engine's performance (what's wrong?)

Tue, 28 Jan 2003 09:17:53 -0800 

hi again,

as i said yesterday i'm doing some tests with cryptographic hardware (in
my case nCipher's).

now that i have loaded the engine, i'm getting real strange results. the
same test with hardware enabled is much slower than the software version.

it is really weird, because the "openssl speed -engine chil" command
seems to be as fast as desired.

do i have to set something else? is there any documentation on the net?
am i getting more dummy everyday?

thanks in adavace.

regards,

aleix

here is the code (enable hardware passing 'enable' as first parameter:

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>
#include <openssl/evp.h>
#include <openssl/objects.h>
#include <openssl/engine.h>

ENGINE*
setup(char const* engine)
{
    ENGINE* e = NULL;
    if ((e = ENGINE_by_id(engine)) == NULL)
    {
        return NULL;
    }

    // if engine was not found try to load the shared library
    if (e == NULL)
    {
        e = ENGINE_by_id("dynamic");
        if ((e == NULL)
            || !ENGINE_ctrl_cmd_string(e, "SO_PATH", engine, 0)
            || !ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0))
        {
            ENGINE_free(e);
            e = NULL;
        }
    }

    return e;
}

ENGINE*
load(char const* engine)
{
    ENGINE* e = setup(engine);

    if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
    {
        ENGINE_free(e);
        return NULL;
    }

    ENGINE_free(e);
    return e;
}

int
main(int argc, char** argv)
{
    time_t t_start;
    time_t t_end;
    RSA* k;
    ENGINE* e = NULL;
    unsigned int i;
    unsigned char* buf;
    unsigned char* buf2;
    unsigned int rsa_num;

    CRYPTO_malloc_init();
    ERR_load_crypto_strings();
    OpenSSL_add_all_algorithms();

    if ((argc > 1) && strcmp(argv[1], "enable") == 0)
    {
        ENGINE_load_builtin_engines();

        e = load("chil");
    }
    if (e == NULL)
    {
        printf("Hardware disabled.\n");
    }
    else
    {
        printf("Hardware enabled.\n");
    }

    k = RSA_generate_key(1024, 65537, NULL, NULL);

    buf = (unsigned char*) malloc(5000);
    buf2 = (unsigned char*) malloc(5000);

    t_start = time(NULL);
    for (i = 0; i < 1500; i++)
    {
        RSA_sign(NID_md5_sha1, buf, 36, buf2, &rsa_num, k);
    }
    t_end = time(NULL);

    printf("Total time: %d sec.\n", t_end - t_start);

    EVP_cleanup();
    ENGINE_cleanup();
    CRYPTO_cleanup_all_ex_data();
    ERR_remove_state(0);
    ERR_free_strings();
}

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to