1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
|
/*****************************************************************************
Copyright (c) 2015, 2016, MariaDB Corporation.
This program is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free Software
Foundation; version 2 of the License.
This program is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with
this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Suite 500, Boston, MA 02110-1335 USA
*****************************************************************************/
/**************************************************//**
@file include/fil0crypt.ic
The low-level file system encryption support functions
Created 04/01/2015 Jan Lindström
*******************************************************/
/*******************************************************************//**
Find out whether the page is page encrypted
@return true if page is page encrypted, false if not */
UNIV_INLINE
bool
fil_page_is_encrypted(
/*==================*/
const byte *buf) /*!< in: page */
{
return(mach_read_from_4(buf+FIL_PAGE_FILE_FLUSH_LSN_OR_KEY_VERSION) != 0);
}
/*******************************************************************//**
Find out whether the page can be decrypted.
The function for decrypting the page should already be executed before this.
@return 1 if key provider not available or key is not available
0 if decryption should be possible
*/
UNIV_INLINE
bool
fil_page_encryption_status(
/*===================*/
const byte *buf, /*!< in: page */
ulint space_id) /*!< in: space_id */
{
fil_space_crypt_t *crypt_data = fil_space_get_crypt_data(space_id);
ulint page_type = mach_read_from_2(buf+FIL_PAGE_TYPE);
if (page_type == FIL_PAGE_TYPE_FSP_HDR) {
if (crypt_data != NULL) {
if (!encryption_key_id_exists(crypt_data->key_id)) {
/* accessing table would surely fail, because no key or no key provider available */
return 1;
}
}
} else {
ulint key = mach_read_from_4(buf + FIL_PAGE_FILE_FLUSH_LSN_OR_KEY_VERSION);
if (!encryption_key_version_exists(crypt_data->key_id, key)) {
return 1;
}
}
return 0;
}
/*******************************************************************//**
Get current encryption mode from crypt_data.
@return string representation */
UNIV_INLINE
const char *
fil_crypt_get_mode(
/*===============*/
const fil_space_crypt_t* crypt_data)
{
ut_ad(crypt_data != NULL);
switch(crypt_data->encryption) {
case FIL_SPACE_ENCRYPTION_DEFAULT:
return("Default tablespace encryption mode");
break;
case FIL_SPACE_ENCRYPTION_ON:
return("Tablespace encrypted");
break;
case FIL_SPACE_ENCRYPTION_OFF:
return("Tablespace not encrypted");
break;
default:
ut_error;
}
return ("NULL");
}
/*******************************************************************//**
Get current encryption type from crypt_data.
@return string representation */
UNIV_INLINE
const char *
fil_crypt_get_type(
const fil_space_crypt_t* crypt_data)
{
ut_ad(crypt_data != NULL);
switch (crypt_data->type) {
case CRYPT_SCHEME_UNENCRYPTED:
return("scheme unencrypted");
break;
case CRYPT_SCHEME_1:
return("scheme encrypted");
break;
default:
ut_error;
}
return ("NULL");
}
|
