Merge with sync sequoia_windows
authorThomas
Mon, 03 Jun 2019 07:44:56 +0200
branchsequoia_windows
changeset 3800fb9769f33508
parent 3795 8a86eb681032
parent 3799 5f0990b24c15
child 3807 9c8a6cc4eb8d
Merge with sync
src/pgp_sequoia.c
     1.1 --- a/src/pEp_internal.h	Fri May 31 12:51:28 2019 +0200
     1.2 +++ b/src/pEp_internal.h	Mon Jun 03 07:44:56 2019 +0200
     1.3 @@ -144,6 +144,7 @@
     1.4          sqlite3_stmt *tpk_save_insert_primary;
     1.5          sqlite3_stmt *tpk_save_insert_subkeys;
     1.6          sqlite3_stmt *tpk_save_insert_userids;
     1.7 +        sqlite3_stmt *delete_keypair;
     1.8      } sq_sql;
     1.9  #endif
    1.10  
     2.1 --- a/src/pgp_sequoia.c	Fri May 31 12:51:28 2019 +0200
     2.2 +++ b/src/pgp_sequoia.c	Mon Jun 03 07:44:56 2019 +0200
     2.3 @@ -141,9 +141,13 @@
     2.4  
     2.5      char *a_address = NULL;
     2.6      pgp_user_id_address_normalized(NULL, a_userid, &a_address);
     2.7 +    if (!a_address)
     2.8 +        pgp_user_id_other(NULL, a_userid, &a_address);
     2.9  
    2.10      char *b_address = NULL;
    2.11      pgp_user_id_address_normalized(NULL, b_userid, &b_address);
    2.12 +    if (!b_address)
    2.13 +        pgp_user_id_other(NULL, b_userid, &b_address);
    2.14  
    2.15      pgp_packet_free(a_userid);
    2.16      pgp_packet_free(b_userid);
    2.17 @@ -405,6 +409,12 @@
    2.18                               -1, &session->sq_sql.tpk_save_insert_userids, NULL);
    2.19      assert(sqlite_result == SQLITE_OK);
    2.20  
    2.21 +    sqlite_result
    2.22 +        = sqlite3_prepare_v2(session->key_db,
    2.23 +                             "DELETE FROM keys WHERE primary_key = ?",
    2.24 +                             -1, &session->sq_sql.delete_keypair, NULL);
    2.25 +    assert(sqlite_result == SQLITE_OK);
    2.26 +
    2.27   out:
    2.28      if (status != PEP_STATUS_OK)
    2.29          pgp_release(session, in_first);
    2.30 @@ -430,8 +440,6 @@
    2.31      }
    2.32  }
    2.33  
    2.34 -/* commented out to omit compiler warning about unused function
    2.35 -
    2.36  // Ensures that a fingerprint is in canonical form.  A canonical
    2.37  // fingerprint doesn't contain any white space.
    2.38  //
    2.39 @@ -446,8 +454,6 @@
    2.40      return fpr_canonicalized;
    2.41  }
    2.42  
    2.43 -*/
    2.44 -
    2.45  // step statement and load the tpk and secret.
    2.46  static PEP_STATUS key_load(PEP_SESSION, sqlite3_stmt *, pgp_tpk_t *, int *)
    2.47      __attribute__((nonnull(1, 2)));
    2.48 @@ -802,54 +808,7 @@
    2.49  
    2.50          pgp_packet_t userid = pgp_user_id_new (user_id_value);
    2.51          pgp_user_id_name(NULL, userid, &name);
    2.52 -        pgp_user_id_address(NULL, userid, &email);
    2.53 -                
    2.54 -        if (!email || email[0] == '\0') {
    2.55 -            size_t uid_value_len;
    2.56 -            const char* uid_value = (const char*)pgp_user_id_value(userid, &uid_value_len);
    2.57 -            if (!uid_value) {
    2.58 -                // We need some kind of an error here, maybe?
    2.59 -                 
    2.60 -            }
    2.61 -            else {
    2.62 -                // Ok, asan gets really pissed at us using this string directly, SO...
    2.63 -                char* uid_copy = calloc(uid_value_len + 1, 1);
    2.64 -                strlcpy(uid_copy, uid_value, uid_value_len);
    2.65 -                const char* split = strstr(uid_copy, "<");
    2.66 -                if (split != uid_copy) {       
    2.67 -                    while (split) {
    2.68 -                        if (isspace(*(split - 1)))
    2.69 -                            break;
    2.70 -                        split = strstr(split + 1, "<");
    2.71 -                    }
    2.72 -                }
    2.73 -                if (split) {
    2.74 -                    char* stopchr = strrchr(split, '>');
    2.75 -                    if (stopchr) {
    2.76 -                        int email_len = stopchr - split - 1;
    2.77 -                        email = calloc(email_len + 1, 1); 
    2.78 -                        strlcpy(email, split + 1, email_len + 1);
    2.79 -                        const char* last = NULL;
    2.80 -                        if (split != uid_value) {
    2.81 -                            for (last = split - 1; last > uid_value; last--) {
    2.82 -                                if (!isspace(*last))
    2.83 -                                    break;
    2.84 -                            }
    2.85 -                            int name_len = (last - uid_value) + 1;
    2.86 -                            name = calloc(name_len + 1, 1);
    2.87 -                            strlcpy(name, uid_value, name_len + 1);
    2.88 -                        }
    2.89 -                    }
    2.90 -                    else  
    2.91 -                        split = NULL;
    2.92 -                }
    2.93 -                if (split == NULL)
    2.94 -                    email = uid_copy;
    2.95 -                else 
    2.96 -                    free(uid_copy);
    2.97 -            }
    2.98 -        }
    2.99 -        
   2.100 +        pgp_user_id_address_or_other(NULL, userid, &email);
   2.101          pgp_packet_free(userid);
   2.102          free(user_id_value);
   2.103  
   2.104 @@ -1828,6 +1787,7 @@
   2.105  {
   2.106      PEP_STATUS status = PEP_STATUS_OK;
   2.107      pgp_error_t err = NULL;
   2.108 +    pgp_packet_t userid_packet = NULL;
   2.109      char *userid = NULL;
   2.110      pgp_tpk_t tpk = NULL;
   2.111      pgp_fingerprint_t pgp_fpr = NULL;
   2.112 @@ -1839,16 +1799,22 @@
   2.113      assert(identity->fpr == NULL || identity->fpr[0] == 0);
   2.114      assert(identity->username);
   2.115  
   2.116 -    size_t userid_size = strlen(identity->username)+strlen(identity->address)+3+1;
   2.117 -    userid = (char *) calloc(1, userid_size);
   2.118 -    assert(userid);
   2.119 +    userid_packet = pgp_user_id_from_unchecked_address(&err,
   2.120 +                                                       identity->username, NULL,
   2.121 +                                                       identity->address);
   2.122 +    if (!userid_packet)
   2.123 +        ERROR_OUT(err, PEP_UNKNOWN_ERROR, "pgp_user_id_from_other_address");
   2.124 +
   2.125 +    size_t userid_len = 0;
   2.126 +    const uint8_t *raw = pgp_user_id_value(userid_packet, &userid_len);
   2.127 +
   2.128 +    // Null terminate it.
   2.129 +    userid = malloc(userid_len + 1);
   2.130      if (!userid)
   2.131          ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "out of memory");
   2.132  
   2.133 -    int r = snprintf(userid, userid_size, "%s <%s>", identity->username, identity->address);
   2.134 -    assert(r >= 0 && r < userid_size);
   2.135 -    if (r < 0)
   2.136 -        ERROR_OUT(NULL, PEP_UNKNOWN_ERROR, "snprintf");
   2.137 +    memcpy(userid, raw, userid_len);
   2.138 +    userid[userid_len] = 0;
   2.139  
   2.140      T("(%s)", userid);
   2.141  
   2.142 @@ -1882,45 +1848,44 @@
   2.143      if (tpk)
   2.144          pgp_tpk_free(tpk);
   2.145      free(userid);
   2.146 +    if (userid_packet)
   2.147 +        pgp_packet_free(userid_packet);
   2.148  
   2.149      T("-> %s", pEp_status_to_string(status));
   2.150      return status;
   2.151  }
   2.152  
   2.153 -#define SQL_DELETE "DELETE FROM keys WHERE primary_key = '%s' ;"
   2.154 -static const char *sql_delete = SQL_DELETE;
   2.155 -static const size_t sql_delete_size = sizeof(SQL_DELETE);
   2.156 -
   2.157 -// FIXME: this is deleting the key from the index but not the key data
   2.158 -
   2.159 -PEP_STATUS pgp_delete_keypair(PEP_SESSION session, const char *fpr)
   2.160 +PEP_STATUS pgp_delete_keypair(PEP_SESSION session, const char *fpr_raw)
   2.161  {
   2.162 -    assert(session && fpr && fpr[0]);
   2.163 -    if (!(session && fpr && fpr[0]))
   2.164 -        return PEP_ILLEGAL_VALUE;
   2.165 -
   2.166 -    size_t sql_size = sql_delete_size + strlen(fpr);
   2.167 -    char *sql = calloc(1, sql_size);
   2.168 -    assert(sql);
   2.169 -    if (!sql)
   2.170 -        return PEP_OUT_OF_MEMORY;
   2.171 -
   2.172 -    int r = snprintf(sql, sql_size, sql_delete, fpr);
   2.173 -    assert(r > 0 && r < sql_size);
   2.174 -    if (r < 0)
   2.175 -        return PEP_UNKNOWN_ERROR;
   2.176 -
   2.177 -    int sqlite_result = sqlite3_exec(session->key_db, sql, NULL, NULL, NULL);
   2.178 -    assert(sqlite_result == SQLITE_OK);
   2.179 -    if (sqlite_result != SQLITE_OK)
   2.180 -        return PEP_CANNOT_DELETE_KEY;
   2.181 +    PEP_STATUS status = PEP_STATUS_OK;
   2.182 +
   2.183 +    assert(session && fpr_raw && fpr_raw[0]);
   2.184 +    if (!(session && fpr_raw && fpr_raw[0]))
   2.185 +        ERROR_OUT(NULL, PEP_ILLEGAL_VALUE, "invalid arguments");
   2.186 +
   2.187 +    char *fpr = pgp_fingerprint_canonicalize(fpr_raw);
   2.188 +    if (! fpr)
   2.189 +        ERROR_OUT(NULL, PEP_OUT_OF_MEMORY, "out of memory");
   2.190 +
   2.191 +    T("Deleting %s", fpr);
   2.192 +
   2.193 +    sqlite3_stmt *stmt = session->sq_sql.delete_keypair;
   2.194 +    sqlite3_bind_text(stmt, 1, fpr, -1, free);
   2.195 +
   2.196 +    int sqlite_result = Sqlite3_step(stmt);
   2.197 +    sqlite3_reset(stmt);
   2.198 +    if (sqlite_result != SQLITE_DONE)
   2.199 +        ERROR_OUT(NULL, PEP_CANNOT_DELETE_KEY,
   2.200 +                  "deletion failed: %s", sqlite3_errmsg(session->key_db));
   2.201  
   2.202      sqlite_result = sqlite3_changes(session->key_db);
   2.203      assert(sqlite_result >= 0 && sqlite_result < 2);
   2.204      if (sqlite_result < 1)
   2.205 -        return PEP_KEY_NOT_FOUND;
   2.206 -
   2.207 -    return PEP_STATUS_OK;
   2.208 +        ERROR_OUT(NULL, PEP_KEY_NOT_FOUND,
   2.209 +                  "attempt to delete non-existent key: %s", fpr_raw);
   2.210 +
   2.211 + out:
   2.212 +    return status;
   2.213  }
   2.214  
   2.215  PEP_STATUS pgp_import_keydata(PEP_SESSION session, const char *key_data,
     3.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     3.2 +++ b/test/include/LotsOfKeysTests.h	Mon Jun 03 07:44:56 2019 +0200
     3.3 @@ -0,0 +1,19 @@
     3.4 +// This file is under GNU General Public License 3.0
     3.5 +// see LICENSE.txt
     3.6 +
     3.7 +#ifndef LOTS_OF_KEYS_H
     3.8 +#define LOTS_OF_KEYS_H
     3.9 +
    3.10 +#include <string>
    3.11 +#include "EngineTestIndividualSuite.h"
    3.12 +
    3.13 +using namespace std;
    3.14 +
    3.15 +class LotsOfKeysTests : public EngineTestIndividualSuite {
    3.16 +    public:
    3.17 +        LotsOfKeysTests(string test_suite, string test_home_dir);
    3.18 +    private:
    3.19 +        void check();
    3.20 +};
    3.21 +
    3.22 +#endif
     4.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     4.2 +++ b/test/src/engine_tests/LotsOfKeysTests.cc	Mon Jun 03 07:44:56 2019 +0200
     4.3 @@ -0,0 +1,275 @@
     4.4 +// This file is under GNU General Public License 3.0
     4.5 +// see LICENSE.txt
     4.6 +
     4.7 +#include <stdlib.h>
     4.8 +#include <string>
     4.9 +#include <cstring>
    4.10 +#include <cpptest.h>
    4.11 +#include <fstream>
    4.12 +#include <sys/time.h>
    4.13 +#include <assert.h>
    4.14 +#include <sys/types.h>
    4.15 +#include <unistd.h>
    4.16 +#include <time.h>
    4.17 +
    4.18 +#include "pEpEngine.h"
    4.19 +
    4.20 +#include "test_util.h"
    4.21 +#include "EngineTestIndividualSuite.h"
    4.22 +#include "LotsOfKeysTests.h"
    4.23 +
    4.24 +// Whether to log to the file system (in /tmp).
    4.25 +#define LOG 0
    4.26 +// How to plot (in R).  You need to enable LOG above.
    4.27 +#if 0
    4.28 +
    4.29 +library(ggplot2);
    4.30 +
    4.31 +t = "2019XXXX-XXXXXX";
    4.32 +find_keys = read.csv(sprintf("/tmp/pep-benchmark-find-keys-%s.csv", t),
    4.33 +                     header=T, sep=",")
    4.34 +get_ids = read.csv(sprintf("/tmp/pep-benchmark-get-identity-%s.csv", t),
    4.35 +                   header=T, sep=",")
    4.36 +ggplot(find_keys, aes(x=Keys, y=run0_us_per_op), tag="FOO") +
    4.37 +    geom_point() +
    4.38 +    geom_point(data = get_ids, aes(Keys, run0_us_per_op), colour = 'red') +
    4.39 +    scale_x_log10() + guides(fill = guide_legend()) +
    4.40 +    labs(title="Microseconds/Op for a Key/Management DB with x keys",
    4.41 +         x="Keys in DB", y="usec")
    4.42 +
    4.43 +ggsave("/tmp/pep-benchmark.pdf", width = 4, height = 4)
    4.44 +#endif
    4.45 +
    4.46 +
    4.47 +using namespace std;
    4.48 +
    4.49 +LotsOfKeysTests::LotsOfKeysTests(string suitename, string test_home_dir) :
    4.50 +    EngineTestIndividualSuite::EngineTestIndividualSuite(suitename, test_home_dir) {
    4.51 +    add_test_to_suite(std::pair<std::string, void (Test::Suite::*)()>(string("LotsOfKeysTests::check"),
    4.52 +                                                                      static_cast<Func>(&LotsOfKeysTests::check)));
    4.53 +}
    4.54 +
    4.55 +// Only really run the bench mark if logging is enabled.
    4.56 +#if LOG > 0
    4.57 +// Maximum number of keys.
    4.58 +#  define N 31622
    4.59 +// Amount of time to run each benchmark, in usecs.
    4.60 +#  define TIME 2 * 1000000
    4.61 +#else
    4.62 +// Don't actually run the benchmark.
    4.63 +#  define N 3
    4.64 +#  define TIME 0
    4.65 +#endif
    4.66 +
    4.67 +// Number of times to run each benchmark.
    4.68 +#define REPITIONS 3
    4.69 +
    4.70 +// 10^x, x=0.5.. step 0.5.
    4.71 +const int exp[] = { 3, 10, 31, 100, 316, 1000, 3162, 10000, 31622,
    4.72 +                    100000, 316227, 1000000, 3162277, 10000000,
    4.73 +                    31622776, 100000000, 316227766, 1000000000 };
    4.74 +#define BENCHMARKS (sizeof(exp) / sizeof(exp[0]))
    4.75 +
    4.76 +struct stats {
    4.77 +    FILE *fp;
    4.78 +    const char *name;
    4.79 +    struct {
    4.80 +        // Number of keys in the db.
    4.81 +        int keys;
    4.82 +        unsigned long long time[REPITIONS];
    4.83 +        unsigned long long ops[REPITIONS];
    4.84 +    } benchmarks[BENCHMARKS];
    4.85 +};
    4.86 +
    4.87 +struct stats *stats_new(const char *name)
    4.88 +{
    4.89 +    struct stats *stats = (struct stats *) calloc(1, sizeof(*stats));
    4.90 +    stats->name = name;
    4.91 +    return stats;
    4.92 +}
    4.93 +
    4.94 +unsigned long long time() {
    4.95 +    struct timeval tv;
    4.96 +    int err = gettimeofday(&tv, NULL);
    4.97 +    assert(err == 0);
    4.98 +
    4.99 +    return (unsigned long long) (tv.tv_sec * 1000000 + tv.tv_usec);
   4.100 +}
   4.101 +
   4.102 +static char start_time[100];
   4.103 +
   4.104 +static void dump_stats(struct stats *stats, int benchmark) {
   4.105 +    if (LOG && ! stats->fp) {
   4.106 +        char fn[1024];
   4.107 +        sprintf(fn, "/tmp/pep-benchmark-%s-%s.csv", stats->name, start_time);
   4.108 +        stats->fp = fopen(fn , "w");
   4.109 +        if (! stats->fp) {
   4.110 +            printf("Opening %s failed.\n", fn);
   4.111 +            abort();
   4.112 +        }
   4.113 +
   4.114 +        fprintf(stats->fp, "Keys");
   4.115 +        for (int iter = 0; iter < REPITIONS; iter ++) {
   4.116 +            fprintf(stats->fp, ", run%d_us_per_op, run%d_ops_per_sec", iter, iter);
   4.117 +        }
   4.118 +        fprintf(stats->fp, "\n");
   4.119 +    }
   4.120 +
   4.121 +    printf("%-8d keys", stats->benchmarks[benchmark].keys);
   4.122 +    if (stats->fp)
   4.123 +        fprintf(stats->fp, "%d", stats->benchmarks[benchmark].keys);
   4.124 +
   4.125 +    for (int iter = 0; iter < REPITIONS; iter ++) {
   4.126 +        double us_per_lookup = (double) stats->benchmarks[benchmark].time[iter]
   4.127 +            / (double) stats->benchmarks[benchmark].ops[iter];
   4.128 +        double ops_per_second = (double) stats->benchmarks[benchmark].ops[iter]
   4.129 +            / ((double) stats->benchmarks[benchmark].time[iter] / 1000000);
   4.130 +
   4.131 +        printf("\t%.02f us/op (%.1f ops/s)", us_per_lookup, ops_per_second);
   4.132 +        if (stats->fp)
   4.133 +            fprintf(stats->fp, ", %f, %f", us_per_lookup, ops_per_second);
   4.134 +    }
   4.135 +
   4.136 +    printf("\n");
   4.137 +    if (stats->fp) {
   4.138 +        fprintf(stats->fp, "\n");
   4.139 +        fflush(stats->fp);
   4.140 +    }
   4.141 +}
   4.142 +
   4.143 +void LotsOfKeysTests::check() {
   4.144 +    struct tm tm;
   4.145 +    time_t t = time((time_t) NULL);
   4.146 +    localtime_r(&t, &tm);
   4.147 +    strftime(start_time, sizeof(start_time), "%Y%m%d-%H%M%S", &tm);
   4.148 +
   4.149 +    struct stats *find_keys_stats = stats_new("find-keys");
   4.150 +    struct stats *get_identity_stats = stats_new("get-identity");
   4.151 +
   4.152 +    int benchmark = 0;
   4.153 +    PEP_STATUS status;
   4.154 +    pEp_identity **ids = (pEp_identity **) calloc(N, sizeof(*ids));
   4.155 +    assert(ids);
   4.156 +
   4.157 +    status = config_cipher_suite(session, PEP_CIPHER_SUITE_CV25519);
   4.158 +    TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
   4.159 +
   4.160 +    for (int key = 0; key < N; key ++) {
   4.161 +        // Create key
   4.162 +        char email[1024];
   4.163 +        sprintf(email, "%09d@example.org", key);
   4.164 +
   4.165 +        ids[key] = new_identity(strdup(email), NULL, NULL, "Test User");
   4.166 +        status = update_identity(session, ids[key]);
   4.167 +        TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
   4.168 +
   4.169 +        if (key == 0) {
   4.170 +            printf("\nRaw identity:\n");
   4.171 +            printf("   address = %s\n", ids[0]->address);
   4.172 +            printf("       fpr = %s\n", ids[0]->fpr);
   4.173 +            printf("   user_id = %s\n", ids[0]->user_id);
   4.174 +            printf("  username = %s\n", ids[0]->username);
   4.175 +        }
   4.176 +
   4.177 +        status = generate_keypair(session, ids[key]);
   4.178 +        TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
   4.179 +
   4.180 +        if (key == 0) {
   4.181 +            printf("\nAfter generating a key:\n");
   4.182 +            printf("   address = %s\n", ids[0]->address);
   4.183 +            printf("       fpr = %s\n", ids[0]->fpr);
   4.184 +            printf("   user_id = %s\n", ids[0]->user_id);
   4.185 +            printf("  username = %s\n", ids[0]->username);
   4.186 +        }
   4.187 +
   4.188 +        status = set_identity(session, ids[key]);
   4.189 +        TEST_ASSERT_MSG(status == PEP_STATUS_OK, tl_status_string(status));
   4.190 +
   4.191 +        if (key == 0) {
   4.192 +            printf("\nSetting identity:\n");
   4.193 +            printf("   address = %s\n", ids[0]->address);
   4.194 +            printf("       fpr = %s\n", ids[0]->fpr);
   4.195 +            printf("   user_id = %s\n", ids[0]->user_id);
   4.196 +            printf("  username = %s\n", ids[0]->username);
   4.197 +        }
   4.198 +
   4.199 +        bool do_benchmark = false;
   4.200 +        for (int i = 0; i < sizeof(exp) / sizeof(exp[0]); i ++) {
   4.201 +            if (key + 1 == exp[i]) {
   4.202 +                do_benchmark = true;
   4.203 +            } else if (key + 1 < exp[i]) {
   4.204 +                break;
   4.205 +            }
   4.206 +        }
   4.207 +
   4.208 +        if (! do_benchmark)
   4.209 +            continue;
   4.210 +
   4.211 +
   4.212 +        // Look up a random key by its email address.
   4.213 +        //
   4.214 +        // This doesn't use the engine, only the pgp
   4.215 +        // implementation.  For Sequoia, this should run in O(log
   4.216 +        // N).
   4.217 +        find_keys_stats->benchmarks[benchmark].keys = key + 1;
   4.218 +        for (int iter = 0; iter < REPITIONS; iter ++) {
   4.219 +            unsigned long long start = time();
   4.220 +            unsigned long long elapsed;
   4.221 +            int ops = 0;
   4.222 +
   4.223 +            do {
   4.224 +                int i = random() % (key + 1);
   4.225 +                assert(i <= key);
   4.226 +
   4.227 +                stringlist_t* keylist = NULL;
   4.228 +                status = find_keys(session, ids[i]->address, &keylist);
   4.229 +                free_stringlist(keylist);
   4.230 +                TEST_ASSERT_MSG(status == PEP_STATUS_OK,
   4.231 +                                tl_status_string(status));
   4.232 +                ops ++;
   4.233 +                elapsed = time() - start;
   4.234 +            } while (elapsed < TIME);
   4.235 +
   4.236 +            find_keys_stats->benchmarks[benchmark].ops[iter] = ops;
   4.237 +            find_keys_stats->benchmarks[benchmark].time[iter] = elapsed;
   4.238 +        }
   4.239 +
   4.240 +        dump_stats(find_keys_stats, benchmark);
   4.241 +
   4.242 +
   4.243 +        // Look up a random key by its pep user id.
   4.244 +        //
   4.245 +        // This uses the engine's management databank and doesn't
   4.246 +        // touch the pgp engine's DB.
   4.247 +        get_identity_stats->benchmarks[benchmark].keys = key + 1;
   4.248 +        for (int iter = 0; iter < REPITIONS; iter ++) {
   4.249 +            unsigned long long start = time();
   4.250 +            unsigned long long elapsed;
   4.251 +            int ops = 0;
   4.252 +
   4.253 +            do {
   4.254 +                int i = random() % (key + 1);
   4.255 +                pEp_identity *id = NULL;
   4.256 +                status = get_identity(session, ids[i]->address,
   4.257 +                                      ids[i]->user_id, &id);
   4.258 +                TEST_ASSERT_MSG(status == PEP_STATUS_OK,
   4.259 +                                tl_status_string(status));
   4.260 +                TEST_ASSERT_MSG(id->fpr, "no fingerprint");
   4.261 +                TEST_ASSERT_MSG(strcmp(ids[i]->fpr, id->fpr) == 0,
   4.262 +                                "fingerprint mismatch");
   4.263 +                free_identity(id);
   4.264 +
   4.265 +                ops ++;
   4.266 +                elapsed = time() - start;
   4.267 +            } while (elapsed < TIME);
   4.268 +
   4.269 +            get_identity_stats->benchmarks[benchmark].ops[iter] = ops;
   4.270 +            get_identity_stats->benchmarks[benchmark].time[iter] = elapsed;
   4.271 +        }
   4.272 +
   4.273 +        dump_stats(get_identity_stats, benchmark);
   4.274 +
   4.275 +
   4.276 +        benchmark++;
   4.277 +    }
   4.278 +}