diff options
| author | Sergei Golubchik <serg@mariadb.org> | 2015-03-31 19:00:51 +0200 |
|---|---|---|
| committer | Sergei Golubchik <serg@mariadb.org> | 2015-04-08 10:58:50 +0200 |
| commit | ef5b4889c2bc1d463291d4d80091c79183ec1196 (patch) | |
| tree | 41a4b6c7aa57daee2cb617045b87c59c5d520706 /include | |
| parent | c91e3260e2678078c0bb29d8daa90fb52cefaab7 (diff) | |
| download | mariadb-git-ef5b4889c2bc1d463291d4d80091c79183ec1196.tar.gz | |
optimize encryption api
only one encryption key lookup in most cases instead of three
(has_key, get_key_size, get_key).
Diffstat (limited to 'include')
| -rw-r--r-- | include/mysql/plugin_audit.h.pp | 6 | ||||
| -rw-r--r-- | include/mysql/plugin_auth.h.pp | 6 | ||||
| -rw-r--r-- | include/mysql/plugin_encryption_key_management.h | 31 | ||||
| -rw-r--r-- | include/mysql/plugin_encryption_key_management.h.pp | 11 | ||||
| -rw-r--r-- | include/mysql/plugin_ftparser.h.pp | 6 | ||||
| -rw-r--r-- | include/mysql/plugin_password_validation.h.pp | 6 | ||||
| -rw-r--r-- | include/mysql/service_encryption_keys.h | 7 | ||||
| -rw-r--r-- | include/service_versions.h | 2 |
8 files changed, 35 insertions, 40 deletions
diff --git a/include/mysql/plugin_audit.h.pp b/include/mysql/plugin_audit.h.pp index 22bd8d52a30..c4661e2b383 100644 --- a/include/mysql/plugin_audit.h.pp +++ b/include/mysql/plugin_audit.h.pp @@ -201,13 +201,11 @@ int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value); extern struct encryption_keys_service_st { unsigned int (*get_latest_encryption_key_version_func)(); unsigned int (*has_encryption_key_func)(unsigned int); - unsigned int (*get_encryption_key_size_func)(unsigned int); - int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int); + unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*); } *encryption_keys_service; unsigned int get_latest_encryption_key_version(); unsigned int has_encryption_key(unsigned int version); -unsigned int get_encryption_key_size(unsigned int version); -int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize); +unsigned int get_encryption_key(unsigned int version, unsigned char* key, unsigned int *keybufsize); struct st_mysql_xid { long formatID; long gtrid_length; diff --git a/include/mysql/plugin_auth.h.pp b/include/mysql/plugin_auth.h.pp index e14d5359c19..09986993139 100644 --- a/include/mysql/plugin_auth.h.pp +++ b/include/mysql/plugin_auth.h.pp @@ -201,13 +201,11 @@ int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value); extern struct encryption_keys_service_st { unsigned int (*get_latest_encryption_key_version_func)(); unsigned int (*has_encryption_key_func)(unsigned int); - unsigned int (*get_encryption_key_size_func)(unsigned int); - int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int); + unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*); } *encryption_keys_service; unsigned int get_latest_encryption_key_version(); unsigned int has_encryption_key(unsigned int version); -unsigned int get_encryption_key_size(unsigned int version); -int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize); +unsigned int get_encryption_key(unsigned int version, unsigned char* key, unsigned int *keybufsize); struct st_mysql_xid { long formatID; long gtrid_length; diff --git a/include/mysql/plugin_encryption_key_management.h b/include/mysql/plugin_encryption_key_management.h index b989fa14db1..a7fc379962b 100644 --- a/include/mysql/plugin_encryption_key_management.h +++ b/include/mysql/plugin_encryption_key_management.h @@ -27,9 +27,10 @@ #include <mysql/plugin.h> -#define MariaDB_ENCRYPTION_KEY_MANAGEMENT_INTERFACE_VERSION 0x0100 +#define MariaDB_ENCRYPTION_KEY_MANAGEMENT_INTERFACE_VERSION 0x0200 -#define BAD_ENCRYPTION_KEY_VERSION (UINT_MAX32) +#define BAD_ENCRYPTION_KEY_VERSION (~(unsigned int)0) +#define KEY_BUFFER_TOO_SMALL (100) /** Encryption key management plugin descriptor @@ -45,20 +46,28 @@ struct st_mariadb_encryption_key_management */ unsigned int (*get_latest_key_version)(); - /** function returning if a key of the given version exists */ - unsigned int (*has_key_version)(unsigned int version); - - /** function returning the key size in bytes */ - unsigned int (*get_key_size)(unsigned int version); - /** function returning a key for a key version - the key is put in 'key' buffer, that has size of 'keybufsize' bytes. + @param version the requested key version + @param key the key will be stored there. Can be NULL - + in which case no key will be returned + @param key_length in: key buffer size + out: the actual length of the key + + This method can be used to query the key length - the required + buffer size - by passing key==NULL. + + If the buffer size is less than the key length the content of the + key buffer is undefined (the plugin is free to partially fill it with + the key data or leave it untouched). - @return 0 on success, non-zero on failure + @return 0 on success, or + BAD_ENCRYPTION_KEY_VERSION, KEY_BUFFER_TOO_SMALL, + or any other non-zero number for errors */ - int (*get_key)(unsigned int version, unsigned char* key, unsigned int keybufsize); + unsigned int (*get_key)(unsigned int version, unsigned char *key, + unsigned int *key_length); }; #endif diff --git a/include/mysql/plugin_encryption_key_management.h.pp b/include/mysql/plugin_encryption_key_management.h.pp index 9012fe9252b..fb39b807d1c 100644 --- a/include/mysql/plugin_encryption_key_management.h.pp +++ b/include/mysql/plugin_encryption_key_management.h.pp @@ -201,13 +201,11 @@ int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value); extern struct encryption_keys_service_st { unsigned int (*get_latest_encryption_key_version_func)(); unsigned int (*has_encryption_key_func)(unsigned int); - unsigned int (*get_encryption_key_size_func)(unsigned int); - int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int); + unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*); } *encryption_keys_service; unsigned int get_latest_encryption_key_version(); unsigned int has_encryption_key(unsigned int version); -unsigned int get_encryption_key_size(unsigned int version); -int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize); +unsigned int get_encryption_key(unsigned int version, unsigned char* key, unsigned int *keybufsize); struct st_mysql_xid { long formatID; long gtrid_length; @@ -368,7 +366,6 @@ struct st_mariadb_encryption_key_management { int interface_version; unsigned int (*get_latest_key_version)(); - unsigned int (*has_key_version)(unsigned int version); - unsigned int (*get_key_size)(unsigned int version); - int (*get_key)(unsigned int version, unsigned char* key, unsigned int keybufsize); + unsigned int (*get_key)(unsigned int version, unsigned char *key, + unsigned int *key_length); }; diff --git a/include/mysql/plugin_ftparser.h.pp b/include/mysql/plugin_ftparser.h.pp index bd9ec23c811..e9315f4fe83 100644 --- a/include/mysql/plugin_ftparser.h.pp +++ b/include/mysql/plugin_ftparser.h.pp @@ -201,13 +201,11 @@ int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value); extern struct encryption_keys_service_st { unsigned int (*get_latest_encryption_key_version_func)(); unsigned int (*has_encryption_key_func)(unsigned int); - unsigned int (*get_encryption_key_size_func)(unsigned int); - int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int); + unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*); } *encryption_keys_service; unsigned int get_latest_encryption_key_version(); unsigned int has_encryption_key(unsigned int version); -unsigned int get_encryption_key_size(unsigned int version); -int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize); +unsigned int get_encryption_key(unsigned int version, unsigned char* key, unsigned int *keybufsize); struct st_mysql_xid { long formatID; long gtrid_length; diff --git a/include/mysql/plugin_password_validation.h.pp b/include/mysql/plugin_password_validation.h.pp index b417dbb5e6d..a82d5fd9150 100644 --- a/include/mysql/plugin_password_validation.h.pp +++ b/include/mysql/plugin_password_validation.h.pp @@ -201,13 +201,11 @@ int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value); extern struct encryption_keys_service_st { unsigned int (*get_latest_encryption_key_version_func)(); unsigned int (*has_encryption_key_func)(unsigned int); - unsigned int (*get_encryption_key_size_func)(unsigned int); - int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int); + unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*); } *encryption_keys_service; unsigned int get_latest_encryption_key_version(); unsigned int has_encryption_key(unsigned int version); -unsigned int get_encryption_key_size(unsigned int version); -int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize); +unsigned int get_encryption_key(unsigned int version, unsigned char* key, unsigned int *keybufsize); struct st_mysql_xid { long formatID; long gtrid_length; diff --git a/include/mysql/service_encryption_keys.h b/include/mysql/service_encryption_keys.h index 063f3444f5f..69304899405 100644 --- a/include/mysql/service_encryption_keys.h +++ b/include/mysql/service_encryption_keys.h @@ -28,23 +28,20 @@ extern "C" { extern struct encryption_keys_service_st { unsigned int (*get_latest_encryption_key_version_func)(); unsigned int (*has_encryption_key_func)(unsigned int); - unsigned int (*get_encryption_key_size_func)(unsigned int); - int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int); + unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*); } *encryption_keys_service; #ifdef MYSQL_DYNAMIC_PLUGIN #define get_latest_encryption_key_version() encryption_keys_service->get_latest_encryption_key_version_func() #define has_encryption_key(V) encryption_keys_service->has_encryption_key_func(V) -#define get_encryption_key_size(V) encryption_keys_service->get_encryption_key_size_func(V) #define get_encryption_key(V,K,S) encryption_keys_service->get_encryption_key_func((V), (K), (S)) #else unsigned int get_latest_encryption_key_version(); unsigned int has_encryption_key(unsigned int version); -unsigned int get_encryption_key_size(unsigned int version); -int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize); +unsigned int get_encryption_key(unsigned int version, unsigned char* key, unsigned int *keybufsize); #endif diff --git a/include/service_versions.h b/include/service_versions.h index 3d85be92519..d25d9507dff 100644 --- a/include/service_versions.h +++ b/include/service_versions.h @@ -35,5 +35,5 @@ #define VERSION_thd_autoinc 0x0100 #define VERSION_thd_error_context 0x0100 #define VERSION_thd_specifics 0x0100 -#define VERSION_encryption_keys 0x0100 +#define VERSION_encryption_keys 0x0200 |