summaryrefslogtreecommitdiff
path: root/mysys_ssl
Commit message (Collapse)AuthorAgeFilesLines
* MDEV-8281 aes_decrypt crashes in block_crypt()Sergei Golubchik2015-06-271-1/+1
| | | | fix aes_decrypt of yassl to support zero-length input
* my_aes_encrypt_gcm() and my_aes_decrypt_gcm()Sergei Golubchik2015-06-021-1/+85
|
* my_aes_get_size()Sergei Golubchik2015-06-021-8/+10
| | | | | return unsigned, not signed. return a value large enough for GCM
* Merge tag 'mariadb-10.0.19' into 10.1Sergei Golubchik2015-06-012-21/+29
|\
| * MDEV-7788 my_md5 crashes with openssl in fips modeSergei Golubchik2015-05-031-6/+12
| | | | | | | | | | | | | | Tell OpenSSL to use MD5 even if FIPS prohibits it. This is fine as long as we do not use MD5 for cryptographical purposes (md5 is used internally for P_S message digests and for view checksums)
| * MDEV-7697 Client reports ERROR 2006 (MySQL server has gone away) or ERROR ↵Sergei Golubchik2015-05-031-6/+13
| | | | | | | | | | | | | | 2013 (Lost connection to MySQL server during query) while executing AES* functions under SSL Clear OpenSSL error queue after an error in AES_ENCRYPT/AES_DECRYPT. Otherwise it might affect current ssl-encrypted connection.
* | MDEV-8162 func_str crashes on SELECT AES_DECRYPT(AES_ENCRYPT(...)) on line 107Sergei Golubchik2015-05-151-23/+24
| | | | | | | | encrypting 0 byte string *is* possible
* | MDEV-8022 Assertion `rc == 0' failed in ma_encrypt on dropping an encrypted ↵Sergei Golubchik2015-05-131-51/+61
| | | | | | | | | | | | | | | | | | | | | | Aria table fix encryption of the last partial block * now really encrypt it, using key and iv * support the case of very short plaintext (less than one block) * recommend aes_ctr over aes_cbc, because the former doesn't have problems with partial blocks
* | move AES_CTR to its own greatly simplified functionSergei Golubchik2015-05-131-32/+41
| | | | | | | | | | * don't use do_crypt() for stream cipher AES_CTR * rename do_crypt to block_crypt to emphasize its specialization
* | remove now-empty my_aes.{h,cc}Sergei Golubchik2015-04-093-52/+28
| | | | | | | | move remaning defines to my_crypt, add MY_ namespace prefix
* | encryption plugin controls the encryptionSergei Golubchik2015-04-092-193/+39
| | | | | | | | | | | | | | | | | | * no --encryption-algorithm option anymore * encrypt/decrypt methods in the encryption plugin * ecnrypt/decrypt methods in the encryption_km service * file_km plugin has --file-key-management-encryption-algorithm * debug_km always uses aes_cbc * example_km changes between aes_cbc and aes_ecb for different key versions
* | remove old my_aes_encrypt/decryptSergei Golubchik2015-04-081-229/+0
| | | | | | | | and simplify Item_func_aes_encrypt/decrypt
* | yassl paddingSergei Golubchik2015-04-081-11/+33
| |
* | my_aes* functions: support for different key lengthsSergei Golubchik2015-04-081-14/+38
| | | | | | | | to: different key lengths
* | yassl supportSergei Golubchik2015-04-051-30/+63
| |
* | unify my_{en|de}crypt_{cbc|ecb|ctr}. no yassl support yet.Sergei Golubchik2015-04-052-559/+96
| |
* | simplify my_crypt.cc, remove duplicate codeSergei Golubchik2015-04-051-278/+30
| |
* | encryption cleanup: small changesSergei Golubchik2015-04-051-95/+0
| | | | | | | | | | | | | | | | | | | | * comments * move my_bytes_to_key() and my_aes_hex2uint() into file_key_management_plugin * rename HA_INSERT_ORDER -> HA_PRESERVE_INSERT_ORDER * remove unused variables and declarations * fix casts * don't link innodb with pcre * remove redundant entries from aria's TARGET_LINK_LIBRARIES
* | MDEV-7772: SIGSEGV on my_aes_encrypt_cbc when -DWITH_SSL=bundledJan Lindström2015-03-171-16/+20
| | | | | | | | | | | | | | | | | | | | Two problems: - Read/Write outside of buffer at memcpy() because of incorrect parameters . OPENSSL_assert(EVP_CIPHER_CTX_iv_length(&ctx.ctx) == iv_length); // ECB does not use IV, thus incorrect assertion Added: mysql-test/include/encryption_algorithms.combinations to run tests with methods cbc, ecb and ctr in those systems where they are available (see suite.pm).
* | yassl builds: don't hide mysys_ssl symbols that cannot possibly collide with ↵Sergei Golubchik2015-02-151-1/+0
| | | | | | | | openssl
* | cmake-time detection for EVP_aes_128_ctr()Sergei Golubchik2015-02-101-1/+2
| | | | | | | | because old openssl versions (e.g. on labrador) don't have it
* | encryption key management plugin apiSergei Golubchik2015-02-103-146/+0
| |
* | Push for testing of encryptionMonty2015-02-105-13/+1296
| |
* | MDEV-7397: SIGSEGV on inserting into a key-less tableNirbhay Choubey2014-12-311-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | When wsrep is enabled, an md5 hash of the entire row is calculated for tables with no PK. It, however segfaulted as the md5 context object was not properly constructed. Fixed by ensuring that the YaSSL's context object gets constructed explicitly at the specified pre-allocated location (placement) before its used. Added a test case.
* | MD5 serviceSergei Golubchik2014-10-011-22/+102
| |
* | extend SHA1 service. cleanup of sha1 wrappersSergei Golubchik2014-10-011-61/+58
|/
* Do the partial merge of WL#5602 correctly:Sergei Golubchik2013-12-092-456/+0
| | | | | | Remove unused code (that should not have been merged) Add protocol extension (that should have been merged) Fix bugs (see pack.c)
* SHA1 serviceSergei Golubchik2013-07-131-10/+20
| | | | (because mysql_ssl library is built with -fvisibility=hidden)
* Applied all changes from Igor and SanjaMichael Widenius2013-06-152-40/+0
|
* Temporary commit of 10.0-mergeMichael Widenius2013-03-269-0/+1200
View Lorry Controller Status