PS-11106 [8.4] Component Percona keyring encrypted file#6023
Open
catalinbp wants to merge 2 commits into
Open
Conversation
- created component_percona_keyring_encrypted_file based on component_keyring_file - cmake flag: WITH_COMPONENT_PERCONA_KEYRING_ENCRYPTED_FILE
jankowsk
reviewed
Jun 22, 2026
jankowsk
left a comment
jankowsk
left a comment
Contributor
There was a problem hiding this comment.
review in progress, initial comments
jankowsk
reviewed
Jun 23, 2026
| if (!iv || !get_random_data(iv, k_iv_size)) return true; | ||
|
|
||
| // Generate random number of iterations | ||
| uint32_t iterations = get_random_iterations(600000); |
Contributor
There was a problem hiding this comment.
I don't think that random number of iterations increases security especially when this number is known (written alongside the encrypted data). This parameter just makes the encryption/decryption iteration times longer (also the attack time). IMHO it even could be a config value so the user defines own balance between security and efficiency.
Contributor
Author
There was a problem hiding this comment.
I've set the number of iterations to a fixed number for now. I'm think about adding a config parameter
- New PBKDF2-based encrypt/decrypt API (aes.cc): Added aes_encrypt_pbkdf2 and aes_decrypt_pbkdf2 functions that derive a 256-bit AES key from a password using PKCS5_PBKDF2_HMAC (SHA-256). Refactored the internal EVP encrypt/decrypt logic into private helpers to avoid code duplication. - Encrypted backend (backend.cc): Renamed Keyring_file_backend to Keyring_encrypted_file_backend and wired in password-based encryption. On write, generates a random salt, IV, and iteration count; on read, parses v1 on-disk header ([version:1][salt:32][iterations:4 BE][iv:16][ciphertext]) and decrypts before JSON parsing. - Password config options (config.cc): The component configuration now requires exactly one of password (inline) or password_file (path to a file containing the password). Validation errors are emitted for missing, empty, or conflicting combinations. The keyring_component_status table reports <SET> or <NONE> for the password field.
jankowsk
approved these changes
Jun 24, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.