speed.c 167 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789179017911792179317941795179617971798179918001801180218031804180518061807180818091810181118121813181418151816181718181819182018211822182318241825182618271828182918301831183218331834183518361837183818391840184118421843184418451846184718481849185018511852185318541855185618571858185918601861186218631864186518661867186818691870187118721873187418751876187718781879188018811882188318841885188618871888188918901891189218931894189518961897189818991900190119021903190419051906190719081909191019111912191319141915191619171918191919201921192219231924192519261927192819291930193119321933193419351936193719381939194019411942194319441945194619471948194919501951195219531954195519561957195819591960196119621963196419651966196719681969197019711972197319741975197619771978197919801981198219831984198519861987198819891990199119921993199419951996199719981999200020012002200320042005200620072008200920102011201220132014201520162017201820192020202120222023202420252026202720282029203020312032203320342035203620372038203920402041204220432044204520462047204820492050205120522053205420552056205720582059206020612062206320642065206620672068206920702071207220732074207520762077207820792080208120822083208420852086208720882089209020912092209320942095209620972098209921002101210221032104210521062107210821092110211121122113211421152116211721182119212021212122212321242125212621272128212921302131213221332134213521362137213821392140214121422143214421452146214721482149215021512152215321542155215621572158215921602161216221632164216521662167216821692170217121722173217421752176217721782179218021812182218321842185218621872188218921902191219221932194219521962197219821992200220122022203220422052206220722082209221022112212221322142215221622172218221922202221222222232224222522262227222822292230223122322233223422352236223722382239224022412242224322442245224622472248224922502251225222532254225522562257225822592260226122622263226422652266226722682269227022712272227322742275227622772278227922802281228222832284228522862287228822892290229122922293229422952296229722982299230023012302230323042305230623072308230923102311231223132314231523162317231823192320232123222323232423252326232723282329233023312332233323342335233623372338233923402341234223432344234523462347234823492350235123522353235423552356235723582359236023612362236323642365236623672368236923702371237223732374237523762377237823792380238123822383238423852386238723882389239023912392239323942395239623972398239924002401240224032404240524062407240824092410241124122413241424152416241724182419242024212422242324242425242624272428242924302431243224332434243524362437243824392440244124422443244424452446244724482449245024512452245324542455245624572458245924602461246224632464246524662467246824692470247124722473247424752476247724782479248024812482248324842485248624872488248924902491249224932494249524962497249824992500250125022503250425052506250725082509251025112512251325142515251625172518251925202521252225232524252525262527252825292530253125322533253425352536253725382539254025412542254325442545254625472548254925502551255225532554255525562557255825592560256125622563256425652566256725682569257025712572257325742575257625772578257925802581258225832584258525862587258825892590259125922593259425952596259725982599260026012602260326042605260626072608260926102611261226132614261526162617261826192620262126222623262426252626262726282629263026312632263326342635263626372638263926402641264226432644264526462647264826492650265126522653265426552656265726582659266026612662266326642665266626672668266926702671267226732674267526762677267826792680268126822683268426852686268726882689269026912692269326942695269626972698269927002701270227032704270527062707270827092710271127122713271427152716271727182719272027212722272327242725272627272728272927302731273227332734273527362737273827392740274127422743274427452746274727482749275027512752275327542755275627572758275927602761276227632764276527662767276827692770277127722773277427752776277727782779278027812782278327842785278627872788278927902791279227932794279527962797279827992800280128022803280428052806280728082809281028112812281328142815281628172818281928202821282228232824282528262827282828292830283128322833283428352836283728382839284028412842284328442845284628472848284928502851285228532854285528562857285828592860286128622863286428652866286728682869287028712872287328742875287628772878287928802881288228832884288528862887288828892890289128922893289428952896289728982899290029012902290329042905290629072908290929102911291229132914291529162917291829192920292129222923292429252926292729282929293029312932293329342935293629372938293929402941294229432944294529462947294829492950295129522953295429552956295729582959296029612962296329642965296629672968296929702971297229732974297529762977297829792980298129822983298429852986298729882989299029912992299329942995299629972998299930003001300230033004300530063007300830093010301130123013301430153016301730183019302030213022302330243025302630273028302930303031303230333034303530363037303830393040304130423043304430453046304730483049305030513052305330543055305630573058305930603061306230633064306530663067306830693070307130723073307430753076307730783079308030813082308330843085308630873088308930903091309230933094309530963097309830993100310131023103310431053106310731083109311031113112311331143115311631173118311931203121312231233124312531263127312831293130313131323133313431353136313731383139314031413142314331443145314631473148314931503151315231533154315531563157315831593160316131623163316431653166316731683169317031713172317331743175317631773178317931803181318231833184318531863187318831893190319131923193319431953196319731983199320032013202320332043205320632073208320932103211321232133214321532163217321832193220322132223223322432253226322732283229323032313232323332343235323632373238323932403241324232433244324532463247324832493250325132523253325432553256325732583259326032613262326332643265326632673268326932703271327232733274327532763277327832793280328132823283328432853286328732883289329032913292329332943295329632973298329933003301330233033304330533063307330833093310331133123313331433153316331733183319332033213322332333243325332633273328332933303331333233333334333533363337333833393340334133423343334433453346334733483349335033513352335333543355335633573358335933603361336233633364336533663367336833693370337133723373337433753376337733783379338033813382338333843385338633873388338933903391339233933394339533963397339833993400340134023403340434053406340734083409341034113412341334143415341634173418341934203421342234233424342534263427342834293430343134323433343434353436343734383439344034413442344334443445344634473448344934503451345234533454345534563457345834593460346134623463346434653466346734683469347034713472347334743475347634773478347934803481348234833484348534863487348834893490349134923493349434953496349734983499350035013502350335043505350635073508350935103511351235133514351535163517351835193520352135223523352435253526352735283529353035313532353335343535353635373538353935403541354235433544354535463547354835493550355135523553355435553556355735583559356035613562356335643565356635673568356935703571357235733574357535763577357835793580358135823583358435853586358735883589359035913592359335943595359635973598359936003601360236033604360536063607360836093610361136123613361436153616361736183619362036213622362336243625362636273628362936303631363236333634363536363637363836393640364136423643364436453646364736483649365036513652365336543655365636573658365936603661366236633664366536663667366836693670367136723673367436753676367736783679368036813682368336843685368636873688368936903691369236933694369536963697369836993700370137023703370437053706370737083709371037113712371337143715371637173718371937203721372237233724372537263727372837293730373137323733373437353736373737383739374037413742374337443745374637473748374937503751375237533754375537563757375837593760376137623763376437653766376737683769377037713772377337743775377637773778377937803781378237833784378537863787378837893790379137923793379437953796379737983799380038013802380338043805380638073808380938103811381238133814381538163817381838193820382138223823382438253826382738283829383038313832383338343835383638373838383938403841384238433844384538463847384838493850385138523853385438553856385738583859386038613862386338643865386638673868386938703871387238733874387538763877387838793880388138823883388438853886388738883889389038913892389338943895389638973898389939003901390239033904390539063907390839093910391139123913391439153916391739183919392039213922392339243925392639273928392939303931393239333934393539363937393839393940394139423943394439453946394739483949395039513952395339543955395639573958395939603961396239633964396539663967396839693970397139723973397439753976397739783979398039813982398339843985398639873988398939903991399239933994399539963997399839994000400140024003400440054006400740084009401040114012401340144015401640174018401940204021402240234024402540264027402840294030403140324033403440354036403740384039404040414042404340444045404640474048404940504051405240534054405540564057405840594060406140624063406440654066406740684069407040714072407340744075407640774078407940804081408240834084408540864087408840894090409140924093409440954096409740984099410041014102410341044105410641074108410941104111411241134114411541164117411841194120412141224123412441254126412741284129413041314132413341344135413641374138413941404141414241434144414541464147414841494150415141524153415441554156415741584159416041614162416341644165416641674168416941704171417241734174417541764177417841794180418141824183418441854186418741884189419041914192419341944195419641974198419942004201420242034204420542064207420842094210421142124213421442154216421742184219422042214222422342244225422642274228422942304231423242334234423542364237423842394240424142424243424442454246424742484249425042514252425342544255425642574258425942604261426242634264426542664267426842694270427142724273427442754276427742784279428042814282428342844285428642874288428942904291429242934294429542964297429842994300430143024303430443054306430743084309431043114312431343144315431643174318431943204321432243234324432543264327432843294330433143324333433443354336433743384339434043414342434343444345434643474348434943504351435243534354435543564357435843594360436143624363436443654366436743684369437043714372437343744375437643774378437943804381438243834384438543864387438843894390439143924393439443954396439743984399440044014402440344044405440644074408440944104411441244134414441544164417441844194420442144224423442444254426442744284429443044314432443344344435443644374438443944404441444244434444444544464447444844494450445144524453445444554456445744584459446044614462446344644465446644674468446944704471447244734474447544764477447844794480448144824483448444854486448744884489449044914492449344944495449644974498449945004501450245034504450545064507450845094510451145124513451445154516451745184519452045214522452345244525452645274528452945304531453245334534453545364537453845394540454145424543454445454546454745484549455045514552455345544555455645574558455945604561456245634564456545664567456845694570457145724573457445754576457745784579458045814582458345844585458645874588458945904591459245934594459545964597459845994600460146024603460446054606460746084609461046114612461346144615461646174618461946204621462246234624462546264627462846294630463146324633463446354636463746384639464046414642464346444645464646474648464946504651465246534654465546564657465846594660466146624663466446654666466746684669467046714672467346744675467646774678467946804681468246834684468546864687468846894690469146924693469446954696469746984699470047014702470347044705470647074708470947104711471247134714471547164717471847194720472147224723472447254726472747284729473047314732473347344735473647374738473947404741474247434744474547464747474847494750475147524753475447554756475747584759476047614762476347644765476647674768476947704771477247734774477547764777477847794780478147824783478447854786478747884789479047914792479347944795479647974798479948004801480248034804480548064807480848094810481148124813481448154816481748184819482048214822482348244825482648274828482948304831483248334834483548364837483848394840484148424843484448454846484748484849485048514852485348544855485648574858485948604861486248634864486548664867486848694870487148724873
  1. /*
  2. * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
  3. * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
  4. *
  5. * Licensed under the Apache License 2.0 (the "License"). You may not use
  6. * this file except in compliance with the License. You can obtain a copy
  7. * in the file LICENSE in the source distribution or at
  8. * https://www.openssl.org/source/license.html
  9. */
  10. #undef SECONDS
  11. #define SECONDS 3
  12. #define PKEY_SECONDS 10
  13. #define RSA_SECONDS PKEY_SECONDS
  14. #define DSA_SECONDS PKEY_SECONDS
  15. #define ECDSA_SECONDS PKEY_SECONDS
  16. #define ECDH_SECONDS PKEY_SECONDS
  17. #define EdDSA_SECONDS PKEY_SECONDS
  18. #define SM2_SECONDS PKEY_SECONDS
  19. #define FFDH_SECONDS PKEY_SECONDS
  20. #define KEM_SECONDS PKEY_SECONDS
  21. #define SIG_SECONDS PKEY_SECONDS
  22. #define MAX_ALGNAME_SUFFIX 100
  23. /* We need to use some deprecated APIs */
  24. #define OPENSSL_SUPPRESS_DEPRECATED
  25. #include <stdio.h>
  26. #include <stdlib.h>
  27. #include <string.h>
  28. #include <math.h>
  29. #include "apps.h"
  30. #include "progs.h"
  31. #include "internal/nelem.h"
  32. #include "internal/numbers.h"
  33. #include <openssl/crypto.h>
  34. #include <openssl/rand.h>
  35. #include <openssl/err.h>
  36. #include <openssl/evp.h>
  37. #include <openssl/objects.h>
  38. #include <openssl/core_names.h>
  39. #include <openssl/async.h>
  40. #include <openssl/provider.h>
  41. #if !defined(OPENSSL_SYS_MSDOS)
  42. # include <unistd.h>
  43. #endif
  44. #if defined(_WIN32)
  45. # include <windows.h>
  46. /*
  47. * While VirtualLock is available under the app partition (e.g. UWP),
  48. * the headers do not define the API. Define it ourselves instead.
  49. */
  50. WINBASEAPI
  51. BOOL
  52. WINAPI
  53. VirtualLock(
  54. _In_ LPVOID lpAddress,
  55. _In_ SIZE_T dwSize
  56. );
  57. #endif
  58. #if defined(OPENSSL_SYS_LINUX)
  59. # include <sys/mman.h>
  60. #endif
  61. #include <openssl/bn.h>
  62. #include <openssl/rsa.h>
  63. #include "./testrsa.h"
  64. #ifndef OPENSSL_NO_DH
  65. # include <openssl/dh.h>
  66. #endif
  67. #include <openssl/x509.h>
  68. #include <openssl/dsa.h>
  69. #include "./testdsa.h"
  70. #include <openssl/modes.h>
  71. #ifndef HAVE_FORK
  72. # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS)
  73. # define HAVE_FORK 0
  74. # else
  75. # define HAVE_FORK 1
  76. # include <sys/wait.h>
  77. # endif
  78. #endif
  79. #if HAVE_FORK
  80. # undef NO_FORK
  81. #else
  82. # define NO_FORK
  83. #endif
  84. #define MAX_MISALIGNMENT 63
  85. #define MAX_ECDH_SIZE 256
  86. #define MISALIGN 64
  87. #define MAX_FFDH_SIZE 1024
  88. #ifndef RSA_DEFAULT_PRIME_NUM
  89. # define RSA_DEFAULT_PRIME_NUM 2
  90. #endif
  91. typedef struct openssl_speed_sec_st {
  92. int sym;
  93. int rsa;
  94. int dsa;
  95. int ecdsa;
  96. int ecdh;
  97. int eddsa;
  98. int sm2;
  99. int ffdh;
  100. int kem;
  101. int sig;
  102. } openssl_speed_sec_t;
  103. static volatile int run = 0;
  104. static int mr = 0; /* machine-readeable output format to merge fork results */
  105. static int usertime = 1;
  106. static double Time_F(int s);
  107. static void print_message(const char *s, int length, int tm);
  108. static void pkey_print_message(const char *str, const char *str2,
  109. unsigned int bits, int sec);
  110. static void kskey_print_message(const char *str, const char *str2, int tm);
  111. static void print_result(int alg, int run_no, int count, double time_used);
  112. #ifndef NO_FORK
  113. static int do_multi(int multi, int size_num);
  114. #endif
  115. static int domlock = 0;
  116. static const int lengths_list[] = {
  117. 16, 64, 256, 1024, 8 * 1024, 16 * 1024
  118. };
  119. #define SIZE_NUM OSSL_NELEM(lengths_list)
  120. static const int *lengths = lengths_list;
  121. static const int aead_lengths_list[] = {
  122. 2, 31, 136, 1024, 8 * 1024, 16 * 1024
  123. };
  124. #define START 0
  125. #define STOP 1
  126. #ifdef SIGALRM
  127. static void alarmed(ossl_unused int sig)
  128. {
  129. signal(SIGALRM, alarmed);
  130. run = 0;
  131. }
  132. static double Time_F(int s)
  133. {
  134. double ret = app_tminterval(s, usertime);
  135. if (s == STOP)
  136. alarm(0);
  137. return ret;
  138. }
  139. #elif defined(_WIN32)
  140. # define SIGALRM -1
  141. static unsigned int lapse;
  142. static volatile unsigned int schlock;
  143. static void alarm_win32(unsigned int secs)
  144. {
  145. lapse = secs * 1000;
  146. }
  147. # define alarm alarm_win32
  148. static DWORD WINAPI sleepy(VOID * arg)
  149. {
  150. schlock = 1;
  151. Sleep(lapse);
  152. run = 0;
  153. return 0;
  154. }
  155. static double Time_F(int s)
  156. {
  157. double ret;
  158. static HANDLE thr;
  159. if (s == START) {
  160. schlock = 0;
  161. thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
  162. if (thr == NULL) {
  163. DWORD err = GetLastError();
  164. BIO_printf(bio_err, "unable to CreateThread (%lu)", err);
  165. ExitProcess(err);
  166. }
  167. while (!schlock)
  168. Sleep(0); /* scheduler spinlock */
  169. ret = app_tminterval(s, usertime);
  170. } else {
  171. ret = app_tminterval(s, usertime);
  172. if (run)
  173. TerminateThread(thr, 0);
  174. CloseHandle(thr);
  175. }
  176. return ret;
  177. }
  178. #else
  179. # error "SIGALRM not defined and the platform is not Windows"
  180. #endif
  181. static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
  182. const openssl_speed_sec_t *seconds);
  183. static int opt_found(const char *name, unsigned int *result,
  184. const OPT_PAIR pairs[], unsigned int nbelem)
  185. {
  186. unsigned int idx;
  187. for (idx = 0; idx < nbelem; ++idx, pairs++)
  188. if (strcmp(name, pairs->name) == 0) {
  189. *result = pairs->retval;
  190. return 1;
  191. }
  192. return 0;
  193. }
  194. #define opt_found(value, pairs, result)\
  195. opt_found(value, result, pairs, OSSL_NELEM(pairs))
  196. typedef enum OPTION_choice {
  197. OPT_COMMON,
  198. OPT_ELAPSED, OPT_EVP, OPT_HMAC, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
  199. OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM, OPT_PROV_ENUM, OPT_CONFIG,
  200. OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD, OPT_CMAC, OPT_MLOCK, OPT_KEM, OPT_SIG
  201. } OPTION_CHOICE;
  202. const OPTIONS speed_options[] = {
  203. {OPT_HELP_STR, 1, '-',
  204. "Usage: %s [options] [algorithm...]\n"
  205. "All +int options consider prefix '0' as base-8 input, "
  206. "prefix '0x'/'0X' as base-16 input.\n"
  207. },
  208. OPT_SECTION("General"),
  209. {"help", OPT_HELP, '-', "Display this summary"},
  210. {"mb", OPT_MB, '-',
  211. "Enable (tls1>=1) multi-block mode on EVP-named cipher"},
  212. {"mr", OPT_MR, '-', "Produce machine readable output"},
  213. #ifndef NO_FORK
  214. {"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"},
  215. #endif
  216. #ifndef OPENSSL_NO_ASYNC
  217. {"async_jobs", OPT_ASYNCJOBS, 'p',
  218. "Enable async mode and start specified number of jobs"},
  219. #endif
  220. #ifndef OPENSSL_NO_ENGINE
  221. {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
  222. #endif
  223. {"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"},
  224. {"mlock", OPT_MLOCK, '-', "Lock memory for better result determinism"},
  225. OPT_CONFIG_OPTION,
  226. OPT_SECTION("Selection"),
  227. {"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"},
  228. {"hmac", OPT_HMAC, 's', "HMAC using EVP-named digest"},
  229. {"cmac", OPT_CMAC, 's', "CMAC using EVP-named cipher"},
  230. {"decrypt", OPT_DECRYPT, '-',
  231. "Time decryption instead of encryption (only EVP)"},
  232. {"aead", OPT_AEAD, '-',
  233. "Benchmark EVP-named AEAD cipher in TLS-like sequence"},
  234. {"kem-algorithms", OPT_KEM, '-',
  235. "Benchmark KEM algorithms"},
  236. {"signature-algorithms", OPT_SIG, '-',
  237. "Benchmark signature algorithms"},
  238. OPT_SECTION("Timing"),
  239. {"elapsed", OPT_ELAPSED, '-',
  240. "Use wall-clock time instead of CPU user time as divisor"},
  241. {"seconds", OPT_SECONDS, 'p',
  242. "Run benchmarks for specified amount of seconds"},
  243. {"bytes", OPT_BYTES, 'p',
  244. "Run [non-PKI] benchmarks on custom-sized buffer"},
  245. {"misalign", OPT_MISALIGN, 'p',
  246. "Use specified offset to mis-align buffers"},
  247. OPT_R_OPTIONS,
  248. OPT_PROV_OPTIONS,
  249. OPT_PARAMETERS(),
  250. {"algorithm", 0, 0, "Algorithm(s) to test (optional; otherwise tests all)"},
  251. {NULL}
  252. };
  253. enum {
  254. D_MD2, D_MDC2, D_MD4, D_MD5, D_SHA1, D_RMD160,
  255. D_SHA256, D_SHA512, D_WHIRLPOOL, D_HMAC,
  256. D_CBC_DES, D_EDE3_DES, D_RC4, D_CBC_IDEA, D_CBC_SEED,
  257. D_CBC_RC2, D_CBC_RC5, D_CBC_BF, D_CBC_CAST,
  258. D_CBC_128_AES, D_CBC_192_AES, D_CBC_256_AES,
  259. D_CBC_128_CML, D_CBC_192_CML, D_CBC_256_CML,
  260. D_EVP, D_GHASH, D_RAND, D_EVP_CMAC, D_KMAC128, D_KMAC256,
  261. ALGOR_NUM
  262. };
  263. /* name of algorithms to test. MUST BE KEEP IN SYNC with above enum ! */
  264. static const char *names[ALGOR_NUM] = {
  265. "md2", "mdc2", "md4", "md5", "sha1", "rmd160",
  266. "sha256", "sha512", "whirlpool", "hmac(sha256)",
  267. "des-cbc", "des-ede3", "rc4", "idea-cbc", "seed-cbc",
  268. "rc2-cbc", "rc5-cbc", "blowfish", "cast-cbc",
  269. "aes-128-cbc", "aes-192-cbc", "aes-256-cbc",
  270. "camellia-128-cbc", "camellia-192-cbc", "camellia-256-cbc",
  271. "evp", "ghash", "rand", "cmac", "kmac128", "kmac256"
  272. };
  273. /* list of configured algorithm (remaining), with some few alias */
  274. static const OPT_PAIR doit_choices[] = {
  275. {"md2", D_MD2},
  276. {"mdc2", D_MDC2},
  277. {"md4", D_MD4},
  278. {"md5", D_MD5},
  279. {"hmac", D_HMAC},
  280. {"sha1", D_SHA1},
  281. {"sha256", D_SHA256},
  282. {"sha512", D_SHA512},
  283. {"whirlpool", D_WHIRLPOOL},
  284. {"ripemd", D_RMD160},
  285. {"rmd160", D_RMD160},
  286. {"ripemd160", D_RMD160},
  287. {"rc4", D_RC4},
  288. {"des-cbc", D_CBC_DES},
  289. {"des-ede3", D_EDE3_DES},
  290. {"aes-128-cbc", D_CBC_128_AES},
  291. {"aes-192-cbc", D_CBC_192_AES},
  292. {"aes-256-cbc", D_CBC_256_AES},
  293. {"camellia-128-cbc", D_CBC_128_CML},
  294. {"camellia-192-cbc", D_CBC_192_CML},
  295. {"camellia-256-cbc", D_CBC_256_CML},
  296. {"rc2-cbc", D_CBC_RC2},
  297. {"rc2", D_CBC_RC2},
  298. {"rc5-cbc", D_CBC_RC5},
  299. {"rc5", D_CBC_RC5},
  300. {"idea-cbc", D_CBC_IDEA},
  301. {"idea", D_CBC_IDEA},
  302. {"seed-cbc", D_CBC_SEED},
  303. {"seed", D_CBC_SEED},
  304. {"bf-cbc", D_CBC_BF},
  305. {"blowfish", D_CBC_BF},
  306. {"bf", D_CBC_BF},
  307. {"cast-cbc", D_CBC_CAST},
  308. {"cast", D_CBC_CAST},
  309. {"cast5", D_CBC_CAST},
  310. {"ghash", D_GHASH},
  311. {"rand", D_RAND},
  312. {"kmac128", D_KMAC128},
  313. {"kmac256", D_KMAC256},
  314. };
  315. static double results[ALGOR_NUM][SIZE_NUM];
  316. enum { R_DSA_1024, R_DSA_2048, DSA_NUM };
  317. static const OPT_PAIR dsa_choices[DSA_NUM] = {
  318. {"dsa1024", R_DSA_1024},
  319. {"dsa2048", R_DSA_2048}
  320. };
  321. static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */
  322. enum {
  323. R_RSA_512, R_RSA_1024, R_RSA_2048, R_RSA_3072, R_RSA_4096, R_RSA_7680,
  324. R_RSA_15360, RSA_NUM
  325. };
  326. static const OPT_PAIR rsa_choices[RSA_NUM] = {
  327. {"rsa512", R_RSA_512},
  328. {"rsa1024", R_RSA_1024},
  329. {"rsa2048", R_RSA_2048},
  330. {"rsa3072", R_RSA_3072},
  331. {"rsa4096", R_RSA_4096},
  332. {"rsa7680", R_RSA_7680},
  333. {"rsa15360", R_RSA_15360}
  334. };
  335. static double rsa_results[RSA_NUM][4]; /* 4 ops: sign, verify, encrypt, decrypt */
  336. #ifndef OPENSSL_NO_DH
  337. enum ff_params_t {
  338. R_FFDH_2048, R_FFDH_3072, R_FFDH_4096, R_FFDH_6144, R_FFDH_8192, FFDH_NUM
  339. };
  340. static const OPT_PAIR ffdh_choices[FFDH_NUM] = {
  341. {"ffdh2048", R_FFDH_2048},
  342. {"ffdh3072", R_FFDH_3072},
  343. {"ffdh4096", R_FFDH_4096},
  344. {"ffdh6144", R_FFDH_6144},
  345. {"ffdh8192", R_FFDH_8192},
  346. };
  347. static double ffdh_results[FFDH_NUM][1]; /* 1 op: derivation */
  348. #endif /* OPENSSL_NO_DH */
  349. enum ec_curves_t {
  350. R_EC_P160, R_EC_P192, R_EC_P224, R_EC_P256, R_EC_P384, R_EC_P521,
  351. #ifndef OPENSSL_NO_EC2M
  352. R_EC_K163, R_EC_K233, R_EC_K283, R_EC_K409, R_EC_K571,
  353. R_EC_B163, R_EC_B233, R_EC_B283, R_EC_B409, R_EC_B571,
  354. #endif
  355. R_EC_BRP256R1, R_EC_BRP256T1, R_EC_BRP384R1, R_EC_BRP384T1,
  356. R_EC_BRP512R1, R_EC_BRP512T1, ECDSA_NUM
  357. };
  358. /* list of ecdsa curves */
  359. static const OPT_PAIR ecdsa_choices[ECDSA_NUM] = {
  360. {"ecdsap160", R_EC_P160},
  361. {"ecdsap192", R_EC_P192},
  362. {"ecdsap224", R_EC_P224},
  363. {"ecdsap256", R_EC_P256},
  364. {"ecdsap384", R_EC_P384},
  365. {"ecdsap521", R_EC_P521},
  366. #ifndef OPENSSL_NO_EC2M
  367. {"ecdsak163", R_EC_K163},
  368. {"ecdsak233", R_EC_K233},
  369. {"ecdsak283", R_EC_K283},
  370. {"ecdsak409", R_EC_K409},
  371. {"ecdsak571", R_EC_K571},
  372. {"ecdsab163", R_EC_B163},
  373. {"ecdsab233", R_EC_B233},
  374. {"ecdsab283", R_EC_B283},
  375. {"ecdsab409", R_EC_B409},
  376. {"ecdsab571", R_EC_B571},
  377. #endif
  378. {"ecdsabrp256r1", R_EC_BRP256R1},
  379. {"ecdsabrp256t1", R_EC_BRP256T1},
  380. {"ecdsabrp384r1", R_EC_BRP384R1},
  381. {"ecdsabrp384t1", R_EC_BRP384T1},
  382. {"ecdsabrp512r1", R_EC_BRP512R1},
  383. {"ecdsabrp512t1", R_EC_BRP512T1}
  384. };
  385. enum {
  386. #ifndef OPENSSL_NO_ECX
  387. R_EC_X25519 = ECDSA_NUM, R_EC_X448, EC_NUM
  388. #else
  389. EC_NUM = ECDSA_NUM
  390. #endif
  391. };
  392. /* list of ecdh curves, extension of |ecdsa_choices| list above */
  393. static const OPT_PAIR ecdh_choices[EC_NUM] = {
  394. {"ecdhp160", R_EC_P160},
  395. {"ecdhp192", R_EC_P192},
  396. {"ecdhp224", R_EC_P224},
  397. {"ecdhp256", R_EC_P256},
  398. {"ecdhp384", R_EC_P384},
  399. {"ecdhp521", R_EC_P521},
  400. #ifndef OPENSSL_NO_EC2M
  401. {"ecdhk163", R_EC_K163},
  402. {"ecdhk233", R_EC_K233},
  403. {"ecdhk283", R_EC_K283},
  404. {"ecdhk409", R_EC_K409},
  405. {"ecdhk571", R_EC_K571},
