From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTP id 3B3452E295 for ; Tue, 7 May 2019 16:54:03 -0400 (EDT) Received: from turing.freelists.org ([127.0.0.1]) by localhost (turing.freelists.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mou74fnOS3SM for ; Tue, 7 May 2019 16:54:03 -0400 (EDT) Received: from smtpng2.m.smailru.net (smtpng2.m.smailru.net [94.100.179.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTPS id E48512C955 for ; Tue, 7 May 2019 16:54:02 -0400 (EDT) From: Vladislav Shpilevoy Subject: [tarantool-patches] [PATCH v3 0/4] crypto lib Date: Tue, 7 May 2019 23:53:55 +0300 Message-Id: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: tarantool-patches-bounce@freelists.org Errors-to: tarantool-patches-bounce@freelists.org Reply-To: tarantool-patches@freelists.org List-Help: List-Unsubscribe: List-software: Ecartis version 1.0.0 List-Id: tarantool-patches List-Subscribe: List-Owner: List-post: List-Archive: To: tarantool-patches@freelists.org Cc: kostja@tarantool.org, georgy@tarantool.org SWIM needs encryption because it transmits packets affecting cluster state and topology, probably via public networks between datacenters. Tarantool hasn't had normal crypto library with useful C API on board until now. OpenSSL was used, but its API is far from simple, and before this patchset it was used in Lua only, via FFI. The patchset moves existing OpenSSL wrappers into a separate library, extends it with pretty API, and replaces some parts of crypto.lua module. It is going to be used by SWIM. Branch: http://github.com/tarantool/tarantool/tree/gerold103/crypto-lib Changes in V3: - Added crypto_stream to replace cipher in crypto.lua module; - Initial vector is passed explicitly to each encrypt(), and is not stored in codec object; - All the same standards are supported as in crypto.lua were. V2: https://www.freelists.org/post/tarantool-patches/PATCH-v2-03-swim-encryption-preparation Vladislav Shpilevoy (4): crypto: move crypto business into a separate library crypto: make exported methods conform code style crypto: implement crypto libary crypto: use crypto library in crypto.lua extra/exports | 16 +- src/CMakeLists.txt | 3 +- src/lib/CMakeLists.txt | 1 + src/lib/core/diag.h | 2 + src/lib/core/exception.cc | 25 +++ src/lib/core/exception.h | 7 + src/lib/crypto/CMakeLists.txt | 5 + src/lib/crypto/crypto.c | 391 ++++++++++++++++++++++++++++++++++ src/lib/crypto/crypto.h | 283 ++++++++++++++++++++++++ src/lua/crypto.c | 73 ------- src/lua/crypto.h | 54 ----- src/lua/crypto.lua | 263 ++++++++++++----------- src/main.cc | 3 + test/app/crypto.result | 114 +++++++--- test/app/crypto.test.lua | 32 ++- test/unit/CMakeLists.txt | 3 + test/unit/crypto.c | 302 ++++++++++++++++++++++++++ test/unit/crypto.result | 132 ++++++++++++ 18 files changed, 1418 insertions(+), 291 deletions(-) create mode 100644 src/lib/crypto/CMakeLists.txt create mode 100644 src/lib/crypto/crypto.c create mode 100644 src/lib/crypto/crypto.h delete mode 100644 src/lua/crypto.c delete mode 100644 src/lua/crypto.h create mode 100644 test/unit/crypto.c create mode 100644 test/unit/crypto.result -- 2.20.1 (Apple Git-117)