1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
|
#ifndef MY_AES_INCLUDED
#define MY_AES_INCLUDED
/* Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 of the License.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
/* Header file for my_aes.c */
/* Wrapper to give simple interface for MySQL to AES standard encryption */
C_MODE_START
/** AES IV size is 16 bytes for all supported ciphers except ECB */
#define MY_AES_IV_SIZE 16
/** AES block size is fixed to be 128 bits for CBC and ECB */
#define MY_AES_BLOCK_SIZE 16
/** Supported AES cipher/block mode combos */
enum my_aes_opmode
{
my_aes_128_ecb,
my_aes_192_ecb,
my_aes_256_ecb,
my_aes_128_cbc,
my_aes_192_cbc,
my_aes_256_cbc
#ifndef HAVE_YASSL
,my_aes_128_cfb1,
my_aes_192_cfb1,
my_aes_256_cfb1,
my_aes_128_cfb8,
my_aes_192_cfb8,
my_aes_256_cfb8,
my_aes_128_cfb128,
my_aes_192_cfb128,
my_aes_256_cfb128,
my_aes_128_ofb,
my_aes_192_ofb,
my_aes_256_ofb
#endif
};
#define MY_AES_BEGIN my_aes_128_ecb
#ifdef HAVE_YASSL
#define MY_AES_END my_aes_256_cbc
#else
#define MY_AES_END my_aes_256_ofb
#endif
/* If bad data discovered during decoding */
#define MY_AES_BAD_DATA -1
/** String representations of the supported AES modes. Keep in sync with my_aes_opmode */
extern const char *my_aes_opmode_names[];
/**
Encrypt a buffer using AES
@param source [in] Pointer to data for encryption
@param source_length [in] Size of encryption data
@param dest [out] Buffer to place encrypted data (must be large enough)
@param key [in] Key to be used for encryption
@param key_length [in] Length of the key. Will handle keys of any length
@param mode [in] encryption mode
@param iv [in] 16 bytes initialization vector if needed. Otherwise NULL
@param padding [in] if padding needed.
@return size of encrypted data, or negative in case of error
*/
int my_aes_encrypt(const unsigned char *source, uint32 source_length,
unsigned char *dest,
const unsigned char *key, uint32 key_length,
enum my_aes_opmode mode, const unsigned char *iv,
bool padding = true);
/**
Decrypt an AES encrypted buffer
@param source Pointer to data for decryption
@param source_length size of encrypted data
@param dest buffer to place decrypted data (must be large enough)
@param key Key to be used for decryption
@param key_length Length of the key. Will handle keys of any length
@param mode encryption mode
@param iv 16 bytes initialization vector if needed. Otherwise NULL
@param padding if padding needed.
@return size of original data.
*/
int my_aes_decrypt(const unsigned char *source, uint32 source_length,
unsigned char *dest,
const unsigned char *key, uint32 key_length,
enum my_aes_opmode mode, const unsigned char *iv,
bool padding = true);
/**
Calculate the size of a buffer large enough for encrypted data
@param source_length length of data to be encrypted
@param mode encryption mode
@return size of buffer required to store encrypted data
*/
int my_aes_get_size(uint32 source_length, enum my_aes_opmode mode);
/**
Return true if the AES cipher and block mode requires an IV
SYNOPSIS
my_aes_needs_iv()
@param mode encryption mode
@retval TRUE IV needed
@retval FALSE IV not needed
*/
my_bool my_aes_needs_iv(my_aes_opmode opmode);
C_MODE_END
#endif /* MY_AES_INCLUDED */
|
