xref: /freebsd/crypto/openssl/apps/speed.c (revision f976241773df2260e6170317080761d1c5814fe5)
1 /*
2  * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
3  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
4  *
5  * Licensed under the OpenSSL license (the "License").  You may not use
6  * this file except in compliance with the License.  You can obtain a copy
7  * in the file LICENSE in the source distribution or at
8  * https://www.openssl.org/source/license.html
9  */
10 
11 #undef SECONDS
12 #define SECONDS                 3
13 #define RSA_SECONDS             10
14 #define DSA_SECONDS             10
15 #define ECDSA_SECONDS   10
16 #define ECDH_SECONDS    10
17 #define EdDSA_SECONDS   10
18 
19 #include <stdio.h>
20 #include <stdlib.h>
21 #include <string.h>
22 #include <math.h>
23 #include "apps.h"
24 #include "progs.h"
25 #include <openssl/crypto.h>
26 #include <openssl/rand.h>
27 #include <openssl/err.h>
28 #include <openssl/evp.h>
29 #include <openssl/objects.h>
30 #include <openssl/async.h>
31 #if !defined(OPENSSL_SYS_MSDOS)
32 # include OPENSSL_UNISTD
33 #endif
34 
35 #if defined(_WIN32)
36 # include <windows.h>
37 #endif
38 
39 #include <openssl/bn.h>
40 #ifndef OPENSSL_NO_DES
41 # include <openssl/des.h>
42 #endif
43 #include <openssl/aes.h>
44 #ifndef OPENSSL_NO_CAMELLIA
45 # include <openssl/camellia.h>
46 #endif
47 #ifndef OPENSSL_NO_MD2
48 # include <openssl/md2.h>
49 #endif
50 #ifndef OPENSSL_NO_MDC2
51 # include <openssl/mdc2.h>
52 #endif
53 #ifndef OPENSSL_NO_MD4
54 # include <openssl/md4.h>
55 #endif
56 #ifndef OPENSSL_NO_MD5
57 # include <openssl/md5.h>
58 #endif
59 #include <openssl/hmac.h>
60 #include <openssl/sha.h>
61 #ifndef OPENSSL_NO_RMD160
62 # include <openssl/ripemd.h>
63 #endif
64 #ifndef OPENSSL_NO_WHIRLPOOL
65 # include <openssl/whrlpool.h>
66 #endif
67 #ifndef OPENSSL_NO_RC4
68 # include <openssl/rc4.h>
69 #endif
70 #ifndef OPENSSL_NO_RC5
71 # include <openssl/rc5.h>
72 #endif
73 #ifndef OPENSSL_NO_RC2
74 # include <openssl/rc2.h>
75 #endif
76 #ifndef OPENSSL_NO_IDEA
77 # include <openssl/idea.h>
78 #endif
79 #ifndef OPENSSL_NO_SEED
80 # include <openssl/seed.h>
81 #endif
82 #ifndef OPENSSL_NO_BF
83 # include <openssl/blowfish.h>
84 #endif
85 #ifndef OPENSSL_NO_CAST
86 # include <openssl/cast.h>
87 #endif
88 #ifndef OPENSSL_NO_RSA
89 # include <openssl/rsa.h>
90 # include "./testrsa.h"
91 #endif
92 #include <openssl/x509.h>
93 #ifndef OPENSSL_NO_DSA
94 # include <openssl/dsa.h>
95 # include "./testdsa.h"
96 #endif
97 #ifndef OPENSSL_NO_EC
98 # include <openssl/ec.h>
99 #endif
100 #include <openssl/modes.h>
101 
102 #ifndef HAVE_FORK
103 # if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_VXWORKS)
104 #  define HAVE_FORK 0
105 # else
106 #  define HAVE_FORK 1
107 # endif
108 #endif
109 
110 #if HAVE_FORK
111 # undef NO_FORK
112 #else
113 # define NO_FORK
114 #endif
115 
116 #define MAX_MISALIGNMENT 63
117 #define MAX_ECDH_SIZE   256
118 #define MISALIGN        64
119 
120 typedef struct openssl_speed_sec_st {
121     int sym;
122     int rsa;
123     int dsa;
124     int ecdsa;
125     int ecdh;
126     int eddsa;
127 } openssl_speed_sec_t;
128 
129 static volatile int run = 0;
130 
131 static int mr = 0;
132 static int usertime = 1;
133 
134 #ifndef OPENSSL_NO_MD2
135 static int EVP_Digest_MD2_loop(void *args);
136 #endif
137 
138 #ifndef OPENSSL_NO_MDC2
139 static int EVP_Digest_MDC2_loop(void *args);
140 #endif
141 #ifndef OPENSSL_NO_MD4
142 static int EVP_Digest_MD4_loop(void *args);
143 #endif
144 #ifndef OPENSSL_NO_MD5
145 static int MD5_loop(void *args);
146 static int HMAC_loop(void *args);
147 #endif
148 static int SHA1_loop(void *args);
149 static int SHA256_loop(void *args);
150 static int SHA512_loop(void *args);
151 #ifndef OPENSSL_NO_WHIRLPOOL
152 static int WHIRLPOOL_loop(void *args);
153 #endif
154 #ifndef OPENSSL_NO_RMD160
155 static int EVP_Digest_RMD160_loop(void *args);
156 #endif
157 #ifndef OPENSSL_NO_RC4
158 static int RC4_loop(void *args);
159 #endif
160 #ifndef OPENSSL_NO_DES
161 static int DES_ncbc_encrypt_loop(void *args);
162 static int DES_ede3_cbc_encrypt_loop(void *args);
163 #endif
164 static int AES_cbc_128_encrypt_loop(void *args);
165 static int AES_cbc_192_encrypt_loop(void *args);
166 static int AES_ige_128_encrypt_loop(void *args);
167 static int AES_cbc_256_encrypt_loop(void *args);
168 static int AES_ige_192_encrypt_loop(void *args);
169 static int AES_ige_256_encrypt_loop(void *args);
170 static int CRYPTO_gcm128_aad_loop(void *args);
171 static int RAND_bytes_loop(void *args);
172 static int EVP_Update_loop(void *args);
173 static int EVP_Update_loop_ccm(void *args);
174 static int EVP_Update_loop_aead(void *args);
175 static int EVP_Digest_loop(void *args);
176 #ifndef OPENSSL_NO_RSA
177 static int RSA_sign_loop(void *args);
178 static int RSA_verify_loop(void *args);
179 #endif
180 #ifndef OPENSSL_NO_DSA
181 static int DSA_sign_loop(void *args);
182 static int DSA_verify_loop(void *args);
183 #endif
184 #ifndef OPENSSL_NO_EC
185 static int ECDSA_sign_loop(void *args);
186 static int ECDSA_verify_loop(void *args);
187 static int EdDSA_sign_loop(void *args);
188 static int EdDSA_verify_loop(void *args);
189 #endif
190 
191 static double Time_F(int s);
192 static void print_message(const char *s, long num, int length, int tm);
193 static void pkey_print_message(const char *str, const char *str2,
194                                long num, unsigned int bits, int sec);
195 static void print_result(int alg, int run_no, int count, double time_used);
196 #ifndef NO_FORK
197 static int do_multi(int multi, int size_num);
198 #endif
199 
200 static const int lengths_list[] = {
201     16, 64, 256, 1024, 8 * 1024, 16 * 1024
202 };
203 static const int *lengths = lengths_list;
204 
205 static const int aead_lengths_list[] = {
206     2, 31, 136, 1024, 8 * 1024, 16 * 1024
207 };
208 
209 #define START   0
210 #define STOP    1
211 
212 #ifdef SIGALRM
213 
214 static void alarmed(int sig)
215 {
216     signal(SIGALRM, alarmed);
217     run = 0;
218 }
219 
220 static double Time_F(int s)
221 {
222     double ret = app_tminterval(s, usertime);
223     if (s == STOP)
224         alarm(0);
225     return ret;
226 }
227 
228 #elif defined(_WIN32)
229 
230 # define SIGALRM -1
231 
232 static unsigned int lapse;
233 static volatile unsigned int schlock;
234 static void alarm_win32(unsigned int secs)
235 {
236     lapse = secs * 1000;
237 }
238 
239 # define alarm alarm_win32
240 
241 static DWORD WINAPI sleepy(VOID * arg)
242 {
243     schlock = 1;
244     Sleep(lapse);
245     run = 0;
246     return 0;
247 }
248 
249 static double Time_F(int s)
250 {
251     double ret;
252     static HANDLE thr;
253 
254     if (s == START) {
255         schlock = 0;
256         thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
257         if (thr == NULL) {
258             DWORD err = GetLastError();
259             BIO_printf(bio_err, "unable to CreateThread (%lu)", err);
260             ExitProcess(err);
261         }
262         while (!schlock)
263             Sleep(0);           /* scheduler spinlock */
264         ret = app_tminterval(s, usertime);
265     } else {
266         ret = app_tminterval(s, usertime);
267         if (run)
268             TerminateThread(thr, 0);
269         CloseHandle(thr);
270     }
271 
272     return ret;
273 }
274 #else
275 static double Time_F(int s)
276 {
277     return app_tminterval(s, usertime);
278 }
279 #endif
280 
281 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
282                              const openssl_speed_sec_t *seconds);
283 
284 #define found(value, pairs, result)\
285     opt_found(value, result, pairs, OSSL_NELEM(pairs))
286 static int opt_found(const char *name, unsigned int *result,
287                      const OPT_PAIR pairs[], unsigned int nbelem)
288 {
289     unsigned int idx;
290 
291     for (idx = 0; idx < nbelem; ++idx, pairs++)
292         if (strcmp(name, pairs->name) == 0) {
293             *result = pairs->retval;
294             return 1;
295         }
296     return 0;
297 }
298 
299 typedef enum OPTION_choice {
300     OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
301     OPT_ELAPSED, OPT_EVP, OPT_DECRYPT, OPT_ENGINE, OPT_MULTI,
302     OPT_MR, OPT_MB, OPT_MISALIGN, OPT_ASYNCJOBS, OPT_R_ENUM,
303     OPT_PRIMES, OPT_SECONDS, OPT_BYTES, OPT_AEAD
304 } OPTION_CHOICE;
305 
306 const OPTIONS speed_options[] = {
307     {OPT_HELP_STR, 1, '-', "Usage: %s [options] ciphers...\n"},
308     {OPT_HELP_STR, 1, '-', "Valid options are:\n"},
309     {"help", OPT_HELP, '-', "Display this summary"},
310     {"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"},
311     {"decrypt", OPT_DECRYPT, '-',
312      "Time decryption instead of encryption (only EVP)"},
313     {"aead", OPT_AEAD, '-',
314      "Benchmark EVP-named AEAD cipher in TLS-like sequence"},
315     {"mb", OPT_MB, '-',
316      "Enable (tls1>=1) multi-block mode on EVP-named cipher"},
317     {"mr", OPT_MR, '-', "Produce machine readable output"},
318 #ifndef NO_FORK
319     {"multi", OPT_MULTI, 'p', "Run benchmarks in parallel"},
320 #endif
321 #ifndef OPENSSL_NO_ASYNC
322     {"async_jobs", OPT_ASYNCJOBS, 'p',
323      "Enable async mode and start specified number of jobs"},
324 #endif
325     OPT_R_OPTIONS,
326 #ifndef OPENSSL_NO_ENGINE
327     {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
328 #endif
329     {"elapsed", OPT_ELAPSED, '-',
330      "Use wall-clock time instead of CPU user time as divisor"},
331     {"primes", OPT_PRIMES, 'p', "Specify number of primes (for RSA only)"},
332     {"seconds", OPT_SECONDS, 'p',
333      "Run benchmarks for specified amount of seconds"},
334     {"bytes", OPT_BYTES, 'p',
335      "Run [non-PKI] benchmarks on custom-sized buffer"},
336     {"misalign", OPT_MISALIGN, 'p',
337      "Use specified offset to mis-align buffers"},
338     {NULL}
339 };
340 
341 #define D_MD2           0
342 #define D_MDC2          1
343 #define D_MD4           2
344 #define D_MD5           3
345 #define D_HMAC          4
346 #define D_SHA1          5
347 #define D_RMD160        6
348 #define D_RC4           7
349 #define D_CBC_DES       8
350 #define D_EDE3_DES      9
351 #define D_CBC_IDEA      10
352 #define D_CBC_SEED      11
353 #define D_CBC_RC2       12
354 #define D_CBC_RC5       13
355 #define D_CBC_BF        14
356 #define D_CBC_CAST      15
357 #define D_CBC_128_AES   16
358 #define D_CBC_192_AES   17
359 #define D_CBC_256_AES   18
360 #define D_CBC_128_CML   19
361 #define D_CBC_192_CML   20
362 #define D_CBC_256_CML   21
363 #define D_EVP           22
364 #define D_SHA256        23
365 #define D_SHA512        24
366 #define D_WHIRLPOOL     25
367 #define D_IGE_128_AES   26
368 #define D_IGE_192_AES   27
369 #define D_IGE_256_AES   28
370 #define D_GHASH         29
371 #define D_RAND          30
372 /* name of algorithms to test */
373 static const char *names[] = {
374     "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
375     "des cbc", "des ede3", "idea cbc", "seed cbc",
376     "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
377     "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
378     "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
379     "evp", "sha256", "sha512", "whirlpool",
380     "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash",
381     "rand"
382 };
383 #define ALGOR_NUM       OSSL_NELEM(names)
384 
385 /* list of configured algorithm (remaining) */
386 static const OPT_PAIR doit_choices[] = {
387 #ifndef OPENSSL_NO_MD2
388     {"md2", D_MD2},
389 #endif
390 #ifndef OPENSSL_NO_MDC2
391     {"mdc2", D_MDC2},
392 #endif
393 #ifndef OPENSSL_NO_MD4
394     {"md4", D_MD4},
395 #endif
396 #ifndef OPENSSL_NO_MD5
397     {"md5", D_MD5},
398     {"hmac", D_HMAC},
399 #endif
400     {"sha1", D_SHA1},
401     {"sha256", D_SHA256},
402     {"sha512", D_SHA512},
403 #ifndef OPENSSL_NO_WHIRLPOOL
404     {"whirlpool", D_WHIRLPOOL},
405 #endif
406 #ifndef OPENSSL_NO_RMD160
407     {"ripemd", D_RMD160},
408     {"rmd160", D_RMD160},
409     {"ripemd160", D_RMD160},
410 #endif
411 #ifndef OPENSSL_NO_RC4
412     {"rc4", D_RC4},
413 #endif
414 #ifndef OPENSSL_NO_DES
415     {"des-cbc", D_CBC_DES},
416     {"des-ede3", D_EDE3_DES},
417 #endif
418     {"aes-128-cbc", D_CBC_128_AES},
419     {"aes-192-cbc", D_CBC_192_AES},
420     {"aes-256-cbc", D_CBC_256_AES},
421     {"aes-128-ige", D_IGE_128_AES},
422     {"aes-192-ige", D_IGE_192_AES},
423     {"aes-256-ige", D_IGE_256_AES},
424 #ifndef OPENSSL_NO_RC2
425     {"rc2-cbc", D_CBC_RC2},
426     {"rc2", D_CBC_RC2},
427 #endif
428 #ifndef OPENSSL_NO_RC5
429     {"rc5-cbc", D_CBC_RC5},
430     {"rc5", D_CBC_RC5},
431 #endif
432 #ifndef OPENSSL_NO_IDEA
433     {"idea-cbc", D_CBC_IDEA},
434     {"idea", D_CBC_IDEA},
435 #endif
436 #ifndef OPENSSL_NO_SEED
437     {"seed-cbc", D_CBC_SEED},
438     {"seed", D_CBC_SEED},
439 #endif
440 #ifndef OPENSSL_NO_BF
441     {"bf-cbc", D_CBC_BF},
442     {"blowfish", D_CBC_BF},
443     {"bf", D_CBC_BF},
444 #endif
445 #ifndef OPENSSL_NO_CAST
446     {"cast-cbc", D_CBC_CAST},
447     {"cast", D_CBC_CAST},
448     {"cast5", D_CBC_CAST},
449 #endif
450     {"ghash", D_GHASH},
451     {"rand", D_RAND}
452 };
453 
454 static double results[ALGOR_NUM][OSSL_NELEM(lengths_list)];
455 
456 #ifndef OPENSSL_NO_DSA
457 # define R_DSA_512       0
458 # define R_DSA_1024      1
459 # define R_DSA_2048      2
460 static const OPT_PAIR dsa_choices[] = {
461     {"dsa512", R_DSA_512},
462     {"dsa1024", R_DSA_1024},
463     {"dsa2048", R_DSA_2048}
464 };
465 # define DSA_NUM         OSSL_NELEM(dsa_choices)
466 
467 static double dsa_results[DSA_NUM][2];  /* 2 ops: sign then verify */
468 #endif  /* OPENSSL_NO_DSA */
469 
470 #define R_RSA_512       0
471 #define R_RSA_1024      1
472 #define R_RSA_2048      2
473 #define R_RSA_3072      3
474 #define R_RSA_4096      4
475 #define R_RSA_7680      5
476 #define R_RSA_15360     6
477 #ifndef OPENSSL_NO_RSA
478 static const OPT_PAIR rsa_choices[] = {
479     {"rsa512", R_RSA_512},
480     {"rsa1024", R_RSA_1024},
481     {"rsa2048", R_RSA_2048},
482     {"rsa3072", R_RSA_3072},
483     {"rsa4096", R_RSA_4096},
484     {"rsa7680", R_RSA_7680},
485     {"rsa15360", R_RSA_15360}
486 };
487 # define RSA_NUM OSSL_NELEM(rsa_choices)
488 
489 static double rsa_results[RSA_NUM][2];  /* 2 ops: sign then verify */
490 #endif /* OPENSSL_NO_RSA */
491 
492 enum {
493     R_EC_P160,
494     R_EC_P192,
495     R_EC_P224,
496     R_EC_P256,
497     R_EC_P384,
498     R_EC_P521,
499 #ifndef OPENSSL_NO_EC2M
500     R_EC_K163,
501     R_EC_K233,
502     R_EC_K283,
503     R_EC_K409,
504     R_EC_K571,
505     R_EC_B163,
506     R_EC_B233,
507     R_EC_B283,
508     R_EC_B409,
509     R_EC_B571,
510 #endif
511     R_EC_BRP256R1,
512     R_EC_BRP256T1,
513     R_EC_BRP384R1,
514     R_EC_BRP384T1,
515     R_EC_BRP512R1,
516     R_EC_BRP512T1,
517     R_EC_X25519,
518     R_EC_X448
519 };
520 
521 #ifndef OPENSSL_NO_EC
522 static OPT_PAIR ecdsa_choices[] = {
523     {"ecdsap160", R_EC_P160},
524     {"ecdsap192", R_EC_P192},
525     {"ecdsap224", R_EC_P224},
526     {"ecdsap256", R_EC_P256},
527     {"ecdsap384", R_EC_P384},
528     {"ecdsap521", R_EC_P521},
529 # ifndef OPENSSL_NO_EC2M
530     {"ecdsak163", R_EC_K163},
531     {"ecdsak233", R_EC_K233},
532     {"ecdsak283", R_EC_K283},
533     {"ecdsak409", R_EC_K409},
534     {"ecdsak571", R_EC_K571},
