On Thu, Oct 22, 2009 at 04:40:01PM -0400, Alex wrote:
> I have a protocol which needs to secure outgoing packets like so:
> [n bytes protocol data]
> TO:
> [j bytes padded/encrypted data][16 bytes IV][12 bytes HMAC]
> What is the most clean/efficient way of using evbuffers for this
> purpose? I currently do the following in an outgoing filter callback
> function:
> unsigned char buf[1024];
> len = evbuffer_remove(src, buf, ...);
> len = crypto_encrypt(...);
> ...
> crypto_hmac(...);
> len += 12;
> evbuffer_add(dst, buf, len);
> The crypto_encrypt function overwrites the data in buf with the
> encrypted data and IV.
> Is this really the best way to use evbuffers, or are there features in
> libevent that help me with this which I am not aware of? I am using SVN
> revision 1457.

It's not a _bad_ way; crypto is generally expensive enough that the
two copy operations you're doing here (from src->buf, then from
buf->dst) won't matter much.

You might save yourself a copy operation by using evbuffer_peek or
evbuffer_reserve/evbuffer_commit to access the memory in an evbuffer
without having to copy it into an external buffer.

You could possibly save yourself a copy operation entirely by using
evbuffer_remove_buffer to transfer data chunks straight from src to a
temporary buffer, encrypting it in place, then transferring it to
evbuffer_dst.  This could be a bit tricky, though.

Also, I usually use evbuffers in connection with bufferevents, but
that's a whole different topic.  If you're using recent SVN libevent
versions, you could implement this whole process as a filtering

Libevent-users mailing list

Reply via email to