Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
M
MariaDB
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
nexedi
MariaDB
Commits
c0878f64
Commit
c0878f64
authored
Apr 01, 2015
by
Sergei Golubchik
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
remove wrappers in encryption_keys.cc
invoke plugin methods directly
parent
bb1b61b3
Changes
10
Hide whitespace changes
Inline
Side-by-side
Showing
10 changed files
with
68 additions
and
179 deletions
+68
-179
include/mysql/plugin_audit.h.pp
include/mysql/plugin_audit.h.pp
+3
-15
include/mysql/plugin_auth.h.pp
include/mysql/plugin_auth.h.pp
+3
-15
include/mysql/plugin_encryption.h.pp
include/mysql/plugin_encryption.h.pp
+3
-15
include/mysql/plugin_ftparser.h.pp
include/mysql/plugin_ftparser.h.pp
+3
-15
include/mysql/plugin_password_validation.h.pp
include/mysql/plugin_password_validation.h.pp
+3
-15
include/mysql/service_encryption_keys.h
include/mysql/service_encryption_keys.h
+11
-15
sql/encryption_keys.cc
sql/encryption_keys.cc
+35
-52
sql/sql_plugin.cc
sql/sql_plugin.cc
+3
-0
sql/sql_plugin_services.h
sql/sql_plugin_services.h
+0
-9
storage/maria/ma_check_standalone.h
storage/maria/ma_check_standalone.h
+4
-28
No files found.
include/mysql/plugin_audit.h.pp
View file @
c0878f64
...
...
@@ -203,26 +203,14 @@ typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen,
const
unsigned
char
*
key
,
unsigned
int
klen
,
const
unsigned
char
*
iv
,
unsigned
int
ivlen
,
int
no_padding
,
unsigned
int
key_version
);
extern
struct
encryption_keys_service_st
{
struct
encryption_keys_service_st
{
unsigned
int
(
*
get_latest_encryption_key_version_func
)();
unsigned
int
(
*
has_encryption_key_func
)(
unsigned
int
);
unsigned
int
(
*
get_encryption_key_func
)(
unsigned
int
,
unsigned
char
*
,
unsigned
int
*
);
encrypt_decrypt_func
encrypt_data_func
;
encrypt_decrypt_func
decrypt_data_func
;
}
*
encryption_keys_service
;
unsigned
int
get_latest_encryption_key_version
();
unsigned
int
has_encryption_key
(
unsigned
int
version
);
unsigned
int
get_encryption_key
(
unsigned
int
version
,
unsigned
char
*
key
,
unsigned
int
*
keybufsize
);
int
encrypt_data
(
const
unsigned
char
*
src
,
unsigned
int
slen
,
unsigned
char
*
dst
,
unsigned
int
*
dlen
,
const
unsigned
char
*
key
,
unsigned
int
klen
,
const
unsigned
char
*
iv
,
unsigned
int
ivlen
,
int
no_padding
,
unsigned
int
key_version
);
int
decrypt_data
(
const
unsigned
char
*
src
,
unsigned
int
slen
,
unsigned
char
*
dst
,
unsigned
int
*
dlen
,
const
unsigned
char
*
key
,
unsigned
int
klen
,
const
unsigned
char
*
iv
,
unsigned
int
ivlen
,
int
no_padding
,
unsigned
int
key_version
);
};
extern
struct
encryption_keys_service_st
encryption_keys_handler
;
struct
st_mysql_xid
{
long
formatID
;
long
gtrid_length
;
...
...
include/mysql/plugin_auth.h.pp
View file @
c0878f64
...
...
@@ -203,26 +203,14 @@ typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen,
const
unsigned
char
*
key
,
unsigned
int
klen
,
const
unsigned
char
*
iv
,
unsigned
int
ivlen
,
int
no_padding
,
unsigned
int
key_version
);
extern
struct
encryption_keys_service_st
{
struct
encryption_keys_service_st
{
unsigned
int
(
*
get_latest_encryption_key_version_func
)();
unsigned
int
(
*
has_encryption_key_func
)(
unsigned
int
);
unsigned
int
(
*
get_encryption_key_func
)(
unsigned
int
,
unsigned
char
*
,
unsigned
int
*
);
encrypt_decrypt_func
encrypt_data_func
;
encrypt_decrypt_func
decrypt_data_func
;
}
*
encryption_keys_service
;
unsigned
int
get_latest_encryption_key_version
();
unsigned
int
has_encryption_key
(
unsigned
int
version
);
unsigned
int
get_encryption_key
(
unsigned
int
version
,
unsigned
char
*
key
,
unsigned
int
*
keybufsize
);
int
encrypt_data
(
const
unsigned
char
*
src
,
unsigned
int
slen
,
unsigned
char
*
dst
,
unsigned
int
*
dlen
,
const
unsigned
char
*
key
,
unsigned
int
klen
,
const
unsigned
char
*
iv
,
unsigned
int
ivlen
,
int
no_padding
,
unsigned
int
key_version
);
int
decrypt_data
(
const
unsigned
char
*
src
,
unsigned
int
slen
,
unsigned
char
*
dst
,
unsigned
int
*
dlen
,
const
unsigned
char
*
key
,
unsigned
int
klen
,
const
unsigned
char
*
iv
,
unsigned
int
ivlen
,
int
no_padding
,
unsigned
int
key_version
);
};
extern
struct
encryption_keys_service_st
encryption_keys_handler
;
struct
st_mysql_xid
{
long
formatID
;
long
gtrid_length
;
...
...
include/mysql/plugin_encryption.h.pp
View file @
c0878f64
...
...
@@ -203,26 +203,14 @@ typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen,
const
unsigned
char
*
key
,
unsigned
int
klen
,
const
unsigned
char
*
iv
,
unsigned
int
ivlen
,
int
no_padding
,
unsigned
int
key_version
);
extern
struct
encryption_keys_service_st
{
struct
encryption_keys_service_st
{
unsigned
int
(
*
get_latest_encryption_key_version_func
)();
unsigned
int
(
*
has_encryption_key_func
)(
unsigned
int
);
unsigned
int
(
*
get_encryption_key_func
)(
unsigned
int
,
unsigned
char
*
,
unsigned
int
*
);
encrypt_decrypt_func
encrypt_data_func
;
encrypt_decrypt_func
decrypt_data_func
;
}
*
encryption_keys_service
;
unsigned
int
get_latest_encryption_key_version
();
unsigned
int
has_encryption_key
(
unsigned
int
version
);
unsigned
int
get_encryption_key
(
unsigned
int
version
,
unsigned
char
*
key
,
unsigned
int
*
keybufsize
);
int
encrypt_data
(
const
unsigned
char
*
src
,
unsigned
int
slen
,
unsigned
char
*
dst
,
unsigned
int
*
dlen
,
const
unsigned
char
*
key
,
unsigned
int
klen
,
const
unsigned
char
*
iv
,
unsigned
int
ivlen
,
int
no_padding
,
unsigned
int
key_version
);
int
decrypt_data
(
const
unsigned
char
*
src
,
unsigned
int
slen
,
unsigned
char
*
dst
,
unsigned
int
*
dlen
,
const
unsigned
char
*
key
,
unsigned
int
klen
,
const
unsigned
char
*
iv
,
unsigned
int
ivlen
,
int
no_padding
,
unsigned
int
key_version
);
};
extern
struct
encryption_keys_service_st
encryption_keys_handler
;
struct
st_mysql_xid
{
long
formatID
;
long
gtrid_length
;
...
...
include/mysql/plugin_ftparser.h.pp
View file @
c0878f64
...
...
@@ -203,26 +203,14 @@ typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen,
const
unsigned
char
*
key
,
unsigned
int
klen
,
const
unsigned
char
*
iv
,
unsigned
int
ivlen
,
int
no_padding
,
unsigned
int
key_version
);
extern
struct
encryption_keys_service_st
{
struct
encryption_keys_service_st
{
unsigned
int
(
*
get_latest_encryption_key_version_func
)();
unsigned
int
(
*
has_encryption_key_func
)(
unsigned
int
);
unsigned
int
(
*
get_encryption_key_func
)(
unsigned
int
,
unsigned
char
*
,
unsigned
int
*
);
encrypt_decrypt_func
encrypt_data_func
;
encrypt_decrypt_func
decrypt_data_func
;
}
*
encryption_keys_service
;
unsigned
int
get_latest_encryption_key_version
();
unsigned
int
has_encryption_key
(
unsigned
int
version
);
unsigned
int
get_encryption_key
(
unsigned
int
version
,
unsigned
char
*
key
,
unsigned
int
*
keybufsize
);
int
encrypt_data
(
const
unsigned
char
*
src
,
unsigned
int
slen
,
unsigned
char
*
dst
,
unsigned
int
*
dlen
,
const
unsigned
char
*
key
,
unsigned
int
klen
,
const
unsigned
char
*
iv
,
unsigned
int
ivlen
,
int
no_padding
,
unsigned
int
key_version
);
int
decrypt_data
(
const
unsigned
char
*
src
,
unsigned
int
slen
,
unsigned
char
*
dst
,
unsigned
int
*
dlen
,
const
unsigned
char
*
key
,
unsigned
int
klen
,
const
unsigned
char
*
iv
,
unsigned
int
ivlen
,
int
no_padding
,
unsigned
int
key_version
);
};
extern
struct
encryption_keys_service_st
encryption_keys_handler
;
struct
st_mysql_xid
{
long
formatID
;
long
gtrid_length
;
...
...
include/mysql/plugin_password_validation.h.pp
View file @
c0878f64
...
...
@@ -203,26 +203,14 @@ typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen,
const
unsigned
char
*
key
,
unsigned
int
klen
,
const
unsigned
char
*
iv
,
unsigned
int
ivlen
,
int
no_padding
,
unsigned
int
key_version
);
extern
struct
encryption_keys_service_st
{
struct
encryption_keys_service_st
{
unsigned
int
(
*
get_latest_encryption_key_version_func
)();
unsigned
int
(
*
has_encryption_key_func
)(
unsigned
int
);
unsigned
int
(
*
get_encryption_key_func
)(
unsigned
int
,
unsigned
char
*
,
unsigned
int
*
);
encrypt_decrypt_func
encrypt_data_func
;
encrypt_decrypt_func
decrypt_data_func
;
}
*
encryption_keys_service
;
unsigned
int
get_latest_encryption_key_version
();
unsigned
int
has_encryption_key
(
unsigned
int
version
);
unsigned
int
get_encryption_key
(
unsigned
int
version
,
unsigned
char
*
key
,
unsigned
int
*
keybufsize
);
int
encrypt_data
(
const
unsigned
char
*
src
,
unsigned
int
slen
,
unsigned
char
*
dst
,
unsigned
int
*
dlen
,
const
unsigned
char
*
key
,
unsigned
int
klen
,
const
unsigned
char
*
iv
,
unsigned
int
ivlen
,
int
no_padding
,
unsigned
int
key_version
);
int
decrypt_data
(
const
unsigned
char
*
src
,
unsigned
int
slen
,
unsigned
char
*
dst
,
unsigned
int
*
dlen
,
const
unsigned
char
*
key
,
unsigned
int
klen
,
const
unsigned
char
*
iv
,
unsigned
int
ivlen
,
int
no_padding
,
unsigned
int
key_version
);
};
extern
struct
encryption_keys_service_st
encryption_keys_handler
;
struct
st_mysql_xid
{
long
formatID
;
long
gtrid_length
;
...
...
include/mysql/service_encryption_keys.h
View file @
c0878f64
...
...
@@ -34,16 +34,18 @@ typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen,
const
unsigned
char
*
iv
,
unsigned
int
ivlen
,
int
no_padding
,
unsigned
int
key_version
);
extern
struct
encryption_keys_service_st
{
struct
encryption_keys_service_st
{
unsigned
int
(
*
get_latest_encryption_key_version_func
)();
unsigned
int
(
*
has_encryption_key_func
)(
unsigned
int
);
unsigned
int
(
*
get_encryption_key_func
)(
unsigned
int
,
unsigned
char
*
,
unsigned
int
*
);
encrypt_decrypt_func
encrypt_data_func
;
encrypt_decrypt_func
decrypt_data_func
;
}
*
encryption_keys_service
;
};
#ifdef MYSQL_DYNAMIC_PLUGIN
extern
struct
encryption_keys_service_st
*
encryption_keys_service
;
#define get_latest_encryption_key_version() encryption_keys_service->get_latest_encryption_key_version_func()
#define has_encryption_key(V) encryption_keys_service->has_encryption_key_func(V)
#define get_encryption_key(V,K,S) encryption_keys_service->get_encryption_key_func((V), (K), (S))
...
...
@@ -51,19 +53,13 @@ extern struct encryption_keys_service_st {
#define decrypt_data(S,SL,D,DL,K,KL,I,IL,NP,KV) encryption_keys_service->decrypt_data_func(S,SL,D,DL,K,KL,I,IL,NP,KV)
#else
unsigned
int
get_latest_encryption_key_version
();
unsigned
int
has_encryption_key
(
unsigned
int
version
);
unsigned
int
get_encryption_key
(
unsigned
int
version
,
unsigned
char
*
key
,
unsigned
int
*
keybufsize
);
int
encrypt_data
(
const
unsigned
char
*
src
,
unsigned
int
slen
,
unsigned
char
*
dst
,
unsigned
int
*
dlen
,
const
unsigned
char
*
key
,
unsigned
int
klen
,
const
unsigned
char
*
iv
,
unsigned
int
ivlen
,
int
no_padding
,
unsigned
int
key_version
);
int
decrypt_data
(
const
unsigned
char
*
src
,
unsigned
int
slen
,
unsigned
char
*
dst
,
unsigned
int
*
dlen
,
const
unsigned
char
*
key
,
unsigned
int
klen
,
const
unsigned
char
*
iv
,
unsigned
int
ivlen
,
int
no_padding
,
unsigned
int
key_version
);
extern
struct
encryption_keys_service_st
encryption_keys_handler
;
#define get_latest_encryption_key_version() encryption_keys_handler.get_latest_encryption_key_version_func()
#define has_encryption_key(V) encryption_keys_handler.has_encryption_key_func(V)
#define get_encryption_key(V,K,S) encryption_keys_handler.get_encryption_key_func((V), (K), (S))
#define encrypt_data(S,SL,D,DL,K,KL,I,IL,NP,KV) encryption_keys_handler.encrypt_data_func(S,SL,D,DL,K,KL,I,IL,NP,KV)
#define decrypt_data(S,SL,D,DL,K,KL,I,IL,NP,KV) encryption_keys_handler.decrypt_data_func(S,SL,D,DL,K,KL,I,IL,NP,KV)
#endif
#ifdef __cplusplus
...
...
sql/encryption_keys.cc
View file @
c0878f64
...
...
@@ -19,61 +19,29 @@
#include "sql_plugin.h"
#include <my_crypt.h>
#warning TODO rename to follow single consistent style
/* there can be only one encryption plugin enabled */
static
plugin_ref
encryption_key_manager
=
0
;
static
struct
st_mariadb_encryption
*
handle
;
unsigned
int
get_latest_encryption_key_version
()
{
if
(
encryption_key_manager
)
return
handle
->
get_latest_key_version
();
return
BAD_ENCRYPTION_KEY_VERSION
;
}
struct
encryption_keys_service_st
encryption_keys_handler
;
unsigned
int
has_
encryption_
key
(
uint
version
)
unsigned
int
has_key
(
uint
version
)
{
if
(
encryption_key_manager
)
{
uint
unused
;
return
handle
->
get_key
(
version
,
NULL
,
&
unused
)
!=
BAD_ENCRYPTION_KEY_VERSION
;
}
return
0
;
uint
unused
;
return
get_encryption_key
(
version
,
NULL
,
&
unused
)
!=
BAD_ENCRYPTION_KEY_VERSION
;
}
uint
get_encryption_key
(
uint
version
,
uchar
*
key
,
uint
*
size
)
uint
no_key
(
)
{
if
(
encryption_key_manager
)
return
handle
->
get_key
(
version
,
key
,
size
);
return
BAD_ENCRYPTION_KEY_VERSION
;
}
int
encrypt_data
(
const
uchar
*
source
,
uint
source_length
,
uchar
*
dest
,
uint
*
dest_length
,
const
uchar
*
key
,
uint
key_length
,
const
uchar
*
iv
,
uint
iv_length
,
int
no_padding
,
uint
key_version
)
{
if
(
encryption_key_manager
)
return
handle
->
encrypt
(
source
,
source_length
,
dest
,
dest_length
,
key
,
key_length
,
iv
,
iv_length
,
no_padding
,
key_version
);
return
1
;
}
int
decrypt_data
(
const
uchar
*
source
,
uint
source_length
,
uchar
*
dest
,
uint
*
dest_length
,
const
uchar
*
key
,
uint
key_length
,
const
uchar
*
iv
,
uint
iv_length
,
int
no_padding
,
uint
key_version
)
static
int
no_crypt
(
const
uchar
*
source
,
uint
source_length
,
uchar
*
dest
,
uint
*
dest_length
,
const
uchar
*
key
,
uint
key_length
,
const
uchar
*
iv
,
uint
iv_length
,
int
no_padding
,
uint
key_version
)
{
if
(
encryption_key_manager
)
return
handle
->
decrypt
(
source
,
source_length
,
dest
,
dest_length
,
key
,
key_length
,
iv
,
iv_length
,
no_padding
,
key_version
);
return
1
;
}
...
...
@@ -91,21 +59,36 @@ int initialize_encryption_plugin(st_plugin_int *plugin)
}
encryption_key_manager
=
plugin_lock
(
NULL
,
plugin_int_to_ref
(
plugin
));
handle
=
(
struct
st_mariadb_encryption
*
)
plugin
->
plugin
->
info
;
st_mariadb_encryption
*
handle
=
(
struct
st_mariadb_encryption
*
)
plugin
->
plugin
->
info
;
encryption_keys_handler
.
encrypt_data_func
=
handle
->
encrypt
?
handle
->
encrypt
:
(
encrypt_decrypt_func
)
my_aes_encrypt_cbc
;
encryption_keys_handler
.
decrypt_data_func
=
handle
->
decrypt
?
handle
->
decrypt
:
(
encrypt_decrypt_func
)
my_aes_decrypt_cbc
;
encryption_keys_handler
.
get_encryption_key_func
=
handle
->
get_key
;
/* default encryption algorithm */
if
(
!
handle
->
encrypt
)
handle
->
encrypt
=
(
encrypt_decrypt_func
)
my_aes_encrypt_cbc
;
if
(
!
handle
->
decrypt
)
handle
->
decrypt
=
(
encrypt_decrypt_func
)
my_aes_decrypt_cbc
;
encryption_keys_handler
.
