void
testCalcIter(void)
{
int iter;
iter = CCCalibratePBKDF(kCCPBKDF2,
strlen(password),
redsideSalts.keySaltLen,
kCCPRFHmacAlgSHA512,
kCCKeySizeAES256,
100); // ms
printf("iter=%d\n", iter);
}
C4Err PASS_TO_KEY_SETUP( unsigned long password_len,
unsigned long key_len,
uint8_t *salt,
unsigned long salt_len,
uint32_t *rounds_out)
{
C4Err err = kC4Err_NoErr;
uint8_t *password = NULL;
uint8_t *key = NULL;
uint32_t rounds = MIN_ROUNDS;
#if _USES_COMMON_CRYPTO_
rounds = CCCalibratePBKDF(kCCPBKDF2,password_len, salt_len, kCCPRFHmacAlgSHA256, key_len, 100 );
rounds = rounds > MIN_ROUNDS?rounds:MIN_ROUNDS;
*rounds_out = rounds;
#else
uint64_t startTime, endTime, elapsedTime;
uint64_t msec = 100; // 0.1s ?
int i;
// random password and salt
password = XMALLOC(password_len); CKNULL(password);
key = XMALLOC(key_len); CKNULL(key);
err = RNG_GetBytes( password, password_len ); CKERR;
err = RNG_GetBytes( salt, salt_len ); CKERR;
// run and calculate elapsed time.
for(elapsedTime = 0, i=0; i < 10 && elapsedTime == 0; i++)
{
startTime = clock();
err = PASS_TO_KEY (password, password_len, salt, salt_len, ROUNDMEASURE, key, key_len); CKERR;
endTime = clock();
elapsedTime = endTime - startTime;
}
if(elapsedTime == 0)
RETERR(kC4Err_UnknownError);
// How many rounds to use so that it takes 0.1s ?
rounds = (uint32_t) ((uint64_t)(msec * ROUNDMEASURE * 1000) / elapsedTime);
rounds = rounds > MIN_ROUNDS?rounds:MIN_ROUNDS;
*rounds_out = rounds;
#endif
done:
if(password) XFREE(password);
if(key) XFREE(key);
return err;
} // PASS_TO_KEY_SETUP()
