CMS 3D CMS Logo

List of all members | Public Member Functions | Static Public Member Functions | Static Public Attributes | Private Attributes
cond::auth::DecodingKey Class Reference

#include <DecodingKey.h>

Public Member Functions

void addDefaultService (const std::string &connectionString)
 
void addService (const std::string &serviceName, const std::string &connectionString, const std::string &userName, const std::string &password)
 
size_t createFromInputFile (const std::string &inputFileName, size_t generatedKeySize=0)
 
 DecodingKey ()
 
void flush ()
 
size_t init (const std::string &keyFileName, const std::string &password, bool readMode=true)
 
bool isNominal () const
 
void list (std::ostream &out)
 
const std::string & ownerName () const
 
const std::string & principalKey () const
 
const std::string & principalName () const
 
const std::map< std::string, ServiceCredentials > & services () const
 
const std::string & version () const
 
virtual ~DecodingKey ()
 

Static Public Member Functions

static std::string templateFile ()
 

Static Public Attributes

static constexpr size_t DEFAULT_KEY_SIZE = 100
 
static constexpr const char *const FILE_NAME = "db.key"
 
static constexpr const char *const FILE_PATH = ".cms_cond/db.key"
 
static constexpr const char *const KEY_FMT_VERSION = "2.0"
 

Private Attributes

std::string m_fileName
 
bool m_mode
 
std::string m_owner
 
std::string m_principalKey
 
std::string m_principalName
 
std::string m_pwd
 
std::map< std::string, ServiceCredentialsm_services
 
std::string m_version
 

Detailed Description

Definition at line 31 of file DecodingKey.h.

Constructor & Destructor Documentation

◆ DecodingKey()

cond::auth::DecodingKey::DecodingKey ( )
inline

Definition at line 96 of file DecodingKey.h.

97  : m_fileName(""),
98  m_version(""),
99  m_mode(true),
100  m_pwd(""),
101  m_principalName(""),
102  m_principalKey(""),
103  m_owner(""),
104  m_services() {}
std::string m_fileName
Definition: DecodingKey.h:73
std::string m_principalName
Definition: DecodingKey.h:81
std::string m_principalKey
Definition: DecodingKey.h:83
std::map< std::string, ServiceCredentials > m_services
Definition: DecodingKey.h:87

◆ ~DecodingKey()

virtual cond::auth::DecodingKey::~DecodingKey ( )
inlinevirtual

Definition at line 43 of file DecodingKey.h.

43 {}

Member Function Documentation

◆ addDefaultService()

void cond::auth::DecodingKey::addDefaultService ( const std::string &  connectionString)

Definition at line 299 of file DecodingKey.cc.

References FastTimer::addService(), l1RCTOmdsFedVectorProducer_cfi::connectionString, and DEFAULT_SERVICE().

299  {
301 }
void addService(const std::string &serviceName, const std::string &connectionString, const std::string &userName, const std::string &password)
Definition: DecodingKey.cc:303
static const std::string DEFAULT_SERVICE("Cond_Default_Service")

◆ addService()

void cond::auth::DecodingKey::addService ( const std::string &  serviceName,
const std::string &  connectionString,
const std::string &  userName,
const std::string &  password 
)

Definition at line 303 of file DecodingKey.cc.

References l1RCTOmdsFedVectorProducer_cfi::connectionString, EcalCondDBWriter_cfi::password, serviceName, and EcalCondDBWriter_cfi::userName.

306  {
307  std::map<std::string, ServiceCredentials>::iterator iK = m_services.find(serviceName);
308  if (iK == m_services.end()) {
309  iK = m_services.insert(std::make_pair(serviceName, ServiceCredentials())).first;
310  }
311  iK->second.connectionString = connectionString;
312  iK->second.userName = userName;
313  iK->second.password = password;
314 }
static const std::string serviceName
std::map< std::string, ServiceCredentials > m_services
Definition: DecodingKey.h:87

◆ createFromInputFile()

size_t cond::auth::DecodingKey::createFromInputFile ( const std::string &  inputFileName,
size_t  generatedKeySize = 0 
)

Definition at line 195 of file DecodingKey.cc.

References CONNECTIONPREFIX(), cond::auth::ServiceCredentials::connectionString, relval_steps::gen(), makeListRunsInFiles::inputFile, InefficientDoubleROC::inputFileName, KEYPREFIX(), mps_splice::line, mps_check::msg, NAMEPREFIX(), OWNERPREFIX(), submitPVValidationJobs::params, cond::parseLineForNamedParams(), cond::auth::ServiceCredentials::password, PASSWORDPREFIX(), serviceName, SERVICEPREFIX(), AlCaHLTBitMon_QueryRunRegistry::string, cond::throwException(), cond::auth::ServiceCredentials::userName, USERPREFIX(), and VERSIONPREFIX().

