Branch: refs/heads/master Home: https://github.com/fabbione/kronosnet Commit: 977e2cbc62d371fd5b243e0dddcd0364fba07842 https://github.com/fabbione/kronosnet/commit/977e2cbc62d371fd5b243e0dddcd036... Author: Fabio M. Di Nitto fdinitto@redhat.com Date: 2015-11-25 (Wed, 25 Nov 2015)
Changed paths: M libknet/crypto.c M libknet/crypto.h M libknet/handle.c M libknet/internals.h M libknet/nsscrypto.c M libknet/nsscrypto.h M libknet/threads_send_recv.c
Log Message: ----------- [crypto] align crypto_authenticate_and_decrypt API to crypto_encrypt_and_sign
2 issues solved by this change:
1) API were different and crypto_authenticate_and_decrypt would trash the incoming packet, that we might want to keep for later usage (re-switch for example)
2) By using an extre pre-allocated buffer while decrypting incoming packets we save a whole memcpy and that reduces latency on crypto communications:
pre-patch:
[root@kronosnet-node1-br0 ~]# ping 192.168.12.2 -f -c 1000 -s 65000 PING 192.168.12.2 (192.168.12.2) 65000(65028) bytes of data.
--- 192.168.12.2 ping statistics --- 1000 packets transmitted, 1000 received, 0% packet loss, time 5302ms rtt min/avg/max/mdev = 5.102/5.283/22.679/0.947 ms, pipe 3, ipg/ewma 5.307/5.223 ms
post-patch:
[root@kronosnet-node1-br0 ~]# ping 192.168.12.2 -f -c 1000 -s 65000 PING 192.168.12.2 (192.168.12.2) 65000(65028) bytes of data.
--- 192.168.12.2 ping statistics --- 1000 packets transmitted, 1000 received, 0% packet loss, time 5196ms rtt min/avg/max/mdev = 4.997/5.154/6.661/0.129 ms, ipg/ewma 5.201/5.173 ms
(using aes256 and sha1)
Signed-off-by: Fabio M. Di Nitto fdinitto@redhat.com
-
GitHub