#
a988b43e |
| 31-Oct-2021 |
Matthew Dillon <dillon@apollo.backplane.com> |
libdmsg - Get the encryption operational again
* Currently encrypts/decrypts, but the algorithm is really just a place-holder for something better. It does not use any openssl algos beyond basi
libdmsg - Get the encryption operational again
* Currently encrypts/decrypts, but the algorithm is really just a place-holder for something better. It does not use any openssl algos beyond basic public key exchange, session key exchange, and raw aes-256-gcm encryption with a block IV increment to prevent replay attacks.
* Note that in the final protocol there will be two verifiers embedded in the dmsg itself, rather than tacked on via the transport. One is the 32-bit header crc (there is also an aux-data crc), and the second is a 64-bit verifier that the link-level is intended to replace and check. The dmsg also has a signature and 24 random bits to mix things up.
show more ...
|