Skip to content

Commit

Permalink
fix code style
Browse files Browse the repository at this point in the history
  • Loading branch information
@thamht4190 @ggershinsky
thamht4190 authored and ggershinsky committed May 28, 2019
1 parent 9fa9ef6 commit 6c599e9
Show file tree
Hide file tree
Showing 2 changed files with 97 additions and 103 deletions.
164 changes: 79 additions & 85 deletions cpp/src/parquet/util/crypto.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,6 @@ constexpr int BufferSizeLength = 4;
}

AesEncryptor::AesEncryptor(ParquetCipher::type alg_id, int key_len, bool metadata) {

ctx_ = nullptr;

if (ParquetCipher::AES_GCM_V1 != alg_id && ParquetCipher::AES_GCM_CTR_V1 != alg_id) {
Expand Down Expand Up @@ -96,13 +95,11 @@ AesEncryptor::AesEncryptor(ParquetCipher::type alg_id, int key_len, bool metadat
}
}

int AesEncryptor::CiphertextSizeDelta() {
return ciphertext_size_delta_;
}
int AesEncryptor::CiphertextSizeDelta() { return ciphertext_size_delta_; }

int AesEncryptor::gcm_encrypt(const uint8_t* plaintext, int plaintext_len,
uint8_t* key, int key_len, uint8_t* nonce, uint8_t* aad,
int aad_len, uint8_t* ciphertext) {
int AesEncryptor::gcm_encrypt(const uint8_t* plaintext, int plaintext_len, uint8_t* key,
int key_len, uint8_t* nonce, uint8_t* aad, int aad_len,
uint8_t* ciphertext) {
int len;
int ciphertext_len;

Expand All @@ -115,21 +112,21 @@ int AesEncryptor::gcm_encrypt(const uint8_t* plaintext, int plaintext_len,
}

// Setting additional authenticated data
if ((nullptr != aad) &&
(1 != EVP_EncryptUpdate(ctx_, nullptr, &len, aad, aad_len))) {
if ((nullptr != aad) && (1 != EVP_EncryptUpdate(ctx_, nullptr, &len, aad, aad_len))) {
throw ParquetException("Couldn't set AAD");
}

// Encryption
if (1 != EVP_EncryptUpdate(ctx_, ciphertext + BufferSizeLength + NonceLength,
&len, plaintext, plaintext_len)) {
if (1 != EVP_EncryptUpdate(ctx_, ciphertext + BufferSizeLength + NonceLength, &len,
plaintext, plaintext_len)) {
throw ParquetException("Failed encryption update");
}

ciphertext_len = len;

// Finalization
if (1 != EVP_EncryptFinal_ex(ctx_, ciphertext + BufferSizeLength + NonceLength + len, &len)) {
if (1 != EVP_EncryptFinal_ex(ctx_, ciphertext + BufferSizeLength + NonceLength + len,
&len)) {
throw ParquetException("Failed encryption finalization");
}

Expand All @@ -147,20 +144,20 @@ int AesEncryptor::gcm_encrypt(const uint8_t* plaintext, int plaintext_len,
ciphertext[1] = (uint8_t)(0xff & (bufferSize >> 8));
ciphertext[0] = (uint8_t)(0xff & (bufferSize));
std::copy(nonce, nonce + NonceLength, ciphertext + BufferSizeLength);
std::copy(tag, tag + GCMTagLength, ciphertext + BufferSizeLength + NonceLength + ciphertext_len);
std::copy(tag, tag + GCMTagLength,
ciphertext + BufferSizeLength + NonceLength + ciphertext_len);

return BufferSizeLength + bufferSize;
}


int AesEncryptor::ctr_encrypt(const uint8_t* plaintext, int plaintext_len,
uint8_t* key, int key_len, uint8_t* nonce,
uint8_t* ciphertext) {
int AesEncryptor::ctr_encrypt(const uint8_t* plaintext, int plaintext_len, uint8_t* key,
int key_len, uint8_t* nonce, uint8_t* ciphertext) {
int len;
int ciphertext_len;

// Parquet CTR IVs are comprised of a 12-byte nonce and a 4-byte initial counter field.
// The first 31 bits of the initial counter field are set to 0, the last bit is set to 1.
// Parquet CTR IVs are comprised of a 12-byte nonce and a 4-byte initial counter field.
// The first 31 bits of the initial counter field are set to 0, the last bit is set
// to 1.
uint8_t iv[CTRIvLength];
memset(iv, 0, CTRIvLength);
std::copy(nonce, nonce + NonceLength, iv);
Expand All @@ -172,15 +169,16 @@ int AesEncryptor::ctr_encrypt(const uint8_t* plaintext, int plaintext_len,
}

// Encryption
if (1 != EVP_EncryptUpdate(ctx_, ciphertext + BufferSizeLength + CTRIvLength, &len, plaintext,
plaintext_len)) {
if (1 != EVP_EncryptUpdate(ctx_, ciphertext + BufferSizeLength + CTRIvLength, &len,
plaintext, plaintext_len)) {
throw ParquetException("Failed encryption update");
}

ciphertext_len = len;

// Finalization
if (1 != EVP_EncryptFinal_ex(ctx_, ciphertext + BufferSizeLength + CTRIvLength + len, &len)) {
if (1 != EVP_EncryptFinal_ex(ctx_, ciphertext + BufferSizeLength + CTRIvLength + len,
&len)) {
throw ParquetException("Failed encryption finalization");
}

Expand All @@ -197,10 +195,9 @@ int AesEncryptor::ctr_encrypt(const uint8_t* plaintext, int plaintext_len,
return BufferSizeLength + bufferSize;
}

int AesEncryptor::SignedFooterEncrypt(const uint8_t* footer, int footer_len,
uint8_t* key, int key_len, uint8_t* aad, int aad_len,
uint8_t* nonce, uint8_t* encrypted_footer) {

int AesEncryptor::SignedFooterEncrypt(const uint8_t* footer, int footer_len, uint8_t* key,
int key_len, uint8_t* aad, int aad_len,
uint8_t* nonce, uint8_t* encrypted_footer) {
if (key_length_ != key_len) {
std::stringstream ss;
ss << "Wrong key length " << key_len << ". Should be " << key_length_;
Expand All @@ -211,12 +208,12 @@ int AesEncryptor::SignedFooterEncrypt(const uint8_t* footer, int footer_len,
throw ParquetException("Must use AES GCM (metadata) encryptor");
}

return gcm_encrypt(footer, footer_len, key, key_len, nonce, aad, aad_len, encrypted_footer);
return gcm_encrypt(footer, footer_len, key, key_len, nonce, aad, aad_len,
encrypted_footer);
}

int AesEncryptor::Encrypt(const uint8_t* plaintext, int plaintext_len, uint8_t* key, int key_len,
uint8_t* aad, int aad_len, uint8_t* ciphertext) {

int AesEncryptor::Encrypt(const uint8_t* plaintext, int plaintext_len, uint8_t* key,
int key_len, uint8_t* aad, int aad_len, uint8_t* ciphertext) {
if (key_length_ != key_len) {
std::stringstream ss;
ss << "Wrong key length " << key_len << ". Should be " << key_length_;
Expand All @@ -229,15 +226,14 @@ int AesEncryptor::Encrypt(const uint8_t* plaintext, int plaintext_len, uint8_t*
RAND_bytes(nonce, sizeof(nonce));

if (GCM_MODE == aes_mode_) {
return gcm_encrypt(plaintext, plaintext_len, key, key_len, nonce,
aad, aad_len, ciphertext);
return gcm_encrypt(plaintext, plaintext_len, key, key_len, nonce, aad, aad_len,
ciphertext);
}

return ctr_encrypt(plaintext, plaintext_len, key, key_len, nonce, ciphertext);
}

AesDecryptor::AesDecryptor(ParquetCipher::type alg_id, int key_len, bool metadata) {

ctx_ = nullptr;

if (ParquetCipher::AES_GCM_V1 != alg_id && ParquetCipher::AES_GCM_CTR_V1 != alg_id) {
Expand All @@ -251,7 +247,7 @@ AesDecryptor::AesDecryptor(ParquetCipher::type alg_id, int key_len, bool metadat
aes_mode_ = GCM_MODE;
ciphertext_size_delta_ += GCMTagLength;
} else {
aes_mode_ = CTR_MODE;
aes_mode_ = CTR_MODE;
}

if (16 != key_len && 24 != key_len && 32 != key_len) {
Expand Down Expand Up @@ -288,12 +284,10 @@ AesDecryptor::AesDecryptor(ParquetCipher::type alg_id, int key_len, bool metadat
}
}

int AesDecryptor::CiphertextSizeDelta() {
return ciphertext_size_delta_;
}
int AesDecryptor::CiphertextSizeDelta() { return ciphertext_size_delta_; }

int AesDecryptor::gcm_decrypt(const uint8_t* ciphertext, int ciphertext_len,
uint8_t* key, int key_len, uint8_t* aad, int aad_len,
int AesDecryptor::gcm_decrypt(const uint8_t* ciphertext, int ciphertext_len, uint8_t* key,
int key_len, uint8_t* aad, int aad_len,
uint8_t* plaintext) {
int len;
int plaintext_len;
Expand All @@ -302,38 +296,37 @@ int AesDecryptor::gcm_decrypt(const uint8_t* ciphertext, int ciphertext_len,
memset(tag, 0, GCMTagLength);
uint8_t nonce[NonceLength];
memset(nonce, 0, NonceLength);

// Extract ciphertext length
int written_ciphertext_len =
((ciphertext[3] & 0xff) << 24) |
((ciphertext[2] & 0xff) << 16) |
((ciphertext[1] & 0xff) << 8) |
((ciphertext[0] & 0xff));

if (ciphertext_len > 0 && ciphertext_len != (written_ciphertext_len + BufferSizeLength)) {
int written_ciphertext_len = ((ciphertext[3] & 0xff) << 24) |
((ciphertext[2] & 0xff) << 16) |
((ciphertext[1] & 0xff) << 8) | ((ciphertext[0] & 0xff));

if (ciphertext_len > 0 &&
ciphertext_len != (written_ciphertext_len + BufferSizeLength)) {
throw ParquetException("Wrong ciphertext length");
}
ciphertext_len = written_ciphertext_len + BufferSizeLength;

// Extracting IV and tag
std::copy(ciphertext + BufferSizeLength, ciphertext + BufferSizeLength + NonceLength, nonce);
std::copy(ciphertext + BufferSizeLength, ciphertext + BufferSizeLength + NonceLength,
nonce);
std::copy(ciphertext + ciphertext_len - GCMTagLength, ciphertext + ciphertext_len, tag);


// Setting key and IV
if (1 != EVP_DecryptInit_ex(ctx_, nullptr, nullptr, key, nonce)) {
throw ParquetException("Couldn't set key and IV");
}

// Setting additional authenticated data
if ((nullptr != aad) &&
(1 != EVP_DecryptUpdate(ctx_, nullptr, &len, aad, aad_len))) {
if ((nullptr != aad) && (1 != EVP_DecryptUpdate(ctx_, nullptr, &len, aad, aad_len))) {
throw ParquetException("Couldn't set AAD");
}

// Decryption
if (!EVP_DecryptUpdate(ctx_, plaintext, &len, ciphertext + BufferSizeLength + NonceLength,
ciphertext_len - BufferSizeLength - NonceLength - GCMTagLength)) {
if (!EVP_DecryptUpdate(
ctx_, plaintext, &len, ciphertext + BufferSizeLength + NonceLength,
ciphertext_len - BufferSizeLength - NonceLength - GCMTagLength)) {
throw ParquetException("Failed decryption update");
}

Expand All @@ -353,40 +346,41 @@ int AesDecryptor::gcm_decrypt(const uint8_t* ciphertext, int ciphertext_len,
return plaintext_len;
}

int AesDecryptor::ctr_decrypt(const uint8_t* ciphertext, int ciphertext_len,
uint8_t* key, int key_len, uint8_t* plaintext) {
int AesDecryptor::ctr_decrypt(const uint8_t* ciphertext, int ciphertext_len, uint8_t* key,
int key_len, uint8_t* plaintext) {
int len;
int plaintext_len;

uint8_t iv[CTRIvLength];
memset(iv, 0, CTRIvLength);

// Extract ciphertext length
int written_ciphertext_len =
((ciphertext[3] & 0xff) << 24) |
((ciphertext[2] & 0xff) << 16) |
((ciphertext[1] & 0xff) << 8) |
((ciphertext[0] & 0xff));

if (ciphertext_len > 0 && ciphertext_len != (written_ciphertext_len + BufferSizeLength)) {
int written_ciphertext_len = ((ciphertext[3] & 0xff) << 24) |
((ciphertext[2] & 0xff) << 16) |
((ciphertext[1] & 0xff) << 8) | ((ciphertext[0] & 0xff));

if (ciphertext_len > 0 &&
ciphertext_len != (written_ciphertext_len + BufferSizeLength)) {
throw ParquetException("Wrong ciphertext length");
}
ciphertext_len = written_ciphertext_len;

// Extracting nonce
std::copy(ciphertext + BufferSizeLength, ciphertext + BufferSizeLength + NonceLength, iv);
// Parquet CTR IVs are comprised of a 12-byte nonce and a 4-byte initial counter field.
// The first 31 bits of the initial counter field are set to 0, the last bit is set to 1.
std::copy(ciphertext + BufferSizeLength, ciphertext + BufferSizeLength + NonceLength,
iv);
// Parquet CTR IVs are comprised of a 12-byte nonce and a 4-byte initial counter field.
// The first 31 bits of the initial counter field are set to 0, the last bit is set
// to 1.
iv[CTRIvLength - 1] = 1;


// Setting key and IV
if (1 != EVP_DecryptInit_ex(ctx_, nullptr, nullptr, key, iv)) {
throw ParquetException("Couldn't set key and IV");
}

// Decryption
if (!EVP_DecryptUpdate(ctx_, plaintext, &len, ciphertext + BufferSizeLength + CTRIvLength,
if (!EVP_DecryptUpdate(ctx_, plaintext, &len,
ciphertext + BufferSizeLength + CTRIvLength,
ciphertext_len - CTRIvLength)) {
throw ParquetException("Failed decryption update");
}
Expand All @@ -402,10 +396,8 @@ int AesDecryptor::ctr_decrypt(const uint8_t* ciphertext, int ciphertext_len,
return plaintext_len;
}

int AesDecryptor::Decrypt(const uint8_t* ciphertext, int ciphertext_len,
uint8_t* key, int key_len, uint8_t* aad, int aad_len,
uint8_t* plaintext) {

int AesDecryptor::Decrypt(const uint8_t* ciphertext, int ciphertext_len, uint8_t* key,
int key_len, uint8_t* aad, int aad_len, uint8_t* plaintext) {
if (key_length_ != key_len) {
std::stringstream ss;
ss << "Wrong key length " << key_len << ". Should be " << key_length_;
Expand All @@ -425,44 +417,46 @@ static std::string shortToBytesLE(int16_t input) {
memset(output, 0, 2);
output[1] = (int8_t)(0xff & (input >> 8));
output[0] = (int8_t)(0xff & (input));
std::string output_str(reinterpret_cast<char const*>(output), 2) ;
std::string output_str(reinterpret_cast<char const*>(output), 2);

return output_str;
}

std::string createModuleAAD(const std::string& fileAAD, int8_t module_type,
int16_t row_group_ordinal, int16_t column_ordinal,
int16_t page_ordinal) {

int16_t row_group_ordinal, int16_t column_ordinal,
int16_t page_ordinal) {
int8_t type_ordinal_bytes[1];
type_ordinal_bytes[0] = module_type;
std::string type_ordinal_bytes_str(reinterpret_cast<char const*>(type_ordinal_bytes), 1) ;
std::string type_ordinal_bytes_str(reinterpret_cast<char const*>(type_ordinal_bytes),
1);
if (Footer == module_type) {
std::string result = fileAAD + type_ordinal_bytes_str;
return result;
}
std::string row_group_ordinal_bytes = shortToBytesLE(row_group_ordinal);
std::string column_ordinal_bytes = shortToBytesLE(column_ordinal);
if (DataPage != module_type && DataPageHeader != module_type) {
std::string result = fileAAD + type_ordinal_bytes_str + row_group_ordinal_bytes
+ column_ordinal_bytes;
std::string result =
fileAAD + type_ordinal_bytes_str + row_group_ordinal_bytes + column_ordinal_bytes;
return result;
}
std::string page_ordinal_bytes = shortToBytesLE(page_ordinal);
std::string result = fileAAD + type_ordinal_bytes_str + row_group_ordinal_bytes
+ column_ordinal_bytes + page_ordinal_bytes;;
std::string result = fileAAD + type_ordinal_bytes_str + row_group_ordinal_bytes +
column_ordinal_bytes + page_ordinal_bytes;
return result;
}

std::string createFooterAAD(const std::string& aad_prefix_bytes) {
return createModuleAAD(aad_prefix_bytes, Footer, (int16_t) -1, (int16_t) -1, (int16_t) -1);
return createModuleAAD(aad_prefix_bytes, Footer, (int16_t)-1, (int16_t)-1, (int16_t)-1);
}

// Update last two bytes with new page ordinal (instead of creating new page AAD from scratch)
void quickUpdatePageAAD(const std::string &AAD, int16_t new_page_ordinal) {
// Update last two bytes with new page ordinal (instead of creating new page AAD from
// scratch)
void quickUpdatePageAAD(const std::string& AAD, int16_t new_page_ordinal) {
std::string page_ordinal_bytes = shortToBytesLE(new_page_ordinal);
int length = (int)AAD.size();
std::memcpy((int16_t*)(AAD.c_str()+length-2), (int16_t*)(page_ordinal_bytes.c_str()), 2);
std::memcpy((int16_t*)(AAD.c_str() + length - 2),
(int16_t*)(page_ordinal_bytes.c_str()), 2);
}

} // namespace parquet_encryption
Loading

0 comments on commit 6c599e9

Please sign in to comment.