[MDEV-13387] Document correct format for encryption keys used by file_key_management plugin - Jira

XML

Word

Printable

Details

Type: Task
Status: Closed (View Workflow)
Priority: Major
Resolution: Not a Bug
Fix Version/s: N/A
Component/s: Documentation, Storage Engine - InnoDB
Labels:

Description

The documentation currently says that the following format is used by file_key_management plugin:

The key file contains encryption keys identifiers (32-bit numbers) and hex-encoded encryption keys, separated by a semicolon. 128, 192 or 256-bit keys are supported. Comments start from the hash character. An example key file entry:

# this is a comment

1;770A8A65DA156D24EE2A093277530142

18;F5502320F8429037B8DAEF761B189D12F5502320F8429037B8DAEF761B189D12

https://mariadb.com/kb/en/mariadb/data-at-rest-encryption/#file_key_management_filename

However, this more recent blog post from Pythian says that the IV needs to be included, in addition to the key:

Sample output:

...

key=AD2F01FD1D496F6A054E3D19B79815D0F6DE82C49E105D63E1F467912E2F0B95

iv =C6A3F3625D420BD19AF04CEB9DA2D89B

Sample contents of keys.txt using that output:

1;C6A3F3625D420BD19AF04CEB9DA2D89B;AD2F01FD1D496F6A054E3D19B79815D0F6DE82C49E105D63E1F467912E2F0B95

https://www.pythian.com/blog/data-encryption-rest/

If the IV is required, then we should specify that.

Attachments

Activity

People

Assignee:: Ian Gilfillan

Reporter:: Geoff Montee (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2017-07-26 21:50

Updated:: 2017-07-28 18:12

Resolved:: 2017-07-27 08:33

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.