Details
-
Type:
Bug
-
Status: Closed
-
Priority:
Major
-
Resolution: Won't Fix
-
Affects Version/s: 10.1.3
-
Fix Version/s: N/A
-
Component/s: Encryption, Storage Engine - InnoDB, Storage Engine - XtraDB
-
Labels:None
-
Sprint:10.1.6-1
Description
encryption_algorithm is currently global configuration variable and can't be changed. Furtheremore misconfiguration will lead to assertion failures.
Presumably if it makes sense to have it changeable, it also makes sense to set different algorithms for different objects.
At a minimum, store the encryption_algorithm selection with each encrypted object so that data can be migrated in the future. Then, implement sufficient support in the various necessary places so that it can be safely changed. Currently as far as I can tell it is globally set once, and impossible to change in the future. This could be done via stealing some bits from either the stored encryption scheme (1 byte) or key version (4 bytes) or adding a new encryption algorithm field which is stored alongside those everywhere (needs thinking).
Alternatively as an absolute (and even lower) minimum: ensure that changing it once the database is initialized produces a loud and very clear error message to the user.
Gliffy Diagrams
Attachments
Activity
- All
- Comments
- Work Log
- History
- Activity
- Transitions
This configuration variable does not exists anymore.