195  {
196  size_t nelem = 0;
197  if (inputFileName.empty()) {
198  std::string msg("Provided input file name is empty.");
199  throwException(msg, "DecodingKey::readFromInputFile");
200  }
201  m_version.clear();
202  m_principalName.clear();
203  m_principalKey.clear();
204  m_owner.clear();
205  m_services.clear();
206  std::ifstream inputFile(inputFileName.c_str());
207  if (inputFile.is_open()) {
208  std::map<std::string, std::string> params;
209  while (inputFile.good()) {
211  getline(inputFile, line);
212  params.clear();
213  if (line.size() > 3) {
214  if (line.substr(0, 2) == VERSIONPREFIX) {
215  m_version = line.substr(2);
216  } else if (line.substr(0, 2) == NAMEPREFIX) {
217  m_principalName = line.substr(2);
218  } else if (line.substr(0, 2) == KEYPREFIX) {
219  m_principalKey = line.substr(2);
220  } else if (line.substr(0, 2) == OWNERPREFIX) {
221  m_owner = line.substr(2);
222  } else if (line.substr(0, 2) == SERVICEPREFIX) {
225  ServiceCredentials creds;
226  creds.connectionString = params[CONNECTIONPREFIX];
227  creds.userName = params[USERPREFIX];
228  creds.password = params[PASSWORDPREFIX];
229  m_services.insert(std::make_pair(serviceName, creds));
230  nelem++;
231  }
232  }
233  }
234  inputFile.close();
235  if (m_principalKey.empty() && generatedKeySize) {
236  KeyGenerator gen;
237  m_principalKey = gen.make(generatedKeySize);
238  }
239 
240  } else {
241  std::string msg = "Provided Input File \"" + inputFileName + "\n is invalid.";
242  throwException(msg, "DecodingKey::readFromInputFile");
243  }
244  return nelem;
245 }
static const std::string KEYPREFIX("K=")
void parseLineForNamedParams(const std::string &line, std::map< std::string, std::string > &params)
Definition: DecodingKey.cc:58
static const std::string USERPREFIX("U=")
static const std::string serviceName
void throwException(const std::string &message, const std::string &methodName)
Definition: Exception.cc:18
static const std::string VERSIONPREFIX("V=")
static const std::string SERVICEPREFIX("S=")
def gen(fragment, howMuch)
Production test section ####.
std::string m_principalName
Definition: DecodingKey.h:81
static const std::string PASSWORDPREFIX("P=")
static const std::string OWNERPREFIX("O=")
tuple msg
Definition: mps_check.py:286
std::string m_principalKey
Definition: DecodingKey.h:83
static const std::string CONNECTIONPREFIX("C=")
static const std::string NAMEPREFIX("N=")
std::map< std::string, ServiceCredentials > m_services
Definition: DecodingKey.h:87

◆ flush()

void cond::auth::DecodingKey::flush ( )

Definition at line 261 of file DecodingKey.cc.

References Skims_PA_cff::content, cond::auth::Cipher::encrypt(), free(), ItemSeparator, KEY_HEADER(), KEYPREFIX(), LineSeparator, mps_check::msg, NAMEPREFIX(), MillePedeFileConverter_cfg::out, L1TdeCSCTF_cfi::outFile, OWNERPREFIX(), SERVICEPREFIX(), AlCaHLTBitMon_QueryRunRegistry::string, cond::throwException(), and VERSIONPREFIX().

