From 5be433bdbc930377f480e51c67406a3841179339 Mon Sep 17 00:00:00 2001
From: tedu <>
Date: Tue, 30 Dec 2014 10:27:24 +0000
Subject: copy bcrypt autotune from encrypt(1) and expose via crypt_newhash ok
 deraadt miod

---
 src/lib/libc/crypt/bcrypt.c | 34 +++++++++++++++++++++++++++++++++-
 1 file changed, 33 insertions(+), 1 deletion(-)

(limited to 'src/lib/libc/crypt/bcrypt.c')

diff --git a/src/lib/libc/crypt/bcrypt.c b/src/lib/libc/crypt/bcrypt.c
index 94758ca40b..abcbe138ca 100644
--- a/src/lib/libc/crypt/bcrypt.c
+++ b/src/lib/libc/crypt/bcrypt.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: bcrypt.c,v 1.46 2014/11/24 22:47:01 tedu Exp $	*/
+/*	$OpenBSD: bcrypt.c,v 1.47 2014/12/30 10:27:24 tedu Exp $	*/
 
 /*
  * Copyright (c) 2014 Ted Unangst <tedu@openbsd.org>
@@ -224,6 +224,38 @@ bcrypt_checkpass(const char *pass, const char *goodhash)
 	return 0;
 }
 
+/*
+ * Measure this system's performance by measuring the time for 8 rounds.
+ * We are aiming for something that takes between 0.25 and 0.5 seconds.
+ */
+int
+bcrypt_autorounds(void)
+{
+	clock_t before, after;
+	int r = 8;
+	char buf[_PASSWORD_LEN];
+	int duration;
+
+	before = clock();
+	bcrypt_newhash("testpassword", r, buf, sizeof(buf));
+	after = clock();
+
+	duration = after - before;
+
+	/* too quick? slow it down. */
+	while (r < 16 && duration <= CLOCKS_PER_SEC / 4) {
+		r += 1;
+		duration *= 2;
+	}
+	/* too slow? speed it up. */
+	while (r > 4 && duration > CLOCKS_PER_SEC / 2) {
+		r -= 1;
+		duration /= 2;
+	}
+
+	return r;
+}
+
 /*
  * internal utilities
  */
-- 
cgit v1.2.3-55-g6feb