xref: /freebsd/crypto/openssl/apps/speed.c (revision 52c2bb75163559a6e2866ad374a7de67a4ea1273)
1 /*
2  * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
3  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
4  *
5  * Licensed under the OpenSSL license (the "License").  You may not use
6  * this file except in compliance with the License.  You can obtain a copy
7  * in the file LICENSE in the source distribution or at
8  * https://www.openssl.org/source/license.html
9  */
10 
11 #undef SECONDS
12 #define SECONDS                 3
13 #define RSA_SECONDS             10
14 #define DSA_SECONDS             10
15 #define ECDSA_SECONDS   10
16 #define ECDH_SECONDS    10
17 #define EdDSA_SECONDS   10
18 
19 #include <stdio.h>
20 #include <stdlib.h>
21 #include <string.h>
22 #include <math.h>
23 #include "apps.h"
24 #include "progs.h"
25 #include <openssl/crypto.h>
26 #include <openssl/rand.h>
27 #include <openssl/err.h>
28 #include <openssl/evp.h>
29 #include <openssl/objects.h>
30 #include <openssl/async.h>
31 #if !defined(OPENSSL_SYS_MSDOS)
32 # include OPENSSL_UNISTD
33 #endif
34 
35 #if defined(_WIN32)
36 # include <windows.h>
37 #endif
38 
39 #include <openssl/bn.h>
40 #ifndef OPENSSL_NO_DES
41 # include <openssl/des.h>
42 #endif
43 #include <openssl/aes.h>
44 #ifndef OPENSSL_NO_CAMELLIA
45 # include <openssl/camellia.h>
46 #endif
47 #ifndef OPENSSL_NO_MD2
48 # include <openssl/md2.h>
49 #endif
50 #ifndef OPENSSL_NO_MDC2
51 # include <openssl/mdc2.h>
52 #endif
53 #ifndef OPENSSL_NO_MD4
54 # include <openssl/md4.h>
55 #endif
56 #ifndef OPENSSL_NO_MD5
57 # include <openssl/md5.h>
58 #endif
59 #include <openssl/hmac.h>
60 #include <openssl/sha.h>
61 #ifndef OPENSSL_NO_RMD160
62 # include <openssl/ripemd.h>
63 #endif
64 #ifndef OPENSSL_NO_WHIRLPOOL
65 # include <openssl/whrlpool.h>
66 #endif
67 #ifndef OPENSSL_NO_RC4
68 # include <openssl/rc4.h>
69 #endif
70 #ifndef OPENSSL_NO_RC5
71 # include <openssl/rc5.h>
72 #endif
73 #ifndef OPENSSL_NO_RC2
74 # include <openssl/rc2.h>
75 #endif
76 #ifndef OPENSSL_NO_IDEA
77 # include <openssl/idea.h>
78 #endif
79 #ifndef OPENSSL_NO_SEED
80 # include <openssl/seed.h>
81 #endif
82 #ifndef OPENSSL_NO_BF
83 # include <openssl/blowfish.h>
84 #endif
85 #ifndef OPENSSL_NO_CAST
86 # include <openssl/cast.h>
87 #endif
88 #ifndef OPENSSL_NO_RSA
89 # include <openssl/rsa.h>
90 # include "./testrsa.h"
91 #endif
92 #include <openssl/x509.h>
93 #ifndef OPENSSL_NO_DSA
94 # include <openssl/dsa.h>
95 # include "./testdsa.h"
96 #endif
97 #ifndef OPENSSL_NO_EC
98 # include <openssl/ec.h>
99 #endif
100 #include <openssl/modes.h>
101 
102 #ifndef HAVE_FORK
103 # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS)
104 #  define HAVE_FORK 0
105 # else
106 #  define HAVE_FORK 1
107 # endif
108 #endif
109 
110 #if HAVE_FORK
111 # undef NO_FORK
112 #else
113 # define NO_FORK
114 #endif
115 
116 #define MAX_MISALIGNMENT 63
117 #define MAX_ECDH_SIZE   256
118 #define MISALIGN        64
119 
120 typedef struct openssl_speed_sec_st {
121     int sym;
122     int rsa;
123     int dsa;
124     int ecdsa;
125     int ecdh;
126     int eddsa;
127 } openssl_speed_sec_t;
128 
129 static volatile int run = 0;
130 
131 static int mr = 0;
132 static int usertime = 1;
133 
134 #ifndef OPENSSL_NO_MD2
135 static int EVP_Digest_MD2_loop(void *args);
136 #endif
137 
138 #ifndef OPENSSL_NO_MDC2
139 static int EVP_Digest_MDC2_loop(void *args);
140 #endif
141 #ifndef OPENSSL_NO_MD4
142 static int EVP_Digest_MD4_loop(void *args);
143 #endif
144 #ifndef OPENSSL_NO_MD5
145 static int MD5_loop(void *args);
146 static int HMAC_loop(void *args);
147 #endif
148 static int SHA1_loop(void *args);
149 static int SHA256_loop(void *args);
150 static int SHA512_loop(void *args);
151 #ifndef OPENSSL_NO_WHIRLPOOL
152 static int WHIRLPOOL_loop(void *args);
153 #endif
154 #ifndef OPENSSL_NO_RMD160
155 static int EVP_Digest_RMD160_loop(void *args);
156 #endif
157 #ifndef OPENSSL_NO_RC4
158 static int RC4_loop(void *args);
159 #endif
160 #ifndef OPENSSL_NO_DES
161 static int DES_ncbc_encrypt_loop(void *args);
162 static int DES_ede3_cbc_encrypt_loop(void *args);
163 #endif
164 static int AES_cbc_128_encrypt_loop(void *args);
165 static int AES_cbc_192_encrypt_loop(void *args);
166 static int AES_ige_128_encrypt_loop(void *args);
167 static int AES_cbc_256_encrypt_loop(void *args);
168 static int AES_ige_192_encrypt_loop(void *args);
169 static int AES_ige_256_encrypt_loop(void *args);
170 static int CRYPTO_gcm128_aad_loop(void *args);
171 static int RAND_bytes_loop(void *args);
172 static int EVP_Update_loop(void *args);
173 static int EVP_Update_loop_ccm(void *args);
174 static int EVP_Update_loop_aead(void *args);
175 static int EVP_Digest_loop(void *args);
176 #ifndef OPENSSL_NO_RSA
177 static int RSA_sign_loop(void *args);
178 static int RSA_verify_loop(void *args);
179 #endif
180 #ifndef OPENSSL_NO_DSA
181 static int DSA_sign_loop(void *args);
182 static int DSA_verify_loop(void *args);
183 #endif
184 #ifndef OPENSSL_NO_EC
185 static int ECDSA_sign_loop(void *args);
186 static int ECDSA_verify_loop(void *args);
187 static int EdDSA_sign_loop(void *args);
188 static int EdDSA_verify_loop(void *args);
189 #endif
190 
191 static double Time_F(int s);
192 static void print_message(const char *s, long num, int length, int tm);
193 static void pkey_print_message(const char *str, const char *str2,
194                                long num, unsigned int bits, int sec);
195 static void print_result(int alg, int run_no, int count, double time_used);
196 #ifndef NO_FORK
197 static int do_multi(int multi, int size_num);
198 #endif
199 
200 static const int lengths_list[] = {
201     16, 64, 256, 1024, 8 * 1024, 16 * 1024
202 };
203 static const int *lengths = lengths_list;
204 
205 static const int aead_lengths_list[] = {
206     2, 31, 136, 1024, 8 * 1024, 16 * 1024
207 };
208 
209 #define START   0
210 #define STOP    1
211 
212 #ifdef SIGALRM
213 
214 static void alarmed(int sig)
215 {
216     signal(SIGALRM, alarmed);
217     run = 0;
218 }
219 
220 static double Time_F(int s)
221 {
222     double ret = app_tminterval(s, usertime);
223     if (s == STOP)
224         alarm(0);
225     return ret;
226 }
227 
228 #elif defined(_WIN32)
229 
230 # define SIGALRM -1
231 
232 static unsigned int lapse;
233 static volatile unsigned int schlock;
234 static void alarm_win32(unsigned int secs)
235 {
236     lapse = secs * 1000;
237 }
238 
239 # define alarm alarm_win32
240 
241 static DWORD WINAPI sleepy(VOID * arg)
242 {
243     schlock = 1;
244     Sleep(lapse);
245     run = 0;
246     return 0;
247 }
248 
249 static double Time_F(int s)
250 {
251     double ret;
252     static HANDLE thr;
253 
254     if (s == START) {
255         schlock = 0;
256         thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
257         if (thr == NULL) {
258             DWORD err = GetLastError();
259             BIO_printf(bio_err, "unable to CreateThread (%lu)", err);
260             ExitProcess(err);
261         }
262         while (!schlock)
263             Sleep(0);           /* scheduler spinlock */
264         ret = app_tminterval(s, usertime);
265     } else {
266         ret = app_tminterval(s, usertime);
267         if (run)
268             TerminateThread(thr, 0);
269         CloseHandle(thr);
270     }
271 
272     return ret;
273 }
274 #else
275 static double Time_F(int s)
276 {
277     return app_tminterval(s, usertime);
278 }
279 #endif
280 
281 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
282                              const openssl_speed_sec_t *seconds);
283 
284 #define found(value, pairs, result)\
285     opt_found(value, result, pairs, OSSL_NELEM(pairs))
286 static int opt_found(const char *name, unsigned int *result,
287                      const OPT_PAIR pairs[], unsigned int nbelem)
288 {
289     unsigned int idx;
290 
291     for (idx = 0; idx < nbelem; ++idx, pairs++)
292         if (strcmp(name, pairs->name) == 0) {
293             *result = pairs->retval;
294             return 1;
295         }
296     return 0;
297 }
298 
299 typedef enum OPTION_choice {
300     OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
301     OPT_ELAPSED, OPT_EVP, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
302     OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM,
303     OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD
304 } OPTION_CHOICE;
305 
306 const OPTIONS speed_options[] = {
307     {OPT_HELP_STR, 1, '-', "Usage: %s [options] ciphers...\n"},
308     {OPT_HELP_STR, 1, '-', "Valid options are:\n"},
309     {"help", OPT_HELP, '-', "Display this summary"},
310     {"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"},
311     {"decrypt", OPT_DECRYPT, '-',
312      "Time decryption instead of encryption (only EVP)"},
313     {"aead", OPT_AEAD, '-',
314      "Benchmark EVP-named AEAD cipher in TLS-like sequence"},
315     {"mb", OPT_MB, '-',
316      "Enable (tls1>=1) multi-block mode on EVP-named cipher"},
317     {"mr", OPT_MR, '-', "Produce machine readable output"},
318 #ifndef NO_FORK
319     {"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"},
320 #endif
321 #ifndef OPENSSL_NO_ASYNC
322     {"async_jobs", OPT_ASYNCJOBS, 'p',
323      "Enable async mode and start specified number of jobs"},
324 #endif
325     OPT_R_OPTIONS,
326 #ifndef OPENSSL_NO_ENGINE
327     {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
328 #endif
329     {"elapsed", OPT_ELAPSED, '-',
330      "Use wall-clock time instead of CPU user time as divisor"},
331     {"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"},
332     {"seconds", OPT_SECONDS, 'p',
333      "Run benchmarks for specified amount of seconds"},
334     {"bytes", OPT_BYTES, 'p',
335      "Run [non-PKI] benchmarks on custom-sized buffer"},
336     {"misalign", OPT_MISALIGN, 'p',
337      "Use specified offset to mis-align buffers"},
338     {NULL}
339 };
340 
341 #define D_MD2           0
342 #define D_MDC2          1
343 #define D_MD4           2
344 #define D_MD5           3
345 #define D_HMAC          4
346 #define D_SHA1          5
347 #define D_RMD160        6
348 #define D_RC4           7
349 #define D_CBC_DES       8
350 #define D_EDE3_DES      9
351 #define D_CBC_IDEA      10
352 #define D_CBC_SEED      11
353 #define D_CBC_RC2       12
354 #define D_CBC_RC5       13
355 #define D_CBC_BF        14
356 #define D_CBC_CAST      15
357 #define D_CBC_128_AES   16
358 #define D_CBC_192_AES   17
359 #define D_CBC_256_AES   18
360 #define D_CBC_128_CML   19
361 #define D_CBC_192_CML   20
362 #define D_CBC_256_CML   21
363 #define D_EVP           22
364 #define D_SHA256        23
365 #define D_SHA512        24
366 #define D_WHIRLPOOL     25
367 #define D_IGE_128_AES   26
368 #define D_IGE_192_AES   27
369 #define D_IGE_256_AES   28
370 #define D_GHASH         29
371 #define D_RAND          30
372 /* name of algorithms to test */
373 static const char *names[] = {
374     "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
375     "des cbc", "des ede3", "idea cbc", "seed cbc",
376     "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
377     "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
378     "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
379     "evp", "sha256", "sha512", "whirlpool",
380     "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
381     "rand"
382 };
383 #define ALGOR_NUM       OSSL_NELEM(names)
384 
385 /* list of configured algorithm (remaining) */
386 static const OPT_PAIR doit_choices[] = {
387 #ifndef OPENSSL_NO_MD2
388     {"md2", D_MD2},
389 #endif
390 #ifndef OPENSSL_NO_MDC2
391     {"mdc2", D_MDC2},
392 #endif
393 #ifndef OPENSSL_NO_MD4
394     {"md4", D_MD4},
395 #endif
396 #ifndef OPENSSL_NO_MD5
397     {"md5", D_MD5},
398     {"hmac", D_HMAC},
399 #endif
400     {"sha1", D_SHA1},
401     {"sha256", D_SHA256},
402     {"sha512", D_SHA512},
403 #ifndef OPENSSL_NO_WHIRLPOOL
404     {"whirlpool", D_WHIRLPOOL},
405 #endif
406 #ifndef OPENSSL_NO_RMD160
407     {"ripemd", D_RMD160},
408     {"rmd160", D_RMD160},
409     {"ripemd160", D_RMD160},
410 #endif
411 #ifndef OPENSSL_NO_RC4
412     {"rc4", D_RC4},
413 #endif
414 #ifndef OPENSSL_NO_DES
415     {"des-cbc", D_CBC_DES},
416     {"des-ede3", D_EDE3_DES},
417 #endif
418     {"aes-128-cbc", D_CBC_128_AES},
419     {"aes-192-cbc", D_CBC_192_AES},
420     {"aes-256-cbc", D_CBC_256_AES},
421     {"aes-128-ige", D_IGE_128_AES},
422     {"aes-192-ige", D_IGE_192_AES},
423     {"aes-256-ige", D_IGE_256_AES},
424 #ifndef OPENSSL_NO_RC2
425     {"rc2-cbc", D_CBC_RC2},
426     {"rc2", D_CBC_RC2},
427 #endif
428 #ifndef OPENSSL_NO_RC5
429     {"rc5-cbc", D_CBC_RC5},
430     {"rc5", D_CBC_RC5},
431 #endif
432 #ifndef OPENSSL_NO_IDEA
433     {"idea-cbc", D_CBC_IDEA},
434     {"idea", D_CBC_IDEA},
435 #endif
436 #ifndef OPENSSL_NO_SEED
437     {"seed-cbc", D_CBC_SEED},
438     {"seed", D_CBC_SEED},
439 #endif
440 #ifndef OPENSSL_NO_BF
441     {"bf-cbc", D_CBC_BF},
442     {"blowfish", D_CBC_BF},
443     {"bf", D_CBC_BF},
444 #endif
445 #ifndef OPENSSL_NO_CAST
446     {"cast-cbc", D_CBC_CAST},
447     {"cast", D_CBC_CAST},
448     {"cast5", D_CBC_CAST},
449 #endif
450     {"ghash", D_GHASH},
451     {"rand", D_RAND}
452 };
453 
454 static double results[ALGOR_NUM][OSSL_NELEM(lengths_list)];
455 
456 #ifndef OPENSSL_NO_DSA
457 # define R_DSA_512       0
458 # define R_DSA_1024      1
459 # define R_DSA_2048      2
460 static const OPT_PAIR dsa_choices[] = {
461     {"dsa512", R_DSA_512},
462     {"dsa1024", R_DSA_1024},
463     {"dsa2048", R_DSA_2048}
464 };
465 # define DSA_NUM         OSSL_NELEM(dsa_choices)
466 
467 static double dsa_results[DSA_NUM][2];  /* 2 ops: sign then verify */
468 #endif  /* OPENSSL_NO_DSA */
469 
470 #define R_RSA_512       0
471 #define R_RSA_1024      1
472 #define R_RSA_2048      2
473 #define R_RSA_3072      3
474 #define R_RSA_4096      4
475 #define R_RSA_7680      5
476 #define R_RSA_15360     6
477 #ifndef OPENSSL_NO_RSA
478 static const OPT_PAIR rsa_choices[] = {
479     {"rsa512", R_RSA_512},
480     {"rsa1024", R_RSA_1024},
481     {"rsa2048", R_RSA_2048},
482     {"rsa3072", R_RSA_3072},
483     {"rsa4096", R_RSA_4096},
484     {"rsa7680", R_RSA_7680},
485     {"rsa15360", R_RSA_15360}
486 };
487 # define RSA_NUM OSSL_NELEM(rsa_choices)
488 
489 static double rsa_results[RSA_NUM][2];  /* 2 ops: sign then verify */
490 #endif /* OPENSSL_NO_RSA */
491 
492 #define R_EC_P160    0
493 #define R_EC_P192    1
494 #define R_EC_P224    2
495 #define R_EC_P256    3
496 #define R_EC_P384    4
497 #define R_EC_P521    5
498 #define R_EC_K163    6
499 #define R_EC_K233    7
500 #define R_EC_K283    8
501 #define R_EC_K409    9
502 #define R_EC_K571    10
503 #define R_EC_B163    11
504 #define R_EC_B233    12
505 #define R_EC_B283    13
506 #define R_EC_B409    14
507 #define R_EC_B571    15
508 #define R_EC_BRP256R1  16
509 #define R_EC_BRP256T1  17
510 #define R_EC_BRP384R1  18
511 #define R_EC_BRP384T1  19
512 #define R_EC_BRP512R1  20
513 #define R_EC_BRP512T1  21
514 #define R_EC_X25519  22
515 #define R_EC_X448    23
516 #ifndef OPENSSL_NO_EC
517 static OPT_PAIR ecdsa_choices[] = {
518     {"ecdsap160", R_EC_P160},
519     {"ecdsap192", R_EC_P192},
520     {"ecdsap224", R_EC_P224},
521     {"ecdsap256", R_EC_P256},
522     {"ecdsap384", R_EC_P384},
523     {"ecdsap521", R_EC_P521},
524     {"ecdsak163", R_EC_K163},
525     {"ecdsak233", R_EC_K233},
526     {"ecdsak283", R_EC_K283},
527     {"ecdsak409", R_EC_K409},
528     {"ecdsak571", R_EC_K571},
529     {"ecdsab163", R_EC_B163},
530     {"ecdsab233", R_EC_B233},
531     {"ecdsab283", R_EC_B283},
532     {"ecdsab409", R_EC_B409},
533     {"ecdsab571", R_EC_B571},
534     {"ecdsabrp256r1", R_EC_BRP256R1},
535     {"ecdsabrp256t1", R_EC_BRP256T1},
536     {"ecdsabrp384r1", R_EC_BRP384R1},
537     {"ecdsabrp384t1", R_EC_BRP384T1},
538     {"ecdsabrp512r1", R_EC_BRP512R1},
539     {"ecdsabrp512t1", R_EC_BRP512T1}
540 };
541 # define ECDSA_NUM       OSSL_NELEM(ecdsa_choices)
542 
543 static double ecdsa_results[ECDSA_NUM][2];    /* 2 ops: sign then verify */
544 
545 static const OPT_PAIR ecdh_choices[] = {
546     {"ecdhp160", R_EC_P160},
547     {"ecdhp192", R_EC_P192},
548     {"ecdhp224", R_EC_P224},
549     {"ecdhp256", R_EC_P256},
550     {"ecdhp384", R_EC_P384},
551     {"ecdhp521", R_EC_P521},
552     {"ecdhk163", R_EC_K163},
553     {"ecdhk233", R_EC_K233},
554     {"ecdhk283", R_EC_K283},
555     {"ecdhk409", R_EC_K409},
556     {"ecdhk571", R_EC_K571},
557     {"ecdhb163", R_EC_B163},
558     {"ecdhb233", R_EC_B233},
559     {"ecdhb283", R_EC_B283},
560     {"ecdhb409", R_EC_B409},
561     {"ecdhb571", R_EC_B571},
562     {"ecdhbrp256r1", R_EC_BRP256R1},
563     {"ecdhbrp256t1", R_EC_BRP256T1},
564     {"ecdhbrp384r1", R_EC_BRP384R1},
565     {"ecdhbrp384t1", R_EC_BRP384T1},
566     {"ecdhbrp512r1", R_EC_BRP512R1},
567     {"ecdhbrp512t1", R_EC_BRP512T1},
568     {"ecdhx25519", R_EC_X25519},
569     {"ecdhx448", R_EC_X448}
570 };
571 # define EC_NUM       OSSL_NELEM(ecdh_choices)
572 
573 static double ecdh_results[EC_NUM][1];  /* 1 op: derivation */
574 
575 #define R_EC_Ed25519    0
576 #define R_EC_Ed448      1
577 static OPT_PAIR eddsa_choices[] = {
578     {"ed25519", R_EC_Ed25519},
579     {"ed448", R_EC_Ed448}
580 };
581 # define EdDSA_NUM       OSSL_NELEM(eddsa_choices)
582 
583 static double eddsa_results[EdDSA_NUM][2];    /* 2 ops: sign then verify */
584 #endif /* OPENSSL_NO_EC */
585 
586 #ifndef SIGALRM
587 # define COND(d) (count < (d))
588 # define COUNT(d) (d)
589 #else
590 # define COND(unused_cond) (run && count<0x7fffffff)
591 # define COUNT(d) (count)
592 #endif                          /* SIGALRM */
593 
594 typedef struct loopargs_st {
595     ASYNC_JOB *inprogress_job;
596     ASYNC_WAIT_CTX *wait_ctx;
597     unsigned char *buf;
598     unsigned char *buf2;
599     unsigned char *buf_malloc;
600     unsigned char *buf2_malloc;
601     unsigned char *key;
602     unsigned int siglen;
603     size_t sigsize;
604 #ifndef OPENSSL_NO_RSA
605     RSA *rsa_key[RSA_NUM];
606 #endif
607 #ifndef OPENSSL_NO_DSA
608     DSA *dsa_key[DSA_NUM];
609 #endif
610 #ifndef OPENSSL_NO_EC
611     EC_KEY *ecdsa[ECDSA_NUM];
612     EVP_PKEY_CTX *ecdh_ctx[EC_NUM];
613     EVP_MD_CTX *eddsa_ctx[EdDSA_NUM];
614     unsigned char *secret_a;
615     unsigned char *secret_b;
616     size_t outlen[EC_NUM];
617 #endif
618     EVP_CIPHER_CTX *ctx;
619     HMAC_CTX *hctx;
620     GCM128_CONTEXT *gcm_ctx;
621 } loopargs_t;
622 static int run_benchmark(int async_jobs, int (*loop_function) (void *),
623                          loopargs_t * loopargs);
624 
625 static unsigned int testnum;
626 
627 /* Nb of iterations to do per algorithm and key-size */
628 static long c[ALGOR_NUM][OSSL_NELEM(lengths_list)];
629 
630 #ifndef OPENSSL_NO_MD2
631 static int EVP_Digest_MD2_loop(void *args)
632 {
633     loopargs_t *tempargs = *(loopargs_t **) args;
634     unsigned char *buf = tempargs->buf;
635     unsigned char md2[MD2_DIGEST_LENGTH];
636     int count;
637 
638     for (count = 0; COND(c[D_MD2][testnum]); count++) {
639         if (!EVP_Digest(buf, (size_t)lengths[testnum], md2, NULL, EVP_md2(),
640                         NULL))
641             return -1;
642     }
643     return count;
644 }
645 #endif
646 
647 #ifndef OPENSSL_NO_MDC2
648 static int EVP_Digest_MDC2_loop(void *args)
649 {
650     loopargs_t *tempargs = *(loopargs_t **) args;
651     unsigned char *buf = tempargs->buf;
652     unsigned char mdc2[MDC2_DIGEST_LENGTH];
653     int count;
654 
655     for (count = 0; COND(c[D_MDC2][testnum]); count++) {
656         if (!EVP_Digest(buf, (size_t)lengths[testnum], mdc2, NULL, EVP_mdc2(),
657                         NULL))
658             return -1;
659     }
660     return count;
661 }
662 #endif
663 
664 #ifndef OPENSSL_NO_MD4
665 static int EVP_Digest_MD4_loop(void *args)
666 {
667     loopargs_t *tempargs = *(loopargs_t **) args;
668     unsigned char *buf = tempargs->buf;
669     unsigned char md4[MD4_DIGEST_LENGTH];
670     int count;
671 
672     for (count = 0; COND(c[D_MD4][testnum]); count++) {
673         if (!EVP_Digest(buf, (size_t)lengths[testnum], md4, NULL, EVP_md4(),
674                         NULL))
675             return -1;
676     }
677     return count;
678 }
679 #endif
680 
681 #ifndef OPENSSL_NO_MD5
682 static int MD5_loop(void *args)
683 {
684     loopargs_t *tempargs = *(loopargs_t **) args;
685     unsigned char *buf = tempargs->buf;
686     unsigned char md5[MD5_DIGEST_LENGTH];
687     int count;
688     for (count = 0; COND(c[D_MD5][testnum]); count++)
689         MD5(buf, lengths[testnum], md5);
690     return count;
691 }
692 
693 static int HMAC_loop(void *args)
694 {
695     loopargs_t *tempargs = *(loopargs_t **) args;
696     unsigned char *buf = tempargs->buf;
697     HMAC_CTX *hctx = tempargs->hctx;
698     unsigned char hmac[MD5_DIGEST_LENGTH];
699     int count;
700 
701     for (count = 0; COND(c[D_HMAC][testnum]); count++) {
702         HMAC_Init_ex(hctx, NULL, 0, NULL, NULL);
703         HMAC_Update(hctx, buf, lengths[testnum]);
704         HMAC_Final(hctx, hmac, NULL);
705     }
706     return count;
707 }
708 #endif
709 
710 static int SHA1_loop(void *args)
711 {
712     loopargs_t *tempargs = *(loopargs_t **) args;
713     unsigned char *buf = tempargs->buf;
714     unsigned char sha[SHA_DIGEST_LENGTH];
715     int count;
716     for (count = 0; COND(c[D_SHA1][testnum]); count++)
717         SHA1(buf, lengths[testnum], sha);
718     return count;
719 }
720 
721 static int SHA256_loop(void *args)
722 {
723     loopargs_t *tempargs = *(loopargs_t **) args;
724     unsigned char *buf = tempargs->buf;
725     unsigned char sha256[SHA256_DIGEST_LENGTH];
726     int count;
727     for (count = 0; COND(c[D_SHA256][testnum]); count++)
728         SHA256(buf, lengths[testnum], sha256);
729     return count;
730 }
731 
732 static int SHA512_loop(void *args)
733 {
734     loopargs_t *tempargs = *(loopargs_t **) args;
735     unsigned char *buf = tempargs->buf;
736     unsigned char sha512[SHA512_DIGEST_LENGTH];
737     int count;
738     for (count = 0; COND(c[D_SHA512][testnum]); count++)
739         SHA512(buf, lengths[testnum], sha512);
740     return count;
741 }
742 
743 #ifndef OPENSSL_NO_WHIRLPOOL
744 static int WHIRLPOOL_loop(void *args)
745 {
746     loopargs_t *tempargs = *(loopargs_t **) args;
747     unsigned char *buf = tempargs->buf;
748     unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
749     int count;
750     for (count = 0; COND(c[D_WHIRLPOOL][testnum]); count++)
751         WHIRLPOOL(buf, lengths[testnum], whirlpool);
752     return count;
753 }
754 #endif
755 
756 #ifndef OPENSSL_NO_RMD160
757 static int EVP_Digest_RMD160_loop(void *args)
758 {
759     loopargs_t *tempargs = *(loopargs_t **) args;
760     unsigned char *buf = tempargs->buf;
761     unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
762     int count;
763     for (count = 0; COND(c[D_RMD160][testnum]); count++) {
764         if (!EVP_Digest(buf, (size_t)lengths[testnum], &(rmd160[0]),
765                         NULL, EVP_ripemd160(), NULL))
766             return -1;
767     }
768     return count;
769 }
770 #endif
771 
772 #ifndef OPENSSL_NO_RC4
773 static RC4_KEY rc4_ks;
774 static int RC4_loop(void *args)
775 {
776     loopargs_t *tempargs = *(loopargs_t **) args;
777     unsigned char *buf = tempargs->buf;
778     int count;
779     for (count = 0; COND(c[D_RC4][testnum]); count++)
780         RC4(&rc4_ks, (size_t)lengths[testnum], buf, buf);
781     return count;
782 }
783 #endif
784 
785 #ifndef OPENSSL_NO_DES
786 static unsigned char DES_iv[8];
787 static DES_key_schedule sch;
788 static DES_key_schedule sch2;
789 static DES_key_schedule sch3;
790 static int DES_ncbc_encrypt_loop(void *args)
791 {
792     loopargs_t *tempargs = *(loopargs_t **) args;
793     unsigned char *buf = tempargs->buf;
794     int count;
795     for (count = 0; COND(c[D_CBC_DES][testnum]); count++)
796         DES_ncbc_encrypt(buf, buf, lengths[testnum], &sch,
797                          &DES_iv, DES_ENCRYPT);
798     return count;
799 }
800 
801 static int DES_ede3_cbc_encrypt_loop(void *args)
802 {
803     loopargs_t *tempargs = *(loopargs_t **) args;
804     unsigned char *buf = tempargs->buf;
805     int count;
806     for (count = 0; COND(c[D_EDE3_DES][testnum]); count++)
807         DES_ede3_cbc_encrypt(buf, buf, lengths[testnum],
808                              &sch, &sch2, &sch3, &DES_iv, DES_ENCRYPT);
809     return count;
810 }
811 #endif
812 
813 #define MAX_BLOCK_SIZE 128
814 
815 static unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
816 static AES_KEY aes_ks1, aes_ks2, aes_ks3;
817 static int AES_cbc_128_encrypt_loop(void *args)
818 {
819     loopargs_t *tempargs = *(loopargs_t **) args;
820     unsigned char *buf = tempargs->buf;
821     int count;
822     for (count = 0; COND(c[D_CBC_128_AES][testnum]); count++)
823         AES_cbc_encrypt(buf, buf,
824                         (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
825     return count;
826 }
827 
828 static int AES_cbc_192_encrypt_loop(void *args)
829 {
830     loopargs_t *tempargs = *(loopargs_t **) args;
831     unsigned char *buf = tempargs->buf;
832     int count;
833     for (count = 0; COND(c[D_CBC_192_AES][testnum]); count++)
834         AES_cbc_encrypt(buf, buf,
835                         (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
836     return count;
837 }
838 
839 static int AES_cbc_256_encrypt_loop(void *args)
840 {
841     loopargs_t *tempargs = *(loopargs_t **) args;
842     unsigned char *buf = tempargs->buf;
843     int count;
844     for (count = 0; COND(c[D_CBC_256_AES][testnum]); count++)
845         AES_cbc_encrypt(buf, buf,
846                         (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
847     return count;
848 }
849 
850 static int AES_ige_128_encrypt_loop(void *args)
851 {
852     loopargs_t *tempargs = *(loopargs_t **) args;
853     unsigned char *buf = tempargs->buf;
854     unsigned char *buf2 = tempargs->buf2;
855     int count;
856     for (count = 0; COND(c[D_IGE_128_AES][testnum]); count++)
857         AES_ige_encrypt(buf, buf2,
858                         (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
859     return count;
860 }
861 
862 static int AES_ige_192_encrypt_loop(void *args)
863 {
864     loopargs_t *tempargs = *(loopargs_t **) args;
865     unsigned char *buf = tempargs->buf;
866     unsigned char *buf2 = tempargs->buf2;
867     int count;
868     for (count = 0; COND(c[D_IGE_192_AES][testnum]); count++)
869         AES_ige_encrypt(buf, buf2,
870                         (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
871     return count;
872 }
873 
874 static int AES_ige_256_encrypt_loop(void *args)
875 {
876     loopargs_t *tempargs = *(loopargs_t **) args;
877     unsigned char *buf = tempargs->buf;
878     unsigned char *buf2 = tempargs->buf2;
879     int count;
880     for (count = 0; COND(c[D_IGE_256_AES][testnum]); count++)
881         AES_ige_encrypt(buf, buf2,
882                         (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
883     return count;
884 }
885 
886 static int CRYPTO_gcm128_aad_loop(void *args)
887 {
888     loopargs_t *tempargs = *(loopargs_t **) args;
889     unsigned char *buf = tempargs->buf;
890     GCM128_CONTEXT *gcm_ctx = tempargs->gcm_ctx;
891     int count;
892     for (count = 0; COND(c[D_GHASH][testnum]); count++)
893         CRYPTO_gcm128_aad(gcm_ctx, buf, lengths[testnum]);
894     return count;
895 }
896 
897 static int RAND_bytes_loop(void *args)
898 {
899     loopargs_t *tempargs = *(loopargs_t **) args;
900     unsigned char *buf = tempargs->buf;
901     int count;
902 
903     for (count = 0; COND(c[D_RAND][testnum]); count++)
904         RAND_bytes(buf, lengths[testnum]);
905     return count;
906 }
907 
908 static long save_count = 0;
909 static int decrypt = 0;
910 static int EVP_Update_loop(void *args)
911 {
912     loopargs_t *tempargs = *(loopargs_t **) args;
913     unsigned char *buf = tempargs->buf;
914     EVP_CIPHER_CTX *ctx = tempargs->ctx;
915     int outl, count, rc;
916 #ifndef SIGALRM
917     int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
918 #endif
919     if (decrypt) {
920         for (count = 0; COND(nb_iter); count++) {
921             rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
922             if (rc != 1) {
923                 /* reset iv in case of counter overflow */
924                 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
925             }
926         }
927     } else {
928         for (count = 0; COND(nb_iter); count++) {
929             rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
930             if (rc != 1) {
931                 /* reset iv in case of counter overflow */
932                 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
933             }
934         }
935     }
936     if (decrypt)
937         EVP_DecryptFinal_ex(ctx, buf, &outl);
938     else
939         EVP_EncryptFinal_ex(ctx, buf, &outl);
940     return count;
941 }
942 
943 /*
944  * CCM does not support streaming. For the purpose of performance measurement,
945  * each message is encrypted using the same (key,iv)-pair. Do not use this
946  * code in your application.
947  */
948 static int EVP_Update_loop_ccm(void *args)
949 {
950     loopargs_t *tempargs = *(loopargs_t **) args;
951     unsigned char *buf = tempargs->buf;
952     EVP_CIPHER_CTX *ctx = tempargs->ctx;
953     int outl, count;
954     unsigned char tag[12];
955 #ifndef SIGALRM
956     int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
957 #endif
958     if (decrypt) {
959         for (count = 0; COND(nb_iter); count++) {
960             EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), tag);
961             /* reset iv */
962             EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
963             /* counter is reset on every update */
964             EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
965         }
966     } else {
967         for (count = 0; COND(nb_iter); count++) {
968             /* restore iv length field */
969             EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
970             /* counter is reset on every update */
971             EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
972         }
973     }
974     if (decrypt)
975         EVP_DecryptFinal_ex(ctx, buf, &outl);
976     else
977         EVP_EncryptFinal_ex(ctx, buf, &outl);
978     return count;
979 }
980 
981 /*
982  * To make AEAD benchmarking more relevant perform TLS-like operations,
983  * 13-byte AAD followed by payload. But don't use TLS-formatted AAD, as
984  * payload length is not actually limited by 16KB...
985  */
986 static int EVP_Update_loop_aead(void *args)
987 {
988     loopargs_t *tempargs = *(loopargs_t **) args;
989     unsigned char *buf = tempargs->buf;
990     EVP_CIPHER_CTX *ctx = tempargs->ctx;
991     int outl, count;
992     unsigned char aad[13] = { 0xcc };
993     unsigned char faketag[16] = { 0xcc };
994 #ifndef SIGALRM
995     int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
996 #endif
997     if (decrypt) {
998         for (count = 0; COND(nb_iter); count++) {
999             EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
1000             EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
1001                                 sizeof(faketag), faketag);
1002             EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1003             EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1004             EVP_DecryptFinal_ex(ctx, buf + outl, &outl);
1005         }
1006     } else {
1007         for (count = 0; COND(nb_iter); count++) {
1008             EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv);
1009             EVP_EncryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1010             EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1011             EVP_EncryptFinal_ex(ctx, buf + outl, &outl);
1012         }
1013     }
1014     return count;
1015 }
1016 
1017 static const EVP_MD *evp_md = NULL;
1018 static int EVP_Digest_loop(void *args)
1019 {
1020     loopargs_t *tempargs = *(loopargs_t **) args;
1021     unsigned char *buf = tempargs->buf;
1022     unsigned char md[EVP_MAX_MD_SIZE];
1023     int count;
1024 #ifndef SIGALRM
1025     int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1026 #endif
1027 
1028     for (count = 0; COND(nb_iter); count++) {
1029         if (!EVP_Digest(buf, lengths[testnum], md, NULL, evp_md, NULL))
1030             return -1;
1031     }
1032     return count;
1033 }
1034 
1035 #ifndef OPENSSL_NO_RSA
1036 static long rsa_c[RSA_NUM][2];  /* # RSA iteration test */
1037 
1038 static int RSA_sign_loop(void *args)
1039 {
1040     loopargs_t *tempargs = *(loopargs_t **) args;
1041     unsigned char *buf = tempargs->buf;
1042     unsigned char *buf2 = tempargs->buf2;
1043     unsigned int *rsa_num = &tempargs->siglen;
1044     RSA **rsa_key = tempargs->rsa_key;
1045     int ret, count;
1046     for (count = 0; COND(rsa_c[testnum][0]); count++) {
1047         ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1048         if (ret == 0) {
1049             BIO_printf(bio_err, "RSA sign failure\n");
1050             ERR_print_errors(bio_err);
1051             count = -1;
1052             break;
1053         }
1054     }
1055     return count;
1056 }
1057 
1058 static int RSA_verify_loop(void *args)
1059 {
1060     loopargs_t *tempargs = *(loopargs_t **) args;
1061     unsigned char *buf = tempargs->buf;
1062     unsigned char *buf2 = tempargs->buf2;
1063     unsigned int rsa_num = tempargs->siglen;
1064     RSA **rsa_key = tempargs->rsa_key;
1065     int ret, count;
1066     for (count = 0; COND(rsa_c[testnum][1]); count++) {
1067         ret =
1068             RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1069         if (ret <= 0) {
1070             BIO_printf(bio_err, "RSA verify failure\n");
1071             ERR_print_errors(bio_err);
1072             count = -1;
1073             break;
1074         }
1075     }
1076     return count;
1077 }
1078 #endif
1079 
1080 #ifndef OPENSSL_NO_DSA
1081 static long dsa_c[DSA_NUM][2];
1082 static int DSA_sign_loop(void *args)
1083 {
1084     loopargs_t *tempargs = *(loopargs_t **) args;
1085     unsigned char *buf = tempargs->buf;
1086     unsigned char *buf2 = tempargs->buf2;
1087     DSA **dsa_key = tempargs->dsa_key;
1088     unsigned int *siglen = &tempargs->siglen;
1089     int ret, count;
1090     for (count = 0; COND(dsa_c[testnum][0]); count++) {
1091         ret = DSA_sign(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1092         if (ret == 0) {
1093             BIO_printf(bio_err, "DSA sign failure\n");
1094             ERR_print_errors(bio_err);
1095             count = -1;
1096             break;
1097         }
1098     }
1099     return count;
1100 }
1101 
1102 static int DSA_verify_loop(void *args)
1103 {
1104     loopargs_t *tempargs = *(loopargs_t **) args;
1105     unsigned char *buf = tempargs->buf;
1106     unsigned char *buf2 = tempargs->buf2;
1107     DSA **dsa_key = tempargs->dsa_key;
1108     unsigned int siglen = tempargs->siglen;
1109     int ret, count;
1110     for (count = 0; COND(dsa_c[testnum][1]); count++) {
1111         ret = DSA_verify(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1112         if (ret <= 0) {
1113             BIO_printf(bio_err, "DSA verify failure\n");
1114             ERR_print_errors(bio_err);
1115             count = -1;
1116             break;
1117         }
1118     }
1119     return count;
1120 }
1121 #endif
1122 
1123 #ifndef OPENSSL_NO_EC
1124 static long ecdsa_c[ECDSA_NUM][2];
1125 static int ECDSA_sign_loop(void *args)
1126 {
1127     loopargs_t *tempargs = *(loopargs_t **) args;
1128     unsigned char *buf = tempargs->buf;
1129     EC_KEY **ecdsa = tempargs->ecdsa;
1130     unsigned char *ecdsasig = tempargs->buf2;
1131     unsigned int *ecdsasiglen = &tempargs->siglen;
1132     int ret, count;
1133     for (count = 0; COND(ecdsa_c[testnum][0]); count++) {
1134         ret = ECDSA_sign(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1135         if (ret == 0) {
1136             BIO_printf(bio_err, "ECDSA sign failure\n");
1137             ERR_print_errors(bio_err);
1138             count = -1;
1139             break;
1140         }
1141     }
1142     return count;
1143 }
1144 
1145 static int ECDSA_verify_loop(void *args)
1146 {
1147     loopargs_t *tempargs = *(loopargs_t **) args;
1148     unsigned char *buf = tempargs->buf;
1149     EC_KEY **ecdsa = tempargs->ecdsa;
1150     unsigned char *ecdsasig = tempargs->buf2;
1151     unsigned int ecdsasiglen = tempargs->siglen;
1152     int ret, count;
1153     for (count = 0; COND(ecdsa_c[testnum][1]); count++) {
1154         ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1155         if (ret != 1) {
1156             BIO_printf(bio_err, "ECDSA verify failure\n");
1157             ERR_print_errors(bio_err);
1158             count = -1;
1159             break;
1160         }
1161     }
1162     return count;
1163 }
1164 
1165 /* ******************************************************************** */
1166 static long ecdh_c[EC_NUM][1];
1167 
1168 static int ECDH_EVP_derive_key_loop(void *args)
1169 {
1170     loopargs_t *tempargs = *(loopargs_t **) args;
1171     EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum];
1172     unsigned char *derived_secret = tempargs->secret_a;
1173     int count;
1174     size_t *outlen = &(tempargs->outlen[testnum]);
1175 
1176     for (count = 0; COND(ecdh_c[testnum][0]); count++)
1177         EVP_PKEY_derive(ctx, derived_secret, outlen);
1178 
1179     return count;
1180 }
1181 
1182 static long eddsa_c[EdDSA_NUM][2];
1183 static int EdDSA_sign_loop(void *args)
1184 {
1185     loopargs_t *tempargs = *(loopargs_t **) args;
1186     unsigned char *buf = tempargs->buf;
1187     EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1188     unsigned char *eddsasig = tempargs->buf2;
1189     size_t *eddsasigsize = &tempargs->sigsize;
1190     int ret, count;
1191 
1192     for (count = 0; COND(eddsa_c[testnum][0]); count++) {
1193         ret = EVP_DigestSign(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1194         if (ret == 0) {
1195             BIO_printf(bio_err, "EdDSA sign failure\n");
1196             ERR_print_errors(bio_err);
1197             count = -1;
1198             break;
1199         }
1200     }
1201     return count;
1202 }
1203 
1204 static int EdDSA_verify_loop(void *args)
1205 {
1206     loopargs_t *tempargs = *(loopargs_t **) args;
1207     unsigned char *buf = tempargs->buf;
1208     EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1209     unsigned char *eddsasig = tempargs->buf2;
1210     size_t eddsasigsize = tempargs->sigsize;
1211     int ret, count;
1212 
1213     for (count = 0; COND(eddsa_c[testnum][1]); count++) {
1214         ret = EVP_DigestVerify(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1215         if (ret != 1) {
1216             BIO_printf(bio_err, "EdDSA verify failure\n");
1217             ERR_print_errors(bio_err);
1218             count = -1;
1219             break;
1220         }
1221     }
1222     return count;
1223 }
1224 #endif                          /* OPENSSL_NO_EC */
1225 
1226 static int run_benchmark(int async_jobs,
1227                          int (*loop_function) (void *), loopargs_t * loopargs)
1228 {
1229     int job_op_count = 0;
1230     int total_op_count = 0;
1231     int num_inprogress = 0;
1232     int error = 0, i = 0, ret = 0;
1233     OSSL_ASYNC_FD job_fd = 0;
1234     size_t num_job_fds = 0;
1235 
1236     run = 1;
1237 
1238     if (async_jobs == 0) {
1239         return loop_function((void *)&loopargs);
1240     }
1241 
1242     for (i = 0; i < async_jobs && !error; i++) {
1243         loopargs_t *looparg_item = loopargs + i;
1244 
1245         /* Copy pointer content (looparg_t item address) into async context */
1246         ret = ASYNC_start_job(&loopargs[i].inprogress_job, loopargs[i].wait_ctx,
1247                               &job_op_count, loop_function,
1248                               (void *)&looparg_item, sizeof(looparg_item));
1249         switch (ret) {
1250         case ASYNC_PAUSE:
1251             ++num_inprogress;
1252             break;
1253         case ASYNC_FINISH:
1254             if (job_op_count == -1) {
1255                 error = 1;
1256             } else {
1257                 total_op_count += job_op_count;
1258             }
1259             break;
1260         case ASYNC_NO_JOBS:
1261         case ASYNC_ERR:
1262             BIO_printf(bio_err, "Failure in the job\n");
1263             ERR_print_errors(bio_err);
1264             error = 1;
1265             break;
1266         }
1267     }
1268 
1269     while (num_inprogress > 0) {
1270 #if defined(OPENSSL_SYS_WINDOWS)
1271         DWORD avail = 0;
1272 #elif defined(OPENSSL_SYS_UNIX)
1273         int select_result = 0;
1274         OSSL_ASYNC_FD max_fd = 0;
1275         fd_set waitfdset;
1276 
1277         FD_ZERO(&waitfdset);
1278 
1279         for (i = 0; i < async_jobs && num_inprogress > 0; i++) {
1280             if (loopargs[i].inprogress_job == NULL)
1281                 continue;
1282 
1283             if (!ASYNC_WAIT_CTX_get_all_fds
1284                 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1285                 || num_job_fds > 1) {
1286                 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1287                 ERR_print_errors(bio_err);
1288                 error = 1;
1289                 break;
1290             }
1291             ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1292                                        &num_job_fds);
1293             FD_SET(job_fd, &waitfdset);
1294             if (job_fd > max_fd)
1295                 max_fd = job_fd;
1296         }
1297 
1298         if (max_fd >= (OSSL_ASYNC_FD)FD_SETSIZE) {
1299             BIO_printf(bio_err,
1300                        "Error: max_fd (%d) must be smaller than FD_SETSIZE (%d). "
1301                        "Decrease the value of async_jobs\n",
1302                        max_fd, FD_SETSIZE);
1303             ERR_print_errors(bio_err);
1304             error = 1;
1305             break;
1306         }
1307 
1308         select_result = select(max_fd + 1, &waitfdset, NULL, NULL, NULL);
1309         if (select_result == -1 && errno == EINTR)
1310             continue;
1311 
1312         if (select_result == -1) {
1313             BIO_printf(bio_err, "Failure in the select\n");
1314             ERR_print_errors(bio_err);
1315             error = 1;
1316             break;
1317         }
1318 
1319         if (select_result == 0)
1320             continue;
1321 #endif
1322 
1323         for (i = 0; i < async_jobs; i++) {
1324             if (loopargs[i].inprogress_job == NULL)
1325                 continue;
1326 
1327             if (!ASYNC_WAIT_CTX_get_all_fds
1328                 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1329                 || num_job_fds > 1) {
1330                 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1331                 ERR_print_errors(bio_err);
1332                 error = 1;
1333                 break;
1334             }
1335             ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1336                                        &num_job_fds);
1337 
1338 #if defined(OPENSSL_SYS_UNIX)
1339             if (num_job_fds == 1 && !FD_ISSET(job_fd, &waitfdset))
1340                 continue;
1341 #elif defined(OPENSSL_SYS_WINDOWS)
1342             if (num_job_fds == 1
1343                 && !PeekNamedPipe(job_fd, NULL, 0, NULL, &avail, NULL)
1344                 && avail > 0)
1345                 continue;
1346 #endif
1347 
1348             ret = ASYNC_start_job(&loopargs[i].inprogress_job,
1349                                   loopargs[i].wait_ctx, &job_op_count,
1350                                   loop_function, (void *)(loopargs + i),
1351                                   sizeof(loopargs_t));
1352             switch (ret) {
1353             case ASYNC_PAUSE:
1354                 break;
1355             case ASYNC_FINISH:
1356                 if (job_op_count == -1) {
1357                     error = 1;
1358                 } else {
1359                     total_op_count += job_op_count;
1360                 }
1361                 --num_inprogress;
1362                 loopargs[i].inprogress_job = NULL;
1363                 break;
1364             case ASYNC_NO_JOBS:
1365             case ASYNC_ERR:
1366                 --num_inprogress;
1367                 loopargs[i].inprogress_job = NULL;
1368                 BIO_printf(bio_err, "Failure in the job\n");
1369                 ERR_print_errors(bio_err);
1370                 error = 1;
1371                 break;
1372             }
1373         }
1374     }
1375 
1376     return error ? -1 : total_op_count;
1377 }
1378 
1379 int speed_main(int argc, char **argv)
1380 {
1381     ENGINE *e = NULL;
1382     loopargs_t *loopargs = NULL;
1383     const char *prog;
1384     const char *engine_id = NULL;
1385     const EVP_CIPHER *evp_cipher = NULL;
1386     double d = 0.0;
1387     OPTION_CHOICE o;
1388     int async_init = 0, multiblock = 0, pr_header = 0;
1389     int doit[ALGOR_NUM] = { 0 };
1390     int ret = 1, misalign = 0, lengths_single = 0, aead = 0;
1391     long count = 0;
1392     unsigned int size_num = OSSL_NELEM(lengths_list);
1393     unsigned int i, k, loop, loopargs_len = 0, async_jobs = 0;
1394     int keylen;
1395     int buflen;
1396 #ifndef NO_FORK
1397     int multi = 0;
1398 #endif
1399 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) \
1400     || !defined(OPENSSL_NO_EC)
1401     long rsa_count = 1;
1402 #endif
1403     openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS,
1404                                     ECDSA_SECONDS, ECDH_SECONDS,
1405                                     EdDSA_SECONDS };
1406 
1407     /* What follows are the buffers and key material. */
1408 #ifndef OPENSSL_NO_RC5
1409     RC5_32_KEY rc5_ks;
1410 #endif
1411 #ifndef OPENSSL_NO_RC2
1412     RC2_KEY rc2_ks;
1413 #endif
1414 #ifndef OPENSSL_NO_IDEA
1415     IDEA_KEY_SCHEDULE idea_ks;
1416 #endif
1417 #ifndef OPENSSL_NO_SEED
1418     SEED_KEY_SCHEDULE seed_ks;
1419 #endif
1420 #ifndef OPENSSL_NO_BF
1421     BF_KEY bf_ks;
1422 #endif
1423 #ifndef OPENSSL_NO_CAST
1424     CAST_KEY cast_ks;
1425 #endif
1426     static const unsigned char key16[16] = {
1427         0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1428         0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1429     };
1430     static const unsigned char key24[24] = {
1431         0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1432         0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1433         0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1434     };
1435     static const unsigned char key32[32] = {
1436         0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1437         0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1438         0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1439         0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1440     };
1441 #ifndef OPENSSL_NO_CAMELLIA
1442     static const unsigned char ckey24[24] = {
1443         0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1444         0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1445         0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1446     };
1447     static const unsigned char ckey32[32] = {
1448         0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1449         0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1450         0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1451         0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1452     };
1453     CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3;
1454 #endif
1455 #ifndef OPENSSL_NO_DES
1456     static DES_cblock key = {
1457         0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0
1458     };
1459     static DES_cblock key2 = {
1460         0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1461     };
1462     static DES_cblock key3 = {
1463         0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1464     };
1465 #endif
1466 #ifndef OPENSSL_NO_RSA
1467     static const unsigned int rsa_bits[RSA_NUM] = {
1468         512, 1024, 2048, 3072, 4096, 7680, 15360
1469     };
1470     static const unsigned char *rsa_data[RSA_NUM] = {
1471         test512, test1024, test2048, test3072, test4096, test7680, test15360
1472     };
1473     static const int rsa_data_length[RSA_NUM] = {
1474         sizeof(test512), sizeof(test1024),
1475         sizeof(test2048), sizeof(test3072),
1476         sizeof(test4096), sizeof(test7680),
1477         sizeof(test15360)
1478     };
1479     int rsa_doit[RSA_NUM] = { 0 };
1480     int primes = RSA_DEFAULT_PRIME_NUM;
1481 #endif
1482 #ifndef OPENSSL_NO_DSA
1483     static const unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 };
1484     int dsa_doit[DSA_NUM] = { 0 };
1485 #endif
1486 #ifndef OPENSSL_NO_EC
1487     /*
1488      * We only test over the following curves as they are representative, To
1489      * add tests over more curves, simply add the curve NID and curve name to
1490      * the following arrays and increase the |ecdh_choices| list accordingly.
1491      */
1492     static const struct {
1493         const char *name;
1494         unsigned int nid;
1495         unsigned int bits;
1496     } test_curves[] = {
1497         /* Prime Curves */
1498         {"secp160r1", NID_secp160r1, 160},
1499         {"nistp192", NID_X9_62_prime192v1, 192},
1500         {"nistp224", NID_secp224r1, 224},
1501         {"nistp256", NID_X9_62_prime256v1, 256},
1502         {"nistp384", NID_secp384r1, 384},
1503         {"nistp521", NID_secp521r1, 521},
1504         /* Binary Curves */
1505         {"nistk163", NID_sect163k1, 163},
1506         {"nistk233", NID_sect233k1, 233},
1507         {"nistk283", NID_sect283k1, 283},
1508         {"nistk409", NID_sect409k1, 409},
1509         {"nistk571", NID_sect571k1, 571},
1510         {"nistb163", NID_sect163r2, 163},
1511         {"nistb233", NID_sect233r1, 233},
1512         {"nistb283", NID_sect283r1, 283},
1513         {"nistb409", NID_sect409r1, 409},
1514         {"nistb571", NID_sect571r1, 571},
1515         {"brainpoolP256r1", NID_brainpoolP256r1, 256},
1516         {"brainpoolP256t1", NID_brainpoolP256t1, 256},
1517         {"brainpoolP384r1", NID_brainpoolP384r1, 384},
1518         {"brainpoolP384t1", NID_brainpoolP384t1, 384},
1519         {"brainpoolP512r1", NID_brainpoolP512r1, 512},
1520         {"brainpoolP512t1", NID_brainpoolP512t1, 512},
1521         /* Other and ECDH only ones */
1522         {"X25519", NID_X25519, 253},
1523         {"X448", NID_X448, 448}
1524     };
1525     static const struct {
1526         const char *name;
1527         unsigned int nid;
1528         unsigned int bits;
1529         size_t sigsize;
1530     } test_ed_curves[] = {
1531         /* EdDSA */
1532         {"Ed25519", NID_ED25519, 253, 64},
1533         {"Ed448", NID_ED448, 456, 114}
1534     };
1535     int ecdsa_doit[ECDSA_NUM] = { 0 };
1536     int ecdh_doit[EC_NUM] = { 0 };
1537     int eddsa_doit[EdDSA_NUM] = { 0 };
1538     OPENSSL_assert(OSSL_NELEM(test_curves) >= EC_NUM);
1539     OPENSSL_assert(OSSL_NELEM(test_ed_curves) >= EdDSA_NUM);
1540 #endif                          /* ndef OPENSSL_NO_EC */
1541 
1542     prog = opt_init(argc, argv, speed_options);
1543     while ((o = opt_next()) != OPT_EOF) {
1544         switch (o) {
1545         case OPT_EOF:
1546         case OPT_ERR:
1547  opterr:
1548             BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
1549             goto end;
1550         case OPT_HELP:
1551             opt_help(speed_options);
1552             ret = 0;
1553             goto end;
1554         case OPT_ELAPSED:
1555             usertime = 0;
1556             break;
1557         case OPT_EVP:
1558             evp_md = NULL;
1559             evp_cipher = EVP_get_cipherbyname(opt_arg());
1560             if (evp_cipher == NULL)
1561                 evp_md = EVP_get_digestbyname(opt_arg());
1562             if (evp_cipher == NULL && evp_md == NULL) {
1563                 BIO_printf(bio_err,
1564                            "%s: %s is an unknown cipher or digest\n",
1565                            prog, opt_arg());
1566                 goto end;
1567             }
1568             doit[D_EVP] = 1;
1569             break;
1570         case OPT_DECRYPT:
1571             decrypt = 1;
1572             break;
1573         case OPT_ENGINE:
1574             /*
1575              * In a forked execution, an engine might need to be
1576              * initialised by each child process, not by the parent.
1577              * So store the name here and run setup_engine() later on.
1578              */
1579             engine_id = opt_arg();
1580             break;
1581         case OPT_MULTI:
1582 #ifndef NO_FORK
1583             multi = atoi(opt_arg());
1584 #endif
1585             break;
1586         case OPT_ASYNCJOBS:
1587 #ifndef OPENSSL_NO_ASYNC
1588             async_jobs = atoi(opt_arg());
1589             if (!ASYNC_is_capable()) {
1590                 BIO_printf(bio_err,
1591                            "%s: async_jobs specified but async not supported\n",
1592                            prog);
1593                 goto opterr;
1594             }
1595             if (async_jobs > 99999) {
1596                 BIO_printf(bio_err, "%s: too many async_jobs\n", prog);
1597                 goto opterr;
1598             }
1599 #endif
1600             break;
1601         case OPT_MISALIGN:
1602             if (!opt_int(opt_arg(), &misalign))
1603                 goto end;
1604             if (misalign > MISALIGN) {
1605                 BIO_printf(bio_err,
1606                            "%s: Maximum offset is %d\n", prog, MISALIGN);
1607                 goto opterr;
1608             }
1609             break;
1610         case OPT_MR:
1611             mr = 1;
1612             break;
1613         case OPT_MB:
1614             multiblock = 1;
1615 #ifdef OPENSSL_NO_MULTIBLOCK
1616             BIO_printf(bio_err,
1617                        "%s: -mb specified but multi-block support is disabled\n",
1618                        prog);
1619             goto end;
1620 #endif
1621             break;
1622         case OPT_R_CASES:
1623             if (!opt_rand(o))
1624                 goto end;
1625             break;
1626         case OPT_PRIMES:
1627             if (!opt_int(opt_arg(), &primes))
1628                 goto end;
1629             break;
1630         case OPT_SECONDS:
1631             seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa
1632                         = seconds.ecdh = seconds.eddsa = atoi(opt_arg());
1633             break;
1634         case OPT_BYTES:
1635             lengths_single = atoi(opt_arg());
1636             lengths = &lengths_single;
1637             size_num = 1;
1638             break;
1639         case OPT_AEAD:
1640             aead = 1;
1641             break;
1642         }
1643     }
1644     argc = opt_num_rest();
1645     argv = opt_rest();
1646 
1647     /* Remaining arguments are algorithms. */
1648     for (; *argv; argv++) {
1649         if (found(*argv, doit_choices, &i)) {
1650             doit[i] = 1;
1651             continue;
1652         }
1653 #ifndef OPENSSL_NO_DES
1654         if (strcmp(*argv, "des") == 0) {
1655             doit[D_CBC_DES] = doit[D_EDE3_DES] = 1;
1656             continue;
1657         }
1658 #endif
1659         if (strcmp(*argv, "sha") == 0) {
1660             doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1;
1661             continue;
1662         }
1663 #ifndef OPENSSL_NO_RSA
1664         if (strcmp(*argv, "openssl") == 0)
1665             continue;
1666         if (strcmp(*argv, "rsa") == 0) {
1667             for (loop = 0; loop < OSSL_NELEM(rsa_doit); loop++)
1668                 rsa_doit[loop] = 1;
1669             continue;
1670         }
1671         if (found(*argv, rsa_choices, &i)) {
1672             rsa_doit[i] = 1;
1673             continue;
1674         }
1675 #endif
1676 #ifndef OPENSSL_NO_DSA
1677         if (strcmp(*argv, "dsa") == 0) {
1678             dsa_doit[R_DSA_512] = dsa_doit[R_DSA_1024] =
1679                 dsa_doit[R_DSA_2048] = 1;
1680             continue;
1681         }
1682         if (found(*argv, dsa_choices, &i)) {
1683             dsa_doit[i] = 2;
1684             continue;
1685         }
1686 #endif
1687         if (strcmp(*argv, "aes") == 0) {
1688             doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1;
1689             continue;
1690         }
1691 #ifndef OPENSSL_NO_CAMELLIA
1692         if (strcmp(*argv, "camellia") == 0) {
1693             doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1;
1694             continue;
1695         }
1696 #endif
1697 #ifndef OPENSSL_NO_EC
1698         if (strcmp(*argv, "ecdsa") == 0) {
1699             for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
1700                 ecdsa_doit[loop] = 1;
1701             continue;
1702         }
1703         if (found(*argv, ecdsa_choices, &i)) {
1704             ecdsa_doit[i] = 2;
1705             continue;
1706         }
1707         if (strcmp(*argv, "ecdh") == 0) {
1708             for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
1709                 ecdh_doit[loop] = 1;
1710             continue;
1711         }
1712         if (found(*argv, ecdh_choices, &i)) {
1713             ecdh_doit[i] = 2;
1714             continue;
1715         }
1716         if (strcmp(*argv, "eddsa") == 0) {
1717             for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
1718                 eddsa_doit[loop] = 1;
1719             continue;
1720         }
1721         if (found(*argv, eddsa_choices, &i)) {
1722             eddsa_doit[i] = 2;
1723             continue;
1724         }
1725 #endif
1726         BIO_printf(bio_err, "%s: Unknown algorithm %s\n", prog, *argv);
1727         goto end;
1728     }
1729 
1730     /* Sanity checks */
1731     if (aead) {
1732         if (evp_cipher == NULL) {
1733             BIO_printf(bio_err, "-aead can be used only with an AEAD cipher\n");
1734             goto end;
1735         } else if (!(EVP_CIPHER_flags(evp_cipher) &
1736                      EVP_CIPH_FLAG_AEAD_CIPHER)) {
1737             BIO_printf(bio_err, "%s is not an AEAD cipher\n",
1738                        OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1739             goto end;
1740         }
1741     }
1742     if (multiblock) {
1743         if (evp_cipher == NULL) {
1744             BIO_printf(bio_err,"-mb can be used only with a multi-block"
1745                                " capable cipher\n");
1746             goto end;
1747         } else if (!(EVP_CIPHER_flags(evp_cipher) &
1748                      EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
1749             BIO_printf(bio_err, "%s is not a multi-block capable\n",
1750                        OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1751             goto end;
1752         } else if (async_jobs > 0) {
1753             BIO_printf(bio_err, "Async mode is not supported with -mb");
1754             goto end;
1755         }
1756     }
1757 
1758     /* Initialize the job pool if async mode is enabled */
1759     if (async_jobs > 0) {
1760         async_init = ASYNC_init_thread(async_jobs, async_jobs);
1761         if (!async_init) {
1762             BIO_printf(bio_err, "Error creating the ASYNC job pool\n");
1763             goto end;
1764         }
1765     }
1766 
1767     loopargs_len = (async_jobs == 0 ? 1 : async_jobs);
1768     loopargs =
1769         app_malloc(loopargs_len * sizeof(loopargs_t), "array of loopargs");
1770     memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));
1771 
1772     for (i = 0; i < loopargs_len; i++) {
1773         if (async_jobs > 0) {
1774             loopargs[i].wait_ctx = ASYNC_WAIT_CTX_new();
1775             if (loopargs[i].wait_ctx == NULL) {
1776                 BIO_printf(bio_err, "Error creating the ASYNC_WAIT_CTX\n");
1777                 goto end;
1778             }
1779         }
1780 
1781         buflen = lengths[size_num - 1];
1782         if (buflen < 36)    /* size of random vector in RSA bencmark */
1783             buflen = 36;
1784         buflen += MAX_MISALIGNMENT + 1;
1785         loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
1786         loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");
1787         memset(loopargs[i].buf_malloc, 0, buflen);
1788         memset(loopargs[i].buf2_malloc, 0, buflen);
1789 
1790         /* Align the start of buffers on a 64 byte boundary */
1791         loopargs[i].buf = loopargs[i].buf_malloc + misalign;
1792         loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;
1793 #ifndef OPENSSL_NO_EC
1794         loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a");
1795         loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b");
1796 #endif
1797     }
1798 
1799 #ifndef NO_FORK
1800     if (multi && do_multi(multi, size_num))
1801         goto show_res;
1802 #endif
1803 
1804     /* Initialize the engine after the fork */
1805     e = setup_engine(engine_id, 0);
1806 
1807     /* No parameters; turn on everything. */
1808     if ((argc == 0) && !doit[D_EVP]) {
1809         for (i = 0; i < ALGOR_NUM; i++)
1810             if (i != D_EVP)
1811                 doit[i] = 1;
1812 #ifndef OPENSSL_NO_RSA
1813         for (i = 0; i < RSA_NUM; i++)
1814             rsa_doit[i] = 1;
1815 #endif
1816 #ifndef OPENSSL_NO_DSA
1817         for (i = 0; i < DSA_NUM; i++)
1818             dsa_doit[i] = 1;
1819 #endif
1820 #ifndef OPENSSL_NO_EC
1821         for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
1822             ecdsa_doit[loop] = 1;
1823         for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
1824             ecdh_doit[loop] = 1;
1825         for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
1826             eddsa_doit[loop] = 1;
1827 #endif
1828     }
1829     for (i = 0; i < ALGOR_NUM; i++)
1830         if (doit[i])
1831             pr_header++;
1832 
1833     if (usertime == 0 && !mr)
1834         BIO_printf(bio_err,
1835                    "You have chosen to measure elapsed time "
1836                    "instead of user CPU time.\n");
1837 
1838 #ifndef OPENSSL_NO_RSA
1839     for (i = 0; i < loopargs_len; i++) {
1840         if (primes > RSA_DEFAULT_PRIME_NUM) {
1841             /* for multi-prime RSA, skip this */
1842             break;
1843         }
1844         for (k = 0; k < RSA_NUM; k++) {
1845             const unsigned char *p;
1846 
1847             p = rsa_data[k];
1848             loopargs[i].rsa_key[k] =
1849                 d2i_RSAPrivateKey(NULL, &p, rsa_data_length[k]);
1850             if (loopargs[i].rsa_key[k] == NULL) {
1851                 BIO_printf(bio_err,
1852                            "internal error loading RSA key number %d\n", k);
1853                 goto end;
1854             }
1855         }
1856     }
1857 #endif
1858 #ifndef OPENSSL_NO_DSA
1859     for (i = 0; i < loopargs_len; i++) {
1860         loopargs[i].dsa_key[0] = get_dsa(512);
1861         loopargs[i].dsa_key[1] = get_dsa(1024);
1862         loopargs[i].dsa_key[2] = get_dsa(2048);
1863     }
1864 #endif
1865 #ifndef OPENSSL_NO_DES
1866     DES_set_key_unchecked(&key, &sch);
1867     DES_set_key_unchecked(&key2, &sch2);
1868     DES_set_key_unchecked(&key3, &sch3);
1869 #endif
1870     AES_set_encrypt_key(key16, 128, &aes_ks1);
1871     AES_set_encrypt_key(key24, 192, &aes_ks2);
1872     AES_set_encrypt_key(key32, 256, &aes_ks3);
1873 #ifndef OPENSSL_NO_CAMELLIA
1874     Camellia_set_key(key16, 128, &camellia_ks1);
1875     Camellia_set_key(ckey24, 192, &camellia_ks2);
1876     Camellia_set_key(ckey32, 256, &camellia_ks3);
1877 #endif
1878 #ifndef OPENSSL_NO_IDEA
1879     IDEA_set_encrypt_key(key16, &idea_ks);
1880 #endif
1881 #ifndef OPENSSL_NO_SEED
1882     SEED_set_key(key16, &seed_ks);
1883 #endif
1884 #ifndef OPENSSL_NO_RC4
1885     RC4_set_key(&rc4_ks, 16, key16);
1886 #endif
1887 #ifndef OPENSSL_NO_RC2
1888     RC2_set_key(&rc2_ks, 16, key16, 128);
1889 #endif
1890 #ifndef OPENSSL_NO_RC5
1891     RC5_32_set_key(&rc5_ks, 16, key16, 12);
1892 #endif
1893 #ifndef OPENSSL_NO_BF
1894     BF_set_key(&bf_ks, 16, key16);
1895 #endif
1896 #ifndef OPENSSL_NO_CAST
1897     CAST_set_key(&cast_ks, 16, key16);
1898 #endif
1899 #ifndef SIGALRM
1900 # ifndef OPENSSL_NO_DES
1901     BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
1902     count = 10;
1903     do {
1904         long it;
1905         count *= 2;
1906         Time_F(START);
1907         for (it = count; it; it--)
1908             DES_ecb_encrypt((DES_cblock *)loopargs[0].buf,
1909                             (DES_cblock *)loopargs[0].buf, &sch, DES_ENCRYPT);
1910         d = Time_F(STOP);
1911     } while (d < 3);
1912     save_count = count;
1913     c[D_MD2][0] = count / 10;
1914     c[D_MDC2][0] = count / 10;
1915     c[D_MD4][0] = count;
1916     c[D_MD5][0] = count;
1917     c[D_HMAC][0] = count;
1918     c[D_SHA1][0] = count;
1919     c[D_RMD160][0] = count;
1920     c[D_RC4][0] = count * 5;
1921     c[D_CBC_DES][0] = count;
1922     c[D_EDE3_DES][0] = count / 3;
1923     c[D_CBC_IDEA][0] = count;
1924     c[D_CBC_SEED][0] = count;
1925     c[D_CBC_RC2][0] = count;
1926     c[D_CBC_RC5][0] = count;
1927     c[D_CBC_BF][0] = count;
1928     c[D_CBC_CAST][0] = count;
1929     c[D_CBC_128_AES][0] = count;
1930     c[D_CBC_192_AES][0] = count;
1931     c[D_CBC_256_AES][0] = count;
1932     c[D_CBC_128_CML][0] = count;
1933     c[D_CBC_192_CML][0] = count;
1934     c[D_CBC_256_CML][0] = count;
1935     c[D_SHA256][0] = count;
1936     c[D_SHA512][0] = count;
1937     c[D_WHIRLPOOL][0] = count;
1938     c[D_IGE_128_AES][0] = count;
1939     c[D_IGE_192_AES][0] = count;
1940     c[D_IGE_256_AES][0] = count;
1941     c[D_GHASH][0] = count;
1942     c[D_RAND][0] = count;
1943 
1944     for (i = 1; i < size_num; i++) {
1945         long l0, l1;
1946 
1947         l0 = (long)lengths[0];
1948         l1 = (long)lengths[i];
1949 
1950         c[D_MD2][i] = c[D_MD2][0] * 4 * l0 / l1;
1951         c[D_MDC2][i] = c[D_MDC2][0] * 4 * l0 / l1;
1952         c[D_MD4][i] = c[D_MD4][0] * 4 * l0 / l1;
1953         c[D_MD5][i] = c[D_MD5][0] * 4 * l0 / l1;
1954         c[D_HMAC][i] = c[D_HMAC][0] * 4 * l0 / l1;
1955         c[D_SHA1][i] = c[D_SHA1][0] * 4 * l0 / l1;
1956         c[D_RMD160][i] = c[D_RMD160][0] * 4 * l0 / l1;
1957         c[D_SHA256][i] = c[D_SHA256][0] * 4 * l0 / l1;
1958         c[D_SHA512][i] = c[D_SHA512][0] * 4 * l0 / l1;
1959         c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * l0 / l1;
1960         c[D_GHASH][i] = c[D_GHASH][0] * 4 * l0 / l1;
1961         c[D_RAND][i] = c[D_RAND][0] * 4 * l0 / l1;
1962 
1963         l0 = (long)lengths[i - 1];
1964 
1965         c[D_RC4][i] = c[D_RC4][i - 1] * l0 / l1;
1966         c[D_CBC_DES][i] = c[D_CBC_DES][i - 1] * l0 / l1;
1967         c[D_EDE3_DES][i] = c[D_EDE3_DES][i - 1] * l0 / l1;
1968         c[D_CBC_IDEA][i] = c[D_CBC_IDEA][i - 1] * l0 / l1;
1969         c[D_CBC_SEED][i] = c[D_CBC_SEED][i - 1] * l0 / l1;
1970         c[D_CBC_RC2][i] = c[D_CBC_RC2][i - 1] * l0 / l1;
1971         c[D_CBC_RC5][i] = c[D_CBC_RC5][i - 1] * l0 / l1;
1972         c[D_CBC_BF][i] = c[D_CBC_BF][i - 1] * l0 / l1;
1973         c[D_CBC_CAST][i] = c[D_CBC_CAST][i - 1] * l0 / l1;
1974         c[D_CBC_128_AES][i] = c[D_CBC_128_AES][i - 1] * l0 / l1;
1975         c[D_CBC_192_AES][i] = c[D_CBC_192_AES][i - 1] * l0 / l1;
1976         c[D_CBC_256_AES][i] = c[D_CBC_256_AES][i - 1] * l0 / l1;
1977         c[D_CBC_128_CML][i] = c[D_CBC_128_CML][i - 1] * l0 / l1;
1978         c[D_CBC_192_CML][i] = c[D_CBC_192_CML][i - 1] * l0 / l1;
1979         c[D_CBC_256_CML][i] = c[D_CBC_256_CML][i - 1] * l0 / l1;
1980         c[D_IGE_128_AES][i] = c[D_IGE_128_AES][i - 1] * l0 / l1;
1981         c[D_IGE_192_AES][i] = c[D_IGE_192_AES][i - 1] * l0 / l1;
1982         c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
1983     }
1984 
1985 #  ifndef OPENSSL_NO_RSA
1986     rsa_c[R_RSA_512][0] = count / 2000;
1987     rsa_c[R_RSA_512][1] = count / 400;
1988     for (i = 1; i < RSA_NUM; i++) {
1989         rsa_c[i][0] = rsa_c[i - 1][0] / 8;
1990         rsa_c[i][1] = rsa_c[i - 1][1] / 4;
1991         if (rsa_doit[i] <= 1 && rsa_c[i][0] == 0)
1992             rsa_doit[i] = 0;
1993         else {
1994             if (rsa_c[i][0] == 0) {
1995                 rsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
1996                 rsa_c[i][1] = 20;
1997             }
1998         }
1999     }
2000 #  endif
2001 
2002 #  ifndef OPENSSL_NO_DSA
2003     dsa_c[R_DSA_512][0] = count / 1000;
2004     dsa_c[R_DSA_512][1] = count / 1000 / 2;
2005     for (i = 1; i < DSA_NUM; i++) {
2006         dsa_c[i][0] = dsa_c[i - 1][0] / 4;
2007         dsa_c[i][1] = dsa_c[i - 1][1] / 4;
2008         if (dsa_doit[i] <= 1 && dsa_c[i][0] == 0)
2009             dsa_doit[i] = 0;
2010         else {
2011             if (dsa_c[i][0] == 0) {
2012                 dsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2013                 dsa_c[i][1] = 1;
2014             }
2015         }
2016     }
2017 #  endif
2018 
2019 #  ifndef OPENSSL_NO_EC
2020     ecdsa_c[R_EC_P160][0] = count / 1000;
2021     ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
2022     for (i = R_EC_P192; i <= R_EC_P521; i++) {
2023         ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2024         ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2025         if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2026             ecdsa_doit[i] = 0;
2027         else {
2028             if (ecdsa_c[i][0] == 0) {
2029                 ecdsa_c[i][0] = 1;
2030                 ecdsa_c[i][1] = 1;
2031             }
2032         }
2033     }
2034     ecdsa_c[R_EC_K163][0] = count / 1000;
2035     ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
2036     for (i = R_EC_K233; i <= R_EC_K571; i++) {
2037         ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2038         ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2039         if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2040             ecdsa_doit[i] = 0;
2041         else {
2042             if (ecdsa_c[i][0] == 0) {
2043                 ecdsa_c[i][0] = 1;
2044                 ecdsa_c[i][1] = 1;
2045             }
2046         }
2047     }
2048     ecdsa_c[R_EC_B163][0] = count / 1000;
2049     ecdsa_c[R_EC_B163][1] = count / 1000 / 2;
2050     for (i = R_EC_B233; i <= R_EC_B571; i++) {
2051         ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2052         ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2053         if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2054             ecdsa_doit[i] = 0;
2055         else {
2056             if (ecdsa_c[i][0] == 0) {
2057                 ecdsa_c[i][0] = 1;
2058                 ecdsa_c[i][1] = 1;
2059             }
2060         }
2061     }
2062 
2063     ecdh_c[R_EC_P160][0] = count / 1000;
2064     for (i = R_EC_P192; i <= R_EC_P521; i++) {
2065         ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2066         if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2067             ecdh_doit[i] = 0;
2068         else {
2069             if (ecdh_c[i][0] == 0) {
2070                 ecdh_c[i][0] = 1;
2071             }
2072         }
2073     }
2074     ecdh_c[R_EC_K163][0] = count / 1000;
2075     for (i = R_EC_K233; i <= R_EC_K571; i++) {
2076         ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2077         if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2078             ecdh_doit[i] = 0;
2079         else {
2080             if (ecdh_c[i][0] == 0) {
2081                 ecdh_c[i][0] = 1;
2082             }
2083         }
2084     }
2085     ecdh_c[R_EC_B163][0] = count / 1000;
2086     for (i = R_EC_B233; i <= R_EC_B571; i++) {
2087         ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2088         if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2089             ecdh_doit[i] = 0;
2090         else {
2091             if (ecdh_c[i][0] == 0) {
2092                 ecdh_c[i][0] = 1;
2093             }
2094         }
2095     }
2096     /* repeated code good to factorize */
2097     ecdh_c[R_EC_BRP256R1][0] = count / 1000;
2098     for (i = R_EC_BRP384R1; i <= R_EC_BRP512R1; i += 2) {
2099         ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2100         if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2101             ecdh_doit[i] = 0;
2102         else {
2103             if (ecdh_c[i][0] == 0) {
2104                 ecdh_c[i][0] = 1;
2105             }
2106         }
2107     }
2108     ecdh_c[R_EC_BRP256T1][0] = count / 1000;
2109     for (i = R_EC_BRP384T1; i <= R_EC_BRP512T1; i += 2) {
2110         ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2111         if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2112             ecdh_doit[i] = 0;
2113         else {
2114             if (ecdh_c[i][0] == 0) {
2115                 ecdh_c[i][0] = 1;
2116             }
2117         }
2118     }
2119     /* default iteration count for the last two EC Curves */
2120     ecdh_c[R_EC_X25519][0] = count / 1800;
2121     ecdh_c[R_EC_X448][0] = count / 7200;
2122 
2123     eddsa_c[R_EC_Ed25519][0] = count / 1800;
2124     eddsa_c[R_EC_Ed448][0] = count / 7200;
2125 #  endif
2126 
2127 # else
2128 /* not worth fixing */
2129 #  error "You cannot disable DES on systems without SIGALRM."
2130 # endif                         /* OPENSSL_NO_DES */
2131 #elif SIGALRM > 0
2132     signal(SIGALRM, alarmed);
2133 #endif                          /* SIGALRM */
2134 
2135 #ifndef OPENSSL_NO_MD2
2136     if (doit[D_MD2]) {
2137         for (testnum = 0; testnum < size_num; testnum++) {
2138             print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum],
2139                           seconds.sym);
2140             Time_F(START);
2141             count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs);
2142             d = Time_F(STOP);
2143             print_result(D_MD2, testnum, count, d);
2144         }
2145     }
2146 #endif
2147 #ifndef OPENSSL_NO_MDC2
2148     if (doit[D_MDC2]) {
2149         for (testnum = 0; testnum < size_num; testnum++) {
2150             print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum],
2151                           seconds.sym);
2152             Time_F(START);
2153             count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs);
2154             d = Time_F(STOP);
2155             print_result(D_MDC2, testnum, count, d);
2156         }
2157     }
2158 #endif
2159 
2160 #ifndef OPENSSL_NO_MD4
2161     if (doit[D_MD4]) {
2162         for (testnum = 0; testnum < size_num; testnum++) {
2163             print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum],
2164                           seconds.sym);
2165             Time_F(START);
2166             count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs);
2167             d = Time_F(STOP);
2168             print_result(D_MD4, testnum, count, d);
2169         }
2170     }
2171 #endif
2172 
2173 #ifndef OPENSSL_NO_MD5
2174     if (doit[D_MD5]) {
2175         for (testnum = 0; testnum < size_num; testnum++) {
2176             print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum],
2177                           seconds.sym);
2178             Time_F(START);
2179             count = run_benchmark(async_jobs, MD5_loop, loopargs);
2180             d = Time_F(STOP);
2181             print_result(D_MD5, testnum, count, d);
2182         }
2183     }
2184 
2185     if (doit[D_HMAC]) {
2186         static const char hmac_key[] = "This is a key...";
2187         int len = strlen(hmac_key);
2188 
2189         for (i = 0; i < loopargs_len; i++) {
2190             loopargs[i].hctx = HMAC_CTX_new();
2191             if (loopargs[i].hctx == NULL) {
2192                 BIO_printf(bio_err, "HMAC malloc failure, exiting...");
2193                 exit(1);
2194             }
2195 
2196             HMAC_Init_ex(loopargs[i].hctx, hmac_key, len, EVP_md5(), NULL);
2197         }
2198         for (testnum = 0; testnum < size_num; testnum++) {
2199             print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum],
2200                           seconds.sym);
2201             Time_F(START);
2202             count = run_benchmark(async_jobs, HMAC_loop, loopargs);
2203             d = Time_F(STOP);
2204             print_result(D_HMAC, testnum, count, d);
2205         }
2206         for (i = 0; i < loopargs_len; i++) {
2207             HMAC_CTX_free(loopargs[i].hctx);
2208         }
2209     }
2210 #endif
2211     if (doit[D_SHA1]) {
2212         for (testnum = 0; testnum < size_num; testnum++) {
2213             print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum],
2214                           seconds.sym);
2215             Time_F(START);
2216             count = run_benchmark(async_jobs, SHA1_loop, loopargs);
2217             d = Time_F(STOP);
2218             print_result(D_SHA1, testnum, count, d);
2219         }
2220     }
2221     if (doit[D_SHA256]) {
2222         for (testnum = 0; testnum < size_num; testnum++) {
2223             print_message(names[D_SHA256], c[D_SHA256][testnum],
2224                           lengths[testnum], seconds.sym);
2225             Time_F(START);
2226             count = run_benchmark(async_jobs, SHA256_loop, loopargs);
2227             d = Time_F(STOP);
2228             print_result(D_SHA256, testnum, count, d);
2229         }
2230     }
2231     if (doit[D_SHA512]) {
2232         for (testnum = 0; testnum < size_num; testnum++) {
2233             print_message(names[D_SHA512], c[D_SHA512][testnum],
2234                           lengths[testnum], seconds.sym);
2235             Time_F(START);
2236             count = run_benchmark(async_jobs, SHA512_loop, loopargs);
2237             d = Time_F(STOP);
2238             print_result(D_SHA512, testnum, count, d);
2239         }
2240     }
2241 #ifndef OPENSSL_NO_WHIRLPOOL
2242     if (doit[D_WHIRLPOOL]) {
2243         for (testnum = 0; testnum < size_num; testnum++) {
2244             print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][testnum],
2245                           lengths[testnum], seconds.sym);
2246             Time_F(START);
2247             count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs);
2248             d = Time_F(STOP);
2249             print_result(D_WHIRLPOOL, testnum, count, d);
2250         }
2251     }
2252 #endif
2253 
2254 #ifndef OPENSSL_NO_RMD160
2255     if (doit[D_RMD160]) {
2256         for (testnum = 0; testnum < size_num; testnum++) {
2257             print_message(names[D_RMD160], c[D_RMD160][testnum],
2258                           lengths[testnum], seconds.sym);
2259             Time_F(START);
2260             count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs);
2261             d = Time_F(STOP);
2262             print_result(D_RMD160, testnum, count, d);
2263         }
2264     }
2265 #endif
2266 #ifndef OPENSSL_NO_RC4
2267     if (doit[D_RC4]) {
2268         for (testnum = 0; testnum < size_num; testnum++) {
2269             print_message(names[D_RC4], c[D_RC4][testnum], lengths[testnum],
2270                           seconds.sym);
2271             Time_F(START);
2272             count = run_benchmark(async_jobs, RC4_loop, loopargs);
2273             d = Time_F(STOP);
2274             print_result(D_RC4, testnum, count, d);
2275         }
2276     }
2277 #endif
2278 #ifndef OPENSSL_NO_DES
2279     if (doit[D_CBC_DES]) {
2280         for (testnum = 0; testnum < size_num; testnum++) {
2281             print_message(names[D_CBC_DES], c[D_CBC_DES][testnum],
2282                           lengths[testnum], seconds.sym);
2283             Time_F(START);
2284             count = run_benchmark(async_jobs, DES_ncbc_encrypt_loop, loopargs);
2285             d = Time_F(STOP);
2286             print_result(D_CBC_DES, testnum, count, d);
2287         }
2288     }
2289 
2290     if (doit[D_EDE3_DES]) {
2291         for (testnum = 0; testnum < size_num; testnum++) {
2292             print_message(names[D_EDE3_DES], c[D_EDE3_DES][testnum],
2293                           lengths[testnum], seconds.sym);
2294             Time_F(START);
2295             count =
2296                 run_benchmark(async_jobs, DES_ede3_cbc_encrypt_loop, loopargs);
2297             d = Time_F(STOP);
2298             print_result(D_EDE3_DES, testnum, count, d);
2299         }
2300     }
2301 #endif
2302 
2303     if (doit[D_CBC_128_AES]) {
2304         for (testnum = 0; testnum < size_num; testnum++) {
2305             print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][testnum],
2306                           lengths[testnum], seconds.sym);
2307             Time_F(START);
2308             count =
2309                 run_benchmark(async_jobs, AES_cbc_128_encrypt_loop, loopargs);
2310             d = Time_F(STOP);
2311             print_result(D_CBC_128_AES, testnum, count, d);
2312         }
2313     }
2314     if (doit[D_CBC_192_AES]) {
2315         for (testnum = 0; testnum < size_num; testnum++) {
2316             print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][testnum],
2317                           lengths[testnum], seconds.sym);
2318             Time_F(START);
2319             count =
2320                 run_benchmark(async_jobs, AES_cbc_192_encrypt_loop, loopargs);
2321             d = Time_F(STOP);
2322             print_result(D_CBC_192_AES, testnum, count, d);
2323         }
2324     }
2325     if (doit[D_CBC_256_AES]) {
2326         for (testnum = 0; testnum < size_num; testnum++) {
2327             print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][testnum],
2328                           lengths[testnum], seconds.sym);
2329             Time_F(START);
2330             count =
2331                 run_benchmark(async_jobs, AES_cbc_256_encrypt_loop, loopargs);
2332             d = Time_F(STOP);
2333             print_result(D_CBC_256_AES, testnum, count, d);
2334         }
2335     }
2336 
2337     if (doit[D_IGE_128_AES]) {
2338         for (testnum = 0; testnum < size_num; testnum++) {
2339             print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][testnum],
2340                           lengths[testnum], seconds.sym);
2341             Time_F(START);
2342             count =
2343                 run_benchmark(async_jobs, AES_ige_128_encrypt_loop, loopargs);
2344             d = Time_F(STOP);
2345             print_result(D_IGE_128_AES, testnum, count, d);
2346         }
2347     }
2348     if (doit[D_IGE_192_AES]) {
2349         for (testnum = 0; testnum < size_num; testnum++) {
2350             print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][testnum],
2351                           lengths[testnum], seconds.sym);
2352             Time_F(START);
2353             count =
2354                 run_benchmark(async_jobs, AES_ige_192_encrypt_loop, loopargs);
2355             d = Time_F(STOP);
2356             print_result(D_IGE_192_AES, testnum, count, d);
2357         }
2358     }
2359     if (doit[D_IGE_256_AES]) {
2360         for (testnum = 0; testnum < size_num; testnum++) {
2361             print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][testnum],
2362                           lengths[testnum], seconds.sym);
2363             Time_F(START);
2364             count =
2365                 run_benchmark(async_jobs, AES_ige_256_encrypt_loop, loopargs);
2366             d = Time_F(STOP);
2367             print_result(D_IGE_256_AES, testnum, count, d);
2368         }
2369     }
2370     if (doit[D_GHASH]) {
2371         for (i = 0; i < loopargs_len; i++) {
2372             loopargs[i].gcm_ctx =
2373                 CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
2374             CRYPTO_gcm128_setiv(loopargs[i].gcm_ctx,
2375                                 (unsigned char *)"0123456789ab", 12);
2376         }
2377 
2378         for (testnum = 0; testnum < size_num; testnum++) {
2379             print_message(names[D_GHASH], c[D_GHASH][testnum],
2380                           lengths[testnum], seconds.sym);
2381             Time_F(START);
2382             count = run_benchmark(async_jobs, CRYPTO_gcm128_aad_loop, loopargs);
2383             d = Time_F(STOP);
2384             print_result(D_GHASH, testnum, count, d);
2385         }
2386         for (i = 0; i < loopargs_len; i++)
2387             CRYPTO_gcm128_release(loopargs[i].gcm_ctx);
2388     }
2389 #ifndef OPENSSL_NO_CAMELLIA
2390     if (doit[D_CBC_128_CML]) {
2391         if (async_jobs > 0) {
2392             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2393                        names[D_CBC_128_CML]);
2394             doit[D_CBC_128_CML] = 0;
2395         }
2396         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2397             print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][testnum],
2398                           lengths[testnum], seconds.sym);
2399             Time_F(START);
2400             for (count = 0, run = 1; COND(c[D_CBC_128_CML][testnum]); count++)
2401                 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2402                                      (size_t)lengths[testnum], &camellia_ks1,
2403                                      iv, CAMELLIA_ENCRYPT);
2404             d = Time_F(STOP);
2405             print_result(D_CBC_128_CML, testnum, count, d);
2406         }
2407     }
2408     if (doit[D_CBC_192_CML]) {
2409         if (async_jobs > 0) {
2410             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2411                        names[D_CBC_192_CML]);
2412             doit[D_CBC_192_CML] = 0;
2413         }
2414         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2415             print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][testnum],
2416                           lengths[testnum], seconds.sym);
2417             if (async_jobs > 0) {
2418                 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2419                 exit(1);
2420             }
2421             Time_F(START);
2422             for (count = 0, run = 1; COND(c[D_CBC_192_CML][testnum]); count++)
2423                 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2424                                      (size_t)lengths[testnum], &camellia_ks2,
2425                                      iv, CAMELLIA_ENCRYPT);
2426             d = Time_F(STOP);
2427             print_result(D_CBC_192_CML, testnum, count, d);
2428         }
2429     }
2430     if (doit[D_CBC_256_CML]) {
2431         if (async_jobs > 0) {
2432             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2433                        names[D_CBC_256_CML]);
2434             doit[D_CBC_256_CML] = 0;
2435         }
2436         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2437             print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][testnum],
2438                           lengths[testnum], seconds.sym);
2439             Time_F(START);
2440             for (count = 0, run = 1; COND(c[D_CBC_256_CML][testnum]); count++)
2441                 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2442                                      (size_t)lengths[testnum], &camellia_ks3,
2443                                      iv, CAMELLIA_ENCRYPT);
2444             d = Time_F(STOP);
2445             print_result(D_CBC_256_CML, testnum, count, d);
2446         }
2447     }
2448 #endif
2449 #ifndef OPENSSL_NO_IDEA
2450     if (doit[D_CBC_IDEA]) {
2451         if (async_jobs > 0) {
2452             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2453                        names[D_CBC_IDEA]);
2454             doit[D_CBC_IDEA] = 0;
2455         }
2456         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2457             print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][testnum],
2458                           lengths[testnum], seconds.sym);
2459             Time_F(START);
2460             for (count = 0, run = 1; COND(c[D_CBC_IDEA][testnum]); count++)
2461                 IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2462                                  (size_t)lengths[testnum], &idea_ks,
2463                                  iv, IDEA_ENCRYPT);
2464             d = Time_F(STOP);
2465             print_result(D_CBC_IDEA, testnum, count, d);
2466         }
2467     }
2468 #endif
2469 #ifndef OPENSSL_NO_SEED
2470     if (doit[D_CBC_SEED]) {
2471         if (async_jobs > 0) {
2472             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2473                        names[D_CBC_SEED]);
2474             doit[D_CBC_SEED] = 0;
2475         }
2476         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2477             print_message(names[D_CBC_SEED], c[D_CBC_SEED][testnum],
2478                           lengths[testnum], seconds.sym);
2479             Time_F(START);
2480             for (count = 0, run = 1; COND(c[D_CBC_SEED][testnum]); count++)
2481                 SEED_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2482                                  (size_t)lengths[testnum], &seed_ks, iv, 1);
2483             d = Time_F(STOP);
2484             print_result(D_CBC_SEED, testnum, count, d);
2485         }
2486     }
2487 #endif
2488 #ifndef OPENSSL_NO_RC2
2489     if (doit[D_CBC_RC2]) {
2490         if (async_jobs > 0) {
2491             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2492                        names[D_CBC_RC2]);
2493             doit[D_CBC_RC2] = 0;
2494         }
2495         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2496             print_message(names[D_CBC_RC2], c[D_CBC_RC2][testnum],
2497                           lengths[testnum], seconds.sym);
2498             if (async_jobs > 0) {
2499                 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2500                 exit(1);
2501             }
2502             Time_F(START);
2503             for (count = 0, run = 1; COND(c[D_CBC_RC2][testnum]); count++)
2504                 RC2_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2505                                 (size_t)lengths[testnum], &rc2_ks,
2506                                 iv, RC2_ENCRYPT);
2507             d = Time_F(STOP);
2508             print_result(D_CBC_RC2, testnum, count, d);
2509         }
2510     }
2511 #endif
2512 #ifndef OPENSSL_NO_RC5
2513     if (doit[D_CBC_RC5]) {
2514         if (async_jobs > 0) {
2515             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2516                        names[D_CBC_RC5]);
2517             doit[D_CBC_RC5] = 0;
2518         }
2519         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2520             print_message(names[D_CBC_RC5], c[D_CBC_RC5][testnum],
2521                           lengths[testnum], seconds.sym);
2522             if (async_jobs > 0) {
2523                 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2524                 exit(1);
2525             }
2526             Time_F(START);
2527             for (count = 0, run = 1; COND(c[D_CBC_RC5][testnum]); count++)
2528                 RC5_32_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2529                                    (size_t)lengths[testnum], &rc5_ks,
2530                                    iv, RC5_ENCRYPT);
2531             d = Time_F(STOP);
2532             print_result(D_CBC_RC5, testnum, count, d);
2533         }
2534     }
2535 #endif
2536 #ifndef OPENSSL_NO_BF
2537     if (doit[D_CBC_BF]) {
2538         if (async_jobs > 0) {
2539             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2540                        names[D_CBC_BF]);
2541             doit[D_CBC_BF] = 0;
2542         }
2543         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2544             print_message(names[D_CBC_BF], c[D_CBC_BF][testnum],
2545                           lengths[testnum], seconds.sym);
2546             Time_F(START);
2547             for (count = 0, run = 1; COND(c[D_CBC_BF][testnum]); count++)
2548                 BF_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2549                                (size_t)lengths[testnum], &bf_ks,
2550                                iv, BF_ENCRYPT);
2551             d = Time_F(STOP);
2552             print_result(D_CBC_BF, testnum, count, d);
2553         }
2554     }
2555 #endif
2556 #ifndef OPENSSL_NO_CAST
2557     if (doit[D_CBC_CAST]) {
2558         if (async_jobs > 0) {
2559             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2560                        names[D_CBC_CAST]);
2561             doit[D_CBC_CAST] = 0;
2562         }
2563         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2564             print_message(names[D_CBC_CAST], c[D_CBC_CAST][testnum],
2565                           lengths[testnum], seconds.sym);
2566             Time_F(START);
2567             for (count = 0, run = 1; COND(c[D_CBC_CAST][testnum]); count++)
2568                 CAST_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2569                                  (size_t)lengths[testnum], &cast_ks,
2570                                  iv, CAST_ENCRYPT);
2571             d = Time_F(STOP);
2572             print_result(D_CBC_CAST, testnum, count, d);
2573         }
2574     }
2575 #endif
2576     if (doit[D_RAND]) {
2577         for (testnum = 0; testnum < size_num; testnum++) {
2578             print_message(names[D_RAND], c[D_RAND][testnum], lengths[testnum],
2579                           seconds.sym);
2580             Time_F(START);
2581             count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs);
2582             d = Time_F(STOP);
2583             print_result(D_RAND, testnum, count, d);
2584         }
2585     }
2586 
2587     if (doit[D_EVP]) {
2588         if (evp_cipher != NULL) {
2589             int (*loopfunc)(void *args) = EVP_Update_loop;
2590 
2591             if (multiblock && (EVP_CIPHER_flags(evp_cipher) &
2592                                EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
2593                 multiblock_speed(evp_cipher, lengths_single, &seconds);
2594                 ret = 0;
2595                 goto end;
2596             }
2597 
2598             names[D_EVP] = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
2599 
2600             if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_CCM_MODE) {
2601                 loopfunc = EVP_Update_loop_ccm;
2602             } else if (aead && (EVP_CIPHER_flags(evp_cipher) &
2603                                 EVP_CIPH_FLAG_AEAD_CIPHER)) {
2604                 loopfunc = EVP_Update_loop_aead;
2605                 if (lengths == lengths_list) {
2606                     lengths = aead_lengths_list;
2607                     size_num = OSSL_NELEM(aead_lengths_list);
2608                 }
2609             }
2610 
2611             for (testnum = 0; testnum < size_num; testnum++) {
2612                 print_message(names[D_EVP], save_count, lengths[testnum],
2613                               seconds.sym);
2614 
2615                 for (k = 0; k < loopargs_len; k++) {
2616                     loopargs[k].ctx = EVP_CIPHER_CTX_new();
2617                     EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL, NULL,
2618                                       iv, decrypt ? 0 : 1);
2619 
2620                     EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
2621 
2622                     keylen = EVP_CIPHER_CTX_key_length(loopargs[k].ctx);
2623                     loopargs[k].key = app_malloc(keylen, "evp_cipher key");
2624                     EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key);
2625                     EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
2626                                       loopargs[k].key, NULL, -1);
2627                     OPENSSL_clear_free(loopargs[k].key, keylen);
2628                 }
2629 
2630                 Time_F(START);
2631                 count = run_benchmark(async_jobs, loopfunc, loopargs);
2632                 d = Time_F(STOP);
2633                 for (k = 0; k < loopargs_len; k++) {
2634                     EVP_CIPHER_CTX_free(loopargs[k].ctx);
2635                 }
2636                 print_result(D_EVP, testnum, count, d);
2637             }
2638         } else if (evp_md != NULL) {
2639             names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md));
2640 
2641             for (testnum = 0; testnum < size_num; testnum++) {
2642                 print_message(names[D_EVP], save_count, lengths[testnum],
2643                               seconds.sym);
2644                 Time_F(START);
2645                 count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs);
2646                 d = Time_F(STOP);
2647                 print_result(D_EVP, testnum, count, d);
2648             }
2649         }
2650     }
2651 
2652     for (i = 0; i < loopargs_len; i++)
2653         if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2654             goto end;
2655 
2656 #ifndef OPENSSL_NO_RSA
2657     for (testnum = 0; testnum < RSA_NUM; testnum++) {
2658         int st = 0;
2659         if (!rsa_doit[testnum])
2660             continue;
2661         for (i = 0; i < loopargs_len; i++) {
2662             if (primes > 2) {
2663                 /* we haven't set keys yet,  generate multi-prime RSA keys */
2664                 BIGNUM *bn = BN_new();
2665 
2666                 if (bn == NULL)
2667                     goto end;
2668                 if (!BN_set_word(bn, RSA_F4)) {
2669                     BN_free(bn);
2670                     goto end;
2671                 }
2672 
2673                 BIO_printf(bio_err, "Generate multi-prime RSA key for %s\n",
2674                            rsa_choices[testnum].name);
2675 
2676                 loopargs[i].rsa_key[testnum] = RSA_new();
2677                 if (loopargs[i].rsa_key[testnum] == NULL) {
2678                     BN_free(bn);
2679                     goto end;
2680                 }
2681 
2682                 if (!RSA_generate_multi_prime_key(loopargs[i].rsa_key[testnum],
2683                                                   rsa_bits[testnum],
2684                                                   primes, bn, NULL)) {
2685                     BN_free(bn);
2686                     goto end;
2687                 }
2688                 BN_free(bn);
2689             }
2690             st = RSA_sign(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2691                           &loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2692             if (st == 0)
2693                 break;
2694         }
2695         if (st == 0) {
2696             BIO_printf(bio_err,
2697                        "RSA sign failure.  No RSA sign will be done.\n");
2698             ERR_print_errors(bio_err);
2699             rsa_count = 1;
2700         } else {
2701             pkey_print_message("private", "rsa",
2702                                rsa_c[testnum][0], rsa_bits[testnum],
2703                                seconds.rsa);
2704             /* RSA_blinding_on(rsa_key[testnum],NULL); */
2705             Time_F(START);
2706             count = run_benchmark(async_jobs, RSA_sign_loop, loopargs);
2707             d = Time_F(STOP);
2708             BIO_printf(bio_err,
2709                        mr ? "+R1:%ld:%d:%.2f\n"
2710                        : "%ld %u bits private RSA's in %.2fs\n",
2711                        count, rsa_bits[testnum], d);
2712             rsa_results[testnum][0] = (double)count / d;
2713             rsa_count = count;
2714         }
2715 
2716         for (i = 0; i < loopargs_len; i++) {
2717             st = RSA_verify(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2718                             loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2719             if (st <= 0)
2720                 break;
2721         }
2722         if (st <= 0) {
2723             BIO_printf(bio_err,
2724                        "RSA verify failure.  No RSA verify will be done.\n");
2725             ERR_print_errors(bio_err);
2726             rsa_doit[testnum] = 0;
2727         } else {
2728             pkey_print_message("public", "rsa",
2729                                rsa_c[testnum][1], rsa_bits[testnum],
2730                                seconds.rsa);
2731             Time_F(START);
2732             count = run_benchmark(async_jobs, RSA_verify_loop, loopargs);
2733             d = Time_F(STOP);
2734             BIO_printf(bio_err,
2735                        mr ? "+R2:%ld:%d:%.2f\n"
2736                        : "%ld %u bits public RSA's in %.2fs\n",
2737                        count, rsa_bits[testnum], d);
2738             rsa_results[testnum][1] = (double)count / d;
2739         }
2740 
2741         if (rsa_count <= 1) {
2742             /* if longer than 10s, don't do any more */
2743             for (testnum++; testnum < RSA_NUM; testnum++)
2744                 rsa_doit[testnum] = 0;
2745         }
2746     }
2747 #endif                          /* OPENSSL_NO_RSA */
2748 
2749     for (i = 0; i < loopargs_len; i++)
2750         if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2751             goto end;
2752 
2753 #ifndef OPENSSL_NO_DSA
2754     for (testnum = 0; testnum < DSA_NUM; testnum++) {
2755         int st = 0;
2756         if (!dsa_doit[testnum])
2757             continue;
2758 
2759         /* DSA_generate_key(dsa_key[testnum]); */
2760         /* DSA_sign_setup(dsa_key[testnum],NULL); */
2761         for (i = 0; i < loopargs_len; i++) {
2762             st = DSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
2763                           &loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2764             if (st == 0)
2765                 break;
2766         }
2767         if (st == 0) {
2768             BIO_printf(bio_err,
2769                        "DSA sign failure.  No DSA sign will be done.\n");
2770             ERR_print_errors(bio_err);
2771             rsa_count = 1;
2772         } else {
2773             pkey_print_message("sign", "dsa",
2774                                dsa_c[testnum][0], dsa_bits[testnum],
2775                                seconds.dsa);
2776             Time_F(START);
2777             count = run_benchmark(async_jobs, DSA_sign_loop, loopargs);
2778             d = Time_F(STOP);
2779             BIO_printf(bio_err,
2780                        mr ? "+R3:%ld:%u:%.2f\n"
2781                        : "%ld %u bits DSA signs in %.2fs\n",
2782                        count, dsa_bits[testnum], d);
2783             dsa_results[testnum][0] = (double)count / d;
2784             rsa_count = count;
2785         }
2786 
2787         for (i = 0; i < loopargs_len; i++) {
2788             st = DSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
2789                             loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2790             if (st <= 0)
2791                 break;
2792         }
2793         if (st <= 0) {
2794             BIO_printf(bio_err,
2795                        "DSA verify failure.  No DSA verify will be done.\n");
2796             ERR_print_errors(bio_err);
2797             dsa_doit[testnum] = 0;
2798         } else {
2799             pkey_print_message("verify", "dsa",
2800                                dsa_c[testnum][1], dsa_bits[testnum],
2801                                seconds.dsa);
2802             Time_F(START);
2803             count = run_benchmark(async_jobs, DSA_verify_loop, loopargs);
2804             d = Time_F(STOP);
2805             BIO_printf(bio_err,
2806                        mr ? "+R4:%ld:%u:%.2f\n"
2807                        : "%ld %u bits DSA verify in %.2fs\n",
2808                        count, dsa_bits[testnum], d);
2809             dsa_results[testnum][1] = (double)count / d;
2810         }
2811 
2812         if (rsa_count <= 1) {
2813             /* if longer than 10s, don't do any more */
2814             for (testnum++; testnum < DSA_NUM; testnum++)
2815                 dsa_doit[testnum] = 0;
2816         }
2817     }
2818 #endif                          /* OPENSSL_NO_DSA */
2819 
2820 #ifndef OPENSSL_NO_EC
2821     for (testnum = 0; testnum < ECDSA_NUM; testnum++) {
2822         int st = 1;
2823 
2824         if (!ecdsa_doit[testnum])
2825             continue;           /* Ignore Curve */
2826         for (i = 0; i < loopargs_len; i++) {
2827             loopargs[i].ecdsa[testnum] =
2828                 EC_KEY_new_by_curve_name(test_curves[testnum].nid);
2829             if (loopargs[i].ecdsa[testnum] == NULL) {
2830                 st = 0;
2831                 break;
2832             }
2833         }
2834         if (st == 0) {
2835             BIO_printf(bio_err, "ECDSA failure.\n");
2836             ERR_print_errors(bio_err);
2837             rsa_count = 1;
2838         } else {
2839             for (i = 0; i < loopargs_len; i++) {
2840                 EC_KEY_precompute_mult(loopargs[i].ecdsa[testnum], NULL);
2841                 /* Perform ECDSA signature test */
2842                 EC_KEY_generate_key(loopargs[i].ecdsa[testnum]);
2843                 st = ECDSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
2844                                 &loopargs[i].siglen,
2845                                 loopargs[i].ecdsa[testnum]);
2846                 if (st == 0)
2847                     break;
2848             }
2849             if (st == 0) {
2850                 BIO_printf(bio_err,
2851                            "ECDSA sign failure.  No ECDSA sign will be done.\n");
2852                 ERR_print_errors(bio_err);
2853                 rsa_count = 1;
2854             } else {
2855                 pkey_print_message("sign", "ecdsa",
2856                                    ecdsa_c[testnum][0],
2857                                    test_curves[testnum].bits, seconds.ecdsa);
2858                 Time_F(START);
2859                 count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs);
2860                 d = Time_F(STOP);
2861 
2862                 BIO_printf(bio_err,
2863                            mr ? "+R5:%ld:%u:%.2f\n" :
2864                            "%ld %u bits ECDSA signs in %.2fs \n",
2865                            count, test_curves[testnum].bits, d);
2866                 ecdsa_results[testnum][0] = (double)count / d;
2867                 rsa_count = count;
2868             }
2869 
2870             /* Perform ECDSA verification test */
2871             for (i = 0; i < loopargs_len; i++) {
2872                 st = ECDSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
2873                                   loopargs[i].siglen,
2874                                   loopargs[i].ecdsa[testnum]);
2875                 if (st != 1)
2876                     break;
2877             }
2878             if (st != 1) {
2879                 BIO_printf(bio_err,
2880                            "ECDSA verify failure.  No ECDSA verify will be done.\n");
2881                 ERR_print_errors(bio_err);
2882                 ecdsa_doit[testnum] = 0;
2883             } else {
2884                 pkey_print_message("verify", "ecdsa",
2885                                    ecdsa_c[testnum][1],
2886                                    test_curves[testnum].bits, seconds.ecdsa);
2887                 Time_F(START);
2888                 count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs);
2889                 d = Time_F(STOP);
2890                 BIO_printf(bio_err,
2891                            mr ? "+R6:%ld:%u:%.2f\n"
2892                            : "%ld %u bits ECDSA verify in %.2fs\n",
2893                            count, test_curves[testnum].bits, d);
2894                 ecdsa_results[testnum][1] = (double)count / d;
2895             }
2896 
2897             if (rsa_count <= 1) {
2898                 /* if longer than 10s, don't do any more */
2899                 for (testnum++; testnum < ECDSA_NUM; testnum++)
2900                     ecdsa_doit[testnum] = 0;
2901             }
2902         }
2903     }
2904 
2905     for (testnum = 0; testnum < EC_NUM; testnum++) {
2906         int ecdh_checks = 1;
2907 
2908         if (!ecdh_doit[testnum])
2909             continue;
2910 
2911         for (i = 0; i < loopargs_len; i++) {
2912             EVP_PKEY_CTX *kctx = NULL;
2913             EVP_PKEY_CTX *test_ctx = NULL;
2914             EVP_PKEY_CTX *ctx = NULL;
2915             EVP_PKEY *key_A = NULL;
2916             EVP_PKEY *key_B = NULL;
2917             size_t outlen;
2918             size_t test_outlen;
2919 
2920             /* Ensure that the error queue is empty */
2921             if (ERR_peek_error()) {
2922                 BIO_printf(bio_err,
2923                            "WARNING: the error queue contains previous unhandled errors.\n");
2924                 ERR_print_errors(bio_err);
2925             }
2926 
2927             /* Let's try to create a ctx directly from the NID: this works for
2928              * curves like Curve25519 that are not implemented through the low
2929              * level EC interface.
2930              * If this fails we try creating a EVP_PKEY_EC generic param ctx,
2931              * then we set the curve by NID before deriving the actual keygen
2932              * ctx for that specific curve. */
2933             kctx = EVP_PKEY_CTX_new_id(test_curves[testnum].nid, NULL); /* keygen ctx from NID */
2934             if (!kctx) {
2935                 EVP_PKEY_CTX *pctx = NULL;
2936                 EVP_PKEY *params = NULL;
2937 
2938                 /* If we reach this code EVP_PKEY_CTX_new_id() failed and a
2939                  * "int_ctx_new:unsupported algorithm" error was added to the
2940                  * error queue.
2941                  * We remove it from the error queue as we are handling it. */
2942                 unsigned long error = ERR_peek_error(); /* peek the latest error in the queue */
2943                 if (error == ERR_peek_last_error() && /* oldest and latest errors match */
2944                     /* check that the error origin matches */
2945                     ERR_GET_LIB(error) == ERR_LIB_EVP &&
2946                     ERR_GET_FUNC(error) == EVP_F_INT_CTX_NEW &&
2947                     ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM)
2948                     ERR_get_error(); /* pop error from queue */
2949                 if (ERR_peek_error()) {
2950                     BIO_printf(bio_err,
2951                                "Unhandled error in the error queue during ECDH init.\n");
2952                     ERR_print_errors(bio_err);
2953                     rsa_count = 1;
2954                     break;
2955                 }
2956 
2957                 if (            /* Create the context for parameter generation */
2958                        !(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) ||
2959                        /* Initialise the parameter generation */
2960                        !EVP_PKEY_paramgen_init(pctx) ||
2961                        /* Set the curve by NID */
2962                        !EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
2963                                                                test_curves
2964                                                                [testnum].nid) ||
2965                        /* Create the parameter object params */
2966                        !EVP_PKEY_paramgen(pctx, &params)) {
2967                     ecdh_checks = 0;
2968                     BIO_printf(bio_err, "ECDH EC params init failure.\n");
2969                     ERR_print_errors(bio_err);
2970                     rsa_count = 1;
2971                     break;
2972                 }
2973                 /* Create the context for the key generation */
2974                 kctx = EVP_PKEY_CTX_new(params, NULL);
2975 
2976                 EVP_PKEY_free(params);
2977                 params = NULL;
2978                 EVP_PKEY_CTX_free(pctx);
2979                 pctx = NULL;
2980             }
2981             if (kctx == NULL ||      /* keygen ctx is not null */
2982                 !EVP_PKEY_keygen_init(kctx) /* init keygen ctx */ ) {
2983                 ecdh_checks = 0;
2984                 BIO_printf(bio_err, "ECDH keygen failure.\n");
2985                 ERR_print_errors(bio_err);
2986                 rsa_count = 1;
2987                 break;
2988             }
2989 
2990             if (!EVP_PKEY_keygen(kctx, &key_A) || /* generate secret key A */
2991                 !EVP_PKEY_keygen(kctx, &key_B) || /* generate secret key B */
2992                 !(ctx = EVP_PKEY_CTX_new(key_A, NULL)) || /* derivation ctx from skeyA */
2993                 !EVP_PKEY_derive_init(ctx) || /* init derivation ctx */
2994                 !EVP_PKEY_derive_set_peer(ctx, key_B) || /* set peer pubkey in ctx */
2995                 !EVP_PKEY_derive(ctx, NULL, &outlen) || /* determine max length */
2996                 outlen == 0 ||  /* ensure outlen is a valid size */
2997                 outlen > MAX_ECDH_SIZE /* avoid buffer overflow */ ) {
2998                 ecdh_checks = 0;
2999                 BIO_printf(bio_err, "ECDH key generation failure.\n");
3000                 ERR_print_errors(bio_err);
3001                 rsa_count = 1;
3002                 break;
3003             }
3004 
3005             /* Here we perform a test run, comparing the output of a*B and b*A;
3006              * we try this here and assume that further EVP_PKEY_derive calls
3007              * never fail, so we can skip checks in the actually benchmarked
3008              * code, for maximum performance. */
3009             if (!(test_ctx = EVP_PKEY_CTX_new(key_B, NULL)) || /* test ctx from skeyB */
3010                 !EVP_PKEY_derive_init(test_ctx) || /* init derivation test_ctx */
3011                 !EVP_PKEY_derive_set_peer(test_ctx, key_A) || /* set peer pubkey in test_ctx */
3012                 !EVP_PKEY_derive(test_ctx, NULL, &test_outlen) || /* determine max length */
3013                 !EVP_PKEY_derive(ctx, loopargs[i].secret_a, &outlen) || /* compute a*B */
3014                 !EVP_PKEY_derive(test_ctx, loopargs[i].secret_b, &test_outlen) || /* compute b*A */
3015                 test_outlen != outlen /* compare output length */ ) {
3016                 ecdh_checks = 0;
3017                 BIO_printf(bio_err, "ECDH computation failure.\n");
3018                 ERR_print_errors(bio_err);
3019                 rsa_count = 1;
3020                 break;
3021             }
3022 
3023             /* Compare the computation results: CRYPTO_memcmp() returns 0 if equal */
3024             if (CRYPTO_memcmp(loopargs[i].secret_a,
3025                               loopargs[i].secret_b, outlen)) {
3026                 ecdh_checks = 0;
3027                 BIO_printf(bio_err, "ECDH computations don't match.\n");
3028                 ERR_print_errors(bio_err);
3029                 rsa_count = 1;
3030                 break;
3031             }
3032 
3033             loopargs[i].ecdh_ctx[testnum] = ctx;
3034             loopargs[i].outlen[testnum] = outlen;
3035 
3036             EVP_PKEY_free(key_A);
3037             EVP_PKEY_free(key_B);
3038             EVP_PKEY_CTX_free(kctx);
3039             kctx = NULL;
3040             EVP_PKEY_CTX_free(test_ctx);
3041             test_ctx = NULL;
3042         }
3043         if (ecdh_checks != 0) {
3044             pkey_print_message("", "ecdh",
3045                                ecdh_c[testnum][0],
3046                                test_curves[testnum].bits, seconds.ecdh);
3047             Time_F(START);
3048             count =
3049                 run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs);
3050             d = Time_F(STOP);
3051             BIO_printf(bio_err,
3052                        mr ? "+R7:%ld:%d:%.2f\n" :
3053                        "%ld %u-bits ECDH ops in %.2fs\n", count,
3054                        test_curves[testnum].bits, d);
3055             ecdh_results[testnum][0] = (double)count / d;
3056             rsa_count = count;
3057         }
3058 
3059         if (rsa_count <= 1) {
3060             /* if longer than 10s, don't do any more */
3061             for (testnum++; testnum < OSSL_NELEM(ecdh_doit); testnum++)
3062                 ecdh_doit[testnum] = 0;
3063         }
3064     }
3065 
3066     for (testnum = 0; testnum < EdDSA_NUM; testnum++) {
3067         int st = 1;
3068         EVP_PKEY *ed_pkey = NULL;
3069         EVP_PKEY_CTX *ed_pctx = NULL;
3070 
3071         if (!eddsa_doit[testnum])
3072             continue;           /* Ignore Curve */
3073         for (i = 0; i < loopargs_len; i++) {
3074             loopargs[i].eddsa_ctx[testnum] = EVP_MD_CTX_new();
3075             if (loopargs[i].eddsa_ctx[testnum] == NULL) {
3076                 st = 0;
3077                 break;
3078             }
3079 
3080             if ((ed_pctx = EVP_PKEY_CTX_new_id(test_ed_curves[testnum].nid, NULL))
3081                     == NULL
3082                 || !EVP_PKEY_keygen_init(ed_pctx)
3083                 || !EVP_PKEY_keygen(ed_pctx, &ed_pkey)) {
3084                 st = 0;
3085                 EVP_PKEY_CTX_free(ed_pctx);
3086                 break;
3087             }
3088             EVP_PKEY_CTX_free(ed_pctx);
3089 
3090             if (!EVP_DigestSignInit(loopargs[i].eddsa_ctx[testnum], NULL, NULL,
3091                                     NULL, ed_pkey)) {
3092                 st = 0;
3093                 EVP_PKEY_free(ed_pkey);
3094                 break;
3095             }
3096             EVP_PKEY_free(ed_pkey);
3097         }
3098         if (st == 0) {
3099             BIO_printf(bio_err, "EdDSA failure.\n");
3100             ERR_print_errors(bio_err);
3101             rsa_count = 1;
3102         } else {
3103             for (i = 0; i < loopargs_len; i++) {
3104                 /* Perform EdDSA signature test */
3105                 loopargs[i].sigsize = test_ed_curves[testnum].sigsize;
3106                 st = EVP_DigestSign(loopargs[i].eddsa_ctx[testnum],
3107                                     loopargs[i].buf2, &loopargs[i].sigsize,
3108                                     loopargs[i].buf, 20);
3109                 if (st == 0)
3110                     break;
3111             }
3112             if (st == 0) {
3113                 BIO_printf(bio_err,
3114                            "EdDSA sign failure.  No EdDSA sign will be done.\n");
3115                 ERR_print_errors(bio_err);
3116                 rsa_count = 1;
3117             } else {
3118                 pkey_print_message("sign", test_ed_curves[testnum].name,
3119                                    eddsa_c[testnum][0],
3120                                    test_ed_curves[testnum].bits, seconds.eddsa);
3121                 Time_F(START);
3122                 count = run_benchmark(async_jobs, EdDSA_sign_loop, loopargs);
3123                 d = Time_F(STOP);
3124 
3125                 BIO_printf(bio_err,
3126                            mr ? "+R8:%ld:%u:%s:%.2f\n" :
3127                            "%ld %u bits %s signs in %.2fs \n",
3128                            count, test_ed_curves[testnum].bits,
3129                            test_ed_curves[testnum].name, d);
3130                 eddsa_results[testnum][0] = (double)count / d;
3131                 rsa_count = count;
3132             }
3133 
3134             /* Perform EdDSA verification test */
3135             for (i = 0; i < loopargs_len; i++) {
3136                 st = EVP_DigestVerify(loopargs[i].eddsa_ctx[testnum],
3137                                       loopargs[i].buf2, loopargs[i].sigsize,
3138                                       loopargs[i].buf, 20);
3139                 if (st != 1)
3140                     break;
3141             }
3142             if (st != 1) {
3143                 BIO_printf(bio_err,
3144                            "EdDSA verify failure.  No EdDSA verify will be done.\n");
3145                 ERR_print_errors(bio_err);
3146                 eddsa_doit[testnum] = 0;
3147             } else {
3148                 pkey_print_message("verify", test_ed_curves[testnum].name,
3149                                    eddsa_c[testnum][1],
3150                                    test_ed_curves[testnum].bits, seconds.eddsa);
3151                 Time_F(START);
3152                 count = run_benchmark(async_jobs, EdDSA_verify_loop, loopargs);
3153                 d = Time_F(STOP);
3154                 BIO_printf(bio_err,
3155                            mr ? "+R9:%ld:%u:%s:%.2f\n"
3156                            : "%ld %u bits %s verify in %.2fs\n",
3157                            count, test_ed_curves[testnum].bits,
3158                            test_ed_curves[testnum].name, d);
3159                 eddsa_results[testnum][1] = (double)count / d;
3160             }
3161 
3162             if (rsa_count <= 1) {
3163                 /* if longer than 10s, don't do any more */
3164                 for (testnum++; testnum < EdDSA_NUM; testnum++)
3165                     eddsa_doit[testnum] = 0;
3166             }
3167         }
3168     }
3169 
3170 #endif                          /* OPENSSL_NO_EC */
3171 #ifndef NO_FORK
3172  show_res:
3173 #endif
3174     if (!mr) {
3175         printf("%s\n", OpenSSL_version(OPENSSL_VERSION));
3176         printf("%s\n", OpenSSL_version(OPENSSL_BUILT_ON));
3177         printf("options:");
3178         printf("%s ", BN_options());
3179 #ifndef OPENSSL_NO_MD2
3180         printf("%s ", MD2_options());
3181 #endif
3182 #ifndef OPENSSL_NO_RC4
3183         printf("%s ", RC4_options());
3184 #endif
3185 #ifndef OPENSSL_NO_DES
3186         printf("%s ", DES_options());
3187 #endif
3188         printf("%s ", AES_options());
3189 #ifndef OPENSSL_NO_IDEA
3190         printf("%s ", IDEA_options());
3191 #endif
3192 #ifndef OPENSSL_NO_BF
3193         printf("%s ", BF_options());
3194 #endif
3195         printf("\n%s\n", OpenSSL_version(OPENSSL_CFLAGS));
3196     }
3197 
3198     if (pr_header) {
3199         if (mr)
3200             printf("+H");
3201         else {
3202             printf
3203                 ("The 'numbers' are in 1000s of bytes per second processed.\n");
3204             printf("type        ");
3205         }
3206         for (testnum = 0; testnum < size_num; testnum++)
3207             printf(mr ? ":%d" : "%7d bytes", lengths[testnum]);
3208         printf("\n");
3209     }
3210 
3211     for (k = 0; k < ALGOR_NUM; k++) {
3212         if (!doit[k])
3213             continue;
3214         if (mr)
3215             printf("+F:%u:%s", k, names[k]);
3216         else
3217             printf("%-13s", names[k]);
3218         for (testnum = 0; testnum < size_num; testnum++) {
3219             if (results[k][testnum] > 10000 && !mr)
3220                 printf(" %11.2fk", results[k][testnum] / 1e3);
3221             else
3222                 printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]);
3223         }
3224         printf("\n");
3225     }
3226 #ifndef OPENSSL_NO_RSA
3227     testnum = 1;
3228     for (k = 0; k < RSA_NUM; k++) {
3229         if (!rsa_doit[k])
3230             continue;
3231         if (testnum && !mr) {
3232             printf("%18ssign    verify    sign/s verify/s\n", " ");
3233             testnum = 0;
3234         }
3235         if (mr)
3236             printf("+F2:%u:%u:%f:%f\n",
3237                    k, rsa_bits[k], rsa_results[k][0], rsa_results[k][1]);
3238         else
3239             printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3240                    rsa_bits[k], 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1],
3241                    rsa_results[k][0], rsa_results[k][1]);
3242     }
3243 #endif
3244 #ifndef OPENSSL_NO_DSA
3245     testnum = 1;
3246     for (k = 0; k < DSA_NUM; k++) {
3247         if (!dsa_doit[k])
3248             continue;
3249         if (testnum && !mr) {
3250             printf("%18ssign    verify    sign/s verify/s\n", " ");
3251             testnum = 0;
3252         }
3253         if (mr)
3254             printf("+F3:%u:%u:%f:%f\n",
3255                    k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
3256         else
3257             printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3258                    dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1],
3259                    dsa_results[k][0], dsa_results[k][1]);
3260     }
3261 #endif
3262 #ifndef OPENSSL_NO_EC
3263     testnum = 1;
3264     for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) {
3265         if (!ecdsa_doit[k])
3266             continue;
3267         if (testnum && !mr) {
3268             printf("%30ssign    verify    sign/s verify/s\n", " ");
3269             testnum = 0;
3270         }
3271 
3272         if (mr)
3273             printf("+F4:%u:%u:%f:%f\n",
3274                    k, test_curves[k].bits,
3275                    ecdsa_results[k][0], ecdsa_results[k][1]);
3276         else
3277             printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3278                    test_curves[k].bits, test_curves[k].name,
3279                    1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1],
3280                    ecdsa_results[k][0], ecdsa_results[k][1]);
3281     }
3282 
3283     testnum = 1;
3284     for (k = 0; k < EC_NUM; k++) {
3285         if (!ecdh_doit[k])
3286             continue;
3287         if (testnum && !mr) {
3288             printf("%30sop      op/s\n", " ");
3289             testnum = 0;
3290         }
3291         if (mr)
3292             printf("+F5:%u:%u:%f:%f\n",
3293                    k, test_curves[k].bits,
3294                    ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
3295 
3296         else
3297             printf("%4u bits ecdh (%s) %8.4fs %8.1f\n",
3298                    test_curves[k].bits, test_curves[k].name,
3299                    1.0 / ecdh_results[k][0], ecdh_results[k][0]);
3300     }
3301 
3302     testnum = 1;
3303     for (k = 0; k < OSSL_NELEM(eddsa_doit); k++) {
3304         if (!eddsa_doit[k])
3305             continue;
3306         if (testnum && !mr) {
3307             printf("%30ssign    verify    sign/s verify/s\n", " ");
3308             testnum = 0;
3309         }
3310 
3311         if (mr)
3312             printf("+F6:%u:%u:%s:%f:%f\n",
3313                    k, test_ed_curves[k].bits, test_ed_curves[k].name,
3314                    eddsa_results[k][0], eddsa_results[k][1]);
3315         else
3316             printf("%4u bits EdDSA (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3317                    test_ed_curves[k].bits, test_ed_curves[k].name,
3318                    1.0 / eddsa_results[k][0], 1.0 / eddsa_results[k][1],
3319                    eddsa_results[k][0], eddsa_results[k][1]);
3320     }
3321 #endif
3322 
3323     ret = 0;
3324 
3325  end:
3326     ERR_print_errors(bio_err);
3327     for (i = 0; i < loopargs_len; i++) {
3328         OPENSSL_free(loopargs[i].buf_malloc);
3329         OPENSSL_free(loopargs[i].buf2_malloc);
3330 
3331 #ifndef OPENSSL_NO_RSA
3332         for (k = 0; k < RSA_NUM; k++)
3333             RSA_free(loopargs[i].rsa_key[k]);
3334 #endif
3335 #ifndef OPENSSL_NO_DSA
3336         for (k = 0; k < DSA_NUM; k++)
3337             DSA_free(loopargs[i].dsa_key[k]);
3338 #endif
3339 #ifndef OPENSSL_NO_EC
3340         for (k = 0; k < ECDSA_NUM; k++)
3341             EC_KEY_free(loopargs[i].ecdsa[k]);
3342         for (k = 0; k < EC_NUM; k++)
3343             EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]);
3344         for (k = 0; k < EdDSA_NUM; k++)
3345             EVP_MD_CTX_free(loopargs[i].eddsa_ctx[k]);
3346         OPENSSL_free(loopargs[i].secret_a);
3347         OPENSSL_free(loopargs[i].secret_b);
3348 #endif
3349     }
3350 
3351     if (async_jobs > 0) {
3352         for (i = 0; i < loopargs_len; i++)
3353             ASYNC_WAIT_CTX_free(loopargs[i].wait_ctx);
3354     }
3355 
3356     if (async_init) {
3357         ASYNC_cleanup_thread();
3358     }
3359     OPENSSL_free(loopargs);
3360     release_engine(e);
3361     return ret;
3362 }
3363 
3364 static void print_message(const char *s, long num, int length, int tm)
3365 {
3366 #ifdef SIGALRM
3367     BIO_printf(bio_err,
3368                mr ? "+DT:%s:%d:%d\n"
3369                : "Doing %s for %ds on %d size blocks: ", s, tm, length);
3370     (void)BIO_flush(bio_err);
3371     alarm(tm);
3372 #else
3373     BIO_printf(bio_err,
3374                mr ? "+DN:%s:%ld:%d\n"
3375                : "Doing %s %ld times on %d size blocks: ", s, num, length);
3376     (void)BIO_flush(bio_err);
3377 #endif
3378 }
3379 
3380 static void pkey_print_message(const char *str, const char *str2, long num,
3381                                unsigned int bits, int tm)
3382 {
3383 #ifdef SIGALRM
3384     BIO_printf(bio_err,
3385                mr ? "+DTP:%d:%s:%s:%d\n"
3386                : "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm);
3387     (void)BIO_flush(bio_err);
3388     alarm(tm);
3389 #else
3390     BIO_printf(bio_err,
3391                mr ? "+DNP:%ld:%d:%s:%s\n"
3392                : "Doing %ld %u bits %s %s's: ", num, bits, str, str2);
3393     (void)BIO_flush(bio_err);
3394 #endif
3395 }
3396 
3397 static void print_result(int alg, int run_no, int count, double time_used)
3398 {
3399     if (count == -1) {
3400         BIO_puts(bio_err, "EVP error!\n");
3401         exit(1);
3402     }
3403     BIO_printf(bio_err,
3404                mr ? "+R:%d:%s:%f\n"
3405                : "%d %s's in %.2fs\n", count, names[alg], time_used);
3406     results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
3407 }
3408 
3409 #ifndef NO_FORK
3410 static char *sstrsep(char **string, const char *delim)
3411 {
3412     char isdelim[256];
3413     char *token = *string;
3414 
3415     if (**string == 0)
3416         return NULL;
3417 
3418     memset(isdelim, 0, sizeof(isdelim));
3419     isdelim[0] = 1;
3420 
3421     while (*delim) {
3422         isdelim[(unsigned char)(*delim)] = 1;
3423         delim++;
3424     }
3425 
3426     while (!isdelim[(unsigned char)(**string)]) {
3427         (*string)++;
3428     }
3429 
3430     if (**string) {
3431         **string = 0;
3432         (*string)++;
3433     }
3434 
3435     return token;
3436 }
3437 
3438 static int do_multi(int multi, int size_num)
3439 {
3440     int n;
3441     int fd[2];
3442     int *fds;
3443     static char sep[] = ":";
3444 
3445     fds = app_malloc(sizeof(*fds) * multi, "fd buffer for do_multi");
3446     for (n = 0; n < multi; ++n) {
3447         if (pipe(fd) == -1) {
3448             BIO_printf(bio_err, "pipe failure\n");
3449             exit(1);
3450         }
3451         fflush(stdout);
3452         (void)BIO_flush(bio_err);
3453         if (fork()) {
3454             close(fd[1]);
3455             fds[n] = fd[0];
3456         } else {
3457             close(fd[0]);
3458             close(1);
3459             if (dup(fd[1]) == -1) {
3460                 BIO_printf(bio_err, "dup failed\n");
3461                 exit(1);
3462             }
3463             close(fd[1]);
3464             mr = 1;
3465             usertime = 0;
3466             free(fds);
3467             return 0;
3468         }
3469         printf("Forked child %d\n", n);
3470     }
3471 
3472     /* for now, assume the pipe is long enough to take all the output */
3473     for (n = 0; n < multi; ++n) {
3474         FILE *f;
3475         char buf[1024];
3476         char *p;
3477 
3478         f = fdopen(fds[n], "r");
3479         while (fgets(buf, sizeof(buf), f)) {
3480             p = strchr(buf, '\n');
3481             if (p)
3482                 *p = '\0';
3483             if (buf[0] != '+') {
3484                 BIO_printf(bio_err,
3485                            "Don't understand line '%s' from child %d\n", buf,
3486                            n);
3487                 continue;
3488             }
3489             printf("Got: %s from %d\n", buf, n);
3490             if (strncmp(buf, "+F:", 3) == 0) {
3491                 int alg;
3492                 int j;
3493 
3494                 p = buf + 3;
3495                 alg = atoi(sstrsep(&p, sep));
3496                 sstrsep(&p, sep);
3497                 for (j = 0; j < size_num; ++j)
3498                     results[alg][j] += atof(sstrsep(&p, sep));
3499             } else if (strncmp(buf, "+F2:", 4) == 0) {
3500                 int k;
3501                 double d;
3502 
3503                 p = buf + 4;
3504                 k = atoi(sstrsep(&p, sep));
3505                 sstrsep(&p, sep);
3506 
3507                 d = atof(sstrsep(&p, sep));
3508                 rsa_results[k][0] += d;
3509 
3510                 d = atof(sstrsep(&p, sep));
3511                 rsa_results[k][1] += d;
3512             }
3513 # ifndef OPENSSL_NO_DSA
3514             else if (strncmp(buf, "+F3:", 4) == 0) {
3515                 int k;
3516                 double d;
3517 
3518                 p = buf + 4;
3519                 k = atoi(sstrsep(&p, sep));
3520                 sstrsep(&p, sep);
3521 
3522                 d = atof(sstrsep(&p, sep));
3523                 dsa_results[k][0] += d;
3524 
3525                 d = atof(sstrsep(&p, sep));
3526                 dsa_results[k][1] += d;
3527             }
3528 # endif
3529 # ifndef OPENSSL_NO_EC
3530             else if (strncmp(buf, "+F4:", 4) == 0) {
3531                 int k;
3532                 double d;
3533 
3534                 p = buf + 4;
3535                 k = atoi(sstrsep(&p, sep));
3536                 sstrsep(&p, sep);
3537 
3538                 d = atof(sstrsep(&p, sep));
3539                 ecdsa_results[k][0] += d;
3540 
3541                 d = atof(sstrsep(&p, sep));
3542                 ecdsa_results[k][1] += d;
3543             } else if (strncmp(buf, "+F5:", 4) == 0) {
3544                 int k;
3545                 double d;
3546 
3547                 p = buf + 4;
3548                 k = atoi(sstrsep(&p, sep));
3549                 sstrsep(&p, sep);
3550 
3551                 d = atof(sstrsep(&p, sep));
3552                 ecdh_results[k][0] += d;
3553             } else if (strncmp(buf, "+F6:", 4) == 0) {
3554                 int k;
3555                 double d;
3556 
3557                 p = buf + 4;
3558                 k = atoi(sstrsep(&p, sep));
3559                 sstrsep(&p, sep);
3560 
3561                 d = atof(sstrsep(&p, sep));
3562                 eddsa_results[k][0] += d;
3563 
3564                 d = atof(sstrsep(&p, sep));
3565                 eddsa_results[k][1] += d;
3566             }
3567 # endif
3568 
3569             else if (strncmp(buf, "+H:", 3) == 0) {
3570                 ;
3571             } else
3572                 BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf,
3573                            n);
3574         }
3575 
3576         fclose(f);
3577     }
3578     free(fds);
3579     return 1;
3580 }
3581 #endif
3582 
3583 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
3584                              const openssl_speed_sec_t *seconds)
3585 {
3586     static const int mblengths_list[] =
3587         { 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 };
3588     const int *mblengths = mblengths_list;
3589     int j, count, keylen, num = OSSL_NELEM(mblengths_list);
3590     const char *alg_name;
3591     unsigned char *inp, *out, *key, no_key[32], no_iv[16];
3592     EVP_CIPHER_CTX *ctx;
3593     double d = 0.0;
3594 
3595     if (lengths_single) {
3596         mblengths = &lengths_single;
3597         num = 1;
3598     }
3599 
3600     inp = app_malloc(mblengths[num - 1], "multiblock input buffer");
3601     out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer");
3602     ctx = EVP_CIPHER_CTX_new();
3603     EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv);
3604 
3605     keylen = EVP_CIPHER_CTX_key_length(ctx);
3606     key = app_malloc(keylen, "evp_cipher key");
3607     EVP_CIPHER_CTX_rand_key(ctx, key);
3608     EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
3609     OPENSSL_clear_free(key, keylen);
3610 
3611     EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key), no_key);
3612     alg_name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
3613 
3614     for (j = 0; j < num; j++) {
3615         print_message(alg_name, 0, mblengths[j], seconds->sym);
3616         Time_F(START);
3617         for (count = 0, run = 1; run && count < 0x7fffffff; count++) {
3618             unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
3619             EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
3620             size_t len = mblengths[j];
3621             int packlen;
3622 
3623             memset(aad, 0, 8);  /* avoid uninitialized values */
3624             aad[8] = 23;        /* SSL3_RT_APPLICATION_DATA */
3625             aad[9] = 3;         /* version */
3626             aad[10] = 2;
3627             aad[11] = 0;        /* length */
3628             aad[12] = 0;
3629             mb_param.out = NULL;
3630             mb_param.inp = aad;
3631             mb_param.len = len;
3632             mb_param.interleave = 8;
3633 
3634             packlen = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
3635                                           sizeof(mb_param), &mb_param);
3636 
3637             if (packlen > 0) {
3638                 mb_param.out = out;
3639                 mb_param.inp = inp;
3640                 mb_param.len = len;
3641                 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
3642                                     sizeof(mb_param), &mb_param);
3643             } else {
3644                 int pad;
3645 
3646                 RAND_bytes(out, 16);
3647                 len += 16;
3648                 aad[11] = (unsigned char)(len >> 8);
3649                 aad[12] = (unsigned char)(len);
3650                 pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD,
3651                                           EVP_AEAD_TLS1_AAD_LEN, aad);
3652                 EVP_Cipher(ctx, out, inp, len + pad);
3653             }
3654         }
3655         d = Time_F(STOP);
3656         BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n"
3657                    : "%d %s's in %.2fs\n", count, "evp", d);
3658         results[D_EVP][j] = ((double)count) / d * mblengths[j];
3659     }
3660 
3661     if (mr) {
3662         fprintf(stdout, "+H");
3663         for (j = 0; j < num; j++)
3664             fprintf(stdout, ":%d", mblengths[j]);
3665         fprintf(stdout, "\n");
3666         fprintf(stdout, "+F:%d:%s", D_EVP, alg_name);
3667         for (j = 0; j < num; j++)
3668             fprintf(stdout, ":%.2f", results[D_EVP][j]);
3669         fprintf(stdout, "\n");
3670     } else {
3671         fprintf(stdout,
3672                 "The 'numbers' are in 1000s of bytes per second processed.\n");
3673         fprintf(stdout, "type                    ");
3674         for (j = 0; j < num; j++)
3675             fprintf(stdout, "%7d bytes", mblengths[j]);
3676         fprintf(stdout, "\n");
3677         fprintf(stdout, "%-24s", alg_name);
3678 
3679         for (j = 0; j < num; j++) {
3680             if (results[D_EVP][j] > 10000)
3681                 fprintf(stdout, " %11.2fk", results[D_EVP][j] / 1e3);
3682             else
3683                 fprintf(stdout, " %11.2f ", results[D_EVP][j]);
3684         }
3685         fprintf(stdout, "\n");
3686     }
3687 
3688     OPENSSL_free(inp);
3689     OPENSSL_free(out);
3690     EVP_CIPHER_CTX_free(ctx);
3691 }
3692