MySQL 8.4.2
Source Code Documentation
keyring_info.h
Go to the documentation of this file.
1/*
2 Copyright (c) 2018, 2024, Oracle and/or its affiliates.
3
4 This program is free software; you can redistribute it and/or modify
5 it under the terms of the GNU General Public License, version 2.0,
6 as published by the Free Software Foundation.
7
8 This program is designed to work with certain software (including
9 but not limited to OpenSSL) that is licensed under separate terms,
10 as designated in a particular file or component or in included license
11 documentation. The authors of MySQL hereby grant you an additional
12 permission to link the program and your derivative works with the
13 separately licensed software that they have either included with
14 the program or referenced in the documentation.
15
16 This program is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 GNU General Public License for more details.
20
21 You should have received a copy of the GNU General Public License
22 along with this program; if not, write to the Free Software
23 Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
24*/
25
26#ifndef KEYRING_INFO_INCLUDED
27#define KEYRING_INFO_INCLUDED
28
30
31#include <chrono>
32#include <stdexcept>
33#include <string>
34
35namespace mysql_harness {
36class Config;
37}
38
39/**
40 * @brief MasterKeyWriteError class represents error during writing
41 * master key using master-key-writer. More detail about the nature
42 * of the error can be accessed using what() member function.
43 */
44class MasterKeyWriteError : public std::runtime_error {
45 public:
46 explicit MasterKeyWriteError(const std::string &msg)
47 : std::runtime_error(msg) {}
48};
49
50/**
51 * @brief MasterKeyReadError class represents error during reading
52 * master key using master-key-reader. More detail about the nature
53 * of the error can be accessed using what() member function.
54 */
55class MasterKeyReadError : public std::runtime_error {
56 public:
57 explicit MasterKeyReadError(const std::string &msg)
58 : std::runtime_error(msg) {}
59};
60
61/**
62 * @brief SetRouterIdEnvVariableError class represents error duing
63 * adding ROUTER_ID variable to environment. More detail about the
64 * nature of the error can be accessed using what() member function.
65 */
66class SetRouterIdEnvVariableError : public std::runtime_error {
67 public:
68 explicit SetRouterIdEnvVariableError(const std::string &msg)
69 : std::runtime_error(msg) {}
70};
71
72/**
73 * @brief KeyringInfo class encapsulates loading and storing master key
74 * using master-key-reader and master-key-writer.
75 */
77 private:
78 /** @brief The path to keyring file */
79 std::string keyring_file_;
80
81 /** @brief The path to master key file, empty if master key file is not used
82 */
83 std::string master_key_file_;
84
85 /** @brief The path to master-key-reader that is used to read master key */
86 std::string master_key_reader_;
87
88 /** @brief The path to master-key-writer that is used to store master key */
89 std::string master_key_writer_;
90
91 /** @brief The master key that is used to encode/decode keyring content */
92 std::string master_key_;
93
94 /** @brief The maximum time to write master key using master-key-writer or
95 * read master key using master-key-fetcher. */
96 std::chrono::milliseconds rw_timeout_ = std::chrono::milliseconds(30000);
97
98 /** @brief If true then log verbose error messages */
99 bool verbose_ = true;
100
101 public:
102 /**
103 * Default constructor.
104 *
105 * @param verbose IF true then log verbose error messages
106 */
107 KeyringInfo(bool verbose = true) noexcept : verbose_(verbose) {}
108
109 /**
110 * Constructs KeyringInfo and assigns keyring file and master key file
111 *
112 * @param keyring_file The path to keyring file
113 * @param master_key_file The path to master key file
114 */
115 KeyringInfo(const std::string &keyring_file,
116 const std::string &master_key_file)
117 : keyring_file_(keyring_file), master_key_file_(master_key_file) {}
118
119 void set_keyring_file(const std::string &keyring_file) {
120 keyring_file_ = keyring_file;
121 }
122
123 const std::string &get_keyring_file() const noexcept { return keyring_file_; }
124
125 void set_master_key_file(const std::string &master_key_file) {
126 master_key_file_ = master_key_file;
127 }
128
129 const std::string &get_master_key_file() const noexcept {
130 return master_key_file_;
131 }
132
133 void set_master_key_reader(const std::string &master_key_reader) {
134 master_key_reader_ = master_key_reader;
135 }
136
137 const std::string &get_master_key_reader() const noexcept {
138 return master_key_reader_;
139 }
140
141 void set_master_key_writer(const std::string &master_key_writer) {
142 master_key_writer_ = master_key_writer;
143 }
144
145 const std::string &get_master_key_writer() const noexcept {
146 return master_key_writer_;
147 }
148
149 void set_master_key(const std::string &master_key) {
150 master_key_ = master_key;
151 }
152
153 const std::string &get_master_key() const noexcept { return master_key_; }
154
155 /**
156 * @brief Initializes KeyringInfo using data read from Config. It initializes
157 * keyring_file, master_key_file_, master_key_reader_ and master_key_writer.
158 *
159 * @param config The Config that is used to initialize KeyringInfo
160 */
161 void init(mysql_harness::Config &config);
162
163 /**
164 * @brief Reads master key using master_key_reader_;
165 *
166 * @return true if successfully read master key, false otherwise.
167 */
168 bool read_master_key() noexcept;
169
170 /**
171 * @brief Writes master key using master_key_writer_;
172 *
173 * @return true if write was successful, false otherwise.
174 */
175 bool write_master_key() const noexcept;
176
177 /*
178 * @brief Generate master key and store it in KeyringInfo. Generated
179 * master key can be accessed using master_key_ attribute.
180 */
181 void generate_master_key() noexcept;
182
183 /**
184 * @brief Adds ROUTER_ID variable to environment.
185 *
186 * @throw SetRouterIdEnvVariableError if adding ROUTER_ID to environment
187 * fails.
188 */
189 void add_router_id_to_env(uint32_t router_id) const;
190
191 /**
192 * @brief Checks if master-key-reader/master-key-writer should be
193 * used to load/store master key.
194 *
195 * @return true if master-key-reader/master-key-writer should be used
196 * to load/store master key, false otherwise.
197 */
198 bool use_master_key_external_facility() const noexcept;
199
200 /**
201 * @brief Checks if mysqlrouter.key and keyring files should be used to
202 * store master key.
203 *
204 * @return true if master key should be used to store master key, false
205 * otherwise.
206 */
207 bool use_master_key_file() const noexcept;
208
209 /**
210 * @brief Checks if master key is correct: it cannot be empty, and cannot
211 * be longer than mysql_harness::kMaxKeyringKeyLength.
212 *
213 * @throw std::runtime_error if master key is empty or is longer than
214 * mysql_harness::kMaxKeyringKeyLength
215 */
216 void validate_master_key() const;
217
218 /**
219 * @brief Returns path to keyring file based on data read from config or
220 * bootstrap directory.
221 *
222 * @return The path to keyring file
223 */
224 std::string get_keyring_file(const mysql_harness::Config &config) const;
225};
226
227#endif /* KEYRING_INFO_INCLUDED */
static mysql_service_status_t init()
Component initialization.
Definition: audit_api_message_emit.cc:571
KeyringInfo class encapsulates loading and storing master key using master-key-reader and master-key-...
Definition: keyring_info.h:76
void set_master_key(const std::string &master_key)
Definition: keyring_info.h:149
std::string master_key_reader_
The path to master-key-reader that is used to read master key.
Definition: keyring_info.h:86
std::string keyring_file_
The path to keyring file.
Definition: keyring_info.h:79
std::string master_key_
The master key that is used to encode/decode keyring content.
Definition: keyring_info.h:92
const std::string & get_master_key_file() const noexcept
Definition: keyring_info.h:129
void set_master_key_writer(const std::string &master_key_writer)
Definition: keyring_info.h:141
std::string master_key_writer_
The path to master-key-writer that is used to store master key.
Definition: keyring_info.h:89
void set_master_key_reader(const std::string &master_key_reader)
Definition: keyring_info.h:133
void set_keyring_file(const std::string &keyring_file)
Definition: keyring_info.h:119
KeyringInfo(const std::string &keyring_file, const std::string &master_key_file)
Constructs KeyringInfo and assigns keyring file and master key file.
Definition: keyring_info.h:115
void set_master_key_file(const std::string &master_key_file)
Definition: keyring_info.h:125
std::string master_key_file_
The path to master key file, empty if master key file is not used.
Definition: keyring_info.h:83
const std::string & get_master_key_reader() const noexcept
Definition: keyring_info.h:137
const std::string & get_master_key_writer() const noexcept
Definition: keyring_info.h:145
const std::string & get_master_key() const noexcept
Definition: keyring_info.h:153
const std::string & get_keyring_file() const noexcept
Definition: keyring_info.h:123
KeyringInfo(bool verbose=true) noexcept
Default constructor.
Definition: keyring_info.h:107
MasterKeyReadError class represents error during reading master key using master-key-reader.
Definition: keyring_info.h:55
MasterKeyReadError(const std::string &msg)
Definition: keyring_info.h:57
MasterKeyWriteError class represents error during writing master key using master-key-writer.
Definition: keyring_info.h:44
MasterKeyWriteError(const std::string &msg)
Definition: keyring_info.h:46
SetRouterIdEnvVariableError class represents error duing adding ROUTER_ID variable to environment.
Definition: keyring_info.h:66
SetRouterIdEnvVariableError(const std::string &msg)
Definition: keyring_info.h:68
Configuration.
Definition: config_parser.h:253
static uint verbose
Definition: mysqlcheck.cc:66
Definition: backend.cc:38
Definition: common.h:42
Definition: gcs_xcom_synode.h:64
#define ROUTER_UTILS_EXPORT
Definition: router_utils_export.h:15