  406. {"ecdhb163", R_EC_B163},
  407. {"ecdhb233", R_EC_B233},
  408. {"ecdhb283", R_EC_B283},
  409. {"ecdhb409", R_EC_B409},
  410. {"ecdhb571", R_EC_B571},
  411. #endif
  412. {"ecdhbrp256r1", R_EC_BRP256R1},
  413. {"ecdhbrp256t1", R_EC_BRP256T1},
  414. {"ecdhbrp384r1", R_EC_BRP384R1},
  415. {"ecdhbrp384t1", R_EC_BRP384T1},
  416. {"ecdhbrp512r1", R_EC_BRP512R1},
  417. {"ecdhbrp512t1", R_EC_BRP512T1},
  418. #ifndef OPENSSL_NO_ECX
  419. {"ecdhx25519", R_EC_X25519},
  420. {"ecdhx448", R_EC_X448}
  421. #endif
  422. };
  423. static double ecdh_results[EC_NUM][1]; /* 1 op: derivation */
  424. static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */
  425. #ifndef OPENSSL_NO_ECX
  426. enum { R_EC_Ed25519, R_EC_Ed448, EdDSA_NUM };
  427. static const OPT_PAIR eddsa_choices[EdDSA_NUM] = {
  428. {"ed25519", R_EC_Ed25519},
  429. {"ed448", R_EC_Ed448}
  430. };
  431. static double eddsa_results[EdDSA_NUM][2]; /* 2 ops: sign then verify */
  432. #endif /* OPENSSL_NO_ECX */
  433. #ifndef OPENSSL_NO_SM2
  434. enum { R_EC_CURVESM2, SM2_NUM };
  435. static const OPT_PAIR sm2_choices[SM2_NUM] = {
  436. {"curveSM2", R_EC_CURVESM2}
  437. };
  438. # define SM2_ID "TLSv1.3+GM+Cipher+Suite"
  439. # define SM2_ID_LEN sizeof("TLSv1.3+GM+Cipher+Suite") - 1
  440. static double sm2_results[SM2_NUM][2]; /* 2 ops: sign then verify */
  441. #endif /* OPENSSL_NO_SM2 */
  442. #define MAX_KEM_NUM 111
  443. static size_t kems_algs_len = 0;
  444. static char *kems_algname[MAX_KEM_NUM] = { NULL };
  445. static double kems_results[MAX_KEM_NUM][3]; /* keygen, encaps, decaps */
  446. #define MAX_SIG_NUM 111
  447. static size_t sigs_algs_len = 0;
  448. static char *sigs_algname[MAX_SIG_NUM] = { NULL };
  449. static double sigs_results[MAX_SIG_NUM][3]; /* keygen, sign, verify */
  450. #define COND(unused_cond) (run && count < INT_MAX)
  451. #define COUNT(d) (count)
  452. typedef struct loopargs_st {
  453. ASYNC_JOB *inprogress_job;
  454. ASYNC_WAIT_CTX *wait_ctx;
  455. unsigned char *buf;
  456. unsigned char *buf2;
  457. unsigned char *buf_malloc;
  458. unsigned char *buf2_malloc;
  459. unsigned char *key;
  460. size_t buflen;
  461. size_t sigsize;
  462. size_t encsize;
  463. EVP_PKEY_CTX *rsa_sign_ctx[RSA_NUM];
  464. EVP_PKEY_CTX *rsa_verify_ctx[RSA_NUM];
  465. EVP_PKEY_CTX *rsa_encrypt_ctx[RSA_NUM];
  466. EVP_PKEY_CTX *rsa_decrypt_ctx[RSA_NUM];
  467. EVP_PKEY_CTX *dsa_sign_ctx[DSA_NUM];
  468. EVP_PKEY_CTX *dsa_verify_ctx[DSA_NUM];
  469. EVP_PKEY_CTX *ecdsa_sign_ctx[ECDSA_NUM];
  470. EVP_PKEY_CTX *ecdsa_verify_ctx[ECDSA_NUM];
  471. EVP_PKEY_CTX *ecdh_ctx[EC_NUM];
  472. #ifndef OPENSSL_NO_ECX
  473. EVP_MD_CTX *eddsa_ctx[EdDSA_NUM];
  474. EVP_MD_CTX *eddsa_ctx2[EdDSA_NUM];
  475. #endif /* OPENSSL_NO_ECX */
  476. #ifndef OPENSSL_NO_SM2
  477. EVP_MD_CTX *sm2_ctx[SM2_NUM];
  478. EVP_MD_CTX *sm2_vfy_ctx[SM2_NUM];
  479. EVP_PKEY *sm2_pkey[SM2_NUM];
  480. #endif
  481. unsigned char *secret_a;
  482. unsigned char *secret_b;
  483. size_t outlen[EC_NUM];
  484. #ifndef OPENSSL_NO_DH
  485. EVP_PKEY_CTX *ffdh_ctx[FFDH_NUM];
  486. unsigned char *secret_ff_a;
  487. unsigned char *secret_ff_b;
  488. #endif
  489. EVP_CIPHER_CTX *ctx;
  490. EVP_MAC_CTX *mctx;
  491. EVP_PKEY_CTX *kem_gen_ctx[MAX_KEM_NUM];
  492. EVP_PKEY_CTX *kem_encaps_ctx[MAX_KEM_NUM];
  493. EVP_PKEY_CTX *kem_decaps_ctx[MAX_KEM_NUM];
  494. size_t kem_out_len[MAX_KEM_NUM];
  495. size_t kem_secret_len[MAX_KEM_NUM];
  496. unsigned char *kem_out[MAX_KEM_NUM];
  497. unsigned char *kem_send_secret[MAX_KEM_NUM];
  498. unsigned char *kem_rcv_secret[MAX_KEM_NUM];
  499. EVP_PKEY_CTX *sig_gen_ctx[MAX_KEM_NUM];
  500. EVP_PKEY_CTX *sig_sign_ctx[MAX_KEM_NUM];
  501. EVP_PKEY_CTX *sig_verify_ctx[MAX_KEM_NUM];
  502. size_t sig_max_sig_len[MAX_KEM_NUM];
  503. size_t sig_act_sig_len[MAX_KEM_NUM];
  504. unsigned char *sig_sig[MAX_KEM_NUM];
  505. } loopargs_t;
  506. static int run_benchmark(int async_jobs, int (*loop_function) (void *),
  507. loopargs_t *loopargs);
  508. static unsigned int testnum;
  509. static char *evp_mac_mdname = "sha256";
  510. static char *evp_hmac_name = NULL;
  511. static const char *evp_md_name = NULL;
  512. static char *evp_mac_ciphername = "aes-128-cbc";
  513. static char *evp_cmac_name = NULL;
  514. static int have_md(const char *name)
  515. {
  516. int ret = 0;
  517. EVP_MD *md = NULL;
  518. if (opt_md_silent(name, &md)) {
  519. EVP_MD_CTX *ctx = EVP_MD_CTX_new();
  520. if (ctx != NULL && EVP_DigestInit(ctx, md) > 0)
  521. ret = 1;
  522. EVP_MD_CTX_free(ctx);
  523. EVP_MD_free(md);
  524. }
  525. return ret;
  526. }
  527. static int have_cipher(const char *name)
  528. {
  529. int ret = 0;
  530. EVP_CIPHER *cipher = NULL;
  531. if (opt_cipher_silent(name, &cipher)) {
  532. EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
  533. if (ctx != NULL
  534. && EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, 1) > 0)
  535. ret = 1;
  536. EVP_CIPHER_CTX_free(ctx);
  537. EVP_CIPHER_free(cipher);
  538. }
  539. return ret;
  540. }
  541. static int EVP_Digest_loop(const char *mdname, ossl_unused int algindex, void *args)
  542. {
  543. loopargs_t *tempargs = *(loopargs_t **) args;
  544. unsigned char *buf = tempargs->buf;
  545. unsigned char digest[EVP_MAX_MD_SIZE];
  546. int count;
  547. EVP_MD *md = NULL;
  548. if (!opt_md_silent(mdname, &md))
  549. return -1;
  550. for (count = 0; COND(c[algindex][testnum]); count++) {
  551. if (!EVP_Digest(buf, (size_t)lengths[testnum], digest, NULL, md,
  552. NULL)) {
  553. count = -1;
  554. break;
  555. }
  556. }
  557. EVP_MD_free(md);
  558. return count;
  559. }
  560. static int EVP_Digest_md_loop(void *args)
  561. {
  562. return EVP_Digest_loop(evp_md_name, D_EVP, args);
  563. }
  564. static int EVP_Digest_MD2_loop(void *args)
  565. {
  566. return EVP_Digest_loop("md2", D_MD2, args);
  567. }
  568. static int EVP_Digest_MDC2_loop(void *args)
  569. {
  570. return EVP_Digest_loop("mdc2", D_MDC2, args);
  571. }
  572. static int EVP_Digest_MD4_loop(void *args)
  573. {
  574. return EVP_Digest_loop("md4", D_MD4, args);
  575. }
  576. static int MD5_loop(void *args)
  577. {
  578. return EVP_Digest_loop("md5", D_MD5, args);
  579. }
  580. static int mac_setup(const char *name,
  581. EVP_MAC **mac, OSSL_PARAM params[],
  582. loopargs_t *loopargs, unsigned int loopargs_len)
  583. {
  584. unsigned int i;
  585. *mac = EVP_MAC_fetch(app_get0_libctx(), name, app_get0_propq());
  586. if (*mac == NULL)
  587. return 0;
  588. for (i = 0; i < loopargs_len; i++) {
  589. loopargs[i].mctx = EVP_MAC_CTX_new(*mac);
  590. if (loopargs[i].mctx == NULL)
  591. return 0;
  592. if (!EVP_MAC_CTX_set_params(loopargs[i].mctx, params))
  593. return 0;
  594. }
  595. return 1;
  596. }
  597. static void mac_teardown(EVP_MAC **mac,
  598. loopargs_t *loopargs, unsigned int loopargs_len)
  599. {
  600. unsigned int i;
  601. for (i = 0; i < loopargs_len; i++)
  602. EVP_MAC_CTX_free(loopargs[i].mctx);
  603. EVP_MAC_free(*mac);
  604. *mac = NULL;
  605. return;
  606. }
  607. static int EVP_MAC_loop(ossl_unused int algindex, void *args)
  608. {
  609. loopargs_t *tempargs = *(loopargs_t **) args;
  610. unsigned char *buf = tempargs->buf;
  611. EVP_MAC_CTX *mctx = tempargs->mctx;
  612. unsigned char mac[EVP_MAX_MD_SIZE];
  613. int count;
  614. for (count = 0; COND(c[algindex][testnum]); count++) {
  615. size_t outl;
  616. if (!EVP_MAC_init(mctx, NULL, 0, NULL)
  617. || !EVP_MAC_update(mctx, buf, lengths[testnum])
  618. || !EVP_MAC_final(mctx, mac, &outl, sizeof(mac)))
  619. return -1;
  620. }
  621. return count;
  622. }
  623. static int HMAC_loop(void *args)
  624. {
  625. return EVP_MAC_loop(D_HMAC, args);
  626. }
  627. static int CMAC_loop(void *args)
  628. {
  629. return EVP_MAC_loop(D_EVP_CMAC, args);
  630. }
  631. static int KMAC128_loop(void *args)
  632. {
  633. return EVP_MAC_loop(D_KMAC128, args);
  634. }
  635. static int KMAC256_loop(void *args)
  636. {
  637. return EVP_MAC_loop(D_KMAC256, args);
  638. }
  639. static int SHA1_loop(void *args)
  640. {
  641. return EVP_Digest_loop("sha1", D_SHA1, args);
  642. }
  643. static int SHA256_loop(void *args)
  644. {
  645. return EVP_Digest_loop("sha256", D_SHA256, args);
  646. }
  647. static int SHA512_loop(void *args)
  648. {
  649. return EVP_Digest_loop("sha512", D_SHA512, args);
  650. }
  651. static int WHIRLPOOL_loop(void *args)
  652. {
  653. return EVP_Digest_loop("whirlpool", D_WHIRLPOOL, args);
  654. }
  655. static int EVP_Digest_RMD160_loop(void *args)
  656. {
  657. return EVP_Digest_loop("ripemd160", D_RMD160, args);
  658. }
  659. static int algindex;
  660. static int EVP_Cipher_loop(void *args)
  661. {
  662. loopargs_t *tempargs = *(loopargs_t **) args;
  663. unsigned char *buf = tempargs->buf;
  664. int count;
  665. if (tempargs->ctx == NULL)
  666. return -1;
  667. for (count = 0; COND(c[algindex][testnum]); count++)
  668. if (EVP_Cipher(tempargs->ctx, buf, buf, (size_t)lengths[testnum]) <= 0)
  669. return -1;
  670. return count;
  671. }
  672. static int GHASH_loop(void *args)
  673. {
  674. loopargs_t *tempargs = *(loopargs_t **) args;
  675. unsigned char *buf = tempargs->buf;
  676. EVP_MAC_CTX *mctx = tempargs->mctx;
  677. int count;
  678. /* just do the update in the loop to be comparable with 1.1.1 */
  679. for (count = 0; COND(c[D_GHASH][testnum]); count++) {
  680. if (!EVP_MAC_update(mctx, buf, lengths[testnum]))
  681. return -1;
  682. }
  683. return count;
  684. }
  685. #define MAX_BLOCK_SIZE 128
  686. static unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
  687. static EVP_CIPHER_CTX *init_evp_cipher_ctx(const char *ciphername,
  688. const unsigned char *key,
  689. int keylen)
  690. {
  691. EVP_CIPHER_CTX *ctx = NULL;
  692. EVP_CIPHER *cipher = NULL;
  693. if (!opt_cipher_silent(ciphername, &cipher))
  694. return NULL;
  695. if ((ctx = EVP_CIPHER_CTX_new()) == NULL)
  696. goto end;
  697. if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, 1)) {
  698. EVP_CIPHER_CTX_free(ctx);
  699. ctx = NULL;
  700. goto end;
  701. }
  702. if (EVP_CIPHER_CTX_set_key_length(ctx, keylen) <= 0) {
  703. EVP_CIPHER_CTX_free(ctx);
  704. ctx = NULL;
  705. goto end;
  706. }
  707. if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, 1)) {
  708. EVP_CIPHER_CTX_free(ctx);
  709. ctx = NULL;
  710. goto end;
  711. }
  712. end:
  713. EVP_CIPHER_free(cipher);
  714. return ctx;
  715. }
  716. static int RAND_bytes_loop(void *args)
  717. {
  718. loopargs_t *tempargs = *(loopargs_t **) args;
  719. unsigned char *buf = tempargs->buf;
  720. int count;
  721. for (count = 0; COND(c[D_RAND][testnum]); count++)
  722. RAND_bytes(buf, lengths[testnum]);
  723. return count;
  724. }
  725. static int decrypt = 0;
  726. static int EVP_Update_loop(void *args)
  727. {
  728. loopargs_t *tempargs = *(loopargs_t **) args;
  729. unsigned char *buf = tempargs->buf;
  730. EVP_CIPHER_CTX *ctx = tempargs->ctx;
  731. int outl, count, rc;
  732. unsigned char faketag[16] = { 0xcc };
  733. if (decrypt) {
  734. if (EVP_CIPHER_get_flags(EVP_CIPHER_CTX_get0_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER) {
  735. (void)EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(faketag), faketag);
  736. }
  737. for (count = 0; COND(c[D_EVP][testnum]); count++) {
  738. rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
  739. if (rc != 1) {
  740. /* reset iv in case of counter overflow */
  741. rc = EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
  742. }
  743. }
  744. } else {
  745. for (count = 0; COND(c[D_EVP][testnum]); count++) {
  746. rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
  747. if (rc != 1) {
  748. /* reset iv in case of counter overflow */
  749. rc = EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
  750. }
  751. }
  752. }
  753. if (decrypt)
  754. rc = EVP_DecryptFinal_ex(ctx, buf, &outl);
  755. else
  756. rc = EVP_EncryptFinal_ex(ctx, buf, &outl);
  757. if (rc == 0)
  758. BIO_printf(bio_err, "Error finalizing cipher loop\n");
  759. return count;
  760. }
  761. /*
  762. * CCM does not support streaming. For the purpose of performance measurement,
  763. * each message is encrypted using the same (key,iv)-pair. Do not use this
  764. * code in your application.
  765. */
  766. static int EVP_Update_loop_ccm(void *args)
  767. {
  768. loopargs_t *tempargs = *(loopargs_t **) args;
  769. unsigned char *buf = tempargs->buf;
  770. EVP_CIPHER_CTX *ctx = tempargs->ctx;
  771. int outl, count, realcount = 0, final;
  772. unsigned char tag[12];
  773. if (decrypt) {
  774. for (count = 0; COND(c[D_EVP][testnum]); count++) {
  775. if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag),
  776. tag) > 0
  777. /* reset iv */
  778. && EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv) > 0
  779. /* counter is reset on every update */
  780. && EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]) > 0)
  781. realcount++;
  782. }
  783. } else {
  784. for (count = 0; COND(c[D_EVP][testnum]); count++) {
  785. /* restore iv length field */
  786. if (EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]) > 0
  787. /* counter is reset on every update */
  788. && EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]) > 0)
  789. realcount++;
  790. }
  791. }
  792. if (decrypt)
  793. final = EVP_DecryptFinal_ex(ctx, buf, &outl);
  794. else
  795. final = EVP_EncryptFinal_ex(ctx, buf, &outl);
  796. if (final == 0)
  797. BIO_printf(bio_err, "Error finalizing ccm loop\n");
  798. return realcount;
  799. }
  800. /*
  801. * To make AEAD benchmarking more relevant perform TLS-like operations,
  802. * 13-byte AAD followed by payload. But don't use TLS-formatted AAD, as
  803. * payload length is not actually limited by 16KB...
  804. */
  805. static int EVP_Update_loop_aead(void *args)
  806. {
  807. loopargs_t *tempargs = *(loopargs_t **) args;
  808. unsigned char *buf = tempargs->buf;
  809. EVP_CIPHER_CTX *ctx = tempargs->ctx;
  810. int outl, count, realcount = 0;
  811. unsigned char aad[13] = { 0xcc };
  812. unsigned char faketag[16] = { 0xcc };
  813. if (decrypt) {
  814. for (count = 0; COND(c[D_EVP][testnum]); count++) {
  815. if (EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv) > 0
  816. && EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
  817. sizeof(faketag), faketag) > 0
  818. && EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad)) > 0
  819. && EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]) > 0
  820. && EVP_DecryptFinal_ex(ctx, buf + outl, &outl) > 0)
  821. realcount++;
  822. }
  823. } else {
  824. for (count = 0; COND(c[D_EVP][testnum]); count++) {
  825. if (EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv) > 0
  826. && EVP_EncryptUpdate(ctx, NULL, &outl, aad, sizeof(aad)) > 0
  827. && EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]) > 0
  828. && EVP_EncryptFinal_ex(ctx, buf + outl, &outl) > 0)
  829. realcount++;
  830. }
  831. }
  832. return realcount;
  833. }
  834. static int RSA_sign_loop(void *args)
  835. {
  836. loopargs_t *tempargs = *(loopargs_t **) args;
  837. unsigned char *buf = tempargs->buf;
  838. unsigned char *buf2 = tempargs->buf2;
  839. size_t *rsa_num = &tempargs->sigsize;
  840. EVP_PKEY_CTX **rsa_sign_ctx = tempargs->rsa_sign_ctx;
  841. int ret, count;
  842. for (count = 0; COND(rsa_c[testnum][0]); count++) {
  843. *rsa_num = tempargs->buflen;
  844. ret = EVP_PKEY_sign(rsa_sign_ctx[testnum], buf2, rsa_num, buf, 36);
  845. if (ret <= 0) {
  846. BIO_printf(bio_err, "RSA sign failure\n");
  847. ERR_print_errors(bio_err);
  848. count = -1;
  849. break;
  850. }
  851. }
  852. return count;
  853. }
  854. static int RSA_verify_loop(void *args)
  855. {
  856. loopargs_t *tempargs = *(loopargs_t **) args;
  857. unsigned char *buf = tempargs->buf;
  858. unsigned char *buf2 = tempargs->buf2;
  859. size_t rsa_num = tempargs->sigsize;
  860. EVP_PKEY_CTX **rsa_verify_ctx = tempargs->rsa_verify_ctx;
  861. int ret, count;
  862. for (count = 0; COND(rsa_c[testnum][1]); count++) {
  863. ret = EVP_PKEY_verify(rsa_verify_ctx[testnum], buf2, rsa_num, buf, 36);
  864. if (ret <= 0) {
  865. BIO_printf(bio_err, "RSA verify failure\n");
  866. ERR_print_errors(bio_err);
  867. count = -1;
  868. break;
  869. }
  870. }
  871. return count;
  872. }
  873. static int RSA_encrypt_loop(void *args)
  874. {
  875. loopargs_t *tempargs = *(loopargs_t **) args;
  876. unsigned char *buf = tempargs->buf;
  877. unsigned char *buf2 = tempargs->buf2;
  878. size_t *rsa_num = &tempargs->encsize;
  879. EVP_PKEY_CTX **rsa_encrypt_ctx = tempargs->rsa_encrypt_ctx;
  880. int ret, count;
  881. for (count = 0; COND(rsa_c[testnum][2]); count++) {
  882. *rsa_num = tempargs->buflen;
  883. ret = EVP_PKEY_encrypt(rsa_encrypt_ctx[testnum], buf2, rsa_num, buf, 36);
  884. if (ret <= 0) {
  885. BIO_printf(bio_err, "RSA encrypt failure\n");
  886. ERR_print_errors(bio_err);
  887. count = -1;
  888. break;
  889. }
  890. }
  891. return count;
  892. }
  893. static int RSA_decrypt_loop(void *args)
  894. {
  895. loopargs_t *tempargs = *(loopargs_t **) args;
  896. unsigned char *buf = tempargs->buf;
  897. unsigned char *buf2 = tempargs->buf2;
  898. size_t rsa_num;
  899. EVP_PKEY_CTX **rsa_decrypt_ctx = tempargs->rsa_decrypt_ctx;
  900. int ret, count;
  901. for (count = 0; COND(rsa_c[testnum][3]); count++) {
  902. rsa_num = tempargs->buflen;
  903. ret = EVP_PKEY_decrypt(rsa_decrypt_ctx[testnum], buf, &rsa_num, buf2, tempargs->encsize);
  904. if (ret <= 0) {
  905. BIO_printf(bio_err, "RSA decrypt failure\n");
  906. ERR_print_errors(bio_err);
  907. count = -1;
  908. break;
  909. }
  910. }
  911. return count;
  912. }
  913. #ifndef OPENSSL_NO_DH
  914. static int FFDH_derive_key_loop(void *args)
  915. {
  916. loopargs_t *tempargs = *(loopargs_t **) args;
  917. EVP_PKEY_CTX *ffdh_ctx = tempargs->ffdh_ctx[testnum];
  918. unsigned char *derived_secret = tempargs->secret_ff_a;
  919. int count;
  920. for (count = 0; COND(ffdh_c[testnum][0]); count++) {
  921. /* outlen can be overwritten with a too small value (no padding used) */
  922. size_t outlen = MAX_FFDH_SIZE;
  923. EVP_PKEY_derive(ffdh_ctx, derived_secret, &outlen);
  924. }
  925. return count;
  926. }
  927. #endif /* OPENSSL_NO_DH */
  928. static int DSA_sign_loop(void *args)
  929. {
  930. loopargs_t *tempargs = *(loopargs_t **) args;
  931. unsigned char *buf = tempargs->buf;
  932. unsigned char *buf2 = tempargs->buf2;
  933. size_t *dsa_num = &tempargs->sigsize;
  934. EVP_PKEY_CTX **dsa_sign_ctx = tempargs->dsa_sign_ctx;
  935. int ret, count;
  936. for (count = 0; COND(dsa_c[testnum][0]); count++) {
  937. *dsa_num = tempargs->buflen;
  938. ret = EVP_PKEY_sign(dsa_sign_ctx[testnum], buf2, dsa_num, buf, 20);
  939. if (ret <= 0) {
  940. BIO_printf(bio_err, "DSA sign failure\n");
  941. ERR_print_errors(bio_err);
  942. count = -1;
  943. break;
  944. }
  945. }
  946. return count;
  947. }
  948. static int DSA_verify_loop(void *args)
  949. {
  950. loopargs_t *tempargs = *(loopargs_t **) args;
  951. unsigned char *buf = tempargs->buf;
  952. unsigned char *buf2 = tempargs->buf2;
  953. size_t dsa_num = tempargs->sigsize;
  954. EVP_PKEY_CTX **dsa_verify_ctx = tempargs->dsa_verify_ctx;
  955. int ret, count;
  956. for (count = 0; COND(dsa_c[testnum][1]); count++) {
  957. ret = EVP_PKEY_verify(dsa_verify_ctx[testnum], buf2, dsa_num, buf, 20);
  958. if (ret <= 0) {
  959. BIO_printf(bio_err, "DSA verify failure\n");
  960. ERR_print_errors(bio_err);
  961. count = -1;
  962. break;
  963. }
  964. }
  965. return count;
  966. }
  967. static int ECDSA_sign_loop(void *args)
  968. {
  969. loopargs_t *tempargs = *(loopargs_t **) args;
  970. unsigned char *buf = tempargs->buf;
  971. unsigned char *buf2 = tempargs->buf2;
  972. size_t *ecdsa_num = &tempargs->sigsize;
  973. EVP_PKEY_CTX **ecdsa_sign_ctx = tempargs->ecdsa_sign_ctx;
  974. int ret, count;
  975. for (count = 0; COND(ecdsa_c[testnum][0]); count++) {
  976. *ecdsa_num = tempargs->buflen;
  977. ret = EVP_PKEY_sign(ecdsa_sign_ctx[testnum], buf2, ecdsa_num, buf, 20);
  978. if (ret <= 0) {
  979. BIO_printf(bio_err, "ECDSA sign failure\n");
  980. ERR_print_errors(bio_err);
  981. count = -1;
  982. break;
  983. }
  984. }
  985. return count;
  986. }
  987. static int ECDSA_verify_loop(void *args)
  988. {
  989. loopargs_t *tempargs = *(loopargs_t **) args;
  990. unsigned char *buf = tempargs->buf;
  991. unsigned char *buf2 = tempargs->buf2;
  992. size_t ecdsa_num = tempargs->sigsize;
  993. EVP_PKEY_CTX **ecdsa_verify_ctx = tempargs->ecdsa_verify_ctx;
  994. int ret, count;
  995. for (count = 0; COND(ecdsa_c[testnum][1]); count++) {
  996. ret = EVP_PKEY_verify(ecdsa_verify_ctx[testnum], buf2, ecdsa_num,
  997. buf, 20);
  998. if (ret <= 0) {
  999. BIO_printf(bio_err, "ECDSA verify failure\n");
  1000. ERR_print_errors(bio_err);
  1001. count = -1;
  1002. break;
  1003. }
  1004. }
  1005. return count;
  1006. }
  1007. /* ******************************************************************** */
  1008. static int ECDH_EVP_derive_key_loop(void *args)
  1009. {
  1010. loopargs_t *tempargs = *(loopargs_t **) args;
  1011. EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum];
  1012. unsigned char *derived_secret = tempargs->secret_a;
  1013. int count;
  1014. size_t *outlen = &(tempargs->outlen[testnum]);
  1015. for (count = 0; COND(ecdh_c[testnum][0]); count++)
  1016. EVP_PKEY_derive(ctx, derived_secret, outlen);
  1017. return count;
  1018. }
  1019. #ifndef OPENSSL_NO_ECX
  1020. static int EdDSA_sign_loop(void *args)
  1021. {
  1022. loopargs_t *tempargs = *(loopargs_t **) args;
  1023. unsigned char *buf = tempargs->buf;
  1024. EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
  1025. unsigned char *eddsasig = tempargs->buf2;
  1026. size_t *eddsasigsize = &tempargs->sigsize;
  1027. int ret, count;
  1028. for (count = 0; COND(eddsa_c[testnum][0]); count++) {
  1029. ret = EVP_DigestSignInit(edctx[testnum], NULL, NULL, NULL, NULL);
  1030. if (ret == 0) {
  1031. BIO_printf(bio_err, "EdDSA sign init failure\n");
  1032. ERR_print_errors(bio_err);
  1033. count = -1;
  1034. break;
  1035. }
  1036. ret = EVP_DigestSign(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
  1037. if (ret == 0) {
  1038. BIO_printf(bio_err, "EdDSA sign failure\n");
  1039. ERR_print_errors(bio_err);
  1040. count = -1;
  1041. break;
  1042. }
  1043. }
  1044. return count;
  1045. }
  1046. static int EdDSA_verify_loop(void *args)
  1047. {
  1048. loopargs_t *tempargs = *(loopargs_t **) args;
  1049. unsigned char *buf = tempargs->buf;
  1050. EVP_MD_CTX **edctx = tempargs->eddsa_ctx2;
  1051. unsigned char *eddsasig = tempargs->buf2;
  1052. size_t eddsasigsize = tempargs->sigsize;
  1053. int ret, count;
  1054. for (count = 0; COND(eddsa_c[testnum][1]); count++) {
  1055. ret = EVP_DigestVerifyInit(edctx[testnum], NULL, NULL, NULL, NULL);
  1056. if (ret == 0) {
  1057. BIO_printf(bio_err, "EdDSA verify init failure\n");
  1058. ERR_print_errors(bio_err);
  1059. count = -1;
  1060. break;
  1061. }
  1062. ret = EVP_DigestVerify(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
  1063. if (ret != 1) {
  1064. BIO_printf(bio_err, "EdDSA verify failure\n");
  1065. ERR_print_errors(bio_err);
  1066. count = -1;
  1067. break;
  1068. }
  1069. }
  1070. return count;
  1071. }
  1072. #endif /* OPENSSL_NO_ECX */
  1073. #ifndef OPENSSL_NO_SM2
  1074. static int SM2_sign_loop(void *args)
  1075. {
  1076. loopargs_t *tempargs = *(loopargs_t **) args;
  1077. unsigned char *buf = tempargs->buf;
  1078. EVP_MD_CTX **sm2ctx = tempargs->sm2_ctx;
  1079. unsigned char *sm2sig = tempargs->buf2;
  1080. size_t sm2sigsize;
  1081. int ret, count;
  1082. EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
  1083. const size_t max_size = EVP_PKEY_get_size(sm2_pkey[testnum]);
  1084. for (count = 0; COND(sm2_c[testnum][0]); count++) {
  1085. sm2sigsize = max_size;
  1086. if (!EVP_DigestSignInit(sm2ctx[testnum], NULL, EVP_sm3(),
  1087. NULL, sm2_pkey[testnum])) {
  1088. BIO_printf(bio_err, "SM2 init sign failure\n");
  1089. ERR_print_errors(bio_err);
  1090. count = -1;
  1091. break;
  1092. }
  1093. ret = EVP_DigestSign(sm2ctx[testnum], sm2sig, &sm2sigsize,
  1094. buf, 20);
  1095. if (ret == 0) {
  1096. BIO_printf(bio_err, "SM2 sign failure\n");
  1097. ERR_print_errors(bio_err);
  1098. count = -1;
  1099. break;
  1100. }
  1101. /* update the latest returned size and always use the fixed buffer size */
  1102. tempargs->sigsize = sm2sigsize;
  1103. }
  1104. return count;
  1105. }
  1106. static int SM2_verify_loop(void *args)
  1107. {
  1108. loopargs_t *tempargs = *(loopargs_t **) args;
  1109. unsigned char *buf = tempargs->buf;
  1110. EVP_MD_CTX **sm2ctx = tempargs->sm2_vfy_ctx;
  1111. unsigned char *sm2sig = tempargs->buf2;
  1112. size_t sm2sigsize = tempargs->sigsize;
  1113. int ret, count;
  1114. EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
  1115. for (count = 0; COND(sm2_c[testnum][1]); count++) {
  1116. if (!EVP_DigestVerifyInit(sm2ctx[testnum], NULL, EVP_sm3(),
  1117. NULL, sm2_pkey[testnum])) {
  1118. BIO_printf(bio_err, "SM2 verify init failure\n");
  1119. ERR_print_errors(bio_err);
  1120. count = -1;
  1121. break;
  1122. }
  1123. ret = EVP_DigestVerify(sm2ctx[testnum], sm2sig, sm2sigsize,
  1124. buf, 20);
  1125. if (ret != 1) {
  1126. BIO_printf(bio_err, "SM2 verify failure\n");
  1127. ERR_print_errors(bio_err);
  1128. count = -1;
  1129. break;
  1130. }
  1131. }
  1132. return count;
  1133. }
  1134. #endif /* OPENSSL_NO_SM2 */
  1135. static int KEM_keygen_loop(void *args)
  1136. {
  1137. loopargs_t *tempargs = *(loopargs_t **) args;
  1138. EVP_PKEY_CTX *ctx = tempargs->kem_gen_ctx[testnum];
  1139. EVP_PKEY *pkey = NULL;
  1140. int count;
  1141. for (count = 0; COND(kems_c[testnum][0]); count++) {
  1142. if (EVP_PKEY_keygen(ctx, &pkey) <= 0)
  1143. return -1;
  1144. /*
  1145. * runtime defined to quite some degree by randomness,
  1146. * so performance overhead of _free doesn't impact
  1147. * results significantly. In any case this test is
  1148. * meant to permit relative algorithm performance
  1149. * comparison.
