diff options
| -rw-r--r-- | apps/ca.c | 2 | ||||
| -rw-r--r-- | apps/eay.c | 4 | ||||
| -rw-r--r-- | apps/s_client.c | 77 | ||||
| -rw-r--r-- | apps/s_server.c | 2 | ||||
| -rw-r--r-- | apps/s_time.c | 92 | ||||
| -rw-r--r-- | apps/sc.c | 2 | ||||
| -rw-r--r-- | apps/speed.c | 267 |
7 files changed, 349 insertions, 97 deletions
@@ -82,7 +82,7 @@ #define PROG ca_main #define BASE_SECTION "ca" -#define CONFIG_FILE "lib/ssleay.cnf" +#define CONFIG_FILE "lib/openssl.cnf" #define ENV_DEFAULT_CA "default_ca" diff --git a/apps/eay.c b/apps/eay.c index c7a59ca24..7c3bae3bf 100644 --- a/apps/eay.c +++ b/apps/eay.c @@ -1,5 +1,5 @@ /* apps/eay.c */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * * This package is an SSL implementation written @@ -88,7 +88,7 @@ #define MONOLITH -#include "ssleay.c" +#include "openssl.c" #include "apps.c" #include "asn1pars.c" #ifndef NO_RSA diff --git a/apps/s_client.c b/apps/s_client.c index b5dc23887..e5d281ba3 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -1,5 +1,5 @@ /* apps/s_client.c */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * * This package is an SSL implementation written @@ -60,7 +60,7 @@ #include <stdlib.h> #include <string.h> #define USE_SOCKETS -#ifdef WIN16 +#ifdef NO_STDIO #define APPS_WIN16 #endif #include "apps.h" @@ -127,9 +127,11 @@ static void sc_usage() BIO_printf(bio_err," -quiet - no s_client output\n"); BIO_printf(bio_err," -ssl2 - just use SSLv2\n"); BIO_printf(bio_err," -ssl3 - just use SSLv3\n"); + BIO_printf(bio_err," -tls1 - just use TLSv1\n"); + BIO_printf(bio_err," -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n"); BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n"); - BIO_printf(bio_err," -cipher - prefered cipher to use, use the 'ssleay ciphers'\n"); - BIO_printf(bio_err," command to se what is available\n"); + BIO_printf(bio_err," -cipher - prefered cipher to use, use the 'openssl ciphers'\n"); + BIO_printf(bio_err," command to see what is available\n"); } @@ -137,6 +139,7 @@ int MAIN(argc, argv) int argc; char **argv; { + int off=0; SSL *con=NULL,*con2=NULL; int s,k,width,state=0; char *cbuf=NULL,*sbuf=NULL; @@ -165,6 +168,7 @@ char **argv; #endif apps_startup(); + c_Pause=0; c_quiet=0; c_debug=0; @@ -235,6 +239,10 @@ char **argv; else if (strcmp(*argv,"-ssl3") == 0) meth=SSLv3_client_method(); #endif +#ifndef NO_TLS1 + else if (strcmp(*argv,"-tls1") == 0) + meth=TLSv1_client_method(); +#endif else if (strcmp(*argv,"-bugs") == 0) bugs=1; else if (strcmp(*argv,"-key") == 0) @@ -256,6 +264,12 @@ char **argv; if (--argc < 1) goto bad; CAfile= *(++argv); } + else if (strcmp(*argv,"-no_tls1") == 0) + off|=SSL_OP_NO_TLSv1; + else if (strcmp(*argv,"-no_ssl3") == 0) + off|=SSL_OP_NO_SSLv3; + else if (strcmp(*argv,"-no_ssl2") == 0) + off|=SSL_OP_NO_SSLv2; else if (strcmp(*argv,"-cipher") == 0) { if (--argc < 1) goto bad; @@ -302,7 +316,10 @@ bad: goto end; } - if (bugs) SSL_CTX_set_options(ctx,SSL_OP_ALL); + if (bugs) + SSL_CTX_set_options(ctx,SSL_OP_ALL|off); + else + SSL_CTX_set_options(ctx,off); if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback); if (cipher != NULL) @@ -319,20 +336,21 @@ bad: if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) || (!SSL_CTX_set_default_verify_paths(ctx))) { - BIO_printf(bio_err,"error seting default verify locations\n"); + /* BIO_printf(bio_err,"error seting default verify locations\n"); */ ERR_print_errors(bio_err); - goto end; + /* goto end; */ } SSL_load_error_strings(); con=(SSL *)SSL_new(ctx); +/* SSL_set_cipher_list(con,"RC4-MD5"); */ re_start: if (init_client(&s,host,port) == 0) { - BIO_printf(bio_err,"connect:errno=%d\n",errno); + BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error()); SHUTDOWN(s); goto end; } @@ -343,7 +361,11 @@ re_start: { unsigned long l=1; BIO_printf(bio_c_out,"turning on non blocking io\n"); - socket_ioctl(s,FIONBIO,&l); + if (BIO_socket_ioctl(s,FIONBIO,&l) < 0) + { + ERR_print_errors(bio_err); + goto end; + } } #endif if (c_Pause & 0x01) con->debug=1; @@ -386,7 +408,7 @@ re_start: FD_ZERO(&readfds); FD_ZERO(&writefds); - if (SSL_in_init(con)) + if (SSL_in_init(con) && !SSL_total_renegotiations(con)) { in_init=1; tty_on=0; @@ -427,11 +449,11 @@ re_start: /* printf("mode tty(%d %d%d) ssl(%d%d)\n", tty_on,read_tty,write_tty,read_ssl,write_ssl);*/ -/* printf("pending=%d\n",SSL_pending(con)); */ i=select(width,&readfds,&writefds,NULL,NULL); if ( i < 0) { - BIO_printf(bio_err,"bad select %d\n",sock_err()); + BIO_printf(bio_err,"bad select %d\n", + get_last_socket_error()); goto shut; /* goto end; */ } @@ -489,7 +511,7 @@ re_start: if ((k != 0) || (cbuf_len != 0)) { BIO_printf(bio_err,"write:errno=%d\n", - errno); + get_last_socket_error()); goto shut; } else @@ -526,7 +548,18 @@ re_start: #endif else if (FD_ISSET(SSL_get_fd(con),&readfds)) { - k=SSL_read(con,sbuf,BUFSIZZ); +#ifdef RENEG +{ static int iiii; if (++iiii == 52) { SSL_renegotiate(con); iiii=0; } } +#endif +#if 1 + k=SSL_read(con,sbuf,1024 /* BUFSIZZ */ ); +#else +/* Demo for pending and peek :-) */ + k=SSL_read(con,sbuf,16); +{ char zbuf[10240]; +printf("read=%d pending=%d peek=%d\n",k,SSL_pending(con),SSL_peek(con,zbuf,10240)); +} +#endif switch (SSL_get_error(con,k)) { @@ -555,7 +588,7 @@ re_start: BIO_printf(bio_c_out,"read X BLOCK\n"); break; case SSL_ERROR_SYSCALL: - BIO_printf(bio_err,"read:errno=%d\n",errno); + BIO_printf(bio_err,"read:errno=%d\n",get_last_socket_error()); goto shut; case SSL_ERROR_ZERO_RETURN: BIO_printf(bio_c_out,"closed\n"); @@ -563,7 +596,7 @@ re_start: case SSL_ERROR_SSL: ERR_print_errors(bio_err); goto shut; - break; + /* break; */ } } @@ -619,7 +652,7 @@ BIO *bio; SSL *s; int full; { - X509 *peer; + X509 *peer=NULL; char *p; static char *space=" "; char buf[BUFSIZ]; @@ -633,7 +666,7 @@ int full; sk=SSL_get_peer_cert_chain(s); if (sk != NULL) { - BIO_printf(bio,"---\nCertficate chain\n"); + BIO_printf(bio,"---\nCertificate chain\n"); for (i=0; i<sk_num(sk); i++) { X509_NAME_oneline(X509_get_subject_name((X509 *) @@ -657,7 +690,6 @@ int full; X509_NAME_oneline(X509_get_issuer_name(peer), buf,BUFSIZ); BIO_printf(bio,"issuer=%s\n",buf); - X509_free(peer); } else BIO_printf(bio,"no peer certificate available\n"); @@ -687,7 +719,7 @@ int full; { if (*p == ':') { - BIO_write(bio,space,15-j); + BIO_write(bio,space,15-j%25); i++; j=0; BIO_write(bio,((i%3)?" ":"\n"),1); @@ -711,7 +743,12 @@ int full; BIO_printf(bio,"%s, Cipher is %s\n", SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c)); + if (peer != NULL) + BIO_printf(bio,"Server public key is %d bit\n", + EVP_PKEY_bits(X509_get_pubkey(peer))); SSL_SESSION_print(bio,SSL_get_session(s)); BIO_printf(bio,"---\n"); + if (peer != NULL) + X509_free(peer); } diff --git a/apps/s_server.c b/apps/s_server.c index e96fd9cdb..256636bc4 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -205,7 +205,7 @@ static void sv_usage() BIO_printf(bio_err," -CApath arg - PEM format directory of CA's\n"); BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n"); BIO_printf(bio_err," -nocert - Don't use any certificates (Anon-DH)\n"); - BIO_printf(bio_err," -cipher arg - play with 'ssleay ciphers' to see what goes here\n"); + BIO_printf(bio_err," -cipher arg - play with 'openssl ciphers' to see what goes here\n"); BIO_printf(bio_err," -quiet - No server output\n"); BIO_printf(bio_err," -no_tmp_rsa - Do not generate a tmp RSA key\n"); BIO_printf(bio_err," -ssl2 - Just talk SSLv2\n"); diff --git a/apps/s_time.c b/apps/s_time.c index 853a9dcc4..568359253 100644 --- a/apps/s_time.c +++ b/apps/s_time.c @@ -1,5 +1,5 @@ /* apps/s_time.c */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * * This package is an SSL implementation written @@ -56,7 +56,7 @@ * [including the GNU Public Licence.] */ -#undef NO_SHUTDOWN +#define NO_SHUTDOWN /*----------------------------------------- cntime - SSL client connection timer program @@ -67,7 +67,7 @@ #include <stdlib.h> #include <string.h> -#ifdef WIN16 +#ifdef NO_STDIO #define APPS_WIN16 #endif #include "x509.h" @@ -111,7 +111,8 @@ struct tms { #include <sys/select.h> #endif -#ifdef sun +#if defined(sun) || defined(__ultrix) +#define _POSIX_SOURCE #include <limits.h> #include <sys/param.h> #endif @@ -154,10 +155,12 @@ extern int verify_error; static void s_time_usage(void); static int parseArgs( int argc, char **argv ); static SSL *doConnection( SSL *scon ); +static void s_time_init(void); #else static void s_time_usage(); static int parseArgs(); static SSL *doConnection(); +static void s_time_init(); #endif @@ -180,15 +183,38 @@ static char *s_www_path=NULL; static long bytes_read=0; static int st_bugs=0; static int perform=0; - #ifdef FIONBIO static int t_nbio=0; #endif - #ifdef WIN32 static int exitNow = 0; /* Set when it's time to exit main */ #endif +static void s_time_init() + { + host=SSL_CONNECT_NAME; + t_cert_file=NULL; + t_key_file=NULL; + CApath=NULL; + CAfile=NULL; + tm_cipher=NULL; + tm_verify = SSL_VERIFY_NONE; + maxTime = SECONDS; + tm_ctx=NULL; + s_time_meth=NULL; + s_www_path=NULL; + bytes_read=0; + st_bugs=0; + perform=0; + +#ifdef FIONBIO + t_nbio=0; +#endif +#ifdef WIN32 + exitNow = 0; /* Set when it's time to exit main */ +#endif + } + /*********************************************************************** * usage - display usage message */ @@ -202,7 +228,7 @@ static void s_time_usage() not specified but cert fill is.\n\ -CApath arg - PEM format directory of CA's\n\ -CAfile arg - PEM format file of CA's\n\ --cipher - prefered cipher to use, play with 'ssleay ciphers'\n\n"; +-cipher - prefered cipher to use, play with 'openssl ciphers'\n\n"; printf( "usage: client <args>\n\n" ); @@ -237,6 +263,7 @@ char **argv; #endif apps_startup(); + s_time_init(); if (bio_err == NULL) bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); @@ -396,6 +423,7 @@ char **argv; long finishtime=0; int ret=1,i; MS_STATIC char buf[1024*8]; + int ver; #if !defined(NO_SSL2) && !defined(NO_SSL3) s_time_meth=SSLv23_client_method(); @@ -412,6 +440,8 @@ char **argv; SSLeay_add_ssl_algorithms(); if ((tm_ctx=SSL_CTX_new(s_time_meth)) == NULL) return(1); + SSL_CTX_set_quiet_shutdown(tm_ctx,1); + if (st_bugs) SSL_CTX_set_options(tm_ctx,SSL_OP_ALL); SSL_CTX_set_cipher_list(tm_ctx,tm_cipher); if(!set_cert_stuff(tm_ctx,t_cert_file,t_key_file)) @@ -422,9 +452,9 @@ char **argv; if ((!SSL_CTX_load_verify_locations(tm_ctx,CAfile,CApath)) || (!SSL_CTX_set_default_verify_paths(tm_ctx))) { - BIO_printf(bio_err,"error seting default verify locations\n"); + /* BIO_printf(bio_err,"error seting default verify locations\n"); */ ERR_print_errors(bio_err); - goto end; + /* goto end; */ } if (tm_cipher == NULL) @@ -471,11 +501,24 @@ char **argv; #else SSL_shutdown(scon); #endif - SHUTDOWN(SSL_get_fd(scon)); + SHUTDOWN2(SSL_get_fd(scon)); nConn += 1; - fputc(SSL_session_reused(scon)?'r': - (SSL_version(scon))+'0', stdout ); + if (SSL_session_reused(scon)) + ver='r'; + else + { + ver=SSL_version(scon); + if (ver == TLS1_VERSION) + ver='t'; + else if (ver == SSL3_VERSION) + ver='3'; + else if (ver == SSL2_VERSION) + ver='2'; + else + ver='*'; + } + fputc(ver,stdout); fflush(stdout); SSL_free( scon ); @@ -512,7 +555,7 @@ next: #else SSL_shutdown(scon); #endif - SHUTDOWN(SSL_get_fd(scon)); + SHUTDOWN2(SSL_get_fd(scon)); nConn = 0; totalTime = 0.0; @@ -551,11 +594,24 @@ next: #else SSL_shutdown(scon); #endif - SHUTDOWN(SSL_get_fd(scon)); + SHUTDOWN2(SSL_get_fd(scon)); nConn += 1; - fputc(SSL_session_reused(scon)?'r': - (SSL_version(scon))+'0', stdout ); + if (SSL_session_reused(scon)) + ver='r'; + else + { + ver=SSL_version(scon); + if (ver == TLS1_VERSION) + ver='t'; + else if (ver == SSL3_VERSION) + ver='3'; + else if (ver == SSL2_VERSION) + ver='2'; + else + ver='*'; + } + fputc(ver,stdout); fflush(stdout); } totalTime += tm_Time_F(STOP); /* Add the time for this iteration*/ @@ -595,8 +651,8 @@ SSL *scon; if ((conn=BIO_new(BIO_s_connect())) == NULL) return(NULL); -/* BIO_set_port(conn,port);*/ - BIO_set_hostname(conn,host); +/* BIO_set_conn_port(conn,port);*/ + BIO_set_conn_hostname(conn,host); if (scon == NULL) serverCon=(SSL *)SSL_new(tm_ctx); @@ -138,7 +138,7 @@ static void sc_usage() BIO_printf(bio_err," -tls1 - just use TLSv1\n"); BIO_printf(bio_err," -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n"); BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n"); - BIO_printf(bio_err," -cipher - prefered cipher to use, use the 'ssleay ciphers'\n"); + BIO_printf(bio_err," -cipher - prefered cipher to use, use the 'openssl ciphers'\n"); BIO_printf(bio_err," command to see what is available\n"); } diff --git a/apps/speed.c b/apps/speed.c index e0aff278f..1a1ae72c2 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -1,5 +1,5 @@ /* apps/speed.c */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * * This package is an SSL implementation written @@ -60,8 +60,8 @@ #undef SECONDS #define SECONDS 3 -#define RSA_SECONDS 10 -#define DSA_SECONDS 10 +#define RSA_SECONDS 10 +#define DSA_SECONDS 10 /* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */ /* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */ @@ -73,8 +73,9 @@ #include <stdlib.h> #include <signal.h> #include <string.h> +#include <math.h> #include "apps.h" -#ifdef WIN16 +#ifdef NO_STDIO #define APPS_WIN16 #endif #include "crypto.h" @@ -106,7 +107,8 @@ struct tms { #include <sys/timeb.h> #endif -#ifdef sun +#if defined(sun) || defined(__ultrix) +#define _POSIX_SOURCE #include <limits.h> #include <sys/param.h> #endif @@ -122,13 +124,21 @@ struct tms { #endif #ifndef NO_MD5 #include "md5.h" +#include "hmac.h" +#include "evp.h" #endif -#if !defined(NO_SHA) && !defined(NO_SHA1) +#ifndef NO_SHA1 #include "sha.h" #endif +#ifndef NO_RMD160 +#include "ripemd.h" +#endif #ifndef NO_RC4 #include "rc4.h" #endif +#ifndef NO_RC5 +#include "rc5.h" +#endif #ifndef NO_RC2 #include "rc2.h" #endif @@ -138,6 +148,9 @@ struct tms { #ifndef NO_BLOWFISH #include "blowfish.h" #endif +#ifndef NO_CAST +#include "cast.h" +#endif #ifndef NO_RSA #include "rsa.h" #endif @@ -165,7 +178,7 @@ struct tms { #endif #undef BUFSIZE -#define BUFSIZE ((long)1024*8) +#define BUFSIZE ((long)1024*8+1) int run=0; #ifndef NOPROTO @@ -248,13 +261,12 @@ char **argv; { unsigned char *buf=NULL,*buf2=NULL; int ret=1; -#define ALGOR_NUM 11 +#define ALGOR_NUM 14 #define SIZE_NUM 5 #define RSA_NUM 4 #define DSA_NUM 3 long count,rsa_count; int i,j,k,rsa_num,rsa_num2; - unsigned int kk; #ifndef NO_MD2 unsigned char md2[MD2_DIGEST_LENGTH]; #endif @@ -263,13 +275,20 @@ char **argv; #endif #ifndef NO_MD5 unsigned char md5[MD5_DIGEST_LENGTH]; + unsigned char hmac[MD5_DIGEST_LENGTH]; #endif -#if !defined(NO_SHA) || !defined(NO_SHA1) +#ifndef NO_SHA1 unsigned char sha[SHA_DIGEST_LENGTH]; #endif +#ifndef NO_RMD160 + unsigned char rmd160[RIPEMD160_DIGEST_LENGTH]; +#endif #ifndef NO_RC4 RC4_KEY rc4_ks; #endif +#ifndef NO_RC5 + RC5_32_KEY rc5_ks; +#endif #ifndef NO_RC2 RC2_KEY rc2_ks; #endif @@ -279,6 +298,9 @@ char **argv; #ifndef NO_BLOWFISH BF_KEY bf_ks; #endif +#ifndef NO_CAST + CAST_KEY cast_ks; +#endif static unsigned char key16[16]= {0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0, 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12}; @@ -292,21 +314,24 @@ char **argv; #define D_MD2 0 #define D_MDC2 1 #define D_MD5 2 -#define D_SHA 3 +#define D_HMAC 3 #define D_SHA1 4 -#define D_RC4 5 -#define D_CBC_DES 6 -#define D_EDE3_DES 7 -#define D_CBC_IDEA 8 -#define D_CBC_RC2 9 -#define D_CBC_BF 10 +#define D_RMD160 5 +#define D_RC4 6 +#define D_CBC_DES 7 +#define D_EDE3_DES 8 +#define D_CBC_IDEA 9 +#define D_CBC_RC2 10 +#define D_CBC_RC5 11 +#define D_CBC_BF 12 +#define D_CBC_CAST 13 double d,results[ALGOR_NUM][SIZE_NUM]; static int lengths[SIZE_NUM]={8,64,256,1024,8*1024}; long c[ALGOR_NUM][SIZE_NUM]; static char *names[ALGOR_NUM]={ - "md2","mdc2","md5","sha","sha1","rc4", + "md2","mdc2","md5","hmac(md5)","sha1","rmd160","rc4", "des cbc","des ede3","idea cbc", - "rc2 cbc","blowfish cbc"}; + "rc2 cbc","rc5-32/12 cbc","blowfish cbc","cast cbc"}; #define R_DSA_512 0 #define R_DSA_1024 1 #define R_DSA_2048 2 @@ -315,35 +340,41 @@ char **argv; #define R_RSA_2048 2 #define R_RSA_4096 3 RSA *rsa_key[RSA_NUM]; - DSA *dsa_key[DSA_NUM]; long rsa_c[RSA_NUM][2]; - long dsa_c[DSA_NUM][2]; #ifndef NO_RSA double rsa_results[RSA_NUM][2]; -#endif -#ifndef NO_DSA - double dsa_results[DSA_NUM][2]; -#endif static unsigned int rsa_bits[RSA_NUM]={512,1024,2048,4096}; - static unsigned int dsa_bits[DSA_NUM]={512,1024,2048}; static unsigned char *rsa_data[RSA_NUM]= {test512,test1024,test2048,test4096}; static int rsa_data_length[RSA_NUM]={ sizeof(test512),sizeof(test1024), sizeof(test2048),sizeof(test4096)}; - int doit[ALGOR_NUM]; +#endif +#ifndef NO_DSA + DSA *dsa_key[DSA_NUM]; + long dsa_c[DSA_NUM][2]; + double dsa_results[DSA_NUM][2]; + static unsigned int dsa_bits[DSA_NUM]={512,1024,2048}; +#endif int rsa_doit[RSA_NUM]; int dsa_doit[DSA_NUM]; + int doit[ALGOR_NUM]; int pr_header=0; apps_startup(); +#ifdef NO_DSA + memset(dsa_key,0,sizeof(dsa_key)); +#endif if (bio_err == NULL) if ((bio_err=BIO_new(BIO_s_file())) != NULL) - BIO_set_fp(bio_err,stderr,BIO_NOCLOSE); + BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); +#ifndef NO_RSA + memset(rsa_key,0,sizeof(rsa_key)); for (i=0; i<RSA_NUM; i++) rsa_key[i]=NULL; +#endif if ((buf=(unsigned char *)Malloc((int)BUFSIZE)) == NULL) { @@ -383,13 +414,23 @@ char **argv; if (strcmp(*argv,"md5") == 0) doit[D_MD5]=1; else #endif -#ifndef NO_SHA - if (strcmp(*argv,"sha") == 0) doit[D_SHA]=1; +#ifndef NO_MD5 + if (strcmp(*argv,"hmac") == 0) doit[D_HMAC]=1; else #endif #ifndef NO_SHA1 if (strcmp(*argv,"sha1") == 0) doit[D_SHA1]=1; else + if (strcmp(*argv,"sha") == 0) doit[D_SHA1]=1; + else +#endif +#ifndef NO_RMD160 + if (strcmp(*argv,"ripemd") == 0) doit[D_RMD160]=1; + else + if (strcmp(*argv,"rmd160") == 0) doit[D_RMD160]=1; + else + if (strcmp(*argv,"ripemd160") == 0) doit[D_RMD160]=1; + else #endif #ifndef NO_RC4 if (strcmp(*argv,"rc4") == 0) doit[D_RC4]=1; @@ -409,7 +450,7 @@ char **argv; } else #endif - if (strcmp(*argv,"ssleay") == 0) + if (strcmp(*argv,"openssl") == 0) { RSA_set_default_method(RSA_PKCS1_SSLeay()); j--; @@ -429,6 +470,11 @@ char **argv; else if (strcmp(*argv,"rc2") == 0) doit[D_CBC_RC2]=1; else #endif +#ifndef NO_RC5 + if (strcmp(*argv,"rc5-cbc") == 0) doit[D_CBC_RC5]=1; + else if (strcmp(*argv,"rc5") == 0) doit[D_CBC_RC5]=1; + else +#endif #ifndef NO_IDEA if (strcmp(*argv,"idea-cbc") == 0) doit[D_CBC_IDEA]=1; else if (strcmp(*argv,"idea") == 0) doit[D_CBC_IDEA]=1; @@ -437,6 +483,13 @@ char **argv; #ifndef NO_BLOWFISH if (strcmp(*argv,"bf-cbc") == 0) doit[D_CBC_BF]=1; else if (strcmp(*argv,"blowfish") == 0) doit[D_CBC_BF]=1; + else if (strcmp(*argv,"bf") == 0) doit[D_CBC_BF]=1; + else +#endif +#ifndef NO_CAST + if (strcmp(*argv,"cast-cbc") == 0) doit[D_CBC_CAST]=1; + else if (strcmp(*argv,"cast") == 0) doit[D_CBC_CAST]=1; + else if (strcmp(*argv,"cast5") == 0) doit[D_CBC_CAST]=1; else #endif #ifndef NO_DES @@ -467,17 +520,20 @@ char **argv; #endif { BIO_printf(bio_err,"bad value, pick one of\n"); - BIO_printf(bio_err,"md2 mdc2 md5 sha sha1\n"); + BIO_printf(bio_err,"md2 mdc2 md5 hmac sha1 rmd160\n"); #ifndef NO_IDEA BIO_printf(bio_err,"idea-cbc "); #endif #ifndef NO_RC2 BIO_printf(bio_err,"rc2-cbc "); #endif -#ifndef NO_RC2 +#ifndef NO_RC5 + BIO_printf(bio_err,"rc5-cbc "); +#endif +#ifndef NO_BLOWFISH BIO_printf(bio_err,"bf-cbc"); #endif -#if !defined(NO_IDEA) && !defined(NO_RC2) && !defined(NO_BLOWFISH) +#if !defined(NO_IDEA) && !defined(NO_RC2) && !defined(NO_BLOWFISH) && !defined(NO_RC5) BIO_printf(bio_err,"\n"); #endif BIO_printf(bio_err,"des-cbc des-ede3 "); @@ -527,6 +583,14 @@ char **argv; BIO_printf(bio_err,"internal error loading RSA key number %d\n",i); goto end; } +#if 0 + else + { + BIO_printf(bio_err,"Loaded RSA key, %d bit modulus and e= 0x",BN_num_bits(rsa_key[i]->n)); + BN_print(bio_err,rsa_key[i]->e); + BIO_printf(bio_err,"\n"); + } +#endif } #endif @@ -550,9 +614,15 @@ char **argv; #ifndef NO_RC2 RC2_set_key(&rc2_ks,16,key16,128); #endif +#ifndef NO_RC5 + RC5_32_set_key(&rc5_ks,16,key16,12); +#endif #ifndef NO_BLOWFISH BF_set_key(&bf_ks,16,key16); #endif +#ifndef NO_CAST + CAST_set_key(&cast_ks,16,key16); +#endif memset(rsa_c,0,sizeof(rsa_c)); #ifndef SIGALRM @@ -570,22 +640,26 @@ char **argv; c[D_MD2][0]=count/10; c[D_MDC2][0]=count/10; c[D_MD5][0]=count; - c[D_SHA][0]=count; + c[D_HMAC][0]=count; c[D_SHA1][0]=count; + c[D_RMD160][0]=count; c[D_RC4][0]=count*5; c[D_CBC_DES][0]=count; c[D_EDE3_DES][0]=count/3; c[D_CBC_IDEA][0]=count; c[D_CBC_RC2][0]=count; + c[D_CBC_RC5][0]=count; c[D_CBC_BF][0]=count; + c[D_CBC_CAST][0]=count; for (i=1; i<SIZE_NUM; i++) { c[D_MD2][i]=c[D_MD2][0]*4*lengths[0]/lengths[i]; c[D_MDC2][i]=c[D_MDC2][0]*4*lengths[0]/lengths[i]; c[D_MD5][i]=c[D_MD5][0]*4*lengths[0]/lengths[i]; - c[D_SHA][i]=c[D_SHA][0]*4*lengths[0]/lengths[i]; + c[D_HMAC][i]=c[D_HMAC][0]*4*lengths[0]/lengths[i]; c[D_SHA1][i]=c[D_SHA1][0]*4*lengths[0]/lengths[i]; + c[D_RMD160][i]=c[D_RMD160][0]*4*lengths[0]/lengths[i]; } for (i=1; i<SIZE_NUM; i++) { @@ -598,7 +672,9 @@ char **argv; c[D_EDE3_DES][i]=c[D_EDE3_DES][i-1]*l0/l1; c[D_CBC_IDEA][i]=c[D_CBC_IDEA][i-1]*l0/l1; c[D_CBC_RC2][i]=c[D_CBC_RC2][i-1]*l0/l1; + c[D_CBC_RC5][i]=c[D_CBC_RC5][i-1]*l0/l1; c[D_CBC_BF][i]=c[D_CBC_BF][i-1]*l0/l1; + c[D_CBC_CAST][i]=c[D_CBC_CAST][i-1]*l0/l1; } rsa_c[R_RSA_512][0]=count/2000; rsa_c[R_RSA_512][1]=count/400; @@ -610,7 +686,7 @@ char **argv; rsa_doit[i]=0; else { - if (rsa_c[i] == 0) + if (rsa_c[i][0] == 0) { rsa_c[i][0]=1; rsa_c[i][1]=20; @@ -636,7 +712,7 @@ char **argv; } } -#define COND(d) (count != (d)) +#define COND(d) (count < (d)) #define COUNT(d) (d) #else #define COND(c) (run) @@ -685,7 +761,7 @@ char **argv; print_message(names[D_MD5],c[D_MD5][j],lengths[j]); Time_F(START); for (count=0,run=1; COND(c[D_MD5][j]); count++) - MD5(buf,(unsigned long)lengths[j],&(md5[0])); + MD5(&(buf[0]),(unsigned long)lengths[j],&(md5[0])); d=Time_F(STOP); BIO_printf(bio_err,"%ld %s's in %.2fs\n", count,names[D_MD5],d); @@ -694,19 +770,27 @@ char **argv; } #endif -#ifndef NO_SHA - if (doit[D_SHA]) +#ifndef NO_MD5 + if (doit[D_HMAC]) { + HMAC_CTX hctx; + HMAC_Init(&hctx,(unsigned char *)"This is a key...", + 16,EVP_md5()); + for (j=0; j<SIZE_NUM; j++) { - print_message(names[D_SHA],c[D_SHA][j],lengths[j]); + print_message(names[D_HMAC],c[D_HMAC][j],lengths[j]); Time_F(START); - for (count=0,run=1; COND(c[D_SHA][j]); count++) - SHA(buf,(unsigned long)lengths[j],&(sha[0])); + for (count=0,run=1; COND(c[D_HMAC][j]); count++) + { + HMAC_Init(&hctx,NULL,0,NULL); + HMAC_Update(&hctx,buf,lengths[j]); + HMAC_Final(&hctx,&(hmac[0]),NULL); + } d=Time_F(STOP); BIO_printf(bio_err,"%ld %s's in %.2fs\n", - count,names[D_SHA],d); - results[D_SHA][j]=((double)count)/d*lengths[j]; + count,names[D_HMAC],d); + results[D_HMAC][j]=((double)count)/d*lengths[j]; } } #endif @@ -726,6 +810,22 @@ char **argv; } } #endif +#ifndef NO_RMD160 + if (doit[D_RMD160]) + { + for (j=0; j<SIZE_NUM; j++) + { + print_message(names[D_RMD160],c[D_RMD160][j],lengths[j]); + Time_F(START); + for (count=0,run=1; COND(c[D_RMD160][j]); count++) + RIPEMD160(buf,(unsigned long)lengths[j],&(rmd160[0])); + d=Time_F(STOP); + BIO_printf(bio_err,"%ld %s's in %.2fs\n", + count,names[D_RMD160],d); + results[D_RMD160][j]=((double)count)/d*lengths[j]; + } + } +#endif #ifndef NO_RC4 if (doit[D_RC4]) { @@ -816,6 +916,24 @@ char **argv; } } #endif +#ifndef NO_RC5 + if (doit[D_CBC_RC5]) + { + for (j=0; j<SIZE_NUM; j++) + { + print_message(names[D_CBC_RC5],c[D_CBC_RC5][j],lengths[j]); + Time_F(START); + for (count=0,run=1; COND(c[D_CBC_RC5][j]); count++) + RC5_32_cbc_encrypt(buf,buf, + (unsigned long)lengths[j],&rc5_ks, + (unsigned char *)&(iv[0]),RC5_ENCRYPT); + d=Time_F(STOP); + BIO_printf(bio_err,"%ld %s's in %.2fs\n", + count,names[D_CBC_RC5],d); + results[D_CBC_RC5][j]=((double)count)/d*lengths[j]; + } + } +#endif #ifndef NO_BLOWFISH if (doit[D_CBC_BF]) { @@ -834,14 +952,35 @@ char **argv; } } #endif +#ifndef NO_CAST + if (doit[D_CBC_CAST]) + { + for (j=0; j<SIZE_NUM; j++) + { + print_message(names[D_CBC_CAST],c[D_CBC_CAST][j],lengths[j]); + Time_F(START); + for (count=0,run=1; COND(c[D_CBC_CAST][j]); count++) + CAST_cbc_encrypt(buf,buf, + (unsigned long)lengths[j],&cast_ks, + (unsigned char *)&(iv[0]),CAST_ENCRYPT); + d=Time_F(STOP); + BIO_printf(bio_err,"%ld %s's in %.2fs\n", + count,names[D_CBC_CAST],d); + results[D_CBC_CAST][j]=((double)count)/d*lengths[j]; + } + } +#endif RAND_bytes(buf,30); #ifndef NO_RSA for (j=0; j<RSA_NUM; j++) { if (!rsa_doit[j]) continue; + rsa_num=RSA_private_encrypt(30,buf,buf2,rsa_key[j], + RSA_PKCS1_PADDING); pkey_print_message("private","rsa",rsa_c[j][0],rsa_bits[j], RSA_SECONDS); +/* RSA_blinding_on(rsa_key[j],NULL); */ Time_F(START); for (count=0,run=1; COND(rsa_c[j][0]); count++) { @@ -861,6 +1000,9 @@ char **argv; rsa_results[j][0]=d/(double)count; rsa_count=count; +#if 1 + rsa_num2=RSA_public_decrypt(rsa_num,buf2,buf,rsa_key[j], + RSA_PKCS1_PADDING); pkey_print_message("public","rsa",rsa_c[j][1],rsa_bits[j], RSA_SECONDS); Time_F(START); @@ -880,6 +1022,7 @@ char **argv; BIO_printf(bio_err,"%ld %d bit public RSA's in %.2fs\n", count,rsa_bits[j],d); rsa_results[j][1]=d/(double)count; +#endif if (rsa_count <= 1) { @@ -894,9 +1037,13 @@ char **argv; #ifndef NO_DSA for (j=0; j<DSA_NUM; j++) { + unsigned int kk; + if (!dsa_doit[j]) continue; DSA_generate_key(dsa_key[j]); /* DSA_sign_setup(dsa_key[j],NULL); */ + rsa_num=DSA_sign(EVP_PKEY_DSA,buf,20,buf2, + &kk,dsa_key[j]); pkey_print_message("sign","dsa",dsa_c[j][0],dsa_bits[j], DSA_SECONDS); Time_F(START); @@ -918,6 +1065,8 @@ char **argv; dsa_results[j][0]=d/(double)count; rsa_count=count; + rsa_num2=DSA_verify(EVP_PKEY_DSA,buf,20,buf2, + kk,dsa_key[j]); pkey_print_message("verify","dsa",dsa_c[j][1],dsa_bits[j], DSA_SECONDS); Time_F(START); @@ -966,7 +1115,7 @@ char **argv; #ifndef NO_BLOWFISH printf("%s ",BF_options()); #endif - fprintf(stdout,"%s\n",SSLeay_version(SSLEAY_CFLAGS)); + fprintf(stdout,"\n%s\n",SSLeay_version(SSLEAY_CFLAGS)); if (pr_header) { @@ -980,7 +1129,7 @@ char **argv; for (k=0; k<ALGOR_NUM; k++) { if (!doit[k]) continue; - fprintf(stdout,"%-12s",names[k]); + fprintf(stdout,"%-13s",names[k]); for (j=0; j<SIZE_NUM; j++) { if (results[k][j] > 10000) @@ -995,9 +1144,14 @@ char **argv; for (k=0; k<RSA_NUM; k++) { if (!rsa_doit[k]) continue; - if (j) { printf("%18ssign verify\n"," "); j=0; } - fprintf(stdout,"rsa %4d bits %8.4fs %8.4fs", - rsa_bits[k],rsa_results[k][0],rsa_results[k][1]); + if (j) + { + printf("%18ssign verify sign/s verify/s\n"," "); + j=0; + } + fprintf(stdout,"rsa %4d bits %8.4fs %8.4fs %8.1f %8.1f", + rsa_bits[k],rsa_results[k][0],rsa_results[k][1], + 1.0/rsa_results[k][0],1.0/rsa_results[k][1]); fprintf(stdout,"\n"); } #endif @@ -1006,9 +1160,13 @@ char **argv; for (k=0; k<DSA_NUM; k++) { if (!dsa_doit[k]) continue; - if (j) { printf("%18ssign verify\n"," "); j=0; } - fprintf(stdout,"dsa %4d bits %8.4fs %8.4fs", - dsa_bits[k],dsa_results[k][0],dsa_results[k][1]); + if (j) { + printf("%18ssign verify sign/s verify/s\n"," "); + j=0; + } + fprintf(stdout,"dsa %4d bits %8.4fs %8.4fs %8.1f %8.1f", + dsa_bits[k],dsa_results[k][0],dsa_results[k][1], + 1.0/dsa_results[k][0],1.0/dsa_results[k][1]); fprintf(stdout,"\n"); } #endif @@ -1066,3 +1224,4 @@ int tm; num=num; #endif } + |