From: Ingo Franzki <ifranzki@linux.ibm.com>
Date: Wed, 22 May 2024 14:15:34 +0000 (+0200)
Subject: speed: Fix regression of measuring shake with -evp
X-Git-Tag: openssl-3.4.0-alpha1~522
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=184d29dbabbb6c7a5cc829d3ac4b966f781d2b2e;p=thirdparty%2Fopenssl.git

speed: Fix regression of measuring shake with -evp

After commit b911fef216d1386210ec24e201d54d709528abb4 speed with shake128 or
shake256 does not run anymore:

  # openssl speed -seconds 1 -evp shake128 -bytes 256
  Doing shake128 ops for 1s on 256 size blocks: shake128 error!
  000003FF9B7F2080:error:1C8000A6:Provider routines:keccak_final:invalid digest
                     length:providers/implementations/digests/sha3_prov.c:117:
  version: 3.4.0-dev
  ...
  type            256 bytes
  shake128             0.00

Function EVP_Digest_loop() must use EVP_DigestInit_ex2(), EVP_DigestUpdate(),
and EVP_DigestFinalXOF() in case of shake instead of just EVP_Digest() to get
around this.

Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24462)
---

diff --git a/apps/speed.c b/apps/speed.c
index a119a52fde9..1fd7eb26b62 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -613,17 +613,37 @@ static int EVP_Digest_loop(const char *mdname, ossl_unused int algindex, void *a
     unsigned char digest[EVP_MAX_MD_SIZE];
     int count;
     EVP_MD *md = NULL;
+    EVP_MD_CTX *ctx = NULL;
 
     if (!opt_md_silent(mdname, &md))
         return -1;
-    for (count = 0; COND(c[algindex][testnum]); count++) {
-        if (!EVP_Digest(buf, (size_t)lengths[testnum], digest, NULL, md,
-                        NULL)) {
+    if (EVP_MD_get_flags(md) & EVP_MD_FLAG_XOF) {
+        ctx = EVP_MD_CTX_new();
+        if (ctx == NULL) {
             count = -1;
-            break;
+            goto out;
+        }
+
+        for (count = 0; COND(c[algindex][testnum]); count++) {
+             if (!EVP_DigestInit_ex2(ctx, md, NULL)
+                 || !EVP_DigestUpdate(ctx, buf, (size_t)lengths[testnum])
+                 || !EVP_DigestFinalXOF(ctx, digest, sizeof(digest))) {
+                count = -1;
+                break;
+            }
+        }
+    } else {
+        for (count = 0; COND(c[algindex][testnum]); count++) {
+            if (!EVP_Digest(buf, (size_t)lengths[testnum], digest, NULL, md,
+                            NULL)) {
+                count = -1;
+                break;
+            }
         }
     }
+out:
     EVP_MD_free(md);
+    EVP_MD_CTX_free(ctx);
     return count;
 }