virtual int check_message_signature(Message *message) = 0;
virtual int encrypt_message(Message *message) = 0;
virtual int decrypt_message(Message *message) = 0;
+
virtual int sign_bufferlist(bufferlist &in, bufferlist &out) {
return 0;
};
+ virtual int encrypt_bufferlist(bufferlist &in, bufferlist &out) {
+ return 0;
+ }
+ virtual int decrypt_bufferlist(bufferlist &in, bufferlist &out) {
+ return 0;
+ }
int get_protocol() {return protocol;}
CryptoKey get_key() {return key;}
return 0;
}
+
+int CephxSessionHandler::encrypt_bufferlist(bufferlist &in, bufferlist &out) {
+ std::string error;
+ try {
+ key.encrypt(cct, in, out, &error);
+ } catch (std::exception &e) {
+ lderr(cct) << __func__ << " failed to encrypt buffer: " << error << dendl;
+ return -1;
+ }
+ return 0;
+}
+
+int CephxSessionHandler::decrypt_bufferlist(bufferlist &in, bufferlist &out) {
+ std::string error;
+ try {
+ key.decrypt(cct, in, out, &error);
+ } catch (std::exception &e) {
+ lderr(cct) << __func__ << " failed to decrypt buffer: " << error << dendl;
+ return -1;
+ }
+ return 0;
+}
int check_message_signature(Message *m) override ;
int sign_bufferlist(bufferlist &in, bufferlist &out) override;
+ int encrypt_bufferlist(bufferlist &in, bufferlist &out) override;
+ int decrypt_bufferlist(bufferlist &in, bufferlist &out) override;
// Cephx does not currently encrypt messages, so just return 0 if called. PLR
projects / ceph.git / commitdiff