1 /* 2 * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved. 3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved 4 * 5 * Licensed under the Apache License 2.0 (the "License"). You may not use 6 * this file except in compliance with the License. You can obtain a copy 7 * in the file LICENSE in the source distribution or at 8 * https://www.openssl.org/source/license.html 9 */ 10 11 #undef SECONDS 12 #define SECONDS 3 13 #define PKEY_SECONDS 10 14 15 #define RSA_SECONDS PKEY_SECONDS 16 #define DSA_SECONDS PKEY_SECONDS 17 #define ECDSA_SECONDS PKEY_SECONDS 18 #define ECDH_SECONDS PKEY_SECONDS 19 #define EdDSA_SECONDS PKEY_SECONDS 20 #define SM2_SECONDS PKEY_SECONDS 21 #define FFDH_SECONDS PKEY_SECONDS 22 23 /* We need to use some deprecated APIs */ 24 #define OPENSSL_SUPPRESS_DEPRECATED 25 26 #include <stdio.h> 27 #include <stdlib.h> 28 #include <string.h> 29 #include <math.h> 30 #include "apps.h" 31 #include "progs.h" 32 #include "internal/numbers.h" 33 #include <openssl/crypto.h> 34 #include <openssl/rand.h> 35 #include <openssl/err.h> 36 #include <openssl/evp.h> 37 #include <openssl/objects.h> 38 #include <openssl/core_names.h> 39 #include <openssl/async.h> 40 #if !defined(OPENSSL_SYS_MSDOS) 41 # include <unistd.h> 42 #endif 43 44 #if defined(__TANDEM) 45 # if defined(OPENSSL_TANDEM_FLOSS) 46 # include <floss.h(floss_fork)> 47 # endif 48 #endif 49 50 #if defined(_WIN32) 51 # include <windows.h> 52 #endif 53 54 #include <openssl/bn.h> 55 #include <openssl/rsa.h> 56 #include "./testrsa.h" 57 #ifndef OPENSSL_NO_DH 58 # include <openssl/dh.h> 59 #endif 60 #include <openssl/x509.h> 61 #include <openssl/dsa.h> 62 #include "./testdsa.h" 63 #include <openssl/modes.h> 64 65 #ifndef HAVE_FORK 66 # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS) 67 # define HAVE_FORK 0 68 # else 69 # define HAVE_FORK 1 70 # include <sys/wait.h> 71 # endif 72 #endif 73 74 #if HAVE_FORK 75 # undef NO_FORK 76 #else 77 # define NO_FORK 78 #endif 79 80 #define MAX_MISALIGNMENT 63 81 #define MAX_ECDH_SIZE 256 82 #define MISALIGN 64 83 #define MAX_FFDH_SIZE 1024 84 85 #ifndef RSA_DEFAULT_PRIME_NUM 86 # define RSA_DEFAULT_PRIME_NUM 2 87 #endif 88 89 typedef struct openssl_speed_sec_st { 90 int sym; 91 int rsa; 92 int dsa; 93 int ecdsa; 94 int ecdh; 95 int eddsa; 96 int sm2; 97 int ffdh; 98 } openssl_speed_sec_t; 99 100 static volatile int run = 0; 101 102 static int mr = 0; /* machine-readeable output format to merge fork results */ 103 static int usertime = 1; 104 105 static double Time_F(int s); 106 static void print_message(const char *s, long num, int length, int tm); 107 static void pkey_print_message(const char *str, const char *str2, 108 long num, unsigned int bits, int sec); 109 static void print_result(int alg, int run_no, int count, double time_used); 110 #ifndef NO_FORK 111 static int do_multi(int multi, int size_num); 112 #endif 113 114 static const int lengths_list[] = { 115 16, 64, 256, 1024, 8 * 1024, 16 * 1024 116 }; 117 #define SIZE_NUM OSSL_NELEM(lengths_list) 118 static const int *lengths = lengths_list; 119 120 static const int aead_lengths_list[] = { 121 2, 31, 136, 1024, 8 * 1024, 16 * 1024 122 }; 123 124 #define START 0 125 #define STOP 1 126 127 #ifdef SIGALRM 128 129 static void alarmed(int sig) 130 { 131 signal(SIGALRM, alarmed); 132 run = 0; 133 } 134 135 static double Time_F(int s) 136 { 137 double ret = app_tminterval(s, usertime); 138 if (s == STOP) 139 alarm(0); 140 return ret; 141 } 142 143 #elif defined(_WIN32) 144 145 # define SIGALRM -1 146 147 static unsigned int lapse; 148 static volatile unsigned int schlock; 149 static void alarm_win32(unsigned int secs) 150 { 151 lapse = secs * 1000; 152 } 153 154 # define alarm alarm_win32 155 156 static DWORD WINAPI sleepy(VOID * arg) 157 { 158 schlock = 1; 159 Sleep(lapse); 160 run = 0; 161 return 0; 162 } 163 164 static double Time_F(int s) 165 { 166 double ret; 167 static HANDLE thr; 168 169 if (s == START) { 170 schlock = 0; 171 thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL); 172 if (thr == NULL) { 173 DWORD err = GetLastError(); 174 BIO_printf(bio_err, "unable to CreateThread (%lu)", err); 175 ExitProcess(err); 176 } 177 while (!schlock) 178 Sleep(0); /* scheduler spinlock */ 179 ret = app_tminterval(s, usertime); 180 } else { 181 ret = app_tminterval(s, usertime); 182 if (run) 183 TerminateThread(thr, 0); 184 CloseHandle(thr); 185 } 186 187 return ret; 188 } 189 #else 190 # error "SIGALRM not defined and the platform is not Windows" 191 #endif 192 193 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single, 194 const openssl_speed_sec_t *seconds); 195 196 static int opt_found(const char *name, unsigned int *result, 197 const OPT_PAIR pairs[], unsigned int nbelem) 198 { 199 unsigned int idx; 200 201 for (idx = 0; idx < nbelem; ++idx, pairs++) 202 if (strcmp(name, pairs->name) == 0) { 203 *result = pairs->retval; 204 return 1; 205 } 206 return 0; 207 } 208 #define opt_found(value, pairs, result)\ 209 opt_found(value, result, pairs, OSSL_NELEM(pairs)) 210 211 typedef enum OPTION_choice { 212 OPT_COMMON, 213 OPT_ELAPSED, OPT_EVP, OPT_HMAC, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI, 214 OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM, OPT_PROV_ENUM, 215 OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD, OPT_CMAC 216 } OPTION_CHOICE; 217 218 const OPTIONS speed_options[] = { 219 {OPT_HELP_STR, 1, '-', "Usage: %s [options] [algorithm...]\n"}, 220 221 OPT_SECTION("General"), 222 {"help", OPT_HELP, '-', "Display this summary"}, 223 {"mb", OPT_MB, '-', 224 "Enable (tls1>=1) multi-block mode on EVP-named cipher"}, 225 {"mr", OPT_MR, '-', "Produce machine readable output"}, 226 #ifndef NO_FORK 227 {"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"}, 228 #endif 229 #ifndef OPENSSL_NO_ASYNC 230 {"async_jobs", OPT_ASYNCJOBS, 'p', 231 "Enable async mode and start specified number of jobs"}, 232 #endif 233 #ifndef OPENSSL_NO_ENGINE 234 {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, 235 #endif 236 {"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"}, 237 238 OPT_SECTION("Selection"), 239 {"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"}, 240 {"hmac", OPT_HMAC, 's', "HMAC using EVP-named digest"}, 241 {"cmac", OPT_CMAC, 's', "CMAC using EVP-named cipher"}, 242 {"decrypt", OPT_DECRYPT, '-', 243 "Time decryption instead of encryption (only EVP)"}, 244 {"aead", OPT_AEAD, '-', 245 "Benchmark EVP-named AEAD cipher in TLS-like sequence"}, 246 247 OPT_SECTION("Timing"), 248 {"elapsed", OPT_ELAPSED, '-', 249 "Use wall-clock time instead of CPU user time as divisor"}, 250 {"seconds", OPT_SECONDS, 'p', 251 "Run benchmarks for specified amount of seconds"}, 252 {"bytes", OPT_BYTES, 'p', 253 "Run [non-PKI] benchmarks on custom-sized buffer"}, 254 {"misalign", OPT_MISALIGN, 'p', 255 "Use specified offset to mis-align buffers"}, 256 257 OPT_R_OPTIONS, 258 OPT_PROV_OPTIONS, 259 260 OPT_PARAMETERS(), 261 {"algorithm", 0, 0, "Algorithm(s) to test (optional; otherwise tests all)"}, 262 {NULL} 263 }; 264 265 enum { 266 D_MD2, D_MDC2, D_MD4, D_MD5, D_SHA1, D_RMD160, 267 D_SHA256, D_SHA512, D_WHIRLPOOL, D_HMAC, 268 D_CBC_DES, D_EDE3_DES, D_RC4, D_CBC_IDEA, D_CBC_SEED, 269 D_CBC_RC2, D_CBC_RC5, D_CBC_BF, D_CBC_CAST, 270 D_CBC_128_AES, D_CBC_192_AES, D_CBC_256_AES, 271 D_CBC_128_CML, D_CBC_192_CML, D_CBC_256_CML, 272 D_EVP, D_GHASH, D_RAND, D_EVP_CMAC, ALGOR_NUM 273 }; 274 /* name of algorithms to test. MUST BE KEEP IN SYNC with above enum ! */ 275 static const char *names[ALGOR_NUM] = { 276 "md2", "mdc2", "md4", "md5", "sha1", "rmd160", 277 "sha256", "sha512", "whirlpool", "hmac(md5)", 278 "des-cbc", "des-ede3", "rc4", "idea-cbc", "seed-cbc", 279 "rc2-cbc", "rc5-cbc", "blowfish", "cast-cbc", 280 "aes-128-cbc", "aes-192-cbc", "aes-256-cbc", 281 "camellia-128-cbc", "camellia-192-cbc", "camellia-256-cbc", 282 "evp", "ghash", "rand", "cmac" 283 }; 284 285 /* list of configured algorithm (remaining), with some few alias */ 286 static const OPT_PAIR doit_choices[] = { 287 {"md2", D_MD2}, 288 {"mdc2", D_MDC2}, 289 {"md4", D_MD4}, 290 {"md5", D_MD5}, 291 {"hmac", D_HMAC}, 292 {"sha1", D_SHA1}, 293 {"sha256", D_SHA256}, 294 {"sha512", D_SHA512}, 295 {"whirlpool", D_WHIRLPOOL}, 296 {"ripemd", D_RMD160}, 297 {"rmd160", D_RMD160}, 298 {"ripemd160", D_RMD160}, 299 {"rc4", D_RC4}, 300 {"des-cbc", D_CBC_DES}, 301 {"des-ede3", D_EDE3_DES}, 302 {"aes-128-cbc", D_CBC_128_AES}, 303 {"aes-192-cbc", D_CBC_192_AES}, 304 {"aes-256-cbc", D_CBC_256_AES}, 305 {"camellia-128-cbc", D_CBC_128_CML}, 306 {"camellia-192-cbc", D_CBC_192_CML}, 307 {"camellia-256-cbc", D_CBC_256_CML}, 308 {"rc2-cbc", D_CBC_RC2}, 309 {"rc2", D_CBC_RC2}, 310 {"rc5-cbc", D_CBC_RC5}, 311 {"rc5", D_CBC_RC5}, 312 {"idea-cbc", D_CBC_IDEA}, 313 {"idea", D_CBC_IDEA}, 314 {"seed-cbc", D_CBC_SEED}, 315 {"seed", D_CBC_SEED}, 316 {"bf-cbc", D_CBC_BF}, 317 {"blowfish", D_CBC_BF}, 318 {"bf", D_CBC_BF}, 319 {"cast-cbc", D_CBC_CAST}, 320 {"cast", D_CBC_CAST}, 321 {"cast5", D_CBC_CAST}, 322 {"ghash", D_GHASH}, 323 {"rand", D_RAND} 324 }; 325 326 static double results[ALGOR_NUM][SIZE_NUM]; 327 328 enum { R_DSA_512, R_DSA_1024, R_DSA_2048, DSA_NUM }; 329 static const OPT_PAIR dsa_choices[DSA_NUM] = { 330 {"dsa512", R_DSA_512}, 331 {"dsa1024", R_DSA_1024}, 332 {"dsa2048", R_DSA_2048} 333 }; 334 static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */ 335 336 enum { 337 R_RSA_512, R_RSA_1024, R_RSA_2048, R_RSA_3072, R_RSA_4096, R_RSA_7680, 338 R_RSA_15360, RSA_NUM 339 }; 340 static const OPT_PAIR rsa_choices[RSA_NUM] = { 341 {"rsa512", R_RSA_512}, 342 {"rsa1024", R_RSA_1024}, 343 {"rsa2048", R_RSA_2048}, 344 {"rsa3072", R_RSA_3072}, 345 {"rsa4096", R_RSA_4096}, 346 {"rsa7680", R_RSA_7680}, 347 {"rsa15360", R_RSA_15360} 348 }; 349 350 static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */ 351 352 #ifndef OPENSSL_NO_DH 353 enum ff_params_t { 354 R_FFDH_2048, R_FFDH_3072, R_FFDH_4096, R_FFDH_6144, R_FFDH_8192, FFDH_NUM 355 }; 356 357 static const OPT_PAIR ffdh_choices[FFDH_NUM] = { 358 {"ffdh2048", R_FFDH_2048}, 359 {"ffdh3072", R_FFDH_3072}, 360 {"ffdh4096", R_FFDH_4096}, 361 {"ffdh6144", R_FFDH_6144}, 362 {"ffdh8192", R_FFDH_8192}, 363 }; 364 365 static double ffdh_results[FFDH_NUM][1]; /* 1 op: derivation */ 366 #endif /* OPENSSL_NO_DH */ 367 368 enum ec_curves_t { 369 R_EC_P160, R_EC_P192, R_EC_P224, R_EC_P256, R_EC_P384, R_EC_P521, 370 #ifndef OPENSSL_NO_EC2M 371 R_EC_K163, R_EC_K233, R_EC_K283, R_EC_K409, R_EC_K571, 372 R_EC_B163, R_EC_B233, R_EC_B283, R_EC_B409, R_EC_B571, 373 #endif 374 R_EC_BRP256R1, R_EC_BRP256T1, R_EC_BRP384R1, R_EC_BRP384T1, 375 R_EC_BRP512R1, R_EC_BRP512T1, ECDSA_NUM 376 }; 377 /* list of ecdsa curves */ 378 static const OPT_PAIR ecdsa_choices[ECDSA_NUM] = { 379 {"ecdsap160", R_EC_P160}, 380 {"ecdsap192", R_EC_P192}, 381 {"ecdsap224", R_EC_P224}, 382 {"ecdsap256", R_EC_P256}, 383 {"ecdsap384", R_EC_P384}, 384 {"ecdsap521", R_EC_P521}, 385 #ifndef OPENSSL_NO_EC2M 386 {"ecdsak163", R_EC_K163}, 387 {"ecdsak233", R_EC_K233}, 388 {"ecdsak283", R_EC_K283}, 389 {"ecdsak409", R_EC_K409}, 390 {"ecdsak571", R_EC_K571}, 391 {"ecdsab163", R_EC_B163}, 392 {"ecdsab233", R_EC_B233}, 393 {"ecdsab283", R_EC_B283}, 394 {"ecdsab409", R_EC_B409}, 395 {"ecdsab571", R_EC_B571}, 396 #endif 397 {"ecdsabrp256r1", R_EC_BRP256R1}, 398 {"ecdsabrp256t1", R_EC_BRP256T1}, 399 {"ecdsabrp384r1", R_EC_BRP384R1}, 400 {"ecdsabrp384t1", R_EC_BRP384T1}, 401 {"ecdsabrp512r1", R_EC_BRP512R1}, 402 {"ecdsabrp512t1", R_EC_BRP512T1} 403 }; 404 enum { R_EC_X25519 = ECDSA_NUM, R_EC_X448, EC_NUM }; 405 /* list of ecdh curves, extension of |ecdsa_choices| list above */ 406 static const OPT_PAIR ecdh_choices[EC_NUM] = { 407 {"ecdhp160", R_EC_P160}, 408 {"ecdhp192", R_EC_P192}, 409 {"ecdhp224", R_EC_P224}, 410 {"ecdhp256", R_EC_P256}, 411 {"ecdhp384", R_EC_P384}, 412 {"ecdhp521", R_EC_P521}, 413 #ifndef OPENSSL_NO_EC2M 414 {"ecdhk163", R_EC_K163}, 415 {"ecdhk233", R_EC_K233}, 416 {"ecdhk283", R_EC_K283}, 417 {"ecdhk409", R_EC_K409}, 418 {"ecdhk571", R_EC_K571}, 419 {"ecdhb163", R_EC_B163}, 420 {"ecdhb233", R_EC_B233}, 421 {"ecdhb283", R_EC_B283}, 422 {"ecdhb409", R_EC_B409}, 423 {"ecdhb571", R_EC_B571}, 424 #endif 425 {"ecdhbrp256r1", R_EC_BRP256R1}, 426 {"ecdhbrp256t1", R_EC_BRP256T1}, 427 {"ecdhbrp384r1", R_EC_BRP384R1}, 428 {"ecdhbrp384t1", R_EC_BRP384T1}, 429 {"ecdhbrp512r1", R_EC_BRP512R1}, 430 {"ecdhbrp512t1", R_EC_BRP512T1}, 431 {"ecdhx25519", R_EC_X25519}, 432 {"ecdhx448", R_EC_X448} 433 }; 434 435 static double ecdh_results[EC_NUM][1]; /* 1 op: derivation */ 436 static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */ 437 438 enum { R_EC_Ed25519, R_EC_Ed448, EdDSA_NUM }; 439 static const OPT_PAIR eddsa_choices[EdDSA_NUM] = { 440 {"ed25519", R_EC_Ed25519}, 441 {"ed448", R_EC_Ed448} 442 443 }; 444 static double eddsa_results[EdDSA_NUM][2]; /* 2 ops: sign then verify */ 445 446 #ifndef OPENSSL_NO_SM2 447 enum { R_EC_CURVESM2, SM2_NUM }; 448 static const OPT_PAIR sm2_choices[SM2_NUM] = { 449 {"curveSM2", R_EC_CURVESM2} 450 }; 451 # define SM2_ID "TLSv1.3+GM+Cipher+Suite" 452 # define SM2_ID_LEN sizeof("TLSv1.3+GM+Cipher+Suite") - 1 453 static double sm2_results[SM2_NUM][2]; /* 2 ops: sign then verify */ 454 #endif /* OPENSSL_NO_SM2 */ 455 456 #define COND(unused_cond) (run && count < INT_MAX) 457 #define COUNT(d) (count) 458 459 typedef struct loopargs_st { 460 ASYNC_JOB *inprogress_job; 461 ASYNC_WAIT_CTX *wait_ctx; 462 unsigned char *buf; 463 unsigned char *buf2; 464 unsigned char *buf_malloc; 465 unsigned char *buf2_malloc; 466 unsigned char *key; 467 size_t buflen; 468 size_t sigsize; 469 EVP_PKEY_CTX *rsa_sign_ctx[RSA_NUM]; 470 EVP_PKEY_CTX *rsa_verify_ctx[RSA_NUM]; 471 EVP_PKEY_CTX *dsa_sign_ctx[DSA_NUM]; 472 EVP_PKEY_CTX *dsa_verify_ctx[DSA_NUM]; 473 EVP_PKEY_CTX *ecdsa_sign_ctx[ECDSA_NUM]; 474 EVP_PKEY_CTX *ecdsa_verify_ctx[ECDSA_NUM]; 475 EVP_PKEY_CTX *ecdh_ctx[EC_NUM]; 476 EVP_MD_CTX *eddsa_ctx[EdDSA_NUM]; 477 EVP_MD_CTX *eddsa_ctx2[EdDSA_NUM]; 478 #ifndef OPENSSL_NO_SM2 479 EVP_MD_CTX *sm2_ctx[SM2_NUM]; 480 EVP_MD_CTX *sm2_vfy_ctx[SM2_NUM]; 481 EVP_PKEY *sm2_pkey[SM2_NUM]; 482 #endif 483 unsigned char *secret_a; 484 unsigned char *secret_b; 485 size_t outlen[EC_NUM]; 486 #ifndef OPENSSL_NO_DH 487 EVP_PKEY_CTX *ffdh_ctx[FFDH_NUM]; 488 unsigned char *secret_ff_a; 489 unsigned char *secret_ff_b; 490 #endif 491 EVP_CIPHER_CTX *ctx; 492 EVP_MAC_CTX *mctx; 493 } loopargs_t; 494 static int run_benchmark(int async_jobs, int (*loop_function) (void *), 495 loopargs_t * loopargs); 496 497 static unsigned int testnum; 498 499 /* Nb of iterations to do per algorithm and key-size */ 500 static long c[ALGOR_NUM][SIZE_NUM]; 501 502 static char *evp_mac_mdname = "md5"; 503 static char *evp_hmac_name = NULL; 504 static const char *evp_md_name = NULL; 505 static char *evp_mac_ciphername = "aes-128-cbc"; 506 static char *evp_cmac_name = NULL; 507 508 static int have_md(const char *name) 509 { 510 int ret = 0; 511 EVP_MD *md = NULL; 512 513 if (opt_md_silent(name, &md)) { 514 EVP_MD_CTX *ctx = EVP_MD_CTX_new(); 515 516 if (ctx != NULL && EVP_DigestInit(ctx, md) > 0) 517 ret = 1; 518 EVP_MD_CTX_free(ctx); 519 EVP_MD_free(md); 520 } 521 return ret; 522 } 523 524 static int have_cipher(const char *name) 525 { 526 int ret = 0; 527 EVP_CIPHER *cipher = NULL; 528 529 if (opt_cipher_silent(name, &cipher)) { 530 EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new(); 531 532 if (ctx != NULL 533 && EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, 1) > 0) 534 ret = 1; 535 EVP_CIPHER_CTX_free(ctx); 536 EVP_CIPHER_free(cipher); 537 } 538 return ret; 539 } 540 541 static int EVP_Digest_loop(const char *mdname, int algindex, void *args) 542 { 543 loopargs_t *tempargs = *(loopargs_t **) args; 544 unsigned char *buf = tempargs->buf; 545 unsigned char digest[EVP_MAX_MD_SIZE]; 546 int count; 547 EVP_MD *md = NULL; 548 549 if (!opt_md_silent(mdname, &md)) 550 return -1; 551 for (count = 0; COND(c[algindex][testnum]); count++) { 552 if (!EVP_Digest(buf, (size_t)lengths[testnum], digest, NULL, md, 553 NULL)) { 554 count = -1; 555 break; 556 } 557 } 558 EVP_MD_free(md); 559 return count; 560 } 561 562 static int EVP_Digest_md_loop(void *args) 563 { 564 return EVP_Digest_loop(evp_md_name, D_EVP, args); 565 } 566 567 static int EVP_Digest_MD2_loop(void *args) 568 { 569 return EVP_Digest_loop("md2", D_MD2, args); 570 } 571 572 static int EVP_Digest_MDC2_loop(void *args) 573 { 574 return EVP_Digest_loop("mdc2", D_MDC2, args); 575 } 576 577 static int EVP_Digest_MD4_loop(void *args) 578 { 579 return EVP_Digest_loop("md4", D_MD4, args); 580 } 581 582 static int MD5_loop(void *args) 583 { 584 return EVP_Digest_loop("md5", D_MD5, args); 585 } 586 587 static int EVP_MAC_loop(int algindex, void *args) 588 { 589 loopargs_t *tempargs = *(loopargs_t **) args; 590 unsigned char *buf = tempargs->buf; 591 EVP_MAC_CTX *mctx = tempargs->mctx; 592 unsigned char mac[EVP_MAX_MD_SIZE]; 593 int count; 594 595 for (count = 0; COND(c[algindex][testnum]); count++) { 596 size_t outl; 597 598 if (!EVP_MAC_init(mctx, NULL, 0, NULL) 599 || !EVP_MAC_update(mctx, buf, lengths[testnum]) 600 || !EVP_MAC_final(mctx, mac, &outl, sizeof(mac))) 601 return -1; 602 } 603 return count; 604 } 605 606 static int HMAC_loop(void *args) 607 { 608 return EVP_MAC_loop(D_HMAC, args); 609 } 610 611 static int CMAC_loop(void *args) 612 { 613 return EVP_MAC_loop(D_EVP_CMAC, args); 614 } 615 616 static int SHA1_loop(void *args) 617 { 618 return EVP_Digest_loop("sha1", D_SHA1, args); 619 } 620 621 static int SHA256_loop(void *args) 622 { 623 return EVP_Digest_loop("sha256", D_SHA256, args); 624 } 625 626 static int SHA512_loop(void *args) 627 { 628 return EVP_Digest_loop("sha512", D_SHA512, args); 629 } 630 631 static int WHIRLPOOL_loop(void *args) 632 { 633 return EVP_Digest_loop("whirlpool", D_WHIRLPOOL, args); 634 } 635 636 static int EVP_Digest_RMD160_loop(void *args) 637 { 638 return EVP_Digest_loop("ripemd160", D_RMD160, args); 639 } 640 641 static int algindex; 642 643 static int EVP_Cipher_loop(void *args) 644 { 645 loopargs_t *tempargs = *(loopargs_t **) args; 646 unsigned char *buf = tempargs->buf; 647 int count; 648 649 if (tempargs->ctx == NULL) 650 return -1; 651 for (count = 0; COND(c[algindex][testnum]); count++) 652 if (EVP_Cipher(tempargs->ctx, buf, buf, (size_t)lengths[testnum]) <= 0) 653 return -1; 654 return count; 655 } 656 657 static int GHASH_loop(void *args) 658 { 659 loopargs_t *tempargs = *(loopargs_t **) args; 660 unsigned char *buf = tempargs->buf; 661 EVP_MAC_CTX *mctx = tempargs->mctx; 662 int count; 663 664 /* just do the update in the loop to be comparable with 1.1.1 */ 665 for (count = 0; COND(c[D_GHASH][testnum]); count++) { 666 if (!EVP_MAC_update(mctx, buf, lengths[testnum])) 667 return -1; 668 } 669 return count; 670 } 671 672 #define MAX_BLOCK_SIZE 128 673 674 static unsigned char iv[2 * MAX_BLOCK_SIZE / 8]; 675 676 static EVP_CIPHER_CTX *init_evp_cipher_ctx(const char *ciphername, 677 const unsigned char *key, 678 int keylen) 679 { 680 EVP_CIPHER_CTX *ctx = NULL; 681 EVP_CIPHER *cipher = NULL; 682 683 if (!opt_cipher_silent(ciphername, &cipher)) 684 return NULL; 685 686 if ((ctx = EVP_CIPHER_CTX_new()) == NULL) 687 goto end; 688 689 if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, 1)) { 690 EVP_CIPHER_CTX_free(ctx); 691 ctx = NULL; 692 goto end; 693 } 694 695 if (EVP_CIPHER_CTX_set_key_length(ctx, keylen) <= 0) { 696 EVP_CIPHER_CTX_free(ctx); 697 ctx = NULL; 698 goto end; 699 } 700 701 if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, 1)) { 702 EVP_CIPHER_CTX_free(ctx); 703 ctx = NULL; 704 goto end; 705 } 706 707 end: 708 EVP_CIPHER_free(cipher); 709 return ctx; 710 } 711 712 static int RAND_bytes_loop(void *args) 713 { 714 loopargs_t *tempargs = *(loopargs_t **) args; 715 unsigned char *buf = tempargs->buf; 716 int count; 717 718 for (count = 0; COND(c[D_RAND][testnum]); count++) 719 RAND_bytes(buf, lengths[testnum]); 720 return count; 721 } 722 723 static int decrypt = 0; 724 static int EVP_Update_loop(void *args) 725 { 726 loopargs_t *tempargs = *(loopargs_t **) args; 727 unsigned char *buf = tempargs->buf; 728 EVP_CIPHER_CTX *ctx = tempargs->ctx; 729 int outl, count, rc; 730 731 if (decrypt) { 732 for (count = 0; COND(c[D_EVP][testnum]); count++) { 733 rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]); 734 if (rc != 1) { 735 /* reset iv in case of counter overflow */ 736 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1); 737 } 738 } 739 } else { 740 for (count = 0; COND(c[D_EVP][testnum]); count++) { 741 rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]); 742 if (rc != 1) { 743 /* reset iv in case of counter overflow */ 744 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1); 745 } 746 } 747 } 748 if (decrypt) 749 EVP_DecryptFinal_ex(ctx, buf, &outl); 750 else 751 EVP_EncryptFinal_ex(ctx, buf, &outl); 752 return count; 753 } 754 755 /* 756 * CCM does not support streaming. For the purpose of performance measurement, 757 * each message is encrypted using the same (key,iv)-pair. Do not use this 758 * code in your application. 759 */ 760 static int EVP_Update_loop_ccm(void *args) 761 { 762 loopargs_t *tempargs = *(loopargs_t **) args; 763 unsigned char *buf = tempargs->buf; 764 EVP_CIPHER_CTX *ctx = tempargs->ctx; 765 int outl, count; 766 unsigned char tag[12]; 767 768 if (decrypt) { 769 for (count = 0; COND(c[D_EVP][testnum]); count++) { 770 (void)EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), 771 tag); 772 /* reset iv */ 773 (void)EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv); 774 /* counter is reset on every update */ 775 (void)EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]); 776 } 777 } else { 778 for (count = 0; COND(c[D_EVP][testnum]); count++) { 779 /* restore iv length field */ 780 (void)EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]); 781 /* counter is reset on every update */ 782 (void)EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]); 783 } 784 } 785 if (decrypt) 786 (void)EVP_DecryptFinal_ex(ctx, buf, &outl); 787 else 788 (void)EVP_EncryptFinal_ex(ctx, buf, &outl); 789 return count; 790 } 791 792 /* 793 * To make AEAD benchmarking more relevant perform TLS-like operations, 794 * 13-byte AAD followed by payload. But don't use TLS-formatted AAD, as 795 * payload length is not actually limited by 16KB... 796 */ 797 static int EVP_Update_loop_aead(void *args) 798 { 799 loopargs_t *tempargs = *(loopargs_t **) args; 800 unsigned char *buf = tempargs->buf; 801 EVP_CIPHER_CTX *ctx = tempargs->ctx; 802 int outl, count; 803 unsigned char aad[13] = { 0xcc }; 804 unsigned char faketag[16] = { 0xcc }; 805 806 if (decrypt) { 807 for (count = 0; COND(c[D_EVP][testnum]); count++) { 808 (void)EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv); 809 (void)EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 810 sizeof(faketag), faketag); 811 (void)EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad)); 812 (void)EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]); 813 (void)EVP_DecryptFinal_ex(ctx, buf + outl, &outl); 814 } 815 } else { 816 for (count = 0; COND(c[D_EVP][testnum]); count++) { 817 (void)EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv); 818 (void)EVP_EncryptUpdate(ctx, NULL, &outl, aad, sizeof(aad)); 819 (void)EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]); 820 (void)EVP_EncryptFinal_ex(ctx, buf + outl, &outl); 821 } 822 } 823 return count; 824 } 825 826 static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */ 827 828 static int RSA_sign_loop(void *args) 829 { 830 loopargs_t *tempargs = *(loopargs_t **) args; 831 unsigned char *buf = tempargs->buf; 832 unsigned char *buf2 = tempargs->buf2; 833 size_t *rsa_num = &tempargs->sigsize; 834 EVP_PKEY_CTX **rsa_sign_ctx = tempargs->rsa_sign_ctx; 835 int ret, count; 836 837 for (count = 0; COND(rsa_c[testnum][0]); count++) { 838 *rsa_num = tempargs->buflen; 839 ret = EVP_PKEY_sign(rsa_sign_ctx[testnum], buf2, rsa_num, buf, 36); 840 if (ret <= 0) { 841 BIO_printf(bio_err, "RSA sign failure\n"); 842 ERR_print_errors(bio_err); 843 count = -1; 844 break; 845 } 846 } 847 return count; 848 } 849 850 static int RSA_verify_loop(void *args) 851 { 852 loopargs_t *tempargs = *(loopargs_t **) args; 853 unsigned char *buf = tempargs->buf; 854 unsigned char *buf2 = tempargs->buf2; 855 size_t rsa_num = tempargs->sigsize; 856 EVP_PKEY_CTX **rsa_verify_ctx = tempargs->rsa_verify_ctx; 857 int ret, count; 858 859 for (count = 0; COND(rsa_c[testnum][1]); count++) { 860 ret = EVP_PKEY_verify(rsa_verify_ctx[testnum], buf2, rsa_num, buf, 36); 861 if (ret <= 0) { 862 BIO_printf(bio_err, "RSA verify failure\n"); 863 ERR_print_errors(bio_err); 864 count = -1; 865 break; 866 } 867 } 868 return count; 869 } 870 871 #ifndef OPENSSL_NO_DH 872 static long ffdh_c[FFDH_NUM][1]; 873 874 static int FFDH_derive_key_loop(void *args) 875 { 876 loopargs_t *tempargs = *(loopargs_t **) args; 877 EVP_PKEY_CTX *ffdh_ctx = tempargs->ffdh_ctx[testnum]; 878 unsigned char *derived_secret = tempargs->secret_ff_a; 879 int count; 880 881 for (count = 0; COND(ffdh_c[testnum][0]); count++) { 882 /* outlen can be overwritten with a too small value (no padding used) */ 883 size_t outlen = MAX_FFDH_SIZE; 884 885 EVP_PKEY_derive(ffdh_ctx, derived_secret, &outlen); 886 } 887 return count; 888 } 889 #endif /* OPENSSL_NO_DH */ 890 891 static long dsa_c[DSA_NUM][2]; 892 static int DSA_sign_loop(void *args) 893 { 894 loopargs_t *tempargs = *(loopargs_t **) args; 895 unsigned char *buf = tempargs->buf; 896 unsigned char *buf2 = tempargs->buf2; 897 size_t *dsa_num = &tempargs->sigsize; 898 EVP_PKEY_CTX **dsa_sign_ctx = tempargs->dsa_sign_ctx; 899 int ret, count; 900 901 for (count = 0; COND(dsa_c[testnum][0]); count++) { 902 *dsa_num = tempargs->buflen; 903 ret = EVP_PKEY_sign(dsa_sign_ctx[testnum], buf2, dsa_num, buf, 20); 904 if (ret <= 0) { 905 BIO_printf(bio_err, "DSA sign failure\n"); 906 ERR_print_errors(bio_err); 907 count = -1; 908 break; 909 } 910 } 911 return count; 912 } 913 914 static int DSA_verify_loop(void *args) 915 { 916 loopargs_t *tempargs = *(loopargs_t **) args; 917 unsigned char *buf = tempargs->buf; 918 unsigned char *buf2 = tempargs->buf2; 919 size_t dsa_num = tempargs->sigsize; 920 EVP_PKEY_CTX **dsa_verify_ctx = tempargs->dsa_verify_ctx; 921 int ret, count; 922 923 for (count = 0; COND(dsa_c[testnum][1]); count++) { 924 ret = EVP_PKEY_verify(dsa_verify_ctx[testnum], buf2, dsa_num, buf, 20); 925 if (ret <= 0) { 926 BIO_printf(bio_err, "DSA verify failure\n"); 927 ERR_print_errors(bio_err); 928 count = -1; 929 break; 930 } 931 } 932 return count; 933 } 934 935 static long ecdsa_c[ECDSA_NUM][2]; 936 static int ECDSA_sign_loop(void *args) 937 { 938 loopargs_t *tempargs = *(loopargs_t **) args; 939 unsigned char *buf = tempargs->buf; 940 unsigned char *buf2 = tempargs->buf2; 941 size_t *ecdsa_num = &tempargs->sigsize; 942 EVP_PKEY_CTX **ecdsa_sign_ctx = tempargs->ecdsa_sign_ctx; 943 int ret, count; 944 945 for (count = 0; COND(ecdsa_c[testnum][0]); count++) { 946 *ecdsa_num = tempargs->buflen; 947 ret = EVP_PKEY_sign(ecdsa_sign_ctx[testnum], buf2, ecdsa_num, buf, 20); 948 if (ret <= 0) { 949 BIO_printf(bio_err, "ECDSA sign failure\n"); 950 ERR_print_errors(bio_err); 951 count = -1; 952 break; 953 } 954 } 955 return count; 956 } 957 958 static int ECDSA_verify_loop(void *args) 959 { 960 loopargs_t *tempargs = *(loopargs_t **) args; 961 unsigned char *buf = tempargs->buf; 962 unsigned char *buf2 = tempargs->buf2; 963 size_t ecdsa_num = tempargs->sigsize; 964 EVP_PKEY_CTX **ecdsa_verify_ctx = tempargs->ecdsa_verify_ctx; 965 int ret, count; 966 967 for (count = 0; COND(ecdsa_c[testnum][1]); count++) { 968 ret = EVP_PKEY_verify(ecdsa_verify_ctx[testnum], buf2, ecdsa_num, 969 buf, 20); 970 if (ret <= 0) { 971 BIO_printf(bio_err, "ECDSA verify failure\n"); 972 ERR_print_errors(bio_err); 973 count = -1; 