git: libdmsg - Get the encryption operational again

Matthew Dillon dillon at crater.dragonflybsd.org
Sat Oct 30 18:11:13 PDT 2021


commit a988b43e78629a379190205ccd368b35bf4fb239
Author: Matthew Dillon <dillon at apollo.backplane.com>
Date:   Sat Oct 30 18:06:10 2021 -0700

    libdmsg - Get the encryption operational again
    
    * Currently encrypts/decrypts, but the algorithm is really just a
      place-holder for something better.  It does not use any openssl
      algos beyond basic public key exchange, session key exchange, and
      raw aes-256-gcm encryption with a block IV increment to prevent replay
      attacks.
    
    * Note that in the final protocol there will be two verifiers embedded
      in the dmsg itself, rather than tacked on via the transport.  One is
      the 32-bit header crc (there is also an aux-data crc), and the second
      is a 64-bit verifier that the link-level is intended to replace and check.
      The dmsg also has a signature and 24 random bits to mix things up.

Summary of changes:
 lib/libdmsg/TODO     |  17 ++++++++
 lib/libdmsg/crypto.c | 109 +++++++++++++++++++++++----------------------------
 lib/libdmsg/dmsg.h   |   8 ++--
 lib/libdmsg/msg.c    |   5 ++-
 sys/sys/dmsg.h       |   2 +-
 5 files changed, 76 insertions(+), 65 deletions(-)
 create mode 100644 lib/libdmsg/TODO

http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/a988b43e78629a379190205ccd368b35bf4fb239


-- 
DragonFly BSD source repository



More information about the Commits mailing list