Commit f88b9b79 authored by Pauli's avatar Pauli
Browse files

Speed for HMACs. 



Add support for HMAC over any evp supported digest.

Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6945)
parent b28bfa7e

apps/speed.c

+56 −4
Original line number Diff line number Diff line
@@ -298,7 +298,7 @@ static int opt_found(const char *name, unsigned int *result, 


typedef enum OPTION_choice {

    OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,

    OPT_ELAPSED, OPT_EVP, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,

    OPT_ELAPSED, OPT_EVP, OPT_HMAC, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,

    OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM,

    OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD

} OPTION_CHOICE;
@@ -308,6 +308,7 @@ const OPTIONS speed_options[] = { 
    {OPT_HELP_STR, 1, '-', "Valid options are:\n"},

    {"help", OPT_HELP, '-', "Display this summary"},

    {"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"},

    {"hmac", OPT_HMAC, 's', "HMAC using EVP-named digest"},

    {"decrypt", OPT_DECRYPT, '-',

     "Time decryption instead of encryption (only EVP)"},

    {"aead", OPT_AEAD, '-',
@@ -369,6 +370,8 @@ const OPTIONS speed_options[] = { 
#define D_IGE_256_AES   28

#define D_GHASH         29

#define D_RAND          30

#define D_EVP_HMAC      31



/* name of algorithms to test */

static const char *names[] = {

    "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
@@ -378,7 +381,7 @@ static const char *names[] = { 
    "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",

    "evp", "sha256", "sha512", "whirlpool",

    "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",

    "rand"

    "rand", "hmac"

};

#define ALGOR_NUM       OSSL_NELEM(names)
@@ -1032,6 +1035,26 @@ static int EVP_Digest_loop(void *args) 
    return count;

}



static const EVP_MD *evp_hmac_md = NULL;

static char *evp_hmac_name = NULL;

static int EVP_HMAC_loop(void *args)

{

    loopargs_t *tempargs = *(loopargs_t **) args;

    unsigned char *buf = tempargs->buf;

    unsigned char no_key[32];

    int count;

#ifndef SIGALRM

    int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];

#endif



    for (count = 0; COND(nb_iter); count++) {

        if (HMAC(evp_hmac_md, no_key, sizeof(no_key), buf, lengths[testnum],

                 NULL, NULL) == NULL)

            return -1;

    }

    return count;

}



#ifndef OPENSSL_NO_RSA

static long rsa_c[RSA_NUM][2];  /* # RSA iteration test */
@@ -1567,6 +1590,15 @@ int speed_main(int argc, char **argv) 
            }

            doit[D_EVP] = 1;

            break;

        case OPT_HMAC:

            evp_hmac_md = EVP_get_digestbyname(opt_arg());

            if (evp_hmac_md == NULL) {

                BIO_printf(bio_err, "%s: %s is an unknown digest\n",

                           prog, opt_arg());

                goto end;

            }

            doit[D_EVP_HMAC] = 1;

            break;

        case OPT_DECRYPT:

            decrypt = 1;

            break;
@@ -1805,9 +1837,9 @@ int speed_main(int argc, char **argv) 
    e = setup_engine(engine_id, 0);



    /* No parameters; turn on everything. */

    if ((argc == 0) && !doit[D_EVP]) {

    if (argc == 0 && !doit[D_EVP] && !doit[D_EVP_HMAC]) {

        for (i = 0; i < ALGOR_NUM; i++)

            if (i != D_EVP)

            if (i != D_EVP && i != D_EVP_HMAC)

                doit[i] = 1;

#ifndef OPENSSL_NO_RSA

        for (i = 0; i < RSA_NUM; i++)
@@ -2649,6 +2681,25 @@ int speed_main(int argc, char **argv) 
        }

    }



    if (doit[D_EVP_HMAC]) {

        if (evp_hmac_md != NULL) {

            const char *md_name = OBJ_nid2ln(EVP_MD_type(evp_hmac_md));

            evp_hmac_name = app_malloc(sizeof("HMAC()") + strlen(md_name),

                                       "HMAC name");

            sprintf(evp_hmac_name, "HMAC(%s)", md_name);

            names[D_EVP_HMAC] = evp_hmac_name;



            for (testnum = 0; testnum < size_num; testnum++) {

                print_message(names[D_EVP_HMAC], save_count, lengths[testnum],

                              seconds.sym);

                Time_F(START);

                count = run_benchmark(async_jobs, EVP_HMAC_loop, loopargs);

                d = Time_F(STOP);

                print_result(D_EVP_HMAC, testnum, count, d);

            }

        }

    }



    for (i = 0; i < loopargs_len; i++)

        if (RAND_bytes(loopargs[i].buf, 36) <= 0)

            goto end;
@@ -3347,6 +3398,7 @@ int speed_main(int argc, char **argv) 
        OPENSSL_free(loopargs[i].secret_b);

#endif

    }

    OPENSSL_free(evp_hmac_name);



    if (async_jobs > 0) {

        for (i = 0; i < loopargs_len; i++)

doc/man1/speed.pod

+5 −0
Original line number Diff line number Diff line
@@ -12,6 +12,7 @@ B<openssl speed> 
[B<-engine id>]

[B<-elapsed>]

[B<-evp algo>]

[B<-hmac algo>]

[B<-decrypt>]

[B<-rand file...>]

[B<-writerand file>]
@@ -55,6 +56,10 @@ If B<algo> is an AEAD cipher, then you can pass <-aead> to benchmark a 
TLS-like sequence. And if B<algo> is a multi-buffer capable cipher, e.g.

aes-128-cbc-hmac-sha1, then B<-mb> will time multi-buffer operation.



=item B<-hmac digest>



Time the HMAC algorithm using the specified message digest.



=item B<-decrypt>



Time the decryption instead of encryption. Affects only the EVP testing.