MDEV-11782: Redefine the innodb_encrypt_log format

Write only one encryption key to the checkpoint page.
Use 4 bytes of nonce. Encrypt more of each redo log block,
only skipping the 4-byte field LOG_BLOCK_HDR_NO which the
initialization vector is derived from.

Issue notes, not warning messages for rewriting the redo log files.

recv_recovery_from_checkpoint_finish(): Do not generate any redo log,
because we must avoid that before rewriting the redo log files, or
otherwise a crash during a redo log rewrite (removing or adding
encryption) may end up making the database unrecoverable.
Instead, do these tasks in innobase_start_or_create_for_mysql().

Issue a firm "Missing MLOG_CHECKPOINT" error message. Remove some
unreachable code and duplicated error messages for log corruption.

LOG_HEADER_FORMAT_ENCRYPTED: A flag for identifying an encrypted redo
log format.

log_group_t::is_encrypted(), log_t::is_encrypted(): Determine
if the redo log is in encrypted format.

recv_find_max_checkpoint(): Interpret LOG_HEADER_FORMAT_ENCRYPTED.

srv_prepare_to_delete_redo_log_files(): Display NOTE messages about
adding or removing encryption. Do not issue warnings for redo log
resizing any more.

innobase_start_or_create_for_mysql(): Rebuild the redo logs also when
the encryption changes.

innodb_log_checksums_func_update(): Always use the CRC-32C checksum
if innodb_encrypt_log. If needed, issue a warning
that innodb_encrypt_log implies innodb_log_checksums.

log_group_write_buf(): Compute the checksum on the encrypted
block contents, so that transmission errors or incomplete blocks can be
detected without decrypting.

Rewrite most of the redo log encryption code. Only remember one
encryption key at a time (but remember up to 5 when upgrading from the
MariaDB 10.1 format.)

mysql-test/suite/encryption/r/innodb-log-encrypt.result

@@ -1,53 +0,0 @@
-create table t1(c1 bigint not null, b char(200), c varchar(200)) engine=innodb encrypted=yes encryption_key_id=1;
-show warnings;
-Level	Code	Message
-create procedure innodb_insert_proc (repeat_count int)
-begin
-declare current_num int;
-set current_num = 0;
-while current_num < repeat_count do
-insert into t1 values(current_num, substring(MD5(RAND()), -64), REPEAT('privatejanprivate',10));
-set current_num = current_num + 1;
-end while;
-end//
-commit;
-begin;
-call innodb_insert_proc(2000);
-commit;
-update t1 set c1 = c1 +1;
-select count(*) from t1;
-count(*)
-2000
-# Kill the server
-# ibdata1 yes on expecting NOT FOUND
-NOT FOUND /privatejanprivate/ in ibdata1
-# t1 yes on expecting NOT FOUND
-NOT FOUND /privatejanprivate/ in t1.ibd
-# log0 yes on expecting NOT FOUND
-NOT FOUND /privatejanprivate/ in ib_logfile0
-# log1 yes on expecting NOT FOUND
-NOT FOUND /privatejanprivate/ in ib_logfile1
-# Restart mysqld --innodb_encrypt_log=0
-insert into t1 values(5000, substring(MD5(RAND()), -64), REPEAT('publicmessage',10));
-insert into t1 values(5001, substring(MD5(RAND()), -64), REPEAT('publicmessage',10));
-insert into t1 values(5002, substring(MD5(RAND()), -64), REPEAT('publicmessage',10));
-insert into t1 values(5003, substring(MD5(RAND()), -64), REPEAT('publicmessage',10));
-insert into t1 values(5004, substring(MD5(RAND()), -64), REPEAT('publicmessage',10));
-# ibdata1 yes on expecting NOT FOUND
-NOT FOUND /privatejanprivate/ in ibdata1
-# t1 yes on expecting NOT FOUND
-NOT FOUND /privatejanprivate/ in t1.ibd
-# log0 yes on expecting NOT FOUND
-NOT FOUND /privatejanprivate/ in ib_logfile0
-# log1 yes on expecting NOT FOUND
-NOT FOUND /privatejanprivate/ in ib_logfile1
-# ibdata1 yes on expecting NOT FOUND
-NOT FOUND /publicmessage/ in ibdata1
-# t1 yes on expecting NOT FOUND
-NOT FOUND /publicmessage/ in t1.ibd
-# log0 no on expecting FOUND/NOTFOUND depending where insert goes
-FOUND /publicmessage/ in ib_logfile0
-# log1 no on expecting FOUND/NOTFOUND depending where insert goes
-NOT FOUND /publicmessage/ in ib_logfile1
-drop procedure innodb_insert_proc;
-drop table t1;