From: Vladislav Shpilevoy <v.shpilevoy@tarantool.org>
To: tarantool-patches@freelists.org
Cc: Georgy Kirichenko <georgy@tarantool.org>
Subject: [tarantool-patches] Re: [PATCH v2 0/3] swim encryption preparation
Date: Mon, 29 Apr 2019 15:29:37 +0300 [thread overview]
Message-ID: <e57fcc5e-503c-95d7-fb79-ef9fc0379e02@tarantool.org> (raw)
In-Reply-To: <cover.1556535949.git.v.shpilevoy@tarantool.org>
Georgy, please, give a second review.
On 29/04/2019 14:07, Vladislav Shpilevoy wrote:
> SWIM needs encryption because it transmits packets affecting cluster state and
> topology, probably via public networks between datacenters. Tarantool hasn't had
> normal crypto library with useful C API on board until now. OpenSSL was used,
> but its API is crazy, and before this patchset it was used in Lua only, via FFI.
>
> The patchset moves existing OpenSSL wrappers into a separate library and extends
> it with pretty API. It is going to be used by SWIM.
>
> Branch: http://github.com/tarantool/tarantool/tree/gerold103/crypto-lib
>
> Changes in V2:
> - Added new codec 'None';
> - Renamed 'encode/decode' to 'encrypt/decrypt';
> - Removed usage of constants from crypto.c.
>
> V1: https://www.freelists.org/post/tarantool-patches/PATCH-03-swim-encryption-preparation
>
> Vladislav Shpilevoy (3):
> crypto: move crypto business into a separate library
> crypto: make exported methods conform code style
> crypto: implement crypto codec API and AES 128 encryption
>
> extra/exports | 13 +-
> src/CMakeLists.txt | 3 +-
> src/lib/CMakeLists.txt | 1 +
> src/lib/core/diag.h | 2 +
> src/lib/core/exception.cc | 25 ++++
> src/lib/core/exception.h | 7 +
> src/lib/crypto/CMakeLists.txt | 5 +
> src/lib/crypto/crypto.c | 260 ++++++++++++++++++++++++++++++++++
> src/lib/crypto/crypto.h | 142 +++++++++++++++++++
> src/lua/crypto.c | 73 ----------
> src/lua/crypto.h | 54 -------
> src/lua/crypto.lua | 42 +++---
> src/main.cc | 3 +
> test/unit/CMakeLists.txt | 3 +
> test/unit/crypto.c | 191 +++++++++++++++++++++++++
> test/unit/crypto.result | 40 ++++++
> 16 files changed, 706 insertions(+), 158 deletions(-)
> create mode 100644 src/lib/crypto/CMakeLists.txt
> create mode 100644 src/lib/crypto/crypto.c
> create mode 100644 src/lib/crypto/crypto.h
> delete mode 100644 src/lua/crypto.c
> delete mode 100644 src/lua/crypto.h
> create mode 100644 test/unit/crypto.c
> create mode 100644 test/unit/crypto.result
>
> --
> 2.20.1 (Apple Git-117)
>
>
prev parent reply other threads:[~2019-04-29 12:29 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-29 11:07 [tarantool-patches] " Vladislav Shpilevoy
2019-04-29 11:07 ` [tarantool-patches] [PATCH v2 1/3] crypto: move crypto business into a separate library Vladislav Shpilevoy
2019-04-29 11:07 ` [tarantool-patches] [PATCH v2 2/3] crypto: make exported methods conform code style Vladislav Shpilevoy
2019-04-29 12:23 ` [tarantool-patches] " Konstantin Osipov
2019-04-29 11:07 ` [tarantool-patches] [PATCH v2 3/3] crypto: implement crypto codec API and AES 128 encryption Vladislav Shpilevoy
2019-04-29 12:24 ` [tarantool-patches] " Konstantin Osipov
2019-04-29 12:29 ` Vladislav Shpilevoy [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=e57fcc5e-503c-95d7-fb79-ef9fc0379e02@tarantool.org \
--to=v.shpilevoy@tarantool.org \
--cc=georgy@tarantool.org \
--cc=tarantool-patches@freelists.org \
--subject='[tarantool-patches] Re: [PATCH v2 0/3] swim encryption preparation' \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox