mirror of
https://github.com/MariaDB/server.git
synced 2025-10-16 22:27:52 +03:00
ef5b4889c2
only one encryption key lookup in most cases instead of three (has_key, get_key_size, get_key).
74 lines
2.4 KiB
C
74 lines
2.4 KiB
C
#ifndef MYSQL_PLUGIN_ENCRYPTION_KEY_MANAGEMENT_INCLUDED
|
|
/* Copyright (C) 2014 Sergei Golubchik and MariaDB
|
|
|
|
This program is free software; you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation; version 2 of the License.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with this program; if not, write to the Free Software
|
|
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
|
|
|
|
/**
|
|
@file
|
|
|
|
Encryption key Management Plugin API.
|
|
|
|
This file defines the API for server plugins that manage encryption
|
|
keys for MariaDB on-disk data encryption.
|
|
*/
|
|
|
|
#define MYSQL_PLUGIN_ENCRYPTION_KEY_MANAGEMENT_INCLUDED
|
|
|
|
#include <mysql/plugin.h>
|
|
|
|
#define MariaDB_ENCRYPTION_KEY_MANAGEMENT_INTERFACE_VERSION 0x0200
|
|
|
|
#define BAD_ENCRYPTION_KEY_VERSION (~(unsigned int)0)
|
|
#define KEY_BUFFER_TOO_SMALL (100)
|
|
|
|
/**
|
|
Encryption key management plugin descriptor
|
|
*/
|
|
struct st_mariadb_encryption_key_management
|
|
{
|
|
int interface_version; /**< version plugin uses */
|
|
|
|
/**
|
|
function returning latest key version.
|
|
|
|
@return a version or BAD_ENCRYPTION_KEY_VERSION to indicate an error.
|
|
*/
|
|
unsigned int (*get_latest_key_version)();
|
|
|
|
/**
|
|
function returning a key for a key version
|
|
|
|
@param version the requested key version
|
|
@param key the key will be stored there. Can be NULL -
|
|
in which case no key will be returned
|
|
@param key_length in: key buffer size
|
|
out: the actual length of the key
|
|
|
|
This method can be used to query the key length - the required
|
|
buffer size - by passing key==NULL.
|
|
|
|
If the buffer size is less than the key length the content of the
|
|
key buffer is undefined (the plugin is free to partially fill it with
|
|
the key data or leave it untouched).
|
|
|
|
@return 0 on success, or
|
|
BAD_ENCRYPTION_KEY_VERSION, KEY_BUFFER_TOO_SMALL,
|
|
or any other non-zero number for errors
|
|
*/
|
|
unsigned int (*get_key)(unsigned int version, unsigned char *key,
|
|
unsigned int *key_length);
|
|
};
|
|
#endif
|
|
|