Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
M
MariaDB
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
nexedi
MariaDB
Commits
51d67633
Commit
51d67633
authored
May 27, 2015
by
Sergei Golubchik
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
AES-GCM support in file_key_management plugin
parent
0f009272
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
32 additions
and
1 deletion
+32
-1
mysql-test/suite/encryption/t/tempfiles.test
mysql-test/suite/encryption/t/tempfiles.test
+1
-1
plugin/file_key_management/file_key_management_plugin.cc
plugin/file_key_management/file_key_management_plugin.cc
+31
-0
No files found.
mysql-test/suite/encryption/t/tempfiles.test
View file @
51d67633
#
#
# Various test cases for IO_CACHE tempfiles (file==-1) encryption
# Various test cases for IO_CACHE tempfiles (file==-1) encryption
#
#
source
include
/
have_
examp
le_key_management_plugin
.
inc
;
source
include
/
have_
fi
le_key_management_plugin
.
inc
;
source
include
/
have_sequence
.
inc
;
source
include
/
have_sequence
.
inc
;
# Row binlog format to fill binlog cache faster
# Row binlog format to fill binlog cache faster
...
...
plugin/file_key_management/file_key_management_plugin.cc
View file @
51d67633
...
@@ -120,6 +120,32 @@ struct st_mariadb_encryption file_key_management_plugin= {
...
@@ -120,6 +120,32 @@ struct st_mariadb_encryption file_key_management_plugin= {
0
,
0
0
,
0
};
};
#ifdef HAVE_EncryptAes128Gcm
/*
use AES-CTR when cyphertext length must be the same as plaintext length,
and AES-GCM when cyphertext can be longer than plaintext.
*/
static
int
ctr_gcm_encrypt
(
const
unsigned
char
*
src
,
unsigned
int
slen
,
unsigned
char
*
dst
,
unsigned
int
*
dlen
,
const
unsigned
char
*
key
,
unsigned
int
klen
,
const
unsigned
char
*
iv
,
unsigned
int
ivlen
,
int
no_padding
,
unsigned
int
keyid
,
unsigned
int
key_version
)
{
return
(
no_padding
?
my_aes_encrypt_ctr
:
my_aes_encrypt_gcm
)
(
src
,
slen
,
dst
,
dlen
,
key
,
klen
,
iv
,
ivlen
);
}
static
int
ctr_gcm_decrypt
(
const
unsigned
char
*
src
,
unsigned
int
slen
,
unsigned
char
*
dst
,
unsigned
int
*
dlen
,
const
unsigned
char
*
key
,
unsigned
int
klen
,
const
unsigned
char
*
iv
,
unsigned
int
ivlen
,
int
no_padding
,
unsigned
int
keyid
,
unsigned
int
key_version
)
{
return
(
no_padding
?
my_aes_decrypt_ctr
:
my_aes_decrypt_gcm
)
(
src
,
slen
,
dst
,
dlen
,
key
,
klen
,
iv
,
ivlen
);
}
#endif
static
int
file_key_management_plugin_init
(
void
*
p
)
static
int
file_key_management_plugin_init
(
void
*
p
)
{
{
Parser
parser
(
filename
,
filekey
);
Parser
parser
(
filename
,
filekey
);
...
@@ -132,10 +158,15 @@ static int file_key_management_plugin_init(void *p)
...
@@ -132,10 +158,15 @@ static int file_key_management_plugin_init(void *p)
break
;
break
;
#ifdef HAVE_EncryptAes128Ctr
#ifdef HAVE_EncryptAes128Ctr
case
1
:
// AES_CTR
case
1
:
// AES_CTR
#ifdef HAVE_EncryptAes128Gcm
file_key_management_plugin
.
encrypt
=
ctr_gcm_encrypt
;
file_key_management_plugin
.
decrypt
=
ctr_gcm_decrypt
;
#else
file_key_management_plugin
.
encrypt
=
file_key_management_plugin
.
encrypt
=
(
encrypt_decrypt_func
)
my_aes_encrypt_ctr
;
(
encrypt_decrypt_func
)
my_aes_encrypt_ctr
;
file_key_management_plugin
.
decrypt
=
file_key_management_plugin
.
decrypt
=
(
encrypt_decrypt_func
)
my_aes_decrypt_ctr
;
(
encrypt_decrypt_func
)
my_aes_decrypt_ctr
;
#endif
break
;
break
;
#endif
#endif
default:
default:
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment