forked from ligato/cn-infra
/
wrapper_bytes.go
199 lines (178 loc) 路 6.47 KB
/
wrapper_bytes.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
// Copyright (c) 2018 Cisco and/or its affiliates.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at:
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package cryptodata
import "go.ligato.io/cn-infra/v2/db/keyval"
// KvBytesPluginWrapper wraps keyval.KvBytesPlugin with additional support of reading encrypted data
type KvBytesPluginWrapper struct {
keyval.KvBytesPlugin
decryptData
}
// BytesBrokerWrapper wraps keyval.BytesBroker with additional support of reading encrypted data
type BytesBrokerWrapper struct {
keyval.BytesBroker
decryptData
}
// BytesWatcherWrapper wraps keyval.BytesWatcher with additional support of reading encrypted data
type BytesWatcherWrapper struct {
keyval.BytesWatcher
decryptData
}
// BytesKeyValWrapper wraps keyval.BytesKeyVal with additional support of reading encrypted data
type BytesKeyValWrapper struct {
keyval.BytesKeyVal
decryptData
}
// BytesWatchRespWrapper wraps keyval.BytesWatchResp with additional support of reading encrypted data
type BytesWatchRespWrapper struct {
keyval.BytesWatchResp
BytesKeyValWrapper
}
// BytesKeyValIteratorWrapper wraps keyval.BytesKeyValIterator with additional support of reading encrypted data
type BytesKeyValIteratorWrapper struct {
keyval.BytesKeyValIterator
decryptData
}
// NewKvBytesPluginWrapper creates wrapper for provided CoreBrokerWatcher, adding support for decrypting encrypted
// data
func NewKvBytesPluginWrapper(cbw keyval.KvBytesPlugin, decrypter ArbitraryDecrypter, decryptFunc DecryptFunc) *KvBytesPluginWrapper {
return &KvBytesPluginWrapper{
KvBytesPlugin: cbw,
decryptData: decryptData{
decryptFunc: decryptFunc,
decrypter: decrypter,
},
}
}
// NewBytesBrokerWrapper creates wrapper for provided BytesBroker, adding support for decrypting encrypted data
func NewBytesBrokerWrapper(pb keyval.BytesBroker, decrypter ArbitraryDecrypter, decryptFunc DecryptFunc) *BytesBrokerWrapper {
return &BytesBrokerWrapper{
BytesBroker: pb,
decryptData: decryptData{
decryptFunc: decryptFunc,
decrypter: decrypter,
},
}
}
// NewBytesWatcherWrapper creates wrapper for provided BytesWatcher, adding support for decrypting encrypted data
func NewBytesWatcherWrapper(pb keyval.BytesWatcher, decrypter ArbitraryDecrypter, decryptFunc DecryptFunc) *BytesWatcherWrapper {
return &BytesWatcherWrapper{
BytesWatcher: pb,
decryptData: decryptData{
decryptFunc: decryptFunc,
decrypter: decrypter,
},
}
}
// NewBroker returns a BytesBroker instance with support for decrypting values that prepends given <keyPrefix> to all
// keys in its calls.
// To avoid using a prefix, pass keyval.Root constant as argument.
func (cbw *KvBytesPluginWrapper) NewBroker(prefix string) keyval.BytesBroker {
return NewBytesBrokerWrapper(cbw.KvBytesPlugin.NewBroker(prefix), cbw.decrypter, cbw.decryptFunc)
}
// NewWatcher returns a BytesWatcher instance with support for decrypting values that prepends given <keyPrefix> to all
// keys during watch subscribe phase.
// The prefix is removed from the key retrieved by GetKey() in BytesWatchResp.
// To avoid using a prefix, pass keyval.Root constant as argument.
func (cbw *KvBytesPluginWrapper) NewWatcher(prefix string) keyval.BytesWatcher {
return NewBytesWatcherWrapper(cbw.KvBytesPlugin.NewWatcher(prefix), cbw.decrypter, cbw.decryptFunc)
}
// GetValue retrieves and tries to decrypt one item under the provided key.
func (cbb *BytesBrokerWrapper) GetValue(key string) (data []byte, found bool, revision int64, err error) {
data, found, revision, err = cbb.BytesBroker.GetValue(key)
if err == nil {
objData, err := cbb.decrypter.Decrypt(data, cbb.decryptFunc)
if err != nil {
return data, found, revision, err
}
outData, ok := objData.([]byte)
if !ok {
return data, found, revision, err
}
return outData, found, revision, err
}
return
}
// ListValues returns an iterator that enables to traverse all items stored
// under the provided <key>.
func (cbb *BytesBrokerWrapper) ListValues(key string) (keyval.BytesKeyValIterator, error) {
kv, err := cbb.BytesBroker.ListValues(key)
if err != nil {
return kv, err
}
return &BytesKeyValIteratorWrapper{
BytesKeyValIterator: kv,
decryptData: cbb.decryptData,
}, nil
}
// Watch starts subscription for changes associated with the selected keys.
// Watch events will be delivered to callback (not channel) <respChan>.
// Channel <closeChan> can be used to close watching on respective key
func (b *BytesWatcherWrapper) Watch(respChan func(keyval.BytesWatchResp), closeChan chan string, keys ...string) error {
return b.BytesWatcher.Watch(func(resp keyval.BytesWatchResp) {
respChan(&BytesWatchRespWrapper{
BytesWatchResp: resp,
BytesKeyValWrapper: BytesKeyValWrapper{
BytesKeyVal: resp,
decryptData: b.decryptData,
},
})
}, closeChan, keys...)
}
// GetValue returns the value of the pair.
func (r *BytesWatchRespWrapper) GetValue() []byte {
return r.BytesKeyValWrapper.GetValue()
}
// GetPrevValue returns the previous value of the pair.
func (r *BytesWatchRespWrapper) GetPrevValue() []byte {
return r.BytesKeyValWrapper.GetPrevValue()
}
// GetValue returns the value of the pair.
func (r *BytesKeyValWrapper) GetValue() []byte {
value := r.BytesKeyVal.GetValue()
data, err := r.decrypter.Decrypt(value, r.decryptFunc)
if err != nil {
return nil
}
outData, ok := data.([]byte)
if !ok {
return value
}
return outData
}
// GetPrevValue returns the previous value of the pair.
func (r *BytesKeyValWrapper) GetPrevValue() []byte {
value := r.BytesKeyVal.GetPrevValue()
data, err := r.decrypter.Decrypt(value, r.decryptFunc)
if err != nil {
return nil
}
outData, ok := data.([]byte)
if !ok {
return value
}
return outData
}
// GetNext retrieves the following item from the context.
// When there are no more items to get, <stop> is returned as *true*
// and <kv> is simply *nil*.
func (r *BytesKeyValIteratorWrapper) GetNext() (kv keyval.BytesKeyVal, stop bool) {
kv, stop = r.BytesKeyValIterator.GetNext()
if stop || kv == nil {
return kv, stop
}
return &BytesKeyValWrapper{
BytesKeyVal: kv,
decryptData: r.decryptData,
}, stop
}