MySQL 9.5.0
Source Code Documentation
Macros | Enumerations | Functions | Variables
my_aes.h File Reference

Wrapper to give simple interface for MySQL to AES standard encryption. More...

#include "my_inttypes.h"
#include "my_macros.h"
#include <string>
#include <vector>
#include <openssl/evp.h>

Go to the source code of this file.

Macros

#define MY_AES_IV_SIZE   16
 AES IV size is 16 bytes for all supported ciphers except ECB. More...
 
#define MY_AES_BLOCK_SIZE   16
 AES block size is fixed to be 128 bits for CBC and ECB. More...
 
#define MY_AES_BEGIN   my_aes_128_ecb
 
#define MY_AES_END   my_aes_256_ofb
 
#define MY_AES_BAD_DATA   -1
 

Enumerations

enum  my_aes_opmode {
  my_aes_128_ecb , my_aes_192_ecb , my_aes_256_ecb , my_aes_128_cbc ,
  my_aes_192_cbc , my_aes_256_cbc , my_aes_128_cfb1 , my_aes_192_cfb1 ,
  my_aes_256_cfb1 , my_aes_128_cfb8 , my_aes_192_cfb8 , my_aes_256_cfb8 ,
  my_aes_128_cfb128 , my_aes_192_cfb128 , my_aes_256_cfb128 , my_aes_128_ofb ,
  my_aes_192_ofb , my_aes_256_ofb
}
 Supported AES cipher/block mode combos. More...
 

Functions

int my_aes_encrypt (const unsigned char *source, uint32 source_length, unsigned char *dest, const unsigned char *key, uint32 key_length, enum my_aes_opmode mode, const unsigned char *iv, bool padding=true, vector< string > *kdf_options=nullptr)
 Encrypt a buffer using AES. More...
 
int my_aes_encrypt (EVP_CIPHER_CTX *ctx, const unsigned char *source, uint32 source_length, unsigned char *dest, const unsigned char *key, uint32 key_length, enum my_aes_opmode mode, const unsigned char *iv, bool padding=true, vector< string > *kdf_options=nullptr)
 Encrypt a buffer using AES. More...
 
int my_aes_decrypt (const unsigned char *source, uint32 source_length, unsigned char *dest, const unsigned char *key, uint32 key_length, enum my_aes_opmode mode, const unsigned char *iv, bool padding=true, vector< string > *kdf_options=nullptr)
 Decrypt an AES encrypted buffer. More...
 
int my_aes_decrypt (EVP_CIPHER_CTX *ctx, const unsigned char *source, uint32 source_length, unsigned char *dest, const unsigned char *key, uint32 key_length, enum my_aes_opmode mode, const unsigned char *iv, bool padding=true, vector< string > *kdf_options=nullptr)
 Decrypt an AES encrypted buffer. More...
 
longlong my_aes_get_size (uint32 source_length, enum my_aes_opmode opmode)
 Calculate the size of a buffer large enough for encrypted data. More...
 
bool my_aes_needs_iv (my_aes_opmode opmode)
 Return true if the AES cipher and block mode requires an IV. More...
 

Variables

const char * my_aes_opmode_names []
 String representations of the supported AES modes. More...
 

Detailed Description

Wrapper to give simple interface for MySQL to AES standard encryption.

Macro Definition Documentation

◆ MY_AES_BAD_DATA

#define MY_AES_BAD_DATA   -1

◆ MY_AES_BEGIN

#define MY_AES_BEGIN   my_aes_128_ecb

◆ MY_AES_BLOCK_SIZE

#define MY_AES_BLOCK_SIZE   16

AES block size is fixed to be 128 bits for CBC and ECB.

◆ MY_AES_END

#define MY_AES_END   my_aes_256_ofb

◆ MY_AES_IV_SIZE

#define MY_AES_IV_SIZE   16

AES IV size is 16 bytes for all supported ciphers except ECB.

Enumeration Type Documentation

◆ my_aes_opmode

enum my_aes_opmode

Supported AES cipher/block mode combos.