get_latest_encryption_key_version_func
=
handle
->
get_latest_key_version
;
// must be the last
return
0
;
}
int
finalize_encryption_plugin
(
st_plugin_int
*
plugin
)
{
if
(
plugin
->
plugin
->
deinit
&&
plugin
->
plugin
->
deinit
(
NULL
))
encryption_keys_handler
.
encrypt_data_func
=
no_crypt
;
encryption_keys_handler
.
decrypt_data_func
=
no_crypt
;
encryption_keys_handler
.
has_encryption_key_func
=
has_key
;
encryption_keys_handler
.
get_encryption_key_func
=
(
uint
(
*
)(
uint
,
uchar
*
,
uint
*
))
no_key
;
encryption_keys_handler
.
get_latest_encryption_key_version_func
=
no_key
;
if
(
plugin
&&
plugin
->
plugin
->
deinit
&&
plugin
->
plugin
->
deinit
(
NULL
))
{
DBUG_PRINT
(
"warning"
,
(
"Plugin '%s' deinit function returned error."
,
plugin
->
name
.
str
));
...
...
sql/sql_plugin.cc
View file @
c0878f64
...
...
@@ -1562,6 +1562,9 @@ int plugin_init(int *argc, char **argv, int flags)
DBUG_ASSERT
(
strcmp
(
list_of_services
[
4
].
name
,
"debug_sync_service"
)
==
0
);
list_of_services
[
4
].
service
=
*
(
void
**
)
&
debug_sync_C_callback_ptr
;
/* prepare encryption_keys service */
finalize_encryption_plugin
(
0
);
mysql_mutex_lock
(
&
LOCK_plugin
);
initialized
=
1
;
...
...
sql/sql_plugin_services.h
View file @
c0878f64
...
...
@@ -139,15 +139,6 @@ static struct wsrep_service_st wsrep_handler = {
wsrep_unlock_rollback
};
static
struct
encryption_keys_service_st
encryption_keys_handler
=
{
get_latest_encryption_key_version
,
has_encryption_key
,
get_encryption_key
,
encrypt_data
,
decrypt_data
};
static
struct
thd_specifics_service_st
thd_specifics_handler
=
{
thd_key_create
,
...
...
storage/maria/ma_check_standalone.h
View file @
c0878f64
...
...
@@ -23,39 +23,15 @@ void _mi_report_crashed(void *file __attribute__((unused)),
{
}
unsigned
int
get_latest_encryption_key_version
()
static
unsigned
int
no_key
()
{
return
BAD_ENCRYPTION_KEY_VERSION
;
}
int
encrypt_data
(
const
uchar
*
source
__attribute__
((
unused
)),
uint
source_length
__attribute__
((
unused
)),
uchar
*
dest
__attribute__
((
unused
)),
uint
*
dest_length
__attribute__
((
unused
)),
const
uchar
*
key
__attribute__
((
unused
)),
uint
key_length
__attribute__
((
unused
)),
const
uchar
*
iv
__attribute__
((
unused
)),
uint
iv_length
__attribute__
((
unused
)),
int
no_padding
__attribute__
((
unused
)),
uint
key_version
__attribute__
((
unused
)))
struct
encryption_keys_service_st
encryption_keys_handler
=
{
return
1
;
}
int
decrypt_data
(
const
uchar
*
source
__attribute__
((
unused
)),
uint
source_length
__attribute__
((
unused
)),
uchar
*
dest
__attribute__
((
unused
)),
uint
*
dest_length
__attribute__
((
unused
)),
const
uchar
*
key
__attribute__
((
unused
)),
uint
key_length
__attribute__
((
unused
)),
const
uchar
*
iv
__attribute__
((
unused
)),
uint
iv_length
__attribute__
((
unused
)),
int
no_padding
__attribute__
((
unused
)),
uint
key_version
__attribute__
((
unused
)))
{
return
1
;
}
no_key
,
0
,
0
,
0
,
0
};
/* only those that included myisamchk.h may need and can use the below */
#ifdef _myisamchk_h
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment