59
/* A helper object for time measurement. */
60
struct calibrate_time_s
62
#ifdef HAVE_W32_SYSTEM
63
FILETIME creation_time, exit_time, kernel_time, user_time;
55
71
hash_passphrase (const char *passphrase, int hashalgo,
57
73
const unsigned char *s2ksalt, unsigned long s2kcount,
58
74
unsigned char *key, size_t keylen);
76
/* Get the process time and store it in DATA. */
78
calibrate_get_time (struct calibrate_time_s *data)
80
#ifdef HAVE_W32_SYSTEM
81
GetProcessTimes (GetCurrentProcess (),
82
&data->creation_time, &data->exit_time,
83
&data->kernel_time, &data->user_time);
88
data->ticks = tmp.tms_utime;
94
calibrate_elapsed_time (struct calibrate_time_s *starttime)
96
struct calibrate_time_s stoptime;
98
calibrate_get_time (&stoptime);
99
#ifdef HAVE_W32_SYSTEM
101
unsigned long long t1, t2;
103
t1 = (((unsigned long long)starttime->kernel_time.dwHighDateTime << 32)
104
+ starttime->kernel_time.dwLowDateTime);
105
t1 += (((unsigned long long)starttime->user_time.dwHighDateTime << 32)
106
+ starttime->user_time.dwLowDateTime);
107
t2 = (((unsigned long long)stoptime.kernel_time.dwHighDateTime << 32)
108
+ stoptime.kernel_time.dwLowDateTime);
109
t2 += (((unsigned long long)stoptime.user_time.dwHighDateTime << 32)
110
+ stoptime.user_time.dwLowDateTime);
111
return (unsigned long)((t2 - t1)/10000);
114
return (unsigned long)((((double) (stoptime.ticks - starttime->ticks))
115
/CLOCKS_PER_SEC)*10000000);
120
/* Run a test hashing for COUNT and return the time required in
123
calibrate_s2k_count_one (unsigned long count)
126
char keybuf[PROT_CIPHER_KEYLEN];
127
struct calibrate_time_s starttime;
129
calibrate_get_time (&starttime);
130
rc = hash_passphrase ("123456789abcdef0", GCRY_MD_SHA1,
131
3, "saltsalt", count, keybuf, sizeof keybuf);
134
return calibrate_elapsed_time (&starttime);
138
/* Measure the time we need to do the hash operations and deduce an
139
S2K count which requires about 100ms of time. */
141
calibrate_s2k_count (void)
146
for (count = 65536; count; count *= 2)
148
ms = calibrate_s2k_count_one (count);
150
log_info ("S2K calibration: %lu -> %lums\n", count, ms);
155
count = (unsigned long)(((double)count / ms) * 100);
163
ms = calibrate_s2k_count_one (count);
164
log_info ("S2K calibration: %lu iterations for %lums\n", count, ms);
172
/* Return the standard S2K count. */
174
get_standard_s2k_count (void)
176
static unsigned long count;
179
count = calibrate_s2k_count ();
181
/* Enforce a lower limit. */
182
return count < 65536 ? 65536 : count;
62
188
/* Calculate the MIC for a private key S-Exp. SHA1HASH should point to
757
884
is nothing we should worry about */
758
885
if (s[n] != ')' )
759
886
return gpg_error (GPG_ERR_INV_SEXP);
888
/* Old versions of gpg-agent used the funny floating point number in
889
a byte encoding as specified by OpenPGP. However this is not
890
needed and thus we now store it as a plain unsigned integer. We
891
can easily distinguish the old format by looking at its value:
892
Less than 256 is an old-style encoded number; other values are
893
plain integers. In any case we check that they are at least
894
65536 because we never used a lower value in the past and we
895
should have a lower limit. */
760
896
s2kcount = strtoul ((const char*)s, NULL, 10);
762
898
return gpg_error (GPG_ERR_CORRUPTED_PROTECTION);
900
s2kcount = (16ul + (s2kcount & 15)) << ((s2kcount >> 4) + 6);
901
if (s2kcount < 65536)
902
return gpg_error (GPG_ERR_CORRUPTED_PROTECTION);
764
905
s++; /* skip list end */