...
- Initiating message is sent by discovery.
- Initiating message should contain:
- New master key hash.
- New master key id.
- When server node processed message following actions are executed:
- It obtain hash of new master key.
- Compares it with the one in message
- If it differs then error added to the message.
- If on step1 there are some errors we log it and cancel process. Otherwise got to step3.
- Action message is sent by discovery.
- Action message sould contain:
- New master key hash.
- New master key id.
- When server node processed message following actions are executed:
- Blocks creation of encrypted cache key.
- Encrypt cache group keys with new master key.
- Unblock creation of encrypted cache key.
- EncryptionSPI executes keys rotation (implementation specific).
Atomic keys rotation should be done in the following way:
- Reencrypt all cache group keys with new master key in a temporary datastructure.
No changes in MetaStore. - Create WAL logical record (MasterKeyChangeRecord) that consist of:
- New master key hash
- Reenctyped cache group keys.
- Write cache group keys to MetaStore.
Node recovery:
- If during node recovery with logical records we found MasterKeyChangeRecord it passed to EncryptionManager.
- When MetaStore becomes available for write, EncryptionManager writes new cache group keys to it.
Process completion:
Process completes when all nodes in cluster will process action message.
...