-
Notifications
You must be signed in to change notification settings - Fork 0
Fixing AES encryptor cache - fix by argmarco #91
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -320,36 +320,47 @@ int32_t AesEncryptor::CtrEncrypt( | |
| return length_buffer_length_ + buffer_size; | ||
| } | ||
|
|
||
| int32_t AesEncryptorFactory::MapKeyLenToEncryptorArrayIndex(int32_t key_len) { | ||
| if (key_len == 16) | ||
| return 0; | ||
| else if (key_len == 24) | ||
| return 1; | ||
| else if (key_len == 32) | ||
| return 2; | ||
| throw ParquetException("encryption key must be 16, 24 or 32 bytes in length"); | ||
| uint64_t AesEncryptorFactory::MakeCacheKey( | ||
| ParquetCipher::type alg_id, int32_t key_len, bool metadata) { | ||
| uint64_t key = 0; | ||
| // Set the algorithm id in the most significant 32 bits. | ||
| key |= static_cast<uint64_t>(static_cast<uint32_t>(alg_id)) << 32; | ||
| // Set the key length in the next 8 bits. | ||
| key |= static_cast<uint64_t>(static_cast<uint8_t>(key_len)); | ||
| // Set the metadata flag in the next 8 bits. | ||
| key |= static_cast<uint64_t>(metadata ? 1 : 0) << 8; | ||
| return key; | ||
| } | ||
|
|
||
| AesEncryptor* AesEncryptorFactory::GetMetaAesEncryptor( | ||
| ParquetCipher::type alg_id, int32_t key_size) { | ||
| auto key_len = static_cast<int32_t>(key_size); | ||
| int index = MapKeyLenToEncryptorArrayIndex(key_len); | ||
| // Create the cache key using the algorithm id, key length, and metadata flag | ||
| // to avoid collisions for encryptors with the same key length. | ||
| uint64_t cache_key = MakeCacheKey(alg_id, key_len, /*metadata=*/true); | ||
|
Collaborator
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Why is the last param commented out?
Collaborator
Author
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. It's not, it's just the comment as to what the parameter is.
Collaborator
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Sorry, yes. Misread it. |
||
|
|
||
| if (meta_encryptor_cache_[index] == nullptr) { | ||
| meta_encryptor_cache_[index] = AesEncryptor::Make(alg_id, key_len, true); | ||
| // If no encryptor exists for this cache key, create one. | ||
| if (encryptor_cache_.find(cache_key) == encryptor_cache_.end()) { | ||
|
Collaborator
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. this is essentially the same as before but in find/end format, right? Or is there more to it?
Collaborator
Author
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. it's the same. Added comment. |
||
| encryptor_cache_[cache_key] = AesEncryptor::Make( | ||
| alg_id, key_len, /*metadata=*/true); | ||
| } | ||
| return meta_encryptor_cache_[index].get(); | ||
|
|
||
| return encryptor_cache_[cache_key].get(); | ||
| } | ||
|
|
||
| AesEncryptor* AesEncryptorFactory::GetDataAesEncryptor( | ||
| ParquetCipher::type alg_id, int32_t key_size) { | ||
| auto key_len = static_cast<int32_t>(key_size); | ||
| int index = MapKeyLenToEncryptorArrayIndex(key_len); | ||
| // Create the cache key using the algorithm id, key length, and metadata flag | ||
| // to avoid collisions for encryptors with the same key length. | ||
| uint64_t cache_key = MakeCacheKey(alg_id, key_len, /*metadata=*/false); | ||
|
Collaborator
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Ah! We need a comment here since it's the critical part that changed.
Collaborator
Author
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Added. Also check the comment in the .h file |
||
|
|
||
| if (data_encryptor_cache_[index] == nullptr) { | ||
| data_encryptor_cache_[index] = AesEncryptor::Make(alg_id, key_len, false); | ||
| // If no encryptor exists for this cache key, create one. | ||
| if (encryptor_cache_.find(cache_key) == encryptor_cache_.end()) { | ||
| encryptor_cache_[cache_key] = AesEncryptor::Make( | ||
| alg_id, key_len, /*metadata=*/false); | ||
| } | ||
| return data_encryptor_cache_[index].get(); | ||
| return encryptor_cache_[cache_key].get(); | ||
| } | ||
|
|
||
| AesDecryptor::AesDecryptor( | ||
|
|
||
Uh oh!
There was an error while loading. Please reload this page.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I absolutely love this!
Let's just add a comment for each bit encoded field.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added.