  1150. */
  1151. EVP_PKEY_free(pkey);
  1152. pkey = NULL;
  1153. }
  1154. return count;
  1155. }
  1156. static int KEM_encaps_loop(void *args)
  1157. {
  1158. loopargs_t *tempargs = *(loopargs_t **) args;
  1159. EVP_PKEY_CTX *ctx = tempargs->kem_encaps_ctx[testnum];
  1160. size_t out_len = tempargs->kem_out_len[testnum];
  1161. size_t secret_len = tempargs->kem_secret_len[testnum];
  1162. unsigned char *out = tempargs->kem_out[testnum];
  1163. unsigned char *secret = tempargs->kem_send_secret[testnum];
  1164. int count;
  1165. for (count = 0; COND(kems_c[testnum][1]); count++) {
  1166. if (EVP_PKEY_encapsulate(ctx, out, &out_len, secret, &secret_len) <= 0)
  1167. return -1;
  1168. }
  1169. return count;
  1170. }
  1171. static int KEM_decaps_loop(void *args)
  1172. {
  1173. loopargs_t *tempargs = *(loopargs_t **) args;
  1174. EVP_PKEY_CTX *ctx = tempargs->kem_decaps_ctx[testnum];
  1175. size_t out_len = tempargs->kem_out_len[testnum];
  1176. size_t secret_len = tempargs->kem_secret_len[testnum];
  1177. unsigned char *out = tempargs->kem_out[testnum];
  1178. unsigned char *secret = tempargs->kem_send_secret[testnum];
  1179. int count;
  1180. for (count = 0; COND(kems_c[testnum][2]); count++) {
  1181. if (EVP_PKEY_decapsulate(ctx, secret, &secret_len, out, out_len) <= 0)
  1182. return -1;
  1183. }
  1184. return count;
  1185. }
  1186. static int SIG_keygen_loop(void *args)
  1187. {
  1188. loopargs_t *tempargs = *(loopargs_t **) args;
  1189. EVP_PKEY_CTX *ctx = tempargs->sig_gen_ctx[testnum];
  1190. EVP_PKEY *pkey = NULL;
  1191. int count;
  1192. for (count = 0; COND(kems_c[testnum][0]); count++) {
  1193. EVP_PKEY_keygen(ctx, &pkey);
  1194. /* TBD: How much does free influence runtime? */
  1195. EVP_PKEY_free(pkey);
  1196. pkey = NULL;
  1197. }
  1198. return count;
  1199. }
  1200. static int SIG_sign_loop(void *args)
  1201. {
  1202. loopargs_t *tempargs = *(loopargs_t **) args;
  1203. EVP_PKEY_CTX *ctx = tempargs->sig_sign_ctx[testnum];
  1204. /* be sure to not change stored sig: */
  1205. unsigned char *sig = app_malloc(tempargs->sig_max_sig_len[testnum],
  1206. "sig sign loop");
  1207. unsigned char md[SHA256_DIGEST_LENGTH] = { 0 };
  1208. size_t md_len = SHA256_DIGEST_LENGTH;
  1209. int count;
  1210. for (count = 0; COND(kems_c[testnum][1]); count++) {
  1211. size_t sig_len = tempargs->sig_max_sig_len[testnum];
  1212. int ret = EVP_PKEY_sign(ctx, sig, &sig_len, md, md_len);
  1213. if (ret <= 0) {
  1214. BIO_printf(bio_err, "SIG sign failure at count %d\n", count);
  1215. ERR_print_errors(bio_err);
  1216. count = -1;
  1217. break;
  1218. }
  1219. }
  1220. OPENSSL_free(sig);
  1221. return count;
  1222. }
  1223. static int SIG_verify_loop(void *args)
  1224. {
  1225. loopargs_t *tempargs = *(loopargs_t **) args;
  1226. EVP_PKEY_CTX *ctx = tempargs->sig_verify_ctx[testnum];
  1227. size_t sig_len = tempargs->sig_act_sig_len[testnum];
  1228. unsigned char *sig = tempargs->sig_sig[testnum];
  1229. unsigned char md[SHA256_DIGEST_LENGTH] = { 0 };
  1230. size_t md_len = SHA256_DIGEST_LENGTH;
  1231. int count;
  1232. for (count = 0; COND(kems_c[testnum][2]); count++) {
  1233. int ret = EVP_PKEY_verify(ctx, sig, sig_len, md, md_len);
  1234. if (ret <= 0) {
  1235. BIO_printf(bio_err, "SIG verify failure at count %d\n", count);
  1236. ERR_print_errors(bio_err);
  1237. count = -1;
  1238. break;
  1239. }
  1240. }
  1241. return count;
  1242. }
  1243. static int run_benchmark(int async_jobs,
  1244. int (*loop_function) (void *), loopargs_t *loopargs)
  1245. {
  1246. int job_op_count = 0;
  1247. int total_op_count = 0;
  1248. int num_inprogress = 0;
  1249. int error = 0, i = 0, ret = 0;
  1250. OSSL_ASYNC_FD job_fd = 0;
  1251. size_t num_job_fds = 0;
  1252. if (async_jobs == 0) {
  1253. return loop_function((void *)&loopargs);
  1254. }
  1255. for (i = 0; i < async_jobs && !error; i++) {
  1256. loopargs_t *looparg_item = loopargs + i;
  1257. /* Copy pointer content (looparg_t item address) into async context */
  1258. ret = ASYNC_start_job(&loopargs[i].inprogress_job, loopargs[i].wait_ctx,
  1259. &job_op_count, loop_function,
  1260. (void *)&looparg_item, sizeof(looparg_item));
  1261. switch (ret) {
  1262. case ASYNC_PAUSE:
  1263. ++num_inprogress;
  1264. break;
  1265. case ASYNC_FINISH:
  1266. if (job_op_count == -1) {
  1267. error = 1;
  1268. } else {
  1269. total_op_count += job_op_count;
  1270. }
  1271. break;
  1272. case ASYNC_NO_JOBS:
  1273. case ASYNC_ERR:
  1274. BIO_printf(bio_err, "Failure in the job\n");
  1275. ERR_print_errors(bio_err);
  1276. error = 1;
  1277. break;
  1278. }
  1279. }
  1280. while (num_inprogress > 0) {
  1281. #if defined(OPENSSL_SYS_WINDOWS)
  1282. DWORD avail = 0;
  1283. #elif defined(OPENSSL_SYS_UNIX)
  1284. int select_result = 0;
  1285. OSSL_ASYNC_FD max_fd = 0;
  1286. fd_set waitfdset;
  1287. FD_ZERO(&waitfdset);
  1288. for (i = 0; i < async_jobs && num_inprogress > 0; i++) {
  1289. if (loopargs[i].inprogress_job == NULL)
  1290. continue;
  1291. if (!ASYNC_WAIT_CTX_get_all_fds
  1292. (loopargs[i].wait_ctx, NULL, &num_job_fds)
  1293. || num_job_fds > 1) {
  1294. BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
  1295. ERR_print_errors(bio_err);
  1296. error = 1;
  1297. break;
  1298. }
  1299. ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
  1300. &num_job_fds);
  1301. FD_SET(job_fd, &waitfdset);
  1302. if (job_fd > max_fd)
  1303. max_fd = job_fd;
  1304. }
  1305. if (max_fd >= (OSSL_ASYNC_FD)FD_SETSIZE) {
  1306. BIO_printf(bio_err,
  1307. "Error: max_fd (%d) must be smaller than FD_SETSIZE (%d). "
  1308. "Decrease the value of async_jobs\n",
  1309. max_fd, FD_SETSIZE);
  1310. ERR_print_errors(bio_err);
  1311. error = 1;
  1312. break;
  1313. }
  1314. select_result = select(max_fd + 1, &waitfdset, NULL, NULL, NULL);
  1315. if (select_result == -1 && errno == EINTR)
  1316. continue;
  1317. if (select_result == -1) {
  1318. BIO_printf(bio_err, "Failure in the select\n");
  1319. ERR_print_errors(bio_err);
  1320. error = 1;
  1321. break;
  1322. }
  1323. if (select_result == 0)
  1324. continue;
  1325. #endif
  1326. for (i = 0; i < async_jobs; i++) {
  1327. if (loopargs[i].inprogress_job == NULL)
  1328. continue;
  1329. if (!ASYNC_WAIT_CTX_get_all_fds
  1330. (loopargs[i].wait_ctx, NULL, &num_job_fds)
  1331. || num_job_fds > 1) {
  1332. BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
  1333. ERR_print_errors(bio_err);
  1334. error = 1;
  1335. break;
  1336. }
  1337. ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
  1338. &num_job_fds);
  1339. #if defined(OPENSSL_SYS_UNIX)
  1340. if (num_job_fds == 1 && !FD_ISSET(job_fd, &waitfdset))
  1341. continue;
  1342. #elif defined(OPENSSL_SYS_WINDOWS)
  1343. if (num_job_fds == 1
  1344. && !PeekNamedPipe(job_fd, NULL, 0, NULL, &avail, NULL)
  1345. && avail > 0)
  1346. continue;
  1347. #endif
  1348. ret = ASYNC_start_job(&loopargs[i].inprogress_job,
  1349. loopargs[i].wait_ctx, &job_op_count,
  1350. loop_function, (void *)(loopargs + i),
  1351. sizeof(loopargs_t));
  1352. switch (ret) {
  1353. case ASYNC_PAUSE:
  1354. break;
  1355. case ASYNC_FINISH:
  1356. if (job_op_count == -1) {
  1357. error = 1;
  1358. } else {
  1359. total_op_count += job_op_count;
  1360. }
  1361. --num_inprogress;
  1362. loopargs[i].inprogress_job = NULL;
  1363. break;
  1364. case ASYNC_NO_JOBS:
  1365. case ASYNC_ERR:
  1366. --num_inprogress;
  1367. loopargs[i].inprogress_job = NULL;
  1368. BIO_printf(bio_err, "Failure in the job\n");
  1369. ERR_print_errors(bio_err);
  1370. error = 1;
  1371. break;
  1372. }
  1373. }
  1374. }
  1375. return error ? -1 : total_op_count;
  1376. }
  1377. typedef struct ec_curve_st {
  1378. const char *name;
  1379. unsigned int nid;
  1380. unsigned int bits;
  1381. size_t sigsize; /* only used for EdDSA curves */
  1382. } EC_CURVE;
  1383. static EVP_PKEY *get_ecdsa(const EC_CURVE *curve)
  1384. {
  1385. EVP_PKEY_CTX *kctx = NULL;
  1386. EVP_PKEY *key = NULL;
  1387. /* Ensure that the error queue is empty */
  1388. if (ERR_peek_error()) {
  1389. BIO_printf(bio_err,
  1390. "WARNING: the error queue contains previous unhandled errors.\n");
  1391. ERR_print_errors(bio_err);
  1392. }
  1393. /*
  1394. * Let's try to create a ctx directly from the NID: this works for
  1395. * curves like Curve25519 that are not implemented through the low
  1396. * level EC interface.
  1397. * If this fails we try creating a EVP_PKEY_EC generic param ctx,
  1398. * then we set the curve by NID before deriving the actual keygen
  1399. * ctx for that specific curve.
  1400. */
  1401. kctx = EVP_PKEY_CTX_new_id(curve->nid, NULL);
  1402. if (kctx == NULL) {
  1403. EVP_PKEY_CTX *pctx = NULL;
  1404. EVP_PKEY *params = NULL;
  1405. /*
  1406. * If we reach this code EVP_PKEY_CTX_new_id() failed and a
  1407. * "int_ctx_new:unsupported algorithm" error was added to the
  1408. * error queue.
  1409. * We remove it from the error queue as we are handling it.
  1410. */
  1411. unsigned long error = ERR_peek_error();
  1412. if (error == ERR_peek_last_error() /* oldest and latest errors match */
  1413. /* check that the error origin matches */
  1414. && ERR_GET_LIB(error) == ERR_LIB_EVP
  1415. && (ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM
  1416. || ERR_GET_REASON(error) == ERR_R_UNSUPPORTED))
  1417. ERR_get_error(); /* pop error from queue */
  1418. if (ERR_peek_error()) {
  1419. BIO_printf(bio_err,
  1420. "Unhandled error in the error queue during EC key setup.\n");
  1421. ERR_print_errors(bio_err);
  1422. return NULL;
  1423. }
  1424. /* Create the context for parameter generation */
  1425. if ((pctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL)) == NULL
  1426. || EVP_PKEY_paramgen_init(pctx) <= 0
  1427. || EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
  1428. curve->nid) <= 0
  1429. || EVP_PKEY_paramgen(pctx, &params) <= 0) {
  1430. BIO_printf(bio_err, "EC params init failure.\n");
  1431. ERR_print_errors(bio_err);
  1432. EVP_PKEY_CTX_free(pctx);
  1433. return NULL;
  1434. }
  1435. EVP_PKEY_CTX_free(pctx);
  1436. /* Create the context for the key generation */
  1437. kctx = EVP_PKEY_CTX_new(params, NULL);
  1438. EVP_PKEY_free(params);
  1439. }
  1440. if (kctx == NULL
  1441. || EVP_PKEY_keygen_init(kctx) <= 0
  1442. || EVP_PKEY_keygen(kctx, &key) <= 0) {
  1443. BIO_printf(bio_err, "EC key generation failure.\n");
  1444. ERR_print_errors(bio_err);
  1445. key = NULL;
  1446. }
  1447. EVP_PKEY_CTX_free(kctx);
  1448. return key;
  1449. }
  1450. #define stop_it(do_it, test_num)\
  1451. memset(do_it + test_num, 0, OSSL_NELEM(do_it) - test_num);
  1452. /* Checks to see if algorithms are fetchable */
  1453. #define IS_FETCHABLE(type, TYPE) \
  1454. static int is_ ## type ## _fetchable(const TYPE *alg) \
  1455. { \
  1456. TYPE *impl; \
  1457. const char *propq = app_get0_propq(); \
  1458. OSSL_LIB_CTX *libctx = app_get0_libctx(); \
  1459. const char *name = TYPE ## _get0_name(alg); \
  1460. \
  1461. ERR_set_mark(); \
  1462. impl = TYPE ## _fetch(libctx, name, propq); \
  1463. ERR_pop_to_mark(); \
  1464. if (impl == NULL) \
  1465. return 0; \
  1466. TYPE ## _free(impl); \
  1467. return 1; \
  1468. }
  1469. IS_FETCHABLE(signature, EVP_SIGNATURE)
  1470. IS_FETCHABLE(kem, EVP_KEM)
  1471. DEFINE_STACK_OF(EVP_KEM)
  1472. static int kems_cmp(const EVP_KEM * const *a,
  1473. const EVP_KEM * const *b)
  1474. {
  1475. return strcmp(OSSL_PROVIDER_get0_name(EVP_KEM_get0_provider(*a)),
  1476. OSSL_PROVIDER_get0_name(EVP_KEM_get0_provider(*b)));
  1477. }
  1478. static void collect_kem(EVP_KEM *kem, void *stack)
  1479. {
  1480. STACK_OF(EVP_KEM) *kem_stack = stack;
  1481. if (is_kem_fetchable(kem)
  1482. && sk_EVP_KEM_push(kem_stack, kem) > 0) {
  1483. EVP_KEM_up_ref(kem);
  1484. }
  1485. }
  1486. static int kem_locate(const char *algo, unsigned int *idx)
  1487. {
  1488. unsigned int i;
  1489. for (i = 0; i < kems_algs_len; i++) {
  1490. if (strcmp(kems_algname[i], algo) == 0) {
  1491. *idx = i;
  1492. return 1;
  1493. }
  1494. }
  1495. return 0;
  1496. }
  1497. DEFINE_STACK_OF(EVP_SIGNATURE)
  1498. static int signatures_cmp(const EVP_SIGNATURE * const *a,
  1499. const EVP_SIGNATURE * const *b)
  1500. {
  1501. return strcmp(OSSL_PROVIDER_get0_name(EVP_SIGNATURE_get0_provider(*a)),
  1502. OSSL_PROVIDER_get0_name(EVP_SIGNATURE_get0_provider(*b)));
  1503. }
  1504. static void collect_signatures(EVP_SIGNATURE *sig, void *stack)
  1505. {
  1506. STACK_OF(EVP_SIGNATURE) *sig_stack = stack;
  1507. if (is_signature_fetchable(sig)
  1508. && sk_EVP_SIGNATURE_push(sig_stack, sig) > 0)
  1509. EVP_SIGNATURE_up_ref(sig);
  1510. }
  1511. static int sig_locate(const char *algo, unsigned int *idx)
  1512. {
  1513. unsigned int i;
  1514. for (i = 0; i < sigs_algs_len; i++) {
  1515. if (strcmp(sigs_algname[i], algo) == 0) {
  1516. *idx = i;
  1517. return 1;
  1518. }
  1519. }
  1520. return 0;
  1521. }
  1522. static int get_max(const uint8_t doit[], size_t algs_len) {
  1523. size_t i = 0;
  1524. int maxcnt = 0;
  1525. for (i = 0; i < algs_len; i++)
  1526. if (maxcnt < doit[i]) maxcnt = doit[i];
  1527. return maxcnt;
  1528. }
  1529. int speed_main(int argc, char **argv)
  1530. {
  1531. CONF *conf = NULL;
  1532. ENGINE *e = NULL;
  1533. loopargs_t *loopargs = NULL;
  1534. const char *prog;
  1535. const char *engine_id = NULL;
  1536. EVP_CIPHER *evp_cipher = NULL;
  1537. EVP_MAC *mac = NULL;
  1538. double d = 0.0;
  1539. OPTION_CHOICE o;
  1540. int async_init = 0, multiblock = 0, pr_header = 0;
  1541. uint8_t doit[ALGOR_NUM] = { 0 };
  1542. int ret = 1, misalign = 0, lengths_single = 0, aead = 0;
  1543. STACK_OF(EVP_KEM) *kem_stack = NULL;
  1544. STACK_OF(EVP_SIGNATURE) *sig_stack = NULL;
  1545. long count = 0;
  1546. unsigned int size_num = SIZE_NUM;
  1547. unsigned int i, k, loopargs_len = 0, async_jobs = 0;
  1548. unsigned int idx;
  1549. int keylen;
  1550. int buflen;
  1551. size_t declen;
  1552. BIGNUM *bn = NULL;
  1553. EVP_PKEY_CTX *genctx = NULL;
  1554. #ifndef NO_FORK
  1555. int multi = 0;
  1556. #endif
  1557. long op_count = 1;
  1558. openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS,
  1559. ECDSA_SECONDS, ECDH_SECONDS,
  1560. EdDSA_SECONDS, SM2_SECONDS,
  1561. FFDH_SECONDS, KEM_SECONDS,
  1562. SIG_SECONDS };
  1563. static const unsigned char key32[32] = {
  1564. 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
  1565. 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
  1566. 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
  1567. 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
  1568. };
  1569. static const unsigned char deskey[] = {
  1570. 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, /* key1 */
  1571. 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, /* key2 */
  1572. 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34 /* key3 */
  1573. };
  1574. static const struct {
  1575. const unsigned char *data;
  1576. unsigned int length;
  1577. unsigned int bits;
  1578. } rsa_keys[] = {
  1579. { test512, sizeof(test512), 512 },
  1580. { test1024, sizeof(test1024), 1024 },
  1581. { test2048, sizeof(test2048), 2048 },
  1582. { test3072, sizeof(test3072), 3072 },
  1583. { test4096, sizeof(test4096), 4096 },
  1584. { test7680, sizeof(test7680), 7680 },
  1585. { test15360, sizeof(test15360), 15360 }
  1586. };
  1587. uint8_t rsa_doit[RSA_NUM] = { 0 };
  1588. int primes = RSA_DEFAULT_PRIME_NUM;
  1589. #ifndef OPENSSL_NO_DH
  1590. typedef struct ffdh_params_st {
  1591. const char *name;
  1592. unsigned int nid;
  1593. unsigned int bits;
  1594. } FFDH_PARAMS;
  1595. static const FFDH_PARAMS ffdh_params[FFDH_NUM] = {
  1596. {"ffdh2048", NID_ffdhe2048, 2048},
  1597. {"ffdh3072", NID_ffdhe3072, 3072},
  1598. {"ffdh4096", NID_ffdhe4096, 4096},
  1599. {"ffdh6144", NID_ffdhe6144, 6144},
  1600. {"ffdh8192", NID_ffdhe8192, 8192}
  1601. };
  1602. uint8_t ffdh_doit[FFDH_NUM] = { 0 };
  1603. #endif /* OPENSSL_NO_DH */
  1604. static const unsigned int dsa_bits[DSA_NUM] = { 1024, 2048 };
  1605. uint8_t dsa_doit[DSA_NUM] = { 0 };
  1606. /*
  1607. * We only test over the following curves as they are representative, To
  1608. * add tests over more curves, simply add the curve NID and curve name to
  1609. * the following arrays and increase the |ecdh_choices| and |ecdsa_choices|
  1610. * lists accordingly.
  1611. */
  1612. static const EC_CURVE ec_curves[EC_NUM] = {
  1613. /* Prime Curves */
  1614. {"secp160r1", NID_secp160r1, 160},
  1615. {"nistp192", NID_X9_62_prime192v1, 192},
  1616. {"nistp224", NID_secp224r1, 224},
  1617. {"nistp256", NID_X9_62_prime256v1, 256},
  1618. {"nistp384", NID_secp384r1, 384},
  1619. {"nistp521", NID_secp521r1, 521},
  1620. #ifndef OPENSSL_NO_EC2M
  1621. /* Binary Curves */
  1622. {"nistk163", NID_sect163k1, 163},
  1623. {"nistk233", NID_sect233k1, 233},
  1624. {"nistk283", NID_sect283k1, 283},
  1625. {"nistk409", NID_sect409k1, 409},
  1626. {"nistk571", NID_sect571k1, 571},
  1627. {"nistb163", NID_sect163r2, 163},
  1628. {"nistb233", NID_sect233r1, 233},
  1629. {"nistb283", NID_sect283r1, 283},
  1630. {"nistb409", NID_sect409r1, 409},
  1631. {"nistb571", NID_sect571r1, 571},
  1632. #endif
  1633. {"brainpoolP256r1", NID_brainpoolP256r1, 256},
  1634. {"brainpoolP256t1", NID_brainpoolP256t1, 256},
  1635. {"brainpoolP384r1", NID_brainpoolP384r1, 384},
  1636. {"brainpoolP384t1", NID_brainpoolP384t1, 384},
  1637. {"brainpoolP512r1", NID_brainpoolP512r1, 512},
  1638. {"brainpoolP512t1", NID_brainpoolP512t1, 512},
  1639. #ifndef OPENSSL_NO_ECX
  1640. /* Other and ECDH only ones */
  1641. {"X25519", NID_X25519, 253},
  1642. {"X448", NID_X448, 448}
  1643. #endif
  1644. };
  1645. #ifndef OPENSSL_NO_ECX
  1646. static const EC_CURVE ed_curves[EdDSA_NUM] = {
  1647. /* EdDSA */
  1648. {"Ed25519", NID_ED25519, 253, 64},
  1649. {"Ed448", NID_ED448, 456, 114}
  1650. };
  1651. #endif /* OPENSSL_NO_ECX */
  1652. #ifndef OPENSSL_NO_SM2
  1653. static const EC_CURVE sm2_curves[SM2_NUM] = {
  1654. /* SM2 */
  1655. {"CurveSM2", NID_sm2, 256}
  1656. };
  1657. uint8_t sm2_doit[SM2_NUM] = { 0 };
  1658. #endif
  1659. uint8_t ecdsa_doit[ECDSA_NUM] = { 0 };
  1660. uint8_t ecdh_doit[EC_NUM] = { 0 };
  1661. #ifndef OPENSSL_NO_ECX
  1662. uint8_t eddsa_doit[EdDSA_NUM] = { 0 };
  1663. #endif /* OPENSSL_NO_ECX */
  1664. uint8_t kems_doit[MAX_KEM_NUM] = { 0 };
  1665. uint8_t sigs_doit[MAX_SIG_NUM] = { 0 };
  1666. uint8_t do_kems = 0;
  1667. uint8_t do_sigs = 0;
  1668. /* checks declared curves against choices list. */
  1669. #ifndef OPENSSL_NO_ECX
  1670. OPENSSL_assert(ed_curves[EdDSA_NUM - 1].nid == NID_ED448);
  1671. OPENSSL_assert(strcmp(eddsa_choices[EdDSA_NUM - 1].name, "ed448") == 0);
  1672. OPENSSL_assert(ec_curves[EC_NUM - 1].nid == NID_X448);
  1673. OPENSSL_assert(strcmp(ecdh_choices[EC_NUM - 1].name, "ecdhx448") == 0);
  1674. OPENSSL_assert(ec_curves[ECDSA_NUM - 1].nid == NID_brainpoolP512t1);
  1675. OPENSSL_assert(strcmp(ecdsa_choices[ECDSA_NUM - 1].name, "ecdsabrp512t1") == 0);
  1676. #endif /* OPENSSL_NO_ECX */
  1677. #ifndef OPENSSL_NO_SM2
  1678. OPENSSL_assert(sm2_curves[SM2_NUM - 1].nid == NID_sm2);
  1679. OPENSSL_assert(strcmp(sm2_choices[SM2_NUM - 1].name, "curveSM2") == 0);
  1680. #endif
  1681. prog = opt_init(argc, argv, speed_options);
  1682. while ((o = opt_next()) != OPT_EOF) {
  1683. switch (o) {
  1684. case OPT_EOF:
  1685. case OPT_ERR:
  1686. opterr:
  1687. BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
  1688. goto end;
  1689. case OPT_HELP:
  1690. opt_help(speed_options);
  1691. ret = 0;
  1692. goto end;
  1693. case OPT_ELAPSED:
  1694. usertime = 0;
  1695. break;
  1696. case OPT_EVP:
  1697. if (doit[D_EVP]) {
  1698. BIO_printf(bio_err, "%s: -evp option cannot be used more than once\n", prog);
  1699. goto opterr;
  1700. }
  1701. ERR_set_mark();
  1702. if (!opt_cipher_silent(opt_arg(), &evp_cipher)) {
  1703. if (have_md(opt_arg()))
  1704. evp_md_name = opt_arg();
  1705. }
  1706. if (evp_cipher == NULL && evp_md_name == NULL) {
  1707. ERR_clear_last_mark();
  1708. BIO_printf(bio_err,
  1709. "%s: %s is an unknown cipher or digest\n",
  1710. prog, opt_arg());
  1711. goto end;
  1712. }
  1713. ERR_pop_to_mark();
  1714. doit[D_EVP] = 1;
  1715. break;
  1716. case OPT_HMAC:
  1717. if (!have_md(opt_arg())) {
  1718. BIO_printf(bio_err, "%s: %s is an unknown digest\n",
  1719. prog, opt_arg());
  1720. goto end;
  1721. }
  1722. evp_mac_mdname = opt_arg();
  1723. doit[D_HMAC] = 1;
  1724. break;
  1725. case OPT_CMAC:
  1726. if (!have_cipher(opt_arg())) {
  1727. BIO_printf(bio_err, "%s: %s is an unknown cipher\n",
  1728. prog, opt_arg());
  1729. goto end;
  1730. }
  1731. evp_mac_ciphername = opt_arg();
  1732. doit[D_EVP_CMAC] = 1;
  1733. break;
  1734. case OPT_DECRYPT:
  1735. decrypt = 1;
  1736. break;
  1737. case OPT_ENGINE:
  1738. /*
  1739. * In a forked execution, an engine might need to be
  1740. * initialised by each child process, not by the parent.
  1741. * So store the name here and run setup_engine() later on.
  1742. */
  1743. engine_id = opt_arg();
  1744. break;
  1745. case OPT_MULTI:
  1746. #ifndef NO_FORK
  1747. multi = opt_int_arg();
  1748. if ((size_t)multi >= SIZE_MAX / sizeof(int)) {
  1749. BIO_printf(bio_err, "%s: multi argument too large\n", prog);
  1750. return 0;
  1751. }
  1752. #endif
  1753. break;
  1754. case OPT_ASYNCJOBS:
  1755. #ifndef OPENSSL_NO_ASYNC
  1756. async_jobs = opt_int_arg();
  1757. if (!ASYNC_is_capable()) {
  1758. BIO_printf(bio_err,
  1759. "%s: async_jobs specified but async not supported\n",
  1760. prog);
  1761. goto opterr;
  1762. }
  1763. if (async_jobs > 99999) {
  1764. BIO_printf(bio_err, "%s: too many async_jobs\n", prog);
  1765. goto opterr;
  1766. }
  1767. #endif
  1768. break;
  1769. case OPT_MISALIGN:
  1770. misalign = opt_int_arg();
  1771. if (misalign > MISALIGN) {
  1772. BIO_printf(bio_err,
  1773. "%s: Maximum offset is %d\n", prog, MISALIGN);
  1774. goto opterr;
  1775. }
  1776. break;
  1777. case OPT_MR:
  1778. mr = 1;
  1779. break;
  1780. case OPT_MB:
  1781. multiblock = 1;
  1782. #ifdef OPENSSL_NO_MULTIBLOCK
  1783. BIO_printf(bio_err,
  1784. "%s: -mb specified but multi-block support is disabled\n",
  1785. prog);
  1786. goto end;
  1787. #endif
  1788. break;
  1789. case OPT_R_CASES:
  1790. if (!opt_rand(o))
  1791. goto end;
  1792. break;
  1793. case OPT_PROV_CASES:
  1794. if (!opt_provider(o))
  1795. goto end;
  1796. break;
  1797. case OPT_CONFIG:
  1798. conf = app_load_config_modules(opt_arg());
  1799. if (conf == NULL)
  1800. goto end;
  1801. break;
  1802. case OPT_PRIMES:
  1803. primes = opt_int_arg();
  1804. break;
  1805. case OPT_SECONDS:
  1806. seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa
  1807. = seconds.ecdh = seconds.eddsa
  1808. = seconds.sm2 = seconds.ffdh
  1809. = seconds.kem = seconds.sig = opt_int_arg();
  1810. break;
  1811. case OPT_BYTES:
  1812. lengths_single = opt_int_arg();
  1813. lengths = &lengths_single;
  1814. size_num = 1;
  1815. break;
  1816. case OPT_AEAD:
  1817. aead = 1;
  1818. break;
  1819. case OPT_KEM:
  1820. do_kems = 1;
  1821. break;
  1822. case OPT_SIG:
  1823. do_sigs = 1;
  1824. break;
  1825. case OPT_MLOCK:
  1826. domlock = 1;
  1827. #if !defined(_WIN32) && !defined(OPENSSL_SYS_LINUX)
  1828. BIO_printf(bio_err,
  1829. "%s: -mlock not supported on this platform\n",
  1830. prog);
  1831. goto end;
  1832. #endif
  1833. break;
  1834. }
  1835. }
  1836. /* find all KEMs currently available */
  1837. kem_stack = sk_EVP_KEM_new(kems_cmp);
  1838. EVP_KEM_do_all_provided(app_get0_libctx(), collect_kem, kem_stack);
  1839. kems_algs_len = 0;
  1840. for (idx = 0; idx < (unsigned int)sk_EVP_KEM_num(kem_stack); idx++) {
  1841. EVP_KEM *kem = sk_EVP_KEM_value(kem_stack, idx);
  1842. if (strcmp(EVP_KEM_get0_name(kem), "RSA") == 0) {
  1843. if (kems_algs_len + OSSL_NELEM(rsa_choices) >= MAX_KEM_NUM) {
  1844. BIO_printf(bio_err,
  1845. "Too many KEMs registered. Change MAX_KEM_NUM.\n");
  1846. goto end;
  1847. }
  1848. for (i = 0; i < OSSL_NELEM(rsa_choices); i++) {
  1849. kems_doit[kems_algs_len] = 1;
  1850. kems_algname[kems_algs_len++] = OPENSSL_strdup(rsa_choices[i].name);
  1851. }
  1852. } else if (strcmp(EVP_KEM_get0_name(kem), "EC") == 0) {
  1853. if (kems_algs_len + 3 >= MAX_KEM_NUM) {
  1854. BIO_printf(bio_err,
  1855. "Too many KEMs registered. Change MAX_KEM_NUM.\n");
  1856. goto end;
  1857. }
  1858. kems_doit[kems_algs_len] = 1;
  1859. kems_algname[kems_algs_len++] = OPENSSL_strdup("ECP-256");
  1860. kems_doit[kems_algs_len] = 1;
  1861. kems_algname[kems_algs_len++] = OPENSSL_strdup("ECP-384");
  1862. kems_doit[kems_algs_len] = 1;
  1863. kems_algname[kems_algs_len++] = OPENSSL_strdup("ECP-521");
  1864. } else {
  1865. if (kems_algs_len + 1 >= MAX_KEM_NUM) {
  1866. BIO_printf(bio_err,
  1867. "Too many KEMs registered. Change MAX_KEM_NUM.\n");
  1868. goto end;
  1869. }
  1870. kems_doit[kems_algs_len] = 1;
  1871. kems_algname[kems_algs_len++] = OPENSSL_strdup(EVP_KEM_get0_name(kem));
  1872. }
  1873. }
  1874. sk_EVP_KEM_pop_free(kem_stack, EVP_KEM_free);
  1875. kem_stack = NULL;
  1876. /* find all SIGNATUREs currently available */
  1877. sig_stack = sk_EVP_SIGNATURE_new(signatures_cmp);
  1878. EVP_SIGNATURE_do_all_provided(app_get0_libctx(), collect_signatures, sig_stack);
  1879. sigs_algs_len = 0;
  1880. for (idx = 0; idx < (unsigned int)sk_EVP_SIGNATURE_num(sig_stack); idx++) {
  1881. EVP_SIGNATURE *s = sk_EVP_SIGNATURE_value(sig_stack, idx);
  1882. const char *sig_name = EVP_SIGNATURE_get0_name(s);
  1883. if (strcmp(sig_name, "RSA") == 0) {
  1884. if (sigs_algs_len + OSSL_NELEM(rsa_choices) >= MAX_SIG_NUM) {
  1885. BIO_printf(bio_err,
  1886. "Too many signatures registered. Change MAX_SIG_NUM.\n");
  1887. goto end;
  1888. }
  1889. for (i = 0; i < OSSL_NELEM(rsa_choices); i++) {
  1890. sigs_doit[sigs_algs_len] = 1;
  1891. sigs_algname[sigs_algs_len++] = OPENSSL_strdup(rsa_choices[i].name);
  1892. }
  1893. }
  1894. else if (strcmp(sig_name, "DSA") == 0) {
  1895. if (sigs_algs_len + DSA_NUM >= MAX_SIG_NUM) {
  1896. BIO_printf(bio_err,
  1897. "Too many signatures registered. Change MAX_SIG_NUM.\n");
  1898. goto end;
  1899. }
  1900. for (i = 0; i < DSA_NUM; i++) {
  1901. sigs_doit[sigs_algs_len] = 1;
  1902. sigs_algname[sigs_algs_len++] = OPENSSL_strdup(dsa_choices[i].name);
  1903. }
  1904. }
  1905. /* skipping these algs as tested elsewhere - and b/o setup is a pain */
  1906. else if (strcmp(sig_name, "ED25519") &&
  1907. strcmp(sig_name, "ED448") &&
  1908. strcmp(sig_name, "ECDSA") &&
  1909. strcmp(sig_name, "HMAC") &&
  1910. strcmp(sig_name, "SIPHASH") &&
  1911. strcmp(sig_name, "POLY1305") &&
  1912. strcmp(sig_name, "CMAC") &&
  1913. strcmp(sig_name, "SM2")) { /* skip alg */
  1914. if (sigs_algs_len + 1 >= MAX_SIG_NUM) {
  1915. BIO_printf(bio_err,
  1916. "Too many signatures registered. Change MAX_SIG_NUM.\n");
  1917. goto end;
  1918. }
  1919. /* activate this provider algorithm */
  1920. sigs_doit[sigs_algs_len] = 1;
  1921. sigs_algname[sigs_algs_len++] = OPENSSL_strdup(sig_name);
  1922. }
  1923. }
  1924. sk_EVP_SIGNATURE_pop_free(sig_stack, EVP_SIGNATURE_free);
  1925. sig_stack = NULL;
  1926. /* Remaining arguments are algorithms. */
  1927. argc = opt_num_rest();
  1928. argv = opt_rest();
  1929. if (!app_RAND_load())
  1930. goto end;
  1931. for (; *argv; argv++) {
  1932. const char *algo = *argv;
  1933. int algo_found = 0;
  1934. if (opt_found(algo, doit_choices, &i)) {
  1935. doit[i] = 1;
  1936. algo_found = 1;
  1937. }
  1938. if (strcmp(algo, "des") == 0) {
  1939. doit[D_CBC_DES] = doit[D_EDE3_DES] = 1;
  1940. algo_found = 1;
  1941. }
  1942. if (strcmp(algo, "sha") == 0) {
  1943. doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1;
  1944. algo_found = 1;
  1945. }
  1946. #ifndef OPENSSL_NO_DEPRECATED_3_0
  1947. if (strcmp(algo, "openssl") == 0) /* just for compatibility */
  1948. algo_found = 1;
  1949. #endif
  1950. if (HAS_PREFIX(algo, "rsa")) {
  1951. if (algo[sizeof("rsa") - 1] == '\0') {
  1952. memset(rsa_doit, 1, sizeof(rsa_doit));
  1953. algo_found = 1;
  1954. }
  1955. if (opt_found(algo, rsa_choices, &i)) {
  1956. rsa_doit[i] = 1;
  1957. algo_found = 1;
  1958. }
  1959. }
  1960. #ifndef OPENSSL_NO_DH
  1961. if (HAS_PREFIX(algo, "ffdh")) {
  1962. if (algo[sizeof("ffdh") - 1] == '\0') {
  1963. memset(ffdh_doit, 1, sizeof(ffdh_doit));
  1964. algo_found = 1;
  1965. }
  1966. if (opt_found(algo, ffdh_choices, &i)) {
  1967. ffdh_doit[i] = 2;
  1968. algo_found = 1;
  1969. }
  1970. }
  1971. #endif
  1972. if (HAS_PREFIX(algo, "dsa")) {
  1973. if (algo[sizeof("dsa") - 1] == '\0') {
  1974. memset(dsa_doit, 1, sizeof(dsa_doit));
  1975. algo_found = 1;
  1976. }
  1977. if (opt_found(algo, dsa_choices, &i)) {
  1978. dsa_doit[i] = 2;
  1979. algo_found = 1;
  1980. }
  1981. }
  1982. if (strcmp(algo, "aes") == 0) {
  1983. doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1;
  1984. algo_found = 1;
  1985. }
  1986. if (strcmp(algo, "camellia") == 0) {
  1987. doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1;
  1988. algo_found = 1;
  1989. }
  1990. if (HAS_PREFIX(algo, "ecdsa")) {
  1991. if (algo[sizeof("ecdsa") - 1] == '\0') {
  1992. memset(ecdsa_doit, 1, sizeof(ecdsa_doit));
  1993. algo_found = 1;
  1994. }
  1995. if (opt_found(algo, ecdsa_choices, &i)) {
  1996. ecdsa_doit[i] = 2;
  1997. algo_found = 1;
  1998. }
  1999. }
  2000. if (HAS_PREFIX(algo, "ecdh")) {
  2001. if (algo[sizeof("ecdh") - 1] == '\0') {
  2002. memset(ecdh_doit, 1, sizeof(ecdh_doit));
  2003. algo_found = 1;
  2004. }
  2005. if (opt_found(algo, ecdh_choices, &i)) {
  2006. ecdh_doit[i] = 2;
  2007. algo_found = 1;
  2008. }
  2009. }
  2010. #ifndef OPENSSL_NO_ECX
  2011. if (strcmp(algo, "eddsa") == 0) {
  2012. memset(eddsa_doit, 1, sizeof(eddsa_doit));
  2013. algo_found = 1;
  2014. }
  2015. if (opt_found(algo, eddsa_choices, &i)) {
  2016. eddsa_doit[i] = 2;
  2017. algo_found = 1;
  2018. }
  2019. #endif /* OPENSSL_NO_ECX */
  2020. #ifndef OPENSSL_NO_SM2
  2021. if (strcmp(algo, "sm2") == 0) {
  2022. memset(sm2_doit, 1, sizeof(sm2_doit));
  2023. algo_found = 1;
  2024. }
  2025. if (opt_found(algo, sm2_choices, &i)) {
  2026. sm2_doit[i] = 2;
  2027. algo_found = 1;
  2028. }
  2029. #endif
  2030. if (kem_locate(algo, &idx)) {
  2031. kems_doit[idx]++;
  2032. do_kems = 1;
  2033. algo_found = 1;
  2034. }
  2035. if (sig_locate(algo, &idx)) {
  2036. sigs_doit[idx]++;
  2037. do_sigs = 1;
  2038. algo_found = 1;
  2039. }
  2040. if (strcmp(algo, "kmac") == 0) {
  2041. doit[D_KMAC128] = doit[D_KMAC256] = 1;
  2042. algo_found = 1;
  2043. }
  2044. if (strcmp(algo, "cmac") == 0) {
  2045. doit[D_EVP_CMAC] = 1;
  2046. algo_found = 1;
  2047. }
  2048. if (!algo_found) {
  2049. BIO_printf(bio_err, "%s: Unknown algorithm %s\n", prog, algo);
  2050. goto end;
  2051. }
  2052. }
  2053. /* Sanity checks */
  2054. if (aead) {
  2055. if (evp_cipher == NULL) {
  2056. BIO_printf(bio_err, "-aead can be used only with an AEAD cipher\n");
  2057. goto end;
  2058. } else if (!(EVP_CIPHER_get_flags(evp_cipher) &
  2059. EVP_CIPH_FLAG_AEAD_CIPHER)) {
  2060. BIO_printf(bio_err, "%s is not an AEAD cipher\n",
  2061. EVP_CIPHER_get0_name(evp_cipher));
  2062. goto end;
  2063. }
  2064. }
  2065. if (kems_algs_len > 0) {
  2066. int maxcnt = get_max(kems_doit, kems_algs_len);
  2067. if (maxcnt > 1) {
  2068. /* some algs explicitly selected */
  2069. for (i = 0; i < kems_algs_len; i++) {
  2070. /* disable the rest */
  2071. kems_doit[i]--;
  2072. }
  2073. }
  2074. }
  2075. if (sigs_algs_len > 0) {
  2076. int maxcnt = get_max(sigs_doit, sigs_algs_len);
  2077. if (maxcnt > 1) {
  2078. /* some algs explicitly selected */
  2079. for (i = 0; i < sigs_algs_len; i++) {
  2080. /* disable the rest */
  2081. sigs_doit[i]--;
  2082. }
  2083. }
  2084. }
  2085. if (multiblock) {
  2086. if (evp_cipher == NULL) {
  2087. BIO_printf(bio_err, "-mb can be used only with a multi-block"
  2088. " capable cipher\n");
  2089. goto end;
  2090. } else if (!(EVP_CIPHER_get_flags(evp_cipher) &
  2091. EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
  2092. BIO_printf(bio_err, "%s is not a multi-block capable\n",
  2093. EVP_CIPHER_get0_name(evp_cipher));
  2094. goto end;
  2095. } else if (async_jobs > 0) {
  2096. BIO_printf(bio_err, "Async mode is not supported with -mb");
  2097. goto end;
  2098. }
  2099. }
  2100. /* Initialize the job pool if async mode is enabled */
  2101. if (async_jobs > 0) {
  2102. async_init = ASYNC_init_thread(async_jobs, async_jobs);
  2103. if (!async_init) {
  2104. BIO_printf(bio_err, "Error creating the ASYNC job pool\n");
  2105. goto end;
  2106. }
  2107. }
  2108. loopargs_len = (async_jobs == 0 ? 1 : async_jobs);
  2109. loopargs =
  2110. app_malloc(loopargs_len * sizeof(loopargs_t), "array of loopargs");
  2111. memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));
  2112. buflen = lengths[size_num - 1];
  2113. if (buflen < 36) /* size of random vector in RSA benchmark */
  2114. buflen = 36;
  2115. if (INT_MAX - (MAX_MISALIGNMENT + 1) < buflen) {
  2116. BIO_printf(bio_err, "Error: buffer size too large\n");
  2117. goto end;
  2118. }
  2119. buflen += MAX_MISALIGNMENT + 1;
  2120. for (i = 0; i < loopargs_len; i++) {
  2121. if (async_jobs > 0) {
  2122. loopargs[i].wait_ctx = ASYNC_WAIT_CTX_new();
  2123. if (loopargs[i].wait_ctx == NULL) {
  2124. BIO_printf(bio_err, "Error creating the ASYNC_WAIT_CTX\n");
  2125. goto end;
  2126. }
  2127. }
  2128. loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
  2129. loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");
  2130. /* Align the start of buffers on a 64 byte boundary */
  2131. loopargs[i].buf = loopargs[i].buf_malloc + misalign;
  2132. loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;
  2133. loopargs[i].buflen = buflen - misalign;
  2134. loopargs[i].sigsize = buflen - misalign;
  2135. loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a");
  2136. loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b");
  2137. #ifndef OPENSSL_NO_DH
  2138. loopargs[i].secret_ff_a = app_malloc(MAX_FFDH_SIZE, "FFDH secret a");
  2139. loopargs[i].secret_ff_b = app_malloc(MAX_FFDH_SIZE, "FFDH secret b");
  2140. #endif
  2141. }
  2142. #ifndef NO_FORK
  2143. if (multi && do_multi(multi, size_num))
  2144. goto show_res;
  2145. #endif
  2146. for (i = 0; i < loopargs_len; ++i) {
  2147. if (domlock) {
  2148. #if defined(_WIN32)
  2149. (void)VirtualLock(loopargs[i].buf_malloc, buflen);
  2150. (void)VirtualLock(loopargs[i].buf2_malloc, buflen);
  2151. #elif defined(OPENSSL_SYS_LINUX)
  2152. (void)mlock(loopargs[i].buf_malloc, buflen);
  2153. (void)mlock(loopargs[i].buf_malloc, buflen);
  2154. #endif
  2155. }
  2156. memset(loopargs[i].buf_malloc, 0, buflen);
  2157. memset(loopargs[i].buf2_malloc, 0, buflen);
  2158. }
  2159. /* Initialize the engine after the fork */
  2160. e = setup_engine(engine_id, 0);
  2161. /* No parameters; turn on everything. */
  2162. if (argc == 0 && !doit[D_EVP] && !doit[D_HMAC]
  2163. && !doit[D_EVP_CMAC] && !do_kems && !do_sigs) {
  2164. memset(doit, 1, sizeof(doit));
  2165. doit[D_EVP] = doit[D_EVP_CMAC] = 0;
  2166. ERR_set_mark();
  2167. for (i = D_MD2; i <= D_WHIRLPOOL; i++) {
  2168. if (!have_md(names[i]))
  2169. doit[i] = 0;
  2170. }
  2171. for (i = D_CBC_DES; i <= D_CBC_256_CML; i++) {
  2172. if (!have_cipher(names[i]))
  2173. doit[i] = 0;
  2174. }
  2175. if ((mac = EVP_MAC_fetch(app_get0_libctx(), "GMAC",
  2176. app_get0_propq())) != NULL) {
  2177. EVP_MAC_free(mac);
  2178. mac = NULL;
  2179. } else {
  2180. doit[D_GHASH] = 0;
  2181. }
  2182. if ((mac = EVP_MAC_fetch(app_get0_libctx(), "HMAC",
  2183. app_get0_propq())) != NULL) {
  2184. EVP_MAC_free(mac);
  2185. mac = NULL;
  2186. } else {
  2187. doit[D_HMAC] = 0;
  2188. }
  2189. ERR_pop_to_mark();
  2190. memset(rsa_doit, 1, sizeof(rsa_doit));
  2191. #ifndef OPENSSL_NO_DH
  2192. memset(ffdh_doit, 1, sizeof(ffdh_doit));
  2193. #endif
  2194. memset(dsa_doit, 1, sizeof(dsa_doit));
  2195. #ifndef OPENSSL_NO_ECX
  2196. memset(ecdsa_doit, 1, sizeof(ecdsa_doit));
  2197. memset(ecdh_doit, 1, sizeof(ecdh_doit));
  2198. memset(eddsa_doit, 1, sizeof(eddsa_doit));
  2199. #endif /* OPENSSL_NO_ECX */
  2200. #ifndef OPENSSL_NO_SM2
  2201. memset(sm2_doit, 1, sizeof(sm2_doit));
  2202. #endif
  2203. memset(kems_doit, 1, sizeof(kems_doit));
  2204. do_kems = 1;
  2205. memset(sigs_doit, 1, sizeof(sigs_doit));
  2206. do_sigs = 1;
  2207. }
  2208. for (i = 0; i < ALGOR_NUM; i++)
  2209. if (doit[i])
  2210. pr_header++;
  2211. if (usertime == 0 && !mr)
  2212. BIO_printf(bio_err,
  2213. "You have chosen to measure elapsed time "
  2214. "instead of user CPU time.\n");
  2215. #if SIGALRM > 0
  2216. signal(SIGALRM, alarmed);
  2217. #endif
  2218. if (doit[D_MD2]) {
  2219. for (testnum = 0; testnum < size_num; testnum++) {
  2220. print_message(names[D_MD2], lengths[testnum], seconds.sym);
  2221. Time_F(START);
  2222. count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs);
  2223. d = Time_F(STOP);
  2224. print_result(D_MD2, testnum, count, d);
  2225. if (count < 0)
  2226. break;
  2227. }
  2228. }
  2229. if (doit[D_MDC2]) {
  2230. for (testnum = 0; testnum < size_num; testnum++) {
  2231. print_message(names[D_MDC2], lengths[testnum], seconds.sym);
  2232. Time_F(START);
  2233. count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs);
  2234. d = Time_F(STOP);
  2235. print_result(D_MDC2, testnum, count, d);
  2236. if (count < 0)
  2237. break;
  2238. }
  2239. }
  2240. if (doit[D_MD4]) {
  2241. for (testnum = 0; testnum < size_num; testnum++) {
  2242. print_message(names[D_MD4], lengths[testnum], seconds.sym);
  2243. Time_F(START);
  2244. count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs);
  2245. d = Time_F(STOP);
  2246. print_result(D_MD4, testnum, count, d);
  2247. if (count < 0)
  2248. break;
  2249. }
  2250. }
  2251. if (doit[D_MD5]) {
  2252. for (testnum = 0; testnum < size_num; testnum++) {
  2253. print_message(names[D_MD5], lengths[testnum], seconds.sym);
  2254. Time_F(START);
  2255. count = run_benchmark(async_jobs, MD5_loop, loopargs);
  2256. d = Time_F(STOP);
  2257. print_result(D_MD5, testnum, count, d);
  2258. if (count < 0)
  2259. break;
  2260. }
  2261. }
  2262. if (doit[D_SHA1]) {
  2263. for (testnum = 0; testnum < size_num; testnum++) {
  2264. print_message(names[D_SHA1], lengths[testnum], seconds.sym);
  2265. Time_F(START);
  2266. count = run_benchmark(async_jobs, SHA1_loop, loopargs);
  2267. d = Time_F(STOP);
  2268. print_result(D_SHA1, testnum, count, d);
  2269. if (count < 0)
  2270. break;
  2271. }
  2272. }
  2273. if (doit[D_SHA256]) {
  2274. for (testnum = 0; testnum < size_num; testnum++) {
  2275. print_message(names[D_SHA256], lengths[testnum], seconds.sym);
  2276. Time_F(START);
  2277. count = run_benchmark(async_jobs, SHA256_loop, loopargs);
  2278. d = Time_F(STOP);
  2279. print_result(D_SHA256, testnum, count, d);
  2280. if (count < 0)
  2281. break;
  2282. }
  2283. }
  2284. if (doit[D_SHA512]) {
  2285. for (testnum = 0; testnum < size_num; testnum++) {
  2286. print_message(names[D_SHA512], lengths[testnum], seconds.sym);
  2287. Time_F(START);
  2288. count = run_benchmark(async_jobs, SHA512_loop, loopargs);
  2289. d = Time_F(STOP);
  2290. print_result(D_SHA512, testnum, count, d);
  2291. if (count < 0)
  2292. break;
  2293. }
  2294. }
  2295. if (doit[D_WHIRLPOOL]) {
  2296. for (testnum = 0; testnum < size_num; testnum++) {
  2297. print_message(names[D_WHIRLPOOL], lengths[testnum], seconds.sym);
  2298. Time_F(START);
  2299. count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs);
  2300. d = Time_F(STOP);
  2301. print_result(D_WHIRLPOOL, testnum, count, d);
  2302. if (count < 0)
  2303. break;
  2304. }
  2305. }
  2306. if (doit[D_RMD160]) {
  2307. for (testnum = 0; testnum < size_num; testnum++) {
  2308. print_message(names[D_RMD160], lengths[testnum], seconds.sym);
  2309. Time_F(START);
  2310. count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs);
  2311. d = Time_F(STOP);
  2312. print_result(D_RMD160, testnum, count, d);
  2313. if (count < 0)
  2314. break;
  2315. }
  2316. }
  2317. if (doit[D_HMAC]) {
  2318. static const char hmac_key[] = "This is a key...";
  2319. int len = strlen(hmac_key);
  2320. OSSL_PARAM params[3];
  2321. if (evp_mac_mdname == NULL)
  2322. goto end;
  2323. evp_hmac_name = app_malloc(sizeof("hmac()") + strlen(evp_mac_mdname),
  2324. "HMAC name");
  2325. sprintf(evp_hmac_name, "hmac(%s)", evp_mac_mdname);
  2326. names[D_HMAC] = evp_hmac_name;
  2327. params[0] =
  2328. OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
  2329. evp_mac_mdname, 0);
  2330. params[1] =
  2331. OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
  2332. (char *)hmac_key, len);
  2333. params[2] = OSSL_PARAM_construct_end();
  2334. if (mac_setup("HMAC", &mac, params, loopargs, loopargs_len) < 1)
  2335. goto end;
  2336. for (testnum = 0; testnum < size_num; testnum++) {
  2337. print_message(names[D_HMAC], lengths[testnum], seconds.sym);
  2338. Time_F(START);
  2339. count = run_benchmark(async_jobs, HMAC_loop, loopargs);
  2340. d = Time_F(STOP);
  2341. print_result(D_HMAC, testnum, count, d);
  2342. if (count < 0)
  2343. break;
  2344. }
  2345. mac_teardown(&mac, loopargs, loopargs_len);
  2346. }
  2347. if (doit[D_CBC_DES]) {
  2348. int st = 1;
  2349. for (i = 0; st && i < loopargs_len; i++) {
  2350. loopargs[i].ctx = init_evp_cipher_ctx("des-cbc", deskey,
  2351. sizeof(deskey) / 3);
  2352. st = loopargs[i].ctx != NULL;
  2353. }
  2354. algindex = D_CBC_DES;
  2355. for (testnum = 0; st && testnum < size_num; testnum++) {
  2356. print_message(names[D_CBC_DES], lengths[testnum], seconds.sym);
  2357. Time_F(START);
  2358. count = run_benchmark(async_jobs, EVP_Cipher_loop, loopargs);
  2359. d = Time_F(STOP);
  2360. print_result(D_CBC_DES, testnum, count, d);
  2361. }
  2362. for (i = 0; i < loopargs_len; i++)
  2363. EVP_CIPHER_CTX_free(loopargs[i].ctx);
  2364. }
  2365. if (doit[D_EDE3_DES]) {
  2366. int st = 1;
  2367. for (i = 0; st && i < loopargs_len; i++) {
  2368. loopargs[i].ctx = init_evp_cipher_ctx("des-ede3-cbc", deskey,
  2369. sizeof(deskey));
  2370. st = loopargs[i].ctx != NULL;
  2371. }
  2372. algindex = D_EDE3_DES;
  2373. for (testnum = 0; st && testnum < size_num; testnum++) {
  2374. print_message(names[D_EDE3_DES], lengths[testnum], seconds.sym);
  2375. Time_F(START);
  2376. count =
  2377. run_benchmark(async_jobs, EVP_Cipher_loop, loopargs);
  2378. d = Time_F(STOP);
  2379. print_result(D_EDE3_DES, testnum, count, d);
  2380. }
  2381. for (i = 0; i < loopargs_len; i++)
  2382. EVP_CIPHER_CTX_free(loopargs[i].ctx);
  2383. }
  2384. for (k = 0; k < 3; k++) {
  2385. algindex = D_CBC_128_AES + k;
  2386. if (doit[algindex]) {
  2387. int st = 1;
  2388. keylen = 16 + k * 8;
  2389. for (i = 0; st && i < loopargs_len; i++) {
  2390. loopargs[i].ctx = init_evp_cipher_ctx(names[algindex],
  2391. key32, keylen);
  2392. st = loopargs[i].ctx != NULL;
  2393. }
  2394. for (testnum = 0; st && testnum < size_num; testnum++) {
  2395. print_message(names[algindex], lengths[testnum], seconds.sym);
  2396. Time_F(START);
  2397. count =
  2398. run_benchmark(async_jobs, EVP_Cipher_loop, loopargs);
  2399. d = Time_F(STOP);
  2400. print_result(algindex, testnum, count, d);
  2401. }
  2402. for (i = 0; i < loopargs_len; i++)
  2403. EVP_CIPHER_CTX_free(loopargs[i].ctx);
  2404. }
  2405. }
  2406. for (k = 0; k < 3; k++) {
  2407. algindex = D_CBC_128_CML + k;
  2408. if (doit[algindex]) {
  2409. int st = 1;
  2410. keylen = 16 + k * 8;
  2411. for (i = 0; st && i < loopargs_len; i++) {
  2412. loopargs[i].ctx = init_evp_cipher_ctx(names[algindex],
  2413. key32, keylen);
  2414. st = loopargs[i].ctx != NULL;
  2415. }
  2416. for (testnum = 0; st && testnum < size_num; testnum++) {
  2417. print_message(names[algindex], lengths[testnum], seconds.sym);
  2418. Time_F(START);
  2419. count =
  2420. run_benchmark(async_jobs, EVP_Cipher_loop, loopargs);
  2421. d = Time_F(STOP);
  2422. print_result(algindex, testnum, count, d);
  2423. }
  2424. for (i = 0; i < loopargs_len; i++)
  2425. EVP_CIPHER_CTX_free(loopargs[i].ctx);
  2426. }
  2427. }
  2428. for (algindex = D_RC4; algindex <= D_CBC_CAST; algindex++) {
  2429. if (doit[algindex]) {
  2430. int st = 1;
  2431. keylen = 16;
  2432. for (i = 0; st && i < loopargs_len; i++) {
  2433. loopargs[i].ctx = init_evp_cipher_ctx(names[algindex],
  2434. key32, keylen);
  2435. st = loopargs[i].ctx != NULL;
  2436. }
  2437. for (testnum = 0; st && testnum < size_num; testnum++) {
  2438. print_message(names[algindex], lengths[testnum], seconds.sym);
  2439. Time_F(START);
  2440. count =
  2441. run_benchmark(async_jobs, EVP_Cipher_loop, loopargs);
  2442. d = Time_F(STOP);
  2443. print_result(algindex, testnum, count, d);
  2444. }
  2445. for (i = 0; i < loopargs_len; i++)
  2446. EVP_CIPHER_CTX_free(loopargs[i].ctx);
  2447. }
  2448. }
  2449. if (doit[D_GHASH]) {
  2450. static const char gmac_iv[] = "0123456789ab";
  2451. OSSL_PARAM params[4];
  2452. params[0] = OSSL_PARAM_construct_utf8_string(OSSL_ALG_PARAM_CIPHER,
  2453. "aes-128-gcm", 0);
  2454. params[1] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_IV,
  2455. (char *)gmac_iv,
  2456. sizeof(gmac_iv) - 1);
  2457. params[2] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
  2458. (void *)key32, 16);
  2459. params[3] = OSSL_PARAM_construct_end();
  2460. if (mac_setup("GMAC", &mac, params, loopargs, loopargs_len) < 1)
  2461. goto end;
  2462. /* b/c of the definition of GHASH_loop(), init() calls are needed here */
  2463. for (i = 0; i < loopargs_len; i++) {
  2464. if (!EVP_MAC_init(loopargs[i].mctx, NULL, 0, NULL))
  2465. goto end;
  2466. }
  2467. for (testnum = 0; testnum < size_num; testnum++) {
  2468. print_message(names[D_GHASH], lengths[testnum], seconds.sym);
  2469. Time_F(START);
  2470. count = run_benchmark(async_jobs, GHASH_loop, loopargs);
  2471. d = Time_F(STOP);
  2472. print_result(D_GHASH, testnum, count, d);
  2473. if (count < 0)
  2474. break;
  2475. }
  2476. mac_teardown(&mac, loopargs, loopargs_len);
  2477. }
  2478. if (doit[D_RAND]) {
  2479. for (testnum = 0; testnum < size_num; testnum++) {
  2480. print_message(names[D_RAND], lengths[testnum], seconds.sym);
  2481. Time_F(START);
  2482. count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs);
  2483. d = Time_F(STOP);
  2484. print_result(D_RAND, testnum, count, d);
  2485. }
  2486. }
  2487. if (doit[D_EVP]) {
  2488. if (evp_cipher != NULL) {
  2489. int (*loopfunc) (void *) = EVP_Update_loop;
  2490. if (multiblock && (EVP_CIPHER_get_flags(evp_cipher) &
  2491. EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
  2492. multiblock_speed(evp_cipher, lengths_single, &seconds);
  2493. ret = 0;
  2494. goto end;
  2495. }
  2496. names[D_EVP] = EVP_CIPHER_get0_name(evp_cipher);
  2497. if (EVP_CIPHER_get_mode(evp_cipher) == EVP_CIPH_CCM_MODE) {
  2498. loopfunc = EVP_Update_loop_ccm;
  2499. } else if (aead && (EVP_CIPHER_get_flags(evp_cipher) &
  2500. EVP_CIPH_FLAG_AEAD_CIPHER)) {
  2501. loopfunc = EVP_Update_loop_aead;
  2502. if (lengths == lengths_list) {
  2503. lengths = aead_lengths_list;
  2504. size_num = OSSL_NELEM(aead_lengths_list);
  2505. }
  2506. }
  2507. for (testnum = 0; testnum < size_num; testnum++) {
  2508. print_message(names[D_EVP], lengths[testnum], seconds.sym);
  2509. for (k = 0; k < loopargs_len; k++) {
  2510. loopargs[k].ctx = EVP_CIPHER_CTX_new();
  2511. if (loopargs[k].ctx == NULL) {
  2512. BIO_printf(bio_err, "\nEVP_CIPHER_CTX_new failure\n");
  2513. exit(1);
  2514. }
  2515. if (!EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL,
  2516. NULL, iv, decrypt ? 0 : 1)) {
  2517. BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
  2518. ERR_print_errors(bio_err);
  2519. exit(1);
  2520. }
  2521. EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
  2522. keylen = EVP_CIPHER_CTX_get_key_length(loopargs[k].ctx);
  2523. loopargs[k].key = app_malloc(keylen, "evp_cipher key");
  2524. EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key);
  2525. if (!EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
  2526. loopargs[k].key, NULL, -1)) {
  2527. BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
  2528. ERR_print_errors(bio_err);
  2529. exit(1);
  2530. }
  2531. OPENSSL_clear_free(loopargs[k].key, keylen);
  2532. /* GCM-SIV/SIV mode only allows for a single Update operation */
  2533. if (EVP_CIPHER_get_mode(evp_cipher) == EVP_CIPH_SIV_MODE
  2534. || EVP_CIPHER_get_mode(evp_cipher) == EVP_CIPH_GCM_SIV_MODE)
  2535. (void)EVP_CIPHER_CTX_ctrl(loopargs[k].ctx,
  2536. EVP_CTRL_SET_SPEED, 1, NULL);
  2537. }
  2538. Time_F(START);
  2539. count = run_benchmark(async_jobs, loopfunc, loopargs);
  2540. d = Time_F(STOP);
  2541. for (k = 0; k < loopargs_len; k++)
  2542. EVP_CIPHER_CTX_free(loopargs[k].ctx);
  2543. print_result(D_EVP, testnum, count, d);
  2544. }
  2545. } else if (evp_md_name != NULL) {
  2546. names[D_EVP] = evp_md_name;
  2547. for (testnum = 0; testnum < size_num; testnum++) {
  2548. print_message(names[D_EVP], lengths[testnum], seconds.sym);
  2549. Time_F(START);
  2550. count = run_benchmark(async_jobs, EVP_Digest_md_loop, loopargs);
  2551. d = Time_F(STOP);
  2552. print_result(D_EVP, testnum, count, d);
  2553. if (count < 0)
  2554. break;
  2555. }
  2556. }
  2557. }
  2558. if (doit[D_EVP_CMAC]) {
  2559. OSSL_PARAM params[3];
  2560. EVP_CIPHER *cipher = NULL;
  2561. if (!opt_cipher(evp_mac_ciphername, &cipher))
  2562. goto end;
  2563. keylen = EVP_CIPHER_get_key_length(cipher);
  2564. EVP_CIPHER_free(cipher);
  2565. if (keylen <= 0 || keylen > (int)sizeof(key32)) {
  2566. BIO_printf(bio_err, "\nRequested CMAC cipher with unsupported key length.\n");
  2567. goto end;
  2568. }
  2569. evp_cmac_name = app_malloc(sizeof("cmac()")
  2570. + strlen(evp_mac_ciphername), "CMAC name");
  2571. sprintf(evp_cmac_name, "cmac(%s)", evp_mac_ciphername);
  2572. names[D_EVP_CMAC] = evp_cmac_name;
  2573. params[0] = OSSL_PARAM_construct_utf8_string(OSSL_ALG_PARAM_CIPHER,
  2574. evp_mac_ciphername, 0);
  2575. params[1] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
  2576. (char *)key32, keylen);
  2577. params[2] = OSSL_PARAM_construct_end();
  2578. if (mac_setup("CMAC", &mac, params, loopargs, loopargs_len) < 1)
  2579. goto end;
  2580. for (testnum = 0; testnum < size_num; testnum++) {
  2581. print_message(names[D_EVP_CMAC], lengths[testnum], seconds.sym);
  2582. Time_F(START);
  2583. count = run_benchmark(async_jobs, CMAC_loop, loopargs);
  2584. d = Time_F(STOP);
  2585. print_result(D_EVP_CMAC, testnum, count, d);
  2586. if (count < 0)
  2587. break;
  2588. }
  2589. mac_teardown(&mac, loopargs, loopargs_len);
  2590. }
  2591. if (doit[D_KMAC128]) {
  2592. OSSL_PARAM params[2];
  2593. params[0] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
  2594. (void *)key32, 16);
  2595. params[1] = OSSL_PARAM_construct_end();
  2596. if (mac_setup("KMAC-128", &mac, params, loopargs, loopargs_len) < 1)
  2597. goto end;
  2598. for (testnum = 0; testnum < size_num; testnum++) {
  2599. print_message(names[D_KMAC128], lengths[testnum], seconds.sym);
  2600. Time_F(START);
  2601. count = run_benchmark(async_jobs, KMAC128_loop, loopargs);
  2602. d = Time_F(STOP);
  2603. print_result(D_KMAC128, testnum, count, d);
  2604. if (count < 0)
  2605. break;
  2606. }
  2607. mac_teardown(&mac, loopargs, loopargs_len);
  2608. }
  2609. if (doit[D_KMAC256]) {
  2610. OSSL_PARAM params[2];
  2611. params[0] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
  2612. (void *)key32, 32);
  2613. params[1] = OSSL_PARAM_construct_end();
  2614. if (mac_setup("KMAC-256", &mac, params, loopargs, loopargs_len) < 1)
  2615. goto end;
  2616. for (testnum = 0; testnum < size_num; testnum++) {
  2617. print_message(names[D_KMAC256], lengths[testnum], seconds.sym);
  2618. Time_F(START);
  2619. count = run_benchmark(async_jobs, KMAC256_loop, loopargs);
  2620. d = Time_F(STOP);
  2621. print_result(D_KMAC256, testnum, count, d);
  2622. if (count < 0)
  2623. break;
  2624. }
  2625. mac_teardown(&mac, loopargs, loopargs_len);
  2626. }
  2627. for (i = 0; i < loopargs_len; i++)
  2628. if (RAND_bytes(loopargs[i].buf, 36) <= 0)
  2629. goto end;
  2630. for (testnum = 0; testnum < RSA_NUM; testnum++) {
  2631. EVP_PKEY *rsa_key = NULL;
  2632. int st = 0;
  2633. if (!rsa_doit[testnum])
  2634. continue;
  2635. if (primes > RSA_DEFAULT_PRIME_NUM) {
  2636. /* we haven't set keys yet, generate multi-prime RSA keys */
  2637. bn = BN_new();
  2638. st = bn != NULL
  2639. && BN_set_word(bn, RSA_F4)
  2640. && init_gen_str(&genctx, "RSA", NULL, 0, NULL, NULL)
  2641. && EVP_PKEY_CTX_set_rsa_keygen_bits(genctx, rsa_keys[testnum].bits) > 0
  2642. && EVP_PKEY_CTX_set1_rsa_keygen_pubexp(genctx, bn) > 0
  2643. && EVP_PKEY_CTX_set_rsa_keygen_primes(genctx, primes) > 0
  2644. && EVP_PKEY_keygen(genctx, &rsa_key);
  2645. BN_free(bn);
  2646. bn = NULL;
  2647. EVP_PKEY_CTX_free(genctx);
  2648. genctx = NULL;
  2649. } else {
  2650. const unsigned char *p = rsa_keys[testnum].data;
  2651. st = (rsa_key = d2i_PrivateKey(EVP_PKEY_RSA, NULL, &p,
  2652. rsa_keys[testnum].length)) != NULL;
  2653. }
  2654. for (i = 0; st && i < loopargs_len; i++) {
  2655. loopargs[i].rsa_sign_ctx[testnum] = EVP_PKEY_CTX_new(rsa_key, NULL);
  2656. loopargs[i].sigsize = loopargs[i].buflen;
  2657. if (loopargs[i].rsa_sign_ctx[testnum] == NULL
  2658. || EVP_PKEY_sign_init(loopargs[i].rsa_sign_ctx[testnum]) <= 0
  2659. || EVP_PKEY_sign(loopargs[i].rsa_sign_ctx[testnum],
  2660. loopargs[i].buf2,
  2661. &loopargs[i].sigsize,
  2662. loopargs[i].buf, 36) <= 0)
  2663. st = 0;
  2664. }
  2665. if (!st) {
  2666. BIO_printf(bio_err,
  2667. "RSA sign setup failure. No RSA sign will be done.\n");
  2668. ERR_print_errors(bio_err);
  2669. op_count = 1;
  2670. } else {
  2671. pkey_print_message("private", "rsa sign",
  2672. rsa_keys[testnum].bits, seconds.rsa);
  2673. /* RSA_blinding_on(rsa_key[testnum],NULL); */
  2674. Time_F(START);
  2675. count = run_benchmark(async_jobs, RSA_sign_loop, loopargs);
  2676. d = Time_F(STOP);
  2677. BIO_printf(bio_err,
  2678. mr ? "+R1:%ld:%d:%.2f\n"
  2679. : "%ld %u bits private RSA sign ops in %.2fs\n",
  2680. count, rsa_keys[testnum].bits, d);
  2681. rsa_results[testnum][0] = (double)count / d;
  2682. op_count = count;
  2683. }
  2684. for (i = 0; st && i < loopargs_len; i++) {
  2685. loopargs[i].rsa_verify_ctx[testnum] = EVP_PKEY_CTX_new(rsa_key,
  2686. NULL);
  2687. if (loopargs[i].rsa_verify_ctx[testnum] == NULL
  2688. || EVP_PKEY_verify_init(loopargs[i].rsa_verify_ctx[testnum]) <= 0
  2689. || EVP_PKEY_verify(loopargs[i].rsa_verify_ctx[testnum],
  2690. loopargs[i].buf2,
  2691. loopargs[i].sigsize,
  2692. loopargs[i].buf, 36) <= 0)
  2693. st = 0;
  2694. }
  2695. if (!st) {
  2696. BIO_printf(bio_err,
  2697. "RSA verify setup failure. No RSA verify will be done.\n");
  2698. ERR_print_errors(bio_err);
  2699. rsa_doit[testnum] = 0;
  2700. } else {
  2701. pkey_print_message("public", "rsa verify",
  2702. rsa_keys[testnum].bits, seconds.rsa);
  2703. Time_F(START);
  2704. count = run_benchmark(async_jobs, RSA_verify_loop, loopargs);
  2705. d = Time_F(STOP);
  2706. BIO_printf(bio_err,
  2707. mr ? "+R2:%ld:%d:%.2f\n"
  2708. : "%ld %u bits public RSA verify ops in %.2fs\n",
  2709. count, rsa_keys[testnum].bits, d);
  2710. rsa_results[testnum][1] = (double)count / d;
  2711. }
  2712. for (i = 0; st && i < loopargs_len; i++) {
  2713. loopargs[i].rsa_encrypt_ctx[testnum] = EVP_PKEY_CTX_new(rsa_key, NULL);
  2714. loopargs[i].encsize = loopargs[i].buflen;
  2715. if (loopargs[i].rsa_encrypt_ctx[testnum] == NULL
  2716. || EVP_PKEY_encrypt_init(loopargs[i].rsa_encrypt_ctx[testnum]) <= 0
  2717. || EVP_PKEY_encrypt(loopargs[i].rsa_encrypt_ctx[testnum],
  2718. loopargs[i].buf2,
  2719. &loopargs[i].encsize,
  2720. loopargs[i].buf, 36) <= 0)
  2721. st = 0;
  2722. }
  2723. if (!st) {
  2724. BIO_printf(bio_err,
  2725. "RSA encrypt setup failure. No RSA encrypt will be done.\n");
  2726. ERR_print_errors(bio_err);
  2727. op_count = 1;
  2728. } else {
  2729. pkey_print_message("private", "rsa encrypt",
  2730. rsa_keys[testnum].bits, seconds.rsa);
  2731. /* RSA_blinding_on(rsa_key[testnum],NULL); */
  2732. Time_F(START);
  2733. count = run_benchmark(async_jobs, RSA_encrypt_loop, loopargs);
  2734. d = Time_F(STOP);
  2735. BIO_printf(bio_err,
  2736. mr ? "+R3:%ld:%d:%.2f\n"
  2737. : "%ld %u bits public RSA encrypt ops in %.2fs\n",
  2738. count, rsa_keys[testnum].bits, d);
  2739. rsa_results[testnum][2] = (double)count / d;
  2740. op_count = count;
  2741. }
  2742. for (i = 0; st && i < loopargs_len; i++) {
  2743. loopargs[i].rsa_decrypt_ctx[testnum] = EVP_PKEY_CTX_new(rsa_key, NULL);
  2744. declen = loopargs[i].buflen;
  2745. if (loopargs[i].rsa_decrypt_ctx[testnum] == NULL
  2746. || EVP_PKEY_decrypt_init(loopargs[i].rsa_decrypt_ctx[testnum]) <= 0
  2747. || EVP_PKEY_decrypt(loopargs[i].rsa_decrypt_ctx[testnum],
  2748. loopargs[i].buf,
  2749. &declen,
  2750. loopargs[i].buf2,
  2751. loopargs[i].encsize) <= 0)
  2752. st = 0;
  2753. }
  2754. if (!st) {
  2755. BIO_printf(bio_err,
  2756. "RSA decrypt setup failure. No RSA decrypt will be done.\n");
  2757. ERR_print_errors(bio_err);
  2758. op_count = 1;
  2759. } else {
  2760. pkey_print_message("private", "rsa decrypt",
  2761. rsa_keys[testnum].bits, seconds.rsa);
  2762. /* RSA_blinding_on(rsa_key[testnum],NULL); */
  2763. Time_F(START);
  2764. count = run_benchmark(async_jobs, RSA_decrypt_loop, loopargs);
  2765. d = Time_F(STOP);
  2766. BIO_printf(bio_err,
  2767. mr ? "+R4:%ld:%d:%.2f\n"
  2768. : "%ld %u bits private RSA decrypt ops in %.2fs\n",
  2769. count, rsa_keys[testnum].bits, d);
  2770. rsa_results[testnum][3] = (double)count / d;
  2771. op_count = count;
  2772. }
  2773. if (op_count <= 1) {
  2774. /* if longer than 10s, don't do any more */
  2775. stop_it(rsa_doit, testnum);
  2776. }
  2777. EVP_PKEY_free(rsa_key);
  2778. }
  2779. for (testnum = 0; testnum < DSA_NUM; testnum++) {
  2780. EVP_PKEY *dsa_key = NULL;
  2781. int st;
  2782. if (!dsa_doit[testnum])
  2783. continue;
  2784. st = (dsa_key = get_dsa(dsa_bits[testnum])) != NULL;
  2785. for (i = 0; st && i < loopargs_len; i++) {
  2786. loopargs[i].dsa_sign_ctx[testnum] = EVP_PKEY_CTX_new(dsa_key,
  2787. NULL);
  2788. loopargs[i].sigsize = loopargs[i].buflen;
  2789. if (loopargs[i].dsa_sign_ctx[testnum] == NULL
  2790. || EVP_PKEY_sign_init(loopargs[i].dsa_sign_ctx[testnum]) <= 0
  2791. || EVP_PKEY_sign(loopargs[i].dsa_sign_ctx[testnum],
  2792. loopargs[i].buf2,
  2793. &loopargs[i].sigsize,
  2794. loopargs[i].buf, 20) <= 0)
  2795. st = 0;
  2796. }
  2797. if (!st) {
  2798. BIO_printf(bio_err,
  2799. "DSA sign setup failure. No DSA sign will be done.\n");
  2800. ERR_print_errors(bio_err);
  2801. op_count = 1;
  2802. } else {
  2803. pkey_print_message("sign", "dsa",
  2804. dsa_bits[testnum], seconds.dsa);
  2805. Time_F(START);
  2806. count = run_benchmark(async_jobs, DSA_sign_loop, loopargs);
  2807. d = Time_F(STOP);
  2808. BIO_printf(bio_err,
  2809. mr ? "+R5:%ld:%u:%.2f\n"
  2810. : "%ld %u bits DSA sign ops in %.2fs\n",
  2811. count, dsa_bits[testnum], d);
  2812. dsa_results[testnum][0] = (double)count / d;
  2813. op_count = count;
  2814. }
  2815. for (i = 0; st && i < loopargs_len; i++) {
  2816. loopargs[i].dsa_verify_ctx[testnum] = EVP_PKEY_CTX_new(dsa_key,
  2817. NULL);
  2818. if (loopargs[i].dsa_verify_ctx[testnum] == NULL
  2819. || EVP_PKEY_verify_init(loopargs[i].dsa_verify_ctx[testnum]) <= 0
  2820. || EVP_PKEY_verify(loopargs[i].dsa_verify_ctx[testnum],
  2821. loopargs[i].buf2,
  2822. loopargs[i].sigsize,
  2823. loopargs[i].buf, 36) <= 0)
  2824. st = 0;
  2825. }
  2826. if (!st) {
  2827. BIO_printf(bio_err,
  2828. "DSA verify setup failure. No DSA verify will be done.\n");
  2829. ERR_print_errors(bio_err);
  2830. dsa_doit[testnum] = 0;
  2831. } else {
  2832. pkey_print_message("verify", "dsa",
  2833. dsa_bits[testnum], seconds.dsa);
  2834. Time_F(START);
  2835. count = run_benchmark(async_jobs, DSA_verify_loop, loopargs);
  2836. d = Time_F(STOP);
  2837. BIO_printf(bio_err,
  2838. mr ? "+R6:%ld:%u:%.2f\n"
  2839. : "%ld %u bits DSA verify ops in %.2fs\n",
  2840. count, dsa_bits[testnum], d);
  2841. dsa_results[testnum][1] = (double)count / d;
  2842. }
  2843. if (op_count <= 1) {
  2844. /* if longer than 10s, don't do any more */
  2845. stop_it(dsa_doit, testnum);
  2846. }
  2847. EVP_PKEY_free(dsa_key);
  2848. }
  2849. for (testnum = 0; testnum < ECDSA_NUM; testnum++) {
  2850. EVP_PKEY *ecdsa_key = NULL;
  2851. int st;
  2852. if (!ecdsa_doit[testnum])
  2853. continue;
  2854. st = (ecdsa_key = get_ecdsa(&ec_curves[testnum])) != NULL;
  2855. for (i = 0; st && i < loopargs_len; i++) {
  2856. loopargs[i].ecdsa_sign_ctx[testnum] = EVP_PKEY_CTX_new(ecdsa_key,
  2857. NULL);
  2858. loopargs[i].sigsize = loopargs[i].buflen;
  2859. if (loopargs[i].ecdsa_sign_ctx[testnum] == NULL
  2860. || EVP_PKEY_sign_init(loopargs[i].ecdsa_sign_ctx[testnum]) <= 0
  2861. || EVP_PKEY_sign(loopargs[i].ecdsa_sign_ctx[testnum],
  2862. loopargs[i].buf2,
  2863. &loopargs[i].sigsize,
  2864. loopargs[i].buf, 20) <= 0)
  2865. st = 0;
  2866. }
  2867. if (!st) {
  2868. BIO_printf(bio_err,
  2869. "ECDSA sign setup failure. No ECDSA sign will be done.\n");
  2870. ERR_print_errors(bio_err);
  2871. op_count = 1;
  2872. } else {
  2873. pkey_print_message("sign", "ecdsa",
  2874. ec_curves[testnum].bits, seconds.ecdsa);
  2875. Time_F(START);
  2876. count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs);
  2877. d = Time_F(STOP);
  2878. BIO_printf(bio_err,
  2879. mr ? "+R7:%ld:%u:%.2f\n"
  2880. : "%ld %u bits ECDSA sign ops in %.2fs\n",
  2881. count, ec_curves[testnum].bits, d);
  2882. ecdsa_results[testnum][0] = (double)count / d;
  2883. op_count = count;
  2884. }
  2885. for (i = 0; st && i < loopargs_len; i++) {
  2886. loopargs[i].ecdsa_verify_ctx[testnum] = EVP_PKEY_CTX_new(ecdsa_key,
  2887. NULL);
  2888. if (loopargs[i].ecdsa_verify_ctx[testnum] == NULL
  2889. || EVP_PKEY_verify_init(loopargs[i].ecdsa_verify_ctx[testnum]) <= 0
  2890. || EVP_PKEY_verify(loopargs[i].ecdsa_verify_ctx[testnum],
  2891. loopargs[i].buf2,
  2892. loopargs[i].sigsize,
  2893. loopargs[i].buf, 20) <= 0)
  2894. st = 0;
  2895. }
  2896. if (!st) {
  2897. BIO_printf(bio_err,
  2898. "ECDSA verify setup failure. No ECDSA verify will be done.\n");
  2899. ERR_print_errors(bio_err);
  2900. ecdsa_doit[testnum] = 0;
  2901. } else {
  2902. pkey_print_message("verify", "ecdsa",
  2903. ec_curves[testnum].bits, seconds.ecdsa);
  2904. Time_F(START);
  2905. count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs);
  2906. d = Time_F(STOP);
  2907. BIO_printf(bio_err,
  2908. mr ? "+R8:%ld:%u:%.2f\n"
  2909. : "%ld %u bits ECDSA verify ops in %.2fs\n",
  2910. count, ec_curves[testnum].bits, d);
  2911. ecdsa_results[testnum][1] = (double)count / d;
  2912. }
  2913. if (op_count <= 1) {
  2914. /* if longer than 10s, don't do any more */
  2915. stop_it(ecdsa_doit, testnum);
  2916. }
  2917. }
  2918. for (testnum = 0; testnum < EC_NUM; testnum++) {
  2919. int ecdh_checks = 1;
  2920. if (!ecdh_doit[testnum])
  2921. continue;
  2922. for (i = 0; i < loopargs_len; i++) {
  2923. EVP_PKEY_CTX *test_ctx = NULL;
  2924. EVP_PKEY_CTX *ctx = NULL;
  2925. EVP_PKEY *key_A = NULL;
  2926. EVP_PKEY *key_B = NULL;
  2927. size_t outlen;
  2928. size_t test_outlen;
  2929. if ((key_A = get_ecdsa(&ec_curves[testnum])) == NULL /* generate secret key A */
  2930. || (key_B = get_ecdsa(&ec_curves[testnum])) == NULL /* generate secret key B */
  2931. || (ctx = EVP_PKEY_CTX_new(key_A, NULL)) == NULL /* derivation ctx from skeyA */
  2932. || EVP_PKEY_derive_init(ctx) <= 0 /* init derivation ctx */
  2933. || EVP_PKEY_derive_set_peer(ctx, key_B) <= 0 /* set peer pubkey in ctx */
  2934. || EVP_PKEY_derive(ctx, NULL, &outlen) <= 0 /* determine max length */
  2935. || outlen == 0 /* ensure outlen is a valid size */
  2936. || outlen > MAX_ECDH_SIZE /* avoid buffer overflow */) {
  2937. ecdh_checks = 0;
  2938. BIO_printf(bio_err, "ECDH key generation failure.\n");
  2939. ERR_print_errors(bio_err);
  2940. op_count = 1;
  2941. break;
  2942. }
  2943. /*
  2944. * Here we perform a test run, comparing the output of a*B and b*A;
  2945. * we try this here and assume that further EVP_PKEY_derive calls
  2946. * never fail, so we can skip checks in the actually benchmarked
  2947. * code, for maximum performance.
  2948. */
  2949. if ((test_ctx = EVP_PKEY_CTX_new(key_B, NULL)) == NULL /* test ctx from skeyB */
  2950. || EVP_PKEY_derive_init(test_ctx) <= 0 /* init derivation test_ctx */
  2951. || EVP_PKEY_derive_set_peer(test_ctx, key_A) <= 0 /* set peer pubkey in test_ctx */
  2952. || EVP_PKEY_derive(test_ctx, NULL, &test_outlen) <= 0 /* determine max length */
  2953. || EVP_PKEY_derive(ctx, loopargs[i].secret_a, &outlen) <= 0 /* compute a*B */
  2954. || EVP_PKEY_derive(test_ctx, loopargs[i].secret_b, &test_outlen) <= 0 /* compute b*A */
  2955. || test_outlen != outlen /* compare output length */) {
  2956. ecdh_checks = 0;
  2957. BIO_printf(bio_err, "ECDH computation failure.\n");
  2958. ERR_print_errors(bio_err);
  2959. op_count = 1;
  2960. break;
  2961. }
  2962. /* Compare the computation results: CRYPTO_memcmp() returns 0 if equal */
  2963. if (CRYPTO_memcmp(loopargs[i].secret_a,
  2964. loopargs[i].secret_b, outlen)) {
  2965. ecdh_checks = 0;
  2966. BIO_printf(bio_err, "ECDH computations don't match.\n");
  2967. ERR_print_errors(bio_err);
  2968. op_count = 1;
  2969. break;
  2970. }
  2971. loopargs[i].ecdh_ctx[testnum] = ctx;
  2972. loopargs[i].outlen[testnum] = outlen;
  2973. EVP_PKEY_free(key_A);
  2974. EVP_PKEY_free(key_B);
  2975. EVP_PKEY_CTX_free(test_ctx);
  2976. test_ctx = NULL;
  2977. }
  2978. if (ecdh_checks != 0) {
  2979. pkey_print_message("", "ecdh",
  2980. ec_curves[testnum].bits, seconds.ecdh);
  2981. Time_F(START);
  2982. count =
  2983. run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs);
  2984. d = Time_F(STOP);
  2985. BIO_printf(bio_err,
  2986. mr ? "+R9:%ld:%d:%.2f\n" :
  2987. "%ld %u-bits ECDH ops in %.2fs\n", count,
  2988. ec_curves[testnum].bits, d);
  2989. ecdh_results[testnum][0] = (double)count / d;
  2990. op_count = count;
  2991. }
  2992. if (op_count <= 1) {
  2993. /* if longer than 10s, don't do any more */
  2994. stop_it(ecdh_doit, testnum);
  2995. }
  2996. }
  2997. #ifndef OPENSSL_NO_ECX
  2998. for (testnum = 0; testnum < EdDSA_NUM; testnum++) {
  2999. int st = 1;
  3000. EVP_PKEY *ed_pkey = NULL;
  3001. EVP_PKEY_CTX *ed_pctx = NULL;
  3002. if (!eddsa_doit[testnum])
  3003. continue; /* Ignore Curve */
  3004. for (i = 0; i < loopargs_len; i++) {
  3005. loopargs[i].eddsa_ctx[testnum] = EVP_MD_CTX_new();
  3006. if (loopargs[i].eddsa_ctx[testnum] == NULL) {
  3007. st = 0;
  3008. break;
  3009. }
  3010. loopargs[i].eddsa_ctx2[testnum] = EVP_MD_CTX_new();
  3011. if (loopargs[i].eddsa_ctx2[testnum] == NULL) {
  3012. st = 0;
  3013. break;
  3014. }
  3015. if ((ed_pctx = EVP_PKEY_CTX_new_id(ed_curves[testnum].nid,
  3016. NULL)) == NULL
  3017. || EVP_PKEY_keygen_init(ed_pctx) <= 0
  3018. || EVP_PKEY_keygen(ed_pctx, &ed_pkey) <= 0) {
  3019. st = 0;
  3020. EVP_PKEY_CTX_free(ed_pctx);
  3021. break;
  3022. }
  3023. EVP_PKEY_CTX_free(ed_pctx);
  3024. if (!EVP_DigestSignInit(loopargs[i].eddsa_ctx[testnum], NULL, NULL,
  3025. NULL, ed_pkey)) {
  3026. st = 0;
  3027. EVP_PKEY_free(ed_pkey);
  3028. break;
  3029. }
  3030. if (!EVP_DigestVerifyInit(loopargs[i].eddsa_ctx2[testnum], NULL,
  3031. NULL, NULL, ed_pkey)) {
  3032. st = 0;
  3033. EVP_PKEY_free(ed_pkey);
  3034. break;
  3035. }
  3036. EVP_PKEY_free(ed_pkey);
  3037. ed_pkey = NULL;
  3038. }
  3039. if (st == 0) {
  3040. BIO_printf(bio_err, "EdDSA failure.\n");
  3041. ERR_print_errors(bio_err);
  3042. op_count = 1;
  3043. } else {
  3044. for (i = 0; i < loopargs_len; i++) {
  3045. /* Perform EdDSA signature test */
  3046. loopargs[i].sigsize = ed_curves[testnum].sigsize;
  3047. st = EVP_DigestSign(loopargs[i].eddsa_ctx[testnum],
  3048. loopargs[i].buf2, &loopargs[i].sigsize,
  3049. loopargs[i].buf, 20);
  3050. if (st == 0)
  3051. break;
  3052. }
  3053. if (st == 0) {
  3054. BIO_printf(bio_err,
  3055. "EdDSA sign failure. No EdDSA sign will be done.\n");
  3056. ERR_print_errors(bio_err);
  3057. op_count = 1;
  3058. } else {
  3059. pkey_print_message("sign", ed_curves[testnum].name,
  3060. ed_curves[testnum].bits, seconds.eddsa);
  3061. Time_F(START);
  3062. count = run_benchmark(async_jobs, EdDSA_sign_loop, loopargs);
  3063. d = Time_F(STOP);
  3064. BIO_printf(bio_err,
  3065. mr ? "+R10:%ld:%u:%s:%.2f\n" :
  3066. "%ld %u bits %s sign ops in %.2fs \n",
  3067. count, ed_curves[testnum].bits,
  3068. ed_curves[testnum].name, d);
  3069. eddsa_results[testnum][0] = (double)count / d;
  3070. op_count = count;
  3071. }
  3072. /* Perform EdDSA verification test */
  3073. for (i = 0; i < loopargs_len; i++) {
  3074. st = EVP_DigestVerify(loopargs[i].eddsa_ctx2[testnum],
  3075. loopargs[i].buf2, loopargs[i].sigsize,
  3076. loopargs[i].buf, 20);
  3077. if (st != 1)
  3078. break;
  3079. }
  3080. if (st != 1) {
  3081. BIO_printf(bio_err,
  3082. "EdDSA verify failure. No EdDSA verify will be done.\n");
  3083. ERR_print_errors(bio_err);
  3084. eddsa_doit[testnum] = 0;
  3085. } else {
  3086. pkey_print_message("verify", ed_curves[testnum].name,
  3087. ed_curves[testnum].bits, seconds.eddsa);
  3088. Time_F(START);
  3089. count = run_benchmark(async_jobs, EdDSA_verify_loop, loopargs);
  3090. d = Time_F(STOP);
  3091. BIO_printf(bio_err,
  3092. mr ? "+R11:%ld:%u:%s:%.2f\n"
  3093. : "%ld %u bits %s verify ops in %.2fs\n",
  3094. count, ed_curves[testnum].bits,
  3095. ed_curves[testnum].name, d);
  3096. eddsa_results[testnum][1] = (double)count / d;
  3097. }
  3098. if (op_count <= 1) {
  3099. /* if longer than 10s, don't do any more */
  3100. stop_it(eddsa_doit, testnum);
  3101. }
  3102. }
  3103. }
  3104. #endif /* OPENSSL_NO_ECX */
  3105. #ifndef OPENSSL_NO_SM2
  3106. for (testnum = 0; testnum < SM2_NUM; testnum++) {
  3107. int st = 1;
  3108. EVP_PKEY *sm2_pkey = NULL;
  3109. if (!sm2_doit[testnum])
  3110. continue; /* Ignore Curve */
  3111. /* Init signing and verification */
  3112. for (i = 0; i < loopargs_len; i++) {
  3113. EVP_PKEY_CTX *sm2_pctx = NULL;
  3114. EVP_PKEY_CTX *sm2_vfy_pctx = NULL;
  3115. EVP_PKEY_CTX *pctx = NULL;
  3116. st = 0;
  3117. loopargs[i].sm2_ctx[testnum] = EVP_MD_CTX_new();
  3118. loopargs[i].sm2_vfy_ctx[testnum] = EVP_MD_CTX_new();
  3119. if (loopargs[i].sm2_ctx[testnum] == NULL
  3120. || loopargs[i].sm2_vfy_ctx[testnum] == NULL)
  3121. break;
  3122. sm2_pkey = NULL;
  3123. st = !((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SM2, NULL)) == NULL
  3124. || EVP_PKEY_keygen_init(pctx) <= 0
  3125. || EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
  3126. sm2_curves[testnum].nid) <= 0
  3127. || EVP_PKEY_keygen(pctx, &sm2_pkey) <= 0);
  3128. EVP_PKEY_CTX_free(pctx);
  3129. if (st == 0)
  3130. break;
  3131. st = 0; /* set back to zero */
  3132. /* attach it sooner to rely on main final cleanup */
  3133. loopargs[i].sm2_pkey[testnum] = sm2_pkey;
  3134. loopargs[i].sigsize = EVP_PKEY_get_size(sm2_pkey);
  3135. sm2_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
  3136. sm2_vfy_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
  3137. if (sm2_pctx == NULL || sm2_vfy_pctx == NULL) {
  3138. EVP_PKEY_CTX_free(sm2_vfy_pctx);
  3139. break;
  3140. }
  3141. /* attach them directly to respective ctx */
  3142. EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_ctx[testnum], sm2_pctx);
  3143. EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_vfy_ctx[testnum], sm2_vfy_pctx);
  3144. /*
  3145. * No need to allow user to set an explicit ID here, just use
  3146. * the one defined in the 'draft-yang-tls-tl13-sm-suites' I-D.
  3147. */
  3148. if (EVP_PKEY_CTX_set1_id(sm2_pctx, SM2_ID, SM2_ID_LEN) != 1
  3149. || EVP_PKEY_CTX_set1_id(sm2_vfy_pctx, SM2_ID, SM2_ID_LEN) != 1)
  3150. break;
  3151. if (!EVP_DigestSignInit(loopargs[i].sm2_ctx[testnum], NULL,
  3152. EVP_sm3(), NULL, sm2_pkey))
  3153. break;
  3154. if (!EVP_DigestVerifyInit(loopargs[i].sm2_vfy_ctx[testnum], NULL,
  3155. EVP_sm3(), NULL, sm2_pkey))
  3156. break;
  3157. st = 1; /* mark loop as succeeded */
  3158. }
  3159. if (st == 0) {
  3160. BIO_printf(bio_err, "SM2 init failure.\n");
  3161. ERR_print_errors(bio_err);
  3162. op_count = 1;
  3163. } else {
  3164. for (i = 0; i < loopargs_len; i++) {
  3165. /* Perform SM2 signature test */
  3166. st = EVP_DigestSign(loopargs[i].sm2_ctx[testnum],
  3167. loopargs[i].buf2, &loopargs[i].sigsize,
  3168. loopargs[i].buf, 20);
  3169. if (st == 0)
  3170. break;
  3171. }
  3172. if (st == 0) {
  3173. BIO_printf(bio_err,
  3174. "SM2 sign failure. No SM2 sign will be done.\n");
  3175. ERR_print_errors(bio_err);
  3176. op_count = 1;
  3177. } else {
  3178. pkey_print_message("sign", sm2_curves[testnum].name,
  3179. sm2_curves[testnum].bits, seconds.sm2);
  3180. Time_F(START);
  3181. count = run_benchmark(async_jobs, SM2_sign_loop, loopargs);
  3182. d = Time_F(STOP);
  3183. BIO_printf(bio_err,
  3184. mr ? "+R12:%ld:%u:%s:%.2f\n" :
  3185. "%ld %u bits %s sign ops in %.2fs \n",
  3186. count, sm2_curves[testnum].bits,
  3187. sm2_curves[testnum].name, d);
  3188. sm2_results[testnum][0] = (double)count / d;
  3189. op_count = count;
  3190. }
  3191. /* Perform SM2 verification test */
  3192. for (i = 0; i < loopargs_len; i++) {
  3193. st = EVP_DigestVerify(loopargs[i].sm2_vfy_ctx[testnum],
  3194. loopargs[i].buf2, loopargs[i].sigsize,
  3195. loopargs[i].buf, 20);
  3196. if (st != 1)
  3197. break;
  3198. }
  3199. if (st != 1) {
  3200. BIO_printf(bio_err,
  3201. "SM2 verify failure. No SM2 verify will be done.\n");
  3202. ERR_print_errors(bio_err);
  3203. sm2_doit[testnum] = 0;
  3204. } else {
  3205. pkey_print_message("verify", sm2_curves[testnum].name,
  3206. sm2_curves[testnum].bits, seconds.sm2);
  3207. Time_F(START);
  3208. count = run_benchmark(async_jobs, SM2_verify_loop, loopargs);
  3209. d = Time_F(STOP);
  3210. BIO_printf(bio_err,
  3211. mr ? "+R13:%ld:%u:%s:%.2f\n"
  3212. : "%ld %u bits %s verify ops in %.2fs\n",
  3213. count, sm2_curves[testnum].bits,
  3214. sm2_curves[testnum].name, d);
  3215. sm2_results[testnum][1] = (double)count / d;
  3216. }
  3217. if (op_count <= 1) {
  3218. /* if longer than 10s, don't do any more */
  3219. for (testnum++; testnum < SM2_NUM; testnum++)
  3220. sm2_doit[testnum] = 0;
  3221. }
  3222. }
  3223. }
  3224. #endif /* OPENSSL_NO_SM2 */
  3225. #ifndef OPENSSL_NO_DH
  3226. for (testnum = 0; testnum < FFDH_NUM; testnum++) {
  3227. int ffdh_checks = 1;
  3228. if (!ffdh_doit[testnum])
  3229. continue;
  3230. for (i = 0; i < loopargs_len; i++) {
  3231. EVP_PKEY *pkey_A = NULL;
  3232. EVP_PKEY *pkey_B = NULL;
  3233. EVP_PKEY_CTX *ffdh_ctx = NULL;
  3234. EVP_PKEY_CTX *test_ctx = NULL;
  3235. size_t secret_size;
  3236. size_t test_out;
  3237. /* Ensure that the error queue is empty */
  3238. if (ERR_peek_error()) {
  3239. BIO_printf(bio_err,
  3240. "WARNING: the error queue contains previous unhandled errors.\n");
  3241. ERR_print_errors(bio_err);
  3242. }
  3243. pkey_A = EVP_PKEY_new();
  3244. if (!pkey_A) {
  3245. BIO_printf(bio_err, "Error while initialising EVP_PKEY (out of memory?).\n");
  3246. ERR_print_errors(bio_err);
  3247. op_count = 1;
  3248. ffdh_checks = 0;
  3249. break;
  3250. }
  3251. pkey_B = EVP_PKEY_new();
  3252. if (!pkey_B) {
  3253. BIO_printf(bio_err, "Error while initialising EVP_PKEY (out of memory?).\n");
  3254. ERR_print_errors(bio_err);
  3255. op_count = 1;
  3256. ffdh_checks = 0;
  3257. break;
  3258. }
  3259. ffdh_ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_DH, NULL);
  3260. if (!ffdh_ctx) {
  3261. BIO_printf(bio_err, "Error while allocating EVP_PKEY_CTX.\n");
  3262. ERR_print_errors(bio_err);
  3263. op_count = 1;
  3264. ffdh_checks = 0;
  3265. break;
  3266. }
  3267. if (EVP_PKEY_keygen_init(ffdh_ctx) <= 0) {
  3268. BIO_printf(bio_err, "Error while initialising EVP_PKEY_CTX.\n");
  3269. ERR_print_errors(bio_err);
  3270. op_count = 1;
  3271. ffdh_checks = 0;
  3272. break;
  3273. }
  3274. if (EVP_PKEY_CTX_set_dh_nid(ffdh_ctx, ffdh_params[testnum].nid) <= 0) {
  3275. BIO_printf(bio_err, "Error setting DH key size for keygen.\n");
  3276. ERR_print_errors(bio_err);
  3277. op_count = 1;
  3278. ffdh_checks = 0;
  3279. break;
  3280. }
  3281. if (EVP_PKEY_keygen(ffdh_ctx, &pkey_A) <= 0 ||
  3282. EVP_PKEY_keygen(ffdh_ctx, &pkey_B) <= 0) {
  3283. BIO_printf(bio_err, "FFDH key generation failure.\n");
  3284. ERR_print_errors(bio_err);
  3285. op_count = 1;
  3286. ffdh_checks = 0;
  3287. break;
  3288. }
  3289. EVP_PKEY_CTX_free(ffdh_ctx);
  3290. /*
  3291. * check if the derivation works correctly both ways so that
  3292. * we know if future derive calls will fail, and we can skip
  3293. * error checking in benchmarked code
  3294. */
  3295. ffdh_ctx = EVP_PKEY_CTX_new(pkey_A, NULL);
  3296. if (ffdh_ctx == NULL) {
  3297. BIO_printf(bio_err, "Error while allocating EVP_PKEY_CTX.\n");
  3298. ERR_print_errors(bio_err);
  3299. op_count = 1;
  3300. ffdh_checks = 0;
  3301. break;
  3302. }
  3303. if (EVP_PKEY_derive_init(ffdh_ctx) <= 0) {
  3304. BIO_printf(bio_err, "FFDH derivation context init failure.\n");
  3305. ERR_print_errors(bio_err);
  3306. op_count = 1;
  3307. ffdh_checks = 0;
  3308. break;
  3309. }
  3310. if (EVP_PKEY_derive_set_peer(ffdh_ctx, pkey_B) <= 0) {
  3311. BIO_printf(bio_err, "Assigning peer key for derivation failed.\n");
  3312. ERR_print_errors(bio_err);
  3313. op_count = 1;
  3314. ffdh_checks = 0;
  3315. break;
  3316. }
  3317. if (EVP_PKEY_derive(ffdh_ctx, NULL, &secret_size) <= 0) {
  3318. BIO_printf(bio_err, "Checking size of shared secret failed.\n");
  3319. ERR_print_errors(bio_err);
  3320. op_count = 1;
  3321. ffdh_checks = 0;
  3322. break;
  3323. }
  3324. if (secret_size > MAX_FFDH_SIZE) {
  3325. BIO_printf(bio_err, "Assertion failure: shared secret too large.\n");
  3326. op_count = 1;
  3327. ffdh_checks = 0;
  3328. break;
  3329. }
  3330. if (EVP_PKEY_derive(ffdh_ctx,
  3331. loopargs[i].secret_ff_a,
  3332. &secret_size) <= 0) {
  3333. BIO_printf(bio_err, "Shared secret derive failure.\n");
  3334. ERR_print_errors(bio_err);
  3335. op_count = 1;
  3336. ffdh_checks = 0;
  3337. break;
  3338. }
  3339. /* Now check from side B */
  3340. test_ctx = EVP_PKEY_CTX_new(pkey_B, NULL);
  3341. if (!test_ctx) {
  3342. BIO_printf(bio_err, "Error while allocating EVP_PKEY_CTX.\n");
  3343. ERR_print_errors(bio_err);
  3344. op_count = 1;
  3345. ffdh_checks = 0;
  3346. break;
  3347. }
  3348. if (EVP_PKEY_derive_init(test_ctx) <= 0 ||
  3349. EVP_PKEY_derive_set_peer(test_ctx, pkey_A) <= 0 ||
  3350. EVP_PKEY_derive(test_ctx, NULL, &test_out) <= 0 ||
  3351. EVP_PKEY_derive(test_ctx, loopargs[i].secret_ff_b, &test_out) <= 0 ||
  3352. test_out != secret_size) {
  3353. BIO_printf(bio_err, "FFDH computation failure.\n");
  3354. op_count = 1;
  3355. ffdh_checks = 0;
  3356. break;
  3357. }
  3358. /* compare the computed secrets */
  3359. if (CRYPTO_memcmp(loopargs[i].secret_ff_a,
  3360. loopargs[i].secret_ff_b, secret_size)) {
  3361. BIO_printf(bio_err, "FFDH computations don't match.\n");
  3362. ERR_print_errors(bio_err);
  3363. op_count = 1;
  3364. ffdh_checks = 0;
  3365. break;
  3366. }
  3367. loopargs[i].ffdh_ctx[testnum] = ffdh_ctx;
  3368. EVP_PKEY_free(pkey_A);
  3369. pkey_A = NULL;
  3370. EVP_PKEY_free(pkey_B);
  3371. pkey_B = NULL;
  3372. EVP_PKEY_CTX_free(test_ctx);
  3373. test_ctx = NULL;
  3374. }
  3375. if (ffdh_checks != 0) {
  3376. pkey_print_message("", "ffdh",
  3377. ffdh_params[testnum].bits, seconds.ffdh);
  3378. Time_F(START);
  3379. count =
  3380. run_benchmark(async_jobs, FFDH_derive_key_loop, loopargs);
  3381. d = Time_F(STOP);
  3382. BIO_printf(bio_err,
  3383. mr ? "+R14:%ld:%d:%.2f\n" :
  3384. "%ld %u-bits FFDH ops in %.2fs\n", count,
  3385. ffdh_params[testnum].bits, d);
  3386. ffdh_results[testnum][0] = (double)count / d;
  3387. op_count = count;
  3388. }
  3389. if (op_count <= 1) {
  3390. /* if longer than 10s, don't do any more */
  3391. stop_it(ffdh_doit, testnum);
  3392. }
  3393. }
  3394. #endif /* OPENSSL_NO_DH */
  3395. for (testnum = 0; testnum < kems_algs_len; testnum++) {
  3396. int kem_checks = 1;
  3397. const char *kem_name = kems_algname[testnum];
  3398. if (!kems_doit[testnum] || !do_kems)
  3399. continue;
  3400. for (i = 0; i < loopargs_len; i++) {
  3401. EVP_PKEY *pkey = NULL;
  3402. EVP_PKEY_CTX *kem_gen_ctx = NULL;
  3403. EVP_PKEY_CTX *kem_encaps_ctx = NULL;
  3404. EVP_PKEY_CTX *kem_decaps_ctx = NULL;
  3405. size_t send_secret_len, out_len;
  3406. size_t rcv_secret_len;
  3407. unsigned char *out = NULL, *send_secret = NULL, *rcv_secret;
  3408. unsigned int bits;
  3409. char *name;
  3410. char sfx[MAX_ALGNAME_SUFFIX];
  3411. OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END };
  3412. int use_params = 0;
  3413. enum kem_type_t { KEM_RSA = 1, KEM_EC, KEM_X25519, KEM_X448 } kem_type;
  3414. /* no string after rsa<bitcnt> permitted: */
  3415. if (strlen(kem_name) < MAX_ALGNAME_SUFFIX + 4 /* rsa+digit */
  3416. && sscanf(kem_name, "rsa%u%s", &bits, sfx) == 1)
  3417. kem_type = KEM_RSA;
  3418. else if (strncmp(kem_name, "EC", 2) == 0)
  3419. kem_type = KEM_EC;
  3420. else if (strcmp(kem_name, "X25519") == 0)
  3421. kem_type = KEM_X25519;
  3422. else if (strcmp(kem_name, "X448") == 0)
  3423. kem_type = KEM_X448;
  3424. else kem_type = 0;
  3425. if (ERR_peek_error()) {
  3426. BIO_printf(bio_err,
  3427. "WARNING: the error queue contains previous unhandled errors.\n");
  3428. ERR_print_errors(bio_err);
  3429. }
  3430. if (kem_type == KEM_RSA) {
  3431. params[0] = OSSL_PARAM_construct_uint(OSSL_PKEY_PARAM_RSA_BITS,
  3432. &bits);
  3433. use_params = 1;
  3434. } else if (kem_type == KEM_EC) {
  3435. name = (char *)(kem_name + 2);
  3436. params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
  3437. name, 0);
  3438. use_params = 1;
  3439. }
  3440. kem_gen_ctx = EVP_PKEY_CTX_new_from_name(app_get0_libctx(),
  3441. (kem_type == KEM_RSA) ? "RSA":
  3442. (kem_type == KEM_EC) ? "EC":
  3443. kem_name,
  3444. app_get0_propq());
  3445. if ((!kem_gen_ctx || EVP_PKEY_keygen_init(kem_gen_ctx) <= 0)
  3446. || (use_params
  3447. && EVP_PKEY_CTX_set_params(kem_gen_ctx, params) <= 0)) {
  3448. BIO_printf(bio_err, "Error initializing keygen ctx for %s.\n",
  3449. kem_name);
  3450. goto kem_err_break;
  3451. }
  3452. if (EVP_PKEY_keygen(kem_gen_ctx, &pkey) <= 0) {
  3453. BIO_printf(bio_err, "Error while generating KEM EVP_PKEY.\n");
  3454. goto kem_err_break;
  3455. }
  3456. /* Now prepare encaps data structs */
  3457. kem_encaps_ctx = EVP_PKEY_CTX_new_from_pkey(app_get0_libctx(),
  3458. pkey,
  3459. app_get0_propq());
  3460. if (kem_encaps_ctx == NULL
  3461. || EVP_PKEY_encapsulate_init(kem_encaps_ctx, NULL) <= 0
  3462. || (kem_type == KEM_RSA
  3463. && EVP_PKEY_CTX_set_kem_op(kem_encaps_ctx, "RSASVE") <= 0)
  3464. || ((kem_type == KEM_EC
  3465. || kem_type == KEM_X25519
  3466. || kem_type == KEM_X448)
  3467. && EVP_PKEY_CTX_set_kem_op(kem_encaps_ctx, "DHKEM") <= 0)
  3468. || EVP_PKEY_encapsulate(kem_encaps_ctx, NULL, &out_len,
  3469. NULL, &send_secret_len) <= 0) {
  3470. BIO_printf(bio_err,
  3471. "Error while initializing encaps data structs for %s.\n",
  3472. kem_name);
  3473. goto kem_err_break;
  3474. }
  3475. out = app_malloc(out_len, "encaps result");
  3476. send_secret = app_malloc(send_secret_len, "encaps secret");
  3477. if (out == NULL || send_secret == NULL) {
  3478. BIO_printf(bio_err, "MemAlloc error in encaps for %s.\n", kem_name);
  3479. goto kem_err_break;
  3480. }
  3481. if (EVP_PKEY_encapsulate(kem_encaps_ctx, out, &out_len,
  3482. send_secret, &send_secret_len) <= 0) {
  3483. BIO_printf(bio_err, "Encaps error for %s.\n", kem_name);
  3484. goto kem_err_break;
  3485. }
  3486. /* Now prepare decaps data structs */
  3487. kem_decaps_ctx = EVP_PKEY_CTX_new_from_pkey(app_get0_libctx(),
  3488. pkey,
  3489. app_get0_propq());
  3490. if (kem_decaps_ctx == NULL
  3491. || EVP_PKEY_decapsulate_init(kem_decaps_ctx, NULL) <= 0
  3492. || (kem_type == KEM_RSA
  3493. && EVP_PKEY_CTX_set_kem_op(kem_decaps_ctx, "RSASVE") <= 0)
  3494. || ((kem_type == KEM_EC
  3495. || kem_type == KEM_X25519
  3496. || kem_type == KEM_X448)
  3497. && EVP_PKEY_CTX_set_kem_op(kem_decaps_ctx, "DHKEM") <= 0)
  3498. || EVP_PKEY_decapsulate(kem_decaps_ctx, NULL, &rcv_secret_len,
  3499. out, out_len) <= 0) {
  3500. BIO_printf(bio_err,
  3501. "Error while initializing decaps data structs for %s.\n",
  3502. kem_name);
  3503. goto kem_err_break;
  3504. }
  3505. rcv_secret = app_malloc(rcv_secret_len, "KEM decaps secret");
  3506. if (rcv_secret == NULL) {
  3507. BIO_printf(bio_err, "MemAlloc failure in decaps for %s.\n",
  3508. kem_name);
  3509. goto kem_err_break;
  3510. }
  3511. if (EVP_PKEY_decapsulate(kem_decaps_ctx, rcv_secret,
  3512. &rcv_secret_len, out, out_len) <= 0
  3513. || rcv_secret_len != send_secret_len
  3514. || memcmp(send_secret, rcv_secret, send_secret_len)) {
  3515. BIO_printf(bio_err, "Decaps error for %s.\n", kem_name);
  3516. goto kem_err_break;
  3517. }
  3518. loopargs[i].kem_gen_ctx[testnum] = kem_gen_ctx;
  3519. loopargs[i].kem_encaps_ctx[testnum] = kem_encaps_ctx;
  3520. loopargs[i].kem_decaps_ctx[testnum] = kem_decaps_ctx;
  3521. loopargs[i].kem_out_len[testnum] = out_len;
  3522. loopargs[i].kem_secret_len[testnum] = send_secret_len;
  3523. loopargs[i].kem_out[testnum] = out;
  3524. loopargs[i].kem_send_secret[testnum] = send_secret;
  3525. loopargs[i].kem_rcv_secret[testnum] = rcv_secret;
  3526. EVP_PKEY_free(pkey);
  3527. pkey = NULL;
  3528. continue;
  3529. kem_err_break:
  3530. ERR_print_errors(bio_err);
  3531. EVP_PKEY_free(pkey);
  3532. op_count = 1;
  3533. kem_checks = 0;
  3534. break;
  3535. }
  3536. if (kem_checks != 0) {
  3537. kskey_print_message(kem_name, "keygen", seconds.kem);
  3538. Time_F(START);
  3539. count =
  3540. run_benchmark(async_jobs, KEM_keygen_loop, loopargs);
  3541. d = Time_F(STOP);
  3542. BIO_printf(bio_err,
  3543. mr ? "+R15:%ld:%s:%.2f\n" :
  3544. "%ld %s KEM keygen ops in %.2fs\n", count,
  3545. kem_name, d);
  3546. kems_results[testnum][0] = (double)count / d;
  3547. op_count = count;
  3548. kskey_print_message(kem_name, "encaps", seconds.kem);
  3549. Time_F(START);
  3550. count =
  3551. run_benchmark(async_jobs, KEM_encaps_loop, loopargs);
  3552. d = Time_F(STOP);
  3553. BIO_printf(bio_err,
  3554. mr ? "+R16:%ld:%s:%.2f\n" :
  3555. "%ld %s KEM encaps ops in %.2fs\n", count,
  3556. kem_name, d);
  3557. kems_results[testnum][1] = (double)count / d;
  3558. op_count = count;
  3559. kskey_print_message(kem_name, "decaps", seconds.kem);
  3560. Time_F(START);
  3561. count =
  3562. run_benchmark(async_jobs, KEM_decaps_loop, loopargs);
  3563. d = Time_F(STOP);
  3564. BIO_printf(bio_err,
  3565. mr ? "+R17:%ld:%s:%.2f\n" :
  3566. "%ld %s KEM decaps ops in %.2fs\n", count,
  3567. kem_name, d);
  3568. kems_results[testnum][2] = (double)count / d;
  3569. op_count = count;
  3570. }
  3571. if (op_count <= 1) {
  3572. /* if longer than 10s, don't do any more */
  3573. stop_it(kems_doit, testnum);
  3574. }
  3575. }
  3576. for (testnum = 0; testnum < sigs_algs_len; testnum++) {
  3577. int sig_checks = 1;
  3578. const char *sig_name = sigs_algname[testnum];
  3579. if (!sigs_doit[testnum] || !do_sigs)
  3580. continue;
  3581. for (i = 0; i < loopargs_len; i++) {
  3582. EVP_PKEY *pkey = NULL;
  3583. EVP_PKEY_CTX *ctx_params = NULL;
  3584. EVP_PKEY* pkey_params = NULL;
  3585. EVP_PKEY_CTX *sig_gen_ctx = NULL;
  3586. EVP_PKEY_CTX *sig_sign_ctx = NULL;
  3587. EVP_PKEY_CTX *sig_verify_ctx = NULL;
  3588. unsigned char md[SHA256_DIGEST_LENGTH];
  3589. unsigned char *sig;
  3590. char sfx[MAX_ALGNAME_SUFFIX];
  3591. size_t md_len = SHA256_DIGEST_LENGTH;
  3592. size_t max_sig_len, sig_len;
  3593. unsigned int bits;
  3594. OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END };
  3595. int use_params = 0;
  3596. /* only sign little data to avoid measuring digest performance */
  3597. memset(md, 0, SHA256_DIGEST_LENGTH);
  3598. if (ERR_peek_error()) {
  3599. BIO_printf(bio_err,
  3600. "WARNING: the error queue contains previous unhandled errors.\n");
  3601. ERR_print_errors(bio_err);
  3602. }
  3603. /* no string after rsa<bitcnt> permitted: */
  3604. if (strlen(sig_name) < MAX_ALGNAME_SUFFIX + 4 /* rsa+digit */
  3605. && sscanf(sig_name, "rsa%u%s", &bits, sfx) == 1) {
  3606. params[0] = OSSL_PARAM_construct_uint(OSSL_PKEY_PARAM_RSA_BITS,
  3607. &bits);
  3608. use_params = 1;
  3609. }
  3610. if (strncmp(sig_name, "dsa", 3) == 0) {
  3611. ctx_params = EVP_PKEY_CTX_new_id(EVP_PKEY_DSA, NULL);
  3612. if (ctx_params == NULL
  3613. || EVP_PKEY_paramgen_init(ctx_params) <= 0
  3614. || EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx_params,
  3615. atoi(sig_name + 3)) <= 0
  3616. || EVP_PKEY_paramgen(ctx_params, &pkey_params) <= 0
  3617. || (sig_gen_ctx = EVP_PKEY_CTX_new(pkey_params, NULL)) == NULL
  3618. || EVP_PKEY_keygen_init(sig_gen_ctx) <= 0) {
  3619. BIO_printf(bio_err,
  3620. "Error initializing classic keygen ctx for %s.\n",
  3621. sig_name);
  3622. goto sig_err_break;
  3623. }
  3624. }
  3625. if (sig_gen_ctx == NULL)
  3626. sig_gen_ctx = EVP_PKEY_CTX_new_from_name(app_get0_libctx(),
  3627. use_params == 1 ? "RSA" : sig_name,
  3628. app_get0_propq());
  3629. if (!sig_gen_ctx || EVP_PKEY_keygen_init(sig_gen_ctx) <= 0
  3630. || (use_params &&
  3631. EVP_PKEY_CTX_set_params(sig_gen_ctx, params) <= 0)) {
  3632. BIO_printf(bio_err, "Error initializing keygen ctx for %s.\n",
  3633. sig_name);
  3634. goto sig_err_break;
  3635. }
  3636. if (EVP_PKEY_keygen(sig_gen_ctx, &pkey) <= 0) {
  3637. BIO_printf(bio_err,
  3638. "Error while generating signature EVP_PKEY for %s.\n",
  3639. sig_name);
  3640. goto sig_err_break;
  3641. }
  3642. /* Now prepare signature data structs */
  3643. sig_sign_ctx = EVP_PKEY_CTX_new_from_pkey(app_get0_libctx(),
  3644. pkey,
  3645. app_get0_propq());
  3646. if (sig_sign_ctx == NULL
  3647. || EVP_PKEY_sign_init(sig_sign_ctx) <= 0
  3648. || (use_params == 1
  3649. && (EVP_PKEY_CTX_set_rsa_padding(sig_sign_ctx,
  3650. RSA_PKCS1_PADDING) <= 0))
  3651. || EVP_PKEY_sign(sig_sign_ctx, NULL, &max_sig_len,
  3652. md, md_len) <= 0) {
  3653. BIO_printf(bio_err,
  3654. "Error while initializing signing data structs for %s.\n",
  3655. sig_name);
  3656. goto sig_err_break;
  3657. }
  3658. sig = app_malloc(sig_len = max_sig_len, "signature buffer");
  3659. if (sig == NULL) {
  3660. BIO_printf(bio_err, "MemAlloc error in sign for %s.\n", sig_name);
  3661. goto sig_err_break;
  3662. }
  3663. if (EVP_PKEY_sign(sig_sign_ctx, sig, &sig_len, md, md_len) <= 0) {
  3664. BIO_printf(bio_err, "Signing error for %s.\n", sig_name);
  3665. goto sig_err_break;
  3666. }
  3667. /* Now prepare verify data structs */
  3668. memset(md, 0, SHA256_DIGEST_LENGTH);
  3669. sig_verify_ctx = EVP_PKEY_CTX_new_from_pkey(app_get0_libctx(),
  3670. pkey,
  3671. app_get0_propq());
  3672. if (sig_verify_ctx == NULL
  3673. || EVP_PKEY_verify_init(sig_verify_ctx) <= 0
  3674. || (use_params == 1
  3675. && (EVP_PKEY_CTX_set_rsa_padding(sig_verify_ctx,
  3676. RSA_PKCS1_PADDING) <= 0))) {
  3677. BIO_printf(bio_err,
  3678. "Error while initializing verify data structs for %s.\n",
  3679. sig_name);
  3680. goto sig_err_break;
  3681. }
  3682. if (EVP_PKEY_verify(sig_verify_ctx, sig, sig_len, md, md_len) <= 0) {
  3683. BIO_printf(bio_err, "Verify error for %s.\n", sig_name);
  3684. goto sig_err_break;
  3685. }
  3686. if (EVP_PKEY_verify(sig_verify_ctx, sig, sig_len, md, md_len) <= 0) {
  3687. BIO_printf(bio_err, "Verify 2 error for %s.\n", sig_name);
  3688. goto sig_err_break;
  3689. }
  3690. loopargs[i].sig_gen_ctx[testnum] = sig_gen_ctx;
  3691. loopargs[i].sig_sign_ctx[testnum] = sig_sign_ctx;
  3692. loopargs[i].sig_verify_ctx[testnum] = sig_verify_ctx;
  3693. loopargs[i].sig_max_sig_len[testnum] = max_sig_len;
  3694. loopargs[i].sig_act_sig_len[testnum] = sig_len;
  3695. loopargs[i].sig_sig[testnum] = sig;
  3696. EVP_PKEY_free(pkey);
  3697. pkey = NULL;
  3698. continue;
  3699. sig_err_break:
  3700. ERR_print_errors(bio_err);
  3701. EVP_PKEY_free(pkey);
  3702. op_count = 1;
  3703. sig_checks = 0;
  3704. break;
  3705. }
  3706. if (sig_checks != 0) {
  3707. kskey_print_message(sig_name, "keygen", seconds.sig);
  3708. Time_F(START);
  3709. count = run_benchmark(async_jobs, SIG_keygen_loop, loopargs);
  3710. d = Time_F(STOP);
  3711. BIO_printf(bio_err,
  3712. mr ? "+R18:%ld:%s:%.2f\n" :
  3713. "%ld %s signature keygen ops in %.2fs\n", count,
  3714. sig_name, d);
  3715. sigs_results[testnum][0] = (double)count / d;
  3716. op_count = count;
  3717. kskey_print_message(sig_name, "signs", seconds.sig);
  3718. Time_F(START);
  3719. count =
  3720. run_benchmark(async_jobs, SIG_sign_loop, loopargs);
  3721. d = Time_F(STOP);
  3722. BIO_printf(bio_err,
  3723. mr ? "+R19:%ld:%s:%.2f\n" :
  3724. "%ld %s signature sign ops in %.2fs\n", count,
  3725. sig_name, d);
  3726. sigs_results[testnum][1] = (double)count / d;
  3727. op_count = count;
  3728. kskey_print_message(sig_name, "verify", seconds.sig);
  3729. Time_F(START);
  3730. count =
  3731. run_benchmark(async_jobs, SIG_verify_loop, loopargs);
  3732. d = Time_F(STOP);
  3733. BIO_printf(bio_err,
  3734. mr ? "+R20:%ld:%s:%.2f\n" :
  3735. "%ld %s signature verify ops in %.2fs\n", count,
  3736. sig_name, d);
  3737. sigs_results[testnum][2] = (double)count / d;
  3738. op_count = count;
  3739. }
  3740. if (op_count <= 1)
  3741. stop_it(sigs_doit, testnum);
  3742. }
  3743. #ifndef NO_FORK
  3744. show_res:
  3745. #endif
  3746. if (!mr) {
  3747. printf("version: %s\n", OpenSSL_version(OPENSSL_FULL_VERSION_STRING));
  3748. printf("%s\n", OpenSSL_version(OPENSSL_BUILT_ON));
  3749. printf("options: %s\n", BN_options());
  3750. printf("%s\n", OpenSSL_version(OPENSSL_CFLAGS));
  3751. printf("%s\n", OpenSSL_version(OPENSSL_CPU_INFO));
  3752. }
  3753. if (pr_header) {
  3754. if (mr) {
  3755. printf("+H");
  3756. } else {
  3757. printf("The 'numbers' are in 1000s of bytes per second processed.\n");
  3758. printf("type ");
  3759. }
  3760. for (testnum = 0; testnum < size_num; testnum++)
  3761. printf(mr ? ":%d" : "%7d bytes", lengths[testnum]);
  3762. printf("\n");
  3763. }
  3764. for (k = 0; k < ALGOR_NUM; k++) {
  3765. const char *alg_name = names[k];
  3766. if (!doit[k])
  3767. continue;
  3768. if (k == D_EVP) {
  3769. if (evp_cipher == NULL)
  3770. alg_name = evp_md_name;
  3771. else if ((alg_name = EVP_CIPHER_get0_name(evp_cipher)) == NULL)
  3772. app_bail_out("failed to get name of cipher '%s'\n", evp_cipher);
  3773. }
  3774. if (mr)
  3775. printf("+F:%u:%s", k, alg_name);
  3776. else
  3777. printf("%-13s", alg_name);
  3778. for (testnum = 0; testnum < size_num; testnum++) {
  3779. if (results[k][testnum] > 10000 && !mr)
  3780. printf(" %11.2fk", results[k][testnum] / 1e3);
  3781. else
  3782. printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]);
  3783. }
  3784. printf("\n");
  3785. }
  3786. testnum = 1;
  3787. for (k = 0; k < RSA_NUM; k++) {
  3788. if (!rsa_doit[k])
  3789. continue;
  3790. if (testnum && !mr) {
  3791. printf("%19ssign verify encrypt decrypt sign/s verify/s encr./s decr./s\n", " ");
  3792. testnum = 0;
  3793. }
  3794. if (mr)
  3795. printf("+F2:%u:%u:%f:%f:%f:%f\n",
  3796. k, rsa_keys[k].bits, rsa_results[k][0], rsa_results[k][1],
  3797. rsa_results[k][2], rsa_results[k][3]);
  3798. else
  3799. printf("rsa %5u bits %8.6fs %8.6fs %8.6fs %8.6fs %8.1f %8.1f %8.1f %8.1f\n",
  3800. rsa_keys[k].bits, 1.0 / rsa_results[k][0],
  3801. 1.0 / rsa_results[k][1], 1.0 / rsa_results[k][2],
  3802. 1.0 / rsa_results[k][3],
  3803. rsa_results[k][0], rsa_results[k][1],
  3804. rsa_results[k][2], rsa_results[k][3]);
  3805. }
  3806. testnum = 1;
  3807. for (k = 0; k < DSA_NUM; k++) {
  3808. if (!dsa_doit[k])
  3809. continue;
  3810. if (testnum && !mr) {
  3811. printf("%18ssign verify sign/s verify/s\n", " ");
  3812. testnum = 0;
  3813. }
  3814. if (mr)
  3815. printf("+F3:%u:%u:%f:%f\n",
  3816. k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
  3817. else
  3818. printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
  3819. dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1],
  3820. dsa_results[k][0], dsa_results[k][1]);
  3821. }
  3822. testnum = 1;
  3823. for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) {
  3824. if (!ecdsa_doit[k])
  3825. continue;
  3826. if (testnum && !mr) {
  3827. printf("%30ssign verify sign/s verify/s\n", " ");
  3828. testnum = 0;
  3829. }
  3830. if (mr)
  3831. printf("+F4:%u:%u:%f:%f\n",
  3832. k, ec_curves[k].bits,
  3833. ecdsa_results[k][0], ecdsa_results[k][1]);
  3834. else
  3835. printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
  3836. ec_curves[k].bits, ec_curves[k].name,
  3837. 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1],
  3838. ecdsa_results[k][0], ecdsa_results[k][1]);
  3839. }
  3840. testnum = 1;
  3841. for (k = 0; k < EC_NUM; k++) {
  3842. if (!ecdh_doit[k])
  3843. continue;
  3844. if (testnum && !mr) {
  3845. printf("%30sop op/s\n", " ");
  3846. testnum = 0;
  3847. }
  3848. if (mr)
  3849. printf("+F5:%u:%u:%f:%f\n",
  3850. k, ec_curves[k].bits,
  3851. ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
  3852. else
  3853. printf("%4u bits ecdh (%s) %8.4fs %8.1f\n",
  3854. ec_curves[k].bits, ec_curves[k].name,
  3855. 1.0 / ecdh_results[k][0], ecdh_results[k][0]);
  3856. }
  3857. #ifndef OPENSSL_NO_ECX
  3858. testnum = 1;
  3859. for (k = 0; k < OSSL_NELEM(eddsa_doit); k++) {
  3860. if (!eddsa_doit[k])
  3861. continue;
  3862. if (testnum && !mr) {
  3863. printf("%30ssign verify sign/s verify/s\n", " ");
  3864. testnum = 0;
  3865. }
  3866. if (mr)
  3867. printf("+F6:%u:%u:%s:%f:%f\n",
  3868. k, ed_curves[k].bits, ed_curves[k].name,
  3869. eddsa_results[k][0], eddsa_results[k][1]);
  3870. else
  3871. printf("%4u bits EdDSA (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
  3872. ed_curves[k].bits, ed_curves[k].name,
  3873. 1.0 / eddsa_results[k][0], 1.0 / eddsa_results[k][1],
  3874. eddsa_results[k][0], eddsa_results[k][1]);
  3875. }
  3876. #endif /* OPENSSL_NO_ECX */
  3877. #ifndef OPENSSL_NO_SM2
  3878. testnum = 1;
  3879. for (k = 0; k < OSSL_NELEM(sm2_doit); k++) {
  3880. if (!sm2_doit[k])
  3881. continue;
  3882. if (testnum && !mr) {
  3883. printf("%30ssign verify sign/s verify/s\n", " ");
  3884. testnum = 0;
  3885. }
  3886. if (mr)
  3887. printf("+F7:%u:%u:%s:%f:%f\n",
  3888. k, sm2_curves[k].bits, sm2_curves[k].name,
  3889. sm2_results[k][0], sm2_results[k][1]);
  3890. else
  3891. printf("%4u bits SM2 (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
  3892. sm2_curves[k].bits, sm2_curves[k].name,
  3893. 1.0 / sm2_results[k][0], 1.0 / sm2_results[k][1],
  3894. sm2_results[k][0], sm2_results[k][1]);
  3895. }
  3896. #endif
  3897. #ifndef OPENSSL_NO_DH
  3898. testnum = 1;
  3899. for (k = 0; k < FFDH_NUM; k++) {
  3900. if (!ffdh_doit[k])
  3901. continue;
  3902. if (testnum && !mr) {
  3903. printf("%23sop op/s\n", " ");
  3904. testnum = 0;
  3905. }
  3906. if (mr)
  3907. printf("+F8:%u:%u:%f:%f\n",
  3908. k, ffdh_params[k].bits,
  3909. ffdh_results[k][0], 1.0 / ffdh_results[k][0]);
  3910. else
  3911. printf("%4u bits ffdh %8.4fs %8.1f\n",
  3912. ffdh_params[k].bits,
  3913. 1.0 / ffdh_results[k][0], ffdh_results[k][0]);
  3914. }
  3915. #endif /* OPENSSL_NO_DH */
  3916. testnum = 1;
  3917. for (k = 0; k < kems_algs_len; k++) {
  3918. const char *kem_name = kems_algname[k];
  3919. if (!kems_doit[k] || !do_kems)
  3920. continue;
  3921. if (testnum && !mr) {
  3922. printf("%31skeygen encaps decaps keygens/s encaps/s decaps/s\n", " ");
  3923. testnum = 0;
  3924. }
  3925. if (mr)
  3926. printf("+F9:%u:%f:%f:%f\n",
  3927. k, kems_results[k][0], kems_results[k][1],
  3928. kems_results[k][2]);
  3929. else
  3930. printf("%27s %8.6fs %8.6fs %8.6fs %9.1f %9.1f %9.1f\n", kem_name,
  3931. 1.0 / kems_results[k][0],
  3932. 1.0 / kems_results[k][1], 1.0 / kems_results[k][2],
  3933. kems_results[k][0], kems_results[k][1], kems_results[k][2]);
  3934. }
  3935. ret = 0;
  3936. testnum = 1;
  3937. for (k = 0; k < sigs_algs_len; k++) {
  3938. const char *sig_name = sigs_algname[k];
  3939. if (!sigs_doit[k] || !do_sigs)
  3940. continue;
  3941. if (testnum && !mr) {
  3942. printf("%31skeygen signs verify keygens/s sign/s verify/s\n", " ");
  3943. testnum = 0;
  3944. }
  3945. if (mr)
  3946. printf("+F10:%u:%f:%f:%f\n",
  3947. k, sigs_results[k][0], sigs_results[k][1],
  3948. sigs_results[k][2]);
  3949. else
  3950. printf("%27s %8.6fs %8.6fs %8.6fs %9.1f %9.1f %9.1f\n", sig_name,
  3951. 1.0 / sigs_results[k][0], 1.0 / sigs_results[k][1],
  3952. 1.0 / sigs_results[k][2], sigs_results[k][0],
  3953. sigs_results[k][1], sigs_results[k][2]);
  3954. }
  3955. ret = 0;
  3956. end:
  3957. ERR_print_errors(bio_err);
  3958. for (i = 0; i < loopargs_len; i++) {
  3959. OPENSSL_free(loopargs[i].buf_malloc);
  3960. OPENSSL_free(loopargs[i].buf2_malloc);
  3961. BN_free(bn);
  3962. EVP_PKEY_CTX_free(genctx);
  3963. for (k = 0; k < RSA_NUM; k++) {
  3964. EVP_PKEY_CTX_free(loopargs[i].rsa_sign_ctx[k]);
  3965. EVP_PKEY_CTX_free(loopargs[i].rsa_verify_ctx[k]);
  3966. EVP_PKEY_CTX_free(loopargs[i].rsa_encrypt_ctx[k]);
  3967. EVP_PKEY_CTX_free(loopargs[i].rsa_decrypt_ctx[k]);
  3968. }
  3969. #ifndef OPENSSL_NO_DH
  3970. OPENSSL_free(loopargs[i].secret_ff_a);
  3971. OPENSSL_free(loopargs[i].secret_ff_b);
  3972. for (k = 0; k < FFDH_NUM; k++)
  3973. EVP_PKEY_CTX_free(loopargs[i].ffdh_ctx[k]);
  3974. #endif
  3975. for (k = 0; k < DSA_NUM; k++) {
  3976. EVP_PKEY_CTX_free(loopargs[i].dsa_sign_ctx[k]);
  3977. EVP_PKEY_CTX_free(loopargs[i].dsa_verify_ctx[k]);
  3978. }
  3979. for (k = 0; k < ECDSA_NUM; k++) {
  3980. EVP_PKEY_CTX_free(loopargs[i].ecdsa_sign_ctx[k]);
  3981. EVP_PKEY_CTX_free(loopargs[i].ecdsa_verify_ctx[k]);
  3982. }
  3983. for (k = 0; k < EC_NUM; k++)
  3984. EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]);
  3985. #ifndef OPENSSL_NO_ECX
  3986. for (k = 0; k < EdDSA_NUM; k++) {
  3987. EVP_MD_CTX_free(loopargs[i].eddsa_ctx[k]);
  3988. EVP_MD_CTX_free(loopargs[i].eddsa_ctx2[k]);
  3989. }
  3990. #endif /* OPENSSL_NO_ECX */
  3991. #ifndef OPENSSL_NO_SM2
  3992. for (k = 0; k < SM2_NUM; k++) {
  3993. EVP_PKEY_CTX *pctx = NULL;
  3994. /* free signing ctx */
  3995. if (loopargs[i].sm2_ctx[k] != NULL
  3996. && (pctx = EVP_MD_CTX_get_pkey_ctx(loopargs[i].sm2_ctx[k])) != NULL)
  3997. EVP_PKEY_CTX_free(pctx);
  3998. EVP_MD_CTX_free(loopargs[i].sm2_ctx[k]);
  3999. /* free verification ctx */
  4000. if (loopargs[i].sm2_vfy_ctx[k] != NULL
  4001. && (pctx = EVP_MD_CTX_get_pkey_ctx(loopargs[i].sm2_vfy_ctx[k])) != NULL)
  4002. EVP_PKEY_CTX_free(pctx);
  4003. EVP_MD_CTX_free(loopargs[i].sm2_vfy_ctx[k]);
  4004. /* free pkey */
  4005. EVP_PKEY_free(loopargs[i].sm2_pkey[k]);
  4006. }
  4007. #endif
  4008. for (k = 0; k < kems_algs_len; k++) {
  4009. EVP_PKEY_CTX_free(loopargs[i].kem_gen_ctx[k]);
  4010. EVP_PKEY_CTX_free(loopargs[i].kem_encaps_ctx[k]);
  4011. EVP_PKEY_CTX_free(loopargs[i].kem_decaps_ctx[k]);
  4012. OPENSSL_free(loopargs[i].kem_out[k]);
  4013. OPENSSL_free(loopargs[i].kem_send_secret[k]);
  4014. OPENSSL_free(loopargs[i].kem_rcv_secret[k]);
  4015. }
  4016. for (k = 0; k < sigs_algs_len; k++) {
  4017. EVP_PKEY_CTX_free(loopargs[i].sig_gen_ctx[k]);
  4018. EVP_PKEY_CTX_free(loopargs[i].sig_sign_ctx[k]);
  4019. EVP_PKEY_CTX_free(loopargs[i].sig_verify_ctx[k]);
  4020. OPENSSL_free(loopargs[i].sig_sig[k]);
  4021. }
  4022. OPENSSL_free(loopargs[i].secret_a);
  4023. OPENSSL_free(loopargs[i].secret_b);
  4024. }
  4025. OPENSSL_free(evp_hmac_name);
  4026. OPENSSL_free(evp_cmac_name);
  4027. for (k = 0; k < kems_algs_len; k++)
  4028. OPENSSL_free(kems_algname[k]);
  4029. if (kem_stack != NULL)
  4030. sk_EVP_KEM_pop_free(kem_stack, EVP_KEM_free);
  4031. for (k = 0; k < sigs_algs_len; k++)
  4032. OPENSSL_free(sigs_algname[k]);
  4033. if (sig_stack != NULL)
  4034. sk_EVP_SIGNATURE_pop_free(sig_stack, EVP_SIGNATURE_free);
  4035. if (async_jobs > 0) {
  4036. for (i = 0; i < loopargs_len; i++)
  4037. ASYNC_WAIT_CTX_free(loopargs[i].wait_ctx);
  4038. }
  4039. if (async_init) {
  4040. ASYNC_cleanup_thread();
  4041. }
  4042. OPENSSL_free(loopargs);
  4043. release_engine(e);
  4044. EVP_CIPHER_free(evp_cipher);
  4045. EVP_MAC_free(mac);
  4046. NCONF_free(conf);
  4047. return ret;
  4048. }
  4049. static void print_message(const char *s, int length, int tm)
  4050. {
  4051. BIO_printf(bio_err,
  4052. mr ? "+DT:%s:%d:%d\n"
  4053. : "Doing %s ops for %ds on %d size blocks: ", s, tm, length);
  4054. (void)BIO_flush(bio_err);
  4055. run = 1;
  4056. alarm(tm);
  4057. }
  4058. static void pkey_print_message(const char *str, const char *str2, unsigned int bits,
  4059. int tm)
  4060. {
  4061. BIO_printf(bio_err,
  4062. mr ? "+DTP:%d:%s:%s:%d\n"
  4063. : "Doing %u bits %s %s ops for %ds: ", bits, str, str2, tm);
  4064. (void)BIO_flush(bio_err);
  4065. run = 1;
  4066. alarm(tm);
  4067. }
  4068. static void kskey_print_message(const char *str, const char *str2, int tm)
  4069. {
  4070. BIO_printf(bio_err,
  4071. mr ? "+DTP:%s:%s:%d\n"
  4072. : "Doing %s %s ops for %ds: ", str, str2, tm);
  4073. (void)BIO_flush(bio_err);
  4074. run = 1;
  4075. alarm(tm);
  4076. }
  4077. static void print_result(int alg, int run_no, int count, double time_used)
  4078. {
  4079. if (count == -1) {
  4080. BIO_printf(bio_err, "%s error!\n", names[alg]);
  4081. ERR_print_errors(bio_err);
  4082. return;
  4083. }
  4084. BIO_printf(bio_err,
  4085. mr ? "+R:%d:%s:%f\n"
  4086. : "%d %s ops in %.2fs\n", count, names[alg], time_used);
  4087. results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
  4088. }
  4089. #ifndef NO_FORK
  4090. static char *sstrsep(char **string, const char *delim)
  4091. {
  4092. char isdelim[256];
  4093. char *token = *string;
  4094. memset(isdelim, 0, sizeof(isdelim));
  4095. isdelim[0] = 1;
  4096. while (*delim) {
  4097. isdelim[(unsigned char)(*delim)] = 1;
  4098. delim++;
  4099. }
  4100. while (!isdelim[(unsigned char)(**string)])
  4101. (*string)++;
  4102. if (**string) {
  4103. **string = 0;
  4104. (*string)++;
  4105. }
  4106. return token;
  4107. }
  4108. static int strtoint(const char *str, const int min_val, const int upper_val,
  4109. int *res)
  4110. {
  4111. char *end = NULL;
  4112. long int val = 0;
  4113. errno = 0;
  4114. val = strtol(str, &end, 10);
  4115. if (errno == 0 && end != str && *end == 0
  4116. && min_val <= val && val < upper_val) {
  4117. *res = (int)val;
  4118. return 1;
  4119. } else {
  4120. return 0;
  4121. }
  4122. }
  4123. static int do_multi(int multi, int size_num)
  4124. {
  4125. int n;
  4126. int fd[2];
  4127. int *fds;
  4128. int status;
  4129. static char sep[] = ":";
  4130. fds = app_malloc(sizeof(*fds) * multi, "fd buffer for do_multi");
  4131. for (n = 0; n < multi; ++n) {
  4132. if (pipe(fd) == -1) {
  4133. BIO_printf(bio_err, "pipe failure\n");
  4134. exit(1);
  4135. }
  4136. fflush(stdout);
  4137. (void)BIO_flush(bio_err);
  4138. if (fork()) {
  4139. close(fd[1]);
  4140. fds[n] = fd[0];
  4141. } else {
  4142. close(fd[0]);
  4143. close(1);
  4144. if (dup(fd[1]) == -1) {
  4145. BIO_printf(bio_err, "dup failed\n");
  4146. exit(1);
  4147. }
  4148. close(fd[1]);
  4149. mr = 1;
  4150. usertime = 0;
  4151. OPENSSL_free(fds);
  4152. return 0;
  4153. }
  4154. printf("Forked child %d\n", n);
  4155. }
  4156. /* for now, assume the pipe is long enough to take all the output */
  4157. for (n = 0; n < multi; ++n) {
  4158. FILE *f;
  4159. char buf[1024];
  4160. char *p;
  4161. char *tk;
  4162. int k;
  4163. double d;
  4164. if ((f = fdopen(fds[n], "r")) == NULL) {
  4165. BIO_printf(bio_err, "fdopen failure with 0x%x\n",
  4166. errno);
  4167. OPENSSL_free(fds);
  4168. return 1;
  4169. }
  4170. while (fgets(buf, sizeof(buf), f)) {
  4171. p = strchr(buf, '\n');
  4172. if (p)
  4173. *p = '\0';
  4174. if (buf[0] != '+') {
  4175. BIO_printf(bio_err,
  4176. "Don't understand line '%s' from child %d\n", buf,
  4177. n);
  4178. continue;
  4179. }
  4180. printf("Got: %s from %d\n", buf, n);
  4181. p = buf;
  4182. if (CHECK_AND_SKIP_PREFIX(p, "+F:")) {
  4183. int alg;
  4184. int j;
  4185. if (strtoint(sstrsep(&p, sep), 0, ALGOR_NUM, &alg)) {
  4186. sstrsep(&p, sep);
  4187. for (j = 0; j < size_num; ++j)
  4188. results[alg][j] += atof(sstrsep(&p, sep));
  4189. }
  4190. } else if (CHECK_AND_SKIP_PREFIX(p, "+F2:")) {
  4191. tk = sstrsep(&p, sep);
  4192. if (strtoint(tk, 0, OSSL_NELEM(rsa_results), &k)) {
  4193. sstrsep(&p, sep);
  4194. d = atof(sstrsep(&p, sep));
  4195. rsa_results[k][0] += d;
  4196. d = atof(sstrsep(&p, sep));
  4197. rsa_results[k][1] += d;
  4198. d = atof(sstrsep(&p, sep));
  4199. rsa_results[k][2] += d;
  4200. d = atof(sstrsep(&p, sep));
  4201. rsa_results[k][3] += d;
  4202. }
  4203. } else if (CHECK_AND_SKIP_PREFIX(p, "+F3:")) {
  4204. tk = sstrsep(&p, sep);
  4205. if (strtoint(tk, 0, OSSL_NELEM(dsa_results), &k)) {
  4206. sstrsep(&p, sep);
  4207. d = atof(sstrsep(&p, sep));
  4208. dsa_results[k][0] += d;
  4209. d = atof(sstrsep(&p, sep));
  4210. dsa_results[k][1] += d;
  4211. }
  4212. } else if (CHECK_AND_SKIP_PREFIX(p, "+F4:")) {
  4213. tk = sstrsep(&p, sep);
  4214. if (strtoint(tk, 0, OSSL_NELEM(ecdsa_results), &k)) {
  4215. sstrsep(&p, sep);
  4216. d = atof(sstrsep(&p, sep));
  4217. ecdsa_results[k][0] += d;
  4218. d = atof(sstrsep(&p, sep));
  4219. ecdsa_results[k][1] += d;
  4220. }
  4221. } else if (CHECK_AND_SKIP_PREFIX(p, "+F5:")) {
  4222. tk = sstrsep(&p, sep);
  4223. if (strtoint(tk, 0, OSSL_NELEM(ecdh_results), &k)) {
  4224. sstrsep(&p, sep);
  4225. d = atof(sstrsep(&p, sep));
  4226. ecdh_results[k][0] += d;
  4227. }
  4228. # ifndef OPENSSL_NO_ECX
  4229. } else if (CHECK_AND_SKIP_PREFIX(p, "+F6:")) {
  4230. tk = sstrsep(&p, sep);
  4231. if (strtoint(tk, 0, OSSL_NELEM(eddsa_results), &k)) {
  4232. sstrsep(&p, sep);
  4233. sstrsep(&p, sep);
  4234. d = atof(sstrsep(&p, sep));
  4235. eddsa_results[k][0] += d;
  4236. d = atof(sstrsep(&p, sep));
  4237. eddsa_results[k][1] += d;
  4238. }
  4239. # endif /* OPENSSL_NO_ECX */
  4240. # ifndef OPENSSL_NO_SM2
  4241. } else if (CHECK_AND_SKIP_PREFIX(p, "+F7:")) {
  4242. tk = sstrsep(&p, sep);
  4243. if (strtoint(tk, 0, OSSL_NELEM(sm2_results), &k)) {
  4244. sstrsep(&p, sep);
  4245. sstrsep(&p, sep);
  4246. d = atof(sstrsep(&p, sep));
  4247. sm2_results[k][0] += d;
  4248. d = atof(sstrsep(&p, sep));
  4249. sm2_results[k][1] += d;
  4250. }
  4251. # endif /* OPENSSL_NO_SM2 */
  4252. # ifndef OPENSSL_NO_DH
  4253. } else if (CHECK_AND_SKIP_PREFIX(p, "+F8:")) {
  4254. tk = sstrsep(&p, sep);
  4255. if (strtoint(tk, 0, OSSL_NELEM(ffdh_results), &k)) {
  4256. sstrsep(&p, sep);
  4257. d = atof(sstrsep(&p, sep));
  4258. ffdh_results[k][0] += d;
  4259. }
  4260. # endif /* OPENSSL_NO_DH */
  4261. } else if (CHECK_AND_SKIP_PREFIX(p, "+F9:")) {
  4262. tk = sstrsep(&p, sep);
  4263. if (strtoint(tk, 0, OSSL_NELEM(kems_results), &k)) {
  4264. d = atof(sstrsep(&p, sep));
  4265. kems_results[k][0] += d;
  4266. d = atof(sstrsep(&p, sep));
  4267. kems_results[k][1] += d;
  4268. d = atof(sstrsep(&p, sep));
  4269. kems_results[k][2] += d;
  4270. }
  4271. } else if (CHECK_AND_SKIP_PREFIX(p, "+F10:")) {
  4272. tk = sstrsep(&p, sep);
  4273. if (strtoint(tk, 0, OSSL_NELEM(sigs_results), &k)) {
  4274. d = atof(sstrsep(&p, sep));
  4275. sigs_results[k][0] += d;
  4276. d = atof(sstrsep(&p, sep));
  4277. sigs_results[k][1] += d;
  4278. d = atof(sstrsep(&p, sep));
  4279. sigs_results[k][2] += d;
  4280. }
  4281. } else if (!HAS_PREFIX(buf, "+H:")) {
  4282. BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf,
  4283. n);
  4284. }
  4285. }
  4286. fclose(f);
  4287. }
  4288. OPENSSL_free(fds);
  4289. for (n = 0; n < multi; ++n) {
  4290. while (wait(&status) == -1)
  4291. if (errno != EINTR) {
  4292. BIO_printf(bio_err, "Waitng for child failed with 0x%x\n",
  4293. errno);
  4294. return 1;
  4295. }
  4296. if (WIFEXITED(status) && WEXITSTATUS(status)) {
  4297. BIO_printf(bio_err, "Child exited with %d\n", WEXITSTATUS(status));
  4298. } else if (WIFSIGNALED(status)) {
  4299. BIO_printf(bio_err, "Child terminated by signal %d\n",
  4300. WTERMSIG(status));
  4301. }
  4302. }
  4303. return 1;
  4304. }
  4305. #endif
  4306. static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
  4307. const openssl_speed_sec_t *seconds)
  4308. {
  4309. static const int mblengths_list[] =
  4310. { 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 };
  4311. const int *mblengths = mblengths_list;
  4312. int j, count, keylen, num = OSSL_NELEM(mblengths_list), ciph_success = 1;
  4313. const char *alg_name;
  4314. unsigned char *inp = NULL, *out = NULL, *key, no_key[32], no_iv[16];
  4315. EVP_CIPHER_CTX *ctx = NULL;
  4316. double d = 0.0;
  4317. if (lengths_single) {
  4318. mblengths = &lengths_single;
  4319. num = 1;
  4320. }
  4321. inp = app_malloc(mblengths[num - 1], "multiblock input buffer");
  4322. out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer");
  4323. if ((ctx = EVP_CIPHER_CTX_new()) == NULL)
  4324. app_bail_out("failed to allocate cipher context\n");
  4325. if (!EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv))
  4326. app_bail_out("failed to initialise cipher context\n");
  4327. if ((keylen = EVP_CIPHER_CTX_get_key_length(ctx)) < 0) {
  4328. BIO_printf(bio_err, "Impossible negative key length: %d\n", keylen);
  4329. goto err;
  4330. }
  4331. key = app_malloc(keylen, "evp_cipher key");
  4332. if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
  4333. app_bail_out("failed to generate random cipher key\n");
  4334. if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL))
  4335. app_bail_out("failed to set cipher key\n");
  4336. OPENSSL_clear_free(key, keylen);
  4337. if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY,
  4338. sizeof(no_key), no_key) <= 0)
  4339. app_bail_out("failed to set AEAD key\n");
  4340. if ((alg_name = EVP_CIPHER_get0_name(evp_cipher)) == NULL)
  4341. app_bail_out("failed to get cipher name\n");
  4342. for (j = 0; j < num; j++) {
  4343. print_message(alg_name, mblengths[j], seconds->sym);
  4344. Time_F(START);
  4345. for (count = 0; run && count < INT_MAX; count++) {
  4346. unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
  4347. EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
  4348. size_t len = mblengths[j];
  4349. int packlen;
  4350. memset(aad, 0, 8); /* avoid uninitialized values */
  4351. aad[8] = 23; /* SSL3_RT_APPLICATION_DATA */
  4352. aad[9] = 3; /* version */
  4353. aad[10] = 2;
  4354. aad[11] = 0; /* length */
  4355. aad[12] = 0;
  4356. mb_param.out = NULL;
  4357. mb_param.inp = aad;
  4358. mb_param.len = len;
  4359. mb_param.interleave = 8;
  4360. packlen = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
  4361. sizeof(mb_param), &mb_param);
  4362. if (packlen > 0) {
  4363. mb_param.out = out;
  4364. mb_param.inp = inp;
  4365. mb_param.len = len;
  4366. (void)EVP_CIPHER_CTX_ctrl(ctx,
  4367. EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
  4368. sizeof(mb_param), &mb_param);
  4369. } else {
  4370. int pad;
  4371. if (RAND_bytes(inp, 16) <= 0)
  4372. app_bail_out("error setting random bytes\n");
  4373. len += 16;
  4374. aad[11] = (unsigned char)(len >> 8);
  4375. aad[12] = (unsigned char)(len);
  4376. pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD,
  4377. EVP_AEAD_TLS1_AAD_LEN, aad);
  4378. ciph_success = EVP_Cipher(ctx, out, inp, len + pad);
  4379. }
  4380. }
  4381. d = Time_F(STOP);
  4382. BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n"
  4383. : "%d %s ops in %.2fs\n", count, "evp", d);
  4384. if ((ciph_success <= 0) && (mr == 0))
  4385. BIO_printf(bio_err, "Error performing cipher op\n");
  4386. results[D_EVP][j] = ((double)count) / d * mblengths[j];
  4387. }
  4388. if (mr) {
  4389. fprintf(stdout, "+H");
  4390. for (j = 0; j < num; j++)
  4391. fprintf(stdout, ":%d", mblengths[j]);
  4392. fprintf(stdout, "\n");
  4393. fprintf(stdout, "+F:%d:%s", D_EVP, alg_name);
  4394. for (j = 0; j < num; j++)
  4395. fprintf(stdout, ":%.2f", results[D_EVP][j]);
  4396. fprintf(stdout, "\n");
  4397. } else {
  4398. fprintf(stdout,
  4399. "The 'numbers' are in 1000s of bytes per second processed.\n");
  4400. fprintf(stdout, "type ");
  4401. for (j = 0; j < num; j++)
  4402. fprintf(stdout, "%7d bytes", mblengths[j]);
  4403. fprintf(stdout, "\n");
  4404. fprintf(stdout, "%-24s", alg_name);
  4405. for (j = 0; j < num; j++) {
  4406. if (results[D_EVP][j] > 10000)
  4407. fprintf(stdout, " %11.2fk", results[D_EVP][j] / 1e3);
  4408. else
  4409. fprintf(stdout, " %11.2f ", results[D_EVP][j]);
  4410. }
  4411. fprintf(stdout, "\n");
  4412. }
  4413. err:
  4414. OPENSSL_free(inp);
  4415. OPENSSL_free(out);
  4416. EVP_CIPHER_CTX_free(ctx);
  4417. }