Bug #90165 General purpose keyring function truncates binary data
Submitted: 21 Mar 2018 15:33 Modified: 22 Mar 2018 11:19
Reporter: Norman Stevens Email Updates:
Status: Verified Impact on me:
None 
Category:MySQL Server: Security: Encryption Severity:S3 (Non-critical)
Version:5.7.21 OS:Any
Assigned to: CPU Architecture:Any

[21 Mar 2018 15:33] Norman Stevens
Description:
General purpose keyring function keyring_key_store truncates binary data.

How to repeat:
SELECT keyring_key_store('key_name', 'AES', unhex('c64c257bac156eb545ecb01b4527d3d8f5b5bdf11bbdafdd6023cb8c00c99ef6'));

The key which is stored is truncated at the 28th byte. This is a null byte.

Suggested fix:
At line 243 of keyring_udf.cc the length is passed as 

    strlen(args->args[2])

The code should use the length from the lengths value, i.e.

    args->lengths[2]
[22 Mar 2018 11:19] MySQL Verification Team
Hello Norman,

Thank you for the report!

Thanks,
Umesh