Home | History | Annotate | Line # | Download | only in krb5 
      1 /*	$NetBSD: test_crypto.c,v 1.2 2017/01/28 21:31:49 christos Exp $	*/
      2 
      3 /*
      4  * Copyright (c) 2003-2005 Kungliga Tekniska Hgskolan
      5  * (Royal Institute of Technology, Stockholm, Sweden).
      6  * All rights reserved.
      7  *
      8  * Redistribution and use in source and binary forms, with or without
      9  * modification, are permitted provided that the following conditions
     10  * are met:
     11  *
     12  * 1. Redistributions of source code must retain the above copyright
     13  *    notice, this list of conditions and the following disclaimer.
     14  *
     15  * 2. Redistributions in binary form must reproduce the above copyright
     16  *    notice, this list of conditions and the following disclaimer in the
     17  *    documentation and/or other materials provided with the distribution.
     18  *
     19  * 3. Neither the name of KTH nor the names of its contributors may be
     20  *    used to endorse or promote products derived from this software without
     21  *    specific prior written permission.
     22  *
     23  * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
     24  * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
     25  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
     26  * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
     27  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
     28  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
     29  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
     30  * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
     31  * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
     32  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
     33  * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
     34 
     35 #include "krb5_locl.h"
     36 #include <err.h>
     37 #include <krb5/getarg.h>
     38 
     39 static void
     40 time_encryption(krb5_context context, size_t size,
     41 		krb5_enctype etype, int iterations)
     42 {
     43     struct timeval tv1, tv2;
     44     krb5_error_code ret;
     45     krb5_keyblock key;
     46     krb5_crypto crypto;
     47     krb5_data data;
     48     char *etype_name;
     49     void *buf;
     50     int i;
     51 
     52     ret = krb5_generate_random_keyblock(context, etype, &key);
     53     if (ret)
     54 	krb5_err(context, 1, ret, "krb5_generate_random_keyblock");
     55 
     56     ret = krb5_enctype_to_string(context, etype, &etype_name);
     57     if (ret)
     58 	krb5_err(context, 1, ret, "krb5_enctype_to_string");
     59 
     60     buf = malloc(size);
     61     if (buf == NULL)
     62 	krb5_errx(context, 1, "out of memory");
     63     memset(buf, 0, size);
     64 
     65     ret = krb5_crypto_init(context, &key, 0, &crypto);
     66     if (ret)
     67 	krb5_err(context, 1, ret, "krb5_crypto_init");
     68 
     69     gettimeofday(&tv1, NULL);
     70 
     71     for (i = 0; i < iterations; i++) {
     72 	ret = krb5_encrypt(context, crypto, 0, buf, size, &data);
     73 	if (ret)
     74 	    krb5_err(context, 1, ret, "encrypt: %d", i);
     75 	krb5_data_free(&data);
     76     }
     77 
     78     gettimeofday(&tv2, NULL);
     79 
     80     timevalsub(&tv2, &tv1);
     81 
     82     printf("%s size: %7lu iterations: %d time: %3ld.%06ld\n",
     83 	   etype_name, (unsigned long)size, iterations,
     84 	   (long)tv2.tv_sec, (long)tv2.tv_usec);
     85 
     86     free(buf);
     87     free(etype_name);
     88     krb5_crypto_destroy(context, crypto);
     89     krb5_free_keyblock_contents(context, &key);
     90 }
     91 
     92 static void
     93 time_s2k(krb5_context context,
     94 	 krb5_enctype etype,
     95 	 const char *password,
     96 	 krb5_salt salt,
     97 	 int iterations)
     98 {
     99     struct timeval tv1, tv2;
    100     krb5_error_code ret;
    101     krb5_keyblock key;
    102     krb5_data opaque;
    103     char *etype_name;
    104     int i;
    105 
    106     ret = krb5_enctype_to_string(context, etype, &etype_name);
    107     if (ret)
    108 	krb5_err(context, 1, ret, "krb5_enctype_to_string");
    109 
    110     opaque.data = NULL;
    111     opaque.length = 0;
    112 
    113     gettimeofday(&tv1, NULL);
    114 
    115     for (i = 0; i < iterations; i++) {
    116 	ret = krb5_string_to_key_salt_opaque(context, etype, password, salt,
    117 					 opaque, &key);
    118 	if (ret)
    119 	    krb5_err(context, 1, ret, "krb5_string_to_key_data_salt_opaque");
    120 	krb5_free_keyblock_contents(context, &key);
    121     }
    122 
    123     gettimeofday(&tv2, NULL);
    124 
    125     timevalsub(&tv2, &tv1);
    126 
    127     printf("%s string2key %d iterations time: %3ld.%06ld\n",
    128 	   etype_name, iterations, (long)tv2.tv_sec, (long)tv2.tv_usec);
    129     free(etype_name);
    130 
    131 }
    132 
    133 static int version_flag = 0;
    134 static int help_flag	= 0;
    135 
    136 static struct getargs args[] = {
    137     {"version",	0,	arg_flag,	&version_flag,
    138      "print version", NULL },
    139     {"help",	0,	arg_flag,	&help_flag,
    140      NULL, NULL }
    141 };
    142 
    143 static void
    144 usage (int ret)
    145 {
    146     arg_printusage (args,
    147 		    sizeof(args)/sizeof(*args),
    148 		    NULL,
    149 		    "");
    150     exit (ret);
    151 }
    152 
    153 int
    154 main(int argc, char **argv)
    155 {
    156     krb5_context context;
    157     krb5_error_code ret;
    158     int i, enciter, s2kiter;
    159     int optidx = 0;
    160     krb5_salt salt;
    161 
    162     krb5_enctype enctypes[] = {
    163 #if 0
    164 	ETYPE_DES_CBC_CRC,
    165 	ETYPE_DES3_CBC_SHA1,
    166 	ETYPE_ARCFOUR_HMAC_MD5,
    167 #endif
    168 	ETYPE_AES128_CTS_HMAC_SHA1_96,
    169 	ETYPE_AES256_CTS_HMAC_SHA1_96,
    170         ETYPE_AES128_CTS_HMAC_SHA256_128,
    171         ETYPE_AES256_CTS_HMAC_SHA384_192
    172     };
    173 
    174     setprogname(argv[0]);
    175 
    176     if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx))
    177 	usage(1);
    178 
    179     if (help_flag)
    180 	usage (0);
    181 
    182     if(version_flag){
    183 	print_version(NULL);
    184 	exit(0);
    185     }
    186 
    187     salt.salttype = KRB5_PW_SALT;
    188     salt.saltvalue.data = NULL;
    189     salt.saltvalue.length = 0;
    190 
    191     ret = krb5_init_context(&context);
    192     if (ret)
    193 	errx (1, "krb5_init_context failed: %d", ret);
    194 
    195     enciter = 1000;
    196     s2kiter = 100;
    197 
    198     for (i = 0; i < sizeof(enctypes)/sizeof(enctypes[0]); i++) {
    199 
    200 	krb5_enctype_enable(context, enctypes[i]);
    201 
    202 	time_encryption(context, 16, enctypes[i], enciter);
    203 	time_encryption(context, 32, enctypes[i], enciter);
    204 	time_encryption(context, 512, enctypes[i], enciter);
    205 	time_encryption(context, 1024, enctypes[i], enciter);
    206 	time_encryption(context, 2048, enctypes[i], enciter);
    207 	time_encryption(context, 4096, enctypes[i], enciter);
    208 	time_encryption(context, 8192, enctypes[i], enciter);
    209 	time_encryption(context, 16384, enctypes[i], enciter);
    210 	time_encryption(context, 32768, enctypes[i], enciter);
    211 
    212 	time_s2k(context, enctypes[i], "mYsecreitPassword", salt, s2kiter);
    213     }
    214 
    215     krb5_free_context(context);
    216 
    217     return 0;
    218 }
    219