diff --git a/be/src/aes/my_aes.cpp b/be/src/aes/my_aes.cpp deleted file mode 100644 index 186bd6ab039beb..00000000000000 --- a/be/src/aes/my_aes.cpp +++ /dev/null @@ -1,58 +0,0 @@ - -// Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved. -// -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program; if not, write to the Free Software -// Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - -#include "my_aes.h" -#include "my_aes_impl.h" -#include - -/** - Transforms an arbitrary long key into a fixed length AES key - - AES keys are of fixed length. This routine takes an arbitrary long key - iterates over it in AES key length increment and XORs the bytes with the - AES key buffer being prepared. - The bytes from the last incomplete iteration are XORed to the start - of the key until their depletion. - Needed since crypto function routines expect a fixed length key. - - @param key [in] Key to use for real key creation - @param key_length [in] Length of the key - @param rkey [out] Real key (used by OpenSSL/YaSSL) - @param opmode [out] encryption mode -*/ -namespace doris { -void my_aes_create_key(const unsigned char *key, uint key_length, - uint8 *rkey, enum my_aes_opmode opmode) -{ - const uint key_size= my_aes_opmode_key_sizes[opmode] / 8; - uint8 *rkey_end; /* Real key boundary */ - uint8 *ptr; /* Start of the real key*/ - uint8 *sptr; /* Start of the working key */ - uint8 *key_end= ((uint8 *)key) + key_length; /* Working key boundary*/ - - rkey_end= rkey + key_size; - - memset(rkey, 0, key_size); /* Set initial key */ - - for (ptr= rkey, sptr= (uint8 *)key; sptr < key_end; ptr++, sptr++) - { - if (ptr == rkey_end) - /* Just loop over tmp_key until we used all key */ - ptr= rkey; - *ptr^= *sptr; - } -} -} diff --git a/be/src/aes/my_aes.h b/be/src/aes/my_aes.h deleted file mode 100644 index e3661052beefa0..00000000000000 --- a/be/src/aes/my_aes.h +++ /dev/null @@ -1,139 +0,0 @@ -// Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved. -// -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program; if not, write to the Free Software -// Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - -#ifndef MY_AES_INCLUDED -#define MY_AES_INCLUDED - -/* Header file for my_aes.c */ -/* Wrapper to give simple interface for MySQL to AES standard encryption */ - -//C_MODE_START -#include - -/** AES IV size is 16 bytes for all supported ciphers except ECB */ -#define MY_AES_IV_SIZE 16 - -/** AES block size is fixed to be 128 bits for CBC and ECB */ -#define MY_AES_BLOCK_SIZE 16 -typedef uint32_t uint32; -typedef bool my_bool; -typedef uint32_t uint; - - -/** Supported AES cipher/block mode combos */ -enum my_aes_opmode -{ - my_aes_128_ecb, - my_aes_192_ecb, - my_aes_256_ecb, - my_aes_128_cbc, - my_aes_192_cbc, - my_aes_256_cbc -#ifndef HAVE_YASSL - ,my_aes_128_cfb1, - my_aes_192_cfb1, - my_aes_256_cfb1, - my_aes_128_cfb8, - my_aes_192_cfb8, - my_aes_256_cfb8, - my_aes_128_cfb128, - my_aes_192_cfb128, - my_aes_256_cfb128, - my_aes_128_ofb, - my_aes_192_ofb, - my_aes_256_ofb -#endif -}; - -#define MY_AES_BEGIN my_aes_128_ecb -#ifdef HAVE_YASSL -#define MY_AES_END my_aes_256_cbc -#else -#define MY_AES_END my_aes_256_ofb -#endif - -/* If bad data discovered during decoding */ -#define MY_AES_BAD_DATA -1 - -/** String representations of the supported AES modes. Keep in sync with my_aes_opmode */ -extern const char *my_aes_opmode_names[]; -namespace doris { -/** - Encrypt a buffer using AES - - @param source [in] Pointer to data for encryption - @param source_length [in] Size of encryption data - @param dest [out] Buffer to place encrypted data (must be large enough) - @param key [in] Key to be used for encryption - @param key_length [in] Length of the key. Will handle keys of any length - @param mode [in] encryption mode - @param iv [in] 16 bytes initialization vector if needed. Otherwise NULL - @param padding [in] if padding needed. - @return size of encrypted data, or negative in case of error -*/ - -int my_aes_encrypt(const unsigned char *source, uint32 source_length, - unsigned char *dest, - const unsigned char *key, uint32 key_length, - enum my_aes_opmode mode, const unsigned char *iv, - bool padding = true); - -/** - Decrypt an AES encrypted buffer - - @param source Pointer to data for decryption - @param source_length size of encrypted data - @param dest buffer to place decrypted data (must be large enough) - @param key Key to be used for decryption - @param key_length Length of the key. Will handle keys of any length - @param mode encryption mode - @param iv 16 bytes initialization vector if needed. Otherwise NULL - @param padding if padding needed. - @return size of original data. -*/ - - -int my_aes_decrypt(const unsigned char *source, uint32 source_length, - unsigned char *dest, - const unsigned char *key, uint32 key_length, - enum my_aes_opmode mode, const unsigned char *iv, - bool padding = true); - -/** - Calculate the size of a buffer large enough for encrypted data - - @param source_length length of data to be encrypted - @param mode encryption mode - @return size of buffer required to store encrypted data -*/ - -int my_aes_get_size(uint32 source_length, enum my_aes_opmode mode); - -/** - Return true if the AES cipher and block mode requires an IV - - SYNOPSIS - my_aes_needs_iv() - @param mode encryption mode - - @retval TRUE IV needed - @retval FALSE IV not needed -*/ - -my_bool my_aes_needs_iv(my_aes_opmode opmode); -} -//C_MODE_END - -#endif /* MY_AES_INCLUDED */ diff --git a/be/src/aes/my_aes_impl.h b/be/src/aes/my_aes_impl.h deleted file mode 100644 index 1b63674d6ebf47..00000000000000 --- a/be/src/aes/my_aes_impl.h +++ /dev/null @@ -1,37 +0,0 @@ -// Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved. -// -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program; if not, write to the Free Software -// Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - -#ifndef DORIS_BE_EXPRS_MY_AES_IMPL_H -#define DORIS_BE_EXPRS_MY_AES_IMPL_H - -/** Maximum supported key kength */ -const int MAX_AES_KEY_LENGTH = 256; - -/* TODO: remove in a future version */ -/* Guard against using an old export control restriction #define */ -#ifdef AES_USE_KEY_BITS -#error AES_USE_KEY_BITS not supported -#endif -typedef uint32_t uint; -typedef uint8_t uint8; - -namespace doris { - -extern uint *my_aes_opmode_key_sizes; -void my_aes_create_key(const unsigned char *key, uint key_length, - uint8 *rkey, enum my_aes_opmode opmode); -} - -#endif diff --git a/be/src/aes/my_aes_openssl.cpp b/be/src/aes/my_aes_openssl.cpp deleted file mode 100644 index a0f1fde9c5dd91..00000000000000 --- a/be/src/aes/my_aes_openssl.cpp +++ /dev/null @@ -1,216 +0,0 @@ -// Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved. -// -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program; if not, write to the Free Software -// Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - -#include "my_aes.h" -#include "my_aes_impl.h" -#include -#include - -#include -#include -#include - -#define DBUG_ASSERT(A) assert(A) -#define TRUE true -#define FALSE false -namespace doris { -/* keep in sync with enum my_aes_opmode in my_aes.h */ -const char *my_aes_opmode_names[]= -{ - "aes-128-ecb", - "aes-192-ecb", - "aes-256-ecb", - "aes-128-cbc", - "aes-192-cbc", - "aes-256-cbc", - "aes-128-cfb1", - "aes-192-cfb1", - "aes-256-cfb1", - "aes-128-cfb8", - "aes-192-cfb8", - "aes-256-cfb8", - "aes-128-cfb128", - "aes-192-cfb128", - "aes-256-cfb128", - "aes-128-ofb", - "aes-192-ofb", - "aes-256-ofb", - NULL /* needed for the type enumeration */ -}; - - -/* keep in sync with enum my_aes_opmode in my_aes.h */ -static uint my_aes_opmode_key_sizes_impl[]= -{ - 128 /* aes-128-ecb */, - 192 /* aes-192-ecb */, - 256 /* aes-256-ecb */, - 128 /* aes-128-cbc */, - 192 /* aes-192-cbc */, - 256 /* aes-256-cbc */, - 128 /* aes-128-cfb1 */, - 192 /* aes-192-cfb1 */, - 256 /* aes-256-cfb1 */, - 128 /* aes-128-cfb8 */, - 192 /* aes-192-cfb8 */, - 256 /* aes-256-cfb8 */, - 128 /* aes-128-cfb128 */, - 192 /* aes-192-cfb128 */, - 256 /* aes-256-cfb128 */, - 128 /* aes-128-ofb */, - 192 /* aes-192-ofb */, - 256 /* aes-256-ofb */ -}; - -uint *my_aes_opmode_key_sizes= my_aes_opmode_key_sizes_impl; - - - -static const EVP_CIPHER * -aes_evp_type(const my_aes_opmode mode) -{ - switch (mode) - { - case my_aes_128_ecb: return EVP_aes_128_ecb(); - case my_aes_128_cbc: return EVP_aes_128_cbc(); - case my_aes_128_cfb1: return EVP_aes_128_cfb1(); - case my_aes_128_cfb8: return EVP_aes_128_cfb8(); - case my_aes_128_cfb128: return EVP_aes_128_cfb128(); - case my_aes_128_ofb: return EVP_aes_128_ofb(); - case my_aes_192_ecb: return EVP_aes_192_ecb(); - case my_aes_192_cbc: return EVP_aes_192_cbc(); - case my_aes_192_cfb1: return EVP_aes_192_cfb1(); - case my_aes_192_cfb8: return EVP_aes_192_cfb8(); - case my_aes_192_cfb128: return EVP_aes_192_cfb128(); - case my_aes_192_ofb: return EVP_aes_192_ofb(); - case my_aes_256_ecb: return EVP_aes_256_ecb(); - case my_aes_256_cbc: return EVP_aes_256_cbc(); - case my_aes_256_cfb1: return EVP_aes_256_cfb1(); - case my_aes_256_cfb8: return EVP_aes_256_cfb8(); - case my_aes_256_cfb128: return EVP_aes_256_cfb128(); - case my_aes_256_ofb: return EVP_aes_256_ofb(); - default: return NULL; - } -} - - -int my_aes_encrypt(const unsigned char *source, uint32 source_length, - unsigned char *dest, - const unsigned char *key, uint32 key_length, - enum my_aes_opmode mode, const unsigned char *iv, - bool padding) -{ - EVP_CIPHER_CTX ctx; - const EVP_CIPHER *cipher= aes_evp_type(mode); - int u_len, f_len; - /* The real key to be used for encryption */ - unsigned char rkey[MAX_AES_KEY_LENGTH / 8]; - my_aes_create_key(key, key_length, rkey, mode); - - if (!cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv)) - return MY_AES_BAD_DATA; - - if (!EVP_EncryptInit(&ctx, cipher, rkey, iv)) - goto aes_error; /* Error */ - if (!EVP_CIPHER_CTX_set_padding(&ctx, padding)) - goto aes_error; /* Error */ - if (!EVP_EncryptUpdate(&ctx, dest, &u_len, source, source_length)) - goto aes_error; /* Error */ - - if (!EVP_EncryptFinal(&ctx, dest + u_len, &f_len)) - goto aes_error; /* Error */ - - EVP_CIPHER_CTX_cleanup(&ctx); - return u_len + f_len; - -aes_error: - /* need to explicitly clean up the error if we want to ignore it */ - ERR_clear_error(); - EVP_CIPHER_CTX_cleanup(&ctx); - return MY_AES_BAD_DATA; -} - -int my_aes_decrypt(const unsigned char *source, uint32 source_length, - unsigned char *dest, - const unsigned char *key, uint32 key_length, - enum my_aes_opmode mode, const unsigned char *iv, - bool padding) -{ - - EVP_CIPHER_CTX ctx; - const EVP_CIPHER *cipher= aes_evp_type(mode); - int u_len, f_len; - - /* The real key to be used for decryption */ - unsigned char rkey[MAX_AES_KEY_LENGTH / 8]; - - my_aes_create_key(key, key_length, rkey, mode); - if (!cipher || (EVP_CIPHER_iv_length(cipher) > 0 && !iv)) - return MY_AES_BAD_DATA; - - EVP_CIPHER_CTX_init(&ctx); - - if (!EVP_DecryptInit(&ctx, aes_evp_type(mode), rkey, iv)) - goto aes_error; /* Error */ - if (!EVP_CIPHER_CTX_set_padding(&ctx, padding)) - goto aes_error; /* Error */ - if (!EVP_DecryptUpdate(&ctx, dest, &u_len, source, source_length)) - goto aes_error; /* Error */ - if (!EVP_DecryptFinal_ex(&ctx, dest + u_len, &f_len)) - goto aes_error; /* Error */ - - EVP_CIPHER_CTX_cleanup(&ctx); - return u_len + f_len; - -aes_error: - /* need to explicitly clean up the error if we want to ignore it */ - ERR_clear_error(); - EVP_CIPHER_CTX_cleanup(&ctx); - return MY_AES_BAD_DATA; -} - -int my_aes_get_size(uint32 source_length, my_aes_opmode opmode) -{ - const EVP_CIPHER *cipher= aes_evp_type(opmode); - size_t block_size; - - block_size= EVP_CIPHER_block_size(cipher); - - return block_size > 1 ? - block_size * (source_length / block_size) + block_size : - source_length; -} - -/** - Return true if the AES cipher and block mode requires an IV - - SYNOPSIS - my_aes_needs_iv() - @param mode encryption mode - - @retval TRUE IV needed - @retval FALSE IV not needed -*/ - -my_bool my_aes_needs_iv(my_aes_opmode opmode) -{ - const EVP_CIPHER *cipher= aes_evp_type(opmode); - int iv_length; - - iv_length= EVP_CIPHER_iv_length(cipher); - DBUG_ASSERT(iv_length == 0 || iv_length == MY_AES_IV_SIZE); - return iv_length != 0 ? TRUE : FALSE; -} -} diff --git a/be/src/util/aes_util.cpp b/be/src/util/aes_util.cpp index a43e851541b9a1..9c5b67b739cbe1 100644 --- a/be/src/util/aes_util.cpp +++ b/be/src/util/aes_util.cpp @@ -27,7 +27,7 @@ #include "exprs/base64.h" -namespace palo { +namespace doris { static const int AES_MAX_KEY_LENGTH = 256; diff --git a/be/src/util/aes_util.h b/be/src/util/aes_util.h index 5659e0acd4f2f1..b5f318e25eceb9 100644 --- a/be/src/util/aes_util.h +++ b/be/src/util/aes_util.h @@ -17,7 +17,7 @@ #include -namespace palo { +namespace doris { enum AesMode { AES_128_ECB, diff --git a/be/test/util/aes_util_test.cpp b/be/test/util/aes_util_test.cpp index 0ac88c4120b54a..46c5deb079db45 100644 --- a/be/test/util/aes_util_test.cpp +++ b/be/test/util/aes_util_test.cpp @@ -23,7 +23,7 @@ #include "exprs/base64.h" -namespace palo { +namespace doris { class AesUtilTest : public testing::Test { public: