2016-05-18 02:18:30 +08:00
|
|
|
/*
|
2018-01-19 17:49:22 +08:00
|
|
|
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
|
2017-06-15 22:16:46 +08:00
|
|
|
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
|
1998-12-21 18:52:47 +08:00
|
|
|
*
|
2018-12-06 20:00:26 +08:00
|
|
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
2016-05-18 02:18:30 +08:00
|
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
|
|
* in the file LICENSE in the source distribution or at
|
|
|
|
* https://www.openssl.org/source/license.html
|
1998-12-21 18:52:47 +08:00
|
|
|
*/
|
2016-05-18 02:18:30 +08:00
|
|
|
|
2015-01-27 23:06:22 +08:00
|
|
|
#undef SECONDS
|
|
|
|
#define SECONDS 3
|
|
|
|
#define RSA_SECONDS 10
|
|
|
|
#define DSA_SECONDS 10
|
|
|
|
#define ECDSA_SECONDS 10
|
|
|
|
#define ECDH_SECONDS 10
|
2018-09-07 14:39:19 +08:00
|
|
|
#define EdDSA_SECONDS 10
|
2019-09-29 22:25:10 +08:00
|
|
|
#define SM2_SECONDS 10
|
2015-01-27 23:06:22 +08:00
|
|
|
|
|
|
|
#include <stdio.h>
|
|
|
|
#include <stdlib.h>
|
|
|
|
#include <string.h>
|
|
|
|
#include <math.h>
|
|
|
|
#include "apps.h"
|
2018-01-31 18:13:10 +08:00
|
|
|
#include "progs.h"
|
2015-01-27 23:06:22 +08:00
|
|
|
#include <openssl/crypto.h>
|
|
|
|
#include <openssl/rand.h>
|
|
|
|
#include <openssl/err.h>
|
|
|
|
#include <openssl/evp.h>
|
|
|
|
#include <openssl/objects.h>
|
2015-12-09 15:26:38 +08:00
|
|
|
#include <openssl/async.h>
|
2015-01-27 23:06:22 +08:00
|
|
|
#if !defined(OPENSSL_SYS_MSDOS)
|
2019-06-21 05:07:25 +08:00
|
|
|
# include <unistd.h>
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
1998-12-21 18:52:47 +08:00
|
|
|
|
2016-01-17 02:30:48 +08:00
|
|
|
#if defined(_WIN32)
|
2015-01-27 23:06:22 +08:00
|
|
|
# include <windows.h>
|
|
|
|
#endif
|
1998-12-21 18:52:47 +08:00
|
|
|
|
2015-01-27 23:06:22 +08:00
|
|
|
#include <openssl/bn.h>
|
|
|
|
#ifndef OPENSSL_NO_DES
|
|
|
|
# include <openssl/des.h>
|
|
|
|
#endif
|
2016-04-13 18:28:45 +08:00
|
|
|
#include <openssl/aes.h>
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef OPENSSL_NO_CAMELLIA
|
|
|
|
# include <openssl/camellia.h>
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_MD2
|
|
|
|
# include <openssl/md2.h>
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_MDC2
|
|
|
|
# include <openssl/mdc2.h>
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_MD4
|
|
|
|
# include <openssl/md4.h>
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_MD5
|
|
|
|
# include <openssl/md5.h>
|
|
|
|
#endif
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
#include <openssl/hmac.h>
|
2019-04-11 04:44:41 +08:00
|
|
|
#ifndef OPENSSL_NO_CMAC
|
|
|
|
#include <openssl/cmac.h>
|
|
|
|
#endif
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
#include <openssl/sha.h>
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef OPENSSL_NO_RMD160
|
|
|
|
# include <openssl/ripemd.h>
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_WHIRLPOOL
|
|
|
|
# include <openssl/whrlpool.h>
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_RC4
|
|
|
|
# include <openssl/rc4.h>
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_RC5
|
|
|
|
# include <openssl/rc5.h>
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_RC2
|
|
|
|
# include <openssl/rc2.h>
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_IDEA
|
|
|
|
# include <openssl/idea.h>
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_SEED
|
|
|
|
# include <openssl/seed.h>
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_BF
|
|
|
|
# include <openssl/blowfish.h>
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_CAST
|
|
|
|
# include <openssl/cast.h>
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_RSA
|
|
|
|
# include <openssl/rsa.h>
|
|
|
|
# include "./testrsa.h"
|
|
|
|
#endif
|
|
|
|
#include <openssl/x509.h>
|
|
|
|
#ifndef OPENSSL_NO_DSA
|
|
|
|
# include <openssl/dsa.h>
|
|
|
|
# include "./testdsa.h"
|
|
|
|
#endif
|
2015-03-11 07:09:27 +08:00
|
|
|
#ifndef OPENSSL_NO_EC
|
2015-10-28 03:39:32 +08:00
|
|
|
# include <openssl/ec.h>
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#include <openssl/modes.h>
|
2014-05-27 04:57:25 +08:00
|
|
|
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef HAVE_FORK
|
2018-12-20 19:59:31 +08:00
|
|
|
# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS)
|
2015-01-27 23:06:22 +08:00
|
|
|
# define HAVE_FORK 0
|
2015-01-22 11:40:55 +08:00
|
|
|
# else
|
2015-01-27 23:06:22 +08:00
|
|
|
# define HAVE_FORK 1
|
2015-01-22 11:40:55 +08:00
|
|
|
# endif
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2001-10-26 00:08:17 +08:00
|
|
|
|
2015-01-27 23:06:22 +08:00
|
|
|
#if HAVE_FORK
|
|
|
|
# undef NO_FORK
|
|
|
|
#else
|
|
|
|
# define NO_FORK
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#define MAX_MISALIGNMENT 63
|
2016-02-18 18:56:53 +08:00
|
|
|
#define MAX_ECDH_SIZE 256
|
|
|
|
#define MISALIGN 64
|
|
|
|
|
2018-01-12 11:37:39 +08:00
|
|
|
typedef struct openssl_speed_sec_st {
|
2017-12-02 17:05:35 +08:00
|
|
|
int sym;
|
|
|
|
int rsa;
|
|
|
|
int dsa;
|
|
|
|
int ecdsa;
|
|
|
|
int ecdh;
|
2018-09-07 14:39:19 +08:00
|
|
|
int eddsa;
|
2019-09-29 22:25:10 +08:00
|
|
|
int sm2;
|
2018-01-12 11:37:39 +08:00
|
|
|
} openssl_speed_sec_t;
|
2017-12-02 17:05:35 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
static volatile int run = 0;
|
1998-12-21 18:52:47 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
static int mr = 0;
|
|
|
|
static int usertime = 1;
|
2001-09-27 23:43:55 +08:00
|
|
|
|
2015-12-09 15:26:38 +08:00
|
|
|
#ifndef OPENSSL_NO_MD2
|
|
|
|
static int EVP_Digest_MD2_loop(void *args);
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#ifndef OPENSSL_NO_MDC2
|
|
|
|
static int EVP_Digest_MDC2_loop(void *args);
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_MD4
|
|
|
|
static int EVP_Digest_MD4_loop(void *args);
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_MD5
|
|
|
|
static int MD5_loop(void *args);
|
|
|
|
static int HMAC_loop(void *args);
|
|
|
|
#endif
|
|
|
|
static int SHA1_loop(void *args);
|
|
|
|
static int SHA256_loop(void *args);
|
|
|
|
static int SHA512_loop(void *args);
|
|
|
|
#ifndef OPENSSL_NO_WHIRLPOOL
|
|
|
|
static int WHIRLPOOL_loop(void *args);
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_RMD160
|
|
|
|
static int EVP_Digest_RMD160_loop(void *args);
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_RC4
|
|
|
|
static int RC4_loop(void *args);
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_DES
|
|
|
|
static int DES_ncbc_encrypt_loop(void *args);
|
|
|
|
static int DES_ede3_cbc_encrypt_loop(void *args);
|
|
|
|
#endif
|
|
|
|
static int AES_cbc_128_encrypt_loop(void *args);
|
|
|
|
static int AES_cbc_192_encrypt_loop(void *args);
|
|
|
|
static int AES_cbc_256_encrypt_loop(void *args);
|
2019-11-06 00:28:50 +08:00
|
|
|
#ifndef OPENSSL_NO_DEPRECATED_3_0
|
2019-04-09 22:32:33 +08:00
|
|
|
static int AES_ige_128_encrypt_loop(void *args);
|
2015-12-09 15:26:38 +08:00
|
|
|
static int AES_ige_192_encrypt_loop(void *args);
|
|
|
|
static int AES_ige_256_encrypt_loop(void *args);
|
2019-04-09 22:32:33 +08:00
|
|
|
#endif
|
2015-12-09 15:26:38 +08:00
|
|
|
static int CRYPTO_gcm128_aad_loop(void *args);
|
2017-10-07 17:38:19 +08:00
|
|
|
static int RAND_bytes_loop(void *args);
|
2015-12-09 15:26:38 +08:00
|
|
|
static int EVP_Update_loop(void *args);
|
2017-02-21 00:49:36 +08:00
|
|
|
static int EVP_Update_loop_ccm(void *args);
|
2018-05-19 21:43:11 +08:00
|
|
|
static int EVP_Update_loop_aead(void *args);
|
2015-12-09 15:26:38 +08:00
|
|
|
static int EVP_Digest_loop(void *args);
|
|
|
|
#ifndef OPENSSL_NO_RSA
|
|
|
|
static int RSA_sign_loop(void *args);
|
|
|
|
static int RSA_verify_loop(void *args);
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_DSA
|
|
|
|
static int DSA_sign_loop(void *args);
|
|
|
|
static int DSA_verify_loop(void *args);
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_EC
|
|
|
|
static int ECDSA_sign_loop(void *args);
|
|
|
|
static int ECDSA_verify_loop(void *args);
|
2018-09-07 14:39:19 +08:00
|
|
|
static int EdDSA_sign_loop(void *args);
|
|
|
|
static int EdDSA_verify_loop(void *args);
|
2019-09-29 22:25:10 +08:00
|
|
|
# ifndef OPENSSL_NO_SM2
|
|
|
|
static int SM2_sign_loop(void *args);
|
|
|
|
static int SM2_verify_loop(void *args);
|
|
|
|
# endif
|
2015-12-09 15:26:38 +08:00
|
|
|
#endif
|
|
|
|
|
2001-10-25 22:27:17 +08:00
|
|
|
static double Time_F(int s);
|
2017-12-02 17:05:35 +08:00
|
|
|
static void print_message(const char *s, long num, int length, int tm);
|
2005-03-21 07:12:13 +08:00
|
|
|
static void pkey_print_message(const char *str, const char *str2,
|
2016-11-29 06:36:50 +08:00
|
|
|
long num, unsigned int bits, int sec);
|
2015-01-22 11:40:55 +08:00
|
|
|
static void print_result(int alg, int run_no, int count, double time_used);
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef NO_FORK
|
2017-12-02 17:05:35 +08:00
|
|
|
static int do_multi(int multi, int size_num);
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2015-01-22 11:40:55 +08:00
|
|
|
|
2017-12-02 17:05:35 +08:00
|
|
|
static const int lengths_list[] = {
|
|
|
|
16, 64, 256, 1024, 8 * 1024, 16 * 1024
|
|
|
|
};
|
|
|
|
static const int *lengths = lengths_list;
|
|
|
|
|
2018-05-19 21:43:11 +08:00
|
|
|
static const int aead_lengths_list[] = {
|
|
|
|
2, 31, 136, 1024, 8 * 1024, 16 * 1024
|
|
|
|
};
|
|
|
|
|
2018-05-19 21:53:29 +08:00
|
|
|
#define START 0
|
|
|
|
#define STOP 1
|
|
|
|
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifdef SIGALRM
|
2001-11-06 21:40:27 +08:00
|
|
|
|
2018-05-19 21:53:29 +08:00
|
|
|
static void alarmed(int sig)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
2018-05-19 21:53:29 +08:00
|
|
|
signal(SIGALRM, alarmed);
|
2015-01-22 11:40:55 +08:00
|
|
|
run = 0;
|
|
|
|
}
|
1998-12-21 18:52:47 +08:00
|
|
|
|
2018-05-19 21:53:29 +08:00
|
|
|
static double Time_F(int s)
|
|
|
|
{
|
|
|
|
double ret = app_tminterval(s, usertime);
|
|
|
|
if (s == STOP)
|
|
|
|
alarm(0);
|
|
|
|
return ret;
|
|
|
|
}
|
1998-12-21 18:52:47 +08:00
|
|
|
|
2018-05-19 21:53:29 +08:00
|
|
|
#elif defined(_WIN32)
|
|
|
|
|
|
|
|
# define SIGALRM -1
|
2003-11-28 21:10:58 +08:00
|
|
|
|
2017-07-24 23:28:50 +08:00
|
|
|
static unsigned int lapse;
|
|
|
|
static volatile unsigned int schlock;
|
2015-01-22 11:40:55 +08:00
|
|
|
static void alarm_win32(unsigned int secs)
|
|
|
|
{
|
|
|
|
lapse = secs * 1000;
|
|
|
|
}
|
2003-11-28 21:10:58 +08:00
|
|
|
|
2015-01-27 23:06:22 +08:00
|
|
|
# define alarm alarm_win32
|
2015-01-22 11:40:55 +08:00
|
|
|
|
|
|
|
static DWORD WINAPI sleepy(VOID * arg)
|
|
|
|
{
|
|
|
|
schlock = 1;
|
|
|
|
Sleep(lapse);
|
|
|
|
run = 0;
|
|
|
|
return 0;
|
|
|
|
}
|
2000-07-01 01:16:46 +08:00
|
|
|
|
2005-11-06 19:40:59 +08:00
|
|
|
static double Time_F(int s)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
|
|
|
double ret;
|
|
|
|
static HANDLE thr;
|
|
|
|
|
|
|
|
if (s == START) {
|
|
|
|
schlock = 0;
|
|
|
|
thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
|
|
|
|
if (thr == NULL) {
|
2015-09-28 22:05:32 +08:00
|
|
|
DWORD err = GetLastError();
|
|
|
|
BIO_printf(bio_err, "unable to CreateThread (%lu)", err);
|
2016-06-16 22:59:42 +08:00
|
|
|
ExitProcess(err);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
while (!schlock)
|
|
|
|
Sleep(0); /* scheduler spinlock */
|
|
|
|
ret = app_tminterval(s, usertime);
|
|
|
|
} else {
|
|
|
|
ret = app_tminterval(s, usertime);
|
|
|
|
if (run)
|
|
|
|
TerminateThread(thr, 0);
|
|
|
|
CloseHandle(thr);
|
|
|
|
}
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#else
|
2015-01-22 11:40:55 +08:00
|
|
|
static double Time_F(int s)
|
|
|
|
{
|
2018-05-19 21:53:29 +08:00
|
|
|
return app_tminterval(s, usertime);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2003-02-28 23:37:10 +08:00
|
|
|
|
2018-04-30 07:13:58 +08:00
|
|
|
static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
|
2018-01-12 11:37:39 +08:00
|
|
|
const openssl_speed_sec_t *seconds);
|
2003-02-28 23:37:10 +08:00
|
|
|
|
2018-04-30 07:13:58 +08:00
|
|
|
#define found(value, pairs, result)\
|
|
|
|
opt_found(value, result, pairs, OSSL_NELEM(pairs))
|
|
|
|
static int opt_found(const char *name, unsigned int *result,
|
|
|
|
const OPT_PAIR pairs[], unsigned int nbelem)
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
{
|
2018-04-30 07:13:58 +08:00
|
|
|
unsigned int idx;
|
|
|
|
|
|
|
|
for (idx = 0; idx < nbelem; ++idx, pairs++)
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
if (strcmp(name, pairs->name) == 0) {
|
|
|
|
*result = pairs->retval;
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
typedef enum OPTION_choice {
|
|
|
|
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
|
2018-08-14 12:04:47 +08:00
|
|
|
OPT_ELAPSED, OPT_EVP, OPT_HMAC, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
|
2017-08-02 02:19:43 +08:00
|
|
|
OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM,
|
2019-04-11 04:44:41 +08:00
|
|
|
OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD, OPT_CMAC
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
} OPTION_CHOICE;
|
|
|
|
|
2016-03-13 21:07:50 +08:00
|
|
|
const OPTIONS speed_options[] = {
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
{OPT_HELP_STR, 1, '-', "Usage: %s [options] ciphers...\n"},
|
|
|
|
{OPT_HELP_STR, 1, '-', "Valid options are:\n"},
|
|
|
|
{"help", OPT_HELP, '-', "Display this summary"},
|
2018-05-19 21:43:11 +08:00
|
|
|
{"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"},
|
2018-08-14 12:04:47 +08:00
|
|
|
{"hmac", OPT_HMAC, 's', "HMAC using EVP-named digest"},
|
2019-04-11 04:44:41 +08:00
|
|
|
#ifndef OPENSSL_NO_CMAC
|
|
|
|
{"cmac", OPT_CMAC, 's', "CMAC using EVP-named cipher"},
|
|
|
|
#endif
|
2015-05-16 01:50:38 +08:00
|
|
|
{"decrypt", OPT_DECRYPT, '-',
|
|
|
|
"Time decryption instead of encryption (only EVP)"},
|
2018-05-19 21:43:11 +08:00
|
|
|
{"aead", OPT_AEAD, '-',
|
|
|
|
"Benchmark EVP-named AEAD cipher in TLS-like sequence"},
|
2016-07-29 03:15:52 +08:00
|
|
|
{"mb", OPT_MB, '-',
|
2018-05-19 21:43:11 +08:00
|
|
|
"Enable (tls1>=1) multi-block mode on EVP-named cipher"},
|
|
|
|
{"mr", OPT_MR, '-', "Produce machine readable output"},
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
#ifndef NO_FORK
|
|
|
|
{"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"},
|
|
|
|
#endif
|
2016-03-08 00:55:39 +08:00
|
|
|
#ifndef OPENSSL_NO_ASYNC
|
2016-08-07 18:04:26 +08:00
|
|
|
{"async_jobs", OPT_ASYNCJOBS, 'p',
|
2018-05-19 21:43:11 +08:00
|
|
|
"Enable async mode and start specified number of jobs"},
|
2015-12-09 15:26:38 +08:00
|
|
|
#endif
|
2017-07-05 22:58:48 +08:00
|
|
|
OPT_R_OPTIONS,
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
#ifndef OPENSSL_NO_ENGINE
|
|
|
|
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
|
|
|
|
#endif
|
2018-05-19 21:43:11 +08:00
|
|
|
{"elapsed", OPT_ELAPSED, '-',
|
|
|
|
"Use wall-clock time instead of CPU user time as divisor"},
|
2017-08-02 02:19:43 +08:00
|
|
|
{"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"},
|
2017-12-02 17:05:35 +08:00
|
|
|
{"seconds", OPT_SECONDS, 'p',
|
2018-05-19 21:43:11 +08:00
|
|
|
"Run benchmarks for specified amount of seconds"},
|
2017-12-02 17:05:35 +08:00
|
|
|
{"bytes", OPT_BYTES, 'p',
|
2018-05-19 21:43:11 +08:00
|
|
|
"Run [non-PKI] benchmarks on custom-sized buffer"},
|
|
|
|
{"misalign", OPT_MISALIGN, 'p',
|
|
|
|
"Use specified offset to mis-align buffers"},
|
2018-04-30 07:13:58 +08:00
|
|
|
{NULL}
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
#define D_MD2 0
|
|
|
|
#define D_MDC2 1
|
|
|
|
#define D_MD4 2
|
|
|
|
#define D_MD5 3
|
|
|
|
#define D_HMAC 4
|
|
|
|
#define D_SHA1 5
|
|
|
|
#define D_RMD160 6
|
|
|
|
#define D_RC4 7
|
|
|
|
#define D_CBC_DES 8
|
|
|
|
#define D_EDE3_DES 9
|
|
|
|
#define D_CBC_IDEA 10
|
|
|
|
#define D_CBC_SEED 11
|
|
|
|
#define D_CBC_RC2 12
|
|
|
|
#define D_CBC_RC5 13
|
|
|
|
#define D_CBC_BF 14
|
|
|
|
#define D_CBC_CAST 15
|
|
|
|
#define D_CBC_128_AES 16
|
|
|
|
#define D_CBC_192_AES 17
|
|
|
|
#define D_CBC_256_AES 18
|
|
|
|
#define D_CBC_128_CML 19
|
|
|
|
#define D_CBC_192_CML 20
|
|
|
|
#define D_CBC_256_CML 21
|
|
|
|
#define D_EVP 22
|
|
|
|
#define D_SHA256 23
|
|
|
|
#define D_SHA512 24
|
|
|
|
#define D_WHIRLPOOL 25
|
|
|
|
#define D_IGE_128_AES 26
|
|
|
|
#define D_IGE_192_AES 27
|
|
|
|
#define D_IGE_256_AES 28
|
|
|
|
#define D_GHASH 29
|
2017-10-07 17:38:19 +08:00
|
|
|
#define D_RAND 30
|
2018-08-14 12:04:47 +08:00
|
|
|
#define D_EVP_HMAC 31
|
2019-04-11 04:44:41 +08:00
|
|
|
#define D_EVP_CMAC 32
|
2018-08-14 12:04:47 +08:00
|
|
|
|
2018-04-30 07:13:58 +08:00
|
|
|
/* name of algorithms to test */
|
|
|
|
static const char *names[] = {
|
|
|
|
"md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
|
|
|
|
"des cbc", "des ede3", "idea cbc", "seed cbc",
|
|
|
|
"rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
|
|
|
|
"aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
|
|
|
|
"camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
|
|
|
|
"evp", "sha256", "sha512", "whirlpool",
|
|
|
|
"aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
|
2019-04-11 04:44:41 +08:00
|
|
|
"rand", "hmac", "cmac"
|
2018-04-30 07:13:58 +08:00
|
|
|
};
|
|
|
|
#define ALGOR_NUM OSSL_NELEM(names)
|
|
|
|
|
|
|
|
/* list of configured algorithm (remaining) */
|
|
|
|
static const OPT_PAIR doit_choices[] = {
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
#ifndef OPENSSL_NO_MD2
|
|
|
|
{"md2", D_MD2},
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_MDC2
|
|
|
|
{"mdc2", D_MDC2},
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_MD4
|
|
|
|
{"md4", D_MD4},
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_MD5
|
|
|
|
{"md5", D_MD5},
|
|
|
|
{"hmac", D_HMAC},
|
|
|
|
#endif
|
|
|
|
{"sha1", D_SHA1},
|
|
|
|
{"sha256", D_SHA256},
|
|
|
|
{"sha512", D_SHA512},
|
|
|
|
#ifndef OPENSSL_NO_WHIRLPOOL
|
|
|
|
{"whirlpool", D_WHIRLPOOL},
|
|
|
|
#endif
|
2015-08-07 00:22:31 +08:00
|
|
|
#ifndef OPENSSL_NO_RMD160
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
{"ripemd", D_RMD160},
|
|
|
|
{"rmd160", D_RMD160},
|
|
|
|
{"ripemd160", D_RMD160},
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_RC4
|
|
|
|
{"rc4", D_RC4},
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_DES
|
|
|
|
{"des-cbc", D_CBC_DES},
|
|
|
|
{"des-ede3", D_EDE3_DES},
|
|
|
|
#endif
|
|
|
|
{"aes-128-cbc", D_CBC_128_AES},
|
|
|
|
{"aes-192-cbc", D_CBC_192_AES},
|
|
|
|
{"aes-256-cbc", D_CBC_256_AES},
|
2019-11-06 00:28:50 +08:00
|
|
|
#ifndef OPENSSL_NO_DEPRECATED_3_0
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
{"aes-128-ige", D_IGE_128_AES},
|
|
|
|
{"aes-192-ige", D_IGE_192_AES},
|
|
|
|
{"aes-256-ige", D_IGE_256_AES},
|
2019-04-09 22:32:33 +08:00
|
|
|
#endif
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
#ifndef OPENSSL_NO_RC2
|
|
|
|
{"rc2-cbc", D_CBC_RC2},
|
|
|
|
{"rc2", D_CBC_RC2},
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_RC5
|
|
|
|
{"rc5-cbc", D_CBC_RC5},
|
|
|
|
{"rc5", D_CBC_RC5},
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_IDEA
|
|
|
|
{"idea-cbc", D_CBC_IDEA},
|
|
|
|
{"idea", D_CBC_IDEA},
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_SEED
|
|
|
|
{"seed-cbc", D_CBC_SEED},
|
|
|
|
{"seed", D_CBC_SEED},
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_BF
|
|
|
|
{"bf-cbc", D_CBC_BF},
|
|
|
|
{"blowfish", D_CBC_BF},
|
|
|
|
{"bf", D_CBC_BF},
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_CAST
|
|
|
|
{"cast-cbc", D_CBC_CAST},
|
|
|
|
{"cast", D_CBC_CAST},
|
|
|
|
{"cast5", D_CBC_CAST},
|
|
|
|
#endif
|
|
|
|
{"ghash", D_GHASH},
|
2018-04-30 07:13:58 +08:00
|
|
|
{"rand", D_RAND}
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
};
|
|
|
|
|
2018-04-30 07:13:58 +08:00
|
|
|
static double results[ALGOR_NUM][OSSL_NELEM(lengths_list)];
|
|
|
|
|
2016-03-19 01:43:58 +08:00
|
|
|
#ifndef OPENSSL_NO_DSA
|
|
|
|
# define R_DSA_512 0
|
|
|
|
# define R_DSA_1024 1
|
|
|
|
# define R_DSA_2048 2
|
2018-04-30 07:13:58 +08:00
|
|
|
static const OPT_PAIR dsa_choices[] = {
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
{"dsa512", R_DSA_512},
|
|
|
|
{"dsa1024", R_DSA_1024},
|
2018-04-30 07:13:58 +08:00
|
|
|
{"dsa2048", R_DSA_2048}
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
};
|
2018-04-30 07:13:58 +08:00
|
|
|
# define DSA_NUM OSSL_NELEM(dsa_choices)
|
|
|
|
|
|
|
|
static double dsa_results[DSA_NUM][2]; /* 2 ops: sign then verify */
|
|
|
|
#endif /* OPENSSL_NO_DSA */
|
2000-02-11 17:47:18 +08:00
|
|
|
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
#define R_RSA_512 0
|
|
|
|
#define R_RSA_1024 1
|
|
|
|
#define R_RSA_2048 2
|
|
|
|
#define R_RSA_3072 3
|
|
|
|
#define R_RSA_4096 4
|
|
|
|
#define R_RSA_7680 5
|
|
|
|
#define R_RSA_15360 6
|
2018-04-30 07:13:58 +08:00
|
|
|
#ifndef OPENSSL_NO_RSA
|
|
|
|
static const OPT_PAIR rsa_choices[] = {
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
{"rsa512", R_RSA_512},
|
|
|
|
{"rsa1024", R_RSA_1024},
|
|
|
|
{"rsa2048", R_RSA_2048},
|
|
|
|
{"rsa3072", R_RSA_3072},
|
|
|
|
{"rsa4096", R_RSA_4096},
|
|
|
|
{"rsa7680", R_RSA_7680},
|
2018-04-30 07:13:58 +08:00
|
|
|
{"rsa15360", R_RSA_15360}
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
};
|
2018-04-30 07:13:58 +08:00
|
|
|
# define RSA_NUM OSSL_NELEM(rsa_choices)
|
|
|
|
|
|
|
|
static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */
|
|
|
|
#endif /* OPENSSL_NO_RSA */
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
|
2019-03-06 05:52:33 +08:00
|
|
|
enum {
|
|
|
|
R_EC_P160,
|
|
|
|
R_EC_P192,
|
|
|
|
R_EC_P224,
|
|
|
|
R_EC_P256,
|
|
|
|
R_EC_P384,
|
|
|
|
R_EC_P521,
|
|
|
|
#ifndef OPENSSL_NO_EC2M
|
|
|
|
R_EC_K163,
|
|
|
|
R_EC_K233,
|
|
|
|
R_EC_K283,
|
|
|
|
R_EC_K409,
|
|
|
|
R_EC_K571,
|
|
|
|
R_EC_B163,
|
|
|
|
R_EC_B233,
|
|
|
|
R_EC_B283,
|
|
|
|
R_EC_B409,
|
|
|
|
R_EC_B571,
|
|
|
|
#endif
|
|
|
|
R_EC_BRP256R1,
|
|
|
|
R_EC_BRP256T1,
|
|
|
|
R_EC_BRP384R1,
|
|
|
|
R_EC_BRP384T1,
|
|
|
|
R_EC_BRP512R1,
|
|
|
|
R_EC_BRP512T1,
|
|
|
|
R_EC_X25519,
|
|
|
|
R_EC_X448
|
|
|
|
};
|
|
|
|
|
2015-09-20 06:46:44 +08:00
|
|
|
#ifndef OPENSSL_NO_EC
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
static OPT_PAIR ecdsa_choices[] = {
|
|
|
|
{"ecdsap160", R_EC_P160},
|
|
|
|
{"ecdsap192", R_EC_P192},
|
|
|
|
{"ecdsap224", R_EC_P224},
|
|
|
|
{"ecdsap256", R_EC_P256},
|
|
|
|
{"ecdsap384", R_EC_P384},
|
|
|
|
{"ecdsap521", R_EC_P521},
|
2019-03-06 05:52:33 +08:00
|
|
|
# ifndef OPENSSL_NO_EC2M
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
{"ecdsak163", R_EC_K163},
|
|
|
|
{"ecdsak233", R_EC_K233},
|
|
|
|
{"ecdsak283", R_EC_K283},
|
|
|
|
{"ecdsak409", R_EC_K409},
|
|
|
|
{"ecdsak571", R_EC_K571},
|
|
|
|
{"ecdsab163", R_EC_B163},
|
|
|
|
{"ecdsab233", R_EC_B233},
|
|
|
|
{"ecdsab283", R_EC_B283},
|
|
|
|
{"ecdsab409", R_EC_B409},
|
2018-05-08 16:34:59 +08:00
|
|
|
{"ecdsab571", R_EC_B571},
|
2019-03-06 05:52:33 +08:00
|
|
|
# endif
|
2018-05-08 16:34:59 +08:00
|
|
|
{"ecdsabrp256r1", R_EC_BRP256R1},
|
|
|
|
{"ecdsabrp256t1", R_EC_BRP256T1},
|
|
|
|
{"ecdsabrp384r1", R_EC_BRP384R1},
|
|
|
|
{"ecdsabrp384t1", R_EC_BRP384T1},
|
|
|
|
{"ecdsabrp512r1", R_EC_BRP512R1},
|
|
|
|
{"ecdsabrp512t1", R_EC_BRP512T1}
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
};
|
2018-04-30 07:13:58 +08:00
|
|
|
# define ECDSA_NUM OSSL_NELEM(ecdsa_choices)
|
|
|
|
|
|
|
|
static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */
|
2016-08-07 18:04:26 +08:00
|
|
|
|
2018-04-30 07:13:58 +08:00
|
|
|
static const OPT_PAIR ecdh_choices[] = {
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
{"ecdhp160", R_EC_P160},
|
|
|
|
{"ecdhp192", R_EC_P192},
|
|
|
|
{"ecdhp224", R_EC_P224},
|
|
|
|
{"ecdhp256", R_EC_P256},
|
|
|
|
{"ecdhp384", R_EC_P384},
|
|
|
|
{"ecdhp521", R_EC_P521},
|
2019-03-06 05:52:33 +08:00
|
|
|
# ifndef OPENSSL_NO_EC2M
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
{"ecdhk163", R_EC_K163},
|
|
|
|
{"ecdhk233", R_EC_K233},
|
|
|
|
{"ecdhk283", R_EC_K283},
|
|
|
|
{"ecdhk409", R_EC_K409},
|
|
|
|
{"ecdhk571", R_EC_K571},
|
|
|
|
{"ecdhb163", R_EC_B163},
|
|
|
|
{"ecdhb233", R_EC_B233},
|
|
|
|
{"ecdhb283", R_EC_B283},
|
|
|
|
{"ecdhb409", R_EC_B409},
|
|
|
|
{"ecdhb571", R_EC_B571},
|
2019-03-06 05:52:33 +08:00
|
|
|
# endif
|
2018-05-08 16:34:59 +08:00
|
|
|
{"ecdhbrp256r1", R_EC_BRP256R1},
|
|
|
|
{"ecdhbrp256t1", R_EC_BRP256T1},
|
|
|
|
{"ecdhbrp384r1", R_EC_BRP384R1},
|
|
|
|
{"ecdhbrp384t1", R_EC_BRP384T1},
|
|
|
|
{"ecdhbrp512r1", R_EC_BRP512R1},
|
|
|
|
{"ecdhbrp512t1", R_EC_BRP512T1},
|
2016-02-12 22:11:47 +08:00
|
|
|
{"ecdhx25519", R_EC_X25519},
|
2018-04-30 07:13:58 +08:00
|
|
|
{"ecdhx448", R_EC_X448}
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
};
|
2018-04-30 07:13:58 +08:00
|
|
|
# define EC_NUM OSSL_NELEM(ecdh_choices)
|
|
|
|
|
|
|
|
static double ecdh_results[EC_NUM][1]; /* 1 op: derivation */
|
2018-09-07 14:39:19 +08:00
|
|
|
|
|
|
|
#define R_EC_Ed25519 0
|
|
|
|
#define R_EC_Ed448 1
|
|
|
|
static OPT_PAIR eddsa_choices[] = {
|
|
|
|
{"ed25519", R_EC_Ed25519},
|
|
|
|
{"ed448", R_EC_Ed448}
|
|
|
|
};
|
|
|
|
# define EdDSA_NUM OSSL_NELEM(eddsa_choices)
|
|
|
|
|
|
|
|
static double eddsa_results[EdDSA_NUM][2]; /* 2 ops: sign then verify */
|
2019-09-29 22:25:10 +08:00
|
|
|
|
|
|
|
# ifndef OPENSSL_NO_SM2
|
|
|
|
# define R_EC_CURVESM2 0
|
|
|
|
static OPT_PAIR sm2_choices[] = {
|
|
|
|
{"curveSM2", R_EC_CURVESM2}
|
|
|
|
};
|
|
|
|
# define SM2_ID "TLSv1.3+GM+Cipher+Suite"
|
|
|
|
# define SM2_ID_LEN sizeof("TLSv1.3+GM+Cipher+Suite") - 1
|
|
|
|
# define SM2_NUM OSSL_NELEM(sm2_choices)
|
|
|
|
|
|
|
|
static double sm2_results[SM2_NUM][2]; /* 2 ops: sign then verify */
|
|
|
|
# endif /* OPENSSL_NO_SM2 */
|
2018-04-30 07:13:58 +08:00
|
|
|
#endif /* OPENSSL_NO_EC */
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
|
2015-12-09 15:26:38 +08:00
|
|
|
#ifndef SIGALRM
|
|
|
|
# define COND(d) (count < (d))
|
|
|
|
# define COUNT(d) (d)
|
|
|
|
#else
|
2016-07-23 20:26:07 +08:00
|
|
|
# define COND(unused_cond) (run && count<0x7fffffff)
|
2015-12-09 15:26:38 +08:00
|
|
|
# define COUNT(d) (count)
|
2016-10-04 14:20:49 +08:00
|
|
|
#endif /* SIGALRM */
|
2015-12-09 15:26:38 +08:00
|
|
|
|
2018-04-30 07:13:58 +08:00
|
|
|
typedef struct loopargs_st {
|
|
|
|
ASYNC_JOB *inprogress_job;
|
|
|
|
ASYNC_WAIT_CTX *wait_ctx;
|
|
|
|
unsigned char *buf;
|
|
|
|
unsigned char *buf2;
|
|
|
|
unsigned char *buf_malloc;
|
|
|
|
unsigned char *buf2_malloc;
|
|
|
|
unsigned char *key;
|
|
|
|
unsigned int siglen;
|
2018-09-10 23:03:14 +08:00
|
|
|
size_t sigsize;
|
2018-04-30 07:13:58 +08:00
|
|
|
#ifndef OPENSSL_NO_RSA
|
|
|
|
RSA *rsa_key[RSA_NUM];
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_DSA
|
|
|
|
DSA *dsa_key[DSA_NUM];
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_EC
|
|
|
|
EC_KEY *ecdsa[ECDSA_NUM];
|
|
|
|
EVP_PKEY_CTX *ecdh_ctx[EC_NUM];
|
2018-09-07 14:39:19 +08:00
|
|
|
EVP_MD_CTX *eddsa_ctx[EdDSA_NUM];
|
2019-09-29 22:25:10 +08:00
|
|
|
# ifndef OPENSSL_NO_SM2
|
|
|
|
EVP_MD_CTX *sm2_ctx[SM2_NUM];
|
|
|
|
EVP_MD_CTX *sm2_vfy_ctx[SM2_NUM];
|
|
|
|
EVP_PKEY *sm2_pkey[SM2_NUM];
|
|
|
|
# endif
|
2018-04-30 07:13:58 +08:00
|
|
|
unsigned char *secret_a;
|
|
|
|
unsigned char *secret_b;
|
|
|
|
size_t outlen[EC_NUM];
|
|
|
|
#endif
|
|
|
|
EVP_CIPHER_CTX *ctx;
|
|
|
|
HMAC_CTX *hctx;
|
2019-04-11 04:44:41 +08:00
|
|
|
#ifndef OPENSSL_NO_CMAC
|
|
|
|
CMAC_CTX *cmac_ctx;
|
|
|
|
#endif
|
2018-04-30 07:13:58 +08:00
|
|
|
GCM128_CONTEXT *gcm_ctx;
|
|
|
|
} loopargs_t;
|
|
|
|
static int run_benchmark(int async_jobs, int (*loop_function) (void *),
|
|
|
|
loopargs_t * loopargs);
|
|
|
|
|
|
|
|
static unsigned int testnum;
|
2015-12-09 15:26:38 +08:00
|
|
|
|
2016-07-23 20:45:08 +08:00
|
|
|
/* Nb of iterations to do per algorithm and key-size */
|
2017-12-02 17:05:35 +08:00
|
|
|
static long c[ALGOR_NUM][OSSL_NELEM(lengths_list)];
|
2015-12-09 15:26:38 +08:00
|
|
|
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef OPENSSL_NO_MD2
|
2015-12-09 15:26:38 +08:00
|
|
|
static int EVP_Digest_MD2_loop(void *args)
|
|
|
|
{
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
2015-12-09 15:26:38 +08:00
|
|
|
unsigned char *buf = tempargs->buf;
|
2015-01-22 11:40:55 +08:00
|
|
|
unsigned char md2[MD2_DIGEST_LENGTH];
|
2015-12-09 15:26:38 +08:00
|
|
|
int count;
|
2016-07-20 05:57:18 +08:00
|
|
|
|
2016-06-18 22:46:13 +08:00
|
|
|
for (count = 0; COND(c[D_MD2][testnum]); count++) {
|
2016-07-20 05:57:18 +08:00
|
|
|
if (!EVP_Digest(buf, (size_t)lengths[testnum], md2, NULL, EVP_md2(),
|
2016-10-04 14:20:49 +08:00
|
|
|
NULL))
|
2016-06-18 22:46:13 +08:00
|
|
|
return -1;
|
|
|
|
}
|
2015-12-09 15:26:38 +08:00
|
|
|
return count;
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2015-12-09 15:26:38 +08:00
|
|
|
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef OPENSSL_NO_MDC2
|
2015-12-09 15:26:38 +08:00
|
|
|
static int EVP_Digest_MDC2_loop(void *args)
|
|
|
|
{
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
2015-12-09 15:26:38 +08:00
|
|
|
unsigned char *buf = tempargs->buf;
|
2015-01-22 11:40:55 +08:00
|
|
|
unsigned char mdc2[MDC2_DIGEST_LENGTH];
|
2015-12-09 15:26:38 +08:00
|
|
|
int count;
|
2016-07-20 05:57:18 +08:00
|
|
|
|
2016-06-18 22:46:13 +08:00
|
|
|
for (count = 0; COND(c[D_MDC2][testnum]); count++) {
|
2016-07-20 05:57:18 +08:00
|
|
|
if (!EVP_Digest(buf, (size_t)lengths[testnum], mdc2, NULL, EVP_mdc2(),
|
2016-10-04 14:20:49 +08:00
|
|
|
NULL))
|
2016-06-18 22:46:13 +08:00
|
|
|
return -1;
|
|
|
|
}
|
2015-12-09 15:26:38 +08:00
|
|
|
return count;
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2015-12-09 15:26:38 +08:00
|
|
|
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef OPENSSL_NO_MD4
|
2015-12-09 15:26:38 +08:00
|
|
|
static int EVP_Digest_MD4_loop(void *args)
|
|
|
|
{
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
2015-12-09 15:26:38 +08:00
|
|
|
unsigned char *buf = tempargs->buf;
|
2015-01-22 11:40:55 +08:00
|
|
|
unsigned char md4[MD4_DIGEST_LENGTH];
|
2015-12-09 15:26:38 +08:00
|
|
|
int count;
|
2016-07-20 05:57:18 +08:00
|
|
|
|
2016-06-18 22:46:13 +08:00
|
|
|
for (count = 0; COND(c[D_MD4][testnum]); count++) {
|
2016-07-20 05:57:18 +08:00
|
|
|
if (!EVP_Digest(buf, (size_t)lengths[testnum], md4, NULL, EVP_md4(),
|
2016-10-04 14:20:49 +08:00
|
|
|
NULL))
|
2016-06-18 22:46:13 +08:00
|
|
|
return -1;
|
|
|
|
}
|
2015-12-09 15:26:38 +08:00
|
|
|
return count;
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2015-12-09 15:26:38 +08:00
|
|
|
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef OPENSSL_NO_MD5
|
2015-12-09 15:26:38 +08:00
|
|
|
static int MD5_loop(void *args)
|
|
|
|
{
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
2015-12-09 15:26:38 +08:00
|
|
|
unsigned char *buf = tempargs->buf;
|
2015-01-22 11:40:55 +08:00
|
|
|
unsigned char md5[MD5_DIGEST_LENGTH];
|
2015-12-09 15:26:38 +08:00
|
|
|
int count;
|
|
|
|
for (count = 0; COND(c[D_MD5][testnum]); count++)
|
|
|
|
MD5(buf, lengths[testnum], md5);
|
|
|
|
return count;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int HMAC_loop(void *args)
|
|
|
|
{
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
2015-12-09 15:26:38 +08:00
|
|
|
unsigned char *buf = tempargs->buf;
|
|
|
|
HMAC_CTX *hctx = tempargs->hctx;
|
2015-01-22 11:40:55 +08:00
|
|
|
unsigned char hmac[MD5_DIGEST_LENGTH];
|
2015-12-09 15:26:38 +08:00
|
|
|
int count;
|
2016-07-20 05:57:18 +08:00
|
|
|
|
2015-12-09 15:26:38 +08:00
|
|
|
for (count = 0; COND(c[D_HMAC][testnum]); count++) {
|
|
|
|
HMAC_Init_ex(hctx, NULL, 0, NULL, NULL);
|
|
|
|
HMAC_Update(hctx, buf, lengths[testnum]);
|
2016-07-20 05:57:18 +08:00
|
|
|
HMAC_Final(hctx, hmac, NULL);
|
2015-12-09 15:26:38 +08:00
|
|
|
}
|
|
|
|
return count;
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2015-12-09 15:26:38 +08:00
|
|
|
|
|
|
|
static int SHA1_loop(void *args)
|
|
|
|
{
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
2015-12-09 15:26:38 +08:00
|
|
|
unsigned char *buf = tempargs->buf;
|
2015-01-22 11:40:55 +08:00
|
|
|
unsigned char sha[SHA_DIGEST_LENGTH];
|
2015-12-09 15:26:38 +08:00
|
|
|
int count;
|
|
|
|
for (count = 0; COND(c[D_SHA1][testnum]); count++)
|
|
|
|
SHA1(buf, lengths[testnum], sha);
|
|
|
|
return count;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int SHA256_loop(void *args)
|
|
|
|
{
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
2015-12-09 15:26:38 +08:00
|
|
|
unsigned char *buf = tempargs->buf;
|
2015-01-22 11:40:55 +08:00
|
|
|
unsigned char sha256[SHA256_DIGEST_LENGTH];
|
2015-12-09 15:26:38 +08:00
|
|
|
int count;
|
|
|
|
for (count = 0; COND(c[D_SHA256][testnum]); count++)
|
|
|
|
SHA256(buf, lengths[testnum], sha256);
|
|
|
|
return count;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int SHA512_loop(void *args)
|
|
|
|
{
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
2015-12-09 15:26:38 +08:00
|
|
|
unsigned char *buf = tempargs->buf;
|
2015-01-22 11:40:55 +08:00
|
|
|
unsigned char sha512[SHA512_DIGEST_LENGTH];
|
2015-12-09 15:26:38 +08:00
|
|
|
int count;
|
|
|
|
for (count = 0; COND(c[D_SHA512][testnum]); count++)
|
|
|
|
SHA512(buf, lengths[testnum], sha512);
|
|
|
|
return count;
|
|
|
|
}
|
|
|
|
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef OPENSSL_NO_WHIRLPOOL
|
2015-12-09 15:26:38 +08:00
|
|
|
static int WHIRLPOOL_loop(void *args)
|
|
|
|
{
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
2015-12-09 15:26:38 +08:00
|
|
|
unsigned char *buf = tempargs->buf;
|
2015-01-22 11:40:55 +08:00
|
|
|
unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
|
2015-12-09 15:26:38 +08:00
|
|
|
int count;
|
|
|
|
for (count = 0; COND(c[D_WHIRLPOOL][testnum]); count++)
|
|
|
|
WHIRLPOOL(buf, lengths[testnum], whirlpool);
|
|
|
|
return count;
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2015-12-09 15:26:38 +08:00
|
|
|
|
2015-08-07 00:22:31 +08:00
|
|
|
#ifndef OPENSSL_NO_RMD160
|
2015-12-09 15:26:38 +08:00
|
|
|
static int EVP_Digest_RMD160_loop(void *args)
|
|
|
|
{
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
2015-12-09 15:26:38 +08:00
|
|
|
unsigned char *buf = tempargs->buf;
|
2015-01-22 11:40:55 +08:00
|
|
|
unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
|
2015-12-09 15:26:38 +08:00
|
|
|
int count;
|
2016-06-18 22:46:13 +08:00
|
|
|
for (count = 0; COND(c[D_RMD160][testnum]); count++) {
|
2016-07-20 05:57:18 +08:00
|
|
|
if (!EVP_Digest(buf, (size_t)lengths[testnum], &(rmd160[0]),
|
2016-10-04 14:20:49 +08:00
|
|
|
NULL, EVP_ripemd160(), NULL))
|
2016-06-18 22:46:13 +08:00
|
|
|
return -1;
|
|
|
|
}
|
2015-12-09 15:26:38 +08:00
|
|
|
return count;
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2015-12-09 15:26:38 +08:00
|
|
|
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef OPENSSL_NO_RC4
|
2015-12-09 15:26:38 +08:00
|
|
|
static RC4_KEY rc4_ks;
|
|
|
|
static int RC4_loop(void *args)
|
|
|
|
{
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
2015-12-09 15:26:38 +08:00
|
|
|
unsigned char *buf = tempargs->buf;
|
|
|
|
int count;
|
|
|
|
for (count = 0; COND(c[D_RC4][testnum]); count++)
|
2016-07-20 05:57:18 +08:00
|
|
|
RC4(&rc4_ks, (size_t)lengths[testnum], buf, buf);
|
2015-12-09 15:26:38 +08:00
|
|
|
return count;
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#ifndef OPENSSL_NO_DES
|
|
|
|
static unsigned char DES_iv[8];
|
|
|
|
static DES_key_schedule sch;
|
|
|
|
static DES_key_schedule sch2;
|
|
|
|
static DES_key_schedule sch3;
|
|
|
|
static int DES_ncbc_encrypt_loop(void *args)
|
|
|
|
{
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
2015-12-09 15:26:38 +08:00
|
|
|
unsigned char *buf = tempargs->buf;
|
|
|
|
int count;
|
|
|
|
for (count = 0; COND(c[D_CBC_DES][testnum]); count++)
|
|
|
|
DES_ncbc_encrypt(buf, buf, lengths[testnum], &sch,
|
2016-10-04 14:20:49 +08:00
|
|
|
&DES_iv, DES_ENCRYPT);
|
2015-12-09 15:26:38 +08:00
|
|
|
return count;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int DES_ede3_cbc_encrypt_loop(void *args)
|
|
|
|
{
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
2015-12-09 15:26:38 +08:00
|
|
|
unsigned char *buf = tempargs->buf;
|
|
|
|
int count;
|
|
|
|
for (count = 0; COND(c[D_EDE3_DES][testnum]); count++)
|
|
|
|
DES_ede3_cbc_encrypt(buf, buf, lengths[testnum],
|
2016-10-04 14:20:49 +08:00
|
|
|
&sch, &sch2, &sch3, &DES_iv, DES_ENCRYPT);
|
2015-12-09 15:26:38 +08:00
|
|
|
return count;
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
2016-04-13 18:28:45 +08:00
|
|
|
#define MAX_BLOCK_SIZE 128
|
2015-12-09 15:26:38 +08:00
|
|
|
|
|
|
|
static unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
|
|
|
|
static AES_KEY aes_ks1, aes_ks2, aes_ks3;
|
|
|
|
static int AES_cbc_128_encrypt_loop(void *args)
|
|
|
|
{
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
2015-12-09 15:26:38 +08:00
|
|
|
unsigned char *buf = tempargs->buf;
|
|
|
|
int count;
|
|
|
|
for (count = 0; COND(c[D_CBC_128_AES][testnum]); count++)
|
|
|
|
AES_cbc_encrypt(buf, buf,
|
2016-10-04 14:20:49 +08:00
|
|
|
(size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
|
2015-12-09 15:26:38 +08:00
|
|
|
return count;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int AES_cbc_192_encrypt_loop(void *args)
|
|
|
|
{
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
2015-12-09 15:26:38 +08:00
|
|
|
unsigned char *buf = tempargs->buf;
|
|
|
|
int count;
|
|
|
|
for (count = 0; COND(c[D_CBC_192_AES][testnum]); count++)
|
|
|
|
AES_cbc_encrypt(buf, buf,
|
2016-10-04 14:20:49 +08:00
|
|
|
(size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
|
2015-12-09 15:26:38 +08:00
|
|
|
return count;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int AES_cbc_256_encrypt_loop(void *args)
|
|
|
|
{
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
2015-12-09 15:26:38 +08:00
|
|
|
unsigned char *buf = tempargs->buf;
|
|
|
|
int count;
|
|
|
|
for (count = 0; COND(c[D_CBC_256_AES][testnum]); count++)
|
|
|
|
AES_cbc_encrypt(buf, buf,
|
2016-10-04 14:20:49 +08:00
|
|
|
(size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
|
2015-12-09 15:26:38 +08:00
|
|
|
return count;
|
|
|
|
}
|
|
|
|
|
2019-11-06 00:28:50 +08:00
|
|
|
#ifndef OPENSSL_NO_DEPRECATED_3_0
|
2015-12-09 15:26:38 +08:00
|
|
|
static int AES_ige_128_encrypt_loop(void *args)
|
|
|
|
{
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
2015-12-09 15:26:38 +08:00
|
|
|
unsigned char *buf = tempargs->buf;
|
|
|
|
unsigned char *buf2 = tempargs->buf2;
|
|
|
|
int count;
|
|
|
|
for (count = 0; COND(c[D_IGE_128_AES][testnum]); count++)
|
|
|
|
AES_ige_encrypt(buf, buf2,
|
2016-10-04 14:20:49 +08:00
|
|
|
(size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
|
2015-12-09 15:26:38 +08:00
|
|
|
return count;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int AES_ige_192_encrypt_loop(void *args)
|
|
|
|
{
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
2015-12-09 15:26:38 +08:00
|
|
|
unsigned char *buf = tempargs->buf;
|
|
|
|
unsigned char *buf2 = tempargs->buf2;
|
|
|
|
int count;
|
|
|
|
for (count = 0; COND(c[D_IGE_192_AES][testnum]); count++)
|
|
|
|
AES_ige_encrypt(buf, buf2,
|
2016-10-04 14:20:49 +08:00
|
|
|
(size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
|
2015-12-09 15:26:38 +08:00
|
|
|
return count;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int AES_ige_256_encrypt_loop(void *args)
|
|
|
|
{
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
2015-12-09 15:26:38 +08:00
|
|
|
unsigned char *buf = tempargs->buf;
|
|
|
|
unsigned char *buf2 = tempargs->buf2;
|
|
|
|
int count;
|
|
|
|
for (count = 0; COND(c[D_IGE_256_AES][testnum]); count++)
|
|
|
|
AES_ige_encrypt(buf, buf2,
|
2016-10-04 14:20:49 +08:00
|
|
|
(size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
|
2015-12-09 15:26:38 +08:00
|
|
|
return count;
|
|
|
|
}
|
2019-04-09 22:32:33 +08:00
|
|
|
#endif
|
2015-12-09 15:26:38 +08:00
|
|
|
|
|
|
|
static int CRYPTO_gcm128_aad_loop(void *args)
|
|
|
|
{
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
2015-12-09 15:26:38 +08:00
|
|
|
unsigned char *buf = tempargs->buf;
|
|
|
|
GCM128_CONTEXT *gcm_ctx = tempargs->gcm_ctx;
|
|
|
|
int count;
|
|
|
|
for (count = 0; COND(c[D_GHASH][testnum]); count++)
|
|
|
|
CRYPTO_gcm128_aad(gcm_ctx, buf, lengths[testnum]);
|
|
|
|
return count;
|
|
|
|
}
|
|
|
|
|
2017-10-07 17:38:19 +08:00
|
|
|
static int RAND_bytes_loop(void *args)
|
|
|
|
{
|
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
|
|
|
unsigned char *buf = tempargs->buf;
|
|
|
|
int count;
|
|
|
|
|
|
|
|
for (count = 0; COND(c[D_RAND][testnum]); count++)
|
|
|
|
RAND_bytes(buf, lengths[testnum]);
|
|
|
|
return count;
|
|
|
|
}
|
|
|
|
|
2016-07-23 20:26:07 +08:00
|
|
|
static long save_count = 0;
|
2015-12-09 15:26:38 +08:00
|
|
|
static int decrypt = 0;
|
|
|
|
static int EVP_Update_loop(void *args)
|
|
|
|
{
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
2015-12-09 15:26:38 +08:00
|
|
|
unsigned char *buf = tempargs->buf;
|
|
|
|
EVP_CIPHER_CTX *ctx = tempargs->ctx;
|
2017-12-05 20:10:11 +08:00
|
|
|
int outl, count, rc;
|
2016-07-23 20:26:07 +08:00
|
|
|
#ifndef SIGALRM
|
|
|
|
int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
|
|
|
|
#endif
|
2017-12-05 20:10:11 +08:00
|
|
|
if (decrypt) {
|
|
|
|
for (count = 0; COND(nb_iter); count++) {
|
|
|
|
rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
|
2018-02-02 18:09:25 +08:00
|
|
|
if (rc != 1) {
|
|
|
|
/* reset iv in case of counter overflow */
|
2017-12-05 20:10:11 +08:00
|
|
|
EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
|
2018-02-02 18:09:25 +08:00
|
|
|
}
|
2017-12-05 20:10:11 +08:00
|
|
|
}
|
|
|
|
} else {
|
|
|
|
for (count = 0; COND(nb_iter); count++) {
|
|
|
|
rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
|
2018-02-02 18:09:25 +08:00
|
|
|
if (rc != 1) {
|
|
|
|
/* reset iv in case of counter overflow */
|
2017-12-05 20:10:11 +08:00
|
|
|
EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
|
2018-02-02 18:09:25 +08:00
|
|
|
}
|
2017-12-05 20:10:11 +08:00
|
|
|
}
|
|
|
|
}
|
2015-12-09 15:26:38 +08:00
|
|
|
if (decrypt)
|
|
|
|
EVP_DecryptFinal_ex(ctx, buf, &outl);
|
|
|
|
else
|
|
|
|
EVP_EncryptFinal_ex(ctx, buf, &outl);
|
|
|
|
return count;
|
|
|
|
}
|
2018-05-19 21:43:11 +08:00
|
|
|
|
2017-02-21 00:49:36 +08:00
|
|
|
/*
|
|
|
|
* CCM does not support streaming. For the purpose of performance measurement,
|
|
|
|
* each message is encrypted using the same (key,iv)-pair. Do not use this
|
|
|
|
* code in your application.
|
|
|
|
*/
|
|
|
|
static int EVP_Update_loop_ccm(void *args)
|
|
|
|
{
|
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
|
|
|
unsigned char *buf = tempargs->buf;
|
|
|
|
EVP_CIPHER_CTX *ctx = tempargs->ctx;
|
|
|
|
int outl, count;
|
|
|
|
unsigned char tag[12];
|
|
|
|
#ifndef SIGALRM
|
|
|
|
int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
|
|
|
|
#endif
|
|
|
|
if (decrypt) {
|
|
|
|
for (count = 0; COND(nb_iter); count++) {
|
|
|
|
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), tag);
|
2018-02-02 18:09:25 +08:00
|
|
|
/* reset iv */
|
|
|
|
EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
|
|
|
|
/* counter is reset on every update */
|
2017-02-21 00:49:36 +08:00
|
|
|
EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
for (count = 0; COND(nb_iter); count++) {
|
2018-02-02 18:09:25 +08:00
|
|
|
/* restore iv length field */
|
2017-02-21 00:49:36 +08:00
|
|
|
EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
|
2018-02-02 18:09:25 +08:00
|
|
|
/* counter is reset on every update */
|
2017-02-21 00:49:36 +08:00
|
|
|
EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
|
|
|
|
}
|
|
|
|
}
|
2018-02-02 18:09:25 +08:00
|
|
|
if (decrypt)
|
|
|
|
EVP_DecryptFinal_ex(ctx, buf, &outl);
|
|
|
|
else
|
|
|
|
EVP_EncryptFinal_ex(ctx, buf, &outl);
|
2017-02-21 00:49:36 +08:00
|
|
|
return count;
|
|
|
|
}
|
2015-12-09 15:26:38 +08:00
|
|
|
|
2018-05-19 21:43:11 +08:00
|
|
|
/*
|
|
|
|
* To make AEAD benchmarking more relevant perform TLS-like operations,
|
|
|
|
* 13-byte AAD followed by payload. But don't use TLS-formatted AAD, as
|
|
|
|
* payload length is not actually limited by 16KB...
|
|
|
|
*/
|
|
|
|
static int EVP_Update_loop_aead(void *args)
|
|
|
|
{
|
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
|
|
|
unsigned char *buf = tempargs->buf;
|
|
|
|
EVP_CIPHER_CTX *ctx = tempargs->ctx;
|
|
|
|
int outl, count;
|
|
|
|
unsigned char aad[13] = { 0xcc };
|
|
|
|
unsigned char faketag[16] = { 0xcc };
|
|
|
|
#ifndef SIGALRM
|
|
|
|
int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
|
|
|
|
#endif
|
|
|
|
if (decrypt) {
|
|
|
|
for (count = 0; COND(nb_iter); count++) {
|
|
|
|
EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
|
|
|
|
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
|
|
|
|
sizeof(faketag), faketag);
|
|
|
|
EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
|
|
|
|
EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
|
|
|
|
EVP_DecryptFinal_ex(ctx, buf + outl, &outl);
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
for (count = 0; COND(nb_iter); count++) {
|
|
|
|
EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv);
|
|
|
|
EVP_EncryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
|
|
|
|
EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
|
|
|
|
EVP_EncryptFinal_ex(ctx, buf + outl, &outl);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return count;
|
|
|
|
}
|
|
|
|
|
2015-12-09 15:26:38 +08:00
|
|
|
static const EVP_MD *evp_md = NULL;
|
|
|
|
static int EVP_Digest_loop(void *args)
|
|
|
|
{
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
2015-12-09 15:26:38 +08:00
|
|
|
unsigned char *buf = tempargs->buf;
|
|
|
|
unsigned char md[EVP_MAX_MD_SIZE];
|
|
|
|
int count;
|
2016-07-23 20:26:07 +08:00
|
|
|
#ifndef SIGALRM
|
|
|
|
int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
|
|
|
|
#endif
|
|
|
|
|
|
|
|
for (count = 0; COND(nb_iter); count++) {
|
|
|
|
if (!EVP_Digest(buf, lengths[testnum], md, NULL, evp_md, NULL))
|
2016-06-18 22:46:13 +08:00
|
|
|
return -1;
|
|
|
|
}
|
2015-12-09 15:26:38 +08:00
|
|
|
return count;
|
|
|
|
}
|
|
|
|
|
2018-08-14 12:04:47 +08:00
|
|
|
static const EVP_MD *evp_hmac_md = NULL;
|
|
|
|
static char *evp_hmac_name = NULL;
|
|
|
|
static int EVP_HMAC_loop(void *args)
|
|
|
|
{
|
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
|
|
|
unsigned char *buf = tempargs->buf;
|
|
|
|
unsigned char no_key[32];
|
|
|
|
int count;
|
|
|
|
#ifndef SIGALRM
|
|
|
|
int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
|
|
|
|
#endif
|
|
|
|
|
|
|
|
for (count = 0; COND(nb_iter); count++) {
|
|
|
|
if (HMAC(evp_hmac_md, no_key, sizeof(no_key), buf, lengths[testnum],
|
|
|
|
NULL, NULL) == NULL)
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
return count;
|
|
|
|
}
|
|
|
|
|
2019-04-11 04:44:41 +08:00
|
|
|
#ifndef OPENSSL_NO_CMAC
|
|
|
|
static const EVP_CIPHER *evp_cmac_cipher = NULL;
|
|
|
|
static char *evp_cmac_name = NULL;
|
|
|
|
|
|
|
|
static int EVP_CMAC_loop(void *args)
|
|
|
|
{
|
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
|
|
|
unsigned char *buf = tempargs->buf;
|
|
|
|
CMAC_CTX *cmac_ctx = tempargs->cmac_ctx;
|
|
|
|
static const char key[16] = "This is a key...";
|
|
|
|
unsigned char mac[16];
|
|
|
|
size_t len = sizeof(mac);
|
|
|
|
int count;
|
|
|
|
#ifndef SIGALRM
|
|
|
|
int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
|
|
|
|
#endif
|
|
|
|
|
|
|
|
for (count = 0; COND(nb_iter); count++) {
|
|
|
|
if (!CMAC_Init(cmac_ctx, key, sizeof(key), evp_cmac_cipher, NULL)
|
|
|
|
|| !CMAC_Update(cmac_ctx, buf, lengths[testnum])
|
|
|
|
|| !CMAC_Final(cmac_ctx, mac, &len))
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
return count;
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
2015-12-09 15:26:38 +08:00
|
|
|
#ifndef OPENSSL_NO_RSA
|
2016-07-23 20:45:08 +08:00
|
|
|
static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */
|
2015-12-09 15:26:38 +08:00
|
|
|
|
|
|
|
static int RSA_sign_loop(void *args)
|
|
|
|
{
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
2015-12-09 15:26:38 +08:00
|
|
|
unsigned char *buf = tempargs->buf;
|
|
|
|
unsigned char *buf2 = tempargs->buf2;
|
2016-07-29 05:20:19 +08:00
|
|
|
unsigned int *rsa_num = &tempargs->siglen;
|
2016-02-18 18:56:53 +08:00
|
|
|
RSA **rsa_key = tempargs->rsa_key;
|
2015-12-09 15:26:38 +08:00
|
|
|
int ret, count;
|
|
|
|
for (count = 0; COND(rsa_c[testnum][0]); count++) {
|
2016-02-18 18:56:53 +08:00
|
|
|
ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
|
2015-12-09 15:26:38 +08:00
|
|
|
if (ret == 0) {
|
|
|
|
BIO_printf(bio_err, "RSA sign failure\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
count = -1;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return count;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int RSA_verify_loop(void *args)
|
|
|
|
{
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
2015-12-09 15:26:38 +08:00
|
|
|
unsigned char *buf = tempargs->buf;
|
|
|
|
unsigned char *buf2 = tempargs->buf2;
|
2016-07-29 05:20:19 +08:00
|
|
|
unsigned int rsa_num = tempargs->siglen;
|
2016-02-18 18:56:53 +08:00
|
|
|
RSA **rsa_key = tempargs->rsa_key;
|
2015-12-09 15:26:38 +08:00
|
|
|
int ret, count;
|
|
|
|
for (count = 0; COND(rsa_c[testnum][1]); count++) {
|
2016-10-04 14:20:49 +08:00
|
|
|
ret =
|
|
|
|
RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
|
2015-12-09 15:26:38 +08:00
|
|
|
if (ret <= 0) {
|
|
|
|
BIO_printf(bio_err, "RSA verify failure\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
count = -1;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return count;
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#ifndef OPENSSL_NO_DSA
|
|
|
|
static long dsa_c[DSA_NUM][2];
|
|
|
|
static int DSA_sign_loop(void *args)
|
|
|
|
{
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
2015-12-09 15:26:38 +08:00
|
|
|
unsigned char *buf = tempargs->buf;
|
|
|
|
unsigned char *buf2 = tempargs->buf2;
|
2016-02-18 18:56:53 +08:00
|
|
|
DSA **dsa_key = tempargs->dsa_key;
|
2016-07-29 05:20:19 +08:00
|
|
|
unsigned int *siglen = &tempargs->siglen;
|
2015-12-09 15:26:38 +08:00
|
|
|
int ret, count;
|
|
|
|
for (count = 0; COND(dsa_c[testnum][0]); count++) {
|
|
|
|
ret = DSA_sign(0, buf, 20, buf2, siglen, dsa_key[testnum]);
|
|
|
|
if (ret == 0) {
|
|
|
|
BIO_printf(bio_err, "DSA sign failure\n");
|
|
|
|
ERR_print_errors(bio_err);
|
2016-02-18 18:56:53 +08:00
|
|
|
count = -1;
|
2015-12-09 15:26:38 +08:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return count;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int DSA_verify_loop(void *args)
|
|
|
|
{
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
2015-12-09 15:26:38 +08:00
|
|
|
unsigned char *buf = tempargs->buf;
|
|
|
|
unsigned char *buf2 = tempargs->buf2;
|
2016-02-18 18:56:53 +08:00
|
|
|
DSA **dsa_key = tempargs->dsa_key;
|
2016-07-29 05:20:19 +08:00
|
|
|
unsigned int siglen = tempargs->siglen;
|
2015-12-09 15:26:38 +08:00
|
|
|
int ret, count;
|
|
|
|
for (count = 0; COND(dsa_c[testnum][1]); count++) {
|
|
|
|
ret = DSA_verify(0, buf, 20, buf2, siglen, dsa_key[testnum]);
|
|
|
|
if (ret <= 0) {
|
|
|
|
BIO_printf(bio_err, "DSA verify failure\n");
|
|
|
|
ERR_print_errors(bio_err);
|
2016-02-18 18:56:53 +08:00
|
|
|
count = -1;
|
2015-12-09 15:26:38 +08:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return count;
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#ifndef OPENSSL_NO_EC
|
2018-04-30 07:13:58 +08:00
|
|
|
static long ecdsa_c[ECDSA_NUM][2];
|
2015-12-09 15:26:38 +08:00
|
|
|
static int ECDSA_sign_loop(void *args)
|
|
|
|
{
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
2015-12-09 15:26:38 +08:00
|
|
|
unsigned char *buf = tempargs->buf;
|
2016-02-18 18:56:53 +08:00
|
|
|
EC_KEY **ecdsa = tempargs->ecdsa;
|
|
|
|
unsigned char *ecdsasig = tempargs->buf2;
|
2016-07-29 05:20:19 +08:00
|
|
|
unsigned int *ecdsasiglen = &tempargs->siglen;
|
2015-12-09 15:26:38 +08:00
|
|
|
int ret, count;
|
|
|
|
for (count = 0; COND(ecdsa_c[testnum][0]); count++) {
|
2016-10-04 14:20:49 +08:00
|
|
|
ret = ECDSA_sign(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
|
2015-12-09 15:26:38 +08:00
|
|
|
if (ret == 0) {
|
|
|
|
BIO_printf(bio_err, "ECDSA sign failure\n");
|
|
|
|
ERR_print_errors(bio_err);
|
2016-02-18 18:56:53 +08:00
|
|
|
count = -1;
|
2015-12-09 15:26:38 +08:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return count;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int ECDSA_verify_loop(void *args)
|
|
|
|
{
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
2015-12-09 15:26:38 +08:00
|
|
|
unsigned char *buf = tempargs->buf;
|
2016-02-18 18:56:53 +08:00
|
|
|
EC_KEY **ecdsa = tempargs->ecdsa;
|
|
|
|
unsigned char *ecdsasig = tempargs->buf2;
|
2016-07-29 05:20:19 +08:00
|
|
|
unsigned int ecdsasiglen = tempargs->siglen;
|
2015-12-09 15:26:38 +08:00
|
|
|
int ret, count;
|
|
|
|
for (count = 0; COND(ecdsa_c[testnum][1]); count++) {
|
2016-10-04 14:20:49 +08:00
|
|
|
ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
|
2015-12-09 15:26:38 +08:00
|
|
|
if (ret != 1) {
|
|
|
|
BIO_printf(bio_err, "ECDSA verify failure\n");
|
|
|
|
ERR_print_errors(bio_err);
|
2016-02-18 18:56:53 +08:00
|
|
|
count = -1;
|
2015-12-09 15:26:38 +08:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return count;
|
|
|
|
}
|
|
|
|
|
2016-07-23 20:26:07 +08:00
|
|
|
/* ******************************************************************** */
|
2016-07-20 06:16:45 +08:00
|
|
|
static long ecdh_c[EC_NUM][1];
|
|
|
|
|
2016-10-04 01:28:32 +08:00
|
|
|
static int ECDH_EVP_derive_key_loop(void *args)
|
|
|
|
{
|
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
|
|
|
EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum];
|
|
|
|
unsigned char *derived_secret = tempargs->secret_a;
|
2016-08-02 17:20:45 +08:00
|
|
|
int count;
|
2016-10-04 14:17:11 +08:00
|
|
|
size_t *outlen = &(tempargs->outlen[testnum]);
|
2016-07-13 05:13:20 +08:00
|
|
|
|
2016-10-04 20:56:49 +08:00
|
|
|
for (count = 0; COND(ecdh_c[testnum][0]); count++)
|
2016-10-04 21:40:47 +08:00
|
|
|
EVP_PKEY_derive(ctx, derived_secret, outlen);
|
|
|
|
|
2015-12-09 15:26:38 +08:00
|
|
|
return count;
|
|
|
|
}
|
2016-07-29 19:22:42 +08:00
|
|
|
|
2018-09-07 14:39:19 +08:00
|
|
|
static long eddsa_c[EdDSA_NUM][2];
|
|
|
|
static int EdDSA_sign_loop(void *args)
|
|
|
|
{
|
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
|
|
|
unsigned char *buf = tempargs->buf;
|
|
|
|
EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
|
|
|
|
unsigned char *eddsasig = tempargs->buf2;
|
2018-09-10 23:03:14 +08:00
|
|
|
size_t *eddsasigsize = &tempargs->sigsize;
|
2018-09-07 14:39:19 +08:00
|
|
|
int ret, count;
|
|
|
|
|
|
|
|
for (count = 0; COND(eddsa_c[testnum][0]); count++) {
|
2018-09-10 23:03:14 +08:00
|
|
|
ret = EVP_DigestSign(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
|
2018-09-07 14:39:19 +08:00
|
|
|
if (ret == 0) {
|
|
|
|
BIO_printf(bio_err, "EdDSA sign failure\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
count = -1;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return count;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int EdDSA_verify_loop(void *args)
|
|
|
|
{
|
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
|
|
|
unsigned char *buf = tempargs->buf;
|
|
|
|
EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
|
|
|
|
unsigned char *eddsasig = tempargs->buf2;
|
2018-09-10 23:03:14 +08:00
|
|
|
size_t eddsasigsize = tempargs->sigsize;
|
2018-09-07 14:39:19 +08:00
|
|
|
int ret, count;
|
|
|
|
|
|
|
|
for (count = 0; COND(eddsa_c[testnum][1]); count++) {
|
2018-09-10 23:03:14 +08:00
|
|
|
ret = EVP_DigestVerify(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
|
2018-09-07 14:39:19 +08:00
|
|
|
if (ret != 1) {
|
|
|
|
BIO_printf(bio_err, "EdDSA verify failure\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
count = -1;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return count;
|
|
|
|
}
|
2019-09-29 22:25:10 +08:00
|
|
|
|
|
|
|
# ifndef OPENSSL_NO_SM2
|
|
|
|
static long sm2_c[SM2_NUM][2];
|
|
|
|
static int SM2_sign_loop(void *args)
|
|
|
|
{
|
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
|
|
|
unsigned char *buf = tempargs->buf;
|
|
|
|
EVP_MD_CTX **sm2ctx = tempargs->sm2_ctx;
|
|
|
|
unsigned char *sm2sig = tempargs->buf2;
|
|
|
|
size_t sm2sigsize = tempargs->sigsize;
|
|
|
|
const size_t max_size = tempargs->sigsize;
|
|
|
|
int ret, count;
|
|
|
|
EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
|
|
|
|
|
|
|
|
for (count = 0; COND(sm2_c[testnum][0]); count++) {
|
|
|
|
if (!EVP_DigestSignInit(sm2ctx[testnum], NULL, EVP_sm3(),
|
|
|
|
NULL, sm2_pkey[testnum])) {
|
|
|
|
BIO_printf(bio_err, "SM2 init sign failure\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
count = -1;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
ret = EVP_DigestSign(sm2ctx[testnum], sm2sig, &sm2sigsize,
|
|
|
|
buf, 20);
|
|
|
|
if (ret == 0) {
|
|
|
|
BIO_printf(bio_err, "SM2 sign failure\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
count = -1;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
/* update the latest returned size and always use the fixed buffer size */
|
|
|
|
tempargs->sigsize = sm2sigsize;
|
|
|
|
sm2sigsize = max_size;
|
|
|
|
}
|
|
|
|
|
|
|
|
return count;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int SM2_verify_loop(void *args)
|
|
|
|
{
|
|
|
|
loopargs_t *tempargs = *(loopargs_t **) args;
|
|
|
|
unsigned char *buf = tempargs->buf;
|
|
|
|
EVP_MD_CTX **sm2ctx = tempargs->sm2_vfy_ctx;
|
|
|
|
unsigned char *sm2sig = tempargs->buf2;
|
|
|
|
size_t sm2sigsize = tempargs->sigsize;
|
|
|
|
int ret, count;
|
|
|
|
EVP_PKEY **sm2_pkey = tempargs->sm2_pkey;
|
|
|
|
|
|
|
|
for (count = 0; COND(sm2_c[testnum][1]); count++) {
|
|
|
|
if (!EVP_DigestVerifyInit(sm2ctx[testnum], NULL, EVP_sm3(),
|
|
|
|
NULL, sm2_pkey[testnum])) {
|
|
|
|
BIO_printf(bio_err, "SM2 verify init failure\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
count = -1;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
ret = EVP_DigestVerify(sm2ctx[testnum], sm2sig, sm2sigsize,
|
|
|
|
buf, 20);
|
|
|
|
if (ret != 1) {
|
|
|
|
BIO_printf(bio_err, "SM2 verify failure\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
count = -1;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return count;
|
|
|
|
}
|
|
|
|
# endif /* OPENSSL_NO_SM2 */
|
2016-08-07 18:04:26 +08:00
|
|
|
#endif /* OPENSSL_NO_EC */
|
2015-12-09 15:26:38 +08:00
|
|
|
|
2016-07-29 03:15:52 +08:00
|
|
|
static int run_benchmark(int async_jobs,
|
2016-10-04 14:20:49 +08:00
|
|
|
int (*loop_function) (void *), loopargs_t * loopargs)
|
2015-12-09 15:26:38 +08:00
|
|
|
{
|
|
|
|
int job_op_count = 0;
|
|
|
|
int total_op_count = 0;
|
|
|
|
int num_inprogress = 0;
|
2016-07-29 03:15:52 +08:00
|
|
|
int error = 0, i = 0, ret = 0;
|
2016-02-29 19:28:55 +08:00
|
|
|
OSSL_ASYNC_FD job_fd = 0;
|
|
|
|
size_t num_job_fds = 0;
|
2015-12-09 15:26:38 +08:00
|
|
|
|
|
|
|
run = 1;
|
|
|
|
|
2016-02-18 18:56:53 +08:00
|
|
|
if (async_jobs == 0) {
|
2016-08-18 06:51:20 +08:00
|
|
|
return loop_function((void *)&loopargs);
|
2015-12-09 15:26:38 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
for (i = 0; i < async_jobs && !error; i++) {
|
2016-08-18 06:51:20 +08:00
|
|
|
loopargs_t *looparg_item = loopargs + i;
|
|
|
|
|
|
|
|
/* Copy pointer content (looparg_t item address) into async context */
|
2016-07-29 03:15:52 +08:00
|
|
|
ret = ASYNC_start_job(&loopargs[i].inprogress_job, loopargs[i].wait_ctx,
|
|
|
|
&job_op_count, loop_function,
|
2016-08-18 06:51:20 +08:00
|
|
|
(void *)&looparg_item, sizeof(looparg_item));
|
2016-07-29 03:15:52 +08:00
|
|
|
switch (ret) {
|
2016-07-29 04:51:18 +08:00
|
|
|
case ASYNC_PAUSE:
|
|
|
|
++num_inprogress;
|
|
|
|
break;
|
|
|
|
case ASYNC_FINISH:
|
|
|
|
if (job_op_count == -1) {
|
2015-12-09 15:26:38 +08:00
|
|
|
error = 1;
|
2016-07-29 04:51:18 +08:00
|
|
|
} else {
|
|
|
|
total_op_count += job_op_count;
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
case ASYNC_NO_JOBS:
|
|
|
|
case ASYNC_ERR:
|
|
|
|
BIO_printf(bio_err, "Failure in the job\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
error = 1;
|
|
|
|
break;
|
2015-12-09 15:26:38 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
while (num_inprogress > 0) {
|
2016-03-08 12:51:04 +08:00
|
|
|
#if defined(OPENSSL_SYS_WINDOWS)
|
2016-03-03 15:09:00 +08:00
|
|
|
DWORD avail = 0;
|
2016-03-08 12:51:04 +08:00
|
|
|
#elif defined(OPENSSL_SYS_UNIX)
|
2015-12-09 15:26:38 +08:00
|
|
|
int select_result = 0;
|
2016-03-03 15:09:00 +08:00
|
|
|
OSSL_ASYNC_FD max_fd = 0;
|
|
|
|
fd_set waitfdset;
|
2016-03-07 19:20:01 +08:00
|
|
|
|
2016-03-03 15:09:00 +08:00
|
|
|
FD_ZERO(&waitfdset);
|
2016-02-29 19:28:55 +08:00
|
|
|
|
2016-03-03 15:09:00 +08:00
|
|
|
for (i = 0; i < async_jobs && num_inprogress > 0; i++) {
|
|
|
|
if (loopargs[i].inprogress_job == NULL)
|
|
|
|
continue;
|
2016-02-29 19:28:55 +08:00
|
|
|
|
2016-10-04 14:20:49 +08:00
|
|
|
if (!ASYNC_WAIT_CTX_get_all_fds
|
|
|
|
(loopargs[i].wait_ctx, NULL, &num_job_fds)
|
|
|
|
|| num_job_fds > 1) {
|
2016-03-03 15:09:00 +08:00
|
|
|
BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
error = 1;
|
|
|
|
break;
|
2015-12-09 15:26:38 +08:00
|
|
|
}
|
2016-10-04 14:20:49 +08:00
|
|
|
ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
|
|
|
|
&num_job_fds);
|
2016-03-03 15:09:00 +08:00
|
|
|
FD_SET(job_fd, &waitfdset);
|
|
|
|
if (job_fd > max_fd)
|
|
|
|
max_fd = job_fd;
|
2015-12-09 15:26:38 +08:00
|
|
|
}
|
|
|
|
|
2016-04-15 16:45:25 +08:00
|
|
|
if (max_fd >= (OSSL_ASYNC_FD)FD_SETSIZE) {
|
2016-03-25 12:19:30 +08:00
|
|
|
BIO_printf(bio_err,
|
2016-10-04 14:20:49 +08:00
|
|
|
"Error: max_fd (%d) must be smaller than FD_SETSIZE (%d). "
|
|
|
|
"Decrease the value of async_jobs\n",
|
|
|
|
max_fd, FD_SETSIZE);
|
2016-03-25 12:19:30 +08:00
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
error = 1;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
2016-03-03 15:09:00 +08:00
|
|
|
select_result = select(max_fd + 1, &waitfdset, NULL, NULL, NULL);
|
2015-12-09 15:26:38 +08:00
|
|
|
if (select_result == -1 && errno == EINTR)
|
|
|
|
continue;
|
|
|
|
|
|
|
|
if (select_result == -1) {
|
2016-03-03 15:09:00 +08:00
|
|
|
BIO_printf(bio_err, "Failure in the select\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
error = 1;
|
|
|
|
break;
|
2015-12-09 15:26:38 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
if (select_result == 0)
|
|
|
|
continue;
|
|
|
|
#endif
|
|
|
|
|
|
|
|
for (i = 0; i < async_jobs; i++) {
|
|
|
|
if (loopargs[i].inprogress_job == NULL)
|
|
|
|
continue;
|
|
|
|
|
2016-10-04 14:20:49 +08:00
|
|
|
if (!ASYNC_WAIT_CTX_get_all_fds
|
|
|
|
(loopargs[i].wait_ctx, NULL, &num_job_fds)
|
|
|
|
|| num_job_fds > 1) {
|
2016-02-29 19:28:55 +08:00
|
|
|
BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
error = 1;
|
|
|
|
break;
|
|
|
|
}
|
2016-10-04 14:20:49 +08:00
|
|
|
ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
|
|
|
|
&num_job_fds);
|
2015-12-09 15:26:38 +08:00
|
|
|
|
2016-03-08 00:55:39 +08:00
|
|
|
#if defined(OPENSSL_SYS_UNIX)
|
2016-02-29 19:28:55 +08:00
|
|
|
if (num_job_fds == 1 && !FD_ISSET(job_fd, &waitfdset))
|
2015-12-09 15:26:38 +08:00
|
|
|
continue;
|
2016-03-08 00:55:39 +08:00
|
|
|
#elif defined(OPENSSL_SYS_WINDOWS)
|
2016-07-29 04:51:18 +08:00
|
|
|
if (num_job_fds == 1
|
2016-07-29 03:15:52 +08:00
|
|
|
&& !PeekNamedPipe(job_fd, NULL, 0, NULL, &avail, NULL)
|
2016-07-29 04:51:18 +08:00
|
|
|
&& avail > 0)
|
2015-12-09 15:26:38 +08:00
|
|
|
continue;
|
|
|
|
#endif
|
|
|
|
|
2016-10-11 00:01:24 +08:00
|
|
|
ret = ASYNC_start_job(&loopargs[i].inprogress_job,
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs[i].wait_ctx, &job_op_count,
|
|
|
|
loop_function, (void *)(loopargs + i),
|
|
|
|
sizeof(loopargs_t));
|
2016-07-29 03:15:52 +08:00
|
|
|
switch (ret) {
|
2016-07-29 04:51:18 +08:00
|
|
|
case ASYNC_PAUSE:
|
|
|
|
break;
|
|
|
|
case ASYNC_FINISH:
|
|
|
|
if (job_op_count == -1) {
|
2015-12-09 15:26:38 +08:00
|
|
|
error = 1;
|
2016-07-29 04:51:18 +08:00
|
|
|
} else {
|
|
|
|
total_op_count += job_op_count;
|
|
|
|
}
|
|
|
|
--num_inprogress;
|
|
|
|
loopargs[i].inprogress_job = NULL;
|
|
|
|
break;
|
|
|
|
case ASYNC_NO_JOBS:
|
|
|
|
case ASYNC_ERR:
|
|
|
|
--num_inprogress;
|
|
|
|
loopargs[i].inprogress_job = NULL;
|
|
|
|
BIO_printf(bio_err, "Failure in the job\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
error = 1;
|
|
|
|
break;
|
2015-12-09 15:26:38 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return error ? -1 : total_op_count;
|
|
|
|
}
|
|
|
|
|
|
|
|
int speed_main(int argc, char **argv)
|
|
|
|
{
|
2016-09-29 05:39:18 +08:00
|
|
|
ENGINE *e = NULL;
|
2015-12-09 15:26:38 +08:00
|
|
|
loopargs_t *loopargs = NULL;
|
2018-04-30 07:13:58 +08:00
|
|
|
const char *prog;
|
2016-07-23 20:26:07 +08:00
|
|
|
const char *engine_id = NULL;
|
2015-12-09 15:26:38 +08:00
|
|
|
const EVP_CIPHER *evp_cipher = NULL;
|
|
|
|
double d = 0.0;
|
|
|
|
OPTION_CHOICE o;
|
2018-04-30 07:13:58 +08:00
|
|
|
int async_init = 0, multiblock = 0, pr_header = 0;
|
2016-07-20 05:54:21 +08:00
|
|
|
int doit[ALGOR_NUM] = { 0 };
|
2018-05-19 21:43:11 +08:00
|
|
|
int ret = 1, misalign = 0, lengths_single = 0, aead = 0;
|
2016-07-23 20:26:07 +08:00
|
|
|
long count = 0;
|
2018-04-30 07:13:58 +08:00
|
|
|
unsigned int size_num = OSSL_NELEM(lengths_list);
|
|
|
|
unsigned int i, k, loop, loopargs_len = 0, async_jobs = 0;
|
2017-12-05 00:40:23 +08:00
|
|
|
int keylen;
|
2017-12-05 01:32:12 +08:00
|
|
|
int buflen;
|
2015-12-09 15:26:38 +08:00
|
|
|
#ifndef NO_FORK
|
|
|
|
int multi = 0;
|
|
|
|
#endif
|
2016-07-29 19:22:42 +08:00
|
|
|
#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) \
|
|
|
|
|| !defined(OPENSSL_NO_EC)
|
2016-02-18 18:56:53 +08:00
|
|
|
long rsa_count = 1;
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2018-04-30 07:13:58 +08:00
|
|
|
openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS,
|
2018-09-07 14:39:19 +08:00
|
|
|
ECDSA_SECONDS, ECDH_SECONDS,
|
2019-09-29 22:25:10 +08:00
|
|
|
EdDSA_SECONDS, SM2_SECONDS };
|
2016-07-29 19:22:42 +08:00
|
|
|
|
|
|
|
/* What follows are the buffers and key material. */
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef OPENSSL_NO_RC5
|
2015-01-22 11:40:55 +08:00
|
|
|
RC5_32_KEY rc5_ks;
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_RC2
|
2015-01-22 11:40:55 +08:00
|
|
|
RC2_KEY rc2_ks;
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_IDEA
|
2015-01-22 11:40:55 +08:00
|
|
|
IDEA_KEY_SCHEDULE idea_ks;
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_SEED
|
2015-01-22 11:40:55 +08:00
|
|
|
SEED_KEY_SCHEDULE seed_ks;
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_BF
|
2015-01-22 11:40:55 +08:00
|
|
|
BF_KEY bf_ks;
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_CAST
|
2015-01-22 11:40:55 +08:00
|
|
|
CAST_KEY cast_ks;
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2015-01-22 11:40:55 +08:00
|
|
|
static const unsigned char key16[16] = {
|
|
|
|
0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
|
|
|
|
0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
|
|
|
|
};
|
|
|
|
static const unsigned char key24[24] = {
|
|
|
|
0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
|
|
|
|
0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
|
|
|
|
0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
|
|
|
|
};
|
|
|
|
static const unsigned char key32[32] = {
|
|
|
|
0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
|
|
|
|
0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
|
|
|
|
0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
|
|
|
|
0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
|
|
|
|
};
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef OPENSSL_NO_CAMELLIA
|
2015-01-22 11:40:55 +08:00
|
|
|
static const unsigned char ckey24[24] = {
|
|
|
|
0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
|
|
|
|
0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
|
|
|
|
0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
|
|
|
|
};
|
|
|
|
static const unsigned char ckey32[32] = {
|
|
|
|
0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
|
|
|
|
0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
|
|
|
|
0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
|
|
|
|
0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
|
|
|
|
};
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3;
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_DES
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
static DES_cblock key = {
|
|
|
|
0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0
|
|
|
|
};
|
|
|
|
static DES_cblock key2 = {
|
|
|
|
0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
|
|
|
|
};
|
|
|
|
static DES_cblock key3 = {
|
|
|
|
0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
|
|
|
|
};
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_RSA
|
2016-07-20 05:54:21 +08:00
|
|
|
static const unsigned int rsa_bits[RSA_NUM] = {
|
2015-01-22 11:40:55 +08:00
|
|
|
512, 1024, 2048, 3072, 4096, 7680, 15360
|
|
|
|
};
|
2016-07-20 05:54:21 +08:00
|
|
|
static const unsigned char *rsa_data[RSA_NUM] = {
|
2015-01-22 11:40:55 +08:00
|
|
|
test512, test1024, test2048, test3072, test4096, test7680, test15360
|
|
|
|
};
|
2016-07-20 05:54:21 +08:00
|
|
|
static const int rsa_data_length[RSA_NUM] = {
|
2015-01-22 11:40:55 +08:00
|
|
|
sizeof(test512), sizeof(test1024),
|
|
|
|
sizeof(test2048), sizeof(test3072),
|
|
|
|
sizeof(test4096), sizeof(test7680),
|
|
|
|
sizeof(test15360)
|
|
|
|
};
|
2016-07-29 19:22:42 +08:00
|
|
|
int rsa_doit[RSA_NUM] = { 0 };
|
2017-08-02 02:19:43 +08:00
|
|
|
int primes = RSA_DEFAULT_PRIME_NUM;
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_DSA
|
2016-07-20 05:54:21 +08:00
|
|
|
static const unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 };
|
2016-07-29 19:22:42 +08:00
|
|
|
int dsa_doit[DSA_NUM] = { 0 };
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_EC
|
2015-01-22 11:40:55 +08:00
|
|
|
/*
|
|
|
|
* We only test over the following curves as they are representative, To
|
|
|
|
* add tests over more curves, simply add the curve NID and curve name to
|
2018-04-30 07:13:58 +08:00
|
|
|
* the following arrays and increase the |ecdh_choices| list accordingly.
|
2015-01-22 11:40:55 +08:00
|
|
|
*/
|
2016-11-29 06:36:50 +08:00
|
|
|
static const struct {
|
|
|
|
const char *name;
|
|
|
|
unsigned int nid;
|
|
|
|
unsigned int bits;
|
|
|
|
} test_curves[] = {
|
2015-01-22 11:40:55 +08:00
|
|
|
/* Prime Curves */
|
2016-11-29 06:36:50 +08:00
|
|
|
{"secp160r1", NID_secp160r1, 160},
|
|
|
|
{"nistp192", NID_X9_62_prime192v1, 192},
|
|
|
|
{"nistp224", NID_secp224r1, 224},
|
|
|
|
{"nistp256", NID_X9_62_prime256v1, 256},
|
2018-12-20 19:59:31 +08:00
|
|
|
{"nistp384", NID_secp384r1, 384},
|
2016-11-29 06:36:50 +08:00
|
|
|
{"nistp521", NID_secp521r1, 521},
|
2019-03-06 05:52:33 +08:00
|
|
|
# ifndef OPENSSL_NO_EC2M
|
2015-01-22 11:40:55 +08:00
|
|
|
/* Binary Curves */
|
2016-11-29 06:36:50 +08:00
|
|
|
{"nistk163", NID_sect163k1, 163},
|
2018-12-20 19:59:31 +08:00
|
|
|
{"nistk233", NID_sect233k1, 233},
|
2016-11-29 06:36:50 +08:00
|
|
|
{"nistk283", NID_sect283k1, 283},
|
|
|
|
{"nistk409", NID_sect409k1, 409},
|
|
|
|
{"nistk571", NID_sect571k1, 571},
|
|
|
|
{"nistb163", NID_sect163r2, 163},
|
|
|
|
{"nistb233", NID_sect233r1, 233},
|
|
|
|
{"nistb283", NID_sect283r1, 283},
|
|
|
|
{"nistb409", NID_sect409r1, 409},
|
|
|
|
{"nistb571", NID_sect571r1, 571},
|
2019-03-06 05:52:33 +08:00
|
|
|
# endif
|
2018-05-08 16:34:59 +08:00
|
|
|
{"brainpoolP256r1", NID_brainpoolP256r1, 256},
|
|
|
|
{"brainpoolP256t1", NID_brainpoolP256t1, 256},
|
|
|
|
{"brainpoolP384r1", NID_brainpoolP384r1, 384},
|
|
|
|
{"brainpoolP384t1", NID_brainpoolP384t1, 384},
|
|
|
|
{"brainpoolP512r1", NID_brainpoolP512r1, 512},
|
|
|
|
{"brainpoolP512t1", NID_brainpoolP512t1, 512},
|
2018-04-30 07:13:58 +08:00
|
|
|
/* Other and ECDH only ones */
|
2016-11-29 06:36:50 +08:00
|
|
|
{"X25519", NID_X25519, 253},
|
|
|
|
{"X448", NID_X448, 448}
|
2015-01-22 11:40:55 +08:00
|
|
|
};
|
2018-09-07 14:39:19 +08:00
|
|
|
static const struct {
|
|
|
|
const char *name;
|
|
|
|
unsigned int nid;
|
|
|
|
unsigned int bits;
|
2018-09-10 23:03:14 +08:00
|
|
|
size_t sigsize;
|
2018-09-07 14:39:19 +08:00
|
|
|
} test_ed_curves[] = {
|
|
|
|
/* EdDSA */
|
|
|
|
{"Ed25519", NID_ED25519, 253, 64},
|
|
|
|
{"Ed448", NID_ED448, 456, 114}
|
|
|
|
};
|
2019-09-29 22:25:10 +08:00
|
|
|
# ifndef OPENSSL_NO_SM2
|
|
|
|
static const struct {
|
|
|
|
const char *name;
|
|
|
|
unsigned int nid;
|
|
|
|
unsigned int bits;
|
|
|
|
} test_sm2_curves[] = {
|
|
|
|
/* SM2 */
|
|
|
|
{"CurveSM2", NID_sm2, 256}
|
|
|
|
};
|
|
|
|
# endif
|
2018-04-30 07:13:58 +08:00
|
|
|
int ecdsa_doit[ECDSA_NUM] = { 0 };
|
2016-07-20 05:54:21 +08:00
|
|
|
int ecdh_doit[EC_NUM] = { 0 };
|
2018-09-07 14:39:19 +08:00
|
|
|
int eddsa_doit[EdDSA_NUM] = { 0 };
|
2019-11-04 11:49:35 +08:00
|
|
|
# ifndef OPENSSL_NO_SM2
|
2019-09-29 22:25:10 +08:00
|
|
|
int sm2_doit[SM2_NUM] = { 0 };
|
2019-11-04 11:49:35 +08:00
|
|
|
# endif
|
2018-04-30 07:13:58 +08:00
|
|
|
OPENSSL_assert(OSSL_NELEM(test_curves) >= EC_NUM);
|
2018-09-07 14:39:19 +08:00
|
|
|
OPENSSL_assert(OSSL_NELEM(test_ed_curves) >= EdDSA_NUM);
|
2019-11-04 11:49:35 +08:00
|
|
|
# ifndef OPENSSL_NO_SM2
|
2019-09-29 22:25:10 +08:00
|
|
|
OPENSSL_assert(OSSL_NELEM(test_sm2_curves) >= SM2_NUM);
|
2019-11-04 11:49:35 +08:00
|
|
|
# endif
|
2016-08-07 18:04:26 +08:00
|
|
|
#endif /* ndef OPENSSL_NO_EC */
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
|
|
|
|
prog = opt_init(argc, argv, speed_options);
|
|
|
|
while ((o = opt_next()) != OPT_EOF) {
|
|
|
|
switch (o) {
|
|
|
|
case OPT_EOF:
|
|
|
|
case OPT_ERR:
|
|
|
|
opterr:
|
|
|
|
BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
|
|
|
|
goto end;
|
|
|
|
case OPT_HELP:
|
|
|
|
opt_help(speed_options);
|
|
|
|
ret = 0;
|
|
|
|
goto end;
|
|
|
|
case OPT_ELAPSED:
|
2015-01-22 11:40:55 +08:00
|
|
|
usertime = 0;
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
break;
|
|
|
|
case OPT_EVP:
|
2017-05-18 00:09:01 +08:00
|
|
|
evp_md = NULL;
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
evp_cipher = EVP_get_cipherbyname(opt_arg());
|
|
|
|
if (evp_cipher == NULL)
|
|
|
|
evp_md = EVP_get_digestbyname(opt_arg());
|
|
|
|
if (evp_cipher == NULL && evp_md == NULL) {
|
|
|
|
BIO_printf(bio_err,
|
2016-07-23 21:39:49 +08:00
|
|
|
"%s: %s is an unknown cipher or digest\n",
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
prog, opt_arg());
|
2015-01-22 11:40:55 +08:00
|
|
|
goto end;
|
|
|
|
}
|
|
|
|
doit[D_EVP] = 1;
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
break;
|
2018-08-14 12:04:47 +08:00
|
|
|
case OPT_HMAC:
|
|
|
|
evp_hmac_md = EVP_get_digestbyname(opt_arg());
|
|
|
|
if (evp_hmac_md == NULL) {
|
|
|
|
BIO_printf(bio_err, "%s: %s is an unknown digest\n",
|
|
|
|
prog, opt_arg());
|
|
|
|
goto end;
|
|
|
|
}
|
|
|
|
doit[D_EVP_HMAC] = 1;
|
|
|
|
break;
|
2019-04-11 04:44:41 +08:00
|
|
|
case OPT_CMAC:
|
|
|
|
#ifndef OPENSSL_NO_CMAC
|
|
|
|
evp_cmac_cipher = EVP_get_cipherbyname(opt_arg());
|
|
|
|
if (evp_cmac_cipher == NULL) {
|
|
|
|
BIO_printf(bio_err, "%s: %s is an unknown cipher\n",
|
|
|
|
prog, opt_arg());
|
|
|
|
goto end;
|
|
|
|
}
|
|
|
|
doit[D_EVP_CMAC] = 1;
|
|
|
|
#endif
|
|
|
|
break;
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
case OPT_DECRYPT:
|
2015-01-22 11:40:55 +08:00
|
|
|
decrypt = 1;
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
break;
|
|
|
|
case OPT_ENGINE:
|
2015-12-09 15:26:38 +08:00
|
|
|
/*
|
|
|
|
* In a forked execution, an engine might need to be
|
|
|
|
* initialised by each child process, not by the parent.
|
|
|
|
* So store the name here and run setup_engine() later on.
|
|
|
|
*/
|
|
|
|
engine_id = opt_arg();
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
break;
|
|
|
|
case OPT_MULTI:
|
2015-05-16 01:50:38 +08:00
|
|
|
#ifndef NO_FORK
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
multi = atoi(opt_arg());
|
2015-12-09 15:26:38 +08:00
|
|
|
#endif
|
|
|
|
break;
|
|
|
|
case OPT_ASYNCJOBS:
|
2016-03-08 00:55:39 +08:00
|
|
|
#ifndef OPENSSL_NO_ASYNC
|
2015-12-09 15:26:38 +08:00
|
|
|
async_jobs = atoi(opt_arg());
|
2016-03-08 00:55:39 +08:00
|
|
|
if (!ASYNC_is_capable()) {
|
|
|
|
BIO_printf(bio_err,
|
|
|
|
"%s: async_jobs specified but async not supported\n",
|
|
|
|
prog);
|
|
|
|
goto opterr;
|
|
|
|
}
|
2017-02-21 13:58:04 +08:00
|
|
|
if (async_jobs > 99999) {
|
2018-04-30 07:13:58 +08:00
|
|
|
BIO_printf(bio_err, "%s: too many async_jobs\n", prog);
|
2017-02-21 13:58:04 +08:00
|
|
|
goto opterr;
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2015-05-16 01:50:38 +08:00
|
|
|
break;
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
case OPT_MISALIGN:
|
|
|
|
if (!opt_int(opt_arg(), &misalign))
|
2015-01-22 11:40:55 +08:00
|
|
|
goto end;
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
if (misalign > MISALIGN) {
|
2015-01-22 11:40:55 +08:00
|
|
|
BIO_printf(bio_err,
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
"%s: Maximum offset is %d\n", prog, MISALIGN);
|
|
|
|
goto opterr;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
break;
|
|
|
|
case OPT_MR:
|
|
|
|
mr = 1;
|
|
|
|
break;
|
|
|
|
case OPT_MB:
|
|
|
|
multiblock = 1;
|
2016-08-04 06:23:39 +08:00
|
|
|
#ifdef OPENSSL_NO_MULTIBLOCK
|
|
|
|
BIO_printf(bio_err,
|
|
|
|
"%s: -mb specified but multi-block support is disabled\n",
|
|
|
|
prog);
|
|
|
|
goto end;
|
|
|
|
#endif
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
break;
|
2017-07-05 22:58:48 +08:00
|
|
|
case OPT_R_CASES:
|
|
|
|
if (!opt_rand(o))
|
|
|
|
goto end;
|
|
|
|
break;
|
2017-08-02 02:19:43 +08:00
|
|
|
case OPT_PRIMES:
|
|
|
|
if (!opt_int(opt_arg(), &primes))
|
|
|
|
goto end;
|
|
|
|
break;
|
2017-12-02 17:05:35 +08:00
|
|
|
case OPT_SECONDS:
|
|
|
|
seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa
|
2019-09-29 22:25:10 +08:00
|
|
|
= seconds.ecdh = seconds.eddsa
|
|
|
|
= seconds.sm2 = atoi(opt_arg());
|
2017-12-02 17:05:35 +08:00
|
|
|
break;
|
|
|
|
case OPT_BYTES:
|
|
|
|
lengths_single = atoi(opt_arg());
|
|
|
|
lengths = &lengths_single;
|
|
|
|
size_num = 1;
|
|
|
|
break;
|
2018-05-19 21:43:11 +08:00
|
|
|
case OPT_AEAD:
|
|
|
|
aead = 1;
|
|
|
|
break;
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
argc = opt_num_rest();
|
|
|
|
argv = opt_rest();
|
|
|
|
|
|
|
|
/* Remaining arguments are algorithms. */
|
2016-10-04 14:20:49 +08:00
|
|
|
for (; *argv; argv++) {
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
if (found(*argv, doit_choices, &i)) {
|
|
|
|
doit[i] = 1;
|
|
|
|
continue;
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef OPENSSL_NO_DES
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
if (strcmp(*argv, "des") == 0) {
|
|
|
|
doit[D_CBC_DES] = doit[D_EDE3_DES] = 1;
|
|
|
|
continue;
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
if (strcmp(*argv, "sha") == 0) {
|
|
|
|
doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1;
|
|
|
|
continue;
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef OPENSSL_NO_RSA
|
2017-04-08 00:07:42 +08:00
|
|
|
if (strcmp(*argv, "openssl") == 0)
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
continue;
|
|
|
|
if (strcmp(*argv, "rsa") == 0) {
|
2018-04-30 07:13:58 +08:00
|
|
|
for (loop = 0; loop < OSSL_NELEM(rsa_doit); loop++)
|
|
|
|
rsa_doit[loop] = 1;
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if (found(*argv, rsa_choices, &i)) {
|
|
|
|
rsa_doit[i] = 1;
|
|
|
|
continue;
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
#ifndef OPENSSL_NO_DSA
|
|
|
|
if (strcmp(*argv, "dsa") == 0) {
|
|
|
|
dsa_doit[R_DSA_512] = dsa_doit[R_DSA_1024] =
|
|
|
|
dsa_doit[R_DSA_2048] = 1;
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if (found(*argv, dsa_choices, &i)) {
|
|
|
|
dsa_doit[i] = 2;
|
|
|
|
continue;
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2015-01-22 11:40:55 +08:00
|
|
|
if (strcmp(*argv, "aes") == 0) {
|
2016-10-04 14:20:49 +08:00
|
|
|
doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1;
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
continue;
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef OPENSSL_NO_CAMELLIA
|
2015-01-22 11:40:55 +08:00
|
|
|
if (strcmp(*argv, "camellia") == 0) {
|
2016-10-04 14:20:49 +08:00
|
|
|
doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1;
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
continue;
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2015-03-11 07:09:27 +08:00
|
|
|
#ifndef OPENSSL_NO_EC
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
if (strcmp(*argv, "ecdsa") == 0) {
|
2018-04-30 07:13:58 +08:00
|
|
|
for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
|
|
|
|
ecdsa_doit[loop] = 1;
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if (found(*argv, ecdsa_choices, &i)) {
|
|
|
|
ecdsa_doit[i] = 2;
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if (strcmp(*argv, "ecdh") == 0) {
|
2018-04-30 07:13:58 +08:00
|
|
|
for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
|
|
|
|
ecdh_doit[loop] = 1;
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if (found(*argv, ecdh_choices, &i)) {
|
|
|
|
ecdh_doit[i] = 2;
|
|
|
|
continue;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2018-09-07 14:39:19 +08:00
|
|
|
if (strcmp(*argv, "eddsa") == 0) {
|
|
|
|
for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
|
|
|
|
eddsa_doit[loop] = 1;
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if (found(*argv, eddsa_choices, &i)) {
|
|
|
|
eddsa_doit[i] = 2;
|
|
|
|
continue;
|
|
|
|
}
|
2019-09-29 22:25:10 +08:00
|
|
|
# ifndef OPENSSL_NO_SM2
|
|
|
|
if (strcmp(*argv, "sm2") == 0) {
|
|
|
|
for (loop = 0; loop < OSSL_NELEM(sm2_doit); loop++)
|
|
|
|
sm2_doit[loop] = 1;
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if (found(*argv, sm2_choices, &i)) {
|
|
|
|
sm2_doit[i] = 2;
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
# endif
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
#endif
|
|
|
|
BIO_printf(bio_err, "%s: Unknown algorithm %s\n", prog, *argv);
|
|
|
|
goto end;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
1998-12-21 18:52:47 +08:00
|
|
|
|
2018-05-19 21:43:11 +08:00
|
|
|
/* Sanity checks */
|
|
|
|
if (aead) {
|
|
|
|
if (evp_cipher == NULL) {
|
|
|
|
BIO_printf(bio_err, "-aead can be used only with an AEAD cipher\n");
|
|
|
|
goto end;
|
|
|
|
} else if (!(EVP_CIPHER_flags(evp_cipher) &
|
|
|
|
EVP_CIPH_FLAG_AEAD_CIPHER)) {
|
|
|
|
BIO_printf(bio_err, "%s is not an AEAD cipher\n",
|
|
|
|
OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
|
|
|
|
goto end;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (multiblock) {
|
|
|
|
if (evp_cipher == NULL) {
|
|
|
|
BIO_printf(bio_err,"-mb can be used only with a multi-block"
|
|
|
|
" capable cipher\n");
|
|
|
|
goto end;
|
|
|
|
} else if (!(EVP_CIPHER_flags(evp_cipher) &
|
|
|
|
EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
|
|
|
|
BIO_printf(bio_err, "%s is not a multi-block capable\n",
|
|
|
|
OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
|
|
|
|
goto end;
|
|
|
|
} else if (async_jobs > 0) {
|
|
|
|
BIO_printf(bio_err, "Async mode is not supported with -mb");
|
|
|
|
goto end;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-12-09 15:26:38 +08:00
|
|
|
/* Initialize the job pool if async mode is enabled */
|
|
|
|
if (async_jobs > 0) {
|
2016-05-17 23:40:14 +08:00
|
|
|
async_init = ASYNC_init_thread(async_jobs, async_jobs);
|
|
|
|
if (!async_init) {
|
2015-12-09 15:26:38 +08:00
|
|
|
BIO_printf(bio_err, "Error creating the ASYNC job pool\n");
|
|
|
|
goto end;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
loopargs_len = (async_jobs == 0 ? 1 : async_jobs);
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs =
|
|
|
|
app_malloc(loopargs_len * sizeof(loopargs_t), "array of loopargs");
|
2015-12-09 15:26:38 +08:00
|
|
|
memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));
|
|
|
|
|
2016-02-18 18:56:53 +08:00
|
|
|
for (i = 0; i < loopargs_len; i++) {
|
2016-02-29 19:28:55 +08:00
|
|
|
if (async_jobs > 0) {
|
|
|
|
loopargs[i].wait_ctx = ASYNC_WAIT_CTX_new();
|
|
|
|
if (loopargs[i].wait_ctx == NULL) {
|
|
|
|
BIO_printf(bio_err, "Error creating the ASYNC_WAIT_CTX\n");
|
|
|
|
goto end;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-05-21 20:26:54 +08:00
|
|
|
buflen = lengths[size_num - 1];
|
2019-07-02 16:04:04 +08:00
|
|
|
if (buflen < 36) /* size of random vector in RSA benchmark */
|
2018-05-21 20:26:54 +08:00
|
|
|
buflen = 36;
|
|
|
|
buflen += MAX_MISALIGNMENT + 1;
|
2017-12-05 01:32:12 +08:00
|
|
|
loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
|
|
|
|
loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");
|
|
|
|
memset(loopargs[i].buf_malloc, 0, buflen);
|
|
|
|
memset(loopargs[i].buf2_malloc, 0, buflen);
|
|
|
|
|
2015-12-09 15:26:38 +08:00
|
|
|
/* Align the start of buffers on a 64 byte boundary */
|
|
|
|
loopargs[i].buf = loopargs[i].buf_malloc + misalign;
|
|
|
|
loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;
|
2016-02-18 18:56:53 +08:00
|
|
|
#ifndef OPENSSL_NO_EC
|
|
|
|
loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a");
|
|
|
|
loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b");
|
|
|
|
#endif
|
2015-12-09 15:26:38 +08:00
|
|
|
}
|
|
|
|
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef NO_FORK
|
2017-12-02 17:05:35 +08:00
|
|
|
if (multi && do_multi(multi, size_num))
|
2015-01-22 11:40:55 +08:00
|
|
|
goto show_res;
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
1998-12-21 18:52:47 +08:00
|
|
|
|
2015-12-09 15:26:38 +08:00
|
|
|
/* Initialize the engine after the fork */
|
2016-09-29 05:39:18 +08:00
|
|
|
e = setup_engine(engine_id, 0);
|
2015-12-09 15:26:38 +08:00
|
|
|
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
/* No parameters; turn on everything. */
|
2019-04-11 04:44:41 +08:00
|
|
|
if (argc == 0 && !doit[D_EVP] && !doit[D_EVP_HMAC] && !doit[D_EVP_CMAC]) {
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
for (i = 0; i < ALGOR_NUM; i++)
|
2019-04-11 04:44:41 +08:00
|
|
|
if (i != D_EVP && i != D_EVP_HMAC && i != D_EVP_CMAC)
|
2015-01-22 11:40:55 +08:00
|
|
|
doit[i] = 1;
|
2016-08-07 18:04:26 +08:00
|
|
|
#ifndef OPENSSL_NO_RSA
|
2015-01-22 11:40:55 +08:00
|
|
|
for (i = 0; i < RSA_NUM; i++)
|
|
|
|
rsa_doit[i] = 1;
|
2016-08-07 18:04:26 +08:00
|
|
|
#endif
|
2016-03-19 01:43:58 +08:00
|
|
|
#ifndef OPENSSL_NO_DSA
|
2015-01-22 11:40:55 +08:00
|
|
|
for (i = 0; i < DSA_NUM; i++)
|
|
|
|
dsa_doit[i] = 1;
|
2016-03-19 01:43:58 +08:00
|
|
|
#endif
|
2015-03-11 07:09:27 +08:00
|
|
|
#ifndef OPENSSL_NO_EC
|
2018-04-30 07:13:58 +08:00
|
|
|
for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
|
|
|
|
ecdsa_doit[loop] = 1;
|
|
|
|
for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
|
|
|
|
ecdh_doit[loop] = 1;
|
2018-09-07 14:39:19 +08:00
|
|
|
for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
|
|
|
|
eddsa_doit[loop] = 1;
|
2019-09-29 22:25:10 +08:00
|
|
|
# ifndef OPENSSL_NO_SM2
|
|
|
|
for (loop = 0; loop < OSSL_NELEM(sm2_doit); loop++)
|
|
|
|
sm2_doit[loop] = 1;
|
|
|
|
# endif
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
for (i = 0; i < ALGOR_NUM; i++)
|
|
|
|
if (doit[i])
|
|
|
|
pr_header++;
|
|
|
|
|
|
|
|
if (usertime == 0 && !mr)
|
|
|
|
BIO_printf(bio_err,
|
|
|
|
"You have chosen to measure elapsed time "
|
|
|
|
"instead of user CPU time.\n");
|
|
|
|
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef OPENSSL_NO_RSA
|
2016-02-18 18:56:53 +08:00
|
|
|
for (i = 0; i < loopargs_len; i++) {
|
2017-08-02 02:19:43 +08:00
|
|
|
if (primes > RSA_DEFAULT_PRIME_NUM) {
|
|
|
|
/* for multi-prime RSA, skip this */
|
|
|
|
break;
|
|
|
|
}
|
2016-02-18 18:56:53 +08:00
|
|
|
for (k = 0; k < RSA_NUM; k++) {
|
|
|
|
const unsigned char *p;
|
|
|
|
|
|
|
|
p = rsa_data[k];
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs[i].rsa_key[k] =
|
|
|
|
d2i_RSAPrivateKey(NULL, &p, rsa_data_length[k]);
|
2016-02-18 18:56:53 +08:00
|
|
|
if (loopargs[i].rsa_key[k] == NULL) {
|
2016-10-04 14:20:49 +08:00
|
|
|
BIO_printf(bio_err,
|
|
|
|
"internal error loading RSA key number %d\n", k);
|
2016-02-18 18:56:53 +08:00
|
|
|
goto end;
|
|
|
|
}
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
}
|
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_DSA
|
2016-02-18 18:56:53 +08:00
|
|
|
for (i = 0; i < loopargs_len; i++) {
|
2017-06-12 10:38:15 +08:00
|
|
|
loopargs[i].dsa_key[0] = get_dsa(512);
|
|
|
|
loopargs[i].dsa_key[1] = get_dsa(1024);
|
|
|
|
loopargs[i].dsa_key[2] = get_dsa(2048);
|
2016-02-18 18:56:53 +08:00
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_DES
|
2015-01-22 11:40:55 +08:00
|
|
|
DES_set_key_unchecked(&key, &sch);
|
|
|
|
DES_set_key_unchecked(&key2, &sch2);
|
|
|
|
DES_set_key_unchecked(&key3, &sch3);
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2015-01-22 11:40:55 +08:00
|
|
|
AES_set_encrypt_key(key16, 128, &aes_ks1);
|
|
|
|
AES_set_encrypt_key(key24, 192, &aes_ks2);
|
|
|
|
AES_set_encrypt_key(key32, 256, &aes_ks3);
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef OPENSSL_NO_CAMELLIA
|
2015-01-22 11:40:55 +08:00
|
|
|
Camellia_set_key(key16, 128, &camellia_ks1);
|
|
|
|
Camellia_set_key(ckey24, 192, &camellia_ks2);
|
|
|
|
Camellia_set_key(ckey32, 256, &camellia_ks3);
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_IDEA
|
2016-04-18 19:43:54 +08:00
|
|
|
IDEA_set_encrypt_key(key16, &idea_ks);
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_SEED
|
2015-01-22 11:40:55 +08:00
|
|
|
SEED_set_key(key16, &seed_ks);
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_RC4
|
2015-01-22 11:40:55 +08:00
|
|
|
RC4_set_key(&rc4_ks, 16, key16);
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_RC2
|
2015-01-22 11:40:55 +08:00
|
|
|
RC2_set_key(&rc2_ks, 16, key16, 128);
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_RC5
|
2019-06-28 23:29:42 +08:00
|
|
|
if (!RC5_32_set_key(&rc5_ks, 16, key16, 12)) {
|
|
|
|
BIO_printf(bio_err, "Failed setting RC5 key\n");
|
|
|
|
goto end;
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_BF
|
2015-01-22 11:40:55 +08:00
|
|
|
BF_set_key(&bf_ks, 16, key16);
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_CAST
|
2015-01-22 11:40:55 +08:00
|
|
|
CAST_set_key(&cast_ks, 16, key16);
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef SIGALRM
|
|
|
|
# ifndef OPENSSL_NO_DES
|
2015-01-22 11:40:55 +08:00
|
|
|
BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
|
|
|
|
count = 10;
|
|
|
|
do {
|
|
|
|
long it;
|
|
|
|
count *= 2;
|
|
|
|
Time_F(START);
|
|
|
|
for (it = count; it; it--)
|
2015-12-09 15:26:38 +08:00
|
|
|
DES_ecb_encrypt((DES_cblock *)loopargs[0].buf,
|
|
|
|
(DES_cblock *)loopargs[0].buf, &sch, DES_ENCRYPT);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
|
|
|
} while (d < 3);
|
|
|
|
save_count = count;
|
|
|
|
c[D_MD2][0] = count / 10;
|
|
|
|
c[D_MDC2][0] = count / 10;
|
|
|
|
c[D_MD4][0] = count;
|
|
|
|
c[D_MD5][0] = count;
|
|
|
|
c[D_HMAC][0] = count;
|
|
|
|
c[D_SHA1][0] = count;
|
|
|
|
c[D_RMD160][0] = count;
|
|
|
|
c[D_RC4][0] = count * 5;
|
|
|
|
c[D_CBC_DES][0] = count;
|
|
|
|
c[D_EDE3_DES][0] = count / 3;
|
|
|
|
c[D_CBC_IDEA][0] = count;
|
|
|
|
c[D_CBC_SEED][0] = count;
|
|
|
|
c[D_CBC_RC2][0] = count;
|
|
|
|
c[D_CBC_RC5][0] = count;
|
|
|
|
c[D_CBC_BF][0] = count;
|
|
|
|
c[D_CBC_CAST][0] = count;
|
|
|
|
c[D_CBC_128_AES][0] = count;
|
|
|
|
c[D_CBC_192_AES][0] = count;
|
|
|
|
c[D_CBC_256_AES][0] = count;
|
|
|
|
c[D_CBC_128_CML][0] = count;
|
|
|
|
c[D_CBC_192_CML][0] = count;
|
|
|
|
c[D_CBC_256_CML][0] = count;
|
|
|
|
c[D_SHA256][0] = count;
|
|
|
|
c[D_SHA512][0] = count;
|
|
|
|
c[D_WHIRLPOOL][0] = count;
|
|
|
|
c[D_IGE_128_AES][0] = count;
|
|
|
|
c[D_IGE_192_AES][0] = count;
|
|
|
|
c[D_IGE_256_AES][0] = count;
|
|
|
|
c[D_GHASH][0] = count;
|
2017-10-07 17:38:19 +08:00
|
|
|
c[D_RAND][0] = count;
|
2015-01-22 11:40:55 +08:00
|
|
|
|
2017-12-02 17:05:35 +08:00
|
|
|
for (i = 1; i < size_num; i++) {
|
2015-01-22 11:40:55 +08:00
|
|
|
long l0, l1;
|
|
|
|
|
|
|
|
l0 = (long)lengths[0];
|
|
|
|
l1 = (long)lengths[i];
|
|
|
|
|
|
|
|
c[D_MD2][i] = c[D_MD2][0] * 4 * l0 / l1;
|
|
|
|
c[D_MDC2][i] = c[D_MDC2][0] * 4 * l0 / l1;
|
|
|
|
c[D_MD4][i] = c[D_MD4][0] * 4 * l0 / l1;
|
|
|
|
c[D_MD5][i] = c[D_MD5][0] * 4 * l0 / l1;
|
|
|
|
c[D_HMAC][i] = c[D_HMAC][0] * 4 * l0 / l1;
|
|
|
|
c[D_SHA1][i] = c[D_SHA1][0] * 4 * l0 / l1;
|
|
|
|
c[D_RMD160][i] = c[D_RMD160][0] * 4 * l0 / l1;
|
|
|
|
c[D_SHA256][i] = c[D_SHA256][0] * 4 * l0 / l1;
|
|
|
|
c[D_SHA512][i] = c[D_SHA512][0] * 4 * l0 / l1;
|
|
|
|
c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * l0 / l1;
|
2016-02-12 21:53:51 +08:00
|
|
|
c[D_GHASH][i] = c[D_GHASH][0] * 4 * l0 / l1;
|
2017-10-07 17:38:19 +08:00
|
|
|
c[D_RAND][i] = c[D_RAND][0] * 4 * l0 / l1;
|
2015-01-22 11:40:55 +08:00
|
|
|
|
|
|
|
l0 = (long)lengths[i - 1];
|
|
|
|
|
|
|
|
c[D_RC4][i] = c[D_RC4][i - 1] * l0 / l1;
|
|
|
|
c[D_CBC_DES][i] = c[D_CBC_DES][i - 1] * l0 / l1;
|
|
|
|
c[D_EDE3_DES][i] = c[D_EDE3_DES][i - 1] * l0 / l1;
|
|
|
|
c[D_CBC_IDEA][i] = c[D_CBC_IDEA][i - 1] * l0 / l1;
|
|
|
|
c[D_CBC_SEED][i] = c[D_CBC_SEED][i - 1] * l0 / l1;
|
|
|
|
c[D_CBC_RC2][i] = c[D_CBC_RC2][i - 1] * l0 / l1;
|
|
|
|
c[D_CBC_RC5][i] = c[D_CBC_RC5][i - 1] * l0 / l1;
|
|
|
|
c[D_CBC_BF][i] = c[D_CBC_BF][i - 1] * l0 / l1;
|
|
|
|
c[D_CBC_CAST][i] = c[D_CBC_CAST][i - 1] * l0 / l1;
|
|
|
|
c[D_CBC_128_AES][i] = c[D_CBC_128_AES][i - 1] * l0 / l1;
|
|
|
|
c[D_CBC_192_AES][i] = c[D_CBC_192_AES][i - 1] * l0 / l1;
|
|
|
|
c[D_CBC_256_AES][i] = c[D_CBC_256_AES][i - 1] * l0 / l1;
|
|
|
|
c[D_CBC_128_CML][i] = c[D_CBC_128_CML][i - 1] * l0 / l1;
|
|
|
|
c[D_CBC_192_CML][i] = c[D_CBC_192_CML][i - 1] * l0 / l1;
|
|
|
|
c[D_CBC_256_CML][i] = c[D_CBC_256_CML][i - 1] * l0 / l1;
|
|
|
|
c[D_IGE_128_AES][i] = c[D_IGE_128_AES][i - 1] * l0 / l1;
|
|
|
|
c[D_IGE_192_AES][i] = c[D_IGE_192_AES][i - 1] * l0 / l1;
|
|
|
|
c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
|
|
|
|
}
|
2002-08-09 16:43:04 +08:00
|
|
|
|
2015-01-27 23:06:22 +08:00
|
|
|
# ifndef OPENSSL_NO_RSA
|
2015-01-22 11:40:55 +08:00
|
|
|
rsa_c[R_RSA_512][0] = count / 2000;
|
|
|
|
rsa_c[R_RSA_512][1] = count / 400;
|
|
|
|
for (i = 1; i < RSA_NUM; i++) {
|
|
|
|
