mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-01-29 02:05:57 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

renames to follow single consistent naming style

Browse source 
with namespace prefixes
This commit is contained in:
Sergei Golubchik 2015-04-01 21:25:02 +02:00
parent c0878f64c5
commit 65e7826070
32 changed files with 198 additions and 193 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
include/mysql/plugin_audit.h.pp
View file

@ -197,20 +197,20 @@ int thd_key_create(MYSQL_THD_KEY_T *key);
void thd_key_delete(MYSQL_THD_KEY_T *key);
void* thd_getspecific(void* thd, MYSQL_THD_KEY_T key);
int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value);
#include <mysql/service_encryption_keys.h>
#include <mysql/service_encryption.h>
typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen,
unsigned char* dst, unsigned int* dlen,
const unsigned char* key, unsigned int klen,
const unsigned char* iv, unsigned int ivlen,
int no_padding, unsigned int key_version);
struct encryption_keys_service_st {
unsigned int (*get_latest_encryption_key_version_func)();
unsigned int (*has_encryption_key_func)(unsigned int);
unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*);
encrypt_decrypt_func encrypt_data_func;
encrypt_decrypt_func decrypt_data_func;
struct encryption_service_st {
unsigned int (*encryption_key_get_latest_version_func)();
unsigned int (*encryption_key_exists_func)(unsigned int);
unsigned int (*encryption_key_get_func)(unsigned int, unsigned char*, unsigned int*);
encrypt_decrypt_func encryption_encrypt_func;
encrypt_decrypt_func encryption_decrypt_func;
};
extern struct encryption_keys_service_st encryption_keys_handler;
extern struct encryption_service_st encryption_handler;
struct st_mysql_xid {
long formatID;
long gtrid_length;

16
include/mysql/plugin_auth.h.pp
View file

@ -197,20 +197,20 @@ int thd_key_create(MYSQL_THD_KEY_T *key);
void thd_key_delete(MYSQL_THD_KEY_T *key);
void* thd_getspecific(void* thd, MYSQL_THD_KEY_T key);
int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value);
#include <mysql/service_encryption_keys.h>
#include <mysql/service_encryption.h>
typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen,
unsigned char* dst, unsigned int* dlen,
const unsigned char* key, unsigned int klen,
const unsigned char* iv, unsigned int ivlen,
int no_padding, unsigned int key_version);
struct encryption_keys_service_st {
unsigned int (*get_latest_encryption_key_version_func)();
unsigned int (*has_encryption_key_func)(unsigned int);
unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*);
encrypt_decrypt_func encrypt_data_func;
encrypt_decrypt_func decrypt_data_func;
struct encryption_service_st {
unsigned int (*encryption_key_get_latest_version_func)();
unsigned int (*encryption_key_exists_func)(unsigned int);
unsigned int (*encryption_key_get_func)(unsigned int, unsigned char*, unsigned int*);
encrypt_decrypt_func encryption_encrypt_func;
encrypt_decrypt_func encryption_decrypt_func;
};
extern struct encryption_keys_service_st encryption_keys_handler;
extern struct encryption_service_st encryption_handler;
struct st_mysql_xid {
long formatID;
long gtrid_length;

16
include/mysql/plugin_encryption.h.pp
View file

@ -197,20 +197,20 @@ int thd_key_create(MYSQL_THD_KEY_T *key);
void thd_key_delete(MYSQL_THD_KEY_T *key);
void* thd_getspecific(void* thd, MYSQL_THD_KEY_T key);
int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value);
#include <mysql/service_encryption_keys.h>
#include <mysql/service_encryption.h>
typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen,
unsigned char* dst, unsigned int* dlen,
const unsigned char* key, unsigned int klen,
const unsigned char* iv, unsigned int ivlen,
int no_padding, unsigned int key_version);
struct encryption_keys_service_st {
unsigned int (*get_latest_encryption_key_version_func)();
unsigned int (*has_encryption_key_func)(unsigned int);
unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*);
encrypt_decrypt_func encrypt_data_func;
encrypt_decrypt_func decrypt_data_func;
struct encryption_service_st {
unsigned int (*encryption_key_get_latest_version_func)();
unsigned int (*encryption_key_exists_func)(unsigned int);
unsigned int (*encryption_key_get_func)(unsigned int, unsigned char*, unsigned int*);
encrypt_decrypt_func encryption_encrypt_func;
encrypt_decrypt_func encryption_decrypt_func;
};
extern struct encryption_keys_service_st encryption_keys_handler;
extern struct encryption_service_st encryption_handler;
struct st_mysql_xid {
long formatID;
long gtrid_length;

16
include/mysql/plugin_ftparser.h.pp
View file

@ -197,20 +197,20 @@ int thd_key_create(MYSQL_THD_KEY_T *key);
void thd_key_delete(MYSQL_THD_KEY_T *key);
void* thd_getspecific(void* thd, MYSQL_THD_KEY_T key);
int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value);
#include <mysql/service_encryption_keys.h>
#include <mysql/service_encryption.h>
typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen,
unsigned char* dst, unsigned int* dlen,
const unsigned char* key, unsigned int klen,
const unsigned char* iv, unsigned int ivlen,
int no_padding, unsigned int key_version);
struct encryption_keys_service_st {
unsigned int (*get_latest_encryption_key_version_func)();
unsigned int (*has_encryption_key_func)(unsigned int);
unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*);
encrypt_decrypt_func encrypt_data_func;
encrypt_decrypt_func decrypt_data_func;
struct encryption_service_st {
unsigned int (*encryption_key_get_latest_version_func)();
unsigned int (*encryption_key_exists_func)(unsigned int);
unsigned int (*encryption_key_get_func)(unsigned int, unsigned char*, unsigned int*);
encrypt_decrypt_func encryption_encrypt_func;
encrypt_decrypt_func encryption_decrypt_func;
};
extern struct encryption_keys_service_st encryption_keys_handler;
extern struct encryption_service_st encryption_handler;
struct st_mysql_xid {
long formatID;
long gtrid_length;

16
include/mysql/plugin_password_validation.h.pp
View file

@ -197,20 +197,20 @@ int thd_key_create(MYSQL_THD_KEY_T *key);
void thd_key_delete(MYSQL_THD_KEY_T *key);
void* thd_getspecific(void* thd, MYSQL_THD_KEY_T key);
int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value);
#include <mysql/service_encryption_keys.h>
#include <mysql/service_encryption.h>
typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen,
unsigned char* dst, unsigned int* dlen,
const unsigned char* key, unsigned int klen,
const unsigned char* iv, unsigned int ivlen,
int no_padding, unsigned int key_version);
struct encryption_keys_service_st {
unsigned int (*get_latest_encryption_key_version_func)();
unsigned int (*has_encryption_key_func)(unsigned int);
unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*);
encrypt_decrypt_func encrypt_data_func;
encrypt_decrypt_func decrypt_data_func;
struct encryption_service_st {
unsigned int (*encryption_key_get_latest_version_func)();
unsigned int (*encryption_key_exists_func)(unsigned int);
unsigned int (*encryption_key_get_func)(unsigned int, unsigned char*, unsigned int*);
encrypt_decrypt_func encryption_encrypt_func;
encrypt_decrypt_func encryption_decrypt_func;
};
extern struct encryption_keys_service_st encryption_keys_handler;
extern struct encryption_service_st encryption_handler;
struct st_mysql_xid {
long formatID;
long gtrid_length;

78
include/mysql/service_encryption.h Normal file
View file

@ -0,0 +1,78 @@
#ifndef MYSQL_SERVICE_ENCRYPTION_INCLUDED
/* Copyright (c) 2015, MariaDB
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 of the License.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
/**
@file
encryption service
Functions to support data encryption and encryption key management.
They are normally implemented in an encryption plugin, so this service
connects encryption *consumers* (storage engines) to the encryption
*provider* (encryption plugin).
*/
#ifdef __cplusplus
extern "C" {
#endif
/* returned from encryption_key_get_latest_version() */
#define ENCRYPTION_KEY_VERSION_INVALID (~(unsigned int)0)
#define ENCRYPTION_KEY_VERSION_NOT_ENCRYPTED (0)
/* returned from encryption_key_get() */
#define ENCRYPTION_KEY_BUFFER_TOO_SMALL (100)
typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen,
unsigned char* dst, unsigned int* dlen,
const unsigned char* key, unsigned int klen,
const unsigned char* iv, unsigned int ivlen,
int no_padding, unsigned int key_version);
struct encryption_service_st {
unsigned int (*encryption_key_get_latest_version_func)();
unsigned int (*encryption_key_exists_func)(unsigned int);
unsigned int (*encryption_key_get_func)(unsigned int, unsigned char*, unsigned int*);
encrypt_decrypt_func encryption_encrypt_func;
encrypt_decrypt_func encryption_decrypt_func;
};
#ifdef MYSQL_DYNAMIC_PLUGIN
extern struct encryption_service_st *encryption_service;
#define encryption_key_get_latest_version() encryption_service->encryption_key_get_latest_version_func()
#define encryption_key_exists(V) encryption_service->encryption_key_exists_func(V)
#define encryption_key_get(V,K,S) encryption_service->encryption_key_get_func((V), (K), (S))
#define encryption_encrypt(S,SL,D,DL,K,KL,I,IL,NP,KV) encryption_service->encryption_encrypt_func(S,SL,D,DL,K,KL,I,IL,NP,KV)
#define encryption_decrypt(S,SL,D,DL,K,KL,I,IL,NP,KV) encryption_service->encryption_decrypt_func(S,SL,D,DL,K,KL,I,IL,NP,KV)
#else
extern struct encryption_service_st encryption_handler;
#define encryption_key_get_latest_version() encryption_handler.encryption_key_get_latest_version_func()
#define encryption_key_exists(V) encryption_handler.encryption_key_exists_func(V)
#define encryption_key_get(V,K,S) encryption_handler.encryption_key_get_func((V), (K), (S))
#define encryption_encrypt(S,SL,D,DL,K,KL,I,IL,NP,KV) encryption_handler.encryption_encrypt_func(S,SL,D,DL,K,KL,I,IL,NP,KV)
#define encryption_decrypt(S,SL,D,DL,K,KL,I,IL,NP,KV) encryption_handler.encryption_decrypt_func(S,SL,D,DL,K,KL,I,IL,NP,KV)
#endif
#ifdef __cplusplus
}
#endif
#define MYSQL_SERVICE_ENCRYPTION_INCLUDED
#endif

71
include/mysql/service_encryption_keys.h
View file

@ -1,71 +0,0 @@
#ifndef MYSQL_SERVICE_ENCRYPTION_KEYS_INCLUDED
/* Copyright (c) 2015, MariaDB
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 of the License.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
/**
@file
encryption keys service
Functions to get encryption keys from the encryption plugin
*/
#ifdef __cplusplus
extern "C" {
#endif
#define BAD_ENCRYPTION_KEY_VERSION (~(unsigned int)0)
#define KEY_BUFFER_TOO_SMALL (100)
typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen,
unsigned char* dst, unsigned int* dlen,
const unsigned char* key, unsigned int klen,
const unsigned char* iv, unsigned int ivlen,
int no_padding, unsigned int key_version);
struct encryption_keys_service_st {
unsigned int (*get_latest_encryption_key_version_func)();
unsigned int (*has_encryption_key_func)(unsigned int);
unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*);
encrypt_decrypt_func encrypt_data_func;
encrypt_decrypt_func decrypt_data_func;
};
#ifdef MYSQL_DYNAMIC_PLUGIN
extern struct encryption_keys_service_st *encryption_keys_service;
#define get_latest_encryption_key_version() encryption_keys_service->get_latest_encryption_key_version_func()
#define has_encryption_key(V) encryption_keys_service->has_encryption_key_func(V)
#define get_encryption_key(V,K,S) encryption_keys_service->get_encryption_key_func((V), (K), (S))
#define encrypt_data(S,SL,D,DL,K,KL,I,IL,NP,KV) encryption_keys_service->encrypt_data_func(S,SL,D,DL,K,KL,I,IL,NP,KV)
#define decrypt_data(S,SL,D,DL,K,KL,I,IL,NP,KV) encryption_keys_service->decrypt_data_func(S,SL,D,DL,K,KL,I,IL,NP,KV)
#else
extern struct encryption_keys_service_st encryption_keys_handler;
#define get_latest_encryption_key_version() encryption_keys_handler.get_latest_encryption_key_version_func()
#define has_encryption_key(V) encryption_keys_handler.has_encryption_key_func(V)
#define get_encryption_key(V,K,S) encryption_keys_handler.get_encryption_key_func((V), (K), (S))
#define encrypt_data(S,SL,D,DL,K,KL,I,IL,NP,KV) encryption_keys_handler.encrypt_data_func(S,SL,D,DL,K,KL,I,IL,NP,KV)
#define decrypt_data(S,SL,D,DL,K,KL,I,IL,NP,KV) encryption_keys_handler.decrypt_data_func(S,SL,D,DL,K,KL,I,IL,NP,KV)
#endif
#ifdef __cplusplus
}
#endif
#define MYSQL_SERVICE_ENCRYPTION_KEYS_INCLUDED
#endif

2
include/mysql/services.h
View file

@ -32,7 +32,7 @@ extern "C" {
#include <mysql/service_thd_autoinc.h>
#include <mysql/service_thd_error_context.h>
#include <mysql/service_thd_specifics.h>
#include <mysql/service_encryption_keys.h>
#include <mysql/service_encryption.h>
/*#include <mysql/service_wsrep.h>*/
#ifdef __cplusplus

2
include/service_versions.h
View file

@ -35,5 +35,5 @@
#define VERSION_thd_autoinc 0x0100
#define VERSION_thd_error_context 0x0100
#define VERSION_thd_specifics 0x0100
#define VERSION_encryption_keys 0x0200
#define VERSION_encryption 0x0200

2
libmysqld/CMakeLists.txt
View file

@ -105,7 +105,7 @@ SET(SQL_EMBEDDED_SOURCES emb_qcache.cc libmysqld.c lib_sql.cc
../sql/compat56.cc
../sql/table_cache.cc
../sql/item_inetfunc.cc
../sql/wsrep_dummy.cc ../sql/encryption_keys.cc
../sql/wsrep_dummy.cc ../sql/encryption.cc
${GEN_SOURCES}
${MYSYS_LIBWRAP_SOURCE}
)

2
libservices/CMakeLists.txt
View file

@ -28,7 +28,7 @@ SET(MYSQLSERVICES_SOURCES
my_sha1_service.c
my_md5_service.c
wsrep_service.c
encryption_keys_service.c
encryption_service.c
kill_statement_service.c
logger_service.c)

2
libservices/encryption_keys_service.c → libservices/encryption_service.c
View file

@ -14,4 +14,4 @@
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
#include <service_versions.h>
SERVICE_VERSION encryption_keys_service= (void*)VERSION_encryption_keys;
SERVICE_VERSION encryption_service= (void*)VERSION_encryption;

2
plugin/debug_key_management/debug_key_management_plugin.cc
View file

@ -50,7 +50,7 @@ static unsigned int get_key(unsigned int version, unsigned char* dstbuf, unsigne
if (*buflen < KEY_SIZE)
{
*buflen= KEY_SIZE;
return KEY_BUFFER_TOO_SMALL;
return ENCRYPTION_KEY_BUFFER_TOO_SMALL;
}
*buflen= KEY_SIZE;
if (!dstbuf)

2
plugin/example_key_management/example_key_management_plugin.cc
View file

@ -62,7 +62,7 @@ get_key(unsigned int version, unsigned char* dstbuf, unsigned *buflen)
if (*buflen < MY_MD5_HASH_SIZE)
{
*buflen= MY_MD5_HASH_SIZE;
return KEY_BUFFER_TOO_SMALL;
return ENCRYPTION_KEY_BUFFER_TOO_SMALL;
}
*buflen= MY_MD5_HASH_SIZE;
if (!dstbuf)

4
plugin/file_key_management/file_key_management_plugin.cc
View file

@ -95,12 +95,12 @@ static unsigned int get_key_from_key_file(unsigned int key_id,
keyentry* entry = get_key(key_id);
if (entry == NULL)
return BAD_ENCRYPTION_KEY_VERSION;
return ENCRYPTION_KEY_VERSION_INVALID;
if (*buflen < entry->length)
{
*buflen= entry->length;
return KEY_BUFFER_TOO_SMALL;
return ENCRYPTION_KEY_BUFFER_TOO_SMALL;
}
*buflen= entry->length;

2
sql/CMakeLists.txt
View file

@ -117,7 +117,7 @@ SET (SQL_SOURCE
my_json_writer.cc my_json_writer.h
rpl_gtid.cc rpl_parallel.cc
${WSREP_SOURCES}
table_cache.cc encryption_keys.cc
table_cache.cc encryption.cc
${CMAKE_CURRENT_BINARY_DIR}/sql_builtin.cc
${GEN_SOURCES}
${MYSYS_LIBWRAP_SOURCE}

38
sql/encryption_keys.cc → sql/encryption.cc
View file

@ -19,21 +19,19 @@
#include "sql_plugin.h"
#include <my_crypt.h>
#warning TODO rename to follow single consistent style
/* there can be only one encryption plugin enabled */
static plugin_ref encryption_key_manager= 0;
struct encryption_keys_service_st encryption_keys_handler;
static plugin_ref encryption_manager= 0;
struct encryption_service_st encryption_handler;
unsigned int has_key(uint version)
{
uint unused;
return get_encryption_key(version, NULL, &unused) != BAD_ENCRYPTION_KEY_VERSION;
return encryption_key_get(version, NULL, &unused) != ENCRYPTION_KEY_VERSION_INVALID;
}
uint no_key()
{
return BAD_ENCRYPTION_KEY_VERSION;
return ENCRYPTION_KEY_VERSION_INVALID;
}
static int no_crypt(const uchar* source, uint source_length,
@ -48,7 +46,7 @@ static int no_crypt(const uchar* source, uint source_length,
int initialize_encryption_plugin(st_plugin_int *plugin)
{
if (encryption_key_manager)
if (encryption_manager)
return 1;
if (plugin->plugin->init && plugin->plugin->init(plugin))
@ -58,22 +56,22 @@ int initialize_encryption_plugin(st_plugin_int *plugin)
return 1;
}
encryption_key_manager= plugin_lock(NULL, plugin_int_to_ref(plugin));
encryption_manager= plugin_lock(NULL, plugin_int_to_ref(plugin));
st_mariadb_encryption *handle=
(struct st_mariadb_encryption*) plugin->plugin->info;
encryption_keys_handler.encrypt_data_func=
encryption_handler.encryption_encrypt_func=
handle->encrypt ? handle->encrypt
: (encrypt_decrypt_func)my_aes_encrypt_cbc;
encryption_keys_handler.decrypt_data_func=
encryption_handler.encryption_decrypt_func=
handle->decrypt ? handle->decrypt
: (encrypt_decrypt_func)my_aes_decrypt_cbc;
encryption_keys_handler.get_encryption_key_func=
encryption_handler.encryption_key_get_func=
handle->get_key;
encryption_keys_handler.get_latest_encryption_key_version_func=
encryption_handler.encryption_key_get_latest_version_func=
handle->get_latest_key_version; // must be the last
return 0;
@ -81,21 +79,21 @@ int initialize_encryption_plugin(st_plugin_int *plugin)
int finalize_encryption_plugin(st_plugin_int *plugin)
{
encryption_keys_handler.encrypt_data_func= no_crypt;
encryption_keys_handler.decrypt_data_func= no_crypt;
encryption_keys_handler.has_encryption_key_func= has_key;
encryption_keys_handler.get_encryption_key_func=
encryption_handler.encryption_encrypt_func= no_crypt;
encryption_handler.encryption_decrypt_func= no_crypt;
encryption_handler.encryption_key_exists_func= has_key;
encryption_handler.encryption_key_get_func=
(uint (*)(uint, uchar*, uint*))no_key;
encryption_keys_handler.get_latest_encryption_key_version_func= no_key;
encryption_handler.encryption_key_get_latest_version_func= no_key;
if (plugin && plugin->plugin->deinit && plugin->plugin->deinit(NULL))
{
DBUG_PRINT("warning", ("Plugin '%s' deinit function returned error.",
plugin->name.str));
}
if (encryption_key_manager)
plugin_unlock(NULL, encryption_key_manager);
encryption_key_manager= 0;
if (encryption_manager)
plugin_unlock(NULL, encryption_manager);
encryption_manager= 0;
return 0;
}

2
sql/sql_plugin_services.h
View file

@ -161,7 +161,7 @@ static struct st_service_ref list_of_services[]=
{ "logger_service", VERSION_logger, &logger_service_handler },
{ "thd_autoinc_service", VERSION_thd_autoinc, &thd_autoinc_handler },
{ "wsrep_service", VERSION_wsrep, &wsrep_handler },
{ "encryption_keys_service", VERSION_encryption_keys, &encryption_keys_handler },
{ "encryption_service", VERSION_encryption, &encryption_handler },
{ "thd_specifics_service", VERSION_thd_specifics, &thd_specifics_handler },
{ "thd_error_context_service", VERSION_thd_error_context, &thd_error_conext_handler },
};

14
storage/innobase/fil/fil0crypt.cc
View file

@ -232,7 +232,7 @@ fil_crypt_get_key(byte *dst, uint* key_length,
}
*key_length= MY_AES_MAX_KEY_LENGTH;
int rc = get_encryption_key(version, (unsigned char*)keybuf, key_length);
int rc = encryption_key_get(version, (unsigned char*)keybuf, key_length);
if (rc) {
ib_logf(IB_LOG_LEVEL_FATAL,
@ -285,7 +285,7 @@ fil_crypt_get_latest_key(byte *dst, uint* key_length,
{
if (srv_encrypt_tables) {
// used for key rotation - get the next key id from the key provider
int rc = get_latest_encryption_key_version();
int rc = encryption_key_get_latest_version();
// if no new key was created use the last one
if (rc >= 0) {
@ -313,7 +313,7 @@ fil_space_create_crypt_data()
crypt_data->min_key_version = 0;
} else {
crypt_data->type = CRYPT_SCHEME_1;
crypt_data->min_key_version = get_latest_encryption_key_version();
crypt_data->min_key_version = encryption_key_get_latest_version();
}
mutex_create(fil_crypt_data_mutex_key,
@ -693,7 +693,7 @@ fil_space_encrypt(ulint space, ulint offset, lsn_t lsn,
srclen = page_size - FIL_PAGE_DATA;
}
int rc = encrypt_data(src, srclen, dst, &dstlen,
int rc = encryption_encrypt(src, srclen, dst, &dstlen,
(unsigned char*)key, key_length,
(unsigned char*)iv, sizeof(iv), 1, key_version);
@ -865,7 +865,7 @@ fil_space_decrypt(fil_space_crypt_t* crypt_data,
srclen = pow((double)2, (double)((int)compressed_len)) - FIL_PAGE_DATA;
}
int rc = decrypt_data(src, srclen, dst, &dstlen,
int rc = encryption_decrypt(src, srclen, dst, &dstlen,
(unsigned char*)key, key_length,
(unsigned char*)iv, sizeof(iv), 1, key_version);
@ -1007,7 +1007,7 @@ fil_crypt_get_key_state(
key_state_t *new_state)
{
if (srv_encrypt_tables == TRUE) {
new_state->key_version = get_latest_encryption_key_version();
new_state->key_version = encryption_key_get_latest_version();
new_state->rotate_key_age = srv_fil_crypt_rotate_key_age;
ut_a(new_state->key_version > 0);
} else {
@ -2381,7 +2381,7 @@ fil_space_crypt_get_status(
}
if (srv_encrypt_tables == TRUE) {
status->current_key_version = get_latest_encryption_key_version();
status->current_key_version = encryption_key_get_latest_version();
} else {
status->current_key_version = 0;
}

2
storage/innobase/fil/fil0fil.cc
View file

@ -1157,7 +1157,7 @@ fil_space_create(
ut_a(fil_system);
if (fsp_flags_is_page_encrypted(flags)) {
if (!has_encryption_key(fsp_flags_get_page_encryption_key(flags))) {
if (!encryption_key_exists(fsp_flags_get_page_encryption_key(flags))) {
/* by returning here it should be avoided that
* the server crashes, if someone tries to access an
* encrypted table and the encryption key is not available.

2
storage/innobase/handler/ha_innodb.cc
View file

@ -11404,7 +11404,7 @@ ha_innobase::check_table_options(
return "PAGE_ENCRYPTION_KEY";
}
if (!has_encryption_key(options->page_encryption_key)) {
if (!encryption_key_exists(options->page_encryption_key)) {
push_warning_printf(
thd, Sql_condition::WARN_LEVEL_WARN,
HA_WRONG_CREATE_OPTION,

6
storage/innobase/include/fsp0pageencryption.ic
View file

@ -146,9 +146,9 @@ fil_page_encryption_status(
if (page_type == FIL_PAGE_TYPE_FSP_HDR) {
ulint flags = mach_read_from_4(FSP_HEADER_OFFSET + FSP_SPACE_FLAGS + buf);
if (fsp_flags_is_page_encrypted(flags)) {
if (!has_encryption_key(fsp_flags_get_page_encryption_key(flags))) {
if (!encryption_key_exists(fsp_flags_get_page_encryption_key(flags))) {
/* accessing table would surely fail, because no key or no key provider available */
if (!has_encryption_key(fsp_flags_get_page_encryption_key(flags))) {
if (!encryption_key_exists(fsp_flags_get_page_encryption_key(flags))) {
return PAGE_ENCRYPTION_KEY_MISSING;
}
return PAGE_ENCRYPTION_ERROR;
@ -158,7 +158,7 @@ fil_page_encryption_status(
if(page_type == FIL_PAGE_PAGE_COMPRESSED_ENCRYPTED) {
ulint key = mach_read_from_4(buf + FIL_PAGE_FILE_FLUSH_LSN_OR_KEY_VERSION);
if (!has_encryption_key(key)) {
if (!encryption_key_exists(key)) {
return PAGE_ENCRYPTION_KEY_MISSING;
}
return PAGE_ENCRYPTION_ERROR;

2
storage/innobase/include/log0crypt.h
View file

@ -15,7 +15,7 @@ Created 11/25/2013 Minli Zhu
#define PURPOSE_BYTE_LEN MY_AES_BLOCK_SIZE - 1
#define PURPOSE_BYTE_OFFSET 0
#define UNENCRYPTED_KEY_VER 0
#define UNENCRYPTED_KEY_VER ENCRYPTION_KEY_VERSION_NOT_ENCRYPTED
typedef int Crypt_result;

8
storage/innobase/log/log0crypt.cc
View file

@ -117,7 +117,7 @@ log_init_crypt_key(
byte mysqld_key[MY_AES_BLOCK_SIZE] = {0};
uint keylen= sizeof(mysqld_key);
if (get_encryption_key(crypt_ver, mysqld_key, &keylen))
if (encryption_key_get(crypt_ver, mysqld_key, &keylen))
{
ib_logf(IB_LOG_LEVEL_ERROR,
"Redo log crypto: getting mysqld crypto key "
@ -204,7 +204,7 @@ log_blocks_crypt(
mach_write_to_4(aes_ctr_counter + 11, log_block_no);
bzero(aes_ctr_counter + 15, 1);
int rc = encrypt_data(log_block + LOG_BLOCK_HDR_SIZE, src_len,
int rc = encryption_encrypt(log_block + LOG_BLOCK_HDR_SIZE, src_len,
dst_block + LOG_BLOCK_HDR_SIZE, &dst_len,
(unsigned char*)key, 16,
aes_ctr_counter, MY_AES_BLOCK_SIZE, 1,
@ -259,11 +259,11 @@ log_crypt_set_ver_and_key(
if (srv_encrypt_log) {
unsigned int vkey;
vkey = get_latest_encryption_key_version();
vkey = encryption_key_get_latest_version();
encrypted = true;
if (vkey == UNENCRYPTED_KEY_VER ||
vkey == BAD_ENCRYPTION_KEY_VERSION) {
vkey == ENCRYPTION_KEY_VERSION_INVALID) {
encrypted = false;
ib_logf(IB_LOG_LEVEL_WARN,

4
storage/maria/ma_check_standalone.h
View file

@ -25,10 +25,10 @@ void _mi_report_crashed(void *file __attribute__((unused)),
static unsigned int no_key()
{
return BAD_ENCRYPTION_KEY_VERSION;
return ENCRYPTION_KEY_VERSION_INVALID;
}
struct encryption_keys_service_st encryption_keys_handler=
struct encryption_service_st encryption_handler=
{
no_key, 0, 0, 0, 0
};

14
storage/maria/ma_crypt.c
View file

@ -290,7 +290,7 @@ void ma_crypt_set_data_pagecache_callbacks(PAGECACHE_FILE *file,
__attribute__((unused)))
{
/* Only use encryption if we have defined it */
if (get_latest_encryption_key_version() != BAD_ENCRYPTION_KEY_VERSION)
if (encryption_key_get_latest_version() != ENCRYPTION_KEY_VERSION_INVALID)
{
file->pre_read_hook= ma_crypt_pre_read_hook;
file->post_read_hook= ma_crypt_data_post_read_hook;
@ -417,9 +417,9 @@ static int ma_encrypt(MARIA_CRYPT_DATA *crypt_data,
int4store(counter + 4, pageno);
int8store(counter + 8, lsn);
rc = encrypt_data(src, size, dst, &dstlen,
crypt_data->iv, CRYPT_SCHEME_1_IV_LEN,
counter, sizeof(counter), 1, *key_version);
rc = encryption_encrypt(src, size, dst, &dstlen,
crypt_data->iv, CRYPT_SCHEME_1_IV_LEN,
counter, sizeof(counter), 1, *key_version);
DBUG_ASSERT(rc == AES_OK);
DBUG_ASSERT(dstlen == size);
@ -449,9 +449,9 @@ static int ma_decrypt(MARIA_CRYPT_DATA *crypt_data,
int4store(counter + 4, pageno);
int8store(counter + 8, lsn);
rc =decrypt_data(src, size, dst, &dstlen,
crypt_data->iv, CRYPT_SCHEME_1_IV_LEN,
counter, sizeof(counter), 1, key_version);
rc =encryption_decrypt(src, size, dst, &dstlen,
crypt_data->iv, CRYPT_SCHEME_1_IV_LEN,
counter, sizeof(counter), 1, key_version);
DBUG_ASSERT(rc == AES_OK);
DBUG_ASSERT(dstlen == size);

22
storage/xtradb/fil/fil0crypt.cc
View file

@ -232,7 +232,7 @@ fil_crypt_get_key(byte *dst, uint* key_length,
}
*key_length= MY_AES_MAX_KEY_LENGTH;
int rc = get_encryption_key(version, (unsigned char*)keybuf, key_length);
int rc = encryption_key_get(version, (unsigned char*)keybuf, key_length);
if (rc) {
ib_logf(IB_LOG_LEVEL_FATAL,
@ -285,7 +285,7 @@ fil_crypt_get_latest_key(byte *dst, uint* key_length,
{
if (srv_encrypt_tables) {
// used for key rotation - get the next key id from the key provider
int rc = get_latest_encryption_key_version();
int rc = encryption_key_get_latest_version();
// if no new key was created use the last one
if (rc >= 0) {
@ -313,7 +313,7 @@ fil_space_create_crypt_data()
crypt_data->min_key_version = 0;
} else {
crypt_data->type = CRYPT_SCHEME_1;
crypt_data->min_key_version = get_latest_encryption_key_version();
crypt_data->min_key_version = encryption_key_get_latest_version();
}
mutex_create(fil_crypt_data_mutex_key,
@ -693,9 +693,9 @@ fil_space_encrypt(ulint space, ulint offset, lsn_t lsn,
srclen = page_size - FIL_PAGE_DATA;
}
int rc = encrypt_data(src, srclen, dst, &dstlen,
(unsigned char*)key, key_length,
(unsigned char*)iv, sizeof(iv), 1, key_version);
int rc = encryption_encrypt(src, srclen, dst, &dstlen,
(unsigned char*)key, key_length,
(unsigned char*)iv, sizeof(iv), 1, key_version);
if (! ((rc == AES_OK) && ((ulint) dstlen == srclen))) {
ib_logf(IB_LOG_LEVEL_FATAL,
@ -865,9 +865,9 @@ fil_space_decrypt(fil_space_crypt_t* crypt_data,
srclen = pow((double)2, (double)((int)compressed_len)) - FIL_PAGE_DATA;
}
int rc = decrypt_data(src, srclen, dst, &dstlen,
(unsigned char*)key, key_length,
(unsigned char*)iv, sizeof(iv), 1, key_version);
int rc = encryption_decrypt(src, srclen, dst, &dstlen,
(unsigned char*)key, key_length,
(unsigned char*)iv, sizeof(iv), 1, key_version);
if (! ((rc == AES_OK) && ((ulint) dstlen == srclen))) {
ib_logf(IB_LOG_LEVEL_FATAL,
@ -1007,7 +1007,7 @@ fil_crypt_get_key_state(
key_state_t *new_state)
{
if (srv_encrypt_tables == TRUE) {
new_state->key_version = get_latest_encryption_key_version();
new_state->key_version = encryption_key_get_latest_version();
new_state->rotate_key_age = srv_fil_crypt_rotate_key_age;
ut_a(new_state->key_version > 0);
} else {
@ -2381,7 +2381,7 @@ fil_space_crypt_get_status(
}
if (srv_encrypt_tables == TRUE) {
status->current_key_version = get_latest_encryption_key_version();
status->current_key_version = encryption_key_get_latest_version();
} else {
status->current_key_version = 0;
}

2
storage/xtradb/fil/fil0fil.cc
View file

@ -1192,7 +1192,7 @@ fil_space_create(
ut_a(fil_system);
if (fsp_flags_is_page_encrypted(flags)) {
if (!has_encryption_key(fsp_flags_get_page_encryption_key(flags))) {
if (!encryption_key_exists(fsp_flags_get_page_encryption_key(flags))) {
/* by returning here it should be avoided that
* the server crashes, if someone tries to access an
* encrypted table and the encryption key is not available.

2
storage/xtradb/handler/ha_innodb.cc
View file

@ -11911,7 +11911,7 @@ ha_innobase::check_table_options(
return "PAGE_ENCRYPTION_KEY";
}
if (!has_encryption_key(options->page_encryption_key)) {
if (!encryption_key_exists(options->page_encryption_key)) {
push_warning_printf(
thd, Sql_condition::WARN_LEVEL_WARN,
HA_WRONG_CREATE_OPTION,

6
storage/xtradb/include/fsp0pageencryption.ic
View file

@ -147,9 +147,9 @@ fil_page_encryption_status(
if (page_type == FIL_PAGE_TYPE_FSP_HDR) {
ulint flags = mach_read_from_4(FSP_HEADER_OFFSET + FSP_SPACE_FLAGS + buf);
if (fsp_flags_is_page_encrypted(flags)) {
if (!has_encryption_key(fsp_flags_get_page_encryption_key(flags))) {
if (!encryption_key_exists(fsp_flags_get_page_encryption_key(flags))) {
/* accessing table would surely fail, because no key or no key provider available */
if (!has_encryption_key(fsp_flags_get_page_encryption_key(flags))) {
if (!encryption_key_exists(fsp_flags_get_page_encryption_key(flags))) {
return PAGE_ENCRYPTION_KEY_MISSING;
}
return PAGE_ENCRYPTION_ERROR;
@ -159,7 +159,7 @@ fil_page_encryption_status(
if(page_type == FIL_PAGE_PAGE_COMPRESSED_ENCRYPTED) {
ulint key = mach_read_from_4(buf + FIL_PAGE_FILE_FLUSH_LSN_OR_KEY_VERSION);
if (!has_encryption_key(key)) {
if (!encryption_key_exists(key)) {
return PAGE_ENCRYPTION_KEY_MISSING;
}
return PAGE_ENCRYPTION_ERROR;

2
storage/xtradb/include/log0crypt.h
View file

@ -15,7 +15,7 @@ Created 11/25/2013 Minli Zhu
#define PURPOSE_BYTE_LEN MY_AES_BLOCK_SIZE - 1
#define PURPOSE_BYTE_OFFSET 0
#define UNENCRYPTED_KEY_VER 0
#define UNENCRYPTED_KEY_VER ENCRYPTION_KEY_VERSION_NOT_ENCRYPTED
typedef int Crypt_result;

16
storage/xtradb/log/log0crypt.cc
View file

@ -117,7 +117,7 @@ log_init_crypt_key(
byte mysqld_key[MY_AES_BLOCK_SIZE] = {0};
uint keylen= sizeof(mysqld_key);
if (get_encryption_key(crypt_ver, mysqld_key, &keylen))
if (encryption_key_get(crypt_ver, mysqld_key, &keylen))
{
ib_logf(IB_LOG_LEVEL_ERROR,
"Redo log crypto: getting mysqld crypto key "
@ -204,11 +204,11 @@ log_blocks_crypt(
mach_write_to_4(aes_ctr_counter + 11, log_block_no);
bzero(aes_ctr_counter + 15, 1);
int rc = encrypt_data(log_block + LOG_BLOCK_HDR_SIZE, src_len,
dst_block + LOG_BLOCK_HDR_SIZE, &dst_len,
(unsigned char*)key, 16,
aes_ctr_counter, MY_AES_BLOCK_SIZE, 1,
log_sys->redo_log_crypt_ver);
int rc = encryption_encrypt(log_block + LOG_BLOCK_HDR_SIZE, src_len,
dst_block + LOG_BLOCK_HDR_SIZE, &dst_len,
(unsigned char*)key, 16,
aes_ctr_counter, MY_AES_BLOCK_SIZE, 1,
log_sys->redo_log_crypt_ver);
ut_a(rc == AES_OK);
ut_a(dst_len == src_len);
@ -259,11 +259,11 @@ log_crypt_set_ver_and_key(
if (srv_encrypt_log) {
unsigned int vkey;
vkey = get_latest_encryption_key_version();
vkey = encryption_key_get_latest_version();
encrypted = true;
if (vkey == UNENCRYPTED_KEY_VER ||
vkey == BAD_ENCRYPTION_KEY_VERSION) {
vkey == ENCRYPTION_KEY_VERSION_INVALID) {
encrypted = false;
ib_logf(IB_LOG_LEVEL_WARN,