cckellogg commented on a change in pull request #555: URL: https://github.com/apache/pulsar-client-go/pull/555#discussion_r661799669
########## File path: pulsar/crypto/message_crypto.go ########## @@ -0,0 +1,39 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. + +package crypto + +// MessageCrypto implement this interface to encrypt and decrypt messages +type MessageCrypto interface { + // AddPublicKeyCipher + AddPublicKeyCipher(keyNames []string, keyReader KeyReader) error + + // RemoveKeyCipher remove the key indentified by the keyname from the list + RemoveKeyCipher(keyName string) bool + + /* Review comment: Nitpick use `//` for each line in multiline comments ########## File path: pulsar/crypto/message_metadata.go ########## @@ -0,0 +1,122 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. + +package crypto + +import ( + pb "github.com/apache/pulsar-client-go/pulsar/internal/pulsar_proto" +) + +// MessageMetadataSupplier wrapper implementation around message metadata +type MessageMetadataSupplier interface { + // GetEncryptionKeys read all the encryption keys from the MessageMetadata + GetEncryptionKeys() []EncryptionKeyInfo + + // UpsertEncryptionkey add new or update existing EncryptionKeys in to the MessageMetadata + UpsertEncryptionkey(EncryptionKeyInfo) + + // GetEncryptionParam read the ecryption parameter from the MessageMetadata + GetEncryptionParam() []byte + + // SetEncryptionParam set encryption parameter in to the MessageMetadata + SetEncryptionParam([]byte) Review comment: Ok makes sense. For my understanding what's the difference between `UpsertEncryptionkey` and `SetEncryptionParam` and when would one or the other be used? ########## File path: pulsar/crypto/crypto_failure_action.go ########## @@ -0,0 +1,43 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. + +package crypto + +const ( + // ProducerCryptoFailureActionFail this is the default option to fail send if crypto operation fails. + ProducerCryptoFailureActionFail = iota + + // ProducerCryptoFailureActionFailSend ingnore crypto failure and proceed with sending unencrypted message. + ProducerCryptoFailureActionFailSend Review comment: nit `ProducerCryptoFailureActionSend` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@pulsar.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
