summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--include/my_crypt_key_management.h34
-rw-r--r--include/mysql/plugin_audit.h.pp13
-rw-r--r--include/mysql/plugin_auth.h.pp13
-rw-r--r--include/mysql/plugin_encryption_key_management.h.pp13
-rw-r--r--include/mysql/plugin_ftparser.h.pp13
-rw-r--r--include/mysql/plugin_password_validation.h.pp13
-rw-r--r--include/mysql/service_cryptokeys.h60
-rw-r--r--include/mysql/service_encryption_keys.h60
-rw-r--r--include/mysql/services.h1
-rw-r--r--include/service_versions.h1
-rw-r--r--libservices/CMakeLists.txt1
-rw-r--r--libservices/cryptokeys_service.c17
-rw-r--r--libservices/encryption_keys_service.c17
-rw-r--r--mysys/my_thr_init.c1
-rw-r--r--plugin/file_key_management_plugin/file_key_management_plugin.cc1
-rw-r--r--sql/encryption_keys.cc2
-rw-r--r--sql/encryption_keys.h11
-rw-r--r--sql/sql_plugin_services.h10
-rw-r--r--sql/sys_vars.cc2
-rw-r--r--storage/innobase/fil/fil0crypt.cc1
-rw-r--r--storage/innobase/include/fsp0pageencryption.ic1
-rw-r--r--storage/innobase/include/log0crypt.h1
-rw-r--r--storage/xtradb/fil/fil0crypt.cc1
-rw-r--r--storage/xtradb/include/fsp0pageencryption.ic1
-rw-r--r--storage/xtradb/include/log0crypt.h1
25 files changed, 245 insertions, 44 deletions
diff --git a/include/my_crypt_key_management.h b/include/my_crypt_key_management.h
deleted file mode 100644
index 1d144ced55c..00000000000
--- a/include/my_crypt_key_management.h
+++ /dev/null
@@ -1,34 +0,0 @@
-
-#ifndef INCLUDE_MY_CRYPT_KEY_MANAGMENT_INCLUDED
-#define INCLUDE_MY_CRYPT_KEY_MANAGMENT_INCLUDED
-
-#include "my_global.h"
-#include "my_pthread.h"
-#include "mysql/psi/psi.h"
-
-#ifndef DBUG_OFF
-extern my_bool debug_use_static_encryption_keys;
-
-#ifdef HAVE_PSI_INTERFACE
-extern PSI_rwlock_key key_LOCK_dbug_encryption_key_version;
-#endif
-
-extern mysql_rwlock_t LOCK_dbug_encryption_key_version;
-extern uint opt_debug_encryption_key_version;
-#endif /* DBUG_OFF */
-
-C_MODE_START
-
-/**
- * Functions to interact with key management
- */
-
-uint get_latest_encryption_key_version();
-uint has_encryption_key(uint version);
-uint get_encryption_key_size(uint version);
-int get_encryption_key(uint version, uchar* key, uint size);
-int get_encryption_iv(uint version, uchar* iv, uint size);
-
-C_MODE_END
-
-#endif // INCLUDE_MY_CRYPT_KEY_MANAGMENT_INCLUDED
diff --git a/include/mysql/plugin_audit.h.pp b/include/mysql/plugin_audit.h.pp
index 10c54eedda3..65406219dc8 100644
--- a/include/mysql/plugin_audit.h.pp
+++ b/include/mysql/plugin_audit.h.pp
@@ -197,6 +197,19 @@ int thd_key_create(MYSQL_THD_KEY_T *key);
void thd_key_delete(MYSQL_THD_KEY_T *key);
void* thd_getspecific(void* thd, MYSQL_THD_KEY_T key);
int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value);
+#include <mysql/service_encryption_keys.h>
+extern struct encryption_keys_service_st {
+ unsigned int (*get_latest_encryption_key_version_func)();
+ unsigned int (*has_encryption_key_func)(unsigned int);
+ unsigned int (*get_encryption_key_size_func)(unsigned int);
+ int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int);
+ int (*get_encryption_iv_func)(unsigned int, unsigned char*, unsigned int);
+} *encryption_keys_service;
+unsigned int get_latest_encryption_key_version();
+unsigned int has_encryption_key(unsigned int version);
+unsigned int get_encryption_key_size(unsigned int version);
+int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize);
+int get_encryption_iv(unsigned int version, unsigned char* iv, unsigned int ivbufsize);
struct st_mysql_xid {
long formatID;
long gtrid_length;
diff --git a/include/mysql/plugin_auth.h.pp b/include/mysql/plugin_auth.h.pp
index 062eb4e4ec5..ad694730330 100644
--- a/include/mysql/plugin_auth.h.pp
+++ b/include/mysql/plugin_auth.h.pp
@@ -197,6 +197,19 @@ int thd_key_create(MYSQL_THD_KEY_T *key);
void thd_key_delete(MYSQL_THD_KEY_T *key);
void* thd_getspecific(void* thd, MYSQL_THD_KEY_T key);
int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value);
+#include <mysql/service_encryption_keys.h>
+extern struct encryption_keys_service_st {
+ unsigned int (*get_latest_encryption_key_version_func)();
+ unsigned int (*has_encryption_key_func)(unsigned int);
+ unsigned int (*get_encryption_key_size_func)(unsigned int);
+ int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int);
+ int (*get_encryption_iv_func)(unsigned int, unsigned char*, unsigned int);
+} *encryption_keys_service;
+unsigned int get_latest_encryption_key_version();
+unsigned int has_encryption_key(unsigned int version);
+unsigned int get_encryption_key_size(unsigned int version);
+int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize);
+int get_encryption_iv(unsigned int version, unsigned char* iv, unsigned int ivbufsize);
struct st_mysql_xid {
long formatID;
long gtrid_length;
diff --git a/include/mysql/plugin_encryption_key_management.h.pp b/include/mysql/plugin_encryption_key_management.h.pp
index 07f238d6c0d..c32cba045ec 100644
--- a/include/mysql/plugin_encryption_key_management.h.pp
+++ b/include/mysql/plugin_encryption_key_management.h.pp
@@ -197,6 +197,19 @@ int thd_key_create(MYSQL_THD_KEY_T *key);
void thd_key_delete(MYSQL_THD_KEY_T *key);
void* thd_getspecific(void* thd, MYSQL_THD_KEY_T key);
int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value);
+#include <mysql/service_encryption_keys.h>
+extern struct encryption_keys_service_st {
+ unsigned int (*get_latest_encryption_key_version_func)();
+ unsigned int (*has_encryption_key_func)(unsigned int);
+ unsigned int (*get_encryption_key_size_func)(unsigned int);
+ int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int);
+ int (*get_encryption_iv_func)(unsigned int, unsigned char*, unsigned int);
+} *encryption_keys_service;
+unsigned int get_latest_encryption_key_version();
+unsigned int has_encryption_key(unsigned int version);
+unsigned int get_encryption_key_size(unsigned int version);
+int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize);
+int get_encryption_iv(unsigned int version, unsigned char* iv, unsigned int ivbufsize);
struct st_mysql_xid {
long formatID;
long gtrid_length;
diff --git a/include/mysql/plugin_ftparser.h.pp b/include/mysql/plugin_ftparser.h.pp
index 888a6bf8972..71045c170d6 100644
--- a/include/mysql/plugin_ftparser.h.pp
+++ b/include/mysql/plugin_ftparser.h.pp
@@ -197,6 +197,19 @@ int thd_key_create(MYSQL_THD_KEY_T *key);
void thd_key_delete(MYSQL_THD_KEY_T *key);
void* thd_getspecific(void* thd, MYSQL_THD_KEY_T key);
int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value);
+#include <mysql/service_encryption_keys.h>
+extern struct encryption_keys_service_st {
+ unsigned int (*get_latest_encryption_key_version_func)();
+ unsigned int (*has_encryption_key_func)(unsigned int);
+ unsigned int (*get_encryption_key_size_func)(unsigned int);
+ int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int);
+ int (*get_encryption_iv_func)(unsigned int, unsigned char*, unsigned int);
+} *encryption_keys_service;
+unsigned int get_latest_encryption_key_version();
+unsigned int has_encryption_key(unsigned int version);
+unsigned int get_encryption_key_size(unsigned int version);
+int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize);
+int get_encryption_iv(unsigned int version, unsigned char* iv, unsigned int ivbufsize);
struct st_mysql_xid {
long formatID;
long gtrid_length;
diff --git a/include/mysql/plugin_password_validation.h.pp b/include/mysql/plugin_password_validation.h.pp
index 0a88110685f..ac685de3615 100644
--- a/include/mysql/plugin_password_validation.h.pp
+++ b/include/mysql/plugin_password_validation.h.pp
@@ -197,6 +197,19 @@ int thd_key_create(MYSQL_THD_KEY_T *key);
void thd_key_delete(MYSQL_THD_KEY_T *key);
void* thd_getspecific(void* thd, MYSQL_THD_KEY_T key);
int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value);
+#include <mysql/service_encryption_keys.h>
+extern struct encryption_keys_service_st {
+ unsigned int (*get_latest_encryption_key_version_func)();
+ unsigned int (*has_encryption_key_func)(unsigned int);
+ unsigned int (*get_encryption_key_size_func)(unsigned int);
+ int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int);
+ int (*get_encryption_iv_func)(unsigned int, unsigned char*, unsigned int);
+} *encryption_keys_service;
+unsigned int get_latest_encryption_key_version();
+unsigned int has_encryption_key(unsigned int version);
+unsigned int get_encryption_key_size(unsigned int version);
+int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize);
+int get_encryption_iv(unsigned int version, unsigned char* iv, unsigned int ivbufsize);
struct st_mysql_xid {
long formatID;
long gtrid_length;
diff --git a/include/mysql/service_cryptokeys.h b/include/mysql/service_cryptokeys.h
new file mode 100644
index 00000000000..d5321e2f257
--- /dev/null
+++ b/include/mysql/service_cryptokeys.h
@@ -0,0 +1,60 @@
+#ifndef MYSQL_SERVICE_CRYPTOKEYS_INCLUDED
+/* Copyright (c) 2015, MariaDB
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
+
+/**
+ @file
+ cryptokeys service
+
+ Functions get cryptographical keys and IV from the cryptokey management plugin
+*/
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+extern struct cryptokeys_service_st {
+ unsigned int (*get_latest_crypto_key_version_func)();
+ unsigned int (*has_crypto_key_func)(unsigned int);
+ unsigned int (*get_crypto_key_size_func)(unsigned int);
+ int (*get_crypto_key_func)(unsigned int, unsigned char*, unsigned int);
+ int (*get_crypto_iv_func)(unsigned int, unsigned char*, unsigned int);
+} *cryptokeys_service;
+
+#ifdef MYSQL_DYNAMIC_PLUGIN
+
+#define get_latest_crypto_key_version() cryptokeys_service->get_latest_crypto_key_version_func()
+#define has_crypto_key(V) cryptokeys_service->has_crypto_key_func(V)
+#define get_crypto_key_size(V) cryptokeys_service->get_crypto_key_size_func(V)
+#define get_crypto_key(V,K,S) cryptokeys_service->get_crypto_key_func((V), (K), (S))
+#define get_crypto_iv(V, I, S) cryptokeys_service->get_crypto_iv_func((V), (I), (S))
