1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
|
/* Copyright (C) 2015 MariaDB
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 of the License.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
#include <my_global.h>
#include <mysql/plugin_encryption.h>
#include "log.h"
#include "sql_plugin.h"
#include <my_crypt.h>
/* there can be only one encryption plugin enabled */
static plugin_ref encryption_manager= 0;
struct encryption_service_st encryption_handler;
unsigned int has_key_id(uint id)
{
return encryption_key_get_latest_version(id) != ENCRYPTION_KEY_VERSION_INVALID;
}
unsigned int has_key_version(uint id, uint version)
{
uint unused;
return encryption_key_get(id, version, NULL, &unused) != ENCRYPTION_KEY_VERSION_INVALID;
}
uint no_key(uint)
{
return ENCRYPTION_KEY_VERSION_INVALID;
}
static int no_crypt(const uchar* source, uint source_length,
uchar* dest, uint* dest_length,
const uchar* key, uint key_length,
const uchar* iv, uint iv_length,
int no_padding, uint key_id, uint key_version)
{
return 1;
}
int initialize_encryption_plugin(st_plugin_int *plugin)
{
if (encryption_manager)
return 1;
if (plugin->plugin->init && plugin->plugin->init(plugin))
{
sql_print_error("Plugin '%s' init function returned error.",
plugin->name.str);
return 1;
}
encryption_manager= plugin_lock(NULL, plugin_int_to_ref(plugin));
st_mariadb_encryption *handle=
(struct st_mariadb_encryption*) plugin->plugin->info;
encryption_handler.encryption_encrypt_func=
handle->encrypt ? handle->encrypt
: (encrypt_decrypt_func)my_aes_encrypt_cbc;
encryption_handler.encryption_decrypt_func=
handle->decrypt ? handle->decrypt
: (encrypt_decrypt_func)my_aes_decrypt_cbc;
encryption_handler.encryption_key_get_func=
handle->get_key;
encryption_handler.encryption_key_get_latest_version_func=
handle->get_latest_key_version; // must be the last
return 0;
}
int finalize_encryption_plugin(st_plugin_int *plugin)
{
encryption_handler.encryption_encrypt_func= no_crypt;
encryption_handler.encryption_decrypt_func= no_crypt;
encryption_handler.encryption_key_id_exists_func= has_key_id;
encryption_handler.encryption_key_version_exists_func= has_key_version;
encryption_handler.encryption_key_get_func=
(uint (*)(uint, uint, uchar*, uint*))no_key;
encryption_handler.encryption_key_get_latest_version_func= no_key;
if (plugin && plugin->plugin->deinit && plugin->plugin->deinit(NULL))
{
DBUG_PRINT("warning", ("Plugin '%s' deinit function returned error.",
plugin->name.str));
}
if (encryption_manager)
plugin_unlock(NULL, encryption_manager);
encryption_manager= 0;
return 0;
}
|
