file_key_management plugin: complain if key id 1 is not found

and don't recommend aes_ctr if it's unavailable

4 files changed, 46 insertions, 2 deletions

diff --git a/mysql-test/suite/encryption/r/filekeys_syntax.result b/mysql-test/suite/encryption/r/filekeys_syntax.result
index a5606152d80..eb8119bc4f5 100644
--- a/mysql-test/suite/encryption/r/filekeys_syntax.result
+++ b/mysql-test/suite/encryption/r/filekeys_syntax.result
@@ -127,3 +127,23 @@ ERROR HY000: Can't create table `test`.`t1` (errno: 140 "Wrong create options")
 select plugin_status from information_schema.plugins
 where plugin_name = 'file_key_management';
 plugin_status
+install soname 'file_key_management';
+ERROR HY000: System key id 1 is missing at MYSQL_TMP_DIR/keys.txt line 1, column 1
+call mtr.add_suppression("Syntax error");
+call mtr.add_suppression("Plugin 'file_key_management' init function returned error");
+call mtr.add_suppression("Plugin 'file_key_management' registration.*failed");
+FOUND /Syntax error/ in mysqld.1.err
+create table t1(c1 bigint not null, b char(200))  engine=innodb encrypted=yes encryption_key_id=1;
+ERROR HY000: Can't create table `test`.`t1` (errno: 140 "Wrong create options")
+select plugin_status from information_schema.plugins
+where plugin_name = 'file_key_management';
+plugin_status
+call mtr.add_suppression("System key id 1");
+call mtr.add_suppression("Plugin 'file_key_management' init function returned error");
+call mtr.add_suppression("Plugin 'file_key_management' registration.*failed");
+FOUND /System key id 1/ in mysqld.1.err
+create table t1(c1 bigint not null, b char(200))  engine=innodb encrypted=yes encryption_key_id=1;
+ERROR HY000: Can't create table `test`.`t1` (errno: 140 "Wrong create options")
+select plugin_status from information_schema.plugins
+where plugin_name = 'file_key_management';
+plugin_status
diff --git a/mysql-test/suite/encryption/t/filekeys_syntax.test b/mysql-test/suite/encryption/t/filekeys_syntax.test
index e68e18bee1a..61db6ad716e 100644
--- a/mysql-test/suite/encryption/t/filekeys_syntax.test
+++ b/mysql-test/suite/encryption/t/filekeys_syntax.test
@@ -94,3 +94,16 @@ install soname 'file_key_management';
 source filekeys_badtest.inc;
 let SEARCH_PATTERN=Syntax error;
 source filekeys_badtest.inc;
+#
+# no key id 1
+#
+remove_file $MYSQL_TMP_DIR/keys.txt;
+write_file $MYSQL_TMP_DIR/keys.txt;
+3;22222222222222222222222222222222
+EOF
+--replace_result $MYSQL_TMP_DIR MYSQL_TMP_DIR
+--error 2
+install soname 'file_key_management';
+source filekeys_badtest.inc;
+let SEARCH_PATTERN=System key id 1;
+source filekeys_badtest.inc;
diff --git a/plugin/file_key_management/file_key_management_plugin.cc b/plugin/file_key_management/file_key_management_plugin.cc
index 666a5190860..74eeebbc4e3 100644
--- a/plugin/file_key_management/file_key_management_plugin.cc
+++ b/plugin/file_key_management/file_key_management_plugin.cc
@@ -48,9 +48,14 @@ static MYSQL_SYSVAR_STR(filekey, filekey,
   "Key to encrypt / decrypt the keyfile.",
   NULL, NULL, "");
 
+#ifdef HAVE_EncryptAes128Ctr
+#define recommendation  ", aes_ctr is the recommended one"
+#else
+#define recommendation  ""
+#endif
 static MYSQL_SYSVAR_ENUM(encryption_algorithm, encryption_algorithm,
   PLUGIN_VAR_RQCMDARG | PLUGIN_VAR_READONLY,
-  "Encryption algorithm to use, aes_ctr is the recommended one.",
+  "Encryption algorithm to use" recommendation ".",
   NULL, NULL, 0, &encryption_algorithm_typelib);
 
 static struct st_mysql_sys_var* settings[] = {
diff --git a/plugin/file_key_management/parser.cc b/plugin/file_key_management/parser.cc
index 27349f1a0a9..552dd7df970 100644
--- a/plugin/file_key_management/parser.cc
+++ b/plugin/file_key_management/parser.cc
@@ -218,8 +218,14 @@ bool Parser::parse_file(Dynamic_array<keyentry> *keys, const char *secret)
   }
 
   keys->sort(sort_keys);
-
   my_free(buffer);
+
+  if (keys->at(0).id != 1)
+  {
+    report_error("System key id 1 is missing", 0);
+    return 1;
+  }
+
   return 0;
 }