From: David Ahern <dsahern@gmail.com>
To: Tuong Lien <tuong.t.lien@dektech.com.au>,
jmaloy@redhat.com, maloy@donjonn.com, ying.xue@windriver.com,
netdev@vger.kernel.org
Cc: tipc-discussion@lists.sourceforge.net
Subject: Re: [iproute2-next 0/2] tipc: add new options for TIPC encryption
Date: Tue, 20 Oct 2020 09:06:37 -0600 [thread overview]
Message-ID: <942f4e8e-baf5-b8c4-bd5d-88872dfe7762@gmail.com> (raw)
In-Reply-To: <20201016160201.7290-1-tuong.t.lien@dektech.com.au>
On 10/16/20 10:01 AM, Tuong Lien wrote:
> This series adds two new options in the 'iproute2/tipc' command, enabling users
> to use the new TIPC encryption features, i.e. the master key and rekeying which
> have been recently merged in kernel.
>
> The help menu of the "tipc node set key" command is also updated accordingly:
>
> # tipc node set key --help
> Usage: tipc node set key KEY [algname ALGNAME] [PROPERTIES]
> tipc node set key rekeying REKEYING
>
> KEY
> Symmetric KEY & SALT as a composite ASCII or hex string (0x...) in form:
> [KEY: 16, 24 or 32 octets][SALT: 4 octets]
>
> ALGNAME
> Cipher algorithm [default: "gcm(aes)"]
>
> PROPERTIES
> master - Set KEY as a cluster master key
> <empty> - Set KEY as a cluster key
> nodeid NODEID - Set KEY as a per-node key for own or peer
>
> REKEYING
> INTERVAL - Set rekeying interval (in minutes) [0: disable]
> now - Trigger one (first) rekeying immediately
>
> EXAMPLES
> tipc node set key this_is_a_master_key master
> tipc node set key 0x746869735F69735F615F6B657931365F73616C74
> tipc node set key this_is_a_key16_salt algname "gcm(aes)" nodeid 1001002
> tipc node set key rekeying 600
>
> Tuong Lien (2):
> tipc: add option to set master key for encryption
> tipc: add option to set rekeying for encryption
>
> tipc/cmdl.c | 2 +-
> tipc/cmdl.h | 1 +
> tipc/node.c | 81 +++++++++++++++++++++++++++++++++++++++--------------
> 3 files changed, 62 insertions(+), 22 deletions(-)
>
applied to iproute2-next
prev parent reply other threads:[~2020-10-20 15:06 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-16 16:01 [iproute2-next 0/2] tipc: add new options for TIPC encryption Tuong Lien
2020-10-16 16:02 ` [iproute2-next 1/2] tipc: add option to set master key for encryption Tuong Lien
2020-10-16 16:02 ` [iproute2-next 2/2] tipc: add option to set rekeying " Tuong Lien
2020-10-20 15:06 ` David Ahern [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=942f4e8e-baf5-b8c4-bd5d-88872dfe7762@gmail.com \
--to=dsahern@gmail.com \
--cc=jmaloy@redhat.com \
--cc=maloy@donjonn.com \
--cc=netdev@vger.kernel.org \
--cc=tipc-discussion@lists.sourceforge.net \
--cc=tuong.t.lien@dektech.com.au \
--cc=ying.xue@windriver.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).