From 3607ab2cf382296cb398a92d5ec792239960bf7b Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Mon, 6 Nov 2017 14:20:03 +0100
Subject: [PATCH] agent: New GETINFO sub-commands "s2k_count_cal" and
 "s2k_time".

* agent/command.c (cmd_getinfo): New sub-commands.
* agent/protect.c (get_standard_s2k_count): Factor some code out to ...
(get_calibrated_s2k_count): new.
(get_standard_s2k_time): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 52d41c8b0f4af6278d18d8935399ddad16a26856)
---
 agent/agent.h      |  2 ++
 agent/command.c    | 36 ++++++++++++++++++++++++++----------
 agent/protect.c    | 29 +++++++++++++++++++++++------
 doc/gpg-agent.texi | 26 ++++++++++++++++++--------
 4 files changed, 69 insertions(+), 24 deletions(-)

diff --git a/agent/agent.h b/agent/agent.h
index 19f9f4997..c2d857959 100644
--- a/agent/agent.h
+++ b/agent/agent.h
@@ -485,8 +485,10 @@ gpg_error_t agent_protect_and_store (ctrl_t ctrl, gcry_sexp_t s_skey,
                                      char **passphrase_addr);
 
 /*-- protect.c --*/
+unsigned long get_calibrated_s2k_count (void);
 unsigned long get_standard_s2k_count (void);
 unsigned char get_standard_s2k_count_rfc4880 (void);
+unsigned long get_standard_s2k_time (void);
 int agent_protect (const unsigned char *plainkey, const char *passphrase,
                    unsigned char **result, size_t *resultlen,
 		   unsigned long s2k_count, int use_ocb);
diff --git a/agent/command.c b/agent/command.c
index e20361a11..0916f886a 100644
--- a/agent/command.c
+++ b/agent/command.c
@@ -2843,20 +2843,22 @@ static const char hlp_getinfo[] =
   "Multipurpose function to return a variety of information.\n"
   "Supported values for WHAT are:\n"
   "\n"
-  "  version     - Return the version of the program.\n"
-  "  pid         - Return the process id of the server.\n"
-  "  socket_name - Return the name of the socket.\n"
+  "  version         - Return the version of the program.\n"
+  "  pid             - Return the process id of the server.\n"
+  "  socket_name     - Return the name of the socket.\n"
   "  ssh_socket_name - Return the name of the ssh socket.\n"
-  "  scd_running - Return OK if the SCdaemon is already running.\n"
-  "  s2k_count   - Return the calibrated S2K count.\n"
+  "  scd_running     - Return OK if the SCdaemon is already running.\n"
+  "  s2k_time        - Return the time in milliseconds required for S2K.\n"
+  "  s2k_count       - Return the standard S2K count.\n"
+  "  s2k_count_cal   - Return the calibrated S2K count.\n"
   "  std_env_names   - List the names of the standard environment.\n"
   "  std_session_env - List the standard session environment.\n"
   "  std_startup_env - List the standard startup environment.\n"
-  "  cmd_has_option\n"
-  "              - Returns OK if the command CMD implements the option OPT.\n"
-  "  connections - Return number of active connections.\n"
-  "  jent_active - Returns OK if Libgcrypt's JENT is active.\n"
-  "  restricted  - Returns OK if the connection is in restricted mode.\n";
+  "  connections     - Return number of active connections.\n"
+  "  jent_active     - Returns OK if Libgcrypt's JENT is active.\n"
+  "  restricted      - Returns OK if the connection is in restricted mode.\n"
+  "  cmd_has_option CMD OPT\n"
+  "                  - Returns OK if command CMD has option OPT.\n";
 static gpg_error_t
 cmd_getinfo (assuan_context_t ctx, char *line)
 {
@@ -3014,6 +3016,20 @@ cmd_getinfo (assuan_context_t ctx, char *line)
       rc = gpg_error (GPG_ERR_FALSE);
 #endif
     }
+  else if (!strcmp (line, "s2k_count_cal"))
+    {
+      char numbuf[50];
+
+      snprintf (numbuf, sizeof numbuf, "%lu", get_calibrated_s2k_count ());
+      rc = assuan_send_data (ctx, numbuf, strlen (numbuf));
+    }
+  else if (!strcmp (line, "s2k_time"))
+    {
+      char numbuf[50];
+
+      snprintf (numbuf, sizeof numbuf, "%lu", get_standard_s2k_time ());
+      rc = assuan_send_data (ctx, numbuf, strlen (numbuf));
+    }
   else
     rc = set_error (GPG_ERR_ASS_PARAMETER, "unknown value for WHAT");
   return rc;
diff --git a/agent/protect.c b/agent/protect.c
index ab26220f5..3073fc4de 100644
--- a/agent/protect.c
+++ b/agent/protect.c
@@ -191,16 +191,13 @@ calibrate_s2k_count (void)
 }
 
 
-
-/* Return the standard S2K count.  */
+/* Return the calibrated S2K count.  This is only public for the use
+ * of the Assuan getinfo s2k_count_cal command.  */
 unsigned long
-get_standard_s2k_count (void)
+get_calibrated_s2k_count (void)
 {
   static unsigned long count;
 
-  if (opt.s2k_count)
-    return opt.s2k_count < 65536 ? 65536 : opt.s2k_count;
-
   if (!count)
     count = calibrate_s2k_count ();
 
@@ -209,6 +206,26 @@ get_standard_s2k_count (void)
 }
 
 
+/* Return the standard S2K count.  */
+unsigned long
+get_standard_s2k_count (void)
+{
+  if (opt.s2k_count)
+    return opt.s2k_count < 65536 ? 65536 : opt.s2k_count;
+
+  return get_calibrated_s2k_count ();
+}
+
+
+/* Return the milliseconds required for the standard S2K
+ * operation.  */
+unsigned long
+get_standard_s2k_time (void)
+{
+  return calibrate_s2k_count_one (get_standard_s2k_count ());
+}
+
+
 /* Same as get_standard_s2k_count but return the count in the encoding
    as described by rfc4880.  */
 unsigned char
diff --git a/doc/gpg-agent.texi b/doc/gpg-agent.texi
index 6579622d8..afe280462 100644
--- a/doc/gpg-agent.texi
+++ b/doc/gpg-agent.texi
@@ -186,6 +186,9 @@ this convention).
 @node Agent Options
 @section Option Summary
 
+Options may either be used on the command line or, after stripping off
+the two leading dashes, in the configuration file.
+
 @table @gnupgtabopt
 
 @anchor{option --options}
@@ -193,8 +196,9 @@ this convention).
 @opindex options
 Reads configuration from @var{file} instead of from the default
 per-user configuration file.  The default configuration file is named
-@file{gpg-agent.conf} and expected in the @file{.gnupg} directory directly
-below the home directory of the user.
+@file{gpg-agent.conf} and expected in the @file{.gnupg} directory
+directly below the home directory of the user.  This option is ignored
+if used in an options file.
 
 @anchor{option --homedir}
 @include opt-homedir.texi
@@ -652,20 +656,26 @@ transitioned from using MD5 to the more secure SHA256.
 @opindex s2k-count
 Specify the iteration count used to protect the passphrase.  This
 option can be used to override the auto-calibration done by default.
-This auto-calibration computes a count which requires 100ms to mangle
-a given passphrase.  To view the auto-calibrated count do not use this
-option (or use 0 for @var{n}) and run this command:
+The auto-calibration computes a count which requires 100ms to mangle
+a given passphrase.
+
+To view the actually used iteration count and the milliseconds
+required for an S2K operation use:
 
 @example
 gpg-connect-agent 'GETINFO s2k_count' /bye
+gpg-connect-agent 'GETINFO s2k_time' /bye
+@end example
+
+To view the auto-calibrated count use:
+
+@example
+gpg-connect-agent 'GETINFO s2k_count_cal' /bye
 @end example
 
 
 @end table
 
-All the long options may also be given in the configuration file after
-stripping off the two leading dashes.
-
 
 @mansect files
 @node Agent Configuration