ckey32, 256, &camellia_ks3); 983 #endif 984 #ifndef OPENSSL_NO_IDEA 985 idea_set_encrypt_key(key16, &idea_ks); 986 #endif 987 #ifndef OPENSSL_NO_RC4 988 RC4_set_key(&rc4_ks, 16, key16); 989 #endif 990 #ifndef OPENSSL_NO_RC2 991 RC2_set_key(&rc2_ks, 16, key16, 128); 992 #endif 993 #ifndef OPENSSL_NO_BF 994 BF_set_key(&bf_ks, 16, key16); 995 #endif 996 #ifndef OPENSSL_NO_CAST 997 CAST_set_key(&cast_ks, 16, key16); 998 #endif 999 memset(rsa_c, 0, sizeof(rsa_c)); 1000 #define COND(c) (run && count<0x7fffffff) 1001 #define COUNT(d) (count) 1002 signal(SIGALRM, sig_done); 1003 1004 #ifndef OPENSSL_NO_MD4 1005 if (doit[D_MD4]) { 1006 for (j = 0; j < SIZE_NUM; j++) { 1007 print_message(names[D_MD4], c[D_MD4][j], lengths[j]); 1008 Time_F(START); 1009 for (count = 0, run = 1; COND(c[D_MD4][j]); count++) 1010 EVP_Digest(&(buf[0]), (unsigned long) lengths[j], &(md4[0]), NULL, EVP_md4(), NULL); 1011 d = Time_F(STOP); 1012 print_result(D_MD4, j, count, d); 1013 } 1014 } 1015 #endif 1016 1017 #ifndef OPENSSL_NO_MD5 1018 if (doit[D_MD5]) { 1019 for (j = 0; j < SIZE_NUM; j++) { 1020 print_message(names[D_MD5], c[D_MD5][j], lengths[j]); 1021 Time_F(START); 1022 for (count = 0, run = 1; COND(c[D_MD5][j]); count++) 1023 EVP_Digest(&(buf[0]), (unsigned long) lengths[j], &(md5[0]), NULL, EVP_get_digestbyname("md5"), NULL); 1024 d = Time_F(STOP); 1025 print_result(D_MD5, j, count, d); 1026 } 1027 } 1028 #endif 1029 1030 #if !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_HMAC) 1031 if (doit[D_HMAC]) { 1032 HMAC_CTX *hctx; 1033 1034 if ((hctx = HMAC_CTX_new()) == NULL) { 1035 BIO_printf(bio_err, "Failed to allocate HMAC context.\n"); 1036 goto end; 1037 } 1038 1039 HMAC_Init_ex(hctx, (unsigned char *) "This is a key...", 1040 16, EVP_md5(), NULL); 1041 1042 for (j = 0; j < SIZE_NUM; j++) { 1043 print_message(names[D_HMAC], c[D_HMAC][j], lengths[j]); 1044 Time_F(START); 1045 for (count = 0, run = 1; COND(c[D_HMAC][j]); count++) { 1046 if (!HMAC_Init_ex(hctx, NULL, 0, NULL, NULL)) { 1047 HMAC_CTX_free(hctx); 1048 goto end; 1049 } 1050 if (!HMAC_Update(hctx, buf, lengths[j])) { 1051 HMAC_CTX_free(hctx); 1052 goto end; 1053 } 1054 if (!HMAC_Final(hctx, &(hmac[0]), NULL)) { 1055 HMAC_CTX_free(hctx); 1056 goto end; 1057 } 1058 } 1059 d = Time_F(STOP); 1060 print_result(D_HMAC, j, count, d); 1061 } 1062 HMAC_CTX_free(hctx); 1063 } 1064 #endif 1065 #ifndef OPENSSL_NO_SHA 1066 if (doit[D_SHA1]) { 1067 for (j = 0; j < SIZE_NUM; j++) { 1068 print_message(names[D_SHA1], c[D_SHA1][j], lengths[j]); 1069 Time_F(START); 1070 for (count = 0, run = 1; COND(c[D_SHA1][j]); count++) 1071 EVP_Digest(buf, (unsigned long) lengths[j], &(sha[0]), NULL, EVP_sha1(), NULL); 1072 d = Time_F(STOP); 1073 print_result(D_SHA1, j, count, d); 1074 } 1075 } 1076 #ifndef OPENSSL_NO_SHA256 1077 if (doit[D_SHA256]) { 1078 for (j = 0; j < SIZE_NUM; j++) { 1079 print_message(names[D_SHA256], c[D_SHA256][j], lengths[j]); 1080 Time_F(START); 1081 for (count = 0, run = 1; COND(c[D_SHA256][j]); count++) 1082 SHA256(buf, lengths[j], sha256); 1083 d = Time_F(STOP); 1084 print_result(D_SHA256, j, count, d); 1085 } 1086 } 1087 #endif 1088 1089 #ifndef OPENSSL_NO_SHA512 1090 if (doit[D_SHA512]) { 1091 for (j = 0; j < SIZE_NUM; j++) { 1092 print_message(names[D_SHA512], c[D_SHA512][j], lengths[j]); 1093 Time_F(START); 1094 for (count = 0, run = 1; COND(c[D_SHA512][j]); count++) 1095 SHA512(buf, lengths[j], sha512); 1096 d = Time_F(STOP); 1097 print_result(D_SHA512, j, count, d); 1098 } 1099 } 1100 #endif 1101 #endif 1102 1103 #ifndef OPENSSL_NO_WHIRLPOOL 1104 if (doit[D_WHIRLPOOL]) { 1105 for (j = 0; j < SIZE_NUM; j++) { 1106 print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][j], lengths[j]); 1107 Time_F(START); 1108 for (count = 0, run = 1; COND(c[D_WHIRLPOOL][j]); count++) 1109 WHIRLPOOL(buf, lengths[j], whirlpool); 1110 d = Time_F(STOP); 1111 print_result(D_WHIRLPOOL, j, count, d); 1112 } 1113 } 1114 #endif 1115 1116 #ifndef OPENSSL_NO_RIPEMD 1117 if (doit[D_RMD160]) { 1118 for (j = 0; j < SIZE_NUM; j++) { 1119 print_message(names[D_RMD160], c[D_RMD160][j], lengths[j]); 1120 Time_F(START); 1121 for (count = 0, run = 1; COND(c[D_RMD160][j]); count++) 1122 EVP_Digest(buf, (unsigned long) lengths[j], &(rmd160[0]), NULL, EVP_ripemd160(), NULL); 1123 d = Time_F(STOP); 1124 print_result(D_RMD160, j, count, d); 1125 } 1126 } 1127 #endif 