From: Vladislav Shpilevoy <v.shpilevoy@tarantool.org>
To: tarantool-patches@freelists.org
Cc: kostja@tarantool.org
Subject: [tarantool-patches] [PATCH v2 0/3] swim encryption preparation
Date: Mon, 29 Apr 2019 14:07:36 +0300 [thread overview]
Message-ID: <cover.1556535949.git.v.shpilevoy@tarantool.org> (raw)
SWIM needs encryption because it transmits packets affecting cluster state and
topology, probably via public networks between datacenters. Tarantool hasn't had
normal crypto library with useful C API on board until now. OpenSSL was used,
but its API is crazy, and before this patchset it was used in Lua only, via FFI.
The patchset moves existing OpenSSL wrappers into a separate library and extends
it with pretty API. It is going to be used by SWIM.
Branch: http://github.com/tarantool/tarantool/tree/gerold103/crypto-lib
Changes in V2:
- Added new codec 'None';
- Renamed 'encode/decode' to 'encrypt/decrypt';
- Removed usage of constants from crypto.c.
V1: https://www.freelists.org/post/tarantool-patches/PATCH-03-swim-encryption-preparation
Vladislav Shpilevoy (3):
crypto: move crypto business into a separate library
crypto: make exported methods conform code style
crypto: implement crypto codec API and AES 128 encryption
extra/exports | 13 +-
src/CMakeLists.txt | 3 +-
src/lib/CMakeLists.txt | 1 +
src/lib/core/diag.h | 2 +
src/lib/core/exception.cc | 25 ++++
src/lib/core/exception.h | 7 +
src/lib/crypto/CMakeLists.txt | 5 +
src/lib/crypto/crypto.c | 260 ++++++++++++++++++++++++++++++++++
src/lib/crypto/crypto.h | 142 +++++++++++++++++++
src/lua/crypto.c | 73 ----------
src/lua/crypto.h | 54 -------
src/lua/crypto.lua | 42 +++---
src/main.cc | 3 +
test/unit/CMakeLists.txt | 3 +
test/unit/crypto.c | 191 +++++++++++++++++++++++++
test/unit/crypto.result | 40 ++++++
16 files changed, 706 insertions(+), 158 deletions(-)
create mode 100644 src/lib/crypto/CMakeLists.txt
create mode 100644 src/lib/crypto/crypto.c
create mode 100644 src/lib/crypto/crypto.h
delete mode 100644 src/lua/crypto.c
delete mode 100644 src/lua/crypto.h
create mode 100644 test/unit/crypto.c
create mode 100644 test/unit/crypto.result
--
2.20.1 (Apple Git-117)
next reply other threads:[~2019-04-29 11:07 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-29 11:07 Vladislav Shpilevoy [this message]
2019-04-29 11:07 ` [tarantool-patches] [PATCH v2 1/3] crypto: move crypto business into a separate library Vladislav Shpilevoy
2019-04-29 11:07 ` [tarantool-patches] [PATCH v2 2/3] crypto: make exported methods conform code style Vladislav Shpilevoy
2019-04-29 12:23 ` [tarantool-patches] " Konstantin Osipov
2019-04-29 11:07 ` [tarantool-patches] [PATCH v2 3/3] crypto: implement crypto codec API and AES 128 encryption Vladislav Shpilevoy
2019-04-29 12:24 ` [tarantool-patches] " Konstantin Osipov
2019-04-29 12:29 ` [tarantool-patches] Re: [PATCH v2 0/3] swim encryption preparation Vladislav Shpilevoy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1556535949.git.v.shpilevoy@tarantool.org \
--to=v.shpilevoy@tarantool.org \
--cc=kostja@tarantool.org \
--cc=tarantool-patches@freelists.org \
--subject='Re: [tarantool-patches] [PATCH v2 0/3] swim encryption preparation' \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox