xref: /freebsd/crypto/openssl/doc/man1/openssl-speed.pod.in (revision 5ca8e32633c4ffbbcd6762e5888b6a4ba0708c6c)
1=pod
2{- OpenSSL::safe::output_do_not_edit_headers(); -}
3
4=head1 NAME
5
6openssl-speed - test library performance
7
8=head1 SYNOPSIS
9
10B<openssl speed>
11[B<-help>]
12[B<-elapsed>]
13[B<-evp> I<algo>]
14[B<-hmac> I<algo>]
15[B<-cmac> I<algo>]
16[B<-mb>]
17[B<-aead>]
18[B<-multi> I<num>]
19[B<-async_jobs> I<num>]
20[B<-misalign> I<num>]
21[B<-decrypt>]
22[B<-primes> I<num>]
23[B<-seconds> I<num>]
24[B<-bytes> I<num>]
25[B<-mr>]
26{- $OpenSSL::safe::opt_r_synopsis -}
27{- $OpenSSL::safe::opt_engine_synopsis -}{- $OpenSSL::safe::opt_provider_synopsis -}
28[I<algorithm> ...]
29
30=head1 DESCRIPTION
31
32This command is used to test the performance of cryptographic algorithms.
33
34=head1 OPTIONS
35
36=over 4
37
38=item B<-help>
39
40Print out a usage message.
41
42=item B<-elapsed>
43
44When calculating operations- or bytes-per-second, use wall-clock time
45instead of CPU user time as divisor. It can be useful when testing speed
46of hardware engines.
47
48=item B<-evp> I<algo>
49
50Use the specified cipher or message digest algorithm via the EVP interface.
51If I<algo> is an AEAD cipher, then you can pass B<-aead> to benchmark a
52TLS-like sequence. And if I<algo> is a multi-buffer capable cipher, e.g.
53aes-128-cbc-hmac-sha1, then B<-mb> will time multi-buffer operation.
54
55To see the algorithms supported with this option, use
56C<openssl list -digest-algorithms> or C<openssl list -cipher-algorithms>
57command.
58
59=item B<-multi> I<num>
60
61Run multiple operations in parallel.
62
63=item B<-async_jobs> I<num>
64
65Enable async mode and start specified number of jobs.
66
67=item B<-misalign> I<num>
68
69Misalign the buffers by the specified number of bytes.
70
71=item B<-hmac> I<digest>
72
73Time the HMAC algorithm using the specified message digest.
74
75=item B<-cmac> I<cipher>
76
77Time the CMAC algorithm using the specified cipher e.g.
78C<openssl speed -cmac aes128>.
79
80=item B<-decrypt>
81
82Time the decryption instead of encryption. Affects only the EVP testing.
83
84=item B<-mb>
85
86Enable multi-block mode on EVP-named cipher.
87
88=item B<-aead>
89
90Benchmark EVP-named AEAD cipher in TLS-like sequence.
91
92=item B<-primes> I<num>
93
94Generate a I<num>-prime RSA key and use it to run the benchmarks. This option
95is only effective if RSA algorithm is specified to test.
96
97=item B<-seconds> I<num>
98
99Run benchmarks for I<num> seconds.
100
101=item B<-bytes> I<num>
102
103Run benchmarks on I<num>-byte buffers. Affects ciphers, digests and the CSPRNG.
104The limit on the size of the buffer is INT_MAX - 64 bytes, which for a 32-bit
105int would be 2147483583 bytes.
106
107=item B<-mr>
108
109Produce the summary in a mechanical, machine-readable, format.
110
111{- $OpenSSL::safe::opt_r_item -}
112
113{- $OpenSSL::safe::opt_engine_item -}
114
115{- $OpenSSL::safe::opt_provider_item -}
116
117=item I<algorithm> ...
118
119If any I<algorithm> is given, then those algorithms are tested, otherwise a
120pre-compiled grand selection is tested.
121
122=back
123
124=head1 BUGS
125
126The I<algorithm> can be selected only from a pre-compiled subset of things
127that the C<openssl speed> command knows about. To test any additional digest
128or cipher algorithm supported by OpenSSL use the C<-evp> option.
129
130There is no way to test the speed of any additional public key algorithms
131supported by third party providers with the C<openssl speed> command.
132
133=head1 HISTORY
134
135The B<-engine> option was deprecated in OpenSSL 3.0.
136
137=head1 COPYRIGHT
138
139Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved.
140
141Licensed under the Apache License 2.0 (the "License").  You may not use
142this file except in compliance with the License.  You can obtain a copy
143in the file LICENSE in the source distribution or at
144L<https://www.openssl.org/source/license.html>.
145
146=cut
147