renames to follow single consistent naming style

with namespace prefixes

include/mysql/plugin_audit.h.pp

@@ -197,20 +197,20 @@ int thd_key_create(MYSQL_THD_KEY_T *key);
 void thd_key_delete(MYSQL_THD_KEY_T *key);
 void* thd_getspecific(void* thd, MYSQL_THD_KEY_T key);
 int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value);
-#include <mysql/service_encryption_keys.h>
+#include <mysql/service_encryption.h>
 typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen,
                                     unsigned char* dst, unsigned int* dlen,
                                     const unsigned char* key, unsigned int klen,
                                     const unsigned char* iv, unsigned int ivlen,
                                     int no_padding, unsigned int key_version);
-struct encryption_keys_service_st {
-  unsigned int (*get_latest_encryption_key_version_func)();
-  unsigned int (*has_encryption_key_func)(unsigned int);
-  unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*);
-  encrypt_decrypt_func encrypt_data_func;
-  encrypt_decrypt_func decrypt_data_func;
+struct encryption_service_st {
+  unsigned int (*encryption_key_get_latest_version_func)();
+  unsigned int (*encryption_key_exists_func)(unsigned int);
+  unsigned int (*encryption_key_get_func)(unsigned int, unsigned char*, unsigned int*);
+  encrypt_decrypt_func encryption_encrypt_func;
+  encrypt_decrypt_func encryption_decrypt_func;
 };
-extern struct encryption_keys_service_st encryption_keys_handler;
+extern struct encryption_service_st encryption_handler;
 struct st_mysql_xid {
   long formatID;
   long gtrid_length;

include/mysql/plugin_auth.h.pp

@@ -197,20 +197,20 @@ int thd_key_create(MYSQL_THD_KEY_T *key);
 void thd_key_delete(MYSQL_THD_KEY_T *key);
 void* thd_getspecific(void* thd, MYSQL_THD_KEY_T key);
 int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value);
-#include <mysql/service_encryption_keys.h>
+#include <mysql/service_encryption.h>
 typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen,
                                     unsigned char* dst, unsigned int* dlen,
                                     const unsigned char* key, unsigned int klen,
                                     const unsigned char* iv, unsigned int ivlen,
                                     int no_padding, unsigned int key_version);
-struct encryption_keys_service_st {
-  unsigned int (*get_latest_encryption_key_version_func)();
-  unsigned int (*has_encryption_key_func)(unsigned int);
-  unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*);
-  encrypt_decrypt_func encrypt_data_func;
-  encrypt_decrypt_func decrypt_data_func;
+struct encryption_service_st {
+  unsigned int (*encryption_key_get_latest_version_func)();
+  unsigned int (*encryption_key_exists_func)(unsigned int);
+  unsigned int (*encryption_key_get_func)(unsigned int, unsigned char*, unsigned int*);
+  encrypt_decrypt_func encryption_encrypt_func;
+  encrypt_decrypt_func encryption_decrypt_func;
 };
-extern struct encryption_keys_service_st encryption_keys_handler;
+extern struct encryption_service_st encryption_handler;
 struct st_mysql_xid {
   long formatID;
   long gtrid_length;

include/mysql/plugin_encryption.h.pp

@@ -197,20 +197,20 @@ int thd_key_create(MYSQL_THD_KEY_T *key);
 void thd_key_delete(MYSQL_THD_KEY_T *key);
 void* thd_getspecific(void* thd, MYSQL_THD_KEY_T key);
 int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value);
-#include <mysql/service_encryption_keys.h>
+#include <mysql/service_encryption.h>
 typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen,
                                     unsigned char* dst, unsigned int* dlen,
                                     const unsigned char* key, unsigned int klen,
                                     const unsigned char* iv, unsigned int ivlen,
                                     int no_padding, unsigned int key_version);
-struct encryption_keys_service_st {
-  unsigned int (*get_latest_encryption_key_version_func)();
-  unsigned int (*has_encryption_key_func)(unsigned int);
-  unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*);
-  encrypt_decrypt_func encrypt_data_func;
-  encrypt_decrypt_func decrypt_data_func;
+struct encryption_service_st {
+  unsigned int (*encryption_key_get_latest_version_func)();
+  unsigned int (*encryption_key_exists_func)(unsigned int);
+  unsigned int (*encryption_key_get_func)(unsigned int, unsigned char*, unsigned int*);
+  encrypt_decrypt_func encryption_encrypt_func;
+  encrypt_decrypt_func encryption_decrypt_func;
 };
-extern struct encryption_keys_service_st encryption_keys_handler;
+extern struct encryption_service_st encryption_handler;
 struct st_mysql_xid {
   long formatID;
   long gtrid_length;

include/mysql/plugin_ftparser.h.pp

@@ -197,20 +197,20 @@ int thd_key_create(MYSQL_THD_KEY_T *key);
 void thd_key_delete(MYSQL_THD_KEY_T *key);
 void* thd_getspecific(void* thd, MYSQL_THD_KEY_T key);
 int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value);
-#include <mysql/service_encryption_keys.h>
+#include <mysql/service_encryption.h>
 typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen,
                                     unsigned char* dst, unsigned int* dlen,
                                     const unsigned char* key, unsigned int klen,
                                     const unsigned char* iv, unsigned int ivlen,
                                     int no_padding, unsigned int key_version);
-struct encryption_keys_service_st {
-  unsigned int (*get_latest_encryption_key_version_func)();
-  unsigned int (*has_encryption_key_func)(unsigned int);
-  unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*);
-  encrypt_decrypt_func encrypt_data_func;
-  encrypt_decrypt_func decrypt_data_func;
+struct encryption_service_st {
+  unsigned int (*encryption_key_get_latest_version_func)();
+  unsigned int (*encryption_key_exists_func)(unsigned int);
+  unsigned int (*encryption_key_get_func)(unsigned int, unsigned char*, unsigned int*);
+  encrypt_decrypt_func encryption_encrypt_func;
+  encrypt_decrypt_func encryption_decrypt_func;
 };
-extern struct encryption_keys_service_st encryption_keys_handler;
+extern struct encryption_service_st encryption_handler;
 struct st_mysql_xid {
   long formatID;
   long gtrid_length;

include/mysql/plugin_password_validation.h.pp

@@ -197,20 +197,20 @@ int thd_key_create(MYSQL_THD_KEY_T *key);
 void thd_key_delete(MYSQL_THD_KEY_T *key);
 void* thd_getspecific(void* thd, MYSQL_THD_KEY_T key);
 int thd_setspecific(void* thd, MYSQL_THD_KEY_T key, void *value);
-#include <mysql/service_encryption_keys.h>
+#include <mysql/service_encryption.h>
 typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen,
                                     unsigned char* dst, unsigned int* dlen,
                                     const unsigned char* key, unsigned int klen,
                                     const unsigned char* iv, unsigned int ivlen,
                                     int no_padding, unsigned int key_version);
-struct encryption_keys_service_st {
-  unsigned int (*get_latest_encryption_key_version_func)();
-  unsigned int (*has_encryption_key_func)(unsigned int);
-  unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*);
-  encrypt_decrypt_func encrypt_data_func;
-  encrypt_decrypt_func decrypt_data_func;
+struct encryption_service_st {
+  unsigned int (*encryption_key_get_latest_version_func)();
+  unsigned int (*encryption_key_exists_func)(unsigned int);
+  unsigned int (*encryption_key_get_func)(unsigned int, unsigned char*, unsigned int*);
+  encrypt_decrypt_func encryption_encrypt_func;
+  encrypt_decrypt_func encryption_decrypt_func;
 };
-extern struct encryption_keys_service_st encryption_keys_handler;
+extern struct encryption_service_st encryption_handler;
 struct st_mysql_xid {
   long formatID;
   long gtrid_length;

include/mysql/service_encryption.h

@@ -0,0 +1,78 @@
+#ifndef MYSQL_SERVICE_ENCRYPTION_INCLUDED
+/* Copyright (c) 2015, MariaDB
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; version 2 of the License.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA */
+
+/**
+  @file
+  encryption service
+
+  Functions to support data encryption and encryption key management.
+  They are normally implemented in an encryption plugin, so this service
+  connects encryption *consumers* (storage engines) to the encryption
+  *provider* (encryption plugin).
+*/
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* returned from encryption_key_get_latest_version() */
+#define ENCRYPTION_KEY_VERSION_INVALID        (~(unsigned int)0)
+#define ENCRYPTION_KEY_VERSION_NOT_ENCRYPTED  (0)
+
+/* returned from encryption_key_get()  */
+#define ENCRYPTION_KEY_BUFFER_TOO_SMALL    (100)
+
+typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen,
+                                    unsigned char* dst, unsigned int* dlen,
+                                    const unsigned char* key, unsigned int klen,
+                                    const unsigned char* iv, unsigned int ivlen,
+                                    int no_padding, unsigned int key_version);
+
+struct encryption_service_st {
+  unsigned int (*encryption_key_get_latest_version_func)();
+  unsigned int (*encryption_key_exists_func)(unsigned int);
+  unsigned int (*encryption_key_get_func)(unsigned int, unsigned char*, unsigned int*);
+  encrypt_decrypt_func encryption_encrypt_func;
+  encrypt_decrypt_func encryption_decrypt_func;
+};
+
+#ifdef MYSQL_DYNAMIC_PLUGIN
+
+extern struct encryption_service_st *encryption_service;
+
+#define encryption_key_get_latest_version() encryption_service->encryption_key_get_latest_version_func()
+#define encryption_key_exists(V) encryption_service->encryption_key_exists_func(V)
+#define encryption_key_get(V,K,S) encryption_service->encryption_key_get_func((V), (K), (S))
+#define encryption_encrypt(S,SL,D,DL,K,KL,I,IL,NP,KV) encryption_service->encryption_encrypt_func(S,SL,D,DL,K,KL,I,IL,NP,KV)
+#define encryption_decrypt(S,SL,D,DL,K,KL,I,IL,NP,KV) encryption_service->encryption_decrypt_func(S,SL,D,DL,K,KL,I,IL,NP,KV)
+#else
+
+extern struct encryption_service_st encryption_handler;
+
+#define encryption_key_get_latest_version() encryption_handler.encryption_key_get_latest_version_func()
+#define encryption_key_exists(V) encryption_handler.encryption_key_exists_func(V)
+#define encryption_key_get(V,K,S) encryption_handler.encryption_key_get_func((V), (K), (S))
+#define encryption_encrypt(S,SL,D,DL,K,KL,I,IL,NP,KV) encryption_handler.encryption_encrypt_func(S,SL,D,DL,K,KL,I,IL,NP,KV)
+#define encryption_decrypt(S,SL,D,DL,K,KL,I,IL,NP,KV) encryption_handler.encryption_decrypt_func(S,SL,D,DL,K,KL,I,IL,NP,KV)
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#define MYSQL_SERVICE_ENCRYPTION_INCLUDED
+#endif
+

include/mysql/service_encryption_keys.h

@@ -1,71 +0,0 @@
-#ifndef MYSQL_SERVICE_ENCRYPTION_KEYS_INCLUDED
-/* Copyright (c) 2015, MariaDB
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; if not, write to the Free Software
-   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA */
-
-/**
-  @file
-  encryption keys service
-
-  Functions to get encryption keys from the encryption plugin
-*/
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define BAD_ENCRYPTION_KEY_VERSION (~(unsigned int)0)
-#define KEY_BUFFER_TOO_SMALL       (100)
-
-typedef int (*encrypt_decrypt_func)(const unsigned char* src, unsigned int slen,
-                                    unsigned char* dst, unsigned int* dlen,
-                                    const unsigned char* key, unsigned int klen,
-                                    const unsigned char* iv, unsigned int ivlen,
-                                    int no_padding, unsigned int key_version);
-
-struct encryption_keys_service_st {
-  unsigned int (*get_latest_encryption_key_version_func)();
-  unsigned int (*has_encryption_key_func)(unsigned int);
-  unsigned int (*get_encryption_key_func)(unsigned int, unsigned char*, unsigned int*);
-  encrypt_decrypt_func encrypt_data_func;
-  encrypt_decrypt_func decrypt_data_func;
-};
-
-#ifdef MYSQL_DYNAMIC_PLUGIN
-
-extern struct encryption_keys_service_st *encryption_keys_service;
-
-#define get_latest_encryption_key_version() encryption_keys_service->get_latest_encryption_key_version_func()
-#define has_encryption_key(V) encryption_keys_service->has_encryption_key_func(V)
-#define get_encryption_key(V,K,S) encryption_keys_service->get_encryption_key_func((V), (K), (S))
-#define encrypt_data(S,SL,D,DL,K,KL,I,IL,NP,KV) encryption_keys_service->encrypt_data_func(S,SL,D,DL,K,KL,I,IL,NP,KV)
-#define decrypt_data(S,SL,D,DL,K,KL,I,IL,NP,KV) encryption_keys_service->decrypt_data_func(S,SL,D,DL,K,KL,I,IL,NP,KV)
-#else
-
-extern struct encryption_keys_service_st encryption_keys_handler;
-
-#define get_latest_encryption_key_version() encryption_keys_handler.get_latest_encryption_key_version_func()
-#define has_encryption_key(V) encryption_keys_handler.has_encryption_key_func(V)
-#define get_encryption_key(V,K,S) encryption_keys_handler.get_encryption_key_func((V), (K), (S))
-#define encrypt_data(S,SL,D,DL,K,KL,I,IL,NP,KV) encryption_keys_handler.encrypt_data_func(S,SL,D,DL,K,KL,I,IL,NP,KV)
-#define decrypt_data(S,SL,D,DL,K,KL,I,IL,NP,KV) encryption_keys_handler.decrypt_data_func(S,SL,D,DL,K,KL,I,IL,NP,KV)
-#endif
-
-#ifdef __cplusplus
-}
-#endif
-
-#define MYSQL_SERVICE_ENCRYPTION_KEYS_INCLUDED
-#endif
-

include/mysql/services.h

@@ -32,7 +32,7 @@ extern "C" {
 #include <mysql/service_thd_autoinc.h>
 #include <mysql/service_thd_error_context.h>
 #include <mysql/service_thd_specifics.h>
-#include <mysql/service_encryption_keys.h>
+#include <mysql/service_encryption.h>
 /*#include <mysql/service_wsrep.h>*/
 
 #ifdef __cplusplus

include/service_versions.h

@@ -35,5 +35,5 @@
 #define VERSION_thd_autoinc             0x0100
 #define VERSION_thd_error_context       0x0100
 #define VERSION_thd_specifics           0x0100
-#define VERSION_encryption_keys         0x0200
+#define VERSION_encryption              0x0200
 

libmysqld/CMakeLists.txt

@@ -105,7 +105,7 @@ SET(SQL_EMBEDDED_SOURCES emb_qcache.cc libmysqld.c lib_sql.cc
            ../sql/compat56.cc
            ../sql/table_cache.cc
            ../sql/item_inetfunc.cc
-           ../sql/wsrep_dummy.cc ../sql/encryption_keys.cc
+           ../sql/wsrep_dummy.cc ../sql/encryption.cc
            ${GEN_SOURCES}
            ${MYSYS_LIBWRAP_SOURCE}
 )

libservices/CMakeLists.txt

@@ -28,7 +28,7 @@ SET(MYSQLSERVICES_SOURCES
   my_sha1_service.c
   my_md5_service.c
   wsrep_service.c
-  encryption_keys_service.c
+  encryption_service.c
   kill_statement_service.c
   logger_service.c)
 

