1 /* 2 * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved. 3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved 4 * 5 * Licensed under the Apache License 2.0 (the "License"). You may not use 6 * this file except in compliance with the License. You can obtain a copy 7 * in the file LICENSE in the source distribution or at 8 * https://www.openssl.org/source/license.html 9 */ 10 11 #undef SECONDS 12 #define SECONDS 3 13 #define PKEY_SECONDS 10 14 15 #define RSA_SECONDS PKEY_SECONDS 16 #define DSA_SECONDS PKEY_SECONDS 17 #define ECDSA_SECONDS PKEY_SECONDS 18 #define ECDH_SECONDS PKEY_SECONDS 19 #define EdDSA_SECONDS PKEY_SECONDS 20 #define SM2_SECONDS PKEY_SECONDS 21 #define FFDH_SECONDS PKEY_SECONDS 22 23 /* We need to use some deprecated APIs */ 24 #define OPENSSL_SUPPRESS_DEPRECATED 25 26 #include <stdio.h> 27 #include <stdlib.h> 28 #include <string.h> 29 #include <math.h> 30 #include "apps.h" 31 #include "progs.h" 32 #include "internal/numbers.h" 33 #include <openssl/crypto.h> 34 #include <openssl/rand.h> 35 #include <openssl/err.h> 36 #include <openssl/evp.h> 37 #include <openssl/objects.h> 38 #include <openssl/core_names.h> 39 #include <openssl/async.h> 40 #if !defined(OPENSSL_SYS_MSDOS) 41 # include <unistd.h> 42 #endif 43 44 #if defined(__TANDEM) 45 # if defined(OPENSSL_TANDEM_FLOSS) 46 # include <floss.h(floss_fork)> 47 # endif 48 #endif 49 50 #if defined(_WIN32) 51 # include <windows.h> 52 #endif 53 54 #include <openssl/bn.h> 55 #include <openssl/rsa.h> 56 #include "./testrsa.h" 57 #ifndef OPENSSL_NO_DH 58 # include <openssl/dh.h> 59 #endif 60 #include <openssl/x509.h> 61 #include <openssl/dsa.h> 62 #include "./testdsa.h" 63 #include <openssl/modes.h> 64 65 #ifndef HAVE_FORK 66 # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS) 67 # define HAVE_FORK 0 68 # else 69 # define HAVE_FORK 1 70 # include <sys/wait.h> 71 # endif 72 #endif 73 74 #if HAVE_FORK 75 # undef NO_FORK 76 #else 77 # define NO_FORK 78 #endif 79 80 #define MAX_MISALIGNMENT 63 81 #define MAX_ECDH_SIZE 256 82 #define MISALIGN 64 83 #define MAX_FFDH_SIZE 1024 84 85 #ifndef RSA_DEFAULT_PRIME_NUM 86 # define RSA_DEFAULT_PRIME_NUM 2 87 #endif 88 89 typedef struct openssl_speed_sec_st { 90 int sym; 91 int rsa; 92 int dsa; 93 int ecdsa; 94 int ecdh; 95 int eddsa; 96 int sm2; 97 int ffdh; 98 } openssl_speed_sec_t; 99 100 static volatile int run = 0; 101 102 static int mr = 0; /* machine-readeable output format to merge fork results */ 103 static int usertime = 1; 104 105 static double Time_F(int s); 106 static void print_message(const char *s, long num, int length, int tm); 107 static void pkey_print_message(const char *str, const char *str2, 108 long num, unsigned int bits, int sec); 109 static void print_result(int alg, int run_no, int count, double time_used); 110 #ifndef NO_FORK 111 static int do_multi(int multi, int size_num); 112 #endif 113 114 static const int lengths_list[] = { 115 16, 64, 256, 1024, 8 * 1024, 16 * 1024 116 }; 117 #define SIZE_NUM OSSL_NELEM(lengths_list) 118 static const int *lengths = lengths_list; 119 120 static const int aead_lengths_list[] = { 121 2, 31, 136, 1024, 8 * 1024, 16 * 1024 122 }; 123 124 #define START 0 125 #define STOP 1 126 127 #ifdef SIGALRM 128 129 static void alarmed(int sig) 130 { 131 signal(SIGALRM, alarmed); 132 run = 0; 133 } 134 135 static double Time_F(int s) 136 { 137 double ret = app_tminterval(s, usertime); 138 if (s == STOP) 139 alarm(0); 140 return ret; 141 } 142 143 #elif defined(_WIN32) 144 145 # define SIGALRM -1 146 147 static unsigned int lapse; 148 static volatile unsigned int schlock; 149 static void alarm_win32(unsigned int secs) 150 { 151 lapse = secs * 1000; 152 } 153 154 # define alarm alarm_win32 155 156 static DWORD WINAPI sleepy(VOID * arg) 157 { 158 schlock = 1; 159 Sleep(lapse); 160 run = 0; 161 return 0; 162 } 163 164 static double Time_F(int s) 165 { 166 double ret; 167 static HANDLE thr; 168 169 if (s == START) { 170 schlock = 0; 171 thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL); 172 if (thr == NULL) { 173 DWORD err = GetLastError(); 174 BIO_printf(bio_err, "unable to CreateThread (%lu)", err); 175 ExitProcess(err); 176 } 177 while (!schlock) 178 Sleep(0); /* scheduler spinlock */ 179 ret = app_tminterval(s, usertime); 180 } else { 181 ret = app_tminterval(s, usertime); 182 if (run) 183 TerminateThread(thr, 0); 184 CloseHandle(thr); 185 } 186 187 return ret; 188 } 189 #else 190 # error "SIGALRM not defined and the platform is not Windows" 191 #endif 192 193 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single, 194 const openssl_speed_sec_t *seconds); 195 196 static int opt_found(const char *name, unsigned int *result, 197 const OPT_PAIR pairs[], unsigned int nbelem) 198 { 199 unsigned int idx; 200 201 for (idx = 0; idx < nbelem; ++idx, pairs++) 202 if (strcmp(name, pairs->name) == 0) { 203 *result = pairs->retval; 204 return 1; 205 } 206 return 0; 207 } 208 #define opt_found(value, pairs, result)\ 209 opt_found(value, result, pairs, OSSL_NELEM(pairs)) 210 211 typedef enum OPTION_choice { 212 OPT_COMMON, 213 OPT_ELAPSED, OPT_EVP, OPT_HMAC, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI, 214 OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM, OPT_PROV_ENUM, 215 OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD, OPT_CMAC 216 } OPTION_CHOICE; 217 218 const OPTIONS speed_options[] = { 219 {OPT_HELP_STR, 1, '-', "Usage: %s [options] [algorithm...]\n"}, 220 221 OPT_SECTION("General"), 222 {"help", OPT_HELP, '-', "Display this summary"}, 223 {"mb", OPT_MB, '-', 224 "Enable (tls1>=1) multi-block mode on EVP-named cipher"}, 225 {"mr", OPT_MR, '-', "Produce machine readable output"}, 226 #ifndef NO_FORK 227 {"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"}, 228 #endif 229 #ifndef OPENSSL_NO_ASYNC 230 {"async_jobs", OPT_ASYNCJOBS, 'p', 231 "Enable async mode and start specified number of jobs"}, 232 #endif 233 #ifndef OPENSSL_NO_ENGINE 234 {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, 235 #endif 236 {"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"}, 237 238 OPT_SECTION("Selection"), 239 {"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"}, 240 {"hmac", OPT_HMAC, 's', "HMAC using EVP-named digest"}, 241 {"cmac", OPT_CMAC, 's', "CMAC using EVP-named cipher"}, 242 {"decrypt", OPT_DECRYPT, '-', 243 "Time decryption instead of encryption (only EVP)"}, 244 {"aead", OPT_AEAD, '-', 245 "Benchmark EVP-named AEAD cipher in TLS-like sequence"}, 246 247 OPT_SECTION("Timing"), 248 {"elapsed", OPT_ELAPSED, '-', 249 "Use wall-clock time instead of CPU user time as divisor"}, 250 {"seconds", OPT_SECONDS, 'p', 251 "Run benchmarks for specified amount of seconds"}, 252 {"bytes", OPT_BYTES, 'p', 253 "Run [non-PKI] benchmarks on custom-sized buffer"}, 254 {"misalign", OPT_MISALIGN, 'p', 255 "Use specified offset to mis-align buffers"}, 256 257 OPT_R_OPTIONS, 258 OPT_PROV_OPTIONS, 259 260 OPT_PARAMETERS(), 261 {"algorithm", 0, 0, "Algorithm(s) to test (optional; otherwise tests all)"}, 262 {NULL} 263 }; 264 265 enum { 266 D_MD2, D_MDC2, D_MD4, D_MD5, D_SHA1, D_RMD160, 267 D_SHA256, D_SHA512, D_WHIRLPOOL, D_HMAC, 268 D_CBC_DES, D_EDE3_DES, D_RC4, D_CBC_IDEA, D_CBC_SEED, 269 D_CBC_RC2, D_CBC_RC5, D_CBC_BF, D_CBC_CAST, 270 D_CBC_128_AES, D_CBC_192_AES, D_CBC_256_AES, 271 D_CBC_128_CML, D_CBC_192_CML, D_CBC_256_CML, 272 D_EVP, D_GHASH, D_RAND, D_EVP_CMAC, ALGOR_NUM 273 }; 274 /* name of algorithms to test. MUST BE KEEP IN SYNC with above enum ! */ 275 static const char *names[ALGOR_NUM] = { 276 "md2", "mdc2", "md4", "md5", "sha1", "rmd160", 277 "sha256", "sha512", "whirlpool", "hmac(md5)", 278 "des-cbc", "des-ede3", "rc4", "idea-cbc", "seed-cbc", 279 "rc2-cbc", "rc5-cbc", "blowfish", "cast-cbc", 280 "aes-128-cbc", "aes-192-cbc", "aes-256-cbc", 281 "camellia-128-cbc", "camellia-192-cbc", "camellia-256-cbc", 282 "evp", "ghash", "rand", "cmac" 283 }; 284 285 /* list of configured algorithm (remaining), with some few alias */ 286 static const OPT_PAIR doit_choices[] = { 287 {"md2", D_MD2}, 288 {"mdc2", D_MDC2}, 289 {"md4", D_MD4}, 290 {"md5", D_MD5}, 291 {"hmac", D_HMAC}, 292 {"sha1", D_SHA1}, 293 {"sha256", D_SHA256}, 294 {"sha512", D_SHA512}, 295 {"whirlpool", D_WHIRLPOOL}, 296 {"ripemd", D_RMD160}, 297 {"rmd160", D_RMD160}, 298 {"ripemd160", D_RMD160}, 299 {"rc4", D_RC4}, 300 {"des-cbc", D_CBC_DES}, 301 {"des-ede3", D_EDE3_DES}, 302 {"aes-128-cbc", D_CBC_128_AES}, 303 {"aes-192-cbc", D_CBC_192_AES}, 304 {"aes-256-cbc", D_CBC_256_AES}, 305 {"camellia-128-cbc", D_CBC_128_CML}, 306 {"camellia-192-cbc", D_CBC_192_CML}, 307 {"camellia-256-cbc", D_CBC_256_CML}, 308 {"rc2-cbc", D_CBC_RC2}, 309 {"rc2", D_CBC_RC2}, 310 {"rc5-cbc", D_CBC_RC5}, 311 {"rc5", D_CBC_RC5}, 312 {"idea-cbc", D_CBC_IDEA}, 313 {"idea", D_CBC_IDEA}, 314 {"seed-cbc", D_CBC_SEED}, 315 {"seed", D_CBC_SEED}, 316 {"bf-cbc", D_CBC_BF}, 317 {"blowfish", D_CBC_BF}, 318 {"bf", D_CBC_BF}, 319 {"cast-cbc", D_CBC_CAST}, 320 {"cast", D_CBC_CAST}, 321 {"cast5", D_CBC_CAST}, 322 {"ghash", D_GHASH}, 323 {"rand", D_RAND} 324 }; 325 326 static double results[ALGOR_NUM][SIZE_NUM]; 327 328 enum { R_DSA_512, R_DSA_1024, R_DSA_2048, DSA_NUM }; 329 static const OPT_PAIR dsa_choices[DSA_NUM] = { 330 {"dsa512", R_DSA_512}, 331 {"dsa1024", R_DSA_1024}, 332 {"dsa2048", R_DSA_2048} 333 }; 334 static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */ 335 336 enum { 337 R_RSA_512, R_RSA_1024, R_RSA_2048, R_RSA_3072, R_RSA_4096, R_RSA_7680, 338 R_RSA_15360, RSA_NUM 339 }; 340 static const OPT_PAIR rsa_choices[RSA_NUM] = { 341 {"rsa512", R_RSA_512}, 342 {"rsa1024", R_RSA_1024}, 343 {"rsa2048", R_RSA_2048}, 344 {"rsa3072", R_RSA_3072}, 345 {"rsa4096", R_RSA_4096}, 346 {"rsa7680", R_RSA_7680}, 347 {"rsa15360", R_RSA_15360} 348 }; 349 350 static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */ 351 352 #ifndef OPENSSL_NO_DH 353 enum ff_params_t { 354 R_FFDH_2048, R_FFDH_3072, R_FFDH_4096, R_FFDH_6144, R_FFDH_8192, FFDH_NUM 355 }; 356 357 static const OPT_PAIR ffdh_choices[FFDH_NUM] = { 358 {"ffdh2048", R_FFDH_2048}, 359 {"ffdh3072", R_FFDH_3072}, 360 {"ffdh4096", R_FFDH_4096}, 361 {"ffdh6144", R_FFDH_6144}, 362 {"ffdh8192", R_FFDH_8192}, 363 }; 364 365 static double ffdh_results[FFDH_NUM][1]; /* 1 op: derivation */ 366 #endif /* OPENSSL_NO_DH */ 367 368 enum ec_curves_t { 369 R_EC_P160, R_EC_P192, R_EC_P224, R_EC_P256, R_EC_P384, R_EC_P521, 370 #ifndef OPENSSL_NO_EC2M 371 R_EC_K163, R_EC_K233, R_EC_K283, R_EC_K409, R_EC_K571, 372 R_EC_B163, R_EC_B233, R_EC_B283, R_EC_B409, R_EC_B571, 373 #endif 374 R_EC_BRP256R1, R_EC_BRP256T1, R_EC_BRP384R1, R_EC_BRP384T1, 375 R_EC_BRP512R1, R_EC_BRP512T1, ECDSA_NUM 376 }; 377 /* list of ecdsa curves */ 378 static const OPT_PAIR ecdsa_choices[ECDSA_NUM] = { 379 {"ecdsap160", R_EC_P160}, 380 {"ecdsap192", R_EC_P192}, 381 {"ecdsap224", R_EC_P224}, 382 {"ecdsap256", R_EC_P256}, 383 {"ecdsap384", R_EC_P384}, 384 {"ecdsap521", R_EC_P521}, 385 #ifndef OPENSSL_NO_EC2M 386 {"ecdsak163", R_EC_K163}, 387 {"ecdsak233", R_EC_K233}, 388 {"ecdsak283", R_EC_K283}, 389 {"ecdsak409", R_EC_K409}, 390 {"ecdsak571", R_EC_K571}, 391 {"ecdsab163", R_EC_B163}, 392 {"ecdsab233", R_EC_B233}, 393 {"ecdsab283", R_EC_B283}, 394 {"ecdsab409", R_EC_B409}, 395 {"ecdsab571", R_EC_B571}, 396 #endif 397 {"ecdsabrp256r1", R_EC_BRP256R1}, 398 {"ecdsabrp256t1", R_EC_BRP256T1}, 399 {"ecdsabrp384r1", R_EC_BRP384R1}, 400 {"ecdsabrp384t1", R_EC_BRP384T1}, 401 {"ecdsabrp512r1", R_EC_BRP512R1}, 402 {"ecdsabrp512t1", R_EC_BRP512T1} 403 }; 404 enum { R_EC_X25519 = ECDSA_NUM, R_EC_X448, EC_NUM }; 405 /* list of ecdh curves, extension of |ecdsa_choices| list above */ 406 static const OPT_PAIR ecdh_choices[EC_NUM] = { 407 {"ecdhp160", R_EC_P160}, 408 {"ecdhp192", R_EC_P192}, 409 {"ecdhp224", R_EC_P224}, 410 {"ecdhp256", R_EC_P256}, 411 {"ecdhp384", R_EC_P384}, 412 {"ecdhp521", R_EC_P521}, 413 #ifndef OPENSSL_NO_EC2M 414 {"ecdhk163", R_EC_K163}, 415 {"ecdhk233", R_EC_K233}, 416 {"ecdhk283", R_EC_K283}, 417 {"ecdhk409", R_EC_K409}, 418 {"ecdhk571", R_EC_K571}, 419 {"ecdhb163", R_EC_B163}, 420 {"ecdhb233", R_EC_B233}, 421 {"ecdhb283", R_EC_B283}, 422 {"ecdhb409", R_EC_B409}, 423 {"ecdhb571", R_EC_B571}, 424 #endif 425 {"ecdhbrp256r1", R_EC_BRP256R1}, 426 {"ecdhbrp256t1", R_EC_BRP256T1}, 427 {"ecdhbrp384r1", R_EC_BRP384R1}, 428 {"ecdhbrp384t1", R_EC_BRP384T1}, 429 {"ecdhbrp512r1", R_EC_BRP512R1}, 430 {"ecdhbrp512t1", R_EC_BRP512T1}, 431 {"ecdhx25519", R_EC_X25519}, 432 {"ecdhx448", R_EC_X448} 433 }; 434 435 static double ecdh_results[EC_NUM][1]; /* 1 op: derivation */ 436 static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */ 437 438 enum { R_EC_Ed25519, R_EC_Ed448, EdDSA_NUM }; 439 static const OPT_PAIR eddsa_choices[EdDSA_NUM] = { 440 {"ed25519", R_EC_Ed25519}, 441 {"ed448", R_EC_Ed448} 442 443 }; 444 static double eddsa_results[EdDSA_NUM][2]; /* 2 ops: sign then verify */ 445 446 #ifndef OPENSSL_NO_SM2 447 enum { R_EC_CURVESM2, SM2_NUM }; 448 static const OPT_PAIR sm2_choices[SM2_NUM] = { 449 {"curveSM2", R_EC_CURVESM2} 450 }; 451 # define SM2_ID "TLSv1.3+GM+Cipher+Suite" 452 # define SM2_ID_LEN sizeof("TLSv1.3+GM+Cipher+Suite") - 1 453 static double sm2_results[SM2_NUM][2]; /* 2 ops: sign then verify */ 454 #endif /* OPENSSL_NO_SM2 */ 455 456 #define COND(unused_cond) (run && count < INT_MAX) 457 #define COUNT(d) (count) 458 459 typedef struct loopargs_st { 460 ASYNC_JOB *inprogress_job; 461 ASYNC_WAIT_CTX *wait_ctx; 462 unsigned char *buf; 463 unsigned char *buf2; 464 unsigned char *buf_malloc; 465 unsigned char *buf2_malloc; 466 unsigned char *key; 467 size_t buflen; 468 size_t sigsize; 469 EVP_PKEY_CTX *rsa_sign_ctx[RSA_NUM]; 470 EVP_PKEY_CTX *rsa_verify_ctx[RSA_NUM]; 471 EVP_PKEY_CTX *dsa_sign_ctx[DSA_NUM]; 472 EVP_PKEY_CTX *dsa_verify_ctx[DSA_NUM]; 473 EVP_PKEY_CTX *ecdsa_sign_ctx[ECDSA_NUM]; 474 EVP_PKEY_CTX *ecdsa_verify_ctx[ECDSA_NUM]; 475 EVP_PKEY_CTX *ecdh_ctx[EC_NUM]; 476 EVP_MD_CTX *eddsa_ctx[EdDSA_NUM]; 477 EVP_MD_CTX *eddsa_ctx2[EdDSA_NUM]; 478 #ifndef OPENSSL_NO_SM2 479 EVP_MD_CTX *sm2_ctx[SM2_NUM]; 480 EVP_MD_CTX *sm2_vfy_ctx[SM2_NUM]; 481 EVP_PKEY *sm2_pkey[SM2_NUM]; 482 #endif 483 unsigned char *secret_a; 484 unsigned char *secret_b; 485 size_t outlen[EC_NUM]; 486 #ifndef OPENSSL_NO_DH 487 EVP_PKEY_CTX *ffdh_ctx[FFDH_NUM]; 488 unsigned char *secret_ff_a; 489 unsigned char *secret_ff_b; 490 #endif 491 EVP_CIPHER_CTX *ctx; 492 EVP_MAC_CTX *mctx; 493 } loopargs_t; 494 static int run_benchmark(int async_jobs, int (*loop_function) (void *), 495 loopargs_t * loopargs); 496 497 static unsigned int testnum; 498 499 /* Nb of iterations to do per algorithm and key-size */ 500 static long c[ALGOR_NUM][SIZE_NUM]; 501 502 static char *evp_mac_mdname = "md5"; 503 static char *evp_hmac_name = NULL; 504 static const char *evp_md_name = NULL; 505 static char *evp_mac_ciphername = "aes-128-cbc"; 506 static char *evp_cmac_name = NULL; 507 508 static int have_md(const char *name) 509 { 510 int ret = 0; 511 EVP_MD *md = NULL; 512 513 if (opt_md_silent(name, &md)) { 514 EVP_MD_CTX *ctx = EVP_MD_CTX_new(); 515 516 if (ctx != NULL && EVP_DigestInit(ctx, md) > 0) 517 ret = 1; 518 EVP_MD_CTX_free(ctx); 519 EVP_MD_free(md); 520 } 521 return ret; 522 } 523 524 static int have_cipher(const char *name) 525 { 526 int ret = 0; 527 EVP_CIPHER *cipher = NULL; 528 529 if (opt_cipher_silent(name, &cipher)) { 530 EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new(); 531 532 if (ctx != NULL 533 && EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, 1) > 0) 534 ret = 1; 535 EVP_CIPHER_CTX_free(ctx); 536 EVP_CIPHER_free(cipher); 537 } 538 return ret; 539 } 540 541 static int EVP_Digest_loop(const char *mdname, int algindex, void *args) 542 { 543 loopargs_t *tempargs = *(loopargs_t **) args; 544 unsigned char *buf = tempargs->buf; 545 unsigned char digest[EVP_MAX_MD_SIZE]; 546 int count; 547 EVP_MD *md = NULL; 548 549 if (!opt_md_silent(mdname, &md)) 550 return -1; 551 for (count = 0; COND(c[algindex][testnum]); count++) { 552 if (!EVP_Digest(buf, (size_t)lengths[testnum], digest, NULL, md, 553 NULL)) { 554 count = -1; 555 break; 556 } 557 } 558 EVP_MD_free(md); 559 return count; 560 } 561 562 static int EVP_Digest_md_loop(void *args) 563 { 564 return EVP_Digest_loop(evp_md_name, D_EVP, args); 565 } 566 567 static int EVP_Digest_MD2_loop(void *args) 568 { 569 return EVP_Digest_loop("md2", D_MD2, args); 570 } 571 572 static int EVP_Digest_MDC2_loop(void *args) 573 { 574 return EVP_Digest_loop("mdc2", D_MDC2, args); 575 } 576 577 static int EVP_Digest_MD4_loop(void *args) 578 { 579 return EVP_Digest_loop("md4", D_MD4, args); 580 } 581 582 static int MD5_loop(void *args) 583 { 584 return EVP_Digest_loop("md5", D_MD5, args); 585 } 586 587 static int EVP_MAC_loop(int algindex, void *args) 588 { 589 loopargs_t *tempargs = *(loopargs_t **) args; 590 unsigned char *buf = tempargs->buf; 591 EVP_MAC_CTX *mctx = tempargs->mctx; 592 unsigned char mac[EVP_MAX_MD_SIZE]; 593 int count; 594 595 for (count = 0; COND(c[algindex][testnum]); count++) { 596 size_t outl; 597 598 if (!EVP_MAC_init(mctx, NULL, 0, NULL) 599 || !EVP_MAC_update(mctx, buf, lengths[testnum]) 600 || !EVP_MAC_final(mctx, mac, &outl, sizeof(mac))) 601 return -1; 602 } 603 return count; 604 } 605 606 static int HMAC_loop(void *args) 607 { 608 return EVP_MAC_loop(D_HMAC, args); 609 } 610 611 static int CMAC_loop(void *args) 612 { 613 return EVP_MAC_loop(D_EVP_CMAC, args); 614 } 615 616 static int SHA1_loop(void *args) 617 { 618 return EVP_Digest_loop("sha1", D_SHA1, args); 619 } 620 621 static int SHA256_loop(void *args) 622 { 623 return EVP_Digest_loop("sha256", D_SHA256, args); 624 } 625 626 static int SHA512_loop(void *args) 627 { 628 return EVP_Digest_loop("sha512", D_SHA512, args); 629 } 630 631 static int WHIRLPOOL_loop(void *args) 632 { 633 return EVP_Digest_loop("whirlpool", D_WHIRLPOOL, args); 634 } 635 636 static int EVP_Digest_RMD160_loop(void *args) 637 { 638 return EVP_Digest_loop("ripemd160", D_RMD160, args); 639 } 640 641 static int algindex; 642 643 static int EVP_Cipher_loop(void *args) 644 { 645 loopargs_t *tempargs = *(loopargs_t **) args; 646 unsigned char *buf = tempargs->buf; 647 int count; 648 649 if (tempargs->ctx == NULL) 650 return -1; 651 for (count = 0; COND(c[algindex][testnum]); count++) 652 if (EVP_Cipher(tempargs->ctx, buf, buf, (size_t)lengths[testnum]) <= 0) 653 return -1; 654 return count; 655 } 656 657 static int GHASH_loop(void *args) 658 { 659 loopargs_t *tempargs = *(loopargs_t **) args; 660 unsigned char *buf = tempargs->buf; 661 EVP_MAC_CTX *mctx = tempargs->mctx; 662 int count; 663 664 /* just do the update in the loop to be comparable with 1.1.1 */ 665 for (count = 0; COND(c[D_GHASH][testnum]); count++) { 666 if (!EVP_MAC_update(mctx, buf, lengths[testnum])) 667 return -1; 668 } 669 return count; 670 } 671 672 #define MAX_BLOCK_SIZE 128 673 674 static unsigned char iv[2 * MAX_BLOCK_SIZE / 8]; 675 676 static EVP_CIPHER_CTX *init_evp_cipher_ctx(const char *ciphername, 677 const unsigned char *key, 678 int keylen) 679 { 680 EVP_CIPHER_CTX *ctx = NULL; 681 EVP_CIPHER *cipher = NULL; 682 683 if (!opt_cipher_silent(ciphername, &cipher)) 684 return NULL; 685 686 if ((ctx = EVP_CIPHER_CTX_new()) == NULL) 687 goto end; 688 689 if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, 1)) { 690 EVP_CIPHER_CTX_free(ctx); 691 ctx = NULL; 692 goto end; 693 } 694 695 if (EVP_CIPHER_CTX_set_key_length(ctx, keylen) <= 0) { 696 EVP_CIPHER_CTX_free(ctx); 697 ctx = NULL; 698 goto end; 699 } 700 701 if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, 1)) { 702 EVP_CIPHER_CTX_free(ctx); 703 ctx = NULL; 704 goto end; 705 } 706 707 end: 708 EVP_CIPHER_free(cipher); 709 return ctx; 710 } 711 712 static int RAND_bytes_loop(void *args) 713 { 714 loopargs_t *tempargs = *(loopargs_t **) args; 715 unsigned char *buf = tempargs->buf; 716 int count; 717 718 for (count = 0; COND(c[D_RAND][testnum]); count++) 719 RAND_bytes(buf, lengths[testnum]); 720 return count; 721 } 722 723 static int decrypt = 0; 724 static int EVP_Update_loop(void *args) 725 { 726 loopargs_t *tempargs = *(loopargs_t **) args; 727 unsigned char *buf = tempargs->buf; 728 EVP_CIPHER_CTX *ctx = tempargs->ctx; 729 int outl, count, rc; 730 unsigned char faketag[16] = { 0xcc }; 731 732 if (decrypt) { 733 if (EVP_CIPHER_get_flags(EVP_CIPHER_CTX_get0_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER) { 734 (void)EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(faketag), faketag); 735 } 736 for (count = 0; COND(c[D_EVP][testnum]); count++) { 737 rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]); 738 if (rc != 1) { 739 /* reset iv in case of counter overflow */ 740 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1); 741 } 742 } 743 } else { 744 for (count = 0; COND(c[D_EVP][testnum]); count++) { 745 rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]); 746 if (rc != 1) { 747 /* reset iv in case of counter overflow */ 748 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1); 749 } 750 } 751 } 752 if (decrypt) 753 EVP_DecryptFinal_ex(ctx, buf, &outl); 754 else 755 EVP_EncryptFinal_ex(ctx, buf, &outl); 756 return count; 757 } 758 759 /* 760 * CCM does not support streaming. For the purpose of performance measurement, 761 * each message is encrypted using the same (key,iv)-pair. Do not use this 762 * code in your application. 763 */ 764 static int EVP_Update_loop_ccm(void *args) 765 { 766 loopargs_t *tempargs = *(loopargs_t **) args; 767 unsigned char *buf = tempargs->buf; 768 EVP_CIPHER_CTX *ctx = tempargs->ctx; 769 int outl, count; 770 unsigned char tag[12]; 771 772 if (decrypt) { 773 for (count = 0; COND(c[D_EVP][testnum]); count++) { 774 (void)EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), 775 tag); 776 /* reset iv */ 777 (void)EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv); 778 /* counter is reset on every update */ 779 (void)EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]); 780 } 781 } else { 782 for (count = 0; COND(c[D_EVP][testnum]); count++) { 783 /* restore iv length field */ 784 (void)EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]); 785 /* counter is reset on every update */ 786 (void)EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]); 787 } 788 } 789 if (decrypt) 790 (void)EVP_DecryptFinal_ex(ctx, buf, &outl); 791 else 792 (void)EVP_EncryptFinal_ex(ctx, buf, &outl); 793 return count; 794 } 795 796 /* 797 * To make AEAD benchmarking more relevant perform TLS-like operations, 798 * 13-byte AAD followed by payload. But don't use TLS-formatted AAD, as 799 * payload length is not actually limited by 16KB... 800 */ 801 static int EVP_Update_loop_aead(void *args) 802 { 803 loopargs_t *tempargs = *(loopargs_t **) args; 804 unsigned char *buf = tempargs->buf; 805 EVP_CIPHER_CTX *ctx = tempargs->ctx; 806 int outl, count; 807 unsigned char aad[13] = { 0xcc }; 808 unsigned char faketag[16] = { 0xcc }; 809 810 if (decrypt) { 811 for (count = 0; COND(c[D_EVP][testnum]); count++) { 812 (void)EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv); 813 (void)EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 814 sizeof(faketag), faketag); 815 (void)EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad)); 816 (void)EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]); 817 (void)EVP_DecryptFinal_ex(ctx, buf + outl, &outl); 818 } 819 } else { 820 for (count = 0; COND(c[D_EVP][testnum]); count++) { 821 (void)EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv); 822 (void)EVP_EncryptUpdate(ctx, NULL, &outl, aad, sizeof(aad)); 823 (void)EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]); 824 (void)EVP_EncryptFinal_ex(ctx, buf + outl, &outl); 825 } 826 } 827 return count; 828 } 829 830 static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */ 831 832 static int RSA_sign_loop(void *args) 833 { 834 loopargs_t *tempargs = *(loopargs_t **) args; 835 unsigned char *buf = tempargs->buf; 836 unsigned char *buf2 = tempargs->buf2; 837 size_t *rsa_num = &tempargs->sigsize; 838 EVP_PKEY_CTX **rsa_sign_ctx = tempargs->rsa_sign_ctx; 839 int ret, count; 840 841 for (count = 0; COND(rsa_c[testnum][0]); count++) { 842 *rsa_num = tempargs->buflen; 843 ret = EVP_PKEY_sign(rsa_sign_ctx[testnum], buf2, rsa_num, buf, 36); 844 if (ret <= 0) { 845 BIO_printf(bio_err, "RSA sign failure\n"); 846 ERR_print_errors(bio_err); 847 count = -1; 848 break; 849 } 850 } 851 return count; 852 } 853 854 static int RSA_verify_loop(void *args) 855 { 856 loopargs_t *tempargs = *(loopargs_t **) args; 857 unsigned char *buf = tempargs->buf; 858 unsigned char *buf2 = tempargs->buf2; 859 size_t rsa_num = tempargs->sigsize; 860 EVP_PKEY_CTX **rsa_verify_ctx = tempargs->rsa_verify_ctx; 861 int ret, count; 862 863 for (count = 0; COND(rsa_c[testnum][1]); count++) { 864 ret = EVP_PKEY_verify(rsa_verify_ctx[testnum], buf2, rsa_num, buf, 36); 865 if (ret <= 0) { 866 BIO_printf(bio_err, "RSA verify failure\n"); 867 ERR_print_errors(bio_err); 868 count = -1; 869 break; 870 } 871 } 872 return count; 873 } 874 875 #ifndef OPENSSL_NO_DH 876 static long ffdh_c[FFDH_NUM][1]; 877 878 static int FFDH_derive_key_loop(void *args) 879 { 880 loopargs_t *tempargs = *(loopargs_t **) args; 881 EVP_PKEY_CTX *ffdh_ctx = tempargs->ffdh_ctx[testnum]; 882 unsigned char *derived_secret = tempargs->secret_ff_a; 883 int count; 884 885 for (count = 0; COND(ffdh_c[testnum][0]); count++) { 886 /* outlen can be overwritten with a too small value (no padding used) */ 887 size_t outlen = MAX_FFDH_SIZE; 888 889 EVP_PKEY_derive(ffdh_ctx, derived_secret, &outlen); 890 } 891 return count; 892 } 893 #endif /* OPENSSL_NO_DH */ 894 895 static long dsa_c[DSA_NUM][2]; 896 static int DSA_sign_loop(void *args) 897 { 898 loopargs_t *tempargs = *(loopargs_t **) args; 899 unsigned char *buf = tempargs->buf; 900 unsigned char *buf2 = tempargs->buf2; 901 size_t *dsa_num = &tempargs->sigsize; 902 EVP_PKEY_CTX **dsa_sign_ctx = tempargs->dsa_sign_ctx; 903 int ret, count; 904 905 for (count = 0; COND(dsa_c[testnum][0]); count++) { 906 *dsa_num = tempargs->buflen; 907 ret = EVP_PKEY_sign(dsa_sign_ctx[testnum], buf2, dsa_num, buf, 20); 908 if (ret <= 0) { 909 BIO_printf(bio_err, "DSA sign failure\n"); 910 ERR_print_errors(bio_err); 911 count = -1; 912 break; 913 } 914 } 915 return count; 916 } 917 918 static int DSA_verify_loop(void *args) 919 { 920 loopargs_t *tempargs = *(loopargs_t **) args; 921 unsigned char *buf = tempargs->buf; 922 unsigned char *buf2 = tempargs->buf2; 923 size_t dsa_num = tempargs->sigsize; 924 EVP_PKEY_CTX **dsa_verify_ctx = tempargs->dsa_verify_ctx; 925 int ret, count; 926 927 for (count = 0; COND(dsa_c[testnum][1]); count++) { 928 ret = EVP_PKEY_verify(dsa_verify_ctx[testnum], buf2, dsa_num, buf, 20); 929 if (ret <= 0) { 930 BIO_printf(bio_err, "DSA verify failure\n"); 931 ERR_print_errors(bio_err); 932 count = -1; 933 break; 934 } 935 } 936 return count; 937 } 938 939 static long ecdsa_c[ECDSA_NUM][2]; 940 static int ECDSA_sign_loop(void *args) 941 { 942 loopargs_t *tempargs = *(loopargs_t **) args; 943 unsigned char *buf = tempargs->buf; 944 unsigned char *buf2 = tempargs->buf2; 945 size_t *ecdsa_num = &tempargs->sigsize; 946 EVP_PKEY_CTX **ecdsa_sign_ctx = tempargs->ecdsa_sign_ctx; 947 int ret, count; 948 949 for (count = 0; COND(ecdsa_c[testnum][0]); count++) { 950 *ecdsa_num = tempargs->buflen; 951 ret = EVP_PKEY_sign(ecdsa_sign_ctx[testnum], buf2, ecdsa_num, buf, 20); 952 if (ret <= 0) { 953 BIO_printf(bio_err, "ECDSA sign failure\n"); 954 ERR_print_errors(bio_err); 955 count = -1; 956 break; 957 } 958 } 959 return count; 960 } 961 962 static int ECDSA_verify_loop(void *args) 963 { 964 loopargs_t *tempargs = *(loopargs_t **) args; 965 unsigned char *buf = tempargs->buf; 966 unsigned char *buf2 = tempargs->buf2; 967 size_t ecdsa_num = tempargs->sigsize; 968 EVP_PKEY_CTX **ecdsa_verify_ctx = tempargs->ecdsa_verify_ctx; 969 int ret, count; 970 971 for (count = 0; COND(ecdsa_c[testnum][1]); count++) { 972 ret = EVP_PKEY_verify(ecdsa_verify_ctx[testnum], buf2, ecdsa_num, 973 buf, 20); 974 if (ret <= 0) { 975 BIO_printf(bio_err, "ECDSA verify failure\n"); 976 ERR_print_errors(bio_err); 977 count = -1; 978 break; 979 } 980 } 981 return count; 982 } 983 984 /* ******************************************************************** */ 985 static long ecdh_c[EC_NUM][1]; 986 987 static int ECDH_EVP_derive_key_loop(void *args) 988 { 989 loopargs_t *tempargs = *(loopargs_t **) args; 990 EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum]; 991 unsigned char *derived_secret = tempargs->secret_a; 992 int count; 993 size_t *outlen = &(tempargs->outlen[testnum]); 994 995 for (count = 0; COND(ecdh_c[testnum][0]); count++) 996 EVP_PKEY_derive(ctx, derived_secret, outlen); 997 998 return count; 999 } 1000 1001 static long eddsa_c[EdDSA_NUM][2]; 1002 static int EdDSA_sign_loop(void *args) 1003 { 1004 loopargs_t *tempargs = *(loopargs_t **) args; 1005 unsigned char *buf = tempargs->buf; 1006 EVP_MD_CTX **edctx = tempargs->eddsa_ctx; 1007 unsigned char *eddsasig = tempargs->buf2; 1008 size_t *eddsasigsize = &tempargs->sigsize; 1009 int ret, count; 1010 1011 for (count = 0; COND(eddsa_c[testnum][0]); count++) { 1012 ret = EVP_DigestSignInit(edctx[testnum], NULL, NULL, NULL, NULL); 1013 if (ret == 0) { 1014 BIO_printf(bio_err, "EdDSA sign init failure\n"); 1015 ERR_print_errors(bio_err); 1016 count = -1; 1017 break; 1018 } 1019 ret = EVP_DigestSign(edctx[testnum], eddsasig, eddsasigsize, buf, 20); 1020 if (ret == 0) { 1021 BIO_printf(bio_err, "EdDSA sign failure\n"); 1022 ERR_print_errors(bio_err); 1023 count = -1; 1024 break; 1025 } 1026 } 1027 return count; 1028 } 1029 1030 static int EdDSA_verify_loop(void *args) 1031 { 1032 loopargs_t *tempargs = *(loopargs_t **) args; 1033 unsigned char *buf = tempargs->buf; 1034 EVP_MD_CTX **edctx = tempargs->eddsa_ctx2; 1035 unsigned char *eddsasig = tempargs->buf2; 1036 size_t eddsasigsize = tempargs->sigsize; 1037 int ret, count; 1038 1039 for (count = 0; COND(eddsa_c[testnum][1]); count++) { 1040 ret = EVP_DigestVerifyInit(edctx[testnum], NULL, NULL, NULL, NULL); 1041 if (ret == 0) { 1042 BIO_printf(bio_err, "EdDSA verify init failure\n"); 1043 ERR_print_errors(bio_err); 1044 count = -1; 1045 break; 1046 } 1047 ret = EVP_DigestVerify(edctx[testnum], eddsasig, eddsasigsize, buf, 20); 1048 if (ret != 1) { 1049 BIO_printf(bio_err, "EdDSA verify failure\n"); 1050 ERR_print_errors(bio_err); 1051 count = -1; 1052 break; 1053 } 1054 } 1055 return count; 1056 } 1057 1058 #ifndef OPENSSL_NO_SM2 1059 static long sm2_c[SM2_NUM][2]; 1060 static int SM2_sign_loop(void *args) 1061 { 1062 loopargs_t *tempargs = *(loopargs_t **) args; 1063 unsigned char *buf = tempargs->buf; 1064 EVP_MD_CTX **sm2ctx = tempargs->sm2_ctx; 1065 unsigned char *sm2sig = tempargs->buf2; 1066 size_t sm2sigsize; 1067 int ret, count; 1068 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey; 1069 const size_t max_size = EVP_PKEY_get_size(sm2_pkey[testnum]); 1070 1071 for (count = 0; COND(sm2_c[testnum][0]); count++) { 1072 sm2sigsize = max_size; 1073 1074 if (!EVP_DigestSignInit(sm2ctx[testnum], NULL, EVP_sm3(), 1075 NULL, sm2_pkey[testnum])) { 1076 BIO_printf(bio_err, "SM2 init sign failure\n"); 1077 ERR_print_errors(bio_err); 1078 count = -1; 1079 break; 1080 } 1081 ret = EVP_DigestSign(sm2ctx[testnum], sm2sig, &sm2sigsize, 1082 buf, 20); 1083 if (ret == 0) { 1084 BIO_printf(bio_err, "SM2 sign failure\n"); 1085 ERR_print_errors(bio_err); 1086 count = -1; 1087 break; 1088 } 1089 /* update the latest returned size and always use the fixed buffer size */ 1090 tempargs->sigsize = sm2sigsize; 1091 } 1092 1093 return count; 1094 } 1095 1096 static int SM2_verify_loop(void *args) 1097 { 1098 loopargs_t *tempargs = *(loopargs_t **) args; 1099 unsigned char *buf = tempargs->buf; 1100 EVP_MD_CTX **sm2ctx = tempargs->sm2_vfy_ctx; 1101 unsigned char *sm2sig = tempargs->buf2; 1102 size_t sm2sigsize = tempargs->sigsize; 1103 int ret, count; 1104 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey; 1105 1106 for (count = 0; COND(sm2_c[testnum][1]); count++) { 1107 if (!EVP_DigestVerifyInit(sm2ctx[testnum], NULL, EVP_sm3(), 1108 NULL, sm2_pkey[testnum])) { 1109 BIO_printf(bio_err, "SM2 verify init failure\n"); 1110 ERR_print_errors(bio_err); 1111 count = -1; 1112 break; 1113 } 1114 ret = EVP_DigestVerify(sm2ctx[testnum], sm2sig, sm2sigsize, 1115 buf, 20); 1116 if (ret != 1) { 1117 BIO_printf(bio_err, "SM2 verify failure\n"); 1118 ERR_print_errors(bio_err); 1119 count = -1; 1120 break; 1121 } 1122 } 1123 return count; 1124 } 1125 #endif /* OPENSSL_NO_SM2 */ 1126 1127 static int run_benchmark(int async_jobs, 1128 int (*loop_function) (void *), loopargs_t * loopargs) 1129 { 1130 int job_op_count = 0; 1131 int total_op_count = 0; 1132 int num_inprogress = 0; 1133 int error = 0, i = 0, ret = 0; 1134 OSSL_ASYNC_FD job_fd = 0; 1135 size_t num_job_fds = 0; 1136 1137 if (async_jobs == 0) { 1138 return loop_function((void *)&loopargs); 1139 } 1140 1141 for (i = 0; i < async_jobs && !error; i++) { 1142 loopargs_t *looparg_item = loopargs + i; 1143 1144 /* Copy pointer content (looparg_t item address) into async context */ 1145 ret = ASYNC_start_job(&loopargs[i].inprogress_job, loopargs[i].wait_ctx, 1146 &job_op_count, loop_function, 1147 (void *)&looparg_item, sizeof(looparg_item)); 1148 switch (ret) { 1149 case ASYNC_PAUSE: 1150 ++num_inprogress; 1151 break; 1152 case ASYNC_FINISH: 1153 if (job_op_count == -1) { 1154 error = 1; 1155 } else { 1156 total_op_count += job_op_count; 1157 } 1158 break; 1159 case ASYNC_NO_JOBS: 1160 case ASYNC_ERR: 1161 BIO_printf(bio_err, "Failure in the job\n"); 1162 ERR_print_errors(bio_err); 1163 error = 1; 1164 break; 1165 } 1166 } 1167 1168 while (num_inprogress > 0) { 1169 #if defined(OPENSSL_SYS_WINDOWS) 1170 DWORD avail = 0; 1171 #elif defined(OPENSSL_SYS_UNIX) 1172 int select_result = 0; 1173 OSSL_ASYNC_FD max_fd = 0; 1174 fd_set waitfdset; 1175 1176 FD_ZERO(&waitfdset); 1177 1178 for (i = 0; i < async_jobs && num_inprogress > 0; i++) { 1179 if (loopargs[i].inprogress_job == NULL) 1180 continue; 1181 1182 if (!ASYNC_WAIT_CTX_get_all_fds 1183 (loopargs[i].wait_ctx, NULL, &num_job_fds) 1184 || num_job_fds > 1) { 1185 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n"); 1186 ERR_print_errors(bio_err); 1187 error = 1; 1188 break; 1189 } 1190 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd, 1191 &num_job_fds); 1192 FD_SET(job_fd, &waitfdset); 1193 if (job_fd > max_fd) 1194 max_fd = job_fd; 1195 } 1196 1197 if (max_fd >= (OSSL_ASYNC_FD)FD_SETSIZE) { 1198 BIO_printf(bio_err, 1199 "Error: max_fd (%d) must be smaller than FD_SETSIZE (%d). " 1200 "Decrease the value of async_jobs\n", 1201 max_fd, FD_SETSIZE); 1202 ERR_print_errors(bio_err); 1203 error = 1; 1204 break; 1205 } 1206 1207 select_result = select(max_fd + 1, &waitfdset, NULL, NULL, NULL); 1208 if (select_result == -1 && errno == EINTR) 1209 continue; 1210 1211 if (select_result == -1) { 1212 BIO_printf(bio_err, "Failure in the select\n"); 1213 ERR_print_errors(bio_err); 1214 error = 1; 1215 break; 1216 } 1217 1218 if (select_result == 0) 1219 continue; 1220 #endif 1221 1222 for (i = 0; i < async_jobs; i++) { 1223 if (loopargs[i].inprogress_job == NULL) 1224 continue; 1225 1226 if (!ASYNC_WAIT_CTX_get_all_fds 1227 (loopargs[i].wait_ctx, NULL, &num_job_fds) 1228 || num_job_fds > 1) { 1229 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n"); 1230 ERR_print_errors(bio_err); 1231 error = 1; 1232 break; 1233 } 1234 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd, 1235 &num_job_fds); 1236 1237 #if defined(OPENSSL_SYS_UNIX) 1238 if (num_job_fds == 1 && !FD_ISSET(job_fd, &waitfdset)) 1239 continue; 1240 #elif defined(OPENSSL_SYS_WINDOWS) 1241 if (num_job_fds == 1 1242 && !PeekNamedPipe(job_fd, NULL, 0, NULL, &avail, NULL) 1243 && avail > 0) 1244 continue; 1245 #endif 1246 1247 ret = ASYNC_start_job(&loopargs[i].inprogress_job, 1248 loopargs[i].wait_ctx, &job_op_count, 1249 loop_function, (void *)(loopargs + i), 1250 sizeof(loopargs_t)); 1251 switch (ret) { 1252 case ASYNC_PAUSE: 1253 break; 1254 case ASYNC_FINISH: 1255 if (job_op_count == -1) { 1256 error = 1; 1257 } else { 1258 total_op_count += job_op_count; 1259 } 1260 --num_inprogress; 1261 loopargs[i].inprogress_job = NULL; 1262 break; 1263 case ASYNC_NO_JOBS: 1264 case ASYNC_ERR: 1265 --num_inprogress; 1266 loopargs[i].inprogress_job = NULL; 1267 BIO_printf(bio_err, "Failure in the job\n"); 1268 ERR_print_errors(bio_err); 1269 error = 1; 1270 break; 1271 } 1272 } 1273 } 1274 1275 return error ? -1 : total_op_count; 1276 } 1277 1278 typedef struct ec_curve_st { 1279 const char *name; 1280 unsigned int nid; 1281 unsigned int bits; 1282 size_t sigsize; /* only used for EdDSA curves */ 1283 } EC_CURVE; 1284 1285 static EVP_PKEY *get_ecdsa(const EC_CURVE *curve) 1286 { 1287 EVP_PKEY_CTX *kctx = NULL; 1288 EVP_PKEY *key = NULL; 1289 1290 /* Ensure that the error queue is empty */ 1291 if (ERR_peek_error()) { 1292 BIO_printf(bio_err, 1293 "WARNING: the error queue contains previous unhandled errors.\n"); 1294 ERR_print_errors(bio_err); 1295 } 1296 1297 /* 1298 * Let's try to create a ctx directly from the NID: this works for 1299 * curves like Curve25519 that are not implemented through the low 1300 * level EC interface. 1301 * If this fails we try creating a EVP_PKEY_EC generic param ctx, 1302 * then we set the curve by NID before deriving the actual keygen 1303 * ctx for that specific curve. 1304 */ 1305 kctx = EVP_PKEY_CTX_new_id(curve->nid, NULL); 1306 if (kctx == NULL) { 1307 EVP_PKEY_CTX *pctx = NULL; 1308 EVP_PKEY *params = NULL; 1309 /* 1310 * If we reach this code EVP_PKEY_CTX_new_id() failed and a 1311 * "int_ctx_new:unsupported algorithm" error was added to the 1312 * error queue. 1313 * We remove it from the error queue as we are handling it. 1314 */ 1315 unsigned long error = ERR_peek_error(); 1316 1317 if (error == ERR_peek_last_error() /* oldest and latest errors match */ 1318 /* check that the error origin matches */ 1319 && ERR_GET_LIB(error) == ERR_LIB_EVP 1320 && (ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM 1321 || ERR_GET_REASON(error) == ERR_R_UNSUPPORTED)) 1322 ERR_get_error(); /* pop error from queue */ 1323 if (ERR_peek_error()) { 1324 BIO_printf(bio_err, 1325 "Unhandled error in the error queue during EC key setup.\n"); 1326 ERR_print_errors(bio_err); 1327 return NULL; 1328 } 1329 1330 /* Create the context for parameter generation */ 1331 if ((pctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL)) == NULL 1332 || EVP_PKEY_paramgen_init(pctx) <= 0 1333 || EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, 1334 curve->nid) <= 0 1335 || EVP_PKEY_paramgen(pctx, ¶ms) <= 0) { 1336 BIO_printf(bio_err, "EC params init failure.\n"); 1337 ERR_print_errors(bio_err); 1338 EVP_PKEY_CTX_free(pctx); 1339 return NULL; 1340 } 1341 EVP_PKEY_CTX_free(pctx); 1342 1343 /* Create the context for the key generation */ 1344 kctx = EVP_PKEY_CTX_new(params, NULL); 1345 EVP_PKEY_free(params); 1346 } 1347 if (kctx == NULL 1348 || EVP_PKEY_keygen_init(kctx) <= 0 1349 || EVP_PKEY_keygen(kctx, &key) <= 0) { 1350 BIO_printf(bio_err, "EC key generation failure.\n"); 1351 ERR_print_errors(bio_err); 1352 key = NULL; 1353 } 1354 EVP_PKEY_CTX_free(kctx); 1355 return key; 1356 } 1357 1358 #define stop_it(do_it, test_num)\ 1359 memset(do_it + test_num, 0, OSSL_NELEM(do_it) - test_num); 1360 1361 int speed_main(int argc, char **argv) 1362 { 1363 ENGINE *e = NULL; 1364 loopargs_t *loopargs = NULL; 1365 const char *prog; 1366 const char *engine_id = NULL; 1367 EVP_CIPHER *evp_cipher = NULL; 1368 EVP_MAC *mac = NULL; 1369 double d = 0.0; 1370 OPTION_CHOICE o; 1371 int async_init = 0, multiblock = 0, pr_header = 0; 1372 uint8_t doit[ALGOR_NUM] = { 0 }; 1373 int ret = 1, misalign = 0, lengths_single = 0, aead = 0; 1374 long count = 0; 1375 unsigned int size_num = SIZE_NUM; 1376 unsigned int i, k, loopargs_len = 0, async_jobs = 0; 1377 int keylen; 1378 int buflen; 1379 BIGNUM *bn = NULL; 1380 EVP_PKEY_CTX *genctx = NULL; 1381 #ifndef NO_FORK 1382 int multi = 0; 1383 #endif 1384 long op_count = 1; 1385 openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS, 1386 ECDSA_SECONDS, ECDH_SECONDS, 1387 EdDSA_SECONDS, SM2_SECONDS, 1388 FFDH_SECONDS }; 1389 1390 static const unsigned char key32[32] = { 1391 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 1392 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 1393 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 1394 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56 1395 }; 1396 static const unsigned char deskey[] = { 1397 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, /* key1 */ 1398 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, /* key2 */ 1399 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34 /* key3 */ 1400 }; 1401 static const struct { 1402 const unsigned char *data; 1403 unsigned int length; 1404 unsigned int bits; 1405 } rsa_keys[] = { 1406 { test512, sizeof(test512), 512 }, 1407 { test1024, sizeof(test1024), 1024 }, 1408 { test2048, sizeof(test2048), 2048 }, 1409 { test3072, sizeof(test3072), 3072 }, 1410 { test4096, sizeof(test4096), 4096 }, 1411 { test7680, sizeof(test7680), 7680 }, 1412 { test15360, sizeof(test15360), 15360 } 1413 }; 1414 uint8_t rsa_doit[RSA_NUM] = { 0 }; 1415 int primes = RSA_DEFAULT_PRIME_NUM; 1416 #ifndef OPENSSL_NO_DH 1417 typedef struct ffdh_params_st { 1418 const char *name; 1419 unsigned int nid; 1420 unsigned int bits; 1421 } FFDH_PARAMS; 1422 1423 static const FFDH_PARAMS ffdh_params[FFDH_NUM] = { 1424 {"ffdh2048", NID_ffdhe2048, 2048}, 1425 {"ffdh3072", NID_ffdhe3072, 3072}, 1426 {"ffdh4096", NID_ffdhe4096, 4096}, 1427 {"ffdh6144", NID_ffdhe6144, 6144}, 1428 {"ffdh8192", NID_ffdhe8192, 8192} 1429 }; 1430 uint8_t ffdh_doit[FFDH_NUM] = { 0 }; 1431 1432 #endif /* OPENSSL_NO_DH */ 1433 static const unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 }; 1434 uint8_t dsa_doit[DSA_NUM] = { 0 }; 1435 /* 1436 * We only test over the following curves as they are representative, To 1437 * add tests over more curves, simply add the curve NID and curve name to 1438 * the following arrays and increase the |ecdh_choices| and |ecdsa_choices| 1439 * lists accordingly. 1440 */ 1441 static const EC_CURVE ec_curves[EC_NUM] = { 1442 /* Prime Curves */ 1443 {"secp160r1", NID_secp160r1, 160}, 1444 {"nistp192", NID_X9_62_prime192v1, 192}, 1445 {"nistp224", NID_secp224r1, 224}, 1446 {"nistp256", NID_X9_62_prime256v1, 256}, 1447 {"nistp384", NID_secp384r1, 384}, 1448 {"nistp521", NID_secp521r1, 521}, 1449 #ifndef OPENSSL_NO_EC2M 1450 /* Binary Curves */ 1451 {"nistk163", NID_sect163k1, 163}, 1452 {"nistk233", NID_sect233k1, 233}, 1453 {"nistk283", NID_sect283k1, 283}, 1454 {"nistk409", NID_sect409k1, 409}, 1455 {"nistk571", NID_sect571k1, 571}, 1456 {"nistb163", NID_sect163r2, 163}, 1457 {"nistb233", NID_sect233r1, 233}, 1458 {"nistb283", NID_sect283r1, 283}, 1459 {"nistb409", NID_sect409r1, 409}, 1460 {"nistb571", NID_sect571r1, 571}, 1461 #endif 1462 {"brainpoolP256r1", NID_brainpoolP256r1, 256}, 1463 {"brainpoolP256t1", NID_brainpoolP256t1, 256}, 1464 {"brainpoolP384r1", NID_brainpoolP384r1, 384}, 1465 {"brainpoolP384t1", NID_brainpoolP384t1, 384}, 1466 {"brainpoolP512r1", NID_brainpoolP512r1, 512}, 1467 {"brainpoolP512t1", NID_brainpoolP512t1, 512}, 1468 /* Other and ECDH only ones */ 1469 {"X25519", NID_X25519, 253}, 1470 {"X448", NID_X448, 448} 1471 }; 1472 static const EC_CURVE ed_curves[EdDSA_NUM] = { 1473 /* EdDSA */ 1474 {"Ed25519", NID_ED25519, 253, 64}, 1475 {"Ed448", NID_ED448, 456, 114} 1476 }; 1477 #ifndef OPENSSL_NO_SM2 1478 static const EC_CURVE sm2_curves[SM2_NUM] = { 1479 /* SM2 */ 1480 {"CurveSM2", NID_sm2, 256} 1481 }; 1482 uint8_t sm2_doit[SM2_NUM] = { 0 }; 1483 #endif 1484 uint8_t ecdsa_doit[ECDSA_NUM] = { 0 }; 1485 uint8_t ecdh_doit[EC_NUM] = { 0 }; 1486 uint8_t eddsa_doit[EdDSA_NUM] = { 0 }; 1487 1488 /* checks declarated curves against choices list. */ 1489 OPENSSL_assert(ed_curves[EdDSA_NUM - 1].nid == NID_ED448); 1490 OPENSSL_assert(strcmp(eddsa_choices[EdDSA_NUM - 1].name, "ed448") == 0); 1491 1492 OPENSSL_assert(ec_curves[EC_NUM - 1].nid == NID_X448); 1493 OPENSSL_assert(strcmp(ecdh_choices[EC_NUM - 1].name, "ecdhx448") == 0); 1494 1495 OPENSSL_assert(ec_curves[ECDSA_NUM - 1].nid == NID_brainpoolP512t1); 1496 OPENSSL_assert(strcmp(ecdsa_choices[ECDSA_NUM - 1].name, "ecdsabrp512t1") == 0); 1497 1498 #ifndef OPENSSL_NO_SM2 1499 OPENSSL_assert(sm2_curves[SM2_NUM - 1].nid == NID_sm2); 1500 OPENSSL_assert(strcmp(sm2_choices[SM2_NUM - 1].name, "curveSM2") == 0); 1501 #endif 1502 1503 prog = opt_init(argc, argv, speed_options); 1504 while ((o = opt_next()) != OPT_EOF) { 1505 switch (o) { 1506 case OPT_EOF: 1507 case OPT_ERR: 1508 opterr: 1509 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog); 1510 goto end; 1511 case OPT_HELP: 1512 opt_help(speed_options); 1513 ret = 0; 1514 goto end; 1515 case OPT_ELAPSED: 1516 usertime = 0; 1517 break; 1518 case OPT_EVP: 1519 if (doit[D_EVP]) { 1520 BIO_printf(bio_err, "%s: -evp option cannot be used more than once\n", prog); 1521 goto opterr; 1522 } 1523 ERR_set_mark(); 1524 if (!opt_cipher_silent(opt_arg(), &evp_cipher)) { 1525 if (have_md(opt_arg())) 1526 evp_md_name = opt_arg(); 1527 } 1528 if (evp_cipher == NULL && evp_md_name == NULL) { 1529 ERR_clear_last_mark(); 1530 BIO_printf(bio_err, 1531 "%s: %s is an unknown cipher or digest\n", 1532 prog, opt_arg()); 1533 goto end; 1534 } 1535 ERR_pop_to_mark(); 1536 doit[D_EVP] = 1; 1537 break; 1538 case OPT_HMAC: 1539 if (!have_md(opt_arg())) { 1540 BIO_printf(bio_err, "%s: %s is an unknown digest\n", 1541 prog, opt_arg()); 1542 goto end; 1543 } 1544 evp_mac_mdname = opt_arg(); 1545 doit[D_HMAC] = 1; 1546 break; 1547 case OPT_CMAC: 1548 if (!have_cipher(opt_arg())) { 1549 BIO_printf(bio_err, "%s: %s is an unknown cipher\n", 1550 prog, opt_arg()); 1551 goto end; 1552 } 1553 evp_mac_ciphername = opt_arg(); 1554 doit[D_EVP_CMAC] = 1; 1555 break; 1556 case OPT_DECRYPT: 1557 decrypt = 1; 1558 break; 1559 case OPT_ENGINE: 1560 /* 1561 * In a forked execution, an engine might need to be 1562 * initialised by each child process, not by the parent. 1563 * So store the name here and run setup_engine() later on. 1564 */ 1565 engine_id = opt_arg(); 1566 break; 1567 case OPT_MULTI: 1568 #ifndef NO_FORK 1569 multi = atoi(opt_arg()); 1570 if ((size_t)multi >= SIZE_MAX / sizeof(int)) { 1571 BIO_printf(bio_err, "%s: multi argument too large\n", prog); 1572 return 0; 1573 } 1574 #endif 1575 break; 1576 case OPT_ASYNCJOBS: 1577 #ifndef OPENSSL_NO_ASYNC 1578 async_jobs = atoi(opt_arg()); 1579 if (!ASYNC_is_capable()) { 1580 BIO_printf(bio_err, 1581 "%s: async_jobs specified but async not supported\n", 1582 prog); 1583 goto opterr; 1584 } 1585 if (async_jobs > 99999) { 1586 BIO_printf(bio_err, "%s: too many async_jobs\n", prog); 1587 goto opterr; 1588 } 1589 #endif 1590 break; 1591 case OPT_MISALIGN: 1592 misalign = opt_int_arg(); 1593 if (misalign > MISALIGN) { 1594 BIO_printf(bio_err, 1595 "%s: Maximum offset is %d\n", prog, MISALIGN); 1596 goto opterr; 1597 } 1598 break; 1599 case OPT_MR: 1600 mr = 1; 1601 break; 1602 case OPT_MB: 1603 multiblock = 1; 1604 #ifdef OPENSSL_NO_MULTIBLOCK 1605 BIO_printf(bio_err, 1606 "%s: -mb specified but multi-block support is disabled\n", 1607 prog); 1608 goto end; 1609 #endif 1610 break; 1611 case OPT_R_CASES: 1612 if (!opt_rand(o)) 1613 goto end; 1614 break; 1615 case OPT_PROV_CASES: 1616 if (!opt_provider(o)) 1617 goto end; 1618 break; 1619 case OPT_PRIMES: 1620 primes = opt_int_arg(); 1621 break; 1622 case OPT_SECONDS: 1623 seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa 1624 = seconds.ecdh = seconds.eddsa 1625 = seconds.sm2 = seconds.ffdh = atoi(opt_arg()); 1626 break; 1627 case OPT_BYTES: 1628 lengths_single = atoi(opt_arg()); 1629 lengths = &lengths_single; 1630 size_num = 1; 1631 break; 1632 case OPT_AEAD: 1633 aead = 1; 1634 break; 1635 } 1636 } 1637 1638 /* Remaining arguments are algorithms. */ 1639 argc = opt_num_rest(); 1640 argv = opt_rest(); 1641 1642 if (!app_RAND_load()) 1643 goto end; 1644 1645 for (; *argv; argv++) { 1646 const char *algo = *argv; 1647 1648 if (opt_found(algo, doit_choices, &i)) { 1649 doit[i] = 1; 1650 continue; 1651 } 1652 if (strcmp(algo, "des") == 0) { 1653 doit[D_CBC_DES] = doit[D_EDE3_DES] = 1; 1654 continue; 1655 } 1656 if (strcmp(algo, "sha") == 0) { 1657 doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1; 1658 continue; 1659 } 1660 #ifndef OPENSSL_NO_DEPRECATED_3_0 1661 if (strcmp(algo, "openssl") == 0) /* just for compatibility */ 1662 continue; 1663 #endif 1664 if (strncmp(algo, "rsa", 3) == 0) { 1665 if (algo[3] == '\0') { 1666 memset(rsa_doit, 1, sizeof(rsa_doit)); 1667 continue; 1668 } 1669 if (opt_found(algo, rsa_choices, &i)) { 1670 rsa_doit[i] = 1; 1671 continue; 1672 } 1673 } 1674 #ifndef OPENSSL_NO_DH 1675 if (strncmp(algo, "ffdh", 4) == 0) { 1676 if (algo[4] == '\0') { 1677 memset(ffdh_doit, 1, sizeof(ffdh_doit)); 1678 continue; 1679 } 1680 if (opt_found(algo, ffdh_choices, &i)) { 1681 ffdh_doit[i] = 2; 1682 continue; 1683 } 1684 } 1685 #endif 1686 if (strncmp(algo, "dsa", 3) == 0) { 1687 if (algo[3] == '\0') { 1688 memset(dsa_doit, 1, sizeof(dsa_doit)); 1689 continue; 1690 } 1691 if (opt_found(algo, dsa_choices, &i)) { 1692 dsa_doit[i] = 2; 1693 continue; 1694 } 1695 } 1696 if (strcmp(algo, "aes") == 0) { 1697 doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1; 1698 continue; 1699 } 1700 if (strcmp(algo, "camellia") == 0) { 1701 doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1; 1702 continue; 1703 } 1704 if (strncmp(algo, "ecdsa", 5) == 0) { 1705 if (algo[5] == '\0') { 1706 memset(ecdsa_doit, 1, sizeof(ecdsa_doit)); 1707 continue; 1708 } 1709 if (opt_found(algo, ecdsa_choices, &i)) { 1710 ecdsa_doit[i] = 2; 1711 continue; 1712 } 1713 } 1714 if (strncmp(algo, "ecdh", 4) == 0) { 1715 if (algo[4] == '\0') { 1716 memset(ecdh_doit, 1, sizeof(ecdh_doit)); 1717 continue; 1718 } 1719 if (opt_found(algo, ecdh_choices, &i)) { 1720 ecdh_doit[i] = 2; 1721 continue; 1722 } 1723 } 1724 if (strcmp(algo, "eddsa") == 0) { 1725 memset(eddsa_doit, 1, sizeof(eddsa_doit)); 1726 continue; 1727 } 1728 if (opt_found(algo, eddsa_choices, &i)) { 1729 eddsa_doit[i] = 2; 1730 continue; 1731 } 1732 #ifndef OPENSSL_NO_SM2 1733 if (strcmp(algo, "sm2") == 0) { 1734 memset(sm2_doit, 1, sizeof(sm2_doit)); 1735 continue; 1736 } 1737 if (opt_found(algo, sm2_choices, &i)) { 1738 sm2_doit[i] = 2; 1739 continue; 1740 } 1741 #endif 1742 BIO_printf(bio_err, "%s: Unknown algorithm %s\n", prog, algo); 1743 goto end; 1744 } 1745 1746 /* Sanity checks */ 1747 if (aead) { 1748 if (evp_cipher == NULL) { 1749 BIO_printf(bio_err, "-aead can be used only with an AEAD cipher\n"); 1750 goto end; 1751 } else if (!(EVP_CIPHER_get_flags(evp_cipher) & 1752 EVP_CIPH_FLAG_AEAD_CIPHER)) { 1753 BIO_printf(bio_err, "%s is not an AEAD cipher\n", 1754 EVP_CIPHER_get0_name(evp_cipher)); 1755 goto end; 1756 } 1757 } 1758 if (multiblock) { 1759 if (evp_cipher == NULL) { 1760 BIO_printf(bio_err, "-mb can be used only with a multi-block" 1761 " capable cipher\n"); 1762 goto end; 1763 } else if (!(EVP_CIPHER_get_flags(evp_cipher) & 1764 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) { 1765 BIO_printf(bio_err, "%s is not a multi-block capable\n", 1766 EVP_CIPHER_get0_name(evp_cipher)); 1767 goto end; 1768 } else if (async_jobs > 0) { 1769 BIO_printf(bio_err, "Async mode is not supported with -mb"); 1770 goto end; 1771 } 1772 } 1773 1774 /* Initialize the job pool if async mode is enabled */ 1775 if (async_jobs > 0) { 1776 async_init = ASYNC_init_thread(async_jobs, async_jobs); 1777 if (!async_init) { 1778 BIO_printf(bio_err, "Error creating the ASYNC job pool\n"); 1779 goto end; 1780 } 1781 } 1782 1783 loopargs_len = (async_jobs == 0 ? 1 : async_jobs); 1784 loopargs = 1785 app_malloc(loopargs_len * sizeof(loopargs_t), "array of loopargs"); 1786 memset(loopargs, 0, loopargs_len * sizeof(loopargs_t)); 1787 1788 for (i = 0; i < loopargs_len; i++) { 1789 if (async_jobs > 0) { 1790 loopargs[i].wait_ctx = ASYNC_WAIT_CTX_new(); 1791 if (loopargs[i].wait_ctx == NULL) { 1792 BIO_printf(bio_err, "Error creating the ASYNC_WAIT_CTX\n"); 1793 goto end; 1794 } 1795 } 1796 1797 buflen = lengths[size_num - 1]; 1798 if (buflen < 36) /* size of random vector in RSA benchmark */ 1799 buflen = 36; 1800 if (INT_MAX - (MAX_MISALIGNMENT + 1) < buflen) { 1801 BIO_printf(bio_err, "Error: buffer size too large\n"); 1802 goto end; 1803 } 1804 buflen += MAX_MISALIGNMENT + 1; 1805 loopargs[i].buf_malloc = app_malloc(buflen, "input buffer"); 1806 loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer"); 1807 memset(loopargs[i].buf_malloc, 0, buflen); 1808 memset(loopargs[i].buf2_malloc, 0, buflen); 1809 1810 /* Align the start of buffers on a 64 byte boundary */ 1811 loopargs[i].buf = loopargs[i].buf_malloc + misalign; 1812 loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign; 1813 loopargs[i].buflen = buflen - misalign; 1814 loopargs[i].sigsize = buflen - misalign; 1815 loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a"); 1816 loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b"); 1817 #ifndef OPENSSL_NO_DH 1818 loopargs[i].secret_ff_a = app_malloc(MAX_FFDH_SIZE, "FFDH secret a"); 1819 loopargs[i].secret_ff_b = app_malloc(MAX_FFDH_SIZE, "FFDH secret b"); 1820 #endif 1821 } 1822 1823 #ifndef NO_FORK 1824 if (multi && do_multi(multi, size_num)) 1825 goto show_res; 1826 #endif 1827 1828 /* Initialize the engine after the fork */ 1829 e = setup_engine(engine_id, 0); 1830 1831 /* No parameters; turn on everything. */ 1832 if (argc == 0 && !doit[D_EVP] && !doit[D_HMAC] && !doit[D_EVP_CMAC]) { 1833 memset(doit, 1, sizeof(doit)); 1834 doit[D_EVP] = doit[D_EVP_CMAC] = 0; 1835 ERR_set_mark(); 1836 for (i = D_MD2; i <= D_WHIRLPOOL; i++) { 1837 if (!have_md(names[i])) 1838 doit[i] = 0; 1839 } 1840 for (i = D_CBC_DES; i <= D_CBC_256_CML; i++) { 1841 if (!have_cipher(names[i])) 1842 doit[i] = 0; 1843 } 1844 if ((mac = EVP_MAC_fetch(app_get0_libctx(), "GMAC", 1845 app_get0_propq())) != NULL) { 1846 EVP_MAC_free(mac); 1847 mac = NULL; 1848 } else { 1849 doit[D_GHASH] = 0; 1850 } 1851 if ((mac = EVP_MAC_fetch(app_get0_libctx(), "HMAC", 1852 app_get0_propq())) != NULL) { 1853 EVP_MAC_free(mac); 1854 mac = NULL; 1855 } else { 1856 doit[D_HMAC] = 0; 1857 } 1858 ERR_pop_to_mark(); 1859 memset(rsa_doit, 1, sizeof(rsa_doit)); 1860 #ifndef OPENSSL_NO_DH 1861 memset(ffdh_doit, 1, sizeof(ffdh_doit)); 1862 #endif 1863 memset(dsa_doit, 1, sizeof(dsa_doit)); 1864 memset(ecdsa_doit, 1, sizeof(ecdsa_doit)); 1865 memset(ecdh_doit, 1, sizeof(ecdh_doit)); 1866 memset(eddsa_doit, 1, sizeof(eddsa_doit)); 1867 #ifndef OPENSSL_NO_SM2 1868 memset(sm2_doit, 1, sizeof(sm2_doit)); 1869 #endif 1870 } 1871 for (i = 0; i < ALGOR_NUM; i++) 1872 if (doit[i]) 1873 pr_header++; 1874 1875 if (usertime == 0 && !mr) 1876 BIO_printf(bio_err, 1877 "You have chosen to measure elapsed time " 1878 "instead of user CPU time.\n"); 1879 1880 #if SIGALRM > 0 1881 signal(SIGALRM, alarmed); 1882 #endif 1883 1884 if (doit[D_MD2]) { 1885 for (testnum = 0; testnum < size_num; testnum++) { 1886 print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum], 1887 seconds.sym); 1888 Time_F(START); 1889 count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs); 1890 d = Time_F(STOP); 1891 print_result(D_MD2, testnum, count, d); 1892 if (count < 0) 1893 break; 1894 } 1895 } 1896 1897 if (doit[D_MDC2]) { 1898 for (testnum = 0; testnum < size_num; testnum++) { 1899 print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum], 1900 seconds.sym); 1901 Time_F(START); 1902 count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs); 1903 d = Time_F(STOP); 1904 print_result(D_MDC2, testnum, count, d); 1905 if (count < 0) 1906 break; 1907 } 1908 } 1909 1910 if (doit[D_MD4]) { 1911 for (testnum = 0; testnum < size_num; testnum++) { 1912 print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum], 1913 seconds.sym); 1914 Time_F(START); 1915 count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs); 1916 d = Time_F(STOP); 1917 print_result(D_MD4, testnum, count, d); 1918 if (count < 0) 1919 break; 1920 } 1921 } 1922 1923 if (doit[D_MD5]) { 1924 for (testnum = 0; testnum < size_num; testnum++) { 1925 print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum], 1926 seconds.sym); 1927 Time_F(START); 1928 count = run_benchmark(async_jobs, MD5_loop, loopargs); 1929 d = Time_F(STOP); 1930 print_result(D_MD5, testnum, count, d); 1931 if (count < 0) 1932 break; 1933 } 1934 } 1935 1936 if (doit[D_SHA1]) { 1937 for (testnum = 0; testnum < size_num; testnum++) { 1938 print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum], 1939 seconds.sym); 1940 Time_F(START); 1941 count = run_benchmark(async_jobs, SHA1_loop, loopargs); 1942 d = Time_F(STOP); 1943 print_result(D_SHA1, testnum, count, d); 1944 if (count < 0) 1945 break; 1946 } 1947 } 1948 1949 if (doit[D_SHA256]) { 1950 for (testnum = 0; testnum < size_num; testnum++) { 1951 print_message(names[D_SHA256], c[D_SHA256][testnum], 1952 lengths[testnum], seconds.sym); 1953 Time_F(START); 1954 count = run_benchmark(async_jobs, SHA256_loop, loopargs); 1955 d = Time_F(STOP); 1956 print_result(D_SHA256, testnum, count, d); 1957 if (count < 0) 1958 break; 1959 } 1960 } 1961 1962 if (doit[D_SHA512]) { 1963 for (testnum = 0; testnum < size_num; testnum++) { 1964 print_message(names[D_SHA512], c[D_SHA512][testnum], 1965 lengths[testnum], seconds.sym); 1966 Time_F(START); 1967 count = run_benchmark(async_jobs, SHA512_loop, loopargs); 1968 d = Time_F(STOP); 1969 print_result(D_SHA512, testnum, count, d); 1970 if (count < 0) 1971 break; 1972 } 1973 } 1974 1975 if (doit[D_WHIRLPOOL]) { 1976 for (testnum = 0; testnum < size_num; testnum++) { 1977 print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][testnum], 1978 lengths[testnum], seconds.sym); 1979 Time_F(START); 1980 count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs); 1981 d = Time_F(STOP); 1982 print_result(D_WHIRLPOOL, testnum, count, d); 1983 if (count < 0) 1984 break; 1985 } 1986 } 1987 1988 if (doit[D_RMD160]) { 1989 for (testnum = 0; testnum < size_num; testnum++) { 1990 print_message(names[D_RMD160], c[D_RMD160][testnum], 1991 lengths[testnum], seconds.sym); 1992 Time_F(START); 1993 count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs); 1994 d = Time_F(STOP); 1995 print_result(D_RMD160, testnum, count, d); 1996 if (count < 0) 1997 break; 1998 } 1999 } 2000 2001 if (doit[D_HMAC]) { 2002 static const char hmac_key[] = "This is a key..."; 2003 int len = strlen(hmac_key); 2004 OSSL_PARAM params[3]; 2005 2006 mac = EVP_MAC_fetch(app_get0_libctx(), "HMAC", app_get0_propq()); 2007 if (mac == NULL || evp_mac_mdname == NULL) 2008 goto end; 2009 2010 evp_hmac_name = app_malloc(sizeof("hmac()") + strlen(evp_mac_mdname), 2011 "HMAC name"); 2012 sprintf(evp_hmac_name, "hmac(%s)", evp_mac_mdname); 2013 names[D_HMAC] = evp_hmac_name; 2014 2015 params[0] = 2016 OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, 2017 evp_mac_mdname, 0); 2018 params[1] = 2019 OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, 2020 (char *)hmac_key, len); 2021 params[2] = OSSL_PARAM_construct_end(); 2022 2023 for (i = 0; i < loopargs_len; i++) { 2024 loopargs[i].mctx = EVP_MAC_CTX_new(mac); 2025 if (loopargs[i].mctx == NULL) 2026 goto end; 2027 2028 if (!EVP_MAC_CTX_set_params(loopargs[i].mctx, params)) 2029 goto skip_hmac; /* Digest not found */ 2030 } 2031 for (testnum = 0; testnum < size_num; testnum++) { 2032 print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum], 2033 seconds.sym); 2034 Time_F(START); 2035 count = run_benchmark(async_jobs, HMAC_loop, loopargs); 2036 d = Time_F(STOP); 2037 print_result(D_HMAC, testnum, count, d); 2038 if (count < 0) 2039 break; 2040 } 2041 for (i = 0; i < loopargs_len; i++) 2042 EVP_MAC_CTX_free(loopargs[i].mctx); 2043 EVP_MAC_free(mac); 2044 mac = NULL; 2045 } 2046 skip_hmac: 2047 if (doit[D_CBC_DES]) { 2048 int st = 1; 2049 2050 for (i = 0; st && i < loopargs_len; i++) { 2051 loopargs[i].ctx = init_evp_cipher_ctx("des-cbc", deskey, 2052 sizeof(deskey) / 3); 2053 st = loopargs[i].ctx != NULL; 2054 } 2055 algindex = D_CBC_DES; 2056 for (testnum = 0; st && testnum < size_num; testnum++) { 2057 print_message(names[D_CBC_DES], c[D_CBC_DES][testnum], 2058 lengths[testnum], seconds.sym); 2059 Time_F(START); 2060 count = run_benchmark(async_jobs, EVP_Cipher_loop, loopargs); 2061 d = Time_F(STOP); 2062 print_result(D_CBC_DES, testnum, count, d); 2063 } 2064 for (i = 0; i < loopargs_len; i++) 2065 EVP_CIPHER_CTX_free(loopargs[i].ctx); 2066 } 2067 2068 if (doit[D_EDE3_DES]) { 2069 int st = 1; 2070 2071 for (i = 0; st && i < loopargs_len; i++) { 2072 loopargs[i].ctx = init_evp_cipher_ctx("des-ede3-cbc", deskey, 2073 sizeof(deskey)); 2074 st = loopargs[i].ctx != NULL; 2075 } 2076 algindex = D_EDE3_DES; 2077 for (testnum = 0; st && testnum < size_num; testnum++) { 2078 print_message(names[D_EDE3_DES], c[D_EDE3_DES][testnum], 2079 lengths[testnum], seconds.sym); 2080 Time_F(START); 2081 count = 2082 run_benchmark(async_jobs, EVP_Cipher_loop, loopargs); 2083 d = Time_F(STOP); 2084 print_result(D_EDE3_DES, testnum, count, d); 2085 } 2086 for (i = 0; i < loopargs_len; i++) 2087 EVP_CIPHER_CTX_free(loopargs[i].ctx); 2088 } 2089 2090 for (k = 0; k < 3; k++) { 2091 algindex = D_CBC_128_AES + k; 2092 if (doit[algindex]) { 2093 int st = 1; 2094 2095 keylen = 16 + k * 8; 2096 for (i = 0; st && i < loopargs_len; i++) { 2097 loopargs[i].ctx = init_evp_cipher_ctx(names[algindex], 2098 key32, keylen); 2099 st = loopargs[i].ctx != NULL; 2100 } 2101 2102 for (testnum = 0; st && testnum < size_num; testnum++) { 2103 print_message(names[algindex], c[algindex][testnum], 2104 lengths[testnum], seconds.sym); 2105 Time_F(START); 2106 count = 2107 run_benchmark(async_jobs, EVP_Cipher_loop, loopargs); 2108 d = Time_F(STOP); 2109 print_result(algindex, testnum, count, d); 2110 } 2111 for (i = 0; i < loopargs_len; i++) 2112 EVP_CIPHER_CTX_free(loopargs[i].ctx); 2113 } 2114 } 2115 2116 for (k = 0; k < 3; k++) { 2117 algindex = D_CBC_128_CML + k; 2118 if (doit[algindex]) { 2119 int st = 1; 2120 2121 keylen = 16 + k * 8; 2122 for (i = 0; st && i < loopargs_len; i++) { 2123 loopargs[i].ctx = init_evp_cipher_ctx(names[algindex], 2124 key32, keylen); 2125 st = loopargs[i].ctx != NULL; 2126 } 2127 2128 for (testnum = 0; st && testnum < size_num; testnum++) { 2129 print_message(names[algindex], c[algindex][testnum], 2130 lengths[testnum], seconds.sym); 2131 Time_F(START); 2132 count = 2133 run_benchmark(async_jobs, EVP_Cipher_loop, loopargs); 2134 d = Time_F(STOP); 2135 print_result(algindex, testnum, count, d); 2136 } 2137 for (i = 0; i < loopargs_len; i++) 2138 EVP_CIPHER_CTX_free(loopargs[i].ctx); 2139 } 2140 } 2141 2142 for (algindex = D_RC4; algindex <= D_CBC_CAST; algindex++) { 2143 if (doit[algindex]) { 2144 int st = 1; 2145 2146 keylen = 16; 2147 for (i = 0; st && i < loopargs_len; i++) { 2148 loopargs[i].ctx = init_evp_cipher_ctx(names[algindex], 2149 key32, keylen); 2150 st = loopargs[i].ctx != NULL; 2151 } 2152 2153 for (testnum = 0; st && testnum < size_num; testnum++) { 2154 print_message(names[algindex], c[algindex][testnum], 2155 lengths[testnum], seconds.sym); 2156 Time_F(START); 2157 count = 2158 run_benchmark(async_jobs, EVP_Cipher_loop, loopargs); 2159 d = Time_F(STOP); 2160 print_result(algindex, testnum, count, d); 2161 } 2162 for (i = 0; i < loopargs_len; i++) 2163 EVP_CIPHER_CTX_free(loopargs[i].ctx); 2164 } 2165 } 2166 if (doit[D_GHASH]) { 2167 static const char gmac_iv[] = "0123456789ab"; 2168 OSSL_PARAM params[3]; 2169 2170 mac = EVP_MAC_fetch(app_get0_libctx(), "GMAC", app_get0_propq()); 2171 if (mac == NULL) 2172 goto end; 2173 2174 params[0] = OSSL_PARAM_construct_utf8_string(OSSL_ALG_PARAM_CIPHER, 2175 "aes-128-gcm", 0); 2176 params[1] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_IV, 2177 (char *)gmac_iv, 2178 sizeof(gmac_iv) - 1); 2179 params[2] = OSSL_PARAM_construct_end(); 2180 2181 for (i = 0; i < loopargs_len; i++) { 2182 loopargs[i].mctx = EVP_MAC_CTX_new(mac); 2183 if (loopargs[i].mctx == NULL) 2184 goto end; 2185 2186 if (!EVP_MAC_init(loopargs[i].mctx, key32, 16, params)) 2187 goto end; 2188 } 2189 for (testnum = 0; testnum < size_num; testnum++) { 2190 print_message(names[D_GHASH], c[D_GHASH][testnum], lengths[testnum], 2191 seconds.sym); 2192 Time_F(START); 2193 count = run_benchmark(async_jobs, GHASH_loop, loopargs); 2194 d = Time_F(STOP); 2195 print_result(D_GHASH, testnum, count, d); 2196 if (count < 0) 2197 break; 2198 } 2199 for (i = 0; i < loopargs_len; i++) 2200 EVP_MAC_CTX_free(loopargs[i].mctx); 2201 EVP_MAC_free(mac); 2202 mac = NULL; 2203 } 2204 2205 if (doit[D_RAND]) { 2206 for (testnum = 0; testnum < size_num; testnum++) { 2207 print_message(names[D_RAND], c[D_RAND][testnum], lengths[testnum], 2208 seconds.sym); 2209 Time_F(START); 2210 count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs); 2211 d = Time_F(STOP); 2212 print_result(D_RAND, testnum, count, d); 2213 } 2214 } 2215 2216 if (doit[D_EVP]) { 2217 if (evp_cipher != NULL) { 2218 int (*loopfunc) (void *) = EVP_Update_loop; 2219 2220 if (multiblock && (EVP_CIPHER_get_flags(evp_cipher) & 2221 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) { 2222 multiblock_speed(evp_cipher, lengths_single, &seconds); 2223 ret = 0; 2224 goto end; 2225 } 2226 2227 names[D_EVP] = EVP_CIPHER_get0_name(evp_cipher); 2228 2229 if (EVP_CIPHER_get_mode(evp_cipher) == EVP_CIPH_CCM_MODE) { 2230 loopfunc = EVP_Update_loop_ccm; 2231 } else if (aead && (EVP_CIPHER_get_flags(evp_cipher) & 2232 EVP_CIPH_FLAG_AEAD_CIPHER)) { 2233 loopfunc = EVP_Update_loop_aead; 2234 if (lengths == lengths_list) { 2235 lengths = aead_lengths_list; 2236 size_num = OSSL_NELEM(aead_lengths_list); 2237 } 2238 } 2239 2240 for (testnum = 0; testnum < size_num; testnum++) { 2241 print_message(names[D_EVP], c[D_EVP][testnum], lengths[testnum], 2242 seconds.sym); 2243 2244 for (k = 0; k < loopargs_len; k++) { 2245 loopargs[k].ctx = EVP_CIPHER_CTX_new(); 2246 if (loopargs[k].ctx == NULL) { 2247 BIO_printf(bio_err, "\nEVP_CIPHER_CTX_new failure\n"); 2248 exit(1); 2249 } 2250 if (!EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL, 2251 NULL, iv, decrypt ? 0 : 1)) { 2252 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n"); 2253 ERR_print_errors(bio_err); 2254 exit(1); 2255 } 2256 2257 EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0); 2258 2259 keylen = EVP_CIPHER_CTX_get_key_length(loopargs[k].ctx); 2260 loopargs[k].key = app_malloc(keylen, "evp_cipher key"); 2261 EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key); 2262 if (!EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL, 2263 loopargs[k].key, NULL, -1)) { 2264 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n"); 2265 ERR_print_errors(bio_err); 2266 exit(1); 2267 } 2268 OPENSSL_clear_free(loopargs[k].key, keylen); 2269 2270 /* SIV mode only allows for a single Update operation */ 2271 if (EVP_CIPHER_get_mode(evp_cipher) == EVP_CIPH_SIV_MODE) 2272 (void)EVP_CIPHER_CTX_ctrl(loopargs[k].ctx, 2273 EVP_CTRL_SET_SPEED, 1, NULL); 2274 } 2275 2276 Time_F(START); 2277 count = run_benchmark(async_jobs, loopfunc, loopargs); 2278 d = Time_F(STOP); 2279 for (k = 0; k < loopargs_len; k++) 2280 EVP_CIPHER_CTX_free(loopargs[k].ctx); 2281 print_result(D_EVP, testnum, count, d); 2282 } 2283 } else if (evp_md_name != NULL) { 2284 names[D_EVP] = evp_md_name; 2285 2286 for (testnum = 0; testnum < size_num; testnum++) { 2287 print_message(names[D_EVP], c[D_EVP][testnum], lengths[testnum], 2288 seconds.sym); 2289 Time_F(START); 2290 count = run_benchmark(async_jobs, EVP_Digest_md_loop, loopargs); 2291 d = Time_F(STOP); 2292 print_result(D_EVP, testnum, count, d); 2293 if (count < 0) 2294 break; 2295 } 2296 } 2297 } 2298 2299 if (doit[D_EVP_CMAC]) { 2300 OSSL_PARAM params[3]; 2301 EVP_CIPHER *cipher = NULL; 2302 2303 mac = EVP_MAC_fetch(app_get0_libctx(), "CMAC", app_get0_propq()); 2304 if (mac == NULL || evp_mac_ciphername == NULL) 2305 goto end; 2306 if (!opt_cipher(evp_mac_ciphername, &cipher)) 2307 goto end; 2308 2309 keylen = EVP_CIPHER_get_key_length(cipher); 2310 EVP_CIPHER_free(cipher); 2311 if (keylen <= 0 || keylen > (int)sizeof(key32)) { 2312 BIO_printf(bio_err, "\nRequested CMAC cipher with unsupported key length.\n"); 2313 goto end; 2314 } 2315 evp_cmac_name = app_malloc(sizeof("cmac()") 2316 + strlen(evp_mac_ciphername), "CMAC name"); 2317 sprintf(evp_cmac_name, "cmac(%s)", evp_mac_ciphername); 2318 names[D_EVP_CMAC] = evp_cmac_name; 2319 2320 params[0] = OSSL_PARAM_construct_utf8_string(OSSL_ALG_PARAM_CIPHER, 2321 evp_mac_ciphername, 0); 2322 params[1] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, 2323 (char *)key32, keylen); 2324 params[2] = OSSL_PARAM_construct_end(); 2325 2326 for (i = 0; i < loopargs_len; i++) { 2327 loopargs[i].mctx = EVP_MAC_CTX_new(mac); 2328 if (loopargs[i].mctx == NULL) 2329 goto end; 2330 2331 if (!EVP_MAC_CTX_set_params(loopargs[i].mctx, params)) 2332 goto end; 2333 } 2334 2335 for (testnum = 0; testnum < size_num; testnum++) { 2336 print_message(names[D_EVP_CMAC], c[D_EVP_CMAC][testnum], 2337 lengths[testnum], seconds.sym); 2338 Time_F(START); 2339 count = run_benchmark(async_jobs, CMAC_loop, loopargs); 2340 d = Time_F(STOP); 2341 print_result(D_EVP_CMAC, testnum, count, d); 2342 if (count < 0) 2343 break; 2344 } 2345 for (i = 0; i < loopargs_len; i++) 2346 EVP_MAC_CTX_free(loopargs[i].mctx); 2347 EVP_MAC_free(mac); 2348 mac = NULL; 2349 } 2350 2351 for (i = 0; i < loopargs_len; i++) 2352 if (RAND_bytes(loopargs[i].buf, 36) <= 0) 2353 goto end; 2354 2355 for (testnum = 0; testnum < RSA_NUM; testnum++) { 2356 EVP_PKEY *rsa_key = NULL; 2357 int st = 0; 2358 2359 if (!rsa_doit[testnum]) 2360 continue; 2361 2362 if (primes > RSA_DEFAULT_PRIME_NUM) { 2363 /* we haven't set keys yet, generate multi-prime RSA keys */ 2364 bn = BN_new(); 2365 st = bn != NULL 2366 && BN_set_word(bn, RSA_F4) 2367 && init_gen_str(&genctx, "RSA", NULL, 0, NULL, NULL) 2368 && EVP_PKEY_CTX_set_rsa_keygen_bits(genctx, rsa_keys[testnum].bits) > 0 2369 && EVP_PKEY_CTX_set1_rsa_keygen_pubexp(genctx, bn) > 0 2370 && EVP_PKEY_CTX_set_rsa_keygen_primes(genctx, primes) > 0 2371 && EVP_PKEY_keygen(genctx, &rsa_key); 2372 BN_free(bn); 2373 bn = NULL; 2374 EVP_PKEY_CTX_free(genctx); 2375 genctx = NULL; 2376 } else { 2377 const unsigned char *p = rsa_keys[testnum].data; 2378 2379 st = (rsa_key = d2i_PrivateKey(EVP_PKEY_RSA, NULL, &p, 2380 rsa_keys[testnum].length)) != NULL; 2381 } 2382 2383 for (i = 0; st && i < loopargs_len; i++) { 2384 loopargs[i].rsa_sign_ctx[testnum] = EVP_PKEY_CTX_new(rsa_key, NULL); 2385 loopargs[i].sigsize = loopargs[i].buflen; 2386 if (loopargs[i].rsa_sign_ctx[testnum] == NULL 2387 || EVP_PKEY_sign_init(loopargs[i].rsa_sign_ctx[testnum]) <= 0 2388 || EVP_PKEY_sign(loopargs[i].rsa_sign_ctx[testnum], 2389 loopargs[i].buf2, 2390 &loopargs[i].sigsize, 2391 loopargs[i].buf, 36) <= 0) 2392 st = 0; 2393 } 2394 if (!st) { 2395 BIO_printf(bio_err, 2396 "RSA sign setup failure. No RSA sign will be done.\n"); 2397 ERR_print_errors(bio_err); 2398 op_count = 1; 2399 } else { 2400 pkey_print_message("private", "rsa", 2401 rsa_c[testnum][0], rsa_keys[testnum].bits, 2402 seconds.rsa); 2403 /* RSA_blinding_on(rsa_key[testnum],NULL); */ 2404 Time_F(START); 2405 count = run_benchmark(async_jobs, RSA_sign_loop, loopargs); 2406 d = Time_F(STOP); 2407 BIO_printf(bio_err, 2408 mr ? "+R1:%ld:%d:%.2f\n" 2409 : "%ld %u bits private RSA's in %.2fs\n", 2410 count, rsa_keys[testnum].bits, d); 2411 rsa_results[testnum][0] = (double)count / d; 2412 op_count = count; 2413 } 2414 2415 for (i = 0; st && i < loopargs_len; i++) { 2416 loopargs[i].rsa_verify_ctx[testnum] = EVP_PKEY_CTX_new(rsa_key, 2417 NULL); 2418 if (loopargs[i].rsa_verify_ctx[testnum] == NULL 2419 || EVP_PKEY_verify_init(loopargs[i].rsa_verify_ctx[testnum]) <= 0 2420 || EVP_PKEY_verify(loopargs[i].rsa_verify_ctx[testnum], 2421 loopargs[i].buf2, 2422 loopargs[i].sigsize, 2423 loopargs[i].buf, 36) <= 0) 2424 st = 0; 2425 } 2426 if (!st) { 2427 BIO_printf(bio_err, 2428 "RSA verify setup failure. No RSA verify will be done.\n"); 2429 ERR_print_errors(bio_err); 2430 rsa_doit[testnum] = 0; 2431 } else { 2432 pkey_print_message("public", "rsa", 2433 rsa_c[testnum][1], rsa_keys[testnum].bits, 2434 seconds.rsa); 2435 Time_F(START); 2436 count = run_benchmark(async_jobs, RSA_verify_loop, loopargs); 2437 d = Time_F(STOP); 2438 BIO_printf(bio_err, 2439 mr ? "+R2:%ld:%d:%.2f\n" 2440 : "%ld %u bits public RSA's in %.2fs\n", 2441 count, rsa_keys[testnum].bits, d); 2442 rsa_results[testnum][1] = (double)count / d; 2443 } 2444 2445 if (op_count <= 1) { 2446 /* if longer than 10s, don't do any more */ 2447 stop_it(rsa_doit, testnum); 2448 } 2449 EVP_PKEY_free(rsa_key); 2450 } 2451 2452 for (testnum = 0; testnum < DSA_NUM; testnum++) { 2453 EVP_PKEY *dsa_key = NULL; 2454 int st; 2455 2456 if (!dsa_doit[testnum]) 2457 continue; 2458 2459 st = (dsa_key = get_dsa(dsa_bits[testnum])) != NULL; 2460 2461 for (i = 0; st && i < loopargs_len; i++) { 2462 loopargs[i].dsa_sign_ctx[testnum] = EVP_PKEY_CTX_new(dsa_key, 2463 NULL); 2464 loopargs[i].sigsize = loopargs[i].buflen; 2465 if (loopargs[i].dsa_sign_ctx[testnum] == NULL 2466 || EVP_PKEY_sign_init(loopargs[i].dsa_sign_ctx[testnum]) <= 0 2467 2468 || EVP_PKEY_sign(loopargs[i].dsa_sign_ctx[testnum], 2469 loopargs[i].buf2, 2470 &loopargs[i].sigsize, 2471 loopargs[i].buf, 20) <= 0) 2472 st = 0; 2473 } 2474 if (!st) { 2475 BIO_printf(bio_err, 2476 "DSA sign setup failure. No DSA sign will be done.\n"); 2477 ERR_print_errors(bio_err); 2478 op_count = 1; 2479 } else { 2480 pkey_print_message("sign", "dsa", 2481 dsa_c[testnum][0], dsa_bits[testnum], 2482 seconds.dsa); 2483 Time_F(START); 2484 count = run_benchmark(async_jobs, DSA_sign_loop, loopargs); 2485 d = Time_F(STOP); 2486 BIO_printf(bio_err, 2487 mr ? "+R3:%ld:%u:%.2f\n" 2488 : "%ld %u bits DSA signs in %.2fs\n", 2489 count, dsa_bits[testnum], d); 2490 dsa_results[testnum][0] = (double)count / d; 2491 op_count = count; 2492 } 2493 2494 for (i = 0; st && i < loopargs_len; i++) { 2495 loopargs[i].dsa_verify_ctx[testnum] = EVP_PKEY_CTX_new(dsa_key, 2496 NULL); 2497 if (loopargs[i].dsa_verify_ctx[testnum] == NULL 2498 || EVP_PKEY_verify_init(loopargs[i].dsa_verify_ctx[testnum]) <= 0 2499 || EVP_PKEY_verify(loopargs[i].dsa_verify_ctx[testnum], 2500 loopargs[i].buf2, 2501 loopargs[i].sigsize, 2502 loopargs[i].buf, 36) <= 0) 2503 st = 0; 2504 } 2505 if (!st) { 2506 BIO_printf(bio_err, 2507 "DSA verify setup failure. No DSA verify will be done.\n"); 2508 ERR_print_errors(bio_err); 2509 dsa_doit[testnum] = 0; 2510 } else { 2511 pkey_print_message("verify", "dsa", 2512 dsa_c[testnum][1], dsa_bits[testnum], 2513 seconds.dsa); 2514 Time_F(START); 2515 count = run_benchmark(async_jobs, DSA_verify_loop, loopargs); 2516 d = Time_F(STOP); 2517 BIO_printf(bio_err, 2518 mr ? "+R4:%ld:%u:%.2f\n" 2519 : "%ld %u bits DSA verify in %.2fs\n", 2520 count, dsa_bits[testnum], d); 2521 dsa_results[testnum][1] = (double)count / d; 2522 } 2523 2524 if (op_count <= 1) { 2525 /* if longer than 10s, don't do any more */ 2526 stop_it(dsa_doit, testnum); 2527 } 2528 EVP_PKEY_free(dsa_key); 2529 } 2530 2531 for (testnum = 0; testnum < ECDSA_NUM; testnum++) { 2532 EVP_PKEY *ecdsa_key = NULL; 2533 int st; 2534 2535 if (!ecdsa_doit[testnum]) 2536 continue; 2537 2538 st = (ecdsa_key = get_ecdsa(&ec_curves[testnum])) != NULL; 2539 2540 for (i = 0; st && i < loopargs_len; i++) { 2541 loopargs[i].ecdsa_sign_ctx[testnum] = EVP_PKEY_CTX_new(ecdsa_key, 2542 NULL); 2543 loopargs[i].sigsize = loopargs[i].buflen; 2544 if (loopargs[i].ecdsa_sign_ctx[testnum] == NULL 2545 || EVP_PKEY_sign_init(loopargs[i].ecdsa_sign_ctx[testnum]) <= 0 2546 2547 || EVP_PKEY_sign(loopargs[i].ecdsa_sign_ctx[testnum], 2548 loopargs[i].buf2, 2549 &loopargs[i].sigsize, 2550 loopargs[i].buf, 20) <= 0) 2551 st = 0; 2552 } 2553 if (!st) { 2554 BIO_printf(bio_err, 2555 "ECDSA sign setup failure. No ECDSA sign will be done.\n"); 2556 ERR_print_errors(bio_err); 2557 op_count = 1; 2558 } else { 2559 pkey_print_message("sign", "ecdsa", 2560 ecdsa_c[testnum][0], ec_curves[testnum].bits, 2561 seconds.ecdsa); 2562 Time_F(START); 2563 count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs); 2564 d = Time_F(STOP); 2565 BIO_printf(bio_err, 2566 mr ? "+R5:%ld:%u:%.2f\n" 2567 : "%ld %u bits ECDSA signs in %.2fs\n", 2568 count, ec_curves[testnum].bits, d); 2569 ecdsa_results[testnum][0] = (double)count / d; 2570 op_count = count; 2571 } 2572 2573 for (i = 0; st && i < loopargs_len; i++) { 2574 loopargs[i].ecdsa_verify_ctx[testnum] = EVP_PKEY_CTX_new(ecdsa_key, 2575 NULL); 2576 if (loopargs[i].ecdsa_verify_ctx[testnum] == NULL 2577 || EVP_PKEY_verify_init(loopargs[i].ecdsa_verify_ctx[testnum]) <= 0 2578 || EVP_PKEY_verify(loopargs[i].ecdsa_verify_ctx[testnum], 2579 loopargs[i].buf2, 2580 loopargs[i].sigsize, 2581 loopargs[i].buf, 20) <= 0) 2582 st = 0; 2583 } 2584 if (!st) { 2585 BIO_printf(bio_err, 2586 "ECDSA verify setup failure. No ECDSA verify will be done.\n"); 2587 ERR_print_errors(bio_err); 2588 ecdsa_doit[testnum] = 0; 2589 } else { 2590 pkey_print_message("verify", "ecdsa", 2591 ecdsa_c[testnum][1], ec_curves[testnum].bits, 2592 seconds.ecdsa); 2593 Time_F(START); 2594 count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs); 2595 d = Time_F(STOP); 2596 BIO_printf(bio_err, 2597 mr ? "+R6:%ld:%u:%.2f\n" 2598 : "%ld %u bits ECDSA verify in %.2fs\n", 2599 count, ec_curves[testnum].bits, d); 2600 ecdsa_results[testnum][1] = (double)count / d; 2601 } 2602 2603 if (op_count <= 1) { 2604 /* if longer than 10s, don't do any more */ 2605 stop_it(ecdsa_doit, testnum); 2606 } 2607 } 2608 2609 for (testnum = 0; testnum < EC_NUM; testnum++) { 2610 int ecdh_checks = 1; 2611 2612 if (!ecdh_doit[testnum]) 2613 continue; 2614 2615 for (i = 0; i < loopargs_len; i++) { 2616 EVP_PKEY_CTX *test_ctx = NULL; 2617 EVP_PKEY_CTX *ctx = NULL; 2618 EVP_PKEY *key_A = NULL; 2619 EVP_PKEY *key_B = NULL; 2620 size_t outlen; 2621 size_t test_outlen; 2622 2623 if ((key_A = get_ecdsa(&ec_curves[testnum])) == NULL /* generate secret key A */ 2624 || (key_B = get_ecdsa(&ec_curves[testnum])) == NULL /* generate secret key B */ 2625 || (ctx = EVP_PKEY_CTX_new(key_A, NULL)) == NULL /* derivation ctx from skeyA */ 2626 || EVP_PKEY_derive_init(ctx) <= 0 /* init derivation ctx */ 2627 || EVP_PKEY_derive_set_peer(ctx, key_B) <= 0 /* set peer pubkey in ctx */ 2628 || EVP_PKEY_derive(ctx, NULL, &outlen) <= 0 /* determine max length */ 2629 || outlen == 0 /* ensure outlen is a valid size */ 2630 || outlen > MAX_ECDH_SIZE /* avoid buffer overflow */) { 2631 ecdh_checks = 0; 2632 BIO_printf(bio_err, "ECDH key generation failure.\n"); 2633 ERR_print_errors(bio_err); 2634 op_count = 1; 2635 break; 2636 } 2637 2638 /* 2639 * Here we perform a test run, comparing the output of a*B and b*A; 2640 * we try this here and assume that further EVP_PKEY_derive calls 2641 * never fail, so we can skip checks in the actually benchmarked 2642 * code, for maximum performance. 2643 */ 2644 if ((test_ctx = EVP_PKEY_CTX_new(key_B, NULL)) == NULL /* test ctx from skeyB */ 2645 || EVP_PKEY_derive_init(test_ctx) <= 0 /* init derivation test_ctx */ 2646 || EVP_PKEY_derive_set_peer(test_ctx, key_A) <= 0 /* set peer pubkey in test_ctx */ 2647 || EVP_PKEY_derive(test_ctx, NULL, &test_outlen) <= 0 /* determine max length */ 2648 || EVP_PKEY_derive(ctx, loopargs[i].secret_a, &outlen) <= 0 /* compute a*B */ 2649 || EVP_PKEY_derive(test_ctx, loopargs[i].secret_b, &test_outlen) <= 0 /* compute b*A */ 2650 || test_outlen != outlen /* compare output length */) { 2651 ecdh_checks = 0; 2652 BIO_printf(bio_err, "ECDH computation failure.\n"); 2653 ERR_print_errors(bio_err); 2654 op_count = 1; 2655 break; 2656 } 2657 2658 /* Compare the computation results: CRYPTO_memcmp() returns 0 if equal */ 2659 if (CRYPTO_memcmp(loopargs[i].secret_a, 2660 loopargs[i].secret_b, outlen)) { 2661 ecdh_checks = 0; 2662 BIO_printf(bio_err, "ECDH computations don't match.\n"); 2663 ERR_print_errors(bio_err); 2664 op_count = 1; 2665 break; 2666 } 2667 2668 loopargs[i].ecdh_ctx[testnum] = ctx; 2669 loopargs[i].outlen[testnum] = outlen; 2670 2671 EVP_PKEY_free(key_A); 2672 EVP_PKEY_free(key_B); 2673 EVP_PKEY_CTX_free(test_ctx); 2674 test_ctx = NULL; 2675 } 2676 if (ecdh_checks != 0) { 2677 pkey_print_message("", "ecdh", 2678 ecdh_c[testnum][0], 2679 ec_curves[testnum].bits, seconds.ecdh); 2680 Time_F(START); 2681 count = 2682 run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs); 2683 d = Time_F(STOP); 2684 BIO_printf(bio_err, 2685 mr ? "+R7:%ld:%d:%.2f\n" : 2686 "%ld %u-bits ECDH ops in %.2fs\n", count, 2687 ec_curves[testnum].bits, d); 2688 ecdh_results[testnum][0] = (double)count / d; 2689 op_count = count; 2690 } 2691 2692 if (op_count <= 1) { 2693 /* if longer than 10s, don't do any more */ 2694 stop_it(ecdh_doit, testnum); 2695 } 2696 } 2697 2698 for (testnum = 0; testnum < EdDSA_NUM; testnum++) { 2699 int st = 1; 2700 EVP_PKEY *ed_pkey = NULL; 2701 EVP_PKEY_CTX *ed_pctx = NULL; 2702 2703 if (!eddsa_doit[testnum]) 2704 continue; /* Ignore Curve */ 2705 for (i = 0; i < loopargs_len; i++) { 2706 loopargs[i].eddsa_ctx[testnum] = EVP_MD_CTX_new(); 2707 if (loopargs[i].eddsa_ctx[testnum] == NULL) { 2708 st = 0; 2709 break; 2710 } 2711 loopargs[i].eddsa_ctx2[testnum] = EVP_MD_CTX_new(); 2712 if (loopargs[i].eddsa_ctx2[testnum] == NULL) { 2713 st = 0; 2714 break; 2715 } 2716 2717 if ((ed_pctx = EVP_PKEY_CTX_new_id(ed_curves[testnum].nid, 2718 NULL)) == NULL 2719 || EVP_PKEY_keygen_init(ed_pctx) <= 0 2720 || EVP_PKEY_keygen(ed_pctx, &ed_pkey) <= 0) { 2721 st = 0; 2722 EVP_PKEY_CTX_free(ed_pctx); 2723 break; 2724 } 2725 EVP_PKEY_CTX_free(ed_pctx); 2726 2727 if (!EVP_DigestSignInit(loopargs[i].eddsa_ctx[testnum], NULL, NULL, 2728 NULL, ed_pkey)) { 2729 st = 0; 2730 EVP_PKEY_free(ed_pkey); 2731 break; 2732 } 2733 if (!EVP_DigestVerifyInit(loopargs[i].eddsa_ctx2[testnum], NULL, 2734 NULL, NULL, ed_pkey)) { 2735 st = 0; 2736 EVP_PKEY_free(ed_pkey); 2737 break; 2738 } 2739 2740 EVP_PKEY_free(ed_pkey); 2741 ed_pkey = NULL; 2742 } 2743 if (st == 0) { 2744 BIO_printf(bio_err, "EdDSA failure.\n"); 2745 ERR_print_errors(bio_err); 2746 op_count = 1; 2747 } else { 2748 for (i = 0; i < loopargs_len; i++) { 2749 /* Perform EdDSA signature test */ 2750 loopargs[i].sigsize = ed_curves[testnum].sigsize; 2751 st = EVP_DigestSign(loopargs[i].eddsa_ctx[testnum], 2752 loopargs[i].buf2, &loopargs[i].sigsize, 2753 loopargs[i].buf, 20); 2754 if (st == 0) 2755 break; 2756 } 2757 if (st == 0) { 2758 BIO_printf(bio_err, 2759 "EdDSA sign failure. No EdDSA sign will be done.\n"); 2760 ERR_print_errors(bio_err); 2761 op_count = 1; 2762 } else { 2763 pkey_print_message("sign", ed_curves[testnum].name, 2764 eddsa_c[testnum][0], 2765 ed_curves[testnum].bits, seconds.eddsa); 2766 Time_F(START); 2767 count = run_benchmark(async_jobs, EdDSA_sign_loop, loopargs); 2768 d = Time_F(STOP); 2769 2770 BIO_printf(bio_err, 2771 mr ? "+R8:%ld:%u:%s:%.2f\n" : 2772 "%ld %u bits %s signs in %.2fs \n", 2773 count, ed_curves[testnum].bits, 2774 ed_curves[testnum].name, d); 2775 eddsa_results[testnum][0] = (double)count / d; 2776 op_count = count; 2777 } 2778 /* Perform EdDSA verification test */ 2779 for (i = 0; i < loopargs_len; i++) { 2780 st = EVP_DigestVerify(loopargs[i].eddsa_ctx2[testnum], 2781 loopargs[i].buf2, loopargs[i].sigsize, 2782 loopargs[i].buf, 20); 2783 if (st != 1) 2784 break; 2785 } 2786 if (st != 1) { 2787 BIO_printf(bio_err, 2788 "EdDSA verify failure. No EdDSA verify will be done.\n"); 2789 ERR_print_errors(bio_err); 2790 eddsa_doit[testnum] = 0; 2791 } else { 2792 pkey_print_message("verify", ed_curves[testnum].name, 2793 eddsa_c[testnum][1], 2794 ed_curves[testnum].bits, seconds.eddsa); 2795 Time_F(START); 2796 count = run_benchmark(async_jobs, EdDSA_verify_loop, loopargs); 2797 d = Time_F(STOP); 2798 BIO_printf(bio_err, 2799 mr ? "+R9:%ld:%u:%s:%.2f\n" 2800 : "%ld %u bits %s verify in %.2fs\n", 2801 count, ed_curves[testnum].bits, 2802 ed_curves[testnum].name, d); 2803 eddsa_results[testnum][1] = (double)count / d; 2804 } 2805 2806 if (op_count <= 1) { 2807 /* if longer than 10s, don't do any more */ 2808 stop_it(eddsa_doit, testnum); 2809 } 2810 } 2811 } 2812 2813 #ifndef OPENSSL_NO_SM2 2814 for (testnum = 0; testnum < SM2_NUM; testnum++) { 2815 int st = 1; 2816 EVP_PKEY *sm2_pkey = NULL; 2817 2818 if (!sm2_doit[testnum]) 2819 continue; /* Ignore Curve */ 2820 /* Init signing and verification */ 2821 for (i = 0; i < loopargs_len; i++) { 2822 EVP_PKEY_CTX *sm2_pctx = NULL; 2823 EVP_PKEY_CTX *sm2_vfy_pctx = NULL; 2824 EVP_PKEY_CTX *pctx = NULL; 2825 st = 0; 2826 2827 loopargs[i].sm2_ctx[testnum] = EVP_MD_CTX_new(); 2828 loopargs[i].sm2_vfy_ctx[testnum] = EVP_MD_CTX_new(); 2829 if (loopargs[i].sm2_ctx[testnum] == NULL 2830 || loopargs[i].sm2_vfy_ctx[testnum] == NULL) 2831 break; 2832 2833 sm2_pkey = NULL; 2834 2835 st = !((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SM2, NULL)) == NULL 2836 || EVP_PKEY_keygen_init(pctx) <= 0 2837 || EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, 2838 sm2_curves[testnum].nid) <= 0 2839 || EVP_PKEY_keygen(pctx, &sm2_pkey) <= 0); 2840 EVP_PKEY_CTX_free(pctx); 2841 if (st == 0) 2842 break; 2843 2844 st = 0; /* set back to zero */ 2845 /* attach it sooner to rely on main final cleanup */ 2846 loopargs[i].sm2_pkey[testnum] = sm2_pkey; 2847 loopargs[i].sigsize = EVP_PKEY_get_size(sm2_pkey); 2848 2849 sm2_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL); 2850 sm2_vfy_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL); 2851 if (sm2_pctx == NULL || sm2_vfy_pctx == NULL) { 2852 EVP_PKEY_CTX_free(sm2_vfy_pctx); 2853 break; 2854 } 2855 2856 /* attach them directly to respective ctx */ 2857 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_ctx[testnum], sm2_pctx); 2858 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_vfy_ctx[testnum], sm2_vfy_pctx); 2859 2860 /* 2861 * No need to allow user to set an explicit ID here, just use 2862 * the one defined in the 'draft-yang-tls-tl13-sm-suites' I-D. 2863 */ 2864 if (EVP_PKEY_CTX_set1_id(sm2_pctx, SM2_ID, SM2_ID_LEN) != 1 2865 || EVP_PKEY_CTX_set1_id(sm2_vfy_pctx, SM2_ID, SM2_ID_LEN) != 1) 2866 break; 2867 2868 if (!EVP_DigestSignInit(loopargs[i].sm2_ctx[testnum], NULL, 2869 EVP_sm3(), NULL, sm2_pkey)) 2870 break; 2871 if (!EVP_DigestVerifyInit(loopargs[i].sm2_vfy_ctx[testnum], NULL, 2872 EVP_sm3(), NULL, sm2_pkey)) 2873 break; 2874 st = 1; /* mark loop as succeeded */ 2875 } 2876 if (st == 0) { 2877 BIO_printf(bio_err, "SM2 init failure.\n"); 2878 ERR_print_errors(bio_err); 2879 op_count = 1; 2880 } else { 2881 for (i = 0; i < loopargs_len; i++) { 2882 /* Perform SM2 signature test */ 2883 st = EVP_DigestSign(loopargs[i].sm2_ctx[testnum], 2884 loopargs[i].buf2, &loopargs[i].sigsize, 2885 loopargs[i].buf, 20); 2886 if (st == 0) 2887 break; 2888 } 2889 if (st == 0) { 2890 BIO_printf(bio_err, 2891 "SM2 sign failure. No SM2 sign will be done.\n"); 2892 ERR_print_errors(bio_err); 2893 op_count = 1; 2894 } else { 2895 pkey_print_message("sign", sm2_curves[testnum].name, 2896 sm2_c[testnum][0], 2897 sm2_curves[testnum].bits, seconds.sm2); 2898 Time_F(START); 2899 count = run_benchmark(async_jobs, SM2_sign_loop, loopargs); 2900 d = Time_F(STOP); 2901 2902 BIO_printf(bio_err, 2903 mr ? "+R10:%ld:%u:%s:%.2f\n" : 2904 "%ld %u bits %s signs in %.2fs \n", 2905 count, sm2_curves[testnum].bits, 2906 sm2_curves[testnum].name, d); 2907 sm2_results[testnum][0] = (double)count / d; 2908 op_count = count; 2909 } 2910 2911 /* Perform SM2 verification test */ 2912 for (i = 0; i < loopargs_len; i++) { 2913 st = EVP_DigestVerify(loopargs[i].sm2_vfy_ctx[testnum], 2914 loopargs[i].buf2, loopargs[i].sigsize, 2915 loopargs[i].buf, 20); 2916 if (st != 1) 2917 break; 2918 } 2919 if (st != 1) { 2920 BIO_printf(bio_err, 2921 "SM2 verify failure. No SM2 verify will be done.\n"); 2922 ERR_print_errors(bio_err); 2923 sm2_doit[testnum] = 0; 2924 } else { 2925 pkey_print_message("verify", sm2_curves[testnum].name, 2926 sm2_c[testnum][1], 2927 sm2_curves[testnum].bits, seconds.sm2); 2928 Time_F(START); 2929 count = run_benchmark(async_jobs, SM2_verify_loop, loopargs); 2930 d = Time_F(STOP); 2931 BIO_printf(bio_err, 2932 mr ? "+R11:%ld:%u:%s:%.2f\n" 2933 : "%ld %u bits %s verify in %.2fs\n", 2934 count, sm2_curves[testnum].bits, 2935 sm2_curves[testnum].name, d); 2936 sm2_results[testnum][1] = (double)count / d; 2937 } 2938 2939 if (op_count <= 1) { 2940 /* if longer than 10s, don't do any more */ 2941 for (testnum++; testnum < SM2_NUM; testnum++) 2942 sm2_doit[testnum] = 0; 2943 } 2944 } 2945 } 2946 #endif /* OPENSSL_NO_SM2 */ 2947 2948 #ifndef OPENSSL_NO_DH 2949 for (testnum = 0; testnum < FFDH_NUM; testnum++) { 2950 int ffdh_checks = 1; 2951 2952 if (!ffdh_doit[testnum]) 2953 continue; 2954 2955 for (i = 0; i < loopargs_len; i++) { 2956 EVP_PKEY *pkey_A = NULL; 2957 EVP_PKEY *pkey_B = NULL; 2958 EVP_PKEY_CTX *ffdh_ctx = NULL; 2959 EVP_PKEY_CTX *test_ctx = NULL; 2960 size_t secret_size; 2961 size_t test_out; 2962 2963 /* Ensure that the error queue is empty */ 2964 if (ERR_peek_error()) { 2965 BIO_printf(bio_err, 2966 "WARNING: the error queue contains previous unhandled errors.\n"); 2967 ERR_print_errors(bio_err); 2968 } 2969 2970 pkey_A = EVP_PKEY_new(); 2971 if (!pkey_A) { 2972 BIO_printf(bio_err, "Error while initialising EVP_PKEY (out of memory?).\n"); 2973 ERR_print_errors(bio_err); 2974 op_count = 1; 2975 ffdh_checks = 0; 2976 break; 2977 } 2978 pkey_B = EVP_PKEY_new(); 2979 if (!pkey_B) { 2980 BIO_printf(bio_err, "Error while initialising EVP_PKEY (out of memory?).\n"); 2981 ERR_print_errors(bio_err); 2982 op_count = 1; 2983 ffdh_checks = 0; 2984 break; 2985 } 2986 2987 ffdh_ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_DH, NULL); 2988 if (!ffdh_ctx) { 2989 BIO_printf(bio_err, "Error while allocating EVP_PKEY_CTX.\n"); 2990 ERR_print_errors(bio_err); 2991 op_count = 1; 2992 ffdh_checks = 0; 2993 break; 2994 } 2995 2996 if (EVP_PKEY_keygen_init(ffdh_ctx) <= 0) { 2997 BIO_printf(bio_err, "Error while initialising EVP_PKEY_CTX.\n"); 2998 ERR_print_errors(bio_err); 2999 op_count = 1; 3000 ffdh_checks = 0; 3001 break; 3002 } 3003 if (EVP_PKEY_CTX_set_dh_nid(ffdh_ctx, ffdh_params[testnum].nid) <= 0) { 3004 BIO_printf(bio_err, "Error setting DH key size for keygen.\n"); 3005 ERR_print_errors(bio_err); 3006 op_count = 1; 3007 ffdh_checks = 0; 3008 break; 3009 } 3010 3011 if (EVP_PKEY_keygen(ffdh_ctx, &pkey_A) <= 0 || 3012 EVP_PKEY_keygen(ffdh_ctx, &pkey_B) <= 0) { 3013 BIO_printf(bio_err, "FFDH key generation failure.\n"); 3014 ERR_print_errors(bio_err); 3015 op_count = 1; 3016 ffdh_checks = 0; 3017 break; 3018 } 3019 3020 EVP_PKEY_CTX_free(ffdh_ctx); 3021 3022 /* 3023 * check if the derivation works correctly both ways so that 3024 * we know if future derive calls will fail, and we can skip 3025 * error checking in benchmarked code 3026 */ 3027 ffdh_ctx = EVP_PKEY_CTX_new(pkey_A, NULL); 3028 if (ffdh_ctx == NULL) { 3029 BIO_printf(bio_err, "Error while allocating EVP_PKEY_CTX.\n"); 3030 ERR_print_errors(bio_err); 3031 op_count = 1; 3032 ffdh_checks = 0; 3033 break; 3034 } 3035 if (EVP_PKEY_derive_init(ffdh_ctx) <= 0) { 3036 BIO_printf(bio_err, "FFDH derivation context init failure.\n"); 3037 ERR_print_errors(bio_err); 3038 op_count = 1; 3039 ffdh_checks = 0; 3040 break; 3041 } 3042 if (EVP_PKEY_derive_set_peer(ffdh_ctx, pkey_B) <= 0) { 3043 BIO_printf(bio_err, "Assigning peer key for derivation failed.\n"); 3044 ERR_print_errors(bio_err); 3045 op_count = 1; 3046 ffdh_checks = 0; 3047 break; 3048 } 3049 if (EVP_PKEY_derive(ffdh_ctx, NULL, &secret_size) <= 0) { 3050 BIO_printf(bio_err, "Checking size of shared secret failed.\n"); 3051 ERR_print_errors(bio_err); 3052 op_count = 1; 3053 ffdh_checks = 0; 3054 break; 3055 } 3056 if (secret_size > MAX_FFDH_SIZE) { 3057 BIO_printf(bio_err, "Assertion failure: shared secret too large.\n"); 3058 op_count = 1; 3059 ffdh_checks = 0; 3060 break; 3061 } 3062 if (EVP_PKEY_derive(ffdh_ctx, 3063 loopargs[i].secret_ff_a, 3064 &secret_size) <= 0) { 3065 BIO_printf(bio_err, "Shared secret derive failure.\n"); 3066 ERR_print_errors(bio_err); 3067 op_count = 1; 3068 ffdh_checks = 0; 3069 break; 3070 } 3071 /* Now check from side B */ 3072 test_ctx = EVP_PKEY_CTX_new(pkey_B, NULL); 3073 if (!test_ctx) { 3074 BIO_printf(bio_err, "Error while allocating EVP_PKEY_CTX.\n"); 3075 ERR_print_errors(bio_err); 3076 op_count = 1; 3077 ffdh_checks = 0; 3078 break; 3079 } 3080 if (EVP_PKEY_derive_init(test_ctx) <= 0 || 3081 EVP_PKEY_derive_set_peer(test_ctx, pkey_A) <= 0 || 3082 EVP_PKEY_derive(test_ctx, NULL, &test_out) <= 0 || 3083 EVP_PKEY_derive(test_ctx, loopargs[i].secret_ff_b, &test_out) <= 0 || 3084 test_out != secret_size) { 3085 BIO_printf(bio_err, "FFDH computation failure.\n"); 3086 op_count = 1; 3087 ffdh_checks = 0; 3088 break; 3089 } 3090 3091 /* compare the computed secrets */ 3092 if (CRYPTO_memcmp(loopargs[i].secret_ff_a, 3093 loopargs[i].secret_ff_b, secret_size)) { 3094 BIO_printf(bio_err, "FFDH computations don't match.\n"); 3095 ERR_print_errors(bio_err); 3096 op_count = 1; 3097 ffdh_checks = 0; 3098 break; 3099 } 3100 3101 loopargs[i].ffdh_ctx[testnum] = ffdh_ctx; 3102 3103 EVP_PKEY_free(pkey_A); 3104 pkey_A = NULL; 3105 EVP_PKEY_free(pkey_B); 3106 pkey_B = NULL; 3107 EVP_PKEY_CTX_free(test_ctx); 3108 test_ctx = NULL; 3109 } 3110 if (ffdh_checks != 0) { 3111 pkey_print_message("", "ffdh", ffdh_c[testnum][0], 3112 ffdh_params[testnum].bits, seconds.ffdh); 3113 Time_F(START); 3114 count = 3115 run_benchmark(async_jobs, FFDH_derive_key_loop, loopargs); 3116 d = Time_F(STOP); 3117 BIO_printf(bio_err, 3118 mr ? "+R12:%ld:%d:%.2f\n" : 3119 "%ld %u-bits FFDH ops in %.2fs\n", count, 3120 ffdh_params[testnum].bits, d); 3121 ffdh_results[testnum][0] = (double)count / d; 3122 op_count = count; 3123 } 3124 if (op_count <= 1) { 3125 /* if longer than 10s, don't do any more */ 3126 stop_it(ffdh_doit, testnum); 3127 } 3128 } 3129 #endif /* OPENSSL_NO_DH */ 3130 #ifndef NO_FORK 3131 show_res: 3132 #endif 3133 if (!mr) { 3134 printf("version: %s\n", OpenSSL_version(OPENSSL_FULL_VERSION_STRING)); 3135 printf("%s\n", OpenSSL_version(OPENSSL_BUILT_ON)); 3136 printf("options: %s\n", BN_options()); 3137 printf("%s\n", OpenSSL_version(OPENSSL_CFLAGS)); 3138 printf("%s\n", OpenSSL_version(OPENSSL_CPU_INFO)); 3139 } 3140 3141 if (pr_header) { 3142 if (mr) { 3143 printf("+H"); 3144 } else { 3145 printf("The 'numbers' are in 1000s of bytes per second processed.\n"); 3146 printf("type "); 3147 } 3148 for (testnum = 0; testnum < size_num; testnum++) 3149 printf(mr ? ":%d" : "%7d bytes", lengths[testnum]); 3150 printf("\n"); 3151 } 3152 3153 for (k = 0; k < ALGOR_NUM; k++) { 3154 const char *alg_name = names[k]; 3155 3156 if (!doit[k]) 3157 continue; 3158 3159 if (k == D_EVP) { 3160 if (evp_cipher == NULL) 3161 alg_name = evp_md_name; 3162 else if ((alg_name = EVP_CIPHER_get0_name(evp_cipher)) == NULL) 3163 app_bail_out("failed to get name of cipher '%s'\n", evp_cipher); 3164 } 3165 3166 if (mr) 3167 printf("+F:%u:%s", k, alg_name); 3168 else 3169 printf("%-13s", alg_name); 3170 for (testnum = 0; testnum < size_num; testnum++) { 3171 if (results[k][testnum] > 10000 && !mr) 3172 printf(" %11.2fk", results[k][testnum] / 1e3); 3173 else 3174 printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]); 3175 } 3176 printf("\n"); 3177 } 3178 testnum = 1; 3179 for (k = 0; k < RSA_NUM; k++) { 3180 if (!rsa_doit[k]) 3181 continue; 3182 if (testnum && !mr) { 3183 printf("%18ssign verify sign/s verify/s\n", " "); 3184 testnum = 0; 3185 } 3186 if (mr) 3187 printf("+F2:%u:%u:%f:%f\n", 3188 k, rsa_keys[k].bits, rsa_results[k][0], rsa_results[k][1]); 3189 else 3190 printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n", 3191 rsa_keys[k].bits, 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1], 3192 rsa_results[k][0], rsa_results[k][1]); 3193 } 3194 testnum = 1; 3195 for (k = 0; k < DSA_NUM; k++) { 3196 if (!dsa_doit[k]) 3197 continue; 3198 if (testnum && !mr) { 3199 printf("%18ssign verify sign/s verify/s\n", " "); 3200 testnum = 0; 3201 } 3202 if (mr) 3203 printf("+F3:%u:%u:%f:%f\n", 3204 k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]); 3205 else 3206 printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n", 3207 dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1], 3208 dsa_results[k][0], dsa_results[k][1]); 3209 } 3210 testnum = 1; 3211 for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) { 3212 if (!ecdsa_doit[k]) 3213 continue; 3214 if (testnum && !mr) { 3215 printf("%30ssign verify sign/s verify/s\n", " "); 3216 testnum = 0; 3217 } 3218 3219 if (mr) 3220 printf("+F4:%u:%u:%f:%f\n", 3221 k, ec_curves[k].bits, 3222 ecdsa_results[k][0], ecdsa_results[k][1]); 3223 else 3224 printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n", 3225 ec_curves[k].bits, ec_curves[k].name, 3226 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1], 3227 ecdsa_results[k][0], ecdsa_results[k][1]); 3228 } 3229 3230 testnum = 1; 3231 for (k = 0; k < EC_NUM; k++) { 3232 if (!ecdh_doit[k]) 3233 continue; 3234 if (testnum && !mr) { 3235 printf("%30sop op/s\n", " "); 3236 testnum = 0; 3237 } 3238 if (mr) 3239 printf("+F5:%u:%u:%f:%f\n", 3240 k, ec_curves[k].bits, 3241 ecdh_results[k][0], 1.0 / ecdh_results[k][0]); 3242 3243 else 3244 printf("%4u bits ecdh (%s) %8.4fs %8.1f\n", 3245 ec_curves[k].bits, ec_curves[k].name, 3246 1.0 / ecdh_results[k][0], ecdh_results[k][0]); 3247 } 3248 3249 testnum = 1; 3250 for (k = 0; k < OSSL_NELEM(eddsa_doit); k++) { 3251 if (!eddsa_doit[k]) 3252 continue; 3253 if (testnum && !mr) { 3254 printf("%30ssign verify sign/s verify/s\n", " "); 3255 testnum = 0; 3256 } 3257 3258 if (mr) 3259 printf("+F6:%u:%u:%s:%f:%f\n", 3260 k, ed_curves[k].bits, ed_curves[k].name, 3261 eddsa_results[k][0], eddsa_results[k][1]); 3262 else 3263 printf("%4u bits EdDSA (%s) %8.4fs %8.4fs %8.1f %8.1f\n", 3264 ed_curves[k].bits, ed_curves[k].name, 3265 1.0 / eddsa_results[k][0], 1.0 / eddsa_results[k][1], 3266 eddsa_results[k][0], eddsa_results[k][1]); 3267 } 3268 3269 #ifndef OPENSSL_NO_SM2 3270 testnum = 1; 3271 for (k = 0; k < OSSL_NELEM(sm2_doit); k++) { 3272 if (!sm2_doit[k]) 3273 continue; 3274 if (testnum && !mr) { 3275 printf("%30ssign verify sign/s verify/s\n", " "); 3276 testnum = 0; 3277 } 3278 3279 if (mr) 3280 printf("+F7:%u:%u:%s:%f:%f\n", 3281 k, sm2_curves[k].bits, sm2_curves[k].name, 3282 sm2_results[k][0], sm2_results[k][1]); 3283 else 3284 printf("%4u bits SM2 (%s) %8.4fs %8.4fs %8.1f %8.1f\n", 3285 sm2_curves[k].bits, sm2_curves[k].name, 3286 1.0 / sm2_results[k][0], 1.0 / sm2_results[k][1], 3287 sm2_results[k][0], sm2_results[k][1]); 3288 } 3289 #endif 3290 #ifndef OPENSSL_NO_DH 3291 testnum = 1; 3292 for (k = 0; k < FFDH_NUM; k++) { 3293 if (!ffdh_doit[k]) 3294 continue; 3295 if (testnum && !mr) { 3296 printf("%23sop op/s\n", " "); 3297 testnum = 0; 3298 } 3299 if (mr) 3300 printf("+F8:%u:%u:%f:%f\n", 3301 k, ffdh_params[k].bits, 3302 ffdh_results[k][0], 1.0 / ffdh_results[k][0]); 3303 3304 else 3305 printf("%4u bits ffdh %8.4fs %8.1f\n", 3306 ffdh_params[k].bits, 3307 1.0 / ffdh_results[k][0], ffdh_results[k][0]); 3308 } 3309 #endif /* OPENSSL_NO_DH */ 3310 3311 ret = 0; 3312 3313 end: 3314 ERR_print_errors(bio_err); 3315 for (i = 0; i < loopargs_len; i++) { 3316 OPENSSL_free(loopargs[i].buf_malloc); 3317 OPENSSL_free(loopargs[i].buf2_malloc); 3318 3319 BN_free(bn); 3320 EVP_PKEY_CTX_free(genctx); 3321 for (k = 0; k < RSA_NUM; k++) { 3322 EVP_PKEY_CTX_free(loopargs[i].rsa_sign_ctx[k]); 3323 EVP_PKEY_CTX_free(loopargs[i].rsa_verify_ctx[k]); 3324 } 3325 #ifndef OPENSSL_NO_DH 3326 OPENSSL_free(loopargs[i].secret_ff_a); 3327 OPENSSL_free(loopargs[i].secret_ff_b); 3328 for (k = 0; k < FFDH_NUM; k++) 3329 EVP_PKEY_CTX_free(loopargs[i].ffdh_ctx[k]); 3330 #endif 3331 for (k = 0; k < DSA_NUM; k++) { 3332 EVP_PKEY_CTX_free(loopargs[i].dsa_sign_ctx[k]); 3333 EVP_PKEY_CTX_free(loopargs[i].dsa_verify_ctx[k]); 3334 } 3335 for (k = 0; k < ECDSA_NUM; k++) { 3336 EVP_PKEY_CTX_free(loopargs[i].ecdsa_sign_ctx[k]); 3337 EVP_PKEY_CTX_free(loopargs[i].ecdsa_verify_ctx[k]); 3338 } 3339 for (k = 0; k < EC_NUM; k++) 3340 EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]); 3341 for (k = 0; k < EdDSA_NUM; k++) { 3342 EVP_MD_CTX_free(loopargs[i].eddsa_ctx[k]); 3343 EVP_MD_CTX_free(loopargs[i].eddsa_ctx2[k]); 3344 } 3345 #ifndef OPENSSL_NO_SM2 3346 for (k = 0; k < SM2_NUM; k++) { 3347 EVP_PKEY_CTX *pctx = NULL; 3348 3349 /* free signing ctx */ 3350 if (loopargs[i].sm2_ctx[k] != NULL 3351 && (pctx = EVP_MD_CTX_get_pkey_ctx(loopargs[i].sm2_ctx[k])) != NULL) 3352 EVP_PKEY_CTX_free(pctx); 3353 EVP_MD_CTX_free(loopargs[i].sm2_ctx[k]); 3354 /* free verification ctx */ 3355 if (loopargs[i].sm2_vfy_ctx[k] != NULL 3356 && (pctx = EVP_MD_CTX_get_pkey_ctx(loopargs[i].sm2_vfy_ctx[k])) != NULL) 3357 EVP_PKEY_CTX_free(pctx); 3358 EVP_MD_CTX_free(loopargs[i].sm2_vfy_ctx[k]); 3359 /* free pkey */ 3360 EVP_PKEY_free(loopargs[i].sm2_pkey[k]); 3361 } 3362 #endif 3363 OPENSSL_free(loopargs[i].secret_a); 3364 OPENSSL_free(loopargs[i].secret_b); 3365 } 3366 OPENSSL_free(evp_hmac_name); 3367 OPENSSL_free(evp_cmac_name); 3368 3369 if (async_jobs > 0) { 3370 for (i = 0; i < loopargs_len; i++) 3371 ASYNC_WAIT_CTX_free(loopargs[i].wait_ctx); 3372 } 3373 3374 if (async_init) { 3375 ASYNC_cleanup_thread(); 3376 } 3377 OPENSSL_free(loopargs); 3378 release_engine(e); 3379 EVP_CIPHER_free(evp_cipher); 3380 EVP_MAC_free(mac); 3381 return ret; 3382 } 3383 3384 static void print_message(const char *s, long num, int length, int tm) 3385 { 3386 BIO_printf(bio_err, 3387 mr ? "+DT:%s:%d:%d\n" 3388 : "Doing %s for %ds on %d size blocks: ", s, tm, length); 3389 (void)BIO_flush(bio_err); 3390 run = 1; 3391 alarm(tm); 3392 } 3393 3394 static void pkey_print_message(const char *str, const char *str2, long num, 3395 unsigned int bits, int tm) 3396 { 3397 BIO_printf(bio_err, 3398 mr ? "+DTP:%d:%s:%s:%d\n" 3399 : "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm); 3400 (void)BIO_flush(bio_err); 3401 run = 1; 3402 alarm(tm); 3403 } 3404 3405 static void print_result(int alg, int run_no, int count, double time_used) 3406 { 3407 if (count == -1) { 3408 BIO_printf(bio_err, "%s error!\n", names[alg]); 3409 ERR_print_errors(bio_err); 3410 return; 3411 } 3412 BIO_printf(bio_err, 3413 mr ? "+R:%d:%s:%f\n" 3414 : "%d %s's in %.2fs\n", count, names[alg], time_used); 3415 results[alg][run_no] = ((double)count) / time_used * lengths[run_no]; 3416 } 3417 3418 #ifndef NO_FORK 3419 static char *sstrsep(char **string, const char *delim) 3420 { 3421 char isdelim[256]; 3422 char *token = *string; 3423 3424 if (**string == 0) 3425 return NULL; 3426 3427 memset(isdelim, 0, sizeof(isdelim)); 3428 isdelim[0] = 1; 3429 3430 while (*delim) { 3431 isdelim[(unsigned char)(*delim)] = 1; 3432 delim++; 3433 } 3434 3435 while (!isdelim[(unsigned char)(**string)]) 3436 (*string)++; 3437 3438 if (**string) { 3439 **string = 0; 3440 (*string)++; 3441 } 3442 3443 return token; 3444 } 3445 3446 static int do_multi(int multi, int size_num) 3447 { 3448 int n; 3449 int fd[2]; 3450 int *fds; 3451 int status; 3452 static char sep[] = ":"; 3453 3454 fds = app_malloc(sizeof(*fds) * multi, "fd buffer for do_multi"); 3455 for (n = 0; n < multi; ++n) { 3456 if (pipe(fd) == -1) { 3457 BIO_printf(bio_err, "pipe failure\n"); 3458 exit(1); 3459 } 3460 fflush(stdout); 3461 (void)BIO_flush(bio_err); 3462 if (fork()) { 3463 close(fd[1]); 3464 fds[n] = fd[0]; 3465 } else { 3466 close(fd[0]); 3467 close(1); 3468 if (dup(fd[1]) == -1) { 3469 BIO_printf(bio_err, "dup failed\n"); 3470 exit(1); 3471 } 3472 close(fd[1]); 3473 mr = 1; 3474 usertime = 0; 3475 OPENSSL_free(fds); 3476 return 0; 3477 } 3478 printf("Forked child %d\n", n); 3479 } 3480 3481 /* for now, assume the pipe is long enough to take all the output */ 3482 for (n = 0; n < multi; ++n) { 3483 FILE *f; 3484 char buf[1024]; 3485 char *p; 3486 3487 if ((f = fdopen(fds[n], "r")) == NULL) { 3488 BIO_printf(bio_err, "fdopen failure with 0x%x\n", 3489 errno); 3490 OPENSSL_free(fds); 3491 return 1; 3492 } 3493 while (fgets(buf, sizeof(buf), f)) { 3494 p = strchr(buf, '\n'); 3495 if (p) 3496 *p = '\0'; 3497 if (buf[0] != '+') { 3498 BIO_printf(bio_err, 3499 "Don't understand line '%s' from child %d\n", buf, 3500 n); 3501 continue; 3502 } 3503 printf("Got: %s from %d\n", buf, n); 3504 if (strncmp(buf, "+F:", 3) == 0) { 3505 int alg; 3506 int j; 3507 3508 p = buf + 3; 3509 alg = atoi(sstrsep(&p, sep)); 3510 sstrsep(&p, sep); 3511 for (j = 0; j < size_num; ++j) 3512 results[alg][j] += atof(sstrsep(&p, sep)); 3513 } else if (strncmp(buf, "+F2:", 4) == 0) { 3514 int k; 3515 double d; 3516 3517 p = buf + 4; 3518 k = atoi(sstrsep(&p, sep)); 3519 sstrsep(&p, sep); 3520 3521 d = atof(sstrsep(&p, sep)); 3522 rsa_results[k][0] += d; 3523 3524 d = atof(sstrsep(&p, sep)); 3525 rsa_results[k][1] += d; 3526 } else if (strncmp(buf, "+F3:", 4) == 0) { 3527 int k; 3528 double d; 3529 3530 p = buf + 4; 3531 k = atoi(sstrsep(&p, sep)); 3532 sstrsep(&p, sep); 3533 3534 d = atof(sstrsep(&p, sep)); 3535 dsa_results[k][0] += d; 3536 3537 d = atof(sstrsep(&p, sep)); 3538 dsa_results[k][1] += d; 3539 } else if (strncmp(buf, "+F4:", 4) == 0) { 3540 int k; 3541 double d; 3542 3543 p = buf + 4; 3544 k = atoi(sstrsep(&p, sep)); 3545 sstrsep(&p, sep); 3546 3547 d = atof(sstrsep(&p, sep)); 3548 ecdsa_results[k][0] += d; 3549 3550 d = atof(sstrsep(&p, sep)); 3551 ecdsa_results[k][1] += d; 3552 } else if (strncmp(buf, "+F5:", 4) == 0) { 3553 int k; 3554 double d; 3555 3556 p = buf + 4; 3557 k = atoi(sstrsep(&p, sep)); 3558 sstrsep(&p, sep); 3559 3560 d = atof(sstrsep(&p, sep)); 3561 ecdh_results[k][0] += d; 3562 } else if (strncmp(buf, "+F6:", 4) == 0) { 3563 int k; 3564 double d; 3565 3566 p = buf + 4; 3567 k = atoi(sstrsep(&p, sep)); 3568 sstrsep(&p, sep); 3569 sstrsep(&p, sep); 3570 3571 d = atof(sstrsep(&p, sep)); 3572 eddsa_results[k][0] += d; 3573 3574 d = atof(sstrsep(&p, sep)); 3575 eddsa_results[k][1] += d; 3576 # ifndef OPENSSL_NO_SM2 3577 } else if (strncmp(buf, "+F7:", 4) == 0) { 3578 int k; 3579 double d; 3580 3581 p = buf + 4; 3582 k = atoi(sstrsep(&p, sep)); 3583 sstrsep(&p, sep); 3584 sstrsep(&p, sep); 3585 3586 d = atof(sstrsep(&p, sep)); 3587 sm2_results[k][0] += d; 3588 3589 d = atof(sstrsep(&p, sep)); 3590 sm2_results[k][1] += d; 3591 # endif /* OPENSSL_NO_SM2 */ 3592 # ifndef OPENSSL_NO_DH 3593 } else if (strncmp(buf, "+F8:", 4) == 0) { 3594 int k; 3595 double d; 3596 3597 p = buf + 4; 3598 k = atoi(sstrsep(&p, sep)); 3599 sstrsep(&p, sep); 3600 3601 d = atof(sstrsep(&p, sep)); 3602 ffdh_results[k][0] += d; 3603 # endif /* OPENSSL_NO_DH */ 3604 } else if (strncmp(buf, "+H:", 3) == 0) { 3605 ; 3606 } else { 3607 BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf, 3608 n); 3609 } 3610 } 3611 3612 fclose(f); 3613 } 3614 OPENSSL_free(fds); 3615 for (n = 0; n < multi; ++n) { 3616 while (wait(&status) == -1) 3617 if (errno != EINTR) { 3618 BIO_printf(bio_err, "Waitng for child failed with 0x%x\n", 3619 errno); 3620 return 1; 3621 } 3622 if (WIFEXITED(status) && WEXITSTATUS(status)) { 3623 BIO_printf(bio_err, "Child exited with %d\n", WEXITSTATUS(status)); 3624 } else if (WIFSIGNALED(status)) { 3625 BIO_printf(bio_err, "Child terminated by signal %d\n", 3626 WTERMSIG(status)); 3627 } 3628 } 3629 return 1; 3630 } 3631 #endif 3632 3633 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single, 3634 const openssl_speed_sec_t *seconds) 3635 { 3636 static const int mblengths_list[] = 3637 { 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 }; 3638 const int *mblengths = mblengths_list; 3639 int j, count, keylen, num = OSSL_NELEM(mblengths_list); 3640 const char *alg_name; 3641 unsigned char *inp = NULL, *out = NULL, *key, no_key[32], no_iv[16]; 3642 EVP_CIPHER_CTX *ctx = NULL; 3643 double d = 0.0; 3644 3645 if (lengths_single) { 3646 mblengths = &lengths_single; 3647 num = 1; 3648 } 3649 3650 inp = app_malloc(mblengths[num - 1], "multiblock input buffer"); 3651 out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer"); 3652 if ((ctx = EVP_CIPHER_CTX_new()) == NULL) 3653 app_bail_out("failed to allocate cipher context\n"); 3654 if (!EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv)) 3655 app_bail_out("failed to initialise cipher context\n"); 3656 3657 if ((keylen = EVP_CIPHER_CTX_get_key_length(ctx)) < 0) { 3658 BIO_printf(bio_err, "Impossible negative key length: %d\n", keylen); 3659 goto err; 3660 } 3661 key = app_malloc(keylen, "evp_cipher key"); 3662 if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0) 3663 app_bail_out("failed to generate random cipher key\n"); 3664 if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL)) 3665 app_bail_out("failed to set cipher key\n"); 3666 OPENSSL_clear_free(key, keylen); 3667 3668 if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, 3669 sizeof(no_key), no_key) <= 0) 3670 app_bail_out("failed to set AEAD key\n"); 3671 if ((alg_name = EVP_CIPHER_get0_name(evp_cipher)) == NULL) 3672 app_bail_out("failed to get cipher name\n"); 3673 3674 for (j = 0; j < num; j++) { 3675 print_message(alg_name, 0, mblengths[j], seconds->sym); 3676 Time_F(START); 3677 for (count = 0; run && count < INT_MAX; count++) { 3678 unsigned char aad[EVP_AEAD_TLS1_AAD_LEN]; 3679 EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param; 3680 size_t len = mblengths[j]; 3681 int packlen; 3682 3683 memset(aad, 0, 8); /* avoid uninitialized values */ 3684 aad[8] = 23; /* SSL3_RT_APPLICATION_DATA */ 3685 aad[9] = 3; /* version */ 3686 aad[10] = 2; 3687 aad[11] = 0; /* length */ 3688 aad[12] = 0; 3689 mb_param.out = NULL; 3690 mb_param.inp = aad; 3691 mb_param.len = len; 3692 mb_param.interleave = 8; 3693 3694 packlen = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_AAD, 3695 sizeof(mb_param), &mb_param); 3696 3697 if (packlen > 0) { 3698 mb_param.out = out; 3699 mb_param.inp = inp; 3700 mb_param.len = len; 3701 (void)EVP_CIPHER_CTX_ctrl(ctx, 3702 EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT, 3703 sizeof(mb_param), &mb_param); 3704 } else { 3705 int pad; 3706 3707 if (RAND_bytes(inp, 16) <= 0) 3708 app_bail_out("error setting random bytes\n"); 3709 len += 16; 3710 aad[11] = (unsigned char)(len >> 8); 3711 aad[12] = (unsigned char)(len); 3712 pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD, 3713 EVP_AEAD_TLS1_AAD_LEN, aad); 3714 EVP_Cipher(ctx, out, inp, len + pad); 3715 } 3716 } 3717 d = Time_F(STOP); 3718 BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n" 3719 : "%d %s's in %.2fs\n", count, "evp", d); 3720 results[D_EVP][j] = ((double)count) / d * mblengths[j]; 3721 } 3722 3723 if (mr) { 3724 fprintf(stdout, "+H"); 3725 for (j = 0; j < num; j++) 3726 fprintf(stdout, ":%d", mblengths[j]); 3727 fprintf(stdout, "\n"); 3728 fprintf(stdout, "+F:%d:%s", D_EVP, alg_name); 3729 for (j = 0; j < num; j++) 3730 fprintf(stdout, ":%.2f", results[D_EVP][j]); 3731 fprintf(stdout, "\n"); 3732 } else { 3733 fprintf(stdout, 3734 "The 'numbers' are in 1000s of bytes per second processed.\n"); 3735 fprintf(stdout, "type "); 3736 for (j = 0; j < num; j++) 3737 fprintf(stdout, "%7d bytes", mblengths[j]); 3738 fprintf(stdout, "\n"); 3739 fprintf(stdout, "%-24s", alg_name); 3740 3741 for (j = 0; j < num; j++) { 3742 if (results[D_EVP][j] > 10000) 3743 fprintf(stdout, " %11.2fk", results[D_EVP][j] / 1e3); 3744 else 3745 fprintf(stdout, " %11.2f ", results[D_EVP][j]); 3746 } 3747 fprintf(stdout, "\n"); 3748 } 3749 3750 err: 3751 OPENSSL_free(inp); 3752 OPENSSL_free(out); 3753 EVP_CIPHER_CTX_free(ctx); 3754 } 3755