MySQL 8.1.0
Source Code Documentation
my_aes.h
Go to the documentation of this file.
1#ifndef MY_AES_INCLUDED
2#define MY_AES_INCLUDED
3
4/* Copyright (c) 2000, 2023, Oracle and/or its affiliates.
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License, version 2.0,
8 as published by the Free Software Foundation.
9
10 This program is also distributed with certain software (including
11 but not limited to OpenSSL) that is licensed under separate terms,
12 as designated in a particular file or component or in included license
13 documentation. The authors of MySQL hereby grant you an additional
14 permission to link the program and your derivative works with the
15 separately licensed software that they have included with MySQL.
16
17 This program is distributed in the hope that it will be useful,
18 but WITHOUT ANY WARRANTY; without even the implied warranty of
19 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 GNU General Public License, version 2.0, for more details.
21
22 You should have received a copy of the GNU General Public License
23 along with this program; if not, write to the Free Software
24 Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
25
26/**
27 @file include/my_aes.h
28 Wrapper to give simple interface for MySQL to AES standard encryption.
29*/
30
31#include "my_inttypes.h"
32#include "my_macros.h"
33
34#include <string>
35#include <vector>
36
37using std::string;
38using std::vector;
39
40/** AES IV size is 16 bytes for all supported ciphers except ECB */
41#define MY_AES_IV_SIZE 16
42
43/** AES block size is fixed to be 128 bits for CBC and ECB */
44#define MY_AES_BLOCK_SIZE 16
45
46/** Supported AES cipher/block mode combos */
66};
67
68#define MY_AES_BEGIN my_aes_128_ecb
69#define MY_AES_END my_aes_256_ofb
70
71/* If bad data discovered during decoding */
72#define MY_AES_BAD_DATA -1
73
74/** String representations of the supported AES modes. Keep in sync with
75 * my_aes_opmode */
76extern const char *my_aes_opmode_names[];
77
78/**
79 Encrypt a buffer using AES
80
81 @param [in] source Pointer to data for encryption
82 @param [in] source_length Size of encryption data
83 @param [out] dest Buffer to place encrypted data (must be large
84 enough and not overlap with source)
85 @param [in] key Key to be used for encryption
86 @param [in] key_length Length of the key. Will handle keys of any length
87 @param [in] mode encryption mode
88 @param [in] iv 16 bytes initialization vector if needed.
89 Otherwise NULL
90 @param [in] padding if padding needed.
91 @param kdf_options KDF options
92 @return size of encrypted data, or negative in case of error
93*/
94
95int my_aes_encrypt(const unsigned char *source, uint32 source_length,
96 unsigned char *dest, const unsigned char *key,
97 uint32 key_length, enum my_aes_opmode mode,
98 const unsigned char *iv, bool padding = true,
99 vector<string> *kdf_options = nullptr);
100
101/**
102 Decrypt an AES encrypted buffer
103
104 @param source Pointer to data for decryption
105 @param source_length size of encrypted data
106 @param dest buffer to place decrypted data (must be large enough)
107 @param key Key to be used for decryption
108 @param key_length Length of the key. Will handle keys of any length
109 @param mode encryption mode
110 @param iv 16 bytes initialization vector if needed. Otherwise NULL
111 @param padding if padding needed.
112 @param kdf_options KDF options
113 @return size of original data.
114*/
115
116int my_aes_decrypt(const unsigned char *source, uint32 source_length,
117 unsigned char *dest, const unsigned char *key,
118 uint32 key_length, enum my_aes_opmode mode,
119 const unsigned char *iv, bool padding = true,
120 vector<string> *kdf_options = nullptr);
121
122/**
123 Calculate the size of a buffer large enough for encrypted data.
124
125 @param source_length length of data to be encrypted
126 @param opmode encryption mode
127 @return size of buffer required to store encrypted data
128*/
129
130longlong my_aes_get_size(uint32 source_length, enum my_aes_opmode opmode);
131
132/**
133 Return true if the AES cipher and block mode requires an IV.
134
135 @param opmode encryption mode
136
137 @retval true IV needed
138 @retval false IV not needed
139*/
140
141bool my_aes_needs_iv(my_aes_opmode opmode);
142
143#endif /* MY_AES_INCLUDED */
bool my_aes_needs_iv(my_aes_opmode opmode)
Return true if the AES cipher and block mode requires an IV.
Definition: my_aes_openssl.cc:255
int my_aes_encrypt(const unsigned char *source, uint32 source_length, unsigned char *dest, const unsigned char *key, uint32 key_length, enum my_aes_opmode mode, const unsigned char *iv, bool padding=true, vector< string > *kdf_options=nullptr)
Encrypt a buffer using AES.
Definition: my_aes_openssl.cc:146
my_aes_opmode
Supported AES cipher/block mode combos.
Definition: my_aes.h:47
@ my_aes_256_cbc
Definition: my_aes.h:53
@ my_aes_128_cbc
Definition: my_aes.h:51
@ my_aes_128_cfb128
Definition: my_aes.h:60
@ my_aes_128_ofb
Definition: my_aes.h:63
@ my_aes_256_cfb1
Definition: my_aes.h:56
@ my_aes_128_cfb1
Definition: my_aes.h:54
@ my_aes_192_cfb8
Definition: my_aes.h:58
@ my_aes_192_ofb
Definition: my_aes.h:64
@ my_aes_128_ecb
Definition: my_aes.h:48
@ my_aes_192_cfb1
Definition: my_aes.h:55
@ my_aes_256_ecb
Definition: my_aes.h:50
@ my_aes_192_ecb
Definition: my_aes.h:49
@ my_aes_128_cfb8
Definition: my_aes.h:57
@ my_aes_192_cfb128
Definition: my_aes.h:61
@ my_aes_256_cfb8
Definition: my_aes.h:59
@ my_aes_256_ofb
Definition: my_aes.h:65
@ my_aes_192_cbc
Definition: my_aes.h:52
@ my_aes_256_cfb128
Definition: my_aes.h:62
longlong my_aes_get_size(uint32 source_length, enum my_aes_opmode opmode)
Calculate the size of a buffer large enough for encrypted data.
Definition: my_aes_openssl.cc:244
const char * my_aes_opmode_names[]
String representations of the supported AES modes.
Definition: my_aes_openssl.cc:50
int my_aes_decrypt(const unsigned char *source, uint32 source_length, unsigned char *dest, const unsigned char *key, uint32 key_length, enum my_aes_opmode mode, const unsigned char *iv, bool padding=true, vector< string > *kdf_options=nullptr)
Decrypt an AES encrypted buffer.
Definition: my_aes_openssl.cc:193
Some integer typedefs for easier portability.
long long int longlong
Definition: my_inttypes.h:54
uint32_t uint32
Definition: my_inttypes.h:66
Some common macros.
mode
Definition: file_handle.h:59
std::vector< T, ut::allocator< T > > vector
Specialization of vector which uses allocator.
Definition: ut0new.h:2873
required string key
Definition: replication_asynchronous_connection_failover.proto:59
repeated Source source
Definition: replication_asynchronous_connection_failover.proto:41