From: Martin Schanzenbach <mschanzenbach@posteo.de>
Date: Tue, 21 Apr 2020 16:37:28 +0000 (+0200)
Subject: purge scrypt; add argon2
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=091f411cc91975e43d7d994a981b82d45bbc9bcb;p=oweals%2Fgnunet.git

purge scrypt; add argon2
---

diff --git a/README b/README
index f8fd811f8..5c4648b8e 100644
--- a/README
+++ b/README
@@ -96,6 +96,8 @@ These are the direct dependencies for running GNUnet:
 - which                             (contrib/apparmor(?), gnunet-bugreport,
                                      and possibly more)
 - zlib
+- argon2             >= 20190702    (for proof-of-work calculations in
+                                     revocation)
 
 These are the dependencies for GNUnet's testsuite:
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
diff --git a/configure.ac b/configure.ac
index 3b3c9cbe9..b6e44f90e 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1033,6 +1033,8 @@ AS_IF([test x$nss = xfalse],
 AC_CHECK_LIB([kvm],[kvm_open])
 AC_CHECK_LIB([kstat],[kstat_open])
 
+# test for argon2 (for POW)
+AC_CHECK_LIB([argon2],[argon2d_hash_raw])
 
 # test for libextractor
 extractor=0
diff --git a/src/util/crypto_pow.c b/src/util/crypto_pow.c
index 1ab4443d1..35511a130 100644
--- a/src/util/crypto_pow.c
+++ b/src/util/crypto_pow.c
@@ -25,11 +25,8 @@
  */
 #include "platform.h"
 #include "gnunet_crypto_lib.h"
-#include <gcrypt.h>
 #include <argon2.h>
 
-#define LSD0001
-
 /**
  * Calculate the 'proof-of-work' hash (an expensive hash).
  * We're using a non-standard formula to avoid issues with
@@ -46,7 +43,6 @@ GNUNET_CRYPTO_pow_hash (const char *salt,
                         size_t buf_len,
                         struct GNUNET_HashCode *result)
 {
-#ifdef LSD0001
   GNUNET_break (ARGON2_OK == argon2d_hash_raw (3, /* iterations */
                                                1024, /* memory (1 MiB) */
                                                1, /* threads */
@@ -58,42 +54,6 @@ GNUNET_CRYPTO_pow_hash (const char *salt,
                                                sizeof (struct
                                                        GNUNET_HashCode)));
 
-#else
-  struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
-  struct GNUNET_CRYPTO_SymmetricSessionKey skey;
-  char rbuf[buf_len];
-
-  GNUNET_break (0 == gcry_kdf_derive (buf,
-                                      buf_len,
-                                      GCRY_KDF_SCRYPT,
-                                      1 /* subalgo */,
-                                      salt,
-                                      strlen (salt),
-                                      2 /* iterations; keep cost of individual op small */,
-                                      sizeof(skey),
-                                      &skey));
-  GNUNET_CRYPTO_symmetric_derive_iv (&iv,
-                                     &skey,
-                                     "gnunet-proof-of-work-iv",
-                                     strlen ("gnunet-proof-of-work-iv"),
-                                     salt,
-                                     strlen (salt),
-                                     NULL, 0);
-  GNUNET_CRYPTO_symmetric_encrypt (buf,
-                                   buf_len,
-                                   &skey,
-                                   &iv,
-                                   &rbuf);
-  GNUNET_break (0 == gcry_kdf_derive (rbuf,
-                                      buf_len,
-                                      GCRY_KDF_SCRYPT,
-                                      1 /* subalgo */,
-                                      salt,
-                                      strlen (salt),
-                                      2 /* iterations; keep cost of individual op small */,
-                                      sizeof(struct GNUNET_HashCode),
-                                      result));
-#endif
 }