@ -36,39 +36,54 @@
# include "Salsa20.hpp"
# include "Utils.hpp"
// Mask for second byte in hashcash criterion -- making it require
// 13 0 bits at the start of the hash.
# define ZT_IDENTITY_SHA_BYTE1_MASK 0xf8
// These can't be changed without a new identity type. They define the
// parameters of the hashcash hashing/searching algorithm.
# define ZT_IDENTITY_GEN_HASHCASH_FIRST_BYTE_LESS_THAN 5
# define ZT_IDENTITY_GEN_MEMORY 8388608
namespace ZeroTier {
static inline void _computeMemoryHardHash ( const void * publicKey , unsigned int publicKeyBytes , void * sha512digest )
{
unsigned char genmem [ ZT_IDENTITY_GEN_MEMORY ] ;
// Step 1: hash key to generate Salsa20 key and nonce
SHA512 : : hash ( sha512digest , publicKey , publicKeyBytes ) ;
// Step 2: copy key into genmen[], zero rest, encrypt with Salsa20
Salsa20 s20 ( sha512digest , 256 , ( ( char * ) sha512digest ) + 32 ) ;
memcpy ( genmem , publicKey , publicKeyBytes ) ;
memset ( genmem + publicKeyBytes , 0 , ZT_IDENTITY_GEN_MEMORY - publicKeyBytes ) ;
s20 . encrypt ( genmem , genmem , ZT_IDENTITY_GEN_MEMORY ) ;
// Step 3: hash the encrypted public key and the rest of the
// genmem[] bytes of Salsa20 key stream to yield the final hash.
SHA512 : : hash ( sha512digest , genmem , ZT_IDENTITY_GEN_MEMORY ) ;
}
struct _Identity_generate_cond
{
_Identity_generate_cond ( ) throw ( ) { }
_Identity_generate_cond ( char * sb ) throw ( ) : sha512buf ( sb ) { }
_Identity_generate_cond ( unsigned char * sb ) throw ( ) : sha512digest ( sb ) { }
inline bool operator ( ) ( const C25519 : : Pair & kp ) const
throw ( )
{
SHA512 : : hash ( sha512buf , kp . pub . data , kp . pub . size ( ) ) ;
if ( ( ! sha512buf [ 0 ] ) & & ( ! ( sha512buf [ 1 ] & ZT_IDENTITY_SHA_BYTE1_MASK ) ) )
return true ;
return false ;
_computeMemoryHardHash ( kp . pub . data , kp . pub . size ( ) , sha512digest ) ;
return ( sha512digest [ 0 ] < ZT_IDENTITY_GEN_HASHCASH_FIRST_BYTE_LESS_THAN ) ;
}
char * sha512buf ;
unsigned char * sha512digest ;
} ;
void Identity : : generate ( )
{
char sha512buf [ 64 ] ;
unsigned char sha512digest [ 64 ] ;
C25519 : : Pair kp ;
do {
kp = C25519 : : generateSatisfying ( _Identity_generate_cond ( sha512buf ) ) ;
_address . setTo ( sha512buf + 59 , ZT_ADDRESS_LENGTH ) ; // last 5 bytes are address
kp = C25519 : : generateSatisfying ( _Identity_generate_cond ( sha512digest ) ) ;
_address . setTo ( sha512digest + 59 , ZT_ADDRESS_LENGTH ) ; // last 5 bytes are address
} while ( _address . isReserved ( ) ) ;
_publicKey = kp . pub ;
@ -81,18 +96,20 @@ bool Identity::locallyValidate() const
{
if ( _address . isReserved ( ) )
return false ;
char sha512buf [ 64 ] ;
char addrb [ 5 ] ;
unsigned char sha512digest [ 64 ] ;
_computeMemoryHardHash ( _publicKey . data , _publicKey . size ( ) , sha512digest ) ;
unsigned char addrb [ 5 ] ;
_address . copyTo ( addrb , 5 ) ;
SHA512 : : hash ( sha512buf , _publicKey . data , _publicKey . size ( ) ) ;
return (
( ! sha512buf [ 0 ] ) & &
( ! ( sha512buf [ 1 ] & ZT_IDENTITY_SHA_BYTE1_MASK ) ) & &
( sha512buf [ 59 ] = = addrb [ 0 ] ) & &
( sha512buf [ 60 ] = = addrb [ 1 ] ) & &
( sha512buf [ 61 ] = = addrb [ 2 ] ) & &
( sha512buf [ 62 ] = = addrb [ 3 ] ) & &
( sha512buf [ 63 ] = = addrb [ 4 ] ) ) ;
( sha512digest [ 0 ] < ZT_IDENTITY_GEN_HASHCASH_FIRST_BYTE_LESS_THAN ) & &
( sha512digest [ 59 ] = = addrb [ 0 ] ) & &
( sha512digest [ 60 ] = = addrb [ 1 ] ) & &
( sha512digest [ 61 ] = = addrb [ 2 ] ) & &
( sha512digest [ 62 ] = = addrb [ 3 ] ) & &
( sha512digest [ 63 ] = = addrb [ 4 ] ) ) ;
}
std : : string Identity : : toString ( bool includePrivate ) const
@ -145,7 +162,7 @@ bool Identity::fromString(const char *str)
return false ;
}
}
if ( fno < 4 )
if ( fno < 3 )
return false ;
return true ;
Adam Ierymenko
13 years ago