261  {
262  std::ofstream outFile(m_fileName.c_str(), std::ios::binary);
263  if (outFile.is_open()) {
264  std::stringstream content;
266  if (!m_version.empty()) {
268  }
269  if (!m_principalName.empty()) {
271  }
272  if (!m_principalKey.empty()) {
274  }
275  if (!m_owner.empty()) {
277  }
278  for (std::map<std::string, ServiceCredentials>::const_iterator iD = m_services.begin(); iD != m_services.end();
279  ++iD) {
280  content << SERVICEPREFIX << iD->first << ItemSeparator;
281  content << iD->second.connectionString << ItemSeparator;
282  content << iD->second.userName << ItemSeparator;
283  content << iD->second.password << ItemSeparator;
285  }
286  Cipher cipher(m_pwd);
287  unsigned char* out;
288  size_t outSize = cipher.encrypt(content.str(), out);
289  outFile.write(reinterpret_cast<char*>(out), outSize);
290  free(out);
291  } else {
292  std::string msg("");
293  msg += "Provided Key File \"" + m_fileName + "\n is invalid.";
294  throwException(msg, "DecodingKey::flush");
295  }
296  outFile.close();
297 }
static const std::string KEYPREFIX("K=")
void throwException(const std::string &message, const std::string &methodName)
Definition: Exception.cc:18
static const std::string VERSIONPREFIX("V=")
static const std::string SERVICEPREFIX("S=")
static const std::string KEY_HEADER("Cond_Authentication_Key")
constexpr char LineSeparator
Definition: DecodingKey.cc:15
std::string m_fileName
Definition: DecodingKey.h:73
void free(void *ptr) noexcept
constexpr char ItemSeparator
Definition: DecodingKey.cc:14
std::string m_principalName
Definition: DecodingKey.h:81
static const std::string OWNERPREFIX("O=")
tuple msg
Definition: mps_check.py:286
std::string m_principalKey
Definition: DecodingKey.h:83
static const std::string NAMEPREFIX("N=")
std::map< std::string, ServiceCredentials > m_services
Definition: DecodingKey.h:87

◆ init()

size_t cond::auth::DecodingKey::init ( const std::string &  keyFileName,
const std::string &  password,
bool  readMode = true 
)

Definition at line 113 of file DecodingKey.cc.

References Skims_PA_cff::content, cond::auth::Cipher::decrypt(), free(), cond::getLoginName(), recoMuon::in, ItemSeparator, KEY_HEADER(), keyFile(), KEYPREFIX(), mps_splice::line, LineSeparator, malloc(), mps_check::msg, NAMEPREFIX(), OWNERPREFIX(), EcalCondDBWriter_cfi::password, SERVICEPREFIX(), str, AlCaHLTBitMon_QueryRunRegistry::string, cond::throwException(), and VERSIONPREFIX().

113  {
114  if (keyFileName.empty()) {
115  std::string msg("Provided key file name is empty.");
116  throwException(msg, "DecodingKey::init");
117  }
118  m_fileName = keyFileName;
119  m_pwd = password;
120  m_mode = readMode;
121  m_version.clear();
122  m_principalName.clear();
123  m_principalKey.clear();
124  m_owner.clear();
125  m_services.clear();
126  size_t nelem = 0;
127  if (m_mode) {
128  std::ifstream keyFile(m_fileName.c_str(), std::ios::in | std::ios::binary | std::ios::ate);
129  if (keyFile.is_open()) {
130  size_t fsize = keyFile.tellg();
131  unsigned char* buff = (unsigned char*)malloc(fsize);
132  keyFile.seekg(0, std::ios::beg);
133  keyFile.read(reinterpret_cast<char*>(buff), fsize);
134  Cipher cipher(m_pwd);
135  std::string content = cipher.decrypt(buff, fsize);
136  free(buff);
137  // skip the header + line separator
138  if (content.substr(0, KEY_HEADER.size()) != KEY_HEADER) {
139  std::string msg("Provided key content is invalid.");
140  throwException(msg, "DecodingKey::init");
141  }
142  std::stringstream str(content.substr(KEY_HEADER.size() + 1));
143  while (str.good()) {
145  getline(str, line, LineSeparator);
146  if (line.size() > 3) {
147  if (line.substr(0, 2) == VERSIONPREFIX) {
148  m_version = line.substr(2);
149  } else if (line.substr(0, 2) == NAMEPREFIX) {
150  m_principalName = line.substr(2);
151  } else if (line.substr(0, 2) == KEYPREFIX) {
152  m_principalKey = line.substr(2);
153  } else if (line.substr(0, 2) == OWNERPREFIX) {
154  m_owner = line.substr(2);
155  } else if (line.substr(0, 2) == SERVICEPREFIX) {
156  std::stringstream serviceStr(line.substr(2));
157  std::vector<std::string> sdata;
158  while (serviceStr.good()) {
159  sdata.push_back(std::string(""));
160  getline(serviceStr, sdata.back(), ItemSeparator);
161  }
162  std::map<std::string, ServiceCredentials>::iterator iS =
163  m_services.insert(std::make_pair(sdata[0], ServiceCredentials())).first;
164  iS->second.connectionString = sdata[1];
165  iS->second.userName = sdata[2];
166  iS->second.password = sdata[3];
167  nelem++;
168  }
169  }
170  }
171  keyFile.close();
172  if (m_principalName.empty() || m_principalKey.empty()) {
173  std::string msg = "Provided key is invalid.";
174  throwException(msg, "DecodingKey::init");
175  }
176  if (!m_owner.empty()) {
177  std::string currentUser = getLoginName();
178  if (m_owner != currentUser) {
179  m_principalName.clear();
180  m_principalKey.clear();
181  m_owner.clear();
182  m_services.clear();
183  std::string msg = "Provided key is invalid for user=" + currentUser;
184  throwException(msg, "DecodingKey::init");
185  }
186  }
187  } else {
188  std::string msg = "Required Key File \"" + m_fileName + "\" is missing or unreadable.";
189  throwException(msg, "DecodingKey::init");
190  }
191  }
192  return nelem;
193 }
static const std::string KEYPREFIX("K=")
std::string getLoginName()
Definition: DecodingKey.cc:42
void throwException(const std::string &message, const std::string &methodName)
Definition: Exception.cc:18
static const std::string VERSIONPREFIX("V=")
static const std::string SERVICEPREFIX("S=")
static const std::string KEY_HEADER("Cond_Authentication_Key")
constexpr char LineSeparator
Definition: DecodingKey.cc:15
std::string m_fileName
Definition: DecodingKey.h:73
void free(void *ptr) noexcept
constexpr char ItemSeparator
Definition: DecodingKey.cc:14
std::string m_principalName
Definition: DecodingKey.h:81
void * malloc(size_t size) noexcept
static const std::string OWNERPREFIX("O=")
tuple msg
Definition: mps_check.py:286
std::string m_principalKey
Definition: DecodingKey.h:83
static const std::string NAMEPREFIX("N=")
static const std::string keyFile("/nfshome0/hcalsw/.ReadOMDSKey")
#define str(s)
std::map< std::string, ServiceCredentials > m_services
Definition: DecodingKey.h:87

◆ isNominal()

bool cond::auth::DecodingKey::isNominal ( ) const
inline

Definition at line 112 of file DecodingKey.h.

112 { return !m_owner.empty(); }

◆ list()

void cond::auth::DecodingKey::list ( std::ostream &  out)

Definition at line 247 of file DecodingKey.cc.

References CONNECTIONPREFIX(), KEYPREFIX(), NAMEPREFIX(), MillePedeFileConverter_cfg::out, OWNERPREFIX(), PASSWORDPREFIX(), SERVICEPREFIX(), USERPREFIX(), and VERSIONPREFIX().

247  {
248  out << VERSIONPREFIX << m_version << std::endl;
249  out << NAMEPREFIX << m_principalName << std::endl;
250  out << KEYPREFIX << m_principalKey << std::endl;
251  out << OWNERPREFIX << m_owner << std::endl;
252  for (std::map<std::string, ServiceCredentials>::const_iterator iS = m_services.begin(); iS != m_services.end();
253  iS++) {
254  out << SERVICEPREFIX << iS->first << ";";
255  out << CONNECTIONPREFIX << iS->second.connectionString << ";";
256  out << USERPREFIX << iS->second.userName << ";";
257  out << PASSWORDPREFIX << iS->second.password << ";" << std::endl;
258  }
259 }
static const std::string KEYPREFIX("K=")
static const std::string USERPREFIX("U=")
static const std::string VERSIONPREFIX("V=")
static const std::string SERVICEPREFIX("S=")
std::string m_principalName
Definition: DecodingKey.h:81
static const std::string PASSWORDPREFIX("P=")
static const std::string OWNERPREFIX("O=")
std::string m_principalKey
Definition: DecodingKey.h:83
static const std::string CONNECTIONPREFIX("C=")
static const std::string NAMEPREFIX("N=")
std::map< std::string, ServiceCredentials > m_services
Definition: DecodingKey.h:87

◆ ownerName()

const std::string & cond::auth::DecodingKey::ownerName ( ) const
inline

Definition at line 114 of file DecodingKey.h.

114 { return m_owner; }

◆ principalKey()

const std::string & cond::auth::DecodingKey::principalKey ( ) const
inline

Definition at line 110 of file DecodingKey.h.

110 { return m_principalKey; }
std::string m_principalKey
Definition: DecodingKey.h:83

◆ principalName()

const std::string & cond::auth::DecodingKey::principalName ( ) const
inline

Definition at line 108 of file DecodingKey.h.

108 { return m_principalName; }
std::string m_principalName
Definition: DecodingKey.h:81

◆ services()

const std::map< std::string, cond::auth::ServiceCredentials > & cond::auth::DecodingKey::services ( ) const
inline

Definition at line 116 of file DecodingKey.h.

116  {
117  return m_services;
118 }
std::map< std::string, ServiceCredentials > m_services
Definition: DecodingKey.h:87

◆ templateFile()

std::string cond::auth::DecodingKey::templateFile ( )
static

Definition at line 97 of file DecodingKey.cc.

References CONNECTIONPREFIX(), KEYPREFIX(), NAMEPREFIX(), OWNERPREFIX(), PASSWORDPREFIX(), alignCSCRings::s, SERVICEPREFIX(), USERPREFIX(), and VERSIONPREFIX().

97  {
98  std::stringstream s;
99  s << VERSIONPREFIX << KEY_FMT_VERSION << std::endl;
100  s << NAMEPREFIX << "<principal_name>" << std::endl;
101  s << OWNERPREFIX << "<owner_name, optional>" << std::endl;
102  s << KEYPREFIX << "<key, leave empty if generated>" << std::endl;
103  //s<<DATEPREFIX<<"<expiring date, optional>"<<std::endl;
104  s << SERVICEPREFIX << "<service_name0>;" << CONNECTIONPREFIX << "<service0_connection_string>;" << USERPREFIX
105  << "<user0_name>;" << PASSWORDPREFIX << "<password0>;" << std::endl;
106  s << SERVICEPREFIX << "<service_name1>;" << CONNECTIONPREFIX << "<service1_connection_string>;" << USERPREFIX
107  << "<user1_name>;" << PASSWORDPREFIX << "<password1>;" << std::endl;
108  s << SERVICEPREFIX << "<service_name2>;" << CONNECTIONPREFIX << "<service2_connection_string>;" << USERPREFIX
109  << "<user2_name>;" << PASSWORDPREFIX << "<password2>;" << std::endl;
110  return s.str();
111 }
static const std::string KEYPREFIX("K=")
static const std::string USERPREFIX("U=")
static const std::string VERSIONPREFIX("V=")
static const std::string SERVICEPREFIX("S=")
static constexpr const char *const KEY_FMT_VERSION
Definition: DecodingKey.h:33
static const std::string PASSWORDPREFIX("P=")
static const std::string OWNERPREFIX("O=")
static const std::string CONNECTIONPREFIX("C=")
static const std::string NAMEPREFIX("N=")

◆ version()

const std::string & cond::auth::DecodingKey::version ( ) const
inline

Definition at line 106 of file DecodingKey.h.

Referenced by validation.Sample::datasetpattern(), and validation.Sample::filename().

106 { return m_version; }

Member Data Documentation

◆ DEFAULT_KEY_SIZE

constexpr size_t cond::auth::DecodingKey::DEFAULT_KEY_SIZE = 100
static

Definition at line 36 of file DecodingKey.h.

◆ FILE_NAME

constexpr const char* const cond::auth::DecodingKey::FILE_NAME = "db.key"
static

Definition at line 34 of file DecodingKey.h.

◆ FILE_PATH

constexpr const char* const cond::auth::DecodingKey::FILE_PATH = ".cms_cond/db.key"
static

Definition at line 35 of file DecodingKey.h.

Referenced by cond::CredentialStore::setUpForService().

◆ KEY_FMT_VERSION

constexpr const char* const cond::auth::DecodingKey::KEY_FMT_VERSION = "2.0"
static

Definition at line 33 of file DecodingKey.h.

◆ m_fileName

std::string cond::auth::DecodingKey::m_fileName
private

Definition at line 73 of file DecodingKey.h.

◆ m_mode

bool cond::auth::DecodingKey::m_mode
private

Definition at line 77 of file DecodingKey.h.

◆ m_owner

std::string cond::auth::DecodingKey::m_owner
private

Definition at line 85 of file DecodingKey.h.

◆ m_principalKey

std::string cond::auth::DecodingKey::m_principalKey
private

Definition at line 83 of file DecodingKey.h.

◆ m_principalName

std::string cond::auth::DecodingKey::m_principalName
private

Definition at line 81 of file DecodingKey.h.

◆ m_pwd

std::string cond::auth::DecodingKey::m_pwd
private

Definition at line 79 of file DecodingKey.h.

◆ m_services

std::map<std::string, ServiceCredentials> cond::auth::DecodingKey::m_services
private

Definition at line 87 of file DecodingKey.h.

◆ m_version

std::string cond::auth::DecodingKey::m_version
private

Definition at line 75 of file DecodingKey.h.