PARQUET-1301: [C++] Crypto package in parquet-cpp

[ggershinsky]

No description provided.

[jamesclampffer]

Can the definition of encrypt and decrypt be pushed into a .cc file? There's enough going on here that call overhead is negligible and splitting it up will make it easier to read and reduce build times.

[jamesclampffer]

Nit: remove the trailing newline in the exception descriptions to be consistent with other error strings.

[jamesclampffer]

Make these const? Same thing in encrypt.

[jamesclampffer]

Consider initializing this set of variables to something invalid. Makes it a little easier to figure out what's going on when looking at core files.

[jamesclampffer]

Manage ctx with RAII; otherwise any exception after line 63 is going to leak memory.

You could just use a unique_ptr with a custom deleter e.g.

struct EVPContextDeleter {
    void operator()(EVP_CIPHER_CTX *ctx) {
        if(ctx) { // would need to initialize to null in case there's a throw before the init
           EVP_CIPHER_CTX_free(ctx);
        }
    }
};

... stuff ...

std::unique_ptr<EVP_CYPHER_CTX, EVPContextDeleter> ctx;

[thamht4190]

I think that letting tag_len and iv_len be const will be more proper in C++

[thamht4190]

I have a build issue on Windows in types.h (line 93), it recognize OPTIONAL as something else rather than an enum. When I include openssl/*.h files below line 28 (must be included after types.h) in crypto.cc, it works. It seems that there is some macro on openssl related to OPTIONAL. So could you please change the order of include here?

[ggershinsky]

Yup, will do.

[thamht4190]

actually, this line #include "parquet/types.h" is not necessary because the file is included in crypto.h as well. What I really mean is:

#include "parquet/util/crypto.h"

#include <openssl/aes.h>
#include <openssl/evp.h>
#include <openssl/rand.h>

[ggershinsky]

Done.

[majetideepak]

constexpr is more suited here since the values are known at compile time.
Same for the other two below

[majetideepak]

nullptr instead of NULL

[majetideepak]

please use {} even for a single statement if condition.

[majetideepak]

handleError does not need EVP_CIPHER_CTX *ctx argument if we use EvpCipherCtxPtr

[majetideepak]

nullptr

[majetideepak]

using a smart pointer with a custom deleter will simplify freeing resources.
Define the following on top and use EvpCipherCtxPtr ctx(EVP_CIPHER_CTX_new()); everywhere

struct EvpCipherCtxDeleter {
  void operator()(EVP_CIPHER_CTX *ctx) const {
    if (nullptr != ctx) { 
      EVP_CIPHER_CTX_free(ctx);
   }
  }
};
using EvpCipherCtxPtr = std::unique_ptr<EVP_CIPHER_CTX, EvpCipherCtxDeleter>;

[majetideepak]

declare constexpr long max_bytes = 32; on top and then use it here?

[majetideepak]

declare constexpr long max_bytes = 32; on top and then use it here?

[majetideepak]

declare constexpr int key_length = 16; on top and then use it here?

[majetideepak]

use EvpCipherCtxPtr ctx(EVP_CIPHER_CTX_new());

[majetideepak]

is key_len used in the body?

[majetideepak]

I don't see key_len being used in the body

[majetideepak]

use key_length declared above.

[majetideepak]

Travis CI failure has been fixed on master. Can you please rebase?

[wesm]

Made some stylistic comments. clang-format (make format) will fix many of these problems

[wesm]

Order of includes does not follow our style guide

[wesm]

use kFooBarBaz naming style for global const/constexpr

[wesm]

Consistent style for pointers is EVP_CIPHER_CTX* ctx

[wesm]

Can you run clang-format on this file? Will fix a lot of the style issues

[wesm]

Perhaps create a macro like

ENCRYPT_CHECK(EXPR, 1, "AES_GCM_128");

This will help with code verbosity throughout this file

[wesm]

Are these public APIs? If not public should perhaps put them in an internal namespace

[wesm]

Also, can you capitalize the names of these functions to confirm with the Google style guide? Thanks

[wesm]

Why not use simply define a class/struct with a destructor? Why is std::unique_ptr necessary?

[ggershinsky]

Suggested by @majetideepak and @jamesclampffer . Let me know guys which one should I use.

[wesm]

I think this is overly elaborate. Unless you expect to need to transfer ownership of a smart pointer to some other call frame, using RAII with a simple class with a destructor that frees the resource is the simplest solution

[majetideepak]

I usually prefer the std::unique_ptr approach to avoid creating a new class. std::unique_ptr follows the RAII design principle. I am OK with either RAII approaches.

[wesm]

Well the deleter has already created a new class. Which of these do you prefer?

struct EvpCipherCtxDeleter {
  void operator()(EVP_CIPHER_CTX *ctx) const {
    if (nullptr != ctx) {
      EVP_CIPHER_CTX_free(ctx);
   }
  }
};

using EvpCipherCtxPtr = std::unique_ptr<EVP_CIPHER_CTX, EvpCipherCtxDeleter>;

int gcm_encrypt(const uint8_t *plaintext, int plaintext_len,
                   uint8_t *key, int key_len, uint8_t *aad, int aad_len,
                   uint8_t *ciphertext)
{
  int len;
  int ciphertext_len;
  uint8_t tag[gcm_tag_len];
  uint8_t iv[gcm_iv_len];

  // Random IV
  RAND_load_file("/dev/urandom", max_bytes);
  RAND_bytes(iv, sizeof(iv));