rsa_c[i][0] = rsa_c[i - 1][0] / 8;
|
|
|
|
rsa_c[i][1] = rsa_c[i - 1][1] / 4;
|
2016-07-23 20:45:08 +08:00
|
|
|
if (rsa_doit[i] <= 1 && rsa_c[i][0] == 0)
|
2015-01-22 11:40:55 +08:00
|
|
|
rsa_doit[i] = 0;
|
|
|
|
else {
|
|
|
|
if (rsa_c[i][0] == 0) {
|
2016-10-04 14:20:49 +08:00
|
|
|
rsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
|
2015-01-22 11:40:55 +08:00
|
|
|
rsa_c[i][1] = 20;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
# endif
|
2015-01-22 11:40:55 +08:00
|
|
|
|
2015-01-27 23:06:22 +08:00
|
|
|
# ifndef OPENSSL_NO_DSA
|
2015-01-22 11:40:55 +08:00
|
|
|
dsa_c[R_DSA_512][0] = count / 1000;
|
|
|
|
dsa_c[R_DSA_512][1] = count / 1000 / 2;
|
|
|
|
for (i = 1; i < DSA_NUM; i++) {
|
|
|
|
dsa_c[i][0] = dsa_c[i - 1][0] / 4;
|
|
|
|
dsa_c[i][1] = dsa_c[i - 1][1] / 4;
|
2016-07-23 20:45:08 +08:00
|
|
|
if (dsa_doit[i] <= 1 && dsa_c[i][0] == 0)
|
2015-01-22 11:40:55 +08:00
|
|
|
dsa_doit[i] = 0;
|
|
|
|
else {
|
2016-07-23 20:45:08 +08:00
|
|
|
if (dsa_c[i][0] == 0) {
|
2016-10-04 14:20:49 +08:00
|
|
|
dsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
|
2015-01-22 11:40:55 +08:00
|
|
|
dsa_c[i][1] = 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
# endif
|
2015-01-22 11:40:55 +08:00
|
|
|
|
2015-03-11 07:09:27 +08:00
|
|
|
# ifndef OPENSSL_NO_EC
|
2015-01-22 11:40:55 +08:00
|
|
|
ecdsa_c[R_EC_P160][0] = count / 1000;
|
|
|
|
ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
|
|
|
|
for (i = R_EC_P192; i <= R_EC_P521; i++) {
|
|
|
|
ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
|
|
|
|
ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
|
2016-07-23 20:45:08 +08:00
|
|
|
if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
|
2015-01-22 11:40:55 +08:00
|
|
|
ecdsa_doit[i] = 0;
|
|
|
|
else {
|
2016-07-23 20:45:08 +08:00
|
|
|
if (ecdsa_c[i][0] == 0) {
|
2015-01-22 11:40:55 +08:00
|
|
|
ecdsa_c[i][0] = 1;
|
|
|
|
ecdsa_c[i][1] = 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2019-03-06 05:52:33 +08:00
|
|
|
# ifndef OPENSSL_NO_EC2M
|
2015-01-22 11:40:55 +08:00
|
|
|
ecdsa_c[R_EC_K163][0] = count / 1000;
|
|
|
|
ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
|
|
|
|
for (i = R_EC_K233; i <= R_EC_K571; i++) {
|
|
|
|
ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
|
|
|
|
ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
|
2016-07-23 20:45:08 +08:00
|
|
|
if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
|
2015-01-22 11:40:55 +08:00
|
|
|
ecdsa_doit[i] = 0;
|
|
|
|
else {
|
2016-07-23 20:45:08 +08:00
|
|
|
if (ecdsa_c[i][0] == 0) {
|
2015-01-22 11:40:55 +08:00
|
|
|
ecdsa_c[i][0] = 1;
|
|
|
|
ecdsa_c[i][1] = 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
ecdsa_c[R_EC_B163][0] = count / 1000;
|
|
|
|
ecdsa_c[R_EC_B163][1] = count / 1000 / 2;
|
|
|
|
for (i = R_EC_B233; i <= R_EC_B571; i++) {
|
|
|
|
ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
|
|
|
|
ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
|
2016-07-23 20:45:08 +08:00
|
|
|
if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
|
2015-01-22 11:40:55 +08:00
|
|
|
ecdsa_doit[i] = 0;
|
|
|
|
else {
|
2016-07-23 20:45:08 +08:00
|
|
|
if (ecdsa_c[i][0] == 0) {
|
2015-01-22 11:40:55 +08:00
|
|
|
ecdsa_c[i][0] = 1;
|
|
|
|
ecdsa_c[i][1] = 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2019-03-06 05:52:33 +08:00
|
|
|
# endif
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
ecdh_c[R_EC_P160][0] = count / 1000;
|
|
|
|
for (i = R_EC_P192; i <= R_EC_P521; i++) {
|
|
|
|
ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
|
2016-07-23 20:45:08 +08:00
|
|
|
if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
|
2015-01-22 11:40:55 +08:00
|
|
|
ecdh_doit[i] = 0;
|
|
|
|
else {
|
2016-07-23 20:45:08 +08:00
|
|
|
if (ecdh_c[i][0] == 0) {
|
2015-01-22 11:40:55 +08:00
|
|
|
ecdh_c[i][0] = 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2019-03-06 05:52:33 +08:00
|
|
|
# ifndef OPENSSL_NO_EC2M
|
2015-01-22 11:40:55 +08:00
|
|
|
ecdh_c[R_EC_K163][0] = count / 1000;
|
|
|
|
for (i = R_EC_K233; i <= R_EC_K571; i++) {
|
|
|
|
ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
|
2016-07-23 20:45:08 +08:00
|
|
|
if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
|
2015-01-22 11:40:55 +08:00
|
|
|
ecdh_doit[i] = 0;
|
|
|
|
else {
|
2016-07-23 20:45:08 +08:00
|
|
|
if (ecdh_c[i][0] == 0) {
|
2015-01-22 11:40:55 +08:00
|
|
|
ecdh_c[i][0] = 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
ecdh_c[R_EC_B163][0] = count / 1000;
|
|
|
|
for (i = R_EC_B233; i <= R_EC_B571; i++) {
|
|
|
|
ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
|
2016-07-23 20:45:08 +08:00
|
|
|
if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
|
2015-01-22 11:40:55 +08:00
|
|
|
ecdh_doit[i] = 0;
|
|
|
|
else {
|
2016-07-23 20:45:08 +08:00
|
|
|
if (ecdh_c[i][0] == 0) {
|
2015-01-22 11:40:55 +08:00
|
|
|
ecdh_c[i][0] = 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2019-03-06 05:52:33 +08:00
|
|
|
# endif
|
2018-04-30 07:13:58 +08:00
|
|
|
/* repeated code good to factorize */
|
|
|
|
ecdh_c[R_EC_BRP256R1][0] = count / 1000;
|
|
|
|
for (i = R_EC_BRP384R1; i <= R_EC_BRP512R1; i += 2) {
|
|
|
|
ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
|
|
|
|
if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
|
|
|
|
ecdh_doit[i] = 0;
|
|
|
|
else {
|
|
|
|
if (ecdh_c[i][0] == 0) {
|
|
|
|
ecdh_c[i][0] = 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
ecdh_c[R_EC_BRP256T1][0] = count / 1000;
|
|
|
|
for (i = R_EC_BRP384T1; i <= R_EC_BRP512T1; i += 2) {
|
|
|
|
ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
|
|
|
|
if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
|
|
|
|
ecdh_doit[i] = 0;
|
|
|
|
else {
|
|
|
|
if (ecdh_c[i][0] == 0) {
|
|
|
|
ecdh_c[i][0] = 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
/* default iteration count for the last two EC Curves */
|
|
|
|
ecdh_c[R_EC_X25519][0] = count / 1800;
|
|
|
|
ecdh_c[R_EC_X448][0] = count / 7200;
|
2018-09-07 14:39:19 +08:00
|
|
|
|
|
|
|
eddsa_c[R_EC_Ed25519][0] = count / 1800;
|
|
|
|
eddsa_c[R_EC_Ed448][0] = count / 7200;
|
2019-09-29 22:25:10 +08:00
|
|
|
|
|
|
|
# ifndef OPENSSL_NO_SM2
|
|
|
|
sm2_c[R_EC_SM2P256][0] = count / 1800;
|
|
|
|
# endif
|
2015-01-27 23:06:22 +08:00
|
|
|
# endif
|
2002-08-09 16:43:04 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
# else
|
2015-01-27 23:06:22 +08:00
|
|
|
/* not worth fixing */
|
|
|
|
# error "You cannot disable DES on systems without SIGALRM."
|
2016-10-04 14:20:49 +08:00
|
|
|
# endif /* OPENSSL_NO_DES */
|
2018-05-19 21:53:29 +08:00
|
|
|
#elif SIGALRM > 0
|
|
|
|
signal(SIGALRM, alarmed);
|
2016-10-04 14:20:49 +08:00
|
|
|
#endif /* SIGALRM */
|
2015-01-22 11:40:55 +08:00
|
|
|
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef OPENSSL_NO_MD2
|
2015-01-22 11:40:55 +08:00
|
|
|
if (doit[D_MD2]) {
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num; testnum++) {
|
|
|
|
print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum],
|
|
|
|
seconds.sym);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2015-12-09 15:26:38 +08:00
|
|
|
count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
print_result(D_MD2, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_MDC2
|
2015-01-22 11:40:55 +08:00
|
|
|
if (doit[D_MDC2]) {
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num; testnum++) {
|
|
|
|
print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum],
|
|
|
|
seconds.sym);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2015-12-09 15:26:38 +08:00
|
|
|
count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
print_result(D_MDC2, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
1998-12-21 18:52:47 +08:00
|
|
|
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef OPENSSL_NO_MD4
|
2015-01-22 11:40:55 +08:00
|
|
|
if (doit[D_MD4]) {
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num; testnum++) {
|
|
|
|
print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum],
|
|
|
|
seconds.sym);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2015-12-09 15:26:38 +08:00
|
|
|
count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
print_result(D_MD4, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2000-08-14 22:05:53 +08:00
|
|
|
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef OPENSSL_NO_MD5
|
2015-01-22 11:40:55 +08:00
|
|
|
if (doit[D_MD5]) {
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num; testnum++) {
|
|
|
|
print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum],
|
|
|
|
seconds.sym);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2015-12-09 15:26:38 +08:00
|
|
|
count = run_benchmark(async_jobs, MD5_loop, loopargs);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
print_result(D_MD5, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
1998-12-21 18:52:47 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
if (doit[D_HMAC]) {
|
2016-08-07 18:04:26 +08:00
|
|
|
static const char hmac_key[] = "This is a key...";
|
2016-07-20 05:57:18 +08:00
|
|
|
int len = strlen(hmac_key);
|
|
|
|
|
2016-02-18 18:56:53 +08:00
|
|
|
for (i = 0; i < loopargs_len; i++) {
|
2015-12-09 15:26:38 +08:00
|
|
|
loopargs[i].hctx = HMAC_CTX_new();
|
|
|
|
if (loopargs[i].hctx == NULL) {
|
|
|
|
BIO_printf(bio_err, "HMAC malloc failure, exiting...");
|
|
|
|
exit(1);
|
|
|
|
}
|
2015-01-22 11:40:55 +08:00
|
|
|
|
2016-07-20 05:57:18 +08:00
|
|
|
HMAC_Init_ex(loopargs[i].hctx, hmac_key, len, EVP_md5(), NULL);
|
2015-11-30 20:44:28 +08:00
|
|
|
}
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num; testnum++) {
|
|
|
|
print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum],
|
|
|
|
seconds.sym);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2015-12-09 15:26:38 +08:00
|
|
|
count = run_benchmark(async_jobs, HMAC_loop, loopargs);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
print_result(D_HMAC, testnum, count, d);
|
|
|
|
}
|
2016-02-18 18:56:53 +08:00
|
|
|
for (i = 0; i < loopargs_len; i++) {
|
2015-12-09 15:26:38 +08:00
|
|
|
HMAC_CTX_free(loopargs[i].hctx);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2015-01-22 11:40:55 +08:00
|
|
|
if (doit[D_SHA1]) {
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num; testnum++) {
|
|
|
|
print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum],
|
|
|
|
seconds.sym);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2015-12-09 15:26:38 +08:00
|
|
|
count = run_benchmark(async_jobs, SHA1_loop, loopargs);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
print_result(D_SHA1, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
if (doit[D_SHA256]) {
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num; testnum++) {
|
2016-10-04 14:20:49 +08:00
|
|
|
print_message(names[D_SHA256], c[D_SHA256][testnum],
|
2017-12-02 17:05:35 +08:00
|
|
|
lengths[testnum], seconds.sym);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2015-12-09 15:26:38 +08:00
|
|
|
count = run_benchmark(async_jobs, SHA256_loop, loopargs);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
print_result(D_SHA256, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
if (doit[D_SHA512]) {
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num; testnum++) {
|
2016-10-04 14:20:49 +08:00
|
|
|
print_message(names[D_SHA512], c[D_SHA512][testnum],
|
2017-12-02 17:05:35 +08:00
|
|
|
lengths[testnum], seconds.sym);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2015-12-09 15:26:38 +08:00
|
|
|
count = run_benchmark(async_jobs, SHA512_loop, loopargs);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
print_result(D_SHA512, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef OPENSSL_NO_WHIRLPOOL
|
2015-01-22 11:40:55 +08:00
|
|
|
if (doit[D_WHIRLPOOL]) {
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num; testnum++) {
|
2016-10-04 14:20:49 +08:00
|
|
|
print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][testnum],
|
2017-12-02 17:05:35 +08:00
|
|
|
lengths[testnum], seconds.sym);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2015-12-09 15:26:38 +08:00
|
|
|
count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
print_result(D_WHIRLPOOL, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2004-07-26 02:57:35 +08:00
|
|
|
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef OPENSSL_NO_RMD160
|
2015-01-22 11:40:55 +08:00
|
|
|
if (doit[D_RMD160]) {
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num; testnum++) {
|
2016-10-04 14:20:49 +08:00
|
|
|
print_message(names[D_RMD160], c[D_RMD160][testnum],
|
2017-12-02 17:05:35 +08:00
|
|
|
lengths[testnum], seconds.sym);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2015-12-09 15:26:38 +08:00
|
|
|
count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
print_result(D_RMD160, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_RC4
|
2015-01-22 11:40:55 +08:00
|
|
|
if (doit[D_RC4]) {
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num; testnum++) {
|
|
|
|
print_message(names[D_RC4], c[D_RC4][testnum], lengths[testnum],
|
|
|
|
seconds.sym);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2015-12-09 15:26:38 +08:00
|
|
|
count = run_benchmark(async_jobs, RC4_loop, loopargs);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
print_result(D_RC4, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_DES
|
2015-01-22 11:40:55 +08:00
|
|
|
if (doit[D_CBC_DES]) {
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num; testnum++) {
|
2016-10-04 14:20:49 +08:00
|
|
|
print_message(names[D_CBC_DES], c[D_CBC_DES][testnum],
|
2017-12-02 17:05:35 +08:00
|
|
|
lengths[testnum], seconds.sym);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2015-12-09 15:26:38 +08:00
|
|
|
count = run_benchmark(async_jobs, DES_ncbc_encrypt_loop, loopargs);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
print_result(D_CBC_DES, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
2006-12-02 05:42:55 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
if (doit[D_EDE3_DES]) {
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num; testnum++) {
|
2016-10-04 14:20:49 +08:00
|
|
|
print_message(names[D_EDE3_DES], c[D_EDE3_DES][testnum],
|
2017-12-02 17:05:35 +08:00
|
|
|
lengths[testnum], seconds.sym);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2016-10-04 14:20:49 +08:00
|
|
|
count =
|
|
|
|
run_benchmark(async_jobs, DES_ede3_cbc_encrypt_loop, loopargs);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
print_result(D_EDE3_DES, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2016-04-13 18:28:45 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
if (doit[D_CBC_128_AES]) {
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num; testnum++) {
|
2015-12-09 15:26:38 +08:00
|
|
|
print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][testnum],
|
2017-12-02 17:05:35 +08:00
|
|
|
lengths[testnum], seconds.sym);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2016-10-04 14:20:49 +08:00
|
|
|
count =
|
|
|
|
run_benchmark(async_jobs, AES_cbc_128_encrypt_loop, loopargs);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
print_result(D_CBC_128_AES, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
if (doit[D_CBC_192_AES]) {
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num; testnum++) {
|
2015-12-09 15:26:38 +08:00
|
|
|
print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][testnum],
|
2017-12-02 17:05:35 +08:00
|
|
|
lengths[testnum], seconds.sym);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2016-10-04 14:20:49 +08:00
|
|
|
count =
|
|
|
|
run_benchmark(async_jobs, AES_cbc_192_encrypt_loop, loopargs);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
print_result(D_CBC_192_AES, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
if (doit[D_CBC_256_AES]) {
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num; testnum++) {
|
2015-12-09 15:26:38 +08:00
|
|
|
print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][testnum],
|
2017-12-02 17:05:35 +08:00
|
|
|
lengths[testnum], seconds.sym);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2016-10-04 14:20:49 +08:00
|
|
|
count =
|
|
|
|
run_benchmark(async_jobs, AES_cbc_256_encrypt_loop, loopargs);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
print_result(D_CBC_256_AES, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
2007-05-13 20:57:59 +08:00
|
|
|
|
2019-11-06 00:28:50 +08:00
|
|
|
#ifndef OPENSSL_NO_DEPRECATED_3_0
|
2015-01-22 11:40:55 +08:00
|
|
|
if (doit[D_IGE_128_AES]) {
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num; testnum++) {
|
2015-12-09 15:26:38 +08:00
|
|
|
print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][testnum],
|
2017-12-02 17:05:35 +08:00
|
|
|
lengths[testnum], seconds.sym);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2016-10-04 14:20:49 +08:00
|
|
|
count =
|
|
|
|
run_benchmark(async_jobs, AES_ige_128_encrypt_loop, loopargs);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
print_result(D_IGE_128_AES, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
if (doit[D_IGE_192_AES]) {
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num; testnum++) {
|
2015-12-09 15:26:38 +08:00
|
|
|
print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][testnum],
|
2017-12-02 17:05:35 +08:00
|
|
|
lengths[testnum], seconds.sym);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2016-10-04 14:20:49 +08:00
|
|
|
count =
|
|
|
|
run_benchmark(async_jobs, AES_ige_192_encrypt_loop, loopargs);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
print_result(D_IGE_192_AES, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
if (doit[D_IGE_256_AES]) {
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num; testnum++) {
|
2015-12-09 15:26:38 +08:00
|
|
|
print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][testnum],
|
2017-12-02 17:05:35 +08:00
|
|
|
lengths[testnum], seconds.sym);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2016-10-04 14:20:49 +08:00
|
|
|
count =
|
|
|
|
run_benchmark(async_jobs, AES_ige_256_encrypt_loop, loopargs);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
print_result(D_IGE_256_AES, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
2019-04-09 22:32:33 +08:00
|
|
|
#endif
|
2015-01-22 11:40:55 +08:00
|
|
|
if (doit[D_GHASH]) {
|
2016-02-18 18:56:53 +08:00
|
|
|
for (i = 0; i < loopargs_len; i++) {
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs[i].gcm_ctx =
|
|
|
|
CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
|
|
|
|
CRYPTO_gcm128_setiv(loopargs[i].gcm_ctx,
|
|
|
|
(unsigned char *)"0123456789ab", 12);
|
2015-12-09 15:26:38 +08:00
|
|
|
}
|
2015-01-22 11:40:55 +08:00
|
|
|
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num; testnum++) {
|
2016-10-04 14:20:49 +08:00
|
|
|
print_message(names[D_GHASH], c[D_GHASH][testnum],
|
2017-12-02 17:05:35 +08:00
|
|
|
lengths[testnum], seconds.sym);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2015-12-09 15:26:38 +08:00
|
|
|
count = run_benchmark(async_jobs, CRYPTO_gcm128_aad_loop, loopargs);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
print_result(D_GHASH, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2016-02-18 18:56:53 +08:00
|
|
|
for (i = 0; i < loopargs_len; i++)
|
2015-12-09 15:26:38 +08:00
|
|
|
CRYPTO_gcm128_release(loopargs[i].gcm_ctx);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef OPENSSL_NO_CAMELLIA
|
2015-01-22 11:40:55 +08:00
|
|
|
if (doit[D_CBC_128_CML]) {
|
2016-08-18 14:44:43 +08:00
|
|
|
if (async_jobs > 0) {
|
|
|
|
BIO_printf(bio_err, "Async mode is not supported with %s\n",
|
|
|
|
names[D_CBC_128_CML]);
|
|
|
|
doit[D_CBC_128_CML] = 0;
|
|
|
|
}
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
|
2015-12-09 15:26:38 +08:00
|
|
|
print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][testnum],
|
2017-12-02 17:05:35 +08:00
|
|
|
lengths[testnum], seconds.sym);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2015-12-09 15:26:38 +08:00
|
|
|
for (count = 0, run = 1; COND(c[D_CBC_128_CML][testnum]); count++)
|
|
|
|
Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
|
2016-07-20 05:57:18 +08:00
|
|
|
(size_t)lengths[testnum], &camellia_ks1,
|
2015-01-22 11:40:55 +08:00
|
|
|
iv, CAMELLIA_ENCRYPT);
|
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
print_result(D_CBC_128_CML, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
if (doit[D_CBC_192_CML]) {
|
2016-08-18 14:44:43 +08:00
|
|
|
if (async_jobs > 0) {
|
|
|
|
BIO_printf(bio_err, "Async mode is not supported with %s\n",
|
|
|
|
names[D_CBC_192_CML]);
|
|
|
|
doit[D_CBC_192_CML] = 0;
|
|
|
|
}
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
|
2015-12-09 15:26:38 +08:00
|
|
|
print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][testnum],
|
2017-12-02 17:05:35 +08:00
|
|
|
lengths[testnum], seconds.sym);
|
2015-12-09 15:26:38 +08:00
|
|
|
if (async_jobs > 0) {
|
|
|
|
BIO_printf(bio_err, "Async mode is not supported, exiting...");
|
|
|
|
exit(1);
|
|
|
|
}
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2015-12-09 15:26:38 +08:00
|
|
|
for (count = 0, run = 1; COND(c[D_CBC_192_CML][testnum]); count++)
|
|
|
|
Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
|
2016-07-20 05:57:18 +08:00
|
|
|
(size_t)lengths[testnum], &camellia_ks2,
|
2015-01-22 11:40:55 +08:00
|
|
|
iv, CAMELLIA_ENCRYPT);
|
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
print_result(D_CBC_192_CML, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
if (doit[D_CBC_256_CML]) {
|
2016-08-18 14:44:43 +08:00
|
|
|
if (async_jobs > 0) {
|
|
|
|
BIO_printf(bio_err, "Async mode is not supported with %s\n",
|
|
|
|
names[D_CBC_256_CML]);
|
|
|
|
doit[D_CBC_256_CML] = 0;
|
|
|
|
}
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
|
2015-12-09 15:26:38 +08:00
|
|
|
print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][testnum],
|
2017-12-02 17:05:35 +08:00
|
|
|
lengths[testnum], seconds.sym);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2015-12-09 15:26:38 +08:00
|
|
|
for (count = 0, run = 1; COND(c[D_CBC_256_CML][testnum]); count++)
|
|
|
|
Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
|
2016-07-20 05:57:18 +08:00
|
|
|
(size_t)lengths[testnum], &camellia_ks3,
|
2015-01-22 11:40:55 +08:00
|
|
|
iv, CAMELLIA_ENCRYPT);
|
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
print_result(D_CBC_256_CML, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_IDEA
|
2015-01-22 11:40:55 +08:00
|
|
|
if (doit[D_CBC_IDEA]) {
|
2016-08-18 14:44:43 +08:00
|
|
|
if (async_jobs > 0) {
|
|
|
|
BIO_printf(bio_err, "Async mode is not supported with %s\n",
|
|
|
|
names[D_CBC_IDEA]);
|
|
|
|
doit[D_CBC_IDEA] = 0;
|
|
|
|
}
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
|
2016-10-04 14:20:49 +08:00
|
|
|
print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][testnum],
|
2017-12-02 17:05:35 +08:00
|
|
|
lengths[testnum], seconds.sym);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2015-12-09 15:26:38 +08:00
|
|
|
for (count = 0, run = 1; COND(c[D_CBC_IDEA][testnum]); count++)
|
2016-04-18 19:43:54 +08:00
|
|
|
IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
|
2016-07-20 05:57:18 +08:00
|
|
|
(size_t)lengths[testnum], &idea_ks,
|
2015-01-22 11:40:55 +08:00
|
|
|
iv, IDEA_ENCRYPT);
|
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
print_result(D_CBC_IDEA, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_SEED
|
2015-01-22 11:40:55 +08:00
|
|
|
if (doit[D_CBC_SEED]) {
|
2016-08-18 14:44:43 +08:00
|
|
|
if (async_jobs > 0) {
|
|
|
|
BIO_printf(bio_err, "Async mode is not supported with %s\n",
|
|
|
|
names[D_CBC_SEED]);
|
|
|
|
doit[D_CBC_SEED] = 0;
|
|
|
|
}
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
|
2016-10-04 14:20:49 +08:00
|
|
|
print_message(names[D_CBC_SEED], c[D_CBC_SEED][testnum],
|
2017-12-02 17:05:35 +08:00
|
|
|
lengths[testnum], seconds.sym);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2015-12-09 15:26:38 +08:00
|
|
|
for (count = 0, run = 1; COND(c[D_CBC_SEED][testnum]); count++)
|
|
|
|
SEED_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
|
2016-07-20 05:57:18 +08:00
|
|
|
(size_t)lengths[testnum], &seed_ks, iv, 1);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
print_result(D_CBC_SEED, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_RC2
|
2015-01-22 11:40:55 +08:00
|
|
|
if (doit[D_CBC_RC2]) {
|
2016-08-18 14:44:43 +08:00
|
|
|
if (async_jobs > 0) {
|
|
|
|
BIO_printf(bio_err, "Async mode is not supported with %s\n",
|
|
|
|
names[D_CBC_RC2]);
|
|
|
|
doit[D_CBC_RC2] = 0;
|
|
|
|
}
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
|
2016-10-04 14:20:49 +08:00
|
|
|
print_message(names[D_CBC_RC2], c[D_CBC_RC2][testnum],
|
2017-12-02 17:05:35 +08:00
|
|
|
lengths[testnum], seconds.sym);
|
2015-12-09 15:26:38 +08:00
|
|
|
if (async_jobs > 0) {
|
|
|
|
BIO_printf(bio_err, "Async mode is not supported, exiting...");
|
|
|
|
exit(1);
|
|
|
|
}
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2015-12-09 15:26:38 +08:00
|
|
|
for (count = 0, run = 1; COND(c[D_CBC_RC2][testnum]); count++)
|
|
|
|
RC2_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
|
2016-07-20 05:57:18 +08:00
|
|
|
(size_t)lengths[testnum], &rc2_ks,
|
2015-01-22 11:40:55 +08:00
|
|
|
iv, RC2_ENCRYPT);
|
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
print_result(D_CBC_RC2, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_RC5
|
2015-01-22 11:40:55 +08:00
|
|
|
if (doit[D_CBC_RC5]) {
|
2016-08-18 14:44:43 +08:00
|
|
|
if (async_jobs > 0) {
|
|
|
|
BIO_printf(bio_err, "Async mode is not supported with %s\n",
|
|
|
|
names[D_CBC_RC5]);
|
|
|
|
doit[D_CBC_RC5] = 0;
|
|
|
|
}
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
|
2016-10-04 14:20:49 +08:00
|
|
|
print_message(names[D_CBC_RC5], c[D_CBC_RC5][testnum],
|
2017-12-02 17:05:35 +08:00
|
|
|
lengths[testnum], seconds.sym);
|
2015-12-09 15:26:38 +08:00
|
|
|
if (async_jobs > 0) {
|
|
|
|
BIO_printf(bio_err, "Async mode is not supported, exiting...");
|
|
|
|
exit(1);
|
|
|
|
}
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2015-12-09 15:26:38 +08:00
|
|
|
for (count = 0, run = 1; COND(c[D_CBC_RC5][testnum]); count++)
|
|
|
|
RC5_32_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
|
2016-07-20 05:57:18 +08:00
|
|
|
(size_t)lengths[testnum], &rc5_ks,
|
2015-01-22 11:40:55 +08:00
|
|
|
iv, RC5_ENCRYPT);
|
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
print_result(D_CBC_RC5, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_BF
|
2015-01-22 11:40:55 +08:00
|
|
|
if (doit[D_CBC_BF]) {
|
2016-08-18 14:44:43 +08:00
|
|
|
if (async_jobs > 0) {
|
|
|
|
BIO_printf(bio_err, "Async mode is not supported with %s\n",
|
|
|
|
names[D_CBC_BF]);
|
|
|
|
doit[D_CBC_BF] = 0;
|
|
|
|
}
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
|
2016-10-04 14:20:49 +08:00
|
|
|
print_message(names[D_CBC_BF], c[D_CBC_BF][testnum],
|
2017-12-02 17:05:35 +08:00
|
|
|
lengths[testnum], seconds.sym);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2015-12-09 15:26:38 +08:00
|
|
|
for (count = 0, run = 1; COND(c[D_CBC_BF][testnum]); count++)
|
|
|
|
BF_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
|
2016-07-20 05:57:18 +08:00
|
|
|
(size_t)lengths[testnum], &bf_ks,
|
2015-01-22 11:40:55 +08:00
|
|
|
iv, BF_ENCRYPT);
|
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
print_result(D_CBC_BF, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_CAST
|
2015-01-22 11:40:55 +08:00
|
|
|
if (doit[D_CBC_CAST]) {
|
2016-08-18 14:44:43 +08:00
|
|
|
if (async_jobs > 0) {
|
|
|
|
BIO_printf(bio_err, "Async mode is not supported with %s\n",
|
|
|
|
names[D_CBC_CAST]);
|
|
|
|
doit[D_CBC_CAST] = 0;
|
|
|
|
}
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
|
2016-10-04 14:20:49 +08:00
|
|
|
print_message(names[D_CBC_CAST], c[D_CBC_CAST][testnum],
|
2017-12-02 17:05:35 +08:00
|
|
|
lengths[testnum], seconds.sym);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2015-12-09 15:26:38 +08:00
|
|
|
for (count = 0, run = 1; COND(c[D_CBC_CAST][testnum]); count++)
|
|
|
|
CAST_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
|
2016-07-20 05:57:18 +08:00
|
|
|
(size_t)lengths[testnum], &cast_ks,
|
2015-01-22 11:40:55 +08:00
|
|
|
iv, CAST_ENCRYPT);
|
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
print_result(D_CBC_CAST, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2017-10-07 17:38:19 +08:00
|
|
|
if (doit[D_RAND]) {
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num; testnum++) {
|
|
|
|
print_message(names[D_RAND], c[D_RAND][testnum], lengths[testnum],
|
|
|
|
seconds.sym);
|
2017-10-07 17:38:19 +08:00
|
|
|
Time_F(START);
|
|
|
|
count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs);
|
|
|
|
d = Time_F(STOP);
|
|
|
|
print_result(D_RAND, testnum, count, d);
|
|
|
|
}
|
|
|
|
}
|
2006-06-09 23:44:59 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
if (doit[D_EVP]) {
|
2018-05-19 21:43:11 +08:00
|
|
|
if (evp_cipher != NULL) {
|
|
|
|
int (*loopfunc)(void *args) = EVP_Update_loop;
|
|
|
|
|
|
|
|
if (multiblock && (EVP_CIPHER_flags(evp_cipher) &
|
|
|
|
EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
|
|
|
|
multiblock_speed(evp_cipher, lengths_single, &seconds);
|
|
|
|
ret = 0;
|
2015-01-22 11:40:55 +08:00
|
|
|
goto end;
|
|
|
|
}
|
2018-05-19 21:43:11 +08:00
|
|
|
|
|
|
|
names[D_EVP] = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
|
|
|
|
|
|
|
|
if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_CCM_MODE) {
|
|
|
|
loopfunc = EVP_Update_loop_ccm;
|
|
|
|
} else if (aead && (EVP_CIPHER_flags(evp_cipher) &
|
|
|
|
EVP_CIPH_FLAG_AEAD_CIPHER)) {
|
|
|
|
loopfunc = EVP_Update_loop_aead;
|
|
|
|
if (lengths == lengths_list) {
|
|
|
|
lengths = aead_lengths_list;
|
|
|
|
size_num = OSSL_NELEM(aead_lengths_list);
|
|
|
|
}
|
2015-12-09 15:26:38 +08:00
|
|
|
}
|
2015-01-22 11:40:55 +08:00
|
|
|
|
2018-05-19 21:43:11 +08:00
|
|
|
for (testnum = 0; testnum < size_num; testnum++) {
|
2017-12-02 17:05:35 +08:00
|
|
|
print_message(names[D_EVP], save_count, lengths[testnum],
|
|
|
|
seconds.sym);
|
2015-12-09 15:26:38 +08:00
|
|
|
|
|
|
|
for (k = 0; k < loopargs_len; k++) {
|
|
|
|
loopargs[k].ctx = EVP_CIPHER_CTX_new();
|
2019-04-13 16:01:09 +08:00
|
|
|
if (loopargs[k].ctx == NULL) {
|
|
|
|
BIO_printf(bio_err, "\nEVP_CIPHER_CTX_new failure\n");
|
|
|
|
exit(1);
|
|
|
|
}
|
|
|
|
if (!EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL,
|
|
|
|
NULL, iv, decrypt ? 0 : 1)) {
|
|
|
|
BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
exit(1);
|
|
|
|
}
|
2017-12-05 00:40:23 +08:00
|
|
|
|
2015-12-09 15:26:38 +08:00
|
|
|
EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
|
2017-12-05 00:40:23 +08:00
|
|
|
|
|
|
|
keylen = EVP_CIPHER_CTX_key_length(loopargs[k].ctx);
|
|
|
|
loopargs[k].key = app_malloc(keylen, "evp_cipher key");
|
|
|
|
EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key);
|
2019-04-13 16:01:09 +08:00
|
|
|
if (!EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
|
|
|
|
loopargs[k].key, NULL, -1)) {
|
|
|
|
BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
exit(1);
|
|
|
|
}
|
2017-12-05 00:40:23 +08:00
|
|
|
OPENSSL_clear_free(loopargs[k].key, keylen);
|
2017-05-19 22:27:28 +08:00
|
|
|
|
|
|
|
/* SIV mode only allows for a single Update operation */
|
|
|
|
if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_SIV_MODE)
|
|
|
|
EVP_CIPHER_CTX_ctrl(loopargs[k].ctx, EVP_CTRL_SET_SPEED, 1, NULL);
|
2015-12-09 15:26:38 +08:00
|
|
|
}
|
2015-01-22 11:40:55 +08:00
|
|
|
|
|
|
|
Time_F(START);
|
2017-02-21 00:49:36 +08:00
|
|
|
count = run_benchmark(async_jobs, loopfunc, loopargs);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
2015-12-09 15:26:38 +08:00
|
|
|
for (k = 0; k < loopargs_len; k++) {
|
|
|
|
EVP_CIPHER_CTX_free(loopargs[k].ctx);
|
|
|
|
}
|
2018-05-19 21:43:11 +08:00
|
|
|
print_result(D_EVP, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2018-05-19 21:43:11 +08:00
|
|
|
} else if (evp_md != NULL) {
|
|
|
|
names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md));
|
|
|
|
|
|
|
|
for (testnum = 0; testnum < size_num; testnum++) {
|
2017-12-02 17:05:35 +08:00
|
|
|
print_message(names[D_EVP], save_count, lengths[testnum],
|
|
|
|
seconds.sym);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2015-12-09 15:26:38 +08:00
|
|
|
count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
2018-05-19 21:43:11 +08:00
|
|
|
print_result(D_EVP, testnum, count, d);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
|
2018-08-14 12:04:47 +08:00
|
|
|
if (doit[D_EVP_HMAC]) {
|
|
|
|
if (evp_hmac_md != NULL) {
|
|
|
|
const char *md_name = OBJ_nid2ln(EVP_MD_type(evp_hmac_md));
|
|
|
|
evp_hmac_name = app_malloc(sizeof("HMAC()") + strlen(md_name),
|
|
|
|
"HMAC name");
|
|
|
|
sprintf(evp_hmac_name, "HMAC(%s)", md_name);
|
|
|
|
names[D_EVP_HMAC] = evp_hmac_name;
|
|
|
|
|
|
|
|
for (testnum = 0; testnum < size_num; testnum++) {
|
|
|
|
print_message(names[D_EVP_HMAC], save_count, lengths[testnum],
|
|
|
|
seconds.sym);
|
|
|
|
Time_F(START);
|
|
|
|
count = run_benchmark(async_jobs, EVP_HMAC_loop, loopargs);
|
|
|
|
d = Time_F(STOP);
|
|
|
|
print_result(D_EVP_HMAC, testnum, count, d);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-04-11 04:44:41 +08:00
|
|
|
#ifndef OPENSSL_NO_CMAC
|
|
|
|
if (doit[D_EVP_CMAC]) {
|
|
|
|
if (evp_cmac_cipher != NULL) {
|
|
|
|
const char *cipher_name = OBJ_nid2ln(EVP_CIPHER_type(evp_cmac_cipher));
|
|
|
|
evp_cmac_name = app_malloc(sizeof("CMAC()") + strlen(cipher_name),
|
|
|
|
"CMAC name");
|
|
|
|
sprintf(evp_cmac_name, "CMAC(%s)", cipher_name);
|
|
|
|
names[D_EVP_CMAC] = evp_cmac_name;
|
|
|
|
|
|
|
|
for (i = 0; i < loopargs_len; i++) {
|
|
|
|
loopargs[i].cmac_ctx = CMAC_CTX_new();
|
|
|
|
if (loopargs[i].cmac_ctx == NULL) {
|
|
|
|
BIO_printf(bio_err, "CMAC malloc failure, exiting...");
|
|
|
|
exit(1);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
for (testnum = 0; testnum < size_num; testnum++) {
|
|
|
|
print_message(names[D_EVP_CMAC], save_count, lengths[testnum],
|
|
|
|
seconds.sym);
|
|
|
|
Time_F(START);
|
|
|
|
count = run_benchmark(async_jobs, EVP_CMAC_loop, loopargs);
|
|
|
|
d = Time_F(STOP);
|
|
|
|
print_result(D_EVP_CMAC, testnum, count, d);
|
|
|
|
}
|
|
|
|
for (i = 0; i < loopargs_len; i++)
|
|
|
|
CMAC_CTX_free(loopargs[i].cmac_ctx);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
2016-02-18 18:56:53 +08:00
|
|
|
for (i = 0; i < loopargs_len; i++)
|
2018-06-24 15:28:33 +08:00
|
|
|
if (RAND_bytes(loopargs[i].buf, 36) <= 0)
|
|
|
|
goto end;
|
2015-12-09 15:26:38 +08:00
|
|
|
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef OPENSSL_NO_RSA
|
2015-12-09 15:26:38 +08:00
|
|
|
for (testnum = 0; testnum < RSA_NUM; testnum++) {
|
|
|
|
int st = 0;
|
|
|
|
if (!rsa_doit[testnum])
|
2015-01-22 11:40:55 +08:00
|
|
|
continue;
|
2016-02-18 18:56:53 +08:00
|
|
|
for (i = 0; i < loopargs_len; i++) {
|
2017-08-02 02:19:43 +08:00
|
|
|
if (primes > 2) {
|
|
|
|
/* we haven't set keys yet, generate multi-prime RSA keys */
|
|
|
|
BIGNUM *bn = BN_new();
|
|
|
|
|
|
|
|
if (bn == NULL)
|
|
|
|
goto end;
|
|
|
|
if (!BN_set_word(bn, RSA_F4)) {
|
|
|
|
BN_free(bn);
|
|
|
|
goto end;
|
|
|
|
}
|
|
|
|
|
|
|
|
BIO_printf(bio_err, "Generate multi-prime RSA key for %s\n",
|
|
|
|
rsa_choices[testnum].name);
|
|
|
|
|
|
|
|
loopargs[i].rsa_key[testnum] = RSA_new();
|
|
|
|
if (loopargs[i].rsa_key[testnum] == NULL) {
|
|
|
|
BN_free(bn);
|
|
|
|
goto end;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!RSA_generate_multi_prime_key(loopargs[i].rsa_key[testnum],
|
|
|
|
rsa_bits[testnum],
|
|
|
|
primes, bn, NULL)) {
|
|
|
|
BN_free(bn);
|
|
|
|
goto end;
|
|
|
|
}
|
|
|
|
BN_free(bn);
|
|
|
|
}
|
2016-02-18 18:56:53 +08:00
|
|
|
st = RSA_sign(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
|
2016-07-29 05:20:19 +08:00
|
|
|
&loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
|
2015-12-09 15:26:38 +08:00
|
|
|
if (st == 0)
|
|
|
|
break;
|
|
|
|
}
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
if (st == 0) {
|
2015-01-22 11:40:55 +08:00
|
|
|
BIO_printf(bio_err,
|
|
|
|
"RSA sign failure. No RSA sign will be done.\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
rsa_count = 1;
|
|
|
|
} else {
|
|
|
|
pkey_print_message("private", "rsa",
|
2016-10-04 14:20:49 +08:00
|
|
|
rsa_c[testnum][0], rsa_bits[testnum],
|
2017-12-02 17:05:35 +08:00
|
|
|
seconds.rsa);
|
2015-12-09 15:26:38 +08:00
|
|
|
/* RSA_blinding_on(rsa_key[testnum],NULL); */
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2015-12-09 15:26:38 +08:00
|
|
|
count = run_benchmark(async_jobs, RSA_sign_loop, loopargs);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
|
|
|
BIO_printf(bio_err,
|
|
|
|
mr ? "+R1:%ld:%d:%.2f\n"
|
2016-11-29 06:36:50 +08:00
|
|
|
: "%ld %u bits private RSA's in %.2fs\n",
|
2015-12-09 15:26:38 +08:00
|
|
|
count, rsa_bits[testnum], d);
|
2016-08-02 16:13:00 +08:00
|
|
|
rsa_results[testnum][0] = (double)count / d;
|
2015-01-22 11:40:55 +08:00
|
|
|
rsa_count = count;
|
|
|
|
}
|
1998-12-21 18:52:47 +08:00
|
|
|
|
2016-02-18 18:56:53 +08:00
|
|
|
for (i = 0; i < loopargs_len; i++) {
|
|
|
|
st = RSA_verify(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
|
2016-07-29 05:20:19 +08:00
|
|
|
loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
|
2015-12-09 15:26:38 +08:00
|
|
|
if (st <= 0)
|
|
|
|
break;
|
|
|
|
}
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
if (st <= 0) {
|
2015-01-22 11:40:55 +08:00
|
|
|
BIO_printf(bio_err,
|
|
|
|
"RSA verify failure. No RSA verify will be done.\n");
|
|
|
|
ERR_print_errors(bio_err);
|
2015-12-09 15:26:38 +08:00
|
|
|
rsa_doit[testnum] = 0;
|
2015-01-22 11:40:55 +08:00
|
|
|
} else {
|
|
|
|
pkey_print_message("public", "rsa",
|
2016-10-04 14:20:49 +08:00
|
|
|
rsa_c[testnum][1], rsa_bits[testnum],
|
2017-12-02 17:05:35 +08:00
|
|
|
seconds.rsa);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2015-12-09 15:26:38 +08:00
|
|
|
count = run_benchmark(async_jobs, RSA_verify_loop, loopargs);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
|
|
|
BIO_printf(bio_err,
|
|
|
|
mr ? "+R2:%ld:%d:%.2f\n"
|
2016-11-29 06:36:50 +08:00
|
|
|
: "%ld %u bits public RSA's in %.2fs\n",
|
2015-12-09 15:26:38 +08:00
|
|
|
count, rsa_bits[testnum], d);
|
2016-08-02 16:13:00 +08:00
|
|
|
rsa_results[testnum][1] = (double)count / d;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
1998-12-21 18:52:47 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
if (rsa_count <= 1) {
|
|
|
|
/* if longer than 10s, don't do any more */
|
2015-12-09 15:26:38 +08:00
|
|
|
for (testnum++; testnum < RSA_NUM; testnum++)
|
|
|
|
rsa_doit[testnum] = 0;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
2016-08-07 18:04:26 +08:00
|
|
|
#endif /* OPENSSL_NO_RSA */
|
1998-12-21 18:52:47 +08:00
|
|
|
|
2016-02-18 18:56:53 +08:00
|
|
|
for (i = 0; i < loopargs_len; i++)
|
2018-06-24 15:28:33 +08:00
|
|
|
if (RAND_bytes(loopargs[i].buf, 36) <= 0)
|
|
|
|
goto end;
|
2015-12-09 15:26:38 +08:00
|
|
|
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef OPENSSL_NO_DSA
|
2015-12-09 15:26:38 +08:00
|
|
|
for (testnum = 0; testnum < DSA_NUM; testnum++) {
|
|
|
|
int st = 0;
|
|
|
|
if (!dsa_doit[testnum])
|
2015-01-22 11:40:55 +08:00
|
|
|
continue;
|
|
|
|
|
2015-12-09 15:26:38 +08:00
|
|
|
/* DSA_generate_key(dsa_key[testnum]); */
|
|
|
|
/* DSA_sign_setup(dsa_key[testnum],NULL); */
|
2016-02-18 18:56:53 +08:00
|
|
|
for (i = 0; i < loopargs_len; i++) {
|
|
|
|
st = DSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
|
2016-07-29 05:20:19 +08:00
|
|
|
&loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
|
2015-12-09 15:26:38 +08:00
|
|
|
if (st == 0)
|
|
|
|
break;
|
|
|
|
}
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
if (st == 0) {
|
2015-01-22 11:40:55 +08:00
|
|
|
BIO_printf(bio_err,
|
|
|
|
"DSA sign failure. No DSA sign will be done.\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
rsa_count = 1;
|
|
|
|
} else {
|
|
|
|
pkey_print_message("sign", "dsa",
|
2016-10-04 14:20:49 +08:00
|
|
|
dsa_c[testnum][0], dsa_bits[testnum],
|
2017-12-02 17:05:35 +08:00
|
|
|
seconds.dsa);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2015-12-09 15:26:38 +08:00
|
|
|
count = run_benchmark(async_jobs, DSA_sign_loop, loopargs);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
|
|
|
BIO_printf(bio_err,
|
2016-11-29 06:36:50 +08:00
|
|
|
mr ? "+R3:%ld:%u:%.2f\n"
|
|
|
|
: "%ld %u bits DSA signs in %.2fs\n",
|
2015-12-09 15:26:38 +08:00
|
|
|
count, dsa_bits[testnum], d);
|
2016-08-02 16:22:27 +08:00
|
|
|
dsa_results[testnum][0] = (double)count / d;
|
2015-01-22 11:40:55 +08:00
|
|
|
rsa_count = count;
|
|
|
|
}
|
2002-08-09 16:43:04 +08:00
|
|
|
|
2016-02-18 18:56:53 +08:00
|
|
|
for (i = 0; i < loopargs_len; i++) {
|
|
|
|
st = DSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
|
2016-07-29 05:20:19 +08:00
|
|
|
loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
|
2015-12-09 15:26:38 +08:00
|
|
|
if (st <= 0)
|
|
|
|
break;
|
|
|
|
}
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
if (st <= 0) {
|
2015-01-22 11:40:55 +08:00
|
|
|
BIO_printf(bio_err,
|
|
|
|
"DSA verify failure. No DSA verify will be done.\n");
|
|
|
|
ERR_print_errors(bio_err);
|
2015-12-09 15:26:38 +08:00
|
|
|
dsa_doit[testnum] = 0;
|
2015-01-22 11:40:55 +08:00
|
|
|
} else {
|
|
|
|
pkey_print_message("verify", "dsa",
|
2016-10-04 14:20:49 +08:00
|
|
|
dsa_c[testnum][1], dsa_bits[testnum],
|
2017-12-02 17:05:35 +08:00
|
|
|
seconds.dsa);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2015-12-09 15:26:38 +08:00
|
|
|
count = run_benchmark(async_jobs, DSA_verify_loop, loopargs);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
|
|
|
BIO_printf(bio_err,
|
2016-11-29 06:36:50 +08:00
|
|
|
mr ? "+R4:%ld:%u:%.2f\n"
|
|
|
|
: "%ld %u bits DSA verify in %.2fs\n",
|
2015-12-09 15:26:38 +08:00
|
|
|
count, dsa_bits[testnum], d);
|
2016-08-02 16:22:27 +08:00
|
|
|
dsa_results[testnum][1] = (double)count / d;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2002-08-09 16:43:04 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
if (rsa_count <= 1) {
|
|
|
|
/* if longer than 10s, don't do any more */
|
2015-12-09 15:26:38 +08:00
|
|
|
for (testnum++; testnum < DSA_NUM; testnum++)
|
|
|
|
dsa_doit[testnum] = 0;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
2016-08-07 18:04:26 +08:00
|
|
|
#endif /* OPENSSL_NO_DSA */
|
2002-08-09 16:43:04 +08:00
|
|
|
|
2015-03-11 07:09:27 +08:00
|
|
|
#ifndef OPENSSL_NO_EC
|
2018-04-30 07:13:58 +08:00
|
|
|
for (testnum = 0; testnum < ECDSA_NUM; testnum++) {
|
2016-02-18 18:56:53 +08:00
|
|
|
int st = 1;
|
2015-01-22 11:40:55 +08:00
|
|
|
|
2015-12-09 15:26:38 +08:00
|
|
|
if (!ecdsa_doit[testnum])
|
2015-01-22 11:40:55 +08:00
|
|
|
continue; /* Ignore Curve */
|
2016-02-18 18:56:53 +08:00
|
|
|
for (i = 0; i < loopargs_len; i++) {
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs[i].ecdsa[testnum] =
|
2016-11-29 06:36:50 +08:00
|
|
|
EC_KEY_new_by_curve_name(test_curves[testnum].nid);
|
2016-02-18 18:56:53 +08:00
|
|
|
if (loopargs[i].ecdsa[testnum] == NULL) {
|
|
|
|
st = 0;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (st == 0) {
|
2015-01-22 11:40:55 +08:00
|
|
|
BIO_printf(bio_err, "ECDSA failure.\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
rsa_count = 1;
|
|
|
|
} else {
|
2016-02-18 18:56:53 +08:00
|
|
|
for (i = 0; i < loopargs_len; i++) {
|
|
|
|
EC_KEY_precompute_mult(loopargs[i].ecdsa[testnum], NULL);
|
|
|
|
/* Perform ECDSA signature test */
|
|
|
|
EC_KEY_generate_key(loopargs[i].ecdsa[testnum]);
|
|
|
|
st = ECDSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
|
2016-10-04 14:20:49 +08:00
|
|
|
&loopargs[i].siglen,
|
|
|
|
loopargs[i].ecdsa[testnum]);
|
2015-12-09 15:26:38 +08:00
|
|
|
if (st == 0)
|
|
|
|
break;
|
|
|
|
}
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
if (st == 0) {
|
2015-01-22 11:40:55 +08:00
|
|
|
BIO_printf(bio_err,
|
|
|
|
"ECDSA sign failure. No ECDSA sign will be done.\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
rsa_count = 1;
|
|
|
|
} else {
|
|
|
|
pkey_print_message("sign", "ecdsa",
|
2015-12-09 15:26:38 +08:00
|
|
|
ecdsa_c[testnum][0],
|
2016-11-29 06:36:50 +08:00
|
|
|
test_curves[testnum].bits, seconds.ecdsa);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2015-12-09 15:26:38 +08:00
|
|
|
count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
|
|
|
|
|
|
|
BIO_printf(bio_err,
|
2016-11-29 06:36:50 +08:00
|
|
|
mr ? "+R5:%ld:%u:%.2f\n" :
|
|
|
|
"%ld %u bits ECDSA signs in %.2fs \n",
|
|
|
|
count, test_curves[testnum].bits, d);
|
2016-08-02 16:38:45 +08:00
|
|
|
ecdsa_results[testnum][0] = (double)count / d;
|
2015-01-22 11:40:55 +08:00
|
|
|
rsa_count = count;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Perform ECDSA verification test */
|
2016-02-18 18:56:53 +08:00
|
|
|
for (i = 0; i < loopargs_len; i++) {
|
|
|
|
st = ECDSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
|
2016-10-04 14:20:49 +08:00
|
|
|
loopargs[i].siglen,
|
|
|
|
loopargs[i].ecdsa[testnum]);
|
2015-12-09 15:26:38 +08:00
|
|
|
if (st != 1)
|
|
|
|
break;
|
|
|
|
}
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
if (st != 1) {
|
2015-01-22 11:40:55 +08:00
|
|
|
BIO_printf(bio_err,
|
|
|
|
"ECDSA verify failure. No ECDSA verify will be done.\n");
|
|
|
|
ERR_print_errors(bio_err);
|
2015-12-09 15:26:38 +08:00
|
|
|
ecdsa_doit[testnum] = 0;
|
2015-01-22 11:40:55 +08:00
|
|
|
} else {
|
|
|
|
pkey_print_message("verify", "ecdsa",
|
2015-12-09 15:26:38 +08:00
|
|
|
ecdsa_c[testnum][1],
|
2016-11-29 06:36:50 +08:00
|
|
|
test_curves[testnum].bits, seconds.ecdsa);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
2015-12-09 15:26:38 +08:00
|
|
|
count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs);
|
2015-01-22 11:40:55 +08:00
|
|
|
d = Time_F(STOP);
|
|
|
|
BIO_printf(bio_err,
|
2016-11-29 06:36:50 +08:00
|
|
|
mr ? "+R6:%ld:%u:%.2f\n"
|
|
|
|
: "%ld %u bits ECDSA verify in %.2fs\n",
|
|
|
|
count, test_curves[testnum].bits, d);
|
2016-08-02 16:38:45 +08:00
|
|
|
ecdsa_results[testnum][1] = (double)count / d;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
if (rsa_count <= 1) {
|
|
|
|
/* if longer than 10s, don't do any more */
|
2018-10-10 00:37:10 +08:00
|
|
|
for (testnum++; testnum < ECDSA_NUM; testnum++)
|
2015-12-09 15:26:38 +08:00
|
|
|
ecdsa_doit[testnum] = 0;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
|
2015-12-09 15:26:38 +08:00
|
|
|
for (testnum = 0; testnum < EC_NUM; testnum++) {
|
2016-07-20 05:54:21 +08:00
|
|
|
int ecdh_checks = 1;
|
|
|
|
|
2015-12-09 15:26:38 +08:00
|
|
|
if (!ecdh_doit[testnum])
|
2015-01-22 11:40:55 +08:00
|
|
|
continue;
|
2016-10-04 01:28:32 +08:00
|
|
|
|
2016-02-18 18:56:53 +08:00
|
|
|
for (i = 0; i < loopargs_len; i++) {
|
2016-10-04 20:50:11 +08:00
|
|
|
EVP_PKEY_CTX *kctx = NULL;
|
2016-10-04 21:40:47 +08:00
|
|
|
EVP_PKEY_CTX *test_ctx = NULL;
|
2016-10-04 20:50:11 +08:00
|
|
|
EVP_PKEY_CTX *ctx = NULL;
|
|
|
|
EVP_PKEY *key_A = NULL;
|
|
|
|
EVP_PKEY *key_B = NULL;
|
2016-10-04 14:17:11 +08:00
|
|
|
size_t outlen;
|
2016-10-04 21:40:47 +08:00
|
|
|
size_t test_outlen;
|
2016-10-04 01:28:32 +08:00
|
|
|
|
2016-10-07 22:23:17 +08:00
|
|
|
/* Ensure that the error queue is empty */
|
|
|
|
if (ERR_peek_error()) {
|
|
|
|
BIO_printf(bio_err,
|
|
|
|
"WARNING: the error queue contains previous unhandled errors.\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
}
|
|
|
|
|
2016-10-07 21:24:22 +08:00
|
|
|
/* Let's try to create a ctx directly from the NID: this works for
|
|
|
|
* curves like Curve25519 that are not implemented through the low
|
|
|
|
* level EC interface.
|
|
|
|
* If this fails we try creating a EVP_PKEY_EC generic param ctx,
|
|
|
|
* then we set the curve by NID before deriving the actual keygen
|
|
|
|
* ctx for that specific curve. */
|
2016-11-29 06:36:50 +08:00
|
|
|
kctx = EVP_PKEY_CTX_new_id(test_curves[testnum].nid, NULL); /* keygen ctx from NID */
|
2016-10-07 21:24:22 +08:00
|
|
|
if (!kctx) {
|
2016-10-04 01:28:32 +08:00
|
|
|
EVP_PKEY_CTX *pctx = NULL;
|
|
|
|
EVP_PKEY *params = NULL;
|
|
|
|
|
2016-10-07 22:23:17 +08:00
|
|
|
/* If we reach this code EVP_PKEY_CTX_new_id() failed and a
|
|
|
|
* "int_ctx_new:unsupported algorithm" error was added to the
|
|
|
|
* error queue.
|
|
|
|
* We remove it from the error queue as we are handling it. */
|
|
|
|
unsigned long error = ERR_peek_error(); /* peek the latest error in the queue */
|
|
|
|
if (error == ERR_peek_last_error() && /* oldest and latest errors match */
|
|
|
|
/* check that the error origin matches */
|
|
|
|
ERR_GET_LIB(error) == ERR_LIB_EVP &&
|
|
|
|
ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM)
|
|
|
|
ERR_get_error(); /* pop error from queue */
|
|
|
|
if (ERR_peek_error()) {
|
|
|
|
BIO_printf(bio_err,
|
|
|
|
"Unhandled error in the error queue during ECDH init.\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
rsa_count = 1;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
2016-10-04 14:20:49 +08:00
|
|
|
if ( /* Create the context for parameter generation */
|
|
|
|
!(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) ||
|
|
|
|
/* Initialise the parameter generation */
|
|
|
|
!EVP_PKEY_paramgen_init(pctx) ||
|
|
|
|
/* Set the curve by NID */
|
|
|
|
!EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
|
|
|
|
test_curves
|
2016-11-29 06:36:50 +08:00
|
|
|
[testnum].nid) ||
|
2016-10-04 14:20:49 +08:00
|
|
|
/* Create the parameter object params */
|
2016-10-04 20:50:11 +08:00
|
|
|
!EVP_PKEY_paramgen(pctx, ¶ms)) {
|
2015-01-22 11:40:55 +08:00
|
|
|
ecdh_checks = 0;
|
2016-10-07 21:24:22 +08:00
|
|
|
BIO_printf(bio_err, "ECDH EC params init failure.\n");
|
2016-10-04 01:28:32 +08:00
|
|
|
ERR_print_errors(bio_err);
|
2016-02-18 18:56:53 +08:00
|
|
|
rsa_count = 1;
|
2016-10-04 01:28:32 +08:00
|
|
|
break;
|
2016-02-18 18:56:53 +08:00
|
|
|
}
|
2016-10-04 01:28:32 +08:00
|
|
|
/* Create the context for the key generation */
|
|
|
|
kctx = EVP_PKEY_CTX_new(params, NULL);
|
|
|
|
|
2016-10-04 14:20:49 +08:00
|
|
|
EVP_PKEY_free(params);
|
|
|
|
params = NULL;
|
|
|
|
EVP_PKEY_CTX_free(pctx);
|
|
|
|
pctx = NULL;
|
2016-05-03 10:24:48 +08:00
|
|
|
}
|
2017-06-13 01:24:02 +08:00
|
|
|
if (kctx == NULL || /* keygen ctx is not null */
|
2019-09-30 14:05:31 +08:00
|
|
|
EVP_PKEY_keygen_init(kctx) <= 0/* init keygen ctx */ ) {
|
2016-10-04 01:28:32 +08:00
|
|
|
ecdh_checks = 0;
|
|
|
|
BIO_printf(bio_err, "ECDH keygen failure.\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
rsa_count = 1;
|
|
|
|
break;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2016-10-04 01:28:32 +08:00
|
|
|
|
2019-09-30 14:05:31 +08:00
|
|
|
if (EVP_PKEY_keygen(kctx, &key_A) <= 0 || /* generate secret key A */
|
|
|
|
EVP_PKEY_keygen(kctx, &key_B) <= 0 || /* generate secret key B */
|
2016-10-04 14:20:49 +08:00
|
|
|
!(ctx = EVP_PKEY_CTX_new(key_A, NULL)) || /* derivation ctx from skeyA */
|
2019-09-30 14:05:31 +08:00
|
|
|
EVP_PKEY_derive_init(ctx) <= 0 || /* init derivation ctx */
|
|
|
|
EVP_PKEY_derive_set_peer(ctx, key_B) <= 0 || /* set peer pubkey in ctx */
|
|
|
|
EVP_PKEY_derive(ctx, NULL, &outlen) <= 0 || /* determine max length */
|
2016-10-04 21:40:47 +08:00
|
|
|
outlen == 0 || /* ensure outlen is a valid size */
|
2016-10-04 20:50:11 +08:00
|
|
|
outlen > MAX_ECDH_SIZE /* avoid buffer overflow */ ) {
|
2016-10-04 01:28:32 +08:00
|
|
|
ecdh_checks = 0;
|
|
|
|
BIO_printf(bio_err, "ECDH key generation failure.\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
rsa_count = 1;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
2016-10-04 21:40:47 +08:00
|
|
|
/* Here we perform a test run, comparing the output of a*B and b*A;
|
|
|
|
* we try this here and assume that further EVP_PKEY_derive calls
|
|
|
|
* never fail, so we can skip checks in the actually benchmarked
|
|
|
|
* code, for maximum performance. */
|
|
|
|
if (!(test_ctx = EVP_PKEY_CTX_new(key_B, NULL)) || /* test ctx from skeyB */
|
|
|
|
!EVP_PKEY_derive_init(test_ctx) || /* init derivation test_ctx */
|
|
|
|
!EVP_PKEY_derive_set_peer(test_ctx, key_A) || /* set peer pubkey in test_ctx */
|
|
|
|
!EVP_PKEY_derive(test_ctx, NULL, &test_outlen) || /* determine max length */
|
|
|
|
!EVP_PKEY_derive(ctx, loopargs[i].secret_a, &outlen) || /* compute a*B */
|
|
|
|
!EVP_PKEY_derive(test_ctx, loopargs[i].secret_b, &test_outlen) || /* compute b*A */
|
|
|
|
test_outlen != outlen /* compare output length */ ) {
|
|
|
|
ecdh_checks = 0;
|
|
|
|
BIO_printf(bio_err, "ECDH computation failure.\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
rsa_count = 1;
|
|
|
|
break;
|
|
|
|
}
|
2016-10-06 18:17:00 +08:00
|
|
|
|
|
|
|
/* Compare the computation results: CRYPTO_memcmp() returns 0 if equal */
|
|
|
|
if (CRYPTO_memcmp(loopargs[i].secret_a,
|
|
|
|
loopargs[i].secret_b, outlen)) {
|
|
|
|
ecdh_checks = 0;
|
2016-10-04 21:40:47 +08:00
|
|
|
BIO_printf(bio_err, "ECDH computations don't match.\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
rsa_count = 1;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
2016-10-04 01:28:32 +08:00
|
|
|
loopargs[i].ecdh_ctx[testnum] = ctx;
|
2016-10-04 14:17:11 +08:00
|
|
|
loopargs[i].outlen[testnum] = outlen;
|
2016-10-04 01:28:32 +08:00
|
|
|
|
2017-12-04 23:23:24 +08:00
|
|
|
EVP_PKEY_free(key_A);
|
|
|
|
EVP_PKEY_free(key_B);
|
2016-10-04 14:20:49 +08:00
|
|
|
EVP_PKEY_CTX_free(kctx);
|
|
|
|
kctx = NULL;
|
2016-10-04 21:40:47 +08:00
|
|
|
EVP_PKEY_CTX_free(test_ctx);
|
|
|
|
test_ctx = NULL;
|
2016-10-04 01:28:32 +08:00
|
|
|
}
|
|
|
|
if (ecdh_checks != 0) {
|
|
|
|
pkey_print_message("", "ecdh",
|
2016-10-04 14:20:49 +08:00
|
|
|
ecdh_c[testnum][0],
|
2016-11-29 06:36:50 +08:00
|
|
|
test_curves[testnum].bits, seconds.ecdh);
|
2016-10-04 01:28:32 +08:00
|
|
|
Time_F(START);
|
2016-10-04 14:20:49 +08:00
|
|
|
count =
|
|
|
|
run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs);
|
2016-10-04 01:28:32 +08:00
|
|
|
d = Time_F(STOP);
|
|
|
|
BIO_printf(bio_err,
|
2016-10-04 14:20:49 +08:00
|
|
|
mr ? "+R7:%ld:%d:%.2f\n" :
|
2016-11-29 06:36:50 +08:00
|
|
|
"%ld %u-bits ECDH ops in %.2fs\n", count,
|
|
|
|
test_curves[testnum].bits, d);
|
2016-08-02 16:41:30 +08:00
|
|
|
ecdh_results[testnum][0] = (double)count / d;
|
2016-10-04 01:28:32 +08:00
|
|
|
rsa_count = count;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2002-08-09 16:43:04 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
if (rsa_count <= 1) {
|
|
|
|
/* if longer than 10s, don't do any more */
|
2018-04-30 07:13:58 +08:00
|
|
|
for (testnum++; testnum < OSSL_NELEM(ecdh_doit); testnum++)
|
2015-12-09 15:26:38 +08:00
|
|
|
ecdh_doit[testnum] = 0;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
2018-09-07 14:39:19 +08:00
|
|
|
|
|
|
|
for (testnum = 0; testnum < EdDSA_NUM; testnum++) {
|
|
|
|
int st = 1;
|
|
|
|
EVP_PKEY *ed_pkey = NULL;
|
|
|
|
EVP_PKEY_CTX *ed_pctx = NULL;
|
|
|
|
|
|
|
|
if (!eddsa_doit[testnum])
|
|
|
|
continue; /* Ignore Curve */
|
|
|
|
for (i = 0; i < loopargs_len; i++) {
|
|
|
|
loopargs[i].eddsa_ctx[testnum] = EVP_MD_CTX_new();
|
|
|
|
if (loopargs[i].eddsa_ctx[testnum] == NULL) {
|
|
|
|
st = 0;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
if ((ed_pctx = EVP_PKEY_CTX_new_id(test_ed_curves[testnum].nid, NULL))
|
|
|
|
== NULL
|
2019-09-30 11:33:24 +08:00
|
|
|
|| EVP_PKEY_keygen_init(ed_pctx) <= 0
|
|
|
|
|| EVP_PKEY_keygen(ed_pctx, &ed_pkey) <= 0) {
|
2018-09-07 14:39:19 +08:00
|
|
|
st = 0;
|
|
|
|
EVP_PKEY_CTX_free(ed_pctx);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
EVP_PKEY_CTX_free(ed_pctx);
|
|
|
|
|
|
|
|
if (!EVP_DigestSignInit(loopargs[i].eddsa_ctx[testnum], NULL, NULL,
|
|
|
|
NULL, ed_pkey)) {
|
|
|
|
st = 0;
|
|
|
|
EVP_PKEY_free(ed_pkey);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
EVP_PKEY_free(ed_pkey);
|
|
|
|
}
|
|
|
|
if (st == 0) {
|
|
|
|
BIO_printf(bio_err, "EdDSA failure.\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
rsa_count = 1;
|
|
|
|
} else {
|
|
|
|
for (i = 0; i < loopargs_len; i++) {
|
|
|
|
/* Perform EdDSA signature test */
|
2018-09-10 23:03:14 +08:00
|
|
|
loopargs[i].sigsize = test_ed_curves[testnum].sigsize;
|
2018-09-07 14:39:19 +08:00
|
|
|
st = EVP_DigestSign(loopargs[i].eddsa_ctx[testnum],
|
2018-09-10 23:03:14 +08:00
|
|
|
loopargs[i].buf2, &loopargs[i].sigsize,
|
2018-09-07 14:39:19 +08:00
|
|
|
loopargs[i].buf, 20);
|
|
|
|
if (st == 0)
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
if (st == 0) {
|
|
|
|
BIO_printf(bio_err,
|
|
|
|
"EdDSA sign failure. No EdDSA sign will be done.\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
rsa_count = 1;
|
|
|
|
} else {
|
|
|
|
pkey_print_message("sign", test_ed_curves[testnum].name,
|
|
|
|
eddsa_c[testnum][0],
|
|
|
|
test_ed_curves[testnum].bits, seconds.eddsa);
|
|
|
|
Time_F(START);
|
|
|
|
count = run_benchmark(async_jobs, EdDSA_sign_loop, loopargs);
|
|
|
|
d = Time_F(STOP);
|
|
|
|
|
|
|
|
BIO_printf(bio_err,
|
|
|
|
mr ? "+R8:%ld:%u:%s:%.2f\n" :
|
|
|
|
"%ld %u bits %s signs in %.2fs \n",
|
|
|
|
count, test_ed_curves[testnum].bits,
|
|
|
|
test_ed_curves[testnum].name, d);
|
|
|
|
eddsa_results[testnum][0] = (double)count / d;
|
|
|
|
rsa_count = count;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Perform EdDSA verification test */
|
|
|
|
for (i = 0; i < loopargs_len; i++) {
|
|
|
|
st = EVP_DigestVerify(loopargs[i].eddsa_ctx[testnum],
|
2018-09-10 23:03:14 +08:00
|
|
|
loopargs[i].buf2, loopargs[i].sigsize,
|
2018-09-07 14:39:19 +08:00
|
|
|
loopargs[i].buf, 20);
|
|
|
|
if (st != 1)
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
if (st != 1) {
|
|
|
|
BIO_printf(bio_err,
|
|
|
|
"EdDSA verify failure. No EdDSA verify will be done.\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
eddsa_doit[testnum] = 0;
|
|
|
|
} else {
|
|
|
|
pkey_print_message("verify", test_ed_curves[testnum].name,
|
|
|
|
eddsa_c[testnum][1],
|
|
|
|
test_ed_curves[testnum].bits, seconds.eddsa);
|
|
|
|
Time_F(START);
|
|
|
|
count = run_benchmark(async_jobs, EdDSA_verify_loop, loopargs);
|
|
|
|
d = Time_F(STOP);
|
|
|
|
BIO_printf(bio_err,
|
|
|
|
mr ? "+R9:%ld:%u:%s:%.2f\n"
|
|
|
|
: "%ld %u bits %s verify in %.2fs\n",
|
|
|
|
count, test_ed_curves[testnum].bits,
|
|
|
|
test_ed_curves[testnum].name, d);
|
|
|
|
eddsa_results[testnum][1] = (double)count / d;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (rsa_count <= 1) {
|
|
|
|
/* if longer than 10s, don't do any more */
|
|
|
|
for (testnum++; testnum < EdDSA_NUM; testnum++)
|
|
|
|
eddsa_doit[testnum] = 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-09-29 22:25:10 +08:00
|
|
|
# ifndef OPENSSL_NO_SM2
|
|
|
|
for (testnum = 0; testnum < SM2_NUM; testnum++) {
|
|
|
|
int st = 1;
|
|
|
|
EVP_PKEY *sm2_pkey = NULL;
|
|
|
|
EVP_PKEY_CTX *pctx = NULL;
|
|
|
|
EVP_PKEY_CTX *sm2_pctx = NULL;
|
|
|
|
EVP_PKEY_CTX *sm2_vfy_pctx = NULL;
|
|
|
|
size_t sm2_sigsize = 0;
|
|
|
|
|
|
|
|
if (!sm2_doit[testnum])
|
|
|
|
continue; /* Ignore Curve */
|
|
|
|
/* Init signing and verification */
|
|
|
|
for (i = 0; i < loopargs_len; i++) {
|
|
|
|
loopargs[i].sm2_ctx[testnum] = EVP_MD_CTX_new();
|
|
|
|
if (loopargs[i].sm2_ctx[testnum] == NULL) {
|
|
|
|
st = 0;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
loopargs[i].sm2_vfy_ctx[testnum] = EVP_MD_CTX_new();
|
|
|
|
if (loopargs[i].sm2_vfy_ctx[testnum] == NULL) {
|
|
|
|
st = 0;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* SM2 keys are generated as normal EC keys with a special curve */
|
|
|
|
if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) == NULL
|
|
|
|
|| EVP_PKEY_keygen_init(pctx) <= 0
|
|
|
|
|| EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
|
|
|
|
test_sm2_curves[testnum].nid) <= 0
|
|
|
|
|| EVP_PKEY_keygen(pctx, &sm2_pkey) <= 0) {
|
|
|
|
st = 0;
|
|
|
|
EVP_PKEY_CTX_free(pctx);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
/* free previous one and alloc a new one */
|
|
|
|
EVP_PKEY_CTX_free(pctx);
|
|
|
|
|
|
|
|
loopargs[i].sigsize = sm2_sigsize
|
|
|
|
= ECDSA_size(EVP_PKEY_get0_EC_KEY(sm2_pkey));
|
|
|
|
|
|
|
|
if (!EVP_PKEY_set_alias_type(sm2_pkey, EVP_PKEY_SM2)) {
|
|
|
|
st = 0;
|
|
|
|
EVP_PKEY_free(sm2_pkey);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
sm2_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
|
|
|
|
if (sm2_pctx == NULL) {
|
|
|
|
st = 0;
|
|
|
|
EVP_PKEY_free(sm2_pkey);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
sm2_vfy_pctx = EVP_PKEY_CTX_new(sm2_pkey, NULL);
|
|
|
|
if (sm2_vfy_pctx == NULL) {
|
|
|
|
st = 0;
|
|
|
|
EVP_PKEY_CTX_free(sm2_pctx);
|
|
|
|
EVP_PKEY_free(sm2_pkey);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
/*
|
|
|
|
* No need to allow user to set an explicit ID here, just use
|
|
|
|
* the one defined in the 'draft-yang-tls-tl13-sm-suites' I-D.
|
|
|
|
*/
|
|
|
|
if (EVP_PKEY_CTX_set1_id(sm2_pctx, SM2_ID, SM2_ID_LEN) != 1) {
|
|
|
|
st = 0;
|
|
|
|
EVP_PKEY_CTX_free(sm2_pctx);
|
|
|
|
EVP_PKEY_CTX_free(sm2_vfy_pctx);
|
|
|
|
EVP_PKEY_free(sm2_pkey);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (EVP_PKEY_CTX_set1_id(sm2_vfy_pctx, SM2_ID, SM2_ID_LEN) != 1) {
|
|
|
|
st = 0;
|
|
|
|
EVP_PKEY_CTX_free(sm2_pctx);
|
|
|
|
EVP_PKEY_CTX_free(sm2_vfy_pctx);
|
|
|
|
EVP_PKEY_free(sm2_pkey);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_ctx[testnum], sm2_pctx);
|
|
|
|
EVP_MD_CTX_set_pkey_ctx(loopargs[i].sm2_vfy_ctx[testnum], sm2_vfy_pctx);
|
|
|
|
|
|
|
|
if (!EVP_DigestSignInit(loopargs[i].sm2_ctx[testnum], NULL,
|
|
|
|
EVP_sm3(), NULL, sm2_pkey)) {
|
|
|
|
st = 0;
|
|
|
|
EVP_PKEY_free(sm2_pkey);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
if (!EVP_DigestVerifyInit(loopargs[i].sm2_vfy_ctx[testnum], NULL,
|
|
|
|
EVP_sm3(), NULL, sm2_pkey)) {
|
|
|
|
st = 0;
|
|
|
|
EVP_PKEY_free(sm2_pkey);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
loopargs[i].sm2_pkey[testnum] = sm2_pkey;
|
|
|
|
}
|
|
|
|
if (st == 0) {
|
|
|
|
BIO_printf(bio_err, "SM2 failure.\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
rsa_count = 1;
|
|
|
|
} else {
|
|
|
|
for (i = 0; i < loopargs_len; i++) {
|
|
|
|
sm2_sigsize = loopargs[i].sigsize;
|
|
|
|
/* Perform SM2 signature test */
|
|
|
|
st = EVP_DigestSign(loopargs[i].sm2_ctx[testnum],
|
|
|
|
loopargs[i].buf2, &sm2_sigsize,
|
|
|
|
loopargs[i].buf, 20);
|
|
|
|
if (st == 0)
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
if (st == 0) {
|
|
|
|
BIO_printf(bio_err,
|
|
|
|
"SM2 sign failure. No SM2 sign will be done.\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
rsa_count = 1;
|
|
|
|
} else {
|
|
|
|
pkey_print_message("sign", test_sm2_curves[testnum].name,
|
|
|
|
sm2_c[testnum][0],
|
|
|
|
test_sm2_curves[testnum].bits, seconds.sm2);
|
|
|
|
Time_F(START);
|
|
|
|
count = run_benchmark(async_jobs, SM2_sign_loop, loopargs);
|
|
|
|
d = Time_F(STOP);
|
|
|
|
|
|
|
|
BIO_printf(bio_err,
|
|
|
|
mr ? "+R8:%ld:%u:%s:%.2f\n" :
|
|
|
|
"%ld %u bits %s signs in %.2fs \n",
|
|
|
|
count, test_sm2_curves[testnum].bits,
|
|
|
|
test_sm2_curves[testnum].name, d);
|
|
|
|
sm2_results[testnum][0] = (double)count / d;
|
|
|
|
rsa_count = count;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Perform SM2 verification test */
|
|
|
|
for (i = 0; i < loopargs_len; i++) {
|
|
|
|
st = EVP_DigestVerify(loopargs[i].sm2_vfy_ctx[testnum],
|
|
|
|
loopargs[i].buf2, loopargs[i].sigsize,
|
|
|
|
loopargs[i].buf, 20);
|
|
|
|
if (st != 1)
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
if (st != 1) {
|
|
|
|
BIO_printf(bio_err,
|
|
|
|
"SM2 verify failure. No SM2 verify will be done.\n");
|
|
|
|
ERR_print_errors(bio_err);
|
|
|
|
sm2_doit[testnum] = 0;
|
|
|
|
} else {
|
|
|
|
pkey_print_message("verify", test_sm2_curves[testnum].name,
|
|
|
|
sm2_c[testnum][1],
|
|
|
|
test_sm2_curves[testnum].bits, seconds.sm2);
|
|
|
|
Time_F(START);
|
|
|
|
count = run_benchmark(async_jobs, SM2_verify_loop, loopargs);
|
|
|
|
d = Time_F(STOP);
|
|
|
|
BIO_printf(bio_err,
|
|
|
|
mr ? "+R9:%ld:%u:%s:%.2f\n"
|
|
|
|
: "%ld %u bits %s verify in %.2fs\n",
|
|
|
|
count, test_sm2_curves[testnum].bits,
|
|
|
|
test_sm2_curves[testnum].name, d);
|
|
|
|
sm2_results[testnum][1] = (double)count / d;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (rsa_count <= 1) {
|
|
|
|
/* if longer than 10s, don't do any more */
|
|
|
|
for (testnum++; testnum < SM2_NUM; testnum++)
|
|
|
|
sm2_doit[testnum] = 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
# endif /* OPENSSL_NO_SM2 */
|
|
|
|
|
2016-08-07 18:04:26 +08:00
|
|
|
#endif /* OPENSSL_NO_EC */
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef NO_FORK
|
2015-01-22 11:40:55 +08:00
|
|
|
show_res:
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2015-01-22 11:40:55 +08:00
|
|
|
if (!mr) {
|
Switch to MAJOR.MINOR.PATCH versioning and version 3.0.0-dev
We're strictly use version numbers of the form MAJOR.MINOR.PATCH.
Letter releases are things of days past.
The most central change is that we now express the version number with
three macros, one for each part of the version number:
OPENSSL_VERSION_MAJOR
OPENSSL_VERSION_MINOR
OPENSSL_VERSION_PATCH
We also provide two additional macros to express pre-release and build
metadata information (also specified in semantic versioning):
OPENSSL_VERSION_PRE_RELEASE
OPENSSL_VERSION_BUILD_METADATA
To get the library's idea of all those values, we introduce the
following functions:
unsigned int OPENSSL_version_major(void);
unsigned int OPENSSL_version_minor(void);
unsigned int OPENSSL_version_patch(void);
const char *OPENSSL_version_pre_release(void);
const char *OPENSSL_version_build_metadata(void);
Additionally, for shared library versioning (which is out of scope in
semantic versioning, but that we still need):
OPENSSL_SHLIB_VERSION
We also provide a macro that contains the release date. This is not
part of the version number, but is extra information that we want to
be able to display:
OPENSSL_RELEASE_DATE
Finally, also provide the following convenience functions:
const char *OPENSSL_version_text(void);
const char *OPENSSL_version_text_full(void);
The following macros and functions are deprecated, and while currently
existing for backward compatibility, they are expected to disappear:
OPENSSL_VERSION_NUMBER
OPENSSL_VERSION_TEXT
OPENSSL_VERSION
OpenSSL_version_num()
OpenSSL_version()
Also, this function is introduced to replace OpenSSL_version() for all
indexes except for OPENSSL_VERSION:
OPENSSL_info()
For configuration, the option 'newversion-only' is added to disable all
the macros and functions that are mentioned as deprecated above.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7724)
2018-09-27 21:56:35 +08:00
|
|
|
printf("version: %s\n", OpenSSL_version(OPENSSL_FULL_VERSION_STRING));
|
|
|
|
printf("built on: %s\n", OpenSSL_version(OPENSSL_BUILT_ON));
|
2015-01-22 11:40:55 +08:00
|
|
|
printf("options:");
|
|
|
|
printf("%s ", BN_options());
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef OPENSSL_NO_MD2
|
2015-01-22 11:40:55 +08:00
|
|
|
printf("%s ", MD2_options());
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_RC4
|
2015-01-22 11:40:55 +08:00
|
|
|
printf("%s ", RC4_options());
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_DES
|
2015-01-22 11:40:55 +08:00
|
|
|
printf("%s ", DES_options());
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2015-01-22 11:40:55 +08:00
|
|
|
printf("%s ", AES_options());
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef OPENSSL_NO_IDEA
|
2016-04-18 19:43:54 +08:00
|
|
|
printf("%s ", IDEA_options());
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_BF
|
2015-01-22 11:40:55 +08:00
|
|
|
printf("%s ", BF_options());
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2015-10-28 03:11:48 +08:00
|
|
|
printf("\n%s\n", OpenSSL_version(OPENSSL_CFLAGS));
|
2019-08-22 20:28:23 +08:00
|
|
|
printf("%s\n", OpenSSL_version(OPENSSL_CPU_INFO));
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2002-08-09 16:43:04 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
if (pr_header) {
|
|
|
|
if (mr)
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
printf("+H");
|
2015-01-22 11:40:55 +08:00
|
|
|
else {
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
printf
|
|
|
|
("The 'numbers' are in 1000s of bytes per second processed.\n");
|
|
|
|
printf("type ");
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num; testnum++)
|
2015-12-09 15:26:38 +08:00
|
|
|
printf(mr ? ":%d" : "%7d bytes", lengths[testnum]);
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
printf("\n");
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2002-08-09 16:43:04 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
for (k = 0; k < ALGOR_NUM; k++) {
|
|
|
|
if (!doit[k])
|
|
|
|
continue;
|
|
|
|
if (mr)
|
2018-04-30 07:13:58 +08:00
|
|
|
printf("+F:%u:%s", k, names[k]);
|
2015-01-22 11:40:55 +08:00
|
|
|
else
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
printf("%-13s", names[k]);
|
2017-12-02 17:05:35 +08:00
|
|
|
for (testnum = 0; testnum < size_num; testnum++) {
|
2015-12-09 15:26:38 +08:00
|
|
|
if (results[k][testnum] > 10000 && !mr)
|
|
|
|
printf(" %11.2fk", results[k][testnum] / 1e3);
|
2015-01-22 11:40:55 +08:00
|
|
|
else
|
2015-12-09 15:26:38 +08:00
|
|
|
printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
printf("\n");
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef OPENSSL_NO_RSA
|
2015-12-09 15:26:38 +08:00
|
|
|
testnum = 1;
|
2015-01-22 11:40:55 +08:00
|
|
|
for (k = 0; k < RSA_NUM; k++) {
|
|
|
|
if (!rsa_doit[k])
|
|
|
|
continue;
|
2015-12-09 15:26:38 +08:00
|
|
|
if (testnum && !mr) {
|
2015-01-22 11:40:55 +08:00
|
|
|
printf("%18ssign verify sign/s verify/s\n", " ");
|
2015-12-09 15:26:38 +08:00
|
|
|
testnum = 0;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
if (mr)
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
printf("+F2:%u:%u:%f:%f\n",
|
|
|
|
k, rsa_bits[k], rsa_results[k][0], rsa_results[k][1]);
|
2015-01-22 11:40:55 +08:00
|
|
|
else
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
|
2016-08-02 16:13:00 +08:00
|
|
|
rsa_bits[k], 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1],
|
|
|
|
rsa_results[k][0], rsa_results[k][1]);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_DSA
|
2015-12-09 15:26:38 +08:00
|
|
|
testnum = 1;
|
2015-01-22 11:40:55 +08:00
|
|
|
for (k = 0; k < DSA_NUM; k++) {
|
|
|
|
if (!dsa_doit[k])
|
|
|
|
continue;
|
2015-12-09 15:26:38 +08:00
|
|
|
if (testnum && !mr) {
|
2015-01-22 11:40:55 +08:00
|
|
|
printf("%18ssign verify sign/s verify/s\n", " ");
|
2015-12-09 15:26:38 +08:00
|
|
|
testnum = 0;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
if (mr)
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
printf("+F3:%u:%u:%f:%f\n",
|
|
|
|
k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
|
2015-01-22 11:40:55 +08:00
|
|
|
else
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
|
2016-08-02 16:22:27 +08:00
|
|
|
dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1],
|
|
|
|
dsa_results[k][0], dsa_results[k][1]);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2015-03-11 07:09:27 +08:00
|
|
|
#ifndef OPENSSL_NO_EC
|
2015-12-09 15:26:38 +08:00
|
|
|
testnum = 1;
|
2018-04-30 07:13:58 +08:00
|
|
|
for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) {
|
2015-01-22 11:40:55 +08:00
|
|
|
if (!ecdsa_doit[k])
|
|
|
|
continue;
|
2015-12-09 15:26:38 +08:00
|
|
|
if (testnum && !mr) {
|
2015-01-22 11:40:55 +08:00
|
|
|
printf("%30ssign verify sign/s verify/s\n", " ");
|
2015-12-09 15:26:38 +08:00
|
|
|
testnum = 0;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
if (mr)
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
printf("+F4:%u:%u:%f:%f\n",
|
2016-11-29 06:36:50 +08:00
|
|
|
k, test_curves[k].bits,
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
ecdsa_results[k][0], ecdsa_results[k][1]);
|
2015-01-22 11:40:55 +08:00
|
|
|
else
|
2016-11-29 06:36:50 +08:00
|
|
|
printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
|
|
|
|
test_curves[k].bits, test_curves[k].name,
|
2016-08-02 16:38:45 +08:00
|
|
|
1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1],
|
|
|
|
ecdsa_results[k][0], ecdsa_results[k][1]);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
|
2015-12-09 15:26:38 +08:00
|
|
|
testnum = 1;
|
2015-01-22 11:40:55 +08:00
|
|
|
for (k = 0; k < EC_NUM; k++) {
|
|
|
|
if (!ecdh_doit[k])
|
|
|
|
continue;
|
2015-12-09 15:26:38 +08:00
|
|
|
if (testnum && !mr) {
|
2015-01-22 11:40:55 +08:00
|
|
|
printf("%30sop op/s\n", " ");
|
2015-12-09 15:26:38 +08:00
|
|
|
testnum = 0;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
if (mr)
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
printf("+F5:%u:%u:%f:%f\n",
|
2016-11-29 06:36:50 +08:00
|
|
|
k, test_curves[k].bits,
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
|
2015-01-22 11:40:55 +08:00
|
|
|
|
|
|
|
else
|
2016-11-29 06:36:50 +08:00
|
|
|
printf("%4u bits ecdh (%s) %8.4fs %8.1f\n",
|
|
|
|
test_curves[k].bits, test_curves[k].name,
|
2016-08-02 16:41:30 +08:00
|
|
|
1.0 / ecdh_results[k][0], ecdh_results[k][0]);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2018-09-07 14:39:19 +08:00
|
|
|
|
|
|
|
testnum = 1;
|
|
|
|
for (k = 0; k < OSSL_NELEM(eddsa_doit); k++) {
|
|
|
|
if (!eddsa_doit[k])
|
|
|
|
continue;
|
|
|
|
if (testnum && !mr) {
|
|
|
|
printf("%30ssign verify sign/s verify/s\n", " ");
|
|
|
|
testnum = 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (mr)
|
|
|
|
printf("+F6:%u:%u:%s:%f:%f\n",
|
|
|
|
k, test_ed_curves[k].bits, test_ed_curves[k].name,
|
|
|
|
eddsa_results[k][0], eddsa_results[k][1]);
|
|
|
|
else
|
|
|
|
printf("%4u bits EdDSA (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
|
|
|
|
test_ed_curves[k].bits, test_ed_curves[k].name,
|
|
|
|
1.0 / eddsa_results[k][0], 1.0 / eddsa_results[k][1],
|
|
|
|
eddsa_results[k][0], eddsa_results[k][1]);
|
|
|
|
}
|
2019-09-29 22:25:10 +08:00
|
|
|
|
|
|
|
# ifndef OPENSSL_NO_SM2
|
|
|
|
testnum = 1;
|
|
|
|
for (k = 0; k < OSSL_NELEM(sm2_doit); k++) {
|
|
|
|
if (!sm2_doit[k])
|
|
|
|
continue;
|
|
|
|
if (testnum && !mr) {
|
|
|
|
printf("%30ssign verify sign/s verify/s\n", " ");
|
|
|
|
testnum = 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (mr)
|
|
|
|
printf("+F6:%u:%u:%s:%f:%f\n",
|
|
|
|
k, test_sm2_curves[k].bits, test_sm2_curves[k].name,
|
|
|
|
sm2_results[k][0], sm2_results[k][1]);
|
|
|
|
else
|
|
|
|
printf("%4u bits SM2 (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
|
|
|
|
test_sm2_curves[k].bits, test_sm2_curves[k].name,
|
|
|
|
1.0 / sm2_results[k][0], 1.0 / sm2_results[k][1],
|
|
|
|
sm2_results[k][0], sm2_results[k][1]);
|
|
|
|
}
|
|
|
|
# endif
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2015-01-22 11:40:55 +08:00
|
|
|
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
ret = 0;
|
2015-01-22 11:40:55 +08:00
|
|
|
|
|
|
|
end:
|
|
|
|
ERR_print_errors(bio_err);
|
2016-02-18 18:56:53 +08:00
|
|
|
for (i = 0; i < loopargs_len; i++) {
|
2016-02-27 14:14:49 +08:00
|
|
|
OPENSSL_free(loopargs[i].buf_malloc);
|
|
|
|
OPENSSL_free(loopargs[i].buf2_malloc);
|
2016-07-29 19:22:42 +08:00
|
|
|
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef OPENSSL_NO_RSA
|
2016-02-18 18:56:53 +08:00
|
|
|
for (k = 0; k < RSA_NUM; k++)
|
|
|
|
RSA_free(loopargs[i].rsa_key[k]);
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
|
|
|
#ifndef OPENSSL_NO_DSA
|
2016-02-18 18:56:53 +08:00
|
|
|
for (k = 0; k < DSA_NUM; k++)
|
|
|
|
DSA_free(loopargs[i].dsa_key[k]);
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2015-03-11 07:09:27 +08:00
|
|
|
#ifndef OPENSSL_NO_EC
|
2018-04-30 07:13:58 +08:00
|
|
|
for (k = 0; k < ECDSA_NUM; k++)
|
2016-02-18 18:56:53 +08:00
|
|
|
EC_KEY_free(loopargs[i].ecdsa[k]);
|
2018-04-30 07:13:58 +08:00
|
|
|
for (k = 0; k < EC_NUM; k++)
|
2016-10-04 01:28:32 +08:00
|
|
|
EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]);
|
2018-09-07 14:39:19 +08:00
|
|
|
for (k = 0; k < EdDSA_NUM; k++)
|
|
|
|
EVP_MD_CTX_free(loopargs[i].eddsa_ctx[k]);
|
2019-09-29 22:25:10 +08:00
|
|
|
# ifndef OPENSSL_NO_SM2
|
|
|
|
for (k = 0; k < SM2_NUM; k++) {
|
|
|
|
EVP_PKEY_CTX *pctx = NULL;
|
|
|
|
|
|
|
|
/* free signing ctx */
|
|
|
|
if (loopargs[i].sm2_ctx[k] != NULL
|
|
|
|
&& (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_ctx[k])) != NULL)
|
|
|
|
EVP_PKEY_CTX_free(pctx);
|
|
|
|
EVP_MD_CTX_free(loopargs[i].sm2_ctx[k]);
|
|
|
|
/* free verification ctx */
|
|
|
|
if (loopargs[i].sm2_vfy_ctx[k] != NULL
|
|
|
|
&& (pctx = EVP_MD_CTX_pkey_ctx(loopargs[i].sm2_vfy_ctx[k])) != NULL)
|
|
|
|
EVP_PKEY_CTX_free(pctx);
|
|
|
|
EVP_MD_CTX_free(loopargs[i].sm2_vfy_ctx[k]);
|
|
|
|
/* free pkey */
|
|
|
|
EVP_PKEY_free(loopargs[i].sm2_pkey[k]);
|
|
|
|
}
|
|
|
|
# endif
|
2016-02-27 14:14:49 +08:00
|
|
|
OPENSSL_free(loopargs[i].secret_a);
|
|
|
|
OPENSSL_free(loopargs[i].secret_b);
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2016-07-29 19:22:42 +08:00
|
|
|
}
|
2018-08-14 12:04:47 +08:00
|
|
|
OPENSSL_free(evp_hmac_name);
|
2019-04-11 04:44:41 +08:00
|
|
|
#ifndef OPENSSL_NO_CMAC
|
|
|
|
OPENSSL_free(evp_cmac_name);
|
|
|
|
#endif
|
2016-07-29 19:22:42 +08:00
|
|
|
|
2016-02-29 19:28:55 +08:00
|
|
|
if (async_jobs > 0) {
|
|
|
|
for (i = 0; i < loopargs_len; i++)
|
|
|
|
ASYNC_WAIT_CTX_free(loopargs[i].wait_ctx);
|
2016-05-17 23:40:14 +08:00
|
|
|
}
|
2016-02-29 19:28:55 +08:00
|
|
|
|
2016-05-17 23:40:14 +08:00
|
|
|
if (async_init) {
|
2015-12-09 15:26:38 +08:00
|
|
|
ASYNC_cleanup_thread();
|
2016-02-29 19:28:55 +08:00
|
|
|
}
|
|
|
|
OPENSSL_free(loopargs);
|
2016-09-29 05:39:18 +08:00
|
|
|
release_engine(e);
|
2017-10-17 22:04:09 +08:00
|
|
|
return ret;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
1998-12-21 18:52:47 +08:00
|
|
|
|
2017-12-02 17:05:35 +08:00
|
|
|
static void print_message(const char *s, long num, int length, int tm)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifdef SIGALRM
|
2015-01-22 11:40:55 +08:00
|
|
|
BIO_printf(bio_err,
|
|
|
|
mr ? "+DT:%s:%d:%d\n"
|
2017-12-02 17:05:35 +08:00
|
|
|
: "Doing %s for %ds on %d size blocks: ", s, tm, length);
|
2015-01-22 11:40:55 +08:00
|
|
|
(void)BIO_flush(bio_err);
|
2017-12-02 17:05:35 +08:00
|
|
|
alarm(tm);
|
2015-01-27 23:06:22 +08:00
|
|
|
#else
|
2015-01-22 11:40:55 +08:00
|
|
|
BIO_printf(bio_err,
|
|
|
|
mr ? "+DN:%s:%ld:%d\n"
|
|
|
|
: "Doing %s %ld times on %d size blocks: ", s, num, length);
|
|
|
|
(void)BIO_flush(bio_err);
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
1998-12-21 18:52:47 +08:00
|
|
|
|
2005-03-21 07:12:13 +08:00
|
|
|
static void pkey_print_message(const char *str, const char *str2, long num,
|
2016-11-29 06:36:50 +08:00
|
|
|
unsigned int bits, int tm)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifdef SIGALRM
|
2015-01-22 11:40:55 +08:00
|
|
|
BIO_printf(bio_err,
|
|
|
|
mr ? "+DTP:%d:%s:%s:%d\n"
|
2016-11-29 06:36:50 +08:00
|
|
|
: "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm);
|
2015-01-22 11:40:55 +08:00
|
|
|
(void)BIO_flush(bio_err);
|
|
|
|
alarm(tm);
|
2015-01-27 23:06:22 +08:00
|
|
|
#else
|
2015-01-22 11:40:55 +08:00
|
|
|
BIO_printf(bio_err,
|
|
|
|
mr ? "+DNP:%ld:%d:%s:%s\n"
|
2016-11-29 06:36:50 +08:00
|
|
|
: "Doing %ld %u bits %s %s's: ", num, bits, str, str2);
|
2015-01-22 11:40:55 +08:00
|
|
|
(void)BIO_flush(bio_err);
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
1998-12-21 18:56:39 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
static void print_result(int alg, int run_no, int count, double time_used)
|
|
|
|
{
|
2016-06-18 22:46:13 +08:00
|
|
|
if (count == -1) {
|
|
|
|
BIO_puts(bio_err, "EVP error!\n");
|
|
|
|
exit(1);
|
|
|
|
}
|
2015-01-22 11:40:55 +08:00
|
|
|
BIO_printf(bio_err,
|
|
|
|
mr ? "+R:%d:%s:%f\n"
|
|
|
|
: "%d %s's in %.2fs\n", count, names[alg], time_used);
|
|
|
|
results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
|
|
|
|
}
|
2001-10-25 22:27:17 +08:00
|
|
|
|
2015-01-27 23:06:22 +08:00
|
|
|
#ifndef NO_FORK
|
2001-10-25 22:27:17 +08:00
|
|
|
static char *sstrsep(char **string, const char *delim)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
2001-10-25 22:27:17 +08:00
|
|
|
char isdelim[256];
|
|
|
|
char *token = *string;
|
|
|
|
|
|
|
|
if (**string == 0)
|
|
|
|
return NULL;
|
|
|
|
|
2017-12-08 02:39:34 +08:00
|
|
|
memset(isdelim, 0, sizeof(isdelim));
|
2001-10-25 22:27:17 +08:00
|
|
|
isdelim[0] = 1;
|
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
while (*delim) {
|
2001-10-25 22:27:17 +08:00
|
|
|
isdelim[(unsigned char)(*delim)] = 1;
|
|
|
|
delim++;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2001-10-25 22:27:17 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
while (!isdelim[(unsigned char)(**string)]) {
|
2001-10-25 22:27:17 +08:00
|
|
|
(*string)++;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2001-10-25 22:27:17 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
if (**string) {
|
2001-10-25 22:27:17 +08:00
|
|
|
**string = 0;
|
|
|
|
(*string)++;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2001-10-25 22:27:17 +08:00
|
|
|
|
|
|
|
return token;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2001-10-25 22:27:17 +08:00
|
|
|
|
2017-12-02 17:05:35 +08:00
|
|
|
static int do_multi(int multi, int size_num)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
|
|
|
int n;
|
|
|
|
int fd[2];
|
|
|
|
int *fds;
|
|
|
|
static char sep[] = ":";
|
|
|
|
|
2018-05-21 22:28:16 +08:00
|
|
|
fds = app_malloc(sizeof(*fds) * multi, "fd buffer for do_multi");
|
2015-01-22 11:40:55 +08:00
|
|
|
for (n = 0; n < multi; ++n) {
|
|
|
|
if (pipe(fd) == -1) {
|
2015-06-05 02:26:55 +08:00
|
|
|
BIO_printf(bio_err, "pipe failure\n");
|
2015-01-22 11:40:55 +08:00
|
|
|
exit(1);
|
|
|
|
}
|
|
|
|
fflush(stdout);
|
2015-06-05 02:26:55 +08:00
|
|
|
(void)BIO_flush(bio_err);
|
2015-01-22 11:40:55 +08:00
|
|
|
if (fork()) {
|
|
|
|
close(fd[1]);
|
|
|
|
fds[n] = fd[0];
|
|
|
|
} else {
|
|
|
|
close(fd[0]);
|
|
|
|
close(1);
|
|
|
|
if (dup(fd[1]) == -1) {
|
2015-06-05 02:26:55 +08:00
|
|
|
BIO_printf(bio_err, "dup failed\n");
|
2015-01-22 11:40:55 +08:00
|
|
|
exit(1);
|
|
|
|
}
|
|
|
|
close(fd[1]);
|
|
|
|
mr = 1;
|
|
|
|
usertime = 0;
|
2019-07-14 15:53:17 +08:00
|
|
|
OPENSSL_free(fds);
|
2015-01-22 11:40:55 +08:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
printf("Forked child %d\n", n);
|
|
|
|
}
|
2002-08-09 16:43:04 +08:00
|
|
|
|
2015-01-22 11:40:55 +08:00
|
|
|
/* for now, assume the pipe is long enough to take all the output */
|
|
|
|
for (n = 0; n < multi; ++n) {
|
|
|
|
FILE *f;
|
|
|
|
char buf[1024];
|
|
|
|
char *p;
|
|
|
|
|
|
|
|
f = fdopen(fds[n], "r");
|
2017-12-08 02:39:34 +08:00
|
|
|
while (fgets(buf, sizeof(buf), f)) {
|
2015-01-22 11:40:55 +08:00
|
|
|
p = strchr(buf, '\n');
|
|
|
|
if (p)
|
|
|
|
*p = '\0';
|
|
|
|
if (buf[0] != '+') {
|
2016-10-04 14:20:49 +08:00
|
|
|
BIO_printf(bio_err,
|
|
|
|
"Don't understand line '%s' from child %d\n", buf,
|
|
|
|
n);
|
2015-01-22 11:40:55 +08:00
|
|
|
continue;
|
|
|
|
}
|
|
|
|
printf("Got: %s from %d\n", buf, n);
|
2015-05-07 02:56:14 +08:00
|
|
|
if (strncmp(buf, "+F:", 3) == 0) {
|
2015-01-22 11:40:55 +08:00
|
|
|
int alg;
|
|
|
|
int j;
|
|
|
|
|
|
|
|
p = buf + 3;
|
|
|
|
alg = atoi(sstrsep(&p, sep));
|
|
|
|
sstrsep(&p, sep);
|
2017-12-02 17:05:35 +08:00
|
|
|
for (j = 0; j < size_num; ++j)
|
2015-01-22 11:40:55 +08:00
|
|
|
results[alg][j] += atof(sstrsep(&p, sep));
|
2015-05-07 02:56:14 +08:00
|
|
|
} else if (strncmp(buf, "+F2:", 4) == 0) {
|
2015-01-22 11:40:55 +08:00
|
|
|
int k;
|
|
|
|
double d;
|
|
|
|
|
|
|
|
p = buf + 4;
|
|
|
|
k = atoi(sstrsep(&p, sep));
|
|
|
|
sstrsep(&p, sep);
|
|
|
|
|
|
|
|
d = atof(sstrsep(&p, sep));
|
2016-08-02 16:13:00 +08:00
|
|
|
rsa_results[k][0] += d;
|
2015-01-22 11:40:55 +08:00
|
|
|
|
|
|
|
d = atof(sstrsep(&p, sep));
|
2016-08-02 16:13:00 +08:00
|
|
|
rsa_results[k][1] += d;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
# ifndef OPENSSL_NO_DSA
|
2015-05-07 02:56:14 +08:00
|
|
|
else if (strncmp(buf, "+F3:", 4) == 0) {
|
2015-01-22 11:40:55 +08:00
|
|
|
int k;
|
|
|
|
double d;
|
|
|
|
|
|
|
|
p = buf + 4;
|
|
|
|
k = atoi(sstrsep(&p, sep));
|
|
|
|
sstrsep(&p, sep);
|
|
|
|
|
|
|
|
d = atof(sstrsep(&p, sep));
|
2016-08-02 16:22:27 +08:00
|
|
|
dsa_results[k][0] += d;
|
2015-01-22 11:40:55 +08:00
|
|
|
|
|
|
|
d = atof(sstrsep(&p, sep));
|
2016-08-02 16:22:27 +08:00
|
|
|
dsa_results[k][1] += d;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
# endif
|
2015-03-11 07:09:27 +08:00
|
|
|
# ifndef OPENSSL_NO_EC
|
2015-05-07 02:56:14 +08:00
|
|
|
else if (strncmp(buf, "+F4:", 4) == 0) {
|
2015-01-22 11:40:55 +08:00
|
|
|
int k;
|
|
|
|
double d;
|
|
|
|
|
|
|
|
p = buf + 4;
|
|
|
|
k = atoi(sstrsep(&p, sep));
|
|
|
|
sstrsep(&p, sep);
|
|
|
|
|
|
|
|
d = atof(sstrsep(&p, sep));
|
2016-08-02 16:38:45 +08:00
|
|
|
ecdsa_results[k][0] += d;
|
2015-01-22 11:40:55 +08:00
|
|
|
|
|
|
|
d = atof(sstrsep(&p, sep));
|
2016-08-02 16:38:45 +08:00
|
|
|
ecdsa_results[k][1] += d;
|
2016-08-07 18:04:26 +08:00
|
|
|
} else if (strncmp(buf, "+F5:", 4) == 0) {
|
2015-01-22 11:40:55 +08:00
|
|
|
int k;
|
|
|
|
double d;
|
|
|
|
|
|
|
|
p = buf + 4;
|
|
|
|
k = atoi(sstrsep(&p, sep));
|
|
|
|
sstrsep(&p, sep);
|
|
|
|
|
|
|
|
d = atof(sstrsep(&p, sep));
|
2016-08-02 16:41:30 +08:00
|
|
|
ecdh_results[k][0] += d;
|
2018-09-07 14:39:19 +08:00
|
|
|
} else if (strncmp(buf, "+F6:", 4) == 0) {
|
|
|
|
int k;
|
|
|
|
double d;
|
|
|
|
|
|
|
|
p = buf + 4;
|
|
|
|
k = atoi(sstrsep(&p, sep));
|
|
|
|
sstrsep(&p, sep);
|
|
|
|
|
|
|
|
d = atof(sstrsep(&p, sep));
|
|
|
|
eddsa_results[k][0] += d;
|
|
|
|
|
|
|
|
d = atof(sstrsep(&p, sep));
|
|
|
|
eddsa_results[k][1] += d;
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
2019-09-29 22:25:10 +08:00
|
|
|
# ifndef OPENSSL_NO_SM2
|
|
|
|
else if (strncmp(buf, "+F7:", 4) == 0) {
|
|
|
|
int k;
|
|
|
|
double d;
|
|
|
|
|
|
|
|
p = buf + 4;
|
|
|
|
k = atoi(sstrsep(&p, sep));
|
|
|
|
sstrsep(&p, sep);
|
|
|
|
|
|
|
|
d = atof(sstrsep(&p, sep));
|
|
|
|
sm2_results[k][0] += d;
|
|
|
|
|
|
|
|
d = atof(sstrsep(&p, sep));
|
|
|
|
sm2_results[k][1] += d;
|
|
|
|
}
|
|
|
|
# endif /* OPENSSL_NO_SM2 */
|
2015-01-27 23:06:22 +08:00
|
|
|
# endif
|
2015-01-22 11:40:55 +08:00
|
|
|
|
2015-05-07 02:56:14 +08:00
|
|
|
else if (strncmp(buf, "+H:", 3) == 0) {
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
;
|
2015-01-22 11:40:55 +08:00
|
|
|
} else
|
2016-10-04 14:20:49 +08:00
|
|
|
BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf,
|
|
|
|
n);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
fclose(f);
|
|
|
|
}
|
2019-07-14 15:53:17 +08:00
|
|
|
OPENSSL_free(fds);
|
2015-01-22 11:40:55 +08:00
|
|
|
return 1;
|
|
|
|
}
|
2015-01-27 23:06:22 +08:00
|
|
|
#endif
|
2014-07-06 05:53:55 +08:00
|
|
|
|
2018-04-30 07:13:58 +08:00
|
|
|
static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
|
2018-01-12 11:37:39 +08:00
|
|
|
const openssl_speed_sec_t *seconds)
|
2015-01-22 11:40:55 +08:00
|
|
|
{
|
2017-12-02 17:05:35 +08:00
|
|
|
static const int mblengths_list[] =
|
2015-01-22 11:40:55 +08:00
|
|
|
{ 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 };
|
2017-12-02 17:05:35 +08:00
|
|
|
const int *mblengths = mblengths_list;
|
2017-12-05 00:40:23 +08:00
|
|
|
int j, count, keylen, num = OSSL_NELEM(mblengths_list);
|
2015-01-22 11:40:55 +08:00
|
|
|
const char *alg_name;
|
2017-12-05 00:40:23 +08:00
|
|
|
unsigned char *inp, *out, *key, no_key[32], no_iv[16];
|
2015-12-14 05:08:41 +08:00
|
|
|
EVP_CIPHER_CTX *ctx;
|
2015-01-22 11:40:55 +08:00
|
|
|
double d = 0.0;
|
|
|
|
|
2017-12-02 17:05:35 +08:00
|
|
|
if (lengths_single) {
|
|
|
|
mblengths = &lengths_single;
|
|
|
|
num = 1;
|
|
|
|
}
|
|
|
|
|
2015-05-01 05:48:31 +08:00
|
|
|
inp = app_malloc(mblengths[num - 1], "multiblock input buffer");
|
|
|
|
out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer");
|
2015-12-14 05:08:41 +08:00
|
|
|
ctx = EVP_CIPHER_CTX_new();
|
2017-12-05 00:40:23 +08:00
|
|
|
EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv);
|
|
|
|
|
|
|
|
keylen = EVP_CIPHER_CTX_key_length(ctx);
|
|
|
|
key = app_malloc(keylen, "evp_cipher key");
|
|
|
|
EVP_CIPHER_CTX_rand_key(ctx, key);
|
|
|
|
EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
|
|
|
|
OPENSSL_clear_free(key, keylen);
|
|
|
|
|
2016-10-04 14:20:49 +08:00
|
|
|
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key), no_key);
|
2015-12-19 00:08:49 +08:00
|
|
|
alg_name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
|
2015-01-22 11:40:55 +08:00
|
|
|
|
|
|
|
for (j = 0; j < num; j++) {
|
2017-12-02 17:05:35 +08:00
|
|
|
print_message(alg_name, 0, mblengths[j], seconds->sym);
|
2015-01-22 11:40:55 +08:00
|
|
|
Time_F(START);
|
|
|
|
for (count = 0, run = 1; run && count < 0x7fffffff; count++) {
|
2015-04-27 18:07:06 +08:00
|
|
|
unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
|
2015-01-22 11:40:55 +08:00
|
|
|
EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
|
|
|
|
size_t len = mblengths[j];
|
|
|
|
int packlen;
|
|
|
|
|
|
|
|
memset(aad, 0, 8); /* avoid uninitialized values */
|
|
|
|
aad[8] = 23; /* SSL3_RT_APPLICATION_DATA */
|
|
|
|
aad[9] = 3; /* version */
|
|
|
|
aad[10] = 2;
|
|
|
|
aad[11] = 0; /* length */
|
|
|
|
aad[12] = 0;
|
|
|
|
mb_param.out = NULL;
|
|
|
|
mb_param.inp = aad;
|
|
|
|
mb_param.len = len;
|
|
|
|
mb_param.interleave = 8;
|
|
|
|
|
2015-12-14 05:08:41 +08:00
|
|
|
packlen = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
|
2015-01-22 11:40:55 +08:00
|
|
|
sizeof(mb_param), &mb_param);
|
|
|
|
|
|
|
|
if (packlen > 0) {
|
|
|
|
mb_param.out = out;
|
|
|
|
mb_param.inp = inp;
|
|
|
|
mb_param.len = len;
|
2015-12-14 05:08:41 +08:00
|
|
|
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
|
2015-01-22 11:40:55 +08:00
|
|
|
sizeof(mb_param), &mb_param);
|
|
|
|
} else {
|
|
|
|
int pad;
|
|
|
|
|
|
|
|
RAND_bytes(out, 16);
|
|
|
|
len += 16;
|
2017-11-12 05:23:12 +08:00
|
|
|
aad[11] = (unsigned char)(len >> 8);
|
|
|
|
aad[12] = (unsigned char)(len);
|
2015-12-14 05:08:41 +08:00
|
|
|
pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD,
|
2015-04-27 18:07:06 +08:00
|
|
|
EVP_AEAD_TLS1_AAD_LEN, aad);
|
2015-12-14 05:08:41 +08:00
|
|
|
EVP_Cipher(ctx, out, inp, len + pad);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|
|
|
|
}
|
|
|
|
d = Time_F(STOP);
|
Big apps cleanup (option-parsing, etc)
This is merges the old "rsalz-monolith" branch over to master. The biggest
change is that option parsing switch from cascasding 'else if strcmp("-foo")'
to a utility routine and somethin akin to getopt. Also, an error in the
command line no longer prints the full summary; use -help (or --help :)
for that. There have been many other changes and code-cleanup, see
bullet list below.
Special thanks to Matt for the long and detailed code review.
TEMPORARY:
For now, comment out CRYPTO_mem_leaks() at end of main
Tickets closed:
RT3515: Use 3DES in pkcs12 if built with no-rc2
RT1766: s_client -reconnect and -starttls broke
RT2932: Catch write errors
RT2604: port should be 'unsigned short'
RT2983: total_bytes undeclared #ifdef RENEG
RT1523: Add -nocert to fix output in x509 app
RT3508: Remove unused variable introduced by b09eb24
RT3511: doc fix; req default serial is random
RT1325,2973: Add more extensions to c_rehash
RT2119,3407: Updated to dgst.pod
RT2379: Additional typo fix
RT2693: Extra include of string.h
RT2880: HFS is case-insensitive filenames
RT3246: req command prints version number wrong
Other changes; incompatibilities marked with *:
Add SCSV support
Add -misalign to speed command
Make dhparam, dsaparam, ecparam, x509 output C in proper style
Make some internal ocsp.c functions void
Only display cert usages with -help in verify
Use global bio_err, remove "BIO*err" parameter from functions
For filenames, - always means stdin (or stdout as appropriate)
Add aliases for -des/aes "wrap" ciphers.
*Remove support for IISSGC (server gated crypto)
*The undocumented OCSP -header flag is now "-header name=value"
*Documented the OCSP -header flag
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-04-25 03:26:15 +08:00
|
|
|
BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n"
|
2015-01-22 11:40:55 +08:00
|
|
|
: "%d %s's in %.2fs\n", count, "evp", d);
|
|
|
|
results[D_EVP][j] = ((double)count) / d * mblengths[j];
|
|
|
|
}
|
|
|
|
|
|
|
|
if (mr) {
|
|
|
|
fprintf(stdout, "+H");
|
|
|
|
for (j = 0; j < num; j++)
|
|
|
|
fprintf(stdout, ":%d", mblengths[j]);
|
|
|
|
fprintf(stdout, "\n");
|
|
|
|
fprintf(stdout, "+F:%d:%s", D_EVP, alg_name);
|
|
|
|
for (j = 0; j < num; j++)
|
|
|
|
fprintf(stdout, ":%.2f", results[D_EVP][j]);
|
|
|
|
fprintf(stdout, "\n");
|
|
|
|
} else {
|
|
|
|
fprintf(stdout,
|
|
|
|
"The 'numbers' are in 1000s of bytes per second processed.\n");
|
|
|
|
fprintf(stdout, "type ");
|
|
|
|
for (j = 0; j < num; j++)
|
|
|
|
fprintf(stdout, "%7d bytes", mblengths[j]);
|
|
|
|
fprintf(stdout, "\n");
|
|
|
|
fprintf(stdout, "%-24s", alg_name);
|
|
|
|
|
|
|
|
for (j = 0; j < num; j++) {
|
|
|
|
if (results[D_EVP][j] > 10000)
|
|
|
|
fprintf(stdout, " %11.2fk", results[D_EVP][j] / 1e3);
|
|
|
|
else
|
|
|
|
fprintf(stdout, " %11.2f ", results[D_EVP][j]);
|
|
|
|
}
|
|
|
|
fprintf(stdout, "\n");
|
|
|
|
}
|
|
|
|
|
2015-05-01 22:02:07 +08:00
|
|
|
OPENSSL_free(inp);
|
|
|
|
OPENSSL_free(out);
|
2015-12-14 05:08:41 +08:00
|
|
|
EVP_CIPHER_CTX_free(ctx);
|
2015-01-22 11:40:55 +08:00
|
|
|
}
|