MySQL Lists are EOL. Please join:

List:Commits« Previous MessageNext Message »
From:Stewart Smith Date:July 1 2008 6:36am
Subject:bzr commit into mysql-6.0-backup branch (stewart:2655) WL#4271
View as plain text  
#At file:///home/stewart/mysql/stew-encrypted-backup-preview1/

 2655 stewart@stripped	2008-07-01
      [patch 10/11] WL4271 Encrypted online backup: support for 3DES encryptionOnly has fixed keysize, useful algorithm as mandated in some circles.
      
      Technically it's DES-EDE3-CBC.
added:
  mysql-test/r/backup_encrypt_des.result
  mysql-test/t/backup_encrypt_des.test
modified:
  sql/backup/kernel.cc

=== added file 'mysql-test/r/backup_encrypt_des.result'
--- a/mysql-test/r/backup_encrypt_des.result	1970-01-01 00:00:00 +0000
+++ b/mysql-test/r/backup_encrypt_des.result	2008-07-01 06:36:42 +0000
@@ -0,0 +1,26 @@
+DROP TABLE IF EXISTS t1;
+use test;
+create table t1 (a int primary key);
+insert into t1 values (1),(2),(3),(4);
+BACKUP DATABASE test to 'test.ba' ENCRYPTION_ALGORITHM=3des ENCRYPTION_KEYSIZE=42 PASSWORD='Pants';
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use
+BACKUP DATABASE test to 'test.ba' ENCRYPTION_ALGORITHM=3des PASSWORD='pants';
+backup_id
+#
+use test;
+RESTORE FROM 'test.ba';
+ERROR HY000: Can't read backup location 'test.ba'
+RESTORE FROM 'test.ba' ENCRYPTION_ALGORITHM=3des ENCRYPTION_KEYSIZE=124321 PASSWORD='pants';
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use
+RESTORE FROM 'test.ba' ENCRYPTION_ALGORITHM=3des PASSWORD='ohmy';
+ERROR HY000: Can't read backup location 'test.ba'
+RESTORE FROM 'test.ba' ENCRYPTION_ALGORITHM=3des PASSWORD='pants';
+backup_id
+#
+SELECT * FROM t1 ORDER by a;
+a
+1
+2
+3
+4
+DROP TABLE t1;

=== added file 'mysql-test/t/backup_encrypt_des.test'
--- a/mysql-test/t/backup_encrypt_des.test	1970-01-01 00:00:00 +0000
+++ b/mysql-test/t/backup_encrypt_des.test	2008-07-01 06:36:42 +0000
@@ -0,0 +1,32 @@
+
+--disable_warnings
+DROP TABLE IF EXISTS t1;
+--enable_warnings
+
+use test;
+create table t1 (a int primary key);
+insert into t1 values (1),(2),(3),(4);
+
+--error 1149
+BACKUP DATABASE test to 'test.ba' ENCRYPTION_ALGORITHM=3des ENCRYPTION_KEYSIZE=42 PASSWORD='Pants';
+
+--replace_column 1 #
+BACKUP DATABASE test to 'test.ba' ENCRYPTION_ALGORITHM=3des PASSWORD='pants';
+
+use test;
+--error 1630
+RESTORE FROM 'test.ba';
+
+--error 1149
+RESTORE FROM 'test.ba' ENCRYPTION_ALGORITHM=3des ENCRYPTION_KEYSIZE=124321 PASSWORD='pants';
+
+--error 1630
+RESTORE FROM 'test.ba' ENCRYPTION_ALGORITHM=3des PASSWORD='ohmy';
+
+--replace_column 1 #
+RESTORE FROM 'test.ba' ENCRYPTION_ALGORITHM=3des PASSWORD='pants';
+SELECT * FROM t1 ORDER by a;
+
+--remove_file $MYSQLTEST_VARDIR/master-data/test.ba
+
+DROP TABLE t1;

=== modified file 'sql/backup/kernel.cc'
--- a/sql/backup/kernel.cc	2008-06-30 01:31:53 +0000
+++ b/sql/backup/kernel.cc	2008-07-01 06:36:42 +0000
@@ -546,6 +546,34 @@ Backup_restore_ctx::prepare_for_backup(L
       cipher= new yaSSL::AES;
       cipher->set_encryptKey(key,iv);
     }
+    else if (strcmp(encryption_algorithm_str.ptr(),"3des")==0)
+    {
+      if(!encryption_password_str.ptr())
+      {
+        fatal_error(ER_SYNTAX_ERROR, "Encryption requires password");
+        return NULL;
+      }
+
+      if(encryption_keysize)
+      {
+        fatal_error(ER_SYNTAX_ERROR, "3DES has fixed keysize");
+        return NULL;
+      }
+
+      byte key[yaSSL::DES_EDE_KEY_SZ];
+      byte iv[yaSSL::DES_IV_SZ];
+
+      memset(key, 0, yaSSL::DES_EDE_KEY_SZ);
+      memset(iv,  0, yaSSL::DES_IV_SZ);
+
+      EVP_BytesToKey("DES-EDE3-CBC", "MD5", NULL,
+                     (byte*)encryption_password_str.ptr(),
+                     encryption_password_str.length(),
+                     1, key, iv);
+
+      cipher= new yaSSL::DES;
+      cipher->set_encryptKey(key, iv);
+    }
     else
     {
       fatal_error(ER_NOT_SUPPORTED_YET, encryption_algorithm_str.ptr());
@@ -684,6 +712,34 @@ Backup_restore_ctx::prepare_for_restore(
       cipher= new yaSSL::AES;
       cipher->set_decryptKey(key,iv);
     }
+    else if (strcmp(encryption_algorithm_str.ptr(),"3des")==0)
+    {
+      if(!encryption_password_str.ptr())
+      {
+        fatal_error(ER_SYNTAX_ERROR, "Encryption requires password");
+        return NULL;
+      }
+
+      if(encryption_keysize)
+      {
+        fatal_error(ER_SYNTAX_ERROR, "3DES has fixed keysize");
+        return NULL;
+      }
+
+      byte key[yaSSL::DES_EDE_KEY_SZ];
+      byte iv[yaSSL::DES_IV_SZ];
+
+      memset(key, 0, yaSSL::DES_EDE_KEY_SZ);
+      memset(iv,  0, yaSSL::DES_IV_SZ);
+
+      EVP_BytesToKey("DES-EDE3-CBC", "MD5", NULL,
+                     (byte*)encryption_password_str.ptr(),
+                     encryption_password_str.length(),
+                     1, key, iv);
+
+      cipher= new yaSSL::DES;
+      cipher->set_decryptKey(key, iv);
+    }
     else
     {
       fatal_error(ER_NOT_SUPPORTED_YET, encryption_algorithm_str.ptr());

Thread
bzr commit into mysql-6.0-backup branch (stewart:2655) WL#4271Stewart Smith1 Jul