1128 #ifndef OPENSSL_NO_RC4 1129 if (doit[D_RC4]) { 1130 for (j = 0; j < SIZE_NUM; j++) { 1131 print_message(names[D_RC4], c[D_RC4][j], lengths[j]); 1132 Time_F(START); 1133 for (count = 0, run = 1; COND(c[D_RC4][j]); count++) 1134 RC4(&rc4_ks, (unsigned int) lengths[j], 1135 buf, buf); 1136 d = Time_F(STOP); 1137 print_result(D_RC4, j, count, d); 1138 } 1139 } 1140 #endif 1141 #ifndef OPENSSL_NO_DES 1142 if (doit[D_CBC_DES]) { 1143 for (j = 0; j < SIZE_NUM; j++) { 1144 print_message(names[D_CBC_DES], c[D_CBC_DES][j], lengths[j]); 1145 Time_F(START); 1146 for (count = 0, run = 1; COND(c[D_CBC_DES][j]); count++) 1147 DES_ncbc_encrypt(buf, buf, lengths[j], &sch, 1148 &DES_iv, DES_ENCRYPT); 1149 d = Time_F(STOP); 1150 print_result(D_CBC_DES, j, count, d); 1151 } 1152 } 1153 if (doit[D_EDE3_DES]) { 1154 for (j = 0; j < SIZE_NUM; j++) { 1155 print_message(names[D_EDE3_DES], c[D_EDE3_DES][j], lengths[j]); 1156 Time_F(START); 1157 for (count = 0, run = 1; COND(c[D_EDE3_DES][j]); count++) 1158 DES_ede3_cbc_encrypt(buf, buf, lengths[j], 1159 &sch, &sch2, &sch3, 1160 &DES_iv, DES_ENCRYPT); 1161 d = Time_F(STOP); 1162 print_result(D_EDE3_DES, j, count, d); 1163 } 1164 } 1165 #endif 1166 #ifndef OPENSSL_NO_AES 1167 if (doit[D_CBC_128_AES]) { 1168 for (j = 0; j < SIZE_NUM; j++) { 1169 print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][j], lengths[j]); 1170 Time_F(START); 1171 for (count = 0, run = 1; COND(c[D_CBC_128_AES][j]); count++) 1172 AES_cbc_encrypt(buf, buf, 1173 (unsigned long) lengths[j], &aes_ks1, 1174 iv, AES_ENCRYPT); 1175 d = Time_F(STOP); 1176 print_result(D_CBC_128_AES, j, count, d); 1177 } 1178 } 1179 if (doit[D_CBC_192_AES]) { 1180 for (j = 0; j < SIZE_NUM; j++) { 1181 print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][j], lengths[j]); 1182 Time_F(START); 1183 for (count = 0, run = 1; COND(c[D_CBC_192_AES][j]); count++) 1184 AES_cbc_encrypt(buf, buf, 1185 (unsigned long) lengths[j], &aes_ks2, 1186 iv, AES_ENCRYPT); 1187 d = Time_F(STOP); 1188 print_result(D_CBC_192_AES, j, count, d); 1189 } 1190 } 1191 if (doit[D_CBC_256_AES]) { 1192 for (j = 0; j < SIZE_NUM; j++) { 1193 print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][j], lengths[j]); 1194 Time_F(START); 1195 for (count = 0, run = 1; COND(c[D_CBC_256_AES][j]); count++) 1196 AES_cbc_encrypt(buf, buf, 1197 (unsigned long) lengths[j], &aes_ks3, 1198 iv, AES_ENCRYPT); 1199 d = Time_F(STOP); 1200 print_result(D_CBC_256_AES, j, count, d); 1201 } 1202 } 1203 if (doit[D_IGE_128_AES]) { 1204 for (j = 0; j < SIZE_NUM; j++) { 1205 print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][j], lengths[j]); 1206 Time_F(START); 1207 for (count = 0, run = 1; COND(c[D_IGE_128_AES][j]); count++) 1208 AES_ige_encrypt(buf, buf2, 1209 (unsigned long) lengths[j], &aes_ks1, 1210 iv, AES_ENCRYPT); 1211 d = Time_F(STOP); 1212 print_result(D_IGE_128_AES, j, count, d); 1213 } 1214 } 1215 if (doit[D_IGE_192_AES]) { 1216 for (j = 0; j < SIZE_NUM; j++) { 1217 print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][j], lengths[j]); 1218 Time_F(START); 1219 for (count = 0, run = 1; COND(c[D_IGE_192_AES][j]); count++) 1220 AES_ige_encrypt(buf, buf2, 1221 (unsigned long) lengths[j], &aes_ks2, 1222 iv, AES_ENCRYPT); 1223 d = Time_F(STOP); 1224 print_result(D_IGE_192_AES, j, count, d); 1225 } 1226 } 1227 if (doit[D_IGE_256_AES]) { 1228 for (j = 0; j < SIZE_NUM; j++) { 1229 print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][j], lengths[j]); 1230 Time_F(START); 1231 for (count = 0, run = 1; COND(c[D_IGE_256_AES][j]); count++) 1232 AES_ige_encrypt(buf, buf2, 1233 (unsigned long) lengths[j], &aes_ks3, 1234 iv, AES_ENCRYPT); 1235 d = Time_F(STOP); 1236 print_result(D_IGE_256_AES, j, count, d); 1237 } 1238 } 1239 if (doit[D_GHASH]) { 1240 GCM128_CONTEXT *ctx = CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt); 1241 CRYPTO_gcm128_setiv(ctx, (unsigned char *) "0123456789ab", 12); 1242 1243 for (j = 0; j < SIZE_NUM; j++) { 1244 print_message(names[D_GHASH], c[D_GHASH][j], lengths[j]); 1245 Time_F(START); 1246 for (count = 0, run = 1; COND(c[D_GHASH][j]); count++) 1247 CRYPTO_gcm128_aad(ctx, buf, lengths[j]); 1248 d = Time_F(STOP); 1249 print_result(D_GHASH, j, count, d); 1250 } 1251 CRYPTO_gcm128_release(ctx); 1252 } 1253 if (doit[D_AES_128_GCM]) { 1254 const EVP_AEAD *aead = EVP_aead_aes_128_gcm(); 1255 static const unsigned char nonce[32] = {0}; 1256 size_t buf_len, nonce_len; 1257 EVP_AEAD_CTX *ctx; 1258 1259 if ((ctx = EVP_AEAD_CTX_new()) == NULL) { 1260 BIO_printf(bio_err, 1261 "Failed to allocate aead context.\n"); 1262 goto end; 1263 } 1264 1265 EVP_AEAD_CTX_init(ctx, aead, key32, EVP_AEAD_key_length(aead), 1266 EVP_AEAD_DEFAULT_TAG_LENGTH, NULL); 1267 nonce_len = EVP_AEAD_nonce_length(aead); 1268 1269 for (j = 0; j < SIZE_NUM; j++) { 1270 print_message(names[D_AES_128_GCM],c[D_AES_128_GCM][j],lengths[j]); 1271 Time_F(START); 1272 for (count = 0, run = 1; COND(c[D_AES_128_GCM][j]); count++) 1273 EVP_AEAD_CTX_seal(ctx, buf, &buf_len, BUFSIZE, nonce, 1274 nonce_len, buf, lengths[j], NULL, 0); 1275 d=Time_F(STOP); 1276 print_result(D_AES_128_GCM,j,count,d); 1277 } 1278 EVP_AEAD_CTX_free(ctx); 1279 } 1280 1281 if (doit[D_AES_256_GCM]) { 1282 const EVP_AEAD *aead = EVP_aead_aes_256_gcm(); 1283 static const unsigned char nonce[32] = {0}; 1284 size_t buf_len, nonce_len; 1285 EVP_AEAD_CTX *ctx; 1286 1287 if ((ctx = EVP_AEAD_CTX_new()) == NULL) { 1288 BIO_printf(bio_err, 1289 "Failed to allocate aead context.\n"); 1290 goto end; 1291 } 1292 1293 EVP_AEAD_CTX_init(ctx, aead, key32, EVP_AEAD_key_length(aead), 1294 EVP_AEAD_DEFAULT_TAG_LENGTH, NULL); 1295 nonce_len = EVP_AEAD_nonce_length(aead); 1296 1297 for (j = 0; j < SIZE_NUM; j++) { 1298 print_message(names[D_AES_256_GCM],c[D_AES_256_GCM][j],lengths[j]); 1299 Time_F(START); 1300 for (count = 0, run = 1; COND(c[D_AES_256_GCM][j]); count++) 1301 EVP_AEAD_CTX_seal(ctx, buf, &buf_len, BUFSIZE, nonce, 1302 nonce_len, buf, lengths[j], NULL, 0); 1303 d=Time_F(STOP); 1304 print_result(D_AES_256_GCM, j, count, d); 1305 } 1306 EVP_AEAD_CTX_free(ctx); 1307 } 1308 #endif 1309 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) 1310 if (doit[D_CHACHA20_POLY1305]) { 1311 const EVP_AEAD *aead = EVP_aead_chacha20_poly1305(); 1312 static const unsigned char nonce[32] = {0}; 1313 size_t buf_len, nonce_len; 1314 EVP_AEAD_CTX *ctx; 1315 1316 if ((ctx = EVP_AEAD_CTX_new()) == NULL) { 1317 BIO_printf(bio_err, 1318 "Failed to allocate aead context.\n"); 1319 goto end; 1320 } 1321 1322 EVP_AEAD_CTX_init(ctx, aead, key32, EVP_AEAD_key_length(aead), 1323 EVP_AEAD_DEFAULT_TAG_LENGTH, NULL); 1324 nonce_len = EVP_AEAD_nonce_length(aead); 1325 1326 for (j = 0; j < SIZE_NUM; j++) { 1327 print_message(names[D_CHACHA20_POLY1305], 1328 c[D_CHACHA20_POLY1305][j], lengths[j]); 1329 Time_F(START); 1330 for (count = 0, run = 1; COND(c[D_CHACHA20_POLY1305][j]); count++) 1331 EVP_AEAD_CTX_seal(ctx, buf, &buf_len, BUFSIZE, nonce, 1332 nonce_len, buf, lengths[j], NULL, 0); 1333 d=Time_F(STOP); 1334 print_result(D_CHACHA20_POLY1305, j, count, d); 1335 } 1336 EVP_AEAD_CTX_free(ctx); 1337 } 1338 #endif 1339 #ifndef OPENSSL_NO_CAMELLIA 1340 if (doit[D_CBC_128_CML]) { 1341 for (j = 0; j < SIZE_NUM; j++) { 1342 print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][j], lengths[j]); 1343 Time_F(START); 1344 for (count = 0, run = 1; COND(c[D_CBC_128_CML][j]); count++) 1345 Camellia_cbc_encrypt(buf, buf, 1346 (unsigned long) lengths[j], &camellia_ks1, 1347 iv, CAMELLIA_ENCRYPT); 1348 d = Time_F(STOP); 1349 print_result(D_CBC_128_CML, j, count, d); 1350 } 1351 } 1352 if (doit[D_CBC_192_CML]) { 1353 for (j = 0; j < SIZE_NUM; j++) { 1354 print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][j], lengths[j]); 1355 Time_F(START); 1356 for (count = 0, run = 1; COND(c[D_CBC_192_CML][j]); count++) 1357 Camellia_cbc_encrypt(buf, buf, 1358 (unsigned long) lengths[j], &camellia_ks2, 1359 iv, CAMELLIA_ENCRYPT); 1360 d = Time_F(STOP); 1361 print_result(D_CBC_192_CML, j, count, d); 1362 } 1363 } 1364 if (doit[D_CBC_256_CML]) { 1365 for (j = 0; j < SIZE_NUM; j++) { 1366 print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][j], lengths[j]); 1367 Time_F(START); 1368 for (count = 0, run = 1; COND(c[D_CBC_256_CML][j]); count++) 1369 Camellia_cbc_encrypt(buf, buf, 1370 (unsigned long) lengths[j], &camellia_ks3, 1371 iv, CAMELLIA_ENCRYPT); 1372 d = Time_F(STOP); 1373 print_result(D_CBC_256_CML, j, count, d); 1374 } 1375 } 1376 #endif 1377 #ifndef OPENSSL_NO_IDEA 1378 if (doit[D_CBC_IDEA]) { 1379 for (j = 0; j < SIZE_NUM; j++) { 1380 print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][j], lengths[j]); 1381 Time_F(START); 1382 for (count = 0, run = 1; COND(c[D_CBC_IDEA][j]); count++) 1383 idea_cbc_encrypt(buf, buf, 1384 (unsigned long) lengths[j], &idea_ks, 1385 iv, IDEA_ENCRYPT); 1386 d = Time_F(STOP); 1387 print_result(D_CBC_IDEA, j, count, d); 1388 } 1389 } 1390 #endif 1391 #ifndef OPENSSL_NO_RC2 1392 if (doit[D_CBC_RC2]) { 1393 for (j = 0; j < SIZE_NUM; j++) { 1394 print_message(names[D_CBC_RC2], c[D_CBC_RC2][j], lengths[j]); 1395 Time_F(START); 1396 for (count = 0, run = 1; COND(c[D_CBC_RC2][j]); count++) 1397 RC2_cbc_encrypt(buf, buf, 1398 (unsigned long) lengths[j], &rc2_ks, 1399 iv, RC2_ENCRYPT); 1400 d = Time_F(STOP); 1401 print_result(D_CBC_RC2, j, count, d); 1402 } 1403 } 1404 #endif 1405 #ifndef OPENSSL_NO_BF 1406 if (doit[D_CBC_BF]) { 1407 for (j = 0; j < SIZE_NUM; j++) { 1408 print_message(names[D_CBC_BF], c[D_CBC_BF][j], lengths[j]); 1409 Time_F(START); 1410 for (count = 0, run = 1; COND(c[D_CBC_BF][j]); count++) 1411 BF_cbc_encrypt(buf, buf, 1412 (unsigned long) lengths[j], &bf_ks, 1413 iv, BF_ENCRYPT); 1414 d = Time_F(STOP); 1415 print_result(D_CBC_BF, j, count, d); 1416 } 1417 } 1418 #endif 1419 #ifndef OPENSSL_NO_CAST 1420 if (doit[D_CBC_CAST]) { 1421 for (j = 0; j < SIZE_NUM; j++) { 1422 print_message(names[D_CBC_CAST], c[D_CBC_CAST][j], lengths[j]); 1423 Time_F(START); 1424 for (count = 0, run = 1; COND(c[D_CBC_CAST][j]); count++) 1425 CAST_cbc_encrypt(buf, buf, 1426 (unsigned long) lengths[j], &cast_ks, 1427 iv, CAST_ENCRYPT); 1428 d = Time_F(STOP); 1429 print_result(D_CBC_CAST, j, count, d); 1430 } 1431 } 1432 #endif 1433 1434 if (doit[D_EVP]) { 1435 for (j = 0; j < SIZE_NUM; j++) { 1436 if (evp_cipher) { 1437 EVP_CIPHER_CTX *ctx; 1438 int outl; 1439 1440 names[D_EVP] = 1441 OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)); 1442 /* 1443 * -O3 -fschedule-insns messes up an 1444 * optimization here! names[D_EVP] somehow 1445 * becomes NULL 1446 */ 1447 print_message(names[D_EVP], save_count, 1448 lengths[j]); 1449 1450 if ((ctx = EVP_CIPHER_CTX_new()) == NULL) { 1451 BIO_printf(bio_err, "Failed to " 1452 "allocate cipher context.\n"); 1453 goto end; 1454 } 1455 if (decrypt) 1456 EVP_DecryptInit_ex(ctx, evp_cipher, NULL, key16, iv); 1457 else 1458 EVP_EncryptInit_ex(ctx, evp_cipher, NULL, key16, iv); 1459 EVP_CIPHER_CTX_set_padding(ctx, 0); 1460 1461 Time_F(START); 1462 if (decrypt) 1463 for (count = 0, run = 1; COND(save_count * 4 * lengths[0] / lengths[j]); count++) 1464 EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[j]); 1465 else 1466 for (count = 0, run = 1; COND(save_count * 4 * lengths[0] / lengths[j]); count++) 1467 EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[j]); 1468 if (decrypt) 1469 EVP_DecryptFinal_ex(ctx, buf, &outl); 1470 else 1471 EVP_EncryptFinal_ex(ctx, buf, &outl); 1472 d = Time_F(STOP); 1473 EVP_CIPHER_CTX_free(ctx); 1474 } 1475 if (evp_md) { 1476 names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md)); 1477 print_message(names[D_EVP], save_count, 1478 lengths[j]); 1479 1480 Time_F(START); 1481 for (count = 0, run = 1; COND(save_count * 4 * lengths[0] / lengths[j]); count++) 1482 EVP_Digest(buf, lengths[j], &(md[0]), NULL, evp_md, NULL); 1483 1484 d = Time_F(STOP); 1485 } 1486 print_result(D_EVP, j, count, d); 1487 } 1488 } 1489 arc4random_buf(buf, 36); 1490 for (j = 0; j < RSA_NUM; j++) { 1491 int ret; 1492 if (!rsa_doit[j]) 1493 continue; 1494 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, &rsa_num, rsa_key[j]); 1495 if (ret == 0) { 1496 BIO_printf(bio_err, "RSA sign failure. No RSA sign will be done.\n"); 1497 ERR_print_errors(bio_err); 1498 rsa_count = 1; 1499 } else { 1500 pkey_print_message("private", "rsa", 1501 rsa_c[j][0], rsa_bits[j], 1502 RSA_SECONDS); 1503 /* RSA_blinding_on(rsa_key[j],NULL); */ 1504 Time_F(START); 1505 for (count = 0, run = 1; COND(rsa_c[j][0]); count++) { 1506 ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, 1507 &rsa_num, rsa_key[j]); 1508 if (ret == 0) { 1509 BIO_printf(bio_err, 1510 "RSA sign failure\n"); 1511 ERR_print_errors(bio_err); 1512 count = 1; 1513 break; 1514 } 1515 } 1516 d = Time_F(STOP); 1517 BIO_printf(bio_err, mr ? "+R1:%ld:%d:%.2f\n" 1518 : "%ld %d bit private RSA's in %.2fs\n", 1519 count, rsa_bits[j], d); 1520 rsa_results[j][0] = d / (double) count; 1521 rsa_count = count; 1522 } 1523 1524 ret = RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[j]); 1525 if (ret <= 0) { 1526 BIO_printf(bio_err, "RSA verify failure. No RSA verify will be done.\n"); 1527 ERR_print_errors(bio_err); 1528 rsa_doit[j] = 0; 1529 } else { 1530 pkey_print_message("public", "rsa", 1531 rsa_c[j][1], rsa_bits[j], 1532 RSA_SECONDS); 1533 Time_F(START); 1534 for (count = 0, run = 1; COND(rsa_c[j][1]); count++) { 1535 ret = RSA_verify(NID_md5_sha1, buf, 36, buf2, 1536 rsa_num, rsa_key[j]); 1537 if (ret <= 0) { 1538 BIO_printf(bio_err, 1539 "RSA verify failure\n"); 1540 ERR_print_errors(bio_err); 1541 count = 1; 1542 break; 1543 } 1544 } 1545 d = Time_F(STOP); 1546 BIO_printf(bio_err, mr ? "+R2:%ld:%d:%.2f\n" 1547 : "%ld %d bit public RSA's in %.2fs\n", 1548 count, rsa_bits[j], d); 1549 rsa_results[j][1] = d / (double) count; 1550 } 1551 1552 if (rsa_count <= 1) { 1553 /* if longer than 10s, don't do any more */ 1554 for (j++; j < RSA_NUM; j++) 1555 rsa_doit[j] = 0; 1556 } 1557 } 1558 1559 arc4random_buf(buf, 20); 1560 for (j = 0; j < DSA_NUM; j++) { 1561 unsigned int kk; 1562 int ret; 1563 1564 if (!dsa_doit[j]) 1565 continue; 1566 /* DSA_generate_key(dsa_key[j]); */ 1567 /* DSA_sign_setup(dsa_key[j],NULL); */ 1568 ret = DSA_sign(EVP_PKEY_DSA, buf, 20, buf2, 1569 &kk, dsa_key[j]); 1570 if (ret == 0) { 1571 BIO_printf(bio_err, "DSA sign failure. No DSA sign will be done.\n"); 1572 ERR_print_errors(bio_err); 1573 rsa_count = 1; 1574 } else { 1575 pkey_print_message("sign", "dsa", 1576 dsa_c[j][0], dsa_bits[j], 1577 DSA_SECONDS); 1578 Time_F(START); 1579 for (count = 0, run = 1; COND(dsa_c[j][0]); count++) { 1580 ret = DSA_sign(EVP_PKEY_DSA, buf, 20, buf2, 1581 &kk, dsa_key[j]); 1582 if (ret == 0) { 1583 BIO_printf(bio_err, 1584 "DSA sign failure\n"); 1585 ERR_print_errors(bio_err); 1586 count = 1; 1587 break; 1588 } 1589 } 1590 d = Time_F(STOP); 1591 BIO_printf(bio_err, mr ? "+R3:%ld:%d:%.2f\n" 1592 : "%ld %d bit DSA signs in %.2fs\n", 1593 count, dsa_bits[j], d); 1594 dsa_results[j][0] = d / (double) count; 1595 rsa_count = count; 1596 } 1597 1598 ret = DSA_verify(EVP_PKEY_DSA, buf, 20, buf2, 1599 kk, dsa_key[j]); 1600 if (ret <= 0) { 1601 BIO_printf(bio_err, "DSA verify failure. No DSA verify will be done.\n"); 1602 ERR_print_errors(bio_err); 1603 dsa_doit[j] = 0; 1604 } else { 1605 pkey_print_message("verify", "dsa", 1606 dsa_c[j][1], dsa_bits[j], 1607 DSA_SECONDS); 1608 Time_F(START); 1609 for (count = 0, run = 1; COND(dsa_c[j][1]); count++) { 1610 ret = DSA_verify(EVP_PKEY_DSA, buf, 20, buf2, 1611 kk, dsa_key[j]); 1612 if (ret <= 0) { 1613 BIO_printf(bio_err, 1614 "DSA verify failure\n"); 1615 ERR_print_errors(bio_err); 1616 count = 1; 1617 break; 1618 } 1619 } 1620 d = Time_F(STOP); 1621 BIO_printf(bio_err, mr ? "+R4:%ld:%d:%.2f\n" 1622 : "%ld %d bit DSA verify in %.2fs\n", 1623 count, dsa_bits[j], d); 1624 dsa_results[j][1] = d / (double) count; 1625 } 1626 1627 if (rsa_count <= 1) { 1628 /* if longer than 10s, don't do any more */ 1629 for (j++; j < DSA_NUM; j++) 1630 dsa_doit[j] = 0; 1631 } 1632 } 1633 1634 for (j = 0; j < EC_NUM; j++) { 1635 int ret; 1636 1637 if (!ecdsa_doit[j]) 1638 continue; /* Ignore Curve */ 1639 ecdsa[j] = EC_KEY_new_by_curve_name(test_curves[j]); 1640 if (ecdsa[j] == NULL) { 1641 BIO_printf(bio_err, "ECDSA failure.\n"); 1642 ERR_print_errors(bio_err); 1643 rsa_count = 1; 1644 } else { 1645 EC_KEY_precompute_mult(ecdsa[j], NULL); 1646 1647 /* Perform ECDSA signature test */ 1648 EC_KEY_generate_key(ecdsa[j]); 1649 ret = ECDSA_sign(0, buf, 20, ecdsasig, 1650 &ecdsasiglen, ecdsa[j]); 1651 if (ret == 0) { 1652 BIO_printf(bio_err, "ECDSA sign failure. No ECDSA sign will be done.\n"); 1653 ERR_print_errors(bio_err); 1654 rsa_count = 1; 1655 } else { 1656 pkey_print_message("sign", "ecdsa", 1657 ecdsa_c[j][0], 1658 test_curves_bits[j], 1659 ECDSA_SECONDS); 1660 1661 Time_F(START); 1662 for (count = 0, run = 1; COND(ecdsa_c[j][0]); 1663 count++) { 1664 ret = ECDSA_sign(0, buf, 20, 1665 ecdsasig, &ecdsasiglen, 1666 ecdsa[j]); 1667 if (ret == 0) { 1668 BIO_printf(bio_err, "ECDSA sign failure\n"); 1669 ERR_print_errors(bio_err); 1670 count = 1; 1671 break; 1672 } 1673 } 1674 d = Time_F(STOP); 1675 1676 BIO_printf(bio_err, mr ? "+R5:%ld:%d:%.2f\n" : 1677 "%ld %d bit ECDSA signs in %.2fs \n", 1678 count, test_curves_bits[j], d); 1679 ecdsa_results[j][0] = d / (double) count; 1680 rsa_count = count; 1681 } 1682 1683 /* Perform ECDSA verification test */ 1684 ret = ECDSA_verify(0, buf, 20, ecdsasig, 1685 ecdsasiglen, ecdsa[j]); 1686 if (ret != 1) { 1687 BIO_printf(bio_err, "ECDSA verify failure. No ECDSA verify will be done.\n"); 1688 ERR_print_errors(bio_err); 1689 ecdsa_doit[j] = 0; 1690 } else { 1691 pkey_print_message("verify", "ecdsa", 1692 ecdsa_c[j][1], 1693 test_curves_bits[j], 1694 ECDSA_SECONDS); 1695 Time_F(START); 1696 for (count = 0, run = 1; COND(ecdsa_c[j][1]); count++) { 1697 ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[j]); 1698 if (ret != 1) { 1699 BIO_printf(bio_err, "ECDSA verify failure\n"); 1700 ERR_print_errors(bio_err); 1701 count = 1; 1702 break; 1703 } 1704 } 1705 d = Time_F(STOP); 1706 BIO_printf(bio_err, mr ? "+R6:%ld:%d:%.2f\n" 1707 : "%ld %d bit ECDSA verify in %.2fs\n", 1708 count, test_curves_bits[j], d); 1709 ecdsa_results[j][1] = d / (double) count; 1710 } 1711 1712 if (rsa_count <= 1) { 1713 /* if longer than 10s, don't do any more */ 1714 for (j++; j < EC_NUM; j++) 1715 ecdsa_doit[j] = 0; 1716 } 1717 } 1718 } 1719 1720 for (j = 0; j < EC_NUM; j++) { 1721 if (!ecdh_doit[j]) 1722 continue; 1723 ecdh_a[j] = EC_KEY_new_by_curve_name(test_curves[j]); 1724 ecdh_b[j] = EC_KEY_new_by_curve_name(test_curves[j]); 1725 if ((ecdh_a[j] == NULL) || (ecdh_b[j] == NULL)) { 1726 BIO_printf(bio_err, "ECDH failure.\n"); 1727 ERR_print_errors(bio_err); 1728 rsa_count = 1; 1729 } else { 1730 /* generate two ECDH key pairs */ 1731 if (!EC_KEY_generate_key(ecdh_a[j]) || 1732 !EC_KEY_generate_key(ecdh_b[j])) { 1733 BIO_printf(bio_err, "ECDH key generation failure.\n"); 1734 ERR_print_errors(bio_err); 1735 rsa_count = 1; 1736 } else { 1737 /* 1738 * If field size is not more than 24 octets, 1739 * then use SHA-1 hash of result; otherwise, 1740 * use result (see section 4.8 of 1741 * draft-ietf-tls-ecc-03.txt). 1742 */ 1743 int field_size, outlen; 1744 void *(*kdf) (const void *in, size_t inlen, void *out, size_t * xoutlen); 1745 field_size = EC_GROUP_get_degree(EC_KEY_get0_group(ecdh_a[j])); 1746 if (field_size <= 24 * 8) { 1747 outlen = KDF1_SHA1_len; 1748 kdf = KDF1_SHA1; 1749 } else { 1750 outlen = (field_size + 7) / 8; 1751 kdf = NULL; 1752 } 1753 secret_size_a = ECDH_compute_key(secret_a, outlen, 1754 EC_KEY_get0_public_key(ecdh_b[j]), 1755 ecdh_a[j], kdf); 1756 secret_size_b = ECDH_compute_key(secret_b, outlen, 1757 EC_KEY_get0_public_key(ecdh_a[j]), 1758 ecdh_b[j], kdf); 1759 if (secret_size_a != secret_size_b) 1760 ecdh_checks = 0; 1761 else 1762 ecdh_checks = 1; 1763 1764 for (secret_idx = 0; 1765 (secret_idx < secret_size_a) 1766 && (ecdh_checks == 1); 1767 secret_idx++) { 1768 if (secret_a[secret_idx] != secret_b[secret_idx]) 1769 ecdh_checks = 0; 1770 } 1771 1772 if (ecdh_checks == 0) { 1773 BIO_printf(bio_err, 1774 "ECDH computations don't match.\n"); 1775 ERR_print_errors(bio_err); 1776 rsa_count = 1; 1777 } else { 1778 pkey_print_message("", "ecdh", 1779 ecdh_c[j][0], 1780 test_curves_bits[j], 1781 ECDH_SECONDS); 1782 Time_F(START); 1783 for (count = 0, run = 1; 1784 COND(ecdh_c[j][0]); count++) { 1785 ECDH_compute_key(secret_a, 1786 outlen, 1787 EC_KEY_get0_public_key(ecdh_b[j]), 1788 ecdh_a[j], kdf); 1789 } 1790 d = Time_F(STOP); 1791 BIO_printf(bio_err, mr 1792 ? "+R7:%ld:%d:%.2f\n" 1793 : "%ld %d-bit ECDH ops in %.2fs\n", 1794 count, test_curves_bits[j], d); 1795 ecdh_results[j][0] = d / (double) count; 1796 rsa_count = count; 1797 } 1798 } 1799 } 1800 1801 1802 if (rsa_count <= 1) { 1803 /* if longer than 10s, don't do any more */ 1804 for (j++; j < EC_NUM; j++) 1805 ecdh_doit[j] = 0; 1806 } 1807 } 1808 show_res: 1809 if (!mr) { 1810 fprintf(stdout, "%s\n", SSLeay_version(SSLEAY_VERSION)); 1811 fprintf(stdout, "%s\n", SSLeay_version(SSLEAY_BUILT_ON)); 1812 printf("options:"); 1813 printf("%s ", BN_options()); 1814 #ifndef OPENSSL_NO_RC4 1815 printf("%s ", RC4_options()); 1816 #endif 1817 #ifndef OPENSSL_NO_DES 1818 printf("%s ", DES_options()); 1819 #endif 1820 #ifndef OPENSSL_NO_AES 1821 printf("%s ", AES_options()); 1822 #endif 1823 #ifndef OPENSSL_NO_IDEA 1824 printf("%s ", idea_options()); 1825 #endif 1826 #ifndef OPENSSL_NO_BF 1827 printf("%s ", BF_options()); 1828 #endif 1829 fprintf(stdout, "\n%s\n", SSLeay_version(SSLEAY_CFLAGS)); 1830 } 1831 if (pr_header) { 1832 if (mr) 1833 fprintf(stdout, "+H"); 1834 else { 1835 fprintf(stdout, "The 'numbers' are in 1000s of bytes per second processed.\n"); 1836 fprintf(stdout, "type "); 1837 } 1838 for (j = 0; j < SIZE_NUM; j++) 1839 fprintf(stdout, mr ? ":%d" : "%7d bytes", lengths[j]); 1840 fprintf(stdout, "\n"); 1841 } 1842 for (k = 0; k < ALGOR_NUM; k++) { 1843 if (!doit[k]) 1844 continue; 1845 if (mr) 1846 fprintf(stdout, "+F:%d:%s", k, names[k]); 1847 else 1848 fprintf(stdout, "%-13s", names[k]); 1849 for (j = 0; j < SIZE_NUM; j++) { 1850 if (results[k][j] > 10000 && !mr) 1851 fprintf(stdout, " %11.2fk", results[k][j] / 1e3); 1852 else 1853 fprintf(stdout, mr ? ":%.2f" : " %11.2f ", results[k][j]); 1854 } 1855 fprintf(stdout, "\n"); 1856 } 1857 j = 1; 1858 for (k = 0; k < RSA_NUM; k++) { 1859 if (!rsa_doit[k]) 1860 continue; 1861 if (j && !mr) { 1862 printf("%18ssign verify sign/s verify/s\n", " "); 1863 j = 0; 1864 } 1865 if (mr) 1866 fprintf(stdout, "+F2:%u:%u:%f:%f\n", 1867 k, rsa_bits[k], rsa_results[k][0], 1868 rsa_results[k][1]); 1869 else 1870 fprintf(stdout, "rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n", 1871 rsa_bits[k], rsa_results[k][0], rsa_results[k][1], 1872 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1]); 1873 } 1874 j = 1; 1875 for (k = 0; k < DSA_NUM; k++) { 1876 if (!dsa_doit[k]) 1877 continue; 1878 if (j && !mr) { 1879 printf("%18ssign verify sign/s verify/s\n", " "); 1880 j = 0; 1881 } 1882 if (mr) 1883 fprintf(stdout, "+F3:%u:%u:%f:%f\n", 1884 k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]); 1885 else 1886 fprintf(stdout, "dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n", 1887 dsa_bits[k], dsa_results[k][0], dsa_results[k][1], 1888 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1]); 1889 } 1890 j = 1; 1891 for (k = 0; k < EC_NUM; k++) { 1892 if (!ecdsa_doit[k]) 1893 continue; 1894 if (j && !mr) { 1895 printf("%30ssign verify sign/s verify/s\n", " "); 1896 j = 0; 1897 } 1898 if (mr) 1899 fprintf(stdout, "+F4:%u:%u:%f:%f\n", 1900 k, test_curves_bits[k], 1901 ecdsa_results[k][0], ecdsa_results[k][1]); 1902 else 1903 fprintf(stdout, 1904 "%4u bit ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n", 1905 test_curves_bits[k], 1906 test_curves_names[k], 1907 ecdsa_results[k][0], ecdsa_results[k][1], 1908 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1]); 1909 } 1910 1911 1912 j = 1; 1913 for (k = 0; k < EC_NUM; k++) { 1914 if (!ecdh_doit[k]) 1915 continue; 1916 if (j && !mr) { 1917 printf("%30sop op/s\n", " "); 1918 j = 0; 1919 } 1920 if (mr) 1921 fprintf(stdout, "+F5:%u:%u:%f:%f\n", 1922 k, test_curves_bits[k], 1923 ecdh_results[k][0], 1.0 / ecdh_results[k][0]); 1924 1925 else 1926 fprintf(stdout, "%4u bit ecdh (%s) %8.4fs %8.1f\n", 1927 test_curves_bits[k], 1928 test_curves_names[k], 1929 ecdh_results[k][0], 1.0 / ecdh_results[k][0]); 1930 } 1931 1932 mret = 0; 1933 1934 end: 1935 ERR_print_errors(bio_err); 1936 free(buf); 1937 free(buf2); 1938 for (i = 0; i < RSA_NUM; i++) 1939 if (rsa_key[i] != NULL) 1940 RSA_free(rsa_key[i]); 1941 for (i = 0; i < DSA_NUM; i++) 1942 if (dsa_key[i] != NULL) 1943 DSA_free(dsa_key[i]); 1944 1945 for (i = 0; i < EC_NUM; i++) 1946 if (ecdsa[i] != NULL) 1947 EC_KEY_free(ecdsa[i]); 1948 for (i = 0; i < EC_NUM; i++) { 1949 if (ecdh_a[i] != NULL) 1950 EC_KEY_free(ecdh_a[i]); 1951 if (ecdh_b[i] != NULL) 1952 EC_KEY_free(ecdh_b[i]); 1953 } 1954 1955 1956 return (mret); 1957 } 1958 1959 static void 1960 print_message(const char *s, long num, int length) 1961 { 1962 BIO_printf(bio_err, mr ? "+DT:%s:%d:%d\n" 1963 : "Doing %s for %ds on %d size blocks: ", s, SECONDS, length); 1964 (void) BIO_flush(bio_err); 1965 alarm(SECONDS); 1966 } 1967 1968 static void 1969 pkey_print_message(const char *str, const char *str2, long num, 1970 int bits, int tm) 1971 { 1972 BIO_printf(bio_err, mr ? "+DTP:%d:%s:%s:%d\n" 1973 : "Doing %d bit %s %s's for %ds: ", bits, str, str2, tm); 1974 (void) BIO_flush(bio_err); 1975 alarm(tm); 1976 } 1977 1978 static void 1979 print_result(int alg, int run_no, int count, double time_used) 1980 { 1981 BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n" 1982 : "%d %s's in %.2fs\n", count, names[alg], time_used); 1983 results[alg][run_no] = ((double) count) / time_used * lengths[run_no]; 1984 } 1985 1986 static char * 1987 sstrsep(char **string, const char *delim) 1988 { 1989 char isdelim[256]; 1990 char *token = *string; 1991 1992 if (**string == 0) 1993 return NULL; 1994 1995 memset(isdelim, 0, sizeof isdelim); 1996 isdelim[0] = 1; 1997 1998 while (*delim) { 1999 isdelim[(unsigned char) (*delim)] = 1; 2000 delim++; 2001 } 2002 2003 while (!isdelim[(unsigned char) (**string)]) { 2004 (*string)++; 2005 } 2006 2007 if (**string) { 2008 **string = 0; 2009 (*string)++; 2010 } 2011 return token; 2012 } 2013 2014 static int 2015 do_multi(int multi) 2016 { 2017 int n; 2018 int fd[2]; 2019 int *fds; 2020 static char sep[] = ":"; 2021 const char *errstr = NULL; 2022 2023 fds = reallocarray(NULL, multi, sizeof *fds); 2024 if (fds == NULL) { 2025 fprintf(stderr, "reallocarray failure\n"); 2026 exit(1); 2027 } 2028 for (n = 0; n < multi; ++n) { 2029 if (pipe(fd) == -1) { 2030 fprintf(stderr, "pipe failure\n"); 2031 exit(1); 2032 } 2033 fflush(stdout); 2034 fflush(stderr); 2035 if (fork()) { 2036 close(fd[1]); 2037 fds[n] = fd[0]; 2038 } else { 2039 close(fd[0]); 2040 close(1); 2041 if (dup(fd[1]) == -1) { 2042 fprintf(stderr, "dup failed\n"); 2043 exit(1); 2044 } 2045 close(fd[1]); 2046 mr = 1; 2047 usertime = 0; 2048 free(fds); 2049 return 0; 2050 } 2051 printf("Forked child %d\n", n); 2052 } 2053 2054 /* for now, assume the pipe is long enough to take all the output */ 2055 for (n = 0; n < multi; ++n) { 2056 FILE *f; 2057 char buf[1024]; 2058 char *p; 2059 2060 f = fdopen(fds[n], "r"); 2061 while (fgets(buf, sizeof buf, f)) { 2062 p = strchr(buf, '\n'); 2063 if (p) 2064 *p = '\0'; 2065 if (buf[0] != '+') { 2066 fprintf(stderr, "Don't understand line '%s' from child %d\n", 2067 buf, n); 2068 continue; 2069 } 2070 printf("Got: %s from %d\n", buf, n); 2071 if (!strncmp(buf, "+F:", 3)) { 2072 int alg; 2073 int j; 2074 2075 p = buf + 3; 2076 alg = strtonum(sstrsep(&p, sep), 2077 0, ALGOR_NUM - 1, &errstr); 2078 sstrsep(&p, sep); 2079 for (j = 0; j < SIZE_NUM; ++j) 2080 results[alg][j] += atof(sstrsep(&p, sep)); 2081 } else if (!strncmp(buf, "+F2:", 4)) { 2082 int k; 2083 double d; 2084 2085 p = buf + 4; 2086 k = strtonum(sstrsep(&p, sep), 2087 0, ALGOR_NUM - 1, &errstr); 2088 sstrsep(&p, sep); 2089 2090 d = atof(sstrsep(&p, sep)); 2091 if (n) 2092 rsa_results[k][0] = 1 / (1 / rsa_results[k][0] + 1 / d); 2093 else 2094 rsa_results[k][0] = d; 2095 2096 d = atof(sstrsep(&p, sep)); 2097 if (n) 2098 rsa_results[k][1] = 1 / (1 / rsa_results[k][1] + 1 / d); 2099 else 2100 rsa_results[k][1] = d; 2101 } else if (!strncmp(buf, "+F2:", 4)) { 2102 int k; 2103 double d; 2104 2105 p = buf + 4; 2106 k = strtonum(sstrsep(&p, sep), 2107 0, ALGOR_NUM - 1, &errstr); 2108 sstrsep(&p, sep); 2109 2110 d = atof(sstrsep(&p, sep)); 2111 if (n) 2112 rsa_results[k][0] = 1 / (1 / rsa_results[k][0] + 1 / d); 2113 else 2114 rsa_results[k][0] = d; 2115 2116 d = atof(sstrsep(&p, sep)); 2117 if (n) 2118 rsa_results[k][1] = 1 / (1 / rsa_results[k][1] + 1 / d); 2119 else 2120 rsa_results[k][1] = d; 2121 } 2122 else if (!strncmp(buf, "+F3:", 4)) { 2123 int k; 2124 double d; 2125 2126 p = buf + 4; 2127 k = strtonum(sstrsep(&p, sep), 2128 0, ALGOR_NUM - 1, &errstr); 2129 sstrsep(&p, sep); 2130 2131 d = atof(sstrsep(&p, sep)); 2132 if (n) 2133 dsa_results[k][0] = 1 / (1 / dsa_results[k][0] + 1 / d); 2134 else 2135 dsa_results[k][0] = d; 2136 2137 d = atof(sstrsep(&p, sep)); 2138 if (n) 2139 dsa_results[k][1] = 1 / (1 / dsa_results[k][1] + 1 / d); 2140 else 2141 dsa_results[k][1] = d; 2142 } 2143 else if (!strncmp(buf, "+F4:", 4)) { 2144 int k; 2145 double d; 2146 2147 p = buf + 4; 2148 k = strtonum(sstrsep(&p, sep), 2149 0, ALGOR_NUM - 1, &errstr); 2150 sstrsep(&p, sep); 2151 2152 d = atof(sstrsep(&p, sep)); 2153 if (n) 2154 ecdsa_results[k][0] = 1 / (1 / ecdsa_results[k][0] + 1 / d); 2155 else 2156 ecdsa_results[k][0] = d; 2157 2158 d = atof(sstrsep(&p, sep)); 2159 if (n) 2160 ecdsa_results[k][1] = 1 / (1 / ecdsa_results[k][1] + 1 / d); 2161 else 2162 ecdsa_results[k][1] = d; 2163 } 2164 2165 else if (!strncmp(buf, "+F5:", 4)) { 2166 int k; 2167 double d; 2168 2169 p = buf + 4; 2170 k = strtonum(sstrsep(&p, sep), 2171 0, ALGOR_NUM - 1, &errstr); 2172 sstrsep(&p, sep); 2173 2174 d = atof(sstrsep(&p, sep)); 2175 if (n) 2176 ecdh_results[k][0] = 1 / (1 / ecdh_results[k][0] + 1 / d); 2177 else 2178 ecdh_results[k][0] = d; 2179 2180 } 2181 2182 else if (!strncmp(buf, "+H:", 3)) { 2183 } else 2184 fprintf(stderr, "Unknown type '%s' from child %d\n", buf, n); 2185 } 2186 2187 fclose(f); 2188 } 2189 free(fds); 2190 return 1; 2191 } 2192 #endif 2193