MySQL 8.0.40
Source Code Documentation
s_mysql_keyring_writer Struct Reference

Keyring writer service provides APIs to add/remove sensitive data to/from keyring backend. More...

#include <keyring_writer.h>

Public Attributes

mysql_service_status_t(* store )(const char *data_id, const char *auth_id, const unsigned char *data, size_t data_size, const char *data_type)
 Store data identified with (data_id, auth_id) in keyring backend. More...
 
mysql_service_status_t(* remove )(const char *data_id, const char *auth_id)
 Remove data identified by (data_id, auth_id) from keyring backend if present. More...
 

Detailed Description

Keyring writer service provides APIs to add/remove sensitive data to/from keyring backend.

Data stored within keyring should be uniquely identified using:

  1. Data ID An identifier associated with data - supplied by keyring APIs' callers
  2. Auth ID An identifier associated with owner of the data - suppled by keyring APIs' callers. If Auth ID is not provided, key is treated as an internal key. Such a key shalll not be accessible to database users using SQL interface
bool write_key(const char *data_id, const char *auth_id,
const unsigned char *data_buffer, size_t data_length,
const char *data_type) {
my_service<SERVICE_TYPE(keyring_writer)> keyring_writer("keyring_writer",
m_reg_srv);
if (!keyring_writer.is_valid()) {
return true;
}
return keyring_writer->store(data_id, auth_id, data_buffer, data_length,
data_type);
}
bool remove_key(const char *data_id, const char *auth_id) {
my_service<SERVICE_TYPE(keyring_writer)> keyring_writer("keyring_writer",
m_reg_srv);
if (!keyring_writer.is_valid()) {
return true;
}
return keyring_writer->remove(data_id, auth_id);
}
Wraps my_h_service struct conforming ABI into RAII C++ object with ability to cast to desired service...
Definition: my_service.h:35
static uint remove_key(MI_KEYDEF *keyinfo, uint nod_flag, uchar *keypos, uchar *lastkey, uchar *page_end, my_off_t *next_block)
Definition: mi_delete.cc:709
#define SERVICE_TYPE(name)
Generates the standard Service type name.
Definition: service.h:76
static int write_key(MI_SORT_PARAM *info, uchar *key, IO_CACHE *tempfile)
Definition: sort.cc:354

Member Data Documentation

◆ remove

mysql_service_status_t(* s_mysql_keyring_writer::remove) (const char *data_id, const char *auth_id)

Remove data identified by (data_id, auth_id) from keyring backend if present.

Data_type value is implementation specific. It associates type label with data which may be an important indicator for certain backends.

Examples: AES, SECRET

Once removed, data should not be accessible through keyring implementation. Based on keyring backend, implementor may decide to either destroy the data completely or change the state of the data to make in unavailable.

Parameters
[in]data_idData Identifier. Byte string.
[in]auth_idAuthorization ID. Byte string.
Returns
status of the operation
Return values
falseSuccess - Key removed successfully or key not present.
trueFailure

◆ store

mysql_service_status_t(* s_mysql_keyring_writer::store) (const char *data_id, const char *auth_id, const unsigned char *data, size_t data_size, const char *data_type)

Store data identified with (data_id, auth_id) in keyring backend.

Data_type value is implementation specific. It associates type label with data which may be an important indicator for certain backends.

Examples: AES, SECRET

Note: If components want to support aes_encryption service, it must support storing data of type AES.

A success status implies that data is stored persistently on keyring backend and shall always be available for access unless removed explicitly.

Note
Implementation can restrict type and/or size of data that can be stored in keyring.
Parameters
[in]data_idData Identifier. Byte string.
[in]auth_idAuthorization ID. Byte string.
[in]dataData to be stored. Byte string.
[in]data_sizeSize of data to be stored
[in]data_typeType of data. ASCII. Null terminated.
Returns
status of the operation
Return values
falseSuccess - Data is stored successfully in backend
trueFailure

The documentation for this struct was generated from the following file: