You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@doris.apache.org by GitBox <gi...@apache.org> on 2018/11/02 09:05:50 UTC
[GitHub] imay closed pull request #277: Remove my aes
imay closed pull request #277: Remove my aes
URL: https://github.com/apache/incubator-doris/pull/277
This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:
As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):
diff --git a/be/src/aes/my_aes.cpp b/be/src/aes/my_aes.cpp
deleted file mode 100644
index 186bd6ab..00000000
--- a/be/src/aes/my_aes.cpp
+++ /dev/null
@@ -1,58 +0,0 @@
-
-// Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
-//
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License
-// along with this program; if not, write to the Free Software
-// Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
-
-#include "my_aes.h"
-#include "my_aes_impl.h"
-#include <cstring>
-
-/**
- Transforms an arbitrary long key into a fixed length AES key
-
- AES keys are of fixed length. This routine takes an arbitrary long key
- iterates over it in AES key length increment and XORs the bytes with the
- AES key buffer being prepared.
- The bytes from the last incomplete iteration are XORed to the start
- of the key until their depletion.
- Needed since crypto function routines expect a fixed length key.
-
- @param key [in] Key to use for real key creation
- @param key_length [in] Length of the key
- @param rkey [out] Real key (used by OpenSSL/YaSSL)
- @param opmode [out] encryption mode
-*/
-namespace doris {
-void my_aes_create_key(const unsigned char *key, uint key_length,
- uint8 *rkey, enum my_aes_opmode opmode)
-{
- const uint key_size= my_aes_opmode_key_sizes[opmode] / 8;
- uint8 *rkey_end; /* Real key boundary */
- uint8 *ptr; /* Start of the real key*/
- uint8 *sptr; /* Start of the working key */
- uint8 *key_end= ((uint8 *)key) + key_length; /* Working key boundary*/
-
- rkey_end= rkey + key_size;
-
- memset(rkey, 0, key_size); /* Set initial key */
-
- for (ptr= rkey, sptr= (uint8 *)key; sptr < key_end; ptr++, sptr++)
- {
- if (ptr == rkey_end)
- /* Just loop over tmp_key until we used all key */
- ptr= rkey;
- *ptr^= *sptr;
- }
-}
-}
diff --git a/be/src/aes/my_aes.h b/be/src/aes/my_aes.h
deleted file mode 100644
index e3661052..00000000
--- a/be/src/aes/my_aes.h
+++ /dev/null
@@ -1,139 +0,0 @@
-// Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
-//
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License
-// along with this program; if not, write to the Free Software
-// Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
-
-#ifndef MY_AES_INCLUDED
-#define MY_AES_INCLUDED
-
-/* Header file for my_aes.c */
-/* Wrapper to give simple interface for MySQL to AES standard encryption */
-
-//C_MODE_START
-#include <stdint.h>
-
-/** AES IV size is 16 bytes for all supported ciphers except ECB */
-#define MY_AES_IV_SIZE 16
-
-/** AES block size is fixed to be 128 bits for CBC and ECB */
-#define MY_AES_BLOCK_SIZE 16
-typedef uint32_t uint32;
-typedef bool my_bool;
-typedef uint32_t uint;
-
-
-/** Supported AES cipher/block mode combos */
-enum my_aes_opmode
-{
- my_aes_128_ecb,
- my_aes_192_ecb,
- my_aes_256_ecb,
- my_aes_128_cbc,
- my_aes_192_cbc,
- my_aes_256_cbc
-#ifndef HAVE_YASSL
- ,my_aes_128_cfb1,
- my_aes_192_cfb1,
- my_aes_256_cfb1,
- my_aes_128_cfb8,
- my_aes_192_cfb8,
- my_aes_256_cfb8,
- my_aes_128_cfb128,
- my_aes_192_cfb128,
- my_aes_256_cfb128,
- my_aes_128_ofb,
- my_aes_192_ofb,
- my_aes_256_ofb
-#endif
-};
-
-#define MY_AES_BEGIN my_aes_128_ecb
-#ifdef HAVE_YASSL
-#define MY_AES_END my_aes_256_cbc
-#else
-#define MY_AES_END my_aes_256_ofb
-#endif
-
-/* If bad data discovered during decoding */
-#define MY_AES_BAD_DATA -1
-
-/** String representations of the supported AES modes. Keep in sync with my_aes_opmode */
-extern const char *my_aes_opmode_names[];
-namespace doris {
-/**
- Encrypt a buffer using AES
-
- @param source [in] Pointer to data for encryption
- @param source_length [in] Size of encryption data
- @param dest [out] Buffer to place encrypted data (must be large enough)
- @param key [in] Key to be used for encryption
- @param key_length [in] Length of the key. Will handle keys of any length
- @param mode [in] encryption mode
- @param iv [in] 16 bytes initialization vector if needed. Otherwise NULL
- @param padding [in] if padding needed.
- @return size of encrypted data, or negative in case of error
-*/
-
-int my_aes_encrypt(const unsigned char *source, uint32 source_length,
- unsigned char *dest,
- const unsigned char *key, uint32 key_length,
- enum my_aes_opmode mode, const unsigned char *iv,
- bool padding = true);
-
-/**
- Decrypt an AES encrypted buffer
-
- @param source Pointer to data for decryption
- @param source_length size of encrypted data
- @param dest buffer to place decrypted data (must be large enough)
- @param key Key to be used for decryption
- @param key_length Length of the key. Will handle keys of any length
- @param mode encryption mode
- @param iv 16 bytes initialization vector if needed. Otherwise NULL
- @param padding if padding needed.
- @return size of original data.
-*/
-
-
-int my_aes_decrypt(const unsigned char *source, uint32 source_length,
- unsigned char *dest,
- const unsigned char *key, uint32 key_length,
- enum my_aes_opmode mode, const unsigned char *iv,
- bool padding = true);
-
-/**
- Calculate the size of a buffer large enough for encrypted data
-
- @param source_length length of data to be encrypted
- @param mode encryption mode
- @return size of buffer required to store encrypted data
-*/
-
-int my_aes_get_size(uint32 source_length, enum my_aes_opmode mode);
-
-/**
- Return true if the AES cipher and block mode requires an IV
-
- SYNOPSIS
- my_aes_needs_iv()
- @param mode encryption mode
-
- @retval TRUE IV needed
- @retval FALSE IV not needed
-*/
-
-my_bool my_aes_needs_iv(my_aes_opmode opmode);
-}
-//C_MODE_END
-
-#endif /* MY_AES_INCLUDED */
diff --git a/be/src/aes/my_aes_impl.h b/be/src/aes/my_aes_impl.h
deleted file mode 100644
index 1b63674d..00000000
--- a/be/src/aes/my_aes_impl.h
+++ /dev/null
@@ -1,37 +0,0 @@
-// Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
-//
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License
-// along with this program; if not, write to the Free Software
-// Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
-
-#ifndef DORIS_BE_EXPRS_MY_AES_IMPL_H
-#define DORIS_BE_EXPRS_MY_AES_IMPL_H
-
-/** Maximum supported key kength */
-const int MAX_AES_KEY_LENGTH = 256;
-
-/* TODO: remove in a future version */
-/* Guard against using an old export control restriction #define */
-#ifdef AES_USE_KEY_BITS
-#error AES_USE_KEY_BITS not supported
-#endif
-typedef uint32_t uint;
-typedef uint8_t uint8;
-
-namespace doris {
-
-extern uint *my_aes_opmode_key_sizes;
-void my_aes_create_key(const unsigned char *key, uint key_length,
- uint8 *rkey, enum my_aes_opmode opmode);
-}
-
-#endif
diff --git a/be/src/aes/my_aes_openssl.cpp b/be/src/aes/my_aes_openssl.cpp
deleted file mode 100644
index a0f1fde9..00000000
--- a/be/src/aes/my_aes_openssl.cpp
+++ /dev/null
@@ -1,216 +0,0 @@
-// Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
-//
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License
-// along with this program; if not, write to the Free Software
-// Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
-
-#include "my_aes.h"
-#include "my_aes_impl.h"
-#include <string>
-#include <assert.h>
-
-#include <openssl/aes.h>
-#include <openssl/evp.h>
-#include <openssl/err.h>
-
-#define DBUG_ASSERT(A) assert(A)
-#define TRUE true
-#define FALSE false
-namespace doris {
-/* keep in sync with enum my_aes_opmode in my_aes.h */
-const char *my_aes_opmode_names[]=
-{
- "aes-128-ecb",
- "aes-192-ecb",
- "aes-256-ecb",
- "aes-128-cbc",
- "aes-192-cbc",
- "aes-256-cbc",
- "aes-128-cfb1",
- "aes-192-cfb1",
- "aes-256-cfb1",
- "aes-128-cfb8",
- "aes-192-cfb8",
- "aes-256-cfb8",
- "aes-128-cfb128",
- "aes-192-cfb128",
- "aes-256-cfb128",
- "aes-128-ofb",
- "aes-192-ofb",
- "aes-256-ofb",
- NULL /* needed for the type enumeration */
-};
-
-
-/* keep in sync with enum my_aes_opmode in my_aes.h */
-static uint my_aes_opmode_key_sizes_impl[]=
-{
- 128 /* aes-128-ecb */,
- 192 /* aes-192-ecb */,
- 256 /* aes-256-ecb */,
- 128 /* aes-128-cbc */,
- 192 /* aes-192-cbc */,
- 256 /* aes-256-cbc */,
- 128 /* aes-128-cfb1 */,
- 192 /* aes-192-cfb1 */,
- 256 /* aes-256-cfb1 */,
- 128 /* aes-128-cfb8 */,
- 192 /* aes-192-cfb8 */,
- 256 /* aes-256-cfb8 */,
- 128 /* aes-128-cfb128 */,
- 192 /* aes-192-cfb128 */,
- 256 /* aes-256-cfb128 */,
- 128 /* aes-128-ofb */,
- 192 /* aes-192-ofb */,
- 256 /* aes-256-ofb */
-};
-
-uint *my_aes_opmode_key_sizes= my_aes_opmode_key_sizes_impl;
-
-
-
-static const EVP_CIPHER *
-aes_evp_type(const my_aes_opmode mode)
-{
- switch (mode)
- {
- case my_aes_128_ecb: return EVP_aes_128_ecb();
- case my_aes_128_cbc: return EVP_aes_128_cbc();
- case my_aes_128_cfb1: return EVP_aes_128_cfb1();
- case my_aes_128_cfb8: return EVP_aes_128_cfb8();
- case my_aes_128_cfb128: return EVP_aes_128_cfb128();
- case my_aes_128_ofb: return EVP_aes_128_ofb();
- case my_aes_192_ecb: return EVP_aes_192_ecb();
- case my_aes_192_cbc: return EVP_aes_192_cbc();
- case my_aes_192_cfb1: return EVP_aes_192_cfb1();
- case my_aes_192_cfb8: return EVP_aes_192_cfb8();
- case my_aes_192_cfb128: return EVP_aes_192_cfb128();
- case my_aes_192_ofb: return EVP_aes_192_ofb();
- case my_aes_256_ecb: return EVP_aes_256_ecb();
- case my_aes_256_cbc: return EVP_aes_256_cbc();
- case my_aes_256_cfb1: return EVP_aes_256_cfb1();
- case my_aes_256_cfb8: return EVP_aes_256_cfb8();
- case my_aes_256_cfb128: return EVP_aes_256_cfb128();
- case my_aes_256_ofb: return EVP_aes_256_ofb();
- default: return NULL;
- }
-}
-
-
-int my_aes_encrypt(const unsigned char *source, uint32 source_length,
- unsigned char *dest,
- const unsigned char *key, uint32 key_length,
- enum my_aes_opmode mode, const unsigned char *iv,
- bool padding)
-{
- EVP_CIPHER_CTX ctx;
- const EVP_CIPHER *cipher= aes_evp_type(mode);
- int u_len, f_len;
- /* The real key to be used for encryption */
- unsigned char rkey[MAX_AES_KEY_LENGTH / 8];
- my_aes_create_key(key, key_length, rkey, mode);
-
- if (!cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv))
- return MY_AES_BAD_DATA;
-
- if (!EVP_EncryptInit(&ctx, cipher, rkey, iv))
- goto aes_error; /* Error */
- if (!EVP_CIPHER_CTX_set_padding(&ctx, padding))
- goto aes_error; /* Error */
- if (!EVP_EncryptUpdate(&ctx, dest, &u_len, source, source_length))
- goto aes_error; /* Error */
-
- if (!EVP_EncryptFinal(&ctx, dest + u_len, &f_len))
- goto aes_error; /* Error */
-
- EVP_CIPHER_CTX_cleanup(&ctx);
- return u_len + f_len;
-
-aes_error:
- /* need to explicitly clean up the error if we want to ignore it */
- ERR_clear_error();
- EVP_CIPHER_CTX_cleanup(&ctx);
- return MY_AES_BAD_DATA;
-}
-
-int my_aes_decrypt(const unsigned char *source, uint32 source_length,
- unsigned char *dest,
- const unsigned char *key, uint32 key_length,
- enum my_aes_opmode mode, const unsigned char *iv,
- bool padding)
-{
-
- EVP_CIPHER_CTX ctx;
- const EVP_CIPHER *cipher= aes_evp_type(mode);
- int u_len, f_len;
-
- /* The real key to be used for decryption */
- unsigned char rkey[MAX_AES_KEY_LENGTH / 8];
-
- my_aes_create_key(key, key_length, rkey, mode);
- if (!cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv))
- return MY_AES_BAD_DATA;
-
- EVP_CIPHER_CTX_init(&ctx);
-
- if (!EVP_DecryptInit(&ctx, aes_evp_type(mode), rkey, iv))
- goto aes_error; /* Error */
- if (!EVP_CIPHER_CTX_set_padding(&ctx, padding))
- goto aes_error; /* Error */
- if (!EVP_DecryptUpdate(&ctx, dest, &u_len, source, source_length))
- goto aes_error; /* Error */
- if (!EVP_DecryptFinal_ex(&ctx, dest + u_len, &f_len))
- goto aes_error; /* Error */
-
- EVP_CIPHER_CTX_cleanup(&ctx);
- return u_len + f_len;
-
-aes_error:
- /* need to explicitly clean up the error if we want to ignore it */
- ERR_clear_error();
- EVP_CIPHER_CTX_cleanup(&ctx);
- return MY_AES_BAD_DATA;
-}
-
-int my_aes_get_size(uint32 source_length, my_aes_opmode opmode)
-{
- const EVP_CIPHER *cipher= aes_evp_type(opmode);
- size_t block_size;
-
- block_size= EVP_CIPHER_block_size(cipher);
-
- return block_size > 1 ?
- block_size * (source_length / block_size) + block_size :
- source_length;
-}
-
-/**
- Return true if the AES cipher and block mode requires an IV
-
- SYNOPSIS
- my_aes_needs_iv()
- @param mode encryption mode
-
- @retval TRUE IV needed
- @retval FALSE IV not needed
-*/
-
-my_bool my_aes_needs_iv(my_aes_opmode opmode)
-{
- const EVP_CIPHER *cipher= aes_evp_type(opmode);
- int iv_length;
-
- iv_length= EVP_CIPHER_iv_length(cipher);
- DBUG_ASSERT(iv_length == 0 || iv_length == MY_AES_IV_SIZE);
- return iv_length != 0 ? TRUE : FALSE;
-}
-}
diff --git a/be/src/util/aes_util.cpp b/be/src/util/aes_util.cpp
index a43e8515..9c5b67b7 100644
--- a/be/src/util/aes_util.cpp
+++ b/be/src/util/aes_util.cpp
@@ -27,7 +27,7 @@
#include "exprs/base64.h"
-namespace palo {
+namespace doris {
static const int AES_MAX_KEY_LENGTH = 256;
diff --git a/be/src/util/aes_util.h b/be/src/util/aes_util.h
index 5659e0ac..b5f318e2 100644
--- a/be/src/util/aes_util.h
+++ b/be/src/util/aes_util.h
@@ -17,7 +17,7 @@
#include <stdint.h>
-namespace palo {
+namespace doris {
enum AesMode {
AES_128_ECB,
diff --git a/be/test/util/aes_util_test.cpp b/be/test/util/aes_util_test.cpp
index 0ac88c41..46c5deb0 100644
--- a/be/test/util/aes_util_test.cpp
+++ b/be/test/util/aes_util_test.cpp
@@ -23,7 +23,7 @@
#include "exprs/base64.h"
-namespace palo {
+namespace doris {
class AesUtilTest : public testing::Test {
public:
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@doris.apache.org
For additional commands, e-mail: dev-help@doris.apache.org