xref: /freebsd/crypto/openssl/apps/speed.c (revision 66df505066f51e6d8411b966765d828817f88971)
1 /*
2  * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
3  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
4  *
5  * Licensed under the OpenSSL license (the "License").  You may not use
6  * this file except in compliance with the License.  You can obtain a copy
7  * in the file LICENSE in the source distribution or at
8  * https://www.openssl.org/source/license.html
9  */
10 
11 #undef SECONDS
12 #define SECONDS                 3
13 #define RSA_SECONDS             10
14 #define DSA_SECONDS             10
15 #define ECDSA_SECONDS   10
16 #define ECDH_SECONDS    10
17 #define EdDSA_SECONDS   10
18 
19 #include <stdio.h>
20 #include <stdlib.h>
21 #include <string.h>
22 #include <math.h>
23 #include "apps.h"
24 #include "progs.h"
25 #include <openssl/crypto.h>
26 #include <openssl/rand.h>
27 #include <openssl/err.h>
28 #include <openssl/evp.h>
29 #include <openssl/objects.h>
30 #include <openssl/async.h>
31 #if !defined(OPENSSL_SYS_MSDOS)
32 # include OPENSSL_UNISTD
33 #endif
34 
35 #if defined(_WIN32)
36 # include <windows.h>
37 #endif
38 
39 #include <openssl/bn.h>
40 #ifndef OPENSSL_NO_DES
41 # include <openssl/des.h>
42 #endif
43 #include <openssl/aes.h>
44 #ifndef OPENSSL_NO_CAMELLIA
45 # include <openssl/camellia.h>
46 #endif
47 #ifndef OPENSSL_NO_MD2
48 # include <openssl/md2.h>
49 #endif
50 #ifndef OPENSSL_NO_MDC2
51 # include <openssl/mdc2.h>
52 #endif
53 #ifndef OPENSSL_NO_MD4
54 # include <openssl/md4.h>
55 #endif
56 #ifndef OPENSSL_NO_MD5
57 # include <openssl/md5.h>
58 #endif
59 #include <openssl/hmac.h>
60 #include <openssl/sha.h>
61 #ifndef OPENSSL_NO_RMD160
62 # include <openssl/ripemd.h>
63 #endif
64 #ifndef OPENSSL_NO_WHIRLPOOL
65 # include <openssl/whrlpool.h>
66 #endif
67 #ifndef OPENSSL_NO_RC4
68 # include <openssl/rc4.h>
69 #endif
70 #ifndef OPENSSL_NO_RC5
71 # include <openssl/rc5.h>
72 #endif
73 #ifndef OPENSSL_NO_RC2
74 # include <openssl/rc2.h>
75 #endif
76 #ifndef OPENSSL_NO_IDEA
77 # include <openssl/idea.h>
78 #endif
79 #ifndef OPENSSL_NO_SEED
80 # include <openssl/seed.h>
81 #endif
82 #ifndef OPENSSL_NO_BF
83 # include <openssl/blowfish.h>
84 #endif
85 #ifndef OPENSSL_NO_CAST
86 # include <openssl/cast.h>
87 #endif
88 #ifndef OPENSSL_NO_RSA
89 # include <openssl/rsa.h>
90 # include "./testrsa.h"
91 #endif
92 #include <openssl/x509.h>
93 #ifndef OPENSSL_NO_DSA
94 # include <openssl/dsa.h>
95 # include "./testdsa.h"
96 #endif
97 #ifndef OPENSSL_NO_EC
98 # include <openssl/ec.h>
99 #endif
100 #include <openssl/modes.h>
101 
102 #ifndef HAVE_FORK
103 # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS)
104 #  define HAVE_FORK 0
105 # else
106 #  define HAVE_FORK 1
107 # endif
108 #endif
109 
110 #if HAVE_FORK
111 # undef NO_FORK
112 #else
113 # define NO_FORK
114 #endif
115 
116 #define MAX_MISALIGNMENT 63
117 #define MAX_ECDH_SIZE   256
118 #define MISALIGN        64
119 
120 typedef struct openssl_speed_sec_st {
121     int sym;
122     int rsa;
123     int dsa;
124     int ecdsa;
125     int ecdh;
126     int eddsa;
127 } openssl_speed_sec_t;
128 
129 static volatile int run = 0;
130 
131 static int mr = 0;
132 static int usertime = 1;
133 
134 #ifndef OPENSSL_NO_MD2
135 static int EVP_Digest_MD2_loop(void *args);
136 #endif
137 
138 #ifndef OPENSSL_NO_MDC2
139 static int EVP_Digest_MDC2_loop(void *args);
140 #endif
141 #ifndef OPENSSL_NO_MD4
142 static int EVP_Digest_MD4_loop(void *args);
143 #endif
144 #ifndef OPENSSL_NO_MD5
145 static int MD5_loop(void *args);
146 static int HMAC_loop(void *args);
147 #endif
148 static int SHA1_loop(void *args);
149 static int SHA256_loop(void *args);
150 static int SHA512_loop(void *args);
151 #ifndef OPENSSL_NO_WHIRLPOOL
152 static int WHIRLPOOL_loop(void *args);
153 #endif
154 #ifndef OPENSSL_NO_RMD160
155 static int EVP_Digest_RMD160_loop(void *args);
156 #endif
157 #ifndef OPENSSL_NO_RC4
158 static int RC4_loop(void *args);
159 #endif
160 #ifndef OPENSSL_NO_DES
161 static int DES_ncbc_encrypt_loop(void *args);
162 static int DES_ede3_cbc_encrypt_loop(void *args);
163 #endif
164 static int AES_cbc_128_encrypt_loop(void *args);
165 static int AES_cbc_192_encrypt_loop(void *args);
166 static int AES_ige_128_encrypt_loop(void *args);
167 static int AES_cbc_256_encrypt_loop(void *args);
168 static int AES_ige_192_encrypt_loop(void *args);
169 static int AES_ige_256_encrypt_loop(void *args);
170 static int CRYPTO_gcm128_aad_loop(void *args);
171 static int RAND_bytes_loop(void *args);
172 static int EVP_Update_loop(void *args);
173 static int EVP_Update_loop_ccm(void *args);
174 static int EVP_Update_loop_aead(void *args);
175 static int EVP_Digest_loop(void *args);
176 #ifndef OPENSSL_NO_RSA
177 static int RSA_sign_loop(void *args);
178 static int RSA_verify_loop(void *args);
179 #endif
180 #ifndef OPENSSL_NO_DSA
181 static int DSA_sign_loop(void *args);
182 static int DSA_verify_loop(void *args);
183 #endif
184 #ifndef OPENSSL_NO_EC
185 static int ECDSA_sign_loop(void *args);
186 static int ECDSA_verify_loop(void *args);
187 static int EdDSA_sign_loop(void *args);
188 static int EdDSA_verify_loop(void *args);
189 #endif
190 
191 static double Time_F(int s);
192 static void print_message(const char *s, long num, int length, int tm);
193 static void pkey_print_message(const char *str, const char *str2,
194                                long num, unsigned int bits, int sec);
195 static void print_result(int alg, int run_no, int count, double time_used);
196 #ifndef NO_FORK
197 static int do_multi(int multi, int size_num);
198 #endif
199 
200 static const int lengths_list[] = {
201     16, 64, 256, 1024, 8 * 1024, 16 * 1024
202 };
203 static const int *lengths = lengths_list;
204 
205 static const int aead_lengths_list[] = {
206     2, 31, 136, 1024, 8 * 1024, 16 * 1024
207 };
208 
209 #define START   0
210 #define STOP    1
211 
212 #ifdef SIGALRM
213 
214 static void alarmed(int sig)
215 {
216     signal(SIGALRM, alarmed);
217     run = 0;
218 }
219 
220 static double Time_F(int s)
221 {
222     double ret = app_tminterval(s, usertime);
223     if (s == STOP)
224         alarm(0);
225     return ret;
226 }
227 
228 #elif defined(_WIN32)
229 
230 # define SIGALRM -1
231 
232 static unsigned int lapse;
233 static volatile unsigned int schlock;
234 static void alarm_win32(unsigned int secs)
235 {
236     lapse = secs * 1000;
237 }
238 
239 # define alarm alarm_win32
240 
241 static DWORD WINAPI sleepy(VOID * arg)
242 {
243     schlock = 1;
244     Sleep(lapse);
245     run = 0;
246     return 0;
247 }
248 
249 static double Time_F(int s)
250 {
251     double ret;
252     static HANDLE thr;
253 
254     if (s == START) {
255         schlock = 0;
256         thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
257         if (thr == NULL) {
258             DWORD err = GetLastError();
259             BIO_printf(bio_err, "unable to CreateThread (%lu)", err);
260             ExitProcess(err);
261         }
262         while (!schlock)
263             Sleep(0);           /* scheduler spinlock */
264         ret = app_tminterval(s, usertime);
265     } else {
266         ret = app_tminterval(s, usertime);
267         if (run)
268             TerminateThread(thr, 0);
269         CloseHandle(thr);
270     }
271 
272     return ret;
273 }
274 #else
275 static double Time_F(int s)
276 {
277     return app_tminterval(s, usertime);
278 }
279 #endif
280 
281 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
282                              const openssl_speed_sec_t *seconds);
283 
284 #define found(value, pairs, result)\
285     opt_found(value, result, pairs, OSSL_NELEM(pairs))
286 static int opt_found(const char *name, unsigned int *result,
287                      const OPT_PAIR pairs[], unsigned int nbelem)
288 {
289     unsigned int idx;
290 
291     for (idx = 0; idx < nbelem; ++idx, pairs++)
292         if (strcmp(name, pairs->name) == 0) {
293             *result = pairs->retval;
294             return 1;
295         }
296     return 0;
297 }
298 
299 typedef enum OPTION_choice {
300     OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
301     OPT_ELAPSED, OPT_EVP, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
302     OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM,
303     OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD
304 } OPTION_CHOICE;
305 
306 const OPTIONS speed_options[] = {
307     {OPT_HELP_STR, 1, '-', "Usage: %s [options] ciphers...\n"},
308     {OPT_HELP_STR, 1, '-', "Valid options are:\n"},
309     {"help", OPT_HELP, '-', "Display this summary"},
310     {"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"},
311     {"decrypt", OPT_DECRYPT, '-',
312      "Time decryption instead of encryption (only EVP)"},
313     {"aead", OPT_AEAD, '-',
314      "Benchmark EVP-named AEAD cipher in TLS-like sequence"},
315     {"mb", OPT_MB, '-',
316      "Enable (tls1>=1) multi-block mode on EVP-named cipher"},
317     {"mr", OPT_MR, '-', "Produce machine readable output"},
318 #ifndef NO_FORK
319     {"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"},
320 #endif
321 #ifndef OPENSSL_NO_ASYNC
322     {"async_jobs", OPT_ASYNCJOBS, 'p',
323      "Enable async mode and start specified number of jobs"},
324 #endif
325     OPT_R_OPTIONS,
326 #ifndef OPENSSL_NO_ENGINE
327     {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
328 #endif
329     {"elapsed", OPT_ELAPSED, '-',
330      "Use wall-clock time instead of CPU user time as divisor"},
331     {"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"},
332     {"seconds", OPT_SECONDS, 'p',
333      "Run benchmarks for specified amount of seconds"},
334     {"bytes", OPT_BYTES, 'p',
335      "Run [non-PKI] benchmarks on custom-sized buffer"},
336     {"misalign", OPT_MISALIGN, 'p',
337      "Use specified offset to mis-align buffers"},
338     {NULL}
339 };
340 
341 #define D_MD2           0
342 #define D_MDC2          1
343 #define D_MD4           2
344 #define D_MD5           3
345 #define D_HMAC          4
346 #define D_SHA1          5
347 #define D_RMD160        6
348 #define D_RC4           7
349 #define D_CBC_DES       8
350 #define D_EDE3_DES      9
351 #define D_CBC_IDEA      10
352 #define D_CBC_SEED      11
353 #define D_CBC_RC2       12
354 #define D_CBC_RC5       13
355 #define D_CBC_BF        14
356 #define D_CBC_CAST      15
357 #define D_CBC_128_AES   16
358 #define D_CBC_192_AES   17
359 #define D_CBC_256_AES   18
360 #define D_CBC_128_CML   19
361 #define D_CBC_192_CML   20
362 #define D_CBC_256_CML   21
363 #define D_EVP           22
364 #define D_SHA256        23
365 #define D_SHA512        24
366 #define D_WHIRLPOOL     25
367 #define D_IGE_128_AES   26
368 #define D_IGE_192_AES   27
369 #define D_IGE_256_AES   28
370 #define D_GHASH         29
371 #define D_RAND          30
372 /* name of algorithms to test */
373 static const char *names[] = {
374     "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
375     "des cbc", "des ede3", "idea cbc", "seed cbc",
376     "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
377     "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
378     "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
379     "evp", "sha256", "sha512", "whirlpool",
380     "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
381     "rand"
382 };
383 #define ALGOR_NUM       OSSL_NELEM(names)
384 
385 /* list of configured algorithm (remaining) */
386 static const OPT_PAIR doit_choices[] = {
387 #ifndef OPENSSL_NO_MD2
388     {"md2", D_MD2},
389 #endif
390 #ifndef OPENSSL_NO_MDC2
391     {"mdc2", D_MDC2},
392 #endif
393 #ifndef OPENSSL_NO_MD4
394     {"md4", D_MD4},
395 #endif
396 #ifndef OPENSSL_NO_MD5
397     {"md5", D_MD5},
398     {"hmac", D_HMAC},
399 #endif
400     {"sha1", D_SHA1},
401     {"sha256", D_SHA256},
402     {"sha512", D_SHA512},
403 #ifndef OPENSSL_NO_WHIRLPOOL
404     {"whirlpool", D_WHIRLPOOL},
405 #endif
406 #ifndef OPENSSL_NO_RMD160
407     {"ripemd", D_RMD160},
408     {"rmd160", D_RMD160},
409     {"ripemd160", D_RMD160},
410 #endif
411 #ifndef OPENSSL_NO_RC4
412     {"rc4", D_RC4},
413 #endif
414 #ifndef OPENSSL_NO_DES
415     {"des-cbc", D_CBC_DES},
416     {"des-ede3", D_EDE3_DES},
417 #endif
418     {"aes-128-cbc", D_CBC_128_AES},
419     {"aes-192-cbc", D_CBC_192_AES},
420     {"aes-256-cbc", D_CBC_256_AES},
421     {"aes-128-ige", D_IGE_128_AES},
422     {"aes-192-ige", D_IGE_192_AES},
423     {"aes-256-ige", D_IGE_256_AES},
424 #ifndef OPENSSL_NO_RC2
425     {"rc2-cbc", D_CBC_RC2},
426     {"rc2", D_CBC_RC2},
427 #endif
428 #ifndef OPENSSL_NO_RC5
429     {"rc5-cbc", D_CBC_RC5},
430     {"rc5", D_CBC_RC5},
431 #endif
432 #ifndef OPENSSL_NO_IDEA
433     {"idea-cbc", D_CBC_IDEA},
434     {"idea", D_CBC_IDEA},
435 #endif
436 #ifndef OPENSSL_NO_SEED
437     {"seed-cbc", D_CBC_SEED},
438     {"seed", D_CBC_SEED},
439 #endif
440 #ifndef OPENSSL_NO_BF
441     {"bf-cbc", D_CBC_BF},
442     {"blowfish", D_CBC_BF},
443     {"bf", D_CBC_BF},
444 #endif
445 #ifndef OPENSSL_NO_CAST
446     {"cast-cbc", D_CBC_CAST},
447     {"cast", D_CBC_CAST},
448     {"cast5", D_CBC_CAST},
449 #endif
450     {"ghash", D_GHASH},
451     {"rand", D_RAND}
452 };
453 
454 static double results[ALGOR_NUM][OSSL_NELEM(lengths_list)];
455 
456 #ifndef OPENSSL_NO_DSA
457 # define R_DSA_512       0
458 # define R_DSA_1024      1
459 # define R_DSA_2048      2
460 static const OPT_PAIR dsa_choices[] = {
461     {"dsa512", R_DSA_512},
462     {"dsa1024", R_DSA_1024},
463     {"dsa2048", R_DSA_2048}
464 };
465 # define DSA_NUM         OSSL_NELEM(dsa_choices)
466 
467 static double dsa_results[DSA_NUM][2];  /* 2 ops: sign then verify */
468 #endif  /* OPENSSL_NO_DSA */
469 
470 #define R_RSA_512       0
471 #define R_RSA_1024      1
472 #define R_RSA_2048      2
473 #define R_RSA_3072      3
474 #define R_RSA_4096      4
475 #define R_RSA_7680      5
476 #define R_RSA_15360     6
477 #ifndef OPENSSL_NO_RSA
478 static const OPT_PAIR rsa_choices[] = {
479     {"rsa512", R_RSA_512},
480     {"rsa1024", R_RSA_1024},
481     {"rsa2048", R_RSA_2048},
482     {"rsa3072", R_RSA_3072},
483     {"rsa4096", R_RSA_4096},
484     {"rsa7680", R_RSA_7680},
485     {"rsa15360", R_RSA_15360}
486 };
487 # define RSA_NUM OSSL_NELEM(rsa_choices)
488 
489 static double rsa_results[RSA_NUM][2];  /* 2 ops: sign then verify */
490 #endif /* OPENSSL_NO_RSA */
491 
492 enum {
493     R_EC_P160,
494     R_EC_P192,
495     R_EC_P224,
496     R_EC_P256,
497     R_EC_P384,
498     R_EC_P521,
499 #ifndef OPENSSL_NO_EC2M
500     R_EC_K163,
501     R_EC_K233,
502     R_EC_K283,
503     R_EC_K409,
504     R_EC_K571,
505     R_EC_B163,
506     R_EC_B233,
507     R_EC_B283,
508     R_EC_B409,
509     R_EC_B571,
510 #endif
511     R_EC_BRP256R1,
512     R_EC_BRP256T1,
513     R_EC_BRP384R1,
514     R_EC_BRP384T1,
515     R_EC_BRP512R1,
516     R_EC_BRP512T1,
517     R_EC_X25519,
518     R_EC_X448
519 };
520 
521 #ifndef OPENSSL_NO_EC
522 static OPT_PAIR ecdsa_choices[] = {
523     {"ecdsap160", R_EC_P160},
524     {"ecdsap192", R_EC_P192},
525     {"ecdsap224", R_EC_P224},
526     {"ecdsap256", R_EC_P256},
527     {"ecdsap384", R_EC_P384},
528     {"ecdsap521", R_EC_P521},
529 # ifndef OPENSSL_NO_EC2M
530     {"ecdsak163", R_EC_K163},
531     {"ecdsak233", R_EC_K233},
532     {"ecdsak283", R_EC_K283},
533     {"ecdsak409", R_EC_K409},
