MySQL 8.0.39
Source Code Documentation
s_mysql_keyring_generator Struct Reference

Key generator service provides a way to generate random data and store it in keyring backend. More...

#include <keyring_generator.h>

Public Attributes

mysql_service_status_t(* generate )(const char *data_id, const char *auth_id, const char *data_type, size_t data_size)
 Generate random data of length data_size and store it in keyring using identifiers as (data_id, auth_id). More...
 

Detailed Description

Key generator service provides a way to generate random data and store it in keyring backend.

Data stored within keyring should be uniquely identified using:

  1. Data ID An identifier associated with data - supplied by keyring APIs' callers
  2. Auth ID An identifier associated with owner of the data - suppled by keyring APIs' callers. If Auth ID is not provided, key is treated as an internal key. Such a key shalll not be accessible to database users using SQL interface

This service does not return generated data back to user. For that, Keyring reader service should be used.

bool generate_key(const char *data_id, const char *auth_id,
const char *data_type, size_t data_size) {
my_service<SERVICE_TYPE(keyring_generator)> keyring_generator(
"keyring_reader_generator", m_reg_srv);
if (!keyring_generator.is_valid()) {
return true;
}
if (keyring_generator->generate(data_id, auth_id, data_type, data_size) ==
true) {
return true;
}
return false;
}
Wraps my_h_service struct conforming ABI into RAII C++ object with ability to cast to desired service...
Definition: my_service.h:35
bool generate_key(const char *key_id, const char *key_type, size_t key_length)
Generate a new key.
Definition: os0enc.cc:164
#define SERVICE_TYPE(name)
Generates the standard Service type name.
Definition: service.h:76

Member Data Documentation

◆ generate

mysql_service_status_t(* s_mysql_keyring_generator::generate) (const char *data_id, const char *auth_id, const char *data_type, size_t data_size)

Generate random data of length data_size and store it in keyring using identifiers as (data_id, auth_id).

Data_type value is implementation specific. It associates type label with data which may be an important indicator for certain backends.

Examples: AES, SECRET

Note: If components want to support aes_encryption service, it must support storing data of type AES.

If error object is not initialized, the method will initialize it if returns false. Caller will be responsible for freeing error state in such cases. No error object will be created or modified if return value is true.

The action should be atomic from caller's point of view. As much as possible, deligate data generation to keyring backend.

Note
Implementation can restrict type and/or size of data that can be stored in keyring.
Parameters
[in]data_idData Identifier. Byte string.
[in]auth_idAuthorization ID. Byte string.
[in]data_typeType of data. ASCII. Null terminated.
[in]data_sizeSize of the data to be generated
Returns
status of the operation
Return values
falseSuccess - Key generated and stored in keyring.
truenFailure

The documentation for this struct was generated from the following file: