1 /* Copyright (c) 2001, 2021, Oracle and/or its affiliates.
2
3 This program is free software; you can redistribute it and/or modify
4 it under the terms of the GNU General Public License, version 2.0,
5 as published by the Free Software Foundation.
6
7 This program is also distributed with certain software (including
8 but not limited to OpenSSL) that is licensed under separate terms,
9 as designated in a particular file or component or in included license
10 documentation. The authors of MySQL hereby grant you an additional
11 permission to link the program and your derivative works with the
12 separately licensed software that they have included with MySQL.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License, version 2.0, for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software Foundation,
21 51 Franklin Street, Suite 500, Boston, MA 02110-1335 USA */
22
23 #include "my_global.h" // HAVE_*
24 #include "des_key_file.h" // st_des_keyschedule, st_des_keyblock
25 #include "log.h" // sql_print_error
26 #include <m_ctype.h>
27
28 #include "pfs_file_provider.h"
29 #include "mysql/psi/mysql_file.h"
30
31 #ifdef HAVE_OPENSSL
32
33 struct st_des_keyschedule des_keyschedule[10];
34 uint des_default_key;
35
36 #define des_cs &my_charset_latin1
37
38 /**
39 Load DES keys from plaintext file into
40 memory on MySQL server startup and on command FLUSH DES_KEY_FILE.
41
42 @retval
43 0 ok
44 @retval
45 1 Error
46 */
47
48
49 bool
load_des_key_file(const char * file_name)50 load_des_key_file(const char *file_name)
51 {
52 bool result=1;
53 File file;
54 IO_CACHE io;
55 DBUG_ENTER("load_des_key_file");
56 DBUG_PRINT("enter",("name: %s",file_name));
57
58 mysql_mutex_lock(&LOCK_des_key_file);
59 if ((file= mysql_file_open(key_file_des_key_file, file_name,
60 O_RDONLY | O_BINARY, MYF(MY_WME))) < 0 ||
61 init_io_cache(&io, file, IO_SIZE*2, READ_CACHE, 0, 0, MYF(MY_WME)))
62 goto error;
63
64 memset(des_keyschedule, 0, sizeof(struct st_des_keyschedule) * 10);
65 des_default_key=15; // Impossible key
66 for (;;)
67 {
68 char *start, *end;
69 char buf[1024], offset;
70 st_des_keyblock keyblock;
71 size_t length;
72
73 if (!(length=my_b_gets(&io,buf,sizeof(buf)-1)))
74 break; // End of file
75 offset=buf[0];
76 if (offset >= '0' && offset <= '9') // If ok key
77 {
78 offset=(char) (offset - '0');
79 // Remove newline and possible other control characters
80 for (start=buf+1 ; my_isspace(des_cs, *start) ; start++) ;
81 end=buf+length;
82 for (end=strend(buf) ;
83 end > start && !my_isgraph(des_cs, end[-1]) ; end--) ;
84
85 if (start != end)
86 {
87 DES_cblock ivec;
88 memset(&ivec, 0, sizeof(ivec));
89 // We make good 24-byte (168 bit) key from given plaintext key with MD5
90 EVP_BytesToKey(EVP_des_ede3_cbc(),EVP_md5(),NULL,
91 (uchar *) start, (int) (end-start),1,
92 (uchar *) &keyblock,
93 ivec);
94 DES_set_key_unchecked(&keyblock.key1,&(des_keyschedule[(int)offset].ks1));
95 DES_set_key_unchecked(&keyblock.key2,&(des_keyschedule[(int)offset].ks2));
96 DES_set_key_unchecked(&keyblock.key3,&(des_keyschedule[(int)offset].ks3));
97 if (des_default_key == 15)
98 des_default_key= (uint) offset; // use first as def.
99 }
100 }
101 else if (offset != '#')
102 sql_print_error("load_des_file: Found wrong key_number: %c",offset);
103 }
104 result=0;
105
106 error:
107 if (file >= 0)
108 {
109 mysql_file_close(file, MYF(0));
110 end_io_cache(&io);
111 }
112 mysql_mutex_unlock(&LOCK_des_key_file);
113 DBUG_RETURN(result);
114 }
115 #endif /* HAVE_OPENSSL */
116