diff options
| author |   tedu <tedu@openbsd.org> | 2014-12-30 10:27:24 +0000 |
|---|---|---|
| committer | tedu <tedu@openbsd.org> | 2014-12-30 10:27:24 +0000 |
| commit | e08a42f854de4914aeb357f2b6cd9c7274f05e75 (patch) | |
| tree | 222b45b541c74e946ea138eb39d86a05a50eaafb /lib/libc/crypt/bcrypt.c | |
| parent | let the "make groff" maintainer target show groff warnings (diff) | |
| download | wireguard-openbsd-e08a42f854de4914aeb357f2b6cd9c7274f05e75.tar.xz wireguard-openbsd-e08a42f854de4914aeb357f2b6cd9c7274f05e75.zip | |
copy bcrypt autotune from encrypt(1) and expose via crypt_newhash
ok deraadt miod
Diffstat (limited to 'lib/libc/crypt/bcrypt.c')
| -rw-r--r-- | lib/libc/crypt/bcrypt.c | 34 |
1 files changed, 33 insertions, 1 deletions
diff --git a/lib/libc/crypt/bcrypt.c b/lib/libc/crypt/bcrypt.c index 94758ca40bd..abcbe138ca3 100644 --- a/lib/libc/crypt/bcrypt.c +++ b/lib/libc/crypt/bcrypt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bcrypt.c,v 1.46 2014/11/24 22:47:01 tedu Exp $ */ +/* $OpenBSD: bcrypt.c,v 1.47 2014/12/30 10:27:24 tedu Exp $ */ /* * Copyright (c) 2014 Ted Unangst <tedu@openbsd.org> @@ -225,6 +225,38 @@ bcrypt_checkpass(const char *pass, const char *goodhash) } /* + * Measure this system's performance by measuring the time for 8 rounds. + * We are aiming for something that takes between 0.25 and 0.5 seconds. + */ +int +bcrypt_autorounds(void) +{ + clock_t before, after; + int r = 8; + char buf[_PASSWORD_LEN]; + int duration; + + before = clock(); + bcrypt_newhash("testpassword", r, buf, sizeof(buf)); + after = clock(); + + duration = after - before; + + /* too quick? slow it down. */ + while (r < 16 && duration <= CLOCKS_PER_SEC / 4) { + r += 1; + duration *= 2; + } + /* too slow? speed it up. */ + while (r > 4 && duration > CLOCKS_PER_SEC / 2) { + r -= 1; + duration /= 2; + } + + return r; +} + +/* * internal utilities */ static const u_int8_t Base64Code[] = |