void LogicalTimeValidator::resetKeyManagerCache() {
log() << "Resetting key manager cache";
{
stdx::lock_guard<stdx::mutex> keyManagerLock(_mutexKeyManager);
invariant(_keyManager);
_keyManager->clearCache();
}
stdx::lock_guard<stdx::mutex> lk(_mutex);
_lastSeenValidTime = SignedLogicalTime();
_timeProofService.resetCache();
}
SignedLogicalTime LogicalTimeValidator::trySignLogicalTime(const LogicalTime& newTime) {
auto keyStatusWith = _getKeyManagerCopy()->getKeyForSigning(nullptr, newTime);
auto keyStatus = keyStatusWith.getStatus();
if (keyStatus == ErrorCodes::KeyNotFound) {
// Attach invalid signature and keyId if we don't have the right keys to sign it.
return SignedLogicalTime(newTime, TimeProofService::TimeProof(), 0);
}
uassertStatusOK(keyStatus);
return _getProof(keyStatusWith.getValue(), newTime);
}
void LogicalTimeValidator::stopKeyManager() {
stdx::lock_guard<stdx::mutex> keyManagerLock(_mutexKeyManager);
if (_keyManager) {
log() << "Stopping key manager";
_keyManager->stopMonitoring();
_keyManager->clearCache();
stdx::lock_guard<stdx::mutex> lk(_mutex);
_lastSeenValidTime = SignedLogicalTime();
_timeProofService.resetCache();
} else {
log() << "Stopping key manager: no key manager exists.";
}
}
StatusWith<LogicalTimeMetadata> LogicalTimeMetadata::readFromMetadata(
const BSONElement& metadataElem) {
if (metadataElem.eoo()) {
return LogicalTimeMetadata();
}
const auto& obj = metadataElem.Obj();
Timestamp ts;
Status status = bsonExtractTimestampField(obj, kClusterTimeFieldName, &ts);
if (!status.isOK()) {
return status;
}
BSONElement signatureElem;
status = bsonExtractTypedField(obj, kSignatureFieldName, Object, &signatureElem);
if (!status.isOK()) {
return status;
}
const auto& signatureObj = signatureElem.Obj();
// Extract BinData type signature hash and construct a SHA1Block instance from it.
BSONElement hashElem;
status = bsonExtractTypedField(signatureObj, kSignatureHashFieldName, BinData, &hashElem);
if (!status.isOK()) {
return status;
}
int hashLength = 0;
auto rawBinSignature = hashElem.binData(hashLength);
BSONBinData proofBinData(rawBinSignature, hashLength, hashElem.binDataType());
auto proofStatus = SHA1Block::fromBinData(proofBinData);
if (!proofStatus.isOK()) {
return proofStatus.getStatus();
}
long long keyId;
status = bsonExtractIntegerField(signatureObj, kSignatureKeyIdFieldName, &keyId);
if (!status.isOK()) {
return status;
}
return LogicalTimeMetadata(
SignedLogicalTime(LogicalTime(ts), std::move(proofStatus.getValue()), keyId));
}