remove get_iv() from the key management plugin API
now IVs are always handled internally
This commit is contained in:
Sergei Golubchik
parent
c238e68d96
commit
5d8dbee97b
@ -203,13 +203,11 @@ extern struct encryption_keys_service_st {
|
||||
unsigned int (*has_encryption_key_func)(unsigned int);
|
||||
unsigned int (*get_encryption_key_size_func)(unsigned int);
|
||||
int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int);
|
||||
int (*get_encryption_iv_func)(unsigned int, unsigned char*, unsigned int);
|
||||
} *encryption_keys_service;
|
||||
unsigned int get_latest_encryption_key_version();
|
||||
unsigned int has_encryption_key(unsigned int version);
|
||||
unsigned int get_encryption_key_size(unsigned int version);
|
||||
int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize);
|
||||
int get_encryption_iv(unsigned int version, unsigned char* iv, unsigned int ivbufsize);
|
||||
struct st_mysql_xid {
|
||||
long formatID;
|
||||
long gtrid_length;
|
||||
|
||||
@ -203,13 +203,11 @@ extern struct encryption_keys_service_st {
|
||||
unsigned int (*has_encryption_key_func)(unsigned int);
|
||||
unsigned int (*get_encryption_key_size_func)(unsigned int);
|
||||
int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int);
|
||||
int (*get_encryption_iv_func)(unsigned int, unsigned char*, unsigned int);
|
||||
} *encryption_keys_service;
|
||||
unsigned int get_latest_encryption_key_version();
|
||||
unsigned int has_encryption_key(unsigned int version);
|
||||
unsigned int get_encryption_key_size(unsigned int version);
|
||||
int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize);
|
||||
int get_encryption_iv(unsigned int version, unsigned char* iv, unsigned int ivbufsize);
|
||||
struct st_mysql_xid {
|
||||
long formatID;
|
||||
long gtrid_length;
|
||||
|
||||
@ -59,15 +59,6 @@ struct st_mariadb_encryption_key_management
|
||||
@return 0 on success, non-zero on failure
|
||||
*/
|
||||
int (*get_key)(unsigned int version, unsigned char* key, unsigned int keybufsize);
|
||||
|
||||
/**
|
||||
function returning an IV for a key version
|
||||
|
||||
the IV is put in 'iv' buffer, that has size of 'ivbufsize' bytes.
|
||||
|
||||
@return 0 on success, non-zero on failure
|
||||
*/
|
||||
int (*get_iv)(unsigned int version, unsigned char* iv, unsigned int ivbufsize);
|
||||
};
|
||||
#endif
|
||||
|
||||
|
||||
@ -203,13 +203,11 @@ extern struct encryption_keys_service_st {
|
||||
unsigned int (*has_encryption_key_func)(unsigned int);
|
||||
unsigned int (*get_encryption_key_size_func)(unsigned int);
|
||||
int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int);
|
||||
int (*get_encryption_iv_func)(unsigned int, unsigned char*, unsigned int);
|
||||
} *encryption_keys_service;
|
||||
unsigned int get_latest_encryption_key_version();
|
||||
unsigned int has_encryption_key(unsigned int version);
|
||||
unsigned int get_encryption_key_size(unsigned int version);
|
||||
int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize);
|
||||
int get_encryption_iv(unsigned int version, unsigned char* iv, unsigned int ivbufsize);
|
||||
struct st_mysql_xid {
|
||||
long formatID;
|
||||
long gtrid_length;
|
||||
@ -373,5 +371,4 @@ struct st_mariadb_encryption_key_management
|
||||
unsigned int (*has_key_version)(unsigned int version);
|
||||
unsigned int (*get_key_size)(unsigned int version);
|
||||
int (*get_key)(unsigned int version, unsigned char* key, unsigned int keybufsize);
|
||||
int (*get_iv)(unsigned int version, unsigned char* iv, unsigned int ivbufsize);
|
||||
};
|
||||
|
||||
@ -203,13 +203,11 @@ extern struct encryption_keys_service_st {
|
||||
unsigned int (*has_encryption_key_func)(unsigned int);
|
||||
unsigned int (*get_encryption_key_size_func)(unsigned int);
|
||||
int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int);
|
||||
int (*get_encryption_iv_func)(unsigned int, unsigned char*, unsigned int);
|
||||
} *encryption_keys_service;
|
||||
unsigned int get_latest_encryption_key_version();
|
||||
unsigned int has_encryption_key(unsigned int version);
|
||||
unsigned int get_encryption_key_size(unsigned int version);
|
||||
int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize);
|
||||
int get_encryption_iv(unsigned int version, unsigned char* iv, unsigned int ivbufsize);
|
||||
struct st_mysql_xid {
|
||||
long formatID;
|
||||
long gtrid_length;
|
||||
|
||||
@ -203,13 +203,11 @@ extern struct encryption_keys_service_st {
|
||||
unsigned int (*has_encryption_key_func)(unsigned int);
|
||||
unsigned int (*get_encryption_key_size_func)(unsigned int);
|
||||
int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int);
|
||||
int (*get_encryption_iv_func)(unsigned int, unsigned char*, unsigned int);
|
||||
} *encryption_keys_service;
|
||||
unsigned int get_latest_encryption_key_version();
|
||||
unsigned int has_encryption_key(unsigned int version);
|
||||
unsigned int get_encryption_key_size(unsigned int version);
|
||||
int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize);
|
||||
int get_encryption_iv(unsigned int version, unsigned char* iv, unsigned int ivbufsize);
|
||||
struct st_mysql_xid {
|
||||
long formatID;
|
||||
long gtrid_length;
|
||||
|
||||
@ -30,7 +30,6 @@ extern struct encryption_keys_service_st {
|
||||
unsigned int (*has_encryption_key_func)(unsigned int);
|
||||
unsigned int (*get_encryption_key_size_func)(unsigned int);
|
||||
int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int);
|
||||
int (*get_encryption_iv_func)(unsigned int, unsigned char*, unsigned int);
|
||||
} *encryption_keys_service;
|
||||
|
||||
#ifdef MYSQL_DYNAMIC_PLUGIN
|
||||
@ -39,7 +38,6 @@ extern struct encryption_keys_service_st {
|
||||
#define has_encryption_key(V) encryption_keys_service->has_encryption_key_func(V)
|
||||
#define get_encryption_key_size(V) encryption_keys_service->get_encryption_key_size_func(V)
|
||||
#define get_encryption_key(V,K,S) encryption_keys_service->get_encryption_key_func((V), (K), (S))
|
||||
#define get_encryption_iv(V, I, S) encryption_keys_service->get_encryption_iv_func((V), (I), (S))
|
||||
|
||||
#else
|
||||
|
||||
@ -47,7 +45,6 @@ unsigned int get_latest_encryption_key_version();
|
||||
unsigned int has_encryption_key(unsigned int version);
|
||||
unsigned int get_encryption_key_size(unsigned int version);
|
||||
int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize);
|
||||
int get_encryption_iv(unsigned int version, unsigned char* iv, unsigned int ivbufsize);
|
||||
|
||||
#endif
|
||||
|
||||
|
||||
@ -62,18 +62,12 @@ static unsigned int get_key_size(unsigned int ver)
|
||||
return 16;
|
||||
}
|
||||
|
||||
static int get_iv(unsigned int ver, unsigned char* dstbuf, unsigned buflen)
|
||||
{
|
||||
return 0; // to be removed
|
||||
}
|
||||
|
||||
struct st_mariadb_encryption_key_management debug_key_management_plugin= {
|
||||
MariaDB_ENCRYPTION_KEY_MANAGEMENT_INTERFACE_VERSION,
|
||||
get_latest_key_version,
|
||||
has_key,
|
||||
get_key_size,
|
||||
get_key,
|
||||
get_iv
|
||||
get_key
|
||||
};
|
||||
|
||||
/*
|
||||
|
||||
@ -86,20 +86,6 @@ static unsigned int get_key_size(unsigned int keyID)
|
||||
return 16;
|
||||
}
|
||||
|
||||
static int get_iv(unsigned int keyID, unsigned char* dstbuf, unsigned buflen)
|
||||
{
|
||||
if (buflen < 16)
|
||||
{
|
||||
return CRYPT_BUFFER_TO_SMALL;
|
||||
}
|
||||
|
||||
for (int i=0; i<16; i++)
|
||||
dstbuf[i] = 0;
|
||||
|
||||
return CRYPT_KEY_OK;
|
||||
}
|
||||
|
||||
|
||||
static int example_key_management_plugin_init(void *p)
|
||||
{
|
||||
/* init */
|
||||
@ -131,8 +117,7 @@ struct st_mariadb_encryption_key_management example_key_management_plugin= {
|
||||
get_latest_key_version,
|
||||
has_key_func,
|
||||
get_key_size,
|
||||
get_key,
|
||||
get_iv
|
||||
get_key
|
||||
};
|
||||
|
||||
/*
|
||||
|
||||
@ -204,32 +204,6 @@ static int get_key_from_key_file(unsigned int keyID, unsigned char* dstbuf,
|
||||
}
|
||||
}
|
||||
|
||||
static int get_iv_from_key_file(unsigned int keyID, unsigned char* dstbuf,
|
||||
unsigned buflen)
|
||||
{
|
||||
keyentry* entry = KeySingleton::getInstance().getKeys((int)keyID);
|
||||
|
||||
if (entry != NULL)
|
||||
{
|
||||
char* ivString = entry->iv;
|
||||
size_t iv_len = strlen(ivString)/2;
|
||||
|
||||
if (buflen < iv_len)
|
||||
{
|
||||
return CRYPT_BUFFER_TO_SMALL;
|
||||
}
|
||||
|
||||
my_aes_hex2uint(ivString, (unsigned char*)dstbuf, iv_len);
|
||||
|
||||
return CRYPT_KEY_OK;
|
||||
}
|
||||
else
|
||||
{
|
||||
return CRYPT_KEY_UNKNOWN;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
static int file_key_management_plugin_init(void *p)
|
||||
{
|
||||
/* init */
|
||||
@ -265,8 +239,7 @@ struct st_mariadb_encryption_key_management file_key_management_plugin= {
|
||||
get_highest_key_used_in_key_file,
|
||||
has_key_from_key_file,
|
||||
get_key_size_from_key_file,
|
||||
get_key_from_key_file,
|
||||
get_iv_from_key_file
|
||||
get_key_from_key_file
|
||||
};
|
||||
|
||||
/*
|
||||
|
||||
@ -39,14 +39,6 @@ int get_encryption_key(uint version, uchar* key, uint size)
|
||||
return 1;
|
||||
}
|
||||
|
||||
int get_encryption_iv(uint version, uchar* iv, uint size)
|
||||
{
|
||||
if (encryption_key_manager)
|
||||
return handle->get_iv(version, iv, size);
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
int initialize_encryption_key_management_plugin(st_plugin_int *plugin)
|
||||
{
|
||||
if (encryption_key_manager)
|
||||
|
||||
@ -144,8 +144,7 @@ static struct encryption_keys_service_st encryption_keys_handler=
|
||||
get_latest_encryption_key_version,
|
||||
has_encryption_key,
|
||||
get_encryption_key_size,
|
||||
get_encryption_key,
|
||||
get_encryption_iv
|
||||
get_encryption_key
|
||||
};
|
||||
|
||||
static struct thd_specifics_service_st thd_specifics_handler=
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user