libservices/encryption_keys_service.c → libservices/encryption_service.c

@@ -14,4 +14,4 @@
    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA */
 
 #include <service_versions.h>
-SERVICE_VERSION encryption_keys_service= (void*)VERSION_encryption_keys;
+SERVICE_VERSION encryption_service= (void*)VERSION_encryption;

plugin/debug_key_management/debug_key_management_plugin.cc

@@ -50,7 +50,7 @@ static unsigned int get_key(unsigned int version, unsigned char* dstbuf, unsigne
   if (*buflen < KEY_SIZE)
   {
     *buflen= KEY_SIZE;
-    return KEY_BUFFER_TOO_SMALL;
+    return ENCRYPTION_KEY_BUFFER_TOO_SMALL;
   }
   *buflen= KEY_SIZE;
   if (!dstbuf)

plugin/example_key_management/example_key_management_plugin.cc

@@ -62,7 +62,7 @@ get_key(unsigned int version, unsigned char* dstbuf, unsigned *buflen)
   if (*buflen < MY_MD5_HASH_SIZE)
   {
     *buflen= MY_MD5_HASH_SIZE;
-    return KEY_BUFFER_TOO_SMALL;
+    return ENCRYPTION_KEY_BUFFER_TOO_SMALL;
   }
   *buflen= MY_MD5_HASH_SIZE;
   if (!dstbuf)

plugin/file_key_management/file_key_management_plugin.cc

@@ -95,12 +95,12 @@ static unsigned int get_key_from_key_file(unsigned int key_id,
   keyentry* entry = get_key(key_id);
 
   if (entry == NULL)
-    return BAD_ENCRYPTION_KEY_VERSION;
+    return ENCRYPTION_KEY_VERSION_INVALID;
 
   if (*buflen < entry->length)
   {
     *buflen= entry->length;
-    return KEY_BUFFER_TOO_SMALL;
+    return ENCRYPTION_KEY_BUFFER_TOO_SMALL;
   }
 
   *buflen= entry->length;

sql/CMakeLists.txt

@@ -117,7 +117,7 @@ SET (SQL_SOURCE
                my_json_writer.cc my_json_writer.h
                rpl_gtid.cc rpl_parallel.cc
 	       ${WSREP_SOURCES}
-               table_cache.cc encryption_keys.cc
+               table_cache.cc encryption.cc
                ${CMAKE_CURRENT_BINARY_DIR}/sql_builtin.cc
                ${GEN_SOURCES}
                ${MYSYS_LIBWRAP_SOURCE}

sql/encryption_keys.cc → sql/encryption.cc

@@ -19,21 +19,19 @@
 #include "sql_plugin.h"
 #include <my_crypt.h>
 
-#warning TODO rename to follow single consistent style
-
 /* there can be only one encryption plugin enabled */
-static plugin_ref encryption_key_manager= 0;
-struct encryption_keys_service_st encryption_keys_handler;
+static plugin_ref encryption_manager= 0;
+struct encryption_service_st encryption_handler;
 
 unsigned int has_key(uint version)
 {
   uint unused;
-  return get_encryption_key(version, NULL, &unused) != BAD_ENCRYPTION_KEY_VERSION;
+  return encryption_key_get(version, NULL, &unused) != ENCRYPTION_KEY_VERSION_INVALID;
 }
 
 uint no_key()
 {
-  return BAD_ENCRYPTION_KEY_VERSION;
+  return ENCRYPTION_KEY_VERSION_INVALID;
 }
 
 static int no_crypt(const uchar* source, uint source_length,
@@ -48,7 +46,7 @@ static int no_crypt(const uchar* source, uint source_length,
 
 int initialize_encryption_plugin(st_plugin_int *plugin)
 {
-  if (encryption_key_manager)
+  if (encryption_manager)
     return 1;
 
   if (plugin->plugin->init && plugin->plugin->init(plugin))
@@ -58,22 +56,22 @@ int initialize_encryption_plugin(st_plugin_int *plugin)
     return 1;
   }
 
-  encryption_key_manager= plugin_lock(NULL, plugin_int_to_ref(plugin));
+  encryption_manager= plugin_lock(NULL, plugin_int_to_ref(plugin));
   st_mariadb_encryption *handle=
     (struct st_mariadb_encryption*) plugin->plugin->info;
 
-  encryption_keys_handler.encrypt_data_func=
+  encryption_handler.encryption_encrypt_func=
     handle->encrypt ? handle->encrypt
                     : (encrypt_decrypt_func)my_aes_encrypt_cbc;
 
-  encryption_keys_handler.decrypt_data_func=
+  encryption_handler.encryption_decrypt_func=
     handle->decrypt ? handle->decrypt
                     : (encrypt_decrypt_func)my_aes_decrypt_cbc;
 
-  encryption_keys_handler.get_encryption_key_func=
+  encryption_handler.encryption_key_get_func=
     handle->get_key;
 
-  encryption_keys_handler.get_latest_encryption_key_version_func=
+  encryption_handler.encryption_key_get_latest_version_func=
     handle->get_latest_key_version; // must be the last
 
   return 0;
@@ -81,21 +79,21 @@ int initialize_encryption_plugin(st_plugin_int *plugin)
 
 int finalize_encryption_plugin(st_plugin_int *plugin)
 {
-  encryption_keys_handler.encrypt_data_func= no_crypt;
-  encryption_keys_handler.decrypt_data_func= no_crypt;
-  encryption_keys_handler.has_encryption_key_func= has_key;
-  encryption_keys_handler.get_encryption_key_func=
+  encryption_handler.encryption_encrypt_func= no_crypt;
+  encryption_handler.encryption_decrypt_func= no_crypt;
+  encryption_handler.encryption_key_exists_func= has_key;
+  encryption_handler.encryption_key_get_func=
       (uint (*)(uint, uchar*, uint*))no_key;
-  encryption_keys_handler.get_latest_encryption_key_version_func= no_key;
+  encryption_handler.encryption_key_get_latest_version_func= no_key;
 
   if (plugin && plugin->plugin->deinit && plugin->plugin->deinit(NULL))
   {
     DBUG_PRINT("warning", ("Plugin '%s' deinit function returned error.",
                            plugin->name.str));
   }
-  if (encryption_key_manager)
-    plugin_unlock(NULL, encryption_key_manager);
-  encryption_key_manager= 0;
+  if (encryption_manager)
+    plugin_unlock(NULL, encryption_manager);
+  encryption_manager= 0;
   return 0;
 }
 

sql/sql_plugin_services.h

@@ -161,7 +161,7 @@ static struct st_service_ref list_of_services[]=
   { "logger_service",              VERSION_logger,              &logger_service_handler },
   { "thd_autoinc_service",         VERSION_thd_autoinc,         &thd_autoinc_handler },
   { "wsrep_service",               VERSION_wsrep,               &wsrep_handler },
-  { "encryption_keys_service",     VERSION_encryption_keys,     &encryption_keys_handler },
+  { "encryption_service",          VERSION_encryption,          &encryption_handler },
   { "thd_specifics_service",       VERSION_thd_specifics,       &thd_specifics_handler },
   { "thd_error_context_service",   VERSION_thd_error_context,   &thd_error_conext_handler },
 };

storage/innobase/fil/fil0crypt.cc

@@ -232,7 +232,7 @@ fil_crypt_get_key(byte *dst, uint* key_length,
         }
 
         *key_length= MY_AES_MAX_KEY_LENGTH;
-	int rc = get_encryption_key(version, (unsigned char*)keybuf, key_length);
+	int rc = encryption_key_get(version, (unsigned char*)keybuf, key_length);
 	if (rc) {
 
 			ib_logf(IB_LOG_LEVEL_FATAL,
@@ -285,7 +285,7 @@ fil_crypt_get_latest_key(byte *dst, uint* key_length,
 {
 	if (srv_encrypt_tables) {
 	        // used for key rotation - get the next key id from the key provider
-		int rc = get_latest_encryption_key_version();
+		int rc = encryption_key_get_latest_version();
 
 		// if no new key was created use the last one
 		if (rc >= 0) {
@@ -313,7 +313,7 @@ fil_space_create_crypt_data()
 		crypt_data->min_key_version = 0;
 	} else {
 		crypt_data->type = CRYPT_SCHEME_1;
-		crypt_data->min_key_version = get_latest_encryption_key_version();
+		crypt_data->min_key_version = encryption_key_get_latest_version();
 	}
 
 	mutex_create(fil_crypt_data_mutex_key,
@@ -693,7 +693,7 @@ fil_space_encrypt(ulint space, ulint offset, lsn_t lsn,
 		srclen = page_size -  FIL_PAGE_DATA;
 	}
 
-	int rc = encrypt_data(src, srclen, dst, &dstlen,
+	int rc = encryption_encrypt(src, srclen, dst, &dstlen,
 	                      (unsigned char*)key, key_length,
 	                      (unsigned char*)iv, sizeof(iv), 1, key_version);
 
@@ -865,7 +865,7 @@ fil_space_decrypt(fil_space_crypt_t* crypt_data,
 		srclen = pow((double)2, (double)((int)compressed_len)) - FIL_PAGE_DATA;
 	}
 
-	int rc = decrypt_data(src, srclen, dst, &dstlen,
+	int rc = encryption_decrypt(src, srclen, dst, &dstlen,
 	                      (unsigned char*)key, key_length,
 	                      (unsigned char*)iv, sizeof(iv), 1, key_version);
 
@@ -1007,7 +1007,7 @@ fil_crypt_get_key_state(
 	key_state_t *new_state)
 {
 	if (srv_encrypt_tables == TRUE) {
-		new_state->key_version = get_latest_encryption_key_version();
+		new_state->key_version = encryption_key_get_latest_version();
 		new_state->rotate_key_age = srv_fil_crypt_rotate_key_age;
 		ut_a(new_state->key_version > 0);
 	} else {
@@ -2381,7 +2381,7 @@ fil_space_crypt_get_status(
 	}
 
 	if (srv_encrypt_tables == TRUE) {
-		status->current_key_version = get_latest_encryption_key_version();
+		status->current_key_version = encryption_key_get_latest_version();
 	} else {
 		status->current_key_version = 0;
 	}

storage/innobase/fil/fil0fil.cc

@@ -1157,7 +1157,7 @@ fil_space_create(
 	ut_a(fil_system);
 
 	if (fsp_flags_is_page_encrypted(flags)) {
-		if (!has_encryption_key(fsp_flags_get_page_encryption_key(flags))) {
+		if (!encryption_key_exists(fsp_flags_get_page_encryption_key(flags))) {
 			/* by returning here it should be avoided that
 			 * the server crashes, if someone tries to access an
 			 * encrypted table and the encryption key is not available.

