MySQL 8.4.2
Source Code Documentation
|
Keyring aes encryption service provides APIs to perform AES encryption/decryption operation on given data. More...
#include <keyring_aes.h>
Public Attributes | |
mysql_service_status_t(* | get_size )(size_t input_length, const char *mode, size_t block_size, size_t *out_size) |
Retrieve required out buffer length information. More... | |
mysql_service_status_t(* | encrypt )(const char *data_id, const char *auth_id, const char *mode, size_t block_size, const unsigned char *iv, int padding, const unsigned char *data_buffer, size_t data_buffer_length, unsigned char *out_buffer, size_t out_buffer_length, size_t *out_length) |
Encrypt given piece of plaintext. More... | |
mysql_service_status_t(* | decrypt )(const char *data_id, const char *auth_id, const char *mode, size_t block_size, const unsigned char *iv, int padding, const unsigned char *data_buffer, size_t data_buffer_length, unsigned char *out_buffer, size_t out_buffer_length, size_t *out_length) |
Decrypt given piece ciphertext. More... | |
Keyring aes encryption service provides APIs to perform AES encryption/decryption operation on given data.
These methods make sure that key never leaves keyring component.
mysql_service_status_t(* s_mysql_keyring_aes::decrypt) (const char *data_id, const char *auth_id, const char *mode, size_t block_size, const unsigned char *iv, int padding, const unsigned char *data_buffer, size_t data_buffer_length, unsigned char *out_buffer, size_t out_buffer_length, size_t *out_length) |
Decrypt given piece ciphertext.
Block mode for operation (e.g. "ecb", "cbc", cfb1",...) Block size (e.g. 256)
Length of out buffer should be sufficient to hold ciphertext data. See get_size() API.
If block mode requires IV, same should be provided by caller. This should same IV that was used for encryption operation.
[in] | data_id | Name of the key. Byte string. |
[in] | auth_id | Owner of the key. Byte string. |
[in] | mode | AES mode. ASCII string. |
[in] | block_size | AES block size information |
[in] | iv | Initialization vector |
[in] | padding | padding preference (0 implies no padding) |
[in] | data_buffer | Input buffer. Byte string. |
[in] | data_buffer_length | Input buffer length |
[out] | out_buffer | Output buffer. Byte string. |
[in] | out_buffer_length | Output buffer length |
[out] | out_length | Length of decrypted data |
false | Success |
true | Failure |
mysql_service_status_t(* s_mysql_keyring_aes::encrypt) (const char *data_id, const char *auth_id, const char *mode, size_t block_size, const unsigned char *iv, int padding, const unsigned char *data_buffer, size_t data_buffer_length, unsigned char *out_buffer, size_t out_buffer_length, size_t *out_length) |
Encrypt given piece of plaintext.
Block mode for operation (e.g. "ecb", "cbc", cfb1",...) Block size (e.g. 256)
Length of out buffer should be sufficient to hold ciphertext data. See get_size() API.
Encrypted data should be stored in out_buffer with out_length set to actual length of data.
IV must be provided if block mode of operation requires it.
It is caller's responsibility to supply same IV for encryption/decryption.
[in] | data_id | Name of the key. Byte string. |
[in] | auth_id | Owner of the key. Byte string. |
[in] | mode | AES mode. ASCII string. |
[in] | block_size | AES block size information |
[in] | iv | Initialization vector |
[in] | padding | padding preference (0 implies no padding) |
[in] | data_buffer | Input buffer. Byte string. |
[in] | data_buffer_length | Input buffer length |
[out] | out_buffer | Output buffer. Byte string. |
[in] | out_buffer_length | Output buffer length |
[out] | out_length | Length of encrypted data |
false | Success |
true | Failure |
mysql_service_status_t(* s_mysql_keyring_aes::get_size) (size_t input_length, const char *mode, size_t block_size, size_t *out_size) |
Retrieve required out buffer length information.
Assumption: mode string is in lower case.
[in] | input_length | Length of input text |
[in] | mode | AES mode. ASCII string. |
[in] | block_size | AES block size information |
[out] | out_size | Size of out buffer |
false | Success |
true | Error processing given mode and/or block size |