xref: /freebsd/crypto/openssl/apps/speed.c (revision 6be3386466ab79a84b48429ae66244f21526d3df)
1 /*
2  * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
3  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
4  *
5  * Licensed under the OpenSSL license (the "License").  You may not use
6  * this file except in compliance with the License.  You can obtain a copy
7  * in the file LICENSE in the source distribution or at
8  * https://www.openssl.org/source/license.html
9  */
10 
11 #undef SECONDS
12 #define SECONDS                 3
13 #define RSA_SECONDS             10
14 #define DSA_SECONDS             10
15 #define ECDSA_SECONDS   10
16 #define ECDH_SECONDS    10
17 #define EdDSA_SECONDS   10
18 
19 #include <stdio.h>
20 #include <stdlib.h>
21 #include <string.h>
22 #include <math.h>
23 #include "apps.h"
24 #include "progs.h"
25 #include <openssl/crypto.h>
26 #include <openssl/rand.h>
27 #include <openssl/err.h>
28 #include <openssl/evp.h>
29 #include <openssl/objects.h>
30 #include <openssl/async.h>
31 #if !defined(OPENSSL_SYS_MSDOS)
32 # include OPENSSL_UNISTD
33 #endif
34 
35 #if defined(_WIN32)
36 # include <windows.h>
37 #endif
38 
39 #include <openssl/bn.h>
40 #ifndef OPENSSL_NO_DES
41 # include <openssl/des.h>
42 #endif
43 #include <openssl/aes.h>
44 #ifndef OPENSSL_NO_CAMELLIA
45 # include <openssl/camellia.h>
46 #endif
47 #ifndef OPENSSL_NO_MD2
48 # include <openssl/md2.h>
49 #endif
50 #ifndef OPENSSL_NO_MDC2
51 # include <openssl/mdc2.h>
52 #endif
53 #ifndef OPENSSL_NO_MD4
54 # include <openssl/md4.h>
55 #endif
56 #ifndef OPENSSL_NO_MD5
57 # include <openssl/md5.h>
58 #endif
59 #include <openssl/hmac.h>
60 #include <openssl/sha.h>
61 #ifndef OPENSSL_NO_RMD160
62 # include <openssl/ripemd.h>
63 #endif
64 #ifndef OPENSSL_NO_WHIRLPOOL
65 # include <openssl/whrlpool.h>
66 #endif
67 #ifndef OPENSSL_NO_RC4
68 # include <openssl/rc4.h>
69 #endif
70 #ifndef OPENSSL_NO_RC5
71 # include <openssl/rc5.h>
72 #endif
73 #ifndef OPENSSL_NO_RC2
74 # include <openssl/rc2.h>
75 #endif
76 #ifndef OPENSSL_NO_IDEA
77 # include <openssl/idea.h>
78 #endif
79 #ifndef OPENSSL_NO_SEED
80 # include <openssl/seed.h>
81 #endif
82 #ifndef OPENSSL_NO_BF
83 # include <openssl/blowfish.h>
84 #endif
85 #ifndef OPENSSL_NO_CAST
86 # include <openssl/cast.h>
87 #endif
88 #ifndef OPENSSL_NO_RSA
89 # include <openssl/rsa.h>
90 # include "./testrsa.h"
91 #endif
92 #include <openssl/x509.h>
93 #ifndef OPENSSL_NO_DSA
94 # include <openssl/dsa.h>
95 # include "./testdsa.h"
96 #endif
97 #ifndef OPENSSL_NO_EC
98 # include <openssl/ec.h>
99 #endif
100 #include <openssl/modes.h>
101 
102 #ifndef HAVE_FORK
103 # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS)
104 #  define HAVE_FORK 0
105 # else
106 #  define HAVE_FORK 1
107 # endif
108 #endif
109 
110 #if HAVE_FORK
111 # undef NO_FORK
112 #else
113 # define NO_FORK
114 #endif
115 
116 #define MAX_MISALIGNMENT 63
117 #define MAX_ECDH_SIZE   256
118 #define MISALIGN        64
119 
120 typedef struct openssl_speed_sec_st {
121     int sym;
122     int rsa;
123     int dsa;
124     int ecdsa;
125     int ecdh;
126     int eddsa;
127 } openssl_speed_sec_t;
128 
129 static volatile int run = 0;
130 
131 static int mr = 0;
132 static int usertime = 1;
133 
134 #ifndef OPENSSL_NO_MD2
135 static int EVP_Digest_MD2_loop(void *args);
136 #endif
137 
138 #ifndef OPENSSL_NO_MDC2
139 static int EVP_Digest_MDC2_loop(void *args);
140 #endif
141 #ifndef OPENSSL_NO_MD4
142 static int EVP_Digest_MD4_loop(void *args);
143 #endif
144 #ifndef OPENSSL_NO_MD5
145 static int MD5_loop(void *args);
146 static int HMAC_loop(void *args);
147 #endif
148 static int SHA1_loop(void *args);
149 static int SHA256_loop(void *args);
150 static int SHA512_loop(void *args);
151 #ifndef OPENSSL_NO_WHIRLPOOL
152 static int WHIRLPOOL_loop(void *args);
153 #endif
154 #ifndef OPENSSL_NO_RMD160
155 static int EVP_Digest_RMD160_loop(void *args);
156 #endif
157 #ifndef OPENSSL_NO_RC4
158 static int RC4_loop(void *args);
159 #endif
160 #ifndef OPENSSL_NO_DES
161 static int DES_ncbc_encrypt_loop(void *args);
162 static int DES_ede3_cbc_encrypt_loop(void *args);
163 #endif
164 static int AES_cbc_128_encrypt_loop(void *args);
165 static int AES_cbc_192_encrypt_loop(void *args);
166 static int AES_ige_128_encrypt_loop(void *args);
167 static int AES_cbc_256_encrypt_loop(void *args);
168 static int AES_ige_192_encrypt_loop(void *args);
169 static int AES_ige_256_encrypt_loop(void *args);
170 static int CRYPTO_gcm128_aad_loop(void *args);
171 static int RAND_bytes_loop(void *args);
172 static int EVP_Update_loop(void *args);
173 static int EVP_Update_loop_ccm(void *args);
174 static int EVP_Update_loop_aead(void *args);
175 static int EVP_Digest_loop(void *args);
176 #ifndef OPENSSL_NO_RSA
177 static int RSA_sign_loop(void *args);
178 static int RSA_verify_loop(void *args);
179 #endif
180 #ifndef OPENSSL_NO_DSA
181 static int DSA_sign_loop(void *args);
182 static int DSA_verify_loop(void *args);
183 #endif
184 #ifndef OPENSSL_NO_EC
185 static int ECDSA_sign_loop(void *args);
186 static int ECDSA_verify_loop(void *args);
187 static int EdDSA_sign_loop(void *args);
188 static int EdDSA_verify_loop(void *args);
189 #endif
190 
191 static double Time_F(int s);
192 static void print_message(const char *s, long num, int length, int tm);
193 static void pkey_print_message(const char *str, const char *str2,
194                                long num, unsigned int bits, int sec);
195 static void print_result(int alg, int run_no, int count, double time_used);
196 #ifndef NO_FORK
197 static int do_multi(int multi, int size_num);
198 #endif
199 
200 static const int lengths_list[] = {
201     16, 64, 256, 1024, 8 * 1024, 16 * 1024
202 };
203 static const int *lengths = lengths_list;
204 
205 static const int aead_lengths_list[] = {
206     2, 31, 136, 1024, 8 * 1024, 16 * 1024
207 };
208 
209 #define START   0
210 #define STOP    1
211 
212 #ifdef SIGALRM
213 
214 static void alarmed(int sig)
215 {
216     signal(SIGALRM, alarmed);
217     run = 0;
218 }
219 
220 static double Time_F(int s)
221 {
222     double ret = app_tminterval(s, usertime);
223     if (s == STOP)
224         alarm(0);
225     return ret;
226 }
227 
228 #elif defined(_WIN32)
229 
230 # define SIGALRM -1
231 
232 static unsigned int lapse;
233 static volatile unsigned int schlock;
234 static void alarm_win32(unsigned int secs)
235 {
236     lapse = secs * 1000;
237 }
238 
239 # define alarm alarm_win32
240 
241 static DWORD WINAPI sleepy(VOID * arg)
242 {
243     schlock = 1;
244     Sleep(lapse);
245     run = 0;
246     return 0;
247 }
248 
249 static double Time_F(int s)
250 {
251     double ret;
252     static HANDLE thr;
253 
254     if (s == START) {
255         schlock = 0;
256         thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
257         if (thr == NULL) {
258             DWORD err = GetLastError();
259             BIO_printf(bio_err, "unable to CreateThread (%lu)", err);
260             ExitProcess(err);
261         }
262         while (!schlock)
263             Sleep(0);           /* scheduler spinlock */
264         ret = app_tminterval(s, usertime);
265     } else {
266         ret = app_tminterval(s, usertime);
267         if (run)
268             TerminateThread(thr, 0);
269         CloseHandle(thr);
270     }
271 
272     return ret;
273 }
274 #else
275 static double Time_F(int s)
276 {
277     return app_tminterval(s, usertime);
278 }
279 #endif
280 
281 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
282                              const openssl_speed_sec_t *seconds);
283 
284 #define found(value, pairs, result)\
285     opt_found(value, result, pairs, OSSL_NELEM(pairs))
286 static int opt_found(const char *name, unsigned int *result,
287                      const OPT_PAIR pairs[], unsigned int nbelem)
288 {
289     unsigned int idx;
290 
291     for (idx = 0; idx < nbelem; ++idx, pairs++)
292         if (strcmp(name, pairs->name) == 0) {
293             *result = pairs->retval;
294             return 1;
295         }
296     return 0;
297 }
298 
299 typedef enum OPTION_choice {
300     OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
301     OPT_ELAPSED, OPT_EVP, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
302     OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM,
303     OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD
304 } OPTION_CHOICE;
305 
306 const OPTIONS speed_options[] = {
307     {OPT_HELP_STR, 1, '-', "Usage: %s [options] ciphers...\n"},
308     {OPT_HELP_STR, 1, '-', "Valid options are:\n"},
309     {"help", OPT_HELP, '-', "Display this summary"},
310     {"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"},
311     {"decrypt", OPT_DECRYPT, '-',
312      "Time decryption instead of encryption (only EVP)"},
313     {"aead", OPT_AEAD, '-',
314      "Benchmark EVP-named AEAD cipher in TLS-like sequence"},
315     {"mb", OPT_MB, '-',
316      "Enable (tls1>=1) multi-block mode on EVP-named cipher"},
317     {"mr", OPT_MR, '-', "Produce machine readable output"},
318 #ifndef NO_FORK
319     {"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"},
320 #endif
321 #ifndef OPENSSL_NO_ASYNC
322     {"async_jobs", OPT_ASYNCJOBS, 'p',
323      "Enable async mode and start specified number of jobs"},
324 #endif
325     OPT_R_OPTIONS,
326 #ifndef OPENSSL_NO_ENGINE
327     {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
328 #endif
329     {"elapsed", OPT_ELAPSED, '-',
330      "Use wall-clock time instead of CPU user time as divisor"},
331     {"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"},
332     {"seconds", OPT_SECONDS, 'p',
333      "Run benchmarks for specified amount of seconds"},
334     {"bytes", OPT_BYTES, 'p',
335      "Run [non-PKI] benchmarks on custom-sized buffer"},
336     {"misalign", OPT_MISALIGN, 'p',
337      "Use specified offset to mis-align buffers"},
338     {NULL}
339 };
340 
341 #define D_MD2           0
342 #define D_MDC2          1
343 #define D_MD4           2
344 #define D_MD5           3
345 #define D_HMAC          4
346 #define D_SHA1          5
347 #define D_RMD160        6
348 #define D_RC4           7
349 #define D_CBC_DES       8
350 #define D_EDE3_DES      9
351 #define D_CBC_IDEA      10
352 #define D_CBC_SEED      11
353 #define D_CBC_RC2       12
354 #define D_CBC_RC5       13
355 #define D_CBC_BF        14
356 #define D_CBC_CAST      15
357 #define D_CBC_128_AES   16
358 #define D_CBC_192_AES   17
359 #define D_CBC_256_AES   18
360 #define D_CBC_128_CML   19
361 #define D_CBC_192_CML   20
362 #define D_CBC_256_CML   21
363 #define D_EVP           22
364 #define D_SHA256        23
365 #define D_SHA512        24
366 #define D_WHIRLPOOL     25
367 #define D_IGE_128_AES   26
368 #define D_IGE_192_AES   27
369 #define D_IGE_256_AES   28
370 #define D_GHASH         29
371 #define D_RAND          30
372 /* name of algorithms to test */
373 static const char *names[] = {
374     "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
375     "des cbc", "des ede3", "idea cbc", "seed cbc",
376     "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
377     "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
378     "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
379     "evp", "sha256", "sha512", "whirlpool",
380     "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
381     "rand"
382 };
383 #define ALGOR_NUM       OSSL_NELEM(names)
384 
385 /* list of configured algorithm (remaining) */
386 static const OPT_PAIR doit_choices[] = {
387 #ifndef OPENSSL_NO_MD2
388     {"md2", D_MD2},
389 #endif
390 #ifndef OPENSSL_NO_MDC2
391     {"mdc2", D_MDC2},
392 #endif
393 #ifndef OPENSSL_NO_MD4
394     {"md4", D_MD4},
395 #endif
396 #ifndef OPENSSL_NO_MD5
397     {"md5", D_MD5},
398     {"hmac", D_HMAC},
399 #endif
400     {"sha1", D_SHA1},
401     {"sha256", D_SHA256},
402     {"sha512", D_SHA512},
403 #ifndef OPENSSL_NO_WHIRLPOOL
404     {"whirlpool", D_WHIRLPOOL},
405 #endif
406 #ifndef OPENSSL_NO_RMD160
407     {"ripemd", D_RMD160},
408     {"rmd160", D_RMD160},
409     {"ripemd160", D_RMD160},
410 #endif
411 #ifndef OPENSSL_NO_RC4
412     {"rc4", D_RC4},
413 #endif
414 #ifndef OPENSSL_NO_DES
415     {"des-cbc", D_CBC_DES},
416     {"des-ede3", D_EDE3_DES},
417 #endif
418     {"aes-128-cbc", D_CBC_128_AES},
419     {"aes-192-cbc", D_CBC_192_AES},
420     {"aes-256-cbc", D_CBC_256_AES},
421     {"aes-128-ige", D_IGE_128_AES},
422     {"aes-192-ige", D_IGE_192_AES},
423     {"aes-256-ige", D_IGE_256_AES},
424 #ifndef OPENSSL_NO_RC2
425     {"rc2-cbc", D_CBC_RC2},
426     {"rc2", D_CBC_RC2},
427 #endif
428 #ifndef OPENSSL_NO_RC5
429     {"rc5-cbc", D_CBC_RC5},
430     {"rc5", D_CBC_RC5},
431 #endif
432 #ifndef OPENSSL_NO_IDEA
433     {"idea-cbc", D_CBC_IDEA},
434     {"idea", D_CBC_IDEA},
435 #endif
436 #ifndef OPENSSL_NO_SEED
437     {"seed-cbc", D_CBC_SEED},
438     {"seed", D_CBC_SEED},
439 #endif
440 #ifndef OPENSSL_NO_BF
441     {"bf-cbc", D_CBC_BF},
442     {"blowfish", D_CBC_BF},
443     {"bf", D_CBC_BF},
444 #endif
445 #ifndef OPENSSL_NO_CAST
446     {"cast-cbc", D_CBC_CAST},
447     {"cast", D_CBC_CAST},
448     {"cast5", D_CBC_CAST},
449 #endif
450     {"ghash", D_GHASH},
451     {"rand", D_RAND}
452 };
453 
454 static double results[ALGOR_NUM][OSSL_NELEM(lengths_list)];
455 
456 #ifndef OPENSSL_NO_DSA
457 # define R_DSA_512       0
458 # define R_DSA_1024      1
459 # define R_DSA_2048      2
460 static const OPT_PAIR dsa_choices[] = {
461     {"dsa512", R_DSA_512},
462     {"dsa1024", R_DSA_1024},
463     {"dsa2048", R_DSA_2048}
464 };
465 # define DSA_NUM         OSSL_NELEM(dsa_choices)
466 
467 static double dsa_results[DSA_NUM][2];  /* 2 ops: sign then verify */
468 #endif  /* OPENSSL_NO_DSA */
469 
470 #define R_RSA_512       0
471 #define R_RSA_1024      1
472 #define R_RSA_2048      2
473 #define R_RSA_3072      3
474 #define R_RSA_4096      4
475 #define R_RSA_7680      5
476 #define R_RSA_15360     6
477 #ifndef OPENSSL_NO_RSA
478 static const OPT_PAIR rsa_choices[] = {
479     {"rsa512", R_RSA_512},
480     {"rsa1024", R_RSA_1024},
481     {"rsa2048", R_RSA_2048},
482     {"rsa3072", R_RSA_3072},
483     {"rsa4096", R_RSA_4096},
484     {"rsa7680", R_RSA_7680},
485     {"rsa15360", R_RSA_15360}
486 };
487 # define RSA_NUM OSSL_NELEM(rsa_choices)
488 
489 static double rsa_results[RSA_NUM][2];  /* 2 ops: sign then verify */
490 #endif /* OPENSSL_NO_RSA */
491 
492 enum {
493     R_EC_P160,
494     R_EC_P192,
495     R_EC_P224,
496     R_EC_P256,
497     R_EC_P384,
498     R_EC_P521,
499 #ifndef OPENSSL_NO_EC2M
500     R_EC_K163,
501     R_EC_K233,
502     R_EC_K283,
503     R_EC_K409,
504     R_EC_K571,
505     R_EC_B163,
506     R_EC_B233,
507     R_EC_B283,
508     R_EC_B409,
509     R_EC_B571,
510 #endif
511     R_EC_BRP256R1,
512     R_EC_BRP256T1,
513     R_EC_BRP384R1,
514     R_EC_BRP384T1,
515     R_EC_BRP512R1,
516     R_EC_BRP512T1,
517     R_EC_X25519,
518     R_EC_X448
519 };
520 
521 #ifndef OPENSSL_NO_EC
522 static OPT_PAIR ecdsa_choices[] = {
523     {"ecdsap160", R_EC_P160},
524     {"ecdsap192", R_EC_P192},
525     {"ecdsap224", R_EC_P224},
526     {"ecdsap256", R_EC_P256},
527     {"ecdsap384", R_EC_P384},
528     {"ecdsap521", R_EC_P521},
529 # ifndef OPENSSL_NO_EC2M
530     {"ecdsak163", R_EC_K163},
531     {"ecdsak233", R_EC_K233},
532     {"ecdsak283", R_EC_K283},
533     {"ecdsak409", R_EC_K409},
534     {"ecdsak571", R_EC_K571},
535     {"ecdsab163", R_EC_B163},
536     {"ecdsab233", R_EC_B233},
537     {"ecdsab283", R_EC_B283},
538     {"ecdsab409", R_EC_B409},
539     {"ecdsab571", R_EC_B571},
540 # endif
541     {"ecdsabrp256r1", R_EC_BRP256R1},
542     {"ecdsabrp256t1", R_EC_BRP256T1},
543     {"ecdsabrp384r1", R_EC_BRP384R1},
544     {"ecdsabrp384t1", R_EC_BRP384T1},
545     {"ecdsabrp512r1", R_EC_BRP512R1},
546     {"ecdsabrp512t1", R_EC_BRP512T1}
547 };
548 # define ECDSA_NUM       OSSL_NELEM(ecdsa_choices)
549 
550 static double ecdsa_results[ECDSA_NUM][2];    /* 2 ops: sign then verify */
551 
552 static const OPT_PAIR ecdh_choices[] = {
553     {"ecdhp160", R_EC_P160},
554     {"ecdhp192", R_EC_P192},
555     {"ecdhp224", R_EC_P224},
556     {"ecdhp256", R_EC_P256},
557     {"ecdhp384", R_EC_P384},
558     {"ecdhp521", R_EC_P521},
559 # ifndef OPENSSL_NO_EC2M
560     {"ecdhk163", R_EC_K163},
561     {"ecdhk233", R_EC_K233},
562     {"ecdhk283", R_EC_K283},
563     {"ecdhk409", R_EC_K409},
564     {"ecdhk571", R_EC_K571},
565     {"ecdhb163", R_EC_B163},
566     {"ecdhb233", R_EC_B233},
567     {"ecdhb283", R_EC_B283},
568     {"ecdhb409", R_EC_B409},
569     {"ecdhb571", R_EC_B571},
570 # endif
571     {"ecdhbrp256r1", R_EC_BRP256R1},
572     {"ecdhbrp256t1", R_EC_BRP256T1},
573     {"ecdhbrp384r1", R_EC_BRP384R1},
574     {"ecdhbrp384t1", R_EC_BRP384T1},
575     {"ecdhbrp512r1", R_EC_BRP512R1},
576     {"ecdhbrp512t1", R_EC_BRP512T1},
577     {"ecdhx25519", R_EC_X25519},
578     {"ecdhx448", R_EC_X448}
579 };
580 # define EC_NUM       OSSL_NELEM(ecdh_choices)
581 
582 static double ecdh_results[EC_NUM][1];  /* 1 op: derivation */
583 
584 #define R_EC_Ed25519    0
585 #define R_EC_Ed448      1
586 static OPT_PAIR eddsa_choices[] = {
587     {"ed25519", R_EC_Ed25519},
588     {"ed448", R_EC_Ed448}
589 };
590 # define EdDSA_NUM       OSSL_NELEM(eddsa_choices)
591 
592 static double eddsa_results[EdDSA_NUM][2];    /* 2 ops: sign then verify */
593 #endif /* OPENSSL_NO_EC */
594 
595 #ifndef SIGALRM
596 # define COND(d) (count < (d))
597 # define COUNT(d) (d)
598 #else
599 # define COND(unused_cond) (run && count<0x7fffffff)
600 # define COUNT(d) (count)
601 #endif                          /* SIGALRM */
602 
603 typedef struct loopargs_st {
604     ASYNC_JOB *inprogress_job;
605     ASYNC_WAIT_CTX *wait_ctx;
606     unsigned char *buf;
607     unsigned char *buf2;
608     unsigned char *buf_malloc;
609     unsigned char *buf2_malloc;
610     unsigned char *key;
611     unsigned int siglen;
612     size_t sigsize;
613 #ifndef OPENSSL_NO_RSA
614     RSA *rsa_key[RSA_NUM];
615 #endif
616 #ifndef OPENSSL_NO_DSA
617     DSA *dsa_key[DSA_NUM];
618 #endif
619 #ifndef OPENSSL_NO_EC
620     EC_KEY *ecdsa[ECDSA_NUM];
621     EVP_PKEY_CTX *ecdh_ctx[EC_NUM];
622     EVP_MD_CTX *eddsa_ctx[EdDSA_NUM];
623     unsigned char *secret_a;
624     unsigned char *secret_b;
625     size_t outlen[EC_NUM];
626 #endif
627     EVP_CIPHER_CTX *ctx;
628     HMAC_CTX *hctx;
629     GCM128_CONTEXT *gcm_ctx;
630 } loopargs_t;
631 static int run_benchmark(int async_jobs, int (*loop_function) (void *),
632                          loopargs_t * loopargs);
633 
634 static unsigned int testnum;
635 
636 /* Nb of iterations to do per algorithm and key-size */
637 static long c[ALGOR_NUM][OSSL_NELEM(lengths_list)];
638 
639 #ifndef OPENSSL_NO_MD2
640 static int EVP_Digest_MD2_loop(void *args)
641 {
642     loopargs_t *tempargs = *(loopargs_t **) args;
643     unsigned char *buf = tempargs->buf;
644     unsigned char md2[MD2_DIGEST_LENGTH];
645     int count;
646 
647     for (count = 0; COND(c[D_MD2][testnum]); count++) {
648         if (!EVP_Digest(buf, (size_t)lengths[testnum], md2, NULL, EVP_md2(),
649                         NULL))
650             return -1;
651     }
652     return count;
653 }
654 #endif
655 
656 #ifndef OPENSSL_NO_MDC2
657 static int EVP_Digest_MDC2_loop(void *args)
658 {
659     loopargs_t *tempargs = *(loopargs_t **) args;
660     unsigned char *buf = tempargs->buf;
661     unsigned char mdc2[MDC2_DIGEST_LENGTH];
662     int count;
663 
664     for (count = 0; COND(c[D_MDC2][testnum]); count++) {
665         if (!EVP_Digest(buf, (size_t)lengths[testnum], mdc2, NULL, EVP_mdc2(),
666                         NULL))
667             return -1;
668     }
669     return count;
670 }
671 #endif
672 
673 #ifndef OPENSSL_NO_MD4
674 static int EVP_Digest_MD4_loop(void *args)
675 {
676     loopargs_t *tempargs = *(loopargs_t **) args;
677     unsigned char *buf = tempargs->buf;
678     unsigned char md4[MD4_DIGEST_LENGTH];
679     int count;
680 
681     for (count = 0; COND(c[D_MD4][testnum]); count++) {
682         if (!EVP_Digest(buf, (size_t)lengths[testnum], md4, NULL, EVP_md4(),
683                         NULL))
684             return -1;
685     }
686     return count;
687 }
688 #endif
689 
690 #ifndef OPENSSL_NO_MD5
691 static int MD5_loop(void *args)
692 {
693     loopargs_t *tempargs = *(loopargs_t **) args;
694     unsigned char *buf = tempargs->buf;
695     unsigned char md5[MD5_DIGEST_LENGTH];
696     int count;
697     for (count = 0; COND(c[D_MD5][testnum]); count++)
698         MD5(buf, lengths[testnum], md5);
699     return count;
700 }
701 
702 static int HMAC_loop(void *args)
703 {
704     loopargs_t *tempargs = *(loopargs_t **) args;
705     unsigned char *buf = tempargs->buf;
706     HMAC_CTX *hctx = tempargs->hctx;
707     unsigned char hmac[MD5_DIGEST_LENGTH];
708     int count;
709 
710     for (count = 0; COND(c[D_HMAC][testnum]); count++) {
711         HMAC_Init_ex(hctx, NULL, 0, NULL, NULL);
712         HMAC_Update(hctx, buf, lengths[testnum]);
713         HMAC_Final(hctx, hmac, NULL);
714     }
715     return count;
716 }
717 #endif
718 
719 static int SHA1_loop(void *args)
720 {
721     loopargs_t *tempargs = *(loopargs_t **) args;
722     unsigned char *buf = tempargs->buf;
723     unsigned char sha[SHA_DIGEST_LENGTH];
724     int count;
725     for (count = 0; COND(c[D_SHA1][testnum]); count++)
726         SHA1(buf, lengths[testnum], sha);
727     return count;
728 }
729 
730 static int SHA256_loop(void *args)
731 {
732     loopargs_t *tempargs = *(loopargs_t **) args;
733     unsigned char *buf = tempargs->buf;
734     unsigned char sha256[SHA256_DIGEST_LENGTH];
735     int count;
736     for (count = 0; COND(c[D_SHA256][testnum]); count++)
737         SHA256(buf, lengths[testnum], sha256);
738     return count;
739 }
740 
741 static int SHA512_loop(void *args)
742 {
743     loopargs_t *tempargs = *(loopargs_t **) args;
744     unsigned char *buf = tempargs->buf;
745     unsigned char sha512[SHA512_DIGEST_LENGTH];
746     int count;
747     for (count = 0; COND(c[D_SHA512][testnum]); count++)
748         SHA512(buf, lengths[testnum], sha512);
749     return count;
750 }
751 
752 #ifndef OPENSSL_NO_WHIRLPOOL
753 static int WHIRLPOOL_loop(void *args)
754 {
755     loopargs_t *tempargs = *(loopargs_t **) args;
756     unsigned char *buf = tempargs->buf;
757     unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
758     int count;
759     for (count = 0; COND(c[D_WHIRLPOOL][testnum]); count++)
760         WHIRLPOOL(buf, lengths[testnum], whirlpool);
761     return count;
762 }
763 #endif
764 
765 #ifndef OPENSSL_NO_RMD160
766 static int EVP_Digest_RMD160_loop(void *args)
767 {
768     loopargs_t *tempargs = *(loopargs_t **) args;
769     unsigned char *buf = tempargs->buf;
770     unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
771     int count;
772     for (count = 0; COND(c[D_RMD160][testnum]); count++) {
773         if (!EVP_Digest(buf, (size_t)lengths[testnum], &(rmd160[0]),
774                         NULL, EVP_ripemd160(), NULL))
775             return -1;
776     }
777     return count;
778 }
779 #endif
780 
781 #ifndef OPENSSL_NO_RC4
782 static RC4_KEY rc4_ks;
783 static int RC4_loop(void *args)
784 {
785     loopargs_t *tempargs = *(loopargs_t **) args;
786     unsigned char *buf = tempargs->buf;
787     int count;
788     for (count = 0; COND(c[D_RC4][testnum]); count++)
789         RC4(&rc4_ks, (size_t)lengths[testnum], buf, buf);
790     return count;
791 }
792 #endif
793 
794 #ifndef OPENSSL_NO_DES
795 static unsigned char DES_iv[8];
796 static DES_key_schedule sch;
797 static DES_key_schedule sch2;
798 static DES_key_schedule sch3;
799 static int DES_ncbc_encrypt_loop(void *args)
800 {
801     loopargs_t *tempargs = *(loopargs_t **) args;
802     unsigned char *buf = tempargs->buf;
803     int count;
804     for (count = 0; COND(c[D_CBC_DES][testnum]); count++)
805         DES_ncbc_encrypt(buf, buf, lengths[testnum], &sch,
806                          &DES_iv, DES_ENCRYPT);
807     return count;
808 }
809 
810 static int DES_ede3_cbc_encrypt_loop(void *args)
811 {
812     loopargs_t *tempargs = *(loopargs_t **) args;
813     unsigned char *buf = tempargs->buf;
814     int count;
815     for (count = 0; COND(c[D_EDE3_DES][testnum]); count++)
816         DES_ede3_cbc_encrypt(buf, buf, lengths[testnum],
817                              &sch, &sch2, &sch3, &DES_iv, DES_ENCRYPT);
818     return count;
819 }
820 #endif
821 
822 #define MAX_BLOCK_SIZE 128
823 
824 static unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
825 static AES_KEY aes_ks1, aes_ks2, aes_ks3;
826 static int AES_cbc_128_encrypt_loop(void *args)
827 {
828     loopargs_t *tempargs = *(loopargs_t **) args;
829     unsigned char *buf = tempargs->buf;
830     int count;
831     for (count = 0; COND(c[D_CBC_128_AES][testnum]); count++)
832         AES_cbc_encrypt(buf, buf,
833                         (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
834     return count;
835 }
836 
837 static int AES_cbc_192_encrypt_loop(void *args)
838 {
839     loopargs_t *tempargs = *(loopargs_t **) args;
840     unsigned char *buf = tempargs->buf;
841     int count;
842     for (count = 0; COND(c[D_CBC_192_AES][testnum]); count++)
843         AES_cbc_encrypt(buf, buf,
844                         (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
845     return count;
846 }
847 
848 static int AES_cbc_256_encrypt_loop(void *args)
849 {
850     loopargs_t *tempargs = *(loopargs_t **) args;
851     unsigned char *buf = tempargs->buf;
852     int count;
853     for (count = 0; COND(c[D_CBC_256_AES][testnum]); count++)
854         AES_cbc_encrypt(buf, buf,
855                         (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
856     return count;
857 }
858 
859 static int AES_ige_128_encrypt_loop(void *args)
860 {
861     loopargs_t *tempargs = *(loopargs_t **) args;
862     unsigned char *buf = tempargs->buf;
863     unsigned char *buf2 = tempargs->buf2;
864     int count;
865     for (count = 0; COND(c[D_IGE_128_AES][testnum]); count++)
866         AES_ige_encrypt(buf, buf2,
867                         (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
868     return count;
869 }
870 
871 static int AES_ige_192_encrypt_loop(void *args)
872 {
873     loopargs_t *tempargs = *(loopargs_t **) args;
874     unsigned char *buf = tempargs->buf;
875     unsigned char *buf2 = tempargs->buf2;
876     int count;
877     for (count = 0; COND(c[D_IGE_192_AES][testnum]); count++)
878         AES_ige_encrypt(buf, buf2,
879                         (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
880     return count;
881 }
882 
883 static int AES_ige_256_encrypt_loop(void *args)
884 {
885     loopargs_t *tempargs = *(loopargs_t **) args;
886     unsigned char *buf = tempargs->buf;
887     unsigned char *buf2 = tempargs->buf2;
888     int count;
889     for (count = 0; COND(c[D_IGE_256_AES][testnum]); count++)
890         AES_ige_encrypt(buf, buf2,
891                         (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
892     return count;
893 }
894 
895 static int CRYPTO_gcm128_aad_loop(void *args)
896 {
897     loopargs_t *tempargs = *(loopargs_t **) args;
898     unsigned char *buf = tempargs->buf;
899     GCM128_CONTEXT *gcm_ctx = tempargs->gcm_ctx;
900     int count;
901     for (count = 0; COND(c[D_GHASH][testnum]); count++)
902         CRYPTO_gcm128_aad(gcm_ctx, buf, lengths[testnum]);
903     return count;
904 }
905 
906 static int RAND_bytes_loop(void *args)
907 {
908     loopargs_t *tempargs = *(loopargs_t **) args;
909     unsigned char *buf = tempargs->buf;
910     int count;
911 
912     for (count = 0; COND(c[D_RAND][testnum]); count++)
913         RAND_bytes(buf, lengths[testnum]);
914     return count;
915 }
916 
917 static long save_count = 0;
918 static int decrypt = 0;
919 static int EVP_Update_loop(void *args)
920 {
921     loopargs_t *tempargs = *(loopargs_t **) args;
922     unsigned char *buf = tempargs->buf;
923     EVP_CIPHER_CTX *ctx = tempargs->ctx;
924     int outl, count, rc;
925 #ifndef SIGALRM
926     int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
927 #endif
928     if (decrypt) {
929         for (count = 0; COND(nb_iter); count++) {
930             rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
931             if (rc != 1) {
932                 /* reset iv in case of counter overflow */
933                 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
934             }
935         }
936     } else {
937         for (count = 0; COND(nb_iter); count++) {
938             rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
939             if (rc != 1) {
940                 /* reset iv in case of counter overflow */
941                 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
942             }
943         }
944     }
945     if (decrypt)
946         EVP_DecryptFinal_ex(ctx, buf, &outl);
947     else
948         EVP_EncryptFinal_ex(ctx, buf, &outl);
949     return count;
950 }
951 
952 /*
953  * CCM does not support streaming. For the purpose of performance measurement,
954  * each message is encrypted using the same (key,iv)-pair. Do not use this
955  * code in your application.
956  */
957 static int EVP_Update_loop_ccm(void *args)
958 {
959     loopargs_t *tempargs = *(loopargs_t **) args;
960     unsigned char *buf = tempargs->buf;
961     EVP_CIPHER_CTX *ctx = tempargs->ctx;
962     int outl, count;
963     unsigned char tag[12];
964 #ifndef SIGALRM
965     int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
966 #endif
967     if (decrypt) {
968         for (count = 0; COND(nb_iter); count++) {
969             EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), tag);
970             /* reset iv */
971             EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
972             /* counter is reset on every update */
973             EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
974         }
975     } else {
976         for (count = 0; COND(nb_iter); count++) {
977             /* restore iv length field */
978             EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
979             /* counter is reset on every update */
980             EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
981         }
982     }
983     if (decrypt)
984         EVP_DecryptFinal_ex(ctx, buf, &outl);
985     else
986         EVP_EncryptFinal_ex(ctx, buf, &outl);
987     return count;
988 }
989 
990 /*
991  * To make AEAD benchmarking more relevant perform TLS-like operations,
992  * 13-byte AAD followed by payload. But don't use TLS-formatted AAD, as
993  * payload length is not actually limited by 16KB...
994  */
995 static int EVP_Update_loop_aead(void *args)
996 {
997     loopargs_t *tempargs = *(loopargs_t **) args;
998     unsigned char *buf = tempargs->buf;
999     EVP_CIPHER_CTX *ctx = tempargs->ctx;
1000     int outl, count;
1001     unsigned char aad[13] = { 0xcc };
1002     unsigned char faketag[16] = { 0xcc };
1003 #ifndef SIGALRM
1004     int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1005 #endif
1006     if (decrypt) {
1007         for (count = 0; COND(nb_iter); count++) {
1008             EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
1009             EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
1010                                 sizeof(faketag), faketag);
1011             EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1012             EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1013             EVP_DecryptFinal_ex(ctx, buf + outl, &outl);
1014         }
1015     } else {
1016         for (count = 0; COND(nb_iter); count++) {
1017             EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv);
1018             EVP_EncryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1019             EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1020             EVP_EncryptFinal_ex(ctx, buf + outl, &outl);
1021         }
1022     }
1023     return count;
1024 }
1025 
1026 static const EVP_MD *evp_md = NULL;
1027 static int EVP_Digest_loop(void *args)
1028 {
1029     loopargs_t *tempargs = *(loopargs_t **) args;
1030     unsigned char *buf = tempargs->buf;
1031     unsigned char md[EVP_MAX_MD_SIZE];
1032     int count;
1033 #ifndef SIGALRM
1034     int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1035 #endif
1036 
1037     for (count = 0; COND(nb_iter); count++) {
1038         if (!EVP_Digest(buf, lengths[testnum], md, NULL, evp_md, NULL))
1039             return -1;
1040     }
1041     return count;
1042 }
1043 
1044 #ifndef OPENSSL_NO_RSA
1045 static long rsa_c[RSA_NUM][2];  /* # RSA iteration test */
1046 
1047 static int RSA_sign_loop(void *args)
1048 {
1049     loopargs_t *tempargs = *(loopargs_t **) args;
1050     unsigned char *buf = tempargs->buf;
1051     unsigned char *buf2 = tempargs->buf2;
1052     unsigned int *rsa_num = &tempargs->siglen;
1053     RSA **rsa_key = tempargs->rsa_key;
1054     int ret, count;
1055     for (count = 0; COND(rsa_c[testnum][0]); count++) {
1056         ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1057         if (ret == 0) {
1058             BIO_printf(bio_err, "RSA sign failure\n");
1059             ERR_print_errors(bio_err);
1060             count = -1;
1061             break;
1062         }
1063     }
1064     return count;
1065 }
1066 
1067 static int RSA_verify_loop(void *args)
1068 {
1069     loopargs_t *tempargs = *(loopargs_t **) args;
1070     unsigned char *buf = tempargs->buf;
1071     unsigned char *buf2 = tempargs->buf2;
1072     unsigned int rsa_num = tempargs->siglen;
1073     RSA **rsa_key = tempargs->rsa_key;
1074     int ret, count;
1075     for (count = 0; COND(rsa_c[testnum][1]); count++) {
1076         ret =
1077             RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1078         if (ret <= 0) {
1079             BIO_printf(bio_err, "RSA verify failure\n");
1080             ERR_print_errors(bio_err);
1081             count = -1;
1082             break;
1083         }
1084     }
1085     return count;
1086 }
1087 #endif
1088 
1089 #ifndef OPENSSL_NO_DSA
1090 static long dsa_c[DSA_NUM][2];
1091 static int DSA_sign_loop(void *args)
1092 {
1093     loopargs_t *tempargs = *(loopargs_t **) args;
1094     unsigned char *buf = tempargs->buf;
1095     unsigned char *buf2 = tempargs->buf2;
1096     DSA **dsa_key = tempargs->dsa_key;
1097     unsigned int *siglen = &tempargs->siglen;
1098     int ret, count;
1099     for (count = 0; COND(dsa_c[testnum][0]); count++) {
1100         ret = DSA_sign(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1101         if (ret == 0) {
1102             BIO_printf(bio_err, "DSA sign failure\n");
1103             ERR_print_errors(bio_err);
1104             count = -1;
1105             break;
1106         }
1107     }
1108     return count;
1109 }
1110 
1111 static int DSA_verify_loop(void *args)
1112 {
1113     loopargs_t *tempargs = *(loopargs_t **) args;
1114     unsigned char *buf = tempargs->buf;
1115     unsigned char *buf2 = tempargs->buf2;
1116     DSA **dsa_key = tempargs->dsa_key;
1117     unsigned int siglen = tempargs->siglen;
1118     int ret, count;
1119     for (count = 0; COND(dsa_c[testnum][1]); count++) {
1120         ret = DSA_verify(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1121         if (ret <= 0) {
1122             BIO_printf(bio_err, "DSA verify failure\n");
1123             ERR_print_errors(bio_err);
1124             count = -1;
1125             break;
1126         }
1127     }
1128     return count;
1129 }
1130 #endif
1131 
1132 #ifndef OPENSSL_NO_EC
1133 static long ecdsa_c[ECDSA_NUM][2];
1134 static int ECDSA_sign_loop(void *args)
1135 {
1136     loopargs_t *tempargs = *(loopargs_t **) args;
1137     unsigned char *buf = tempargs->buf;
1138     EC_KEY **ecdsa = tempargs->ecdsa;
1139     unsigned char *ecdsasig = tempargs->buf2;
1140     unsigned int *ecdsasiglen = &tempargs->siglen;
1141     int ret, count;
1142     for (count = 0; COND(ecdsa_c[testnum][0]); count++) {
1143         ret = ECDSA_sign(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1144         if (ret == 0) {
1145             BIO_printf(bio_err, "ECDSA sign failure\n");
1146             ERR_print_errors(bio_err);
1147             count = -1;
1148             break;
1149         }
1150     }
1151     return count;
1152 }
1153 
1154 static int ECDSA_verify_loop(void *args)
1155 {
1156     loopargs_t *tempargs = *(loopargs_t **) args;
1157     unsigned char *buf = tempargs->buf;
1158     EC_KEY **ecdsa = tempargs->ecdsa;
1159     unsigned char *ecdsasig = tempargs->buf2;
1160     unsigned int ecdsasiglen = tempargs->siglen;
1161     int ret, count;
1162     for (count = 0; COND(ecdsa_c[testnum][1]); count++) {
1163         ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1164         if (ret != 1) {
1165             BIO_printf(bio_err, "ECDSA verify failure\n");
1166             ERR_print_errors(bio_err);
1167             count = -1;
1168             break;
1169         }
1170     }
1171     return count;
1172 }
1173 
1174 /* ******************************************************************** */
1175 static long ecdh_c[EC_NUM][1];
1176 
1177 static int ECDH_EVP_derive_key_loop(void *args)
1178 {
1179     loopargs_t *tempargs = *(loopargs_t **) args;
1180     EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum];
1181     unsigned char *derived_secret = tempargs->secret_a;
1182     int count;
1183     size_t *outlen = &(tempargs->outlen[testnum]);
1184 
1185     for (count = 0; COND(ecdh_c[testnum][0]); count++)
1186         EVP_PKEY_derive(ctx, derived_secret, outlen);
1187 
1188     return count;
1189 }
1190 
1191 static long eddsa_c[EdDSA_NUM][2];
1192 static int EdDSA_sign_loop(void *args)
1193 {
1194     loopargs_t *tempargs = *(loopargs_t **) args;
1195     unsigned char *buf = tempargs->buf;
1196     EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1197     unsigned char *eddsasig = tempargs->buf2;
1198     size_t *eddsasigsize = &tempargs->sigsize;
1199     int ret, count;
1200 
1201     for (count = 0; COND(eddsa_c[testnum][0]); count++) {
1202         ret = EVP_DigestSign(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1203         if (ret == 0) {
1204             BIO_printf(bio_err, "EdDSA sign failure\n");
1205             ERR_print_errors(bio_err);
1206             count = -1;
1207             break;
1208         }
1209     }
1210     return count;
1211 }
1212 
1213 static int EdDSA_verify_loop(void *args)
1214 {
1215     loopargs_t *tempargs = *(loopargs_t **) args;
1216     unsigned char *buf = tempargs->buf;
1217     EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1218     unsigned char *eddsasig = tempargs->buf2;
1219     size_t eddsasigsize = tempargs->sigsize;
1220     int ret, count;
1221 
1222     for (count = 0; COND(eddsa_c[testnum][1]); count++) {
1223         ret = EVP_DigestVerify(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1224         if (ret != 1) {
1225             BIO_printf(bio_err, "EdDSA verify failure\n");
1226             ERR_print_errors(bio_err);
1227             count = -1;
1228             break;
1229         }
1230     }
1231     return count;
1232 }
1233 #endif                          /* OPENSSL_NO_EC */
1234 
1235 static int run_benchmark(int async_jobs,
1236                          int (*loop_function) (void *), loopargs_t * loopargs)
1237 {
1238     int job_op_count = 0;
1239     int total_op_count = 0;
1240     int num_inprogress = 0;
1241     int error = 0, i = 0, ret = 0;
1242     OSSL_ASYNC_FD job_fd = 0;
1243     size_t num_job_fds = 0;
1244 
1245     if (async_jobs == 0) {
1246         return loop_function((void *)&loopargs);
1247     }
1248 
1249     for (i = 0; i < async_jobs && !error; i++) {
1250         loopargs_t *looparg_item = loopargs + i;
1251 
1252         /* Copy pointer content (looparg_t item address) into async context */
1253         ret = ASYNC_start_job(&loopargs[i].inprogress_job, loopargs[i].wait_ctx,
1254                               &job_op_count, loop_function,
1255                               (void *)&looparg_item, sizeof(looparg_item));
1256         switch (ret) {
1257         case ASYNC_PAUSE:
1258             ++num_inprogress;
1259             break;
1260         case ASYNC_FINISH:
1261             if (job_op_count == -1) {
1262                 error = 1;
1263             } else {
1264                 total_op_count += job_op_count;
1265             }
1266             break;
1267         case ASYNC_NO_JOBS:
1268         case ASYNC_ERR:
1269             BIO_printf(bio_err, "Failure in the job\n");
1270             ERR_print_errors(bio_err);
1271             error = 1;
1272             break;
1273         }
1274     }
1275 
1276     while (num_inprogress > 0) {
1277 #if defined(OPENSSL_SYS_WINDOWS)
1278         DWORD avail = 0;
1279 #elif defined(OPENSSL_SYS_UNIX)
1280         int select_result = 0;
1281         OSSL_ASYNC_FD max_fd = 0;
1282         fd_set waitfdset;
1283 
1284         FD_ZERO(&waitfdset);
1285 
1286         for (i = 0; i < async_jobs && num_inprogress > 0; i++) {
1287             if (loopargs[i].inprogress_job == NULL)
1288                 continue;
1289 
1290             if (!ASYNC_WAIT_CTX_get_all_fds
1291                 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1292                 || num_job_fds > 1) {
1293                 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1294                 ERR_print_errors(bio_err);
1295                 error = 1;
1296                 break;
1297             }
1298             ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1299                                        &num_job_fds);
1300             FD_SET(job_fd, &waitfdset);
1301             if (job_fd > max_fd)
1302                 max_fd = job_fd;
1303         }
1304 
1305         if (max_fd >= (OSSL_ASYNC_FD)FD_SETSIZE) {
1306             BIO_printf(bio_err,
1307                        "Error: max_fd (%d) must be smaller than FD_SETSIZE (%d). "
1308                        "Decrease the value of async_jobs\n",
1309                        max_fd, FD_SETSIZE);
1310             ERR_print_errors(bio_err);
1311             error = 1;
1312             break;
1313         }
1314 
1315         select_result = select(max_fd + 1, &waitfdset, NULL, NULL, NULL);
1316         if (select_result == -1 && errno == EINTR)
1317             continue;
1318 
1319         if (select_result == -1) {
1320             BIO_printf(bio_err, "Failure in the select\n");
1321             ERR_print_errors(bio_err);
1322             error = 1;
1323             break;
1324         }
1325 
1326         if (select_result == 0)
1327             continue;
1328 #endif
1329 
1330         for (i = 0; i < async_jobs; i++) {
1331             if (loopargs[i].inprogress_job == NULL)
1332                 continue;
1333 
1334             if (!ASYNC_WAIT_CTX_get_all_fds
1335                 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1336                 || num_job_fds > 1) {
1337                 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1338                 ERR_print_errors(bio_err);
1339                 error = 1;
1340                 break;
1341             }
1342             ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1343                                        &num_job_fds);
1344 
1345 #if defined(OPENSSL_SYS_UNIX)
1346             if (num_job_fds == 1 && !FD_ISSET(job_fd, &waitfdset))
1347                 continue;
1348 #elif defined(OPENSSL_SYS_WINDOWS)
1349             if (num_job_fds == 1
1350                 && !PeekNamedPipe(job_fd, NULL, 0, NULL, &avail, NULL)
1351                 && avail > 0)
1352                 continue;
1353 #endif
1354 
1355             ret = ASYNC_start_job(&loopargs[i].inprogress_job,
1356                                   loopargs[i].wait_ctx, &job_op_count,
1357                                   loop_function, (void *)(loopargs + i),
1358                                   sizeof(loopargs_t));
1359             switch (ret) {
1360             case ASYNC_PAUSE:
1361                 break;
1362             case ASYNC_FINISH:
1363                 if (job_op_count == -1) {
1364                     error = 1;
1365                 } else {
1366                     total_op_count += job_op_count;
1367                 }
1368                 --num_inprogress;
1369                 loopargs[i].inprogress_job = NULL;
1370                 break;
1371             case ASYNC_NO_JOBS:
1372             case ASYNC_ERR:
1373                 --num_inprogress;
1374                 loopargs[i].inprogress_job = NULL;
1375                 BIO_printf(bio_err, "Failure in the job\n");
1376                 ERR_print_errors(bio_err);
1377                 error = 1;
1378                 break;
1379             }
1380         }
1381     }
1382 
1383     return error ? -1 : total_op_count;
1384 }
1385 
1386 int speed_main(int argc, char **argv)
1387 {
1388     ENGINE *e = NULL;
1389     loopargs_t *loopargs = NULL;
1390     const char *prog;
1391     const char *engine_id = NULL;
1392     const EVP_CIPHER *evp_cipher = NULL;
1393     double d = 0.0;
1394     OPTION_CHOICE o;
1395     int async_init = 0, multiblock = 0, pr_header = 0;
1396     int doit[ALGOR_NUM] = { 0 };
1397     int ret = 1, misalign = 0, lengths_single = 0, aead = 0;
1398     long count = 0;
1399     unsigned int size_num = OSSL_NELEM(lengths_list);
1400     unsigned int i, k, loop, loopargs_len = 0, async_jobs = 0;
1401     int keylen;
1402     int buflen;
1403 #ifndef NO_FORK
1404     int multi = 0;
1405 #endif
1406 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) \
1407     || !defined(OPENSSL_NO_EC)
1408     long rsa_count = 1;
1409 #endif
1410     openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS,
1411                                     ECDSA_SECONDS, ECDH_SECONDS,
1412                                     EdDSA_SECONDS };
1413 
1414     /* What follows are the buffers and key material. */
1415 #ifndef OPENSSL_NO_RC5
1416     RC5_32_KEY rc5_ks;
1417 #endif
1418 #ifndef OPENSSL_NO_RC2
1419     RC2_KEY rc2_ks;
1420 #endif
1421 #ifndef OPENSSL_NO_IDEA
1422     IDEA_KEY_SCHEDULE idea_ks;
1423 #endif
1424 #ifndef OPENSSL_NO_SEED
1425     SEED_KEY_SCHEDULE seed_ks;
1426 #endif
1427 #ifndef OPENSSL_NO_BF
1428     BF_KEY bf_ks;
1429 #endif
1430 #ifndef OPENSSL_NO_CAST
1431     CAST_KEY cast_ks;
1432 #endif
1433     static const unsigned char key16[16] = {
1434         0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1435         0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1436     };
1437     static const unsigned char key24[24] = {
1438         0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1439         0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1440         0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1441     };
1442     static const unsigned char key32[32] = {
1443         0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1444         0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1445         0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1446         0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1447     };
1448 #ifndef OPENSSL_NO_CAMELLIA
1449     static const unsigned char ckey24[24] = {
1450         0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1451         0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1452         0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1453     };
1454     static const unsigned char ckey32[32] = {
1455         0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1456         0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1457         0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1458         0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1459     };
1460     CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3;
1461 #endif
1462 #ifndef OPENSSL_NO_DES
1463     static DES_cblock key = {
1464         0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0
1465     };
1466     static DES_cblock key2 = {
1467         0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1468     };
1469     static DES_cblock key3 = {
1470         0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1471     };
1472 #endif
1473 #ifndef OPENSSL_NO_RSA
1474     static const unsigned int rsa_bits[RSA_NUM] = {
1475         512, 1024, 2048, 3072, 4096, 7680, 15360
1476     };
1477     static const unsigned char *rsa_data[RSA_NUM] = {
1478         test512, test1024, test2048, test3072, test4096, test7680, test15360
1479     };
1480     static const int rsa_data_length[RSA_NUM] = {
1481         sizeof(test512), sizeof(test1024),
1482         sizeof(test2048), sizeof(test3072),
1483         sizeof(test4096), sizeof(test7680),
1484         sizeof(test15360)
1485     };
1486     int rsa_doit[RSA_NUM] = { 0 };
1487     int primes = RSA_DEFAULT_PRIME_NUM;
1488 #endif
1489 #ifndef OPENSSL_NO_DSA
1490     static const unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 };
1491     int dsa_doit[DSA_NUM] = { 0 };
1492 #endif
1493 #ifndef OPENSSL_NO_EC
1494     /*
1495      * We only test over the following curves as they are representative, To
1496      * add tests over more curves, simply add the curve NID and curve name to
1497      * the following arrays and increase the |ecdh_choices| list accordingly.
1498      */
1499     static const struct {
1500         const char *name;
1501         unsigned int nid;
1502         unsigned int bits;
1503     } test_curves[] = {
1504         /* Prime Curves */
1505         {"secp160r1", NID_secp160r1, 160},
1506         {"nistp192", NID_X9_62_prime192v1, 192},
1507         {"nistp224", NID_secp224r1, 224},
1508         {"nistp256", NID_X9_62_prime256v1, 256},
1509         {"nistp384", NID_secp384r1, 384},
1510         {"nistp521", NID_secp521r1, 521},
1511 # ifndef OPENSSL_NO_EC2M
1512         /* Binary Curves */
1513         {"nistk163", NID_sect163k1, 163},
1514         {"nistk233", NID_sect233k1, 233},
1515         {"nistk283", NID_sect283k1, 283},
1516         {"nistk409", NID_sect409k1, 409},
1517         {"nistk571", NID_sect571k1, 571},
1518         {"nistb163", NID_sect163r2, 163},
1519         {"nistb233", NID_sect233r1, 233},
1520         {"nistb283", NID_sect283r1, 283},
1521         {"nistb409", NID_sect409r1, 409},
1522         {"nistb571", NID_sect571r1, 571},
1523 # endif
1524         {"brainpoolP256r1", NID_brainpoolP256r1, 256},
1525         {"brainpoolP256t1", NID_brainpoolP256t1, 256},
1526         {"brainpoolP384r1", NID_brainpoolP384r1, 384},
1527         {"brainpoolP384t1", NID_brainpoolP384t1, 384},
1528         {"brainpoolP512r1", NID_brainpoolP512r1, 512},
1529         {"brainpoolP512t1", NID_brainpoolP512t1, 512},
1530         /* Other and ECDH only ones */
1531         {"X25519", NID_X25519, 253},
1532         {"X448", NID_X448, 448}
1533     };
1534     static const struct {
1535         const char *name;
1536         unsigned int nid;
1537         unsigned int bits;
1538         size_t sigsize;
1539     } test_ed_curves[] = {
1540         /* EdDSA */
1541         {"Ed25519", NID_ED25519, 253, 64},
1542         {"Ed448", NID_ED448, 456, 114}
1543     };
1544     int ecdsa_doit[ECDSA_NUM] = { 0 };
1545     int ecdh_doit[EC_NUM] = { 0 };
1546     int eddsa_doit[EdDSA_NUM] = { 0 };
1547     OPENSSL_assert(OSSL_NELEM(test_curves) >= EC_NUM);
1548     OPENSSL_assert(OSSL_NELEM(test_ed_curves) >= EdDSA_NUM);
1549 #endif                          /* ndef OPENSSL_NO_EC */
1550 
1551     prog = opt_init(argc, argv, speed_options);
1552     while ((o = opt_next()) != OPT_EOF) {
1553         switch (o) {
1554         case OPT_EOF:
1555         case OPT_ERR:
1556  opterr:
1557             BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
1558             goto end;
1559         case OPT_HELP:
1560             opt_help(speed_options);
1561             ret = 0;
1562             goto end;
1563         case OPT_ELAPSED:
1564             usertime = 0;
1565             break;
1566         case OPT_EVP:
1567             evp_md = NULL;
1568             evp_cipher = EVP_get_cipherbyname(opt_arg());
1569             if (evp_cipher == NULL)
1570                 evp_md = EVP_get_digestbyname(opt_arg());
1571             if (evp_cipher == NULL && evp_md == NULL) {
1572                 BIO_printf(bio_err,
1573                            "%s: %s is an unknown cipher or digest\n",
1574                            prog, opt_arg());
1575                 goto end;
1576             }
1577             doit[D_EVP] = 1;
1578             break;
1579         case OPT_DECRYPT:
1580             decrypt = 1;
1581             break;
1582         case OPT_ENGINE:
1583             /*
1584              * In a forked execution, an engine might need to be
1585              * initialised by each child process, not by the parent.
1586              * So store the name here and run setup_engine() later on.
1587              */
1588             engine_id = opt_arg();
1589             break;
1590         case OPT_MULTI:
1591 #ifndef NO_FORK
1592             multi = atoi(opt_arg());
1593 #endif
1594             break;
1595         case OPT_ASYNCJOBS:
1596 #ifndef OPENSSL_NO_ASYNC
1597             async_jobs = atoi(opt_arg());
1598             if (!ASYNC_is_capable()) {
1599                 BIO_printf(bio_err,
1600                            "%s: async_jobs specified but async not supported\n",
1601                            prog);
1602                 goto opterr;
1603             }
1604             if (async_jobs > 99999) {
1605                 BIO_printf(bio_err, "%s: too many async_jobs\n", prog);
1606                 goto opterr;
1607             }
1608 #endif
1609             break;
1610         case OPT_MISALIGN:
1611             if (!opt_int(opt_arg(), &misalign))
1612                 goto end;
1613             if (misalign > MISALIGN) {
1614                 BIO_printf(bio_err,
1615                            "%s: Maximum offset is %d\n", prog, MISALIGN);
1616                 goto opterr;
1617             }
1618             break;
1619         case OPT_MR:
1620             mr = 1;
1621             break;
1622         case OPT_MB:
1623             multiblock = 1;
1624 #ifdef OPENSSL_NO_MULTIBLOCK
1625             BIO_printf(bio_err,
1626                        "%s: -mb specified but multi-block support is disabled\n",
1627                        prog);
1628             goto end;
1629 #endif
1630             break;
1631         case OPT_R_CASES:
1632             if (!opt_rand(o))
1633                 goto end;
1634             break;
1635         case OPT_PRIMES:
1636             if (!opt_int(opt_arg(), &primes))
1637                 goto end;
1638             break;
1639         case OPT_SECONDS:
1640             seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa
1641                         = seconds.ecdh = seconds.eddsa = atoi(opt_arg());
1642             break;
1643         case OPT_BYTES:
1644             lengths_single = atoi(opt_arg());
1645             lengths = &lengths_single;
1646             size_num = 1;
1647             break;
1648         case OPT_AEAD:
1649             aead = 1;
1650             break;
1651         }
1652     }
1653     argc = opt_num_rest();
1654     argv = opt_rest();
1655 
1656     /* Remaining arguments are algorithms. */
1657     for (; *argv; argv++) {
1658         if (found(*argv, doit_choices, &i)) {
1659             doit[i] = 1;
1660             continue;
1661         }
1662 #ifndef OPENSSL_NO_DES
1663         if (strcmp(*argv, "des") == 0) {
1664             doit[D_CBC_DES] = doit[D_EDE3_DES] = 1;
1665             continue;
1666         }
1667 #endif
1668         if (strcmp(*argv, "sha") == 0) {
1669             doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1;
1670             continue;
1671         }
1672 #ifndef OPENSSL_NO_RSA
1673         if (strcmp(*argv, "openssl") == 0)
1674             continue;
1675         if (strcmp(*argv, "rsa") == 0) {
1676             for (loop = 0; loop < OSSL_NELEM(rsa_doit); loop++)
1677                 rsa_doit[loop] = 1;
1678             continue;
1679         }
1680         if (found(*argv, rsa_choices, &i)) {
1681             rsa_doit[i] = 1;
1682             continue;
1683         }
1684 #endif
1685 #ifndef OPENSSL_NO_DSA
1686         if (strcmp(*argv, "dsa") == 0) {
1687             dsa_doit[R_DSA_512] = dsa_doit[R_DSA_1024] =
1688                 dsa_doit[R_DSA_2048] = 1;
1689             continue;
1690         }
1691         if (found(*argv, dsa_choices, &i)) {
1692             dsa_doit[i] = 2;
1693             continue;
1694         }
1695 #endif
1696         if (strcmp(*argv, "aes") == 0) {
1697             doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1;
1698             continue;
1699         }
1700 #ifndef OPENSSL_NO_CAMELLIA
1701         if (strcmp(*argv, "camellia") == 0) {
1702             doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1;
1703             continue;
1704         }
1705 #endif
1706 #ifndef OPENSSL_NO_EC
1707         if (strcmp(*argv, "ecdsa") == 0) {
1708             for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
1709                 ecdsa_doit[loop] = 1;
1710             continue;
1711         }
1712         if (found(*argv, ecdsa_choices, &i)) {
1713             ecdsa_doit[i] = 2;
1714             continue;
1715         }
1716         if (strcmp(*argv, "ecdh") == 0) {
1717             for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
1718                 ecdh_doit[loop] = 1;
1719             continue;
1720         }
1721         if (found(*argv, ecdh_choices, &i)) {
1722             ecdh_doit[i] = 2;
1723             continue;
1724         }
1725         if (strcmp(*argv, "eddsa") == 0) {
1726             for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
1727                 eddsa_doit[loop] = 1;
1728             continue;
1729         }
1730         if (found(*argv, eddsa_choices, &i)) {
1731             eddsa_doit[i] = 2;
1732             continue;
1733         }
1734 #endif
1735         BIO_printf(bio_err, "%s: Unknown algorithm %s\n", prog, *argv);
1736         goto end;
1737     }
1738 
1739     /* Sanity checks */
1740     if (aead) {
1741         if (evp_cipher == NULL) {
1742             BIO_printf(bio_err, "-aead can be used only with an AEAD cipher\n");
1743             goto end;
1744         } else if (!(EVP_CIPHER_flags(evp_cipher) &
1745                      EVP_CIPH_FLAG_AEAD_CIPHER)) {
1746             BIO_printf(bio_err, "%s is not an AEAD cipher\n",
1747                        OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1748             goto end;
1749         }
1750     }
1751     if (multiblock) {
1752         if (evp_cipher == NULL) {
1753             BIO_printf(bio_err,"-mb can be used only with a multi-block"
1754                                " capable cipher\n");
1755             goto end;
1756         } else if (!(EVP_CIPHER_flags(evp_cipher) &
1757                      EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
1758             BIO_printf(bio_err, "%s is not a multi-block capable\n",
1759                        OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1760             goto end;
1761         } else if (async_jobs > 0) {
1762             BIO_printf(bio_err, "Async mode is not supported with -mb");
1763             goto end;
1764         }
1765     }
1766 
1767     /* Initialize the job pool if async mode is enabled */
1768     if (async_jobs > 0) {
1769         async_init = ASYNC_init_thread(async_jobs, async_jobs);
1770         if (!async_init) {
1771             BIO_printf(bio_err, "Error creating the ASYNC job pool\n");
1772             goto end;
1773         }
1774     }
1775 
1776     loopargs_len = (async_jobs == 0 ? 1 : async_jobs);
1777     loopargs =
1778         app_malloc(loopargs_len * sizeof(loopargs_t), "array of loopargs");
1779     memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));
1780 
1781     for (i = 0; i < loopargs_len; i++) {
1782         if (async_jobs > 0) {
1783             loopargs[i].wait_ctx = ASYNC_WAIT_CTX_new();
1784             if (loopargs[i].wait_ctx == NULL) {
1785                 BIO_printf(bio_err, "Error creating the ASYNC_WAIT_CTX\n");
1786                 goto end;
1787             }
1788         }
1789 
1790         buflen = lengths[size_num - 1];
1791         if (buflen < 36)    /* size of random vector in RSA benchmark */
1792             buflen = 36;
1793         buflen += MAX_MISALIGNMENT + 1;
1794         loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
1795         loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");
1796         memset(loopargs[i].buf_malloc, 0, buflen);
1797         memset(loopargs[i].buf2_malloc, 0, buflen);
1798 
1799         /* Align the start of buffers on a 64 byte boundary */
1800         loopargs[i].buf = loopargs[i].buf_malloc + misalign;
1801         loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;
1802 #ifndef OPENSSL_NO_EC
1803         loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a");
1804         loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b");
1805 #endif
1806     }
1807 
1808 #ifndef NO_FORK
1809     if (multi && do_multi(multi, size_num))
1810         goto show_res;
1811 #endif
1812 
1813     /* Initialize the engine after the fork */
1814     e = setup_engine(engine_id, 0);
1815 
1816     /* No parameters; turn on everything. */
1817     if ((argc == 0) && !doit[D_EVP]) {
1818         for (i = 0; i < ALGOR_NUM; i++)
1819             if (i != D_EVP)
1820                 doit[i] = 1;
1821 #ifndef OPENSSL_NO_RSA
1822         for (i = 0; i < RSA_NUM; i++)
1823             rsa_doit[i] = 1;
1824 #endif
1825 #ifndef OPENSSL_NO_DSA
1826         for (i = 0; i < DSA_NUM; i++)
1827             dsa_doit[i] = 1;
1828 #endif
1829 #ifndef OPENSSL_NO_EC
1830         for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
1831             ecdsa_doit[loop] = 1;
1832         for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
1833             ecdh_doit[loop] = 1;
1834         for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
1835             eddsa_doit[loop] = 1;
1836 #endif
1837     }
1838     for (i = 0; i < ALGOR_NUM; i++)
1839         if (doit[i])
1840             pr_header++;
1841 
1842     if (usertime == 0 && !mr)
1843         BIO_printf(bio_err,
1844                    "You have chosen to measure elapsed time "
1845                    "instead of user CPU time.\n");
1846 
1847 #ifndef OPENSSL_NO_RSA
1848     for (i = 0; i < loopargs_len; i++) {
1849         if (primes > RSA_DEFAULT_PRIME_NUM) {
1850             /* for multi-prime RSA, skip this */
1851             break;
1852         }
1853         for (k = 0; k < RSA_NUM; k++) {
1854             const unsigned char *p;
1855 
1856             p = rsa_data[k];
1857             loopargs[i].rsa_key[k] =
1858                 d2i_RSAPrivateKey(NULL, &p, rsa_data_length[k]);
1859             if (loopargs[i].rsa_key[k] == NULL) {
1860                 BIO_printf(bio_err,
1861                            "internal error loading RSA key number %d\n", k);
1862                 goto end;
1863             }
1864         }
1865     }
1866 #endif
1867 #ifndef OPENSSL_NO_DSA
1868     for (i = 0; i < loopargs_len; i++) {
1869         loopargs[i].dsa_key[0] = get_dsa(512);
1870         loopargs[i].dsa_key[1] = get_dsa(1024);
1871         loopargs[i].dsa_key[2] = get_dsa(2048);
1872     }
1873 #endif
1874 #ifndef OPENSSL_NO_DES
1875     DES_set_key_unchecked(&key, &sch);
1876     DES_set_key_unchecked(&key2, &sch2);
1877     DES_set_key_unchecked(&key3, &sch3);
1878 #endif
1879     AES_set_encrypt_key(key16, 128, &aes_ks1);
1880     AES_set_encrypt_key(key24, 192, &aes_ks2);
1881     AES_set_encrypt_key(key32, 256, &aes_ks3);
1882 #ifndef OPENSSL_NO_CAMELLIA
1883     Camellia_set_key(key16, 128, &camellia_ks1);
1884     Camellia_set_key(ckey24, 192, &camellia_ks2);
1885     Camellia_set_key(ckey32, 256, &camellia_ks3);
1886 #endif
1887 #ifndef OPENSSL_NO_IDEA
1888     IDEA_set_encrypt_key(key16, &idea_ks);
1889 #endif
1890 #ifndef OPENSSL_NO_SEED
1891     SEED_set_key(key16, &seed_ks);
1892 #endif
1893 #ifndef OPENSSL_NO_RC4
1894     RC4_set_key(&rc4_ks, 16, key16);
1895 #endif
1896 #ifndef OPENSSL_NO_RC2
1897     RC2_set_key(&rc2_ks, 16, key16, 128);
1898 #endif
1899 #ifndef OPENSSL_NO_RC5
1900     RC5_32_set_key(&rc5_ks, 16, key16, 12);
1901 #endif
1902 #ifndef OPENSSL_NO_BF
1903     BF_set_key(&bf_ks, 16, key16);
1904 #endif
1905 #ifndef OPENSSL_NO_CAST
1906     CAST_set_key(&cast_ks, 16, key16);
1907 #endif
1908 #ifndef SIGALRM
1909 # ifndef OPENSSL_NO_DES
1910     BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
1911     count = 10;
1912     do {
1913         long it;
1914         count *= 2;
1915         Time_F(START);
1916         for (it = count; it; it--)
1917             DES_ecb_encrypt((DES_cblock *)loopargs[0].buf,
1918                             (DES_cblock *)loopargs[0].buf, &sch, DES_ENCRYPT);
1919         d = Time_F(STOP);
1920     } while (d < 3);
1921     save_count = count;
1922     c[D_MD2][0] = count / 10;
1923     c[D_MDC2][0] = count / 10;
1924     c[D_MD4][0] = count;
1925     c[D_MD5][0] = count;
1926     c[D_HMAC][0] = count;
1927     c[D_SHA1][0] = count;
1928     c[D_RMD160][0] = count;
1929     c[D_RC4][0] = count * 5;
1930     c[D_CBC_DES][0] = count;
1931     c[D_EDE3_DES][0] = count / 3;
1932     c[D_CBC_IDEA][0] = count;
1933     c[D_CBC_SEED][0] = count;
1934     c[D_CBC_RC2][0] = count;
1935     c[D_CBC_RC5][0] = count;
1936     c[D_CBC_BF][0] = count;
1937     c[D_CBC_CAST][0] = count;
1938     c[D_CBC_128_AES][0] = count;
1939     c[D_CBC_192_AES][0] = count;
1940     c[D_CBC_256_AES][0] = count;
1941     c[D_CBC_128_CML][0] = count;
1942     c[D_CBC_192_CML][0] = count;
1943     c[D_CBC_256_CML][0] = count;
1944     c[D_SHA256][0] = count;
1945     c[D_SHA512][0] = count;
1946     c[D_WHIRLPOOL][0] = count;
1947     c[D_IGE_128_AES][0] = count;
1948     c[D_IGE_192_AES][0] = count;
1949     c[D_IGE_256_AES][0] = count;
1950     c[D_GHASH][0] = count;
1951     c[D_RAND][0] = count;
1952 
1953     for (i = 1; i < size_num; i++) {
1954         long l0, l1;
1955 
1956         l0 = (long)lengths[0];
1957         l1 = (long)lengths[i];
1958 
1959         c[D_MD2][i] = c[D_MD2][0] * 4 * l0 / l1;
1960         c[D_MDC2][i] = c[D_MDC2][0] * 4 * l0 / l1;
1961         c[D_MD4][i] = c[D_MD4][0] * 4 * l0 / l1;
1962         c[D_MD5][i] = c[D_MD5][0] * 4 * l0 / l1;
1963         c[D_HMAC][i] = c[D_HMAC][0] * 4 * l0 / l1;
1964         c[D_SHA1][i] = c[D_SHA1][0] * 4 * l0 / l1;
1965         c[D_RMD160][i] = c[D_RMD160][0] * 4 * l0 / l1;
1966         c[D_SHA256][i] = c[D_SHA256][0] * 4 * l0 / l1;
1967         c[D_SHA512][i] = c[D_SHA512][0] * 4 * l0 / l1;
1968         c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * l0 / l1;
1969         c[D_GHASH][i] = c[D_GHASH][0] * 4 * l0 / l1;
1970         c[D_RAND][i] = c[D_RAND][0] * 4 * l0 / l1;
1971 
1972         l0 = (long)lengths[i - 1];
1973 
1974         c[D_RC4][i] = c[D_RC4][i - 1] * l0 / l1;
1975         c[D_CBC_DES][i] = c[D_CBC_DES][i - 1] * l0 / l1;
1976         c[D_EDE3_DES][i] = c[D_EDE3_DES][i - 1] * l0 / l1;
1977         c[D_CBC_IDEA][i] = c[D_CBC_IDEA][i - 1] * l0 / l1;
1978         c[D_CBC_SEED][i] = c[D_CBC_SEED][i - 1] * l0 / l1;
1979         c[D_CBC_RC2][i] = c[D_CBC_RC2][i - 1] * l0 / l1;
1980         c[D_CBC_RC5][i] = c[D_CBC_RC5][i - 1] * l0 / l1;
1981         c[D_CBC_BF][i] = c[D_CBC_BF][i - 1] * l0 / l1;
1982         c[D_CBC_CAST][i] = c[D_CBC_CAST][i - 1] * l0 / l1;