storage/innobase/handler/ha_innodb.cc

@@ -11404,7 +11404,7 @@ ha_innobase::check_table_options(
 			return "PAGE_ENCRYPTION_KEY";
 		}
 
-		if (!has_encryption_key(options->page_encryption_key)) {
+		if (!encryption_key_exists(options->page_encryption_key)) {
 			push_warning_printf(
 				thd, Sql_condition::WARN_LEVEL_WARN,
 				HA_WRONG_CREATE_OPTION,

storage/innobase/include/fsp0pageencryption.ic

@@ -146,9 +146,9 @@ fil_page_encryption_status(
 	if (page_type == FIL_PAGE_TYPE_FSP_HDR) {
 		ulint flags = mach_read_from_4(FSP_HEADER_OFFSET + FSP_SPACE_FLAGS + buf);
 		if (fsp_flags_is_page_encrypted(flags)) {
-			if (!has_encryption_key(fsp_flags_get_page_encryption_key(flags))) {
+			if (!encryption_key_exists(fsp_flags_get_page_encryption_key(flags))) {
 				/* accessing table would surely fail, because no key or no key provider available */
-				if (!has_encryption_key(fsp_flags_get_page_encryption_key(flags))) {
+				if (!encryption_key_exists(fsp_flags_get_page_encryption_key(flags))) {
 					return PAGE_ENCRYPTION_KEY_MISSING;
 				}
 				return PAGE_ENCRYPTION_ERROR;
@@ -158,7 +158,7 @@ fil_page_encryption_status(
 
 	if(page_type == FIL_PAGE_PAGE_COMPRESSED_ENCRYPTED) {
 		ulint key = mach_read_from_4(buf + FIL_PAGE_FILE_FLUSH_LSN_OR_KEY_VERSION);
-		if (!has_encryption_key(key)) {
+		if (!encryption_key_exists(key)) {
 						return PAGE_ENCRYPTION_KEY_MISSING;
 		}
 		return PAGE_ENCRYPTION_ERROR;

storage/innobase/include/log0crypt.h

@@ -15,7 +15,7 @@ Created 11/25/2013 Minli Zhu
 
 #define PURPOSE_BYTE_LEN	MY_AES_BLOCK_SIZE - 1
 #define PURPOSE_BYTE_OFFSET	0
-#define UNENCRYPTED_KEY_VER	0
+#define UNENCRYPTED_KEY_VER	ENCRYPTION_KEY_VERSION_NOT_ENCRYPTED
 
 typedef int Crypt_result;
 

storage/innobase/log/log0crypt.cc

@@ -117,7 +117,7 @@ log_init_crypt_key(
 
 	byte mysqld_key[MY_AES_BLOCK_SIZE] = {0};
         uint keylen= sizeof(mysqld_key);
-	if (get_encryption_key(crypt_ver, mysqld_key, &keylen))
+	if (encryption_key_get(crypt_ver, mysqld_key, &keylen))
 	{
 		ib_logf(IB_LOG_LEVEL_ERROR,
 			"Redo log crypto: getting mysqld crypto key "
@@ -204,7 +204,7 @@ log_blocks_crypt(
 		mach_write_to_4(aes_ctr_counter + 11, log_block_no);
 		bzero(aes_ctr_counter + 15, 1);
 
-		int rc = encrypt_data(log_block + LOG_BLOCK_HDR_SIZE, src_len,
+		int rc = encryption_encrypt(log_block + LOG_BLOCK_HDR_SIZE, src_len,
 		                      dst_block + LOG_BLOCK_HDR_SIZE, &dst_len,
 		                      (unsigned char*)key, 16,
 		                      aes_ctr_counter, MY_AES_BLOCK_SIZE, 1,
@@ -259,11 +259,11 @@ log_crypt_set_ver_and_key(
 
 	if (srv_encrypt_log) {
 		unsigned int vkey;
-		vkey = get_latest_encryption_key_version();
+		vkey = encryption_key_get_latest_version();
 		encrypted = true;
 
 		if (vkey == UNENCRYPTED_KEY_VER ||
-		    vkey == BAD_ENCRYPTION_KEY_VERSION) {
+		    vkey == ENCRYPTION_KEY_VERSION_INVALID) {
 			encrypted = false;
 
 			ib_logf(IB_LOG_LEVEL_WARN,

storage/maria/ma_check_standalone.h

@@ -25,10 +25,10 @@ void _mi_report_crashed(void *file __attribute__((unused)),
 
 static unsigned int no_key()
 {
-  return BAD_ENCRYPTION_KEY_VERSION;
+  return ENCRYPTION_KEY_VERSION_INVALID;
 }
 
-struct encryption_keys_service_st encryption_keys_handler=
+struct encryption_service_st encryption_handler=
 {
   no_key, 0, 0, 0, 0
 };

storage/maria/ma_crypt.c

@@ -290,7 +290,7 @@ void ma_crypt_set_data_pagecache_callbacks(PAGECACHE_FILE *file,
                                            __attribute__((unused)))
 {
   /* Only use encryption if we have defined it */
-  if (get_latest_encryption_key_version() != BAD_ENCRYPTION_KEY_VERSION)
+  if (encryption_key_get_latest_version() != ENCRYPTION_KEY_VERSION_INVALID)
   {
     file->pre_read_hook= ma_crypt_pre_read_hook;
     file->post_read_hook= ma_crypt_data_post_read_hook;
@@ -417,9 +417,9 @@ static int ma_encrypt(MARIA_CRYPT_DATA *crypt_data,
   int4store(counter + 4, pageno);
   int8store(counter + 8, lsn);
 
