blob: e5ba46d10d299602f8500b8e63384e33f5286712 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
|
SET GLOBAL innodb_file_per_table = ON;
create table t1 (a varchar(255)) engine=innodb encrypted=yes;
create table t2 (a varchar(255)) engine=innodb;
show warnings;
Level Code Message
create table t3 (a varchar(255)) engine=innodb encrypted=no;
insert t1 values (repeat('foobarsecret', 12));
insert t2 values (repeat('tempsecret', 12));
insert t3 values (repeat('dummysecret', 12));
# Wait max 10 min for key encryption threads to encrypt all spaces
SELECT NAME FROM INFORMATION_SCHEMA.INNODB_TABLESPACES_ENCRYPTION WHERE MIN_KEY_VERSION = 0;
NAME
test/t3
SELECT NAME FROM INFORMATION_SCHEMA.INNODB_TABLESPACES_ENCRYPTION WHERE MIN_KEY_VERSION <> 0;
NAME
innodb_system
mysql/innodb_index_stats
mysql/innodb_table_stats
mysql/transaction_registry
test/t1
test/t2
# t1 yes on expecting NOT FOUND
NOT FOUND /foobarsecret/ in t1.ibd
# t2 ... on expecting NOT FOUND
NOT FOUND /tempsecret/ in t2.ibd
# t3 no on expecting FOUND
FOUND 12 /dummysecret/ in t3.ibd
# ibdata1 expecting NOT FOUND
NOT FOUND /foobarsecret/ in ibdata1
# Now turn off encryption and wait for threads to decrypt everything
SET GLOBAL innodb_encrypt_tables = off;
# Wait max 10 min for key encryption threads to decrypt all spaces
SELECT NAME FROM INFORMATION_SCHEMA.INNODB_TABLESPACES_ENCRYPTION WHERE MIN_KEY_VERSION = 0;
NAME
innodb_system
mysql/innodb_index_stats
mysql/innodb_table_stats
mysql/transaction_registry
test/t2
test/t3
SELECT NAME FROM INFORMATION_SCHEMA.INNODB_TABLESPACES_ENCRYPTION WHERE MIN_KEY_VERSION <> 0;
NAME
test/t1
# t1 yes on expecting NOT FOUND
NOT FOUND /foobarsecret/ in t1.ibd
# t2 ... default expecting FOUND
FOUND 12 /tempsecret/ in t2.ibd
# t3 no on expecting FOUND
FOUND 12 /dummysecret/ in t3.ibd
# ibdata1 expecting NOT FOUND
NOT FOUND /foobarsecret/ in ibdata1
# Now turn on encryption and wait for threads to encrypt all spaces
SET GLOBAL innodb_encrypt_tables = on;
# Wait max 10 min for key encryption threads to encrypt all spaces
SELECT NAME FROM INFORMATION_SCHEMA.INNODB_TABLESPACES_ENCRYPTION WHERE MIN_KEY_VERSION = 0;
NAME
test/t3
SELECT NAME FROM INFORMATION_SCHEMA.INNODB_TABLESPACES_ENCRYPTION WHERE MIN_KEY_VERSION <> 0;
NAME
innodb_system
mysql/innodb_index_stats
mysql/innodb_table_stats
mysql/transaction_registry
test/t1
test/t2
# t1 yes on expecting NOT FOUND
NOT FOUND /foobarsecret/ in t1.ibd
# t2 ... on expecting NOT FOUND
NOT FOUND /tempsecret/ in t2.ibd
# t3 no on expecting FOUND
FOUND 12 /dummysecret/ in t3.ibd
# ibdata1 expecting NOT FOUND
NOT FOUND /foobarsecret/ in ibdata1
drop table t1, t2, t3;
|