2 * Copyright (c) 2003-2005 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of KTH nor the names of its contributors may be
18 * used to endorse or promote products derived from this software without
19 * specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
22 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
24 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
25 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
26 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
28 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
29 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
30 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
31 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
33 #include "krb5_locl.h"
38 time_encryption(krb5_context context
, size_t size
,
39 krb5_enctype etype
, int iterations
)
41 struct timeval tv1
, tv2
;
50 ret
= krb5_generate_random_keyblock(context
, etype
, &key
);
52 krb5_err(context
, 1, ret
, "krb5_generate_random_keyblock");
54 ret
= krb5_enctype_to_string(context
, etype
, &etype_name
);
56 krb5_err(context
, 1, ret
, "krb5_enctype_to_string");
60 krb5_errx(context
, 1, "out of memory");
63 ret
= krb5_crypto_init(context
, &key
, 0, &crypto
);
65 krb5_err(context
, 1, ret
, "krb5_crypto_init");
67 gettimeofday(&tv1
, NULL
);
69 for (i
= 0; i
< iterations
; i
++) {
70 ret
= krb5_encrypt(context
, crypto
, 0, buf
, size
, &data
);
72 krb5_err(context
, 1, ret
, "encrypt: %d", i
);
73 krb5_data_free(&data
);
76 gettimeofday(&tv2
, NULL
);
78 timevalsub(&tv2
, &tv1
);
80 printf("%s size: %7lu iterations: %d time: %3ld.%06ld\n",
81 etype_name
, (unsigned long)size
, iterations
,
82 (long)tv2
.tv_sec
, (long)tv2
.tv_usec
);
86 krb5_crypto_destroy(context
, crypto
);
87 krb5_free_keyblock_contents(context
, &key
);
91 time_s2k(krb5_context context
,
97 struct timeval tv1
, tv2
;
104 ret
= krb5_enctype_to_string(context
, etype
, &etype_name
);
106 krb5_err(context
, 1, ret
, "krb5_enctype_to_string");
111 gettimeofday(&tv1
, NULL
);
113 for (i
= 0; i
< iterations
; i
++) {
114 ret
= krb5_string_to_key_salt_opaque(context
, etype
, password
, salt
,
117 krb5_err(context
, 1, ret
, "krb5_string_to_key_data_salt_opaque");
118 krb5_free_keyblock_contents(context
, &key
);
121 gettimeofday(&tv2
, NULL
);
123 timevalsub(&tv2
, &tv1
);
125 printf("%s string2key %d iterations time: %3ld.%06ld\n",
126 etype_name
, iterations
, (long)tv2
.tv_sec
, (long)tv2
.tv_usec
);
131 static int version_flag
= 0;
132 static int help_flag
= 0;
134 static struct getargs args
[] = {
135 {"version", 0, arg_flag
, &version_flag
,
136 "print version", NULL
},
137 {"help", 0, arg_flag
, &help_flag
,
144 arg_printusage (args
,
145 sizeof(args
)/sizeof(*args
),
152 main(int argc
, char **argv
)
154 krb5_context context
;
156 int i
, enciter
, s2kiter
;
160 krb5_enctype enctypes
[] = {
163 ETYPE_ARCFOUR_HMAC_MD5
,
164 ETYPE_AES128_CTS_HMAC_SHA1_96
,
165 ETYPE_AES256_CTS_HMAC_SHA1_96
,
166 ETYPE_AES128_CTS_HMAC_SHA256_128
,
167 ETYPE_AES256_CTS_HMAC_SHA384_192
170 setprogname(argv
[0]);
172 if(getarg(args
, sizeof(args
) / sizeof(args
[0]), argc
, argv
, &optidx
))
183 salt
.salttype
= KRB5_PW_SALT
;
184 salt
.saltvalue
.data
= NULL
;
185 salt
.saltvalue
.length
= 0;
187 ret
= krb5_init_context(&context
);
189 errx (1, "krb5_init_context failed: %d", ret
);
194 for (i
= 0; i
< sizeof(enctypes
)/sizeof(enctypes
[0]); i
++) {
196 krb5_enctype_enable(context
, enctypes
[i
]);
198 time_encryption(context
, 16, enctypes
[i
], enciter
);
199 time_encryption(context
, 32, enctypes
[i
], enciter
);
200 time_encryption(context
, 512, enctypes
[i
], enciter
);
201 time_encryption(context
, 1024, enctypes
[i
], enciter
);
202 time_encryption(context
, 2048, enctypes
[i
], enciter
);
203 time_encryption(context
, 4096, enctypes
[i
], enciter
);
204 time_encryption(context
, 8192, enctypes
[i
], enciter
);
205 time_encryption(context
, 16384, enctypes
[i
], enciter
);
206 time_encryption(context
, 32768, enctypes
[i
], enciter
);
208 time_s2k(context
, enctypes
[i
], "mYsecreitPassword", salt
, s2kiter
);
211 krb5_free_context(context
);