+
+#else
+
+unsigned int get_latest_crypto_key_version();
+unsigned int has_crypto_key(unsigned int version);
+unsigned int get_crypto_key_size(unsigned int version);
+int get_crypto_key(unsigned int version, unsigned char* key, unsigned int keybufsize);
+int get_crypto_iv(unsigned int version, unsigned char* iv, unsigned int ivbufsize);
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#define MYSQL_SERVICE_CRYPTOKEYS_INCLUDED
+#endif
+
diff --git a/include/mysql/service_encryption_keys.h b/include/mysql/service_encryption_keys.h
new file mode 100644
index 00000000000..69cbcb70592
--- /dev/null
+++ b/include/mysql/service_encryption_keys.h
@@ -0,0 +1,60 @@
+#ifndef MYSQL_SERVICE_ENCRYPTION_KEYS_INCLUDED
+/* Copyright (c) 2015, MariaDB
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
+
+/**
+ @file
+ encryption keys service
+
+ Functions to get encryption keys and IV from the encryption key management plugin
+*/
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+extern struct encryption_keys_service_st {
+ unsigned int (*get_latest_encryption_key_version_func)();
+ unsigned int (*has_encryption_key_func)(unsigned int);
+ unsigned int (*get_encryption_key_size_func)(unsigned int);
+ int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int);
+ int (*get_encryption_iv_func)(unsigned int, unsigned char*, unsigned int);
+} *encryption_keys_service;
+
+#ifdef MYSQL_DYNAMIC_PLUGIN
+
+#define get_latest_encryption_key_version() encryption_keys_service->get_latest_encryption_key_version_func()
+#define has_encryption_key(V) encryption_keys_service->has_encryption_key_func(V)
+#define get_encryption_key_size(V) encryption_keys_service->get_encryption_key_size_func(V)
+#define get_encryption_key(V,K,S) encryption_keys_service->get_encryption_key_func((V), (K), (S))
+#define get_encryption_iv(V, I, S) encryption_keys_service->get_encryption_iv_func((V), (I), (S))
+
+#else
+
+unsigned int get_latest_encryption_key_version();
+unsigned int has_encryption_key(unsigned int version);
+unsigned int get_encryption_key_size(unsigned int version);
+int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize);
+int get_encryption_iv(unsigned int version, unsigned char* iv, unsigned int ivbufsize);
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#define MYSQL_SERVICE_ENCRYPTION_KEYS_INCLUDED
+#endif
+
diff --git a/include/mysql/services.h b/include/mysql/services.h
index 89e2e6f1e51..764e05b4dd1 100644
--- a/include/mysql/services.h
+++ b/include/mysql/services.h
@@ -32,6 +32,7 @@ extern "C" {
#include <mysql/service_thd_autoinc.h>
#include <mysql/service_thd_error_context.h>
#include <mysql/service_thd_specifics.h>
+#include <mysql/service_encryption_keys.h>
/*#include <mysql/service_wsrep.h>*/
#ifdef __cplusplus
diff --git a/include/service_versions.h b/include/service_versions.h
index ecc0d9c8266..3d85be92519 100644
--- a/include/service_versions.h
+++ b/include/service_versions.h
@@ -35,4 +35,5 @@
#define VERSION_thd_autoinc 0x0100
#define VERSION_thd_error_context 0x0100
#define VERSION_thd_specifics 0x0100
+#define VERSION_encryption_keys 0x0100
diff --git a/libservices/CMakeLists.txt b/libservices/CMakeLists.txt
index 2d105348410..74055ee5b11 100644
--- a/libservices/CMakeLists.txt
+++ b/libservices/CMakeLists.txt
@@ -28,6 +28,7 @@ SET(MYSQLSERVICES_SOURCES
my_sha1_service.c
my_md5_service.c
wsrep_service.c
+ encryption_keys_service.c
kill_statement_service.c
logger_service.c)
diff --git a/libservices/cryptokeys_service.c b/libservices/cryptokeys_service.c
new file mode 100644
index 00000000000..1af64aab450
--- /dev/null
+++ b/libservices/cryptokeys_service.c
@@ -0,0 +1,17 @@
+/* Copyright (c) 2015 MariaDB
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
+
+#include <service_versions.h>
+SERVICE_VERSION cryptokeys_service= (void*)VERSION_cryptokeys;
diff --git a/libservices/encryption_keys_service.c b/libservices/encryption_keys_service.c
new file mode 100644
index 00000000000..81fc7def201
--- /dev/null
+++ b/libservices/encryption_keys_service.c
@@ -0,0 +1,17 @@
+/* Copyright (c) 2015 MariaDB
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
+
+#include <service_versions.h>
+SERVICE_VERSION encryption_keys_service= (void*)VERSION_encryption_keys;
diff --git a/mysys/my_thr_init.c b/mysys/my_thr_init.c
index debff7d396c..d9dbacc8524 100644
--- a/mysys/my_thr_init.c
+++ b/mysys/my_thr_init.c
@@ -22,7 +22,6 @@
#include "mysys_priv.h"
#include <m_string.h>
#include <signal.h>
-#include <my_crypt_key_management.h>
pthread_key(struct st_my_thread_var*, THR_KEY_mysys);
mysql_mutex_t THR_LOCK_malloc, THR_LOCK_open,
diff --git a/plugin/file_key_management_plugin/file_key_management_plugin.cc b/plugin/file_key_management_plugin/file_key_management_plugin.cc
index 7dbf8c132da..cb6485f8596 100644
--- a/plugin/file_key_management_plugin/file_key_management_plugin.cc
+++ b/plugin/file_key_management_plugin/file_key_management_plugin.cc
@@ -18,7 +18,6 @@
#include <mysql_version.h>
#include <mysql/plugin_encryption_key_management.h>
#include <my_aes.h>
-#include <my_crypt_key_management.h>
#include "sql_class.h"
#include "KeySingleton.h"
#include "EncKeys.h"
diff --git a/sql/encryption_keys.cc b/sql/encryption_keys.cc
index f924ad1c599..835ecd470cf 100644
--- a/sql/encryption_keys.cc
+++ b/sql/encryption_keys.cc
@@ -1,6 +1,6 @@
#include <my_global.h>
#include <mysql/plugin_encryption_key_management.h>
-#include <my_crypt_key_management.h>
+#include "encryption_keys.h"
#include "log.h"
#include "sql_plugin.h"
diff --git a/sql/encryption_keys.h b/sql/encryption_keys.h
new file mode 100644
index 00000000000..10907c1332a
--- /dev/null
+++ b/sql/encryption_keys.h
@@ -0,0 +1,11 @@
+#ifndef SQL_CRYPTOKEY_INCLUDED
+#define SQL_CRYPTOKEY_INCLUDED
+
+#include "my_global.h"
+
+#ifndef DBUG_OFF
+ extern my_bool debug_use_static_encryption_keys;
+extern uint opt_debug_encryption_key_version;
+#endif /* DBUG_OFF */
+
+#endif // SQL_CRYPTOKEY_INCLUDED
diff --git a/sql/sql_plugin_services.h b/sql/sql_plugin_services.h
index c99691ab579..aeb2d75efc5 100644
--- a/sql/sql_plugin_services.h
+++ b/sql/sql_plugin_services.h
@@ -139,6 +139,15 @@ static struct wsrep_service_st wsrep_handler = {
wsrep_unlock_rollback
};
+static struct encryption_keys_service_st encryption_keys_handler=
+{
+ get_latest_encryption_key_version,
+ has_encryption_key,
+ get_encryption_key_size,
+ get_encryption_key,
+ get_encryption_iv
+};
+
static struct thd_specifics_service_st thd_specifics_handler=
{
thd_key_create,
@@ -161,6 +170,7 @@ static struct st_service_ref list_of_services[]=
{ "logger_service", VERSION_logger, &logger_service_handler },
{ "thd_autoinc_service", VERSION_thd_autoinc, &thd_autoinc_handler },
{ "wsrep_service", VERSION_wsrep, &wsrep_handler },
+ { "encryption_keys_service", VERSION_encryption_keys, &encryption_keys_handler },
{ "thd_specifics_service", VERSION_thd_specifics, &thd_specifics_handler },
{ "thd_error_context_service", VERSION_thd_error_context, &thd_error_conext_handler },
};
diff --git a/sql/sys_vars.cc b/sql/sys_vars.cc
index 198e4073ef8..0dea5a134e9 100644
--- a/sql/sys_vars.cc
+++ b/sql/sys_vars.cc
@@ -62,7 +62,7 @@
#include "sql_repl.h"
#include "opt_range.h"
#include "rpl_parallel.h"
-#include <my_crypt_key_management.h>
+#include "encryption_keys.h"
/*
The rule for this file: everything should be 'static'. When a sys_var
diff --git a/storage/innobase/fil/fil0crypt.cc b/storage/innobase/fil/fil0crypt.cc
index c12bc385720..9d4c66d4343 100644
--- a/storage/innobase/fil/fil0crypt.cc
+++ b/storage/innobase/fil/fil0crypt.cc
@@ -13,7 +13,6 @@
#include "fil0pageencryption.h"
#include <my_crypt.h>
-#include <my_crypt_key_management.h>
#include <my_aes.h>
#include <math.h>
diff --git a/storage/innobase/include/fsp0pageencryption.ic b/storage/innobase/include/fsp0pageencryption.ic
index e2bd76679ee..b5c3f5ab666 100644
--- a/storage/innobase/include/fsp0pageencryption.ic
+++ b/storage/innobase/include/fsp0pageencryption.ic
@@ -25,7 +25,6 @@ Created 08/28/2014
#include "fsp0fsp.h"
#include "fil0pageencryption.h"
-#include <my_crypt_key_management.h>
/********************************************************************//**
diff --git a/storage/innobase/include/log0crypt.h b/storage/innobase/include/log0crypt.h
index 0c0d046c471..9c7c0229ba4 100644
--- a/storage/innobase/include/log0crypt.h
+++ b/storage/innobase/include/log0crypt.h
@@ -12,7 +12,6 @@ Created 11/25/2013 Minli Zhu
#include "ut0lst.h"
#include "ut0rnd.h"
#include "my_aes.h"
-#include <my_crypt_key_management.h>
#define PURPOSE_BYTE_LEN MY_AES_BLOCK_SIZE - 1
#define PURPOSE_BYTE_OFFSET 0
diff --git a/storage/xtradb/fil/fil0crypt.cc b/storage/xtradb/fil/fil0crypt.cc
index be0c120c6c7..1bda5d9aab7 100644
--- a/storage/xtradb/fil/fil0crypt.cc
+++ b/storage/xtradb/fil/fil0crypt.cc
@@ -13,7 +13,6 @@
#include "fil0pageencryption.h"
#include <my_crypt.h>
-#include <my_crypt_key_management.h>
#include <my_aes.h>
#include <math.h>
diff --git a/storage/xtradb/include/fsp0pageencryption.ic b/storage/xtradb/include/fsp0pageencryption.ic
index 311618e905a..d3137001fc5 100644
--- a/storage/xtradb/include/fsp0pageencryption.ic
+++ b/storage/xtradb/include/fsp0pageencryption.ic
@@ -25,7 +25,6 @@ Created 08/28/2014
#include "fsp0fsp.h"
#include "fil0pageencryption.h"
-#include <my_crypt_key_management.h>
/********************************************************************//**
Determine if the tablespace is page encrypted from dict_table_t::flags.
diff --git a/storage/xtradb/include/log0crypt.h b/storage/xtradb/include/log0crypt.h
index 0c0d046c471..9c7c0229ba4 100644
--- a/storage/xtradb/include/log0crypt.h
+++ b/storage/xtradb/include/log0crypt.h
@@ -12,7 +12,6 @@ Created 11/25/2013 Minli Zhu
#include "ut0lst.h"
#include "ut0rnd.h"
#include "my_aes.h"
-#include <my_crypt_key_management.h>
#define PURPOSE_BYTE_LEN MY_AES_BLOCK_SIZE - 1
#define PURPOSE_BYTE_OFFSET 0