agentzh's encrypted session module

Jeffrey Walton noloader at gmail.com
Sun Jan 5 07:59:52 UTC 2014


I've been studying agentzh's encrypted session module from
https://github.com/agentzh/encrypted-session-nginx-module/tree/master/src.

There are essentially two methods: one to encrypt values, and a second
to decrypt modules. The functions to do so are
ngx_http_set_encode_encrypted_session and
ngx_http_set_decode_encrypted_session. The functions call
ngx_http_encrypted_session_aes_mac_encrypt and
ngx_http_encrypted_session_aes_mac_decrypt respectively.

The problem I am having is: I cannot tell how this is plumbed into
nginx framework such that a value is encrypted going one way, and
decrypted going another. From the module, I clearly see the command:


Can anyone shed some light on the magic I am missing?

Thanks in advance.



More information about the nginx mailing list