1983         c[D_CBC_128_AES][i] = c[D_CBC_128_AES][i - 1] * l0 / l1;
1984         c[D_CBC_192_AES][i] = c[D_CBC_192_AES][i - 1] * l0 / l1;
1985         c[D_CBC_256_AES][i] = c[D_CBC_256_AES][i - 1] * l0 / l1;
1986         c[D_CBC_128_CML][i] = c[D_CBC_128_CML][i - 1] * l0 / l1;
1987         c[D_CBC_192_CML][i] = c[D_CBC_192_CML][i - 1] * l0 / l1;
1988         c[D_CBC_256_CML][i] = c[D_CBC_256_CML][i - 1] * l0 / l1;
1989         c[D_IGE_128_AES][i] = c[D_IGE_128_AES][i - 1] * l0 / l1;
1990         c[D_IGE_192_AES][i] = c[D_IGE_192_AES][i - 1] * l0 / l1;
1991         c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
1992     }
1993 
1994 #  ifndef OPENSSL_NO_RSA
1995     rsa_c[R_RSA_512][0] = count / 2000;
1996     rsa_c[R_RSA_512][1] = count / 400;
1997     for (i = 1; i < RSA_NUM; i++) {
1998         rsa_c[i][0] = rsa_c[i - 1][0] / 8;
1999         rsa_c[i][1] = rsa_c[i - 1][1] / 4;
2000         if (rsa_doit[i] <= 1 && rsa_c[i][0] == 0)
2001             rsa_doit[i] = 0;
2002         else {
2003             if (rsa_c[i][0] == 0) {
2004                 rsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2005                 rsa_c[i][1] = 20;
2006             }
2007         }
2008     }
2009 #  endif
2010 
2011 #  ifndef OPENSSL_NO_DSA
2012     dsa_c[R_DSA_512][0] = count / 1000;
2013     dsa_c[R_DSA_512][1] = count / 1000 / 2;
2014     for (i = 1; i < DSA_NUM; i++) {
2015         dsa_c[i][0] = dsa_c[i - 1][0] / 4;
2016         dsa_c[i][1] = dsa_c[i - 1][1] / 4;
2017         if (dsa_doit[i] <= 1 && dsa_c[i][0] == 0)
2018             dsa_doit[i] = 0;
2019         else {
2020             if (dsa_c[i][0] == 0) {
2021                 dsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2022                 dsa_c[i][1] = 1;
2023             }
2024         }
2025     }
2026 #  endif
2027 
2028 #  ifndef OPENSSL_NO_EC
2029     ecdsa_c[R_EC_P160][0] = count / 1000;
2030     ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
2031     for (i = R_EC_P192; i <= R_EC_P521; i++) {
2032         ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2033         ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2034         if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2035             ecdsa_doit[i] = 0;
2036         else {
2037             if (ecdsa_c[i][0] == 0) {
2038                 ecdsa_c[i][0] = 1;
2039                 ecdsa_c[i][1] = 1;
2040             }
2041         }
2042     }
2043 #   ifndef OPENSSL_NO_EC2M
2044     ecdsa_c[R_EC_K163][0] = count / 1000;
2045     ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
2046     for (i = R_EC_K233; i <= R_EC_K571; i++) {
2047         ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2048         ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2049         if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2050             ecdsa_doit[i] = 0;
2051         else {
2052             if (ecdsa_c[i][0] == 0) {
2053                 ecdsa_c[i][0] = 1;
2054                 ecdsa_c[i][1] = 1;
2055             }
2056         }
2057     }
2058     ecdsa_c[R_EC_B163][0] = count / 1000;
2059     ecdsa_c[R_EC_B163][1] = count / 1000 / 2;
2060     for (i = R_EC_B233; i <= R_EC_B571; i++) {
2061         ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2062         ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2063         if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2064             ecdsa_doit[i] = 0;
2065         else {
2066             if (ecdsa_c[i][0] == 0) {
2067                 ecdsa_c[i][0] = 1;
2068                 ecdsa_c[i][1] = 1;
2069             }
2070         }
2071     }
2072 #   endif
2073 
2074     ecdh_c[R_EC_P160][0] = count / 1000;
2075     for (i = R_EC_P192; i <= R_EC_P521; i++) {
2076         ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2077         if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2078             ecdh_doit[i] = 0;
2079         else {
2080             if (ecdh_c[i][0] == 0) {
2081                 ecdh_c[i][0] = 1;
2082             }
2083         }
2084     }
2085 #   ifndef OPENSSL_NO_EC2M
2086     ecdh_c[R_EC_K163][0] = count / 1000;
2087     for (i = R_EC_K233; i <= R_EC_K571; i++) {
2088         ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2089         if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2090             ecdh_doit[i] = 0;
2091         else {
2092             if (ecdh_c[i][0] == 0) {
2093                 ecdh_c[i][0] = 1;
2094             }
2095         }
2096     }
2097     ecdh_c[R_EC_B163][0] = count / 1000;
2098     for (i = R_EC_B233; i <= R_EC_B571; i++) {
2099         ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2100         if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2101             ecdh_doit[i] = 0;
2102         else {
2103             if (ecdh_c[i][0] == 0) {
2104                 ecdh_c[i][0] = 1;
2105             }
2106         }
2107     }
2108 #   endif
2109     /* repeated code good to factorize */
2110     ecdh_c[R_EC_BRP256R1][0] = count / 1000;
2111     for (i = R_EC_BRP384R1; i <= R_EC_BRP512R1; i += 2) {
2112         ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2113         if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2114             ecdh_doit[i] = 0;
2115         else {
2116             if (ecdh_c[i][0] == 0) {
2117                 ecdh_c[i][0] = 1;
2118             }
2119         }
2120     }
2121     ecdh_c[R_EC_BRP256T1][0] = count / 1000;
2122     for (i = R_EC_BRP384T1; i <= R_EC_BRP512T1; i += 2) {
2123         ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2124         if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2125             ecdh_doit[i] = 0;
2126         else {
2127             if (ecdh_c[i][0] == 0) {
2128                 ecdh_c[i][0] = 1;
2129             }
2130         }
2131     }
2132     /* default iteration count for the last two EC Curves */
2133     ecdh_c[R_EC_X25519][0] = count / 1800;
2134     ecdh_c[R_EC_X448][0] = count / 7200;
2135 
2136     eddsa_c[R_EC_Ed25519][0] = count / 1800;
2137     eddsa_c[R_EC_Ed448][0] = count / 7200;
2138 #  endif
2139 
2140 # else
2141 /* not worth fixing */
2142 #  error "You cannot disable DES on systems without SIGALRM."
2143 # endif                         /* OPENSSL_NO_DES */
2144 #elif SIGALRM > 0
2145     signal(SIGALRM, alarmed);
2146 #endif                          /* SIGALRM */
2147 
2148 #ifndef OPENSSL_NO_MD2
2149     if (doit[D_MD2]) {
2150         for (testnum = 0; testnum < size_num; testnum++) {
2151             print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum],
2152                           seconds.sym);
2153             Time_F(START);
2154             count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs);
2155             d = Time_F(STOP);
2156             print_result(D_MD2, testnum, count, d);
2157         }
2158     }
2159 #endif
2160 #ifndef OPENSSL_NO_MDC2
2161     if (doit[D_MDC2]) {
2162         for (testnum = 0; testnum < size_num; testnum++) {
2163             print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum],
2164                           seconds.sym);
2165             Time_F(START);
2166             count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs);
2167             d = Time_F(STOP);
2168             print_result(D_MDC2, testnum, count, d);
2169         }
2170     }
2171 #endif
2172 
2173 #ifndef OPENSSL_NO_MD4
2174     if (doit[D_MD4]) {
2175         for (testnum = 0; testnum < size_num; testnum++) {
2176             print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum],
2177                           seconds.sym);
2178             Time_F(START);
2179             count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs);
2180             d = Time_F(STOP);
2181             print_result(D_MD4, testnum, count, d);
2182         }
2183     }
2184 #endif
2185 
2186 #ifndef OPENSSL_NO_MD5
2187     if (doit[D_MD5]) {
2188         for (testnum = 0; testnum < size_num; testnum++) {
2189             print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum],
2190                           seconds.sym);
2191             Time_F(START);
2192             count = run_benchmark(async_jobs, MD5_loop, loopargs);
2193             d = Time_F(STOP);
2194             print_result(D_MD5, testnum, count, d);
2195         }
2196     }
2197 
2198     if (doit[D_HMAC]) {
2199         static const char hmac_key[] = "This is a key...";
2200         int len = strlen(hmac_key);
2201 
2202         for (i = 0; i < loopargs_len; i++) {
2203             loopargs[i].hctx = HMAC_CTX_new();
2204             if (loopargs[i].hctx == NULL) {
2205                 BIO_printf(bio_err, "HMAC malloc failure, exiting...");
2206                 exit(1);
2207             }
2208 
2209             HMAC_Init_ex(loopargs[i].hctx, hmac_key, len, EVP_md5(), NULL);
2210         }
2211         for (testnum = 0; testnum < size_num; testnum++) {
2212             print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum],
2213                           seconds.sym);
2214             Time_F(START);
2215             count = run_benchmark(async_jobs, HMAC_loop, loopargs);
2216             d = Time_F(STOP);
2217             print_result(D_HMAC, testnum, count, d);
2218         }
2219         for (i = 0; i < loopargs_len; i++) {
2220             HMAC_CTX_free(loopargs[i].hctx);
2221         }
2222     }
2223 #endif
2224     if (doit[D_SHA1]) {
2225         for (testnum = 0; testnum < size_num; testnum++) {
2226             print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum],
2227                           seconds.sym);
2228             Time_F(START);
2229             count = run_benchmark(async_jobs, SHA1_loop, loopargs);
2230             d = Time_F(STOP);
2231             print_result(D_SHA1, testnum, count, d);
2232         }
2233     }
2234     if (doit[D_SHA256]) {
2235         for (testnum = 0; testnum < size_num; testnum++) {
2236             print_message(names[D_SHA256], c[D_SHA256][testnum],
2237                           lengths[testnum], seconds.sym);
2238             Time_F(START);
2239             count = run_benchmark(async_jobs, SHA256_loop, loopargs);
2240             d = Time_F(STOP);
2241             print_result(D_SHA256, testnum, count, d);
2242         }
2243     }
2244     if (doit[D_SHA512]) {
2245         for (testnum = 0; testnum < size_num; testnum++) {
2246             print_message(names[D_SHA512], c[D_SHA512][testnum],
2247                           lengths[testnum], seconds.sym);
2248             Time_F(START);
2249             count = run_benchmark(async_jobs, SHA512_loop, loopargs);
2250             d = Time_F(STOP);
2251             print_result(D_SHA512, testnum, count, d);
2252         }
2253     }
2254 #ifndef OPENSSL_NO_WHIRLPOOL
2255     if (doit[D_WHIRLPOOL]) {
2256         for (testnum = 0; testnum < size_num; testnum++) {
2257             print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][testnum],
2258                           lengths[testnum], seconds.sym);
2259             Time_F(START);
2260             count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs);
2261             d = Time_F(STOP);
2262             print_result(D_WHIRLPOOL, testnum, count, d);
2263         }
2264     }
2265 #endif
2266 
2267 #ifndef OPENSSL_NO_RMD160
2268     if (doit[D_RMD160]) {
2269         for (testnum = 0; testnum < size_num; testnum++) {
2270             print_message(names[D_RMD160], c[D_RMD160][testnum],
2271                           lengths[testnum], seconds.sym);
2272             Time_F(START);
2273             count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs);
2274             d = Time_F(STOP);
2275             print_result(D_RMD160, testnum, count, d);
2276         }
2277     }
2278 #endif
2279 #ifndef OPENSSL_NO_RC4
2280     if (doit[D_RC4]) {
2281         for (testnum = 0; testnum < size_num; testnum++) {
2282             print_message(names[D_RC4], c[D_RC4][testnum], lengths[testnum],
2283                           seconds.sym);
2284             Time_F(START);
2285             count = run_benchmark(async_jobs, RC4_loop, loopargs);
2286             d = Time_F(STOP);
2287             print_result(D_RC4, testnum, count, d);
2288         }
2289     }
2290 #endif
2291 #ifndef OPENSSL_NO_DES
2292     if (doit[D_CBC_DES]) {
2293         for (testnum = 0; testnum < size_num; testnum++) {
2294             print_message(names[D_CBC_DES], c[D_CBC_DES][testnum],
2295                           lengths[testnum], seconds.sym);
2296             Time_F(START);
2297             count = run_benchmark(async_jobs, DES_ncbc_encrypt_loop, loopargs);
2298             d = Time_F(STOP);
2299             print_result(D_CBC_DES, testnum, count, d);
2300         }
2301     }
2302 
2303     if (doit[D_EDE3_DES]) {
2304         for (testnum = 0; testnum < size_num; testnum++) {
2305             print_message(names[D_EDE3_DES], c[D_EDE3_DES][testnum],
2306                           lengths[testnum], seconds.sym);
2307             Time_F(START);
2308             count =
2309                 run_benchmark(async_jobs, DES_ede3_cbc_encrypt_loop, loopargs);
2310             d = Time_F(STOP);
2311             print_result(D_EDE3_DES, testnum, count, d);
2312         }
2313     }
2314 #endif
2315 
2316     if (doit[D_CBC_128_AES]) {
2317         for (testnum = 0; testnum < size_num; testnum++) {
2318             print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][testnum],
2319                           lengths[testnum], seconds.sym);
2320             Time_F(START);
2321             count =
2322                 run_benchmark(async_jobs, AES_cbc_128_encrypt_loop, loopargs);
2323             d = Time_F(STOP);
2324             print_result(D_CBC_128_AES, testnum, count, d);
2325         }
2326     }
2327     if (doit[D_CBC_192_AES]) {
2328         for (testnum = 0; testnum < size_num; testnum++) {
2329             print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][testnum],
2330                           lengths[testnum], seconds.sym);
2331             Time_F(START);
2332             count =
2333                 run_benchmark(async_jobs, AES_cbc_192_encrypt_loop, loopargs);
2334             d = Time_F(STOP);
2335             print_result(D_CBC_192_AES, testnum, count, d);
2336         }
2337     }
2338     if (doit[D_CBC_256_AES]) {
2339         for (testnum = 0; testnum < size_num; testnum++) {
2340             print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][testnum],
2341                           lengths[testnum], seconds.sym);
2342             Time_F(START);
2343             count =
2344                 run_benchmark(async_jobs, AES_cbc_256_encrypt_loop, loopargs);
2345             d = Time_F(STOP);
2346             print_result(D_CBC_256_AES, testnum, count, d);
2347         }
2348     }
2349 
2350     if (doit[D_IGE_128_AES]) {
2351         for (testnum = 0; testnum < size_num; testnum++) {
2352             print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][testnum],
2353                           lengths[testnum], seconds.sym);
2354             Time_F(START);
2355             count =
2356                 run_benchmark(async_jobs, AES_ige_128_encrypt_loop, loopargs);
2357             d = Time_F(STOP);
2358             print_result(D_IGE_128_AES, testnum, count, d);
2359         }
2360     }
2361     if (doit[D_IGE_192_AES]) {
2362         for (testnum = 0; testnum < size_num; testnum++) {
2363             print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][testnum],
2364                           lengths[testnum], seconds.sym);
2365             Time_F(START);
2366             count =
2367                 run_benchmark(async_jobs, AES_ige_192_encrypt_loop, loopargs);
2368             d = Time_F(STOP);
2369             print_result(D_IGE_192_AES, testnum, count, d);
2370         }
2371     }
2372     if (doit[D_IGE_256_AES]) {
2373         for (testnum = 0; testnum < size_num; testnum++) {
2374             print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][testnum],
2375                           lengths[testnum], seconds.sym);
2376             Time_F(START);
2377             count =
2378                 run_benchmark(async_jobs, AES_ige_256_encrypt_loop, loopargs);
2379             d = Time_F(STOP);
2380             print_result(D_IGE_256_AES, testnum, count, d);
2381         }
2382     }
2383     if (doit[D_GHASH]) {
2384         for (i = 0; i < loopargs_len; i++) {
2385             loopargs[i].gcm_ctx =
2386                 CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
2387             CRYPTO_gcm128_setiv(loopargs[i].gcm_ctx,
2388                                 (unsigned char *)"0123456789ab", 12);
2389         }
2390 
2391         for (testnum = 0; testnum < size_num; testnum++) {
2392             print_message(names[D_GHASH], c[D_GHASH][testnum],
2393                           lengths[testnum], seconds.sym);
2394             Time_F(START);
2395             count = run_benchmark(async_jobs, CRYPTO_gcm128_aad_loop, loopargs);
2396             d = Time_F(STOP);
2397             print_result(D_GHASH, testnum, count, d);
2398         }
2399         for (i = 0; i < loopargs_len; i++)
2400             CRYPTO_gcm128_release(loopargs[i].gcm_ctx);
2401     }
2402 #ifndef OPENSSL_NO_CAMELLIA
2403     if (doit[D_CBC_128_CML]) {
2404         if (async_jobs > 0) {
2405             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2406                        names[D_CBC_128_CML]);
2407             doit[D_CBC_128_CML] = 0;
2408         }
2409         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2410             print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][testnum],
2411                           lengths[testnum], seconds.sym);
2412             Time_F(START);
2413             for (count = 0; COND(c[D_CBC_128_CML][testnum]); count++)
2414                 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2415                                      (size_t)lengths[testnum], &camellia_ks1,
2416                                      iv, CAMELLIA_ENCRYPT);
2417             d = Time_F(STOP);
2418             print_result(D_CBC_128_CML, testnum, count, d);
2419         }
2420     }
2421     if (doit[D_CBC_192_CML]) {
2422         if (async_jobs > 0) {
2423             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2424                        names[D_CBC_192_CML]);
2425             doit[D_CBC_192_CML] = 0;
2426         }
2427         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2428             print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][testnum],
2429                           lengths[testnum], seconds.sym);
2430             if (async_jobs > 0) {
2431                 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2432                 exit(1);
2433             }
2434             Time_F(START);
2435             for (count = 0; COND(c[D_CBC_192_CML][testnum]); count++)
2436                 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2437                                      (size_t)lengths[testnum], &camellia_ks2,
2438                                      iv, CAMELLIA_ENCRYPT);
2439             d = Time_F(STOP);
2440             print_result(D_CBC_192_CML, testnum, count, d);
2441         }
2442     }
2443     if (doit[D_CBC_256_CML]) {
2444         if (async_jobs > 0) {
2445             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2446                        names[D_CBC_256_CML]);
2447             doit[D_CBC_256_CML] = 0;
2448         }
2449         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2450             print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][testnum],
2451                           lengths[testnum], seconds.sym);
2452             Time_F(START);
2453             for (count = 0; COND(c[D_CBC_256_CML][testnum]); count++)
2454                 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2455                                      (size_t)lengths[testnum], &camellia_ks3,
2456                                      iv, CAMELLIA_ENCRYPT);
2457             d = Time_F(STOP);
2458             print_result(D_CBC_256_CML, testnum, count, d);
2459         }
2460     }
2461 #endif
2462 #ifndef OPENSSL_NO_IDEA
2463     if (doit[D_CBC_IDEA]) {
2464         if (async_jobs > 0) {
2465             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2466                        names[D_CBC_IDEA]);
2467             doit[D_CBC_IDEA] = 0;
2468         }
2469         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2470             print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][testnum],
2471                           lengths[testnum], seconds.sym);
2472             Time_F(START);
2473             for (count = 0; COND(c[D_CBC_IDEA][testnum]); count++)
2474                 IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2475                                  (size_t)lengths[testnum], &idea_ks,
2476                                  iv, IDEA_ENCRYPT);
2477             d = Time_F(STOP);
2478             print_result(D_CBC_IDEA, testnum, count, d);
2479         }
2480     }
2481 #endif
2482 #ifndef OPENSSL_NO_SEED
2483     if (doit[D_CBC_SEED]) {
2484         if (async_jobs > 0) {
2485             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2486                        names[D_CBC_SEED]);
2487             doit[D_CBC_SEED] = 0;
2488         }
2489         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2490             print_message(names[D_CBC_SEED], c[D_CBC_SEED][testnum],
2491                           lengths[testnum], seconds.sym);
2492             Time_F(START);
2493             for (count = 0; COND(c[D_CBC_SEED][testnum]); count++)
2494                 SEED_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2495                                  (size_t)lengths[testnum], &seed_ks, iv, 1);
2496             d = Time_F(STOP);
2497             print_result(D_CBC_SEED, testnum, count, d);
2498         }
2499     }
2500 #endif
2501 #ifndef OPENSSL_NO_RC2
2502     if (doit[D_CBC_RC2]) {
2503         if (async_jobs > 0) {
2504             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2505                        names[D_CBC_RC2]);
2506             doit[D_CBC_RC2] = 0;
2507         }
2508         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2509             print_message(names[D_CBC_RC2], c[D_CBC_RC2][testnum],
2510                           lengths[testnum], seconds.sym);
2511             if (async_jobs > 0) {
2512                 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2513                 exit(1);
2514             }
2515             Time_F(START);
2516             for (count = 0; COND(c[D_CBC_RC2][testnum]); count++)
2517                 RC2_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2518                                 (size_t)lengths[testnum], &rc2_ks,
2519                                 iv, RC2_ENCRYPT);
2520             d = Time_F(STOP);
2521             print_result(D_CBC_RC2, testnum, count, d);
2522         }
2523     }
2524 #endif
2525 #ifndef OPENSSL_NO_RC5
2526     if (doit[D_CBC_RC5]) {
2527         if (async_jobs > 0) {
2528             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2529                        names[D_CBC_RC5]);
2530             doit[D_CBC_RC5] = 0;
2531         }
2532         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2533             print_message(names[D_CBC_RC5], c[D_CBC_RC5][testnum],
2534                           lengths[testnum], seconds.sym);
2535             if (async_jobs > 0) {
2536                 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2537                 exit(1);
2538             }
2539             Time_F(START);
2540             for (count = 0; COND(c[D_CBC_RC5][testnum]); count++)
2541                 RC5_32_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2542                                    (size_t)lengths[testnum], &rc5_ks,
2543                                    iv, RC5_ENCRYPT);
2544             d = Time_F(STOP);
2545             print_result(D_CBC_RC5, testnum, count, d);
2546         }
2547     }
2548 #endif
2549 #ifndef OPENSSL_NO_BF
2550     if (doit[D_CBC_BF]) {
2551         if (async_jobs > 0) {
2552             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2553                        names[D_CBC_BF]);
2554             doit[D_CBC_BF] = 0;
2555         }
2556         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2557             print_message(names[D_CBC_BF], c[D_CBC_BF][testnum],
2558                           lengths[testnum], seconds.sym);
2559             Time_F(START);
2560             for (count = 0; COND(c[D_CBC_BF][testnum]); count++)
2561                 BF_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2562                                (size_t)lengths[testnum], &bf_ks,
2563                                iv, BF_ENCRYPT);
2564             d = Time_F(STOP);
2565             print_result(D_CBC_BF, testnum, count, d);
2566         }
2567     }
2568 #endif
2569 #ifndef OPENSSL_NO_CAST
2570     if (doit[D_CBC_CAST]) {
2571         if (async_jobs > 0) {
2572             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2573                        names[D_CBC_CAST]);
2574             doit[D_CBC_CAST] = 0;
2575         }
2576         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2577             print_message(names[D_CBC_CAST], c[D_CBC_CAST][testnum],
2578                           lengths[testnum], seconds.sym);
2579             Time_F(START);
2580             for (count = 0; COND(c[D_CBC_CAST][testnum]); count++)
2581                 CAST_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2582                                  (size_t)lengths[testnum], &cast_ks,
2583                                  iv, CAST_ENCRYPT);
2584             d = Time_F(STOP);
2585             print_result(D_CBC_CAST, testnum, count, d);
2586         }
2587     }
2588 #endif
2589     if (doit[D_RAND]) {
2590         for (testnum = 0; testnum < size_num; testnum++) {
2591             print_message(names[D_RAND], c[D_RAND][testnum], lengths[testnum],
2592                           seconds.sym);
2593             Time_F(START);
2594             count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs);
2595             d = Time_F(STOP);
2596             print_result(D_RAND, testnum, count, d);
2597         }
2598     }
2599 
2600     if (doit[D_EVP]) {
2601         if (evp_cipher != NULL) {
2602             int (*loopfunc)(void *args) = EVP_Update_loop;
2603 
2604             if (multiblock && (EVP_CIPHER_flags(evp_cipher) &
2605                                EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
2606                 multiblock_speed(evp_cipher, lengths_single, &seconds);
2607                 ret = 0;
2608                 goto end;
2609             }
2610 
2611             names[D_EVP] = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
2612 
2613             if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_CCM_MODE) {
2614                 loopfunc = EVP_Update_loop_ccm;
2615             } else if (aead && (EVP_CIPHER_flags(evp_cipher) &
2616                                 EVP_CIPH_FLAG_AEAD_CIPHER)) {
2617                 loopfunc = EVP_Update_loop_aead;
2618                 if (lengths == lengths_list) {
2619                     lengths = aead_lengths_list;
2620                     size_num = OSSL_NELEM(aead_lengths_list);
2621                 }
2622             }
2623 
2624             for (testnum = 0; testnum < size_num; testnum++) {
2625                 print_message(names[D_EVP], save_count, lengths[testnum],
2626                               seconds.sym);
2627 
2628                 for (k = 0; k < loopargs_len; k++) {
2629                     loopargs[k].ctx = EVP_CIPHER_CTX_new();
2630                     if (loopargs[k].ctx == NULL) {
2631                         BIO_printf(bio_err, "\nEVP_CIPHER_CTX_new failure\n");
2632                         exit(1);
2633                     }
2634                     if (!EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL,
2635                                            NULL, iv, decrypt ? 0 : 1)) {
2636                         BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2637                         ERR_print_errors(bio_err);
2638                         exit(1);
2639                     }
2640 
2641                     EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
2642 
2643                     keylen = EVP_CIPHER_CTX_key_length(loopargs[k].ctx);
2644                     loopargs[k].key = app_malloc(keylen, "evp_cipher key");
2645                     EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key);
2646                     if (!EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
2647                                            loopargs[k].key, NULL, -1)) {
2648                         BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2649                         ERR_print_errors(bio_err);
2650                         exit(1);
2651                     }
2652                     OPENSSL_clear_free(loopargs[k].key, keylen);
2653                 }
2654 
2655                 Time_F(START);
2656                 count = run_benchmark(async_jobs, loopfunc, loopargs);
2657                 d = Time_F(STOP);
2658                 for (k = 0; k < loopargs_len; k++) {
2659                     EVP_CIPHER_CTX_free(loopargs[k].ctx);
2660                 }
2661                 print_result(D_EVP, testnum, count, d);
2662             }
2663         } else if (evp_md != NULL) {
2664             names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md));
2665 
2666             for (testnum = 0; testnum < size_num; testnum++) {
2667                 print_message(names[D_EVP], save_count, lengths[testnum],
2668                               seconds.sym);
2669                 Time_F(START);
2670                 count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs);
2671                 d = Time_F(STOP);
2672                 print_result(D_EVP, testnum, count, d);
2673             }
2674         }
2675     }
2676 
2677     for (i = 0; i < loopargs_len; i++)
2678         if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2679             goto end;
2680 
2681 #ifndef OPENSSL_NO_RSA
2682     for (testnum = 0; testnum < RSA_NUM; testnum++) {
2683         int st = 0;
2684         if (!rsa_doit[testnum])
2685             continue;
2686         for (i = 0; i < loopargs_len; i++) {
2687             if (primes > 2) {
2688                 /* we haven't set keys yet,  generate multi-prime RSA keys */
2689                 BIGNUM *bn = BN_new();
2690 
2691                 if (bn == NULL)
2692                     goto end;
2693                 if (!BN_set_word(bn, RSA_F4)) {
2694                     BN_free(bn);
2695                     goto end;
2696                 }
2697 
2698                 BIO_printf(bio_err, "Generate multi-prime RSA key for %s\n",
2699                            rsa_choices[testnum].name);
2700 
2701                 loopargs[i].rsa_key[testnum] = RSA_new();
2702                 if (loopargs[i].rsa_key[testnum] == NULL) {
2703                     BN_free(bn);
2704                     goto end;
2705                 }
2706 
2707                 if (!RSA_generate_multi_prime_key(loopargs[i].rsa_key[testnum],
2708                                                   rsa_bits[testnum],
2709                                                   primes, bn, NULL)) {
2710                     BN_free(bn);
2711                     goto end;
2712                 }
2713                 BN_free(bn);
2714             }
2715             st = RSA_sign(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2716                           &loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2717             if (st == 0)
2718                 break;
2719         }
2720         if (st == 0) {
2721             BIO_printf(bio_err,
2722                        "RSA sign failure.  No RSA sign will be done.\n");
2723             ERR_print_errors(bio_err);
2724             rsa_count = 1;
2725         } else {
2726             pkey_print_message("private", "rsa",
2727                                rsa_c[testnum][0], rsa_bits[testnum],
2728                                seconds.rsa);
2729             /* RSA_blinding_on(rsa_key[testnum],NULL); */
2730             Time_F(START);
2731             count = run_benchmark(async_jobs, RSA_sign_loop, loopargs);
2732             d = Time_F(STOP);
2733             BIO_printf(bio_err,
2734                        mr ? "+R1:%ld:%d:%.2f\n"
2735                        : "%ld %u bits private RSA's in %.2fs\n",
2736                        count, rsa_bits[testnum], d);
2737             rsa_results[testnum][0] = (double)count / d;
2738             rsa_count = count;
2739         }
2740 
2741         for (i = 0; i < loopargs_len; i++) {
2742             st = RSA_verify(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2743                             loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2744             if (st <= 0)
2745                 break;
2746         }
2747         if (st <= 0) {
2748             BIO_printf(bio_err,
2749                        "RSA verify failure.  No RSA verify will be done.\n");
2750             ERR_print_errors(bio_err);
2751             rsa_doit[testnum] = 0;
2752         } else {
2753             pkey_print_message("public", "rsa",
2754                                rsa_c[testnum][1], rsa_bits[testnum],
2755                                seconds.rsa);
2756             Time_F(START);
2757             count = run_benchmark(async_jobs, RSA_verify_loop, loopargs);
2758             d = Time_F(STOP);
2759             BIO_printf(bio_err,
2760                        mr ? "+R2:%ld:%d:%.2f\n"
2761                        : "%ld %u bits public RSA's in %.2fs\n",
2762                        count, rsa_bits[testnum], d);
2763             rsa_results[testnum][1] = (double)count / d;
2764         }
2765 
2766         if (rsa_count <= 1) {
2767             /* if longer than 10s, don't do any more */
2768             for (testnum++; testnum < RSA_NUM; testnum++)
2769                 rsa_doit[testnum] = 0;
2770         }
2771     }
2772 #endif                          /* OPENSSL_NO_RSA */
2773 
2774     for (i = 0; i < loopargs_len; i++)
2775         if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2776             goto end;
2777 
2778 #ifndef OPENSSL_NO_DSA
2779     for (testnum = 0; testnum < DSA_NUM; testnum++) {
2780         int st = 0;
2781         if (!dsa_doit[testnum])
2782             continue;
2783 
2784         /* DSA_generate_key(dsa_key[testnum]); */
2785         /* DSA_sign_setup(dsa_key[testnum],NULL); */
2786         for (i = 0; i < loopargs_len; i++) {
2787             st = DSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
2788                           &loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2789             if (st == 0)
2790                 break;
2791         }
2792         if (st == 0) {
2793             BIO_printf(bio_err,
2794                        "DSA sign failure.  No DSA sign will be done.\n");
2795             ERR_print_errors(bio_err);
2796             rsa_count = 1;
2797         } else {
2798             pkey_print_message("sign", "dsa",
2799                                dsa_c[testnum][0], dsa_bits[testnum],
2800                                seconds.dsa);
2801             Time_F(START);
2802             count = run_benchmark(async_jobs, DSA_sign_loop, loopargs);
2803             d = Time_F(STOP);
2804             BIO_printf(bio_err,
2805                        mr ? "+R3:%ld:%u:%.2f\n"
2806                        : "%ld %u bits DSA signs in %.2fs\n",
2807                        count, dsa_bits[testnum], d);
2808             dsa_results[testnum][0] = (double)count / d;
2809             rsa_count = count;
2810         }
2811 
2812         for (i = 0; i < loopargs_len; i++) {
2813             st = DSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
2814                             loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2815             if (st <= 0)
2816                 break;
2817         }
2818         if (st <= 0) {
2819             BIO_printf(bio_err,
2820                        "DSA verify failure.  No DSA verify will be done.\n");
2821             ERR_print_errors(bio_err);
2822             dsa_doit[testnum] = 0;
2823         } else {
2824             pkey_print_message("verify", "dsa",
2825                                dsa_c[testnum][1], dsa_bits[testnum],
2826                                seconds.dsa);
2827             Time_F(START);
2828             count = run_benchmark(async_jobs, DSA_verify_loop, loopargs);
2829             d = Time_F(STOP);
2830             BIO_printf(bio_err,
2831                        mr ? "+R4:%ld:%u:%.2f\n"
2832                        : "%ld %u bits DSA verify in %.2fs\n",
2833                        count, dsa_bits[testnum], d);
2834             dsa_results[testnum][1] = (double)count / d;
2835         }
2836 
2837         if (rsa_count <= 1) {
2838             /* if longer than 10s, don't do any more */
2839             for (testnum++; testnum < DSA_NUM; testnum++)
2840                 dsa_doit[testnum] = 0;
2841         }
2842     }
2843 #endif                          /* OPENSSL_NO_DSA */
2844 
2845 #ifndef OPENSSL_NO_EC
2846     for (testnum = 0; testnum < ECDSA_NUM; testnum++) {
2847         int st = 1;
2848 
2849         if (!ecdsa_doit[testnum])
2850             continue;           /* Ignore Curve */
2851         for (i = 0; i < loopargs_len; i++) {
2852             loopargs[i].ecdsa[testnum] =
2853                 EC_KEY_new_by_curve_name(test_curves[testnum].nid);
2854             if (loopargs[i].ecdsa[testnum] == NULL) {
2855                 st = 0;
2856                 break;
2857             }
2858         }
2859         if (st == 0) {
2860             BIO_printf(bio_err, "ECDSA failure.\n");
2861             ERR_print_errors(bio_err);
2862             rsa_count = 1;
2863         } else {
2864             for (i = 0; i < loopargs_len; i++) {
2865                 EC_KEY_precompute_mult(loopargs[i].ecdsa[testnum], NULL);
2866                 /* Perform ECDSA signature test */
2867                 EC_KEY_generate_key(loopargs[i].ecdsa[testnum]);
2868                 st = ECDSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
2869                                 &loopargs[i].siglen,
2870                                 loopargs[i].ecdsa[testnum]);
2871                 if (st == 0)
2872                     break;
2873             }
2874             if (st == 0) {
2875                 BIO_printf(bio_err,
2876                            "ECDSA sign failure.  No ECDSA sign will be done.\n");
2877                 ERR_print_errors(bio_err);
2878                 rsa_count = 1;
2879             } else {
2880                 pkey_print_message("sign", "ecdsa",
2881                                    ecdsa_c[testnum][0],
2882                                    test_curves[testnum].bits, seconds.ecdsa);
2883                 Time_F(START);
2884                 count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs);
2885                 d = Time_F(STOP);
2886 
2887                 BIO_printf(bio_err,
2888                            mr ? "+R5:%ld:%u:%.2f\n" :
2889                            "%ld %u bits ECDSA signs in %.2fs \n",
2890                            count, test_curves[testnum].bits, d);
2891                 ecdsa_results[testnum][0] = (double)count / d;
2892                 rsa_count = count;
2893             }
2894 
2895             /* Perform ECDSA verification test */
2896             for (i = 0; i < loopargs_len; i++) {
2897                 st = ECDSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
2898                                   loopargs[i].siglen,
2899                                   loopargs[i].ecdsa[testnum]);
2900                 if (st != 1)
2901                     break;
2902             }
2903             if (st != 1) {
2904                 BIO_printf(bio_err,
2905                            "ECDSA verify failure.  No ECDSA verify will be done.\n");
2906                 ERR_print_errors(bio_err);
2907                 ecdsa_doit[testnum] = 0;
2908             } else {
2909                 pkey_print_message("verify", "ecdsa",
2910                                    ecdsa_c[testnum][1],
2911                                    test_curves[testnum].bits, seconds.ecdsa);
2912                 Time_F(START);
2913                 count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs);
2914                 d = Time_F(STOP);
2915                 BIO_printf(bio_err,
2916                            mr ? "+R6:%ld:%u:%.2f\n"
2917                            : "%ld %u bits ECDSA verify in %.2fs\n",
2918                            count, test_curves[testnum].bits, d);
2919                 ecdsa_results[testnum][1] = (double)count / d;
2920             }
2921 
2922             if (rsa_count <= 1) {
2923                 /* if longer than 10s, don't do any more */
2924                 for (testnum++; testnum < ECDSA_NUM; testnum++)
2925                     ecdsa_doit[testnum] = 0;
2926             }
2927         }
2928     }
2929 
2930     for (testnum = 0; testnum < EC_NUM; testnum++) {
2931         int ecdh_checks = 1;
2932 
2933         if (!ecdh_doit[testnum])
2934             continue;
2935 
2936         for (i = 0; i < loopargs_len; i++) {
2937             EVP_PKEY_CTX *kctx = NULL;
2938             EVP_PKEY_CTX *test_ctx = NULL;
2939             EVP_PKEY_CTX *ctx = NULL;
2940             EVP_PKEY *key_A = NULL;
2941             EVP_PKEY *key_B = NULL;
2942             size_t outlen;
2943             size_t test_outlen;
2944 
2945             /* Ensure that the error queue is empty */
2946             if (ERR_peek_error()) {
2947                 BIO_printf(bio_err,
2948                            "WARNING: the error queue contains previous unhandled errors.\n");
2949                 ERR_print_errors(bio_err);
2950             }
2951 
2952             /* Let's try to create a ctx directly from the NID: this works for
2953              * curves like Curve25519 that are not implemented through the low
2954              * level EC interface.
2955              * If this fails we try creating a EVP_PKEY_EC generic param ctx,
2956              * then we set the curve by NID before deriving the actual keygen
2957              * ctx for that specific curve. */
2958             kctx = EVP_PKEY_CTX_new_id(test_curves[testnum].nid, NULL); /* keygen ctx from NID */
2959             if (!kctx) {
2960                 EVP_PKEY_CTX *pctx = NULL;
2961                 EVP_PKEY *params = NULL;
2962 
2963                 /* If we reach this code EVP_PKEY_CTX_new_id() failed and a
2964                  * "int_ctx_new:unsupported algorithm" error was added to the
2965                  * error queue.
2966                  * We remove it from the error queue as we are handling it. */
2967                 unsigned long error = ERR_peek_error(); /* peek the latest error in the queue */
2968                 if (error == ERR_peek_last_error() && /* oldest and latest errors match */
2969                     /* check that the error origin matches */
2970                     ERR_GET_LIB(error) == ERR_LIB_EVP &&
2971                     ERR_GET_FUNC(error) == EVP_F_INT_CTX_NEW &&
2972                     ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM)
2973                     ERR_get_error(); /* pop error from queue */
2974                 if (ERR_peek_error()) {
2975                     BIO_printf(bio_err,
2976                                "Unhandled error in the error queue during ECDH init.\n");
2977                     ERR_print_errors(bio_err);
2978                     rsa_count = 1;
2979                     break;
2980                 }
2981 
2982                 if (            /* Create the context for parameter generation */
2983                        !(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) ||
2984                        /* Initialise the parameter generation */
2985                        !EVP_PKEY_paramgen_init(pctx) ||
2986                        /* Set the curve by NID */
2987                        !EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
2988                                                                test_curves
2989                                                                [testnum].nid) ||
2990                        /* Create the parameter object params */
2991                        !EVP_PKEY_paramgen(pctx, &params)) {
2992                     ecdh_checks = 0;
2993                     BIO_printf(bio_err, "ECDH EC params init failure.\n");
2994                     ERR_print_errors(bio_err);
2995                     rsa_count = 1;
2996                     break;
2997                 }
2998                 /* Create the context for the key generation */
2999                 kctx = EVP_PKEY_CTX_new(params, NULL);
3000 
3001                 EVP_PKEY_free(params);
3002                 params = NULL;
3003                 EVP_PKEY_CTX_free(pctx);
3004                 pctx = NULL;
3005             }
3006             if (kctx == NULL ||      /* keygen ctx is not null */
3007                 EVP_PKEY_keygen_init(kctx) <= 0/* init keygen ctx */ ) {
3008                 ecdh_checks = 0;
3009                 BIO_printf(bio_err, "ECDH keygen failure.\n");
3010                 ERR_print_errors(bio_err);
3011                 rsa_count = 1;
3012                 break;
3013             }
3014 
3015             if (EVP_PKEY_keygen(kctx, &key_A) <= 0 || /* generate secret key A */
3016                 EVP_PKEY_keygen(kctx, &key_B) <= 0 || /* generate secret key B */
3017                 !(ctx = EVP_PKEY_CTX_new(key_A, NULL)) || /* derivation ctx from skeyA */
3018                 EVP_PKEY_derive_init(ctx) <= 0 || /* init derivation ctx */
3019                 EVP_PKEY_derive_set_peer(ctx, key_B) <= 0 || /* set peer pubkey in ctx */
3020                 EVP_PKEY_derive(ctx, NULL, &outlen) <= 0 || /* determine max length */
3021                 outlen == 0 ||  /* ensure outlen is a valid size */
3022                 outlen > MAX_ECDH_SIZE /* avoid buffer overflow */ ) {
3023                 ecdh_checks = 0;
3024                 BIO_printf(bio_err, "ECDH key generation failure.\n");
3025                 ERR_print_errors(bio_err);
3026                 rsa_count = 1;
3027                 break;
3028             }
3029 
3030             /* Here we perform a test run, comparing the output of a*B and b*A;
3031              * we try this here and assume that further EVP_PKEY_derive calls
3032              * never fail, so we can skip checks in the actually benchmarked
3033              * code, for maximum performance. */
3034             if (!(test_ctx = EVP_PKEY_CTX_new(key_B, NULL)) || /* test ctx from skeyB */
3035                 !EVP_PKEY_derive_init(test_ctx) || /* init derivation test_ctx */
3036                 !EVP_PKEY_derive_set_peer(test_ctx, key_A) || /* set peer pubkey in test_ctx */
3037                 !EVP_PKEY_derive(test_ctx, NULL, &test_outlen) || /* determine max length */
3038                 !EVP_PKEY_derive(ctx, loopargs[i].secret_a, &outlen) || /* compute a*B */
3039                 !EVP_PKEY_derive(test_ctx, loopargs[i].secret_b, &test_outlen) || /* compute b*A */
3040                 test_outlen != outlen /* compare output length */ ) {
3041                 ecdh_checks = 0;
3042                 BIO_printf(bio_err, "ECDH computation failure.\n");
3043                 ERR_print_errors(bio_err);
3044                 rsa_count = 1;
3045                 break;
3046             }
3047 
3048             /* Compare the computation results: CRYPTO_memcmp() returns 0 if equal */
3049             if (CRYPTO_memcmp(loopargs[i].secret_a,
3050                               loopargs[i].secret_b, outlen)) {
3051                 ecdh_checks = 0;
3052                 BIO_printf(bio_err, "ECDH computations don't match.\n");
3053                 ERR_print_errors(bio_err);
3054                 rsa_count = 1;
3055                 break;
3056             }
3057 
3058             loopargs[i].ecdh_ctx[testnum] = ctx;
3059             loopargs[i].outlen[testnum] = outlen;
3060 
3061             EVP_PKEY_free(key_A);
3062             EVP_PKEY_free(key_B);
3063             EVP_PKEY_CTX_free(kctx);
3064             kctx = NULL;
3065             EVP_PKEY_CTX_free(test_ctx);
3066             test_ctx = NULL;
3067         }
3068         if (ecdh_checks != 0) {
3069             pkey_print_message("", "ecdh",
3070                                ecdh_c[testnum][0],
3071                                test_curves[testnum].bits, seconds.ecdh);
3072             Time_F(START);
3073             count =
3074                 run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs);
3075             d = Time_F(STOP);
3076             BIO_printf(bio_err,
3077                        mr ? "+R7:%ld:%d:%.2f\n" :
3078                        "%ld %u-bits ECDH ops in %.2fs\n", count,
3079                        test_curves[testnum].bits, d);
3080             ecdh_results[testnum][0] = (double)count / d;
3081             rsa_count = count;
3082         }
3083 
3084         if (rsa_count <= 1) {
3085             /* if longer than 10s, don't do any more */
3086             for (testnum++; testnum < OSSL_NELEM(ecdh_doit); testnum++)
3087                 ecdh_doit[testnum] = 0;
3088         }
3089     }
3090 
3091     for (testnum = 0; testnum < EdDSA_NUM; testnum++) {
3092         int st = 1;
3093         EVP_PKEY *ed_pkey = NULL;
3094         EVP_PKEY_CTX *ed_pctx = NULL;
3095 
3096         if (!eddsa_doit[testnum])
3097             continue;           /* Ignore Curve */
3098         for (i = 0; i < loopargs_len; i++) {
3099             loopargs[i].eddsa_ctx[testnum] = EVP_MD_CTX_new();
3100             if (loopargs[i].eddsa_ctx[testnum] == NULL) {
3101                 st = 0;
3102                 break;
3103             }
3104 
3105             if ((ed_pctx = EVP_PKEY_CTX_new_id(test_ed_curves[testnum].nid, NULL))
3106                     == NULL
3107                 || EVP_PKEY_keygen_init(ed_pctx) <= 0
3108                 || EVP_PKEY_keygen(ed_pctx, &ed_pkey) <= 0) {
3109                 st = 0;
3110                 EVP_PKEY_CTX_free(ed_pctx);
3111                 break;
3112             }
3113             EVP_PKEY_CTX_free(ed_pctx);
3114 
3115             if (!EVP_DigestSignInit(loopargs[i].eddsa_ctx[testnum], NULL, NULL,
3116                                     NULL, ed_pkey)) {
3117                 st = 0;
3118                 EVP_PKEY_free(ed_pkey);
3119                 break;
3120             }
3121             EVP_PKEY_free(ed_pkey);
3122         }
3123         if (st == 0) {
3124             BIO_printf(bio_err, "EdDSA failure.\n");
3125             ERR_print_errors(bio_err);
3126             rsa_count = 1;
3127         } else {
3128             for (i = 0; i < loopargs_len; i++) {
3129                 /* Perform EdDSA signature test */
3130                 loopargs[i].sigsize = test_ed_curves[testnum].sigsize;
3131                 st = EVP_DigestSign(loopargs[i].eddsa_ctx[testnum],
3132                                     loopargs[i].buf2, &loopargs[i].sigsize,
3133                                     loopargs[i].buf, 20);
3134                 if (st == 0)
3135                     break;
3136             }
3137             if (st == 0) {
3138                 BIO_printf(bio_err,
3139                            "EdDSA sign failure.  No EdDSA sign will be done.\n");
3140                 ERR_print_errors(bio_err);
3141                 rsa_count = 1;
3142             } else {
3143                 pkey_print_message("sign", test_ed_curves[testnum].name,
3144                                    eddsa_c[testnum][0],
3145                                    test_ed_curves[testnum].bits, seconds.eddsa);
3146                 Time_F(START);
3147                 count = run_benchmark(async_jobs, EdDSA_sign_loop, loopargs);
3148                 d = Time_F(STOP);
3149 
3150                 BIO_printf(bio_err,
3151                            mr ? "+R8:%ld:%u:%s:%.2f\n" :
3152                            "%ld %u bits %s signs in %.2fs \n",
3153                            count, test_ed_curves[testnum].bits,
3154                            test_ed_curves[testnum].name, d);
3155                 eddsa_results[testnum][0] = (double)count / d;
3156                 rsa_count = count;
3157             }
3158 
3159             /* Perform EdDSA verification test */
3160             for (i = 0; i < loopargs_len; i++) {
3161                 st = EVP_DigestVerify(loopargs[i].eddsa_ctx[testnum],
3162                                       loopargs[i].buf2, loopargs[i].sigsize,
3163                                       loopargs[i].buf, 20);
3164                 if (st != 1)
3165                     break;
3166             }
3167             if (st != 1) {
3168                 BIO_printf(bio_err,
3169                            "EdDSA verify failure.  No EdDSA verify will be done.\n");
3170                 ERR_print_errors(bio_err);
3171                 eddsa_doit[testnum] = 0;
3172             } else {
3173                 pkey_print_message("verify", test_ed_curves[testnum].name,
3174                                    eddsa_c[testnum][1],
3175                                    test_ed_curves[testnum].bits, seconds.eddsa);
3176                 Time_F(START);
3177                 count = run_benchmark(async_jobs, EdDSA_verify_loop, loopargs);
3178                 d = Time_F(STOP);
3179                 BIO_printf(bio_err,
3180                            mr ? "+R9:%ld:%u:%s:%.2f\n"
3181                            : "%ld %u bits %s verify in %.2fs\n",
3182                            count, test_ed_curves[testnum].bits,
3183                            test_ed_curves[testnum].name, d);
3184                 eddsa_results[testnum][1] = (double)count / d;
3185             }
3186 
3187             if (rsa_count <= 1) {
3188                 /* if longer than 10s, don't do any more */
3189                 for (testnum++; testnum < EdDSA_NUM; testnum++)
3190                     eddsa_doit[testnum] = 0;
3191             }
3192         }
3193     }
3194 
3195 #endif                          /* OPENSSL_NO_EC */
3196 #ifndef NO_FORK
3197  show_res:
3198 #endif
3199     if (!mr) {
3200         printf("%s\n", OpenSSL_version(OPENSSL_VERSION));
3201         printf("%s\n", OpenSSL_version(OPENSSL_BUILT_ON));
3202         printf("options:");
3203         printf("%s ", BN_options());
3204 #ifndef OPENSSL_NO_MD2
3205         printf("%s ", MD2_options());
3206 #endif
3207 #ifndef OPENSSL_NO_RC4
3208         printf("%s ", RC4_options());
3209 #endif
3210 #ifndef OPENSSL_NO_DES
3211         printf("%s ", DES_options());
3212 #endif
3213         printf("%s ", AES_options());
3214 #ifndef OPENSSL_NO_IDEA
3215         printf("%s ", IDEA_options());
3216 #endif
3217 #ifndef OPENSSL_NO_BF
3218         printf("%s ", BF_options());
3219 #endif
3220         printf("\n%s\n", OpenSSL_version(OPENSSL_CFLAGS));
3221     }
3222 
3223     if (pr_header) {
3224         if (mr)
3225             printf("+H");
3226         else {
3227             printf
3228                 ("The 'numbers' are in 1000s of bytes per second processed.\n");
3229             printf("type        ");
3230         }
3231         for (testnum = 0; testnum < size_num; testnum++)
3232             printf(mr ? ":%d" : "%7d bytes", lengths[testnum]);
3233         printf("\n");
3234     }
3235 
3236     for (k = 0; k < ALGOR_NUM; k++) {
3237         if (!doit[k])
3238             continue;
3239         if (mr)
3240             printf("+F:%u:%s", k, names[k]);
3241         else
3242             printf("%-13s", names[k]);
3243         for (testnum = 0; testnum < size_num; testnum++) {
3244             if (results[k][testnum] > 10000 && !mr)
3245                 printf(" %11.2fk", results[k][testnum] / 1e3);
3246             else
3247                 printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]);
3248         }
3249         printf("\n");
3250     }
3251 #ifndef OPENSSL_NO_RSA
3252     testnum = 1;
3253     for (k = 0; k < RSA_NUM; k++) {
3254         if (!rsa_doit[k])
3255             continue;
3256         if (testnum && !mr) {
3257             printf("%18ssign    verify    sign/s verify/s\n", " ");
3258             testnum = 0;
3259         }
3260         if (mr)
3261             printf("+F2:%u:%u:%f:%f\n",
3262                    k, rsa_bits[k], rsa_results[k][0], rsa_results[k][1]);
3263         else
3264             printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3265                    rsa_bits[k], 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1],
3266                    rsa_results[k][0], rsa_results[k][1]);
3267     }
3268 #endif
3269 #ifndef OPENSSL_NO_DSA
3270     testnum = 1;
3271     for (k = 0; k < DSA_NUM; k++) {
3272         if (!dsa_doit[k])
3273             continue;
3274         if (testnum && !mr) {
3275             printf("%18ssign    verify    sign/s verify/s\n", " ");
3276             testnum = 0;
3277         }
3278         if (mr)
3279             printf("+F3:%u:%u:%f:%f\n",
3280                    k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
3281         else
3282             printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3283                    dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1],
3284                    dsa_results[k][0], dsa_results[k][1]);
3285     }
3286 #endif
3287 #ifndef OPENSSL_NO_EC
3288     testnum = 1;
3289     for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) {
3290         if (!ecdsa_doit[k])
3291             continue;
3292         if (testnum && !mr) {
3293             printf("%30ssign    verify    sign/s verify/s\n", " ");
3294             testnum = 0;
3295         }
3296 
3297         if (mr)
3298             printf("+F4:%u:%u:%f:%f\n",
3299                    k, test_curves[k].bits,
3300                    ecdsa_results[k][0], ecdsa_results[k][1]);
3301         else
3302             printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3303                    test_curves[k].bits, test_curves[k].name,
3304                    1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1],
3305                    ecdsa_results[k][0], ecdsa_results[k][1]);
3306     }
3307 
3308     testnum = 1;
3309     for (k = 0; k < EC_NUM; k++) {
3310         if (!ecdh_doit[k])
3311             continue;
3312         if (testnum && !mr) {
3313             printf("%30sop      op/s\n", " ");
3314             testnum = 0;
3315         }
3316         if (mr)
3317             printf("+F5:%u:%u:%f:%f\n",
3318                    k, test_curves[k].bits,
3319                    ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
3320 
3321         else
3322             printf("%4u bits ecdh (%s) %8.4fs %8.1f\n",
3323                    test_curves[k].bits, test_curves[k].name,
3324                    1.0 / ecdh_results[k][0], ecdh_results[k][0]);
3325     }
3326 
3327     testnum = 1;
3328     for (k = 0; k < OSSL_NELEM(eddsa_doit); k++) {
3329         if (!eddsa_doit[k])
3330             continue;
3331         if (testnum && !mr) {
3332             printf("%30ssign    verify    sign/s verify/s\n", " ");
3333             testnum = 0;
3334         }
3335 
3336         if (mr)
3337             printf("+F6:%u:%u:%s:%f:%f\n",
3338                    k, test_ed_curves[k].bits, test_ed_curves[k].name,
3339                    eddsa_results[k][0], eddsa_results[k][1]);
3340         else
3341             printf("%4u bits EdDSA (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3342                    test_ed_curves[k].bits, test_ed_curves[k].name,
3343                    1.0 / eddsa_results[k][0], 1.0 / eddsa_results[k][1],
3344                    eddsa_results[k][0], eddsa_results[k][1]);
3345     }
3346 #endif
3347 
3348     ret = 0;
3349 
3350  end:
3351     ERR_print_errors(bio_err);
3352     for (i = 0; i < loopargs_len; i++) {
3353         OPENSSL_free(loopargs[i].buf_malloc);
3354         OPENSSL_free(loopargs[i].buf2_malloc);
3355 
3356 #ifndef OPENSSL_NO_RSA
3357         for (k = 0; k < RSA_NUM; k++)
3358             RSA_free(loopargs[i].rsa_key[k]);
3359 #endif
3360 #ifndef OPENSSL_NO_DSA
3361         for (k = 0; k < DSA_NUM; k++)
3362             DSA_free(loopargs[i].dsa_key[k]);
3363 #endif
3364 #ifndef OPENSSL_NO_EC
3365         for (k = 0; k < ECDSA_NUM; k++)
3366             EC_KEY_free(loopargs[i].ecdsa[k]);
3367         for (k = 0; k < EC_NUM; k++)
3368             EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]);
3369         for (k = 0; k < EdDSA_NUM; k++)
3370             EVP_MD_CTX_free(loopargs[i].eddsa_ctx[k]);
3371         OPENSSL_free(loopargs[i].secret_a);
3372         OPENSSL_free(loopargs[i].secret_b);
3373 #endif
3374     }
3375 
3376     if (async_jobs > 0) {
3377         for (i = 0; i < loopargs_len; i++)
3378             ASYNC_WAIT_CTX_free(loopargs[i].wait_ctx);
3379     }
3380 
3381     if (async_init) {
3382         ASYNC_cleanup_thread();
3383     }
3384     OPENSSL_free(loopargs);
3385     release_engine(e);
3386     return ret;
3387 }
3388 
3389 static void print_message(const char *s, long num, int length, int tm)
3390 {
3391 #ifdef SIGALRM
3392     BIO_printf(bio_err,
3393                mr ? "+DT:%s:%d:%d\n"
3394                : "Doing %s for %ds on %d size blocks: ", s, tm, length);
3395     (void)BIO_flush(bio_err);
3396     run = 1;
3397     alarm(tm);
3398 #else
3399     BIO_printf(bio_err,
3400                mr ? "+DN:%s:%ld:%d\n"
3401                : "Doing %s %ld times on %d size blocks: ", s, num, length);
3402     (void)BIO_flush(bio_err);
3403 #endif
3404 }
3405 
3406 static void pkey_print_message(const char *str, const char *str2, long num,
3407                                unsigned int bits, int tm)
3408 {
3409 #ifdef SIGALRM
3410     BIO_printf(bio_err,
3411                mr ? "+DTP:%d:%s:%s:%d\n"
3412                : "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm);
3413     (void)BIO_flush(bio_err);
3414     run = 1;
3415     alarm(tm);
3416 #else
3417     BIO_printf(bio_err,
3418                mr ? "+DNP:%ld:%d:%s:%s\n"
3419                : "Doing %ld %u bits %s %s's: ", num, bits, str, str2);
3420     (void)BIO_flush(bio_err);
3421 #endif
3422 }
3423 
3424 static void print_result(int alg, int run_no, int count, double time_used)
3425 {
3426     if (count == -1) {
3427         BIO_puts(bio_err, "EVP error!\n");
3428         exit(1);
3429     }
3430     BIO_printf(bio_err,
3431                mr ? "+R:%d:%s:%f\n"
3432                : "%d %s's in %.2fs\n", count, names[alg], time_used);
3433     results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
3434 }
3435 
3436 #ifndef NO_FORK
3437 static char *sstrsep(char **string, const char *delim)
3438 {
3439     char isdelim[256];
3440     char *token = *string;
3441 
3442     if (**string == 0)
3443         return NULL;
3444 
3445     memset(isdelim, 0, sizeof(isdelim));
3446     isdelim[0] = 1;
3447 
3448     while (*delim) {
3449         isdelim[(unsigned char)(*delim)] = 1;
3450         delim++;
3451     }
3452 
3453     while (!isdelim[(unsigned char)(**string)]) {
3454         (*string)++;
3455     }
3456 
3457     if (**string) {
3458         **string = 0;
3459         (*string)++;
3460     }
3461 
3462     return token;
3463 }
3464 
3465 static int do_multi(int multi, int size_num)
3466 {
3467     int n;
3468     int fd[2];
3469     int *fds;
3470     static char sep[] = ":";
3471 
3472     fds = app_malloc(sizeof(*fds) * multi, "fd buffer for do_multi");
3473     for (n = 0; n < multi; ++n) {
3474         if (pipe(fd) == -1) {
3475             BIO_printf(bio_err, "pipe failure\n");
3476             exit(1);
3477         }
3478         fflush(stdout);
3479         (void)BIO_flush(bio_err);
3480         if (fork()) {
3481             close(fd[1]);
3482             fds[n] = fd[0];
3483         } else {
3484             close(fd[0]);
3485             close(1);
3486             if (dup(fd[1]) == -1) {
3487                 BIO_printf(bio_err, "dup failed\n");
3488                 exit(1);
3489             }
3490             close(fd[1]);
3491             mr = 1;
3492             usertime = 0;
3493             free(fds);
3494             return 0;
3495         }
3496         printf("Forked child %d\n", n);
3497     }
3498 
3499     /* for now, assume the pipe is long enough to take all the output */
3500     for (n = 0; n < multi; ++n) {
3501         FILE *f;
3502         char buf[1024];
3503         char *p;
3504 
3505         f = fdopen(fds[n], "r");
3506         while (fgets(buf, sizeof(buf), f)) {
3507             p = strchr(buf, '\n');
3508             if (p)
3509                 *p = '\0';
3510             if (buf[0] != '+') {
3511                 BIO_printf(bio_err,
3512                            "Don't understand line '%s' from child %d\n", buf,
3513                            n);
3514                 continue;
3515             }
3516             printf("Got: %s from %d\n", buf, n);
3517             if (strncmp(buf, "+F:", 3) == 0) {
3518                 int alg;
3519                 int j;
3520 
3521                 p = buf + 3;
3522                 alg = atoi(sstrsep(&p, sep));
3523                 sstrsep(&p, sep);
3524                 for (j = 0; j < size_num; ++j)
3525                     results[alg][j] += atof(sstrsep(&p, sep));
3526             } else if (strncmp(buf, "+F2:", 4) == 0) {
3527                 int k;
3528                 double d;
3529 
3530                 p = buf + 4;
3531                 k = atoi(sstrsep(&p, sep));
3532                 sstrsep(&p, sep);
3533 
3534                 d = atof(sstrsep(&p, sep));
3535                 rsa_results[k][0] += d;
3536 
3537                 d = atof(sstrsep(&p, sep));
3538                 rsa_results[k][1] += d;
3539             }
3540 # ifndef OPENSSL_NO_DSA
3541             else if (strncmp(buf, "+F3:", 4) == 0) {
3542                 int k;
3543                 double d;
3544 
3545                 p = buf + 4;
3546                 k = atoi(sstrsep(&p, sep));
3547                 sstrsep(&p, sep);
3548 
3549                 d = atof(sstrsep(&p, sep));
3550                 dsa_results[k][0] += d;
3551 
3552                 d = atof(sstrsep(&p, sep));
3553                 dsa_results[k][1] += d;
3554             }
3555 # endif
3556 # ifndef OPENSSL_NO_EC
3557             else if (strncmp(buf, "+F4:", 4) == 0) {
3558                 int k;
3559                 double d;
3560 
3561                 p = buf + 4;
3562                 k = atoi(sstrsep(&p, sep));
3563                 sstrsep(&p, sep);
3564 
3565                 d = atof(sstrsep(&p, sep));
3566                 ecdsa_results[k][0] += d;
3567 
3568                 d = atof(sstrsep(&p, sep));
3569                 ecdsa_results[k][1] += d;
3570             } else if (strncmp(buf, "+F5:", 4) == 0) {
3571                 int k;
3572                 double d;
3573 
3574                 p = buf + 4;
3575                 k = atoi(sstrsep(&p, sep));
3576                 sstrsep(&p, sep);
3577 
3578                 d = atof(sstrsep(&p, sep));
3579                 ecdh_results[k][0] += d;
3580             } else if (strncmp(buf, "+F6:", 4) == 0) {
3581                 int k;
3582                 double d;
3583 
3584                 p = buf + 4;
3585                 k = atoi(sstrsep(&p, sep));
3586                 sstrsep(&p, sep);
3587                 sstrsep(&p, sep);
3588 
3589                 d = atof(sstrsep(&p, sep));
3590                 eddsa_results[k][0] += d;
3591 
3592                 d = atof(sstrsep(&p, sep));
3593                 eddsa_results[k][1] += d;
3594             }
3595 # endif
3596 
3597             else if (strncmp(buf, "+H:", 3) == 0) {
3598                 ;
3599             } else
3600                 BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf,
3601                            n);
3602         }
3603 
3604         fclose(f);
3605     }
3606     free(fds);
3607     return 1;
3608 }
3609 #endif
3610 
3611 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
3612                              const openssl_speed_sec_t *seconds)
3613 {
3614     static const int mblengths_list[] =
3615         { 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 };
3616     const int *mblengths = mblengths_list;
3617     int j, count, keylen, num = OSSL_NELEM(mblengths_list);
3618     const char *alg_name;
3619     unsigned char *inp, *out, *key, no_key[32], no_iv[16];
3620     EVP_CIPHER_CTX *ctx;
3621     double d = 0.0;
3622 
3623     if (lengths_single) {
3624         mblengths = &lengths_single;
3625         num = 1;
3626     }
3627 
3628     inp = app_malloc(mblengths[num - 1], "multiblock input buffer");
3629     out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer");
3630     ctx = EVP_CIPHER_CTX_new();
3631     EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv);
3632 
3633     keylen = EVP_CIPHER_CTX_key_length(ctx);
3634     key = app_malloc(keylen, "evp_cipher key");
3635     EVP_CIPHER_CTX_rand_key(ctx, key);
3636     EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
3637     OPENSSL_clear_free(key, keylen);
3638 
3639     EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key), no_key);
3640     alg_name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
3641 
3642     for (j = 0; j < num; j++) {
3643         print_message(alg_name, 0, mblengths[j], seconds->sym);
3644         Time_F(START);
3645         for (count = 0; run && count < 0x7fffffff; count++) {
3646             unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
3647             EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
3648             size_t len = mblengths[j];
3649             int packlen;
3650 
3651             memset(aad, 0, 8);  /* avoid uninitialized values */
3652             aad[8] = 23;        /* SSL3_RT_APPLICATION_DATA */
3653             aad[9] = 3;         /* version */
3654             aad[10] = 2;
3655             aad[11] = 0;        /* length */
3656             aad[12] = 0;
3657             mb_param.out = NULL;
3658             mb_param.inp = aad;
3659             mb_param.len = len;
3660             mb_param.interleave = 8;
3661 
3662             packlen = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
3663                                           sizeof(mb_param), &mb_param);
3664 
3665             if (packlen > 0) {
3666                 mb_param.out = out;
3667                 mb_param.inp = inp;
3668                 mb_param.len = len;
3669                 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
3670                                     sizeof(mb_param), &mb_param);
3671             } else {
3672                 int pad;
3673 
3674                 RAND_bytes(out, 16);
3675                 len += 16;
3676                 aad[11] = (unsigned char)(len >> 8);
3677                 aad[12] = (unsigned char)(len);
3678                 pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD,
3679                                           EVP_AEAD_TLS1_AAD_LEN, aad);
3680                 EVP_Cipher(ctx, out, inp, len + pad);
3681             }
3682         }
3683         d = Time_F(STOP);
3684         BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n"
3685                    : "%d %s's in %.2fs\n", count, "evp", d);
3686         results[D_EVP][j] = ((double)count) / d * mblengths[j];
3687     }
3688 
3689     if (mr) {
3690         fprintf(stdout, "+H");
3691         for (j = 0; j < num; j++)
3692             fprintf(stdout, ":%d", mblengths[j]);
3693         fprintf(stdout, "\n");
3694         fprintf(stdout, "+F:%d:%s", D_EVP, alg_name);
3695         for (j = 0; j < num; j++)
3696             fprintf(stdout, ":%.2f", results[D_EVP][j]);
3697         fprintf(stdout, "\n");
3698     } else {
3699         fprintf(stdout,
3700                 "The 'numbers' are in 1000s of bytes per second processed.\n");
3701         fprintf(stdout, "type                    ");
3702         for (j = 0; j < num; j++)
3703             fprintf(stdout, "%7d bytes", mblengths[j]);
3704         fprintf(stdout, "\n");
3705         fprintf(stdout, "%-24s", alg_name);
3706 
3707         for (j = 0; j < num; j++) {
3708             if (results[D_EVP][j] > 10000)
3709                 fprintf(stdout, " %11.2fk", results[D_EVP][j] / 1e3);
3710             else
3711                 fprintf(stdout, " %11.2f ", results[D_EVP][j]);
3712         }
3713         fprintf(stdout, "\n");
3714     }
3715 
3716     OPENSSL_free(inp);
3717     OPENSSL_free(out);
3718     EVP_CIPHER_CTX_free(ctx);
3719 }
3720