remove get_iv() from the key management plugin API

now IVs are always handled internally

remove get_iv() from the key management plugin API
now IVs are always handled internally
5d8dbee9 · Sergei Golubchik · c238e68d · 5d8dbee9 · 5d8dbee9 · 5d8dbee9
Commit 5d8dbee9 authored Mar 26, 2015 by Sergei Golubchik
12 changed files
--- a/include/mysql/plugin_audit.h.pp
+++ b/include/mysql/plugin_audit.h.pp
@@ -203,13 +203,11 @@ extern struct encryption_keys_service_st {
  unsigned int (*has_encryption_key_func)(unsigned int);
  unsigned int (*get_encryption_key_size_func)(unsigned int);
  int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int);
-  int (*get_encryption_iv_func)(unsigned int, unsigned char*, unsigned int);
 } *encryption_keys_service;
 unsigned int get_latest_encryption_key_version();
 unsigned int has_encryption_key(unsigned int version);
 unsigned int get_encryption_key_size(unsigned int version);
 int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize);
-int get_encryption_iv(unsigned int version, unsigned char* iv, unsigned int ivbufsize);
 struct st_mysql_xid {
  long formatID;
  long gtrid_length;

--- a/include/mysql/plugin_auth.h.pp
+++ b/include/mysql/plugin_auth.h.pp
@@ -203,13 +203,11 @@ extern struct encryption_keys_service_st {
  unsigned int (*has_encryption_key_func)(unsigned int);
  unsigned int (*get_encryption_key_size_func)(unsigned int);
  int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int);
-  int (*get_encryption_iv_func)(unsigned int, unsigned char*, unsigned int);
 } *encryption_keys_service;
 unsigned int get_latest_encryption_key_version();
 unsigned int has_encryption_key(unsigned int version);
 unsigned int get_encryption_key_size(unsigned int version);
 int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize);
-int get_encryption_iv(unsigned int version, unsigned char* iv, unsigned int ivbufsize);
 struct st_mysql_xid {
  long formatID;
  long gtrid_length;

--- a/include/mysql/plugin_encryption_key_management.h
+++ b/include/mysql/plugin_encryption_key_management.h
@@ -59,15 +59,6 @@ struct st_mariadb_encryption_key_management
    @return 0 on success, non-zero on failure
  */
  int (*get_key)(unsigned int version, unsigned char* key, unsigned int keybufsize);
-
-  /**
-    function returning an IV for a key version
-
-    the IV is put in 'iv' buffer, that has size of 'ivbufsize' bytes.
-
-    @return 0 on success, non-zero on failure
-  */
-  int (*get_iv)(unsigned int version, unsigned char* iv, unsigned int ivbufsize);
 };
 #endif

--- a/include/mysql/plugin_encryption_key_management.h.pp
+++ b/include/mysql/plugin_encryption_key_management.h.pp
@@ -203,13 +203,11 @@ extern struct encryption_keys_service_st {
  unsigned int (*has_encryption_key_func)(unsigned int);
  unsigned int (*get_encryption_key_size_func)(unsigned int);
  int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int);
-  int (*get_encryption_iv_func)(unsigned int, unsigned char*, unsigned int);
 } *encryption_keys_service;
 unsigned int get_latest_encryption_key_version();
 unsigned int has_encryption_key(unsigned int version);
 unsigned int get_encryption_key_size(unsigned int version);
 int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize);
-int get_encryption_iv(unsigned int version, unsigned char* iv, unsigned int ivbufsize);
 struct st_mysql_xid {
  long formatID;
  long gtrid_length;
@@ -373,5 +371,4 @@ struct st_mariadb_encryption_key_management
  unsigned int (*has_key_version)(unsigned int version);
  unsigned int (*get_key_size)(unsigned int version);
  int (*get_key)(unsigned int version, unsigned char* key, unsigned int keybufsize);
-  int (*get_iv)(unsigned int version, unsigned char* iv, unsigned int ivbufsize);
 };
--- a/include/mysql/plugin_ftparser.h.pp
+++ b/include/mysql/plugin_ftparser.h.pp
@@ -203,13 +203,11 @@ extern struct encryption_keys_service_st {
  unsigned int (*has_encryption_key_func)(unsigned int);
  unsigned int (*get_encryption_key_size_func)(unsigned int);
  int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int);
-  int (*get_encryption_iv_func)(unsigned int, unsigned char*, unsigned int);
 } *encryption_keys_service;
 unsigned int get_latest_encryption_key_version();
 unsigned int has_encryption_key(unsigned int version);
 unsigned int get_encryption_key_size(unsigned int version);
 int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize);
-int get_encryption_iv(unsigned int version, unsigned char* iv, unsigned int ivbufsize);
 struct st_mysql_xid {
  long formatID;
  long gtrid_length;

--- a/include/mysql/plugin_password_validation.h.pp
+++ b/include/mysql/plugin_password_validation.h.pp
@@ -203,13 +203,11 @@ extern struct encryption_keys_service_st {
  unsigned int (*has_encryption_key_func)(unsigned int);
  unsigned int (*get_encryption_key_size_func)(unsigned int);
  int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int);
-  int (*get_encryption_iv_func)(unsigned int, unsigned char*, unsigned int);
 } *encryption_keys_service;
 unsigned int get_latest_encryption_key_version();
 unsigned int has_encryption_key(unsigned int version);
 unsigned int get_encryption_key_size(unsigned int version);
 int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize);
-int get_encryption_iv(unsigned int version, unsigned char* iv, unsigned int ivbufsize);
 struct st_mysql_xid {
  long formatID;
  long gtrid_length;

--- a/include/mysql/service_encryption_keys.h
+++ b/include/mysql/service_encryption_keys.h
@@ -30,7 +30,6 @@ extern struct encryption_keys_service_st {
  unsigned int (*has_encryption_key_func)(unsigned int);
  unsigned int (*get_encryption_key_size_func)(unsigned int);
  int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int);
-  int (*get_encryption_iv_func)(unsigned int, unsigned char*, unsigned int);
 } *encryption_keys_service;

 #ifdef MYSQL_DYNAMIC_PLUGIN
@@ -39,7 +38,6 @@ extern struct encryption_keys_service_st {
 #define has_encryption_key(V) encryption_keys_service->has_encryption_key_func(V)
 #define get_encryption_key_size(V) encryption_keys_service->get_encryption_key_size_func(V)
 #define get_encryption_key(V,K,S) encryption_keys_service->get_encryption_key_func((V), (K), (S))
-#define get_encryption_iv(V, I, S) encryption_keys_service->get_encryption_iv_func((V), (I), (S))

 #else

@@ -47,7 +45,6 @@ unsigned int get_latest_encryption_key_version();
 unsigned int has_encryption_key(unsigned int version);
 unsigned int get_encryption_key_size(unsigned int version);
 int get_encryption_key(unsigned int version, unsigned char* key, unsigned int keybufsize);
-int get_encryption_iv(unsigned int version, unsigned char* iv, unsigned int ivbufsize);

 #endif


--- a/plugin/debug_key_management_plugin/debug_key_management_plugin.cc
+++ b/plugin/debug_key_management_plugin/debug_key_management_plugin.cc
@@ -62,18 +62,12 @@ static unsigned int get_key_size(unsigned int ver)
  return 16;
 }

-static int get_iv(unsigned int ver, unsigned char* dstbuf, unsigned buflen)
-{
-  return 0; // to be removed
-}
-
 struct st_mariadb_encryption_key_management debug_key_management_plugin= {
  MariaDB_ENCRYPTION_KEY_MANAGEMENT_INTERFACE_VERSION,
  get_latest_key_version,
  has_key,
  get_key_size,
-  get_key,
-  get_iv
+  get_key
 };

 /*

--- a/plugin/example_key_management_plugin/example_key_management_plugin.cc
+++ b/plugin/example_key_management_plugin/example_key_management_plugin.cc
@@ -86,20 +86,6 @@ static unsigned int get_key_size(unsigned int keyID)
 	return 16;
 }

-static int get_iv(unsigned int keyID, unsigned char* dstbuf, unsigned buflen)
-{
-  if (buflen < 16)
-  {
-	  return CRYPT_BUFFER_TO_SMALL;
-  }
-
-  for (int i=0; i<16; i++)
-	  dstbuf[i] = 0;
-
-  return CRYPT_KEY_OK;
-}
-
-
 static int example_key_management_plugin_init(void *p)
 {
  /* init */
@@ -131,8 +117,7 @@ struct st_mariadb_encryption_key_management example_key_management_plugin= {
  get_latest_key_version,
  has_key_func,
  get_key_size,
-  get_key,
-  get_iv
+  get_key
 };

 /*

--- a/plugin/file_key_management_plugin/file_key_management_plugin.cc
+++ b/plugin/file_key_management_plugin/file_key_management_plugin.cc
@@ -204,32 +204,6 @@ static int get_key_from_key_file(unsigned int keyID, unsigned char* dstbuf,
  }
 }

-static int get_iv_from_key_file(unsigned int keyID, unsigned char* dstbuf,
-                                unsigned buflen)
-{
-  keyentry* entry = KeySingleton::getInstance().getKeys((int)keyID);
-
-  if (entry != NULL)
-  {
-    char* ivString = entry->iv;
-    size_t iv_len = strlen(ivString)/2;
-
-    if (buflen < iv_len)
-    {
-      return CRYPT_BUFFER_TO_SMALL;
-    }
-
-    my_aes_hex2uint(ivString, (unsigned char*)dstbuf, iv_len);
-
-    return CRYPT_KEY_OK;
-  }
-  else
-  {
-    return CRYPT_KEY_UNKNOWN;
-  }
-}
-
-
 static int file_key_management_plugin_init(void *p)
 {
  /* init */
@@ -265,8 +239,7 @@ struct st_mariadb_encryption_key_management file_key_management_plugin= {
  get_highest_key_used_in_key_file,
  has_key_from_key_file,
  get_key_size_from_key_file,
-  get_key_from_key_file,
-  get_iv_from_key_file
+  get_key_from_key_file
 };

 /*

--- a/sql/encryption_keys.cc
+++ b/sql/encryption_keys.cc
@@ -39,14 +39,6 @@ int get_encryption_key(uint version, uchar* key, uint size)
  return 1;
 }

-int get_encryption_iv(uint version, uchar* iv, uint size)
-{
-  if (encryption_key_manager)
-    return handle->get_iv(version, iv, size);
-
-  return 1;
-}
-
 int initialize_encryption_key_management_plugin(st_plugin_int *plugin)
 {
  if (encryption_key_manager)

--- a/sql/sql_plugin_services.h
+++ b/sql/sql_plugin_services.h
@@ -144,8 +144,7 @@ static struct encryption_keys_service_st encryption_keys_handler=
  get_latest_encryption_key_version,
  has_encryption_key,
  get_encryption_key_size,
-  get_encryption_key,
-  get_encryption_iv
+  get_encryption_key
 };

 static struct thd_specifics_service_st thd_specifics_handler=