From 252641fac99f52ab225fbba3a305b5e0396338c0 Mon Sep 17 00:00:00 2001 From: "Schanzenbach, Martin" Date: Fri, 17 Apr 2020 19:58:40 +0200 Subject: add argon2 for LSD0001 --- src/util/Makefile.am | 1 + src/util/crypto_pow.c | 59 +++++++++++++++++++++++++++++++-------------------- 2 files changed, 37 insertions(+), 23 deletions(-) (limited to 'src/util') diff --git a/src/util/Makefile.am b/src/util/Makefile.am index ae72abb44..fed0dad79 100644 --- a/src/util/Makefile.am +++ b/src/util/Makefile.am @@ -133,6 +133,7 @@ libgnunetutil_la_LIBADD = \ $(LIBIDN) $(LIBIDN2) \ $(Z_LIBS) \ -lunistring \ + -largon2 \ $(XLIB) \ $(PTHREAD) diff --git a/src/util/crypto_pow.c b/src/util/crypto_pow.c index 9b20ab345..d3e4dbc43 100644 --- a/src/util/crypto_pow.c +++ b/src/util/crypto_pow.c @@ -25,7 +25,9 @@ */ #include "platform.h" #include "gnunet_crypto_lib.h" -#include +#include + +#define LSD001 /** * Calculate the 'proof-of-work' hash (an expensive hash). @@ -44,21 +46,21 @@ GNUNET_CRYPTO_pow_hash (const char *salt, struct GNUNET_HashCode *result) { #ifdef LSD001 - char twofish_iv[128 / 8]; //128 bit IV - char twofish_key[256 / 8]; //256 bit Key + char twofish_iv[128 / 8]; // 128 bit IV + char twofish_key[256 / 8]; // 256 bit Key char rbuf[buf_len]; int rc; gcry_cipher_hd_t handle; - GNUNET_break (0 == gcry_kdf_derive (buf, - buf_len, - GCRY_KDF_SCRYPT, - 1 /* subalgo */, - salt, - strlen (salt), - 2 /* iterations; keep cost of individual op small */, - sizeof(twofish_key), - &twofish_key)); + GNUNET_break (ARGON2_OK == argon2d_hash_raw (2, /* iterations */ + 100000, /* memory (kb) */ + 1, /* threads */ + buf, + buf_len, + salt, + strlen (salt), + &twofish_key, + sizeof (twofish_key))); GNUNET_CRYPTO_kdf (twofish_iv, sizeof (twofish_iv), @@ -80,22 +82,33 @@ GNUNET_CRYPTO_pow_hash (const char *salt, twofish_iv, sizeof(twofish_iv)); GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); - GNUNET_assert (0 == gcry_cipher_encrypt (handle, &rbuf, buf_len, buf, buf_len)); + GNUNET_assert (0 == gcry_cipher_encrypt (handle, &rbuf, buf_len, buf, + buf_len)); gcry_cipher_close (handle); + GNUNET_break (ARGON2_OK == argon2d_hash_raw (2, /* iterations */ + 100000, /* memory */ + 1, /* threads */ + rbuf, + buf_len, + salt, + strlen (salt), + result, + sizeof (struct GNUNET_HashCode))); + #else struct GNUNET_CRYPTO_SymmetricInitializationVector iv; struct GNUNET_CRYPTO_SymmetricSessionKey skey; char rbuf[buf_len]; - GNUNET_break (0 == gcry_kdf_derive (buf, - buf_len, - GCRY_KDF_SCRYPT, - 1 /* subalgo */, - salt, - strlen (salt), - 2 /* iterations; keep cost of individual op small */, - sizeof(skey), - &skey)); + GNUNET_break (ARGON2_OK == argon2d_hash_raw (buf, + buf_len, + GCRY_KDF_SCRYPT, + 1 /* subalgo */, + salt, + strlen (salt), + 2 /* iterations; keep cost of individual op small */, + sizeof(skey), + &skey)); GNUNET_CRYPTO_symmetric_derive_iv (&iv, &skey, "gnunet-proof-of-work-iv", @@ -108,7 +121,6 @@ GNUNET_CRYPTO_pow_hash (const char *salt, &skey, &iv, &rbuf); -#endif GNUNET_break (0 == gcry_kdf_derive (rbuf, buf_len, GCRY_KDF_SCRYPT, @@ -118,6 +130,7 @@ GNUNET_CRYPTO_pow_hash (const char *salt, 2 /* iterations; keep cost of individual op small */, sizeof(struct GNUNET_HashCode), result)); +#endif } -- cgit v1.2.3 From 2be21d379f34329dd38b66242701549731261828 Mon Sep 17 00:00:00 2001 From: "Schanzenbach, Martin" Date: Fri, 17 Apr 2020 19:58:40 +0200 Subject: add argon2 for LSD0001 --- src/util/Makefile.am | 1 + src/util/crypto_pow.c | 59 +++++++++++++++++++++++++++++++-------------------- 2 files changed, 37 insertions(+), 23 deletions(-) (limited to 'src/util') diff --git a/src/util/Makefile.am b/src/util/Makefile.am index ae72abb44..fed0dad79 100644 --- a/src/util/Makefile.am +++ b/src/util/Makefile.am @@ -133,6 +133,7 @@ libgnunetutil_la_LIBADD = \ $(LIBIDN) $(LIBIDN2) \ $(Z_LIBS) \ -lunistring \ + -largon2 \ $(XLIB) \ $(PTHREAD) diff --git a/src/util/crypto_pow.c b/src/util/crypto_pow.c index 9b20ab345..d3e4dbc43 100644 --- a/src/util/crypto_pow.c +++ b/src/util/crypto_pow.c @@ -25,7 +25,9 @@ */ #include "platform.h" #include "gnunet_crypto_lib.h" -#include +#include + +#define LSD001 /** * Calculate the 'proof-of-work' hash (an expensive hash). @@ -44,21 +46,21 @@ GNUNET_CRYPTO_pow_hash (const char *salt, struct GNUNET_HashCode *result) { #ifdef LSD001 - char twofish_iv[128 / 8]; //128 bit IV - char twofish_key[256 / 8]; //256 bit Key + char twofish_iv[128 / 8]; // 128 bit IV + char twofish_key[256 / 8]; // 256 bit Key char rbuf[buf_len]; int rc; gcry_cipher_hd_t handle; - GNUNET_break (0 == gcry_kdf_derive (buf, - buf_len, - GCRY_KDF_SCRYPT, - 1 /* subalgo */, - salt, - strlen (salt), - 2 /* iterations; keep cost of individual op small */, - sizeof(twofish_key), - &twofish_key)); + GNUNET_break (ARGON2_OK == argon2d_hash_raw (2, /* iterations */ + 100000, /* memory (kb) */ + 1, /* threads */ + buf, + buf_len, + salt, + strlen (salt), + &twofish_key, + sizeof (twofish_key))); GNUNET_CRYPTO_kdf (twofish_iv, sizeof (twofish_iv), @@ -80,22 +82,33 @@ GNUNET_CRYPTO_pow_hash (const char *salt, twofish_iv, sizeof(twofish_iv)); GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); - GNUNET_assert (0 == gcry_cipher_encrypt (handle, &rbuf, buf_len, buf, buf_len)); + GNUNET_assert (0 == gcry_cipher_encrypt (handle, &rbuf, buf_len, buf, + buf_len)); gcry_cipher_close (handle); + GNUNET_break (ARGON2_OK == argon2d_hash_raw (2, /* iterations */ + 100000, /* memory */ + 1, /* threads */ + rbuf, + buf_len, + salt, + strlen (salt), + result, + sizeof (struct GNUNET_HashCode))); + #else struct GNUNET_CRYPTO_SymmetricInitializationVector iv; struct GNUNET_CRYPTO_SymmetricSessionKey skey; char rbuf[buf_len]; - GNUNET_break (0 == gcry_kdf_derive (buf, - buf_len, - GCRY_KDF_SCRYPT, - 1 /* subalgo */, - salt, - strlen (salt), - 2 /* iterations; keep cost of individual op small */, - sizeof(skey), - &skey)); + GNUNET_break (ARGON2_OK == argon2d_hash_raw (buf, + buf_len, + GCRY_KDF_SCRYPT, + 1 /* subalgo */, + salt, + strlen (salt), + 2 /* iterations; keep cost of individual op small */, + sizeof(skey), + &skey)); GNUNET_CRYPTO_symmetric_derive_iv (&iv, &skey, "gnunet-proof-of-work-iv", @@ -108,7 +121,6 @@ GNUNET_CRYPTO_pow_hash (const char *salt, &skey, &iv, &rbuf); -#endif GNUNET_break (0 == gcry_kdf_derive (rbuf, buf_len, GCRY_KDF_SCRYPT, @@ -118,6 +130,7 @@ GNUNET_CRYPTO_pow_hash (const char *salt, 2 /* iterations; keep cost of individual op small */, sizeof(struct GNUNET_HashCode), result)); +#endif } -- cgit v1.2.3 From 7055edb1ab58c1968d647db7e2bf7a19226066bb Mon Sep 17 00:00:00 2001 From: "Schanzenbach, Martin" Date: Fri, 17 Apr 2020 22:52:28 +0200 Subject: update params --- src/util/crypto_pow.c | 34 ++++++++++++++++++---------------- 1 file changed, 18 insertions(+), 16 deletions(-) (limited to 'src/util') diff --git a/src/util/crypto_pow.c b/src/util/crypto_pow.c index d3e4dbc43..5e225f244 100644 --- a/src/util/crypto_pow.c +++ b/src/util/crypto_pow.c @@ -25,9 +25,10 @@ */ #include "platform.h" #include "gnunet_crypto_lib.h" +#include #include -#define LSD001 +#define LSD0001 /** * Calculate the 'proof-of-work' hash (an expensive hash). @@ -45,15 +46,15 @@ GNUNET_CRYPTO_pow_hash (const char *salt, size_t buf_len, struct GNUNET_HashCode *result) { -#ifdef LSD001 +#ifdef LSD0001 char twofish_iv[128 / 8]; // 128 bit IV char twofish_key[256 / 8]; // 256 bit Key char rbuf[buf_len]; int rc; gcry_cipher_hd_t handle; - GNUNET_break (ARGON2_OK == argon2d_hash_raw (2, /* iterations */ - 100000, /* memory (kb) */ + GNUNET_break (ARGON2_OK == argon2d_hash_raw (3, /* iterations */ + 1024, /* memory (1 MiB) */ 1, /* threads */ buf, buf_len, @@ -85,30 +86,31 @@ GNUNET_CRYPTO_pow_hash (const char *salt, GNUNET_assert (0 == gcry_cipher_encrypt (handle, &rbuf, buf_len, buf, buf_len)); gcry_cipher_close (handle); - GNUNET_break (ARGON2_OK == argon2d_hash_raw (2, /* iterations */ - 100000, /* memory */ + GNUNET_break (ARGON2_OK == argon2d_hash_raw (3, /* iterations */ + 1024, /* memory (1 MiB) */ 1, /* threads */ rbuf, buf_len, salt, strlen (salt), result, - sizeof (struct GNUNET_HashCode))); + sizeof (struct + GNUNET_HashCode))); #else struct GNUNET_CRYPTO_SymmetricInitializationVector iv; struct GNUNET_CRYPTO_SymmetricSessionKey skey; char rbuf[buf_len]; - GNUNET_break (ARGON2_OK == argon2d_hash_raw (buf, - buf_len, - GCRY_KDF_SCRYPT, - 1 /* subalgo */, - salt, - strlen (salt), - 2 /* iterations; keep cost of individual op small */, - sizeof(skey), - &skey)); + GNUNET_break (0 == gcry_kdf_derive (buf, + buf_len, + GCRY_KDF_SCRYPT, + 1 /* subalgo */, + salt, + strlen (salt), + 2 /* iterations; keep cost of individual op small */, + sizeof(skey), + &skey)); GNUNET_CRYPTO_symmetric_derive_iv (&iv, &skey, "gnunet-proof-of-work-iv", -- cgit v1.2.3 From 91cccda131a12be139d50effe4657c6b24e36135 Mon Sep 17 00:00:00 2001 From: "Schanzenbach, Martin" Date: Fri, 17 Apr 2020 22:55:52 +0200 Subject: revert --- src/util/crypto_pow.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) (limited to 'src/util') diff --git a/src/util/crypto_pow.c b/src/util/crypto_pow.c index 435bf34d6..5e225f244 100644 --- a/src/util/crypto_pow.c +++ b/src/util/crypto_pow.c @@ -102,15 +102,15 @@ GNUNET_CRYPTO_pow_hash (const char *salt, struct GNUNET_CRYPTO_SymmetricSessionKey skey; char rbuf[buf_len]; - GNUNET_break (ARGON2_OK == argon2d_hash_raw (buf, - buf_len, - GCRY_KDF_SCRYPT, - 1 /* subalgo */, - salt, - strlen (salt), - 2 /* iterations; keep cost of individual op small */, - sizeof(skey), - &skey)); + GNUNET_break (0 == gcry_kdf_derive (buf, + buf_len, + GCRY_KDF_SCRYPT, + 1 /* subalgo */, + salt, + strlen (salt), + 2 /* iterations; keep cost of individual op small */, + sizeof(skey), + &skey)); GNUNET_CRYPTO_symmetric_derive_iv (&iv, &skey, "gnunet-proof-of-work-iv", -- cgit v1.2.3 From f00c18e631ce8bdaf80d20f236ef275c9cb99291 Mon Sep 17 00:00:00 2001 From: "Schanzenbach, Martin" Date: Sat, 18 Apr 2020 19:46:44 +0200 Subject: simplify pow even more; add timestamp to revocation pow --- src/include/gnunet_revocation_service.h | 4 +++ src/revocation/gnunet-revocation.c | 22 ++++++++++++++++- src/revocation/gnunet-service-revocation.c | 3 +++ src/revocation/plugin_block_revocation.c | 3 +++ src/revocation/revocation.h | 5 ++++ src/revocation/revocation_api.c | 17 +++++++++++-- src/util/crypto_pow.c | 39 ------------------------------ 7 files changed, 51 insertions(+), 42 deletions(-) (limited to 'src/util') diff --git a/src/include/gnunet_revocation_service.h b/src/include/gnunet_revocation_service.h index 7222cedc1..1e1abb787 100644 --- a/src/include/gnunet_revocation_service.h +++ b/src/include/gnunet_revocation_service.h @@ -105,6 +105,7 @@ struct GNUNET_REVOCATION_Handle; * @param key public key of the key to revoke * @param sig signature to use on the revocation (should have been * created using #GNUNET_REVOCATION_sign_revocation). + * @param ts revocation timestamp * @param pow proof of work to use (should have been created by * iteratively calling #GNUNET_REVOCATION_check_pow) * @param func funtion to call with the result of the check @@ -117,6 +118,7 @@ struct GNUNET_REVOCATION_Handle * GNUNET_REVOCATION_revoke (const struct GNUNET_CONFIGURATION_Handle *cfg, const struct GNUNET_CRYPTO_EcdsaPublicKey *key, const struct GNUNET_CRYPTO_EcdsaSignature *sig, + const struct GNUNET_TIME_Absolute *ts, uint64_t pow, GNUNET_REVOCATION_Callback func, void *func_cls); @@ -135,12 +137,14 @@ GNUNET_REVOCATION_revoke_cancel (struct GNUNET_REVOCATION_Handle *h); * would be acceptable for revoking the given key. * * @param key key to check for + * @param ts revocation timestamp * @param pow proof of work value * @param matching_bits how many bits must match (configuration) * @return #GNUNET_YES if the @a pow is acceptable, #GNUNET_NO if not */ int GNUNET_REVOCATION_check_pow (const struct GNUNET_CRYPTO_EcdsaPublicKey *key, + const struct GNUNET_TIME_Absolute *ts, uint64_t pow, unsigned int matching_bits); diff --git a/src/revocation/gnunet-revocation.c b/src/revocation/gnunet-revocation.c index f5aa2d17e..42ec71d16 100644 --- a/src/revocation/gnunet-revocation.c +++ b/src/revocation/gnunet-revocation.c @@ -202,6 +202,11 @@ struct RevocationData */ struct GNUNET_CRYPTO_EcdsaSignature sig; + /** + * Time of revocation + */ + struct GNUNET_TIME_AbsoluteNBO ts; + /** * Proof of work (in NBO). */ @@ -215,9 +220,13 @@ struct RevocationData static void perform_revocation (const struct RevocationData *rd) { + struct GNUNET_TIME_Absolute ts; + + ts = GNUNET_TIME_absolute_ntoh (rd->ts); h = GNUNET_REVOCATION_revoke (cfg, &rd->key, &rd->sig, + &ts, rd->pow, &print_revocation_result, NULL); @@ -273,6 +282,7 @@ static void calculate_pow (void *cls) { struct RevocationData *rd = cls; + struct GNUNET_TIME_Absolute ts = GNUNET_TIME_absolute_ntoh (rd->ts); /* store temporary results */ pow_task = NULL; @@ -290,6 +300,7 @@ calculate_pow (void *cls) /* actually do POW calculation */ rd->pow++; if (GNUNET_OK == GNUNET_REVOCATION_check_pow (&rd->key, + &ts, rd->pow, (unsigned int) matching_bits)) { @@ -331,6 +342,7 @@ ego_callback (void *cls, const struct GNUNET_IDENTITY_Ego *ego) { struct RevocationData *rd; struct GNUNET_CRYPTO_EcdsaPublicKey key; + struct GNUNET_TIME_Absolute ts; el = NULL; if (NULL == ego) @@ -361,9 +373,14 @@ ego_callback (void *cls, const struct GNUNET_IDENTITY_Ego *ego) ego), &rd->sig); rd->key = key; + rd->ts = GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get ()); } + ts = GNUNET_TIME_absolute_ntoh (rd->ts); if (GNUNET_YES == - GNUNET_REVOCATION_check_pow (&key, rd->pow, (unsigned int) matching_bits)) + GNUNET_REVOCATION_check_pow (&key, + &ts, + rd->pow, + (unsigned int) matching_bits)) { fprintf (stderr, "%s", _ ("Revocation certificate ready\n")); if (perform) @@ -397,6 +414,7 @@ run (void *cls, { struct GNUNET_CRYPTO_EcdsaPublicKey pk; struct RevocationData rd; + struct GNUNET_TIME_Absolute ts; cfg = c; if (NULL != test_ego) @@ -453,8 +471,10 @@ run (void *cls, return; } GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL); + ts = GNUNET_TIME_absolute_ntoh (rd.ts); if (GNUNET_YES != GNUNET_REVOCATION_check_pow (&rd.key, + &ts, rd.pow, (unsigned int) matching_bits)) { diff --git a/src/revocation/gnunet-service-revocation.c b/src/revocation/gnunet-service-revocation.c index 3e811cd9a..ff75faa2c 100644 --- a/src/revocation/gnunet-service-revocation.c +++ b/src/revocation/gnunet-service-revocation.c @@ -167,8 +167,11 @@ new_peer_entry (const struct GNUNET_PeerIdentity *peer) static int verify_revoke_message (const struct RevokeMessage *rm) { + struct GNUNET_TIME_Absolute ts; + ts = GNUNET_TIME_absolute_ntoh (rm->ts); if (GNUNET_YES != GNUNET_REVOCATION_check_pow (&rm->public_key, + &ts, rm->proof_of_work, (unsigned int) revocation_work_required)) { diff --git a/src/revocation/plugin_block_revocation.c b/src/revocation/plugin_block_revocation.c index 8d16b8781..57234fa36 100644 --- a/src/revocation/plugin_block_revocation.c +++ b/src/revocation/plugin_block_revocation.c @@ -134,6 +134,7 @@ block_plugin_revocation_evaluate (void *cls, struct InternalContext *ic = cls; struct GNUNET_HashCode chash; const struct RevokeMessage *rm = reply_block; + struct GNUNET_TIME_Absolute ts; if (NULL == reply_block) return GNUNET_BLOCK_EVALUATION_REQUEST_VALID; @@ -142,8 +143,10 @@ block_plugin_revocation_evaluate (void *cls, GNUNET_break_op (0); return GNUNET_BLOCK_EVALUATION_RESULT_INVALID; } + ts = GNUNET_TIME_absolute_ntoh (rm->ts); if (GNUNET_YES != GNUNET_REVOCATION_check_pow (&rm->public_key, + &ts, rm->proof_of_work, ic->matching_bits)) { diff --git a/src/revocation/revocation.h b/src/revocation/revocation.h index b6e7a07ec..184f58e0a 100644 --- a/src/revocation/revocation.h +++ b/src/revocation/revocation.h @@ -88,6 +88,11 @@ struct RevokeMessage */ uint32_t reserved GNUNET_PACKED; + /** + * Timestamp + */ + struct GNUNET_TIME_AbsoluteNBO ts; + /** * Number that causes a hash collision with the @e public_key. */ diff --git a/src/revocation/revocation_api.c b/src/revocation/revocation_api.c index 4755d4816..c2aafd254 