| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
| |
Added service for
- encryption (AES)
- error reporting, e.g my_printf_error()
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of encrypt(src, dst, key, iv) that encrypts all
data in one go, now we have encrypt_init(key,iv),
encrypt_update(src,dst), and encrypt_finish(dst).
This also causes collateral changes in the internal my_crypt.cc
encryption functions and in the encryption service.
There are wrappers to provide the old all-at-once encryption
functionality. But binlog events are often written piecewise,
they'll need the new api.
|
| | |
|
| |
|
|
|
| |
return unsigned, not signed.
return a value large enough for GCM
|
| |
|
|
|
|
|
|
| |
* Extract it into the "encryption_scheme" service.
* Make these engines to use the service, remove duplicate code.
* Change MY_AES_xxx error codes, to return them safely
from encryption_scheme_encrypt/decrypt without conflicting
with ENCRYPTION_SCHEME_KEY_INVALID error
|
| |
|
|
|
| |
* don't use do_crypt() for stream cipher AES_CTR
* rename do_crypt to block_crypt to emphasize its specialization
|
| |
|
|
| |
move remaning defines to my_crypt, add MY_ namespace prefix
|
| |
|
|
|
|
|
|
|
| |
* no --encryption-algorithm option anymore
* encrypt/decrypt methods in the encryption plugin
* ecnrypt/decrypt methods in the encryption_km service
* file_km plugin has --file-key-management-encryption-algorithm
* debug_km always uses aes_cbc
* example_km changes between aes_cbc and aes_ecb for different key versions
|
| | |
|
| | |
|
| |
|
|
| |
because old openssl versions (e.g. on labrador) don't have it
|
| |
|
