1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
|
#------------------------------------------------------------------------------
# InnoDB transparent tablespace data encryption
# This test case will test basic recovery.
# Test does following
# - runs command in parallel on encrypt table
# - server is killed
# - server restarted with same options
#------------------------------------------------------------------------------
#suppress warning
-- disable_query_log
call mtr.add_suppression("does not exist in the InnoDB internal data dictionary though MySQL is trying to drop it");
call mtr.add_suppression("Operating system error number");
call mtr.add_suppression("The error means the system cannot find the path specified");
call mtr.add_suppression("If you are installing InnoDB, remember that you must create directories yourself, InnoDB does not create them");
call mtr.add_suppression("Could not find a valid tablespace file");
call mtr.add_suppression("Ignoring tablespace");
call mtr.add_suppression("Failed to find tablespace for table");
call mtr.add_suppression("Cannot create keyring directory");
call mtr.add_suppression("\\[Warning\\] .* Please refer to .* for how to resolve the issue");
call mtr.add_suppression("\\[Warning\\] .* Database page corruption or a failed file read of page");
call mtr.add_suppression("\\[Warning\\] .* Cannot calculate statistics for table");
call mtr.add_suppression("\\[ERROR\\] .* Table tde_db/t_encrypt.* in the InnoDB data dictionary has tablespace id .*, but tablespace with that id or name does not exist");
-- enable_query_log
let $innodb_file_per_table = `SELECT @@innodb_file_per_table`;
#------------------------------------------------------------------------------
# Initial setup
--disable_warnings
DROP DATABASE IF EXISTS tde_db;
DROP TABLE IF EXISTS tde_db. t_encrypt;
CREATE DATABASE tde_db;
USE tde_db;
--enable_warnings
SET GLOBAL innodb_file_per_table = 1;
SELECT @@innodb_file_per_table;
# Create a table with encryption
CREATE TABLE tde_db.t_encrypt(c2 INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
c3 CHAR(255) Default 'No text',
c4 JSON,
c5 INT GENERATED ALWAYS AS (JSON_EXTRACT(c4,'$.key_a')) STORED,
c6 INT GENERATED ALWAYS AS (JSON_EXTRACT(c4,'$.key_b')) VIRTUAL,
c7 POINT NOT NULL SRID 0,
spatial INDEX idx2 (c7)
) ENCRYPTION="Y" ENGINE = InnoDB;
CREATE TABLE tde_db.t_non_encrypt(c2 INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
c3 CHAR(255) Default 'No text',
c4 JSON,
c5 INT GENERATED ALWAYS AS (JSON_EXTRACT(c4,'$.key_a')) STORED,
c6 INT GENERATED ALWAYS AS (JSON_EXTRACT(c4,'$.key_b')) VIRTUAL,
c7 POINT NOT NULL SRID 0,
spatial INDEX idx2 (c7)
) ENGINE = InnoDB;
DELIMITER |;
CREATE PROCEDURE tde_db.populate_t_encrypt()
begin
declare i int default 1;
declare has_error int default 0;
DECLARE CONTINUE HANDLER FOR 1062 SET has_error = 1;
while (i <= 5000) DO
insert into tde_db.t_encrypt(c2,c3,c4,c7) VALUES(i,CONCAT(REPEAT('a',200),LPAD(CAST(i AS CHAR),4,'0')),'{ "key_a": 1, "key_b": 2, "key_c": 3 }',ST_GeomFromText('POINT(383293632 1754448)'));
set i = i + 1;
end while;
end|
CREATE PROCEDURE tde_db.populate_t_non_encrypt()
begin
declare i int default 1;
declare has_error int default 0;
DECLARE CONTINUE HANDLER FOR 1062 SET has_error = 1;
while (i <= 5000) DO
insert into tde_db.t_non_encrypt(c2,c3,c4,c7) VALUES(i,CONCAT(REPEAT('a',200),LPAD(CAST(i AS CHAR),4,'0')),'{ "key_a": 1, "key_b": 2, "key_c": 3 }',ST_GeomFromText('POINT(383293632 1754448)'));
set i = i + 1;
end while;
end|
CREATE PROCEDURE tde_db.update_t_encrypt()
begin
declare i int default 1;
declare ustr varchar(1000);
declare has_error int default 0;
DECLARE CONTINUE HANDLER FOR 1062 SET has_error = 1;
while (i <= 5000) DO
SET @sql_text = CONCAT (' UPDATE tde_db.t_encrypt SET c3 =', 'CONCAT(REPEAT(a,200),LPAD(CAST(',i, 'AS CHAR),4,0) ORDER BY RAND() LIMIT 1');
PREPARE stmt FROM @sql_text;
EXECUTE stmt;
DEALLOCATE PREPARE stmt;
set i = i + 1;
end while;
end|
CREATE PROCEDURE tde_db.delete_t_encrypt()
begin
declare i int default 1;
declare ustr varchar(1000);
declare has_error int default 0;
DECLARE CONTINUE HANDLER FOR 1062 SET has_error = 1;
while (i <= 5000) DO
SET @sql_text = CONCAT (' DELETE FROM tde_db.t_encrypt LIMIT 1');
PREPARE stmt FROM @sql_text;
EXECUTE stmt;
DEALLOCATE PREPARE stmt;
set i = i + 1;
end while;
end|
CREATE PROCEDURE tde_db.read_t_encrypt()
begin
declare i int default 1;
while (i <= 5000) DO
SELECT * FROM (SELECT * FROM tde_db.t_encrypt ORDER BY RAND() LIMIT 1) AS A WHERE A.c2 < 0 ;
set i = i + 1;
end while;
end|
CREATE PROCEDURE tde_db.alter_t_encrypt()
begin
declare i int default 1;
declare has_error int default 0;
while (i <= 5000) DO
ALTER INSTANCE ROTATE INNODB MASTER KEY;
set i = i + 1;
end while;
end|
CREATE PROCEDURE tde_db.create_t_encrypt(encrypt VARCHAR(5), tcnt INT)
begin
declare i int default 1;
declare has_error int default 0;
DECLARE CONTINUE HANDLER FOR 1050 SET has_error = 1;
SET i = tcnt ;
while (i <= 5000) DO
SET @sql_text = CONCAT('CREATE TABLE ',CONCAT('tde_db.t_encrypt_',encrypt,'_',i),' (c1 INT) ENCRYPTION="',encrypt,'"',' ENGINE=InnoDB');
PREPARE stmt FROM @sql_text;
EXECUTE stmt;
DEALLOCATE PREPARE stmt;
set i = i + 1;
end while;
end|
DELIMITER ;|
SHOW CREATE TABLE tde_db.t_encrypt;
--echo # Case1: insert on encrypt and non encrypt table in parallel during kill
--echo # In connection con1 - Running insert on encrypt table
connect (con1,localhost,root,,);
send call tde_db.populate_t_encrypt();
--echo # In connection con2 - Running insert on encrypt table
connect (con2,localhost,root,,);
send call tde_db.populate_t_encrypt();
--echo # In connection con3 - Running insert into non encrypt table
connect (con3,localhost,root,,);
send call tde_db.populate_t_non_encrypt();
--connection default
--echo # kill and restart the server
let $restart_parameters = restart: $PLUGIN_DIR_OPT;
--sleep 3
--let $_server_id= `SELECT @@server_id`
--let $_expect_file_name= $MYSQLTEST_VARDIR/tmp/mysqld.$_server_id.expect
--exec echo "$restart_parameters" > $_expect_file_name
--shutdown_server 0
--source include/wait_until_disconnected.inc
--enable_reconnect
--source include/wait_until_connected_again.inc
--disable_reconnect
--disconnect con1
--disconnect con2
--disconnect con3
--connection default
--disable_result_log
SELECT c2,right(c3,20),c4,c5,c6,ST_AsText(c7) FROM tde_db.t_encrypt LIMIT 10;
INSERT INTO tde_db.t_encrypt(c2,c3,c4,c7) VALUES(10000,CONCAT(REPEAT('a',200),LPAD(CAST(1 AS CHAR),4,'0')),'{ "key_a": 1, "key_b": 2, "key_c": 3 }',ST_GeomFromText('POINT(383293632 1754448)'));
SELECT c2,right(c3,20),c4,c5,c6,ST_AsText(c7) FROM tde_db.t_non_encrypt LIMIT 10;
INSERT INTO tde_db.t_non_encrypt(c2,c3,c4,c7) VALUES(10000,CONCAT(REPEAT('a',200),LPAD(CAST(1 AS CHAR),4,'0')),'{ "key_a": 1, "key_b": 2, "key_c": 3 }',ST_GeomFromText('POINT(383293632 1754448)'));
--enable_result_log
SELECT 1;
--echo # Case2: insert/update/delete on encrypt in parallel during kill
DROP TABLE tde_db.t_encrypt;
DROP TABLE tde_db.t_non_encrypt;
CREATE TABLE tde_db.t_encrypt(c2 INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
c3 CHAR(255) Default 'No text',
c4 JSON,
c5 INT GENERATED ALWAYS AS (JSON_EXTRACT(c4,'$.key_a')) STORED,
c6 INT GENERATED ALWAYS AS (JSON_EXTRACT(c4,'$.key_b')) VIRTUAL,
c7 POINT NOT NULL SRID 0,
spatial INDEX idx2 (c7)
) ENCRYPTION="Y" ENGINE = InnoDB;
CREATE TABLE tde_db.t_non_encrypt(c2 INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
c3 CHAR(255) Default 'No text',
c4 JSON,
c5 INT GENERATED ALWAYS AS (JSON_EXTRACT(c4,'$.key_a')) STORED,
c6 INT GENERATED ALWAYS AS (JSON_EXTRACT(c4,'$.key_b')) VIRTUAL,
c7 POINT NOT NULL SRID 0,
spatial INDEX idx2 (c7)
) ENGINE = InnoDB;
--echo # In connection con1 - Running insert on encrypt table
connect (con1,localhost,root,,);
send call tde_db.populate_t_encrypt();
--echo # In connection con2 - Running update on encrypt table
connect (con2,localhost,root,,);
send call tde_db.update_t_encrypt();
--echo # In connection con3 - Running delete on encrypt table
connect (con3,localhost,root,,);
send call tde_db.delete_t_encrypt();
--connection default
--echo # kill and restart the server
let $restart_parameters = restart: $PLUGIN_DIR_OPT;
--sleep 3
--let $_server_id= `SELECT @@server_id`
--let $_expect_file_name= $MYSQLTEST_VARDIR/tmp/mysqld.$_server_id.expect
--exec echo "$restart_parameters" > $_expect_file_name
--shutdown_server 0
--source include/wait_until_disconnected.inc
--enable_reconnect
--source include/wait_until_connected_again.inc
--disable_reconnect
--disconnect con1
--disconnect con2
--disconnect con3
--connection default
--disable_result_log
SELECT c2,right(c3,20),c4,c5,c6,ST_AsText(c7) FROM tde_db.t_encrypt LIMIT 10;
INSERT INTO tde_db.t_encrypt(c2,c3,c4,c7) VALUES(10000,CONCAT(REPEAT('a',200),LPAD(CAST(1 AS CHAR),4,'0')),'{ "key_a": 1, "key_b": 2, "key_c": 3 }',ST_GeomFromText('POINT(383293632 1754448)'));
SELECT c2,right(c3,20),c4,c5,c6,ST_AsText(c7) FROM tde_db.t_non_encrypt LIMIT 10;
INSERT INTO tde_db.t_non_encrypt(c2,c3,c4,c7) VALUES(10000,CONCAT(REPEAT('a',200),LPAD(CAST(1 AS CHAR),4,'0')),'{ "key_a": 1, "key_b": 2, "key_c": 3 }',ST_GeomFromText('POINT(383293632 1754448)'));
--enable_result_log
SELECT 1;
--echo # Case3: select,create and insert on encrypt in parallel during kill
DROP TABLE tde_db.t_encrypt;
DROP TABLE tde_db.t_non_encrypt;
CREATE TABLE tde_db.t_encrypt(c2 INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
c3 CHAR(255) Default 'No text',
c4 JSON,
c5 INT GENERATED ALWAYS AS (JSON_EXTRACT(c4,'$.key_a')) STORED,
c6 INT GENERATED ALWAYS AS (JSON_EXTRACT(c4,'$.key_b')) VIRTUAL,
c7 POINT NOT NULL SRID 0,
spatial INDEX idx2 (c7)
) ENCRYPTION="Y" ENGINE = InnoDB;
CREATE TABLE tde_db.t_non_encrypt(c2 INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
c3 CHAR(255) Default 'No text',
c4 JSON,
c5 INT GENERATED ALWAYS AS (JSON_EXTRACT(c4,'$.key_a')) STORED,
c6 INT GENERATED ALWAYS AS (JSON_EXTRACT(c4,'$.key_b')) VIRTUAL,
c7 POINT NOT NULL SRID 0,
spatial INDEX idx2 (c7)
) ENGINE = InnoDB;
--echo # In connection con1 - Running insert on encrypt table
connect (con1,localhost,root,,);
send call tde_db.populate_t_encrypt();
--echo # In connection con2 - Running select on encrypt table
connect (con2,localhost,root,,);
send call tde_db.read_t_encrypt();
--connection default
--echo # kill and restart the server
let $restart_parameters = restart: $PLUGIN_DIR_OPT;
--sleep 1
--let $_server_id= `SELECT @@server_id`
--let $_expect_file_name= $MYSQLTEST_VARDIR/tmp/mysqld.$_server_id.expect
--replace_result $MYSQL_TMP_DIR MYSQL_TMP_DIR $KEYRING_PLUGIN_OPT --plugin-dir=KEYRING_PLUGIN_PATH $KEYRING_PLUGIN keyring_file.so
--exec echo "$restart_parameters" > $_expect_file_name
--shutdown_server 0
--source include/wait_until_disconnected.inc
--enable_reconnect
--source include/wait_until_connected_again.inc
--disable_reconnect
--disconnect con1
--disconnect con2
--connection default
--disable_result_log
SELECT c2,right(c3,20),c4,c5,c6,ST_AsText(c7) FROM tde_db.t_encrypt LIMIT 10;
INSERT INTO tde_db.t_encrypt(c2,c3,c4,c7) VALUES(10000,CONCAT(REPEAT('a',200),LPAD(CAST(1 AS CHAR),4,'0')),'{ "key_a": 1, "key_b": 2, "key_c": 3 }',ST_GeomFromText('POINT(383293632 1754448)'));
SELECT c2,right(c3,20),c4,c5,c6,ST_AsText(c7) FROM tde_db.t_non_encrypt LIMIT 10;
INSERT INTO tde_db.t_non_encrypt(c2,c3,c4,c7) VALUES(10000,CONCAT(REPEAT('a',200),LPAD(CAST(1 AS CHAR),4,'0')),'{ "key_a": 1, "key_b": 2, "key_c": 3 }',ST_GeomFromText('POINT(383293632 1754448)'));
--enable_result_log
SELECT 1;
#--echo # Case5: insert,create,alter on encrypt in parallel during kill
#--echo # In connection con1 - Running insert on encrypt table
#connect (con1,localhost,root,,);
#send call tde_db.populate_t_encrypt();
#--echo # In connection con2 - Running alter instance
#connect (con2,localhost,root,,);
#send call tde_db.alter_t_encrypt();
#--echo # In connection con3 - Running create on encrypt table
#connect (con3,localhost,root,,);
#send call tde_db.create_t_encrypt("Y",500);
#--connection default
#--echo # kill and restart the server
#let $restart_parameters = restart: $PLUGIN_DIR_OPT;
#--sleep 3
#--source include/kill_and_restart_mysqld.inc
#--disconnect con1
#--disconnect con2
#--disconnect con3
#--connection default
#--disable_result_log
#SELECT c2,right(c3,20),c4,c5,c6,ST_AsText(c7) FROM tde_db.t_encrypt LIMIT 10;
#INSERT INTO tde_db.t_encrypt(c3,c4,c7) VALUES(CONCAT(REPEAT('a',200),LPAD(CAST(1 AS CHAR),4,'0')),'{ "key_a": 1, "key_b": 2, "key_c": 3 }',ST_GeomFromText('POINT(383293632 1754448)'));
#SELECT c2,right(c3,20),c4,c5,c6,ST_AsText(c7) FROM tde_db.t_non_encrypt LIMIT 10;
#INSERT INTO tde_db.t_non_encrypt(c3,c4,c7) VALUES(CONCAT(REPEAT('a',200),LPAD(CAST(1 AS CHAR),4,'0')),'{ "key_a": 1, "key_b": 2, "key_c": 3 }',ST_GeomFromText('POINT(383293632 1754448)'));
#--enable_result_log
#SELECT 1;
DROP DATABASE tde_db;
# Cleanup
eval SET GLOBAL innodb_file_per_table=$innodb_file_per_table;
|
