1 files changed, 98 insertions, 0 deletions
diff --git a/src/util/crypto_pow.c b/src/util/crypto_pow.c
new file mode 100644
index 000000000..af6837e03
--- /dev/null
+++ b/src/util/crypto_pow.c
@@ -0,0 +1,98 @@
+/*
+     This file is part of GNUnet.
+     Copyright (C) 2012, 2013, 2019 GNUnet e.V.
+     GNUnet is free software: you can redistribute it and/or modify it
+     under the terms of the GNU Affero General Public License as published
+     by the Free Software Foundation, either version 3 of the License,
+     or (at your option) any later version.
+     GNUnet is distributed in the hope that it will be useful, but
+     WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+     Affero General Public License for more details.
+     You should have received a copy of the GNU Affero General Public License
+     along with this program.  If not, see <http://www.gnu.org/licenses/>.
+     SPDX-License-Identifier: AGPL3.0-or-later
+ */
+/**
+ * @file util/crypto_pow.c
+ * @brief proof-of-work hashing
+ * @author Christian Grothoff
+ * @author Bart Polot
+ */
+#include "platform.h"
+#include "gnunet_crypto_lib.h"
+#include <gcrypt.h>
+/* FIXME: change to 1 for #3795 / 0.12! */
+#define NEW_CRYPTO 0
+/**
+ * Calculate the 'proof-of-work' hash (an expensive hash).
+ * We're using a non-standard formula to avoid issues with
+ * ASICs appearing (see #3795).
+ *
+ * @param salt salt for the hash
+ * @param buf data to hash
+ * @param buf_len number of bytes in @a buf
+ * @param result where to write the resulting hash
+ */
+void
+GNUNET_CRYPTO_pow_hash (const char *salt,
+                        const void *buf,
+                        size_t buf_len,
+                        struct GNUNET_HashCode *result)
+{
+#if NEW_CRYPTO
+  struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
+  struct GNUNET_CRYPTO_SymmetricSessionKey skey;
+  char rbuf[buf_len];
+  GNUNET_break (0 == gcry_kdf_derive (buf,
+                                      buf_len,
+                                      GCRY_KDF_SCRYPT,
+                                      1 /* subalgo */,
+                                      salt,
+                                      strlen (salt),
+                                      2 /* iterations; keep cost of individual op small */,
+                                      sizeof(skey),
+                                      &skey));
+  GNUNET_CRYPTO_symmetric_derive_iv (&iv,
+                                     &skey,
+                                     "gnunet-proof-of-work-iv",
+                                     strlen ("gnunet-proof-of-work-iv"),
+                                     salt,
+                                     strlen (salt),
+                                     NULL, 0);
+  GNUNET_CRYPTO_symmetric_encrypt (buf,
+                                   buf_len,
+                                   &skey,
+                                   &iv,
+                                   &rbuf);
+  GNUNET_break (0 == gcry_kdf_derive (rbuf,
+                                      buf_len,
+                                      GCRY_KDF_SCRYPT,
+                                      1 /* subalgo */,
+                                      salt,
+                                      strlen (salt),
+                                      2 /* iterations; keep cost of individual op small */,
+                                      sizeof(struct GNUNET_HashCode),
+                                      result));
+#else
+  GNUNET_break (0 == gcry_kdf_derive (buf,
+                                      buf_len,
+                                      GCRY_KDF_SCRYPT,
+                                      1 /* subalgo */,
+                                      salt,
+                                      strlen (salt),
+                                      2 /* iterations; keep cost of individual op small */,
+                                      sizeof(struct GNUNET_HashCode),
+                                      result));
+#endif
+}
+/* end of crypto_pow.c */

diff --git a/src/util/crypto_pow.c b/src/util/crypto_pow.c new file mode 100644 index 000000000..af6837e03 --- /dev/null +++ b/src/util/crypto_pow.c
@@ -0,0 +1,98 @@
	1	/*
	2	This file is part of GNUnet.
	3	Copyright (C) 2012, 2013, 2019 GNUnet e.V.
	4
	5	GNUnet is free software: you can redistribute it and/or modify it
	6	under the terms of the GNU Affero General Public License as published
	7	by the Free Software Foundation, either version 3 of the License,
	8	or (at your option) any later version.
	9
	10	GNUnet is distributed in the hope that it will be useful, but
	11	WITHOUT ANY WARRANTY; without even the implied warranty of
	12	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	13	Affero General Public License for more details.
	14
	15	You should have received a copy of the GNU Affero General Public License
	16	along with this program. If not, see <http://www.gnu.org/licenses/>.
	17
	18	SPDX-License-Identifier: AGPL3.0-or-later
	19	*/
	20	/**
	21	* @file util/crypto_pow.c
	22	* @brief proof-of-work hashing
	23	* @author Christian Grothoff
	24	* @author Bart Polot
	25	*/
	26	#include "platform.h"
	27	#include "gnunet_crypto_lib.h"
	28	#include <gcrypt.h>
	29
	30	/* FIXME: change to 1 for #3795 / 0.12! */
	31	#define NEW_CRYPTO 0
	32
	33	/**
	34	* Calculate the 'proof-of-work' hash (an expensive hash).
	35	* We're using a non-standard formula to avoid issues with
	36	* ASICs appearing (see #3795).
	37	*
	38	* @param salt salt for the hash
	39	* @param buf data to hash
	40	* @param buf_len number of bytes in @a buf
	41	* @param result where to write the resulting hash
	42	*/
	43	void
	44	GNUNET_CRYPTO_pow_hash (const char *salt,
	45	const void *buf,
	46	size_t buf_len,
	47	struct GNUNET_HashCode *result)
	48	{
	49	#if NEW_CRYPTO
	50	struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
	51	struct GNUNET_CRYPTO_SymmetricSessionKey skey;
	52	char rbuf[buf_len];
	53
	54	GNUNET_break (0 == gcry_kdf_derive (buf,
	55	buf_len,
	56	GCRY_KDF_SCRYPT,
	57	1 /* subalgo */,
	58	salt,
	59	strlen (salt),
	60	2 /* iterations; keep cost of individual op small */,
	61	sizeof(skey),
	62	&skey));
	63	GNUNET_CRYPTO_symmetric_derive_iv (&iv,
	64	&skey,
	65	"gnunet-proof-of-work-iv",
	66	strlen ("gnunet-proof-of-work-iv"),
	67	salt,
	68	strlen (salt),
	69	NULL, 0);
	70	GNUNET_CRYPTO_symmetric_encrypt (buf,
	71	buf_len,
	72	&skey,
	73	&iv,
	74	&rbuf);
	75	GNUNET_break (0 == gcry_kdf_derive (rbuf,
	76	buf_len,
	77	GCRY_KDF_SCRYPT,
	78	1 /* subalgo */,
	79	salt,
	80	strlen (salt),
	81	2 /* iterations; keep cost of individual op small */,
	82	sizeof(struct GNUNET_HashCode),
	83	result));
	84	#else
	85	GNUNET_break (0 == gcry_kdf_derive (buf,
	86	buf_len,
	87	GCRY_KDF_SCRYPT,
	88	1 /* subalgo */,
	89	salt,
	90	strlen (salt),
	91	2 /* iterations; keep cost of individual op small */,
	92	sizeof(struct GNUNET_HashCode),
	93	result));
	94	#endif
	95	}
	96
	97
	98	/* end of crypto_pow.c */