From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTP id 182BB2B91F for ; Mon, 29 Apr 2019 08:29:40 -0400 (EDT) Received: from turing.freelists.org ([127.0.0.1]) by localhost (turing.freelists.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id otagNYkCtD4g for ; Mon, 29 Apr 2019 08:29:40 -0400 (EDT) Received: from smtpng3.m.smailru.net (smtpng3.m.smailru.net [94.100.177.149]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTPS id C8A162A886 for ; Mon, 29 Apr 2019 08:29:39 -0400 (EDT) Subject: [tarantool-patches] Re: [PATCH v2 0/3] swim encryption preparation From: Vladislav Shpilevoy References: Message-ID: Date: Mon, 29 Apr 2019 15:29:37 +0300 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: tarantool-patches-bounce@freelists.org Errors-to: tarantool-patches-bounce@freelists.org Reply-To: tarantool-patches@freelists.org List-Help: List-Unsubscribe: List-software: Ecartis version 1.0.0 List-Id: tarantool-patches List-Subscribe: List-Owner: List-post: List-Archive: To: tarantool-patches@freelists.org Cc: Georgy Kirichenko Georgy, please, give a second review. On 29/04/2019 14:07, Vladislav Shpilevoy wrote: > SWIM needs encryption because it transmits packets affecting cluster state and > topology, probably via public networks between datacenters. Tarantool hasn't had > normal crypto library with useful C API on board until now. OpenSSL was used, > but its API is crazy, and before this patchset it was used in Lua only, via FFI. > > The patchset moves existing OpenSSL wrappers into a separate library and extends > it with pretty API. It is going to be used by SWIM. > > Branch: http://github.com/tarantool/tarantool/tree/gerold103/crypto-lib > > Changes in V2: > - Added new codec 'None'; > - Renamed 'encode/decode' to 'encrypt/decrypt'; > - Removed usage of constants from crypto.c. > > V1: https://www.freelists.org/post/tarantool-patches/PATCH-03-swim-encryption-preparation > > Vladislav Shpilevoy (3): > crypto: move crypto business into a separate library > crypto: make exported methods conform code style > crypto: implement crypto codec API and AES 128 encryption > > extra/exports | 13 +- > src/CMakeLists.txt | 3 +- > src/lib/CMakeLists.txt | 1 + > src/lib/core/diag.h | 2 + > src/lib/core/exception.cc | 25 ++++ > src/lib/core/exception.h | 7 + > src/lib/crypto/CMakeLists.txt | 5 + > src/lib/crypto/crypto.c | 260 ++++++++++++++++++++++++++++++++++ > src/lib/crypto/crypto.h | 142 +++++++++++++++++++ > src/lua/crypto.c | 73 ---------- > src/lua/crypto.h | 54 ------- > src/lua/crypto.lua | 42 +++--- > src/main.cc | 3 + > test/unit/CMakeLists.txt | 3 + > test/unit/crypto.c | 191 +++++++++++++++++++++++++ > test/unit/crypto.result | 40 ++++++ > 16 files changed, 706 insertions(+), 158 deletions(-) > create mode 100644 src/lib/crypto/CMakeLists.txt > create mode 100644 src/lib/crypto/crypto.c > create mode 100644 src/lib/crypto/crypto.h > delete mode 100644 src/lua/crypto.c > delete mode 100644 src/lua/crypto.h > create mode 100644 test/unit/crypto.c > create mode 100644 test/unit/crypto.result > > -- > 2.20.1 (Apple Git-117) > >