remove wrappers in encryption_keys.cc

invoke plugin methods directly

include/mysql/plugin_audit.h.pp

@@ -203,26 +203,14 @@ typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen,
                                     const unsigned char* key, unsigned int klen,
                                     const unsigned char* iv, unsigned int ivlen,
                                     int no_padding, unsigned int key_version);
-extern struct encryption_keys_service_st {
+struct encryption_keys_service_st {
   unsigned int (*get_latest_encryption_key_version_func)();
   unsigned int (*has_encryption_key_func)(unsigned int);
   unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*);
   encrypt_decrypt_func encrypt_data_func;
   encrypt_decrypt_func decrypt_data_func;
-} *encryption_keys_service;
-unsigned int get_latest_encryption_key_version();
-unsigned int has_encryption_key(unsigned int version);
-unsigned int get_encryption_key(unsigned int version, unsigned char* key, unsigned int *keybufsize);
-int encrypt_data(const unsigned char* src, unsigned int slen,
-                 unsigned char* dst, unsigned int* dlen,
-                 const unsigned char* key, unsigned int klen,
-                 const unsigned char* iv, unsigned int ivlen,
-                 int no_padding, unsigned int key_version);
-int decrypt_data(const unsigned char* src, unsigned int slen,
-                 unsigned char* dst, unsigned int* dlen,
-                 const unsigned char* key, unsigned int klen,
-                 const unsigned char* iv, unsigned int ivlen,
-                 int no_padding, unsigned int key_version);
+};
+extern struct encryption_keys_service_st encryption_keys_handler;
 struct st_mysql_xid {
   long formatID;
   long gtrid_length;

include/mysql/plugin_auth.h.pp

@@ -203,26 +203,14 @@ typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen,
                                     const unsigned char* key, unsigned int klen,
                                     const unsigned char* iv, unsigned int ivlen,
                                     int no_padding, unsigned int key_version);
-extern struct encryption_keys_service_st {
+struct encryption_keys_service_st {
   unsigned int (*get_latest_encryption_key_version_func)();
   unsigned int (*has_encryption_key_func)(unsigned int);
   unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*);
   encrypt_decrypt_func encrypt_data_func;
   encrypt_decrypt_func decrypt_data_func;
-} *encryption_keys_service;
-unsigned int get_latest_encryption_key_version();
-unsigned int has_encryption_key(unsigned int version);
-unsigned int get_encryption_key(unsigned int version, unsigned char* key, unsigned int *keybufsize);
-int encrypt_data(const unsigned char* src, unsigned int slen,
-                 unsigned char* dst, unsigned int* dlen,
-                 const unsigned char* key, unsigned int klen,
-                 const unsigned char* iv, unsigned int ivlen,
-                 int no_padding, unsigned int key_version);
-int decrypt_data(const unsigned char* src, unsigned int slen,
-                 unsigned char* dst, unsigned int* dlen,
-                 const unsigned char* key, unsigned int klen,
-                 const unsigned char* iv, unsigned int ivlen,
-                 int no_padding, unsigned int key_version);
+};
+extern struct encryption_keys_service_st encryption_keys_handler;
 struct st_mysql_xid {
   long formatID;
   long gtrid_length;

include/mysql/plugin_encryption.h.pp

@@ -203,26 +203,14 @@ typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen,
                                     const unsigned char* key, unsigned int klen,
                                     const unsigned char* iv, unsigned int ivlen,
                                     int no_padding, unsigned int key_version);
-extern struct encryption_keys_service_st {
+struct encryption_keys_service_st {
   unsigned int (*get_latest_encryption_key_version_func)();
   unsigned int (*has_encryption_key_func)(unsigned int);
   unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*);
   encrypt_decrypt_func encrypt_data_func;
   encrypt_decrypt_func decrypt_data_func;
-} *encryption_keys_service;
-unsigned int get_latest_encryption_key_version();
-unsigned int has_encryption_key(unsigned int version);
-unsigned int get_encryption_key(unsigned int version, unsigned char* key, unsigned int *keybufsize);
-int encrypt_data(const unsigned char* src, unsigned int slen,
-                 unsigned char* dst, unsigned int* dlen,
-                 const unsigned char* key, unsigned int klen,
-                 const unsigned char* iv, unsigned int ivlen,
-                 int no_padding, unsigned int key_version);
-int decrypt_data(const unsigned char* src, unsigned int slen,
-                 unsigned char* dst, unsigned int* dlen,
-                 const unsigned char* key, unsigned int klen,
-                 const unsigned char* iv, unsigned int ivlen,
-                 int no_padding, unsigned int key_version);
+};
+extern struct encryption_keys_service_st encryption_keys_handler;
 struct st_mysql_xid {
   long formatID;
   long gtrid_length;

include/mysql/plugin_ftparser.h.pp

@@ -203,26 +203,14 @@ typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen,
                                     const unsigned char* key, unsigned int klen,
                                     const unsigned char* iv, unsigned int ivlen,
                                     int no_padding, unsigned int key_version);
-extern struct encryption_keys_service_st {
+struct encryption_keys_service_st {
   unsigned int (*get_latest_encryption_key_version_func)();
   unsigned int (*has_encryption_key_func)(unsigned int);
   unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*);
   encrypt_decrypt_func encrypt_data_func;
   encrypt_decrypt_func decrypt_data_func;
-} *encryption_keys_service;
-unsigned int get_latest_encryption_key_version();
-unsigned int has_encryption_key(unsigned int version);
-unsigned int get_encryption_key(unsigned int version, unsigned char* key, unsigned int *keybufsize);
-int encrypt_data(const unsigned char* src, unsigned int slen,
-                 unsigned char* dst, unsigned int* dlen,
-                 const unsigned char* key, unsigned int klen,
-                 const unsigned char* iv, unsigned int ivlen,
-                 int no_padding, unsigned int key_version);
-int decrypt_data(const unsigned char* src, unsigned int slen,
-                 unsigned char* dst, unsigned int* dlen,
-                 const unsigned char* key, unsigned int klen,
-                 const unsigned char* iv, unsigned int ivlen,
-                 int no_padding, unsigned int key_version);
+};
+extern struct encryption_keys_service_st encryption_keys_handler;
 struct st_mysql_xid {
   long formatID;
   long gtrid_length;

include/mysql/plugin_password_validation.h.pp

@@ -203,26 +203,14 @@ typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen,
                                     const unsigned char* key, unsigned int klen,
                                     const unsigned char* iv, unsigned int ivlen,
                                     int no_padding, unsigned int key_version);
-extern struct encryption_keys_service_st {
+struct encryption_keys_service_st {
   unsigned int (*get_latest_encryption_key_version_func)();
   unsigned int (*has_encryption_key_func)(unsigned int);
   unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*);
   encrypt_decrypt_func encrypt_data_func;
   encrypt_decrypt_func decrypt_data_func;
-} *encryption_keys_service;
-unsigned int get_latest_encryption_key_version();
-unsigned int has_encryption_key(unsigned int version);
-unsigned int get_encryption_key(unsigned int version, unsigned char* key, unsigned int *keybufsize);
-int encrypt_data(const unsigned char* src, unsigned int slen,
-                 unsigned char* dst, unsigned int* dlen,
-                 const unsigned char* key, unsigned int klen,
-                 const unsigned char* iv, unsigned int ivlen,
-                 int no_padding, unsigned int key_version);
-int decrypt_data(const unsigned char* src, unsigned int slen,
-                 unsigned char* dst, unsigned int* dlen,
-                 const unsigned char* key, unsigned int klen,
-                 const unsigned char* iv, unsigned int ivlen,
-                 int no_padding, unsigned int key_version);
+};
+extern struct encryption_keys_service_st encryption_keys_handler;
 struct st_mysql_xid {
   long formatID;
   long gtrid_length;

include/mysql/service_encryption_keys.h

@@ -34,16 +34,18 @@ typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen,
                                     const unsigned char* iv, unsigned int ivlen,
                                     int no_padding, unsigned int key_version);
 
-extern struct encryption_keys_service_st {
+struct encryption_keys_service_st {
   unsigned int (*get_latest_encryption_key_version_func)();
   unsigned int (*has_encryption_key_func)(unsigned int);
   unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*);
   encrypt_decrypt_func encrypt_data_func;
   encrypt_decrypt_func decrypt_data_func;
-} *encryption_keys_service;
+};
 
 #ifdef MYSQL_DYNAMIC_PLUGIN
 
+extern struct encryption_keys_service_st *encryption_keys_service;
+
 #define get_latest_encryption_key_version() encryption_keys_service->get_latest_encryption_key_version_func()
 #define has_encryption_key(V) encryption_keys_service->has_encryption_key_func(V)
 #define get_encryption_key(V,K,S) encryption_keys_service->get_encryption_key_func((V), (K), (S))
@@ -51,19 +53,13 @@ extern struct encryption_keys_service_st {
 #define decrypt_data(S,SL,D,DL,K,KL,I,IL,NP,KV) encryption_keys_service->decrypt_data_func(S,SL,D,DL,K,KL,I,IL,NP,KV)
 #else
 
-unsigned int get_latest_encryption_key_version();
-unsigned int has_encryption_key(unsigned int version);
-unsigned int get_encryption_key(unsigned int version, unsigned char* key, unsigned int *keybufsize);
-int encrypt_data(const unsigned char* src, unsigned int slen,
-                 unsigned char* dst, unsigned int* dlen,
-                 const unsigned char* key, unsigned int klen,
-                 const unsigned char* iv, unsigned int ivlen,
-                 int no_padding, unsigned int key_version);
-int decrypt_data(const unsigned char* src, unsigned int slen,
-                 unsigned char* dst, unsigned int* dlen,
-                 const unsigned char* key, unsigned int klen,
-                 const unsigned char* iv, unsigned int ivlen,
-                 int no_padding, unsigned int key_version);
+extern struct encryption_keys_service_st encryption_keys_handler;
+
+#define get_latest_encryption_key_version() encryption_keys_handler.get_latest_encryption_key_version_func()
+#define has_encryption_key(V) encryption_keys_handler.has_encryption_key_func(V)
+#define get_encryption_key(V,K,S) encryption_keys_handler.get_encryption_key_func((V), (K), (S))
+#define encrypt_data(S,SL,D,DL,K,KL,I,IL,NP,KV) encryption_keys_handler.encrypt_data_func(S,SL,D,DL,K,KL,I,IL,NP,KV)
+#define decrypt_data(S,SL,D,DL,K,KL,I,IL,NP,KV) encryption_keys_handler.decrypt_data_func(S,SL,D,DL,K,KL,I,IL,NP,KV)
 #endif
 
 #ifdef __cplusplus

sql/encryption_keys.cc

@@ -19,61 +19,29 @@
 #include "sql_plugin.h"
 #include <my_crypt.h>
 
+#warning TODO rename to follow single consistent style
+
 /* there can be only one encryption plugin enabled */
 static plugin_ref encryption_key_manager= 0;
-static struct st_mariadb_encryption *handle;
-
-unsigned int get_latest_encryption_key_version()
-{
-  if (encryption_key_manager)
-    return handle->get_latest_key_version();
-
-  return BAD_ENCRYPTION_KEY_VERSION;
-}
+struct encryption_keys_service_st encryption_keys_handler;
 
-unsigned int has_encryption_key(uint version)
+unsigned int has_key(uint version)
 {
-  if (encryption_key_manager)
-  {
-    uint unused;
-    return handle->get_key(version, NULL, &unused) != BAD_ENCRYPTION_KEY_VERSION;
-  }
-
-  return 0;
+  uint unused;
+  return get_encryption_key(version, NULL, &unused) != BAD_ENCRYPTION_KEY_VERSION;
 }
 
-uint get_encryption_key(uint version, uchar* key, uint *size)
+uint no_key()
 {
-  if (encryption_key_manager)
-    return handle->get_key(version, key, size);
-
   return BAD_ENCRYPTION_KEY_VERSION;
 }
 
-int encrypt_data(const uchar* source, uint source_length,
-                 uchar* dest, uint* dest_length,
-                 const uchar* key, uint key_length,
-                 const uchar* iv, uint iv_length,
-                 int no_padding, uint key_version)
-{
-  if (encryption_key_manager)
-    return handle->encrypt(source, source_length,
-                           dest, dest_length, key, key_length,
-                           iv, iv_length, no_padding, key_version);
-  return 1;
-}
-
-
-int decrypt_data(const uchar* source, uint source_length,
-                 uchar* dest, uint* dest_length,
-                 const uchar* key, uint key_length,
-                 const uchar* iv, uint iv_length,
-                 int no_padding, uint key_version)
+static int no_crypt(const uchar* source, uint source_length,
+                    uchar* dest, uint* dest_length,
+                    const uchar* key, uint key_length,
+                    const uchar* iv, uint iv_length,
+                    int no_padding, uint key_version)
 {
-  if (encryption_key_manager)
-    return handle->decrypt(source, source_length,
-                           dest, dest_length, key, key_length,
-                           iv, iv_length, no_padding, key_version);
   return 1;
 }
 
@@ -91,21 +59,36 @@ int initialize_encryption_plugin(st_plugin_int *plugin)
   }
 
   encryption_key_manager= plugin_lock(NULL, plugin_int_to_ref(plugin));
-  handle= (struct st_mariadb_encryption*)
-            plugin->plugin->info;
+  st_mariadb_encryption *handle=
+    (struct st_mariadb_encryption*) plugin->plugin->info;
+
+  encryption_keys_handler.encrypt_data_func=
+    handle->encrypt ? handle->encrypt
+                    : (encrypt_decrypt_func)my_aes_encrypt_cbc;
+
+  encryption_keys_handler.decrypt_data_func=
+    handle->decrypt ? handle->decrypt
+                    : (encrypt_decrypt_func)my_aes_decrypt_cbc;
+
+  encryption_keys_handler.get_encryption_key_func=
+    handle->get_key;
 
-  /* default encryption algorithm */
-  if (!handle->encrypt)
-    handle->encrypt= (encrypt_decrypt_func)my_aes_encrypt_cbc;
-  if (!handle->decrypt)
-    handle->decrypt= (encrypt_decrypt_func)my_aes_decrypt_cbc;
+  encryption_keys_handler.get_latest_encryption_key_version_func=
+    handle->get_latest_key_version; // must be the last
 
   return 0;
 }
 
 int finalize_encryption_plugin(st_plugin_int *plugin)
 {
-  if (plugin->plugin->deinit && plugin->plugin->deinit(NULL))
+  encryption_keys_handler.encrypt_data_func= no_crypt;
+  encryption_keys_handler.decrypt_data_func= no_crypt;
+  encryption_keys_handler.has_encryption_key_func= has_key;
+  encryption_keys_handler.get_encryption_key_func=
+      (uint (*)(uint, uchar*, uint*))no_key;
+  encryption_keys_handler.get_latest_encryption_key_version_func= no_key;
+
+  if (plugin && plugin->plugin->deinit && plugin->plugin->deinit(NULL))
   {
     DBUG_PRINT("warning", ("Plugin '%s' deinit function returned error.",
                            plugin->name.str));

sql/sql_plugin.cc

@@ -1562,6 +1562,9 @@ int plugin_init(int *argc, char **argv, int flags)
   DBUG_ASSERT(strcmp(list_of_services[4].name, "debug_sync_service") == 0);
   list_of_services[4].service= *(void**)&debug_sync_C_callback_ptr;
 
+  /* prepare encryption_keys service */
+  finalize_encryption_plugin(0);
+
   mysql_mutex_lock(&LOCK_plugin);
 
   initialized= 1;

sql/sql_plugin_services.h

@@ -139,15 +139,6 @@ static struct wsrep_service_st wsrep_handler = {
   wsrep_unlock_rollback
 };
 
-static struct encryption_keys_service_st encryption_keys_handler=
-{
-  get_latest_encryption_key_version,
-  has_encryption_key,
-  get_encryption_key,
-  encrypt_data,
-  decrypt_data
-};
-
 static struct thd_specifics_service_st thd_specifics_handler=
 {
   thd_key_create,

storage/maria/ma_check_standalone.h

@@ -23,39 +23,15 @@ void _mi_report_crashed(void *file __attribute__((unused)),
 {
 }
 
-unsigned int get_latest_encryption_key_version()
+static unsigned int no_key()
 {
   return BAD_ENCRYPTION_KEY_VERSION;
 }
 
-int encrypt_data(const uchar* source __attribute__((unused)),
-                 uint source_length __attribute__((unused)),
-                 uchar* dest __attribute__((unused)),
-                 uint* dest_length __attribute__((unused)),
-                 const uchar* key __attribute__((unused)),
-                 uint key_length __attribute__((unused)),
-                 const uchar* iv __attribute__((unused)),
-                 uint iv_length __attribute__((unused)),
-                 int no_padding __attribute__((unused)),
-                 uint key_version __attribute__((unused)))
+struct encryption_keys_service_st encryption_keys_handler=
 {
-  return 1;
-}
-
-
-int decrypt_data(const uchar* source __attribute__((unused)),
-                 uint source_length __attribute__((unused)),
-                 uchar* dest __attribute__((unused)),
-                 uint* dest_length __attribute__((unused)),
-                 const uchar* key __attribute__((unused)),
-                 uint key_length __attribute__((unused)),
-                 const uchar* iv __attribute__((unused)),
-                 uint iv_length __attribute__((unused)),
-                 int no_padding __attribute__((unused)),
-                 uint key_version __attribute__((unused)))
-{
-  return 1;
-}
+  no_key, 0, 0, 0, 0
+};
 
 /* only those that included myisamchk.h may need and can use the below */
 #ifdef _myisamchk_h