git: libdmsg - Get the encryption operational again
Matthew Dillon
dillon at crater.dragonflybsd.org
Sat Oct 30 18:11:13 PDT 2021
commit a988b43e78629a379190205ccd368b35bf4fb239
Author: Matthew Dillon <dillon at apollo.backplane.com>
Date: Sat Oct 30 18:06:10 2021 -0700
libdmsg - Get the encryption operational again
* Currently encrypts/decrypts, but the algorithm is really just a
place-holder for something better. It does not use any openssl
algos beyond basic public key exchange, session key exchange, and
raw aes-256-gcm encryption with a block IV increment to prevent replay
attacks.
* Note that in the final protocol there will be two verifiers embedded
in the dmsg itself, rather than tacked on via the transport. One is
the 32-bit header crc (there is also an aux-data crc), and the second
is a 64-bit verifier that the link-level is intended to replace and check.
The dmsg also has a signature and 24 random bits to mix things up.
Summary of changes:
lib/libdmsg/TODO | 17 ++++++++
lib/libdmsg/crypto.c | 109 +++++++++++++++++++++++----------------------------
lib/libdmsg/dmsg.h | 8 ++--
lib/libdmsg/msg.c | 5 ++-
sys/sys/dmsg.h | 2 +-
5 files changed, 76 insertions(+), 65 deletions(-)
create mode 100644 lib/libdmsg/TODO
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/a988b43e78629a379190205ccd368b35bf4fb239
--
DragonFly BSD source repository
More information about the Commits
mailing list