100644 --- a/src/revocation/revocation_api.c +++ b/src/revocation/revocation_api.c @@ -235,6 +235,7 @@ handle_revocation_response (void *cls, * @param key public key of the key to revoke * @param sig signature to use on the revocation (should have been * created using #GNUNET_REVOCATION_sign_revocation). + * @param ts revocation timestamp * @param pow proof of work to use (should have been created by * iteratively calling #GNUNET_REVOCATION_check_pow) * @param func funtion to call with the result of the check @@ -247,6 +248,7 @@ struct GNUNET_REVOCATION_Handle * GNUNET_REVOCATION_revoke (const struct GNUNET_CONFIGURATION_Handle *cfg, const struct GNUNET_CRYPTO_EcdsaPublicKey *key, const struct GNUNET_CRYPTO_EcdsaSignature *sig, + const struct GNUNET_TIME_Absolute *ts, uint64_t pow, GNUNET_REVOCATION_Callback func, void *func_cls) @@ -271,6 +273,7 @@ GNUNET_REVOCATION_revoke (const struct GNUNET_CONFIGURATION_Handle *cfg, &matching_bits)) && (GNUNET_YES != GNUNET_REVOCATION_check_pow (key, + ts, pow, (unsigned int) matching_bits))) { @@ -346,22 +349,32 @@ count_leading_zeroes (const struct GNUNET_HashCode *hash) * would be acceptable for revoking the given key. * * @param key key to check for + * @param ts revocation timestamp * @param pow proof of work value * @param matching_bits how many bits must match (configuration) * @return #GNUNET_YES if the @a pow is acceptable, #GNUNET_NO if not */ int GNUNET_REVOCATION_check_pow (const struct GNUNET_CRYPTO_EcdsaPublicKey *key, + const struct GNUNET_TIME_Absolute *ts, uint64_t pow, unsigned int matching_bits) { char buf[sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey) - + sizeof(pow)] GNUNET_ALIGN; + + sizeof(pow) + + sizeof (struct GNUNET_TIME_AbsoluteNBO)] GNUNET_ALIGN; struct GNUNET_HashCode result; + struct GNUNET_TIME_AbsoluteNBO ts_nbo; - GNUNET_memcpy (buf, &pow, sizeof(pow)); + ts_nbo = GNUNET_TIME_absolute_hton (*ts); + + GNUNET_memcpy (buf, &pow, sizeof(pow)) ; GNUNET_memcpy (&buf[sizeof(pow)], key, sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)); + GNUNET_memcpy (&buf[sizeof(pow) + sizeof (struct GNUNET_TIME_AbsoluteNBO)], + &ts_nbo, + sizeof (struct GNUNET_TIME_AbsoluteNBO)); + GNUNET_CRYPTO_pow_hash ("gnunet-revocation-proof-of-work", buf, sizeof(buf), diff --git a/src/util/crypto_pow.c b/src/util/crypto_pow.c index 5e225f244..1ab4443d1 100644 --- a/src/util/crypto_pow.c +++ b/src/util/crypto_pow.c @@ -47,12 +47,6 @@ GNUNET_CRYPTO_pow_hash (const char *salt, struct GNUNET_HashCode *result) { #ifdef LSD0001 - char twofish_iv[128 / 8]; // 128 bit IV - char twofish_key[256 / 8]; // 256 bit Key - char rbuf[buf_len]; - int rc; - gcry_cipher_hd_t handle; - GNUNET_break (ARGON2_OK == argon2d_hash_raw (3, /* iterations */ 1024, /* memory (1 MiB) */ 1, /* threads */ @@ -60,39 +54,6 @@ GNUNET_CRYPTO_pow_hash (const char *salt, buf_len, salt, strlen (salt), - &twofish_key, - sizeof (twofish_key))); - - GNUNET_CRYPTO_kdf (twofish_iv, - sizeof (twofish_iv), - "gnunet-proof-of-work-iv", - strlen ("gnunet-proof-of-work-iv"), - twofish_key, - sizeof(twofish_key), - salt, - strlen (salt), - NULL, 0); - GNUNET_assert (0 == - gcry_cipher_open (&handle, GCRY_CIPHER_TWOFISH, - GCRY_CIPHER_MODE_CFB, 0)); - rc = gcry_cipher_setkey (handle, - twofish_key, - sizeof(twofish_key)); - GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); - rc = gcry_cipher_setiv (handle, - twofish_iv, - sizeof(twofish_iv)); - GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); - GNUNET_assert (0 == gcry_cipher_encrypt (handle, &rbuf, buf_len, buf, - buf_len)); - gcry_cipher_close (handle); - GNUNET_break (ARGON2_OK == argon2d_hash_raw (3, /* iterations */ - 1024, /* memory (1 MiB) */ - 1, /* threads */ - rbuf, - buf_len, - salt, - strlen (salt), result, sizeof (struct GNUNET_HashCode))); -- cgit v1.2.3 From 091f411cc91975e43d7d994a981b82d45bbc9bcb Mon Sep 17 00:00:00 2001 From: Martin Schanzenbach Date: Tue, 21 Apr 2020 18:37:28 +0200 Subject: purge scrypt; add argon2 --- README | 2 ++ configure.ac | 2 ++ src/util/crypto_pow.c | 40 ---------------------------------------- 3 files changed, 4 insertions(+), 40 deletions(-) (limited to 'src/util') diff --git a/README b/README index f8fd811f8..5c4648b8e 100644 --- a/README +++ b/README @@ -96,6 +96,8 @@ These are the direct dependencies for running GNUnet: - which (contrib/apparmor(?), gnunet-bugreport, and possibly more) - zlib +- argon2 >= 20190702 (for proof-of-work calculations in + revocation) These are the dependencies for GNUnet's testsuite: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/configure.ac b/configure.ac index 3b3c9cbe9..b6e44f90e 100644 --- a/configure.ac +++ b/configure.ac @@ -1033,6 +1033,8 @@ AS_IF([test x$nss = xfalse], AC_CHECK_LIB([kvm],[kvm_open]) AC_CHECK_LIB([kstat],[kstat_open]) +# test for argon2 (for POW) +AC_CHECK_LIB([argon2],[argon2d_hash_raw]) # test for libextractor extractor=0 diff --git a/src/util/crypto_pow.c b/src/util/crypto_pow.c index 1ab4443d1..35511a130 100644 --- a/src/util/crypto_pow.c +++ b/src/util/crypto_pow.c @@ -25,11 +25,8 @@ */ #include "platform.h" #include "gnunet_crypto_lib.h" -#include #include -#define LSD0001 - /** * Calculate the 'proof-of-work' hash (an expensive hash). * We're using a non-standard formula to avoid issues with @@ -46,7 +43,6 @@ GNUNET_CRYPTO_pow_hash (const char *salt, size_t buf_len, struct GNUNET_HashCode *result) { -#ifdef LSD0001 GNUNET_break (ARGON2_OK == argon2d_hash_raw (3, /* iterations */ 1024, /* memory (1 MiB) */ 1, /* threads */ @@ -58,42 +54,6 @@ GNUNET_CRYPTO_pow_hash (const char *salt, sizeof (struct GNUNET_HashCode))); -#else - struct GNUNET_CRYPTO_SymmetricInitializationVector iv; - struct GNUNET_CRYPTO_SymmetricSessionKey skey; - char rbuf[buf_len]; - - GNUNET_break (0 == gcry_kdf_derive (buf, - buf_len, - GCRY_KDF_SCRYPT, - 1 /* subalgo */, - salt, - strlen (salt), - 2 /* iterations; keep cost of individual op small */, - sizeof(skey), - &skey)); - GNUNET_CRYPTO_symmetric_derive_iv (&iv, - &skey, - "gnunet-proof-of-work-iv", - strlen ("gnunet-proof-of-work-iv"), - salt, - strlen (salt), - NULL, 0); - GNUNET_CRYPTO_symmetric_encrypt (buf, - buf_len, - &skey, - &iv, - &rbuf); - GNUNET_break (0 == gcry_kdf_derive (rbuf, - buf_len, - GCRY_KDF_SCRYPT, - 1 /* subalgo */, - salt, - strlen (salt), - 2 /* iterations; keep cost of individual op small */, - sizeof(struct GNUNET_HashCode), - result)); -#endif } -- cgit v1.2.3