DO NOT MERGE: api draft

Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
kronosnet · Oct 21, 2019 · 136b8b7 · 136b8b7
1 parent 7f6846d
commit 136b8b7
Show file tree

Hide file tree

Showing 2 changed files with 169 additions and 8 deletions.
diff --git a/libknet/handle.c b/libknet/handle.c
@@ -1450,6 +1450,80 @@ int knet_handle_pmtud_get(knet_handle_t knet_h,
 	return 0;
 }
 
+int knet_handle_crypto_set_config(knet_handle_t knet_h,
+				  struct knet_handle_crypto_cfg *knet_handle_crypto_cfg,
+				  uint8_t config_num)
+{
+	int savederrno = 0;
+	int err = 0;
+	int pmtud_rerun = 0;
+
+	if (!knet_h) {
+		errno = EINVAL;
+		return -1;
+	}
+
+	if (!knet_handle_crypto_cfg) {
+		errno = EINVAL;
+		return -1;
+	}
+
+	if ((config_num < 1) || (config_num > 2)) {
+		errno = EINVAL;
+		return -1;
+	}
+
+	if ((!strncmp("none", knet_handle_crypto_cfg->crypto_model, 4)) ||
+	    ((!strncmp("none", knet_handle_crypto_cfg->crypto_cipher_type, 4)) &&
+	     (!strncmp("none", knet_handle_crypto_cfg->crypto_hash_type, 4)))) {
+		errno = EINVAL;
+		return -1;
+	}
+
+	if (knet_handle_crypto_cfg->private_key_len < KNET_MIN_KEY_LEN) {
+		log_debug(knet_h, KNET_SUB_CRYPTO, "private key len too short (min %d) for config %u: %u",
+			  KNET_MIN_KEY_LEN, config_num, knet_handle_crypto_cfg->private_key_len);
+		errno = EINVAL;
+		return -1;
+	}
+
+	if (knet_handle_crypto_cfg->private_key_len > KNET_MAX_KEY_LEN) {
+		log_debug(knet_h, KNET_SUB_CRYPTO, "private key len too long (max %d) for config %u: %u",
+			  KNET_MAX_KEY_LEN, config_num, knet_handle_crypto_cfg->private_key_len);
+		errno = EINVAL;
+		return -1;
+	}
+
+	savederrno = get_global_wrlock(knet_h);
+	if (savederrno) {
+		log_err(knet_h, KNET_SUB_HANDLE, "Unable to get write lock: %s",
+			strerror(savederrno));
+		errno = savederrno;
+		return -1;
+	}
+
+	err = crypto_init(knet_h, knet_handle_crypto_cfg, config_num);
+
+	if (err) {
+		err = -2;
+		savederrno = errno;
+	} else {
+		/*
+		 * TODO: trigger PMTUd rerun only if we are changing the current
+		 *       in-use config
+		 */
+		pmtud_rerurn = 1;
+	}
+
+exit_unlock:
+	if (pmtud_rerurn) {
+		force_pmtud_run(knet_h, KNET_SUB_CRYPTO, 1);
+	}
+	pthread_rwlock_unlock(&knet_h->global_rwlock);
+	errno = err ? savederrno : 0;
+	return err;
+}
+
 int knet_handle_crypto(knet_handle_t knet_h, struct knet_handle_crypto_cfg *knet_handle_crypto_cfg)
 {
 	int savederrno = 0;

diff --git a/libknet/libknet.h b/libknet/libknet.h
@@ -720,7 +720,7 @@ struct knet_handle_crypto_cfg {
 };
 
 /**
- * knet_handle_crypto
+ * knet_handle_crypto_set_config
  *
  * @brief set up packet cryptographic signing & encryption
  *
@@ -759,23 +759,111 @@ struct knet_handle_crypto_cfg {
  *            private_key_len
  *                         length of the provided private_key.
  *
+ * config_num - knet supports 2 concurrent set of crypto configurations,
+ *              to allow runtime change of crypto config and keys.
+ *              On RX both configurations will be used sequencially
+ *              to attempt to decrypt/validate a packet (when 2 are available).
+ *              Note that this might slow down performances during a reconfiguration.
+ *              For TX, the user needs to specify which key to use via
+ *              knet_handle_crypto_use_config(3).
+ *              On the first call to knet_handle_crypto_set_config(3),
+ *              the key will be used immediately as default.
+ *              config_num accepts 1 or 2 as value. 0 is reserved for
+ *              internal use and other API calls.
+ *              Calling knet_handle_crypto_use_config(3) twice with
+ *              the same config_num will REPLACE the configuration and
+ *              NOT activate the second key.
+ *              The correct sequence to perform a runtime rekey / reconfiguration
+ *              is:
+ *              - knet_handle_crypto_set_config(..., 1). -> first time config, will use config1
+ *              - knet_handle_crypto_set_config(..., 2). -> install config2 and use it only for RX
+ *              - knet_handle_crypto_use_config(..., 2). -> switch TX to config 2
+ *              - knet_handle_crypto_clear_config(..., 1). -> disable config1 and wipe internal data
+ *              The application is responsible to synchronize calls on the nodes
+ *              to make sure the new config is in place before switching TX configuration.
+ *              Failure to do so will result in knet unable to talk to some of the nodes.
+ *
  * Implementation notes/current limitations:
  * - enabling crypto, will increase latency as packets have
  *   to processed.
  * - enabling crypto might reduce the overall throughtput
  *   due to crypto data overhead.
- * - re-keying is not implemented yet.
  * - private/public key encryption/hashing is not currently
  *   planned.
  * - crypto key must be the same for all hosts in the same
- *   knet instance.
- * - it is safe to call knet_handle_crypto multiple times at runtime.
+ *   knet instance / configX.
+ * - it is safe to call knet_handle_crypto_set_config multiple times at runtime.
  *   The last config will be used.
- *   IMPORTANT: a call to knet_handle_crypto can fail due to:
+ *   IMPORTANT: a call to knet_handle_crypto_set_config can fail due to:
  *              1) failure to obtain locking
  *              2) errors to initializing the crypto level.
- *   This can happen even in subsequent calls to knet_handle_crypto.
- *   A failure in crypto init will restore the previous crypto configuration.
+ *   This can happen even in subsequent calls to knet_handle_crypto_set_config(3).
+ *   A failure in crypto init will restore the previous crypto configuration if any.
+ *
+ * @return
+ * knet_handle_crypto_set_config returns:
+ * @retval 0 on success
+ * @retval -1 on error and errno is set.
+ * @retval -2 on crypto subsystem initialization error. No errno is provided at the moment (yet).
+ */
+
+int knet_handle_crypto_set_config(knet_handle_t knet_h,
+				  struct knet_handle_crypto_cfg *knet_handle_crypto_cfg,
+				  uint8_t config_num);
+
+/**
+ * knet_handle_crypto_use_config
+ *
+ * @brief specify crypto configuration to use for TX
+ *
+ * knet_h   - pointer to knet_handle_t
+ *
+ * config_num - 1|2 use configuration 1 or 2
+ *
+ * @return
+ * knet_handle_crypto_use_config returns:
+ * @retval 0 on success
+ * @retval -1 on error and errno is set.
+ */
+
+int knet_handle_crypto_use_config(knet_handle_t knet_h,
+				  uint8_t config_num);
+
+/**
+ * knet_handle_crypto_clear_config
+ *
+ * @brief remove crypto configuration or disable crypto
+ *
+ * knet_h   - pointer to knet_handle_t
+ *
+ * config_num - 0 disable crypto and wipe all configurations
+ *              1|2 wipe configuration 1 or 2
+ *
+ * @return
+ * knet_handle_crypto_clear_config returns:
+ * @retval 0 on success
+ * @retval -1 on error and errno is set.
+ */
+
+int knet_handle_crypto_clear_config(knet_handle_t knet_h,
+				    uint8_t config_num);
+
+/**
+ * knet_handle_crypto
+ *
+ * @brief set up packet cryptographic signing & encryption
+ *
+ * knet_h   - pointer to knet_handle_t
+ *
+ * knet_handle_crypto_cfg -
+ *            pointer to a knet_handle_crypto_cfg structure
+ *            see knet_handle_crypto_set_config(3) for details.
+ *
+ *
+ * Implementation notes:
+ *
+ * knet_handle_crypto(3) is now a wrapper for knet_handle_crypto_set_config(3)
+ * with config_num set to 1.
  *
  * @return
  * knet_handle_crypto returns:
@@ -788,7 +876,6 @@ int knet_handle_crypto(knet_handle_t knet_h,
 		       struct knet_handle_crypto_cfg *knet_handle_crypto_cfg);
 
 
-
 #define KNET_COMPRESS_THRESHOLD 100
 
 struct knet_handle_compress_cfg {