RitterHou commented on code in PR #10771:
URL: https://github.com/apache/apisix/pull/10771#discussion_r1451956286
##########
apisix/ssl.lua:
##########
@@ -125,21 +114,18 @@ end
function _M.aes_encrypt_pkey(origin, field)
local local_conf = core.config.local_conf()
+ local aes_128_cbc_with_iv_tbl_gde = get_aes_128_cbc_with_iv_gde(local_conf)
+ local aes_128_cbc_with_iv_gde = aes_128_cbc_with_iv_tbl_gde[1]
- if not field then
- -- default used by ssl
- local aes_128_cbc_with_iv_tbl_ssl =
get_aes_128_cbc_with_iv_ssl(local_conf)
- local aes_128_cbc_with_iv_ssl = aes_128_cbc_with_iv_tbl_ssl[1]
- if aes_128_cbc_with_iv_ssl ~= nil and core.string.has_prefix(origin,
"---") then
- return encrypt(aes_128_cbc_with_iv_ssl, origin)
- end
+ if aes_128_cbc_with_iv_gde == nil then
+ return origin
+ end
+
+ if not field and core.string.has_prefix(origin, "---") then
Review Comment:
I reserved this parameter because ssl encryption is need to check whether
the `origin` has a `---` prefix and data encryption is not. If I remove it, is
the prefix check of `origin` should be also removed too? or just reserve the
check and put it to ssl and data encryption?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
