On Thu, Oct 22, 2009 at 04:40:01PM -0400, Alex wrote: > I have a protocol which needs to secure outgoing packets like so: > > FROM: > [n bytes protocol data] > > TO: > [j bytes padded/encrypted data][16 bytes IV][12 bytes HMAC] > > What is the most clean/efficient way of using evbuffers for this > purpose? I currently do the following in an outgoing filter callback > function: > > unsigned char buf[1024]; > len = evbuffer_remove(src, buf, ...); > len = crypto_encrypt(...); > ... > crypto_hmac(...); > len += 12; > evbuffer_add(dst, buf, len); > > The crypto_encrypt function overwrites the data in buf with the > encrypted data and IV. > > Is this really the best way to use evbuffers, or are there features in > libevent that help me with this which I am not aware of? I am using SVN > revision 1457.
It's not a _bad_ way; crypto is generally expensive enough that the two copy operations you're doing here (from src->buf, then from buf->dst) won't matter much. You might save yourself a copy operation by using evbuffer_peek or evbuffer_reserve/evbuffer_commit to access the memory in an evbuffer without having to copy it into an external buffer. You could possibly save yourself a copy operation entirely by using evbuffer_remove_buffer to transfer data chunks straight from src to a temporary buffer, encrypting it in place, then transferring it to evbuffer_dst. This could be a bit tricky, though. Also, I usually use evbuffers in connection with bufferevents, but that's a whole different topic. If you're using recent SVN libevent versions, you could implement this whole process as a filtering bufferevent. yrs, -- Nick _______________________________________________ Libevent-users mailing list Libevent-users@monkey.org http://lists.monkey.org:8080/listinfo/libevent-users