535     {"ecdsab163", R_EC_B163},
536     {"ecdsab233", R_EC_B233},
537     {"ecdsab283", R_EC_B283},
538     {"ecdsab409", R_EC_B409},
539     {"ecdsab571", R_EC_B571},
540 # endif
541     {"ecdsabrp256r1", R_EC_BRP256R1},
542     {"ecdsabrp256t1", R_EC_BRP256T1},
543     {"ecdsabrp384r1", R_EC_BRP384R1},
544     {"ecdsabrp384t1", R_EC_BRP384T1},
545     {"ecdsabrp512r1", R_EC_BRP512R1},
546     {"ecdsabrp512t1", R_EC_BRP512T1}
547 };
548 # define ECDSA_NUM       OSSL_NELEM(ecdsa_choices)
549 
550 static double ecdsa_results[ECDSA_NUM][2];    /* 2 ops: sign then verify */
551 
552 static const OPT_PAIR ecdh_choices[] = {
553     {"ecdhp160", R_EC_P160},
554     {"ecdhp192", R_EC_P192},
555     {"ecdhp224", R_EC_P224},
556     {"ecdhp256", R_EC_P256},
557     {"ecdhp384", R_EC_P384},
558     {"ecdhp521", R_EC_P521},
559 # ifndef OPENSSL_NO_EC2M
560     {"ecdhk163", R_EC_K163},
561     {"ecdhk233", R_EC_K233},
562     {"ecdhk283", R_EC_K283},
563     {"ecdhk409", R_EC_K409},
564     {"ecdhk571", R_EC_K571},
565     {"ecdhb163", R_EC_B163},
566     {"ecdhb233", R_EC_B233},
567     {"ecdhb283", R_EC_B283},
568     {"ecdhb409", R_EC_B409},
569     {"ecdhb571", R_EC_B571},
570 # endif
571     {"ecdhbrp256r1", R_EC_BRP256R1},
572     {"ecdhbrp256t1", R_EC_BRP256T1},
573     {"ecdhbrp384r1", R_EC_BRP384R1},
574     {"ecdhbrp384t1", R_EC_BRP384T1},
575     {"ecdhbrp512r1", R_EC_BRP512R1},
576     {"ecdhbrp512t1", R_EC_BRP512T1},
577     {"ecdhx25519", R_EC_X25519},
578     {"ecdhx448", R_EC_X448}
579 };
580 # define EC_NUM       OSSL_NELEM(ecdh_choices)
581 
582 static double ecdh_results[EC_NUM][1];  /* 1 op: derivation */
583 
584 #define R_EC_Ed25519    0
585 #define R_EC_Ed448      1
586 static OPT_PAIR eddsa_choices[] = {
587     {"ed25519", R_EC_Ed25519},
588     {"ed448", R_EC_Ed448}
589 };
590 # define EdDSA_NUM       OSSL_NELEM(eddsa_choices)
591 
592 static double eddsa_results[EdDSA_NUM][2];    /* 2 ops: sign then verify */
593 #endif /* OPENSSL_NO_EC */
594 
595 #ifndef SIGALRM
596 # define COND(d) (count < (d))
597 # define COUNT(d) (d)
598 #else
599 # define COND(unused_cond) (run && count<0x7fffffff)
600 # define COUNT(d) (count)
601 #endif                          /* SIGALRM */
602 
603 typedef struct loopargs_st {
604     ASYNC_JOB *inprogress_job;
605     ASYNC_WAIT_CTX *wait_ctx;
606     unsigned char *buf;
607     unsigned char *buf2;
608     unsigned char *buf_malloc;
609     unsigned char *buf2_malloc;
610     unsigned char *key;
611     unsigned int siglen;
612     size_t sigsize;
613 #ifndef OPENSSL_NO_RSA
614     RSA *rsa_key[RSA_NUM];
615 #endif
616 #ifndef OPENSSL_NO_DSA
617     DSA *dsa_key[DSA_NUM];
618 #endif
619 #ifndef OPENSSL_NO_EC
620     EC_KEY *ecdsa[ECDSA_NUM];
621     EVP_PKEY_CTX *ecdh_ctx[EC_NUM];
622     EVP_MD_CTX *eddsa_ctx[EdDSA_NUM];
623     unsigned char *secret_a;
624     unsigned char *secret_b;
625     size_t outlen[EC_NUM];
626 #endif
627     EVP_CIPHER_CTX *ctx;
628     HMAC_CTX *hctx;
629     GCM128_CONTEXT *gcm_ctx;
630 } loopargs_t;
631 static int run_benchmark(int async_jobs, int (*loop_function) (void *),
632                          loopargs_t * loopargs);
633 
634 static unsigned int testnum;
635 
636 /* Nb of iterations to do per algorithm and key-size */
637 static long c[ALGOR_NUM][OSSL_NELEM(lengths_list)];
638 
639 #ifndef OPENSSL_NO_MD2
640 static int EVP_Digest_MD2_loop(void *args)
641 {
642     loopargs_t *tempargs = *(loopargs_t **) args;
643     unsigned char *buf = tempargs->buf;
644     unsigned char md2[MD2_DIGEST_LENGTH];
645     int count;
646 
647     for (count = 0; COND(c[D_MD2][testnum]); count++) {
648         if (!EVP_Digest(buf, (size_t)lengths[testnum], md2, NULL, EVP_md2(),
649                         NULL))
650             return -1;
651     }
652     return count;
653 }
654 #endif
655 
656 #ifndef OPENSSL_NO_MDC2
657 static int EVP_Digest_MDC2_loop(void *args)
658 {
659     loopargs_t *tempargs = *(loopargs_t **) args;
660     unsigned char *buf = tempargs->buf;
661     unsigned char mdc2[MDC2_DIGEST_LENGTH];
662     int count;
663 
664     for (count = 0; COND(c[D_MDC2][testnum]); count++) {
665         if (!EVP_Digest(buf, (size_t)lengths[testnum], mdc2, NULL, EVP_mdc2(),
666                         NULL))
667             return -1;
668     }
669     return count;
670 }
671 #endif
672 
673 #ifndef OPENSSL_NO_MD4
674 static int EVP_Digest_MD4_loop(void *args)
675 {
676     loopargs_t *tempargs = *(loopargs_t **) args;
677     unsigned char *buf = tempargs->buf;
678     unsigned char md4[MD4_DIGEST_LENGTH];
679     int count;
680 
681     for (count = 0; COND(c[D_MD4][testnum]); count++) {
682         if (!EVP_Digest(buf, (size_t)lengths[testnum], md4, NULL, EVP_md4(),
683                         NULL))
684             return -1;
685     }
686     return count;
687 }
688 #endif
689 
690 #ifndef OPENSSL_NO_MD5
691 static int MD5_loop(void *args)
692 {
693     loopargs_t *tempargs = *(loopargs_t **) args;
694     unsigned char *buf = tempargs->buf;
695     unsigned char md5[MD5_DIGEST_LENGTH];
696     int count;
697     for (count = 0; COND(c[D_MD5][testnum]); count++)
698         MD5(buf, lengths[testnum], md5);
699     return count;
700 }
701 
702 static int HMAC_loop(void *args)
703 {
704     loopargs_t *tempargs = *(loopargs_t **) args;
705     unsigned char *buf = tempargs->buf;
706     HMAC_CTX *hctx = tempargs->hctx;
707     unsigned char hmac[MD5_DIGEST_LENGTH];
708     int count;
709 
710     for (count = 0; COND(c[D_HMAC][testnum]); count++) {
711         HMAC_Init_ex(hctx, NULL, 0, NULL, NULL);
712         HMAC_Update(hctx, buf, lengths[testnum]);
713         HMAC_Final(hctx, hmac, NULL);
714     }
715     return count;
716 }
717 #endif
718 
719 static int SHA1_loop(void *args)
720 {
721     loopargs_t *tempargs = *(loopargs_t **) args;
722     unsigned char *buf = tempargs->buf;
723     unsigned char sha[SHA_DIGEST_LENGTH];
724     int count;
725     for (count = 0; COND(c[D_SHA1][testnum]); count++)
726         SHA1(buf, lengths[testnum], sha);
727     return count;
728 }
729 
730 static int SHA256_loop(void *args)
731 {
732     loopargs_t *tempargs = *(loopargs_t **) args;
733     unsigned char *buf = tempargs->buf;
734     unsigned char sha256[SHA256_DIGEST_LENGTH];
735     int count;
736     for (count = 0; COND(c[D_SHA256][testnum]); count++)
737         SHA256(buf, lengths[testnum], sha256);
738     return count;
739 }
740 
741 static int SHA512_loop(void *args)
742 {
743     loopargs_t *tempargs = *(loopargs_t **) args;
744     unsigned char *buf = tempargs->buf;
745     unsigned char sha512[SHA512_DIGEST_LENGTH];
746     int count;
747     for (count = 0; COND(c[D_SHA512][testnum]); count++)
748         SHA512(buf, lengths[testnum], sha512);
749     return count;
750 }
751 
752 #ifndef OPENSSL_NO_WHIRLPOOL
753 static int WHIRLPOOL_loop(void *args)
754 {
755     loopargs_t *tempargs = *(loopargs_t **) args;
756     unsigned char *buf = tempargs->buf;
757     unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
758     int count;
759     for (count = 0; COND(c[D_WHIRLPOOL][testnum]); count++)
760         WHIRLPOOL(buf, lengths[testnum], whirlpool);
761     return count;
762 }
763 #endif
764 
765 #ifndef OPENSSL_NO_RMD160
766 static int EVP_Digest_RMD160_loop(void *args)
767 {
768     loopargs_t *tempargs = *(loopargs_t **) args;
769     unsigned char *buf = tempargs->buf;
770     unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
771     int count;
772     for (count = 0; COND(c[D_RMD160][testnum]); count++) {
773         if (!EVP_Digest(buf, (size_t)lengths[testnum], &(rmd160[0]),
774                         NULL, EVP_ripemd160(), NULL))
775             return -1;
776     }
777     return count;
778 }
779 #endif
780 
781 #ifndef OPENSSL_NO_RC4
782 static RC4_KEY rc4_ks;
783 static int RC4_loop(void *args)
784 {
785     loopargs_t *tempargs = *(loopargs_t **) args;
786     unsigned char *buf = tempargs->buf;
787     int count;
788     for (count = 0; COND(c[D_RC4][testnum]); count++)
789         RC4(&rc4_ks, (size_t)lengths[testnum], buf, buf);
790     return count;
791 }
792 #endif
793 
794 #ifndef OPENSSL_NO_DES
795 static unsigned char DES_iv[8];
796 static DES_key_schedule sch;
797 static DES_key_schedule sch2;
798 static DES_key_schedule sch3;
799 static int DES_ncbc_encrypt_loop(void *args)
800 {
801     loopargs_t *tempargs = *(loopargs_t **) args;
802     unsigned char *buf = tempargs->buf;
803     int count;
804     for (count = 0; COND(c[D_CBC_DES][testnum]); count++)
805         DES_ncbc_encrypt(buf, buf, lengths[testnum], &sch,
806                          &DES_iv, DES_ENCRYPT);
807     return count;
808 }
809 
810 static int DES_ede3_cbc_encrypt_loop(void *args)
811 {
812     loopargs_t *tempargs = *(loopargs_t **) args;
813     unsigned char *buf = tempargs->buf;
814     int count;
815     for (count = 0; COND(c[D_EDE3_DES][testnum]); count++)
816         DES_ede3_cbc_encrypt(buf, buf, lengths[testnum],
817                              &sch, &sch2, &sch3, &DES_iv, DES_ENCRYPT);
818     return count;
819 }
820 #endif
821 
822 #define MAX_BLOCK_SIZE 128
823 
824 static unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
825 static AES_KEY aes_ks1, aes_ks2, aes_ks3;
826 static int AES_cbc_128_encrypt_loop(void *args)
827 {
828     loopargs_t *tempargs = *(loopargs_t **) args;
829     unsigned char *buf = tempargs->buf;
830     int count;
831     for (count = 0; COND(c[D_CBC_128_AES][testnum]); count++)
832         AES_cbc_encrypt(buf, buf,
833                         (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
834     return count;
835 }
836 
837 static int AES_cbc_192_encrypt_loop(void *args)
838 {
839     loopargs_t *tempargs = *(loopargs_t **) args;
840     unsigned char *buf = tempargs->buf;
841     int count;
842     for (count = 0; COND(c[D_CBC_192_AES][testnum]); count++)
843         AES_cbc_encrypt(buf, buf,
844                         (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
845     return count;
846 }
847 
848 static int AES_cbc_256_encrypt_loop(void *args)
849 {
850     loopargs_t *tempargs = *(loopargs_t **) args;
851     unsigned char *buf = tempargs->buf;
852     int count;
853     for (count = 0; COND(c[D_CBC_256_AES][testnum]); count++)
854         AES_cbc_encrypt(buf, buf,
855                         (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
856     return count;
857 }
858 
859 static int AES_ige_128_encrypt_loop(void *args)
860 {
861     loopargs_t *tempargs = *(loopargs_t **) args;
862     unsigned char *buf = tempargs->buf;
863     unsigned char *buf2 = tempargs->buf2;
864     int count;
865     for (count = 0; COND(c[D_IGE_128_AES][testnum]); count++)
866         AES_ige_encrypt(buf, buf2,
867                         (size_t)lengths[testnum], &aes_ks1, iv, AES_ENCRYPT);
868     return count;
869 }
870 
871 static int AES_ige_192_encrypt_loop(void *args)
872 {
873     loopargs_t *tempargs = *(loopargs_t **) args;
874     unsigned char *buf = tempargs->buf;
875     unsigned char *buf2 = tempargs->buf2;
876     int count;
877     for (count = 0; COND(c[D_IGE_192_AES][testnum]); count++)
878         AES_ige_encrypt(buf, buf2,
879                         (size_t)lengths[testnum], &aes_ks2, iv, AES_ENCRYPT);
880     return count;
881 }
882 
883 static int AES_ige_256_encrypt_loop(void *args)
884 {
885     loopargs_t *tempargs = *(loopargs_t **) args;
886     unsigned char *buf = tempargs->buf;
887     unsigned char *buf2 = tempargs->buf2;
888     int count;
889     for (count = 0; COND(c[D_IGE_256_AES][testnum]); count++)
890         AES_ige_encrypt(buf, buf2,
891                         (size_t)lengths[testnum], &aes_ks3, iv, AES_ENCRYPT);
892     return count;
893 }
894 
895 static int CRYPTO_gcm128_aad_loop(void *args)
896 {
897     loopargs_t *tempargs = *(loopargs_t **) args;
898     unsigned char *buf = tempargs->buf;
899     GCM128_CONTEXT *gcm_ctx = tempargs->gcm_ctx;
900     int count;
901     for (count = 0; COND(c[D_GHASH][testnum]); count++)
902         CRYPTO_gcm128_aad(gcm_ctx, buf, lengths[testnum]);
903     return count;
904 }
905 
906 static int RAND_bytes_loop(void *args)
907 {
908     loopargs_t *tempargs = *(loopargs_t **) args;
909     unsigned char *buf = tempargs->buf;
910     int count;
911 
912     for (count = 0; COND(c[D_RAND][testnum]); count++)
913         RAND_bytes(buf, lengths[testnum]);
914     return count;
915 }
916 
917 static long save_count = 0;
918 static int decrypt = 0;
919 static int EVP_Update_loop(void *args)
920 {
921     loopargs_t *tempargs = *(loopargs_t **) args;
922     unsigned char *buf = tempargs->buf;
923     EVP_CIPHER_CTX *ctx = tempargs->ctx;
924     int outl, count, rc;
925 #ifndef SIGALRM
926     int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
927 #endif
928     if (decrypt) {
929         for (count = 0; COND(nb_iter); count++) {
930             rc = EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
931             if (rc != 1) {
932                 /* reset iv in case of counter overflow */
933                 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
934             }
935         }
936     } else {
937         for (count = 0; COND(nb_iter); count++) {
938             rc = EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
939             if (rc != 1) {
940                 /* reset iv in case of counter overflow */
941                 EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, -1);
942             }
943         }
944     }
945     if (decrypt)
946         EVP_DecryptFinal_ex(ctx, buf, &outl);
947     else
948         EVP_EncryptFinal_ex(ctx, buf, &outl);
949     return count;
950 }
951 
952 /*
953  * CCM does not support streaming. For the purpose of performance measurement,
954  * each message is encrypted using the same (key,iv)-pair. Do not use this
955  * code in your application.
956  */
957 static int EVP_Update_loop_ccm(void *args)
958 {
959     loopargs_t *tempargs = *(loopargs_t **) args;
960     unsigned char *buf = tempargs->buf;
961     EVP_CIPHER_CTX *ctx = tempargs->ctx;
962     int outl, count;
963     unsigned char tag[12];
964 #ifndef SIGALRM
965     int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
966 #endif
967     if (decrypt) {
968         for (count = 0; COND(nb_iter); count++) {
969             EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, sizeof(tag), tag);
970             /* reset iv */
971             EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
972             /* counter is reset on every update */
973             EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
974         }
975     } else {
976         for (count = 0; COND(nb_iter); count++) {
977             /* restore iv length field */
978             EVP_EncryptUpdate(ctx, NULL, &outl, NULL, lengths[testnum]);
979             /* counter is reset on every update */
980             EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
981         }
982     }
983     if (decrypt)
984         EVP_DecryptFinal_ex(ctx, buf, &outl);
985     else
986         EVP_EncryptFinal_ex(ctx, buf, &outl);
987     return count;
988 }
989 
990 /*
991  * To make AEAD benchmarking more relevant perform TLS-like operations,
992  * 13-byte AAD followed by payload. But don't use TLS-formatted AAD, as
993  * payload length is not actually limited by 16KB...
994  */
995 static int EVP_Update_loop_aead(void *args)
996 {
997     loopargs_t *tempargs = *(loopargs_t **) args;
998     unsigned char *buf = tempargs->buf;
999     EVP_CIPHER_CTX *ctx = tempargs->ctx;
1000     int outl, count;
1001     unsigned char aad[13] = { 0xcc };
1002     unsigned char faketag[16] = { 0xcc };
1003 #ifndef SIGALRM
1004     int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1005 #endif
1006     if (decrypt) {
1007         for (count = 0; COND(nb_iter); count++) {
1008             EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, iv);
1009             EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
1010                                 sizeof(faketag), faketag);
1011             EVP_DecryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1012             EVP_DecryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1013             EVP_DecryptFinal_ex(ctx, buf + outl, &outl);
1014         }
1015     } else {
1016         for (count = 0; COND(nb_iter); count++) {
1017             EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv);
1018             EVP_EncryptUpdate(ctx, NULL, &outl, aad, sizeof(aad));
1019             EVP_EncryptUpdate(ctx, buf, &outl, buf, lengths[testnum]);
1020             EVP_EncryptFinal_ex(ctx, buf + outl, &outl);
1021         }
1022     }
1023     return count;
1024 }
1025 
1026 static const EVP_MD *evp_md = NULL;
1027 static int EVP_Digest_loop(void *args)
1028 {
1029     loopargs_t *tempargs = *(loopargs_t **) args;
1030     unsigned char *buf = tempargs->buf;
1031     unsigned char md[EVP_MAX_MD_SIZE];
1032     int count;
1033 #ifndef SIGALRM
1034     int nb_iter = save_count * 4 * lengths[0] / lengths[testnum];
1035 #endif
1036 
1037     for (count = 0; COND(nb_iter); count++) {
1038         if (!EVP_Digest(buf, lengths[testnum], md, NULL, evp_md, NULL))
1039             return -1;
1040     }
1041     return count;
1042 }
1043 
1044 #ifndef OPENSSL_NO_RSA
1045 static long rsa_c[RSA_NUM][2];  /* # RSA iteration test */
1046 
1047 static int RSA_sign_loop(void *args)
1048 {
1049     loopargs_t *tempargs = *(loopargs_t **) args;
1050     unsigned char *buf = tempargs->buf;
1051     unsigned char *buf2 = tempargs->buf2;
1052     unsigned int *rsa_num = &tempargs->siglen;
1053     RSA **rsa_key = tempargs->rsa_key;
1054     int ret, count;
1055     for (count = 0; COND(rsa_c[testnum][0]); count++) {
1056         ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1057         if (ret == 0) {
1058             BIO_printf(bio_err, "RSA sign failure\n");
1059             ERR_print_errors(bio_err);
1060             count = -1;
1061             break;
1062         }
1063     }
1064     return count;
1065 }
1066 
1067 static int RSA_verify_loop(void *args)
1068 {
1069     loopargs_t *tempargs = *(loopargs_t **) args;
1070     unsigned char *buf = tempargs->buf;
1071     unsigned char *buf2 = tempargs->buf2;
1072     unsigned int rsa_num = tempargs->siglen;
1073     RSA **rsa_key = tempargs->rsa_key;
1074     int ret, count;
1075     for (count = 0; COND(rsa_c[testnum][1]); count++) {
1076         ret =
1077             RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[testnum]);
1078         if (ret <= 0) {
1079             BIO_printf(bio_err, "RSA verify failure\n");
1080             ERR_print_errors(bio_err);
1081             count = -1;
1082             break;
1083         }
1084     }
1085     return count;
1086 }
1087 #endif
1088 
1089 #ifndef OPENSSL_NO_DSA
1090 static long dsa_c[DSA_NUM][2];
1091 static int DSA_sign_loop(void *args)
1092 {
1093     loopargs_t *tempargs = *(loopargs_t **) args;
1094     unsigned char *buf = tempargs->buf;
1095     unsigned char *buf2 = tempargs->buf2;
1096     DSA **dsa_key = tempargs->dsa_key;
1097     unsigned int *siglen = &tempargs->siglen;
1098     int ret, count;
1099     for (count = 0; COND(dsa_c[testnum][0]); count++) {
1100         ret = DSA_sign(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1101         if (ret == 0) {
1102             BIO_printf(bio_err, "DSA sign failure\n");
1103             ERR_print_errors(bio_err);
1104             count = -1;
1105             break;
1106         }
1107     }
1108     return count;
1109 }
1110 
1111 static int DSA_verify_loop(void *args)
1112 {
1113     loopargs_t *tempargs = *(loopargs_t **) args;
1114     unsigned char *buf = tempargs->buf;
1115     unsigned char *buf2 = tempargs->buf2;
1116     DSA **dsa_key = tempargs->dsa_key;
1117     unsigned int siglen = tempargs->siglen;
1118     int ret, count;
1119     for (count = 0; COND(dsa_c[testnum][1]); count++) {
1120         ret = DSA_verify(0, buf, 20, buf2, siglen, dsa_key[testnum]);
1121         if (ret <= 0) {
1122             BIO_printf(bio_err, "DSA verify failure\n");
1123             ERR_print_errors(bio_err);
1124             count = -1;
1125             break;
1126         }
1127     }
1128     return count;
1129 }
1130 #endif
1131 
1132 #ifndef OPENSSL_NO_EC
1133 static long ecdsa_c[ECDSA_NUM][2];
1134 static int ECDSA_sign_loop(void *args)
1135 {
1136     loopargs_t *tempargs = *(loopargs_t **) args;
1137     unsigned char *buf = tempargs->buf;
1138     EC_KEY **ecdsa = tempargs->ecdsa;
1139     unsigned char *ecdsasig = tempargs->buf2;
1140     unsigned int *ecdsasiglen = &tempargs->siglen;
1141     int ret, count;
1142     for (count = 0; COND(ecdsa_c[testnum][0]); count++) {
1143         ret = ECDSA_sign(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1144         if (ret == 0) {
1145             BIO_printf(bio_err, "ECDSA sign failure\n");
1146             ERR_print_errors(bio_err);
1147             count = -1;
1148             break;
1149         }
1150     }
1151     return count;
1152 }
1153 
1154 static int ECDSA_verify_loop(void *args)
1155 {
1156     loopargs_t *tempargs = *(loopargs_t **) args;
1157     unsigned char *buf = tempargs->buf;
1158     EC_KEY **ecdsa = tempargs->ecdsa;
1159     unsigned char *ecdsasig = tempargs->buf2;
1160     unsigned int ecdsasiglen = tempargs->siglen;
1161     int ret, count;
1162     for (count = 0; COND(ecdsa_c[testnum][1]); count++) {
1163         ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[testnum]);
1164         if (ret != 1) {
1165             BIO_printf(bio_err, "ECDSA verify failure\n");
1166             ERR_print_errors(bio_err);
1167             count = -1;
1168             break;
1169         }
1170     }
1171     return count;
1172 }
1173 
1174 /* ******************************************************************** */
1175 static long ecdh_c[EC_NUM][1];
1176 
1177 static int ECDH_EVP_derive_key_loop(void *args)
1178 {
1179     loopargs_t *tempargs = *(loopargs_t **) args;
1180     EVP_PKEY_CTX *ctx = tempargs->ecdh_ctx[testnum];
1181     unsigned char *derived_secret = tempargs->secret_a;
1182     int count;
1183     size_t *outlen = &(tempargs->outlen[testnum]);
1184 
1185     for (count = 0; COND(ecdh_c[testnum][0]); count++)
1186         EVP_PKEY_derive(ctx, derived_secret, outlen);
1187 
1188     return count;
1189 }
1190 
1191 static long eddsa_c[EdDSA_NUM][2];
1192 static int EdDSA_sign_loop(void *args)
1193 {
1194     loopargs_t *tempargs = *(loopargs_t **) args;
1195     unsigned char *buf = tempargs->buf;
1196     EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1197     unsigned char *eddsasig = tempargs->buf2;
1198     size_t *eddsasigsize = &tempargs->sigsize;
1199     int ret, count;
1200 
1201     for (count = 0; COND(eddsa_c[testnum][0]); count++) {
1202         ret = EVP_DigestSign(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1203         if (ret == 0) {
1204             BIO_printf(bio_err, "EdDSA sign failure\n");
1205             ERR_print_errors(bio_err);
1206             count = -1;
1207             break;
1208         }
1209     }
1210     return count;
1211 }
1212 
1213 static int EdDSA_verify_loop(void *args)
1214 {
1215     loopargs_t *tempargs = *(loopargs_t **) args;
1216     unsigned char *buf = tempargs->buf;
1217     EVP_MD_CTX **edctx = tempargs->eddsa_ctx;
1218     unsigned char *eddsasig = tempargs->buf2;
1219     size_t eddsasigsize = tempargs->sigsize;
1220     int ret, count;
1221 
1222     for (count = 0; COND(eddsa_c[testnum][1]); count++) {
1223         ret = EVP_DigestVerify(edctx[testnum], eddsasig, eddsasigsize, buf, 20);
1224         if (ret != 1) {
1225             BIO_printf(bio_err, "EdDSA verify failure\n");
1226             ERR_print_errors(bio_err);
1227             count = -1;
1228             break;
1229         }
1230     }
1231     return count;
1232 }
1233 #endif                          /* OPENSSL_NO_EC */
1234 
1235 static int run_benchmark(int async_jobs,
1236                          int (*loop_function) (void *), loopargs_t * loopargs)
1237 {
1238     int job_op_count = 0;
1239     int total_op_count = 0;
1240     int num_inprogress = 0;
1241     int error = 0, i = 0, ret = 0;
1242     OSSL_ASYNC_FD job_fd = 0;
1243     size_t num_job_fds = 0;
1244 
1245     run = 1;
1246 
1247     if (async_jobs == 0) {
1248         return loop_function((void *)&loopargs);
1249     }
1250 
1251     for (i = 0; i < async_jobs && !error; i++) {
1252         loopargs_t *looparg_item = loopargs + i;
1253 
1254         /* Copy pointer content (looparg_t item address) into async context */
1255         ret = ASYNC_start_job(&loopargs[i].inprogress_job, loopargs[i].wait_ctx,
1256                               &job_op_count, loop_function,
1257                               (void *)&looparg_item, sizeof(looparg_item));
1258         switch (ret) {
1259         case ASYNC_PAUSE:
1260             ++num_inprogress;
1261             break;
1262         case ASYNC_FINISH:
1263             if (job_op_count == -1) {
1264                 error = 1;
1265             } else {
1266                 total_op_count += job_op_count;
1267             }
1268             break;
1269         case ASYNC_NO_JOBS:
1270         case ASYNC_ERR:
1271             BIO_printf(bio_err, "Failure in the job\n");
1272             ERR_print_errors(bio_err);
1273             error = 1;
1274             break;
1275         }
1276     }
1277 
1278     while (num_inprogress > 0) {
1279 #if defined(OPENSSL_SYS_WINDOWS)
1280         DWORD avail = 0;
1281 #elif defined(OPENSSL_SYS_UNIX)
1282         int select_result = 0;
1283         OSSL_ASYNC_FD max_fd = 0;
1284         fd_set waitfdset;
1285 
1286         FD_ZERO(&waitfdset);
1287 
1288         for (i = 0; i < async_jobs && num_inprogress > 0; i++) {
1289             if (loopargs[i].inprogress_job == NULL)
1290                 continue;
1291 
1292             if (!ASYNC_WAIT_CTX_get_all_fds
1293                 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1294                 || num_job_fds > 1) {
1295                 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1296                 ERR_print_errors(bio_err);
1297                 error = 1;
1298                 break;
1299             }
1300             ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1301                                        &num_job_fds);
1302             FD_SET(job_fd, &waitfdset);
1303             if (job_fd > max_fd)
1304                 max_fd = job_fd;
1305         }
1306 
1307         if (max_fd >= (OSSL_ASYNC_FD)FD_SETSIZE) {
1308             BIO_printf(bio_err,
1309                        "Error: max_fd (%d) must be smaller than FD_SETSIZE (%d). "
1310                        "Decrease the value of async_jobs\n",
1311                        max_fd, FD_SETSIZE);
1312             ERR_print_errors(bio_err);
1313             error = 1;
1314             break;
1315         }
1316 
1317         select_result = select(max_fd + 1, &waitfdset, NULL, NULL, NULL);
1318         if (select_result == -1 && errno == EINTR)
1319             continue;
1320 
1321         if (select_result == -1) {
1322             BIO_printf(bio_err, "Failure in the select\n");
1323             ERR_print_errors(bio_err);
1324             error = 1;
1325             break;
1326         }
1327 
1328         if (select_result == 0)
1329             continue;
1330 #endif
1331 
1332         for (i = 0; i < async_jobs; i++) {
1333             if (loopargs[i].inprogress_job == NULL)
1334                 continue;
1335 
1336             if (!ASYNC_WAIT_CTX_get_all_fds
1337                 (loopargs[i].wait_ctx, NULL, &num_job_fds)
1338                 || num_job_fds > 1) {
1339                 BIO_printf(bio_err, "Too many fds in ASYNC_WAIT_CTX\n");
1340                 ERR_print_errors(bio_err);
1341                 error = 1;
1342                 break;
1343             }
1344             ASYNC_WAIT_CTX_get_all_fds(loopargs[i].wait_ctx, &job_fd,
1345                                        &num_job_fds);
1346 
1347 #if defined(OPENSSL_SYS_UNIX)
1348             if (num_job_fds == 1 && !FD_ISSET(job_fd, &waitfdset))
1349                 continue;
1350 #elif defined(OPENSSL_SYS_WINDOWS)
1351             if (num_job_fds == 1
1352                 && !PeekNamedPipe(job_fd, NULL, 0, NULL, &avail, NULL)
1353                 && avail > 0)
1354                 continue;
1355 #endif
1356 
1357             ret = ASYNC_start_job(&loopargs[i].inprogress_job,
1358                                   loopargs[i].wait_ctx, &job_op_count,
1359                                   loop_function, (void *)(loopargs + i),
1360                                   sizeof(loopargs_t));
1361             switch (ret) {
1362             case ASYNC_PAUSE:
1363                 break;
1364             case ASYNC_FINISH:
1365                 if (job_op_count == -1) {
1366                     error = 1;
1367                 } else {
1368                     total_op_count += job_op_count;
1369                 }
1370                 --num_inprogress;
1371                 loopargs[i].inprogress_job = NULL;
1372                 break;
1373             case ASYNC_NO_JOBS:
1374             case ASYNC_ERR:
1375                 --num_inprogress;
1376                 loopargs[i].inprogress_job = NULL;
1377                 BIO_printf(bio_err, "Failure in the job\n");
1378                 ERR_print_errors(bio_err);
1379                 error = 1;
1380                 break;
1381             }
1382         }
1383     }
1384 
1385     return error ? -1 : total_op_count;
1386 }
1387 
1388 int speed_main(int argc, char **argv)
1389 {
1390     ENGINE *e = NULL;
1391     loopargs_t *loopargs = NULL;
1392     const char *prog;
1393     const char *engine_id = NULL;
1394     const EVP_CIPHER *evp_cipher = NULL;
1395     double d = 0.0;
1396     OPTION_CHOICE o;
1397     int async_init = 0, multiblock = 0, pr_header = 0;
1398     int doit[ALGOR_NUM] = { 0 };
1399     int ret = 1, misalign = 0, lengths_single = 0, aead = 0;
1400     long count = 0;
1401     unsigned int size_num = OSSL_NELEM(lengths_list);
1402     unsigned int i, k, loop, loopargs_len = 0, async_jobs = 0;
1403     int keylen;
1404     int buflen;
1405 #ifndef NO_FORK
1406     int multi = 0;
1407 #endif
1408 #if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) \
1409     || !defined(OPENSSL_NO_EC)
1410     long rsa_count = 1;
1411 #endif
1412     openssl_speed_sec_t seconds = { SECONDS, RSA_SECONDS, DSA_SECONDS,
1413                                     ECDSA_SECONDS, ECDH_SECONDS,
1414                                     EdDSA_SECONDS };
1415 
1416     /* What follows are the buffers and key material. */
1417 #ifndef OPENSSL_NO_RC5
1418     RC5_32_KEY rc5_ks;
1419 #endif
1420 #ifndef OPENSSL_NO_RC2
1421     RC2_KEY rc2_ks;
1422 #endif
1423 #ifndef OPENSSL_NO_IDEA
1424     IDEA_KEY_SCHEDULE idea_ks;
1425 #endif
1426 #ifndef OPENSSL_NO_SEED
1427     SEED_KEY_SCHEDULE seed_ks;
1428 #endif
1429 #ifndef OPENSSL_NO_BF
1430     BF_KEY bf_ks;
1431 #endif
1432 #ifndef OPENSSL_NO_CAST
1433     CAST_KEY cast_ks;
1434 #endif
1435     static const unsigned char key16[16] = {
1436         0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1437         0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1438     };
1439     static const unsigned char key24[24] = {
1440         0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1441         0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1442         0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1443     };
1444     static const unsigned char key32[32] = {
1445         0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1446         0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1447         0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1448         0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1449     };
1450 #ifndef OPENSSL_NO_CAMELLIA
1451     static const unsigned char ckey24[24] = {
1452         0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1453         0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1454         0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1455     };
1456     static const unsigned char ckey32[32] = {
1457         0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
1458         0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
1459         0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
1460         0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
1461     };
1462     CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3;
1463 #endif
1464 #ifndef OPENSSL_NO_DES
1465     static DES_cblock key = {
1466         0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0
1467     };
1468     static DES_cblock key2 = {
1469         0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
1470     };
1471     static DES_cblock key3 = {
1472         0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
1473     };
1474 #endif
1475 #ifndef OPENSSL_NO_RSA
1476     static const unsigned int rsa_bits[RSA_NUM] = {
1477         512, 1024, 2048, 3072, 4096, 7680, 15360
1478     };
1479     static const unsigned char *rsa_data[RSA_NUM] = {
1480         test512, test1024, test2048, test3072, test4096, test7680, test15360
1481     };
1482     static const int rsa_data_length[RSA_NUM] = {
1483         sizeof(test512), sizeof(test1024),
1484         sizeof(test2048), sizeof(test3072),
1485         sizeof(test4096), sizeof(test7680),
1486         sizeof(test15360)
1487     };
1488     int rsa_doit[RSA_NUM] = { 0 };
1489     int primes = RSA_DEFAULT_PRIME_NUM;
1490 #endif
1491 #ifndef OPENSSL_NO_DSA
1492     static const unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 };
1493     int dsa_doit[DSA_NUM] = { 0 };
1494 #endif
1495 #ifndef OPENSSL_NO_EC
1496     /*
1497      * We only test over the following curves as they are representative, To
1498      * add tests over more curves, simply add the curve NID and curve name to
1499      * the following arrays and increase the |ecdh_choices| list accordingly.
1500      */
1501     static const struct {
1502         const char *name;
1503         unsigned int nid;
1504         unsigned int bits;
1505     } test_curves[] = {
1506         /* Prime Curves */
1507         {"secp160r1", NID_secp160r1, 160},
1508         {"nistp192", NID_X9_62_prime192v1, 192},
1509         {"nistp224", NID_secp224r1, 224},
1510         {"nistp256", NID_X9_62_prime256v1, 256},
1511         {"nistp384", NID_secp384r1, 384},
1512         {"nistp521", NID_secp521r1, 521},
1513 # ifndef OPENSSL_NO_EC2M
1514         /* Binary Curves */
1515         {"nistk163", NID_sect163k1, 163},
1516         {"nistk233", NID_sect233k1, 233},
1517         {"nistk283", NID_sect283k1, 283},
1518         {"nistk409", NID_sect409k1, 409},
1519         {"nistk571", NID_sect571k1, 571},
1520         {"nistb163", NID_sect163r2, 163},
1521         {"nistb233", NID_sect233r1, 233},
1522         {"nistb283", NID_sect283r1, 283},
1523         {"nistb409", NID_sect409r1, 409},
1524         {"nistb571", NID_sect571r1, 571},
1525 # endif
1526         {"brainpoolP256r1", NID_brainpoolP256r1, 256},
1527         {"brainpoolP256t1", NID_brainpoolP256t1, 256},
1528         {"brainpoolP384r1", NID_brainpoolP384r1, 384},
1529         {"brainpoolP384t1", NID_brainpoolP384t1, 384},
1530         {"brainpoolP512r1", NID_brainpoolP512r1, 512},
1531         {"brainpoolP512t1", NID_brainpoolP512t1, 512},
1532         /* Other and ECDH only ones */
1533         {"X25519", NID_X25519, 253},
1534         {"X448", NID_X448, 448}
1535     };
1536     static const struct {
1537         const char *name;
1538         unsigned int nid;
1539         unsigned int bits;
1540         size_t sigsize;
1541     } test_ed_curves[] = {
1542         /* EdDSA */
1543         {"Ed25519", NID_ED25519, 253, 64},
1544         {"Ed448", NID_ED448, 456, 114}
1545     };
1546     int ecdsa_doit[ECDSA_NUM] = { 0 };
1547     int ecdh_doit[EC_NUM] = { 0 };
1548     int eddsa_doit[EdDSA_NUM] = { 0 };
1549     OPENSSL_assert(OSSL_NELEM(test_curves) >= EC_NUM);
1550     OPENSSL_assert(OSSL_NELEM(test_ed_curves) >= EdDSA_NUM);
1551 #endif                          /* ndef OPENSSL_NO_EC */
1552 
1553     prog = opt_init(argc, argv, speed_options);
1554     while ((o = opt_next()) != OPT_EOF) {
1555         switch (o) {
1556         case OPT_EOF:
1557         case OPT_ERR:
1558  opterr:
1559             BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
1560             goto end;
1561         case OPT_HELP:
1562             opt_help(speed_options);
1563             ret = 0;
1564             goto end;
1565         case OPT_ELAPSED:
1566             usertime = 0;
1567             break;
1568         case OPT_EVP:
1569             evp_md = NULL;
1570             evp_cipher = EVP_get_cipherbyname(opt_arg());
1571             if (evp_cipher == NULL)
1572                 evp_md = EVP_get_digestbyname(opt_arg());
1573             if (evp_cipher == NULL && evp_md == NULL) {
1574                 BIO_printf(bio_err,
1575                            "%s: %s is an unknown cipher or digest\n",
1576                            prog, opt_arg());
1577                 goto end;
1578             }
1579             doit[D_EVP] = 1;
1580             break;
1581         case OPT_DECRYPT:
1582             decrypt = 1;
1583             break;
1584         case OPT_ENGINE:
1585             /*
1586              * In a forked execution, an engine might need to be
1587              * initialised by each child process, not by the parent.
1588              * So store the name here and run setup_engine() later on.
1589              */
1590             engine_id = opt_arg();
1591             break;
1592         case OPT_MULTI:
1593 #ifndef NO_FORK
1594             multi = atoi(opt_arg());
1595 #endif
1596             break;
1597         case OPT_ASYNCJOBS:
1598 #ifndef OPENSSL_NO_ASYNC
1599             async_jobs = atoi(opt_arg());
1600             if (!ASYNC_is_capable()) {
1601                 BIO_printf(bio_err,
1602                            "%s: async_jobs specified but async not supported\n",
1603                            prog);
1604                 goto opterr;
1605             }
1606             if (async_jobs > 99999) {
1607                 BIO_printf(bio_err, "%s: too many async_jobs\n", prog);
1608                 goto opterr;
1609             }
1610 #endif
1611             break;
1612         case OPT_MISALIGN:
1613             if (!opt_int(opt_arg(), &misalign))
1614                 goto end;
1615             if (misalign > MISALIGN) {
1616                 BIO_printf(bio_err,
1617                            "%s: Maximum offset is %d\n", prog, MISALIGN);
1618                 goto opterr;
1619             }
1620             break;
1621         case OPT_MR:
1622             mr = 1;
1623             break;
1624         case OPT_MB:
1625             multiblock = 1;
1626 #ifdef OPENSSL_NO_MULTIBLOCK
1627             BIO_printf(bio_err,
1628                        "%s: -mb specified but multi-block support is disabled\n",
1629                        prog);
1630             goto end;
1631 #endif
1632             break;
1633         case OPT_R_CASES:
1634             if (!opt_rand(o))
1635                 goto end;
1636             break;
1637         case OPT_PRIMES:
1638             if (!opt_int(opt_arg(), &primes))
1639                 goto end;
1640             break;
1641         case OPT_SECONDS:
1642             seconds.sym = seconds.rsa = seconds.dsa = seconds.ecdsa
1643                         = seconds.ecdh = seconds.eddsa = atoi(opt_arg());
1644             break;
1645         case OPT_BYTES:
1646             lengths_single = atoi(opt_arg());
1647             lengths = &lengths_single;
1648             size_num = 1;
1649             break;
1650         case OPT_AEAD:
1651             aead = 1;
1652             break;
1653         }
1654     }
1655     argc = opt_num_rest();
1656     argv = opt_rest();
1657 
1658     /* Remaining arguments are algorithms. */
1659     for (; *argv; argv++) {
1660         if (found(*argv, doit_choices, &i)) {
1661             doit[i] = 1;
1662             continue;
1663         }
1664 #ifndef OPENSSL_NO_DES
1665         if (strcmp(*argv, "des") == 0) {
1666             doit[D_CBC_DES] = doit[D_EDE3_DES] = 1;
1667             continue;
1668         }
1669 #endif
1670         if (strcmp(*argv, "sha") == 0) {
1671             doit[D_SHA1] = doit[D_SHA256] = doit[D_SHA512] = 1;
1672             continue;
1673         }
1674 #ifndef OPENSSL_NO_RSA
1675         if (strcmp(*argv, "openssl") == 0)
1676             continue;
1677         if (strcmp(*argv, "rsa") == 0) {
1678             for (loop = 0; loop < OSSL_NELEM(rsa_doit); loop++)
1679                 rsa_doit[loop] = 1;
1680             continue;
1681         }
1682         if (found(*argv, rsa_choices, &i)) {
1683             rsa_doit[i] = 1;
1684             continue;
1685         }
1686 #endif
1687 #ifndef OPENSSL_NO_DSA
1688         if (strcmp(*argv, "dsa") == 0) {
1689             dsa_doit[R_DSA_512] = dsa_doit[R_DSA_1024] =
1690                 dsa_doit[R_DSA_2048] = 1;
1691             continue;
1692         }
1693         if (found(*argv, dsa_choices, &i)) {
1694             dsa_doit[i] = 2;
1695             continue;
1696         }
1697 #endif
1698         if (strcmp(*argv, "aes") == 0) {
1699             doit[D_CBC_128_AES] = doit[D_CBC_192_AES] = doit[D_CBC_256_AES] = 1;
1700             continue;
1701         }
1702 #ifndef OPENSSL_NO_CAMELLIA
1703         if (strcmp(*argv, "camellia") == 0) {
1704             doit[D_CBC_128_CML] = doit[D_CBC_192_CML] = doit[D_CBC_256_CML] = 1;
1705             continue;
1706         }
1707 #endif
1708 #ifndef OPENSSL_NO_EC
1709         if (strcmp(*argv, "ecdsa") == 0) {
1710             for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
1711                 ecdsa_doit[loop] = 1;
1712             continue;
1713         }
1714         if (found(*argv, ecdsa_choices, &i)) {
1715             ecdsa_doit[i] = 2;
1716             continue;
1717         }
1718         if (strcmp(*argv, "ecdh") == 0) {
1719             for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
1720                 ecdh_doit[loop] = 1;
1721             continue;
1722         }
1723         if (found(*argv, ecdh_choices, &i)) {
1724             ecdh_doit[i] = 2;
1725             continue;
1726         }
1727         if (strcmp(*argv, "eddsa") == 0) {
1728             for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
1729                 eddsa_doit[loop] = 1;
1730             continue;
1731         }
1732         if (found(*argv, eddsa_choices, &i)) {
1733             eddsa_doit[i] = 2;
1734             continue;
1735         }
1736 #endif
1737         BIO_printf(bio_err, "%s: Unknown algorithm %s\n", prog, *argv);
1738         goto end;
1739     }
1740 
1741     /* Sanity checks */
1742     if (aead) {
1743         if (evp_cipher == NULL) {
1744             BIO_printf(bio_err, "-aead can be used only with an AEAD cipher\n");
1745             goto end;
1746         } else if (!(EVP_CIPHER_flags(evp_cipher) &
1747                      EVP_CIPH_FLAG_AEAD_CIPHER)) {
1748             BIO_printf(bio_err, "%s is not an AEAD cipher\n",
1749                        OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1750             goto end;
1751         }
1752     }
1753     if (multiblock) {
1754         if (evp_cipher == NULL) {
1755             BIO_printf(bio_err,"-mb can be used only with a multi-block"
1756                                " capable cipher\n");
1757             goto end;
1758         } else if (!(EVP_CIPHER_flags(evp_cipher) &
1759                      EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
1760             BIO_printf(bio_err, "%s is not a multi-block capable\n",
1761                        OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher)));
1762             goto end;
1763         } else if (async_jobs > 0) {
1764             BIO_printf(bio_err, "Async mode is not supported with -mb");
1765             goto end;
1766         }
1767     }
1768 
1769     /* Initialize the job pool if async mode is enabled */
1770     if (async_jobs > 0) {
1771         async_init = ASYNC_init_thread(async_jobs, async_jobs);
1772         if (!async_init) {
1773             BIO_printf(bio_err, "Error creating the ASYNC job pool\n");
1774             goto end;
1775         }
1776     }
1777 
1778     loopargs_len = (async_jobs == 0 ? 1 : async_jobs);
1779     loopargs =
1780         app_malloc(loopargs_len * sizeof(loopargs_t), "array of loopargs");
1781     memset(loopargs, 0, loopargs_len * sizeof(loopargs_t));
1782 
1783     for (i = 0; i < loopargs_len; i++) {
1784         if (async_jobs > 0) {
1785             loopargs[i].wait_ctx = ASYNC_WAIT_CTX_new();
1786             if (loopargs[i].wait_ctx == NULL) {
1787                 BIO_printf(bio_err, "Error creating the ASYNC_WAIT_CTX\n");
1788                 goto end;
1789             }
1790         }
1791 
1792         buflen = lengths[size_num - 1];
1793         if (buflen < 36)    /* size of random vector in RSA benchmark */
1794             buflen = 36;
1795         buflen += MAX_MISALIGNMENT + 1;
1796         loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
1797         loopargs[i].buf2_malloc = app_malloc(buflen, "input buffer");
1798         memset(loopargs[i].buf_malloc, 0, buflen);
1799         memset(loopargs[i].buf2_malloc, 0, buflen);
1800 
1801         /* Align the start of buffers on a 64 byte boundary */
1802         loopargs[i].buf = loopargs[i].buf_malloc + misalign;
1803         loopargs[i].buf2 = loopargs[i].buf2_malloc + misalign;
1804 #ifndef OPENSSL_NO_EC
1805         loopargs[i].secret_a = app_malloc(MAX_ECDH_SIZE, "ECDH secret a");
1806         loopargs[i].secret_b = app_malloc(MAX_ECDH_SIZE, "ECDH secret b");
1807 #endif
1808     }
1809 
1810 #ifndef NO_FORK
1811     if (multi && do_multi(multi, size_num))
1812         goto show_res;
1813 #endif
1814 
1815     /* Initialize the engine after the fork */
1816     e = setup_engine(engine_id, 0);
1817 
1818     /* No parameters; turn on everything. */
1819     if ((argc == 0) && !doit[D_EVP]) {
1820         for (i = 0; i < ALGOR_NUM; i++)
1821             if (i != D_EVP)
1822                 doit[i] = 1;
1823 #ifndef OPENSSL_NO_RSA
1824         for (i = 0; i < RSA_NUM; i++)
1825             rsa_doit[i] = 1;
1826 #endif
1827 #ifndef OPENSSL_NO_DSA
1828         for (i = 0; i < DSA_NUM; i++)
1829             dsa_doit[i] = 1;
1830 #endif
1831 #ifndef OPENSSL_NO_EC
1832         for (loop = 0; loop < OSSL_NELEM(ecdsa_doit); loop++)
1833             ecdsa_doit[loop] = 1;
1834         for (loop = 0; loop < OSSL_NELEM(ecdh_doit); loop++)
1835             ecdh_doit[loop] = 1;
1836         for (loop = 0; loop < OSSL_NELEM(eddsa_doit); loop++)
1837             eddsa_doit[loop] = 1;
1838 #endif
1839     }
1840     for (i = 0; i < ALGOR_NUM; i++)
1841         if (doit[i])
1842             pr_header++;
1843 
1844     if (usertime == 0 && !mr)
1845         BIO_printf(bio_err,
1846                    "You have chosen to measure elapsed time "
1847                    "instead of user CPU time.\n");
1848 
1849 #ifndef OPENSSL_NO_RSA
1850     for (i = 0; i < loopargs_len; i++) {
1851         if (primes > RSA_DEFAULT_PRIME_NUM) {
1852             /* for multi-prime RSA, skip this */
1853             break;
1854         }
1855         for (k = 0; k < RSA_NUM; k++) {
1856             const unsigned char *p;
1857 
1858             p = rsa_data[k];
1859             loopargs[i].rsa_key[k] =
1860                 d2i_RSAPrivateKey(NULL, &p, rsa_data_length[k]);
1861             if (loopargs[i].rsa_key[k] == NULL) {
1862                 BIO_printf(bio_err,
1863                            "internal error loading RSA key number %d\n", k);
1864                 goto end;
1865             }
1866         }
1867     }
1868 #endif
1869 #ifndef OPENSSL_NO_DSA
1870     for (i = 0; i < loopargs_len; i++) {
1871         loopargs[i].dsa_key[0] = get_dsa(512);
1872         loopargs[i].dsa_key[1] = get_dsa(1024);
1873         loopargs[i].dsa_key[2] = get_dsa(2048);
1874     }
1875 #endif
1876 #ifndef OPENSSL_NO_DES
1877     DES_set_key_unchecked(&key, &sch);
1878     DES_set_key_unchecked(&key2, &sch2);
1879     DES_set_key_unchecked(&key3, &sch3);
1880 #endif
1881     AES_set_encrypt_key(key16, 128, &aes_ks1);
1882     AES_set_encrypt_key(key24, 192, &aes_ks2);
1883     AES_set_encrypt_key(key32, 256, &aes_ks3);
1884 #ifndef OPENSSL_NO_CAMELLIA
1885     Camellia_set_key(key16, 128, &camellia_ks1);
1886     Camellia_set_key(ckey24, 192, &camellia_ks2);
1887     Camellia_set_key(ckey32, 256, &camellia_ks3);
1888 #endif
1889 #ifndef OPENSSL_NO_IDEA
1890     IDEA_set_encrypt_key(key16, &idea_ks);
1891 #endif
1892 #ifndef OPENSSL_NO_SEED
1893     SEED_set_key(key16, &seed_ks);
1894 #endif
1895 #ifndef OPENSSL_NO_RC4
1896     RC4_set_key(&rc4_ks, 16, key16);
1897 #endif
1898 #ifndef OPENSSL_NO_RC2
1899     RC2_set_key(&rc2_ks, 16, key16, 128);
1900 #endif
1901 #ifndef OPENSSL_NO_RC5
1902     RC5_32_set_key(&rc5_ks, 16, key16, 12);
1903 #endif
1904 #ifndef OPENSSL_NO_BF
1905     BF_set_key(&bf_ks, 16, key16);
1906 #endif
1907 #ifndef OPENSSL_NO_CAST
1908     CAST_set_key(&cast_ks, 16, key16);
1909 #endif
1910 #ifndef SIGALRM
1911 # ifndef OPENSSL_NO_DES
1912     BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
1913     count = 10;
1914     do {
1915         long it;
1916         count *= 2;
1917         Time_F(START);
1918         for (it = count; it; it--)
1919             DES_ecb_encrypt((DES_cblock *)loopargs[0].buf,
1920                             (DES_cblock *)loopargs[0].buf, &sch, DES_ENCRYPT);
1921         d = Time_F(STOP);
1922     } while (d < 3);
1923     save_count = count;
1924     c[D_MD2][0] = count / 10;
1925     c[D_MDC2][0] = count / 10;
1926     c[D_MD4][0] = count;
1927     c[D_MD5][0] = count;
1928     c[D_HMAC][0] = count;
1929     c[D_SHA1][0] = count;
1930     c[D_RMD160][0] = count;
1931     c[D_RC4][0] = count * 5;
1932     c[D_CBC_DES][0] = count;
1933     c[D_EDE3_DES][0] = count / 3;
1934     c[D_CBC_IDEA][0] = count;
1935     c[D_CBC_SEED][0] = count;
1936     c[D_CBC_RC2][0] = count;
1937     c[D_CBC_RC5][0] = count;
1938     c[D_CBC_BF][0] = count;
1939     c[D_CBC_CAST][0] = count;
1940     c[D_CBC_128_AES][0] = count;
1941     c[D_CBC_192_AES][0] = count;
1942     c[D_CBC_256_AES][0] = count;
1943     c[D_CBC_128_CML][0] = count;
1944     c[D_CBC_192_CML][0] = count;
1945     c[D_CBC_256_CML][0] = count;
1946     c[D_SHA256][0] = count;
1947     c[D_SHA512][0] = count;
1948     c[D_WHIRLPOOL][0] = count;
1949     c[D_IGE_128_AES][0] = count;
1950     c[D_IGE_192_AES][0] = count;
1951     c[D_IGE_256_AES][0] = count;
1952     c[D_GHASH][0] = count;
1953     c[D_RAND][0] = count;
1954 
1955     for (i = 1; i < size_num; i++) {
1956         long l0, l1;
1957 
1958         l0 = (long)lengths[0];
1959         l1 = (long)lengths[i];
1960 
1961         c[D_MD2][i] = c[D_MD2][0] * 4 * l0 / l1;
1962         c[D_MDC2][i] = c[D_MDC2][0] * 4 * l0 / l1;
1963         c[D_MD4][i] = c[D_MD4][0] * 4 * l0 / l1;
1964         c[D_MD5][i] = c[D_MD5][0] * 4 * l0 / l1;
1965         c[D_HMAC][i] = c[D_HMAC][0] * 4 * l0 / l1;
1966         c[D_SHA1][i] = c[D_SHA1][0] * 4 * l0 / l1;
1967         c[D_RMD160][i] = c[D_RMD160][0] * 4 * l0 / l1;
1968         c[D_SHA256][i] = c[D_SHA256][0] * 4 * l0 / l1;
1969         c[D_SHA512][i] = c[D_SHA512][0] * 4 * l0 / l1;
1970         c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * l0 / l1;
1971         c[D_GHASH][i] = c[D_GHASH][0] * 4 * l0 / l1;
1972         c[D_RAND][i] = c[D_RAND][0] * 4 * l0 / l1;
1973 
1974         l0 = (long)lengths[i - 1];
1975 
1976         c[D_RC4][i] = c[D_RC4][i - 1] * l0 / l1;
1977         c[D_CBC_DES][i] = c[D_CBC_DES][i - 1] * l0 / l1;
1978         c[D_EDE3_DES][i] = c[D_EDE3_DES][i - 1] * l0 / l1;
1979         c[D_CBC_IDEA][i] = c[D_CBC_IDEA][i - 1] * l0 / l1;
1980         c[D_CBC_SEED][i] = c[D_CBC_SEED][i - 1] * l0 / l1;
1981         c[D_CBC_RC2][i] = c[D_CBC_RC2][i - 1] * l0 / l1;
1982         c[D_CBC_RC5][i] = c[D_CBC_RC5][i - 1] * l0 / l1;
1983         c[D_CBC_BF][i] = c[D_CBC_BF][i - 1] * l0 / l1;
1984         c[D_CBC_CAST][i] = c[D_CBC_CAST][i - 1] * l0 / l1;
1985         c[D_CBC_128_AES][i] = c[D_CBC_128_AES][i - 1] * l0 / l1;
1986         c[D_CBC_192_AES][i] = c[D_CBC_192_AES][i - 1] * l0 / l1;
1987         c[D_CBC_256_AES][i] = c[D_CBC_256_AES][i - 1] * l0 / l1;
1988         c[D_CBC_128_CML][i] = c[D_CBC_128_CML][i - 1] * l0 / l1;
1989         c[D_CBC_192_CML][i] = c[D_CBC_192_CML][i - 1] * l0 / l1;
1990         c[D_CBC_256_CML][i] = c[D_CBC_256_CML][i - 1] * l0 / l1;
1991         c[D_IGE_128_AES][i] = c[D_IGE_128_AES][i - 1] * l0 / l1;
1992         c[D_IGE_192_AES][i] = c[D_IGE_192_AES][i - 1] * l0 / l1;
1993         c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
1994     }
1995 
1996 #  ifndef OPENSSL_NO_RSA
1997     rsa_c[R_RSA_512][0] = count / 2000;
1998     rsa_c[R_RSA_512][1] = count / 400;
1999     for (i = 1; i < RSA_NUM; i++) {
2000         rsa_c[i][0] = rsa_c[i - 1][0] / 8;
2001         rsa_c[i][1] = rsa_c[i - 1][1] / 4;
2002         if (rsa_doit[i] <= 1 && rsa_c[i][0] == 0)
2003             rsa_doit[i] = 0;
2004         else {
2005             if (rsa_c[i][0] == 0) {
2006                 rsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2007                 rsa_c[i][1] = 20;
2008             }
2009         }
2010     }
2011 #  endif
2012 
2013 #  ifndef OPENSSL_NO_DSA
2014     dsa_c[R_DSA_512][0] = count / 1000;
2015     dsa_c[R_DSA_512][1] = count / 1000 / 2;
2016     for (i = 1; i < DSA_NUM; i++) {
2017         dsa_c[i][0] = dsa_c[i - 1][0] / 4;
2018         dsa_c[i][1] = dsa_c[i - 1][1] / 4;
2019         if (dsa_doit[i] <= 1 && dsa_c[i][0] == 0)
2020             dsa_doit[i] = 0;
2021         else {
2022             if (dsa_c[i][0] == 0) {
2023                 dsa_c[i][0] = 1; /* Set minimum iteration Nb to 1. */
2024                 dsa_c[i][1] = 1;
2025             }
2026         }
2027     }
2028 #  endif
2029 
2030 #  ifndef OPENSSL_NO_EC
2031     ecdsa_c[R_EC_P160][0] = count / 1000;
2032     ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
2033     for (i = R_EC_P192; i <= R_EC_P521; i++) {
2034         ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2035         ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2036         if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2037             ecdsa_doit[i] = 0;
2038         else {
2039             if (ecdsa_c[i][0] == 0) {
2040                 ecdsa_c[i][0] = 1;
2041                 ecdsa_c[i][1] = 1;
2042             }
2043         }
2044     }
2045 #   ifndef OPENSSL_NO_EC2M
2046     ecdsa_c[R_EC_K163][0] = count / 1000;
2047     ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
2048     for (i = R_EC_K233; i <= R_EC_K571; i++) {
2049         ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2050         ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2051         if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2052             ecdsa_doit[i] = 0;
2053         else {
2054             if (ecdsa_c[i][0] == 0) {
2055                 ecdsa_c[i][0] = 1;
2056                 ecdsa_c[i][1] = 1;
2057             }
2058         }
2059     }
2060     ecdsa_c[R_EC_B163][0] = count / 1000;
2061     ecdsa_c[R_EC_B163][1] = count / 1000 / 2;
2062     for (i = R_EC_B233; i <= R_EC_B571; i++) {
2063         ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
2064         ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
2065         if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
2066             ecdsa_doit[i] = 0;
2067         else {
2068             if (ecdsa_c[i][0] == 0) {
2069                 ecdsa_c[i][0] = 1;
2070                 ecdsa_c[i][1] = 1;
2071             }
2072         }
2073     }
2074 #   endif
2075 
2076     ecdh_c[R_EC_P160][0] = count / 1000;
2077     for (i = R_EC_P192; i <= R_EC_P521; i++) {
2078         ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2079         if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2080             ecdh_doit[i] = 0;
2081         else {
2082             if (ecdh_c[i][0] == 0) {
2083                 ecdh_c[i][0] = 1;
2084             }
2085         }
2086     }
2087 #   ifndef OPENSSL_NO_EC2M
2088     ecdh_c[R_EC_K163][0] = count / 1000;
2089     for (i = R_EC_K233; i <= R_EC_K571; i++) {
2090         ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2091         if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2092             ecdh_doit[i] = 0;
2093         else {
2094             if (ecdh_c[i][0] == 0) {
2095                 ecdh_c[i][0] = 1;
2096             }
2097         }
2098     }
2099     ecdh_c[R_EC_B163][0] = count / 1000;
2100     for (i = R_EC_B233; i <= R_EC_B571; i++) {
2101         ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
2102         if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2103             ecdh_doit[i] = 0;
2104         else {
2105             if (ecdh_c[i][0] == 0) {
2106                 ecdh_c[i][0] = 1;
2107             }
2108         }
2109     }
2110 #   endif
2111     /* repeated code good to factorize */
2112     ecdh_c[R_EC_BRP256R1][0] = count / 1000;
2113     for (i = R_EC_BRP384R1; i <= R_EC_BRP512R1; i += 2) {
2114         ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2115         if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2116             ecdh_doit[i] = 0;
2117         else {
2118             if (ecdh_c[i][0] == 0) {
2119                 ecdh_c[i][0] = 1;
2120             }
2121         }
2122     }
2123     ecdh_c[R_EC_BRP256T1][0] = count / 1000;
2124     for (i = R_EC_BRP384T1; i <= R_EC_BRP512T1; i += 2) {
2125         ecdh_c[i][0] = ecdh_c[i - 2][0] / 2;
2126         if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
2127             ecdh_doit[i] = 0;
2128         else {
2129             if (ecdh_c[i][0] == 0) {
2130                 ecdh_c[i][0] = 1;
2131             }
2132         }
2133     }
2134     /* default iteration count for the last two EC Curves */
2135     ecdh_c[R_EC_X25519][0] = count / 1800;
2136     ecdh_c[R_EC_X448][0] = count / 7200;
2137 
2138     eddsa_c[R_EC_Ed25519][0] = count / 1800;
2139     eddsa_c[R_EC_Ed448][0] = count / 7200;
2140 #  endif
2141 
2142 # else
2143 /* not worth fixing */
2144 #  error "You cannot disable DES on systems without SIGALRM."
2145 # endif                         /* OPENSSL_NO_DES */
2146 #elif SIGALRM > 0
2147     signal(SIGALRM, alarmed);
2148 #endif                          /* SIGALRM */
2149 
2150 #ifndef OPENSSL_NO_MD2
2151     if (doit[D_MD2]) {
2152         for (testnum = 0; testnum < size_num; testnum++) {
2153             print_message(names[D_MD2], c[D_MD2][testnum], lengths[testnum],
2154                           seconds.sym);
2155             Time_F(START);
2156             count = run_benchmark(async_jobs, EVP_Digest_MD2_loop, loopargs);
2157             d = Time_F(STOP);
2158             print_result(D_MD2, testnum, count, d);
2159         }
2160     }
2161 #endif
2162 #ifndef OPENSSL_NO_MDC2
2163     if (doit[D_MDC2]) {
2164         for (testnum = 0; testnum < size_num; testnum++) {
2165             print_message(names[D_MDC2], c[D_MDC2][testnum], lengths[testnum],
2166                           seconds.sym);
2167             Time_F(START);
2168             count = run_benchmark(async_jobs, EVP_Digest_MDC2_loop, loopargs);
2169             d = Time_F(STOP);
2170             print_result(D_MDC2, testnum, count, d);
2171         }
2172     }
2173 #endif
2174 
2175 #ifndef OPENSSL_NO_MD4
2176     if (doit[D_MD4]) {
2177         for (testnum = 0; testnum < size_num; testnum++) {
2178             print_message(names[D_MD4], c[D_MD4][testnum], lengths[testnum],
2179                           seconds.sym);
2180             Time_F(START);
2181             count = run_benchmark(async_jobs, EVP_Digest_MD4_loop, loopargs);
2182             d = Time_F(STOP);
2183             print_result(D_MD4, testnum, count, d);
2184         }
2185     }
2186 #endif
2187 
2188 #ifndef OPENSSL_NO_MD5
2189     if (doit[D_MD5]) {
2190         for (testnum = 0; testnum < size_num; testnum++) {
2191             print_message(names[D_MD5], c[D_MD5][testnum], lengths[testnum],
2192                           seconds.sym);
2193             Time_F(START);
2194             count = run_benchmark(async_jobs, MD5_loop, loopargs);
2195             d = Time_F(STOP);
2196             print_result(D_MD5, testnum, count, d);
2197         }
2198     }
2199 
2200     if (doit[D_HMAC]) {
2201         static const char hmac_key[] = "This is a key...";
2202         int len = strlen(hmac_key);
2203 
2204         for (i = 0; i < loopargs_len; i++) {
2205             loopargs[i].hctx = HMAC_CTX_new();
2206             if (loopargs[i].hctx == NULL) {
2207                 BIO_printf(bio_err, "HMAC malloc failure, exiting...");
2208                 exit(1);
2209             }
2210 
2211             HMAC_Init_ex(loopargs[i].hctx, hmac_key, len, EVP_md5(), NULL);
2212         }
2213         for (testnum = 0; testnum < size_num; testnum++) {
2214             print_message(names[D_HMAC], c[D_HMAC][testnum], lengths[testnum],
2215                           seconds.sym);
2216             Time_F(START);
2217             count = run_benchmark(async_jobs, HMAC_loop, loopargs);
2218             d = Time_F(STOP);
2219             print_result(D_HMAC, testnum, count, d);
2220         }
2221         for (i = 0; i < loopargs_len; i++) {
2222             HMAC_CTX_free(loopargs[i].hctx);
2223         }
2224     }
2225 #endif
2226     if (doit[D_SHA1]) {
2227         for (testnum = 0; testnum < size_num; testnum++) {
2228             print_message(names[D_SHA1], c[D_SHA1][testnum], lengths[testnum],
2229                           seconds.sym);
2230             Time_F(START);
2231             count = run_benchmark(async_jobs, SHA1_loop, loopargs);
2232             d = Time_F(STOP);
2233             print_result(D_SHA1, testnum, count, d);
2234         }
2235     }
2236     if (doit[D_SHA256]) {
2237         for (testnum = 0; testnum < size_num; testnum++) {
2238             print_message(names[D_SHA256], c[D_SHA256][testnum],
2239                           lengths[testnum], seconds.sym);
2240             Time_F(START);
2241             count = run_benchmark(async_jobs, SHA256_loop, loopargs);
2242             d = Time_F(STOP);
2243             print_result(D_SHA256, testnum, count, d);
2244         }
2245     }
2246     if (doit[D_SHA512]) {
2247         for (testnum = 0; testnum < size_num; testnum++) {
2248             print_message(names[D_SHA512], c[D_SHA512][testnum],
2249                           lengths[testnum], seconds.sym);
2250             Time_F(START);
2251             count = run_benchmark(async_jobs, SHA512_loop, loopargs);
2252             d = Time_F(STOP);
2253             print_result(D_SHA512, testnum, count, d);
2254         }
2255     }
2256 #ifndef OPENSSL_NO_WHIRLPOOL
2257     if (doit[D_WHIRLPOOL]) {
2258         for (testnum = 0; testnum < size_num; testnum++) {
2259             print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][testnum],
2260                           lengths[testnum], seconds.sym);
2261             Time_F(START);
2262             count = run_benchmark(async_jobs, WHIRLPOOL_loop, loopargs);
2263             d = Time_F(STOP);
2264             print_result(D_WHIRLPOOL, testnum, count, d);
2265         }
2266     }
2267 #endif
2268 
2269 #ifndef OPENSSL_NO_RMD160
2270     if (doit[D_RMD160]) {
2271         for (testnum = 0; testnum < size_num; testnum++) {
2272             print_message(names[D_RMD160], c[D_RMD160][testnum],
2273                           lengths[testnum], seconds.sym);
2274             Time_F(START);
2275             count = run_benchmark(async_jobs, EVP_Digest_RMD160_loop, loopargs);
2276             d = Time_F(STOP);
2277             print_result(D_RMD160, testnum, count, d);
2278         }
2279     }
2280 #endif
2281 #ifndef OPENSSL_NO_RC4
2282     if (doit[D_RC4]) {
2283         for (testnum = 0; testnum < size_num; testnum++) {
2284             print_message(names[D_RC4], c[D_RC4][testnum], lengths[testnum],
2285                           seconds.sym);
2286             Time_F(START);
2287             count = run_benchmark(async_jobs, RC4_loop, loopargs);
2288             d = Time_F(STOP);
2289             print_result(D_RC4, testnum, count, d);
2290         }
2291     }
2292 #endif
2293 #ifndef OPENSSL_NO_DES
2294     if (doit[D_CBC_DES]) {
2295         for (testnum = 0; testnum < size_num; testnum++) {
2296             print_message(names[D_CBC_DES], c[D_CBC_DES][testnum],
2297                           lengths[testnum], seconds.sym);
2298             Time_F(START);
2299             count = run_benchmark(async_jobs, DES_ncbc_encrypt_loop, loopargs);
2300             d = Time_F(STOP);
2301             print_result(D_CBC_DES, testnum, count, d);
2302         }
2303     }
2304 
2305     if (doit[D_EDE3_DES]) {
2306         for (testnum = 0; testnum < size_num; testnum++) {
2307             print_message(names[D_EDE3_DES], c[D_EDE3_DES][testnum],
2308                           lengths[testnum], seconds.sym);
2309             Time_F(START);
2310             count =
2311                 run_benchmark(async_jobs, DES_ede3_cbc_encrypt_loop, loopargs);
2312             d = Time_F(STOP);
2313             print_result(D_EDE3_DES, testnum, count, d);
2314         }
2315     }
2316 #endif
2317 
2318     if (doit[D_CBC_128_AES]) {
2319         for (testnum = 0; testnum < size_num; testnum++) {
2320             print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][testnum],
2321                           lengths[testnum], seconds.sym);
2322             Time_F(START);
2323             count =
2324                 run_benchmark(async_jobs, AES_cbc_128_encrypt_loop, loopargs);
2325             d = Time_F(STOP);
2326             print_result(D_CBC_128_AES, testnum, count, d);
2327         }
2328     }
2329     if (doit[D_CBC_192_AES]) {
2330         for (testnum = 0; testnum < size_num; testnum++) {
2331             print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][testnum],
2332                           lengths[testnum], seconds.sym);
2333             Time_F(START);
2334             count =
2335                 run_benchmark(async_jobs, AES_cbc_192_encrypt_loop, loopargs);
2336             d = Time_F(STOP);
2337             print_result(D_CBC_192_AES, testnum, count, d);
2338         }
2339     }
2340     if (doit[D_CBC_256_AES]) {
2341         for (testnum = 0; testnum < size_num; testnum++) {
2342             print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][testnum],
2343                           lengths[testnum], seconds.sym);
2344             Time_F(START);
2345             count =
2346                 run_benchmark(async_jobs, AES_cbc_256_encrypt_loop, loopargs);
2347             d = Time_F(STOP);
2348             print_result(D_CBC_256_AES, testnum, count, d);
2349         }
2350     }
2351 
2352     if (doit[D_IGE_128_AES]) {
2353         for (testnum = 0; testnum < size_num; testnum++) {
2354             print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][testnum],
2355                           lengths[testnum], seconds.sym);
2356             Time_F(START);
2357             count =
2358                 run_benchmark(async_jobs, AES_ige_128_encrypt_loop, loopargs);
2359             d = Time_F(STOP);
2360             print_result(D_IGE_128_AES, testnum, count, d);
2361         }
2362     }
2363     if (doit[D_IGE_192_AES]) {
2364         for (testnum = 0; testnum < size_num; testnum++) {
2365             print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][testnum],
2366                           lengths[testnum], seconds.sym);
2367             Time_F(START);
2368             count =
2369                 run_benchmark(async_jobs, AES_ige_192_encrypt_loop, loopargs);
2370             d = Time_F(STOP);
2371             print_result(D_IGE_192_AES, testnum, count, d);
2372         }
2373     }
2374     if (doit[D_IGE_256_AES]) {
2375         for (testnum = 0; testnum < size_num; testnum++) {
2376             print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][testnum],
2377                           lengths[testnum], seconds.sym);
2378             Time_F(START);
2379             count =
2380                 run_benchmark(async_jobs, AES_ige_256_encrypt_loop, loopargs);
2381             d = Time_F(STOP);
2382             print_result(D_IGE_256_AES, testnum, count, d);
2383         }
2384     }
2385     if (doit[D_GHASH]) {
2386         for (i = 0; i < loopargs_len; i++) {
2387             loopargs[i].gcm_ctx =
2388                 CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
2389             CRYPTO_gcm128_setiv(loopargs[i].gcm_ctx,
2390                                 (unsigned char *)"0123456789ab", 12);
2391         }
2392 
2393         for (testnum = 0; testnum < size_num; testnum++) {
2394             print_message(names[D_GHASH], c[D_GHASH][testnum],
2395                           lengths[testnum], seconds.sym);
2396             Time_F(START);
2397             count = run_benchmark(async_jobs, CRYPTO_gcm128_aad_loop, loopargs);
2398             d = Time_F(STOP);
2399             print_result(D_GHASH, testnum, count, d);
2400         }
2401         for (i = 0; i < loopargs_len; i++)
2402             CRYPTO_gcm128_release(loopargs[i].gcm_ctx);
2403     }
2404 #ifndef OPENSSL_NO_CAMELLIA
2405     if (doit[D_CBC_128_CML]) {
2406         if (async_jobs > 0) {
2407             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2408                        names[D_CBC_128_CML]);
2409             doit[D_CBC_128_CML] = 0;
2410         }
2411         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2412             print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][testnum],
2413                           lengths[testnum], seconds.sym);
2414             Time_F(START);
2415             for (count = 0, run = 1; COND(c[D_CBC_128_CML][testnum]); count++)
2416                 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2417                                      (size_t)lengths[testnum], &camellia_ks1,
2418                                      iv, CAMELLIA_ENCRYPT);
2419             d = Time_F(STOP);
2420             print_result(D_CBC_128_CML, testnum, count, d);
2421         }
2422     }
2423     if (doit[D_CBC_192_CML]) {
2424         if (async_jobs > 0) {
2425             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2426                        names[D_CBC_192_CML]);
2427             doit[D_CBC_192_CML] = 0;
2428         }
2429         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2430             print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][testnum],
2431                           lengths[testnum], seconds.sym);
2432             if (async_jobs > 0) {
2433                 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2434                 exit(1);
2435             }
2436             Time_F(START);
2437             for (count = 0, run = 1; COND(c[D_CBC_192_CML][testnum]); count++)
2438                 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2439                                      (size_t)lengths[testnum], &camellia_ks2,
2440                                      iv, CAMELLIA_ENCRYPT);
2441             d = Time_F(STOP);
2442             print_result(D_CBC_192_CML, testnum, count, d);
2443         }
2444     }
2445     if (doit[D_CBC_256_CML]) {
2446         if (async_jobs > 0) {
2447             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2448                        names[D_CBC_256_CML]);
2449             doit[D_CBC_256_CML] = 0;
2450         }
2451         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2452             print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][testnum],
2453                           lengths[testnum], seconds.sym);
2454             Time_F(START);
2455             for (count = 0, run = 1; COND(c[D_CBC_256_CML][testnum]); count++)
2456                 Camellia_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2457                                      (size_t)lengths[testnum], &camellia_ks3,
2458                                      iv, CAMELLIA_ENCRYPT);
2459             d = Time_F(STOP);
2460             print_result(D_CBC_256_CML, testnum, count, d);
2461         }
2462     }
2463 #endif
2464 #ifndef OPENSSL_NO_IDEA
2465     if (doit[D_CBC_IDEA]) {
2466         if (async_jobs > 0) {
2467             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2468                        names[D_CBC_IDEA]);
2469             doit[D_CBC_IDEA] = 0;
2470         }
2471         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2472             print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][testnum],
2473                           lengths[testnum], seconds.sym);
2474             Time_F(START);
2475             for (count = 0, run = 1; COND(c[D_CBC_IDEA][testnum]); count++)
2476                 IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2477                                  (size_t)lengths[testnum], &idea_ks,
2478                                  iv, IDEA_ENCRYPT);
2479             d = Time_F(STOP);
2480             print_result(D_CBC_IDEA, testnum, count, d);
2481         }
2482     }
2483 #endif
2484 #ifndef OPENSSL_NO_SEED
2485     if (doit[D_CBC_SEED]) {
2486         if (async_jobs > 0) {
2487             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2488                        names[D_CBC_SEED]);
2489             doit[D_CBC_SEED] = 0;
2490         }
2491         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2492             print_message(names[D_CBC_SEED], c[D_CBC_SEED][testnum],
2493                           lengths[testnum], seconds.sym);
2494             Time_F(START);
2495             for (count = 0, run = 1; COND(c[D_CBC_SEED][testnum]); count++)
2496                 SEED_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2497                                  (size_t)lengths[testnum], &seed_ks, iv, 1);
2498             d = Time_F(STOP);
2499             print_result(D_CBC_SEED, testnum, count, d);
2500         }
2501     }
2502 #endif
2503 #ifndef OPENSSL_NO_RC2
2504     if (doit[D_CBC_RC2]) {
2505         if (async_jobs > 0) {
2506             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2507                        names[D_CBC_RC2]);
2508             doit[D_CBC_RC2] = 0;
2509         }
2510         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2511             print_message(names[D_CBC_RC2], c[D_CBC_RC2][testnum],
2512                           lengths[testnum], seconds.sym);
2513             if (async_jobs > 0) {
2514                 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2515                 exit(1);
2516             }
2517             Time_F(START);
2518             for (count = 0, run = 1; COND(c[D_CBC_RC2][testnum]); count++)
2519                 RC2_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2520                                 (size_t)lengths[testnum], &rc2_ks,
2521                                 iv, RC2_ENCRYPT);
2522             d = Time_F(STOP);
2523             print_result(D_CBC_RC2, testnum, count, d);
2524         }
2525     }
2526 #endif
2527 #ifndef OPENSSL_NO_RC5
2528     if (doit[D_CBC_RC5]) {
2529         if (async_jobs > 0) {
2530             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2531                        names[D_CBC_RC5]);
2532             doit[D_CBC_RC5] = 0;
2533         }
2534         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2535             print_message(names[D_CBC_RC5], c[D_CBC_RC5][testnum],
2536                           lengths[testnum], seconds.sym);
2537             if (async_jobs > 0) {
2538                 BIO_printf(bio_err, "Async mode is not supported, exiting...");
2539                 exit(1);
2540             }
2541             Time_F(START);
2542             for (count = 0, run = 1; COND(c[D_CBC_RC5][testnum]); count++)
2543                 RC5_32_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2544                                    (size_t)lengths[testnum], &rc5_ks,
2545                                    iv, RC5_ENCRYPT);
2546             d = Time_F(STOP);
2547             print_result(D_CBC_RC5, testnum, count, d);
2548         }
2549     }
2550 #endif
2551 #ifndef OPENSSL_NO_BF
2552     if (doit[D_CBC_BF]) {
2553         if (async_jobs > 0) {
2554             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2555                        names[D_CBC_BF]);
2556             doit[D_CBC_BF] = 0;
2557         }
2558         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2559             print_message(names[D_CBC_BF], c[D_CBC_BF][testnum],
2560                           lengths[testnum], seconds.sym);
2561             Time_F(START);
2562             for (count = 0, run = 1; COND(c[D_CBC_BF][testnum]); count++)
2563                 BF_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2564                                (size_t)lengths[testnum], &bf_ks,
2565                                iv, BF_ENCRYPT);
2566             d = Time_F(STOP);
2567             print_result(D_CBC_BF, testnum, count, d);
2568         }
2569     }
2570 #endif
2571 #ifndef OPENSSL_NO_CAST
2572     if (doit[D_CBC_CAST]) {
2573         if (async_jobs > 0) {
2574             BIO_printf(bio_err, "Async mode is not supported with %s\n",
2575                        names[D_CBC_CAST]);
2576             doit[D_CBC_CAST] = 0;
2577         }
2578         for (testnum = 0; testnum < size_num && async_init == 0; testnum++) {
2579             print_message(names[D_CBC_CAST], c[D_CBC_CAST][testnum],
2580                           lengths[testnum], seconds.sym);
2581             Time_F(START);
2582             for (count = 0, run = 1; COND(c[D_CBC_CAST][testnum]); count++)
2583                 CAST_cbc_encrypt(loopargs[0].buf, loopargs[0].buf,
2584                                  (size_t)lengths[testnum], &cast_ks,
2585                                  iv, CAST_ENCRYPT);
2586             d = Time_F(STOP);
2587             print_result(D_CBC_CAST, testnum, count, d);
2588         }
2589     }
2590 #endif
2591     if (doit[D_RAND]) {
2592         for (testnum = 0; testnum < size_num; testnum++) {
2593             print_message(names[D_RAND], c[D_RAND][testnum], lengths[testnum],
2594                           seconds.sym);
2595             Time_F(START);
2596             count = run_benchmark(async_jobs, RAND_bytes_loop, loopargs);
2597             d = Time_F(STOP);
2598             print_result(D_RAND, testnum, count, d);
2599         }
2600     }
2601 
2602     if (doit[D_EVP]) {
2603         if (evp_cipher != NULL) {
2604             int (*loopfunc)(void *args) = EVP_Update_loop;
2605 
2606             if (multiblock && (EVP_CIPHER_flags(evp_cipher) &
2607                                EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
2608                 multiblock_speed(evp_cipher, lengths_single, &seconds);
2609                 ret = 0;
2610                 goto end;
2611             }
2612 
2613             names[D_EVP] = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
2614 
2615             if (EVP_CIPHER_mode(evp_cipher) == EVP_CIPH_CCM_MODE) {
2616                 loopfunc = EVP_Update_loop_ccm;
2617             } else if (aead && (EVP_CIPHER_flags(evp_cipher) &
2618                                 EVP_CIPH_FLAG_AEAD_CIPHER)) {
2619                 loopfunc = EVP_Update_loop_aead;
2620                 if (lengths == lengths_list) {
2621                     lengths = aead_lengths_list;
2622                     size_num = OSSL_NELEM(aead_lengths_list);
2623                 }
2624             }
2625 
2626             for (testnum = 0; testnum < size_num; testnum++) {
2627                 print_message(names[D_EVP], save_count, lengths[testnum],
2628                               seconds.sym);
2629 
2630                 for (k = 0; k < loopargs_len; k++) {
2631                     loopargs[k].ctx = EVP_CIPHER_CTX_new();
2632                     if (loopargs[k].ctx == NULL) {
2633                         BIO_printf(bio_err, "\nEVP_CIPHER_CTX_new failure\n");
2634                         exit(1);
2635                     }
2636                     if (!EVP_CipherInit_ex(loopargs[k].ctx, evp_cipher, NULL,
2637                                            NULL, iv, decrypt ? 0 : 1)) {
2638                         BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2639                         ERR_print_errors(bio_err);
2640                         exit(1);
2641                     }
2642 
2643                     EVP_CIPHER_CTX_set_padding(loopargs[k].ctx, 0);
2644 
2645                     keylen = EVP_CIPHER_CTX_key_length(loopargs[k].ctx);
2646                     loopargs[k].key = app_malloc(keylen, "evp_cipher key");
2647                     EVP_CIPHER_CTX_rand_key(loopargs[k].ctx, loopargs[k].key);
2648                     if (!EVP_CipherInit_ex(loopargs[k].ctx, NULL, NULL,
2649                                            loopargs[k].key, NULL, -1)) {
2650                         BIO_printf(bio_err, "\nEVP_CipherInit_ex failure\n");
2651                         ERR_print_errors(bio_err);
2652                         exit(1);
2653                     }
2654                     OPENSSL_clear_free(loopargs[k].key, keylen);
2655                 }
2656 
2657                 Time_F(START);
2658                 count = run_benchmark(async_jobs, loopfunc, loopargs);
2659                 d = Time_F(STOP);
2660                 for (k = 0; k < loopargs_len; k++) {
2661                     EVP_CIPHER_CTX_free(loopargs[k].ctx);
2662                 }
2663                 print_result(D_EVP, testnum, count, d);
2664             }
2665         } else if (evp_md != NULL) {
2666             names[D_EVP] = OBJ_nid2ln(EVP_MD_type(evp_md));
2667 
2668             for (testnum = 0; testnum < size_num; testnum++) {
2669                 print_message(names[D_EVP], save_count, lengths[testnum],
2670                               seconds.sym);
2671                 Time_F(START);
2672                 count = run_benchmark(async_jobs, EVP_Digest_loop, loopargs);
2673                 d = Time_F(STOP);
2674                 print_result(D_EVP, testnum, count, d);
2675             }
2676         }
2677     }
2678 
2679     for (i = 0; i < loopargs_len; i++)
2680         if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2681             goto end;
2682 
2683 #ifndef OPENSSL_NO_RSA
2684     for (testnum = 0; testnum < RSA_NUM; testnum++) {
2685         int st = 0;
2686         if (!rsa_doit[testnum])
2687             continue;
2688         for (i = 0; i < loopargs_len; i++) {
2689             if (primes > 2) {
2690                 /* we haven't set keys yet,  generate multi-prime RSA keys */
2691                 BIGNUM *bn = BN_new();
2692 
2693                 if (bn == NULL)
2694                     goto end;
2695                 if (!BN_set_word(bn, RSA_F4)) {
2696                     BN_free(bn);
2697                     goto end;
2698                 }
2699 
2700                 BIO_printf(bio_err, "Generate multi-prime RSA key for %s\n",
2701                            rsa_choices[testnum].name);
2702 
2703                 loopargs[i].rsa_key[testnum] = RSA_new();
2704                 if (loopargs[i].rsa_key[testnum] == NULL) {
2705                     BN_free(bn);
2706                     goto end;
2707                 }
2708 
2709                 if (!RSA_generate_multi_prime_key(loopargs[i].rsa_key[testnum],
2710                                                   rsa_bits[testnum],
2711                                                   primes, bn, NULL)) {
2712                     BN_free(bn);
2713                     goto end;
2714                 }
2715                 BN_free(bn);
2716             }
2717             st = RSA_sign(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2718                           &loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2719             if (st == 0)
2720                 break;
2721         }
2722         if (st == 0) {
2723             BIO_printf(bio_err,
2724                        "RSA sign failure.  No RSA sign will be done.\n");
2725             ERR_print_errors(bio_err);
2726             rsa_count = 1;
2727         } else {
2728             pkey_print_message("private", "rsa",
2729                                rsa_c[testnum][0], rsa_bits[testnum],
2730                                seconds.rsa);
2731             /* RSA_blinding_on(rsa_key[testnum],NULL); */
2732             Time_F(START);
2733             count = run_benchmark(async_jobs, RSA_sign_loop, loopargs);
2734             d = Time_F(STOP);
2735             BIO_printf(bio_err,
2736                        mr ? "+R1:%ld:%d:%.2f\n"
2737                        : "%ld %u bits private RSA's in %.2fs\n",
2738                        count, rsa_bits[testnum], d);
2739             rsa_results[testnum][0] = (double)count / d;
2740             rsa_count = count;
2741         }
2742 
2743         for (i = 0; i < loopargs_len; i++) {
2744             st = RSA_verify(NID_md5_sha1, loopargs[i].buf, 36, loopargs[i].buf2,
2745                             loopargs[i].siglen, loopargs[i].rsa_key[testnum]);
2746             if (st <= 0)
2747                 break;
2748         }
2749         if (st <= 0) {
2750             BIO_printf(bio_err,
2751                        "RSA verify failure.  No RSA verify will be done.\n");
2752             ERR_print_errors(bio_err);
2753             rsa_doit[testnum] = 0;
2754         } else {
2755             pkey_print_message("public", "rsa",
2756                                rsa_c[testnum][1], rsa_bits[testnum],
2757                                seconds.rsa);
2758             Time_F(START);
2759             count = run_benchmark(async_jobs, RSA_verify_loop, loopargs);
2760             d = Time_F(STOP);
2761             BIO_printf(bio_err,
2762                        mr ? "+R2:%ld:%d:%.2f\n"
2763                        : "%ld %u bits public RSA's in %.2fs\n",
2764                        count, rsa_bits[testnum], d);
2765             rsa_results[testnum][1] = (double)count / d;
2766         }
2767 
2768         if (rsa_count <= 1) {
2769             /* if longer than 10s, don't do any more */
2770             for (testnum++; testnum < RSA_NUM; testnum++)
2771                 rsa_doit[testnum] = 0;
2772         }
2773     }
2774 #endif                          /* OPENSSL_NO_RSA */
2775 
2776     for (i = 0; i < loopargs_len; i++)
2777         if (RAND_bytes(loopargs[i].buf, 36) <= 0)
2778             goto end;
2779 
2780 #ifndef OPENSSL_NO_DSA
2781     for (testnum = 0; testnum < DSA_NUM; testnum++) {
2782         int st = 0;
2783         if (!dsa_doit[testnum])
2784             continue;
2785 
2786         /* DSA_generate_key(dsa_key[testnum]); */
2787         /* DSA_sign_setup(dsa_key[testnum],NULL); */
2788         for (i = 0; i < loopargs_len; i++) {
2789             st = DSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
2790                           &loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2791             if (st == 0)
2792                 break;
2793         }
2794         if (st == 0) {
2795             BIO_printf(bio_err,
2796                        "DSA sign failure.  No DSA sign will be done.\n");
2797             ERR_print_errors(bio_err);
2798             rsa_count = 1;
2799         } else {
2800             pkey_print_message("sign", "dsa",
2801                                dsa_c[testnum][0], dsa_bits[testnum],
2802                                seconds.dsa);
2803             Time_F(START);
2804             count = run_benchmark(async_jobs, DSA_sign_loop, loopargs);
2805             d = Time_F(STOP);
2806             BIO_printf(bio_err,
2807                        mr ? "+R3:%ld:%u:%.2f\n"
2808                        : "%ld %u bits DSA signs in %.2fs\n",
2809                        count, dsa_bits[testnum], d);
2810             dsa_results[testnum][0] = (double)count / d;
2811             rsa_count = count;
2812         }
2813 
2814         for (i = 0; i < loopargs_len; i++) {
2815             st = DSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
2816                             loopargs[i].siglen, loopargs[i].dsa_key[testnum]);
2817             if (st <= 0)
2818                 break;
2819         }
2820         if (st <= 0) {
2821             BIO_printf(bio_err,
2822                        "DSA verify failure.  No DSA verify will be done.\n");
2823             ERR_print_errors(bio_err);
2824             dsa_doit[testnum] = 0;
2825         } else {
2826             pkey_print_message("verify", "dsa",
2827                                dsa_c[testnum][1], dsa_bits[testnum],
2828                                seconds.dsa);
2829             Time_F(START);
2830             count = run_benchmark(async_jobs, DSA_verify_loop, loopargs);
2831             d = Time_F(STOP);
2832             BIO_printf(bio_err,
2833                        mr ? "+R4:%ld:%u:%.2f\n"
2834                        : "%ld %u bits DSA verify in %.2fs\n",
2835                        count, dsa_bits[testnum], d);
2836             dsa_results[testnum][1] = (double)count / d;
2837         }
2838 
2839         if (rsa_count <= 1) {
2840             /* if longer than 10s, don't do any more */
2841             for (testnum++; testnum < DSA_NUM; testnum++)
2842                 dsa_doit[testnum] = 0;
2843         }
2844     }
2845 #endif                          /* OPENSSL_NO_DSA */
2846 
2847 #ifndef OPENSSL_NO_EC
2848     for (testnum = 0; testnum < ECDSA_NUM; testnum++) {
2849         int st = 1;
2850 
2851         if (!ecdsa_doit[testnum])
2852             continue;           /* Ignore Curve */
2853         for (i = 0; i < loopargs_len; i++) {
2854             loopargs[i].ecdsa[testnum] =
2855                 EC_KEY_new_by_curve_name(test_curves[testnum].nid);
2856             if (loopargs[i].ecdsa[testnum] == NULL) {
2857                 st = 0;
2858                 break;
2859             }
2860         }
2861         if (st == 0) {
2862             BIO_printf(bio_err, "ECDSA failure.\n");
2863             ERR_print_errors(bio_err);
2864             rsa_count = 1;
2865         } else {
2866             for (i = 0; i < loopargs_len; i++) {
2867                 EC_KEY_precompute_mult(loopargs[i].ecdsa[testnum], NULL);
2868                 /* Perform ECDSA signature test */
2869                 EC_KEY_generate_key(loopargs[i].ecdsa[testnum]);
2870                 st = ECDSA_sign(0, loopargs[i].buf, 20, loopargs[i].buf2,
2871                                 &loopargs[i].siglen,
2872                                 loopargs[i].ecdsa[testnum]);
2873                 if (st == 0)
2874                     break;
2875             }
2876             if (st == 0) {
2877                 BIO_printf(bio_err,
2878                            "ECDSA sign failure.  No ECDSA sign will be done.\n");
2879                 ERR_print_errors(bio_err);
2880                 rsa_count = 1;
2881             } else {
2882                 pkey_print_message("sign", "ecdsa",
2883                                    ecdsa_c[testnum][0],
2884                                    test_curves[testnum].bits, seconds.ecdsa);
2885                 Time_F(START);
2886                 count = run_benchmark(async_jobs, ECDSA_sign_loop, loopargs);
2887                 d = Time_F(STOP);
2888 
2889                 BIO_printf(bio_err,
2890                            mr ? "+R5:%ld:%u:%.2f\n" :
2891                            "%ld %u bits ECDSA signs in %.2fs \n",
2892                            count, test_curves[testnum].bits, d);
2893                 ecdsa_results[testnum][0] = (double)count / d;
2894                 rsa_count = count;
2895             }
2896 
2897             /* Perform ECDSA verification test */
2898             for (i = 0; i < loopargs_len; i++) {
2899                 st = ECDSA_verify(0, loopargs[i].buf, 20, loopargs[i].buf2,
2900                                   loopargs[i].siglen,
2901                                   loopargs[i].ecdsa[testnum]);
2902                 if (st != 1)
2903                     break;
2904             }
2905             if (st != 1) {
2906                 BIO_printf(bio_err,
2907                            "ECDSA verify failure.  No ECDSA verify will be done.\n");
2908                 ERR_print_errors(bio_err);
2909                 ecdsa_doit[testnum] = 0;
2910             } else {
2911                 pkey_print_message("verify", "ecdsa",
2912                                    ecdsa_c[testnum][1],
2913                                    test_curves[testnum].bits, seconds.ecdsa);
2914                 Time_F(START);
2915                 count = run_benchmark(async_jobs, ECDSA_verify_loop, loopargs);
2916                 d = Time_F(STOP);
2917                 BIO_printf(bio_err,
2918                            mr ? "+R6:%ld:%u:%.2f\n"
2919                            : "%ld %u bits ECDSA verify in %.2fs\n",
2920                            count, test_curves[testnum].bits, d);
2921                 ecdsa_results[testnum][1] = (double)count / d;
2922             }
2923 
2924             if (rsa_count <= 1) {
2925                 /* if longer than 10s, don't do any more */
2926                 for (testnum++; testnum < ECDSA_NUM; testnum++)
2927                     ecdsa_doit[testnum] = 0;
2928             }
2929         }
2930     }
2931 
2932     for (testnum = 0; testnum < EC_NUM; testnum++) {
2933         int ecdh_checks = 1;
2934 
2935         if (!ecdh_doit[testnum])
2936             continue;
2937 
2938         for (i = 0; i < loopargs_len; i++) {
2939             EVP_PKEY_CTX *kctx = NULL;
2940             EVP_PKEY_CTX *test_ctx = NULL;
2941             EVP_PKEY_CTX *ctx = NULL;
2942             EVP_PKEY *key_A = NULL;
2943             EVP_PKEY *key_B = NULL;
2944             size_t outlen;
2945             size_t test_outlen;
2946 
2947             /* Ensure that the error queue is empty */
2948             if (ERR_peek_error()) {
2949                 BIO_printf(bio_err,
2950                            "WARNING: the error queue contains previous unhandled errors.\n");
2951                 ERR_print_errors(bio_err);
2952             }
2953 
2954             /* Let's try to create a ctx directly from the NID: this works for
2955              * curves like Curve25519 that are not implemented through the low
2956              * level EC interface.
2957              * If this fails we try creating a EVP_PKEY_EC generic param ctx,
2958              * then we set the curve by NID before deriving the actual keygen
2959              * ctx for that specific curve. */
2960             kctx = EVP_PKEY_CTX_new_id(test_curves[testnum].nid, NULL); /* keygen ctx from NID */
2961             if (!kctx) {
2962                 EVP_PKEY_CTX *pctx = NULL;
2963                 EVP_PKEY *params = NULL;
2964 
2965                 /* If we reach this code EVP_PKEY_CTX_new_id() failed and a
2966                  * "int_ctx_new:unsupported algorithm" error was added to the
2967                  * error queue.
2968                  * We remove it from the error queue as we are handling it. */
2969                 unsigned long error = ERR_peek_error(); /* peek the latest error in the queue */
2970                 if (error == ERR_peek_last_error() && /* oldest and latest errors match */
2971                     /* check that the error origin matches */
2972                     ERR_GET_LIB(error) == ERR_LIB_EVP &&
2973                     ERR_GET_FUNC(error) == EVP_F_INT_CTX_NEW &&
2974                     ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM)
2975                     ERR_get_error(); /* pop error from queue */
2976                 if (ERR_peek_error()) {
2977                     BIO_printf(bio_err,
2978                                "Unhandled error in the error queue during ECDH init.\n");
2979                     ERR_print_errors(bio_err);
2980                     rsa_count = 1;
2981                     break;
2982                 }
2983 
2984                 if (            /* Create the context for parameter generation */
2985                        !(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) ||
2986                        /* Initialise the parameter generation */
2987                        !EVP_PKEY_paramgen_init(pctx) ||
2988                        /* Set the curve by NID */
2989                        !EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
2990                                                                test_curves
2991                                                                [testnum].nid) ||
2992                        /* Create the parameter object params */
2993                        !EVP_PKEY_paramgen(pctx, &params)) {
2994                     ecdh_checks = 0;
2995                     BIO_printf(bio_err, "ECDH EC params init failure.\n");
2996                     ERR_print_errors(bio_err);
2997                     rsa_count = 1;
2998                     break;
2999                 }
3000                 /* Create the context for the key generation */
3001                 kctx = EVP_PKEY_CTX_new(params, NULL);
3002 
3003                 EVP_PKEY_free(params);
3004                 params = NULL;
3005                 EVP_PKEY_CTX_free(pctx);
3006                 pctx = NULL;
3007             }
3008             if (kctx == NULL ||      /* keygen ctx is not null */
3009                 !EVP_PKEY_keygen_init(kctx) /* init keygen ctx */ ) {
3010                 ecdh_checks = 0;
3011                 BIO_printf(bio_err, "ECDH keygen failure.\n");
3012                 ERR_print_errors(bio_err);
3013                 rsa_count = 1;
3014                 break;
3015             }
3016 
3017             if (!EVP_PKEY_keygen(kctx, &key_A) || /* generate secret key A */
3018                 !EVP_PKEY_keygen(kctx, &key_B) || /* generate secret key B */
3019                 !(ctx = EVP_PKEY_CTX_new(key_A, NULL)) || /* derivation ctx from skeyA */
3020                 !EVP_PKEY_derive_init(ctx) || /* init derivation ctx */
3021                 !EVP_PKEY_derive_set_peer(ctx, key_B) || /* set peer pubkey in ctx */
3022                 !EVP_PKEY_derive(ctx, NULL, &outlen) || /* determine max length */
3023                 outlen == 0 ||  /* ensure outlen is a valid size */
3024                 outlen > MAX_ECDH_SIZE /* avoid buffer overflow */ ) {
3025                 ecdh_checks = 0;
3026                 BIO_printf(bio_err, "ECDH key generation failure.\n");
3027                 ERR_print_errors(bio_err);
3028                 rsa_count = 1;
3029                 break;
3030             }
3031 
3032             /* Here we perform a test run, comparing the output of a*B and b*A;
3033              * we try this here and assume that further EVP_PKEY_derive calls
3034              * never fail, so we can skip checks in the actually benchmarked
3035              * code, for maximum performance. */
3036             if (!(test_ctx = EVP_PKEY_CTX_new(key_B, NULL)) || /* test ctx from skeyB */
3037                 !EVP_PKEY_derive_init(test_ctx) || /* init derivation test_ctx */
3038                 !EVP_PKEY_derive_set_peer(test_ctx, key_A) || /* set peer pubkey in test_ctx */
3039                 !EVP_PKEY_derive(test_ctx, NULL, &test_outlen) || /* determine max length */
3040                 !EVP_PKEY_derive(ctx, loopargs[i].secret_a, &outlen) || /* compute a*B */
3041                 !EVP_PKEY_derive(test_ctx, loopargs[i].secret_b, &test_outlen) || /* compute b*A */
3042                 test_outlen != outlen /* compare output length */ ) {
3043                 ecdh_checks = 0;
3044                 BIO_printf(bio_err, "ECDH computation failure.\n");
3045                 ERR_print_errors(bio_err);
3046                 rsa_count = 1;
3047                 break;
3048             }
3049 
3050             /* Compare the computation results: CRYPTO_memcmp() returns 0 if equal */
3051             if (CRYPTO_memcmp(loopargs[i].secret_a,
3052                               loopargs[i].secret_b, outlen)) {
3053                 ecdh_checks = 0;
3054                 BIO_printf(bio_err, "ECDH computations don't match.\n");
3055                 ERR_print_errors(bio_err);
3056                 rsa_count = 1;
3057                 break;
3058             }
3059 
3060             loopargs[i].ecdh_ctx[testnum] = ctx;
3061             loopargs[i].outlen[testnum] = outlen;
3062 
3063             EVP_PKEY_free(key_A);
3064             EVP_PKEY_free(key_B);
3065             EVP_PKEY_CTX_free(kctx);
3066             kctx = NULL;
3067             EVP_PKEY_CTX_free(test_ctx);
3068             test_ctx = NULL;
3069         }
3070         if (ecdh_checks != 0) {
3071             pkey_print_message("", "ecdh",
3072                                ecdh_c[testnum][0],
3073                                test_curves[testnum].bits, seconds.ecdh);
3074             Time_F(START);
3075             count =
3076                 run_benchmark(async_jobs, ECDH_EVP_derive_key_loop, loopargs);
3077             d = Time_F(STOP);
3078             BIO_printf(bio_err,
3079                        mr ? "+R7:%ld:%d:%.2f\n" :
3080                        "%ld %u-bits ECDH ops in %.2fs\n", count,
3081                        test_curves[testnum].bits, d);
3082             ecdh_results[testnum][0] = (double)count / d;
3083             rsa_count = count;
3084         }
3085 
3086         if (rsa_count <= 1) {
3087             /* if longer than 10s, don't do any more */
3088             for (testnum++; testnum < OSSL_NELEM(ecdh_doit); testnum++)
3089                 ecdh_doit[testnum] = 0;
3090         }
3091     }
3092 
3093     for (testnum = 0; testnum < EdDSA_NUM; testnum++) {
3094         int st = 1;
3095         EVP_PKEY *ed_pkey = NULL;
3096         EVP_PKEY_CTX *ed_pctx = NULL;
3097 
3098         if (!eddsa_doit[testnum])
3099             continue;           /* Ignore Curve */
3100         for (i = 0; i < loopargs_len; i++) {
3101             loopargs[i].eddsa_ctx[testnum] = EVP_MD_CTX_new();
3102             if (loopargs[i].eddsa_ctx[testnum] == NULL) {
3103                 st = 0;
3104                 break;
3105             }
3106 
3107             if ((ed_pctx = EVP_PKEY_CTX_new_id(test_ed_curves[testnum].nid, NULL))
3108                     == NULL
3109                 || !EVP_PKEY_keygen_init(ed_pctx)
3110                 || !EVP_PKEY_keygen(ed_pctx, &ed_pkey)) {
3111                 st = 0;
3112                 EVP_PKEY_CTX_free(ed_pctx);
3113                 break;
3114             }
3115             EVP_PKEY_CTX_free(ed_pctx);
3116 
3117             if (!EVP_DigestSignInit(loopargs[i].eddsa_ctx[testnum], NULL, NULL,
3118                                     NULL, ed_pkey)) {
3119                 st = 0;
3120                 EVP_PKEY_free(ed_pkey);
3121                 break;
3122             }
3123             EVP_PKEY_free(ed_pkey);
3124         }
3125         if (st == 0) {
3126             BIO_printf(bio_err, "EdDSA failure.\n");
3127             ERR_print_errors(bio_err);
3128             rsa_count = 1;
3129         } else {
3130             for (i = 0; i < loopargs_len; i++) {
3131                 /* Perform EdDSA signature test */
3132                 loopargs[i].sigsize = test_ed_curves[testnum].sigsize;
3133                 st = EVP_DigestSign(loopargs[i].eddsa_ctx[testnum],
3134                                     loopargs[i].buf2, &loopargs[i].sigsize,
3135                                     loopargs[i].buf, 20);
3136                 if (st == 0)
3137                     break;
3138             }
3139             if (st == 0) {
3140                 BIO_printf(bio_err,
3141                            "EdDSA sign failure.  No EdDSA sign will be done.\n");
3142                 ERR_print_errors(bio_err);
3143                 rsa_count = 1;
3144             } else {
3145                 pkey_print_message("sign", test_ed_curves[testnum].name,
3146                                    eddsa_c[testnum][0],
3147                                    test_ed_curves[testnum].bits, seconds.eddsa);
3148                 Time_F(START);
3149                 count = run_benchmark(async_jobs, EdDSA_sign_loop, loopargs);
3150                 d = Time_F(STOP);
3151 
3152                 BIO_printf(bio_err,
3153                            mr ? "+R8:%ld:%u:%s:%.2f\n" :
3154                            "%ld %u bits %s signs in %.2fs \n",
3155                            count, test_ed_curves[testnum].bits,
3156                            test_ed_curves[testnum].name, d);
3157                 eddsa_results[testnum][0] = (double)count / d;
3158                 rsa_count = count;
3159             }
3160 
3161             /* Perform EdDSA verification test */
3162             for (i = 0; i < loopargs_len; i++) {
3163                 st = EVP_DigestVerify(loopargs[i].eddsa_ctx[testnum],
3164                                       loopargs[i].buf2, loopargs[i].sigsize,
3165                                       loopargs[i].buf, 20);
3166                 if (st != 1)
3167                     break;
3168             }
3169             if (st != 1) {
3170                 BIO_printf(bio_err,
3171                            "EdDSA verify failure.  No EdDSA verify will be done.\n");
3172                 ERR_print_errors(bio_err);
3173                 eddsa_doit[testnum] = 0;
3174             } else {
3175                 pkey_print_message("verify", test_ed_curves[testnum].name,
3176                                    eddsa_c[testnum][1],
3177                                    test_ed_curves[testnum].bits, seconds.eddsa);
3178                 Time_F(START);
3179                 count = run_benchmark(async_jobs, EdDSA_verify_loop, loopargs);
3180                 d = Time_F(STOP);
3181                 BIO_printf(bio_err,
3182                            mr ? "+R9:%ld:%u:%s:%.2f\n"
3183                            : "%ld %u bits %s verify in %.2fs\n",
3184                            count, test_ed_curves[testnum].bits,
3185                            test_ed_curves[testnum].name, d);
3186                 eddsa_results[testnum][1] = (double)count / d;
3187             }
3188 
3189             if (rsa_count <= 1) {
3190                 /* if longer than 10s, don't do any more */
3191                 for (testnum++; testnum < EdDSA_NUM; testnum++)
3192                     eddsa_doit[testnum] = 0;
3193             }
3194         }
3195     }
3196 
3197 #endif                          /* OPENSSL_NO_EC */
3198 #ifndef NO_FORK
3199  show_res:
3200 #endif
3201     if (!mr) {
3202         printf("%s\n", OpenSSL_version(OPENSSL_VERSION));
3203         printf("%s\n", OpenSSL_version(OPENSSL_BUILT_ON));
3204         printf("options:");
3205         printf("%s ", BN_options());
3206 #ifndef OPENSSL_NO_MD2
3207         printf("%s ", MD2_options());
3208 #endif
3209 #ifndef OPENSSL_NO_RC4
3210         printf("%s ", RC4_options());
3211 #endif
3212 #ifndef OPENSSL_NO_DES
3213         printf("%s ", DES_options());
3214 #endif
3215         printf("%s ", AES_options());
3216 #ifndef OPENSSL_NO_IDEA
3217         printf("%s ", IDEA_options());
3218 #endif
3219 #ifndef OPENSSL_NO_BF
3220         printf("%s ", BF_options());
3221 #endif
3222         printf("\n%s\n", OpenSSL_version(OPENSSL_CFLAGS));
3223     }
3224 
3225     if (pr_header) {
3226         if (mr)
3227             printf("+H");
3228         else {
3229             printf
3230                 ("The 'numbers' are in 1000s of bytes per second processed.\n");
3231             printf("type        ");
3232         }
3233         for (testnum = 0; testnum < size_num; testnum++)
3234             printf(mr ? ":%d" : "%7d bytes", lengths[testnum]);
3235         printf("\n");
3236     }
3237 
3238     for (k = 0; k < ALGOR_NUM; k++) {
3239         if (!doit[k])
3240             continue;
3241         if (mr)
3242             printf("+F:%u:%s", k, names[k]);
3243         else
3244             printf("%-13s", names[k]);
3245         for (testnum = 0; testnum < size_num; testnum++) {
3246             if (results[k][testnum] > 10000 && !mr)
3247                 printf(" %11.2fk", results[k][testnum] / 1e3);
3248             else
3249                 printf(mr ? ":%.2f" : " %11.2f ", results[k][testnum]);
3250         }
3251         printf("\n");
3252     }
3253 #ifndef OPENSSL_NO_RSA
3254     testnum = 1;
3255     for (k = 0; k < RSA_NUM; k++) {
3256         if (!rsa_doit[k])
3257             continue;
3258         if (testnum && !mr) {
3259             printf("%18ssign    verify    sign/s verify/s\n", " ");
3260             testnum = 0;
3261         }
3262         if (mr)
3263             printf("+F2:%u:%u:%f:%f\n",
3264                    k, rsa_bits[k], rsa_results[k][0], rsa_results[k][1]);
3265         else
3266             printf("rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3267                    rsa_bits[k], 1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1],
3268                    rsa_results[k][0], rsa_results[k][1]);
3269     }
3270 #endif
3271 #ifndef OPENSSL_NO_DSA
3272     testnum = 1;
3273     for (k = 0; k < DSA_NUM; k++) {
3274         if (!dsa_doit[k])
3275             continue;
3276         if (testnum && !mr) {
3277             printf("%18ssign    verify    sign/s verify/s\n", " ");
3278             testnum = 0;
3279         }
3280         if (mr)
3281             printf("+F3:%u:%u:%f:%f\n",
3282                    k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
3283         else
3284             printf("dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
3285                    dsa_bits[k], 1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1],
3286                    dsa_results[k][0], dsa_results[k][1]);
3287     }
3288 #endif
3289 #ifndef OPENSSL_NO_EC
3290     testnum = 1;
3291     for (k = 0; k < OSSL_NELEM(ecdsa_doit); k++) {
3292         if (!ecdsa_doit[k])
3293             continue;
3294         if (testnum && !mr) {
3295             printf("%30ssign    verify    sign/s verify/s\n", " ");
3296             testnum = 0;
3297         }
3298 
3299         if (mr)
3300             printf("+F4:%u:%u:%f:%f\n",
3301                    k, test_curves[k].bits,
3302                    ecdsa_results[k][0], ecdsa_results[k][1]);
3303         else
3304             printf("%4u bits ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3305                    test_curves[k].bits, test_curves[k].name,
3306                    1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1],
3307                    ecdsa_results[k][0], ecdsa_results[k][1]);
3308     }
3309 
3310     testnum = 1;
3311     for (k = 0; k < EC_NUM; k++) {
3312         if (!ecdh_doit[k])
3313             continue;
3314         if (testnum && !mr) {
3315             printf("%30sop      op/s\n", " ");
3316             testnum = 0;
3317         }
3318         if (mr)
3319             printf("+F5:%u:%u:%f:%f\n",
3320                    k, test_curves[k].bits,
3321                    ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
3322 
3323         else
3324             printf("%4u bits ecdh (%s) %8.4fs %8.1f\n",
3325                    test_curves[k].bits, test_curves[k].name,
3326                    1.0 / ecdh_results[k][0], ecdh_results[k][0]);
3327     }
3328 
3329     testnum = 1;
3330     for (k = 0; k < OSSL_NELEM(eddsa_doit); k++) {
3331         if (!eddsa_doit[k])
3332             continue;
3333         if (testnum && !mr) {
3334             printf("%30ssign    verify    sign/s verify/s\n", " ");
3335             testnum = 0;
3336         }
3337 
3338         if (mr)
3339             printf("+F6:%u:%u:%s:%f:%f\n",
3340                    k, test_ed_curves[k].bits, test_ed_curves[k].name,
3341                    eddsa_results[k][0], eddsa_results[k][1]);
3342         else
3343             printf("%4u bits EdDSA (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
3344                    test_ed_curves[k].bits, test_ed_curves[k].name,
3345                    1.0 / eddsa_results[k][0], 1.0 / eddsa_results[k][1],
3346                    eddsa_results[k][0], eddsa_results[k][1]);
3347     }
3348 #endif
3349 
3350     ret = 0;
3351 
3352  end:
3353     ERR_print_errors(bio_err);
3354     for (i = 0; i < loopargs_len; i++) {
3355         OPENSSL_free(loopargs[i].buf_malloc);
3356         OPENSSL_free(loopargs[i].buf2_malloc);
3357 
3358 #ifndef OPENSSL_NO_RSA
3359         for (k = 0; k < RSA_NUM; k++)
3360             RSA_free(loopargs[i].rsa_key[k]);
3361 #endif
3362 #ifndef OPENSSL_NO_DSA
3363         for (k = 0; k < DSA_NUM; k++)
3364             DSA_free(loopargs[i].dsa_key[k]);
3365 #endif
3366 #ifndef OPENSSL_NO_EC
3367         for (k = 0; k < ECDSA_NUM; k++)
3368             EC_KEY_free(loopargs[i].ecdsa[k]);
3369         for (k = 0; k < EC_NUM; k++)
3370             EVP_PKEY_CTX_free(loopargs[i].ecdh_ctx[k]);
3371         for (k = 0; k < EdDSA_NUM; k++)
3372             EVP_MD_CTX_free(loopargs[i].eddsa_ctx[k]);
3373         OPENSSL_free(loopargs[i].secret_a);
3374         OPENSSL_free(loopargs[i].secret_b);
3375 #endif
3376     }
3377 
3378     if (async_jobs > 0) {
3379         for (i = 0; i < loopargs_len; i++)
3380             ASYNC_WAIT_CTX_free(loopargs[i].wait_ctx);
3381     }
3382 
3383     if (async_init) {
3384         ASYNC_cleanup_thread();
3385     }
3386     OPENSSL_free(loopargs);
3387     release_engine(e);
3388     return ret;
3389 }
3390 
3391 static void print_message(const char *s, long num, int length, int tm)
3392 {
3393 #ifdef SIGALRM
3394     BIO_printf(bio_err,
3395                mr ? "+DT:%s:%d:%d\n"
3396                : "Doing %s for %ds on %d size blocks: ", s, tm, length);
3397     (void)BIO_flush(bio_err);
3398     alarm(tm);
3399 #else
3400     BIO_printf(bio_err,
3401                mr ? "+DN:%s:%ld:%d\n"
3402                : "Doing %s %ld times on %d size blocks: ", s, num, length);
3403     (void)BIO_flush(bio_err);
3404 #endif
3405 }
3406 
3407 static void pkey_print_message(const char *str, const char *str2, long num,
3408                                unsigned int bits, int tm)
3409 {
3410 #ifdef SIGALRM
3411     BIO_printf(bio_err,
3412                mr ? "+DTP:%d:%s:%s:%d\n"
3413                : "Doing %u bits %s %s's for %ds: ", bits, str, str2, tm);
3414     (void)BIO_flush(bio_err);
3415     alarm(tm);
3416 #else
3417     BIO_printf(bio_err,
3418                mr ? "+DNP:%ld:%d:%s:%s\n"
3419                : "Doing %ld %u bits %s %s's: ", num, bits, str, str2);
3420     (void)BIO_flush(bio_err);
3421 #endif
3422 }
3423 
3424 static void print_result(int alg, int run_no, int count, double time_used)
3425 {
3426     if (count == -1) {
3427         BIO_puts(bio_err, "EVP error!\n");
3428         exit(1);
3429     }
3430     BIO_printf(bio_err,
3431                mr ? "+R:%d:%s:%f\n"
3432                : "%d %s's in %.2fs\n", count, names[alg], time_used);
3433     results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
3434 }
3435 
3436 #ifndef NO_FORK
3437 static char *sstrsep(char **string, const char *delim)
3438 {
3439     char isdelim[256];
3440     char *token = *string;
3441 
3442     if (**string == 0)
3443         return NULL;
3444 
3445     memset(isdelim, 0, sizeof(isdelim));
3446     isdelim[0] = 1;
3447 
3448     while (*delim) {
3449         isdelim[(unsigned char)(*delim)] = 1;
3450         delim++;
3451     }
3452 
3453     while (!isdelim[(unsigned char)(**string)]) {
3454         (*string)++;
3455     }
3456 
3457     if (**string) {
3458         **string = 0;
3459         (*string)++;
3460     }
3461 
3462     return token;
3463 }
3464 
3465 static int do_multi(int multi, int size_num)
3466 {
3467     int n;
3468     int fd[2];
3469     int *fds;
3470     static char sep[] = ":";
3471 
3472     fds = app_malloc(sizeof(*fds) * multi, "fd buffer for do_multi");
3473     for (n = 0; n < multi; ++n) {
3474         if (pipe(fd) == -1) {
3475             BIO_printf(bio_err, "pipe failure\n");
3476             exit(1);
3477         }
3478         fflush(stdout);
3479         (void)BIO_flush(bio_err);
3480         if (fork()) {
3481             close(fd[1]);
3482             fds[n] = fd[0];
3483         } else {
3484             close(fd[0]);
3485             close(1);
3486             if (dup(fd[1]) == -1) {
3487                 BIO_printf(bio_err, "dup failed\n");
3488                 exit(1);
3489             }
3490             close(fd[1]);
3491             mr = 1;
3492             usertime = 0;
3493             free(fds);
3494             return 0;
3495         }
3496         printf("Forked child %d\n", n);
3497     }
3498 
3499     /* for now, assume the pipe is long enough to take all the output */
3500     for (n = 0; n < multi; ++n) {
3501         FILE *f;
3502         char buf[1024];
3503         char *p;
3504 
3505         f = fdopen(fds[n], "r");
3506         while (fgets(buf, sizeof(buf), f)) {
3507             p = strchr(buf, '\n');
3508             if (p)
3509                 *p = '\0';
3510             if (buf[0] != '+') {
3511                 BIO_printf(bio_err,
3512                            "Don't understand line '%s' from child %d\n", buf,
3513                            n);
3514                 continue;
3515             }
3516             printf("Got: %s from %d\n", buf, n);
3517             if (strncmp(buf, "+F:", 3) == 0) {
3518                 int alg;
3519                 int j;
3520 
3521                 p = buf + 3;
3522                 alg = atoi(sstrsep(&p, sep));
3523                 sstrsep(&p, sep);
3524                 for (j = 0; j < size_num; ++j)
3525                     results[alg][j] += atof(sstrsep(&p, sep));
3526             } else if (strncmp(buf, "+F2:", 4) == 0) {
3527                 int k;
3528                 double d;
3529 
3530                 p = buf + 4;
3531                 k = atoi(sstrsep(&p, sep));
3532                 sstrsep(&p, sep);
3533 
3534                 d = atof(sstrsep(&p, sep));
3535                 rsa_results[k][0] += d;
3536 
3537                 d = atof(sstrsep(&p, sep));
3538                 rsa_results[k][1] += d;
3539             }
3540 # ifndef OPENSSL_NO_DSA
3541             else if (strncmp(buf, "+F3:", 4) == 0) {
3542                 int k;
3543                 double d;
3544 
3545                 p = buf + 4;
3546                 k = atoi(sstrsep(&p, sep));
3547                 sstrsep(&p, sep);
3548 
3549                 d = atof(sstrsep(&p, sep));
3550                 dsa_results[k][0] += d;
3551 
3552                 d = atof(sstrsep(&p, sep));
3553                 dsa_results[k][1] += d;
3554             }
3555 # endif
3556 # ifndef OPENSSL_NO_EC
3557             else if (strncmp(buf, "+F4:", 4) == 0) {
3558                 int k;
3559                 double d;
3560 
3561                 p = buf + 4;
3562                 k = atoi(sstrsep(&p, sep));
3563                 sstrsep(&p, sep);
3564 
3565                 d = atof(sstrsep(&p, sep));
3566                 ecdsa_results[k][0] += d;
3567 
3568                 d = atof(sstrsep(&p, sep));
3569                 ecdsa_results[k][1] += d;
3570             } else if (strncmp(buf, "+F5:", 4) == 0) {
3571                 int k;
3572                 double d;
3573 
3574                 p = buf + 4;
3575                 k = atoi(sstrsep(&p, sep));
3576                 sstrsep(&p, sep);
3577 
3578                 d = atof(sstrsep(&p, sep));
3579                 ecdh_results[k][0] += d;
3580             } else if (strncmp(buf, "+F6:", 4) == 0) {
3581                 int k;
3582                 double d;
3583 
3584                 p = buf + 4;
3585                 k = atoi(sstrsep(&p, sep));
3586                 sstrsep(&p, sep);
3587 
3588                 d = atof(sstrsep(&p, sep));
3589                 eddsa_results[k][0] += d;
3590 
3591                 d = atof(sstrsep(&p, sep));
3592                 eddsa_results[k][1] += d;
3593             }
3594 # endif
3595 
3596             else if (strncmp(buf, "+H:", 3) == 0) {
3597                 ;
3598             } else
3599                 BIO_printf(bio_err, "Unknown type '%s' from child %d\n", buf,
3600                            n);
3601         }
3602 
3603         fclose(f);
3604     }
3605     free(fds);
3606     return 1;
3607 }
3608 #endif
3609 
3610 static void multiblock_speed(const EVP_CIPHER *evp_cipher, int lengths_single,
3611                              const openssl_speed_sec_t *seconds)
3612 {
3613     static const int mblengths_list[] =
3614         { 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 };
3615     const int *mblengths = mblengths_list;
3616     int j, count, keylen, num = OSSL_NELEM(mblengths_list);
3617     const char *alg_name;
3618     unsigned char *inp, *out, *key, no_key[32], no_iv[16];
3619     EVP_CIPHER_CTX *ctx;
3620     double d = 0.0;
3621 
3622     if (lengths_single) {
3623         mblengths = &lengths_single;
3624         num = 1;
3625     }
3626 
3627     inp = app_malloc(mblengths[num - 1], "multiblock input buffer");
3628     out = app_malloc(mblengths[num - 1] + 1024, "multiblock output buffer");
3629     ctx = EVP_CIPHER_CTX_new();
3630     EVP_EncryptInit_ex(ctx, evp_cipher, NULL, NULL, no_iv);
3631 
3632     keylen = EVP_CIPHER_CTX_key_length(ctx);
3633     key = app_malloc(keylen, "evp_cipher key");
3634     EVP_CIPHER_CTX_rand_key(ctx, key);
3635     EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL);
3636     OPENSSL_clear_free(key, keylen);
3637 
3638     EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key), no_key);
3639     alg_name = OBJ_nid2ln(EVP_CIPHER_nid(evp_cipher));
3640 
3641     for (j = 0; j < num; j++) {
3642         print_message(alg_name, 0, mblengths[j], seconds->sym);
3643         Time_F(START);
3644         for (count = 0, run = 1; run && count < 0x7fffffff; count++) {
3645             unsigned char aad[EVP_AEAD_TLS1_AAD_LEN];
3646             EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
3647             size_t len = mblengths[j];
3648             int packlen;
3649 
3650             memset(aad, 0, 8);  /* avoid uninitialized values */
3651             aad[8] = 23;        /* SSL3_RT_APPLICATION_DATA */
3652             aad[9] = 3;         /* version */
3653             aad[10] = 2;
3654             aad[11] = 0;        /* length */
3655             aad[12] = 0;
3656             mb_param.out = NULL;
3657             mb_param.inp = aad;
3658             mb_param.len = len;
3659             mb_param.interleave = 8;
3660 
3661             packlen = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
3662                                           sizeof(mb_param), &mb_param);
3663 
3664             if (packlen > 0) {
3665                 mb_param.out = out;
3666                 mb_param.inp = inp;
3667                 mb_param.len = len;
3668                 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
3669                                     sizeof(mb_param), &mb_param);
3670             } else {
3671                 int pad;
3672 
3673                 RAND_bytes(out, 16);
3674                 len += 16;
3675                 aad[11] = (unsigned char)(len >> 8);
3676                 aad[12] = (unsigned char)(len);
3677                 pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD,
3678                                           EVP_AEAD_TLS1_AAD_LEN, aad);
3679                 EVP_Cipher(ctx, out, inp, len + pad);
3680             }
3681         }
3682         d = Time_F(STOP);
3683         BIO_printf(bio_err, mr ? "+R:%d:%s:%f\n"
3684                    : "%d %s's in %.2fs\n", count, "evp", d);
3685         results[D_EVP][j] = ((double)count) / d * mblengths[j];
3686     }
3687 
3688     if (mr) {
3689         fprintf(stdout, "+H");
3690         for (j = 0; j < num; j++)
3691             fprintf(stdout, ":%d", mblengths[j]);
3692         fprintf(stdout, "\n");
3693         fprintf(stdout, "+F:%d:%s", D_EVP, alg_name);
3694         for (j = 0; j < num; j++)
3695             fprintf(stdout, ":%.2f", results[D_EVP][j]);
3696         fprintf(stdout, "\n");
3697     } else {
3698         fprintf(stdout,
3699                 "The 'numbers' are in 1000s of bytes per second processed.\n");
3700         fprintf(stdout, "type                    ");
3701         for (j = 0; j < num; j++)
3702             fprintf(stdout, "%7d bytes", mblengths[j]);
3703         fprintf(stdout, "\n");
3704         fprintf(stdout, "%-24s", alg_name);
3705 
3706         for (j = 0; j < num; j++) {
3707             if (results[D_EVP][j] > 10000)
3708                 fprintf(stdout, " %11.2fk", results[D_EVP][j] / 1e3);
3709             else
3710                 fprintf(stdout, " %11.2f ", results[D_EVP][j]);
3711         }
3712         fprintf(stdout, "\n");
3713     }
3714 
3715     OPENSSL_free(inp);
3716     OPENSSL_free(out);
3717     EVP_CIPHER_CTX_free(ctx);
3718 }
3719