From 035897b9042d64e74b565d4e6471735593321d81 Mon Sep 17 00:00:00 2001
From: perubeanie <leonardo.perugini1@gmail.com>
Date: Wed, 28 Feb 2024 10:58:00 +0100
Subject: [PATCH] Add time functions to measure internal functions

---
 ssl/statem/statem_lib.c  | 16 ++++++++++++++++
 ssl/statem/statem_srvr.c | 32 ++++++++++++++++++++++++++++++--
 2 files changed, 46 insertions(+), 2 deletions(-)

diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index c126c26e9a202..1f306a0a91739 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -331,6 +331,9 @@ CON_FUNC_RETURN tls_construct_cert_verify(SSL_CONNECTION *s, WPACKET *pkt)
     const SIGALG_LOOKUP *lu = s->s3.tmp.sigalg;
     SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s);
 
+    struct timeval tv1, tv2;
+	gettimeofday(&tv1, NULL);
+
         if (lu == NULL ||
 #ifndef OPENSSL_NO_VCAUTHTLS 
             (
@@ -448,6 +451,11 @@ CON_FUNC_RETURN tls_construct_cert_verify(SSL_CONNECTION *s, WPACKET *pkt)
         goto err;
     }
 
+    gettimeofday(&tv2, NULL);
+    printf ("Total time construct certificate verify = %f seconds\n\n",
+                         (double) (tv2.tv_usec - tv1.tv_usec) / 1000000 +
+                         (double) (tv2.tv_sec - tv1.tv_sec));
+
     OPENSSL_free(sig);
     EVP_MD_CTX_free(mctx);
     return CON_FUNC_SUCCESS;
@@ -475,6 +483,9 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL_CONNECTION *s, PACKET *pkt)
     EVP_PKEY_CTX *pctx = NULL;
     SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s);
 
+    struct timeval tv1, tv2;
+	gettimeofday(&tv1, NULL);
+
     if (mctx == NULL) {
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
         goto err;
@@ -604,6 +615,11 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL_CONNECTION *s, PACKET *pkt)
             goto err;
         }
     }
+    gettimeofday(&tv2, NULL);
+
+    printf ("Total time process certificate verify = %f seconds\n\n",
+                         (double) (tv2.tv_usec - tv1.tv_usec) / 1000000 +
+                         (double) (tv2.tv_sec - tv1.tv_sec));
 
     /*
      * In TLSv1.3 on the client side we make sure we prepare the client
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index 165c907559e3d..006eb8476b5e6 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -3731,8 +3731,17 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL_CONNECTION *s,
         s->rlayer.rrlmethod->set_plain_alerts(s->rlayer.rrl, 0);
 
 #ifndef OPENSSL_NO_VCAUTHTLS
-    if(s->ext.client_cert_type == TLSEXT_cert_type_vc)
-        return tls_process_client_vc(s, pkt);
+    if(s->ext.client_cert_type == TLSEXT_cert_type_vc) {
+        struct timeval tv1, tv2;
+        int a;
+	    gettimeofday(&tv1, NULL);
+        a = tls_process_client_vc(s, pkt);
+        gettimeofday(&tv2, NULL);
+        printf ("Total time process client vc = %f seconds\n\n",
+                         (double) (tv2.tv_usec - tv1.tv_usec) / 1000000 +
+                         (double) (tv2.tv_sec - tv1.tv_sec));
+        return a;
+    }
 #endif
 
     if (s->ext.client_cert_type == TLSEXT_cert_type_rpk)
@@ -3744,6 +3753,9 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL_CONNECTION *s,
         goto err;
     }
 
+    struct timeval tv1, tv2;
+	gettimeofday(&tv1, NULL);
+
     if ((sk = sk_X509_new_null()) == NULL) {
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB);
         goto err;
@@ -3908,6 +3920,11 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL_CONNECTION *s,
 
     ret = MSG_PROCESS_CONTINUE_READING;
 
+    gettimeofday(&tv2, NULL);
+    printf ("Total time process client certificate = %f seconds\n\n",
+                         (double) (tv2.tv_usec - tv1.tv_usec) / 1000000 +
+                         (double) (tv2.tv_sec - tv1.tv_sec));
+
  err:
     X509_free(x);
     OSSL_STACK_OF_X509_free(sk);
@@ -3953,13 +3970,19 @@ CON_FUNC_RETURN tls_construct_server_certificate(SSL_CONNECTION *s, WPACKET *pkt
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
         return CON_FUNC_ERROR;
     }
+    struct timeval tv1, tv2;
     switch (s->ext.server_cert_type) {
 #ifndef OPENSSL_NO_VCAUTHTLS 
     case TLSEXT_cert_type_vc:
+	    gettimeofday(&tv1, NULL);
         if (!tls_output_vc(s, pkt, vcpk)) {
             /* SSLfatal() already called */
             return 0;
         }
+        gettimeofday(&tv2, NULL);
+        printf ("Total time construct server vc = %f seconds\n\n",
+                             (double) (tv2.tv_usec - tv1.tv_usec) / 1000000 +
+                             (double) (tv2.tv_sec - tv1.tv_sec));
         break;
 #endif
     case TLSEXT_cert_type_rpk:
@@ -3969,10 +3992,15 @@ CON_FUNC_RETURN tls_construct_server_certificate(SSL_CONNECTION *s, WPACKET *pkt
         }
         break;
     case TLSEXT_cert_type_x509:
+	    gettimeofday(&tv1, NULL);
         if (!ssl3_output_cert_chain(s, pkt, cpk, 0)) {
             /* SSLfatal() already called */
             return 0;
         }
+        gettimeofday(&tv2, NULL);
+        printf ("Total time construct server cert = %f seconds\n\n",
+                             (double) (tv2.tv_usec - tv1.tv_usec) / 1000000 +
+                             (double) (tv2.tv_sec - tv1.tv_sec));
         break;
     default:
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);