Skip to content

Commit 487e5f4

Browse files
committed
file_key_management plugin: complain if key id 1 is not found
and don't recommend aes_ctr if it's unavailable
1 parent 432b78c commit 487e5f4

File tree

4 files changed

+46
-2
lines changed

4 files changed

+46
-2
lines changed

mysql-test/suite/encryption/r/filekeys_syntax.result

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -127,3 +127,23 @@ ERROR HY000: Can't create table `test`.`t1` (errno: 140 "Wrong create options")
127127
select plugin_status from information_schema.plugins
128128
where plugin_name = 'file_key_management';
129129
plugin_status
130+
install soname 'file_key_management';
131+
ERROR HY000: System key id 1 is missing at MYSQL_TMP_DIR/keys.txt line 1, column 1
132+
call mtr.add_suppression("Syntax error");
133+
call mtr.add_suppression("Plugin 'file_key_management' init function returned error");
134+
call mtr.add_suppression("Plugin 'file_key_management' registration.*failed");
135+
FOUND /Syntax error/ in mysqld.1.err
136+
create table t1(c1 bigint not null, b char(200)) engine=innodb encrypted=yes encryption_key_id=1;
137+
ERROR HY000: Can't create table `test`.`t1` (errno: 140 "Wrong create options")
138+
select plugin_status from information_schema.plugins
139+
where plugin_name = 'file_key_management';
140+
plugin_status
141+
call mtr.add_suppression("System key id 1");
142+
call mtr.add_suppression("Plugin 'file_key_management' init function returned error");
143+
call mtr.add_suppression("Plugin 'file_key_management' registration.*failed");
144+
FOUND /System key id 1/ in mysqld.1.err
145+
create table t1(c1 bigint not null, b char(200)) engine=innodb encrypted=yes encryption_key_id=1;
146+
ERROR HY000: Can't create table `test`.`t1` (errno: 140 "Wrong create options")
147+
select plugin_status from information_schema.plugins
148+
where plugin_name = 'file_key_management';
149+
plugin_status

mysql-test/suite/encryption/t/filekeys_syntax.test

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -94,3 +94,16 @@ install soname 'file_key_management';
9494
source filekeys_badtest.inc;
9595
let SEARCH_PATTERN=Syntax error;
9696
source filekeys_badtest.inc;
97+
#
98+
# no key id 1
99+
#
100+
remove_file $MYSQL_TMP_DIR/keys.txt;
101+
write_file $MYSQL_TMP_DIR/keys.txt;
102+
3;22222222222222222222222222222222
103+
EOF
104+
--replace_result $MYSQL_TMP_DIR MYSQL_TMP_DIR
105+
--error 2
106+
install soname 'file_key_management';
107+
source filekeys_badtest.inc;
108+
let SEARCH_PATTERN=System key id 1;
109+
source filekeys_badtest.inc;

plugin/file_key_management/file_key_management_plugin.cc

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -48,9 +48,14 @@ static MYSQL_SYSVAR_STR(filekey, filekey,
4848
"Key to encrypt / decrypt the keyfile.",
4949
NULL, NULL, "");
5050

51+
#ifdef HAVE_EncryptAes128Ctr
52+
#define recommendation ", aes_ctr is the recommended one"
53+
#else
54+
#define recommendation ""
55+
#endif
5156
static MYSQL_SYSVAR_ENUM(encryption_algorithm, encryption_algorithm,
5257
PLUGIN_VAR_RQCMDARG | PLUGIN_VAR_READONLY,
53-
"Encryption algorithm to use, aes_ctr is the recommended one.",
58+
"Encryption algorithm to use" recommendation ".",
5459
NULL, NULL, 0, &encryption_algorithm_typelib);
5560

5661
static struct st_mysql_sys_var* settings[] = {

plugin/file_key_management/parser.cc

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -218,8 +218,14 @@ bool Parser::parse_file(Dynamic_array<keyentry> *keys, const char *secret)
218218
}
219219

220220
keys->sort(sort_keys);
221-
222221
my_free(buffer);
222+
223+
if (keys->at(0).id != 1)
224+
{
225+
report_error("System key id 1 is missing", 0);
226+
return 1;
227+
}
228+
223229
return 0;
224230
}
225231

0 commit comments

Comments
 (0)