From: Vladislav Shpilevoy <v.shpilevoy@tarantool.org>
To: tarantool-patches@freelists.org
Cc: kostja@tarantool.org, georgy@tarantool.org
Subject: [tarantool-patches] [PATCH v3 2/4] crypto: make exported methods conform code style
Date: Tue, 7 May 2019 23:53:57 +0300 [thread overview]
Message-ID: <a419195af7d1db74e7251cbefbf5bdcc5ab6a51d.1557262174.git.v.shpilevoy@tarantool.org> (raw)
In-Reply-To: <cover.1557262174.git.v.shpilevoy@tarantool.org>
Tarantool has a strict rule for naming methods of libraries - use
the library name as a prefix. For crypto lib methods it should be
'crypto_', not 'tnt_'.
---
| 13 ++++++-------
src/lib/crypto/crypto.c | 31 +++++++++++++++++++++---------
src/lib/crypto/crypto.h | 6 +++++-
src/lua/crypto.lua | 42 ++++++++++++++++++++---------------------
src/main.cc | 3 +++
5 files changed, 56 insertions(+), 39 deletions(-)
--git a/extra/exports b/extra/exports
index 4f41a17b3..562f8a164 100644
--- a/extra/exports
+++ b/extra/exports
@@ -77,13 +77,12 @@ space_run_triggers
space_bsize
box_schema_version
-tnt_openssl_init
-tnt_EVP_CIPHER_key_length
-tnt_EVP_CIPHER_iv_length
-tnt_EVP_MD_CTX_new
-tnt_EVP_MD_CTX_free
-tnt_HMAC_CTX_new
-tnt_HMAC_CTX_free
+crypto_EVP_CIPHER_key_length
+crypto_EVP_CIPHER_iv_length
+crypto_EVP_MD_CTX_new
+crypto_EVP_MD_CTX_free
+crypto_HMAC_CTX_new
+crypto_HMAC_CTX_free
# Module API
diff --git a/src/lib/crypto/crypto.c b/src/lib/crypto/crypto.c
index 28dbc71dd..4b192ba2d 100644
--- a/src/lib/crypto/crypto.c
+++ b/src/lib/crypto/crypto.c
@@ -35,8 +35,8 @@
#include <openssl/ssl.h>
#include <openssl/hmac.h>
-int
-tnt_openssl_init(void)
+void
+crypto_init(void)
{
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
OpenSSL_add_all_digests();
@@ -46,20 +46,30 @@ tnt_openssl_init(void)
OPENSSL_init_crypto(0, NULL);
OPENSSL_init_ssl(0, NULL);
#endif
- return 0;
}
-int tnt_EVP_CIPHER_key_length(const EVP_CIPHER *cipher)
+void
+crypto_free(void)
+{
+#ifdef OPENSSL_cleanup
+ OPENSSL_cleanup();
+#endif
+}
+
+int
+crypto_EVP_CIPHER_key_length(const EVP_CIPHER *cipher)
{
return EVP_CIPHER_key_length(cipher);
}
-int tnt_EVP_CIPHER_iv_length(const EVP_CIPHER *cipher)
+int
+crypto_EVP_CIPHER_iv_length(const EVP_CIPHER *cipher)
{
return EVP_CIPHER_iv_length(cipher);
}
-EVP_MD_CTX *tnt_EVP_MD_CTX_new(void)
+EVP_MD_CTX *
+crypto_EVP_MD_CTX_new(void)
{
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
return EVP_MD_CTX_create();
@@ -68,7 +78,8 @@ EVP_MD_CTX *tnt_EVP_MD_CTX_new(void)
#endif
};
-void tnt_EVP_MD_CTX_free(EVP_MD_CTX *ctx)
+void
+crypto_EVP_MD_CTX_free(EVP_MD_CTX *ctx)
{
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
return EVP_MD_CTX_destroy(ctx);
@@ -77,7 +88,8 @@ void tnt_EVP_MD_CTX_free(EVP_MD_CTX *ctx)
#endif
}
-HMAC_CTX *tnt_HMAC_CTX_new(void)
+HMAC_CTX *
+crypto_HMAC_CTX_new(void)
{
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
HMAC_CTX *ctx = (HMAC_CTX *)OPENSSL_malloc(sizeof(HMAC_CTX));
@@ -92,7 +104,8 @@ HMAC_CTX *tnt_HMAC_CTX_new(void)
}
-void tnt_HMAC_CTX_free(HMAC_CTX *ctx)
+void
+crypto_HMAC_CTX_free(HMAC_CTX *ctx)
{
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
HMAC_cleanup(ctx); /* Remove key from memory */
diff --git a/src/lib/crypto/crypto.h b/src/lib/crypto/crypto.h
index 9026db322..bc807e1a2 100644
--- a/src/lib/crypto/crypto.h
+++ b/src/lib/crypto/crypto.h
@@ -35,7 +35,11 @@
extern "C" {
#endif
-int tnt_openssl_init();
+void
+crypto_init(void);
+
+void
+crypto_free(void);
#if defined(__cplusplus)
}
diff --git a/src/lua/crypto.lua b/src/lua/crypto.lua
index e76370517..30504b1de 100644
--- a/src/lua/crypto.lua
+++ b/src/lua/crypto.lua
@@ -4,7 +4,6 @@ local ffi = require('ffi')
local buffer = require('buffer')
ffi.cdef[[
- int tnt_openssl_init(void);
/* from openssl/err.h */
unsigned long ERR_get_error(void);
char *ERR_error_string(unsigned long e, char *buf);
@@ -14,16 +13,16 @@ ffi.cdef[[
typedef struct {} EVP_MD_CTX;
typedef struct {} EVP_MD;
- EVP_MD_CTX *tnt_EVP_MD_CTX_new(void);
- void tnt_EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+ EVP_MD_CTX *crypto_EVP_MD_CTX_new(void);
+ void crypto_EVP_MD_CTX_free(EVP_MD_CTX *ctx);
int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
const EVP_MD *EVP_get_digestbyname(const char *name);
typedef struct {} HMAC_CTX;
- HMAC_CTX *tnt_HMAC_CTX_new(void);
- void tnt_HMAC_CTX_free(HMAC_CTX *ctx);
+ HMAC_CTX *crypto_HMAC_CTX_new(void);
+ void crypto_HMAC_CTX_free(HMAC_CTX *ctx);
int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
const EVP_MD *md, ENGINE *impl);
int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len);
@@ -40,17 +39,14 @@ ffi.cdef[[
int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
const unsigned char *in, int inl);
int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
- int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *ctx);
- int tnt_EVP_CIPHER_iv_length(const EVP_CIPHER *cipher);
- int tnt_EVP_CIPHER_key_length(const EVP_CIPHER *cipher);
+ int crypto_EVP_CIPHER_iv_length(const EVP_CIPHER *cipher);
+ int crypto_EVP_CIPHER_key_length(const EVP_CIPHER *cipher);
int EVP_CIPHER_block_size(const EVP_CIPHER *cipher);
const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
]]
-ffi.C.tnt_openssl_init();
-
local function openssl_err_str()
return ffi.string(ffi.C.ERR_error_string(ffi.C.ERR_get_error(), nil))
end
@@ -70,11 +66,11 @@ end
local digest_mt = {}
local function digest_gc(ctx)
- ffi.C.tnt_EVP_MD_CTX_free(ctx)
+ ffi.C.crypto_EVP_MD_CTX_free(ctx)
end
local function digest_new(digest)
- local ctx = ffi.C.tnt_EVP_MD_CTX_new()
+ local ctx = ffi.C.crypto_EVP_MD_CTX_new()
if ctx == nil then
return error('Can\'t create digest ctx: ' .. openssl_err_str())
end
@@ -121,7 +117,7 @@ local function digest_final(self)
end
local function digest_free(self)
- ffi.C.tnt_EVP_MD_CTX_free(self.ctx)
+ ffi.C.crypto_EVP_MD_CTX_free(self.ctx)
ffi.gc(self.ctx, nil)
self.ctx = nil
self.initialized = false
@@ -141,14 +137,14 @@ local hmacs = digests
local hmac_mt = {}
local function hmac_gc(ctx)
- ffi.C.tnt_HMAC_CTX_free(ctx)
+ ffi.C.crypto_HMAC_CTX_free(ctx)
end
local function hmac_new(digest, key)
if key == nil then
return error('Key should be specified for HMAC operations')
end
- local ctx = ffi.C.tnt_HMAC_CTX_new()
+ local ctx = ffi.C.crypto_HMAC_CTX_new()
if ctx == nil then
return error('Can\'t create HMAC ctx: ' .. openssl_err_str())
end
@@ -195,7 +191,7 @@ local function hmac_final(self)
end
local function hmac_free(self)
- ffi.C.tnt_HMAC_CTX_free(self.ctx)
+ ffi.C.crypto_HMAC_CTX_free(self.ctx)
ffi.gc(self.ctx, nil)
self.ctx = nil
self.initialized = false
@@ -234,13 +230,15 @@ local function cipher_gc(ctx)
end
local function cipher_new(cipher, key, iv, direction)
- if key == nil or key:len() ~= ffi.C.tnt_EVP_CIPHER_key_length(cipher) then
- return error('Key length should be equal to cipher key length ('
- .. tostring(ffi.C.tnt_EVP_CIPHER_key_length(cipher)) .. ' bytes)')
+ local needed_len = ffi.C.crypto_EVP_CIPHER_key_length(cipher)
+ if key == nil or key:len() ~= needed_len then
+ return error('Key length should be equal to cipher key length ('..
+ tostring(needed_len)..' bytes)')
end
- if iv == nil or iv:len() ~= ffi.C.tnt_EVP_CIPHER_iv_length(cipher) then
- return error('Initial vector length should be equal to cipher iv length ('
- .. tostring(ffi.C.tnt_EVP_CIPHER_iv_length(cipher)) .. ' bytes)')
+ needed_len = ffi.C.crypto_EVP_CIPHER_iv_length(cipher)
+ if iv == nil or iv:len() ~= needed_len then
+ return error('Initial vector length should be equal to cipher iv '..
+ 'length ('..tostring(needed_len)..' bytes)')
end
local ctx = ffi.C.EVP_CIPHER_CTX_new()
if ctx == nil then
diff --git a/src/main.cc b/src/main.cc
index 5ded83223..606c64c13 100644
--- a/src/main.cc
+++ b/src/main.cc
@@ -75,6 +75,7 @@
#include "box/lua/init.h" /* box_lua_init() */
#include "box/session.h"
#include "systemd.h"
+#include "crypto/crypto.h"
static pid_t master_pid = getpid();
static struct pidfh *pid_file_handle;
@@ -621,6 +622,7 @@ tarantool_free(void)
memory_free();
random_free();
#endif
+ crypto_free();
coll_free();
systemd_free();
say_logger_free();
@@ -780,6 +782,7 @@ main(int argc, char **argv)
signal_init();
cbus_init();
coll_init();
+ crypto_init();
tarantool_lua_init(tarantool_bin, main_argc, main_argv);
start_time = ev_monotonic_time();
--
2.20.1 (Apple Git-117)
next prev parent reply other threads:[~2019-05-07 20:54 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-05-07 20:53 [tarantool-patches] [PATCH v3 0/4] crypto lib Vladislav Shpilevoy
2019-05-07 20:53 ` [tarantool-patches] [PATCH v3 1/4] crypto: move crypto business into a separate library Vladislav Shpilevoy
2019-05-15 7:58 ` [tarantool-patches] " Георгий Кириченко
2019-05-07 20:53 ` Vladislav Shpilevoy [this message]
2019-05-15 7:58 ` [tarantool-patches] Re: [PATCH v3 2/4] crypto: make exported methods conform code style Георгий Кириченко
2019-05-07 20:53 ` [tarantool-patches] [PATCH v3 3/4] crypto: implement crypto libary Vladislav Shpilevoy
2019-05-15 7:58 ` [tarantool-patches] " Георгий Кириченко
2019-05-07 20:53 ` [tarantool-patches] [PATCH v3 4/4] crypto: use crypto library in crypto.lua Vladislav Shpilevoy
2019-05-15 8:01 ` [tarantool-patches] " Георгий Кириченко
2019-05-15 13:42 ` Vladislav Shpilevoy
2019-05-15 13:42 ` [tarantool-patches] Re: [PATCH v3 0/4] crypto lib Vladislav Shpilevoy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a419195af7d1db74e7251cbefbf5bdcc5ab6a51d.1557262174.git.v.shpilevoy@tarantool.org \
--to=v.shpilevoy@tarantool.org \
--cc=georgy@tarantool.org \
--cc=kostja@tarantool.org \
--cc=tarantool-patches@freelists.org \
--subject='Re: [tarantool-patches] [PATCH v3 2/4] crypto: make exported methods conform code style' \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox