1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
|
/* Copyright (C) 2015 MariaDB
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 of the License.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
#include <my_global.h>
#include <mysql/plugin_encryption.h>
#include "log.h"
#include "sql_plugin.h"
#include <my_crypt.h>
/* there can be only one encryption plugin enabled */
static plugin_ref encryption_key_manager= 0;
static struct st_mariadb_encryption *handle;
unsigned int get_latest_encryption_key_version()
{
if (encryption_key_manager)
return handle->get_latest_key_version();
return BAD_ENCRYPTION_KEY_VERSION;
}
unsigned int has_encryption_key(uint version)
{
if (encryption_key_manager)
{
uint unused;
return handle->get_key(version, NULL, &unused) != BAD_ENCRYPTION_KEY_VERSION;
}
return 0;
}
uint get_encryption_key(uint version, uchar* key, uint *size)
{
if (encryption_key_manager)
return handle->get_key(version, key, size);
return BAD_ENCRYPTION_KEY_VERSION;
}
int encrypt_data(const uchar* source, uint source_length,
uchar* dest, uint* dest_length,
const uchar* key, uint key_length,
const uchar* iv, uint iv_length,
int no_padding, uint key_version)
{
if (encryption_key_manager)
return handle->encrypt(source, source_length,
dest, dest_length, key, key_length,
iv, iv_length, no_padding, key_version);
return 1;
}
int decrypt_data(const uchar* source, uint source_length,
uchar* dest, uint* dest_length,
const uchar* key, uint key_length,
const uchar* iv, uint iv_length,
int no_padding, uint key_version)
{
if (encryption_key_manager)
return handle->decrypt(source, source_length,
dest, dest_length, key, key_length,
iv, iv_length, no_padding, key_version);
return 1;
}
int initialize_encryption_plugin(st_plugin_int *plugin)
{
if (encryption_key_manager)
return 1;
if (plugin->plugin->init && plugin->plugin->init(plugin))
{
sql_print_error("Plugin '%s' init function returned error.",
plugin->name.str);
return 1;
}
encryption_key_manager= plugin_lock(NULL, plugin_int_to_ref(plugin));
handle= (struct st_mariadb_encryption*)
plugin->plugin->info;
/* default encryption algorithm */
if (!handle->encrypt)
handle->encrypt= (encrypt_decrypt_func)my_aes_encrypt_cbc;
if (!handle->decrypt)
handle->decrypt= (encrypt_decrypt_func)my_aes_decrypt_cbc;
return 0;
}
int finalize_encryption_plugin(st_plugin_int *plugin)
{
if (plugin->plugin->deinit && plugin->plugin->deinit(NULL))
{
DBUG_PRINT("warning", ("Plugin '%s' deinit function returned error.",
plugin->name.str));
}
if (encryption_key_manager)
plugin_unlock(NULL, encryption_key_manager);
encryption_key_manager= 0;
return 0;
}
|
