Identical key derivation code in XtraDB/InnoDB/Aria

* Extract it into the "encryption_scheme" service. * Make these engines to use the service, remove duplicate code. * Change MY_AES_xxx error codes, to return them safely from encryption_scheme_encrypt/decrypt without conflicting with ENCRYPTION_SCHEME_KEY_INVALID error
2025-07-29 05:21:33 +03:00 · 2015-05-13 21:57:24 +02:00
parent 632f2307f7
commit 2300fe2e0e
26 changed files with 612 additions and 466 deletions
--- a/include/mysql/plugin_encryption.h.pp
+++ b/include/mysql/plugin_encryption.h.pp
@ -213,6 +213,43 @@ struct encryption_service_st {
  encrypt_decrypt_func encryption_decrypt_func;
 };
 extern struct encryption_service_st encryption_handler;
+#include <mysql/service_encryption_scheme.h>
+struct st_encryption_scheme_key {
+  unsigned int version;
+  unsigned char key[16];
+};
+struct st_encryption_scheme {
+  unsigned char iv[16];
+  struct st_encryption_scheme_key key[3];
+  unsigned int keyserver_requests;
+  unsigned int key_id;
+  unsigned int type;
+  void (*locker)(struct st_encryption_scheme *self, int release);
+};
+extern struct encryption_scheme_service_st {
+  int (*encryption_scheme_encrypt_func)
+                               (const unsigned char* src, unsigned int slen,
+                                unsigned char* dst, unsigned int* dlen,
+                                struct st_encryption_scheme *scheme,
+                                unsigned int key_version, unsigned int i32_1,
+                                unsigned int i32_2, unsigned long long i64);
+  int (*encryption_scheme_decrypt_func)
+                               (const unsigned char* src, unsigned int slen,
+                                unsigned char* dst, unsigned int* dlen,
+                                struct st_encryption_scheme *scheme,
+                                unsigned int key_version, unsigned int i32_1,
+                                unsigned int i32_2, unsigned long long i64);
+} *encryption_scheme_service;
+int encryption_scheme_encrypt(const unsigned char* src, unsigned int slen,
+                              unsigned char* dst, unsigned int* dlen,
+                              struct st_encryption_scheme *scheme,
+                              unsigned int key_version, unsigned int i32_1,
+                              unsigned int i32_2, unsigned long long i64);
+int encryption_scheme_decrypt(const unsigned char* src, unsigned int slen,
+                              unsigned char* dst, unsigned int* dlen,
+                              struct st_encryption_scheme *scheme,
+                              unsigned int key_version, unsigned int i32_1,
+                              unsigned int i32_2, unsigned long long i64);
 struct st_mysql_xid {
  long formatID;
  long gtrid_length;