From: Sage Weil Date: Mon, 26 Jan 2015 23:49:10 +0000 (-0800) Subject: auth: make CryptoHandler implementations totally private X-Git-Tag: v0.94.7~41^2~7 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=86cc0f0c5e10262bb494ecee415789fd6815b1ff;p=ceph.git auth: make CryptoHandler implementations totally private There is no need to expose these implementations outside Crypto.cc. Signed-off-by: Sage Weil (cherry picked from commit ad5a1549f401af3eae38f5c4de24e7b952e40f7f) --- diff --git a/src/auth/Crypto.cc b/src/auth/Crypto.cc index e401c9605b1..f7ec93a2c93 100644 --- a/src/auth/Crypto.cc +++ b/src/auth/Crypto.cc @@ -64,6 +64,21 @@ uint64_t get_random(uint64_t min_val, uint64_t max_val) // --------------------------------------------------- +class CryptoNone : public CryptoHandler { +public: + CryptoNone() { } + ~CryptoNone() {} + int get_type() const { + return CEPH_CRYPTO_NONE; + } + int create(bufferptr& secret); + int validate_secret(bufferptr& secret); + void encrypt(const bufferptr& secret, const bufferlist& in, + bufferlist& out, std::string &error) const; + void decrypt(const bufferptr& secret, const bufferlist& in, + bufferlist& out, std::string &error) const; +}; + int CryptoNone::create(bufferptr& secret) { return 0; @@ -88,6 +103,23 @@ void CryptoNone::decrypt(const bufferptr& secret, const bufferlist& in, // --------------------------------------------------- + +class CryptoAES : public CryptoHandler { +public: + CryptoAES() { } + ~CryptoAES() {} + int get_type() const { + return CEPH_CRYPTO_AES; + } + int create(bufferptr& secret); + int validate_secret(bufferptr& secret); + void encrypt(const bufferptr& secret, const bufferlist& in, + bufferlist& out, std::string &error) const; + void decrypt(const bufferptr& secret, const bufferlist& in, + bufferlist& out, std::string &error) const; +}; + + #ifdef USE_CRYPTOPP # define AES_KEY_LEN ((size_t)CryptoPP::AES::DEFAULT_KEYLENGTH) # define AES_BLOCK_LEN ((size_t)CryptoPP::AES::BLOCKSIZE) @@ -396,3 +428,18 @@ void CryptoKey::encode_plaintext(bufferlist &bl) { bl.append(encode_base64()); } + + +// ------------------ + +CryptoHandler *CryptoHandler::create(int type) +{ + switch (type) { + case CEPH_CRYPTO_NONE: + return new CryptoNone; + case CEPH_CRYPTO_AES: + return new CryptoAES; + default: + return NULL; + } +} diff --git a/src/auth/Crypto.h b/src/auth/Crypto.h index c8112220aa6..1356b61f6c1 100644 --- a/src/auth/Crypto.h +++ b/src/auth/Crypto.h @@ -124,39 +124,11 @@ public: bufferlist& out, std::string &error) const = 0; virtual void decrypt(const bufferptr& secret, const bufferlist& in, bufferlist& out, std::string &error) const = 0; + + static CryptoHandler *create(int type); }; extern int get_random_bytes(char *buf, int len); extern uint64_t get_random(uint64_t min_val, uint64_t max_val); -class CryptoNone : public CryptoHandler { -public: - CryptoNone() { } - ~CryptoNone() {} - int get_type() const { - return CEPH_CRYPTO_NONE; - } - int create(bufferptr& secret); - int validate_secret(bufferptr& secret); - void encrypt(const bufferptr& secret, const bufferlist& in, - bufferlist& out, std::string &error) const; - void decrypt(const bufferptr& secret, const bufferlist& in, - bufferlist& out, std::string &error) const; -}; - -class CryptoAES : public CryptoHandler { -public: - CryptoAES() { } - ~CryptoAES() {} - int get_type() const { - return CEPH_CRYPTO_AES; - } - int create(bufferptr& secret); - int validate_secret(bufferptr& secret); - void encrypt(const bufferptr& secret, const bufferlist& in, - bufferlist& out, std::string &error) const; - void decrypt(const bufferptr& secret, const bufferlist& in, - bufferlist& out, std::string &error) const; -}; - #endif diff --git a/src/common/ceph_context.cc b/src/common/ceph_context.cc index 50346edf2ac..877dd539284 100644 --- a/src/common/ceph_context.cc +++ b/src/common/ceph_context.cc @@ -448,8 +448,8 @@ CephContext::CephContext(uint32_t module_type_) _admin_socket->register_command("log dump", "log dump", _admin_hook, "dump recent log entries to log file"); _admin_socket->register_command("log reopen", "log reopen", _admin_hook, "reopen log file"); - _crypto_none = new CryptoNone; - _crypto_aes = new CryptoAES; + _crypto_none = CryptoHandler::create(CEPH_CRYPTO_NONE); + _crypto_aes = CryptoHandler::create(CEPH_CRYPTO_AES); } CephContext::~CephContext() diff --git a/src/common/ceph_context.h b/src/common/ceph_context.h index a9ffde04eb3..a77dfae6293 100644 --- a/src/common/ceph_context.h +++ b/src/common/ceph_context.h @@ -32,8 +32,6 @@ class md_config_obs_t; struct md_config_t; class CephContextHook; class CephContextObs; -class CryptoNone; -class CryptoAES; class CryptoHandler; namespace ceph { @@ -170,8 +168,8 @@ private: std::map _associated_objs; // crypto - CryptoNone *_crypto_none; - CryptoAES *_crypto_aes; + CryptoHandler *_crypto_none; + CryptoHandler *_crypto_aes; // experimental CephContextObs *_cct_obs;