974 break; 975 } 976 } 977 return count; 978 } 979 980 /* ******************************************************************** */ 981 static long ecdh_c[EC_NUM][1]; 982 983 static int ECDH_EVP_derive_key_loop(void *args) 984 { 985 loopargs_t *tempargs = *(loopargs_t **) args; 986 EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum]; 987 unsigned char *derived_secret = tempargs->secret_a; 988 int count; 989 size_t *outlen = &(tempargs->outlen[testnum]); 990 991 for (count = 0; COND(ecdh_c[testnum][0]); count++) 992 EVP_PKEY_derive(ctx, derived_secret, outlen); 993 994 return count; 995 } 996 997 static long eddsa_c[EdDSA_NUM][2]; 998 static int EdDSA_sign_loop(void *args) 999 { 1000 loopargs_t *tempargs = *(loopargs_t **) args; 1001 unsigned char *buf = tempargs->buf; 1002 EVP_MD_CTX **edctx = tempargs->eddsa_ctx; 1003 unsigned char *eddsasig = tempargs->buf2; 1004 size_t *eddsasigsize = &tempargs->sigsize; 1005 int ret, count; 1006 1007 for (count = 0; COND(eddsa_c[testnum][0]); count++) { 1008 ret = EVP_DigestSignInit(edctx[testnum], NULL, NULL, NULL, NULL); 1009 if (ret == 0) { 1010 BIO_printf(bio_err, "EdDSA sign init failure\n"); 1011 ERR_print_errors(bio_err); 1012 count = -1; 1013 break; 1014 } 1015 ret = EVP_DigestSign(edctx[testnum], eddsasig, eddsasigsize, buf, 20); 1016 if (ret == 0) { 1017 BIO_printf(bio_err, "EdDSA sign failure\n"); 1018 ERR_print_errors(bio_err); 1019 count = -1; 1020 break; 1021 } 1022 } 1023 return count; 1024 } 1025 1026 static int EdDSA_verify_loop(void *args) 1027 { 1028 loopargs_t *tempargs = *(loopargs_t **) args; 1029 unsigned char *buf = tempargs->buf; 1030 EVP_MD_CTX **edctx = tempargs->eddsa_ctx2; 1031 unsigned char *eddsasig = tempargs->buf2; 1032 size_t eddsasigsize = tempargs->sigsize; 1033 int ret, count; 1034 1035 for (count = 0; COND(eddsa_c[testnum][1]); count++) { 1036 ret = EVP_DigestVerifyInit(edctx[testnum], NULL, NULL, NULL, NULL); 1037 if (ret == 0) { 1038 BIO_printf(bio_err, "EdDSA verify init failure\n"); 1039 ERR_print_errors(bio_err); 1040 count = -1; 1041 break; 1042 } 1043 ret = EVP_DigestVerify(edctx[testnum], eddsasig, eddsasigsize, buf, 20); 1044 if (ret != 1) { 1045 BIO_printf(bio_err, "EdDSA verify failure\n"); 1046 ERR_print_errors(bio_err); 1047 count = -1; 1048 break; 1049 } 1050 } 1051 return count; 1052 } 1053 1054 #ifndef OPENSSL_NO_SM2 1055 static long sm2_c[SM2_NUM][2]; 1056 static int SM2_sign_loop(void *args) 1057 { 1058 loopargs_t *tempargs = *(loopargs_t **) args; 1059 unsigned char *buf = tempargs->buf; 1060 EVP_MD_CTX **sm2ctx = tempargs->sm2_ctx; 1061 unsigned char *sm2sig = tempargs->buf2; 1062 size_t sm2sigsize; 1063 int ret, count; 1064 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey; 1065 const size_t max_size = EVP_PKEY_get_size(sm2_pkey[testnum]); 1066 1067 for (count = 0; COND(sm2_c[testnum][0]); count++) { 1068 sm2sigsize = max_size; 1069 1070 if (!EVP_DigestSignInit(sm2ctx[testnum], NULL, EVP_sm3(), 1071 NULL, sm2_pkey[testnum])) { 1072 BIO_printf(bio_err, "SM2 init sign failure\n"); 1073 ERR_print_errors(bio_err); 1074 count = -1; 1075 break; 1076 } 1077 ret = EVP_DigestSign(sm2ctx[testnum], sm2sig, &sm2sigsize, 1078 buf, 20); 1079 if (ret == 0) { 1080 BIO_printf(bio_err, "SM2 sign failure\n"); 1081 ERR_print_errors(bio_err); 1082 count = -1; 1083 break; 1084 } 1085 /* update the latest returned size and always use the fixed buffer size */ 1086 tempargs->sigsize = sm2sigsize; 1087 } 1088 1089 return count; 1090 } 1091 1092 static int SM2_verify_loop(void *args) 1093 { 1094 loopargs_t *tempargs = *(loopargs_t **) args; 1095 unsigned char *buf = tempargs->buf; 1096 EVP_MD_CTX **sm2ctx = tempargs->sm2_vfy_ctx; 1097 unsigned char *sm2sig = tempargs->buf2; 1098 size_t sm2sigsize = tempargs->sigsize; 1099 int ret, count; 1100 EVP_PKEY **sm2_pkey = tempargs->sm2_pkey; 1101 1102 for (count = 0; COND(sm2_c[testnum][1]); count++) { 1103 if (!EVP_DigestVerifyInit(sm2ctx[testnum], NULL, EVP_sm3(), 1104 NULL, sm2_pkey[testnum])) { 1105 BIO_printf(bio_err, "SM2 verify init failure\n"); 1106 ERR_print_errors(bio_err); 1107 count = -1; 1108 break; 1109 } 1110 ret = EVP_DigestVerify(sm2ctx[testnum], sm2sig, sm2sigsize, 1111 buf, 20); 1112 if (ret != 1) { 1113 BIO_printf(bio_err, "SM2 verify failure\n"); 1114 ERR_print_errors(bio_err); 1115 count = -1; 1116 break; 1117 } 1118 } 1119 return count; 1120 } 1121 #endif /* OPENSSL_NO_SM2 */ 1122 1123 static int run_benchmark(int async_jobs, 1124 int (*loop_function) (void *), loopargs_t * loopargs) 1125 { 1126 int job_op_count = 0; 1127 int total_op_count = 0; 1128 int num_inprogress = 0; 1129 int error = 0, i = 0, ret = 0; 1130 OSSL_ASYNC_FD job_fd = 0; 1131 size_t num_job_fds = 0; 1132 1133 if (async_jobs == 0) { 1134 return loop_function((void *)&loopargs); 1135 } 1136 1137 for (i = 0; i < async_jobs && !error; i++) { 1138 loopargs_t *looparg_item = loopargs + i; 1139 1140 /* Copy pointer content (looparg_t item address) into async context */ 1141 ret = ASYNC_start_job(&loopargs[i].inprogress_job, loopargs[i].wait_ctx, 1142 &job_op_count, loop_function, 1143 (void *)&looparg_item, sizeof(looparg_item)); 1144 switch (ret) { 1145 case ASYNC_PAUSE: 1146 ++num_inprogress; 1147 break; 1148 case ASYNC_FINISH: 1149 if (job_op_count == -1) { 1150 error = 1; 1151 } else { 1152 total_op_count += job_op_count; 1153 } 1154 break; 1155 case ASYNC_NO_JOBS: 1156 case ASYNC_ERR: 1157 BIO_printf(bio_err, "Failure in the job\n"); 1158 ERR_print_errors(bio_err); 1159 error = 1; 1160 break; 1161 } 1162 } 1163 1164 while (num_inprogress > 0) { 1165 #if defined(OPENSSL_SYS_WINDOWS) 1166 DWORD avail = 0; 1167 #elif defined(OPENSSL_SYS_UNIX) 1168 int select_result = 0; 1169 OSSL_ASYNC_FD max_fd = 0; 1170 fd_set waitfdset; 1171 1172 FD_ZERO(&waitfdset); 1173 1174 for (i = 0; i < async_jobs && num_inprogress > 0; i++) { 1175 if (loopargs[i].inprogress_job == NULL) 1176 continue; 1177 1178 if (!ASYNC_WAIT_CTX_get_all_fds 1179 (loopargs[i].wait_ctx, NULL, &num_job_fds) 1180 || num_job_fds > 1) { 1181 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n"); 1182 ERR_print_errors(bio_err); 1183 error = 1; 1184 break; 1185 } 1186 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd, 1187 &num_job_fds); 1188 FD_SET(job_fd, &waitfdset); 1189 if (job_fd > max_fd) 1190 max_fd = job_fd; 1191 } 1192 1193 if (max_fd >= (OSSL_ASYNC_FD)FD_SETSIZE) { 1194 BIO_printf(bio_err, 1195 "Error: max_fd (%d) must be smaller than FD_SETSIZE (%d). " 1196 "Decrease the value of async_jobs\n", 1197 max_fd, FD_SETSIZE); 1198 ERR_print_errors(bio_err); 1199 error = 1; 1200 break; 1201 } 1202 1203 select_result = select(max_fd + 1, &waitfdset, NULL, NULL, NULL); 1204 if (select_result == -1 && errno == EINTR) 1205 continue; 1206 1207 if (select_result == -1) { 1208 BIO_printf(bio_err, "Failure in the select\n"); 1209 ERR_print_errors(bio_err); 1210 error = 1; 1211 break; 1212 } 1213 1214 if (select_result == 0) 1215 continue; 1216 #endif 1217 1218 for (i = 0; i < async_jobs; i++) { 1219 if (loopargs[i].inprogress_job == NULL) 1220 continue; 1221 1222 if (!ASYNC_WAIT_CTX_get_all_fds 1223 (loopargs[i].wait_ctx, NULL, &num_job_fds) 1224 || num_job_fds > 1) { 1225 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n"); 1226 ERR_print_errors(bio_err); 1227 error = 1; 1228 break; 1229 } 1230 ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd, 1231 &num_job_fds); 1232 1233 #if defined(OPENSSL_SYS_UNIX) 1234 if (num_job_fds == 1 && !FD_ISSET(job_fd, &waitfdset)) 1235 continue; 1236 #elif defined(OPENSSL_SYS_WINDOWS) 1237 if (num_job_fds == 1 1238 && !PeekNamedPipe(job_fd, NULL, 0, NULL, &avail, NULL) 1239 && avail > 0) 1240 continue; 1241 #endif 1242 1243 ret = ASYNC_start_job(&loopargs[i].inprogress_job, 1244 loopargs[i].wait_ctx, &job_op_count, 1245 loop_function, (void *)(loopargs + i), 1246 sizeof(loopargs_t)); 1247 switch (ret) { 1248 case ASYNC_PAUSE: 1249 break; 1250 case ASYNC_FINISH: 1251 if (job_op_count == -1) { 1252 error = 1; 1253 } else { 1254 total_op_count += job_op_count; 1255 } 1256 --num_inprogress; 1257 loopargs[i].inprogress_job = NULL; 1258 break; 1259 case ASYNC_NO_JOBS: 1260 case ASYNC_ERR: 1261 --num_inprogress; 1262 loopargs[i].inprogress_job = NULL; 1263 BIO_printf(bio_err, "Failure in the job\n"); 1264 ERR_print_errors(bio_err); 1265 error = 1; 1266 break; 1267 } 1268 } 1269 } 1270 1271 return error ? -1 : total_op_count; 1272 } 1273 1274 typedef struct ec_curve_st { 1275 const char *name; 1276 unsigned int nid; 1277 unsigned int bits; 1278 size_t sigsize; /* only used for EdDSA curves */ 1279 } EC_CURVE; 1280 1281 static EVP_PKEY *get_ecdsa(const EC_CURVE *curve) 1282 { 1283 EVP_PKEY_CTX *kctx = NULL; 1284 EVP_PKEY *key = NULL; 1285 1286 /* Ensure that the error queue is empty */ 1287 if (ERR_peek_error()) { 1288 BIO_printf(bio_err, 1289 "WARNING: the error queue contains previous unhandled errors.\n"); 1290 ERR_print_errors(bio_err); 1291 } 1292 1293 /* 1294 * Let's try to create a ctx directly from the NID: this works for 1295 * curves like Curve25519 that are not implemented through the low 1296 * level EC interface. 1297 * If this fails we try creating a EVP_PKEY_EC generic param ctx, 1298 * then we set the curve by NID before deriving the actual keygen 1299 * ctx for that specific curve. 1300 */ 1301 kctx = EVP_PKEY_CTX_new_id(curve->nid, NULL); 1302 if (kctx == NULL) { 1303 EVP_PKEY_CTX *pctx = NULL; 1304 EVP_PKEY *params = NULL; 1305 /* 1306 * If we reach this code EVP_PKEY_CTX_new_id() failed and a 1307 * "int_ctx_new:unsupported algorithm" error was added to the 1308 * error queue. 1309 * We remove it from the error queue as we are handling it. 1310 */ 1311 unsigned long error = ERR_peek_error(); 1312 1313 if (error == ERR_peek_last_error() /* oldest and latest errors match */ 1314 /* check that the error origin matches */ 1315 && ERR_GET_LIB(error) == ERR_LIB_EVP 1316 && (ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM 1317 || ERR_GET_REASON(error) == ERR_R_UNSUPPORTED)) 1318 ERR_get_error(); /* pop error from queue */ 1319 if (ERR_peek_error()) { 1320 BIO_printf(bio_err, 1321 "Unhandled error in the error queue during EC key setup.\n"); 1322 ERR_print_errors(bio_err); 1323 return NULL; 1324 } 1325 1326 /* Create the context for parameter generation */ 1327 if ((pctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL)) == NULL 1328 || EVP_PKEY_paramgen_init(pctx) <= 0 1329 || EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, 1330 curve->nid) <= 0 1331 || EVP_PKEY_paramgen(pctx, ¶ms) <= 0) { 1332 BIO_printf(bio_err, "EC params init failure.\n"); 1333 ERR_print_errors(bio_err); 1334 EVP_PKEY_CTX_free(pctx); 1335 return NULL; 1336 } 1337 EVP_PKEY_CTX_free(pctx); 1338 1339 /* Create the context for the key generation */ 1340 kctx = EVP_PKEY_CTX_new(params, NULL); 1341 EVP_PKEY_free(params); 1342 } 1343 if (kctx == NULL 1344 || EVP_PKEY_keygen_init(kctx) <= 0 1345 || EVP_PKEY_keygen(kctx, &key) <= 0) { 1346 BIO_printf(bio_err, "EC key generation failure.\n"); 1347 ERR_print_errors(bio_err); 1348 key = NULL; 1349 } 1350 EVP_PKEY_CTX_free(kctx); 1351 return key; 1352 } 1353 1354 #define stop_it(do_it, test_num)\ 1355 memset(do_it + test_num, 0, OSSL_NELEM(do_it) - test_num); 1356 1357 int speed_main(int argc, char **argv) 1358 { 1359 ENGINE *e = NULL; 1360 loopargs_t *loopargs = NULL; 1361 const char *prog; 1362 const char *engine_id = NULL; 1363 EVP_CIPHER *evp_cipher = NULL; 1364 EVP_MAC *mac = NULL; 1365 double d = 0.0; 1366 OPTION_CHOICE o; 1367 int async_init = 0, multiblock = 0, pr_header = 0; 1368 uint8_t doit[ALGOR_NUM] = { 0 }; 1369 int ret = 1, misalign = 0, lengths_single = 0, aead = 0; 1370 long count = 0; 1371 unsigned int size_num = SIZE_NUM; 1372 unsigned int i, k, loopargs_len = 0, async_jobs = 0; 1373 int keylen; 1374 int buflen; 1375 BIGNUM *bn = NULL; 1376 EVP_PKEY_CTX *genctx = NULL; 1377 #ifndef NO_FORK 1378 int multi = 0; 1379 #endif 1380 long op_count = 1; 1381 openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS, 1382 ECDSA_SECONDS, ECDH_SECONDS, 1383 EdDSA_SECONDS, SM2_SECONDS, 1384 FFDH_SECONDS }; 1385 1386 static const unsigned char key32[32] = { 1387 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 1388 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 1389 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 1390 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56 1391 }; 1392 static const unsigned char deskey[] = { 1393 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, /* key1 */ 1394 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, /* key2 */ 1395 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34 /* key3 */ 1396 }; 1397 static const struct { 1398 const unsigned char *data; 1399 unsigned int length; 1400 unsigned int bits; 1401 } rsa_keys[] = { 1402 { test512, sizeof(test512), 512 }, 1403 { test1024, sizeof(test1024), 1024 }, 1404 { test2048, sizeof(test2048), 2048 }, 1405 { test3072, sizeof(test3072), 3072 }, 1406 { test4096, sizeof(test4096), 4096 }, 1407 { test7680, sizeof(test7680), 7680 }, 1408 { test15360, sizeof(test15360), 15360 } 1409 }; 1410 uint8_t rsa_doit[RSA_NUM] = { 0 }; 1411 int primes = RSA_DEFAULT_PRIME_NUM; 1412 #ifndef OPENSSL_NO_DH 1413 typedef struct ffdh_params_st { 1414 const char *name; 1415 unsigned int nid; 1416 unsigned int bits; 1417 } FFDH_PARAMS; 1418 1419 static const FFDH_PARAMS ffdh_params[FFDH_NUM] = { 1420 {"ffdh2048", NID_ffdhe2048, 2048}, 1421 {"ffdh3072", NID_ffdhe3072, 3072}, 1422 {"ffdh4096", NID_ffdhe4096, 4096}, 1423 {"ffdh6144", NID_ffdhe6144, 6144}, 1424 {"ffdh8192", NID_ffdhe8192, 8192} 1425 }; 1426 uint8_t ffdh_doit[FFDH_NUM] = { 0 }; 1427 1428 #endif /* OPENSSL_NO_DH */ 1429 static const unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 }; 1430 uint8_t dsa_doit[DSA_NUM] = { 0 }; 1431 /* 1432 * We only test over the following curves as they are representative, To 1433 * add tests over more curves, simply add the curve NID and curve name to 1434 * the following arrays and increase the |ecdh_choices| and |ecdsa_choices| 1435 * lists accordingly. 1436 */ 1437 static const EC_CURVE ec_curves[EC_NUM] = { 1438 /* Prime Curves */ 1439 {"secp160r1", NID_secp160r1, 160}, 1440 {"nistp192", NID_X9_62_prime192v1, 192}, 1441 {"nistp224", NID_secp224r1, 224}, 1442 {"nistp256", NID_X9_62_prime256v1, 256}, 1443 {"nistp384", NID_secp384r1, 384}, 1444 {"nistp521", NID_secp521r1, 521}, 1445 #ifndef OPENSSL_NO_EC2M 1446 /* Binary Curves */ 1447 {"nistk163", NID_sect163k1, 163}, 1448 {"nistk233", NID_sect233k1, 233}, 1449 {"nistk283", NID_sect283k1, 283}, 1450 {"nistk409", NID_sect409k1, 409}, 1451 {"nistk571", NID_sect571k1, 571}, 1452 {"nistb163", NID_sect163r2, 163}, 1453 {"nistb233", NID_sect233r1, 233}, 1454 {"nistb283", NID_sect283r1, 283}, 1455 {"nistb409", NID_sect409r1, 409}, 1456 {"nistb571", NID_sect571r1, 571}, 1457 #endif 1458 {"brainpoolP256r1", NID_brainpoolP256r1, 256}, 1459 {"brainpoolP256t1", NID_brainpoolP256t1, 256}, 1460 {"brainpoolP384r1", NID_brainpoolP384r1, 384}, 1461 {"brainpoolP384t1", NID_brainpoolP384t1, 384}, 1462 {"brainpoolP512r1", NID_brainpoolP512r1, 512}, 1463 {"brainpoolP512t1", NID_brainpoolP512t1, 512}, 1464 /* Other and ECDH only ones */ 1465 {"X25519", NID_X25519, 253}, 1466 {"X448", NID_X448, 448} 1467 }; 1468 static const EC_CURVE ed_curves[EdDSA_NUM] = { 1469 /* EdDSA */ 1470 {"Ed25519", NID_ED25519, 253, 64}, 1471 {"Ed448", NID_ED448, 456, 114} 1472 }; 1473 #ifndef OPENSSL_NO_SM2 1474 static const EC_CURVE sm2_curves[SM2_NUM] = { 1475 /* SM2 */ 1476 {"CurveSM2", NID_sm2, 256} 1477 }; 1478 uint8_t sm2_doit[SM2_NUM] = { 0 }; 1479 #endif 1480 uint8_t ecdsa_doit[ECDSA_NUM] = { 0 }; 1481 uint8_t ecdh_doit[EC_NUM] = { 0 }; 1482 uint8_t eddsa_doit[EdDSA_NUM] = { 0 }; 1483 1484 /* checks declarated curves against choices list. */ 1485 OPENSSL_assert(ed_curves[EdDSA_NUM - 1].nid == NID_ED448); 1486 OPENSSL_assert(strcmp(eddsa_choices[EdDSA_NUM - 1].name, "ed448") == 0); 1487 1488 OPENSSL_assert(ec_curves[EC_NUM - 1].nid == NID_X448); 1489 OPENSSL_assert(strcmp(ecdh_choices[EC_NUM - 1].name, "ecdhx448") == 0); 1490 1491 OPENSSL_assert(ec_curves[ECDSA_NUM - 1].nid == NID_brainpoolP512t1); 1492 OPENSSL_assert(strcmp(ecdsa_choices[ECDSA_NUM - 1].name, "ecdsabrp512t1") == 0); 1493 1494 #ifndef OPENSSL_NO_SM2 1495 OPENSSL_assert(sm2_curves[SM2_NUM - 1].nid == NID_sm2); 1496 OPENSSL_assert(strcmp(sm2_choices[SM2_NUM - 1].name, "curveSM2") == 0); 1497 #endif 1498 1499 prog = opt_init(argc, argv, speed_options); 1500 while ((o = opt_next()) != OPT_EOF) { 1501 switch (o) { 1502 case OPT_EOF: 1503 case OPT_ERR: 1504 opterr: 1505 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog); 1506 goto end; 1507 case OPT_HELP: 1508 opt_help(speed_options); 1509 ret = 0; 1510 goto end; 1511 case OPT_ELAPSED: 1512 usertime = 0; 1513 break; 1514 case OPT_EVP: 1515 if (doit[D_EVP]) { 1516 BIO_printf(bio_err, "%s: -evp option cannot be used more than once\n", prog); 1517 goto opterr; 1518 } 1519 ERR_set_mark(); 1520 if (!opt_cipher_silent(opt_arg(), &evp_cipher)) { 1521 if (have_md(opt_arg())) 1522 evp_md_name = opt_arg(); 1523 } 1524 if (evp_cipher == NULL && evp_md_name == NULL) { 1525 ERR_clear_last_mark(); 1526 BIO_printf(bio_err, 1527 "%s: %s is an unknown cipher or digest\n", 1528 prog, opt_arg()); 1529 goto end; 1530 } 1531 ERR_pop_to_mark(); 1532 doit[D_EVP] = 1; 1533 break; 1534 case OPT_HMAC: 1535 if (!have_md(opt_arg())) { 1536 BIO_printf(bio_err, "%s: %s is an unknown digest\n", 1537 prog, opt_arg()); 1538 goto end; 1539 } 1540 evp_mac_mdname = opt_arg(); 1541 doit[D_HMAC] = 1; 1542 break; 1543 case OPT_CMAC: 1544 if (!have_cipher(opt_arg())) { 1545 BIO_printf(bio_err, "%s: %s is an unknown cipher\n", 1546 prog, opt_arg()); 1547 goto end; 1548 } 1549 evp_mac_ciphername = opt_arg(); 1550 doit[D_EVP_CMAC] = 1; 1551 break; 1552 case OPT_DECRYPT: 1553 decrypt = 1; 1554 break; 1555 case OPT_ENGINE: 1556 /* 1557 * In a forked execution, an engine might need to be 1558 * initialised by each child process, not by the parent. 1559 * So store the name here and run setup_engine() later on. 1560 */ 1561 engine_id = opt_arg(); 1562 break; 1563 case OPT_MULTI: 1564 #ifndef NO_FORK 1565 multi = atoi(opt_arg()); 1566 if ((size_t)multi >= SIZE_MAX / sizeof(int)) { 1567 BIO_printf(bio_err, "%s: multi argument too large\n", prog); 1568 return 0; 1569 } 1570 #endif 1571 break; 1572 case OPT_ASYNCJOBS: 1573 #ifndef OPENSSL_NO_ASYNC 1574 async_jobs = atoi(opt_arg()); 1575 if (!ASYNC_is_capable()) { 1576 BIO_printf(bio_err, 1577 "%s: async_jobs specified but async not supported\n", 1578 prog); 1579 goto opterr; 1580 } 1581 if (async_jobs > 99999) { 1582 BIO_printf(bio_err, "%s: too many async_jobs\n", prog); 1583 goto opterr; 1584 } 1585 #endif 1586 break; 1587 case OPT_MISALIGN: 1588 misalign = opt_int_arg(); 1589 if (misalign > MISALIGN) { 1590 BIO_printf(bio_err, 1591 "%s: Maximum offset is %d\n", prog, MISALIGN); 1592 goto opterr; 1593 } 1594 break; 1595 case OPT_MR: 1596 mr = 1; 1597 break; 1598 case OPT_MB: 1599 multiblock = 1; 1600 #ifdef OPENSSL_NO_MULTIBLOCK 1601 BIO_printf(bio_err, 1602 "%s: -mb specified but multi-block support is disabled\n", 1603 prog); 1604 goto end; 1605 #endif 1606 break; 1607 case OPT_R_CASES: 1608 if (!opt_rand(o)) 1609 goto end; 1610 break; 1611 case OPT_PROV_CASES: 1612 if (!opt_provider(o)) 1613 goto end; 1614 break; 1615 case OPT_PRIMES: 1616 primes = opt_int_arg(); 1617 break; 1618 case OPT_SECONDS: 1619 seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa 1620 = seconds.ecdh = seconds.eddsa 1621 = seconds.sm2 = seconds.ffdh = atoi(opt_arg()); 1622 break; 1623 case OPT_BYTES: 1624 lengths_single = atoi(opt_arg()); 1625 lengths = &lengths_single; 1626 size_num = 1; 1627 break; 1628 case OPT_AEAD: 1629 aead = 1; 1630 break; 1631 } 1632 } 1633 1634 /* Remaining arguments are algorithms. */ 1635 argc = opt_num_rest(); 1636 argv = opt_rest(); 1637 1638 if (!app_RAND_load()) 1639 goto end; 1640 1641 for (; *argv; argv++) { 1642 const char *algo = *argv; 1643 1644 if (opt_found(algo, doit_choices, &i)) { 1645 doit[i] = 1; 1646 continue; 1647 } 1648 if (strcmp(algo, "des") == 0) { 1649 doit[D_CBC_DES] = doit[D_EDE3_DES] = 1; 1650 continue; 1651 } 1652 if (strcmp(algo, "sha") == 0) { 1653 doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1; 1654 continue; 1655 } 1656 #ifndef OPENSSL_NO_DEPRECATED_3_0 1657 if (strcmp(algo, "openssl") == 0) /* just for compatibility */ 1658 continue; 1659 #endif 1660 if (strncmp(algo, "rsa", 3) == 0) { 1661 if (algo[3] == '\0') { 1662 memset(rsa_doit, 1, sizeof(rsa_doit)); 1663 continue; 1664 } 1665 if (opt_found(algo, rsa_choices, &i)) { 1666 rsa_doit[i] = 1; 1667 continue; 1668 } 1669 } 1670 #ifndef OPENSSL_NO_DH 1671 if (strncmp(algo, "ffdh", 4) == 0) { 1672 if (algo[4] == '\0') { 1673 memset(ffdh_doit, 1, sizeof(ffdh_doit)); 1674 continue; 1675 } 1676 if (opt_found(algo, ffdh_choices, &i)) { 1677 ffdh_doit[i] = 2; 1678 continue; 1679 } 1680 } 1681 #endif 1682 if (strncmp(algo, "dsa", 3) == 0) { 1683 if (algo[3] == '\0') { 1684 memset(dsa_doit, 1, sizeof(dsa_doit)); 1685 continue; 1686 } 1687 if (opt_found(algo, dsa_choices, &i)) { 1688 dsa_doit[i] = 2; 1689 continue; 1690 } 1691 } 1692 if (strcmp(algo, "aes") == 0) { 1693 doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1; 1694 continue; 1695 } 1696 if (strcmp(algo, "camellia") == 0) { 1697 doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1; 1698 continue; 1699 } 1700 if (strncmp(algo, "ecdsa", 5) == 0) { 1701 if (algo[5] == '\0') { 1702 memset(ecdsa_doit, 1, sizeof(ecdsa_doit)); 1703 continue; 1704 } 1705 if (opt_found(algo, ecdsa_choices, &i)) { 1706 ecdsa_doit[i] = 2; 1707 continue; 1708 } 1709 } 1710 if (strncmp(algo, "ecdh", 4) == 0) { 1711 if (algo[4] == '\0') { 1712 memset(ecdh_doit, 1, sizeof(ecdh_doit)); 1713 continue; 1714 } 1715 if (opt_found(algo, ecdh_choices, &i)) { 1716 ecdh_doit[i] = 2; 1717 continue; 1718 } 1719 } 1720 if (strcmp(algo, "eddsa") == 0) { 1721 memset(eddsa_doit, 1, sizeof(eddsa_doit)); 1722 continue; 1723 } 1724 if (opt_found(algo, eddsa_choices, &i)) { 1725 eddsa_doit[i] = 2; 1726 continue; 1727 } 1728 #ifndef OPENSSL_NO_SM2 1729 if (strcmp(algo, "sm2") == 0) { 1730 memset(sm2_doit, 1, sizeof(sm2_doit)); 1731 continue; 1732 } 1733 if (opt_found(algo, sm2_choices, &i)) { 1734 sm2_doit[i] = 2; 1735 continue; 1736 } 1737 #endif 1738 BIO_printf(bio_err, "%s: Unknown algorithm %s\n", prog, algo); 1739 goto end; 1740 } 1741 1742 /* Sanity checks */ 1743 if (aead) { 1744 if (evp_cipher == NULL) { 1745 BIO_printf(bio_err, "-aead can be used only with an AEAD cipher\n"); 1746 goto end; 1747 } else if (!(EVP_CIPHER_get_flags(evp_cipher) & 1748 EVP_CIPH_FLAG_AEAD_CIPHER)) { 1749 BIO_printf(bio_err, "%s is not an AEAD cipher\n", 1750 EVP_CIPHER_get0_name(evp_cipher)); 1751 goto end; 1752 } 1753 } 1754 if (multiblock) { 1755 if (evp_cipher == NULL) { 1756 BIO_printf(bio_err, "-mb can be used only with a multi-block" 1757 " capable cipher\n"); 1758 goto end; 1759 } else if (!(EVP_CIPHER_get_flags(evp_cipher) & 1760 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) { 1761 BIO_printf(bio_err, "%s is not a multi-block capable\n", 1762 EVP_CIPHER_get0_name(evp_cipher)); 1763 goto end; 1764 } else if (async_jobs > 0) { 1765 BIO_printf(bio_err, "Async mode is not supported with -mb"); 1766 goto end; 1767 } 1768 } 1769 1770 /* Initialize the job pool if async mode is enabled */ 1771 if (async_jobs > 0) { 1772 async_init = ASYNC_init_thread(async_jobs, async_jobs); 1773 if (!async_init) { 1774 BIO_printf(bio_err, "Error creating the ASYNC job pool\n"); 1775 goto end; 1776 } 1777 } 1778 1779 loopargs_len = (async_jobs == 0 ? 1 : async_jobs); 1780 loopargs = 1781 app_malloc(loopargs_len * sizeof(loopargs_t), "array of loopargs"); 1782 memset(loopargs, 0, loopargs_len * sizeof(loopargs_t)); 1783 1784 for (i = 0; i < loopargs_len; i++) { 1785 if (async_jobs > 0) { 1786 loopargs[i].wait_ctx = ASYNC_WAIT_CTX_new(); 1787 if (loopargs[i].wait_ctx == NULL) { 1788 BIO_printf(bio_err, "Error creating the ASYNC_WAIT_CTX\n"); 1789 goto end; 1790 } 1791 } 1792 1793 buflen = lengths[size_num - 1]; 1794 if (buflen < 36) /* size of random vector in RSA benchmark */ 1795 buflen = 36; 1796 if (INT_MAX - (MAX_MISALIGNMENT + 1) < buflen) { 1797 BIO_printf(bio_err, "Error: buffer size too large\n"); 1798 goto end; 1799 } 1800 buflen += MAX_MISALIGNMENT + 1; 1801 loopargs[i].buf_malloc = app_malloc(buflen, "input buffer"); 1802 loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer"); 1803 memset(loopargs[i].buf_malloc, 0, buflen); 1804 memset(loopargs[i].buf2_malloc, 0, buflen); 1805 1806 /* Align the start of buffers on a 64 byte boundary */ 1807 loopargs[i].buf = loopargs[i].buf_malloc + misalign; 1808 loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign; 1809 loopargs[i].buflen = buflen - misalign; 1810 loopargs[i].sigsize = buflen - misalign; 1811 loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a"); 1812 loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b"); 1813 #ifndef OPENSSL_NO_DH 1814 loopargs[i].secret_ff_a = app_malloc(MAX_FFDH_SIZE, "FFDH secret a"); 1815 loopargs[i].secret_ff_b = app_malloc(MAX_FFDH_SIZE, "FFDH secret b"); 1816 #endif 1817 } 1818 1819 #ifndef NO_FORK 1820 if (multi && do_multi(multi, size_num)) 1821 goto show_res; 1822 #endif 1823 1824 /* Initialize the engine after the fork */ 1825 e = setup_engine(engine_id, 0); 1826 1827 /* No parameters; turn on everything. */ 1828 if (argc == 0 && !doit[D_EVP] && !doit[D_HMAC] && !doit[D_EVP_CMAC]) { 1829 memset(doit, 1, sizeof(doit)); 1830 doit[D_EVP] = doit[D_EVP_CMAC] = 0; 1831 ERR_set_mark(); 1832 for (i = D_MD2; i <= D_WHIRLPOOL; i++) { 1833 if (!have_md(names[i])) 1834 doit[i] = 0; 1835 } 1836 for (i = D_CBC_DES; i <= D_CBC_256_CML; i++) { 1837 if (!have_cipher(names[i])) 1838 doit[i] = 0; 1839 } 1840 if ((mac = EVP_MAC_fetch(app_get0_libctx(), "GMAC", 1841 app_get0_propq())) != NULL) { 1842 EVP_MAC_free(mac); 1843 mac = NULL; 1844 } else { 1845 doit[D_GHASH] = 0; 1846 } 1847 if ((mac = EVP_MAC_fetch(app_get0_libctx(), "HMAC", 1848 app_get0_propq())) != NULL) { 1849 EVP_MAC_free(mac); 1850 mac = NULL; 1851 } else { 1852 doit[D_HMAC] = 0; 1853 } 1854 ERR_pop_to_mark(); 1855 memset(rsa_doit, 1, sizeof(rsa_doit)); 1856 #ifndef OPENSSL_NO_DH 1857 memset(ffdh_doit, 1, sizeof(ffdh_doit)); 1858 #endif 1859 memset(dsa_doit, 1, sizeof(dsa_doit)); 1860 memset(ecdsa_doit, 1, sizeof(ecdsa_doit)); 1861 memset(ecdh_doit, 1, sizeof(ecdh_doit)); 1862 memset(eddsa_doit, 1, sizeof(eddsa_doit)); 1863 #ifndef OPENSSL_NO_SM2 1864 memset(sm2_doit, 1, sizeof(sm2_doit)); 1865 #endif 1866 } 1867 for (i = 0; i < ALGOR_NUM; i++) 1868 if (doit[i]) 1869 pr_header++; 1870 1871 if (usertime == 0 && !mr) 1872 BIO_printf(bio_err, 1873 "You have chosen to measure elapsed time " 1874 "instead of user CPU time.\n"); 1875 1876 #if SIGALRM > 0 1877 signal(SIGALRM, alarmed); 1878 #endif 1879 1880 if (doit[D_MD2]) { 1881 for (testnum = 0; testnum < size_num; testnum++) { 1882 print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum], 1883 seconds.sym); 1884 Time_F(START); 1885 count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs); 1886 d = Time_F(STOP); 1887 print_result(D_MD2, testnum, count, d); 1888 if (count < 0) 1889 break; 1890 } 1891 } 1892 1893 if (doit[D_MDC2]) { 1894 for (testnum = 0; testnum < size_num; testnum++) { 1895 print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum], 1896 seconds.sym); 1897 Time_F(START); 1898 count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs); 1899 d = Time_F(STOP); 1900 print_result(D_MDC2, testnum, count, d); 1901 if (count < 0) 1902 break; 1903 } 1904 } 1905 1906 if (doit[D_MD4]) { 1907 for (testnum = 0; testnum < size_num; testnum++) { 1908 print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum], 1909 seconds.sym); 1910 Time_F(START); 1911 count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs); 1912 d = Time_F(STOP); 1913 print_result(D_MD4, testnum, count, d); 1914 if (count < 0) 1915 break; 1916 } 1917 } 1918 1919 if (doit[D_MD5]) { 1920 for (testnum = 0; testnum < size_num; testnum++) { 1921 print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum], 1922 seconds.sym); 1923 Time_F(START); 1924 count = run_benchmark(async_jobs, MD5_loop, loopargs); 1925 d = Time_F(STOP); 1926 print_result(D_MD5, testnum, count, d); 1927 if (count < 0) 1928 break; 1929 } 1930 } 1931 1932 if (doit[D_SHA1]) { 1933 for (testnum = 0; testnum < size_num; testnum++) { 1934 print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum], 1935 seconds.sym); 1936 Time_F(START); 1937 count = run_benchmark(async_jobs, SHA1_loop, loopargs); 1938 d = Time_F(STOP); 1939 print_result(D_SHA1, testnum, count, d); 1940 if (count < 0) 1941 break; 1942 } 1943 } 1944 1945 if (doit[D_SHA256]) { 1946 for (testnum = 0; testnum < size_num; testnum++) { 1947 print_message(names[D_SHA256], c[D_SHA256][testnum], 1948 lengths[testnum], seconds.sym); 1949 Time_F(START); 1950 count = run_benchmark(async_jobs, SHA256_loop, loopargs); 1951 d = Time_F(STOP); 1952 print_result(D_SHA256, testnum, count, d); 1953 if (count < 0) 1954 break; 1955 } 1956 } 1957 1958 if (doit[D_SHA512]) { 1959 for (testnum = 0; testnum < size_num; testnum++) { 1960 print_message(names[D_SHA512], c[D_SHA512][testnum], 1961 lengths[testnum], seconds.sym); 1962 Time_F(START); 1963 count = run_benchmark(async_jobs, SHA512_loop, loopargs); 1964 d = Time_F(STOP); 1965 print_result(D_SHA512, testnum, count, d); 1966 if (count < 0) 1967 break; 1968 } 1969 } 1970 1971 if (doit[D_WHIRLPOOL]) { 1972 for (testnum = 0; testnum < size_num; testnum++) { 1973 print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][testnum], 1974 lengths[testnum], seconds.sym); 1975 Time_F(START); 1976 count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs); 1977 d = Time_F(STOP); 1978 print_result(D_WHIRLPOOL, testnum, count, d); 1979 if (count < 0) 1980 break; 1981 } 1982 } 1983 1984 if (doit[D_RMD160]) { 1985 for (testnum = 0; testnum < size_num; testnum++) { 1986 print_message(names[D_RMD160], c[D_RMD160][testnum], 1987 lengths[testnum], seconds.sym); 1988 Time_F(START); 1989 count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs); 1990 d = Time_F(STOP); 1991 print_result(D_RMD160, testnum, count, d); 1992 if (count < 0) 1993 break; 1994 } 1995 } 1996 1997 if (doit[D_HMAC]) { 1998 static const char hmac_key[] = "This is a key..."; 1999 int len = strlen(hmac_key); 2000 OSSL_PARAM params[3]; 2001 2002 mac = EVP_MAC_fetch(app_get0_libctx(), "HMAC", app_get0_propq()); 2003 if (mac == NULL || evp_mac_mdname == NULL) 2004 goto end; 2005 2006 evp_hmac_name = app_malloc(sizeof("hmac()") + strlen(evp_mac_mdname), 2007 "HMAC name"); 2008 sprintf(evp_hmac_name, "hmac(%s)", evp_mac_mdname); 2009 names[D_HMAC] = evp_hmac_name; 2010 2011 params[0] = 2012 OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, 2013 evp_mac_mdname, 0); 2014 params[1] = 2015 OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, 2016 (char *)hmac_key, len); 2017 params[2] = OSSL_PARAM_construct_end(); 2018 2019 for (i = 0; i < loopargs_len; i++) { 2020 loopargs[i].mctx = EVP_MAC_CTX_new(mac); 2021 if (loopargs[i].mctx == NULL) 2022 goto end; 2023 2024 if (!EVP_MAC_CTX_set_params(loopargs[i].mctx, params)) 2025 goto skip_hmac; /* Digest not found */ 2026 } 2027 for (testnum = 0; testnum < size_num; testnum++) { 2028 print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum], 2029 seconds.sym); 2030 Time_F(START); 2031 count = run_benchmark(async_jobs, HMAC_loop, loopargs); 2032 d = Time_F(STOP); 2033 print_result(D_HMAC, testnum, count, d); 2034 if (count < 0) 2035 break; 2036 } 2037 for (i = 0; i < loopargs_len; i++) 2038 EVP_MAC_CTX_free(loopargs[i].mctx); 2039 EVP_MAC_free(mac); 2040 mac = NULL; 2041 } 2042 skip_hmac: 2043 if (doit[D_CBC_DES]) { 2044 int st = 1; 2045 2046 for (i = 0; st && i < loopargs_len; i++) { 2047 loopargs[i].ctx = init_evp_cipher_ctx("des-cbc", deskey, 2048 sizeof(deskey) / 3); 2049 st = loopargs[i].ctx != NULL; 2050 } 2051 algindex = D_CBC_DES; 2052 for (testnum = 0; st && testnum < size_num; testnum++) { 2053 print_message(names[D_CBC_DES], c[D_CBC_DES][testnum], 2054 lengths[testnum], seconds.sym); 2055 Time_F(START); 2056 count = run_benchmark(async_jobs, EVP_Cipher_loop, loopargs); 2057 d = Time_F(STOP); 2058 print_result(D_CBC_DES, testnum, count, d); 2059 } 2060 for (i = 0; i < loopargs_len; i++) 2061 EVP_CIPHER_CTX_free(loopargs[i].ctx); 2062 } 2063 2064 if (doit[D_EDE3_DES]) { 2065 int st = 1; 2066 2067 for (i = 0; st && i < loopargs_len; i++) { 2068 loopargs[i].ctx = init_evp_cipher_ctx("des-ede3-cbc", deskey, 2069 sizeof(deskey)); 2070 st = loopargs[i].ctx != NULL; 2071 } 2072 algindex = D_EDE3_DES; 2073 for (testnum = 0; st && testnum < size_num; testnum++) { 2074 print_message(names[D_EDE3_DES], c[D_EDE3_DES][testnum], 2075 lengths[testnum], seconds.sym); 2076 Time_F(START); 2077 count = 2078 run_benchmark(async_jobs, EVP_Cipher_loop, loopargs); 2079 d = Time_F(STOP); 2080 print_result(D_EDE3_DES, testnum, count, d); 2081 } 2082 for (i = 0; i < loopargs_len; i++) 2083 EVP_CIPHER_CTX_free(loopargs[i].ctx); 2084 } 2085 2086 for (k = 0; k < 3; k++) { 2087 algindex = D_CBC_128_AES + k; 2088 if (doit[algindex]) { 2089 int st = 1; 2090 2091 keylen = 16 + k * 8; 2092 for (i = 0; st && i < loopargs_len; i++) { 2093 loopargs[i].ctx = init_evp_cipher_ctx(names[algindex], 2094 key32, keylen); 2095 st = loopargs[i].ctx != NULL; 2096 } 2097 2098 for (testnum = 0; st && testnum < size_num; testnum++) { 2099 print_message(names[algindex], c[algindex][testnum], 2100 lengths[testnum], seconds.sym); 2101 Time_F(START); 2102 count = 2103 run_benchmark(async_jobs, EVP_Cipher_loop, loopargs); 2104 d = Time_F(STOP); 2105 print_result(algindex, testnum, count, d); 2106 } 2107 for (i = 0; i < loopargs_len; i++) 2108 EVP_CIPHER_CTX_free(loopargs[i].ctx); 2109 } 2110 } 2111 2112 for (k = 0; k < 3; k++) { 2113 algindex = D_CBC_128_CML + k; 2114 if (doit[algindex]) { 2115 int st = 1; 2116 2117 keylen = 16 + k * 8; 2118 for (i = 0; st && i < loopargs_len; i++) { 2119 loopargs[i].ctx = init_evp_cipher_ctx(names[algindex], 2120 key32, keylen); 2121 st = loopargs[i].ctx != NULL; 2122 } 2123 2124 for (testnum = 0; st && testnum < size_num; testnum++) { 2125 print_message(names[algindex], c[algindex][testnum], 2126 lengths[testnum], seconds.sym); 2127 Time_F(START); 2128 count = 2129 run_benchmark(async_jobs, EVP_Cipher_loop, loopargs); 2130 d = Time_F(STOP); 2131 print_result(algindex, testnum, count, d); 2132 } 2133 for (i = 0; i < loopargs_len; i++) 2134 EVP_CIPHER_CTX_free(loopargs[i].ctx); 2135 } 2136 } 2137 2138 for (algindex = D_RC4; algindex <= D_CBC_CAST; algindex++) { 2139 if (doit[algindex]) { 2140 int st = 1; 2141 2142 keylen = 16; 2143 for (i = 0; st && i < loopargs_len; i++) { 2144 loopargs[i].ctx = init_evp_cipher_ctx(names[algindex], 2145 key32, keylen); 2146 st = loopargs[i].ctx != NULL; 2147 } 2148 2149 for (testnum = 0; st && testnum < size_num; testnum++) { 2150 print_message(names[algindex], c[algindex][testnum], 2151 lengths[testnum], seconds.sym); 2152 Time_F(START); 2153 count = 2154 run_benchmark(async_jobs, EVP_Cipher_loop, loopargs); 2155 d = Time_F(STOP); 2156 print_result(algindex, testnum, count, d); 2157 } 2158 for (i = 0; i < loopargs_len; i++) 2159 EVP_CIPHER_CTX_free(loopargs[i].ctx); 2160 } 2161 } 2162 if (doit[D_GHASH]) { 2163 static const char gmac_iv[] = "0123456789ab"; 2164 OSSL_PARAM params[3]; 2165 2166 mac = EVP_MAC_fetch(app_get0_libctx(), "GMAC", app_get0_propq()); 2167 if (mac == NULL) 2168 goto end; 2169 2170 params[0] = OSSL_PARAM_construct_utf8_string(OSSL_ALG_PARAM_CIPHER, 2171 "aes-128-gcm", 0); 2172 params[1] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_IV, 2173 (char *)gmac_iv, 2174 sizeof(gmac_iv) - 1); 2175 params[2] = OSSL_PARAM_construct_end(); 2176 2177 for (i = 0; i < loopargs_len; i++) { 2178 loopargs[i].mctx = EVP_MAC_CTX_new(mac); 2179 if (loopargs[i].mctx == NULL) 2180 goto end; 2181 2182 if (!EVP_MAC_init(loopargs[i].mctx, key32, 16, params)) 2183 goto end; 2184 } 2185 for (testnum = 0; testnum < size_num; testnum++) { 2186 print_message(names[D_GHASH], c[D_GHASH][testnum], lengths[testnum], 2187 seconds.sym); 2188 Time_F(START); 2189 count = run_benchmark(async_jobs, GHASH_loop, loopargs); 2190 d = Time_F(STOP); 2191 print_result(D_GHASH, testnum, count, d); 2192 if (count < 0) 2193 break; 2194 } 2195 for (i = 0; i < loopargs_len; i++) 2196 EVP_MAC_CTX_free(loopargs[i].mctx); 2197 EVP_MAC_free(mac); 2198 mac = NULL; 2199 } 2200 2201 if (doit[D_RAND]) { 2202 for (testnum = 0; testnum < size_num; testnum++) { 2203 print_message(names[D_RAND], c[D_RAND][testnum], lengths[testnum], 2204 seconds.sym); 2205 Time_F(START); 2206 count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs); 2207 d = Time_F(STOP); 2208 print_result(D_RAND, testnum, count, d); 2209 } 2210 } 2211 2212 if (doit[D_EVP]) { 2213 if (evp_cipher != NULL) { 2214 int (*loopfunc) (void *) = EVP_Update_loop; 2215 2216 if (multiblock && (EVP_CIPHER_get_flags(evp_cipher) & 2217 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) { 2218 multiblock_speed(evp_cipher, lengths_single, &seconds); 2219 ret = 0; 2220 goto end; 2221 } 2222 2223 names[D_EVP] = EVP_CIPHER_get0_name(evp_cipher); 2224 2225 if (EVP_CIPHER_get_mode(evp_cipher) == EVP_CIPH_CCM_MODE) { 2226 loopfunc = EVP_Update_loop_ccm; 2227 } else if (aead && (EVP_CIPHER_get_flags(evp_cipher) & 2228 EVP_CIPH_FLAG_AEAD_CIPHER)) { 2229 loopfunc = EVP_Update_loop_aead; 2230 if (lengths == lengths_list) { 2231 lengths = aead_lengths_list; 2232 size_num = OSSL_NELEM(aead_lengths_list); 2233 } 2234 } 2235 2236 for (testnum = 0; testnum < size_num; testnum++) { 2237 print_message(names[D_EVP], c[D_EVP][testnum], lengths[testnum], 2238 seconds.sym); 2239 2240 for (k = 0; k < loopargs_len; k++) { 2241 loopargs[k].ctx = EVP_CIPHER_CTX_new(); 2242 if (loopargs[k].ctx == NULL) { 2243 BIO_printf(bio_err, "\nEVP_CIPHER_CTX_new failure\n"); 2244 exit(1); 2245 } 2246 if (!EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL, 2247 NULL, iv, decrypt ? 0 : 1)) { 2248 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n"); 2249 ERR_print_errors(bio_err); 2250 exit(1); 2251 } 2252 2253 EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0); 2254 2255 keylen = EVP_CIPHER_CTX_get_key_length(loopargs[k].ctx); 2256 loopargs[k].key = app_malloc(keylen, "evp_cipher key"); 2257 EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key); 2258 if (!EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL, 2259 loopargs[k].key, NULL, -1)) { 2260 BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n"); 2261 ERR_print_errors(bio_err); 2262 exit(1); 2263 } 2264 OPENSSL_clear_free(loopargs[k].key, keylen); 2265 2266 /* SIV mode only allows for a single Update operation */ 2267 if (EVP_CIPHER_get_mode(evp_cipher) == EVP_CIPH_SIV_MODE) 2268 (void)EVP_CIPHER_CTX_ctrl(loopargs[k].ctx, 2269 EVP_CTRL_SET_SPEED, 1, NULL); 2270 } 2271 2272 Time_F(START); 2273 count = run_benchmark(async_jobs, loopfunc, loopargs); 2274 d = Time_F(STOP); 2275 for (k = 0; k < loopargs_len; k++) 2276 EVP_CIPHER_CTX_free(loopargs[k].ctx); 2277 print_result(D_EVP, testnum, count, d); 2278 } 2279 } else if (evp_md_name != NULL) { 2280 names[D_EVP] = evp_md_name; 2281 2282 for (testnum = 0; testnum < size_num; testnum++) { 2283 print_message(names[D_EVP], c[D_EVP][testnum], lengths[testnum], 2284 seconds.sym); 2285 Time_F(START); 2286 count = run_benchmark(async_jobs, EVP_Digest_md_loop, loopargs); 2287 d = Time_F(STOP); 2288 print_result(D_EVP, testnum, count, d); 2289 if (count < 0) 2290 break; 2291 } 2292 } 2293 } 2294 2295 if (doit[D_EVP_CMAC]) { 2296 OSSL_PARAM params[3]; 2297 EVP_CIPHER *cipher = NULL; 2298 2299 mac = EVP_MAC_fetch(app_get0_libctx(), "CMAC", app_get0_propq()); 2300 if (mac == NULL || evp_mac_ciphername == NULL) 2301 goto end; 2302 if (!opt_cipher(evp_mac_ciphername, &cipher)) 2303 goto end; 2304 2305 keylen = EVP_CIPHER_get_key_length(cipher); 2306 EVP_CIPHER_free(cipher); 2307 if (keylen <= 0 || keylen > (int)sizeof(key32)) { 2308 BIO_printf(bio_err, "\nRequested CMAC cipher with unsupported key length.\n"); 2309 goto end; 2310 } 2311 evp_cmac_name = app_malloc(sizeof("cmac()") 2312 + strlen(evp_mac_ciphername), "CMAC name"); 2313 sprintf(evp_cmac_name, "cmac(%s)", evp_mac_ciphername); 2314 names[D_EVP_CMAC] = evp_cmac_name; 2315 2316 params[0] = OSSL_PARAM_construct_utf8_string(OSSL_ALG_PARAM_CIPHER, 2317 evp_mac_ciphername, 0); 2318 params[1] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, 2319 (char *)key32, keylen); 2320 params[2] = OSSL_PARAM_construct_end(); 2321 2322 for (i = 0; i < loopargs_len; i++) { 2323 loopargs[i].mctx = EVP_MAC_CTX_new(mac); 2324 if (loopargs[i].mctx == NULL) 2325 goto end; 2326 2327 if (!EVP_MAC_CTX_set_params(loopargs[i].mctx, params)) 2328 goto end; 2329 } 2330 2331 for (testnum = 0; testnum < size_num; testnum++) { 2332 print_message(names[D_EVP_CMAC], c[D_EVP_CMAC][testnum], 2333 lengths[testnum], seconds.sym); 2334 Time_F(START); 2335 count = run_benchmark(async_jobs, CMAC_loop, loopargs); 2336 d = Time_F(STOP); 2337 print_result(D_EVP_CMAC, testnum, count, d); 2338 if (count < 0) 2339 break; 2340 } 2341 for (i = 0; i < loopargs_len; i++) 2342 EVP_MAC_CTX_free(loopargs[i].mctx); 2343 EVP_MAC_free(mac); 2344 mac = NULL; 2345 } 2346 2347 for (i = 0; i < loopargs_len; i++) 2348 if (RAND_bytes(loopargs[i].buf, 36) <= 0) 2349 goto end; 2350 2351 for (testnum = 0; testnum < RSA_NUM; testnum++) { 2352 EVP_PKEY *rsa_key = NULL; 2353 int st = 0; 2354 2355 if (!rsa_doit[testnum]) 2356 continue; 2357 2358 if (primes > RSA_DEFAULT_PRIME_NUM) { 2359 /* we haven't set keys yet, generate multi-prime RSA keys */ 2360 bn = BN_new(); 2361 st = bn != NULL 2362 && BN_set_word(bn, RSA_F4) 2363 && init_gen_str(&genctx, "RSA", NULL, 0, NULL, NULL) 2364 && EVP_PKEY_CTX_set_rsa_keygen_bits(genctx, rsa_keys[testnum].bits) > 0 2365 && EVP_PKEY_CTX_set1_rsa_keygen_pubexp(genctx, bn) > 0 2366 && EVP_PKEY_CTX_set_rsa_keygen_primes(genctx, primes) > 0 2367 && EVP_PKEY_keygen(genctx, &rsa_key); 2368 BN_free(bn); 2369 bn = NULL; 2370 EVP_PKEY_CTX_free(genctx); 2371 genctx = NULL; 2372 } else { 2373 const unsigned char *p = rsa_keys[testnum].data; 2374 2375 st = (rsa_key = d2i_PrivateKey(EVP_PKEY_RSA, NULL, &p, 2376 rsa_keys[testnum].length)) != NULL; 2377 } 2378 2379 for (i = 0; st && i < loopargs_len; i++) { 2380 loopargs[i].rsa_sign_ctx[testnum] = EVP_PKEY_CTX_new(rsa_key, NULL); 2381 loopargs[i].sigsize = loopargs[i].buflen; 2382 if (loopargs[i].rsa_sign_ctx[testnum] == NULL 2383 || EVP_PKEY_sign_init(loopargs[i].rsa_sign_ctx[testnum]) <= 0 2384 || EVP_PKEY_sign(loopargs[i].rsa_sign_ctx[testnum], 2385 loopargs[i].buf2, 2386 &loopargs[i].sigsize, 2387 loopargs[i].buf, 36) <= 0) 2388 st = 0; 2389 } 2390 if (!st) { 2391 BIO_printf(bio_err, 2392 "RSA sign setup failure. No RSA sign will be done.\n"); 2393 ERR_print_errors(bio_err); 2394 op_count = 1; 2395 } else { 2396 pkey_print_message("private", "rsa", 2397 rsa_c[testnum][0], rsa_keys[testnum].bits, 2398 seconds.rsa); 2399 /* RSA_blinding_on(rsa_key[testnum],NULL); */ 2400 Time_F(START); 2401 count = run_benchmark(async_jobs, RSA_sign_loop, loopargs); 2402 d = Time_F(STOP); 2403 BIO_printf(bio_err, 2404 mr ? "+R1:%ld:%d:%.2f\n" 2405 : "%ld %u bits private RSA's in %.2fs\n", 2406 count, rsa_keys[testnum].bits, d); 2407 rsa_results[testnum][0] = (double)count / d; 2408 op_count = count; 2409 } 2410 2411 for (i = 0; st && i < loopargs_len; i++) { 2412 loopargs[i].rsa_verify_ctx[testnum] = EVP_PKEY_CTX_new(rsa_key, 2413 NULL); 2414 if (loopargs[i].rsa_verify_ctx[testnum] == NULL 2415 || EVP_PKEY_verify_init(loopargs[i].rsa_verify_ctx[testnum]) <= 0 2416 || EVP_PKEY_verify(loopargs[i].rsa_verify_ctx[testnum], 2417 loopargs[i].buf2, 2418 loopargs[i].sigsize, 2419 loopargs[i].buf, 36) <= 0) 2420 st = 0; 2421 } 2422 if (!st) { 2423 BIO_printf(bio_err, 2424 "RSA verify setup failure. No RSA verify will be done.\n"); 2425 ERR_print_errors(bio_err); 2426 rsa_doit[testnum] = 0; 2427 } else { 2428 pkey_print_message("public", "rsa", 2429 rsa_c[testnum][1], rsa_keys[testnum].bits, 2430 seconds.rsa); 2431 Time_F(START); 2432 count = run_benchmark(async_jobs, RSA_verify_loop, loopargs); 2433 d = Time_F(STOP); 2434 BIO_printf(bio_err, 2435 mr ? "+R2:%ld:%d:%.2f\n" 2436 : "%ld %u bits public RSA's in %.2fs\n", 2437 count, rsa_keys[testnum].bits, d); 2438 rsa_results[testnum][1] = (double)count / d; 2439 } 2440 2441 if (op_count <= 1) { 2442 /* if longer than 10s, don't do any more */ 2443 stop_it(rsa_doit, testnum); 2444 } 2445 EVP_PKEY_free(rsa_key); 2446 } 2447 2448 for (testnum = 0; testnum < DSA_NUM; testnum++) { 2449 EVP_PKEY *dsa_key = NULL; 2450 int st; 2451 2452 if (!dsa_doit[testnum]) 2453 continue; 2454 2455 st = (dsa_key = get_dsa(dsa_bits[testnum])) != NULL; 2456 2457 for (i = 0; st && i < loopargs_len; i++) { 2458 loopargs[i].dsa_sign_ctx[testnum] = EVP_PKEY_CTX_new(dsa_key, 2459 NULL); 2460 loopargs[i].sigsize = loopargs[i].buflen; 2461 if (loopargs[i].dsa_sign_ctx[testnum] == NULL 2462 || EVP_PKEY_sign_init(loopargs[i].dsa_sign_ctx[testnum]) <= 0 2463 2464 || EVP_PKEY_sign(loopargs[i].dsa_sign_ctx[testnum], 2465 loopargs[i].buf2, 2466 &loopargs[i].sigsize, 2467 loopargs[i].buf, 20) <= 0) 2468 st = 0; 2469 } 2470 if (!st) { 2471 BIO_printf(bio_err, 2472 "DSA sign setup failure. No DSA sign will be done.\n"); 2473 ERR_print_errors(bio_err); 2474 op_count = 1; 2475 } else { 2476 pkey_print_message("sign", "dsa", 2477 dsa_c[testnum][0], dsa_bits[testnum], 2478 seconds.dsa); 2479 Time_F(START); 2480 count = run_benchmark(async_jobs, DSA_sign_loop, loopargs); 2481 d = Time_F(STOP); 2482 BIO_printf(bio_err, 2483 mr ? "+R3:%ld:%u:%.2f\n" 2484 : "%ld %u bits DSA signs in %.2fs\n", 2485 count, dsa_bits[testnum], d); 2486 dsa_results[testnum][0] = (double)count / d; 2487 op_count = count; 2488 } 2489 2490 for (i = 0; st && i < loopargs_len; i++) { 2491 loopargs[i].dsa_verify_ctx[testnum] = EVP_PKEY_CTX_new(dsa_key, 2492 NULL); 2493 if (loopargs[i].dsa_verify_ctx[testnum] == NULL 2494 || EVP_PKEY_verify_init(loopargs[i].dsa_verify_ctx[testnum]) <= 0 2495 || EVP_PKEY_verify(loopargs[i].dsa_verify_ctx[testnum], 2496 loopargs[i].buf2, 2497 loopargs[i].sigsize, 2498 loopargs[i].buf, 36) <= 0) 2499 st = 0; 2500 } 2501 if (!st) { 2502 BIO_printf(bio_err, 2503 "DSA verify setup failure. No DSA verify will be done.\n"); 2504 ERR_print_errors(bio_err); 2505 dsa_doit[testnum] = 0; 2506 } else { 2507 pkey_print_message("verify", "dsa", 2508 dsa_c[testnum][1], dsa_bits[testnum], 2509 seconds.dsa); 2510 Time_F(START); 2511 count = run_benchmark(async_jobs, DSA_verify_loop, loopargs); 2512 d = Time_F(STOP); 2513 BIO_printf(bio_err, 2514 mr ? "+R4:%ld:%u:%.2f\n" 2515 : "%ld %u bits DSA verify in %.2fs\n", 2516 count, dsa_bits[testnum], d); 2517 dsa_results[testnum][1] = (double)count / d; 2518 } 2519 2520 if (op_count <= 1) { 2521 /* if longer than 10s, don't do any more */ 2522 stop_it(dsa_doit, testnum); 2523 } 2524 EVP_PKEY_free(dsa_key); 2525 } 2526 2527 for (testnum = 0; testnum < ECDSA_NUM; testnum++) { 2528 EVP_PKEY *ecdsa_key = NULL; 2529 int st; 2530 2531 if (!ecdsa_doit[testnum]) 2532 continue; 2533 2534 st = (ecdsa_key = get_ecdsa(&ec_curves[testnum])) != NULL; 2535 2536 for (i = 0; st && i < loopargs_len; i++) { 2537 loopargs[i].ecdsa_sign_ctx[testnum] = EVP_PKEY_CTX_new(ecdsa_key, 2538 NULL); 2539 loopargs[i].sigsize = loopargs[i].buflen; 2540 if (loopargs[i].ecdsa_sign_ctx[testnum] == NULL 2541 || EVP_PKEY_sign_init(loopargs[i].ecdsa_sign_ctx[testnum]) <= 0 2542 2543 || EVP_PKEY_sign(loopargs[i].ecdsa_sign_ctx[testnum], 2544 loopargs[i].buf2, 2545 &loopargs[i].sigsize, 2546 loopargs[i].buf, 20) <= 0) 2547 st = 0; 2548 } 2549 if (!st) { 2550 BIO_printf(bio_err, 2551 "ECDSA sign setup failure. No ECDSA sign will be done.\n"); 2552 ERR_print_errors(bio_err); 2553 op_count = 1; 2554 } else { 2555 pkey_print_message("sign", "ecdsa", 2556 ecdsa_c[testnum][0], ec_curves[testnum].bits, 2557 seconds.ecdsa); 2558 Time_F(START); 2559 count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs); 2560 d = Time_F(STOP); 2561 BIO_printf(bio_err, 2562 mr ? "+R5:%ld:%u:%.2f\n" 2563 : "%ld %u bits ECDSA signs in %.2fs\n", 2564 count, ec_curves[testnum].bits, d); 2565 ecdsa_results[testnum][0] = (double)count / d; 2566 op_count = count; 2567 } 2568 2569 for (i = 0; st && i < loopargs_len; i++) { 2570 loopargs[i].ecdsa_verify_ctx[testnum] = EVP_PKEY_CTX_new(ecdsa_key, 2571 NULL); 2572 if (loopargs[i].ecdsa_verify_ctx[testnum] == NULL 2573 || EVP_PKEY_verify_init(loopargs[i].ecdsa_verify_ctx[testnum]) <= 0 2574 || EVP_PKEY_verify(loopargs[i].ecdsa_verify_ctx[testnum], 2575 loopargs[i].buf2, 2576 loopargs[i].sigsize, 2577 loopargs[i].buf, 20) <= 0) 2578 st = 0; 2579 } 2580 if (!st) { 2581 BIO_printf(bio_err, 2582 "ECDSA verify setup failure. No ECDSA verify will be done.\n"); 2583 ERR_print_errors(bio_err); 2584 ecdsa_doit[testnum] = 0; 2585 } else { 2586 pkey_print_message("verify", "ecdsa", 2587 ecdsa_c[testnum][1], ec_curves[testnum].bits, 2588 seconds.ecdsa); 2589 Time_F(START); 2590 count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs); 2591 d = Time_F(STOP); 2592 BIO_printf(bio_err, 2593 mr ? "+R6:%ld:%u:%.2f\n" 2594 : "%ld %u bits ECDSA verify in %.2fs\n", 2595 count, ec_curves[testnum].bits, d); 2596 ecdsa_results[testnum][1] = (double)count / d; 2597 } 2598 2599 if (op_count <= 1) { 2600 /* if longer than 10s, don't do any more */ 2601 stop_it(ecdsa_doit, testnum); 2602 } 2603 } 2604 2605 for (testnum = 0; testnum < EC_NUM; testnum++) { 2606 int ecdh_checks = 1; 2607 2608 if (!ecdh_doit[testnum]) 2609 continue; 2610 2611 for (i = 0; i < loopargs_len; i++) { 2612 EVP_PKEY_CTX *test_ctx = NULL; 2613 EVP_PKEY_CTX *ctx = NULL; 2614 EVP_PKEY *key_A = NULL; 2615 EVP_PKEY *key_B = NULL; 2616 size_t outlen; 2617 size_t test_outlen; 2618 2619 if ((key_A = get_ecdsa(&ec_curves[testnum])) == NULL /* generate secret key A */ 2620 || (key_B = get_ecdsa(&ec_curves[testnum])) == NULL /* generate secret key B */ 2621 || (ctx = EVP_PKEY_CTX_new(key_A, NULL)) == NULL /* derivation ctx from skeyA */ 2622 || EVP_PKEY_derive_init(ctx) <= 0 /* init derivation ctx */ 2623 || EVP_PKEY_derive_set_peer(ctx, key_B) <= 0 /* set peer pubkey in ctx */ 2624 || EVP_PKEY_derive(ctx, NULL, &outlen) <= 0 /* determine max length */ 2625 || outlen == 0 /* ensure outlen is a valid size */ 2626 || outlen > MAX_ECDH_SIZE /* avoid buffer overflow */) { 2627 ecdh_checks = 0; 2628 BIO_printf(bio_err, "ECDH key generation failure.\n"); 2629 ERR_print_errors(bio_err); 2630 op_count = 1; 2631 break; 2632 } 2633 2634 /* 2635 * Here we perform a test run, comparing the output of a*B and b*A; 2636 * we try this here and assume that further EVP_PKEY_derive calls 2637 * never fail, so we can skip checks in the actually benchmarked 2638 * code, for maximum performance. 2639 */ 2640 if ((test_ctx = EVP_PKEY_CTX_new(key_B, NULL)) == NULL /* test ctx from skeyB */ 2641 || EVP_PKEY_derive_init(test_ctx) <= 0 /* init derivation test_ctx */ 2642 || EVP_PKEY_derive_set_peer(test_ctx, key_A) <= 0 /* set peer pubkey in test_ctx */ 2643 || EVP_PKEY_derive(test_ctx, NULL, &test_outlen) <= 0 /* determine max length */ 2644 || EVP_PKEY_derive(ctx, loopargs[i].secret_a, &outlen) <= 0 /* compute a*B */ 2645 || EVP_PKEY_derive(test_ctx, loopargs[i].secret_b, &test_outlen) <= 0 /* compute b*A */ 2646 || test_outlen != outlen /* compare output length */) { 2647 ecdh_checks = 0; 2648 BIO_printf(bio_err, "ECDH computation failure.\n"); 2649 ERR_print_errors(bio_err); 2650 op_count = 1; 2651 break; 2652 } 2653 2654 /* Compare the computation results: CRYPTO_memcmp() returns 0 if equal */ 2655 if (CRYPTO_memcmp(loopargs[i].secret_a, 2656 loopargs[i].secret_b, outlen)) { 2657 ecdh_checks = 0; 2658 BIO_printf(bio_err, "ECDH computations don't match.\n"); 2659 ERR_print_errors(bio_err); 2660 op_count = 1; 2661 break; 2662 } 2663 2664 loopargs[i].ecdh_ctx[testnum] = ctx; 2665 loopargs[i].outlen[testnum] = outlen; 2666 2667 EVP_PKEY_free(key_A); 2668 EVP_PKEY_free(key_B); 2669 EVP_PKEY_CTX_free(test_ctx); 2670 test_ctx = NULL; 2671 } 2672 if (ecdh_checks != 0) { 2673 pkey_print_message("", "ecdh", 2674 ecdh_c[testnum][0], 2675 ec_curves[testnum].bits, seconds.ecdh); 2676 Time_F(START); 2677 count = 2678 run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs); 2679 d = Time_F(STOP); 2680 BIO_printf(bio_err, 2681 mr ? "+R7:%ld:%d:%.2f\n" : 2682 "%ld %u-bits ECDH ops in %.2fs\n", count, 2683 ec_curves[testnum].bits, d); 2684 ecdh_results[testnum][0] = (double)count / d; 2685 op_count = count; 2686 } 2687 2688 if (op_count <= 1) { 2689 /* if longer than 10s, don't do any more */ 2690 stop_it(ecdh_doit, testnum); 2691 } 2692 } 2693 2694 for (testnum = 0; testnum < EdDSA_NUM; testnum++) { 2695 int st = 1; 2696 EVP_PKEY *ed_pkey = NULL; 2697 EVP_PKEY_CTX *ed_pctx = NULL; 2698 2699 if (!eddsa_doit[testnum]) 2700 continue; /* Ignore Curve */ 2701 for (i = 0; i < loopargs_len; i++) { 2702 loopargs[i].eddsa_ctx[testnum] = EVP_MD_CTX_new(); 2703 if (loopargs[i].eddsa_ctx[testnum] == NULL) { 2704 st = 0; 2705 break; 2706 } 2707 loopargs[i].eddsa_ctx2[testnum] = EVP_MD_CTX_new(); 2708 if (loopargs[i].eddsa_ctx2[testnum] == NULL) { 2709 st = 0; 2710 break; 2711 } 2712 2713 if ((ed_pctx = EVP_PKEY_CTX_new_id(ed_curves[testnum].nid, 2714 NULL)) == NULL 2715 || EVP_PKEY_keygen_init(ed_pctx) <= 0 2716 || EVP_PKEY_keygen(ed_pctx, &ed_pkey) <= 0) { 2717 st = 0; 2718 EVP_PKEY_CTX_free(ed_pctx); 2719 break; 2720 } 2721 EVP_PKEY_CTX_free(ed_pctx); 2722 2723 if (!EVP_DigestSignInit(loopargs[i].eddsa_ctx[testnum], NULL, NULL, 2724 NULL, ed_pkey)) { 2725 st = 0; 2726 EVP_PKEY_free(ed_pkey); 2727 break; 2728 } 2729 if (!EVP_DigestVerifyInit(loopargs[i].eddsa_ctx2[testnum], NULL, 2730 NULL, NULL, ed_pkey)) { 2731 st = 0; 2732 EVP_PKEY_free(ed_pkey); 2733 break; 2734 } 2735 2736 EVP_PKEY_free(ed_pkey); 2737 ed_pkey = NULL; 2738 } 2739 if (st == 0) { 2740 BIO_printf(bio_err, "EdDSA failure.\n"); 2741 ERR_print_errors(bio_err); 2742 op_count = 1; 2743 } else { 2744 for (i = 0; i < loopargs_len; i++) { 2745 /* Perform EdDSA signature test */ 2746 loopargs[i].sigsize = ed_curves[testnum].sigsize; 2747 st = EVP_DigestSign(loopargs[i].eddsa_ctx[testnum], 2748 loopargs[i].buf2, &loopargs[i].sigsize, 2749 loopargs[i].buf, 20); 2750 if (st == 0) 2751 break; 2752 } 2753 if (st == 0) { 2754 BIO_printf(bio_err, 2755 "EdDSA sign failure. No EdDSA sign will be done.\n"); 2756 ERR_print_errors(bio_err); 2757 op_count = 1; 2758 } else { 2759 pkey_print_message("sign", ed_curves[testnum].name, 2760 eddsa_c[testnum][0], 2761 ed_curves[testnum].bits, seconds.eddsa); 2762 Time_F(START); 2763 count = run_benchmark(async_jobs, EdDSA_sign_loop, loopargs); 2764 d = Time_F(STOP); 2765 2766 BIO_printf(bio_err, 2767 mr ? "+R8:%ld:%u:%s:%.2f\n" : 2768 "%ld %u bits %s signs in %.2fs \n", 2769 count, ed_curves[testnum].bits, 2770 ed_curves[testnum].name, d); 2771 eddsa_results[testnum][0] = (double)count / d; 2772 op_count = count; 2773 } 2774 /* Perform EdDSA verification test */ 2775 for (i = 0; i < loopargs_len; i++) { 2776 st = EVP_DigestVerify(loopargs[i].eddsa_ctx2[testnum], 2777 loopargs[i].buf2, loopargs[i].sigsize, 2778 loopargs[i].buf, 20); 2779 if (st != 1) 2780 break; 2781 } 2782 if (st != 1) { 2783 BIO_printf(bio_err, 2784 "EdDSA verify failure. No EdDSA verify will be done.\n"); 2785 ERR_print_errors(bio_err); 2786 eddsa_doit[testnum] = 0; 2787 } else { 2788 pkey_print_message("verify", ed_curves[testnum].name, 2789 eddsa_c[testnum][1], 2790 ed_curves[testnum].bits, seconds.eddsa); 2791 Time_F(START); 2792 count = run_benchmark(async_jobs, EdDSA_verify_loop, loopargs); 2793 d = Time_F(STOP); 2794 BIO_printf(bio_err, 2795 mr ? "+R9:%ld:%u:%s:%.2f\n" 2796 : "%ld %u bits %s verify in %.2fs\n", 2797 count, ed_curves[testnum].bits, 2798 ed_curves[testnum].name, d); 2799 eddsa_results[testnum][1] = (double)count / d; 2800 } 2801 2802 if (op_count <= 1) { 2803 /* if longer than 10s, don't do any more */ 2804 stop_it(eddsa_doit, testnum); 2805 } 2806 } 2807 } 2808 2809 #ifndef OPENSSL_NO_SM2 2810 for (testnum = 0; testnum < SM2_NUM; testnum++) { 2811 int st = 1; 2812 EVP_PKEY *sm2_pkey = NULL; 2813 2814 if (!sm2_doit[testnum]) 2815 continue; /* Ignore Curve */ 2816 /* Init signing and verification */ 2817 for (i = 0; i < loopargs_len; i++) { 2818 EVP_PKEY_CTX *sm2_pctx = NULL; 2819 EVP_PKEY_CTX *sm2_vfy_pctx = NULL; 2820 EVP_PKEY_CTX *pctx = NULL; 2821 st = 0; 2822 2823 loopargs[i].sm2_ctx[testnum] = EVP_MD_CTX_new(); 2824 loopargs[i].sm2_vfy_ctx[testnum] = EVP_MD_CTX_new(); 2825 if (loopargs[i].sm2_ctx[testnum] == NULL 2826 || loopargs[i].sm2_vfy_ctx[testnum] == NULL) 2827 break; 2828 2829 sm2_pkey = NULL; 2830 2831 st = !((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SM2, NULL)) == NULL 2832 || EVP_PKEY_keygen_init(pctx) <= 0 2833 || EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, 2834 sm2_curves[testnum].nid) <= 0 2835 || EVP_PKEY_keygen(pctx, &sm2_pkey) <= 0); 2836 EVP_PKEY_CTX_free(pctx); 2837 if (st == 0) 2838 break; 2839 2840 st = 0; /* set back to zero */ 2841 /* attach it sooner to rely on main final cleanup */ 2842 loopargs[i].sm2_pkey[testnum] = sm2_pkey; 2843 loopargs[i].sigsize = EVP_PKEY_get_size(sm2_pkey); 2844 2845 sm2_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL); 2846 sm2_vfy_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL); 2847 if (sm2_pctx == NULL || sm2_vfy_pctx == NULL) { 2848 EVP_PKEY_CTX_free(sm2_vfy_pctx); 2849 break; 2850 } 2851 2852 /* attach them directly to respective ctx */ 2853 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_ctx[testnum], sm2_pctx); 2854 EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_vfy_ctx[testnum], sm2_vfy_pctx); 2855 2856 /* 2857 * No need to allow user to set an explicit ID here, just use 2858 * the one defined in the 'draft-yang-tls-tl13-sm-suites' I-D. 2859 */ 2860 if (EVP_PKEY_CTX_set1_id(sm2_pctx, SM2_ID, SM2_ID_LEN) != 1 2861 || EVP_PKEY_CTX_set1_id(sm2_vfy_pctx, SM2_ID, SM2_ID_LEN) != 1) 2862 break; 2863 2864 if (!EVP_DigestSignInit(loopargs[i].sm2_ctx[testnum], NULL, 2865 EVP_sm3(), NULL, sm2_pkey)) 2866 break; 2867 if (!EVP_DigestVerifyInit(loopargs[i].sm2_vfy_ctx[testnum], NULL, 2868 EVP_sm3(), NULL, sm2_pkey)) 2869 break; 2870 st = 1; /* mark loop as succeeded */ 2871 } 2872 if (st == 0) { 2873 BIO_printf(bio_err, "SM2 init failure.\n"); 2874 ERR_print_errors(bio_err); 2875 op_count = 1; 2876 } else { 2877 for (i = 0; i < loopargs_len; i++) { 2878 /* Perform SM2 signature test */ 2879 st = EVP_DigestSign(loopargs[i].sm2_ctx[testnum], 2880 loopargs[i].buf2, &loopargs[i].sigsize, 2881 loopargs[i].buf, 20); 2882 if (st == 0) 2883 break; 2884 } 2885 if (st == 0) { 2886 BIO_printf(bio_err, 2887 "SM2 sign failure. No SM2 sign will be done.\n"); 2888 ERR_print_errors(bio_err); 2889 op_count = 1; 2890 } else { 2891 pkey_print_message("sign", sm2_curves[testnum].name, 2892 sm2_c[testnum][0], 2893 sm2_curves[testnum].bits, seconds.sm2); 2894 Time_F(START); 2895 count = run_benchmark(async_jobs, SM2_sign_loop, loopargs); 2896 d = Time_F(STOP); 2897 2898 BIO_printf(bio_err, 2899 mr ? "+R10:%ld:%u:%s:%.2f\n" : 2900 "%ld %u bits %s signs in %.2fs \n", 2901 count, sm2_curves[testnum].bits, 2902 sm2_curves[testnum].name, d); 2903 sm2_results[testnum][0] = (double)count / d; 2904 op_count = count; 2905 } 2906 2907 /* Perform SM2 verification test */ 2908 for (i = 0; i < loopargs_len; i++) { 2909 st = EVP_DigestVerify(loopargs[i].sm2_vfy_ctx[testnum], 2910 loopargs[i].buf2, loopargs[i].sigsize, 2911 loopargs[i].buf, 20); 2912 if (st != 1) 2913 break; 2914 } 2915 if (st != 1) { 2916 BIO_printf(bio_err, 2917 "SM2 verify failure. No SM2 verify will be done.\n"); 2918 ERR_print_errors(bio_err); 2919 sm2_doit[testnum] = 0; 2920 } else { 2921 pkey_print_message("verify", sm2_curves[testnum].name, 2922 sm2_c[testnum][1], 2923 sm2_curves[testnum].bits, seconds.sm2); 2924 Time_F(START); 2925 count = run_benchmark(async_jobs, SM2_verify_loop, loopargs); 2926 d = Time_F(STOP); 2927 BIO_printf(bio_err, 2928 mr ? "+R11:%ld:%u:%s:%.2f\n" 2929 : "%ld %u bits %s verify in %.2fs\n", 2930 count, sm2_curves[testnum].bits, 2931 sm2_curves[testnum].name, d); 2932 sm2_results[testnum][1] = (double)count / d; 2933 } 2934 2935 if (op_count <= 1) { 2936 /* if longer than 10s, don't do any more */ 2937 for (testnum++; testnum < SM2_NUM; testnum++) 2938 sm2_doit[testnum] = 0; 2939 } 2940 } 2941 } 2942 #endif /* OPENSSL_NO_SM2 */ 2943 2944 #ifndef OPENSSL_NO_DH 2945 for (testnum = 0; testnum < FFDH_NUM; testnum++) { 2946 int ffdh_checks = 1; 2947 2948 if (!ffdh_doit[testnum]) 2949 continue; 2950 2951 for (i = 0; i < loopargs_len; i++) { 2952 EVP_PKEY *pkey_A = NULL; 2953 EVP_PKEY *pkey_B = NULL; 2954 EVP_PKEY_CTX *ffdh_ctx = NULL; 2955 EVP_PKEY_CTX *test_ctx = NULL; 2956 size_t secret_size; 2957 size_t test_out; 2958 2959 /* Ensure that the error queue is empty */ 2960 if (ERR_peek_error()) { 2961 BIO_printf(bio_err, 2962 "WARNING: the error queue contains previous unhandled errors.\n"); 2963 ERR_print_errors(bio_err); 2964 } 2965 2966 pkey_A = EVP_PKEY_new(); 2967 if (!pkey_A) { 2968 BIO_printf(bio_err, "Error while initialising EVP_PKEY (out of memory?).\n"); 2969 ERR_print_errors(bio_err); 2970 op_count = 1; 2971 ffdh_checks = 0; 2972 break; 2973 } 2974 pkey_B = EVP_PKEY_new(); 2975 if (!pkey_B) { 2976 BIO_printf(bio_err, "Error while initialising EVP_PKEY (out of memory?).\n"); 2977 ERR_print_errors(bio_err); 2978 op_count = 1; 2979 ffdh_checks = 0; 2980 break; 2981 } 2982 2983 ffdh_ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_DH, NULL); 2984 if (!ffdh_ctx) { 2985 BIO_printf(bio_err, "Error while allocating EVP_PKEY_CTX.\n"); 2986 ERR_print_errors(bio_err); 2987 op_count = 1; 2988 ffdh_checks = 0; 2989 break; 2990 } 2991 2992 if (EVP_PKEY_keygen_init(ffdh_ctx) <= 0) { 2993 BIO_printf(bio_err, "Error while initialising EVP_PKEY_CTX.\n"); 2994 ERR_print_errors(bio_err); 2995 op_count = 1; 2996 ffdh_checks = 0; 2997 break; 2998 } 2999 if (EVP_PKEY_CTX_set_dh_nid(ffdh_ctx, ffdh_params[testnum].nid) <= 0) { 3000 BIO_printf(bio_err, "Error setting DH key size for keygen.\n"); 3001 ERR_print_errors(bio_err); 3002 op_count = 1; 3003 ffdh_checks = 0; 3004 break; 3005 } 3006 3007 if (EVP_PKEY_keygen(ffdh_ctx, &pkey_A) <= 0 || 3008 EVP_PKEY_keygen(ffdh_ctx, &pkey_B) <= 0) { 3009 BIO_printf(bio_err, "FFDH key generation failure.\n"); 3010 ERR_print_errors(bio_err); 3011 op_count = 1; 3012 ffdh_checks = 0; 3013 break; 3014 } 3015 3016 EVP_PKEY_CTX_free(ffdh_ctx); 3017 3018 /* 3019 * check if the derivation works correctly both ways so that 3020 * we know if future derive calls will fail, and we can skip 3021 * error checking in benchmarked code 3022 */ 3023 ffdh_ctx = EVP_PKEY_CTX_new(pkey_A, NULL); 3024 if (ffdh_ctx == NULL) { 3025 BIO_printf(bio_err, "Error while allocating EVP_PKEY_CTX.\n"); 3026 ERR_print_errors(bio_err); 3027 op_count = 1; 3028 ffdh_checks = 0; 3029 break; 3030 } 3031 if (EVP_PKEY_derive_init(ffdh_ctx) <= 0) { 3032 BIO_printf(bio_err, "FFDH derivation context init failure.\n"); 3033 ERR_print_errors(bio_err); 3034 op_count = 1; 3035 ffdh_checks = 0; 3036 break; 3037 } 3038 if (EVP_PKEY_derive_set_peer(ffdh_ctx, pkey_B) <= 0) { 3039 BIO_printf(bio_err, "Assigning peer key for derivation failed.\n"); 3040 ERR_print_errors(bio_err); 3041 op_count = 1; 3042 ffdh_checks = 0; 3043 break; 3044 } 3045 if (EVP_PKEY_derive(ffdh_ctx, NULL, &secret_size) <= 0) { 3046 BIO_printf(bio_err, "Checking size of shared secret failed.\n"); 3047 ERR_print_errors(bio_err); 3048 op_count = 1; 3049 ffdh_checks = 0; 3050 break; 3051 } 3052 if (secret_size > MAX_FFDH_SIZE) { 3053 BIO_printf(bio_err, "Assertion failure: shared secret too large.\n"); 3054 op_count = 1; 3055 ffdh_checks = 0; 3056 break; 3057 } 3058 if (EVP_PKEY_derive(ffdh_ctx, 3059 loopargs[i].secret_ff_a, 3060 &secret_size) <= 0) { 3061 BIO_printf(bio_err, "Shared secret derive failure.\n"); 3062 ERR_print_errors(bio_err); 3063 op_count = 1; 3064 ffdh_checks = 0; 3065 break; 3066 } 3067 /* Now check from side B */ 3068 test_ctx = EVP_PKEY_CTX_new(pkey_B, NULL); 3069 if (!test_ctx) { 3070 BIO_printf(bio_err, "Error while allocating EVP_PKEY_CTX.\n"); 3071 ERR_print_errors(bio_err); 3072 op_count = 1; 3073 ffdh_checks = 0; 3074 break; 3075 } 3076 if (EVP_PKEY_derive_init(test_ctx) <= 0 || 3077 EVP_PKEY_derive_set_peer(test_ctx, pkey_A) <= 0 || 3078 EVP_PKEY_derive(test_ctx, NULL, &test_out) <= 0 || 3079 EVP_PKEY_derive(test_ctx, loopargs[i].secret_ff_b, &test_out) <= 0 || 3080 test_out != secret_size) { 3081 BIO_printf(bio_err, "FFDH computation failure.\n"); 3082 op_count = 1; 3083 ffdh_checks = 0; 3084 break; 3085 } 3086 3087 /* compare the computed secrets */ 3088 if (CRYPTO_memcmp(loopargs[i].secret_ff_a, 3089 loopargs[i].secret_ff_b, secret_size)) { 3090 BIO_printf(bio_err, "FFDH computations don't match.\n"); 3091 ERR_print_errors(bio_err); 3092 op_count = 1; 3093 ffdh_checks = 0; 3094 break; 3095 } 3096 3097 loopargs[i].ffdh_ctx[testnum] = ffdh_ctx; 3098 3099 EVP_PKEY_free(pkey_A); 3100 pkey_A = NULL; 3101 EVP_PKEY_free(pkey_B); 3102 pkey_B = NULL; 3103 EVP_PKEY_CTX_free(test_ctx); 3104 test_ctx = NULL; 3105 } 3106 if (ffdh_checks != 0) { 3107 pkey_print_message("", "ffdh", ffdh_c[testnum][0], 3108 ffdh_params[testnum].bits, seconds.ffdh); 3109 Time_F(START); 3110 count = 3111 run_benchmark(async_jobs, FFDH_derive_key_loop, loopargs); 3112 d = Time_F(STOP); 3113 BIO_printf(bio_err, 3114 mr ? "+R12:%ld:%d:%.2f\n" : 3115 "%ld %u-bits FFDH ops in %.2fs\n", count, 3116 ffdh_params[testnum].bits, d); 3117 ffdh_results[testnum][0] = (double)count / d; 3118 op_count = count; 3119 } 3120 if (op_count <= 1) { 3121 /* if longer than 10s, don't do any more */ 3122 stop_it(ffdh_doit, testnum); 3123 } 3124 } 3125 #endif /* OPENSSL_NO_DH */ 3126 #ifndef NO_FORK 3127 show_res: 3128 #endif 3129 if (!mr) { 3130 printf("version: %s\n", OpenSSL_version(OPENSSL_FULL_VERSION_STRING)); 3131 printf("%s\n", OpenSSL_version(OPENSSL_BUILT_ON)); 3132 printf("options: %s\n", BN_options()); 3133 printf("%s\n", OpenSSL_version(OPENSSL_CFLAGS)); 3134 printf("%s\n", OpenSSL_version(OPENSSL_CPU_INFO)); 3135 } 3136 3137 if (pr_header) { 3138 if (mr) { 3139 printf("+H"); 3140 } else { 3141 printf("The 'numbers' are in 1000s of bytes per second processed.\n"); 3142 printf("type "); 3143 } 3144 for (testnum = 0; testnum < size_num; testnum++) 3145 printf(mr ? ":%d" : "%7d bytes", lengths[testnum]); 3146 printf("\n"); 3147 } 3148 3149 for (k = 0; k < ALGOR_NUM; k++) { 3150 const char *alg_name = names[k]; 3151 3152 if (!doit[k]) 3153 continue; 3154 3155 if (k == D_EVP) { 3156 if (evp_cipher == NULL) 3157 alg_name = evp_md_name; 3158 else if ((alg_name = EVP_CIPHER_get0_name(evp_cipher)) == NULL) 3159 app_bail_out("failed to get name of cipher '%s'\n", evp_cipher); 3160 } 3161 3162 if (mr) 3163 printf("+F:%u:%s", k, alg_name); 3164 else 3165 printf("%-13s", alg_name); 3166 for (testnum = 0; testnum < size_num; testnum++) { 3167 if (results[k][testnum] > 10000 && !mr) 3168 printf(" %11.2fk", results[k][testnum] / 1e3); 3169 else 3170 printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]); 3171 } 3172 printf("\n"); 3173 } 3174 testnum = 1; 3175 for (k = 0; k < RSA_NUM; k++) { 3176 if (!rsa_doit[k]) 3177 continue; 3178 if (testnum && !mr) { 3179 printf("%18ssign verify sign/s verify/s\n", " "); 3180 testnum = 0; 3181 } 3182 if (mr) 3183 printf("+F2:%u:%u:%f:%f\n", 3184 k, rsa_keys[k].bits, rsa_results[k][0], rsa_results[k][1]); 3185 else 3186 printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n", 3187 rsa_keys[k].bits, 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1], 3188 rsa_results[k][0], rsa_results[k][1]); 3189 } 3190 testnum = 1; 3191 for (k = 0; k < DSA_NUM; k++) { 3192 if (!dsa_doit[k]) 3193 continue; 3194 if (testnum && !mr) { 3195 printf("%18ssign verify sign/s verify/s\n", " "); 3196 testnum = 0; 3197 } 3198 if (mr) 3199 printf("+F3:%u:%u:%f:%f\n", 3200 k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]); 3201 else 3202 printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n", 3203 dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1], 3204 dsa_results[k][0], dsa_results[k][1]); 3205 } 3206 testnum = 1; 3207 for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) { 3208 if (!ecdsa_doit[k]) 3209 continue; 3210 if (testnum && !mr) { 3211 printf("%30ssign verify sign/s verify/s\n", " "); 3212 testnum = 0; 3213 } 3214 3215 if (mr) 3216 printf("+F4:%u:%u:%f:%f\n", 3217 k, ec_curves[k].bits, 3218 ecdsa_results[k][0], ecdsa_results[k][1]); 3219 else 3220 printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n", 3221 ec_curves[k].bits, ec_curves[k].name, 3222 1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1], 3223 ecdsa_results[k][0], ecdsa_results[k][1]); 3224 } 3225 3226 testnum = 1; 3227 for (k = 0; k < EC_NUM; k++) { 3228 if (!ecdh_doit[k]) 3229 continue; 3230 if (testnum && !mr) { 3231 printf("%30sop op/s\n", " "); 3232 testnum = 0; 3233 } 3234 if (mr) 3235 printf("+F5:%u:%u:%f:%f\n", 3236 k, ec_curves[k].bits, 3237 ecdh_results[k][0], 1.0 / ecdh_results[k][0]); 3238 3239 else 3240 printf("%4u bits ecdh (%s) %8.4fs %8.1f\n", 3241 ec_curves[k].bits, ec_curves[k].name, 3242 1.0 / ecdh_results[k][0], ecdh_results[k][0]); 3243 } 3244 3245 testnum = 1; 3246 for (k = 0; k < OSSL_NELEM(eddsa_doit); k++) { 3247 if (!eddsa_doit[k]) 3248 continue; 3249 if (testnum && !mr) { 3250 printf("%30ssign verify sign/s verify/s\n", " "); 3251 testnum = 0; 3252 } 3253 3254 if (mr) 3255 printf("+F6:%u:%u:%s:%f:%f\n", 3256 k, ed_curves[k].bits, ed_curves[k].name, 3257 eddsa_results[k][0], eddsa_results[k][1]); 3258 else 3259 printf("%4u bits EdDSA (%s) %8.4fs %8.4fs %8.1f %8.1f\n", 3260 ed_curves[k].bits, ed_curves[k].name, 3261 1.0 / eddsa_results[k][0], 1.0 / eddsa_results[k][1], 3262 eddsa_results[k][0], eddsa_results[k][1]); 3263 } 3264 3265 #ifndef OPENSSL_NO_SM2 3266 testnum = 1; 3267 for (k = 0; k < OSSL_NELEM(sm2_doit); k++) { 3268 if (!sm2_doit[k]) 3269 continue; 3270 if (testnum && !mr) { 3271 printf("%30ssign verify sign/s verify/s\n", " "); 3272 testnum = 0; 3273 } 3274 3275 if (mr) 3276 printf("+F7:%u:%u:%s:%f:%f\n", 3277 k, sm2_curves[k].bits, sm2_curves[k].name, 3278 sm2_results[k][0], sm2_results[k][1]); 3279 else 3280 printf("%4u bits SM2 (%s) %8.4fs %8.4fs %8.1f %8.1f\n", 3281 sm2_curves[k].bits, sm2_curves[k].name, 3282 1.0 / sm2_results[k][0], 1.0 / sm2_results[k][1], 3283 sm2_results[k][0], sm2_results[k][1]); 3284 } 3285 #endif 3286 #ifndef OPENSSL_NO_DH 3287 testnum = 1; 3288 for (k = 0; k < FFDH_NUM; k++) { 3289 if (!ffdh_doit[k]) 3290 continue; 3291 if (testnum && !mr) { 3292 printf("%23sop op/s\n", " "); 3293 testnum = 0; 3294 } 3295 if (mr) 3296 printf("+F8:%u:%u:%f:%f\n", 3297 k, ffdh_params[k].bits, 3298 ffdh_results[k][0], 1.0 / ffdh_results[k][0]); 3299 3300 else 3301 printf("%4u bits ffdh %8.4fs %8.1f\n", 3302 ffdh_params[k].bits, 3303 1.0 / ffdh_results[k][0], ffdh_results[k][0]); 3304 } 3305 #endif /* OPENSSL_NO_DH */ 3306 3307 ret = 0; 3308 3309 end: 3310 ERR_print_errors(bio_err); 3311 for (i = 0; i < loopargs_len; i++) { 3312 OPENSSL_free(loopargs[i].buf_malloc); 3313 OPENSSL_free(loopargs[i].buf2_malloc); 3314 3315 BN_free(bn); 3316 EVP_PKEY_CTX_free(genctx); 3317 for (k = 0; k < RSA_NUM; k++) { 3318 EVP_PKEY_CTX_free(loopargs[i].rsa_sign_ctx[k]); 3319 EVP_PKEY_CTX_free(loopargs[i].rsa_verify_ctx[k]); 3320 } 3321 #ifndef OPENSSL_NO_DH 3322 OPENSSL_free(loopargs[i].secret_ff_a); 3323 OPENSSL_free(loopargs[i].secret_ff_b); 3324 for (k = 0; k < FFDH_NUM; k++) 3325 EVP_PKEY_CTX_free(loopargs[i].ffdh_ctx[k]); 3326 #endif 3327 for (k = 0; k < DSA_NUM; k++) { 3328 EVP_PKEY_CTX_free(loopargs[i].dsa_sign_ctx[k]); 3329 EVP_PKEY_CTX_free(loopargs[i].dsa_verify_ctx[k]); 3330 } 3331 for (k = 0; k < ECDSA_NUM; k++) { 3332 EVP_PKEY_CTX_free(loopargs[i].ecdsa_sign_ctx[k]); 3333 EVP_PKEY_CTX_free(loopargs[i].ecdsa_verify_ctx[k]); 3334 } 3335 for (k = 0; k < EC_NUM; k++) 3336 EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]); 3337 for (k = 0; k < EdDSA_NUM; k++) { 3338 EVP_MD_CTX_free(loopargs[i].eddsa_ctx[k]); 3339 EVP_MD_CTX_free(loopargs[i].eddsa_ctx2[k]); 3340 } 3341 #ifndef OPENSSL_NO_SM2 3342 for (k = 0; k < SM2_NUM; k++) { 3343 EVP_PKEY_CTX *pctx = NULL; 3344 3345 /* free signing ctx */ 3346 if (loopargs[i].sm2_ctx[k] != NULL 3347 && (pctx = EVP_MD_CTX_get_pkey_ctx(loopargs[i].sm2_ctx[k])) != NULL) 3348 EVP_PKEY_CTX_free(pctx); 3349 EVP_MD_CTX_free(loopargs[i].sm2_ctx[k]); 3350 /* free verification ctx */ 3351 if (loopargs[i].sm2_vfy_ctx[k] != NULL 3352 && (pctx = EVP_MD_CTX_get_pkey_ctx(loopargs[i].sm2_vfy_ctx[k])) != NULL) 3353 EVP_PKEY_CTX_free(pctx); 3354 EVP_MD_CTX_free(loopargs[i].sm2_vfy_ctx[k]); 3355 /* free pkey */ 3356 EVP_PKEY_free(loopargs[i].sm2_pkey[k]); 3357 } 3358 #endif 3359 OPENSSL_free(loopargs[i].secret_a); 3360 OPENSSL_free(loopargs[i].secret_b); 3361 } 3362 OPENSSL_free(evp_hmac_name); 3363 OPENSSL_free(evp_cmac_name); 3364 3365 if (async_jobs > 0) { 3366 for (i = 0; i < loopargs_len; i++) 3367 ASYNC_WAIT_CTX_free(loopargs[i].wait_ctx); 3368 } 3369 3370 if (async_init) { 3371 ASYNC_cleanup_thread(); 3372 } 3373 OPENSSL_free(loopargs); 3374 release_engine(e); 3375 EVP_CIPHER_free(evp_cipher); 3376 EVP_MAC_free(mac); 3377 return ret; 3378 } 3379 3380 static void print_message(const char *s, long num, int length, int tm) 3381 { 3382 BIO_printf(bio_err, 3383 mr ? "+DT:%s:%d:%d\n" 3384 : "Doing %s for %ds on %d size blocks: ", s, tm, length); 3385 (void)BIO_flush(bio_err); 3386 run = 1; 3387 alarm(tm); 3388 } 3389 3390 static void pkey_print_message(const char *str, const char *str2, long num, 3391 unsigned int bits, int tm) 3392 { 3393 BIO_printf(bio_err, 3394 mr ? "+DTP:%d:%s:%s:%d\n" 3395 : "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm); 3396 (void)BIO_flush(bio_err); 3397 run = 1; 3398 alarm(tm); 3399 } 3400 3401 static void print_result(int alg, int run_no, int count, double time_used) 3402 { 3403 if (count == -1) { 3404 BIO_printf(bio_err, "%s error!\n", names[alg]); 3405 ERR_print_errors(bio_err); 3406 return; 3407 } 3408 BIO_printf(bio_err, 3409 mr ? "+R:%d:%s:%f\n" 3410 : "%d %s's in %.2fs\n", count, names[alg], time_used); 3411 results[alg][run_no] = ((double)count) / time_used * lengths[run_no]; 3412 } 3413 3414 #ifndef NO_FORK 3415 static char *sstrsep(char **string, const char *delim) 3416 { 3417 char isdelim[256]; 3418 char *token = *string; 3419 3420 if (**string == 0) 3421 return NULL; 3422 3423 memset(isdelim, 0, sizeof(isdelim)); 3424 isdelim[0] = 1; 3425 3426 while (*delim) { 3427 isdelim[(unsigned char)(*delim)] = 1; 3428 delim++; 3429 } 3430 3431 while (!isdelim[(unsigned char)(**string)]) 3432 (*string)++; 3433 3434 if (**string) { 3435 **string = 0; 3436 (*string)++; 3437 } 3438 3439 return token; 3440 } 3441 3442 static int do_multi(int multi, int size_num) 3443 { 3444 int n; 3445 int fd[2]; 3446 int *fds; 3447 int status; 3448 static char sep[] = ":"; 3449 3450 fds = app_malloc(sizeof(*fds) * multi, "fd buffer for do_multi"); 3451 for (n = 0; n < multi; ++n) { 3452 if (pipe(fd) == -1) { 3453 BIO_printf(bio_err, "pipe failure\n"); 3454 exit(1); 3455 } 3456 fflush(stdout); 3457 (void)BIO_flush(bio_err); 3458 if (fork()) { 3459 close(fd[1]); 3460 fds[n] = fd[0]; 3461 } else { 3462 close(fd[0]); 3463 close(1); 3464 if (dup(fd[1]) == -1) { 3465 BIO_printf(bio_err, "dup failed\n"); 3466 exit(1); 3467 } 3468 close(fd[1]); 3469 mr = 1; 3470 usertime = 0; 3471 OPENSSL_free(fds); 3472 return 0; 3473 } 3474 printf("Forked child %d\n", n); 3475 } 3476 3477 /* for now, assume the pipe is long enough to take all the output */ 3478 for (n = 0; n < multi; ++n) { 3479 FILE *f; 3480 char buf[1024]; 3481 char *p; 3482 3483 if ((f = fdopen(fds[n], "r")) == NULL) { 3484 BIO_printf(bio_err, "fdopen failure with 0x%x\n", 3485 errno); 3486 OPENSSL_free(fds); 3487 return 1; 3488 } 3489 while (fgets(buf, sizeof(buf), f)) { 3490 p = strchr(buf, '\n'); 3491 if (p) 3492 *p = '\0'; 3493 if (buf[0] != '+') { 3494 BIO_printf(bio_err, 3495 "Don't understand line '%s' from child %d\n", buf, 3496 n); 3497 continue; 3498 } 3499 printf("Got: %s from %d\n", buf, n); 3500 if (strncmp(buf, "+F:", 3) == 0) { 3501 int alg; 3502 int j; 3503 3504 p = buf + 3; 3505 alg = atoi(sstrsep(&p, sep)); 3506 sstrsep(&p, sep); 3507 for (j = 0; j < size_num; ++j) 3508 results[alg][j] += atof(sstrsep(&p, sep)); 3509 } else if (strncmp(buf, "+F2:", 4) == 0) { 3510 int k; 3511 double d; 3512 3513 p = buf + 4; 3514 k = atoi(sstrsep(&p, sep)); 3515 sstrsep(&p, sep); 3516 3517 d = atof(sstrsep(&p, sep)); 3518 rsa_results[k][0] += d; 3519 3520 d = atof(sstrsep(&p, sep)); 3521 rsa_results[k][1] += d; 3522 } else if (strncmp(buf, "+F3:", 4) == 0) { 3523 int k; 3524 double d; 3525 3526 p = buf + 4; 3527 k = atoi(sstrsep(&p, sep)); 3528 sstrsep(&p, sep); 3529 3530 d = atof(sstrsep(&p, sep)); 3531 dsa_results[k][0] += d; 3532 3533 d = atof(sstrsep(&p, sep)); 3534 dsa_results[k][1] += d; 3535 } else if (strncmp(buf, "+F4:", 4) == 0) { 3536 int k; 3537 double d; 3538 3539 p = buf + 4; 3540 k = atoi(sstrsep(&p, sep)); 3541 sstrsep(&p, sep); 3542 3543 d = atof(sstrsep(&p, sep)); 3544 ecdsa_results[k][0] += d; 3545 3546 d = atof(sstrsep(&p, sep)); 3547 ecdsa_results[k][1] += d; 3548 } else if (strncmp(buf, "+F5:", 4) == 0) { 3549 int k; 3550 double d; 3551 3552 p = buf + 4; 3553 k = atoi(sstrsep(&p, sep)); 3554 sstrsep(&p, sep); 3555 3556 d = atof(sstrsep(&p, sep)); 3557 ecdh_results[k][0] += d; 3558 } else if (strncmp(buf, "+F6:", 4) == 0) { 3559 int k; 3560 double d; 3561 3562 p = buf + 4; 3563 k = atoi(sstrsep(&p, sep)); 3564 sstrsep(&p, sep); 3565 sstrsep(&p, sep); 3566 3567 d = atof(sstrsep(&p, sep)); 3568 eddsa_results[k][0] += d; 3569 3570 d = atof(sstrsep(&p, sep)); 3571 eddsa_results[k][1] += d; 3572 # ifndef OPENSSL_NO_SM2 3573 } else if (strncmp(buf, "+F7:", 4) == 0) { 3574 int k; 3575 double d; 3576 3577 p = buf + 4; 3578 k = atoi(sstrsep(&p, sep)); 3579 sstrsep(&p, sep); 3580 sstrsep(&p, sep); 3581 3582 d = atof(sstrsep(&p, sep)); 3583 sm2_results[k][0] += d; 3584 3585 d = atof(sstrsep(&p, sep)); 3586 sm2_results[k][1] += d; 3587 # endif /* OPENSSL_NO_SM2 */ 3588 # ifndef OPENSSL_NO_DH 3589 } else if (strncmp(buf, "+F8:", 4) == 0) { 3590 int k; 3591 double d; 3592 3593 p = buf + 4; 3594 k = atoi(sstrsep(&p, sep)); 3595 sstrsep(&p, sep); 3596 3597 d = atof(sstrsep(&p, sep)); 3598 ffdh_results[k][0] += d; 3599 # endif /* OPENSSL_NO_DH */ 3600 } else if (strncmp(buf, "+H:", 3) == 0) { 3601 ; 3602 } else { 3603 BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf, 3604 n); 3605 } 3606 } 3607 3608 fclose(f); 3609 } 3610 OPENSSL_free(fds); 3611 for (n = 0; n < multi; ++n) { 3612 while (wait(&status) == -1) 3613 if (errno != EINTR) { 3614 BIO_printf(bio_err, "Waitng for child failed with 0x%x\n", 3615 errno); 3616 return 1; 3617 } 3618 if (WIFEXITED(status) && WEXITSTATUS(status)) { 3619 BIO_printf(bio_err, "Child exited with %d\n", WEXITSTATUS(status)); 3620 } else if (WIFSIGNALED(status)) { 3621 BIO_printf(bio_err, "Child terminated by signal %d\n", 3622 WTERMSIG(status)); 3623 } 3624 } 3625 return 1; 3626 } 3627 #endif 3628 3629 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single, 3630 const openssl_speed_sec_t *seconds) 3631 { 3632 static const int mblengths_list[] = 3633 { 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 }; 3634 const int *mblengths = mblengths_list; 3635 int j, count, keylen, num = OSSL_NELEM(mblengths_list); 3636 const char *alg_name; 3637 unsigned char *inp = NULL, *out = NULL, *key, no_key[32], no_iv[16]; 3638 EVP_CIPHER_CTX *ctx = NULL; 3639 double d = 0.0; 3640 3641 if (lengths_single) { 3642 mblengths = &lengths_single; 3643 num = 1; 3644 } 3645 3646 inp = app_malloc(mblengths[num - 1], "multiblock input buffer"); 3647 out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer"); 3648 if ((ctx = EVP_CIPHER_CTX_new()) == NULL) 3649 app_bail_out("failed to allocate cipher context\n"); 3650 if (!EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv)) 3651 app_bail_out("failed to initialise cipher context\n"); 3652 3653 if ((keylen = EVP_CIPHER_CTX_get_key_length(ctx)) < 0) { 3654 BIO_printf(bio_err, "Impossible negative key length: %d\n", keylen); 3655 goto err; 3656 } 3657 key = app_malloc(keylen, "evp_cipher key"); 3658 if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0) 3659 app_bail_out("failed to generate random cipher key\n"); 3660 if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL)) 3661 app_bail_out("failed to set cipher key\n"); 3662 OPENSSL_clear_free(key, keylen); 3663 3664 if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, 3665 sizeof(no_key), no_key) <= 0) 3666 app_bail_out("failed to set AEAD key\n"); 3667 if ((alg_name = EVP_CIPHER_get0_name(evp_cipher)) == NULL) 3668 app_bail_out("failed to get cipher name\n"); 3669 3670 for (j = 0; j < num; j++) { 3671 print_message(alg_name, 0, mblengths[j], seconds->sym); 3672 Time_F(START); 3673 for (count = 0; run && count < INT_MAX; count++) { 3674 unsigned char aad[EVP_AEAD_TLS1_AAD_LEN]; 3675 EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param; 3676 size_t len = mblengths[j]; 3677 int packlen; 3678 3679 memset(aad, 0, 8); /* avoid uninitialized values */ 3680 aad[8] = 23; /* SSL3_RT_APPLICATION_DATA */ 3681 aad[9] = 3; /* version */ 3682 aad[10] = 2; 3683 aad[11] = 0; /* length */ 3684 aad[12] = 0; 3685 mb_param.out = NULL; 3686 mb_param.inp = aad; 3687 mb_param.len = len; 3688 mb_param.interleave = 8; 3689 3690 packlen = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_AAD, 3691 sizeof(mb_param), &mb_param); 3692 3693 if (packlen > 0) { 3694 mb_param.out = out; 3695 mb_param.inp = inp; 3696 mb_param.len = len; 3697 (void)EVP_CIPHER_CTX_ctrl(ctx, 3698 EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT, 3699 sizeof(mb_param), &mb_param); 3700 } else { 3701 int pad; 3702 3703 if (RAND_bytes(inp, 16) <= 0) 3704 app_bail_out("error setting random bytes\n"); 3705 len += 16; 3706 aad[11] = (unsigned char)(len >> 8); 3707 aad[12] = (unsigned char)(len); 3708 pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD, 3709 EVP_AEAD_TLS1_AAD_LEN, aad); 3710 EVP_Cipher(ctx, out, inp, len + pad); 3711 } 3712 } 3713 d = Time_F(STOP); 3714 BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n" 3715 : "%d %s's in %.2fs\n", count, "evp", d); 3716 results[D_EVP][j] = ((double)count) / d * mblengths[j]; 3717 } 3718 3719 if (mr) { 3720 fprintf(stdout, "+H"); 3721 for (j = 0; j < num; j++) 3722 fprintf(stdout, ":%d", mblengths[j]); 3723 fprintf(stdout, "\n"); 3724 fprintf(stdout, "+F:%d:%s", D_EVP, alg_name); 3725 for (j = 0; j < num; j++) 3726 fprintf(stdout, ":%.2f", results[D_EVP][j]); 3727 fprintf(stdout, "\n"); 3728 } else { 3729 fprintf(stdout, 3730 "The 'numbers' are in 1000s of bytes per second processed.\n"); 3731 fprintf(stdout, "type "); 3732 for (j = 0; j < num; j++) 3733 fprintf(stdout, "%7d bytes", mblengths[j]); 3734 fprintf(stdout, "\n"); 3735 fprintf(stdout, "%-24s", alg_name); 3736 3737 for (j = 0; j < num; j++) { 3738 if (results[D_EVP][j] > 10000) 3739 fprintf(stdout, " %11.2fk", results[D_EVP][j] / 1e3); 3740 else 3741 fprintf(stdout, " %11.2f ", results[D_EVP][j]); 3742 } 3743 fprintf(stdout, "\n"); 3744 } 3745 3746 err: 3747 OPENSSL_free(inp); 3748 OPENSSL_free(out); 3749 EVP_CIPHER_CTX_free(ctx); 3750 } 3751