mirror of git://git.gnupg.org/gnupg.git
agent: compile-time configuration of s2k calibration.
* configure.ac: add --with-agent-s2k-calibration=MSEC, introduces AGENT_S2K_CALIBRATION (measured in milliseconds) * agent/protect.c (calibrate_s2k_count): Calibrate based on AGENT_S2K_CALIBRATION. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> GnuPG-bug-id: 3399
This commit is contained in:
Daniel Kahn Gillmor
parent
73ff075204
commit
926d07c5fa
|
|
@ -159,7 +159,7 @@ calibrate_s2k_count_one (unsigned long count)
|
|||
|
||||
|
||||
/* Measure the time we need to do the hash operations and deduce an
|
||||
S2K count which requires about 100ms of time. */
|
||||
S2K count which requires roughly some targeted amount of time. */
|
||||
static unsigned long
|
||||
calibrate_s2k_count (void)
|
||||
{
|
||||
|
|
@ -171,11 +171,11 @@ calibrate_s2k_count (void)
|
|||
ms = calibrate_s2k_count_one (count);
|
||||
if (opt.verbose > 1)
|
||||
log_info ("S2K calibration: %lu -> %lums\n", count, ms);
|
||||
if (ms > 100)
|
||||
if (ms > AGENT_S2K_CALIBRATION)
|
||||
break;
|
||||
}
|
||||
|
||||
count = (unsigned long)(((double)count / ms) * 100);
|
||||
count = (unsigned long)(((double)count / ms) * AGENT_S2K_CALIBRATION);
|
||||
count /= 1024;
|
||||
count *= 1024;
|
||||
if (count < 65536)
|
||||
|
|
|
|||
10
configure.ac
10
configure.ac
|
|
@ -122,7 +122,6 @@ use_tls_library=no
|
|||
large_secmem=no
|
||||
show_tor_support=no
|
||||
|
||||
|
||||
GNUPG_BUILD_PROGRAM(gpg, yes)
|
||||
GNUPG_BUILD_PROGRAM(gpgsm, yes)
|
||||
# The agent is a required part and can't be disabled anymore.
|
||||
|
|
@ -250,6 +249,15 @@ fi
|
|||
AC_DEFINE_UNQUOTED(SECMEM_BUFFER_SIZE,$SECMEM_BUFFER_SIZE,
|
||||
[Size of secure memory buffer])
|
||||
|
||||
AC_MSG_CHECKING([calibrated passphrase-stretching (s2k) duration])
|
||||
AC_ARG_WITH(agent-s2k-calibration,
|
||||
AC_HELP_STRING([--with-agent-s2k-calibration=MSEC],
|
||||
[calibrate passphrase stretching (s2k) to MSEC milliseconds]),
|
||||
agent_s2k_calibration=$withval, agent_s2k_calibration=100)
|
||||
AC_MSG_RESULT($agent_s2k_calibration milliseconds)
|
||||
AC_DEFINE_UNQUOTED(AGENT_S2K_CALIBRATION, $agent_s2k_calibration,
|
||||
[Agent s2k calibration time (ms)])
|
||||
|
||||
AC_MSG_CHECKING([whether to enable trust models])
|
||||
AC_ARG_ENABLE(trust-models,
|
||||
AC_HELP_STRING([--disable-trust-models],
|
||||
|
|
|
|||
Loading…
Reference in New Issue