remove argon2 dependency. Use limited libsodium argon2id function for GNS and NSE

README

@@ -96,8 +96,6 @@ These are the direct dependencies for running GNUnet:
 - which                             (contrib/apparmor(?), gnunet-bugreport,
                                      and possibly more)
 - zlib
-- argon2             >= 20190702    (for proof-of-work calculations in
-                                     revocation)
 - libsodium          >= 1.0.11      (for elliptic curve cryptography)
 
 These are the dependencies for GNUnet's testsuite:

configure.ac

@@ -1033,20 +1033,10 @@ AS_IF([test x$nss = xfalse],
 AC_CHECK_LIB([kvm],[kvm_open])
 AC_CHECK_LIB([kstat],[kstat_open])
 
-argon=0
-# test for argon2 (for POW)
-AC_CHECK_LIB([argon2],[argon2d_hash_raw], argon=1, argon=0)
-AS_IF([test x$argon = x1],
-[
- AC_MSG_RESULT([argon2 found])
-],[
- AC_MSG_ERROR([GNUnet requires argon2.])
-])
-
 libsodium=0
 # test for libsodium
 AC_CHECK_HEADER([sodium.h],
-                [AC_CHECK_LIB([sodium], [sodium_init],
+                [AC_CHECK_LIB([sodium], [crypto_pwhash_argon2id],
                               [libsodium=1])])
 
 AS_IF([test x$libsodium = x0],

src/include/gnunet_crypto_lib.h

@@ -659,7 +659,7 @@ GNUNET_CRYPTO_hash (const void *block,
 /**
  * Calculate the 'proof-of-work' hash (an expensive hash).
  *
- * @param salt salt to use in pow calculation
+ * @param salt salt for the hash. Must be crypto_pwhash_argon2id_SALTBYTES long.
  * @param buf data to hash
  * @param buf_len number of bytes in @a buf
  * @param result where to write the resulting hash

src/nse/gnunet-service-nse.c

@@ -806,7 +806,7 @@ check_proof_of_work (const struct GNUNET_CRYPTO_EddsaPublicKey *pkey,
   GNUNET_memcpy (&buf[sizeof(val)],
                  pkey,
                  sizeof(struct GNUNET_CRYPTO_EddsaPublicKey));
-  GNUNET_CRYPTO_pow_hash ("gnunet-nse-proof-of-work",
+  GNUNET_CRYPTO_pow_hash ("gnunet-nse-proof",
                           buf,
                           sizeof(buf),
                           &result);
@@ -861,7 +861,7 @@ find_proof (void *cls)
   while ((counter != UINT64_MAX) && (i < ROUND_SIZE))
   {
     GNUNET_memcpy (buf, &counter, sizeof(uint64_t));
-    GNUNET_CRYPTO_pow_hash ("gnunet-nse-proof-of-work",
+    GNUNET_CRYPTO_pow_hash ("gnunet-nse-proof",
                             buf,
                             sizeof(buf),
                             &result);

src/nse/perf_kdf.c

@@ -37,7 +37,7 @@ perfHash ()
 
   memset (buf, 1, sizeof(buf));
   for (unsigned int i = 0; i < 1024; i++)
-    GNUNET_CRYPTO_pow_hash ("gnunet-proof-of-work",
+    GNUNET_CRYPTO_pow_hash ("gnunet-nse-proof",
                             buf,
                             sizeof(buf),
                             &hc);

src/revocation/revocation_api.c

@@ -483,7 +483,7 @@ GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_PowP *pow,
   {
     pow_val = GNUNET_ntohll (pow->pow[i]);
     GNUNET_memcpy (buf, &pow->pow[i], sizeof(uint64_t));
-    GNUNET_CRYPTO_pow_hash ("gnunet-revocation-proof-of-work",
+    GNUNET_CRYPTO_pow_hash ("GnsRevocationPow",
                             buf,
                             sizeof(buf),
                             &result);
@@ -642,7 +642,7 @@ GNUNET_REVOCATION_pow_round (struct GNUNET_REVOCATION_PowCalculationHandle *pc)
   GNUNET_memcpy (&buf[sizeof(uint64_t) * 2],
                  &pc->pow->key,
                  sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey));
-  GNUNET_CRYPTO_pow_hash ("gnunet-revocation-proof-of-work",
+  GNUNET_CRYPTO_pow_hash ("GnsRevocationPow",
                           buf,
                           sizeof(buf),
                           &result);

src/util/Makefile.am

@@ -131,7 +131,6 @@ libgnunetutil_la_LIBADD = \
   $(LIBIDN) $(LIBIDN2) \
   $(Z_LIBS) \
   -lunistring \
-  -largon2 \
   -lsodium \
   $(XLIB) \
   $(PTHREAD)

src/util/crypto_pow.c

@@ -25,14 +25,14 @@
  */
 #include "platform.h"
 #include "gnunet_crypto_lib.h"
-#include <argon2.h>
+#include <sodium.h>
 
 /**
  * Calculate the 'proof-of-work' hash (an expensive hash).
  * We're using a non-standard formula to avoid issues with
  * ASICs appearing (see #3795).
  *
- * @param salt salt for the hash
+ * @param salt salt for the hash. Must be crypto_pwhash_argon2id_SALTBYTES long.
  * @param buf data to hash
  * @param buf_len number of bytes in @a buf
  * @param result where to write the resulting hash
@@ -43,16 +43,17 @@ GNUNET_CRYPTO_pow_hash (const char *salt,
                         size_t buf_len,
                         struct GNUNET_HashCode *result)
 {
-  GNUNET_break (ARGON2_OK ==
-                argon2id_hash_raw (3, /* iterations */
-                                   1024,              /* memory (1 MiB) */
-                                   1,              /* threads */
-                                   buf,
-                                   buf_len,
-                                   salt,
-                                   strlen (salt),
-                                   result,
-                                   sizeof (struct GNUNET_HashCode)));
+  GNUNET_assert (strlen (salt) == crypto_pwhash_argon2id_SALTBYTES);
+  /* Threads hardcoded at 1 in libsodium */
+  GNUNET_break (0 ==
+                crypto_pwhash_argon2id ((unsigned char *) result,
+                                        sizeof (struct GNUNET_HashCode),
+                                        buf,
+                                        buf_len,
+                                        (unsigned char*) salt,
+                                        3, /* iterations */
+                                        1024 * 1024, /* memory (1 MiB) */
+                                        crypto_pwhash_argon2id_ALG_ARGON2ID13));
 }
 
 

src/util/gnunet-scrypt.c

@@ -117,7 +117,7 @@ find_proof (void *cls)
   while ((counter != UINT64_MAX) && (i < ROUND_SIZE))
   {
     GNUNET_memcpy (buf, &counter, sizeof(uint64_t));
-    GNUNET_CRYPTO_pow_hash ("gnunet-nse-proof-of-work",
+    GNUNET_CRYPTO_pow_hash ("gnunet-nse-proof",
                             buf,
                             sizeof(buf),
                             &result);