Struct mariadb_sys::st_mariadb_encryption
source · #[repr(C)]pub struct st_mariadb_encryption {
pub interface_version: c_int,
pub get_latest_key_version: Option<unsafe extern "C" fn(key_id: c_uint) -> c_uint>,
pub get_key: Option<unsafe extern "C" fn(key_id: c_uint, version: c_uint, key: *mut c_uchar, key_length: *mut c_uint) -> c_uint>,
pub crypt_ctx_size: Option<unsafe extern "C" fn(key_id: c_uint, key_version: c_uint) -> c_uint>,
pub crypt_ctx_init: Option<unsafe extern "C" fn(ctx: *mut c_void, key: *const c_uchar, klen: c_uint, iv: *const c_uchar, ivlen: c_uint, flags: c_int, key_id: c_uint, key_version: c_uint) -> c_int>,
pub crypt_ctx_update: Option<unsafe extern "C" fn(ctx: *mut c_void, src: *const c_uchar, slen: c_uint, dst: *mut c_uchar, dlen: *mut c_uint) -> c_int>,
pub crypt_ctx_finish: Option<unsafe extern "C" fn(ctx: *mut c_void, dst: *mut c_uchar, dlen: *mut c_uint) -> c_int>,
pub encrypted_length: Option<unsafe extern "C" fn(slen: c_uint, key_id: c_uint, key_version: c_uint) -> c_uint>,
}Expand description
Encryption plugin descriptor
Fields§
§interface_version: c_intversion plugin uses
get_latest_key_version: Option<unsafe extern "C" fn(key_id: c_uint) -> c_uint>function returning latest key version for a given key id
@return a version or ENCRYPTION_KEY_VERSION_INVALID to indicate an error.
get_key: Option<unsafe extern "C" fn(key_id: c_uint, version: c_uint, key: *mut c_uchar, key_length: *mut c_uint) -> c_uint>function returning a key for a key version
-
version() the requested key version -
key() the key will be stored there. Can be NULL - in which case no key will be returned -
key_length() in: key buffer size out: the actual length of the key
This method can be used to query the key length - the required buffer size - by passing key==NULL.
If the buffer size is less than the key length the content of the key buffer is undefined (the plugin is free to partially fill it with the key data or leave it untouched).
@return 0 on success, or ENCRYPTION_KEY_VERSION_INVALID, ENCRYPTION_KEY_BUFFER_TOO_SMALL or any other non-zero number for errors
crypt_ctx_size: Option<unsafe extern "C" fn(key_id: c_uint, key_version: c_uint) -> c_uint>returns the size of the encryption context object in bytes
crypt_ctx_init: Option<unsafe extern "C" fn(ctx: *mut c_void, key: *const c_uchar, klen: c_uint, iv: *const c_uchar, ivlen: c_uint, flags: c_int, key_id: c_uint, key_version: c_uint) -> c_int>initializes the encryption context object.
crypt_ctx_update: Option<unsafe extern "C" fn(ctx: *mut c_void, src: *const c_uchar, slen: c_uint, dst: *mut c_uchar, dlen: *mut c_uint) -> c_int>processes (encrypts or decrypts) a chunk of data
writes the output to the dst buffer. note that it might write more bytes that were in the input. or less. or none at all.
dlen points to the starting lenght of the output buffer. Upon return, it should be set to the number of bytes written.
crypt_ctx_finish: Option<unsafe extern "C" fn(ctx: *mut c_void, dst: *mut c_uchar, dlen: *mut c_uint) -> c_int>writes the remaining output bytes and destroys the encryption context
crypt_ctx_update might’ve cached part of the output in the context, this method will flush these data out.
encrypted_length: Option<unsafe extern "C" fn(slen: c_uint, key_id: c_uint, key_version: c_uint) -> c_uint>returns the length of the encrypted data
it returns the exact length, given only the source length. which means, this API only supports encryption algorithms where the length of the encrypted data only depends on the length of the input (a.k.a. compression is not supported).