diff options
author | Jack Mulrow <jack.mulrow@mongodb.com> | 2017-02-03 14:37:27 -0500 |
---|---|---|
committer | Jack Mulrow <jack.mulrow@mongodb.com> | 2017-03-02 12:24:37 -0500 |
commit | 0d408153594e2e2366e0729397ca2890f00b026c (patch) | |
tree | 5201e5e9fd707447543bf8c638b0a701f314ca5e /src/mongo/db/time_proof_service.h | |
parent | 8c173ff0776c2c4ab1698a26aee2d087f973a3de (diff) | |
download | mongo-0d408153594e2e2366e0729397ca2890f00b026c.tar.gz |
SERVER-27768 Implement HMAC key for signing Logical clock's storage & distribution
Diffstat (limited to 'src/mongo/db/time_proof_service.h')
-rw-r--r-- | src/mongo/db/time_proof_service.h | 29 |
1 files changed, 19 insertions, 10 deletions
diff --git a/src/mongo/db/time_proof_service.h b/src/mongo/db/time_proof_service.h index 5be6bf46e38..2157523f6fc 100644 --- a/src/mongo/db/time_proof_service.h +++ b/src/mongo/db/time_proof_service.h @@ -35,27 +35,36 @@ namespace mongo { /** - * Mock of the TimeProofService class. The class when fully implemented will be self-contained. It - * will provide key management and rotation, caching and other optimizations as needed. + * TODO: SERVER-28127 Add key rotation to the TimeProofService + * + * The TimeProofService holds the key used by mongod and mongos processes to verify logical times + * and contains the logic to generate this key, but not to store or retrieve it. */ class TimeProofService { public: // This type must be synchronized with the library that generates SHA1 or other proof. using TimeProof = SHA1Block; + using Key = SHA1Block; + + TimeProofService(Key key) : _key(std::move(key)) {} + + /** + * Generates a pseudorandom key to be used for HMAC authentication. + */ + static Key generateRandomKey(); /** - * Returns the proof matching the time argument. + * Returns the proof matching the time argument. */ - TimeProof getProof(LogicalTime time) { - return SHA1Block(); - } + TimeProof getProof(const LogicalTime& time) const; /** - * Verifies that the proof is matching the time argument. + * Verifies that the proof matches the time argument. */ - Status checkProof(LogicalTime time, const TimeProof& proof) { - return Status::OK(); - } + Status checkProof(const LogicalTime& time, const TimeProof& proof) const; + +private: + Key _key; }; } // namespace mongo |