534     {"ecdsak571", R_EC_K571},
535     {"ecdsab163", R_EC_B163},
536     {"ecdsab233", R_EC_B233},
537     {"ecdsab283", R_EC_B283},
538     {"ecdsab409", R_EC_B409},
539     {"ecdsab571", R_EC_B571},
540 # endif
541     {"ecdsabrp256r1", R_EC_BRP256R1},
542     {"ecdsabrp256t1", R_EC_BRP256T1},
543     {"ecdsabrp384r1", R_EC_BRP384R1},
544     {"ecdsabrp384t1", R_EC_BRP384T1},
545     {"ecdsabrp512r1", R_EC_BRP512R1},
546     {"ecdsabrp512t1", R_EC_BRP512T1}
547 };
548 # define ECDSA_NUM       OSSL_NELEM(ecdsa_choices)
549 
550 static double ecdsa_results[ECDSA_NUM][2];    /* 2 ops: sign then verify */
551 
552 static const OPT_PAIR ecdh_choices[] = {
553     {"ecdhp160", R_EC_P160},
554     {"ecdhp192", R_EC_P192},
555     {"ecdhp224", R_EC_P224},
556     {"ecdhp256", R_EC_P256},
557     {"ecdhp384", R_EC_P384},
558     {"ecdhp521", R_EC_P521},
559 # ifndef OPENSSL_NO_EC2M
560     {"ecdhk163", R_EC_K163},
561     {"ecdhk233", R_EC_K233},
562     {"ecdhk283", R_EC_K283},
563     {"ecdhk409", R_EC_K409},
564     {"ecdhk571", R_EC_K571},
565     {"ecdhb163", R_EC_B163},
566     {"ecdhb233", R_EC_B233},
567     {"ecdhb283", R_EC_B283},
568     {"ecdhb409", R_EC_B409},
569     {"ecdhb571", R_EC_B571},
570 # endif
571     {"ecdhbrp256r1", R_EC_BRP256R1},
572     {"ecdhbrp256t1", R_EC_BRP256T1},
573     {"ecdhbrp384r1", R_EC_BRP384R1},
574     {"ecdhbrp384t1", R_EC_BRP384T1},
575     {"ecdhbrp512r1", R_EC_BRP512R1},
576     {"ecdhbrp512t1", R_EC_BRP512T1},
577     {"ecdhx25519", R_EC_X25519},
578     {"ecdhx448", R_EC_X448}
579 };
580 # define EC_NUM       OSSL_NELEM(ecdh_choices)
581 
582 static double ecdh_results[EC_NUM][1];  /* 1 op: derivation */
583 
584 #define R_EC_Ed25519    0
585 #define R_EC_Ed448      1
586 static OPT_PAIR eddsa_choices[] = {
587     {"ed25519", R_EC_Ed25519},
588     {"ed448", R_EC_Ed448}
589 };
590 # define EdDSA_NUM       OSSL_NELEM(eddsa_choices)
591 
592 static double eddsa_results[EdDSA_NUM][2];    /* 2 ops: sign then verify */
593 #endif /* OPENSSL_NO_EC */
594 
595 #ifndef SIGALRM
596 # define COND(d) (count < (d))
597 # define COUNT(d) (d)
598 #else
599 # define COND(unused_cond) (run && count<0x7fffffff)
600 # define COUNT(d) (count)
601 #endif                          /* SIGALRM */
602 
603 typedef struct loopargs_st {
604     ASYNC_JOB *inprogress_job;
605     ASYNC_WAIT_CTX *wait_ctx;
606     unsigned char *buf;
607     unsigned char *buf2;
608     unsigned char *buf_malloc;
609     unsigned char *buf2_malloc;
610     unsigned char *key;
611     unsigned int siglen;
612     size_t sigsize;
613 #ifndef OPENSSL_NO_RSA
614     RSA *rsa_key[RSA_NUM];
615 #endif
616 #ifndef OPENSSL_NO_DSA
617     DSA *dsa_key[DSA_NUM];
618 #endif
619 #ifndef OPENSSL_NO_EC
620     EC_KEY *ecdsa[ECDSA_NUM];
621     EVP_PKEY_CTX *ecdh_ctx[EC_NUM];
622     EVP_MD_CTX *eddsa_ctx[EdDSA_NUM];
623     unsigned char *secret_a;
624     unsigned char *secret_b;
625     size_t outlen[EC_NUM];
626 #endif
627     EVP_CIPHER_CTX *ctx;
628     HMAC_CTX *hctx;
629     GCM128_CONTEXT *gcm_ctx;
630 } loopargs_t;
631 static int run_benchmark(int async_jobs, int (*loop_function) (void *),
632                          loopargs_t * loopargs);
633 
634 static unsigned int testnum;
635 
636 /* Nb of iterations to do per algorithm and key-size */
637 static long c[ALGOR_NUM][OSSL_NELEM(lengths_list)];
638 
639 #ifndef OPENSSL_NO_MD2
640 static int EVP_Digest_MD2_loop(void *args)
641 {
642     loopargs_t *tempargs = *(loopargs_t **) args;
643     unsigned char *buf = tempargs->buf;
644     unsigned char md2[MD2_DIGEST_LENGTH];
645     int count;
646 
647     for (count = 0; COND(c[D_MD2][testnum]); count++) {
648         if (!EVP_Digest(buf, (size_t)lengths[testnum], md2, NULL, EVP_md2(),
649                         NULL))
650             return -1;
651     }
652     return count;
653 }
654 #endif
655 
656 #ifndef OPENSSL_NO_MDC2
657 static int EVP_Digest_MDC2_loop(void *args)
658 {
659     loopargs_t *tempargs = *(loopargs_t **) args;
660     unsigned char *buf = tempargs->buf;
661     unsigned char mdc2[MDC2_DIGEST_LENGTH];
662     int count;
663 
664     for (count = 0; COND(c[D_MDC2][testnum]); count++) {
665         if (!EVP_Digest(buf, (size_t)lengths[testnum], mdc2, NULL, EVP_mdc2(),
666                         NULL))
667             return -1;
668     }
669     return count;
670 }
671 #endif
672 
673 #ifndef OPENSSL_NO_MD4
674 static int EVP_Digest_MD4_loop(void *args)
675 {
676     loopargs_t *tempargs = *(loopargs_t **) args;
677     unsigned char *buf = tempargs->buf;
678     unsigned char md4[MD4_DIGEST_LENGTH];
679     int count;
680 
681     for (count = 0; COND(c[D_MD4][testnum]); count++) {
682         if (!EVP_Digest(buf, (size_t)lengths[testnum], md4, NULL, EVP_md4(),
683                         NULL))
684             return -1;
685     }
686     return count;
687 }
688 #endif
689 
690 #ifndef OPENSSL_NO_MD5
691 static int MD5_loop(void *args)
692 {
693     loopargs_t *tempargs = *(loopargs_t **) args;
694     unsigned char *buf = tempargs->buf;
695     unsigned char md5[MD5_DIGEST_LENGTH];
696     int count;
697     for (count = 0; COND(c[D_MD5][testnum]); count++)
698         MD5(buf, lengths[testnum], md5);
699     return count;
700 }
701 
702 static int HMAC_loop(void *args)
703 {
704     loopargs_t *tempargs = *(loopargs_t **) args;
705     unsigned char *buf = tempargs->buf;
706     HMAC_CTX *hctx = tempargs->hctx;
707     unsigned char hmac[MD5_DIGEST_LENGTH];
708     int count;
709 
710     for (count = 0; COND(c[D_HMAC][testnum]); count++) {
711         HMAC_Init_ex(hctx, NULL, 0, NULL, NULL);
712         HMAC_Update(hctx, buf, lengths[testnum]);
713         HMAC_Final(hctx, hmac, NULL);
714     }
715     return count;
716 }
717 #endif
718 
719 static int SHA1_loop(void *args)
720 {
721     loopargs_t *tempargs = *(loopargs_t **) args;
722     unsigned char *buf = tempargs->buf;
723     unsigned char sha[SHA_DIGEST_LENGTH];
724     int count;
725     for (count = 0; COND(c[D_SHA1][testnum]); count++)
726         SHA1(buf, lengths[testnum], sha);
727     return count;
728 }
729 
730 static int SHA256_loop(void *args)
731 {
732     loopargs_t *tempargs = *(loopargs_t **) args;
733     unsigned char *buf = tempargs->buf;
734     unsigned char sha256[SHA256_DIGEST_LENGTH];
735     int count;
736     for (count = 0; COND(c[D_SHA256][testnum]); count++)
737         SHA256(buf, lengths[testnum], sha256);
738     return count;
739 }
740 
741 static int SHA512_loop(void *args)
742 {
743     loopargs_t *tempargs = *(loopargs_t **) args;
744     unsigned char *buf = tempargs->buf;
745     unsigned char sha512[SHA512_DIGEST_LENGTH];
746     int count;
747     for (count = 0; COND(c[D_SHA512][testnum]); count++)
748         SHA512(buf, lengths[testnum], sha512);
749     return count;
750 }
751 
752 #ifndef OPENSSL_NO_WHIRLPOOL
753 static int WHIRLPOOL_loop(void *args)
754 {
755     loopargs_t *tempargs = *(loopargs_t **) args;
756     unsigned char *buf = tempargs->buf;
757     unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
758     int count;
759     for (count = 0; COND(c[D_WHIRLPOOL][testnum]); count++)
760         WHIRLPOOL(buf, lengths[testnum], whirlpool);
761     return count;
762 }
763 #endif
764 
765 #ifndef OPENSSL_NO_RMD160
766 static int EVP_Digest_RMD160_loop(void *args)
767 {
768     loopargs_t *tempargs = *(loopargs_t **) args;
769     unsigned char *buf = tempargs->buf;
770     unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
771     int count;
772     for (count = 0; COND(c[D_RMD160][testnum]); count++) {
773         if (!EVP_Digest(buf, (size_t)lengths[testnum], &(rmd160[0]),
774                         NULL, EVP_ripemd160(), NULL))
775             return -1;
776     }
777     return count;
778 }
779 #endif
780 
781 #ifndef OPENSSL_NO_RC4
782 static RC4_KEY rc4_ks;
783 static int RC4_loop(void *args)
784 {
785     loopargs_t *tempargs = *(loopargs_t **) args;
786     unsigned char *buf = tempargs->buf;
787     int count;
788     for (count = 0; COND(c[D_RC4][testnum]); count++)
789         RC4(&rc4_ks, (size_t)lengths[testnum], buf, buf);
790     return count;
791 }
792 #endif
793 
794 #ifndef OPENSSL_NO_DES
795 static unsigned char DES_iv[8];
796 static DES_key_schedule sch;
797 static DES_key_schedule sch2;
798 static DES_key_schedule sch3;
799 static int DES_ncbc_encrypt_loop(void *args)
800 {
801     loopargs_t *tempargs = *(loopargs_t **) args;
802     unsigned char *buf = tempargs->buf;
803     int count;
804     for (count = 0; COND(c[D_CBC_DES][testnum]); count++)
805         DES_ncbc_encrypt(buf, buf, lengths[testnum], &sch,
806                          &DES_iv, DES_ENCRYPT);
807     return count;
808 }
809 
810 static int DES_ede3_cbc_encrypt_loop(void *args)
811 {
812     loopargs_t *tempargs = *(loopargs_t **) args;
813     unsigned char *buf = tempargs->buf;
814     int count;
815     for (count = 0; COND(c[D_EDE3_DES][testnum]); count++)
816         DES_ede3_cbc_encrypt(buf, buf, lengths[testnum],
817                              &sch, &sch2, &sch3, &DES_iv, DES_ENCRYPT);
818     return count;
819 }
820 #endif
821 
822 #define MAX_BLOCK_SIZE 128
823 
824 static unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
825 static AES_KEY aes_ks1, aes_ks2, aes_ks3;
826 static int AES_cbc_128_encrypt_loop(void *args)
827 {
828     loopargs_t *tempargs = *(loopargs_t **) args;
829     unsigned char *buf = tempargs->buf;
830     int count;
831     for (count = 0; COND(c[D_CBC_128_AES][testnum]); count++)
832         AES_cbc_encrypt(buf, buf,
833                         (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
834     return count;
835 }
836 
837 static int AES_cbc_192_encrypt_loop(void *args)
838 {
839     loopargs_t *tempargs = *(loopargs_t **) args;
840     unsigned char *buf = tempargs->buf;
841     int count;
842     for (count = 0; COND(c[D_CBC_192_AES][testnum]); count++)
843         AES_cbc_encrypt(buf, buf,
844                         (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
845     return count;
846 }
847 
848 static int AES_cbc_256_encrypt_loop(void *args)
849 {
850     loopargs_t *tempargs = *(loopargs_t **) args;
851     unsigned char *buf = tempargs->buf;
852     int count;
853     for (count = 0; COND(c[D_CBC_256_AES][testnum]); count++)
854         AES_cbc_encrypt(buf, buf,
855                         (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
856     return count;
857 }
858 
859 static int AES_ige_128_encrypt_loop(void *args)
860 {
861     loopargs_t *tempargs = *(loopargs_t **) args;
862     unsigned char *buf = tempargs->buf;
863     unsigned char *buf2 = tempargs->buf2;
864     int count;
865     for (count = 0; COND(c[D_IGE_128_AES][testnum]); count++)
866         AES_ige_encrypt(buf, buf2,
867                         (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
868     return count;
869 }
870 
871 static int AES_ige_192_encrypt_loop(void *args)
872 {
873     loopargs_t *tempargs = *(loopargs_t **) args;
874     unsigned char *buf = tempargs->buf;
875     unsigned char *buf2 = tempargs->buf2;
876     int count;
877     for (count = 0; COND(c[D_IGE_192_AES][testnum]); count++)
878         AES_ige_encrypt(buf, buf2,
879                         (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
880     return count;
881 }
882 
883 static int AES_ige_256_encrypt_loop(void *args)
884 {
885     loopargs_t *tempargs = *(loopargs_t **) args;
886     unsigned char *buf = tempargs->buf;
887     unsigned char *buf2 = tempargs->buf2;
888     int count;
889     for (count = 0; COND(c[D_IGE_256_AES][testnum]); count++)
890         AES_ige_encrypt(buf, buf2,
891                         (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
892     return count;
893 }
894 
895 static int CRYPTO_gcm128_aad_loop(void *args)
896 {
897     loopargs_t *tempargs = *(loopargs_t **) args;
898     unsigned char *buf = tempargs->buf;
899     GCM128_CONTEXT *gcm_ctx = tempargs->gcm_ctx;
900     int count;
901     for (count = 0; COND(c[D_GHASH][testnum]); count++)
902         CRYPTO_gcm128_aad(gcm_ctx, buf, lengths[testnum]);
903     return count;
904 }
905 
906 static int RAND_bytes_loop(void *args)
907 {
908     loopargs_t *tempargs = *(loopargs_t **) args;
909     unsigned char *buf = tempargs->buf;
910     int count;
911 
912     for (count = 0; COND(c[D_RAND][testnum]); count++)
913         RAND_bytes(buf, lengths[testnum]);
914     return count;
915 }
916 
917 static long save_count = 0;
918 static int decrypt = 0;
919 static int EVP_Update_loop(void *args)
920 {
921     loopargs_t *tempargs = *(loopargs_t **) args;
922     unsigned char *buf = tempargs->buf;
923     EVP_CIPHER_CTX *ctx = tempargs->ctx;
924     int outl, count, rc;
925 #ifndef SIGALRM
926     int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
927 #endif
928     if (decrypt) {
929         for (count = 0; COND(nb_iter); count++) {
930             rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
931             if (rc != 1) {
932                 /* reset iv in case of counter overflow */
933                 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
934             }
935         }
936     } else {
937         for (count = 0; COND(nb_iter); count++) {
938             rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
939             if (rc != 1) {
940                 /* reset iv in case of counter overflow */
941                 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
942             }
943         }
944     }
945     if (decrypt)
946         EVP_DecryptFinal_ex(ctx, buf, &outl);
947     else
948         EVP_EncryptFinal_ex(ctx, buf, &outl);
949     return count;
950 }
951 
952 /*
953  * CCM does not support streaming. For the purpose of performance measurement,
954  * each message is encrypted using the same (key,iv)-pair. Do not use this
955  * code in your application.
956  */
957 static int EVP_Update_loop_ccm(void *args)
958 {
959     loopargs_t *tempargs = *(loopargs_t **) args;
960     unsigned char *buf = tempargs->buf;
961     EVP_CIPHER_CTX *ctx = tempargs->ctx;
962     int outl, count;
963     unsigned char tag[12];
964 #ifndef SIGALRM
965     int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
966 #endif
967     if (decrypt) {
968         for (count = 0; COND(nb_iter); count++) {
969             EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), tag);
970             /* reset iv */
971             EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
972             /* counter is reset on every update */
973             EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
974         }
975     } else {
976         for (count = 0; COND(nb_iter); count++) {
977             /* restore iv length field */
978             EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
979             /* counter is reset on every update */
980             EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
981         }
982     }
983     if (decrypt)
984         EVP_DecryptFinal_ex(ctx, buf, &outl);
985     else
986         EVP_EncryptFinal_ex(ctx, buf, &outl);
987     return count;
988 }
989 
990 /*
991  * To make AEAD benchmarking more relevant perform TLS-like operations,
992  * 13-byte AAD followed by payload. But don't use TLS-formatted AAD, as
993  * payload length is not actually limited by 16KB...
994  */
995 static int EVP_Update_loop_aead(void *args)
996 {
997     loopargs_t *tempargs = *(loopargs_t **) args;
998     unsigned char *buf = tempargs->buf;
999     EVP_CIPHER_CTX *ctx = tempargs->ctx;
1000     int outl, count;
1001     unsigned char aad[13] = { 0xcc };
1002     unsigned char faketag[16] = { 0xcc };
1003 #ifndef SIGALRM
1004     int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1005 #endif
1006     if (decrypt) {
1007         for (count = 0; COND(nb_iter); count++) {
1008             EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
1009             EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
1010                                 sizeof(faketag), faketag);
1011             EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1012             EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1013             EVP_DecryptFinal_ex(ctx, buf + outl, &outl);
1014         }
1015     } else {
1016         for (count = 0; COND(nb_iter); count++) {
1017             EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv);
1018             EVP_EncryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1019             EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1020             EVP_EncryptFinal_ex(ctx, buf + outl, &outl);
1021         }
1022     }
1023     return count;
1024 }
1025 
1026 static const EVP_MD *evp_md = NULL;
1027 static int EVP_Digest_loop(void *args)
1028 {
1029     loopargs_t *tempargs = *(loopargs_t **) args;
1030     unsigned char *buf = tempargs->buf;
1031     unsigned char md[EVP_MAX_MD_SIZE];
1032     int count;
1033 #ifndef SIGALRM
1034     int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1035 #endif
1036 
1037     for (count = 0; COND(nb_iter); count++) {
1038         if (!EVP_Digest(buf, lengths[testnum], md, NULL, evp_md, NULL))
1039             return -1;
1040     }
1041     return count;
1042 }
1043 
1044 #ifndef OPENSSL_NO_RSA
1045 static long rsa_c[RSA_NUM][2];  /* # RSA iteration test */
1046 
1047 static int RSA_sign_loop(void *args)
1048 {
1049     loopargs_t *tempargs = *(loopargs_t **) args;
1050     unsigned char *buf = tempargs->buf;
1051     unsigned char *buf2 = tempargs->buf2;
1052     unsigned int *rsa_num = &tempargs->siglen;
1053     RSA **rsa_key = tempargs->rsa_key;
1054     int ret, count;
1055     for (count = 0; COND(rsa_c[testnum][0]); count++) {
1056         ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1057         if (ret == 0) {
1058             BIO_printf(bio_err, "RSA sign failure\n");
1059             ERR_print_errors(bio_err);
1060             count = -1;
1061             break;
1062         }
1063     }
1064     return count;
1065 }
1066 
1067 static int RSA_verify_loop(void *args)
1068 {
1069     loopargs_t *tempargs = *(loopargs_t **) args;
1070     unsigned char *buf = tempargs->buf;
1071     unsigned char *buf2 = tempargs->buf2;
1072     unsigned int rsa_num = tempargs->siglen;
1073     RSA **rsa_key = tempargs->rsa_key;
1074     int ret, count;
1075     for (count = 0; COND(rsa_c[testnum][1]); count++) {
1076         ret =
1077             RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1078         if (ret <= 0) {
1079             BIO_printf(bio_err, "RSA verify failure\n");
1080             ERR_print_errors(bio_err);
1081             count = -1;
1082             break;
1083         }
1084     }
1085     return count;
1086 }
1087 #endif
1088 
1089 #ifndef OPENSSL_NO_DSA
1090 static long dsa_c[DSA_NUM][2];
1091 static int DSA_sign_loop(void *args)
1092 {
1093     loopargs_t *tempargs = *(loopargs_t **) args;
1094     unsigned char *buf = tempargs->buf;
1095     unsigned char *buf2 = tempargs->buf2;
1096     DSA **dsa_key = tempargs->dsa_key;
1097     unsigned int *siglen = &tempargs->siglen;
1098     int ret, count;
1099     for (count = 0; COND(dsa_c[testnum][0]); count++) {
1100         ret = DSA_sign(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1101         if (ret == 0) {
1102             BIO_printf(bio_err, "DSA sign failure\n");
1103             ERR_print_errors(bio_err);
1104             count = -1;
1105             break;
1106         }
1107     }
1108     return count;
1109 }
1110 
1111 static int DSA_verify_loop(void *args)
1112 {
1113     loopargs_t *tempargs = *(loopargs_t **) args;
1114     unsigned char *buf = tempargs->buf;
1115     unsigned char *buf2 = tempargs->buf2;
1116     DSA **dsa_key = tempargs->dsa_key;
1117     unsigned int siglen = tempargs->siglen;
1118     int ret, count;
1119     for (count = 0; COND(dsa_c[testnum][1]); count++) {
1120         ret = DSA_verify(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1121         if (ret <= 0) {
1122             BIO_printf(bio_err, "DSA verify failure\n");
1123             ERR_print_errors(bio_err);
1124             count = -1;
1125             break;
1126         }
1127     }
1128     return count;
1129 }
1130 #endif
1131 
1132 #ifndef OPENSSL_NO_EC
1133 static long ecdsa_c[ECDSA_NUM][2];
1134 static int ECDSA_sign_loop(void *args)
1135 {
1136     loopargs_t *tempargs = *(loopargs_t **) args;
1137     unsigned char *buf = tempargs->buf;
1138     EC_KEY **ecdsa = tempargs->ecdsa;
1139     unsigned char *ecdsasig = tempargs->buf2;
1140     unsigned int *ecdsasiglen = &tempargs->siglen;
1141     int ret, count;
1142     for (count = 0; COND(ecdsa_c[testnum][0]); count++) {
1143         ret = ECDSA_sign(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1144         if (ret == 0) {
1145             BIO_printf(bio_err, "ECDSA sign failure\n");
1146             ERR_print_errors(bio_err);
1147             count = -1;
1148             break;
1149         }
1150     }
1151     return count;
1152 }
1153 
1154 static int ECDSA_verify_loop(void *args)
1155 {
1156     loopargs_t *tempargs = *(loopargs_t **) args;
1157     unsigned char *buf = tempargs->buf;
1158     EC_KEY **ecdsa = tempargs->ecdsa;
1159     unsigned char *ecdsasig = tempargs->buf2;
1160     unsigned int ecdsasiglen = tempargs->siglen;
1161     int ret, count;
1162     for (count = 0; COND(ecdsa_c[testnum][1]); count++) {
1163         ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1164         if (ret != 1) {
1165             BIO_printf(bio_err, "ECDSA verify failure\n");
1166             ERR_print_errors(bio_err);
1167             count = -1;
1168             break;
1169         }
1170     }
1171     return count;
1172 }
1173 
1174 /* ******************************************************************** */
1175 static long ecdh_c[EC_NUM][1];
1176 
1177 static int ECDH_EVP_derive_key_loop(void *args)
1178 {
1179     loopargs_t *tempargs = *(loopargs_t **) args;
1180     EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum];
1181     unsigned char *derived_secret = tempargs->secret_a;
1182     int count;
1183     size_t *outlen = &(tempargs->outlen[testnum]);
1184 
1185     for (count = 0; COND(ecdh_c[testnum][0]); count++)
1186         EVP_PKEY_derive(ctx, derived_secret, outlen);
1187 
1188     return count;
1189 }
1190 
1191 static long eddsa_c[EdDSA_NUM][2];
1192 static int EdDSA_sign_loop(void *args)
1193 {
1194     loopargs_t *tempargs = *(loopargs_t **) args;
1195     unsigned char *buf = tempargs->buf;
1196     EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1197     unsigned char *eddsasig = tempargs->buf2;
1198     size_t *eddsasigsize = &tempargs->sigsize;
1199     int ret, count;
1200 
1201     for (count = 0; COND(eddsa_c[testnum][0]); count++) {
1202         ret = EVP_DigestSign(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1203         if (ret == 0) {
1204             BIO_printf(bio_err, "EdDSA sign failure\n");
1205             ERR_print_errors(bio_err);
1206             count = -1;
1207             break;
1208         }
1209     }
1210     return count;
1211 }
1212 
1213 static int EdDSA_verify_loop(void *args)
1214 {
1215     loopargs_t *tempargs = *(loopargs_t **) args;
1216     unsigned char *buf = tempargs->buf;
1217     EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1218     unsigned char *eddsasig = tempargs->buf2;
1219     size_t eddsasigsize = tempargs->sigsize;
1220     int ret, count;
1221 
1222     for (count = 0; COND(eddsa_c[testnum][1]); count++) {
1223         ret = EVP_DigestVerify(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1224         if (ret != 1) {
1225             BIO_printf(bio_err, "EdDSA verify failure\n");
1226             ERR_print_errors(bio_err);
1227             count = -1;
1228             break;
1229         }
1230     }
1231     return count;
1232 }
1233 #endif                          /* OPENSSL_NO_EC */
1234 
1235 static int run_benchmark(int async_jobs,
1236                          int (*loop_function) (void *), loopargs_t * loopargs)
1237 {
1238     int job_op_count = 0;
1239     int total_op_count = 0;
1240     int num_inprogress = 0;
1241     int error = 0, i = 0, ret = 0;
1242     OSSL_ASYNC_FD job_fd = 0;
1243     size_t num_job_fds = 0;
1244 
1245     if (async_jobs == 0) {
1246         return loop_function((void *)&loopargs);
1247     }
1248 
1249     for (i = 0; i < async_jobs && !error; i++) {
1250         loopargs_t *looparg_item = loopargs + i;
1251 
1252         /* Copy pointer content (looparg_t item address) into async context */
1253         ret = ASYNC_start_job(&loopargs[i].inprogress_job, loopargs[i].wait_ctx,
1254                               &job_op_count, loop_function,
1255                               (void *)&looparg_item, sizeof(looparg_item));
1256         switch (ret) {
1257         case ASYNC_PAUSE:
1258             ++num_inprogress;
1259             break;
1260         case ASYNC_FINISH:
1261             if (job_op_count == -1) {
1262                 error = 1;
1263             } else {
1264                 total_op_count += job_op_count;
1265             }
1266             break;
1267         case ASYNC_NO_JOBS:
1268         case ASYNC_ERR:
1269             BIO_printf(bio_err, "Failure in the job\n");
1270             ERR_print_errors(bio_err);
1271             error = 1;
1272             break;
1273         }
1274     }
1275 
1276     while (num_inprogress > 0) {
1277 #if defined(OPENSSL_SYS_WINDOWS)
1278         DWORD avail = 0;
1279 #elif defined(OPENSSL_SYS_UNIX)
1280         int select_result = 0;
1281         OSSL_ASYNC_FD max_fd = 0;
1282         fd_set waitfdset;
1283 
1284         FD_ZERO(&waitfdset);
1285 
1286         for (i = 0; i < async_jobs && num_inprogress > 0; i++) {
1287             if (loopargs[i].inprogress_job == NULL)
1288                 continue;
1289 
1290             if (!ASYNC_WAIT_CTX_get_all_fds
1291                 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1292                 || num_job_fds > 1) {
1293                 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1294                 ERR_print_errors(bio_err);
1295                 error = 1;
1296                 break;
1297             }
1298             ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1299                                        &num_job_fds);
1300             FD_SET(job_fd, &waitfdset);
1301             if (job_fd > max_fd)
1302                 max_fd = job_fd;
1303         }
1304 
1305         if (max_fd >= (OSSL_ASYNC_FD)FD_SETSIZE) {
1306             BIO_printf(bio_err,
1307                        "Error: max_fd (%d) must be smaller than FD_SETSIZE (%d). "
1308                        "Decrease the value of async_jobs\n",
1309                        max_fd, FD_SETSIZE);
1310             ERR_print_errors(bio_err);
1311             error = 1;
1312             break;
1313         }
1314 
1315         select_result = select(max_fd + 1, &waitfdset, NULL, NULL, NULL);
1316         if (select_result == -1 && errno == EINTR)
1317             continue;
1318 
1319         if (select_result == -1) {
1320             BIO_printf(bio_err, "Failure in the select\n");
1321             ERR_print_errors(bio_err);
1322             error = 1;
1323             break;
1324         }
1325 
1326         if (select_result == 0)
1327             continue;
1328 #endif
1329 
1330         for (i = 0; i < async_jobs; i++) {
1331             if (loopargs[i].inprogress_job == NULL)
1332                 continue;
1333 
1334             if (!ASYNC_WAIT_CTX_get_all_fds
1335                 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1336                 || num_job_fds > 1) {
1337                 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1338                 ERR_print_errors(bio_err);
1339                 error = 1;
1340                 break;
1341             }
1342             ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1343                                        &num_job_fds);
1344 
1345 #if defined(OPENSSL_SYS_UNIX)
1346             if (num_job_fds == 1 && !FD_ISSET(job_fd, &waitfdset))
1347                 continue;
1348 #elif defined(OPENSSL_SYS_WINDOWS)
1349             if (num_job_fds == 1
1350                 && !PeekNamedPipe(job_fd, NULL, 0, NULL, &avail, NULL)
1351                 && avail > 0)
1352                 continue;
1353 #endif
1354 
1355             ret = ASYNC_start_job(&loopargs[i].inprogress_job,
1356                                   loopargs[i].wait_ctx, &job_op_count,
1357                                   loop_function, (void *)(loopargs + i),
1358                                   sizeof(loopargs_t));
1359             switch (ret) {
1360             case ASYNC_PAUSE:
1361                 break;
1362             case ASYNC_FINISH:
1363                 if (job_op_count == -1) {
1364                     error = 1;
1365                 } else {
1366                     total_op_count += job_op_count;
1367                 }
1368                 --num_inprogress;
1369                 loopargs[i].inprogress_job = NULL;
1370                 break;
1371             case ASYNC_NO_JOBS:
1372             case ASYNC_ERR:
1373                 --num_inprogress;
1374                 loopargs[i].inprogress_job = NULL;
1375                 BIO_printf(bio_err, "Failure in the job\n");
1376                 ERR_print_errors(bio_err);
1377                 error = 1;
1378                 break;
1379             }
1380         }
1381     }
1382 
1383     return error ? -1 : total_op_count;
1384 }
1385 
1386 int speed_main(int argc, char **argv)
1387 {
1388     ENGINE *e = NULL;
1389     loopargs_t *loopargs = NULL;
1390     const char *prog;
1391     const char *engine_id = NULL;
1392     const EVP_CIPHER *evp_cipher = NULL;
1393     double d = 0.0;
1394     OPTION_CHOICE o;
1395     int async_init = 0, multiblock = 0, pr_header = 0;
1396     int doit[ALGOR_NUM] = { 0 };
1397     int ret = 1, misalign = 0, lengths_single = 0, aead = 0;
1398     long count = 0;
1399     unsigned int size_num = OSSL_NELEM(lengths_list);
1400     unsigned int i, k, loop, loopargs_len = 0, async_jobs = 0;
1401     int keylen;
1402     int buflen;
1403 #ifndef NO_FORK
1404     int multi = 0;
1405 #endif
1406 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) \
1407     || !defined(OPENSSL_NO_EC)
1408     long rsa_count = 1;
1409 #endif
1410     openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS,
1411                                     ECDSA_SECONDS, ECDH_SECONDS,
1412                                     EdDSA_SECONDS };
1413 
1414     /* What follows are the buffers and key material. */
1415 #ifndef OPENSSL_NO_RC5
1416     RC5_32_KEY rc5_ks;
1417 #endif
1418 #ifndef OPENSSL_NO_RC2
1419     RC2_KEY rc2_ks;
1420 #endif
1421 #ifndef OPENSSL_NO_IDEA
1422     IDEA_KEY_SCHEDULE idea_ks;
1423 #endif
1424 #ifndef OPENSSL_NO_SEED
1425     SEED_KEY_SCHEDULE seed_ks;
1426 #endif
1427 #ifndef OPENSSL_NO_BF
1428     BF_KEY bf_ks;
1429 #endif
1430 #ifndef OPENSSL_NO_CAST
1431     CAST_KEY cast_ks;
1432 #endif
1433     static const unsigned char key16[16] = {
1434         0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1435         0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1436     };
1437     static const unsigned char key24[24] = {
1438         0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1439         0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1440         0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1441     };
1442     static const unsigned char key32[32] = {
1443         0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1444         0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1445         0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1446         0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1447     };
1448 #ifndef OPENSSL_NO_CAMELLIA
1449     static const unsigned char ckey24[24] = {
1450         0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1451         0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1452         0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1453     };
1454     static const unsigned char ckey32[32] = {
1455         0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1456         0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1457         0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1458         0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1459     };
1460     CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3;
1461 #endif
1462 #ifndef OPENSSL_NO_DES
1463     static DES_cblock key = {
1464         0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0
1465     };
1466     static DES_cblock key2 = {
1467         0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1468     };
1469     static DES_cblock key3 = {
1470         0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1471     };
1472 #endif
1473 #ifndef OPENSSL_NO_RSA
1474     static const unsigned int rsa_bits[RSA_NUM] = {
1475         512, 1024, 2048, 3072, 4096, 7680, 15360
1476     };
1477     static const unsigned char *rsa_data[RSA_NUM] = {
1478         test512, test1024, test2048, test3072, test4096, test7680, test15360
1479     };
1480     static const int rsa_data_length[RSA_NUM] = {
1481         sizeof(test512), sizeof(test1024),
1482         sizeof(test2048), sizeof(test3072),
1483         sizeof(test4096), sizeof(test7680),
1484         sizeof(test15360)
1485     };
1486     int rsa_doit[RSA_NUM] = { 0 };
1487     int primes = RSA_DEFAULT_PRIME_NUM;
1488 #endif
1489 #ifndef OPENSSL_NO_DSA
1490     static const unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 };
1491     int dsa_doit[DSA_NUM] = { 0 };
1492 #endif
1493 #ifndef OPENSSL_NO_EC
1494     /*
1495      * We only test over the following curves as they are representative, To
1496      * add tests over more curves, simply add the curve NID and curve name to
1497      * the following arrays and increase the |ecdh_choices| list accordingly.
1498      */
1499     static const struct {
1500         const char *name;
1501         unsigned int nid;
1502         unsigned int bits;
1503     } test_curves[] = {
1504         /* Prime Curves */
1505         {"secp160r1", NID_secp160r1, 160},
1506         {"nistp192", NID_X9_62_prime192v1, 192},
1507         {"nistp224", NID_secp224r1, 224},
1508         {"nistp256", NID_X9_62_prime256v1, 256},
1509         {"nistp384", NID_secp384r1, 384},
1510         {"nistp521", NID_secp521r1, 521},
1511 # ifndef OPENSSL_NO_EC2M
1512         /* Binary Curves */
1513         {"nistk163", NID_sect163k1, 163},
1514         {"nistk233", NID_sect233k1, 233},
1515         {"nistk283", NID_sect283k1, 283},
1516         {"nistk409", NID_sect409k1, 409},
1517         {"nistk571", NID_sect571k1, 571},
1518         {"nistb163", NID_sect163r2, 163},
1519         {"nistb233", NID_sect233r1, 233},
1520         {"nistb283", NID_sect283r1, 283},
1521         {"nistb409", NID_sect409r1, 409},
1522         {"nistb571", NID_sect571r1, 571},
1523 # endif
1524         {"brainpoolP256r1", NID_brainpoolP256r1, 256},
1525         {"brainpoolP256t1", NID_brainpoolP256t1, 256},
1526         {"brainpoolP384r1", NID_brainpoolP384r1, 384},
1527         {"brainpoolP384t1", NID_brainpoolP384t1, 384},
1528         {"brainpoolP512r1", NID_brainpoolP512r1, 512},
1529         {"brainpoolP512t1", NID_brainpoolP512t1, 512},
1530         /* Other and ECDH only ones */
1531         {"X25519", NID_X25519, 253},
1532         {"X448", NID_X448, 448}
1533     };
1534     static const struct {
1535         const char *name;
1536         unsigned int nid;
1537         unsigned int bits;
1538         size_t sigsize;
1539     } test_ed_curves[] = {
1540         /* EdDSA */
1541         {"Ed25519", NID_ED25519, 253, 64},
1542         {"Ed448", NID_ED448, 456, 114}
1543     };
1544     int ecdsa_doit[ECDSA_NUM] = { 0 };
1545     int ecdh_doit[EC_NUM] = { 0 };
1546     int eddsa_doit[EdDSA_NUM] = { 0 };
1547     OPENSSL_assert(OSSL_NELEM(test_curves) >= EC_NUM);
1548     OPENSSL_assert(OSSL_NELEM(test_ed_curves) >= EdDSA_NUM);
1549 #endif                          /* ndef OPENSSL_NO_EC */
1550 
1551     prog = opt_init(argc, argv, speed_options);
1552     while ((o = opt_next()) != OPT_EOF) {
1553         switch (o) {
1554         case OPT_EOF:
1555         case OPT_ERR:
1556  opterr:
1557             BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
1558             goto end;
1559         case OPT_HELP:
1560             opt_help(speed_options);
1561             ret = 0;
1562             goto end;
1563         case OPT_ELAPSED:
1564             usertime = 0;
1565             break;
1566         case OPT_EVP:
1567             evp_md = NULL;
1568             evp_cipher = EVP_get_cipherbyname(opt_arg());
1569             if (evp_cipher == NULL)
1570                 evp_md = EVP_get_digestbyname(opt_arg());
1571             if (evp_cipher == NULL && evp_md == NULL) {
1572                 BIO_printf(bio_err,
1573                            "%s: %s is an unknown cipher or digest\n",
1574                            prog, opt_arg());
1575                 goto end;
1576             }
1577             doit[D_EVP] = 1;
1578             break;
1579         case OPT_DECRYPT:
1580             decrypt = 1;
1581             break;
1582         case OPT_ENGINE:
1583             /*
1584              * In a forked execution, an engine might need to be
1585              * initialised by each child process, not by the parent.
1586              * So store the name here and run setup_engine() later on.
1587              */
1588             engine_id = opt_arg();
1589             break;
1590         case OPT_MULTI:
1591 #ifndef NO_FORK
1592             multi = atoi(opt_arg());
1593             if (multi >= INT_MAX / (int)sizeof(int)) {
1594                 BIO_printf(bio_err, "%s: multi argument too large\n", prog);
1595                 return 0;
1596             }
1597 #endif
1598             break;
1599         case OPT_ASYNCJOBS:
1600 #ifndef OPENSSL_NO_ASYNC
1601             async_jobs = atoi(opt_arg());
1602             if (!ASYNC_is_capable()) {
1603                 BIO_printf(bio_err,
1604                            "%s: async_jobs specified but async not supported\n",
1605                            prog);
1606                 goto opterr;
1607             }
1608             if (async_jobs > 99999) {
1609                 BIO_printf(bio_err, "%s: too many async_jobs\n", prog);
1610                 goto opterr;
1611             }
1612 #endif
1613             break;
1614         case OPT_MISALIGN:
1615             if (!opt_int(opt_arg(), &misalign))
1616                 goto end;
1617             if (misalign > MISALIGN) {
1618                 BIO_printf(bio_err,
1619                            "%s: Maximum offset is %d\n", prog, MISALIGN);
1620                 goto opterr;
1621             }
1622             break;
1623         case OPT_MR:
1624             mr = 1;
1625             break;
1626         case OPT_MB:
1627             multiblock = 1;
1628 #ifdef OPENSSL_NO_MULTIBLOCK
1629             BIO_printf(bio_err,
1630                        "%s: -mb specified but multi-block support is disabled\n",
1631                        prog);
1632             goto end;
1633 #endif
1634             break;
1635         case OPT_R_CASES:
1636             if (!opt_rand(o))
1637                 goto end;
1638             break;
1639         case OPT_PRIMES:
1640             if (!opt_int(opt_arg(), &primes))
1641                 goto end;
1642             break;
1643         case OPT_SECONDS:
1644             seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa
1645                         = seconds.ecdh = seconds.eddsa = atoi(opt_arg());
1646             break;
1647         case OPT_BYTES:
1648             lengths_single = atoi(opt_arg());
1649             lengths = &lengths_single;
1650             size_num = 1;
1651             break;
1652         case OPT_AEAD:
1653             aead = 1;
1654             break;
1655         }
1656     }
1657     argc = opt_num_rest();
1658     argv = opt_rest();
1659 
1660     /* Remaining arguments are algorithms. */
1661     for (; *argv; argv++) {
1662         if (found(*argv, doit_choices, &i)) {
1663             doit[i] = 1;
1664             continue;
1665         }
1666 #ifndef OPENSSL_NO_DES
1667         if (strcmp(*argv, "des") == 0) {
1668             doit[D_CBC_DES] = doit[D_EDE3_DES] = 1;
1669             continue;
1670         }
1671 #endif
1672         if (strcmp(*argv, "sha") == 0) {
1673             doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1;
1674             continue;
1675         }
1676 #ifndef OPENSSL_NO_RSA
1677         if (strcmp(*argv, "openssl") == 0)
1678             continue;
1679         if (strcmp(*argv, "rsa") == 0) {
1680             for (loop = 0; loop < OSSL_NELEM(rsa_doit); loop++)
1681                 rsa_doit[loop] = 1;
1682             continue;
1683         }
1684         if (found(*argv, rsa_choices, &i)) {
1685             rsa_doit[i] = 1;
1686             continue;
1687         }
1688 #endif
1689 #ifndef OPENSSL_NO_DSA
1690         if (strcmp(*argv, "dsa") == 0) {
1691             dsa_doit[R_DSA_512] = dsa_doit[R_DSA_1024] =
1692                 dsa_doit[R_DSA_2048] = 1;
1693             continue;
1694         }
1695         if (found(*argv, dsa_choices, &i)) {
1696             dsa_doit[i] = 2;
1697             continue;
1698         }
1699 #endif
1700         if (strcmp(*argv, "aes") == 0) {
1701             doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1;
1702             continue;
1703         }
1704 #ifndef OPENSSL_NO_CAMELLIA
1705         if (strcmp(*argv, "camellia") == 0) {
1706             doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1;
1707             continue;
1708         }
1709 #endif
1710 #ifndef OPENSSL_NO_EC
1711         if (strcmp(*argv, "ecdsa") == 0) {
1712             for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
1713                 ecdsa_doit[loop] = 1;
1714             continue;
1715         }
1716         if (found(*argv, ecdsa_choices, &i)) {
1717             ecdsa_doit[i] = 2;
1718             continue;
1719         }
1720         if (strcmp(*argv, "ecdh") == 0) {
1721             for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
1722                 ecdh_doit[loop] = 1;
1723             continue;
1724         }
1725         if (found(*argv, ecdh_choices, &i)) {
1726             ecdh_doit[i] = 2;
1727             continue;
1728         }
1729         if (strcmp(*argv, "eddsa") == 0) {
1730             for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
1731                 eddsa_doit[loop] = 1;
1732             continue;
1733         }
1734         if (found(*argv, eddsa_choices, &i)) {
1735             eddsa_doit[i] = 2;
1736             continue;
1737         }
1738 #endif
1739         BIO_printf(bio_err, "%s: Unknown algorithm %s\n", prog, *argv);
1740         goto end;
1741     }
1742 
1743     /* Sanity checks */
1744     if (aead) {
1745         if (evp_cipher == NULL) {
1746             BIO_printf(bio_err, "-aead can be used only with an AEAD cipher\n");
1747             goto end;
1748         } else if (!(EVP_CIPHER_flags(evp_cipher) &
1749                      EVP_CIPH_FLAG_AEAD_CIPHER)) {
1750             BIO_printf(bio_err, "%s is not an AEAD cipher\n",
1751                        OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1752             goto end;
1753         }
1754     }
1755     if (multiblock) {
1756         if (evp_cipher == NULL) {
1757             BIO_printf(bio_err,"-mb can be used only with a multi-block"
1758                                " capable cipher\n");
1759             goto end;
1760         } else if (!(EVP_CIPHER_flags(evp_cipher) &
1761                      EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
1762             BIO_printf(bio_err, "%s is not a multi-block capable\n",
1763                        OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1764             goto end;
1765         } else if (async_jobs > 0) {
1766             BIO_printf(bio_err, "Async mode is not supported with -mb");
1767             goto end;
1768         }
1769     }
1770 
1771     /* Initialize the job pool if async mode is enabled */
1772     if (async_jobs > 0) {
1773         async_init = ASYNC_init_thread(async_jobs, async_jobs);
1774         if (!async_init) {
1775             BIO_printf(bio_err, "Error creating the ASYNC job pool\n");
1776             goto end;
1777         }
1778     }
1779 
1780     loopargs_len = (async_jobs == 0 ? 1 : async_jobs);
1781     loopargs =
1782         app_malloc(loopargs_len * sizeof(loopargs_t), "array of loopargs");
1783     memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));
1784 
1785     for (i = 0; i < loopargs_len; i++) {
1786         if (async_jobs > 0) {
1787             loopargs[i].wait_ctx = ASYNC_WAIT_CTX_new();
1788             if (loopargs[i].wait_ctx == NULL) {
1789                 BIO_printf(bio_err, "Error creating the ASYNC_WAIT_CTX\n");
1790                 goto end;
1791             }
1792         }
1793 
1794         buflen = lengths[size_num - 1];
1795         if (buflen < 36)    /* size of random vector in RSA benchmark */
1796             buflen = 36;
1797         buflen += MAX_MISALIGNMENT + 1;
1798         loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
1799         loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");
1800         memset(loopargs[i].buf_malloc, 0, buflen);
1801         memset(loopargs[i].buf2_malloc, 0, buflen);
1802 
1803         /* Align the start of buffers on a 64 byte boundary */
1804         loopargs[i].buf = loopargs[i].buf_malloc + misalign;
1805         loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;
1806 #ifndef OPENSSL_NO_EC
1807         loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a");
1808         loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b");
1809 #endif
1810     }
1811 
1812 #ifndef NO_FORK
1813     if (multi && do_multi(multi, size_num))
1814         goto show_res;
1815 #endif
1816 
1817     /* Initialize the engine after the fork */
1818     e = setup_engine(engine_id, 0);
1819 
1820     /* No parameters; turn on everything. */
1821     if ((argc == 0) && !doit[D_EVP]) {
1822         for (i = 0; i < ALGOR_NUM; i++)
1823             if (i != D_EVP)
1824                 doit[i] = 1;
1825 #ifndef OPENSSL_NO_RSA
1826         for (i = 0; i < RSA_NUM; i++)
1827             rsa_doit[i] = 1;
1828 #endif
1829 #ifndef OPENSSL_NO_DSA
1830         for (i = 0; i < DSA_NUM; i++)
1831             dsa_doit[i] = 1;
1832 #endif
1833 #ifndef OPENSSL_NO_EC
1834         for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
1835             ecdsa_doit[loop] = 1;
1836         for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
1837             ecdh_doit[loop] = 1;
1838         for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
1839             eddsa_doit[loop] = 1;
1840 #endif
1841     }
1842     for (i = 0; i < ALGOR_NUM; i++)
1843         if (doit[i])
1844             pr_header++;
1845 
1846     if (usertime == 0 && !mr)
1847         BIO_printf(bio_err,
1848                    "You have chosen to measure elapsed time "
1849                    "instead of user CPU time.\n");
1850 
1851 #ifndef OPENSSL_NO_RSA
1852     for (i = 0; i < loopargs_len; i++) {
1853         if (primes > RSA_DEFAULT_PRIME_NUM) {
1854             /* for multi-prime RSA, skip this */
1855             break;
1856         }
1857         for (k = 0; k < RSA_NUM; k++) {
1858             const unsigned char *p;
1859 
1860             p = rsa_data[k];
1861             loopargs[i].rsa_key[k] =
1862                 d2i_RSAPrivateKey(NULL, &p, rsa_data_length[k]);
1863             if (loopargs[i].rsa_key[k] == NULL) {
1864                 BIO_printf(bio_err,
1865                            "internal error loading RSA key number %d\n", k);
1866                 goto end;
1867             }
1868         }
1869     }
1870 #endif
1871 #ifndef OPENSSL_NO_DSA
1872     for (i = 0; i < loopargs_len; i++) {
1873         loopargs[i].dsa_key[0] = get_dsa(512);
1874         loopargs[i].dsa_key[1] = get_dsa(1024);
1875         loopargs[i].dsa_key[2] = get_dsa(2048);
1876     }
1877 #endif
1878 #ifndef OPENSSL_NO_DES
1879     DES_set_key_unchecked(&key, &sch);
1880     DES_set_key_unchecked(&key2, &sch2);
1881     DES_set_key_unchecked(&key3, &sch3);
1882 #endif
1883     AES_set_encrypt_key(key16, 128, &aes_ks1);
1884     AES_set_encrypt_key(key24, 192, &aes_ks2);
1885     AES_set_encrypt_key(key32, 256, &aes_ks3);
1886 #ifndef OPENSSL_NO_CAMELLIA
1887     Camellia_set_key(key16, 128, &camellia_ks1);
1888     Camellia_set_key(ckey24, 192, &camellia_ks2);
1889     Camellia_set_key(ckey32, 256, &camellia_ks3);
1890 #endif
1891 #ifndef OPENSSL_NO_IDEA
1892     IDEA_set_encrypt_key(key16, &idea_ks);
1893 #endif
1894 #ifndef OPENSSL_NO_SEED
1895     SEED_set_key(key16, &seed_ks);
1896 #endif
1897 #ifndef OPENSSL_NO_RC4
1898     RC4_set_key(&rc4_ks, 16, key16);
1899 #endif
1900 #ifndef OPENSSL_NO_RC2
1901     RC2_set_key(&rc2_ks, 16, key16, 128);
1902 #endif
1903 #ifndef OPENSSL_NO_RC5
1904     RC5_32_set_key(&rc5_ks, 16, key16, 12);
1905 #endif
1906 #ifndef OPENSSL_NO_BF
1907     BF_set_key(&bf_ks, 16, key16);
1908 #endif
1909 #ifndef OPENSSL_NO_CAST
1910     CAST_set_key(&cast_ks, 16, key16);
1911 #endif
1912 #ifndef SIGALRM
1913 # ifndef OPENSSL_NO_DES
1914     BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
1915     count = 10;
1916     do {
1917         long it;
1918         count *= 2;
1919         Time_F(START);
1920         for (it = count; it; it--)
1921             DES_ecb_encrypt((DES_cblock *)loopargs[0].buf,
1922                             (DES_cblock *)loopargs[0].buf, &sch, DES_ENCRYPT);
1923         d = Time_F(STOP);
1924     } while (d < 3);
1925     save_count = count;
1926     c[D_MD2][0] = count / 10;
1927     c[D_MDC2][0] = count / 10;
1928     c[D_MD4][0] = count;
1929     c[D_MD5][0] = count;
1930     c[D_HMAC][0] = count;
1931     c[D_SHA1][0] = count;
1932     c[D_RMD160][0] = count;
1933     c[D_RC4][0] = count * 5;
1934     c[D_CBC_DES][0] = count;
1935     c[D_EDE3_DES][0] = count / 3;
1936     c[D_CBC_IDEA][0] = count;
1937     c[D_CBC_SEED][0] = count;
1938     c[D_CBC_RC2][0] = count;
1939     c[D_CBC_RC5][0] = count;
1940     c[D_CBC_BF][0] = count;
1941     c[D_CBC_CAST][0] = count;
1942     c[D_CBC_128_AES][0] = count;
1943     c[D_CBC_192_AES][0] = count;
1944     c[D_CBC_256_AES][0] = count;
1945     c[D_CBC_128_CML][0] = count;
1946     c[D_CBC_192_CML][0] = count;
1947     c[D_CBC_256_CML][0] = count;
1948     c[D_SHA256][0] = count;
1949     c[D_SHA512][0] = count;
1950     c[D_WHIRLPOOL][0] = count;
1951     c[D_IGE_128_AES][0] = count;
1952     c[D_IGE_192_AES][0] = count;
1953     c[D_IGE_256_AES][0] = count;
1954     c[D_GHASH][0] = count;
1955     c[D_RAND][0] = count;
1956 
1957     for (i = 1; i < size_num; i++) {
1958         long l0, l1;
1959 
1960         l0 = (long)lengths[0];
1961         l1 = (long)lengths[i];
1962 
1963         c[D_MD2][i] = c[D_MD2][0] * 4 * l0 / l1;
1964         c[D_MDC2][i] = c[D_MDC2][0] * 4 * l0 / l1;
1965         c[D_MD4][i] = c[D_MD4][0] * 4 * l0 / l1;
1966         c[D_MD5][i] = c[D_MD5][0] * 4 * l0 / l1;
1967         c[D_HMAC][i] = c[D_HMAC][0] * 4 * l0 / l1;
1968         c[D_SHA1][i] = c[D_SHA1][0] * 4 * l0 / l1;
1969         c[D_RMD160][i] = c[D_RMD160][0] * 4 * l0 / l1;
1970         c[D_SHA256][i] = c[D_SHA256][0] * 4 * l0 / l1;
1971         c[D_SHA512][i] = c[D_SHA512][0] * 4 * l0 / l1;
1972         c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * l0 / l1;
1973         c[D_GHASH][i] = c[D_GHASH][0] * 4 * l0 / l1;
1974         c[D_RAND][i] = c[D_RAND][0] * 4 * l0 / l1;
1975 
1976         l0 = (long)lengths[i - 1];
1977 
1978         c[D_RC4][i] = c[D_RC4][i - 1] * l0 / l1;
1979         c[D_CBC_DES][i] = c[D_CBC_DES][i - 1] * l0 / l1;
1980         c[D_EDE3_DES][i] = c[D_EDE3_DES][i - 1] * l0 / l1;
1981         c[D_CBC_IDEA][i] = c[D_CBC_IDEA][i - 1] * l0 / l1;
1982         c[D_CBC_SEED][i] = c[D_CBC_SEED][i - 1] * l0 / l1;
1983         c[D_CBC_RC2][i] = c[D_CBC_RC2][i - 1] * l0 / l1;
1984         c[D_CBC_RC5][i] = c[D_CBC_RC5][i - 1] * l0 / l1;
1985         c[D_CBC_BF][i] = c[D_CBC_BF][i - 1] * l0 / l1;
1986         c[D_CBC_CAST][i] = c[D_CBC_CAST][i - 1] * l0 / l1;
1987         c[D_CBC_128_AES][i] = c[D_CBC_128_AES][i - 1] * l0 / l1;
1988         c[D_CBC_192_AES][i] = c[D_CBC_192_AES][i - 1] * l0 / l1;
1989         c[D_CBC_256_AES][i] = c[D_CBC_256_AES][i - 1] * l0 / l1;
1990         c[D_CBC_128_CML][i] = c[D_CBC_128_CML][i - 1] * l0 / l1;
1991         c[D_CBC_192_CML][i] = c[D_CBC_192_CML][i - 1] * l0 / l1;
1992         c[D_CBC_256_CML][i] = c[D_CBC_256_CML][i - 1] * l0 / l1;
1993         c[D_IGE_128_AES][i] = c[D_IGE_128_AES][i - 1] * l0 / l1;
1994         c[D_IGE_192_AES][i] = c[D_IGE_192_AES][i - 1] * l0 / l1;
1995         c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
1996     }
1997 
1998 #  ifndef OPENSSL_NO_RSA
1999     rsa_c[R_RSA_512][0] = count / 2000;
2000     rsa_c[R_RSA_512][1] = count / 400;
2001     for (i = 1; i < RSA_NUM; i++) {
2002         rsa_c[i][0] = rsa_c[i - 1][0] / 8;
2003         rsa_c[i][1] = rsa_c[i - 1][1] / 4;
2004         if (rsa_doit[i] <= 1 && rsa_c[i][0] == 0)
2005             rsa_doit[i] = 0;
2006         else {
2007             if (rsa_c[i][0] == 0) {
2008                 rsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2009                 rsa_c[i][1] = 20;
2010             }
2011         }
2012     }
2013 #  endif
2014 
2015 #  ifndef OPENSSL_NO_DSA
2016     dsa_c[R_DSA_512][0] = count / 1000;
2017     dsa_c[R_DSA_512][1] = count / 1000 / 2;
2018     for (i = 1; i < DSA_NUM; i++) {
2019         dsa_c[i][0] = dsa_c[i - 1][0] / 4;
2020         dsa_c[i][1] = dsa_c[i - 1][1] / 4;
2021         if (dsa_doit[i] <= 1 && dsa_c[i][0] == 0)
2022             dsa_doit[i] = 0;
2023         else {
2024             if (dsa_c[i][0] == 0) {
2025                 dsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2026                 dsa_c[i][1] = 1;
2027             }
2028         }
2029     }
2030 #  endif
2031 
2032 #  ifndef OPENSSL_NO_EC
2033     ecdsa_c[R_EC_P160][0] = count / 1000;
2034     ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
2035     for (i = R_EC_P192; i <= R_EC_P521; i++) {
2036         ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2037         ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2038         if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2039             ecdsa_doit[i] = 0;
2040         else {
2041             if (ecdsa_c[i][0] == 0) {
2042                 ecdsa_c[i][0] = 1;
2043                 ecdsa_c[i][1] = 1;
2044             }
2045         }
2046     }
2047 #   ifndef OPENSSL_NO_EC2M
2048     ecdsa_c[R_EC_K163][0] = count / 1000;
2049     ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
2050     for (i = R_EC_K233; i <= R_EC_K571; i++) {
2051         ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2052         ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2053         if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2054             ecdsa_doit[i] = 0;
2055         else {
2056             if (ecdsa_c[i][0] == 0) {
2057                 ecdsa_c[i][0] = 1;
2058                 ecdsa_c[i][1] = 1;
2059             }
2060         }
2061     }
2062     ecdsa_c[R_EC_B163][0] = count / 1000;
2063     ecdsa_c[R_EC_B163][1] = count / 1000 / 2;
2064     for (i = R_EC_B233; i <= R_EC_B571; i++) {
2065         ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2066         ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2067         if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2068             ecdsa_doit[i] = 0;
2069         else {
2070             if (ecdsa_c[i][0] == 0) {
2071                 ecdsa_c[i][0] = 1;
2072                 ecdsa_c[i][1] = 1;
2073             }
2074         }
2075     }
2076 #   endif
2077 
2078     ecdh_c[R_EC_P160][0] = count / 1000;
2079     for (i = R_EC_P192; i <= R_EC_P521; i++) {
2080         ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2081         if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2082             ecdh_doit[i] = 0;
2083         else {
2084             if (ecdh_c[i][0] == 0) {
2085                 ecdh_c[i][0] = 1;
2086             }
2087         }
2088     }
2089 #   ifndef OPENSSL_NO_EC2M
2090     ecdh_c[R_EC_K163][0] = count / 1000;
2091     for (i = R_EC_K233; i <= R_EC_K571; i++) {
2092         ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2093         if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2094             ecdh_doit[i] = 0;
2095         else {
2096             if (ecdh_c[i][0] == 0) {
2097                 ecdh_c[i][0] = 1;
2098             }
2099         }
2100     }
2101     ecdh_c[R_EC_B163][0] = count / 1000;
2102     for (i = R_EC_B233; i <= R_EC_B571; i++) {
2103         ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2104         if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2105             ecdh_doit[i] = 0;
2106         else {
2107             if (ecdh_c[i][0] == 0) {
2108                 ecdh_c[i][0] = 1;
2109             }
2110         }
2111     }
2112 #   endif
2113     /* repeated code good to factorize */
2114     ecdh_c[R_EC_BRP256R1][0] = count / 1000;
2115     for (i = R_EC_BRP384R1; i <= R_EC_BRP512R1; i += 2) {
2116         ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2117         if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2118             ecdh_doit[i] = 0;
2119         else {
2120             if (ecdh_c[i][0] == 0) {
2121                 ecdh_c[i][0] = 1;
2122             }
2123         }
2124     }
2125     ecdh_c[R_EC_BRP256T1][0] = count / 1000;
2126     for (i = R_EC_BRP384T1; i <= R_EC_BRP512T1; i += 2) {
2127         ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2128         if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2129             ecdh_doit[i] = 0;
2130         else {
2131             if (ecdh_c[i][0] == 0) {
2132                 ecdh_c[i][0] = 1;
2133             }
2134         }
2135     }
2136     /* default iteration count for the last two EC Curves */
2137     ecdh_c[R_EC_X25519][0] = count / 1800;
2138     ecdh_c[R_EC_X448][0] = count / 7200;
2139 
2140     eddsa_c[R_EC_Ed25519][0] = count / 1800;
2141     eddsa_c[R_EC_Ed448][0] = count / 7200;
2142 #  endif
2143 
2144 # else
2145 /* not worth fixing */
2146 #  error "You cannot disable DES on systems without SIGALRM."
2147 # endif                         /* OPENSSL_NO_DES */
2148 #elif SIGALRM > 0
2149     signal(SIGALRM, alarmed);
2150 #endif                          /* SIGALRM */
2151 
2152 #ifndef OPENSSL_NO_MD2
2153     if (doit[D_MD2]) {
2154         for (testnum = 0; testnum < size_num; testnum++) {
2155             print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum],
2156                           seconds.sym);
2157             Time_F(START);
2158             count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs);
2159             d = Time_F(STOP);
2160             print_result(D_MD2, testnum, count, d);
2161         }
2162     }
2163 #endif
2164 #ifndef OPENSSL_NO_MDC2
2165     if (doit[D_MDC2]) {
2166         for (testnum = 0; testnum < size_num; testnum++) {
2167             print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum],
2168                           seconds.sym);
2169             Time_F(START);
2170             count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs);
2171             d = Time_F(STOP);
2172             print_result(D_MDC2, testnum, count, d);
2173         }
2174     }
2175 #endif
2176 
2177 #ifndef OPENSSL_NO_MD4
2178     if (doit[D_MD4]) {
2179         for (testnum = 0; testnum < size_num; testnum++) {
2180             print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum],
2181                           seconds.sym);
2182             Time_F(START);
2183             count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs);
2184             d = Time_F(STOP);
2185             print_result(D_MD4, testnum, count, d);
2186         }
2187     }
2188 #endif
2189 
2190 #ifndef OPENSSL_NO_MD5
2191     if (doit[D_MD5]) {
2192         for (testnum = 0; testnum < size_num; testnum++) {
2193             print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum],
2194                           seconds.sym);
2195             Time_F(START);
2196             count = run_benchmark(async_jobs, MD5_loop, loopargs);
2197             d = Time_F(STOP);
2198             print_result(D_MD5, testnum, count, d);
2199         }
2200     }
2201 
2202     if (doit[D_HMAC]) {
2203         static const char hmac_key[] = "This is a key...";
2204         int len = strlen(hmac_key);
2205 
2206         for (i = 0; i < loopargs_len; i++) {
2207             loopargs[i].hctx = HMAC_CTX_new();
2208             if (loopargs[i].hctx == NULL) {
2209                 BIO_printf(bio_err, "HMAC malloc failure, exiting...");
2210                 exit(1);
2211             }
2212 
2213             HMAC_Init_ex(loopargs[i].hctx, hmac_key, len, EVP_md5(), NULL);
2214         }
2215         for (testnum = 0; testnum < size_num; testnum++) {
2216             print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum],
2217                           seconds.sym);
2218             Time_F(START);
2219             count = run_benchmark(async_jobs, HMAC_loop, loopargs);
2220             d = Time_F(STOP);
2221             print_result(D_HMAC, testnum, count, d);
2222         }
2223         for (i = 0; i < loopargs_len; i++) {
2224             HMAC_CTX_free(loopargs[i].hctx);
2225         }
2226     }
2227 #endif
2228     if (doit[D_SHA1]) {
2229         for (testnum = 0; testnum < size_num; testnum++) {
2230             print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum],
2231                           seconds.sym);
2232             Time_F(START);
2233             count = run_benchmark(async_jobs, SHA1_loop, loopargs);
2234             d = Time_F(STOP);
2235             print_result(D_SHA1, testnum, count, d);
2236         }
2237     }
2238     if (doit[D_SHA256]) {
2239         for (testnum = 0; testnum < size_num; testnum++) {
2240             print_message(names[D_SHA256], c[D_SHA256][testnum],
2241                           lengths[testnum], seconds.sym);
2242             Time_F(START);
2243             count = run_benchmark(async_jobs, SHA256_loop, loopargs);
2244             d = Time_F(STOP);
2245             print_result(D_SHA256, testnum, count, d);
2246         }
2247     }
2248     if (doit[D_SHA512]) {
2249         for (testnum = 0; testnum < size_num; testnum++) {
2250             print_message(names[D_SHA512], c[D_SHA512][testnum],
2251                           lengths[testnum], seconds.sym);
2252             Time_F(START);
2253             count = run_benchmark(async_jobs, SHA512_loop, loopargs);
2254             d = Time_F(STOP);
2255             print_result(D_SHA512, testnum, count, d);
2256         }
2257     }
2258 #ifndef OPENSSL_NO_WHIRLPOOL
2259     if (doit[D_WHIRLPOOL]) {
2260         for (testnum = 0; testnum < size_num; testnum++) {
2261             print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][testnum],
2262                           lengths[testnum], seconds.sym);
2263             Time_F(START);
2264             count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs);
2265             d = Time_F(STOP);
2266             print_result(D_WHIRLPOOL, testnum, count, d);
2267         }
2268     }
2269 #endif
2270 
2271 #ifndef OPENSSL_NO_RMD160
2272     if (doit[D_RMD160]) {
2273         for (testnum = 0; testnum < size_num; testnum++) {
2274             print_message(names[D_RMD160], c[D_RMD160][testnum],
2275                           lengths[testnum], seconds.sym);
2276             Time_F(START);
2277             count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs);
2278             d = Time_F(STOP);
2279             print_result(D_RMD160, testnum, count, d);
2280         }
2281     }
2282 #endif
2283 #ifndef OPENSSL_NO_RC4
2284     if (doit[D_RC4]) {
2285         for (testnum = 0; testnum < size_num; testnum++) {
2286             print_message(names[D_RC4], c[D_RC4][testnum], lengths[testnum],
2287                           seconds.sym);
2288             Time_F(START);
2289             count = run_benchmark(async_jobs, RC4_loop, loopargs);
2290             d = Time_F(STOP);
2291             print_result(D_RC4, testnum, count, d);
2292         }
2293     }
2294 #endif
2295 #ifndef OPENSSL_NO_DES
2296     if (doit[D_CBC_DES]) {
2297         for (testnum = 0; testnum < size_num; testnum++) {
2298             print_message(names[D_CBC_DES], c[D_CBC_DES][testnum],
2299                           lengths[testnum], seconds.sym);
2300             Time_F(START);
2301             count = run_benchmark(async_jobs, DES_ncbc_encrypt_loop, loopargs);
2302             d = Time_F(STOP);
2303             print_result(D_CBC_DES, testnum, count, d);
2304         }
2305     }
2306 
2307     if (doit[D_EDE3_DES]) {
2308         for (testnum = 0; testnum < size_num; testnum++) {
2309             print_message(names[D_EDE3_DES], c[D_EDE3_DES][testnum],
2310                           lengths[testnum], seconds.sym);
2311             Time_F(START);
2312             count =
2313                 run_benchmark(async_jobs, DES_ede3_cbc_encrypt_loop, loopargs);
2314             d = Time_F(STOP);
2315             print_result(D_EDE3_DES, testnum, count, d);
2316         }
2317     }
2318 #endif
2319 
2320     if (doit[D_CBC_128_AES]) {
2321         for (testnum = 0; testnum < size_num; testnum++) {
2322             print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][testnum],
2323                           lengths[testnum], seconds.sym);
2324             Time_F(START);
2325             count =
2326                 run_benchmark(async_jobs, AES_cbc_128_encrypt_loop, loopargs);
2327             d = Time_F(STOP);
2328             print_result(D_CBC_128_AES, testnum, count, d);
2329         }
2330     }
2331     if (doit[D_CBC_192_AES]) {
2332         for (testnum = 0; testnum < size_num; testnum++) {
2333             print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][testnum],
2334                           lengths[testnum], seconds.sym);
2335             Time_F(START);
2336             count =
2337                 run_benchmark(async_jobs, AES_cbc_192_encrypt_loop, loopargs);
2338             d = Time_F(STOP);
2339             print_result(D_CBC_192_AES, testnum, count, d);
2340         }
2341     }
2342     if (doit[D_CBC_256_AES]) {
2343         for (testnum = 0; testnum < size_num; testnum++) {
2344             print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][testnum],
2345                           lengths[testnum], seconds.sym);
2346             Time_F(START);
2347             count =
2348                 run_benchmark(async_jobs, AES_cbc_256_encrypt_loop, loopargs);
2349             d = Time_F(STOP);
2350             print_result(D_CBC_256_AES, testnum, count, d);
2351         }
2352     }
2353 
2354     if (doit[D_IGE_128_AES]) {
2355         for (testnum = 0; testnum < size_num; testnum++) {
2356             print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][testnum],
2357                           lengths[testnum], seconds.sym);
2358             Time_F(START);
2359             count =
2360                 run_benchmark(async_jobs, AES_ige_128_encrypt_loop, loopargs);
2361             d = Time_F(STOP);
2362             print_result(D_IGE_128_AES, testnum, count, d);
2363         }
2364     }
2365     if (doit[D_IGE_192_AES]) {
2366         for (testnum = 0; testnum < size_num; testnum++) {
2367             print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][testnum],
2368                           lengths[testnum], seconds.sym);
2369             Time_F(START);
2370             count =
2371                 run_benchmark(async_jobs, AES_ige_192_encrypt_loop, loopargs);
2372             d = Time_F(STOP);
2373             print_result(D_IGE_192_AES, testnum, count, d);
2374         }
2375     }
2376     if (doit[D_IGE_256_AES]) {
2377         for (testnum = 0; testnum < size_num; testnum++) {
2378             print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][testnum],
2379                           lengths[testnum], seconds.sym);
2380             Time_F(START);
2381             count =
2382                 run_benchmark(async_jobs, AES_ige_256_encrypt_loop, loopargs);
2383             d = Time_F(STOP);
2384             print_result(D_IGE_256_AES, testnum, count, d);
2385         }
2386     }
2387     if (doit[D_GHASH]) {
2388         for (i = 0; i < loopargs_len; i++) {
2389             loopargs[i].gcm_ctx =
2390                 CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
2391             CRYPTO_gcm128_setiv(loopargs[i].gcm_ctx,
2392                                 (unsigned char *)"0123456789ab", 12);
2393         }
2394 
2395         for (testnum = 0; testnum < size_num; testnum++) {
2396             print_message(names[D_GHASH], c[D_GHASH][testnum],
2397                           lengths[testnum], seconds.sym);
2398             Time_F(START);
2399             count = run_benchmark(async_jobs, CRYPTO_gcm128_aad_loop, loopargs);
2400             d = Time_F(STOP);
2401             print_result(D_GHASH, testnum, count, d);
2402         }
2403         for (i = 0; i < loopargs_len; i++)
2404             CRYPTO_gcm128_release(loopargs[i].gcm_ctx);
2405     }
2406 #ifndef OPENSSL_NO_CAMELLIA
2407     if (doit[D_CBC_128_CML]) {
2408         if (async_jobs > 0) {
2409             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2410                        names[D_CBC_128_CML]);
2411             doit[D_CBC_128_CML] = 0;
2412         }
2413         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2414             print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][testnum],
2415                           lengths[testnum], seconds.sym);
2416             Time_F(START);
2417             for (count = 0; COND(c[D_CBC_128_CML][testnum]); count++)
2418                 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2419                                      (size_t)lengths[testnum], &camellia_ks1,
2420                                      iv, CAMELLIA_ENCRYPT);
2421             d = Time_F(STOP);
2422             print_result(D_CBC_128_CML, testnum, count, d);
2423         }
2424     }
2425     if (doit[D_CBC_192_CML]) {
2426         if (async_jobs > 0) {
2427             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2428                        names[D_CBC_192_CML]);
2429             doit[D_CBC_192_CML] = 0;
2430         }
2431         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2432             print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][testnum],
2433                           lengths[testnum], seconds.sym);
2434             if (async_jobs > 0) {
2435                 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2436                 exit(1);
2437             }
2438             Time_F(START);
2439             for (count = 0; COND(c[D_CBC_192_CML][testnum]); count++)
2440                 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2441                                      (size_t)lengths[testnum], &camellia_ks2,
2442                                      iv, CAMELLIA_ENCRYPT);
2443             d = Time_F(STOP);
2444             print_result(D_CBC_192_CML, testnum, count, d);
2445         }
2446     }
2447     if (doit[D_CBC_256_CML]) {
2448         if (async_jobs > 0) {
2449             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2450                        names[D_CBC_256_CML]);
2451             doit[D_CBC_256_CML] = 0;
2452         }
2453         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2454             print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][testnum],
2455                           lengths[testnum], seconds.sym);
2456             Time_F(START);
2457             for (count = 0; COND(c[D_CBC_256_CML][testnum]); count++)
2458                 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2459                                      (size_t)lengths[testnum], &camellia_ks3,
2460                                      iv, CAMELLIA_ENCRYPT);
2461             d = Time_F(STOP);
2462             print_result(D_CBC_256_CML, testnum, count, d);
2463         }
2464     }
2465 #endif
2466 #ifndef OPENSSL_NO_IDEA
2467     if (doit[D_CBC_IDEA]) {
2468         if (async_jobs > 0) {
2469             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2470                        names[D_CBC_IDEA]);
2471             doit[D_CBC_IDEA] = 0;
2472         }
2473         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2474             print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][testnum],
2475                           lengths[testnum], seconds.sym);
2476             Time_F(START);
2477             for (count = 0; COND(c[D_CBC_IDEA][testnum]); count++)
2478                 IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2479                                  (size_t)lengths[testnum], &idea_ks,
2480                                  iv, IDEA_ENCRYPT);
2481             d = Time_F(STOP);
2482             print_result(D_CBC_IDEA, testnum, count, d);
2483         }
2484     }
2485 #endif
2486 #ifndef OPENSSL_NO_SEED
2487     if (doit[D_CBC_SEED]) {
2488         if (async_jobs > 0) {
2489             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2490                        names[D_CBC_SEED]);
2491             doit[D_CBC_SEED] = 0;
2492         }
2493         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2494             print_message(names[D_CBC_SEED], c[D_CBC_SEED][testnum],
2495                           lengths[testnum], seconds.sym);
2496             Time_F(START);
2497             for (count = 0; COND(c[D_CBC_SEED][testnum]); count++)
2498                 SEED_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2499                                  (size_t)lengths[testnum], &seed_ks, iv, 1);
2500             d = Time_F(STOP);
2501             print_result(D_CBC_SEED, testnum, count, d);
2502         }
2503     }
2504 #endif
2505 #ifndef OPENSSL_NO_RC2
2506     if (doit[D_CBC_RC2]) {
2507         if (async_jobs > 0) {
2508             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2509                        names[D_CBC_RC2]);
2510             doit[D_CBC_RC2] = 0;
2511         }
2512         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2513             print_message(names[D_CBC_RC2], c[D_CBC_RC2][testnum],
2514                           lengths[testnum], seconds.sym);
2515             if (async_jobs > 0) {
2516                 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2517                 exit(1);
2518             }
2519             Time_F(START);
2520             for (count = 0; COND(c[D_CBC_RC2][testnum]); count++)
2521                 RC2_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2522                                 (size_t)lengths[testnum], &rc2_ks,
2523                                 iv, RC2_ENCRYPT);
2524             d = Time_F(STOP);
2525             print_result(D_CBC_RC2, testnum, count, d);
2526         }
2527     }
2528 #endif
2529 #ifndef OPENSSL_NO_RC5
2530     if (doit[D_CBC_RC5]) {
2531         if (async_jobs > 0) {
2532             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2533                        names[D_CBC_RC5]);
2534             doit[D_CBC_RC5] = 0;
2535         }
2536         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2537             print_message(names[D_CBC_RC5], c[D_CBC_RC5][testnum],
2538                           lengths[testnum], seconds.sym);
2539             if (async_jobs > 0) {
2540                 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2541                 exit(1);
2542             }
2543             Time_F(START);
2544             for (count = 0; COND(c[D_CBC_RC5][testnum]); count++)
2545                 RC5_32_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2546                                    (size_t)lengths[testnum], &rc5_ks,
2547                                    iv, RC5_ENCRYPT);
2548             d = Time_F(STOP);
2549             print_result(D_CBC_RC5, testnum, count, d);
2550         }
2551     }
2552 #endif
2553 #ifndef OPENSSL_NO_BF
2554     if (doit[D_CBC_BF]) {
2555         if (async_jobs > 0) {
2556             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2557                        names[D_CBC_BF]);
2558             doit[D_CBC_BF] = 0;
2559         }
2560         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2561             print_message(names[D_CBC_BF], c[D_CBC_BF][testnum],
2562                           lengths[testnum], seconds.sym);
2563             Time_F(START);
2564             for (count = 0; COND(c[D_CBC_BF][testnum]); count++)
2565                 BF_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2566                                (size_t)lengths[testnum], &bf_ks,
2567                                iv, BF_ENCRYPT);
2568             d = Time_F(STOP);
2569             print_result(D_CBC_BF, testnum, count, d);
2570         }
2571     }
2572 #endif
2573 #ifndef OPENSSL_NO_CAST
2574     if (doit[D_CBC_CAST]) {
2575         if (async_jobs > 0) {
2576             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2577                        names[D_CBC_CAST]);
2578             doit[D_CBC_CAST] = 0;
2579         }
2580         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2581             print_message(names[D_CBC_CAST], c[D_CBC_CAST][testnum],
2582                           lengths[testnum], seconds.sym);
2583             Time_F(START);
2584             for (count = 0; COND(c[D_CBC_CAST][testnum]); count++)
2585                 CAST_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2586                                  (size_t)lengths[testnum], &cast_ks,
2587                                  iv, CAST_ENCRYPT);
2588             d = Time_F(STOP);
2589             print_result(D_CBC_CAST, testnum, count, d);
2590         }
2591     }
2592 #endif
2593     if (doit[D_RAND]) {
2594         for (testnum = 0; testnum < size_num; testnum++) {
2595             print_message(names[D_RAND], c[D_RAND][testnum], lengths[testnum],
2596                           seconds.sym);
2597             Time_F(START);
2598             count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs);
2599             d = Time_F(STOP);
2600             print_result(D_RAND, testnum, count, d);
2601         }
2602     }
2603 
2604     if (doit[D_EVP]) {
2605         if (evp_cipher != NULL) {
2606             int (*loopfunc)(void *args) = EVP_Update_loop;
2607 
2608             if (multiblock && (EVP_CIPHER_flags(evp_cipher) &
2609                                EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
2610                 multiblock_speed(evp_cipher, lengths_single, &seconds);
2611                 ret = 0;
2612                 goto end;
2613             }
2614 
2615             names[D_EVP] = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
2616 
2617             if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_CCM_MODE) {
2618                 loopfunc = EVP_Update_loop_ccm;
2619             } else if (aead && (EVP_CIPHER_flags(evp_cipher) &
2620                                 EVP_CIPH_FLAG_AEAD_CIPHER)) {
2621                 loopfunc = EVP_Update_loop_aead;
2622                 if (lengths == lengths_list) {
2623                     lengths = aead_lengths_list;
2624                     size_num = OSSL_NELEM(aead_lengths_list);
2625                 }
2626             }
2627 
2628             for (testnum = 0; testnum < size_num; testnum++) {
2629                 print_message(names[D_EVP], save_count, lengths[testnum],
2630                               seconds.sym);
2631 
2632                 for (k = 0; k < loopargs_len; k++) {
2633                     loopargs[k].ctx = EVP_CIPHER_CTX_new();
2634                     if (loopargs[k].ctx == NULL) {
2635                         BIO_printf(bio_err, "\nEVP_CIPHER_CTX_new failure\n");
2636                         exit(1);
2637                     }
2638                     if (!EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL,
2639                                            NULL, iv, decrypt ? 0 : 1)) {
2640                         BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2641                         ERR_print_errors(bio_err);
2642                         exit(1);
2643                     }
2644 
2645                     EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
2646 
2647                     keylen = EVP_CIPHER_CTX_key_length(loopargs[k].ctx);
2648                     loopargs[k].key = app_malloc(keylen, "evp_cipher key");
2649                     EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key);
2650                     if (!EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
2651                                            loopargs[k].key, NULL, -1)) {
2652                         BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2653                         ERR_print_errors(bio_err);
2654                         exit(1);
2655                     }
2656                     OPENSSL_clear_free(loopargs[k].key, keylen);
2657                 }
2658 
2659                 Time_F(START);
2660                 count = run_benchmark(async_jobs, loopfunc, loopargs);
2661                 d = Time_F(STOP);
2662                 for (k = 0; k < loopargs_len; k++) {
2663                     EVP_CIPHER_CTX_free(loopargs[k].ctx);
2664                 }
2665                 print_result(D_EVP, testnum, count, d);
2666             }
2667         } else if (evp_md != NULL) {
2668             names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md));
2669 
2670             for (testnum = 0; testnum < size_num; testnum++) {
2671                 print_message(names[D_EVP], save_count, lengths[testnum],
2672                               seconds.sym);
2673                 Time_F(START);
2674                 count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs);
2675                 d = Time_F(STOP);
2676                 print_result(D_EVP, testnum, count, d);
2677             }
2678         }
2679     }
2680 
2681     for (i = 0; i < loopargs_len; i++)
2682         if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2683             goto end;
2684 
2685 #ifndef OPENSSL_NO_RSA
2686     for (testnum = 0; testnum < RSA_NUM; testnum++) {
2687         int st = 0;
2688         if (!rsa_doit[testnum])
2689             continue;
2690         for (i = 0; i < loopargs_len; i++) {
2691             if (primes > 2) {
2692                 /* we haven't set keys yet,  generate multi-prime RSA keys */
2693                 BIGNUM *bn = BN_new();
2694 
2695                 if (bn == NULL)
2696                     goto end;
2697                 if (!BN_set_word(bn, RSA_F4)) {
2698                     BN_free(bn);
2699                     goto end;
2700                 }
2701 
2702                 BIO_printf(bio_err, "Generate multi-prime RSA key for %s\n",
2703                            rsa_choices[testnum].name);
2704 
2705                 loopargs[i].rsa_key[testnum] = RSA_new();
2706                 if (loopargs[i].rsa_key[testnum] == NULL) {
2707                     BN_free(bn);
2708                     goto end;
2709                 }
2710 
2711                 if (!RSA_generate_multi_prime_key(loopargs[i].rsa_key[testnum],
2712                                                   rsa_bits[testnum],
2713                                                   primes, bn, NULL)) {
2714                     BN_free(bn);
2715                     goto end;
2716                 }
2717                 BN_free(bn);
2718             }
2719             st = RSA_sign(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2720                           &loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2721             if (st == 0)
2722                 break;
2723         }
2724         if (st == 0) {
2725             BIO_printf(bio_err,
2726                        "RSA sign failure.  No RSA sign will be done.\n");
2727             ERR_print_errors(bio_err);
2728             rsa_count = 1;
2729         } else {
2730             pkey_print_message("private", "rsa",
2731                                rsa_c[testnum][0], rsa_bits[testnum],
2732                                seconds.rsa);
2733             /* RSA_blinding_on(rsa_key[testnum],NULL); */
2734             Time_F(START);
2735             count = run_benchmark(async_jobs, RSA_sign_loop, loopargs);
2736             d = Time_F(STOP);
2737             BIO_printf(bio_err,
2738                        mr ? "+R1:%ld:%d:%.2f\n"
2739                        : "%ld %u bits private RSA's in %.2fs\n",
2740                        count, rsa_bits[testnum], d);
2741             rsa_results[testnum][0] = (double)count / d;
2742             rsa_count = count;
2743         }
2744 
2745         for (i = 0; i < loopargs_len; i++) {
2746             st = RSA_verify(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2747                             loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2748             if (st <= 0)
2749                 break;
2750         }
2751         if (st <= 0) {
2752             BIO_printf(bio_err,
2753                        "RSA verify failure.  No RSA verify will be done.\n");
2754             ERR_print_errors(bio_err);
2755             rsa_doit[testnum] = 0;
2756         } else {
2757             pkey_print_message("public", "rsa",
2758                                rsa_c[testnum][1], rsa_bits[testnum],
2759                                seconds.rsa);
2760             Time_F(START);
2761             count = run_benchmark(async_jobs, RSA_verify_loop, loopargs);
2762             d = Time_F(STOP);
2763             BIO_printf(bio_err,
2764                        mr ? "+R2:%ld:%d:%.2f\n"
2765                        : "%ld %u bits public RSA's in %.2fs\n",
2766                        count, rsa_bits[testnum], d);
2767             rsa_results[testnum][1] = (double)count / d;
2768         }
2769 
2770         if (rsa_count <= 1) {
2771             /* if longer than 10s, don't do any more */
2772             for (testnum++; testnum < RSA_NUM; testnum++)
2773                 rsa_doit[testnum] = 0;
2774         }
2775     }
2776 #endif                          /* OPENSSL_NO_RSA */
2777 
2778     for (i = 0; i < loopargs_len; i++)
2779         if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2780             goto end;
2781 
2782 #ifndef OPENSSL_NO_DSA
2783     for (testnum = 0; testnum < DSA_NUM; testnum++) {
2784         int st = 0;
2785         if (!dsa_doit[testnum])
2786             continue;
2787 
2788         /* DSA_generate_key(dsa_key[testnum]); */
2789         /* DSA_sign_setup(dsa_key[testnum],NULL); */
2790         for (i = 0; i < loopargs_len; i++) {
2791             st = DSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
2792                           &loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2793             if (st == 0)
2794                 break;
2795         }
2796         if (st == 0) {
2797             BIO_printf(bio_err,
2798                        "DSA sign failure.  No DSA sign will be done.\n");
2799             ERR_print_errors(bio_err);
2800             rsa_count = 1;
2801         } else {
2802             pkey_print_message("sign", "dsa",
2803                                dsa_c[testnum][0], dsa_bits[testnum],
2804                                seconds.dsa);
2805             Time_F(START);
2806             count = run_benchmark(async_jobs, DSA_sign_loop, loopargs);
2807             d = Time_F(STOP);
2808             BIO_printf(bio_err,
2809                        mr ? "+R3:%ld:%u:%.2f\n"
2810                        : "%ld %u bits DSA signs in %.2fs\n",
2811                        count, dsa_bits[testnum], d);
2812             dsa_results[testnum][0] = (double)count / d;
2813             rsa_count = count;
2814         }
2815 
2816         for (i = 0; i < loopargs_len; i++) {
2817             st = DSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
2818                             loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2819             if (st <= 0)
2820                 break;
2821         }
2822         if (st <= 0) {
2823             BIO_printf(bio_err,
2824                        "DSA verify failure.  No DSA verify will be done.\n");
2825             ERR_print_errors(bio_err);
2826             dsa_doit[testnum] = 0;
2827         } else {
2828             pkey_print_message("verify", "dsa",
2829                                dsa_c[testnum][1], dsa_bits[testnum],
2830                                seconds.dsa);
2831             Time_F(START);
2832             count = run_benchmark(async_jobs, DSA_verify_loop, loopargs);
2833             d = Time_F(STOP);
2834             BIO_printf(bio_err,
2835                        mr ? "+R4:%ld:%u:%.2f\n"
2836                        : "%ld %u bits DSA verify in %.2fs\n",
2837                        count, dsa_bits[testnum], d);
2838             dsa_results[testnum][1] = (double)count / d;
2839         }
2840 
2841         if (rsa_count <= 1) {
2842             /* if longer than 10s, don't do any more */
2843             for (testnum++; testnum < DSA_NUM; testnum++)
2844                 dsa_doit[testnum] = 0;
2845         }
2846     }
2847 #endif                          /* OPENSSL_NO_DSA */
2848 
2849 #ifndef OPENSSL_NO_EC
2850     for (testnum = 0; testnum < ECDSA_NUM; testnum++) {
2851         int st = 1;
2852 
2853         if (!ecdsa_doit[testnum])
2854             continue;           /* Ignore Curve */
2855         for (i = 0; i < loopargs_len; i++) {
2856             loopargs[i].ecdsa[testnum] =
2857                 EC_KEY_new_by_curve_name(test_curves[testnum].nid);
2858             if (loopargs[i].ecdsa[testnum] == NULL) {
2859                 st = 0;
2860                 break;
2861             }
2862         }
2863         if (st == 0) {
2864             BIO_printf(bio_err, "ECDSA failure.\n");
2865             ERR_print_errors(bio_err);
2866             rsa_count = 1;
2867         } else {
2868             for (i = 0; i < loopargs_len; i++) {
2869                 EC_KEY_precompute_mult(loopargs[i].ecdsa[testnum], NULL);
2870                 /* Perform ECDSA signature test */
2871                 EC_KEY_generate_key(loopargs[i].ecdsa[testnum]);
2872                 st = ECDSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
2873                                 &loopargs[i].siglen,
2874                                 loopargs[i].ecdsa[testnum]);
2875                 if (st == 0)
2876                     break;
2877             }
2878             if (st == 0) {
2879                 BIO_printf(bio_err,
2880                            "ECDSA sign failure.  No ECDSA sign will be done.\n");
2881                 ERR_print_errors(bio_err);
2882                 rsa_count = 1;
2883             } else {
2884                 pkey_print_message("sign", "ecdsa",
2885                                    ecdsa_c[testnum][0],
2886                                    test_curves[testnum].bits, seconds.ecdsa);
2887                 Time_F(START);
2888                 count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs);
2889                 d = Time_F(STOP);
2890 
2891                 BIO_printf(bio_err,
2892                            mr ? "+R5:%ld:%u:%.2f\n" :
2893                            "%ld %u bits ECDSA signs in %.2fs \n",
2894                            count, test_curves[testnum].bits, d);
2895                 ecdsa_results[testnum][0] = (double)count / d;
2896                 rsa_count = count;
2897             }
2898 
2899             /* Perform ECDSA verification test */
2900             for (i = 0; i < loopargs_len; i++) {
2901                 st = ECDSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
2902                                   loopargs[i].siglen,
2903                                   loopargs[i].ecdsa[testnum]);
2904                 if (st != 1)
2905                     break;
2906             }
2907             if (st != 1) {
2908                 BIO_printf(bio_err,
2909                            "ECDSA verify failure.  No ECDSA verify will be done.\n");
2910                 ERR_print_errors(bio_err);
2911                 ecdsa_doit[testnum] = 0;
2912             } else {
2913                 pkey_print_message("verify", "ecdsa",
2914                                    ecdsa_c[testnum][1],
2915                                    test_curves[testnum].bits, seconds.ecdsa);
2916                 Time_F(START);
2917                 count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs);
2918                 d = Time_F(STOP);
2919                 BIO_printf(bio_err,
2920                            mr ? "+R6:%ld:%u:%.2f\n"
2921                            : "%ld %u bits ECDSA verify in %.2fs\n",
2922                            count, test_curves[testnum].bits, d);
2923                 ecdsa_results[testnum][1] = (double)count / d;
2924             }
2925 
2926             if (rsa_count <= 1) {
2927                 /* if longer than 10s, don't do any more */
2928                 for (testnum++; testnum < ECDSA_NUM; testnum++)
2929                     ecdsa_doit[testnum] = 0;
2930             }
2931         }
2932     }
2933 
2934     for (testnum = 0; testnum < EC_NUM; testnum++) {
2935         int ecdh_checks = 1;
2936 
2937         if (!ecdh_doit[testnum])
2938             continue;
2939 
2940         for (i = 0; i < loopargs_len; i++) {
2941             EVP_PKEY_CTX *kctx = NULL;
2942             EVP_PKEY_CTX *test_ctx = NULL;
2943             EVP_PKEY_CTX *ctx = NULL;
2944             EVP_PKEY *key_A = NULL;
2945             EVP_PKEY *key_B = NULL;
2946             size_t outlen;
2947             size_t test_outlen;
2948 
2949             /* Ensure that the error queue is empty */
2950             if (ERR_peek_error()) {
2951                 BIO_printf(bio_err,
2952                            "WARNING: the error queue contains previous unhandled errors.\n");
2953                 ERR_print_errors(bio_err);
2954             }
2955 
2956             /* Let's try to create a ctx directly from the NID: this works for
2957              * curves like Curve25519 that are not implemented through the low
2958              * level EC interface.
2959              * If this fails we try creating a EVP_PKEY_EC generic param ctx,
2960              * then we set the curve by NID before deriving the actual keygen
2961              * ctx for that specific curve. */
2962             kctx = EVP_PKEY_CTX_new_id(test_curves[testnum].nid, NULL); /* keygen ctx from NID */
2963             if (!kctx) {
2964                 EVP_PKEY_CTX *pctx = NULL;
2965                 EVP_PKEY *params = NULL;
2966 
2967                 /* If we reach this code EVP_PKEY_CTX_new_id() failed and a
2968                  * "int_ctx_new:unsupported algorithm" error was added to the
2969                  * error queue.
2970                  * We remove it from the error queue as we are handling it. */
2971                 unsigned long error = ERR_peek_error(); /* peek the latest error in the queue */
2972                 if (error == ERR_peek_last_error() && /* oldest and latest errors match */
2973                     /* check that the error origin matches */
2974                     ERR_GET_LIB(error) == ERR_LIB_EVP &&
2975                     ERR_GET_FUNC(error) == EVP_F_INT_CTX_NEW &&
2976                     ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM)
2977                     ERR_get_error(); /* pop error from queue */
2978                 if (ERR_peek_error()) {
2979                     BIO_printf(bio_err,
2980                                "Unhandled error in the error queue during ECDH init.\n");
2981                     ERR_print_errors(bio_err);
2982                     rsa_count = 1;
2983                     break;
2984                 }
2985 
2986                 if (            /* Create the context for parameter generation */
2987                        !(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) ||
2988                        /* Initialise the parameter generation */
2989                        !EVP_PKEY_paramgen_init(pctx) ||
2990                        /* Set the curve by NID */
2991                        !EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
2992                                                                test_curves
2993                                                                [testnum].nid) ||
2994                        /* Create the parameter object params */
2995                        !EVP_PKEY_paramgen(pctx, &params)) {
2996                     ecdh_checks = 0;
2997                     BIO_printf(bio_err, "ECDH EC params init failure.\n");
2998                     ERR_print_errors(bio_err);
2999                     rsa_count = 1;
3000                     break;
3001                 }
3002                 /* Create the context for the key generation */
3003                 kctx = EVP_PKEY_CTX_new(params, NULL);
3004 
3005                 EVP_PKEY_free(params);
3006                 params = NULL;
3007                 EVP_PKEY_CTX_free(pctx);
3008                 pctx = NULL;
3009             }
3010             if (kctx == NULL ||      /* keygen ctx is not null */
3011                 EVP_PKEY_keygen_init(kctx) <= 0/* init keygen ctx */ ) {
3012                 ecdh_checks = 0;
3013                 BIO_printf(bio_err, "ECDH keygen failure.\n");
3014                 ERR_print_errors(bio_err);
3015                 rsa_count = 1;
3016                 break;
3017             }
3018 
3019             if (EVP_PKEY_keygen(kctx, &key_A) <= 0 || /* generate secret key A */
3020                 EVP_PKEY_keygen(kctx, &key_B) <= 0 || /* generate secret key B */
3021                 !(ctx = EVP_PKEY_CTX_new(key_A, NULL)) || /* derivation ctx from skeyA */
3022                 EVP_PKEY_derive_init(ctx) <= 0 || /* init derivation ctx */
3023                 EVP_PKEY_derive_set_peer(ctx, key_B) <= 0 || /* set peer pubkey in ctx */
3024                 EVP_PKEY_derive(ctx, NULL, &outlen) <= 0 || /* determine max length */
3025                 outlen == 0 ||  /* ensure outlen is a valid size */
3026                 outlen > MAX_ECDH_SIZE /* avoid buffer overflow */ ) {
3027                 ecdh_checks = 0;
3028                 BIO_printf(bio_err, "ECDH key generation failure.\n");
3029                 ERR_print_errors(bio_err);
3030                 rsa_count = 1;
3031                 break;
3032             }
3033 
3034             /* Here we perform a test run, comparing the output of a*B and b*A;
3035              * we try this here and assume that further EVP_PKEY_derive calls
3036              * never fail, so we can skip checks in the actually benchmarked
3037              * code, for maximum performance. */
3038             if (!(test_ctx = EVP_PKEY_CTX_new(key_B, NULL)) || /* test ctx from skeyB */
3039                 !EVP_PKEY_derive_init(test_ctx) || /* init derivation test_ctx */
3040                 !EVP_PKEY_derive_set_peer(test_ctx, key_A) || /* set peer pubkey in test_ctx */
3041                 !EVP_PKEY_derive(test_ctx, NULL, &test_outlen) || /* determine max length */
3042                 !EVP_PKEY_derive(ctx, loopargs[i].secret_a, &outlen) || /* compute a*B */
3043                 !EVP_PKEY_derive(test_ctx, loopargs[i].secret_b, &test_outlen) || /* compute b*A */
3044                 test_outlen != outlen /* compare output length */ ) {
3045                 ecdh_checks = 0;
3046                 BIO_printf(bio_err, "ECDH computation failure.\n");
3047                 ERR_print_errors(bio_err);
3048                 rsa_count = 1;
3049                 break;
3050             }
3051 
3052             /* Compare the computation results: CRYPTO_memcmp() returns 0 if equal */
3053             if (CRYPTO_memcmp(loopargs[i].secret_a,
3054                               loopargs[i].secret_b, outlen)) {
3055                 ecdh_checks = 0;
3056                 BIO_printf(bio_err, "ECDH computations don't match.\n");
3057                 ERR_print_errors(bio_err);
3058                 rsa_count = 1;
3059                 break;
3060             }
3061 
3062             loopargs[i].ecdh_ctx[testnum] = ctx;
3063             loopargs[i].outlen[testnum] = outlen;
3064 
3065             EVP_PKEY_free(key_A);
3066             EVP_PKEY_free(key_B);
3067             EVP_PKEY_CTX_free(kctx);
3068             kctx = NULL;
3069             EVP_PKEY_CTX_free(test_ctx);
3070             test_ctx = NULL;
3071         }
3072         if (ecdh_checks != 0) {
3073             pkey_print_message("", "ecdh",
3074                                ecdh_c[testnum][0],
3075                                test_curves[testnum].bits, seconds.ecdh);
3076             Time_F(START);
3077             count =
3078                 run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs);
3079             d = Time_F(STOP);
3080             BIO_printf(bio_err,
3081                        mr ? "+R7:%ld:%d:%.2f\n" :
3082                        "%ld %u-bits ECDH ops in %.2fs\n", count,
3083                        test_curves[testnum].bits, d);
3084             ecdh_results[testnum][0] = (double)count / d;
3085             rsa_count = count;
3086         }
3087 
3088         if (rsa_count <= 1) {
3089             /* if longer than 10s, don't do any more */
3090             for (testnum++; testnum < OSSL_NELEM(ecdh_doit); testnum++)
3091                 ecdh_doit[testnum] = 0;
3092         }
3093     }
3094 
3095     for (testnum = 0; testnum < EdDSA_NUM; testnum++) {
3096         int st = 1;
3097         EVP_PKEY *ed_pkey = NULL;
3098         EVP_PKEY_CTX *ed_pctx = NULL;
3099 
3100         if (!eddsa_doit[testnum])
3101             continue;           /* Ignore Curve */
3102         for (i = 0; i < loopargs_len; i++) {
3103             loopargs[i].eddsa_ctx[testnum] = EVP_MD_CTX_new();
3104             if (loopargs[i].eddsa_ctx[testnum] == NULL) {
3105                 st = 0;
3106                 break;
3107             }
3108 
3109             if ((ed_pctx = EVP_PKEY_CTX_new_id(test_ed_curves[testnum].nid, NULL))
3110                     == NULL
3111                 || EVP_PKEY_keygen_init(ed_pctx) <= 0
3112                 || EVP_PKEY_keygen(ed_pctx, &ed_pkey) <= 0) {
3113                 st = 0;
3114                 EVP_PKEY_CTX_free(ed_pctx);
3115                 break;
3116             }
3117             EVP_PKEY_CTX_free(ed_pctx);
3118 
3119             if (!EVP_DigestSignInit(loopargs[i].eddsa_ctx[testnum], NULL, NULL,
3120                                     NULL, ed_pkey)) {
3121                 st = 0;
3122                 EVP_PKEY_free(ed_pkey);
3123                 break;
3124             }
3125             EVP_PKEY_free(ed_pkey);
3126         }
3127         if (st == 0) {
3128             BIO_printf(bio_err, "EdDSA failure.\n");
3129             ERR_print_errors(bio_err);
3130             rsa_count = 1;
3131         } else {
3132             for (i = 0; i < loopargs_len; i++) {
3133                 /* Perform EdDSA signature test */
3134                 loopargs[i].sigsize = test_ed_curves[testnum].sigsize;
3135                 st = EVP_DigestSign(loopargs[i].eddsa_ctx[testnum],
3136                                     loopargs[i].buf2, &loopargs[i].sigsize,
3137                                     loopargs[i].buf, 20);
3138                 if (st == 0)
3139                     break;
3140             }
3141             if (st == 0) {
3142                 BIO_printf(bio_err,
3143                            "EdDSA sign failure.  No EdDSA sign will be done.\n");
3144                 ERR_print_errors(bio_err);
3145                 rsa_count = 1;
3146             } else {
3147                 pkey_print_message("sign", test_ed_curves[testnum].name,
3148                                    eddsa_c[testnum][0],
3149                                    test_ed_curves[testnum].bits, seconds.eddsa);
3150                 Time_F(START);
3151                 count = run_benchmark(async_jobs, EdDSA_sign_loop, loopargs);
3152                 d = Time_F(STOP);
3153 
3154                 BIO_printf(bio_err,
3155                            mr ? "+R8:%ld:%u:%s:%.2f\n" :
3156                            "%ld %u bits %s signs in %.2fs \n",
3157                            count, test_ed_curves[testnum].bits,
3158                            test_ed_curves[testnum].name, d);
3159                 eddsa_results[testnum][0] = (double)count / d;
3160                 rsa_count = count;
3161             }
3162 
3163             /* Perform EdDSA verification test */
3164             for (i = 0; i < loopargs_len; i++) {
3165                 st = EVP_DigestVerify(loopargs[i].eddsa_ctx[testnum],
3166                                       loopargs[i].buf2, loopargs[i].sigsize,
3167                                       loopargs[i].buf, 20);
3168                 if (st != 1)
3169                     break;
3170             }
3171             if (st != 1) {
3172                 BIO_printf(bio_err,
3173                            "EdDSA verify failure.  No EdDSA verify will be done.\n");
3174                 ERR_print_errors(bio_err);
3175                 eddsa_doit[testnum] = 0;
3176             } else {
3177                 pkey_print_message("verify", test_ed_curves[testnum].name,
3178                                    eddsa_c[testnum][1],
3179                                    test_ed_curves[testnum].bits, seconds.eddsa);
3180                 Time_F(START);
3181                 count = run_benchmark(async_jobs, EdDSA_verify_loop, loopargs);
3182                 d = Time_F(STOP);
3183                 BIO_printf(bio_err,
3184                            mr ? "+R9:%ld:%u:%s:%.2f\n"
3185                            : "%ld %u bits %s verify in %.2fs\n",
3186                            count, test_ed_curves[testnum].bits,
3187                            test_ed_curves[testnum].name, d);
3188                 eddsa_results[testnum][1] = (double)count / d;
3189             }
3190 
3191             if (rsa_count <= 1) {
3192                 /* if longer than 10s, don't do any more */
3193                 for (testnum++; testnum < EdDSA_NUM; testnum++)
3194                     eddsa_doit[testnum] = 0;
3195             }
3196         }
3197     }
3198 
3199 #endif                          /* OPENSSL_NO_EC */
3200 #ifndef NO_FORK
3201  show_res:
3202 #endif
3203     if (!mr) {
3204         printf("%s\n", OpenSSL_version(OPENSSL_VERSION));
3205         printf("%s\n", OpenSSL_version(OPENSSL_BUILT_ON));
3206         printf("options:");
3207         printf("%s ", BN_options());
3208 #ifndef OPENSSL_NO_MD2
3209         printf("%s ", MD2_options());
3210 #endif
3211 #ifndef OPENSSL_NO_RC4
3212         printf("%s ", RC4_options());
3213 #endif
3214 #ifndef OPENSSL_NO_DES
3215         printf("%s ", DES_options());
3216 #endif
3217         printf("%s ", AES_options());
3218 #ifndef OPENSSL_NO_IDEA
3219         printf("%s ", IDEA_options());
3220 #endif
3221 #ifndef OPENSSL_NO_BF
3222         printf("%s ", BF_options());
3223 #endif
3224         printf("\n%s\n", OpenSSL_version(OPENSSL_CFLAGS));
3225     }
3226 
3227     if (pr_header) {
3228         if (mr)
3229             printf("+H");
3230         else {
3231             printf
3232                 ("The 'numbers' are in 1000s of bytes per second processed.\n");
3233             printf("type        ");
3234         }
3235         for (testnum = 0; testnum < size_num; testnum++)
3236             printf(mr ? ":%d" : "%7d bytes", lengths[testnum]);
3237         printf("\n");
3238     }
3239 
3240     for (k = 0; k < ALGOR_NUM; k++) {
3241         if (!doit[k])
3242             continue;
3243         if (mr)
3244             printf("+F:%u:%s", k, names[k]);
3245         else
3246             printf("%-13s", names[k]);
3247         for (testnum = 0; testnum < size_num; testnum++) {
3248             if (results[k][testnum] > 10000 && !mr)
3249                 printf(" %11.2fk", results[k][testnum] / 1e3);
3250             else
3251                 printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]);
3252         }
3253         printf("\n");
3254     }
3255 #ifndef OPENSSL_NO_RSA
3256     testnum = 1;
3257     for (k = 0; k < RSA_NUM; k++) {
3258         if (!rsa_doit[k])
3259             continue;
3260         if (testnum && !mr) {
3261             printf("%18ssign    verify    sign/s verify/s\n", " ");
3262             testnum = 0;
3263         }
3264         if (mr)
3265             printf("+F2:%u:%u:%f:%f\n",
3266                    k, rsa_bits[k], rsa_results[k][0], rsa_results[k][1]);
3267         else
3268             printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3269                    rsa_bits[k], 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1],
3270                    rsa_results[k][0], rsa_results[k][1]);
3271     }
3272 #endif
3273 #ifndef OPENSSL_NO_DSA
3274     testnum = 1;
3275     for (k = 0; k < DSA_NUM; k++) {
3276         if (!dsa_doit[k])
3277             continue;
3278         if (testnum && !mr) {
3279             printf("%18ssign    verify    sign/s verify/s\n", " ");
3280             testnum = 0;
3281         }
3282         if (mr)
3283             printf("+F3:%u:%u:%f:%f\n",
3284                    k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
3285         else
3286             printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3287                    dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1],
3288                    dsa_results[k][0], dsa_results[k][1]);
3289     }
3290 #endif
3291 #ifndef OPENSSL_NO_EC
3292     testnum = 1;
3293     for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) {
3294         if (!ecdsa_doit[k])
3295             continue;
3296         if (testnum && !mr) {
3297             printf("%30ssign    verify    sign/s verify/s\n", " ");
3298             testnum = 0;
3299         }
3300 
3301         if (mr)
3302             printf("+F4:%u:%u:%f:%f\n",
3303                    k, test_curves[k].bits,
3304                    ecdsa_results[k][0], ecdsa_results[k][1]);
3305         else
3306             printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3307                    test_curves[k].bits, test_curves[k].name,
3308                    1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1],
3309                    ecdsa_results[k][0], ecdsa_results[k][1]);
3310     }
3311 
3312     testnum = 1;
3313     for (k = 0; k < EC_NUM; k++) {
3314         if (!ecdh_doit[k])
3315             continue;
3316         if (testnum && !mr) {
3317             printf("%30sop      op/s\n", " ");
3318             testnum = 0;
3319         }
3320         if (mr)
3321             printf("+F5:%u:%u:%f:%f\n",
3322                    k, test_curves[k].bits,
3323                    ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
3324 
3325         else
3326             printf("%4u bits ecdh (%s) %8.4fs %8.1f\n",
3327                    test_curves[k].bits, test_curves[k].name,
3328                    1.0 / ecdh_results[k][0], ecdh_results[k][0]);
3329     }
3330 
3331     testnum = 1;
3332     for (k = 0; k < OSSL_NELEM(eddsa_doit); k++) {
3333         if (!eddsa_doit[k])
3334             continue;
3335         if (testnum && !mr) {
3336             printf("%30ssign    verify    sign/s verify/s\n", " ");
3337             testnum = 0;
3338         }
3339 
3340         if (mr)
3341             printf("+F6:%u:%u:%s:%f:%f\n",
3342                    k, test_ed_curves[k].bits, test_ed_curves[k].name,
3343                    eddsa_results[k][0], eddsa_results[k][1]);
3344         else
3345             printf("%4u bits EdDSA (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3346                    test_ed_curves[k].bits, test_ed_curves[k].name,
3347                    1.0 / eddsa_results[k][0], 1.0 / eddsa_results[k][1],
3348                    eddsa_results[k][0], eddsa_results[k][1]);
3349     }
3350 #endif
3351 
3352     ret = 0;
3353 
3354  end:
3355     ERR_print_errors(bio_err);
3356     for (i = 0; i < loopargs_len; i++) {
3357         OPENSSL_free(loopargs[i].buf_malloc);
3358         OPENSSL_free(loopargs[i].buf2_malloc);
3359 
3360 #ifndef OPENSSL_NO_RSA
3361         for (k = 0; k < RSA_NUM; k++)
3362             RSA_free(loopargs[i].rsa_key[k]);
3363 #endif
3364 #ifndef OPENSSL_NO_DSA
3365         for (k = 0; k < DSA_NUM; k++)
3366             DSA_free(loopargs[i].dsa_key[k]);
3367 #endif
3368 #ifndef OPENSSL_NO_EC
3369         for (k = 0; k < ECDSA_NUM; k++)
3370             EC_KEY_free(loopargs[i].ecdsa[k]);
3371         for (k = 0; k < EC_NUM; k++)
3372             EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]);
3373         for (k = 0; k < EdDSA_NUM; k++)
3374             EVP_MD_CTX_free(loopargs[i].eddsa_ctx[k]);
3375         OPENSSL_free(loopargs[i].secret_a);
3376         OPENSSL_free(loopargs[i].secret_b);
3377 #endif
3378     }
3379 
3380     if (async_jobs > 0) {
3381         for (i = 0; i < loopargs_len; i++)
3382             ASYNC_WAIT_CTX_free(loopargs[i].wait_ctx);
3383     }
3384 
3385     if (async_init) {
3386         ASYNC_cleanup_thread();
3387     }
3388     OPENSSL_free(loopargs);
3389     release_engine(e);
3390     return ret;
3391 }
3392 
3393 static void print_message(const char *s, long num, int length, int tm)
3394 {
3395 #ifdef SIGALRM
3396     BIO_printf(bio_err,
3397                mr ? "+DT:%s:%d:%d\n"
3398                : "Doing %s for %ds on %d size blocks: ", s, tm, length);
3399     (void)BIO_flush(bio_err);
3400     run = 1;
3401     alarm(tm);
3402 #else
3403     BIO_printf(bio_err,
3404                mr ? "+DN:%s:%ld:%d\n"
3405                : "Doing %s %ld times on %d size blocks: ", s, num, length);
3406     (void)BIO_flush(bio_err);
3407 #endif
3408 }
3409 
3410 static void pkey_print_message(const char *str, const char *str2, long num,
3411                                unsigned int bits, int tm)
3412 {
3413 #ifdef SIGALRM
3414     BIO_printf(bio_err,
3415                mr ? "+DTP:%d:%s:%s:%d\n"
3416                : "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm);
3417     (void)BIO_flush(bio_err);
3418     run = 1;
3419     alarm(tm);
3420 #else
3421     BIO_printf(bio_err,
3422                mr ? "+DNP:%ld:%d:%s:%s\n"
3423                : "Doing %ld %u bits %s %s's: ", num, bits, str, str2);
3424     (void)BIO_flush(bio_err);
3425 #endif
3426 }
3427 
3428 static void print_result(int alg, int run_no, int count, double time_used)
3429 {
3430     if (count == -1) {
3431         BIO_puts(bio_err, "EVP error!\n");
3432         exit(1);
3433     }
3434     BIO_printf(bio_err,
3435                mr ? "+R:%d:%s:%f\n"
3436                : "%d %s's in %.2fs\n", count, names[alg], time_used);
3437     results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
3438 }
3439 
3440 #ifndef NO_FORK
3441 static char *sstrsep(char **string, const char *delim)
3442 {
3443     char isdelim[256];
3444     char *token = *string;
3445 
3446     if (**string == 0)
3447         return NULL;
3448 
3449     memset(isdelim, 0, sizeof(isdelim));
3450     isdelim[0] = 1;
3451 
3452     while (*delim) {
3453         isdelim[(unsigned char)(*delim)] = 1;
3454         delim++;
3455     }
3456 
3457     while (!isdelim[(unsigned char)(**string)]) {
3458         (*string)++;
3459     }
3460 
3461     if (**string) {
3462         **string = 0;
3463         (*string)++;
3464     }
3465 
3466     return token;
3467 }
3468 
3469 static int do_multi(int multi, int size_num)
3470 {
3471     int n;
3472     int fd[2];
3473     int *fds;
3474     static char sep[] = ":";
3475 
3476     fds = app_malloc(sizeof(*fds) * multi, "fd buffer for do_multi");
3477     for (n = 0; n < multi; ++n) {
3478         if (pipe(fd) == -1) {
3479             BIO_printf(bio_err, "pipe failure\n");
3480             exit(1);
3481         }
3482         fflush(stdout);
3483         (void)BIO_flush(bio_err);
3484         if (fork()) {
3485             close(fd[1]);
3486             fds[n] = fd[0];
3487         } else {
3488             close(fd[0]);
3489             close(1);
3490             if (dup(fd[1]) == -1) {
3491                 BIO_printf(bio_err, "dup failed\n");
3492                 exit(1);
3493             }
3494             close(fd[1]);
3495             mr = 1;
3496             usertime = 0;
3497             OPENSSL_free(fds);
3498             return 0;
3499         }
3500         printf("Forked child %d\n", n);
3501     }
3502 
3503     /* for now, assume the pipe is long enough to take all the output */
3504     for (n = 0; n < multi; ++n) {
3505         FILE *f;
3506         char buf[1024];
3507         char *p;
3508 
3509         f = fdopen(fds[n], "r");
3510         while (fgets(buf, sizeof(buf), f)) {
3511             p = strchr(buf, '\n');
3512             if (p)
3513                 *p = '\0';
3514             if (buf[0] != '+') {
3515                 BIO_printf(bio_err,
3516                            "Don't understand line '%s' from child %d\n", buf,
3517                            n);
3518                 continue;
3519             }
3520             printf("Got: %s from %d\n", buf, n);
3521             if (strncmp(buf, "+F:", 3) == 0) {
3522                 int alg;
3523                 int j;
3524 
3525                 p = buf + 3;
3526                 alg = atoi(sstrsep(&p, sep));
3527                 sstrsep(&p, sep);
3528                 for (j = 0; j < size_num; ++j)
3529                     results[alg][j] += atof(sstrsep(&p, sep));
3530             } else if (strncmp(buf, "+F2:", 4) == 0) {
3531                 int k;
3532                 double d;
3533 
3534                 p = buf + 4;
3535                 k = atoi(sstrsep(&p, sep));
3536                 sstrsep(&p, sep);
3537 
3538                 d = atof(sstrsep(&p, sep));
3539                 rsa_results[k][0] += d;
3540 
3541                 d = atof(sstrsep(&p, sep));
3542                 rsa_results[k][1] += d;
3543             }
3544 # ifndef OPENSSL_NO_DSA
3545             else if (strncmp(buf, "+F3:", 4) == 0) {
3546                 int k;
3547                 double d;
3548 
3549                 p = buf + 4;
3550                 k = atoi(sstrsep(&p, sep));
3551                 sstrsep(&p, sep);
3552 
3553                 d = atof(sstrsep(&p, sep));
3554                 dsa_results[k][0] += d;
3555 
3556                 d = atof(sstrsep(&p, sep));
3557                 dsa_results[k][1] += d;
3558             }
3559 # endif
3560 # ifndef OPENSSL_NO_EC
3561             else if (strncmp(buf, "+F4:", 4) == 0) {
3562                 int k;
3563                 double d;
3564 
3565                 p = buf + 4;
3566                 k = atoi(sstrsep(&p, sep));
3567                 sstrsep(&p, sep);
3568 
3569                 d = atof(sstrsep(&p, sep));
3570                 ecdsa_results[k][0] += d;
3571 
3572                 d = atof(sstrsep(&p, sep));
3573                 ecdsa_results[k][1] += d;
3574             } else if (strncmp(buf, "+F5:", 4) == 0) {
3575                 int k;
3576                 double d;
3577 
3578                 p = buf + 4;
3579                 k = atoi(sstrsep(&p, sep));
3580                 sstrsep(&p, sep);
3581 
3582                 d = atof(sstrsep(&p, sep));
3583                 ecdh_results[k][0] += d;
3584             } else if (strncmp(buf, "+F6:", 4) == 0) {
3585                 int k;
3586                 double d;
3587 
3588                 p = buf + 4;
3589                 k = atoi(sstrsep(&p, sep));
3590                 sstrsep(&p, sep);
3591                 sstrsep(&p, sep);
3592 
3593                 d = atof(sstrsep(&p, sep));
3594                 eddsa_results[k][0] += d;
3595 
3596                 d = atof(sstrsep(&p, sep));
3597                 eddsa_results[k][1] += d;
3598             }
3599 # endif
3600 
3601             else if (strncmp(buf, "+H:", 3) == 0) {
3602                 ;
3603             } else
3604                 BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf,
3605                            n);
3606         }
3607 
3608         fclose(f);
3609     }
3610     OPENSSL_free(fds);
3611     return 1;
3612 }
3613 #endif
3614 
3615 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
3616                              const openssl_speed_sec_t *seconds)
3617 {
3618     static const int mblengths_list[] =
3619         { 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 };
3620     const int *mblengths = mblengths_list;
3621     int j, count, keylen, num = OSSL_NELEM(mblengths_list);
3622     const char *alg_name;
3623     unsigned char *inp, *out, *key, no_key[32], no_iv[16];
3624     EVP_CIPHER_CTX *ctx;
3625     double d = 0.0;
3626 
3627     if (lengths_single) {
3628         mblengths = &lengths_single;
3629         num = 1;
3630     }
3631 
3632     inp = app_malloc(mblengths[num - 1], "multiblock input buffer");
3633     out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer");
3634     ctx = EVP_CIPHER_CTX_new();
3635     EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv);
3636 
3637     keylen = EVP_CIPHER_CTX_key_length(ctx);
3638     key = app_malloc(keylen, "evp_cipher key");
3639     EVP_CIPHER_CTX_rand_key(ctx, key);
3640     EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
3641     OPENSSL_clear_free(key, keylen);
3642 
3643     EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key), no_key);
3644     alg_name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
3645 
3646     for (j = 0; j < num; j++) {
3647         print_message(alg_name, 0, mblengths[j], seconds->sym);
3648         Time_F(START);
3649         for (count = 0; run && count < 0x7fffffff; count++) {
3650             unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
3651             EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
3652             size_t len = mblengths[j];
3653             int packlen;
3654 
3655             memset(aad, 0, 8);  /* avoid uninitialized values */
3656             aad[8] = 23;        /* SSL3_RT_APPLICATION_DATA */
3657             aad[9] = 3;         /* version */
3658             aad[10] = 2;
3659             aad[11] = 0;        /* length */
3660             aad[12] = 0;
3661             mb_param.out = NULL;
3662             mb_param.inp = aad;
3663             mb_param.len = len;
3664             mb_param.interleave = 8;
3665 
3666             packlen = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
3667                                           sizeof(mb_param), &mb_param);
3668 
3669             if (packlen > 0) {
3670                 mb_param.out = out;
3671                 mb_param.inp = inp;
3672                 mb_param.len = len;
3673                 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
3674                                     sizeof(mb_param), &mb_param);
3675             } else {
3676                 int pad;
3677 
3678                 RAND_bytes(out, 16);
3679                 len += 16;
3680                 aad[11] = (unsigned char)(len >> 8);
3681                 aad[12] = (unsigned char)(len);
3682                 pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD,
3683                                           EVP_AEAD_TLS1_AAD_LEN, aad);
3684                 EVP_Cipher(ctx, out, inp, len + pad);
3685             }
3686         }
3687         d = Time_F(STOP);
3688         BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n"
3689                    : "%d %s's in %.2fs\n", count, "evp", d);
3690         results[D_EVP][j] = ((double)count) / d * mblengths[j];
3691     }
3692 
3693     if (mr) {
3694         fprintf(stdout, "+H");
3695         for (j = 0; j < num; j++)
3696             fprintf(stdout, ":%d", mblengths[j]);
3697         fprintf(stdout, "\n");
3698         fprintf(stdout, "+F:%d:%s", D_EVP, alg_name);
3699         for (j = 0; j < num; j++)
3700             fprintf(stdout, ":%.2f", results[D_EVP][j]);
3701         fprintf(stdout, "\n");
3702     } else {
3703         fprintf(stdout,
3704                 "The 'numbers' are in 1000s of bytes per second processed.\n");
3705         fprintf(stdout, "type                    ");
3706         for (j = 0; j < num; j++)
3707             fprintf(stdout, "%7d bytes", mblengths[j]);
3708         fprintf(stdout, "\n");
3709         fprintf(stdout, "%-24s", alg_name);
3710 
3711         for (j = 0; j < num; j++) {
3712             if (results[D_EVP][j] > 10000)
3713                 fprintf(stdout, " %11.2fk", results[D_EVP][j] / 1e3);
3714             else
3715                 fprintf(stdout, " %11.2f ", results[D_EVP][j]);
3716         }
3717         fprintf(stdout, "\n");
3718     }
3719 
3720     OPENSSL_free(inp);
3721     OPENSSL_free(out);
3722     EVP_CIPHER_CTX_free(ctx);
3723 }
3724