VLink 2.0.0
A high-performance communication middleware
Loading...
Searching...
No Matches
security.h File Reference

AES-128-CBC encryption/decryption with optional custom callback override. More...

#include <functional>
#include <memory>
#include <string>
#include "../base/bytes.h"
#include "../base/macros.h"
Include dependency graph for security.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Classes

 Thread-safe AES-128-CBC encryption/decryption utility with custom callback support. More...

Namespaces

Detailed Description

AES-128-CBC encryption/decryption with optional custom callback override.

Security provides message-level encryption and decryption for VLink transports. When compiled with VLINK_ENABLE_SECURITY (requires OpenSSL), it uses AES-128-CBC via the EVP API with PKCS7 padding. The default AES key is "vlink" and the IV is "thun.lu@zohomail.cn" (OpenSSL uses the first 16 bytes of each).

Custom crypto implementations can replace the built-in algorithm by registering a pair of Callback functions via set_callbacks(). When custom callbacks are installed, the AES implementation is bypassed entirely.

Compile requirements
  • Built-in AES: link with -lssl -lcrypto and define VLINK_ENABLE_SECURITY.
  • Custom callback: no additional dependencies.
Typical usage
vlink::Security security;
security.set_key("my_secret_key");
vlink::Bytes cipher;
security.encrypt(plain_bytes, cipher);
vlink::Bytes recovered;
security.decrypt(cipher, recovered);
Note
  • All public methods are thread-safe (protected by an internal mutex).
  • encrypt() and decrypt() return true on success, false on failure.
  • If VLINK_ENABLE_SECURITY is not defined, encrypt() and decrypt() log a warning and return false.
  • Passing an empty Bytes to encrypt() or decrypt() is a no-op that returns true immediately.