-  rc = encrypt_data(src, size, dst, &dstlen,
-                    crypt_data->iv, CRYPT_SCHEME_1_IV_LEN,
-                    counter, sizeof(counter), 1, *key_version);
+  rc = encryption_encrypt(src, size, dst, &dstlen,
+                          crypt_data->iv, CRYPT_SCHEME_1_IV_LEN,
+                          counter, sizeof(counter), 1, *key_version);
 
   DBUG_ASSERT(rc == AES_OK);
   DBUG_ASSERT(dstlen == size);
@@ -449,9 +449,9 @@ static int ma_decrypt(MARIA_CRYPT_DATA *crypt_data,
   int4store(counter + 4, pageno);
   int8store(counter + 8, lsn);
 
-  rc =decrypt_data(src, size, dst, &dstlen,
-                   crypt_data->iv, CRYPT_SCHEME_1_IV_LEN,
-                   counter, sizeof(counter), 1, key_version);
+  rc =encryption_decrypt(src, size, dst, &dstlen,
+                         crypt_data->iv, CRYPT_SCHEME_1_IV_LEN,
+                         counter, sizeof(counter), 1, key_version);
 
   DBUG_ASSERT(rc == AES_OK);
   DBUG_ASSERT(dstlen == size);

storage/xtradb/fil/fil0crypt.cc

@@ -232,7 +232,7 @@ fil_crypt_get_key(byte *dst, uint* key_length,
         }
 
         *key_length= MY_AES_MAX_KEY_LENGTH;
-	int rc = get_encryption_key(version, (unsigned char*)keybuf, key_length);
+	int rc = encryption_key_get(version, (unsigned char*)keybuf, key_length);
 	if (rc) {
 
 		ib_logf(IB_LOG_LEVEL_FATAL,
@@ -285,7 +285,7 @@ fil_crypt_get_latest_key(byte *dst, uint* key_length,
 {
 	if (srv_encrypt_tables) {
 	        // used for key rotation - get the next key id from the key provider
-		int rc = get_latest_encryption_key_version();
+		int rc = encryption_key_get_latest_version();
 
 		// if no new key was created use the last one
 		if (rc >= 0) {
@@ -313,7 +313,7 @@ fil_space_create_crypt_data()
 		crypt_data->min_key_version = 0;
 	} else {
 		crypt_data->type = CRYPT_SCHEME_1;
-		crypt_data->min_key_version = get_latest_encryption_key_version();
+		crypt_data->min_key_version = encryption_key_get_latest_version();
 	}
 
 	mutex_create(fil_crypt_data_mutex_key,
@@ -693,9 +693,9 @@ fil_space_encrypt(ulint space, ulint offset, lsn_t lsn,
 		srclen = page_size -  FIL_PAGE_DATA;
 	}
 
-	int rc = encrypt_data(src, srclen, dst, &dstlen,
-	                      (unsigned char*)key, key_length,
-	                      (unsigned char*)iv, sizeof(iv), 1, key_version);
+	int rc = encryption_encrypt(src, srclen, dst, &dstlen,
+	                            (unsigned char*)key, key_length,
+	                            (unsigned char*)iv, sizeof(iv), 1, key_version);
 
 	if (! ((rc == AES_OK) && ((ulint) dstlen == srclen))) {
 		ib_logf(IB_LOG_LEVEL_FATAL,
@@ -865,9 +865,9 @@ fil_space_decrypt(fil_space_crypt_t* crypt_data,
 		srclen = pow((double)2, (double)((int)compressed_len)) - FIL_PAGE_DATA;
 	}
 
-	int rc = decrypt_data(src, srclen, dst, &dstlen,
-	                      (unsigned char*)key, key_length,
-	                      (unsigned char*)iv, sizeof(iv), 1, key_version);
+	int rc = encryption_decrypt(src, srclen, dst, &dstlen,
+	                            (unsigned char*)key, key_length,
+	                            (unsigned char*)iv, sizeof(iv), 1, key_version);
 
 	if (! ((rc == AES_OK) && ((ulint) dstlen == srclen))) {
 		ib_logf(IB_LOG_LEVEL_FATAL,
@@ -1007,7 +1007,7 @@ fil_crypt_get_key_state(
 	key_state_t *new_state)
 {
 	if (srv_encrypt_tables == TRUE) {
-		new_state->key_version = get_latest_encryption_key_version();
+		new_state->key_version = encryption_key_get_latest_version();
 		new_state->rotate_key_age = srv_fil_crypt_rotate_key_age;
 		ut_a(new_state->key_version > 0);
 	} else {
@@ -2381,7 +2381,7 @@ fil_space_crypt_get_status(
 	}
 
 	if (srv_encrypt_tables == TRUE) {
-		status->current_key_version = get_latest_encryption_key_version();
+		status->current_key_version = encryption_key_get_latest_version();
 	} else {
 		status->current_key_version = 0;
 	}

storage/xtradb/fil/fil0fil.cc

@@ -1192,7 +1192,7 @@ fil_space_create(
 	ut_a(fil_system);
 
 	if (fsp_flags_is_page_encrypted(flags)) {
-		if (!has_encryption_key(fsp_flags_get_page_encryption_key(flags))) {
+		if (!encryption_key_exists(fsp_flags_get_page_encryption_key(flags))) {
 			/* by returning here it should be avoided that
 			 * the server crashes, if someone tries to access an
 			 * encrypted table and the encryption key is not available.

