Branch: refs/heads/master
Home:
https://github.com/fabbione/kronosnet
Commit: 977e2cbc62d371fd5b243e0dddcd0364fba07842
https://github.com/fabbione/kronosnet/commit/977e2cbc62d371fd5b243e0dddcd03…
Author: Fabio M. Di Nitto <fdinitto(a)redhat.com>
Date: 2015-11-25 (Wed, 25 Nov 2015)
Changed paths:
M libknet/crypto.c
M libknet/crypto.h
M libknet/handle.c
M libknet/internals.h
M libknet/nsscrypto.c
M libknet/nsscrypto.h
M libknet/threads_send_recv.c
Log Message:
-----------
[crypto] align crypto_authenticate_and_decrypt API to crypto_encrypt_and_sign
2 issues solved by this change:
1) API were different and crypto_authenticate_and_decrypt would trash the
incoming packet, that we might want to keep for later usage
(re-switch for example)
2) By using an extre pre-allocated buffer while decrypting incoming packets
we save a whole memcpy and that reduces latency on crypto communications:
pre-patch:
[root@kronosnet-node1-br0 ~]# ping 192.168.12.2 -f -c 1000 -s 65000
PING 192.168.12.2 (192.168.12.2) 65000(65028) bytes of data.
--- 192.168.12.2 ping statistics ---
1000 packets transmitted, 1000 received, 0% packet loss, time 5302ms
rtt min/avg/max/mdev = 5.102/5.283/22.679/0.947 ms, pipe 3, ipg/ewma 5.307/5.223 ms
post-patch:
[root@kronosnet-node1-br0 ~]# ping 192.168.12.2 -f -c 1000 -s 65000
PING 192.168.12.2 (192.168.12.2) 65000(65028) bytes of data.
--- 192.168.12.2 ping statistics ---
1000 packets transmitted, 1000 received, 0% packet loss, time 5196ms
rtt min/avg/max/mdev = 4.997/5.154/6.661/0.129 ms, ipg/ewma 5.201/5.173 ms
(using aes256 and sha1)
Signed-off-by: Fabio M. Di Nitto <fdinitto(a)redhat.com>