[openssl-commits] [openssl] master update
Paul I. Dale
pauli at openssl.org
Tue Sep 11 22:55:11 UTC 2018
The branch master has been updated
via f88b9b79152b48541b780dfd30bb34e1c7a91e1b (commit)
from b28bfa7e5685588113a33708477b065d5888283e (commit)
- Log -----------------------------------------------------------------
commit f88b9b79152b48541b780dfd30bb34e1c7a91e1b
Author: Pauli <paul.dale at oracle.com>
Date: Tue Aug 14 14:04:47 2018 +1000
Speed for HMACs.
Add support for HMAC over any evp supported digest.
Reviewed-by: Tim Hudson <tjh at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6945)
-----------------------------------------------------------------------
Summary of changes:
apps/speed.c | 60 ++++++++++++++++++++++++++++++++++++++++++++++++++----
doc/man1/speed.pod | 5 +++++
2 files changed, 61 insertions(+), 4 deletions(-)
diff --git a/apps/speed.c b/apps/speed.c
index a487917..27b4d50 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -298,7 +298,7 @@ static int opt_found(const char *name, unsigned int *result,
typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
- OPT_ELAPSED, OPT_EVP, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
+ OPT_ELAPSED, OPT_EVP, OPT_HMAC, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM,
OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD
} OPTION_CHOICE;
@@ -308,6 +308,7 @@ const OPTIONS speed_options[] = {
{OPT_HELP_STR, 1, '-', "Valid options are:\n"},
{"help", OPT_HELP, '-', "Display this summary"},
{"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"},
+ {"hmac", OPT_HMAC, 's', "HMAC using EVP-named digest"},
{"decrypt", OPT_DECRYPT, '-',
"Time decryption instead of encryption (only EVP)"},
{"aead", OPT_AEAD, '-',
@@ -369,6 +370,8 @@ const OPTIONS speed_options[] = {
#define D_IGE_256_AES 28
#define D_GHASH 29
#define D_RAND 30
+#define D_EVP_HMAC 31
+
/* name of algorithms to test */
static const char *names[] = {
"md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
@@ -378,7 +381,7 @@ static const char *names[] = {
"camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
"evp", "sha256", "sha512", "whirlpool",
"aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
- "rand"
+ "rand", "hmac"
};
#define ALGOR_NUM OSSL_NELEM(names)
@@ -1032,6 +1035,26 @@ static int EVP_Digest_loop(void *args)
return count;
}
+static const EVP_MD *evp_hmac_md = NULL;
+static char *evp_hmac_name = NULL;
+static int EVP_HMAC_loop(void *args)
+{
+ loopargs_t *tempargs = *(loopargs_t **) args;
+ unsigned char *buf = tempargs->buf;
+ unsigned char no_key[32];
+ int count;
+#ifndef SIGALRM
+ int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
+#endif
+
+ for (count = 0; COND(nb_iter); count++) {
+ if (HMAC(evp_hmac_md, no_key, sizeof(no_key), buf, lengths[testnum],
+ NULL, NULL) == NULL)
+ return -1;
+ }
+ return count;
+}
+
#ifndef OPENSSL_NO_RSA
static long rsa_c[RSA_NUM][2]; /* # RSA iteration test */
@@ -1567,6 +1590,15 @@ int speed_main(int argc, char **argv)
}
doit[D_EVP] = 1;
break;
+ case OPT_HMAC:
+ evp_hmac_md = EVP_get_digestbyname(opt_arg());
+ if (evp_hmac_md == NULL) {
+ BIO_printf(bio_err, "%s: %s is an unknown digest\n",
+ prog, opt_arg());
+ goto end;
+ }
+ doit[D_EVP_HMAC] = 1;
+ break;
case OPT_DECRYPT:
decrypt = 1;
break;
@@ -1805,9 +1837,9 @@ int speed_main(int argc, char **argv)
e = setup_engine(engine_id, 0);
/* No parameters; turn on everything. */
- if ((argc == 0) && !doit[D_EVP]) {
+ if (argc == 0 && !doit[D_EVP] && !doit[D_EVP_HMAC]) {
for (i = 0; i < ALGOR_NUM; i++)
- if (i != D_EVP)
+ if (i != D_EVP && i != D_EVP_HMAC)
doit[i] = 1;
#ifndef OPENSSL_NO_RSA
for (i = 0; i < RSA_NUM; i++)
@@ -2649,6 +2681,25 @@ int speed_main(int argc, char **argv)
}
}
+ if (doit[D_EVP_HMAC]) {
+ if (evp_hmac_md != NULL) {
+ const char *md_name = OBJ_nid2ln(EVP_MD_type(evp_hmac_md));
+ evp_hmac_name = app_malloc(sizeof("HMAC()") + strlen(md_name),
+ "HMAC name");
+ sprintf(evp_hmac_name, "HMAC(%s)", md_name);
+ names[D_EVP_HMAC] = evp_hmac_name;
+
+ for (testnum = 0; testnum < size_num; testnum++) {
+ print_message(names[D_EVP_HMAC], save_count, lengths[testnum],
+ seconds.sym);
+ Time_F(START);
+ count = run_benchmark(async_jobs, EVP_HMAC_loop, loopargs);
+ d = Time_F(STOP);
+ print_result(D_EVP_HMAC, testnum, count, d);
+ }
+ }
+ }
+
for (i = 0; i < loopargs_len; i++)
if (RAND_bytes(loopargs[i].buf, 36) <= 0)
goto end;
@@ -3347,6 +3398,7 @@ int speed_main(int argc, char **argv)
OPENSSL_free(loopargs[i].secret_b);
#endif
}
+ OPENSSL_free(evp_hmac_name);
if (async_jobs > 0) {
for (i = 0; i < loopargs_len; i++)
diff --git a/doc/man1/speed.pod b/doc/man1/speed.pod
index 523da0d..16dc839 100644
--- a/doc/man1/speed.pod
+++ b/doc/man1/speed.pod
@@ -12,6 +12,7 @@ B<openssl speed>
[B<-engine id>]
[B<-elapsed>]
[B<-evp algo>]
+[B<-hmac algo>]
[B<-decrypt>]
[B<-rand file...>]
[B<-writerand file>]
@@ -55,6 +56,10 @@ If B<algo> is an AEAD cipher, then you can pass <-aead> to benchmark a
TLS-like sequence. And if B<algo> is a multi-buffer capable cipher, e.g.
aes-128-cbc-hmac-sha1, then B<-mb> will time multi-buffer operation.
+=item B<-hmac digest>
+
+Time the HMAC algorithm using the specified message digest.
+
=item B<-decrypt>
Time the decryption instead of encryption. Affects only the EVP testing.
More information about the openssl-commits
mailing list