storage/xtradb/handler/ha_innodb.cc

@@ -11911,7 +11911,7 @@ ha_innobase::check_table_options(
 			return "PAGE_ENCRYPTION_KEY";
 		}
 
-		if (!has_encryption_key(options->page_encryption_key)) {
+		if (!encryption_key_exists(options->page_encryption_key)) {
 			push_warning_printf(
 				thd, Sql_condition::WARN_LEVEL_WARN,
 				HA_WRONG_CREATE_OPTION,

storage/xtradb/include/fsp0pageencryption.ic

@@ -147,9 +147,9 @@ fil_page_encryption_status(
 	if (page_type == FIL_PAGE_TYPE_FSP_HDR) {
 		ulint flags = mach_read_from_4(FSP_HEADER_OFFSET + FSP_SPACE_FLAGS + buf);
 		if (fsp_flags_is_page_encrypted(flags)) {
-			if (!has_encryption_key(fsp_flags_get_page_encryption_key(flags))) {
+			if (!encryption_key_exists(fsp_flags_get_page_encryption_key(flags))) {
 				/* accessing table would surely fail, because no key or no key provider available */
-				if (!has_encryption_key(fsp_flags_get_page_encryption_key(flags))) {
+				if (!encryption_key_exists(fsp_flags_get_page_encryption_key(flags))) {
 					return PAGE_ENCRYPTION_KEY_MISSING;
 				}
 				return PAGE_ENCRYPTION_ERROR;
@@ -159,7 +159,7 @@ fil_page_encryption_status(
 
 	if(page_type == FIL_PAGE_PAGE_COMPRESSED_ENCRYPTED) {
 		ulint key = mach_read_from_4(buf + FIL_PAGE_FILE_FLUSH_LSN_OR_KEY_VERSION);
-		if (!has_encryption_key(key)) {
+		if (!encryption_key_exists(key)) {
 			return PAGE_ENCRYPTION_KEY_MISSING;
 		}
 		return PAGE_ENCRYPTION_ERROR;

storage/xtradb/include/log0crypt.h

@@ -15,7 +15,7 @@ Created 11/25/2013 Minli Zhu
 
 #define PURPOSE_BYTE_LEN	MY_AES_BLOCK_SIZE - 1
 #define PURPOSE_BYTE_OFFSET	0
-#define UNENCRYPTED_KEY_VER	0
+#define UNENCRYPTED_KEY_VER	ENCRYPTION_KEY_VERSION_NOT_ENCRYPTED
 
 typedef int Crypt_result;
 

storage/xtradb/log/log0crypt.cc

@@ -117,7 +117,7 @@ log_init_crypt_key(
 
 	byte mysqld_key[MY_AES_BLOCK_SIZE] = {0};
         uint keylen= sizeof(mysqld_key);
-	if (get_encryption_key(crypt_ver, mysqld_key, &keylen))
+	if (encryption_key_get(crypt_ver, mysqld_key, &keylen))
 	{
 		ib_logf(IB_LOG_LEVEL_ERROR,
 			"Redo log crypto: getting mysqld crypto key "
@@ -204,11 +204,11 @@ log_blocks_crypt(
 		mach_write_to_4(aes_ctr_counter + 11, log_block_no);
 		bzero(aes_ctr_counter + 15, 1);
 
-		int rc = encrypt_data(log_block + LOG_BLOCK_HDR_SIZE, src_len,
-		                      dst_block + LOG_BLOCK_HDR_SIZE, &dst_len,
-		                      (unsigned char*)key, 16,
-		                      aes_ctr_counter, MY_AES_BLOCK_SIZE, 1,
-                                      log_sys->redo_log_crypt_ver);
+		int rc = encryption_encrypt(log_block + LOG_BLOCK_HDR_SIZE, src_len,
+		                            dst_block + LOG_BLOCK_HDR_SIZE, &dst_len,
+		                            (unsigned char*)key, 16,
+		                            aes_ctr_counter, MY_AES_BLOCK_SIZE, 1,
+                                            log_sys->redo_log_crypt_ver);
 
 		ut_a(rc == AES_OK);
 		ut_a(dst_len == src_len);
@@ -259,11 +259,11 @@ log_crypt_set_ver_and_key(
 
 	if (srv_encrypt_log) {
 		unsigned int vkey;
-		vkey = get_latest_encryption_key_version();
+		vkey = encryption_key_get_latest_version();
 		encrypted = true;
 
 		if (vkey == UNENCRYPTED_KEY_VER ||
-		    vkey == BAD_ENCRYPTION_KEY_VERSION) {
+		    vkey == ENCRYPTION_KEY_VERSION_INVALID) {
 			encrypted = false;
 
 			ib_logf(IB_LOG_LEVEL_WARN,