  // Init cipher context
  EvpCipherCtxPtr ctx(EVP_CIPHER_CTX_new());
  if(nullptr == ctx.get()) {
    throw ParquetException("Couldn't init cipher context");
  }

  if (16 == key_len) {
    // Init AES-GCM with 128-bit key
    if(1 != EVP_EncryptInit_ex(ctx.get(), EVP_aes_128_gcm(), nullptr, nullptr, nullptr)) {
      throw ParquetException("Couldn't init AES_GCM_128 encryption");
    }
  }
  else if (24 == key_len) {
    // Init AES-GCM with 192-bit key
    if(1 != EVP_EncryptInit_ex(ctx.get(), EVP_aes_192_gcm(), nullptr, nullptr, nullptr)) {
      throw ParquetException("Couldn't init AES_GCM_192 encryption");
    }
  }
  else if (32 == key_len) {
    // Init AES-GCM with 256-bit key
    if(1 != EVP_EncryptInit_ex(ctx.get(), EVP_aes_256_gcm(), nullptr, nullptr, nullptr)) {
      throw ParquetException("Couldn't init AES_GCM_256 encryption");
    }
  }

  // Setting key and IV
  if(1 != EVP_EncryptInit_ex(ctx.get(), nullptr, nullptr, key, iv)) {
    throw ParquetException("Couldn't set key and IV");
  }
  ...

or

class EvpCipher {
 public:
  explicit EvpCipher(int key_len) {
    ctx_ = EVP_CIPHER_CTX_new();
    if(nullptr == ctx_) {
      throw ParquetException("Couldn't init cipher context");
    }

    Init(key_len);
  }

  ~EvpCipher() {
    if (nullptr != ctx_) {
      EVP_CIPHER_CTX_free(ctx_);
   }
  }

  void Init(const key_len) {
    if (16 == key_len) {
      // Init AES-GCM with 128-bit key
      if(1 != EVP_EncryptInit_ex(ctx_, EVP_aes_128_gcm(), nullptr, nullptr, nullptr)) {
        throw ParquetException("Couldn't init AES_GCM_128 encryption");
      }
    }
    else if (24 == key_len) {
      // Init AES-GCM with 192-bit key
      if(1 != EVP_EncryptInit_ex(ctx_, EVP_aes_192_gcm(), nullptr, nullptr, nullptr)) {
        throw ParquetException("Couldn't init AES_GCM_192 encryption");
      }
    }
    else if (32 == key_len) {
      // Init AES-GCM with 256-bit key
      if(1 != EVP_EncryptInit_ex(ctx_, EVP_aes_256_gcm(), nullptr, nullptr, nullptr)) {
        throw ParquetException("Couldn't init AES_GCM_256 encryption");
      }
    }

    // Setting key and IV
    if(1 != EVP_EncryptInit_ex(ctx_, nullptr, nullptr, key, iv)) {
      throw ParquetException("Couldn't set key and IV");
    }
  }

 private:
  EVP_CIPHER_CTX ctx_;
};

int gcm_encrypt(const uint8_t *plaintext, int plaintext_len,
                   uint8_t *key, int key_len, uint8_t *aad, int aad_len,
                   uint8_t *ciphertext)
{
  int len;
  int ciphertext_len;
  uint8_t tag[gcm_tag_len];
  uint8_t iv[gcm_iv_len];

  // Random IV
  RAND_load_file("/dev/urandom", max_bytes);
  RAND_bytes(iv, sizeof(iv));

  EvpCipher cipher(key_len);
  ...

I think that encapsulation is a good idea

[ggershinsky]

@wesm , @majetideepak Thank you for the comments and suggestions. I'm posting a new commit that takes them into account, let me know if additional changes are required.

[wesm]

Thanks, can you fix the cpplint failures while we review in the meantime?

Done processing /home/travis/build/apache/parquet-cpp/src/parquet/util/comparison-test.cc
/home/travis/build/apache/parquet-cpp/src/parquet/util/crypto.cc:37:  Use int16/int64/etc, rather than the C type long  [runtime/int] [4]
/home/travis/build/apache/parquet-cpp/src/parquet/util/crypto.cc:40:  If/else bodies with multiple statements require braces  [readability/braces] [4]
/home/travis/build/apache/parquet-cpp/src/parquet/util/crypto.cc:44:  If/else bodies with multiple statements require braces  [readability/braces] [4]
/home/travis/build/apache/parquet-cpp/src/parquet/util/crypto.cc:304:  Add #include <algorithm> for copy  [build/include_what_you_use] [4]
/home/travis/build/apache/parquet-cpp/src/parquet/util/crypto.h:24:  Do not use namespace using-directives.  Use using-declarations instead.  [build/namespaces] [5]

[ggershinsky]

Sure, will do.

[majetideepak]

I think the coding conventions require only the class members names to end with an underscore. Same below

[majetideepak]

ctx_ = nullptr here so that destructor does not see an uninitialized value

[majetideepak]

Nit: combine the two if conditions?

[majetideepak]

safer to zero-initialize all of them.

[majetideepak]

I think developers will benefit from a description of some of the related security concepts in the code or in the documentation.
You could cut-copy from the design document as well
https://docs.google.com/document/d/1T89G7xR0zHFV1f2pjTO28jtfVm8qoNVGEJQ70Rsk-bY/edit

[ggershinsky]

@majetideepak , your comments are factored in. As for the documentation, I'm working on an encryption.md doc, that will be published in the parquet-format repo, similar to docs for other Parquet features.

[majetideepak]

+1 LGTM. Thanks for making all the changes!