diff options
author | Christian Grothoff <christian@grothoff.org> | 2013-09-30 18:51:56 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2013-09-30 18:51:56 +0000 |
commit | 87acdc596a6016fb49cf0a238592dda775a5040a (patch) | |
tree | 4dc5ade98324569e1ec0f260de6675c9e0bcde60 /src/revocation/revocation_api.c | |
parent | 0314e07406c3860c4dbc76b585000685f3437e09 (diff) | |
download | gnunet-87acdc596a6016fb49cf0a238592dda775a5040a.tar.gz gnunet-87acdc596a6016fb49cf0a238592dda775a5040a.zip |
-draft for revocation service
Diffstat (limited to 'src/revocation/revocation_api.c')
-rw-r--r-- | src/revocation/revocation_api.c | 59 |
1 files changed, 56 insertions, 3 deletions
diff --git a/src/revocation/revocation_api.c b/src/revocation/revocation_api.c index 32fe995f7..55a130202 100644 --- a/src/revocation/revocation_api.c +++ b/src/revocation/revocation_api.c | |||
@@ -27,6 +27,7 @@ | |||
27 | #include "gnunet_signatures.h" | 27 | #include "gnunet_signatures.h" |
28 | #include "gnunet_protocols.h" | 28 | #include "gnunet_protocols.h" |
29 | #include "revocation.h" | 29 | #include "revocation.h" |
30 | #include <gcrypt.h> | ||
30 | 31 | ||
31 | 32 | ||
32 | /** | 33 | /** |
@@ -196,20 +197,72 @@ GNUNET_REVOCATION_revoke_cancel (struct GNUNET_REVOCATION_Handle *h) | |||
196 | } | 197 | } |
197 | 198 | ||
198 | 199 | ||
200 | |||
201 | /** | ||
202 | * Calculate the 'proof-of-work' hash (an expensive hash). | ||
203 | * | ||
204 | * @param buf data to hash | ||
205 | * @param buf_len number of bytes in @a buf | ||
206 | * @param result where to write the resulting hash | ||
207 | */ | ||
208 | static void | ||
209 | pow_hash (const void *buf, | ||
210 | size_t buf_len, | ||
211 | struct GNUNET_HashCode *result) | ||
212 | { | ||
213 | GNUNET_break (0 == | ||
214 | gcry_kdf_derive (buf, buf_len, | ||
215 | GCRY_KDF_SCRYPT, | ||
216 | 1 /* subalgo */, | ||
217 | "gnunet-revocation-proof-of-work", | ||
218 | strlen ("gnunet-revocation-proof-of-work"), | ||
219 | 2 /* iterations; keep cost of individual op small */, | ||
220 | sizeof (struct GNUNET_HashCode), result)); | ||
221 | } | ||
222 | |||
223 | |||
224 | /** | ||
225 | * Count the leading zeroes in hash. | ||
226 | * | ||
227 | * @param hash to count leading zeros in | ||
228 | * @return the number of leading zero bits. | ||
229 | */ | ||
230 | static unsigned int | ||
231 | count_leading_zeroes (const struct GNUNET_HashCode *hash) | ||
232 | { | ||
233 | unsigned int hash_count; | ||
234 | |||
235 | hash_count = 0; | ||
236 | while ((0 == GNUNET_CRYPTO_hash_get_bit (hash, hash_count))) | ||
237 | hash_count++; | ||
238 | return hash_count; | ||
239 | } | ||
240 | |||
241 | |||
199 | /** | 242 | /** |
200 | * Check if the given proof-of-work value | 243 | * Check if the given proof-of-work value |
201 | * would be acceptable for revoking the given key. | 244 | * would be acceptable for revoking the given key. |
202 | * | 245 | * |
203 | * @param key key to check for | 246 | * @param key key to check for |
204 | * @param pow proof of work value | 247 | * @param pow proof of work value |
248 | * @param matching_bits how many bits must match (configuration) | ||
205 | * @return #GNUNET_YES if the @a pow is acceptable, #GNUNET_NO if not | 249 | * @return #GNUNET_YES if the @a pow is acceptable, #GNUNET_NO if not |
206 | */ | 250 | */ |
207 | int | 251 | int |
208 | GNUNET_REVOCATION_check_pow (const struct GNUNET_CRYPTO_EccPublicSignKey *key, | 252 | GNUNET_REVOCATION_check_pow (const struct GNUNET_CRYPTO_EccPublicSignKey *key, |
209 | uint64_t pow) | 253 | uint64_t pow, |
254 | unsigned int matching_bits) | ||
210 | { | 255 | { |
211 | GNUNET_break (0); | 256 | char buf[sizeof (struct GNUNET_CRYPTO_EccPublicSignKey) + |
212 | return GNUNET_NO; | 257 | sizeof (pow)] GNUNET_ALIGN; |
258 | struct GNUNET_HashCode result; | ||
259 | |||
260 | memcpy (buf, &pow, sizeof (pow)); | ||
261 | memcpy (&buf[sizeof (pow)], key, | ||
262 | sizeof (struct GNUNET_CRYPTO_EccPublicSignKey)); | ||
263 | pow_hash (buf, sizeof (buf), &result); | ||
264 | return (count_leading_zeroes (&result) >= | ||
265 | matching_bits) ? GNUNET_YES : GNUNET_NO; | ||
213 | } | 266 | } |
214 | 267 | ||
215 | 268 | ||