Commit ef5b4889 authored by Sergei Golubchik's avatar Sergei Golubchik

optimize encryption api

only one encryption key lookup in most cases instead of three
(has_key, get_key_size, get_key).
parent c91e3260
...@@ -201,13 +201,11 @@ int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value); ...@@ -201,13 +201,11 @@ int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value);
extern struct encryption_keys_service_st { extern struct encryption_keys_service_st {
unsigned int (*get_latest_encryption_key_version_func)(); unsigned int (*get_latest_encryption_key_version_func)();
unsigned int (*has_encryption_key_func)(unsigned int); unsigned int (*has_encryption_key_func)(unsigned int);
unsigned int (*get_encryption_key_size_func)(unsigned int); unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*);
int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int);
} *encryption_keys_service; } *encryption_keys_service;
unsigned int get_latest_encryption_key_version(); unsigned int get_latest_encryption_key_version();
unsigned int has_encryption_key(unsigned int version); unsigned int has_encryption_key(unsigned int version);
unsigned int get_encryption_key_size(unsigned int version); unsigned int get_encryption_key(unsigned int version, unsigned char* key, unsigned int *keybufsize);
int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize);
struct st_mysql_xid { struct st_mysql_xid {
long formatID; long formatID;
long gtrid_length; long gtrid_length;
......
...@@ -201,13 +201,11 @@ int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value); ...@@ -201,13 +201,11 @@ int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value);
extern struct encryption_keys_service_st { extern struct encryption_keys_service_st {
unsigned int (*get_latest_encryption_key_version_func)(); unsigned int (*get_latest_encryption_key_version_func)();
unsigned int (*has_encryption_key_func)(unsigned int); unsigned int (*has_encryption_key_func)(unsigned int);
unsigned int (*get_encryption_key_size_func)(unsigned int); unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*);
int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int);
} *encryption_keys_service; } *encryption_keys_service;
unsigned int get_latest_encryption_key_version(); unsigned int get_latest_encryption_key_version();
unsigned int has_encryption_key(unsigned int version); unsigned int has_encryption_key(unsigned int version);
unsigned int get_encryption_key_size(unsigned int version); unsigned int get_encryption_key(unsigned int version, unsigned char* key, unsigned int *keybufsize);
int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize);
struct st_mysql_xid { struct st_mysql_xid {
long formatID; long formatID;
long gtrid_length; long gtrid_length;
......
...@@ -27,9 +27,10 @@ ...@@ -27,9 +27,10 @@
#include <mysql/plugin.h> #include <mysql/plugin.h>
#define MariaDB_ENCRYPTION_KEY_MANAGEMENT_INTERFACE_VERSION 0x0100 #define MariaDB_ENCRYPTION_KEY_MANAGEMENT_INTERFACE_VERSION 0x0200
#define BAD_ENCRYPTION_KEY_VERSION (UINT_MAX32) #define BAD_ENCRYPTION_KEY_VERSION (~(unsigned int)0)
#define KEY_BUFFER_TOO_SMALL (100)
/** /**
Encryption key management plugin descriptor Encryption key management plugin descriptor
...@@ -45,20 +46,28 @@ struct st_mariadb_encryption_key_management ...@@ -45,20 +46,28 @@ struct st_mariadb_encryption_key_management
*/ */
unsigned int (*get_latest_key_version)(); unsigned int (*get_latest_key_version)();
/** function returning if a key of the given version exists */
unsigned int (*has_key_version)(unsigned int version);
/** function returning the key size in bytes */
unsigned int (*get_key_size)(unsigned int version);
/** /**
function returning a key for a key version function returning a key for a key version
the key is put in 'key' buffer, that has size of 'keybufsize' bytes. @param version the requested key version
@param key the key will be stored there. Can be NULL -
in which case no key will be returned
@param key_length in: key buffer size
out: the actual length of the key
This method can be used to query the key length - the required
buffer size - by passing key==NULL.
If the buffer size is less than the key length the content of the
key buffer is undefined (the plugin is free to partially fill it with
the key data or leave it untouched).
@return 0 on success, non-zero on failure @return 0 on success, or
BAD_ENCRYPTION_KEY_VERSION, KEY_BUFFER_TOO_SMALL,
or any other non-zero number for errors
*/ */
int (*get_key)(unsigned int version, unsigned char* key, unsigned int keybufsize); unsigned int (*get_key)(unsigned int version, unsigned char *key,
unsigned int *key_length);
}; };
#endif #endif
...@@ -201,13 +201,11 @@ int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value); ...@@ -201,13 +201,11 @@ int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value);
extern struct encryption_keys_service_st { extern struct encryption_keys_service_st {
unsigned int (*get_latest_encryption_key_version_func)(); unsigned int (*get_latest_encryption_key_version_func)();
unsigned int (*has_encryption_key_func)(unsigned int); unsigned int (*has_encryption_key_func)(unsigned int);
unsigned int (*get_encryption_key_size_func)(unsigned int); unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*);
int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int);
} *encryption_keys_service; } *encryption_keys_service;
unsigned int get_latest_encryption_key_version(); unsigned int get_latest_encryption_key_version();
unsigned int has_encryption_key(unsigned int version); unsigned int has_encryption_key(unsigned int version);
unsigned int get_encryption_key_size(unsigned int version); unsigned int get_encryption_key(unsigned int version, unsigned char* key, unsigned int *keybufsize);
int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize);
struct st_mysql_xid { struct st_mysql_xid {
long formatID; long formatID;
long gtrid_length; long gtrid_length;
...@@ -368,7 +366,6 @@ struct st_mariadb_encryption_key_management ...@@ -368,7 +366,6 @@ struct st_mariadb_encryption_key_management
{ {
int interface_version; int interface_version;
unsigned int (*get_latest_key_version)(); unsigned int (*get_latest_key_version)();
unsigned int (*has_key_version)(unsigned int version); unsigned int (*get_key)(unsigned int version, unsigned char *key,
unsigned int (*get_key_size)(unsigned int version); unsigned int *key_length);
int (*get_key)(unsigned int version, unsigned char* key, unsigned int keybufsize);
}; };
...@@ -201,13 +201,11 @@ int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value); ...@@ -201,13 +201,11 @@ int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value);
extern struct encryption_keys_service_st { extern struct encryption_keys_service_st {
unsigned int (*get_latest_encryption_key_version_func)(); unsigned int (*get_latest_encryption_key_version_func)();
unsigned int (*has_encryption_key_func)(unsigned int); unsigned int (*has_encryption_key_func)(unsigned int);
unsigned int (*get_encryption_key_size_func)(unsigned int); unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*);
int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int);
} *encryption_keys_service; } *encryption_keys_service;
unsigned int get_latest_encryption_key_version(); unsigned int get_latest_encryption_key_version();
unsigned int has_encryption_key(unsigned int version); unsigned int has_encryption_key(unsigned int version);
unsigned int get_encryption_key_size(unsigned int version); unsigned int get_encryption_key(unsigned int version, unsigned char* key, unsigned int *keybufsize);
int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize);
struct st_mysql_xid { struct st_mysql_xid {
long formatID; long formatID;
long gtrid_length; long gtrid_length;
......
...@@ -201,13 +201,11 @@ int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value); ...@@ -201,13 +201,11 @@ int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value);
extern struct encryption_keys_service_st { extern struct encryption_keys_service_st {
unsigned int (*get_latest_encryption_key_version_func)(); unsigned int (*get_latest_encryption_key_version_func)();
unsigned int (*has_encryption_key_func)(unsigned int); unsigned int (*has_encryption_key_func)(unsigned int);
unsigned int (*get_encryption_key_size_func)(unsigned int); unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*);
int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int);
} *encryption_keys_service; } *encryption_keys_service;
unsigned int get_latest_encryption_key_version(); unsigned int get_latest_encryption_key_version();
unsigned int has_encryption_key(unsigned int version); unsigned int has_encryption_key(unsigned int version);
unsigned int get_encryption_key_size(unsigned int version); unsigned int get_encryption_key(unsigned int version, unsigned char* key, unsigned int *keybufsize);
int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize);
struct st_mysql_xid { struct st_mysql_xid {
long formatID; long formatID;
long gtrid_length; long gtrid_length;
......
...@@ -28,23 +28,20 @@ extern "C" { ...@@ -28,23 +28,20 @@ extern "C" {
extern struct encryption_keys_service_st { extern struct encryption_keys_service_st {
unsigned int (*get_latest_encryption_key_version_func)(); unsigned int (*get_latest_encryption_key_version_func)();
unsigned int (*has_encryption_key_func)(unsigned int); unsigned int (*has_encryption_key_func)(unsigned int);
unsigned int (*get_encryption_key_size_func)(unsigned int); unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*);
int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int);
} *encryption_keys_service; } *encryption_keys_service;
#ifdef MYSQL_DYNAMIC_PLUGIN #ifdef MYSQL_DYNAMIC_PLUGIN
#define get_latest_encryption_key_version() encryption_keys_service->get_latest_encryption_key_version_func() #define get_latest_encryption_key_version() encryption_keys_service->get_latest_encryption_key_version_func()
#define has_encryption_key(V) encryption_keys_service->has_encryption_key_func(V) #define has_encryption_key(V) encryption_keys_service->has_encryption_key_func(V)
#define get_encryption_key_size(V) encryption_keys_service->get_encryption_key_size_func(V)
#define get_encryption_key(V,K,S) encryption_keys_service->get_encryption_key_func((V), (K), (S)) #define get_encryption_key(V,K,S) encryption_keys_service->get_encryption_key_func((V), (K), (S))
#else #else
unsigned int get_latest_encryption_key_version(); unsigned int get_latest_encryption_key_version();
unsigned int has_encryption_key(unsigned int version); unsigned int has_encryption_key(unsigned int version);
unsigned int get_encryption_key_size(unsigned int version); unsigned int get_encryption_key(unsigned int version, unsigned char* key, unsigned int *keybufsize);
int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize);
#endif #endif
......
...@@ -35,5 +35,5 @@ ...@@ -35,5 +35,5 @@
#define VERSION_thd_autoinc 0x0100 #define VERSION_thd_autoinc 0x0100
#define VERSION_thd_error_context 0x0100 #define VERSION_thd_error_context 0x0100
#define VERSION_thd_specifics 0x0100 #define VERSION_thd_specifics 0x0100
#define VERSION_encryption_keys 0x0100 #define VERSION_encryption_keys 0x0200
...@@ -28,6 +28,8 @@ ...@@ -28,6 +28,8 @@
#include <string.h> #include <string.h>
#include <myisampack.h> #include <myisampack.h>
#define KEY_SIZE 16
static uint key_version; static uint key_version;
static MYSQL_SYSVAR_UINT(version, key_version, PLUGIN_VAR_RQCMDARG, static MYSQL_SYSVAR_UINT(version, key_version, PLUGIN_VAR_RQCMDARG,
...@@ -43,30 +45,25 @@ static unsigned int get_latest_key_version() ...@@ -43,30 +45,25 @@ static unsigned int get_latest_key_version()
return key_version; return key_version;
} }
static int get_key(unsigned int version, unsigned char* dstbuf, unsigned buflen) static unsigned int get_key(unsigned int version, unsigned char* dstbuf, unsigned *buflen)
{ {
if (buflen < 4) if (*buflen < KEY_SIZE)
return 1; {
memset(dstbuf, 0, buflen); *buflen= KEY_SIZE;
mi_int4store(dstbuf, version); return KEY_BUFFER_TOO_SMALL;
}
*buflen= KEY_SIZE;
if (!dstbuf)
return 0; return 0;
}
static unsigned int has_key(unsigned int ver) memset(dstbuf, 0, KEY_SIZE);
{ mi_int4store(dstbuf, version);
return 1; return 0;
}
static unsigned int get_key_size(unsigned int ver)
{
return 16;
} }
struct st_mariadb_encryption_key_management debug_key_management_plugin= { struct st_mariadb_encryption_key_management debug_key_management_plugin= {
MariaDB_ENCRYPTION_KEY_MANAGEMENT_INTERFACE_VERSION, MariaDB_ENCRYPTION_KEY_MANAGEMENT_INTERFACE_VERSION,
get_latest_key_version, get_latest_key_version,
has_key,
get_key_size,
get_key get_key
}; };
......
...@@ -58,32 +58,21 @@ get_latest_key_version() ...@@ -58,32 +58,21 @@ get_latest_key_version()
return key_version; return key_version;
} }
static int static unsigned int
get_key(unsigned int version, unsigned char* dstbuf, unsigned buflen) get_key(unsigned int version, unsigned char* dstbuf, unsigned *buflen)
{ {
unsigned char *dst = dstbuf; if (*buflen < MD5_HASH_SIZE)
unsigned len = 0;
for (; len + MD5_HASH_SIZE <= buflen; len += MD5_HASH_SIZE)
{
compute_md5_hash(dst, (const char*)&version, sizeof(version));
dst += MD5_HASH_SIZE;
version++;
}
if (len < buflen)
{ {
memset(dst, 0, buflen - len); *buflen= MD5_HASH_SIZE;
return KEY_BUFFER_TOO_SMALL;
} }
*buflen= MD5_HASH_SIZE;
if (!dstbuf)
return 0; return 0;
}
static unsigned int has_key_func(unsigned int keyID) my_md5(dstbuf, (const char*)&version, sizeof(version));
{
return true;
}
static unsigned int get_key_size(unsigned int keyID) return 0;
{
return 16;
} }
static int example_key_management_plugin_init(void *p) static int example_key_management_plugin_init(void *p)
...@@ -115,8 +104,6 @@ static int example_key_management_plugin_deinit(void *p) ...@@ -115,8 +104,6 @@ static int example_key_management_plugin_deinit(void *p)
struct st_mariadb_encryption_key_management example_key_management_plugin= { struct st_mariadb_encryption_key_management example_key_management_plugin= {
MariaDB_ENCRYPTION_KEY_MANAGEMENT_INTERFACE_VERSION, MariaDB_ENCRYPTION_KEY_MANAGEMENT_INTERFACE_VERSION,
get_latest_key_version, get_latest_key_version,
has_key_func,
get_key_size,
get_key get_key
}; };
......
...@@ -67,36 +67,25 @@ static unsigned int get_highest_key_used_in_key_file() ...@@ -67,36 +67,25 @@ static unsigned int get_highest_key_used_in_key_file()
return 0; return 0;
} }
static unsigned int has_key_from_key_file(unsigned int key_id) static unsigned int get_key_from_key_file(unsigned int key_id,
unsigned char* dstbuf, unsigned *buflen)
{ {
keyentry* entry = get_key(key_id); keyentry* entry = get_key(key_id);
return entry != NULL; if (entry == NULL)
} return BAD_ENCRYPTION_KEY_VERSION;
static unsigned int get_key_size_from_key_file(unsigned int key_id)
{
keyentry* entry = get_key(key_id);
return entry ? entry->length : CRYPT_KEY_UNKNOWN; if (*buflen < entry->length)
}
static int get_key_from_key_file(unsigned int key_id, unsigned char* dstbuf,
unsigned buflen)
{
keyentry* entry = get_key(key_id);
if (entry != NULL)
{ {
if (buflen < entry->length) *buflen= entry->length;
return CRYPT_BUFFER_TO_SMALL; return KEY_BUFFER_TOO_SMALL;
}
*buflen= entry->length;
if (dstbuf)
memcpy(dstbuf, entry->key, entry->length); memcpy(dstbuf, entry->key, entry->length);
return CRYPT_KEY_OK; return 0;
}
else
return CRYPT_KEY_UNKNOWN;
} }
static int file_key_management_plugin_init(void *p) static int file_key_management_plugin_init(void *p)
...@@ -108,8 +97,6 @@ static int file_key_management_plugin_init(void *p) ...@@ -108,8 +97,6 @@ static int file_key_management_plugin_init(void *p)
struct st_mariadb_encryption_key_management file_key_management_plugin= { struct st_mariadb_encryption_key_management file_key_management_plugin= {
MariaDB_ENCRYPTION_KEY_MANAGEMENT_INTERFACE_VERSION, MariaDB_ENCRYPTION_KEY_MANAGEMENT_INTERFACE_VERSION,
get_highest_key_used_in_key_file, get_highest_key_used_in_key_file,
has_key_from_key_file,
get_key_size_from_key_file,
get_key_from_key_file get_key_from_key_file
}; };
......
...@@ -18,25 +18,20 @@ unsigned int get_latest_encryption_key_version() ...@@ -18,25 +18,20 @@ unsigned int get_latest_encryption_key_version()
unsigned int has_encryption_key(uint version) unsigned int has_encryption_key(uint version)
{ {
if (encryption_key_manager) if (encryption_key_manager)
return handle->has_key_version(version); {
uint unused;
return 0; return handle->get_key(version, NULL, &unused) != BAD_ENCRYPTION_KEY_VERSION;
} }
unsigned int get_encryption_key_size(uint version)
{
if (encryption_key_manager)
return handle->get_key_size(version);
return 0; return 0;
} }
int get_encryption_key(uint version, uchar* key, uint size) uint get_encryption_key(uint version, uchar* key, uint *size)
{ {
if (encryption_key_manager) if (encryption_key_manager)
return handle->get_key(version, key, size); return handle->get_key(version, key, size);
return 1; return BAD_ENCRYPTION_KEY_VERSION;
} }
int initialize_encryption_key_management_plugin(st_plugin_int *plugin) int initialize_encryption_key_management_plugin(st_plugin_int *plugin)
......
...@@ -143,7 +143,6 @@ static struct encryption_keys_service_st encryption_keys_handler= ...@@ -143,7 +143,6 @@ static struct encryption_keys_service_st encryption_keys_handler=
{ {
get_latest_encryption_key_version, get_latest_encryption_key_version,
has_encryption_key, has_encryption_key,
get_encryption_key_size,
get_encryption_key get_encryption_key
}; };
......
...@@ -212,12 +212,12 @@ fil_crypt_get_key(byte *dst, uint* key_length, ...@@ -212,12 +212,12 @@ fil_crypt_get_key(byte *dst, uint* key_length,
mutex_enter(&crypt_data->mutex); mutex_enter(&crypt_data->mutex);
if (!page_encrypted) { if (!page_encrypted) {
*key_length = get_encryption_key_size(version);
// Check if we already have key // Check if we already have key
for (uint i = 0; i < crypt_data->key_count; i++) { for (uint i = 0; i < crypt_data->key_count; i++) {
if (crypt_data->keys[i].key_version == version) { if (crypt_data->keys[i].key_version == version) {
memcpy(dst, crypt_data->keys[i].key, memcpy(dst, crypt_data->keys[i].key,
sizeof(crypt_data->keys[i].key)); sizeof(crypt_data->keys[i].key));
*key_length= MY_AES_BLOCK_SIZE;
mutex_exit(&crypt_data->mutex); mutex_exit(&crypt_data->mutex);
return; return;
} }
...@@ -231,23 +231,14 @@ fil_crypt_get_key(byte *dst, uint* key_length, ...@@ -231,23 +231,14 @@ fil_crypt_get_key(byte *dst, uint* key_length,
} }
} }
if (has_encryption_key(version)) { *key_length= MY_AES_MAX_KEY_LENGTH;
int rc; int rc = get_encryption_key(version, (unsigned char*)keybuf, key_length);
*key_length = get_encryption_key_size(version); if (rc) {
rc = get_encryption_key(version, (unsigned char*)keybuf, *key_length);
if (rc != CRYPT_KEY_OK) {
ib_logf(IB_LOG_LEVEL_FATAL, ib_logf(IB_LOG_LEVEL_FATAL,
"Key %d can not be found. Reason=%d", version, rc); "Key %d can not be found. Reason=%d", version, rc);
ut_error; ut_error;
} }
} else {
ib_logf(IB_LOG_LEVEL_FATAL,
"Key %d not found", version);
ut_error;
}
// do ctr key initialization // do ctr key initialization
if (current_aes_dynamic_method == MY_AES_ALGORITHM_CTR) if (current_aes_dynamic_method == MY_AES_ALGORITHM_CTR)
......
...@@ -27,6 +27,7 @@ Modified Jan Lindström jan.lindstrom@mariadb.com ...@@ -27,6 +27,7 @@ Modified Jan Lindström jan.lindstrom@mariadb.com
#include "log0crypt.h" #include "log0crypt.h"
#include <my_crypt.h> #include <my_crypt.h>
#include <my_aes.h> #include <my_aes.h>
#include "log0log.h" #include "log0log.h"
#include "srv0start.h" // for srv_start_lsn #include "srv0start.h" // for srv_start_lsn
#include "log0recv.h" // for recv_sys #include "log0recv.h" // for recv_sys
...@@ -116,7 +117,8 @@ log_init_crypt_key( ...@@ -116,7 +117,8 @@ log_init_crypt_key(
} }
byte mysqld_key[MY_AES_BLOCK_SIZE] = {0}; byte mysqld_key[MY_AES_BLOCK_SIZE] = {0};
if (get_encryption_key(crypt_ver, mysqld_key, MY_AES_BLOCK_SIZE)) uint keylen= sizeof(mysqld_key);
if (get_encryption_key(crypt_ver, mysqld_key, &keylen))
{ {
ib_logf(IB_LOG_LEVEL_ERROR, ib_logf(IB_LOG_LEVEL_ERROR,
"Redo log crypto: getting mysqld crypto key " "Redo log crypto: getting mysqld crypto key "
......
...@@ -212,12 +212,12 @@ fil_crypt_get_key(byte *dst, uint* key_length, ...@@ -212,12 +212,12 @@ fil_crypt_get_key(byte *dst, uint* key_length,
mutex_enter(&crypt_data->mutex); mutex_enter(&crypt_data->mutex);
if (!page_encrypted) { if (!page_encrypted) {
*key_length = get_encryption_key_size(version);
// Check if we already have key // Check if we already have key
for (uint i = 0; i < crypt_data->key_count; i++) { for (uint i = 0; i < crypt_data->key_count; i++) {
if (crypt_data->keys[i].key_version == version) { if (crypt_data->keys[i].key_version == version) {
memcpy(dst, crypt_data->keys[i].key, memcpy(dst, crypt_data->keys[i].key,
sizeof(crypt_data->keys[i].key)); sizeof(crypt_data->keys[i].key));
*key_length= MY_AES_BLOCK_SIZE;
mutex_exit(&crypt_data->mutex); mutex_exit(&crypt_data->mutex);
return; return;
} }
...@@ -231,23 +231,14 @@ fil_crypt_get_key(byte *dst, uint* key_length, ...@@ -231,23 +231,14 @@ fil_crypt_get_key(byte *dst, uint* key_length,
} }
} }
if (has_encryption_key(version)) { *key_length= MY_AES_MAX_KEY_LENGTH;
int rc; int rc = get_encryption_key(version, (unsigned char*)keybuf, key_length);
*key_length = get_encryption_key_size(version); if (rc) {
rc = get_encryption_key(version, (unsigned char*)keybuf, *key_length);
if (rc != CRYPT_KEY_OK) {
ib_logf(IB_LOG_LEVEL_FATAL, ib_logf(IB_LOG_LEVEL_FATAL,
"Key %d can not be found. Reason=%d", version, rc); "Key %d can not be found. Reason=%d", version, rc);
ut_error; ut_error;
} }
} else {
ib_logf(IB_LOG_LEVEL_FATAL,
"Key %d not found", version);
ut_error;
}
// do ctr key initialization // do ctr key initialization
if (current_aes_dynamic_method == MY_AES_ALGORITHM_CTR) if (current_aes_dynamic_method == MY_AES_ALGORITHM_CTR)
......
...@@ -117,7 +117,8 @@ log_init_crypt_key( ...@@ -117,7 +117,8 @@ log_init_crypt_key(
} }
byte mysqld_key[MY_AES_BLOCK_SIZE] = {0}; byte mysqld_key[MY_AES_BLOCK_SIZE] = {0};
if (get_encryption_key(crypt_ver, mysqld_key, MY_AES_BLOCK_SIZE)) uint keylen= sizeof(mysqld_key);
if (get_encryption_key(crypt_ver, mysqld_key, &keylen))
{ {
ib_logf(IB_LOG_LEVEL_ERROR, ib_logf(IB_LOG_LEVEL_ERROR,
"Redo log crypto: getting mysqld crypto key " "Redo log crypto: getting mysqld crypto key "
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment