diff options
Diffstat (limited to 'plugin/example_key_management')
-rw-r--r-- | plugin/example_key_management/example_key_management_plugin.cc | 37 |
1 files changed, 30 insertions, 7 deletions
diff --git a/plugin/example_key_management/example_key_management_plugin.cc b/plugin/example_key_management/example_key_management_plugin.cc index 2b417866406..2b43729e3f7 100644 --- a/plugin/example_key_management/example_key_management_plugin.cc +++ b/plugin/example_key_management/example_key_management_plugin.cc @@ -28,18 +28,24 @@ #include <my_global.h> #include <my_pthread.h> #include <mysql/plugin_encryption.h> -#include <my_rnd.h> #include <my_crypt.h> /* rotate key randomly between 45 and 90 seconds */ #define KEY_ROTATION_MIN 45 #define KEY_ROTATION_MAX 90 -static struct my_rnd_struct seed; static time_t key_version = 0; static time_t next_key_version = 0; static pthread_mutex_t mutex; + +/* Random double value in 0..1 range */ +static double double_rnd() +{ + return ((double)rand()) / RAND_MAX; +} + + static unsigned int get_latest_key_version(unsigned int key_id) { @@ -50,7 +56,7 @@ get_latest_key_version(unsigned int key_id) key_version = now; unsigned int interval = KEY_ROTATION_MAX - KEY_ROTATION_MIN; next_key_version = (time_t) (now + KEY_ROTATION_MIN + - my_rnd(&seed) * interval); + double_rnd() * interval); } pthread_mutex_unlock(&mutex); @@ -101,7 +107,6 @@ static unsigned int get_length(unsigned int slen, unsigned int key_id, static int example_key_management_plugin_init(void *p) { /* init */ - my_rnd_init(&seed, time(0), 0); pthread_mutex_init(&mutex, NULL); get_latest_key_version(1); @@ -114,14 +119,32 @@ static int example_key_management_plugin_deinit(void *p) return 0; } + +static int ctx_update(void *ctx, const unsigned char *src, unsigned int slen, + unsigned char *dst, unsigned int *dlen) +{ + return my_aes_crypt_update(ctx, src, slen, dst, dlen); +} + + +int ctx_finish(void *ctx, unsigned char *dst, unsigned int *dlen) +{ + return my_aes_crypt_finish(ctx, dst, dlen); +} + +static uint ctx_size(unsigned int , unsigned int key_version) +{ + return my_aes_ctx_size(mode(key_version)); +} + struct st_mariadb_encryption example_key_management_plugin= { MariaDB_ENCRYPTION_INTERFACE_VERSION, get_latest_key_version, get_key, - (uint (*)(unsigned int, unsigned int))my_aes_ctx_size, + ctx_size, ctx_init, - my_aes_crypt_update, - my_aes_crypt_finish, + ctx_update, + ctx_finish, get_length }; |