[tarantool-patches] Re: [PATCH v2 0/3] swim encryption preparation

Vladislav Shpilevoy v.shpilevoy at tarantool.org
Mon Apr 29 15:29:37 MSK 2019 

Georgy, please, give a second review.

On 29/04/2019 14:07, Vladislav Shpilevoy wrote:
> SWIM needs encryption because it transmits packets affecting cluster state and
> topology, probably via public networks between datacenters. Tarantool hasn't had
> normal crypto library with useful C API on board until now. OpenSSL was used,
> but its API is crazy, and before this patchset it was used in Lua only, via FFI.
> 
> The patchset moves existing OpenSSL wrappers into a separate library and extends
> it with pretty API. It is going to be used by SWIM.
> 
> Branch: http://github.com/tarantool/tarantool/tree/gerold103/crypto-lib
> 
> Changes in V2:
> - Added new codec 'None';
> - Renamed 'encode/decode' to 'encrypt/decrypt';
> - Removed usage of constants from crypto.c.
> 
> V1: https://www.freelists.org/post/tarantool-patches/PATCH-03-swim-encryption-preparation
> 
> Vladislav Shpilevoy (3):
>   crypto: move crypto business into a separate library
>   crypto: make exported methods conform code style
>   crypto: implement crypto codec API and AES 128 encryption
> 
>  extra/exports                 |  13 +-
>  src/CMakeLists.txt            |   3 +-
>  src/lib/CMakeLists.txt        |   1 +
>  src/lib/core/diag.h           |   2 +
>  src/lib/core/exception.cc     |  25 ++++
>  src/lib/core/exception.h      |   7 +
>  src/lib/crypto/CMakeLists.txt |   5 +
>  src/lib/crypto/crypto.c       | 260 ++++++++++++++++++++++++++++++++++
>  src/lib/crypto/crypto.h       | 142 +++++++++++++++++++
>  src/lua/crypto.c              |  73 ----------
>  src/lua/crypto.h              |  54 -------
>  src/lua/crypto.lua            |  42 +++---
>  src/main.cc                   |   3 +
>  test/unit/CMakeLists.txt      |   3 +
>  test/unit/crypto.c            | 191 +++++++++++++++++++++++++
>  test/unit/crypto.result       |  40 ++++++
>  16 files changed, 706 insertions(+), 158 deletions(-)
>  create mode 100644 src/lib/crypto/CMakeLists.txt
>  create mode 100644 src/lib/crypto/crypto.c
>  create mode 100644 src/lib/crypto/crypto.h
>  delete mode 100644 src/lua/crypto.c
>  delete mode 100644 src/lua/crypto.h
>  create mode 100644 test/unit/crypto.c
>  create mode 100644 test/unit/crypto.result
> 
> -- 
> 2.20.1 (Apple Git-117)
> 
>

More information about the Tarantool-patches mailing list