1=pod 2{- OpenSSL::safe::output_do_not_edit_headers(); -} 3 4=head1 NAME 5 6openssl-speed - test library performance 7 8=head1 SYNOPSIS 9 10B<openssl speed> 11[B<-help>] 12[B<-config> I<filename>] 13[B<-elapsed>] 14[B<-evp> I<algo>] 15[B<-hmac> I<algo>] 16[B<-cmac> I<algo>] 17[B<-mb>] 18[B<-aead>] 19[B<-multi> I<num>] 20[B<-async_jobs> I<num>] 21[B<-misalign> I<num>] 22[B<-decrypt>] 23[B<-primes> I<num>] 24[B<-seconds> I<num>] 25[B<-bytes> I<num>] 26[B<-mr>] 27{- $OpenSSL::safe::opt_r_synopsis -} 28{- $OpenSSL::safe::opt_engine_synopsis -}{- $OpenSSL::safe::opt_provider_synopsis -} 29[I<algorithm> ...] 30 31=head1 DESCRIPTION 32 33This command is used to test the performance of cryptographic algorithms. 34 35=head1 OPTIONS 36 37=over 4 38 39=item B<-help> 40 41Print out a usage message. 42 43=item B<-config> I<filename> 44 45Specifies the configuration file to use. 46Optional; for a description of the default value, 47see L<openssl(1)/COMMAND SUMMARY>. 48 49=item B<-elapsed> 50 51When calculating operations- or bytes-per-second, use wall-clock time 52instead of CPU user time as divisor. It can be useful when testing speed 53of hardware engines. 54 55=item B<-evp> I<algo> 56 57Use the specified cipher or message digest algorithm via the EVP interface. 58If I<algo> is an AEAD cipher, then you can pass B<-aead> to benchmark a 59TLS-like sequence. And if I<algo> is a multi-buffer capable cipher, e.g. 60aes-128-cbc-hmac-sha1, then B<-mb> will time multi-buffer operation. 61 62To see the algorithms supported with this option, use 63C<openssl list -digest-algorithms> or C<openssl list -cipher-algorithms> 64command. 65 66=item B<-multi> I<num> 67 68Run multiple operations in parallel. 69 70=item B<-async_jobs> I<num> 71 72Enable async mode and start specified number of jobs. 73 74=item B<-misalign> I<num> 75 76Misalign the buffers by the specified number of bytes. 77 78=item B<-hmac> I<digest> 79 80Time the HMAC algorithm using the specified message digest. 81 82=item B<-cmac> I<cipher> 83 84Time the CMAC algorithm using the specified cipher e.g. 85C<openssl speed -cmac aes128>. 86 87=item B<-decrypt> 88 89Time the decryption instead of encryption. Affects only the EVP testing. 90 91=item B<-mb> 92 93Enable multi-block mode on EVP-named cipher. 94 95=item B<-aead> 96 97Benchmark EVP-named AEAD cipher in TLS-like sequence. 98 99=item B<-primes> I<num> 100 101Generate a I<num>-prime RSA key and use it to run the benchmarks. This option 102is only effective if RSA algorithm is specified to test. 103 104=item B<-seconds> I<num> 105 106Run benchmarks for I<num> seconds. 107 108=item B<-bytes> I<num> 109 110Run benchmarks on I<num>-byte buffers. Affects ciphers, digests and the CSPRNG. 111The limit on the size of the buffer is INT_MAX - 64 bytes, which for a 32-bit 112int would be 2147483583 bytes. 113 114=item B<-mr> 115 116Produce the summary in a mechanical, machine-readable, format. 117 118{- $OpenSSL::safe::opt_r_item -} 119 120{- $OpenSSL::safe::opt_engine_item -} 121 122{- $OpenSSL::safe::opt_provider_item -} 123 124=item I<algorithm> ... 125 126If any I<algorithm> is given, then those algorithms are tested, otherwise a 127pre-compiled grand selection is tested. 128 129=back 130 131=head1 BUGS 132 133The I<algorithm> can be selected only from a pre-compiled subset of things 134that the C<openssl speed> command knows about. To test any additional digest 135or cipher algorithm supported by OpenSSL use the C<-evp> option. 136 137There is no way to test the speed of any additional public key algorithms 138supported by third party providers with the C<openssl speed> command. 139 140=head1 HISTORY 141 142The B<-engine> option was deprecated in OpenSSL 3.0. 143 144=head1 COPYRIGHT 145 146Copyright 2000-2022 The OpenSSL Project Authors. All Rights Reserved. 147 148Licensed under the Apache License 2.0 (the "License"). You may not use 149this file except in compliance with the License. You can obtain a copy 150in the file LICENSE in the source distribution or at 151L<https://www.openssl.org/source/license.html>. 152 153=cut 154