1 /* $NetBSD: test_crypto.c,v 1.1.1.1 2011/04/13 18:15:38 elric Exp $ */ 2 3 /* 4 * Copyright (c) 2003-2005 Kungliga Tekniska Högskolan 5 * (Royal Institute of Technology, Stockholm, Sweden). 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * 3. Neither the name of KTH nor the names of its contributors may be 20 * used to endorse or promote products derived from this software without 21 * specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY 24 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 26 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE 27 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 28 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 29 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 30 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 31 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 32 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 33 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ 34 35 #include "krb5_locl.h" 36 #include <err.h> 37 #include <krb5/getarg.h> 38 39 static void 40 time_encryption(krb5_context context, size_t size, 41 krb5_enctype etype, int iterations) 42 { 43 struct timeval tv1, tv2; 44 krb5_error_code ret; 45 krb5_keyblock key; 46 krb5_crypto crypto; 47 krb5_data data; 48 char *etype_name; 49 void *buf; 50 int i; 51 52 ret = krb5_generate_random_keyblock(context, etype, &key); 53 if (ret) 54 krb5_err(context, 1, ret, "krb5_generate_random_keyblock"); 55 56 ret = krb5_enctype_to_string(context, etype, &etype_name); 57 if (ret) 58 krb5_err(context, 1, ret, "krb5_enctype_to_string"); 59 60 buf = malloc(size); 61 if (buf == NULL) 62 krb5_errx(context, 1, "out of memory"); 63 memset(buf, 0, size); 64 65 ret = krb5_crypto_init(context, &key, 0, &crypto); 66 if (ret) 67 krb5_err(context, 1, ret, "krb5_crypto_init"); 68 69 gettimeofday(&tv1, NULL); 70 71 for (i = 0; i < iterations; i++) { 72 ret = krb5_encrypt(context, crypto, 0, buf, size, &data); 73 if (ret) 74 krb5_err(context, 1, ret, "encrypt: %d", i); 75 krb5_data_free(&data); 76 } 77 78 gettimeofday(&tv2, NULL); 79 80 timevalsub(&tv2, &tv1); 81 82 printf("%s size: %7lu iterations: %d time: %3ld.%06ld\n", 83 etype_name, (unsigned long)size, iterations, 84 (long)tv2.tv_sec, (long)tv2.tv_usec); 85 86 free(buf); 87 free(etype_name); 88 krb5_crypto_destroy(context, crypto); 89 krb5_free_keyblock_contents(context, &key); 90 } 91 92 static void 93 time_s2k(krb5_context context, 94 krb5_enctype etype, 95 const char *password, 96 krb5_salt salt, 97 int iterations) 98 { 99 struct timeval tv1, tv2; 100 krb5_error_code ret; 101 krb5_keyblock key; 102 krb5_data opaque; 103 char *etype_name; 104 int i; 105 106 ret = krb5_enctype_to_string(context, etype, &etype_name); 107 if (ret) 108 krb5_err(context, 1, ret, "krb5_enctype_to_string"); 109 110 opaque.data = NULL; 111 opaque.length = 0; 112 113 gettimeofday(&tv1, NULL); 114 115 for (i = 0; i < iterations; i++) { 116 ret = krb5_string_to_key_salt_opaque(context, etype, password, salt, 117 opaque, &key); 118 if (ret) 119 krb5_err(context, 1, ret, "krb5_string_to_key_data_salt_opaque"); 120 krb5_free_keyblock_contents(context, &key); 121 } 122 123 gettimeofday(&tv2, NULL); 124 125 timevalsub(&tv2, &tv1); 126 127 printf("%s string2key %d iterations time: %3ld.%06ld\n", 128 etype_name, iterations, (long)tv2.tv_sec, (long)tv2.tv_usec); 129 free(etype_name); 130 131 } 132 133 static int version_flag = 0; 134 static int help_flag = 0; 135 136 static struct getargs args[] = { 137 {"version", 0, arg_flag, &version_flag, 138 "print version", NULL }, 139 {"help", 0, arg_flag, &help_flag, 140 NULL, NULL } 141 }; 142 143 static void 144 usage (int ret) 145 { 146 arg_printusage (args, 147 sizeof(args)/sizeof(*args), 148 NULL, 149 ""); 150 exit (ret); 151 } 152 153 int 154 main(int argc, char **argv) 155 { 156 krb5_context context; 157 krb5_error_code ret; 158 int i, enciter, s2kiter; 159 int optidx = 0; 160 krb5_salt salt; 161 162 krb5_enctype enctypes[] = { 163 ETYPE_DES_CBC_CRC, 164 ETYPE_DES3_CBC_SHA1, 165 ETYPE_ARCFOUR_HMAC_MD5, 166 ETYPE_AES128_CTS_HMAC_SHA1_96, 167 ETYPE_AES256_CTS_HMAC_SHA1_96 168 }; 169 170 setprogname(argv[0]); 171 172 if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx)) 173 usage(1); 174 175 if (help_flag) 176 usage (0); 177 178 if(version_flag){ 179 print_version(NULL); 180 exit(0); 181 } 182 183 salt.salttype = KRB5_PW_SALT; 184 salt.saltvalue.data = NULL; 185 salt.saltvalue.length = 0; 186 187 ret = krb5_init_context(&context); 188 if (ret) 189 errx (1, "krb5_init_context failed: %d", ret); 190 191 enciter = 1000; 192 s2kiter = 100; 193 194 for (i = 0; i < sizeof(enctypes)/sizeof(enctypes[0]); i++) { 195 196 krb5_enctype_enable(context, enctypes[i]); 197 198 time_encryption(context, 16, enctypes[i], enciter); 199 time_encryption(context, 32, enctypes[i], enciter); 200 time_encryption(context, 512, enctypes[i], enciter); 201 time_encryption(context, 1024, enctypes[i], enciter); 202 time_encryption(context, 2048, enctypes[i], enciter); 203 time_encryption(context, 4096, enctypes[i], enciter); 204 time_encryption(context, 8192, enctypes[i], enciter); 205 time_encryption(context, 16384, enctypes[i], enciter); 206 time_encryption(context, 32768, enctypes[i], enciter); 207 208 time_s2k(context, enctypes[i], "mYsecreitPassword", salt, s2kiter); 209 } 210 211 krb5_free_context(context); 212 213 return 0; 214 } 215