Enumerator
my_aes_128_ecb 
my_aes_192_ecb 
my_aes_256_ecb 
my_aes_128_cbc 
my_aes_192_cbc 
my_aes_256_cbc 
my_aes_128_cfb1 
my_aes_192_cfb1 
my_aes_256_cfb1 
my_aes_128_cfb8 
my_aes_192_cfb8 
my_aes_256_cfb8 
my_aes_128_cfb128 
my_aes_192_cfb128 
my_aes_256_cfb128 
my_aes_128_ofb 
my_aes_192_ofb 
my_aes_256_ofb 

Function Documentation

◆ my_aes_decrypt() [1/2]

int my_aes_decrypt ( const unsigned char *  source,
uint32  source_length,
unsigned char *  dest,
const unsigned char *  key,
uint32  key_length,
enum my_aes_opmode  mode,
const unsigned char *  iv,
bool  padding = true,
vector< string > *  kdf_options = nullptr 
)

Decrypt an AES encrypted buffer.

Parameters
sourcePointer to data for decryption
source_lengthsize of encrypted data
destbuffer to place decrypted data (must be large enough)
keyKey to be used for decryption
key_lengthLength of the key. Will handle keys of any length
modeencryption mode
iv16 bytes initialization vector if needed. Otherwise NULL
paddingif padding needed.
kdf_optionsKDF options
Returns
size of original data.

◆ my_aes_decrypt() [2/2]

int my_aes_decrypt ( EVP_CIPHER_CTX *  ctx,
const unsigned char *  source,
uint32  source_length,
unsigned char *  dest,
const unsigned char *  key,
uint32  key_length,
enum my_aes_opmode  mode,
const unsigned char *  iv,
bool  padding = true,
vector< string > *  kdf_options = nullptr 
)

Decrypt an AES encrypted buffer.

This version accepts operation context as parameter, for possible performance improvement.

Parameters
ctxPointer to OpenSSL operation context
sourcePointer to data for decryption
source_lengthsize of encrypted data
destbuffer to place decrypted data (must be large enough)
keyKey to be used for decryption
key_lengthLength of the key. Will handle keys of any length
modeencryption mode
iv16 bytes initialization vector if needed. Otherwise NULL
paddingif padding needed.
kdf_optionsKDF options
Returns
size of original data.

◆ my_aes_encrypt() [1/2]

int my_aes_encrypt ( const unsigned char *  source,
uint32  source_length,
unsigned char *  dest,
const unsigned char *  key,
uint32  key_length,
enum my_aes_opmode  mode,
const unsigned char *  iv,
bool  padding = true,
vector< string > *  kdf_options = nullptr 
)

Encrypt a buffer using AES.

Parameters
[in]sourcePointer to data for encryption
[in]source_lengthSize of encryption data
[out]destBuffer to place encrypted data (must be large enough and not overlap with source)
[in]keyKey to be used for encryption
[in]key_lengthLength of the key. Will handle keys of any length
[in]modeencryption mode
[in]iv16 bytes initialization vector if needed. Otherwise NULL
[in]paddingif padding needed.
kdf_optionsKDF options
Returns
size of encrypted data, or negative in case of error

◆ my_aes_encrypt() [2/2]

int my_aes_encrypt ( EVP_CIPHER_CTX *  ctx,
const unsigned char *  source,
uint32  source_length,
unsigned char *  dest,
const unsigned char *  key,
uint32  key_length,
enum my_aes_opmode  mode,
const unsigned char *  iv,
bool  padding = true,
vector< string > *  kdf_options = nullptr 
)

Encrypt a buffer using AES.

This version accepts operation context as parameter, for possible performance improvement.

Parameters
[in]ctxPointer to OpenSSL operation context
[in]sourcePointer to data for encryption
[in]source_lengthSize of encryption data
[out]destBuffer to place encrypted data (must be large enough and not overlap with source)
[in]keyKey to be used for encryption
[in]key_lengthLength of the key. Will handle keys of any length
[in]modeencryption mode
[in]iv16 bytes initialization vector if needed. Otherwise NULL
[in]paddingif padding needed.
kdf_optionsKDF options
Returns
size of encrypted data, or negative in case of error

◆ my_aes_get_size()

longlong my_aes_get_size ( uint32  source_length,
enum my_aes_opmode  opmode 
)

Calculate the size of a buffer large enough for encrypted data.

Parameters
source_lengthlength of data to be encrypted
opmodeencryption mode
Returns
size of buffer required to store encrypted data

◆ my_aes_needs_iv()

bool my_aes_needs_iv ( my_aes_opmode  opmode)

Return true if the AES cipher and block mode requires an IV.

Parameters
opmodeencryption mode
Return values
trueIV needed
falseIV not needed

Variable Documentation

◆ my_aes_opmode_names

const char* my_aes_opmode_names[]
extern

String representations of the supported AES modes.

Keep in sync with my_aes_opmode