Commit Graph

466 Commits

Author SHA1 Message Date
Dimitri Papadopoulos
bbaeadb068 "foo * bar" should be "foo *bar"
Found by running the checkpatch.pl Linux script to enforce coding style.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21468)
2023-09-11 10:15:30 +02:00
Matt Caswell
da1c088f59 Copyright year updates
Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes
2023-09-07 09:59:15 +01:00
Ingo Franzki
eb2ff04cc7 speed: Unify output messages regarding number of ops per time
Always report "<algo> ops in <time>", instead of "<algo>'s in <time>" or
similar. Avoid the use of apostrophes and/or plural with algorithm names.

Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21383)
2023-08-01 19:10:39 +02:00
Ingo Franzki
0195df8baa speed: Also measure RSA encrypt/decrypt, not only RSA sign/verify
While RSA encrypt/decrypt and sign/verify are basically the same mod-expo
operations, the speed of the operation may still differ, due to different
padding, as well as the use of implicit rejection for RSA decrypt.

Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21383)
2023-08-01 19:10:39 +02:00
Ingo Franzki
0c85bcbaea speed: Fix execution of EdDSA measurement
Running 'openssl speed eddsa' fails with

Doing 253 bits sign Ed25519 ops for 10s: EdDSA sign failure
000003FF9306C7D0:error:030000BC:digital envelope routines:EVP_DigestSign:
                           final error:crypto/evp/m_sigver.c:585:
-1 253 bits Ed25519 sign ops in 0.00s
Doing 253 bits verify Ed25519 ops for 10s: EdDSA verify failure
000003FF9306C7D0:error:030000BC:digital envelope routines:EVP_DigestVerify:
                           final error:crypto/evp/m_sigver.c:694:
-1 253 bits Ed25519 verify ops in 0.00s

This is because the EVP_DigestSign/Verify() calls in the EdDSA_sign/verify_loop()
fail because the context has already been finalized by the previous
EVP_DigestSign/Verify call during the EdDSA signature test done by speed_main().

This happens since commit 3fc2b7d6b8 where the
EVP_DigestSign/Verify() functions have been changed to set a flag that the
context has been finalized.

Fix this by re-initializing the context using EVP_DigestSign/Verify() in the
EdDSA_sign/verify_loop().

Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21491)
2023-07-21 10:08:10 +10:00
Ingo Franzki
cc7e2b20de speed: Fix memory leak
Free the signature stack after iterating over all found signatures.
Free the kem and signature stacks at the end of speed_main() if not
NULL.

Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21491)
2023-07-21 10:08:10 +10:00
Jörg Sommer
33c09341bb openssl speed -multi -evp prints wrong algorithm name
When running `openssl speed -evp md5` the result shows `md5` as algorithm
name. But when adding the option `-multi 2` it gives `evp` as algorithm
name.

Signed-off-by: Jörg Sommer <joerg@jo-so.de>

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21216)
2023-06-28 11:05:14 +02:00
Yi Li
4032cd9a14 configure: introduce no-ecx to remove ECX related feature
This can effectively reduce the binary size for platforms
that don't need ECX feature(~100KB).

Signed-off-by: Yi Li <yi1.li@intel.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20781)
2023-06-14 13:06:22 +10:00
Michael Baentsch
316d5a982b restrict rsaBITS algorithm name check in speed
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20898)
2023-05-11 12:21:23 +10:00
Reinhard Urban
a8eb81ccd2 speed.c: remove unused num print_message args
these num args went unused with the removal of the ifndef SIGALRM
branches, commit ee1d7f1d25 Feb 2021
PR #14228

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20795)
2023-05-03 09:33:29 +02:00
Michael Baentsch
4557e28008 Provider-based KEM and SIG alg speed testing added
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/19968)
2023-03-31 14:19:18 -04:00
Michael Baentsch
7c966ab6b3 remove DSA512 from speed testing
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20603)
2023-03-30 12:26:50 +11:00
Dmitry Belyavskiy
07626ea9e5 Avoid erroneous diagnostics in speed measuring
Fixes #20291

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20306)
2023-03-15 08:46:54 +11:00
Dmitry Belyavskiy
98283a61f5 Enable some disabled __owurs
Fixes #15902

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/15905)
2023-02-07 11:56:27 -05:00
Pauli
a167e048a4 Coverity: fix 272011 resource leak
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/19900)
2022-12-15 11:30:49 +11:00
Tomas Mraz
d861bc03ee Fix build on NonStop
Fixes #19810

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19811)
2022-12-05 11:32:19 +01:00
Daniel Fiala
18af4d154c Make parsing of piped data in speed.c more robust
Fixes openssl#19050

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19238)
2022-11-24 10:10:04 +01:00
Peiwei Hu
9dd009dd51 apps/speed.c: fix the wrong checks
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19678)
2022-11-16 16:43:25 +01:00
Vinz2008
c9a542e418 apps/speed.c: add verifying if fdopen returns NULL
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19651)
2022-11-14 12:23:16 +01:00
Juergen Christ
9710d72b95 apps/speed.c: Lock buffer in memory
Lock the buffers used for throughput measurements into memory.  This removes
some side effects of paging.

Errors from the memory locking functions are ignored since they are not
critical to the application.

This feature is limited to Linux and Windows.

Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19091)
2022-09-29 09:06:04 +10:00
Juergen Christ
56233ba857 apps/speed.c: Wait for generated children
In multi-mode, speed fork()s off several children but does not wait for them.
On Linux, this leads to wrong accounting information of getrusage used by
tools to extract running time and page faults.

Wait for every children and check the return code and termination signal.

Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19093)
2022-08-31 09:31:47 +02:00
Dmitry Belyavskiy
c63e8637fd openssl speed fails in FIPS mode
...because it uses md5 for HMAC tests. Skip md5 in case of its
unavailability.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17331)
2022-08-23 10:21:25 +10:00
Todd Short
0113ec8460 Implement AES-GCM-SIV (RFC8452)
Fixes #16721

This uses AES-ECB to create a counter mode AES-CTR32 (32bit counter, I could
not get AES-CTR to work as-is), and GHASH to implement POLYVAL. Optimally,
there would be separate polyval assembly implementation(s), but the only one
I could find (and it was SSE2 x86_64 code) was not Apache 2.0 licensed.

This implementation lives only in the default provider; there is no legacy
implementation.

The code offered in #16721 is not used; that implementation sits on top of
OpenSSL, this one is embedded inside OpenSSL.

Full test vectors from RFC8452 are included, except the 0 length plaintext;
that is not supported; and I'm not sure it's worthwhile to do so.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18693)
2022-07-29 08:32:16 -04:00
Tomas Mraz
ab8d56d05b speed: Always reset the outlen when calling EVP_PKEY_derive
Fixes #18768

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18777)
2022-07-13 07:35:55 +01:00
Kan
8403c7350f Add config option for speed command
Fixed #16986

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18616)
2022-07-11 10:01:17 +10:00
Peiwei Hu
f15e3f3aa9 Fix the incorrect checks of EVP_CIPHER_CTX_rand_key
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18397)
2022-05-27 07:57:43 +02:00
Peiwei Hu
8d9fec1781 Fix the incorrect checks of EVP_CIPHER_CTX_set_key_length
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18397)
2022-05-27 07:57:43 +02:00
Peiwei Hu
d649c51a53 Fix check of EVP_CIPHER_CTX_ctrl
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18368)
2022-05-24 08:57:37 +02:00
Pauli
b11183be0c Fix Coverity 1503314 unchecked return value
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18013)
2022-05-04 17:15:20 +10:00
Matt Caswell
fecb3aae22 Update copyright year
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Release: yes
2022-05-03 13:34:51 +01:00
Kevin K Biju
378c50f63d Added checking for buflen overflow due to MAX_MISALIGNMENT.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17646)
2022-02-11 13:42:36 +11:00
Ankit Das
25a0a44dc6 Fix SIZE_MAX not defined on z/OS etc
Fixes openssl#17629 by including internal/numbers.h which defines SIZE_MAX

CLA: trivial

Fixes #17629

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17632)
2022-02-07 11:57:18 +11:00
Dimitris Apostolou
07c5465e98 Fix typos
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17634)
2022-02-07 11:23:28 +11:00
Kevin K Biju
78212c6472 Use opt_int_arg() to parse integers in apps/speed.c
We use opt_int_arg() to prevent malformed processing of
hexadecimal input to some command line options.

Updated help to mention the change.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17585)
2022-02-03 13:53:44 +01:00
Pauli
a09a342ffb speed: rework if condition to avoid empty statement
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17528)
2022-01-18 15:10:38 +11:00
Dr. David von Oheimb
2ff286c26c Add and use HAS_PREFIX() and CHECK_AND_SKIP_PREFIX() for checking if string has literal prefix
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15847)
2021-11-17 15:48:34 +01:00
Xiaofei Bai
e7414634a5 Fix sigsize usage in apps/speed.c
In a recent upstream change
(43da9a14f0)
the parameter sigsize become a read/write input in
EVP_PKEY_sign(), and after signing, sigsize will be overwritten with
the actual size and used in the verify step. As the speed program
calls EVP_PKEY_sign() on the same context repeatedly, sigsize value is
no longer the initial available size, and may fail in later buffer
size checks.

This fix adds a new buflen member in struct loopargs (which is only
used within apps/speed.c), to save available buffer size and
to be used as sigsize input in EVP_PKEY_sign() calls.
Sigsize still contains the signature size for the verify step.

Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16991)
2021-11-09 15:40:55 +01:00
Pauli
7220085f22 speed: range check the argument given to -multi
For machines where sizeof(size_t) == sizeof(int) there is a possible overflow
which could cause a crash.

For machines where sizeof(size_t) > sizeof(int), the existing checks adequately
detect the situation.

Fixes #16899

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16904)
2021-10-27 08:26:12 +10:00
Richard Levitte
9e1b6f3cdc Fix 'openssl speed' information printout
Most of all, this reduces the following:

    built on: built on: Wed Sep  8 19:41:55 2021 UTC

to:

    built on: Wed Sep  8 19:41:55 2021 UTC

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/16563)

(cherry picked from commit c1dc3536a8)
2021-09-10 12:16:12 +02:00
Pauli
5c8c2e6b48 apps: fix Coverity 1451531 Unchecked return value
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/15994)
2021-07-09 09:18:10 +10:00
Pauli
c696f4bfc3 speed: make sure to free any allocated EVP_MAC structures
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15687)
2021-06-15 18:26:47 +10:00
Pauli
4d574312db speed: use the app's libctx and property query when searching for algorithms
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15687)
2021-06-15 18:26:47 +10:00
Tomas Mraz
ed576acdf5 Rename all getters to use get/get0 in name
For functions that exist in 1.1.1 provide a simple aliases via #define.

Fixes #15236

Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_,
EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_,
EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_,
EVP_MD_, and EVP_CIPHER_ prefixes are renamed.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15405)
2021-06-01 12:40:00 +02:00
Dr. David von Oheimb
b0f960189b APPS: Replace 'OPT_ERR = -1, OPT_EOF = 0, OPT_HELP' by OPT_COMMON macro
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15111)
2021-05-05 20:48:20 +02:00
Tomas Mraz
eaf8a40d97 Prefer fetch over legacy get_digestby/get_cipherby
Fixes #14198

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15028)
2021-04-28 09:38:31 +02:00
Dr. David von Oheimb
d830526c71 APPS: Improve diagnostics for string options and options expecting int >= 0
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14970)
2021-04-24 18:54:32 +02:00
Dr. David von Oheimb
3ad6030948 APPS: make apps strict on app_RAND_load() and app_RAND_write() failure
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14840)
2021-04-14 16:48:27 +02:00
Pauli
987a66a6fc apps: fix Camellia CBC performance loop
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14786)
2021-04-08 22:57:24 +10:00
Pauli
9695f6de15 apps: fix AES CBC performance loop
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14778)
2021-04-08 12:24:37 +10:00
Tomas Mraz
5050fd5b3b Avoid going through NID when unnecessary
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14703)
2021-04-01 14:39:54 +02:00