1 files changed, 137 insertions, 0 deletions

diff --git a/mysql/my_aes.h b/mysql/my_aes.h
new file mode 100644
index 0000000..c5f7e85
--- /dev/null
+++ b/mysql/my_aes.h
@@ -0,0 +1,137 @@
+#ifndef MY_AES_INCLUDED
+#define MY_AES_INCLUDED
+
+/* Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA */
+
+
+/* Header file for my_aes.c */
+/* Wrapper to give simple interface for MySQL to AES standard encryption */
+
+C_MODE_START
+
+/** AES IV size is 16 bytes for all supported ciphers except ECB */
+#define MY_AES_IV_SIZE 16
+
+/** AES block size is fixed to be 128 bits for CBC and ECB */
+#define MY_AES_BLOCK_SIZE 16
+
+
+/** Supported AES cipher/block mode combos */
+enum my_aes_opmode
+{
+   my_aes_128_ecb,
+   my_aes_192_ecb,
+   my_aes_256_ecb,
+   my_aes_128_cbc,
+   my_aes_192_cbc,
+   my_aes_256_cbc
+#ifndef HAVE_YASSL
+   ,my_aes_128_cfb1,
+   my_aes_192_cfb1,
+   my_aes_256_cfb1,
+   my_aes_128_cfb8,
+   my_aes_192_cfb8,
+   my_aes_256_cfb8,
+   my_aes_128_cfb128,
+   my_aes_192_cfb128,
+   my_aes_256_cfb128,
+   my_aes_128_ofb,
+   my_aes_192_ofb,
+   my_aes_256_ofb
+#endif
+};
+
+#define MY_AES_BEGIN my_aes_128_ecb
+#ifdef HAVE_YASSL
+#define MY_AES_END my_aes_256_cbc
+#else
+#define MY_AES_END my_aes_256_ofb
+#endif
+
+/* If bad data discovered during decoding */
+#define MY_AES_BAD_DATA  -1
+
+/** String representations of the supported AES modes. Keep in sync with my_aes_opmode */
+extern const char *my_aes_opmode_names[];
+
+/**
+  Encrypt a buffer using AES
+
+  @param source         [in]  Pointer to data for encryption
+  @param source_length  [in]  Size of encryption data
+  @param dest           [out] Buffer to place encrypted data (must be large enough)
+  @param key            [in]  Key to be used for encryption
+  @param key_length     [in]  Length of the key. Will handle keys of any length
+  @param mode           [in]  encryption mode
+  @param iv             [in]  16 bytes initialization vector if needed. Otherwise NULL
+  @param padding        [in]  if padding needed.
+  @return              size of encrypted data, or negative in case of error
+*/
+
+int my_aes_encrypt(const unsigned char *source, uint32 source_length,
+                   unsigned char *dest,
+		   const unsigned char *key, uint32 key_length,
+                   enum my_aes_opmode mode, const unsigned char *iv,
+                   bool padding = true);
+
+/**
+  Decrypt an AES encrypted buffer
+
+  @param source         Pointer to data for decryption
+  @param source_length  size of encrypted data
+  @param dest           buffer to place decrypted data (must be large enough)
+  @param key            Key to be used for decryption
+  @param key_length     Length of the key. Will handle keys of any length
+  @param mode           encryption mode
+  @param iv             16 bytes initialization vector if needed. Otherwise NULL
+  @param padding        if padding needed.
+  @return size of original data.
+*/
+
+
+int my_aes_decrypt(const unsigned char *source, uint32 source_length,
+                   unsigned char *dest,
+                   const unsigned char *key, uint32 key_length,
+                   enum my_aes_opmode mode, const unsigned char *iv,
+                   bool padding = true);
+
+/**
+  Calculate the size of a buffer large enough for encrypted data
+
+  @param source_length  length of data to be encrypted
+  @param mode           encryption mode
+  @return               size of buffer required to store encrypted data
+*/
+
+int my_aes_get_size(uint32 source_length, enum my_aes_opmode mode);
+
+/**
+  Return true if the AES cipher and block mode requires an IV
+
+  SYNOPSIS
+  my_aes_needs_iv()
+  @param mode           encryption mode
+
+  @retval TRUE   IV needed
+  @retval FALSE  IV not needed
+*/
+
+my_bool my_aes_needs_iv(my_aes_opmode opmode);
+
+
+C_MODE_END
+
+#endif /* MY_AES_INCLUDED */