Reg slowness seen in openssl 1.1.1

Thu May 9 18:12:33 UTC 2019

Hi ,

I can observe slowness with standalone c programs.  Attached are the sample
c programs.
If I run them with openssl 1.1.1 and 1.1.0e version on Linux system (Linux
2.6.32-504.el6.x86_64 x86_64
). then I can see the difference. If I increase the number of loop in the
program, then the slowness increases.

Could you please look into the program and let me know if anything  I am
doing wrong ?
Or else What could be the issue ?

Thanks and Regards,
Ram Krushna

On Thu, May 9, 2019 at 8:43 PM Salz, Rich <rsalz at akamai.com> wrote:

> So now you know where to start looking, I guess.  You might also change
> your test program so that it calls the functions multiple times, to “smooth
> out” the overhead.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20190509/ae63f485/attachment.html>
-------------- next part --------------
#include <stdio.h>
#include <string.h>
#include <openssl/evp.h>

int main(int argc, char *argv[])
{
    char mess1[] = "Now is the time for all good men to come to the aid of their country.";
    char mess2[1024] ;
    int inlen=70, outlen,i;
    EVP_CIPHER_CTX *ctx;
    unsigned char key[] = "0123456789abcdeF";
    unsigned char iv[] = "1234567887654321";

    if (argv[1] == NULL)
    {
        printf ("Usage: encdec <do_encrypt>\n");
        exit (1);
    }
    int do_encrypt = atoi(argv[1]);

    for(i =0;i<10000000;i++)
    {
    ctx = EVP_CIPHER_CTX_new();
    const EVP_CIPHER *cp = EVP_get_cipherbyname("AES-128-CBC");
    EVP_CipherInit_ex(ctx, cp, NULL, key, iv,do_encrypt);

    //EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_encrypt);

    if(!EVP_CipherUpdate(ctx, mess2, &outlen, mess1, inlen))
    {
        /* Error */
        EVP_CIPHER_CTX_free(ctx);
        return 0;
    }
    if(!EVP_CipherFinal_ex(ctx, mess2, &outlen))
    {
        /* Error */
        EVP_CIPHER_CTX_free(ctx);
        return 0;
    }
    EVP_CIPHER_CTX_free(ctx);
    }
    return 1;
}
-------------- next part --------------
#include <stdio.h>
#include <string.h>
#include <openssl/evp.h>

int main(int argc, char *argv[])
{
  EVP_MD_CTX *mdctx;
  const EVP_MD *md;
  char mess1[] = "Now is the time for all good men to come to the aid of their country.\n";
  char mess2[] = "Now is the time for all good men to come to the aid of their country.\n";
  unsigned char md_value[EVP_MAX_MD_SIZE];
  unsigned int md_len, i;
  int j=0;

  if (argv[1] == NULL)
    {
      printf ("Usage: mdtest digestname\n");
      exit (1);
    }

  md = EVP_get_digestbyname (argv[1]);
  if (md == NULL)
    {
      printf ("Unknown message digest %s\n", argv[1]);
      exit (1);
    }
  for (j=0;j<10000000;j++)
  {
      mdctx = EVP_MD_CTX_new ();
      EVP_DigestInit_ex (mdctx, md, NULL);
      EVP_DigestUpdate (mdctx, mess1, strlen (mess1));
      EVP_DigestUpdate (mdctx, mess2, strlen (mess2));
      EVP_DigestFinal_ex (mdctx, md_value, &md_len);
      EVP_MD_CTX_free (mdctx);
  }
      printf ("Digest is: ");
      for (i = 0; i < md_len; i++)
          printf ("%02x", md_value[i]);
      printf ("\n");

  exit (0);
}